d06b193a1450b2080022de62dc8bff1133109f9099c1f49fd5ef15c0970a3d18

Sharing

Copy URL

Twitter E-mail

General

Target

d06b193a1450b2080022de62dc8bff1133109f9099c1f49fd5ef15c0970a3d18
Size

337KB
MD5

6a20ef4501aff056f0f7b9c8cd4e4a90
SHA1

c8c2b558665070f54247e52a0eae2677b753f946
SHA256

d06b193a1450b2080022de62dc8bff1133109f9099c1f49fd5ef15c0970a3d18
SHA512

44ce65d9f5a13b5765c361cc66b84f8a3797c574d5ce3874159ab7d6e4b5a9caa72d58e74c5a468378d1f1299f7b8dc3bfd2d46da0c39a25ac5d155137ef24d1
SSDEEP

6144:Qpgt/6vW7LYrR2G6vBxDVwkfPcAdeXVXHKTnrBdSTl:4gh7EF16JxDV/fPGXVXHKTnrBd

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
upx

Processes:

resource yara_rule

sample upx

resource	yara_rule
sample	upx

Files

d06b193a1450b2080022de62dc8bff1133109f9099c1f49fd5ef15c0970a3d18
.exe windows x86

Code Sign

57:f9:19:b5:96:c8:31:5e:bb:39:eb:6e:a9:7e:1a:31
Certificate

Issuer

CN=ALWIL Software

Not Before

08-02-2011 22:24

Not After

31-12-2039 23:59

Subject

CN=ALWIL Software

1c:2e:76:75:42:47:d9:1b:ad:58:c3:9f:b1:7a:29:15:3e:5a:20:b4
Signer

Actual PE Digest

1c:2e:76:75:42:47:d9:1b:ad:58:c3:9f:b1:7a:29:15:3e:5a:20:b4

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=ALWIL Software

01-12-2022 14:34
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 284KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 212KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 162KB - Virtual size: 396KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

57:f9:19:b5:96:c8:31:5e:bb:39:eb:6e:a9:7e:1a:31Certificate

1c:2e:76:75:42:47:d9:1b:ad:58:c3:9f:b1:7a:29:15:3e:5a:20:b4Signer

Signature Validations

Verification

01-12-2022 14:34 Valid: false

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 284KB

UPX1 Size: 212KB - Virtual size: 216KB

.rsrc Size: 124KB - Virtual size: 144KB

Headers

File Characteristics

Sections

.text Size: 162KB - Virtual size: 396KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 73KB - Virtual size: 76KB

.rsrc Size: 4KB - Virtual size: 4KB

57:f9:19:b5:96:c8:31:5e:bb:39:eb:6e:a9:7e:1a:31
Certificate

1c:2e:76:75:42:47:d9:1b:ad:58:c3:9f:b1:7a:29:15:3e:5a:20:b4
Signer

01-12-2022 14:34
Valid: false

UPX0
Size: - Virtual size: 284KB

UPX1
Size: 212KB - Virtual size: 216KB

.rsrc
Size: 124KB - Virtual size: 144KB

.text
Size: 162KB - Virtual size: 396KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 73KB - Virtual size: 76KB

.rsrc
Size: 4KB - Virtual size: 4KB