document43799605[.]zip

General

Target

document43799605.zip
Size

52KB
MD5

1311e2a90678bbe607e7fae73e2d375f
SHA1

ce7454230005cd3a35ce37f7bd25469ce0b24c9d
SHA256

a7e5885371b96eb3a0495dec6e75185a7395a34609e16346aeb0b3fd1a8e0ba3
SHA512

6ce41b15465ac288d45b5e2b398cf91df6349060972776a35713a6c77ab5384e36dad7e42b2452bc9deef2f421add32126dbc19dda07f3cea528bae58b40206c
SSDEEP

768:/CBmkz5AzJz4md+1RDRqT50vJn7kFaEhyuQnvGqHkuQMaKdawuwKAtJlC3T5:/CDz5AdMwMD050v5k8bHkKdaw/w3T5

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/document43799605.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/document43799605.exe
unpack002/out.upx

Files

document43799605.zip
.zip
document43799605.exe
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 100KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 801B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 72B

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 100KB

UPX1 Size: 53KB - Virtual size: 56KB

UPX2 Size: 512B - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 81KB - Virtual size: 80KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 2KB - Virtual size: 5KB

.00cfg Size: 512B - Virtual size: 8B

.tls Size: 1024B - Virtual size: 801B

.voltbl Size: 512B - Virtual size: 72B

.reloc Size: 6KB - Virtual size: 5KB

UPX0
Size: - Virtual size: 100KB

UPX1
Size: 53KB - Virtual size: 56KB

UPX2
Size: 512B - Virtual size: 4KB

.text
Size: 81KB - Virtual size: 80KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 2KB - Virtual size: 5KB

.00cfg
Size: 512B - Virtual size: 8B

.tls
Size: 1024B - Virtual size: 801B

.voltbl
Size: 512B - Virtual size: 72B

.reloc
Size: 6KB - Virtual size: 5KB