d6f2c0ae8f82a208828567f6da4b32fe94fd5c706b054e91d51d4a3ee49ce08f[.]exe[.]zip

General

Target

d6f2c0ae8f82a208828567f6da4b32fe94fd5c706b054e91d51d4a3ee49ce08f.exe.zip
Size

3.8MB
MD5

7199bb78cfff1e86f0fa52f6784a49fc
SHA1

d09665386ec5c6c1b249e1e5192401c6b5c985a9
SHA256

a47049105e53a7895302ba1e7f781c72e5d45c40968d17ebdc11d1e767981c44
SHA512

80eb953233963dd789da444f99e4b950a44642eb22800e1f956f21372844df001b53a77bbd02a82ff8a23d87575e5356698fb08275ea208971592f1435524020
SSDEEP

98304:4YOcTF3wtPst50wB7+Dakg9p6Foyhm06AXGBkHlRQ:4RcTdQPW0N1g9pYo2eeHl6

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/d6f2c0ae8f82a208828567f6da4b32fe94fd5c706b054e91d51d4a3ee49ce08f.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/d6f2c0ae8f82a208828567f6da4b32fe94fd5c706b054e91d51d4a3ee49ce08f.exe

d6f2c0ae8f82a208828567f6da4b32fe94fd5c706b054e91d51d4a3ee49ce08f.exe.zip
.zip

Password: infected
d6f2c0ae8f82a208828567f6da4b32fe94fd5c706b054e91d51d4a3ee49ce08f.exe
.exe windows:5 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 15.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 235KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE