98a27650cc4cfc1cbd28d179aaedcdb34d3bc21efb23ed34352d427b0552f2b5[.]exe[.]zip

General

Target

98a27650cc4cfc1cbd28d179aaedcdb34d3bc21efb23ed34352d427b0552f2b5.exe.zip
Size

35.5MB
MD5

66792694b695397c01117c5184df00f2
SHA1

4f0d892237a521abc88c15df3247819de44b32d7
SHA256

4df0984e4d02ccd9ab55dea40e89146b863508261a5c5ce75ec93e0475ab2f70
SHA512

253c6671d930181c1ca90d427d33c227a6c253a222eb906f45caaad68bc9f8e91d4c87b97a96069e27c455a298915fdefaf38cbf74f8f59f1bba4fe6b0e1b60a
SSDEEP

786432:9h3dPkhHWRO8UyJiz2RLTLStPirXNCNRMf4JEyCdaQQ0+GKzBcfGv:93tUyVR7zCmGCd81dv

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/98a27650cc4cfc1cbd28d179aaedcdb34d3bc21efb23ed34352d427b0552f2b5.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/98a27650cc4cfc1cbd28d179aaedcdb34d3bc21efb23ed34352d427b0552f2b5.exe

98a27650cc4cfc1cbd28d179aaedcdb34d3bc21efb23ed34352d427b0552f2b5.exe.zip
.zip

Password: infected
98a27650cc4cfc1cbd28d179aaedcdb34d3bc21efb23ed34352d427b0552f2b5.exe
.exe windows:5 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 130.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 36.9MB - Virtual size: 36.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE