f7fca851bf0da3e04c77a2b7301e11ca[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f7fca851bf0da3e04c77a2b7301e11ca.zip
Size

54KB
MD5

0cc548974faac1d2eadeb923eaa0e980
SHA1

683558621a561a4371f863edcbe8b0759d7b5b29
SHA256

7c39872873dd3201a773a6cd06a09408014fcfcab178353ceca2278b677395da
SHA512

2ffd7e9d48e9517894cc972eeeae9092c802d962f67b93b38b6c4dad0c6e9fbc62fd4f9a1577bc2d5a7d1833fadcf596cf290626317d02ea82d9f6573aaf6a50
SSDEEP

1536:f/usRUsgfv2v4jczlq1qhJqXIoG/CPC7LE+hg:f/dgfveDM14r7LE+hg

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/99dee35542e7cbf0a9b53c026333da2405e36245cda83e4878cca79735299e3d	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/99dee35542e7cbf0a9b53c026333da2405e36245cda83e4878cca79735299e3d

Files

f7fca851bf0da3e04c77a2b7301e11ca.zip
.zip

Password: infected
99dee35542e7cbf0a9b53c026333da2405e36245cda83e4878cca79735299e3d
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE