MDE_File_Sample_f901feefe2dd5ab8145211305d94a7e3e5389774[.]zip

Sharing

Target

MDE_File_Sample_f901feefe2dd5ab8145211305d94a7e3e5389774.zip
Size

1.6MB
MD5

23747b475f6e1a0a31540677fc5873d2
SHA1

c10af862b94c874958ecb062eda36a2ca63e46f7
SHA256

d0972f1f8df58954c5812e3394cf9dd94049809b9168b536c505a68a18563397
SHA512

07f72cbf31964cbcc0e34b0eafa378ebcd989a4f21c098b55eeae2ea2523bfb5fb693cbd7a249ce088eda559abd9ef4f2dc7e4378c048a285c0e6a30cedab749
SSDEEP

24576:4PYw5qTxWdYkbqna1KzcDikumbRuuBE2EE0rzu0FnOZfJRB0/84Rd6GoWMTRA5Z4:475VdYJaM4u5LB9zpOhXB0E4RdgWMTRr

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack002/Windows Loader/Windows Loader.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Windows Loader/Windows Loader.exe

MDE_File_Sample_f901feefe2dd5ab8145211305d94a7e3e5389774.zip
.zip

Password: infected
WindowsLoader2.2.1.zip
.zip

Password: infected
Windows Loader/Keys.ini
Windows Loader/Read me.txt
Windows Loader/Windows Loader.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 577KB - Virtual size: 580KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Windows Loader/checksums.md5