3333cc767b0262049dfff44f71ff1efe17f44e49316a59d0aed9ace5926aad8f[.]exe[.]zip

General

Target

3333cc767b0262049dfff44f71ff1efe17f44e49316a59d0aed9ace5926aad8f.exe.zip
Size

189KB
MD5

2a40c1cdd2d7b28afa9f337f0f40b62d
SHA1

60c7e1d6f14db760cdb7612d530210110a948344
SHA256

0ce585ece1cb235a7c32504128f4b190a16034b3fecae06fd5f15a55a610f976
SHA512

7e415d2fffb467cdc42a512035fa45d3ba8bdf2fee333b72fa5e64b7d926caee23d065eb30cb931441d6f09786f3b0ce0ffffeed09d0bf93a3645d4297e5c601
SSDEEP

3072:mU1yga04bbLo7zk8i8xgl0AxDprFPO5skKQOhbE2ZxzFP29FF74Q2diqeYU1mK:mjNhfo/k58x40AxDVg5sk/YI2Z5FP29h

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/3333cc767b0262049dfff44f71ff1efe17f44e49316a59d0aed9ace5926aad8f.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/3333cc767b0262049dfff44f71ff1efe17f44e49316a59d0aed9ace5926aad8f.exe
unpack002/out.upx

3333cc767b0262049dfff44f71ff1efe17f44e49316a59d0aed9ace5926aad8f.exe.zip
.zip

Password: infected
3333cc767b0262049dfff44f71ff1efe17f44e49316a59d0aed9ace5926aad8f.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 456KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 81KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 358KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 360KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ