5b528202dac53e54516c0ef873a0d4dc561378830342c03d419f9841e376811b[.]exe[.]zip

General

Target

5b528202dac53e54516c0ef873a0d4dc561378830342c03d419f9841e376811b.exe.zip
Size

8.1MB
MD5

e30c349364493f6c338481642a5d29e7
SHA1

c733bc46ceb777794cceef9470b8b890fe5d9ebe
SHA256

d6dd9bfc5a3f1a80723cabea9dc29ab1138377bce0bb2aa86b53a59d619b2930
SHA512

1b612822cd41b2fd1aba629a85f920682f2fbea8d56e9171dc036b3ec70042012afa3a6e955d6707147f0a436d1f114130e9c883b709d46d5aadd933ca2730d4
SSDEEP

196608:Tau4Wyn0xJow7YfdZB/kfvEyS6dNbSoC/ctwM5ty4mpdTblt:Tau4Wk0U9fXBUvFdrYctwwAHTbr

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/5b528202dac53e54516c0ef873a0d4dc561378830342c03d419f9841e376811b.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/5b528202dac53e54516c0ef873a0d4dc561378830342c03d419f9841e376811b.exe

5b528202dac53e54516c0ef873a0d4dc561378830342c03d419f9841e376811b.exe.zip
.zip

Password: infected
5b528202dac53e54516c0ef873a0d4dc561378830342c03d419f9841e376811b.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 11.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 8.3MB - Virtual size: 8.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE