e5a65dde42b8a7679d247170adef93b4bc37cae0cec0bd14856d3a176185c5d6[.]exe[.]zip

General

Target

e5a65dde42b8a7679d247170adef93b4bc37cae0cec0bd14856d3a176185c5d6.exe.zip
Size

147KB
MD5

d686a6cdc0e2347902cbe92f3371532e
SHA1

f5536da33ff178c98ab06c8e707e4b8f21a6c7bc
SHA256

457c92abfc9f3666764d175acccb38ef0b21ff2fefe3f0347acf11a4dfd8ca07
SHA512

a62e7a6798b8ee7be341f102015d749b3e195646ad0ca60734927c966c113805938ab29caaeb78e64752b843f15138a5c678b20143b566f17b94b41d06509f9d
SSDEEP

3072:n4crSsa5wDtIHWqWGi3Vv8s9Q5u91wjYrPar8+a4aAuQbWWE55vV18:OsL7p8s9SuD3k8PUt9E/vD8

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/e5a65dde42b8a7679d247170adef93b4bc37cae0cec0bd14856d3a176185c5d6.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/e5a65dde42b8a7679d247170adef93b4bc37cae0cec0bd14856d3a176185c5d6.exe

e5a65dde42b8a7679d247170adef93b4bc37cae0cec0bd14856d3a176185c5d6.exe.zip
.zip

Password: infected
e5a65dde42b8a7679d247170adef93b4bc37cae0cec0bd14856d3a176185c5d6.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 372KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 123KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE