91c67c1bc0cabcfa4b378832e269971853fb0052a11cbff21925485144b843b3[.]exe[.]zip

General

Target

91c67c1bc0cabcfa4b378832e269971853fb0052a11cbff21925485144b843b3.exe.zip
Size

868KB
MD5

aa5fa26f65825c22e0bdaaf821904246
SHA1

6cea0a5dc4e320e2583f2da55cca54efe3457e0f
SHA256

3ce3de128857bf56dcbf7b4720d261596361dae2cf47d5b600f291eb675b37d5
SHA512

b4be64e341c51136eceff4f66e2008b9f7bef8e373967b2e33024a14881575112ee4d067c632bd58f2353ec2d27333dbce6d53c6e7cb35cb0b308f8f77a06112
SSDEEP

12288:7wkgqS8BuD9+KWeqNMb+RtkOU5OEdRAaDWdu6l+p+7Vxa/faYoDLQUjusD3gKM2N:E1b5UKQNrDODOl+8bgGaoHv0l5E7

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/91c67c1bc0cabcfa4b378832e269971853fb0052a11cbff21925485144b843b3.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/91c67c1bc0cabcfa4b378832e269971853fb0052a11cbff21925485144b843b3.exe

91c67c1bc0cabcfa4b378832e269971853fb0052a11cbff21925485144b843b3.exe.zip
.zip

Password: infected
91c67c1bc0cabcfa4b378832e269971853fb0052a11cbff21925485144b843b3.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 216KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE