bdb1942693c1a00b5c6464ec6e9a63d9cc0e1ec9b4c421296a73b59c799eddad[.]exe[.]zip

General

Target

bdb1942693c1a00b5c6464ec6e9a63d9cc0e1ec9b4c421296a73b59c799eddad.exe.zip
Size

2.4MB
MD5

afffeef30434959661c7cf3da98b049a
SHA1

e424e0579638a3774ae3e68071134211483bda9f
SHA256

c5bb7bd02fc059b3cce686cf7e14067d8085d730fd4595589c03de9067f7c473
SHA512

f8ad6cdd1caf914a2296f762fd3d6471c9a5e1fbf08559b70cf73df1af4b3894cd77445252a531dfc43bea5b8790efbc152fdd33655771c0278a8876858ad8ba
SSDEEP

49152:qMqF1/+4FzSiubJhh22TUmArwOLHBXLBRNP1HI2KafS6BIyYKtu6kajAILsXD9:AF1/+4FzPwP22TUaOLHhBRV1o/MIyYKm

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/bdb1942693c1a00b5c6464ec6e9a63d9cc0e1ec9b4c421296a73b59c799eddad.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/bdb1942693c1a00b5c6464ec6e9a63d9cc0e1ec9b4c421296a73b59c799eddad.exe

bdb1942693c1a00b5c6464ec6e9a63d9cc0e1ec9b4c421296a73b59c799eddad.exe.zip
.zip

Password: infected
bdb1942693c1a00b5c6464ec6e9a63d9cc0e1ec9b4c421296a73b59c799eddad.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 7.9MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE