919fcbfc14520823e13ec852ed55646437957c7cffcea764c94109b240906111[.]exe[.]zip

General

Target

919fcbfc14520823e13ec852ed55646437957c7cffcea764c94109b240906111.exe.zip
Size

718KB
MD5

c07b4db92aedcffbb4ecbe0f5c1c2a46
SHA1

3419a9a6fb12b3b17607a673389125ae1e698a74
SHA256

7b9810f5466620d6f8071be5d61d567ebb23d566cdd8bc4386b9d627c30290e1
SHA512

9ce8915c84507f47780f78cc565ef54bd4eaea94e160da7fe1961fbdf19a06ce2cbcff2371bc8659301d959108c2ee3f7e964cd301e249af9f81b8d19f1cf92a
SSDEEP

12288:/VILT9aDn4Jf/J2Pwf75A+DGUTk+s8DDKlAToFj6gKEDJ7x5cwZ3:eArpwf7G+qCHs8nGio8gK8x5cq3

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/919fcbfc14520823e13ec852ed55646437957c7cffcea764c94109b240906111.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/919fcbfc14520823e13ec852ed55646437957c7cffcea764c94109b240906111.exe

919fcbfc14520823e13ec852ed55646437957c7cffcea764c94109b240906111.exe.zip
.zip

Password: infected
919fcbfc14520823e13ec852ed55646437957c7cffcea764c94109b240906111.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 720KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 387KB - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE