6d5c026287beab032b7d7831996b516fbd44917330f9009e4e963d4f3c86a4b5[.]exe[.]zip

General

Target

6d5c026287beab032b7d7831996b516fbd44917330f9009e4e963d4f3c86a4b5.exe.zip
Size

2.8MB
MD5

756788d48e2da96c62aa5e09099b265a
SHA1

2664af52e2a1fbba3d13129468af6a08d4ac49c1
SHA256

b917bb9475768070857306b7d92434f56c8a55d03deca210b4983007950c6ef0
SHA512

394b7562336f4566bf3f1a9b6ba887eb11cf2d3360dd7c3217795d8bcf92bfad80fe9fa62976153c7c6515d8aab5d6acc3b6238110665f2a854e096e735ffa57
SSDEEP

49152:SUfJqCq4E/nR2p3GIgplDPSJn9m4KXtO6ZKR/wrOzWJW5lYz9ZTmTyIl:XAv/C3lCl7wWXV2/wqcW5jl

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/6d5c026287beab032b7d7831996b516fbd44917330f9009e4e963d4f3c86a4b5.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/6d5c026287beab032b7d7831996b516fbd44917330f9009e4e963d4f3c86a4b5.exe

6d5c026287beab032b7d7831996b516fbd44917330f9009e4e963d4f3c86a4b5.exe.zip
.zip

Password: infected
6d5c026287beab032b7d7831996b516fbd44917330f9009e4e963d4f3c86a4b5.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 9.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 151KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE