e2b5db3f067fefbd1e1dfe1b05683cd23c7a391090c177f264b59166f5e90bf5[.]exe[.]zip

General

Target

e2b5db3f067fefbd1e1dfe1b05683cd23c7a391090c177f264b59166f5e90bf5.exe.zip
Size

2.1MB
MD5

3d0d93846c0e25289e763f0aee288ce5
SHA1

72324263b7dd8f5d12595dfddd318dc84a2d48cc
SHA256

59be790f0530a55f57090ba6c162b50851faa4638f4f70d83ace2eaf9a98448a
SHA512

6abb12ca2f370054adda8e454576541d13ccaf1e577afb21a18375c200742556cb83006f8a5104933ef916331c702b796d04df8a6c32aec32cc865caaeea884e
SSDEEP

49152:D/39fpUk0lUgTSqgC/d9dVZYTqbEDIsWbHtzKzwZaPQo:D/dpn0lUgTcC/dDnYTqQCID

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/e2b5db3f067fefbd1e1dfe1b05683cd23c7a391090c177f264b59166f5e90bf5.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/e2b5db3f067fefbd1e1dfe1b05683cd23c7a391090c177f264b59166f5e90bf5.exe

e2b5db3f067fefbd1e1dfe1b05683cd23c7a391090c177f264b59166f5e90bf5.exe.zip
.zip

Password: infected
e2b5db3f067fefbd1e1dfe1b05683cd23c7a391090c177f264b59166f5e90bf5.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 7.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE