91dda652a54932dd74559c4751faf19ce8b62b593beb3a0473fc245c94ef1791[.]exe[.]zip

General

Target

91dda652a54932dd74559c4751faf19ce8b62b593beb3a0473fc245c94ef1791.exe.zip
Size

8.1MB
MD5

1f70b3d3a8cb44e5412b9cfe57e29b36
SHA1

b4d1f25b9f86acbc446874ab81bf9445e832e2ce
SHA256

b6511bc1333d98bceeff7d1893a561f8489b4f7b79556e7b89a4c0af4278399f
SHA512

ecdfceb1c2b1df3bf3941d2a715705277b706eaa905dd264086fd162b6b75d4b3f472310290bda68d98e2bbfc920d9fc34f2fdc1bbe76e77483548c49ca8deb7
SSDEEP

196608:5qMOu16Noif+OflyHvVGafhlDK7Uo4RUQv5KWljVKftvoWhkViGergB:5XZPn4a/D9o4ht1StJqiLgB

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/91dda652a54932dd74559c4751faf19ce8b62b593beb3a0473fc245c94ef1791.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/91dda652a54932dd74559c4751faf19ce8b62b593beb3a0473fc245c94ef1791.exe

91dda652a54932dd74559c4751faf19ce8b62b593beb3a0473fc245c94ef1791.exe.zip
.zip

Password: infected
91dda652a54932dd74559c4751faf19ce8b62b593beb3a0473fc245c94ef1791.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 21.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 8.2MB - Virtual size: 8.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE