d21bc7607f533738b0210e06468a6b0998dff0ccaae19372b9d2a84c46452aaf[.]exe[.]zip

General

Target

d21bc7607f533738b0210e06468a6b0998dff0ccaae19372b9d2a84c46452aaf.exe.zip
Size

3.6MB
MD5

283360140f3e74b2f94c6367ff82b05d
SHA1

15ac2df81a288716825b911a374733f6b67b9238
SHA256

09f864244ca1f223ff96cebc6752476627afdba738e85677a9a7c8c96f670182
SHA512

7405f8ed00ed6d27d74f74a099ed779951e3a185f50cc6883bb2040384e2b134e4efa6060b76d85f042f09ed60fc90c2b42cc5c3e89c992d0f20ae17d62e109d
SSDEEP

98304:KxrN7XThebluuuMwDPCiAc9qcIeBJwS0kblsvCkCTkV:+7QbluowDP+IJI1kblsvKIV

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/d21bc7607f533738b0210e06468a6b0998dff0ccaae19372b9d2a84c46452aaf.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/d21bc7607f533738b0210e06468a6b0998dff0ccaae19372b9d2a84c46452aaf.exe

d21bc7607f533738b0210e06468a6b0998dff0ccaae19372b9d2a84c46452aaf.exe.zip
.zip

Password: infected
d21bc7607f533738b0210e06468a6b0998dff0ccaae19372b9d2a84c46452aaf.exe
.exe windows:1 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 272KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE