2ea43bb7960c0b06a4a059551603009185aa37a680c334f67a8ba9fdbee9ff16

General

Target

2ea43bb7960c0b06a4a059551603009185aa37a680c334f67a8ba9fdbee9ff16
Size

325KB
MD5

8694f52ad2a056b24da7b24618c003ed
SHA1

db818e06146cb474cd22628ea59911e4486d86fd
SHA256

2ea43bb7960c0b06a4a059551603009185aa37a680c334f67a8ba9fdbee9ff16
SHA512

8661d1a3f961a7fa0b88eefa34bb34a3a55e22de4c324847c8f9fc73236242b5555edfa007886b95348bfd5735ee0825e58ca17c79aa3cbd36e0ed6143d0a4f2
SSDEEP

6144:sD+vwlkNI4kvKbKo0ANAW55cuUwisJ3FtWVMLpuAd5YBt5OGAYUiFI70gNJoXo/:B5KhybK1CAWvOF8tuAT6AGAsk0oJ/

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/572ce62e817240d3ed73a0c41a693dbeaa783ded8d85f58dd6313696f18fd9e9.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/572ce62e817240d3ed73a0c41a693dbeaa783ded8d85f58dd6313696f18fd9e9.exe

2ea43bb7960c0b06a4a059551603009185aa37a680c334f67a8ba9fdbee9ff16
.zip

Password: infected
572ce62e817240d3ed73a0c41a693dbeaa783ded8d85f58dd6313696f18fd9e9.exe
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 460KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 302KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE