e460a0527c4d76feb728f887472fdac3c428af118c77293066dd3c9d8f1e2713[.]exe[.]zip

General

Target

e460a0527c4d76feb728f887472fdac3c428af118c77293066dd3c9d8f1e2713.exe.zip
Size

1.1MB
MD5

115f3ad4beeaa913c2eb09a8664b5e99
SHA1

e2f356654b150f49e2591b61c8e7e22c2ef1f518
SHA256

fb72665c8cf6d0b2d00202f72087123f4c20d52af6ac4248d0ad4547aaa2c1d9
SHA512

f898566eb72a189499f24c103efe042518f4f53fd3f1a8b169f2e687ce66903d01050a534b8a7b1a161170cbd2a4588fd3e5ae327494952e6f7a1baa79d77e08
SSDEEP

24576:XfXu0hBx/Brf4SACMGqG5/0cvZmLxRrfBKHPOpMbq:X/vmSwo0cRyxRiPOKq

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/e460a0527c4d76feb728f887472fdac3c428af118c77293066dd3c9d8f1e2713.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/e460a0527c4d76feb728f887472fdac3c428af118c77293066dd3c9d8f1e2713.exe

e460a0527c4d76feb728f887472fdac3c428af118c77293066dd3c9d8f1e2713.exe.zip
.zip

Password: infected
e460a0527c4d76feb728f887472fdac3c428af118c77293066dd3c9d8f1e2713.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 3.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE