248bcef4dce23c1d6294b71a7bfe2e1e529bbb3a45134196cb2db23cef271043[.]exe[.]zip

General

Target

248bcef4dce23c1d6294b71a7bfe2e1e529bbb3a45134196cb2db23cef271043.exe.zip
Size

176KB
MD5

814f1daf28ac8351b95632871b2048ab
SHA1

04d9f0e3c7793ff57fac7f2e6021bcdcb90a1f8e
SHA256

8d667f10d9a7d12e52b8e9c1fd2d1967c56307c51dfe4f283f8a3e577e147ce5
SHA512

33113a12306bf3c0d3ef2cef654a02d8d8a62d0e7cd27e501c73773cae1f9b644fefd867cc289a6ca8f6d2ba993f9beee3a5847d3baf1314dceb3f3029f7bbe2
SSDEEP

3072:gl4I8NYJXaQZBhXtJmrmXR7J2kCWmGs6FRIScF93Rqg6h2moEqUCK+0WUQ3:gKKJ5hdJ5NEGs8N8fqwbRK+f3

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/248bcef4dce23c1d6294b71a7bfe2e1e529bbb3a45134196cb2db23cef271043.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/248bcef4dce23c1d6294b71a7bfe2e1e529bbb3a45134196cb2db23cef271043.exe

248bcef4dce23c1d6294b71a7bfe2e1e529bbb3a45134196cb2db23cef271043.exe.zip
.zip

Password: infected
248bcef4dce23c1d6294b71a7bfe2e1e529bbb3a45134196cb2db23cef271043.exe
.exe windows:1 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 324KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE