32fe3a27898c51418cb48f175e35a53d0555cc4dc402583f5dc9fcb98bf0acbb[.]exe[.]zip

General

Target

32fe3a27898c51418cb48f175e35a53d0555cc4dc402583f5dc9fcb98bf0acbb.exe.zip
Size

2.4MB
MD5

0ac5be068f0a4a4282aef2c02e74a8d8
SHA1

0fc2ac60c5d02b2e1cec198864f9da3f7b6d8b57
SHA256

828dc3b935f07fd508233b74bbaa0437938824bf6f90e3c13caf0247d5d9f7b1
SHA512

c1981d9ef0093e2669efdb1d75eda4d8b8fbe2a15d1f16b5ace8d3fd9013c24de6e2668f4d2a83896643c37f80b7c04112d0a245ce5f002ec38b9e70f2be1db6
SSDEEP

49152:Kfn5m+wMs6otXG+8gTKyAapyol5phGVbUIbGAT7Ze:Kfn1ns6otXNvKy0olVGVVGg70

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/32fe3a27898c51418cb48f175e35a53d0555cc4dc402583f5dc9fcb98bf0acbb.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/32fe3a27898c51418cb48f175e35a53d0555cc4dc402583f5dc9fcb98bf0acbb.exe

32fe3a27898c51418cb48f175e35a53d0555cc4dc402583f5dc9fcb98bf0acbb.exe.zip
.zip

Password: infected
32fe3a27898c51418cb48f175e35a53d0555cc4dc402583f5dc9fcb98bf0acbb.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 5.9MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE