8fd1b5431dba0707ea186b66e882c9a84d6b6033a07a35cb7fc319cf3a744d57[.]exe[.]zip

General

Target

8fd1b5431dba0707ea186b66e882c9a84d6b6033a07a35cb7fc319cf3a744d57.exe.zip
Size

1.0MB
MD5

09a180d29c7e5a8f02e01e6ddc932404
SHA1

c2ab776ddf6c766c50d408e78452b5c782a1d068
SHA256

cf63d90cc9c2e653f8d0a6003dd993abcf5e82845524fee93504180520fa1c8f
SHA512

8af876224cca47e6bce9b88b8fb17fa6f8379e6a93363792349fbb6ce45dc7b299798ca2b2970f301ed18b7a9148904e9c04f781b520a59b8db943a431027b2c
SSDEEP

24576:jVbykpgoGaAtiMrdqPTpXolfuXfrt945j19uerZWVkupZ:jV7wtilpXo9o945DuelWVfpZ

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/8fd1b5431dba0707ea186b66e882c9a84d6b6033a07a35cb7fc319cf3a744d57.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/8fd1b5431dba0707ea186b66e882c9a84d6b6033a07a35cb7fc319cf3a744d57.exe

8fd1b5431dba0707ea186b66e882c9a84d6b6033a07a35cb7fc319cf3a744d57.exe.zip
.zip

Password: infected
8fd1b5431dba0707ea186b66e882c9a84d6b6033a07a35cb7fc319cf3a744d57.exe
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE