edd79da0651741ccb71bb696448e719cdc1a5bec2dd8ce834b81ddf4c54b6610[.]exe[.]zip

General

Target

edd79da0651741ccb71bb696448e719cdc1a5bec2dd8ce834b81ddf4c54b6610.exe.zip
Size

3.4MB
MD5

3594dbc68e343f4d65aa0fd8588b2c37
SHA1

b149f47776cf025a2c88b5719ca53d2e11560019
SHA256

84f439314a78ac7ec20badfae344f7d8bfa7942ffb64bdd61235957b3089dc2f
SHA512

9fd2a5da471f24f0307aca82c2c585e5cbba722c5450eeb03f79fed3d2a659d6a61f97a16ca7452c96f4f26070824070c99ec732400e7aaa9df349601379ce88
SSDEEP

98304:PSJJ/2+X/6o47XeBuecEeMHz51sN7PRmCScRGECr:KHu+v6o4CLeMHOjRBSSD2

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/edd79da0651741ccb71bb696448e719cdc1a5bec2dd8ce834b81ddf4c54b6610.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/edd79da0651741ccb71bb696448e719cdc1a5bec2dd8ce834b81ddf4c54b6610.exe

edd79da0651741ccb71bb696448e719cdc1a5bec2dd8ce834b81ddf4c54b6610.exe.zip
.zip

Password: infected
edd79da0651741ccb71bb696448e719cdc1a5bec2dd8ce834b81ddf4c54b6610.exe
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 11.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE