ecee0e9231f58ec7b165f67b2513417c8f8081e0a54eba0bf84813133c521905[.]exe[.]zip

General

Target

ecee0e9231f58ec7b165f67b2513417c8f8081e0a54eba0bf84813133c521905.exe.zip
Size

1.4MB
MD5

846b239496726c23f4b0371351e67e61
SHA1

52511ffc52a54d9db061465dc3ae62c394976c13
SHA256

7dd82e591b35f8e1cd826e9392ace4c46f173d511bb302aa75bfb0f97c7a1c4f
SHA512

5c9390b4c6c31147302c8302d9fbb0f99509cf03cb481808ffb1cc7f9f52f5e2e010aae5db661d468ff93ae085186834f12e8c22b248693ab897eaac00884709
SSDEEP

24576:yk+CEqKPfSdjW9a9Ck3wsXkMfs+Me1DmANshGF7wWyq/wAkf88:yk+CEXfSdjWwthpv1DPNoGF73yq/vk7

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/ecee0e9231f58ec7b165f67b2513417c8f8081e0a54eba0bf84813133c521905.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ecee0e9231f58ec7b165f67b2513417c8f8081e0a54eba0bf84813133c521905.exe

ecee0e9231f58ec7b165f67b2513417c8f8081e0a54eba0bf84813133c521905.exe.zip
.zip

Password: infected
ecee0e9231f58ec7b165f67b2513417c8f8081e0a54eba0bf84813133c521905.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 9.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 321KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE