2bd943cc313513aaf5fd6d187abdf66e583e3d1d12e12f88aaa4ee9914a55930[.]exe[.]zip

General

Target

2bd943cc313513aaf5fd6d187abdf66e583e3d1d12e12f88aaa4ee9914a55930.exe.zip
Size

3.8MB
MD5

1263838cdb4ef1f238fedc39395a3fc5
SHA1

31e61815d0a20e2df973ea55bcf9bcaedf794844
SHA256

cd7650f5de42206975328e9d61699883ee399435dc81716d199616c33bac930d
SHA512

e8d8175811a17f7ff662064a7d10e35aaa66b4e259ba038abee2f565aecb205ff9418e79d85d0de4c621c8f16b02a4b4e3b9f4a3ce6a27b0841e8bf1bc2664cc
SSDEEP

98304:OlVixL2PqnK2OZyQh0jM20EO4iypH+fc4:zL2PqBOZdi8v9kH74

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/2bd943cc313513aaf5fd6d187abdf66e583e3d1d12e12f88aaa4ee9914a55930.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/2bd943cc313513aaf5fd6d187abdf66e583e3d1d12e12f88aaa4ee9914a55930.exe

2bd943cc313513aaf5fd6d187abdf66e583e3d1d12e12f88aaa4ee9914a55930.exe.zip
.zip

Password: infected
2bd943cc313513aaf5fd6d187abdf66e583e3d1d12e12f88aaa4ee9914a55930.exe
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 15.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 235KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE