3e4a49fde61a743e6ffde96306640c99c8ef531767c4beee6de86c22b6c06ecf[.]exe[.]zip

General

Target

3e4a49fde61a743e6ffde96306640c99c8ef531767c4beee6de86c22b6c06ecf.exe.zip
Size

300KB
MD5

4be5632153a50431d47aa21284421a28
SHA1

a5254fe7ae07841d0e228e6860b2ddc5b40a28ca
SHA256

368ad8940d65e163f3ba91d449df33b54c28145593f1938c8fd5046424edd24d
SHA512

3c3de1d9cfbf09f4ed8aeaa3e6e9acb3816b68dd5eb35c9a5cc4fc204fe23e03496bfcb6dcc5399cab149b648090a10665262f252bf607d0dfbc3d0e9dfd1b8d
SSDEEP

6144:pDI1auEygwdDDrtzkYFZWRUBVuveXpv+P4XA3vnjKGpCBZdrwoH1Wnd:pqEsZftQC4ImeXpvcQA3vmG4BZ0d

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/3e4a49fde61a743e6ffde96306640c99c8ef531767c4beee6de86c22b6c06ecf.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/3e4a49fde61a743e6ffde96306640c99c8ef531767c4beee6de86c22b6c06ecf.exe
unpack002/out.upx

3e4a49fde61a743e6ffde96306640c99c8ef531767c4beee6de86c22b6c06ecf.exe.zip
.zip

Password: infected
3e4a49fde61a743e6ffde96306640c99c8ef531767c4beee6de86c22b6c06ecf.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 524KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 508KB - Virtual size: 506KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ