dabb85835571f6449ce8cac7e3561d9dcfe477f77a86d28bf64beff93c4adb08[.]exe[.]zip

General

Target

dabb85835571f6449ce8cac7e3561d9dcfe477f77a86d28bf64beff93c4adb08.exe.zip
Size

177KB
MD5

6ffc6cda88cb0be47bdec7eaf1cc3fcf
SHA1

826aea7dec3d5b1c40021059a87eb40a9be1a598
SHA256

361be1d9c8a77c36ee7d484bada7da9f7fce6a2eae7df06b64254992f5e091bc
SHA512

acf4a128ce3e9a688333a15ecc4e5e0b7646e7bbcbe7d8c2a1c40dd81902a25e60ecbe721c655b944377cae88c5fb33ad554b7b410d12432d3fcb5dc0553347b
SSDEEP

3072:FXU3RU4+MwByNqHEEk92zMmUwC3NsIVc5FxkT0MS6WjHv0Msd6fK:pUBHN7EkGULNsasfkT0Jbv0MtfK

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/dabb85835571f6449ce8cac7e3561d9dcfe477f77a86d28bf64beff93c4adb08.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/dabb85835571f6449ce8cac7e3561d9dcfe477f77a86d28bf64beff93c4adb08.exe

dabb85835571f6449ce8cac7e3561d9dcfe477f77a86d28bf64beff93c4adb08.exe.zip
.zip

Password: infected
dabb85835571f6449ce8cac7e3561d9dcfe477f77a86d28bf64beff93c4adb08.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 324KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 176KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE