edc2ea99b93f74029f6b0833aefb033aab831c7fd7d8d7e70d8c4bb0e5118f22[.]exe[.]zip

General

Target

edc2ea99b93f74029f6b0833aefb033aab831c7fd7d8d7e70d8c4bb0e5118f22.exe.zip
Size

67.9MB
MD5

3632e54f4d858eedfa47f58110216acb
SHA1

c8c8abe22cdcdf80d9a44502064796f3a8175b0c
SHA256

34c4aea3e62eecda5a3138b8fc1424af765ace3fcedf8394b40e7e4c510b4fb7
SHA512

87c20a7d4fc96375dda8c12c8b2264a79547d4cfa0937943e03b68bd652dccece09b179dbfff6181589d8f5d84067290d5b993e15ca68874f1980ff5f3441ab2
SSDEEP

1572864:euczgwXeLO18bU7buxWhl0MNY57fBVS/s4Q1exB5suMa9H7b:rYgp40LWhlBCzXSJXvia17b

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/edc2ea99b93f74029f6b0833aefb033aab831c7fd7d8d7e70d8c4bb0e5118f22.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/edc2ea99b93f74029f6b0833aefb033aab831c7fd7d8d7e70d8c4bb0e5118f22.exe

edc2ea99b93f74029f6b0833aefb033aab831c7fd7d8d7e70d8c4bb0e5118f22.exe.zip
.zip

Password: infected
edc2ea99b93f74029f6b0833aefb033aab831c7fd7d8d7e70d8c4bb0e5118f22.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 172KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE