ecee0e9231f58ec7b165f67b2513417c8f8081e0a54eba0bf84813133c521905[.]exe[.]zip

General

Target

ecee0e9231f58ec7b165f67b2513417c8f8081e0a54eba0bf84813133c521905.exe.zip
Size

1.4MB
MD5

ee79e665e435872954a1a3166f4d0963
SHA1

bca0494648a4ddc4344f6c523f4006e3ea4f9e58
SHA256

9a70eac9c91b0460b6f56ea88bda62d50fe2c4e7162f5e540033782995b6a12b
SHA512

c097022dc00b46f7160a9b85c2101b9d78961df2e5e3a17752c3391fbcfc165ab323902ff78dabdbb96993f3de59719c5f2b30368277284385fda029daf21a5d
SSDEEP

24576:/oSNl9BhPuyzU3wp5FApu3lJR1dUEXr8b3o12zSnc6Az26tSxdvYDFAVIGkBSAlX:AKL5mpu3jxUG9HAzFtCdCjNBTW3nRa

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/ecee0e9231f58ec7b165f67b2513417c8f8081e0a54eba0bf84813133c521905.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ecee0e9231f58ec7b165f67b2513417c8f8081e0a54eba0bf84813133c521905.exe

ecee0e9231f58ec7b165f67b2513417c8f8081e0a54eba0bf84813133c521905.exe.zip
.zip

Password: infected
ecee0e9231f58ec7b165f67b2513417c8f8081e0a54eba0bf84813133c521905.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 9.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 321KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE