065518c6a3f5783a93739c0aecfc0747d160b96dba5e84a2c3a75f0f2828596b[.]exe[.]zip

General

Target

065518c6a3f5783a93739c0aecfc0747d160b96dba5e84a2c3a75f0f2828596b.exe.zip
Size

2.2MB
MD5

375a63a2fd9405a75140bf12ed3c3d66
SHA1

f94ad3836908b11b16035877b2205b693a93dde0
SHA256

7c7c39329c7cc71ea2d1a81d464fa404fe7d4576079a96c7c9e8397e10afb309
SHA512

adcba77047a93bceb94558ef72f2bdfc2c23942c6cf0e12f1107fd19095fc64003e3f4faca6f2d7916d809d786841ba4fdf8589c82e4e3c247f46a3fed5e52d5
SSDEEP

49152:MZrF3x2bgbYpLZVkhTo+K7ly0kcgSsMcmFOGes63yaFeINUj7v:ArVogEOlx+EBSsMJURyapevv

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/065518c6a3f5783a93739c0aecfc0747d160b96dba5e84a2c3a75f0f2828596b.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/065518c6a3f5783a93739c0aecfc0747d160b96dba5e84a2c3a75f0f2828596b.exe
unpack002/out.upx

Files

065518c6a3f5783a93739c0aecfc0747d160b96dba5e84a2c3a75f0f2828596b.exe.zip
.zip

Password: infected
065518c6a3f5783a93739c0aecfc0747d160b96dba5e84a2c3a75f0f2828596b.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 4.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 891KB - Virtual size: 891KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 144KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Password: infected

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 4.5MB

UPX1 Size: 2.2MB - Virtual size: 2.2MB

UPX2 Size: 512B - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 3.4MB - Virtual size: 3.4MB

.data Size: 891KB - Virtual size: 891KB

.rdata Size: 2.3MB - Virtual size: 2.3MB

.bss Size: - Virtual size: 144KB

.idata Size: 6KB - Virtual size: 5KB

UPX0
Size: - Virtual size: 4.5MB

UPX1
Size: 2.2MB - Virtual size: 2.2MB

UPX2
Size: 512B - Virtual size: 4KB

.text
Size: 3.4MB - Virtual size: 3.4MB

.data
Size: 891KB - Virtual size: 891KB

.rdata
Size: 2.3MB - Virtual size: 2.3MB

.bss
Size: - Virtual size: 144KB

.idata
Size: 6KB - Virtual size: 5KB