02b2ee2a456429be7ea83086159da13b[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02b2ee2a456429be7ea83086159da13b.zip
Size

540KB
MD5

0320572bec69d35f0bec223a6161e5e4
SHA1

7ca7c3fb52268c9bba431281b754603c610a4b91
SHA256

e17cdb772e1ffb3a90d1961f6c9147b374a8156b01990306cbbc2def7190be0e
SHA512

5f2cf6b96f29cbda9bb0d4bf68086d69ac414f68dbcc21a90fd56314d56139f12ef1bbbf7a17f64d0de31e7fb9568f6bd3ed76b9c810a17da42dd22a286b0aae
SSDEEP

12288:yuUYFzUFypRmwZmi6Jb2LRjhMi8TbLHnFTgYl:yuvmwDW2LBhe

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/e51ddf4653df81dd6f98730d2f14b73ed3a54a43b6f68424e4957d41826487f0	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/e51ddf4653df81dd6f98730d2f14b73ed3a54a43b6f68424e4957d41826487f0

Files

02b2ee2a456429be7ea83086159da13b.zip
.zip

Password: infected
e51ddf4653df81dd6f98730d2f14b73ed3a54a43b6f68424e4957d41826487f0
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE