fa3ada02c3ba516283c19bde1031fea958073c6e9dfa4e6a28e633433012495b[.]exe[.]zip

General

Target

fa3ada02c3ba516283c19bde1031fea958073c6e9dfa4e6a28e633433012495b.exe.zip
Size

83KB
MD5

28717f25582818ea5751a66c30a9ecc6
SHA1

721d6547b953cb92bfe47ed48f704e04abd30d1d
SHA256

e760df70962d2219f6658b617cb269d2a8bef1b16a35070204d47fcabdb38698
SHA512

16b97c7776fc29d1d6930f109ddd1fd63f7a6c5d8946df81e7da2d68d3c69bf3dbf208e74a73077d698418eab9fbe8db9ab2670affcd2e172da2d62e77f64dce
SSDEEP

1536:XMAAXOvTnC5R2nsZHe/nsTP/XyFeWondjyfnMpfIXqr0mrcuMEepnf6QJuhi:cZXJhHssTPfyMLyvg1l11S

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/fa3ada02c3ba516283c19bde1031fea958073c6e9dfa4e6a28e633433012495b.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/fa3ada02c3ba516283c19bde1031fea958073c6e9dfa4e6a28e633433012495b.exe

fa3ada02c3ba516283c19bde1031fea958073c6e9dfa4e6a28e633433012495b.exe.zip
.zip

Password: infected
fa3ada02c3ba516283c19bde1031fea958073c6e9dfa4e6a28e633433012495b.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 196KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 81KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE