22688a69f611514eaf9a8109b43cc5d3405f24cac1a33518943904fb80bd030d[.]exe[.]zip

General

Target

22688a69f611514eaf9a8109b43cc5d3405f24cac1a33518943904fb80bd030d.exe.zip
Size

7.5MB
MD5

a800a6f626295524656979ad2c2bda26
SHA1

e6ce6a68bbcb2824b245d139bc3b180ddf623c6c
SHA256

4dc3ae60130d15bcf36b0bc9c238af3fd6095a89e929c18155287c452cf88d4c
SHA512

4e2172472207fd414686548db721b85e3cbe876728347ba6ba1d35b0091e149f1d11e5c5152b71daee90090276806325708c09c23fe74af784de4e85a09f2e46
SSDEEP

196608:5tm3+7MH+rimkUoJZHNtsJXggOIR5+/X6tKA5W9orDSqJd:543+7MH88nHt0Au5kij5WeH

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/22688a69f611514eaf9a8109b43cc5d3405f24cac1a33518943904fb80bd030d.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/22688a69f611514eaf9a8109b43cc5d3405f24cac1a33518943904fb80bd030d.exe

22688a69f611514eaf9a8109b43cc5d3405f24cac1a33518943904fb80bd030d.exe.zip
.zip

Password: infected
22688a69f611514eaf9a8109b43cc5d3405f24cac1a33518943904fb80bd030d.exe
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 22.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 7.6MB - Virtual size: 7.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE