459ed9e870fe725e4928b438cd7a99f748fb1cb3c67fdd8fc8b0dc443a2311de[.]exe[.]zip

General

Target

459ed9e870fe725e4928b438cd7a99f748fb1cb3c67fdd8fc8b0dc443a2311de.exe.zip
Size

478KB
MD5

ef49544fa7d2d58639f13834dec48722
SHA1

89280805956cba8783e4d3b197d22fbc1ab893d7
SHA256

a825749f92a786e58bbd8ade22f14291a7fb87fd30f1ca806d7686d90b5f29b2
SHA512

cbd8f29d33726350779fa5d35eb4b6ab7ea679ae081974c950cab59f5f24c50b3793e52eebcb59438d4bcc7ba9b8dc4b3e64c1feba066c58cf6acb2e2bd1a502
SSDEEP

12288:pRQin1M3EwC89gPHl7mgs+mNgZL6iGbBVvoqLlKaamH:pKK1M3EAGHtmN4WLlKSH

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/459ed9e870fe725e4928b438cd7a99f748fb1cb3c67fdd8fc8b0dc443a2311de.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/459ed9e870fe725e4928b438cd7a99f748fb1cb3c67fdd8fc8b0dc443a2311de.exe

459ed9e870fe725e4928b438cd7a99f748fb1cb3c67fdd8fc8b0dc443a2311de.exe.zip
.zip

Password: infected
459ed9e870fe725e4928b438cd7a99f748fb1cb3c67fdd8fc8b0dc443a2311de.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 424KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 483KB - Virtual size: 484KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE