57ab710f4f52fb571cd0e1e9c2478c38717fe95fcc9f7c5ba2f3a796fc339b62[.]zip

General

Target

57ab710f4f52fb571cd0e1e9c2478c38717fe95fcc9f7c5ba2f3a796fc339b62.zip
Size

91KB
MD5

e34225705c5d6c48849f2aedecfcae61
SHA1

258634ab1e5a5ede357324a762200a1ad0be69e4
SHA256

9c74e1c18c2f7056010933362bc035923469d71016c8babbaaa5d2eae626836f
SHA512

9e1badaf8e58b8c6b046658be91f2783d0bea6f144e0cb0496af932999287794ad9834673a178ad3b694d0782161bfb36139d0f34a8f6a41c57a5397a3588ceb
SSDEEP

1536:BHkY1AOTBOVz5FOl/KnGjE4mCqzVFZjee4TMiNpn7l+O2iXJ9jBX7aGbXh8J:BHz6gBOhPeSfjefVr7l+hU7Fh8J

Score

5^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/57ab710f4f52fb571cd0e1e9c2478c38717fe95fcc9f7c5ba2f3a796fc339b62.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/57ab710f4f52fb571cd0e1e9c2478c38717fe95fcc9f7c5ba2f3a796fc339b62.exe

57ab710f4f52fb571cd0e1e9c2478c38717fe95fcc9f7c5ba2f3a796fc339b62.zip
.zip

Password: infected
57ab710f4f52fb571cd0e1e9c2478c38717fe95fcc9f7c5ba2f3a796fc339b62.exe
.exe windows:4 windows x86 arch:x86

94499ec57ca7f8a108e513ffe23240eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord553
ord667
ord595
ord598
ord631
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord534
ProcCallEngine
ord100
ord610
ord655

Sections

UPX0
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE