3841410f6d9652dc696fe9493079629b011c760bbf8bc765ba7298ab0cc6de31[.]exe[.]zip

General

Target

3841410f6d9652dc696fe9493079629b011c760bbf8bc765ba7298ab0cc6de31.exe.zip
Size

88KB
MD5

edca02f36c6e9ccbde6b12adb863ad84
SHA1

8752b8d1cf067c94f78b71c9eadb0f0b448e2037
SHA256

3b506206727ea389769ef6a195f8f7a270b1acbc1b2c0460886467d4a3680667
SHA512

98c8a35c809b6cf4093739ae831d67dd7d7a47b7d7b86e81c3f976c59f701e81a095ce2755e1b107e71c27af39ccc955517cbc2d29c9569250243416f84a05e2
SSDEEP

1536:rytewOn026hqHZ29QjQuIHwuoRNX8HipZjCpQpnear0q5ITBH10AeAWpSuQ/CmYx:WOn0/q5OQjQuIHwbNbpOm0q5IToAeAW1

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/3841410f6d9652dc696fe9493079629b011c760bbf8bc765ba7298ab0cc6de31.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/3841410f6d9652dc696fe9493079629b011c760bbf8bc765ba7298ab0cc6de31.exe

3841410f6d9652dc696fe9493079629b011c760bbf8bc765ba7298ab0cc6de31.exe.zip
.zip

Password: infected
3841410f6d9652dc696fe9493079629b011c760bbf8bc765ba7298ab0cc6de31.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 87KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE