abf90f6260759e71bd11e41af4ddc7bdb97a23b06abc5daf55b17fcdc2e8a0cc

General

Target

abf90f6260759e71bd11e41af4ddc7bdb97a23b06abc5daf55b17fcdc2e8a0cc
Size

1.9MB
MD5

4af137c9265bb7f30390fe5829a6e147
SHA1

39c36c2b5a9d1691c72a8c159952124a11259007
SHA256

abf90f6260759e71bd11e41af4ddc7bdb97a23b06abc5daf55b17fcdc2e8a0cc
SHA512

fa61fb1237ab4f70955440c871fe7608163d0e96828ea94e969935eb63165acc141ae9b9c51fc9d75c390b13770cb1b5ee214d488f9614c364b2877e69a85b93
SSDEEP

49152:uxoLXoJlps8vDzup/jF4K/I41oOiaCZlvESs+Pz6i9PO:o8oJ1uprF4Kt1jwlpJhPO

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/bcaa57298f0b6810f42df07dca8c896cb8de1102f7357e701f47b0daae6670ad	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/bcaa57298f0b6810f42df07dca8c896cb8de1102f7357e701f47b0daae6670ad

abf90f6260759e71bd11e41af4ddc7bdb97a23b06abc5daf55b17fcdc2e8a0cc
.zip

Password: infected
bcaa57298f0b6810f42df07dca8c896cb8de1102f7357e701f47b0daae6670ad
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE