5c094ea06404d6f60f1304f2f9fc537a57042ef0d91ef2f12181465ac61c7d6f

Sharing

Copy URL Twitter E-mail

General

Target

5c094ea06404d6f60f1304f2f9fc537a57042ef0d91ef2f12181465ac61c7d6f
Size

71KB
MD5

3c5e7a578e1f9e6cb6983463cc770f87
SHA1

7d1d3c661ec6f07405412057a64e6df38dbe544c
SHA256

5c094ea06404d6f60f1304f2f9fc537a57042ef0d91ef2f12181465ac61c7d6f
SHA512

3dc25328c734694b6632662b6bb223c1e3a31cae7470b53fff5659e85ed470354e66a92ae4686bca8cf92b1bc77cd8527598516cfd868d7a0d1d63a89ba4063b
SSDEEP

1536:6hbEsqbX9ggnRoNUKulLACL1xTkg3oq7nE:2biX9gQRvRlsCzwg4CnE

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

5c094ea06404d6f60f1304f2f9fc537a57042ef0d91ef2f12181465ac61c7d6f
.exe windows x86

Code Sign

01
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

01/08/1996, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

7e:30:16:4d:e4:08:a3:4d:00:bd:b3:1a:53:f8:81:04
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

25/01/2010, 00:00

Not After

25/01/2011, 23:59

Subject

CN=비에스커뮤니케이션,O=비에스커뮤니케이션,L=Jungnang-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

91:c3:d7:b9:50:96:2a:71:c9:35:0e:08:61:02:77:10:13:40:35:59
Signer

Actual PE Digest

91:c3:d7:b9:50:96:2a:71:c9:35:0e:08:61:02:77:10:13:40:35:59

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=비에스커뮤니케이션,O=비에스커뮤니케이션,L=Jungnang-gu,ST=Seoul,C=KR

17/11/2022, 13:17
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 59KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

01Certificate

7e:30:16:4d:e4:08:a3:4d:00:bd:b3:1a:53:f8:81:04Certificate

Extended Key Usages

0aCertificate

Extended Key Usages

Key Usages

91:c3:d7:b9:50:96:2a:71:c9:35:0e:08:61:02:77:10:13:40:35:59Signer

Signature Validations

Verification

17/11/2022, 13:17 Valid: false

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 104KB

UPX1 Size: 59KB - Virtual size: 60KB

.rsrc Size: 8KB - Virtual size: 8KB

Headers

File Characteristics

Sections

.text Size: 88KB - Virtual size: 84KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 16KB - Virtual size: 27KB

.rsrc Size: 16KB - Virtual size: 13KB

01
Certificate

7e:30:16:4d:e4:08:a3:4d:00:bd:b3:1a:53:f8:81:04
Certificate

0a
Certificate

91:c3:d7:b9:50:96:2a:71:c9:35:0e:08:61:02:77:10:13:40:35:59
Signer

17/11/2022, 13:17
Valid: false

UPX0
Size: - Virtual size: 104KB

UPX1
Size: 59KB - Virtual size: 60KB

.rsrc
Size: 8KB - Virtual size: 8KB

.text
Size: 88KB - Virtual size: 84KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 16KB - Virtual size: 27KB

.rsrc
Size: 16KB - Virtual size: 13KB