77f2cadd04c6a4d774ba12ddc65b4b5e55df8bdb16ab0043c6bca6bdf79afc13[.]exe[.]zip

General

Target

77f2cadd04c6a4d774ba12ddc65b4b5e55df8bdb16ab0043c6bca6bdf79afc13.exe.zip
Size

8.1MB
MD5

2c92c7fb6de32b6cfded6633ef153ec6
SHA1

55b0378a3b6e7a568369232fbcb443c037c289eb
SHA256

00b2964d6ac3433e91e15ac54f0427ea556cb0dec60c7ce6ac57a7af78f79969
SHA512

fcf7666215b036a38dfa57648c9519b7b77f62b439fa2a8030c48f986fc664fa76779a809b88e404ff2839c8de61dbb0074b0f600239923e94bd132815837df1
SSDEEP

196608:ybe2tkw+sWBnui1R1Km0C+W+OX2M1revspy/Itj7x2ryQIh:AeckwMuiGCH1rekpy/qFlf

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/77f2cadd04c6a4d774ba12ddc65b4b5e55df8bdb16ab0043c6bca6bdf79afc13.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/77f2cadd04c6a4d774ba12ddc65b4b5e55df8bdb16ab0043c6bca6bdf79afc13.exe

77f2cadd04c6a4d774ba12ddc65b4b5e55df8bdb16ab0043c6bca6bdf79afc13.exe.zip
.zip

Password: infected
77f2cadd04c6a4d774ba12ddc65b4b5e55df8bdb16ab0043c6bca6bdf79afc13.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 11.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 8.3MB - Virtual size: 8.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE