0d43ff61aa23b4f6af9bbf8c5220e0646715e9fbbf298be7c417d6b8ae355f63 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d43ff61aa23b4f6af9bbf8c5220e0646715e9fbbf298be7c417d6b8ae355f63
Size

233KB
MD5

afc4d8b2d8fffaedfdb999cacb60f032
SHA1

13d96747d37ff9891b0b8381c75079a896c7048e
SHA256

0d43ff61aa23b4f6af9bbf8c5220e0646715e9fbbf298be7c417d6b8ae355f63
SHA512

652d9deac843fc4e188e17bf406f856d6bbfbb1fe686db50986daf59eebdfda7237874cfa9f1e1a3232ef13bfec0a7dc8f7c3e0ad9df01f805c3d1b5e5ec9c96
SSDEEP

6144:yjFy93LU92VxOtVflFud4TnxcpPTASCmqMorHwMwoSO:yFy9bPQZlFjrG0ZmYbw9oSO

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

0d43ff61aa23b4f6af9bbf8c5220e0646715e9fbbf298be7c417d6b8ae355f63
.exe windows x86

Code Sign

32:58:e2:ec:c8:9b:11:8a:48:e4:27:49:ec:1f:ac:a5
Certificate

Issuer

CN=My CA

Not Before

21/12/2014, 04:09

Not After

31/12/2039, 23:59

Subject

CN=My SPC

94:8a:5f:9e:bf:1f:86:dd:80:3d:48:c3:cb:2f:68:9c:67:dc:f4:e1
Signer

Actual PE Digest

94:8a:5f:9e:bf:1f:86:dd:80:3d:48:c3:cb:2f:68:9c:67:dc:f4:e1

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=My SPC

24/11/2022, 14:54
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 496KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 227KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE