f6d349c17753cd5548cede76acce281b6a23e4df76092b204f780a636844c278[.]exe[.]zip

General

Target

f6d349c17753cd5548cede76acce281b6a23e4df76092b204f780a636844c278.exe.zip
Size

302KB
MD5

c3b8c546850ebf982f73bf29e9af7a98
SHA1

937da1ea5403c03a47baface59e533fc73ea9592
SHA256

cd2f3a4bf2ea0fc4c8d7441def3a2d0e1336805bd1c05bb65c0a174d564e69aa
SHA512

db642d47bed5db3e40f5f1b6acb1069a4062b7d2f364b522c5f87ff420e610e8ffb5dc9510616ec604c49b2d7a824f668e6d9f63ef545474befe51a78d67f8d2
SSDEEP

6144:PlnsbPIUYdNaemw9V/DJdBsHO5XpU++68Ovfc2/008UItnJSXJZ:Plsd0N7z9tDdCO5++T8qfiUKnGJZ

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/f6d349c17753cd5548cede76acce281b6a23e4df76092b204f780a636844c278.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f6d349c17753cd5548cede76acce281b6a23e4df76092b204f780a636844c278.exe

f6d349c17753cd5548cede76acce281b6a23e4df76092b204f780a636844c278.exe.zip
.zip

Password: infected
f6d349c17753cd5548cede76acce281b6a23e4df76092b204f780a636844c278.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 616KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 301KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE