c54c38c42ec08aab56df7f51768ce38fe15d111332c0710775b72103d5d2e0ed

Sharing

Copy URL Twitter E-mail

General

Target

c54c38c42ec08aab56df7f51768ce38fe15d111332c0710775b72103d5d2e0ed
Size

18KB
MD5

7d164f4dc85b7c8bb90c40c904640944
SHA1

491b264da174e987e5a01133ed267c0fc78e96a5
SHA256

c54c38c42ec08aab56df7f51768ce38fe15d111332c0710775b72103d5d2e0ed
SHA512

0e730fcf9f0c0292f8fb671f4f11380baacb45e0408e6b3d0785b8079abfbd56ac14f4ebd8c0073e87c3bd15c95a74c470e9fb234ef89eb501d368afa7d91671
SSDEEP

384:WKQxiuQ/6YfnlXL5987DLuWDyzyQ0ZX7aX+/Ovj9mJ685acX5aaWF:W1uhH875DOyQ0ZX7hY9mBPJ7WF

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

c54c38c42ec08aab56df7f51768ce38fe15d111332c0710775b72103d5d2e0ed
.exe windows x86

Code Sign

02:6e:6c:75:6c:a2:83:b7:46:6b:c7:ba:6b:e2:be:c9
Certificate

Issuer

CN=NVIDIA Corporation,ST=Hubei,C=China,1.2.840.113549.1.9.1=#1300

Not Before

27/11/2021, 05:19

Not After

31/12/2023, 16:00

Subject

CN=NVIDIA Corporation,ST=Hubei,C=China,1.2.840.113549.1.9.1=#1300

02:6e:6c:75:6c:a2:83:b7:46:6b:c7:ba:6b:e2:be:c9
Certificate

Issuer

CN=NVIDIA Corporation,ST=Hubei,C=China,1.2.840.113549.1.9.1=#1300

Not Before

27/11/2021, 05:19

Not After

31/12/2023, 16:00

Subject

CN=NVIDIA Corporation,ST=Hubei,C=China,1.2.840.113549.1.9.1=#1300

8b:8b:61:da:76:de:17:ca:ad:e7:88:8a:a0:b2:c4:3a:a6:0b:f2:45:69:7a:f4:2d:cd:84:91:6f:69:9a:69:7d
Signer

Actual PE Digest

8b:8b:61:da:76:de:17:ca:ad:e7:88:8a:a0:b2:c4:3a:a6:0b:f2:45:69:7a:f4:2d:cd:84:91:6f:69:9a:69:7d

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=NVIDIA Corporation,ST=Hubei,C=China,1.2.840.113549.1.9.1=#1300

17/11/2022, 13:20
Valid: false

a7:b5:2e:52:da:52:de:81:f3:a5:fa:28:a9:50:34:eb:4d:18:32:15
Signer

Actual PE Digest

a7:b5:2e:52:da:52:de:81:f3:a5:fa:28:a9:50:34:eb:4d:18:32:15

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=NVIDIA Corporation,ST=Hubei,C=China,1.2.840.113549.1.9.1=#1300

17/11/2022, 13:20
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

02:6e:6c:75:6c:a2:83:b7:46:6b:c7:ba:6b:e2:be:c9Certificate

02:6e:6c:75:6c:a2:83:b7:46:6b:c7:ba:6b:e2:be:c9Certificate

8b:8b:61:da:76:de:17:ca:ad:e7:88:8a:a0:b2:c4:3a:a6:0b:f2:45:69:7a:f4:2d:cd:84:91:6f:69:9a:69:7dSigner

Signature Validations

Verification

17/11/2022, 13:20 Valid: false

a7:b5:2e:52:da:52:de:81:f3:a5:fa:28:a9:50:34:eb:4d:18:32:15Signer

Signature Validations

Verification

17/11/2022, 13:20 Valid: false

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 28KB

UPX1 Size: 9KB - Virtual size: 12KB

.rsrc Size: 5KB - Virtual size: 8KB

Headers

File Characteristics

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 876B

.rsrc Size: 12KB - Virtual size: 11KB

02:6e:6c:75:6c:a2:83:b7:46:6b:c7:ba:6b:e2:be:c9
Certificate

02:6e:6c:75:6c:a2:83:b7:46:6b:c7:ba:6b:e2:be:c9
Certificate

8b:8b:61:da:76:de:17:ca:ad:e7:88:8a:a0:b2:c4:3a:a6:0b:f2:45:69:7a:f4:2d:cd:84:91:6f:69:9a:69:7d
Signer

17/11/2022, 13:20
Valid: false

a7:b5:2e:52:da:52:de:81:f3:a5:fa:28:a9:50:34:eb:4d:18:32:15
Signer

17/11/2022, 13:20
Valid: false

UPX0
Size: - Virtual size: 28KB

UPX1
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 5KB - Virtual size: 8KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 876B

.rsrc
Size: 12KB - Virtual size: 11KB