23b23403ff4dc7d84c970f81058cd525df3864c9e19510de2dde85ec1e33cb21

Sharing

Copy URL

Twitter E-mail

General

Target

23b23403ff4dc7d84c970f81058cd525df3864c9e19510de2dde85ec1e33cb21
Size

1.9MB
MD5

5ecbadcc4176914fba2092627cb72ebb
SHA1

9240b3d617af09b92200adf7f8ce0ceec6451d52
SHA256

23b23403ff4dc7d84c970f81058cd525df3864c9e19510de2dde85ec1e33cb21
SHA512

db1d3eb663f7b4e6dcd2364e19374c476a409f1d93340a4037c99b75f0f0a5afe1f25b6c2324b53363f09a890a37b76bcc998fa4923a5ea9830128f19c59ef66
SSDEEP

49152:BhloJfeL5N/1q8CAxj55d2VvBwpp//6+lXZBIYQ:BhlzL38kj7aBkp//6+psD

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
upx

Processes:

resource yara_rule

sample upx

resource	yara_rule
sample	upx

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

Processes:

resource	yara_rule
static1/unpack001/out.upx	autoit_exe

Files

23b23403ff4dc7d84c970f81058cd525df3864c9e19510de2dde85ec1e33cb21
.exe windows x86

Code Sign

08:c3:37:d1:80:9f:41:53:93:63:bc:f6:0d:88:1a:b2
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

27-06-2014 00:00

Not After

26-06-2015 23:59

Subject

CN=Kreapixel Network,OU=24,O=Kreapixel Network,L=Bergerac,ST=Dordogne,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

8e:ba:7f:9b:2c:02:93:b5:57:45:39:13:22:a3:95:49:13:77:de:64
Signer

Actual PE Digest

8e:ba:7f:9b:2c:02:93:b5:57:45:39:13:22:a3:95:49:13:77:de:64

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Kreapixel Network,OU=24,O=Kreapixel Network,L=Bergerac,ST=Dordogne,C=FR

17-11-2022 13:28
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 337KB - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 560KB - Virtual size: 559KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

08:c3:37:d1:80:9f:41:53:93:63:bc:f6:0d:88:1a:b2Certificate

Extended Key Usages

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5eCertificate

Extended Key Usages

Key Usages

8e:ba:7f:9b:2c:02:93:b5:57:45:39:13:22:a3:95:49:13:77:de:64Signer

Signature Validations

Verification

17-11-2022 13:28 Valid: false

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 2.0MB

UPX1 Size: 337KB - Virtual size: 340KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 560KB - Virtual size: 559KB

.rdata Size: 178KB - Virtual size: 177KB

.data Size: 24KB - Virtual size: 39KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

.reloc Size: 41KB - Virtual size: 41KB

08:c3:37:d1:80:9f:41:53:93:63:bc:f6:0d:88:1a:b2
Certificate

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

8e:ba:7f:9b:2c:02:93:b5:57:45:39:13:22:a3:95:49:13:77:de:64
Signer

17-11-2022 13:28
Valid: false

UPX0
Size: - Virtual size: 2.0MB

UPX1
Size: 337KB - Virtual size: 340KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

.text
Size: 560KB - Virtual size: 559KB

.rdata
Size: 178KB - Virtual size: 177KB

.data
Size: 24KB - Virtual size: 39KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

.reloc
Size: 41KB - Virtual size: 41KB