e1cb18fc45d094994be10268fe6d7b1dc53d3e545f91a35f34da36aada3947c8[.]exe[.]zip

General

Target

e1cb18fc45d094994be10268fe6d7b1dc53d3e545f91a35f34da36aada3947c8.exe.zip
Size

3.1MB
MD5

fc6da64dd4faa5f84e65ba1f038cf8cb
SHA1

fdef59b1dc82b57f4ef09b1955fe006649a79a6d
SHA256

e684746539487558355f47c41f8dfb0257f4c335696ff71dc9b1d09ec859165c
SHA512

e2f5e614d62d05fccf06c0e026e99a910b52114dff0fd0726193bd62b4dc232560febba562d28d129b980fc17a421b6944a8a769040adda4896070226b018355
SSDEEP

49152:erumNEOJcxsdGnKvleB8mSokLfMrq1E/LCqlYspTd/wvuP6BGRMUk+1eAESMEGPd:3wEz+uKvc8JnDe/PCsD/8+6BXAoEGPnd

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/e1cb18fc45d094994be10268fe6d7b1dc53d3e545f91a35f34da36aada3947c8.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/e1cb18fc45d094994be10268fe6d7b1dc53d3e545f91a35f34da36aada3947c8.exe

e1cb18fc45d094994be10268fe6d7b1dc53d3e545f91a35f34da36aada3947c8.exe.zip
.zip

Password: infected
e1cb18fc45d094994be10268fe6d7b1dc53d3e545f91a35f34da36aada3947c8.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 268KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 133KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE