0082b8b2b7ac562db544fd81b26229fd2a6a6c04a9c86123cbd89a285eeb2594 | Triage

Sharing

General

Target

0082b8b2b7ac562db544fd81b26229fd2a6a6c04a9c86123cbd89a285eeb2594
Size

433KB
MD5

1ff517fb0f45cf09acdad03cd5a2fa63
SHA1

0588ee87b824e734cfdb2af29143aa19ce83869f
SHA256

0082b8b2b7ac562db544fd81b26229fd2a6a6c04a9c86123cbd89a285eeb2594
SHA512

e4385402843cc6d0990b103692a351f4e8cb3c30a5dd228ba39be0388f065ce1e2e130fd6edb772a32a237e835f0458e645ce78c0645ce13e3d485c9a2f635fa
SSDEEP

6144:lpcY22bEKqkmeNJc5NfiXxEvt51jfI0PimrI3RZ91gID201/g6KTywioStF:lSYFEtAJcCW5jfIO8n99V1g6qywioStF

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
upx

Processes:

resource yara_rule

sample upx

Files

0082b8b2b7ac562db544fd81b26229fd2a6a6c04a9c86123cbd89a285eeb2594
.exe windows x86

Code Sign

56:3d:cb:96:dd:01:3c:9e:4b:31:3d:c3:1a:e7:f9:75
Certificate

Issuer

CN=PK Cement

Not Before

03-03-2014 18:30

Not After

03-03-2018 18:30

Subject

CN=PK Cement

61:d8:1d:71:33:59:8f:68:ae:dc:11:70:ad:56:1c:70:9d:59:e1:52
Signer

Actual PE Digest

61:d8:1d:71:33:59:8f:68:ae:dc:11:70:ad:56:1c:70:9d:59:e1:52

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=PK Cement

27-01-2022 16:14
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 415KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE