50df308ef8d12505c02a04da7f0ce4809b19bc8c7f1e03579bcadb9fb9ddc4d5[.]zip

General

Target

50df308ef8d12505c02a04da7f0ce4809b19bc8c7f1e03579bcadb9fb9ddc4d5.zip
Size

16KB
MD5

a487c8e38d3aa73c11a7678032a4f370
SHA1

2171e80dcbac3ff2db433a201ffa4a55efe0f5d7
SHA256

a383e55d9948dc3cdad5f2fc40c007878558c44ccc4677280cf7769e718b7b27
SHA512

39975d10f5cf9f1a3073f678026bcf5341e47c489b6be6a0ab7c777d5a10d1882fac6d100eda97633d35b4320efe4a584852742fc8f3760a22fb03512094fc21
SSDEEP

384:i2CmXL4p1n7t0v93UK/NqEAM/ndPGjdMycLPq3bJmAfamB5gGV:iyUP7OVUwndP2MycLSYAamB5g2

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/50df308ef8d12505c02a04da7f0ce4809b19bc8c7f1e03579bcadb9fb9ddc4d5	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/50df308ef8d12505c02a04da7f0ce4809b19bc8c7f1e03579bcadb9fb9ddc4d5
unpack002/out.upx

50df308ef8d12505c02a04da7f0ce4809b19bc8c7f1e03579bcadb9fb9ddc4d5.zip
.zip

Password: threatbook
50df308ef8d12505c02a04da7f0ce4809b19bc8c7f1e03579bcadb9fb9ddc4d5
.exe windows:5 windows x86 arch:x86

Password: threatbook

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ