63abeab2b4400740e8de96ad39679b98b2dbc8657bbd12452f3d090842439262

General

Target

63abeab2b4400740e8de96ad39679b98b2dbc8657bbd12452f3d090842439262
Size

2.3MB
MD5

75e067eb45d7136f77e5666c5975805a
SHA1

59231ec1668421300e3ef5794143838e4b465c01
SHA256

63abeab2b4400740e8de96ad39679b98b2dbc8657bbd12452f3d090842439262
SHA512

7e4e8a1bc185b1bacb0e82fbda5a5f642bb53245965ae12925d59fb22229654aee1abc2c85360da40e5be7b0a08f621b3c43c2822efad779e3cba48081af295c
SSDEEP

49152:tyxyknhwORw99f4in31iR6+3CndynBv5qmkE/GRJv1K15L:vwhw86fC6+Sndynd53+RrK7L

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/e1e1689b7c980aa13d86ae3dc61727ddfd455f6c23450e44df44f2f12e87a8d6	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/e1e1689b7c980aa13d86ae3dc61727ddfd455f6c23450e44df44f2f12e87a8d6

63abeab2b4400740e8de96ad39679b98b2dbc8657bbd12452f3d090842439262
.zip

Password: infected
e1e1689b7c980aa13d86ae3dc61727ddfd455f6c23450e44df44f2f12e87a8d6
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 2.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 783KB - Virtual size: 784KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE