5dd172ed13621ade3f8f87d3ab4dd5c17a2c23f3fd0eebfa50c76ac2b73e3793[.]exe[.]zip

General

Target

5dd172ed13621ade3f8f87d3ab4dd5c17a2c23f3fd0eebfa50c76ac2b73e3793.exe.zip
Size

49.7MB
MD5

e02203299f75c58328bd5a6eabcf767f
SHA1

3fe494baed94a846cd708122ecd8dd26f1e4c77b
SHA256

1cc03ec75c9c10243b24669ebe435f8d238ee05247632a1ce915e3f5ec91307f
SHA512

cc4b67b4420b74b76e9ef68ab7aab602f80d660f2c64502c8461be58fe0a28de3a79bf601851a2e8623ee1bfe258c1ad2ade861549169bce9478034c6305b1ea
SSDEEP

1572864:/wgjQOtyA9GPM15swA4ccWIyZ/iww92WMVDRp1WXln6:/wgjQkyAg046weJMVf18w

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/5dd172ed13621ade3f8f87d3ab4dd5c17a2c23f3fd0eebfa50c76ac2b73e3793.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/5dd172ed13621ade3f8f87d3ab4dd5c17a2c23f3fd0eebfa50c76ac2b73e3793.exe

5dd172ed13621ade3f8f87d3ab4dd5c17a2c23f3fd0eebfa50c76ac2b73e3793.exe.zip
.zip

Password: infected
5dd172ed13621ade3f8f87d3ab4dd5c17a2c23f3fd0eebfa50c76ac2b73e3793.exe
.exe windows:5 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 178.9MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 51.7MB - Virtual size: 51.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE