adbbc58c7ed65631a5f441f48a5b21bf7e22a1ae1bf209bbeac02a6890cdcdc2[.]exe[.]zip

General

Target

adbbc58c7ed65631a5f441f48a5b21bf7e22a1ae1bf209bbeac02a6890cdcdc2.exe.zip
Size

12.4MB
MD5

c994d6b860bbcaaac74b0af6f2964634
SHA1

bcaa03782bd9fc368b681168b62750240341d7d8
SHA256

fbe681d5204d4b16c05a484a6d5e4660f4a1e1ec6f4dca2f20febcb7448fb3f0
SHA512

621202280b9f107ceb64e408b698ef447e88e3722e56cbbc38b61096d46af6cc3b4b06e3389abff804e633f2d012957ee0f6e790947cbbb137de0007a35c8c7b
SSDEEP

393216:Bz+lbsoIv0JYcU/FJasjDMWrSXrL46eP0bsosW:IQoUcUtMsnMHXrFeQsm

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/adbbc58c7ed65631a5f441f48a5b21bf7e22a1ae1bf209bbeac02a6890cdcdc2.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/adbbc58c7ed65631a5f441f48a5b21bf7e22a1ae1bf209bbeac02a6890cdcdc2.exe

adbbc58c7ed65631a5f441f48a5b21bf7e22a1ae1bf209bbeac02a6890cdcdc2.exe.zip
.zip

Password: infected
adbbc58c7ed65631a5f441f48a5b21bf7e22a1ae1bf209bbeac02a6890cdcdc2.exe
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 17.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 12.6MB - Virtual size: 12.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE