2bd943cc313513aaf5fd6d187abdf66e583e3d1d12e12f88aaa4ee9914a55930[.]exe[.]zip

General

Target

2bd943cc313513aaf5fd6d187abdf66e583e3d1d12e12f88aaa4ee9914a55930.exe.zip
Size

3.8MB
MD5

e3a8aefe8de7b6543630963b07763b4f
SHA1

292f8c914e3820d2c886759829058a27f588d2d8
SHA256

ae7416cf86d58d4dfe2d1c0cede98788d993b618744a6f1a1c31b8d710828ab1
SHA512

8643a4f74b0184ae0cd92b42aae4ec54bd2d6d5f200ca3152f26d481e25dcff9a9655a5d05e4657e212d0c25171ddc4bd00a0f0587921bbe3393fb2e3acbcfcf
SSDEEP

98304:ulC+qnvnK+xGfK4j8g82msN76fA7gQ1WDvvwil3it9:ulChnvnK+xGfK4jj0sN76fcgQmViL

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/2bd943cc313513aaf5fd6d187abdf66e583e3d1d12e12f88aaa4ee9914a55930.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/2bd943cc313513aaf5fd6d187abdf66e583e3d1d12e12f88aaa4ee9914a55930.exe

2bd943cc313513aaf5fd6d187abdf66e583e3d1d12e12f88aaa4ee9914a55930.exe.zip
.zip

Password: infected
2bd943cc313513aaf5fd6d187abdf66e583e3d1d12e12f88aaa4ee9914a55930.exe
.exe windows:5 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 15.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 235KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE