ada106688be71bb9b173f537b56f0adaaed1f25b38953a415e8e9691314087af[.]zip[.]zip

General

Target

ada106688be71bb9b173f537b56f0adaaed1f25b38953a415e8e9691314087af.zip.zip
Size

48.2MB
MD5

09afefcc664add33e8c1e2ad07a41093
SHA1

42b1e9fa1ca2e333d529517a8d1f66b92afaf825
SHA256

1fca423c1187cfbe946649a9ec02aed8a7850de7b448fc4639b5692f4ee0286d
SHA512

bfb9f87caa851e8a1d8b7695b9d6cd461bf35b9a065246321fb76b8f6d18d5d2caebf9ffb7326aee39ed35a457c1b876eca981c319aaa51ae5c9d924e4894a1d
SSDEEP

1572864:B/hjugWjWW89tuewpsPwFYEj2LwINUmlj7lL3EDaUi:DnWjWW8oSwXj2LwI6mVlA+Ui

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack002/ADM_Setup_v451.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/ADM_Setup_v451.exe

ada106688be71bb9b173f537b56f0adaaed1f25b38953a415e8e9691314087af.zip.zip
.zip

Password: infected
ada106688be71bb9b173f537b56f0adaaed1f25b38953a415e8e9691314087af.zip
.zip
ADM_Setup_v451.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 172KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE