bdb1942693c1a00b5c6464ec6e9a63d9cc0e1ec9b4c421296a73b59c799eddad[.]exe[.]zip

General

Target

bdb1942693c1a00b5c6464ec6e9a63d9cc0e1ec9b4c421296a73b59c799eddad.exe.zip
Size

2.4MB
MD5

9cda026b082c8e823e03b467e9c76def
SHA1

0c01a0ab3ae5e909193a783264e86212edfd1191
SHA256

7554664db97f1b14807c7a651e47aa1cee9dffdafad7ee82233460aa26f4e353
SHA512

679ba1e9a445aeb59334380072dcd9472308196a29656a1444e7be92263b050e96f4f469cf567cf8e45428ada27466cb671438ae676dfab968a655192dba78c1
SSDEEP

49152:zudgqJ+zIuYBsi7Qlm98uW5972JToTEpWMnkgiA3ugMOnhoV:qls8Ql3u2UdPwA3ug1eV

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/bdb1942693c1a00b5c6464ec6e9a63d9cc0e1ec9b4c421296a73b59c799eddad.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/bdb1942693c1a00b5c6464ec6e9a63d9cc0e1ec9b4c421296a73b59c799eddad.exe

bdb1942693c1a00b5c6464ec6e9a63d9cc0e1ec9b4c421296a73b59c799eddad.exe.zip
.zip

Password: infected
bdb1942693c1a00b5c6464ec6e9a63d9cc0e1ec9b4c421296a73b59c799eddad.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 7.9MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE