893e59d63fa9947838bae5fdf6ff0cdebc5ebe81d1ffd82d543a8c4daf9ab894

Sharing

Copy URL

Twitter E-mail

General

Target

893e59d63fa9947838bae5fdf6ff0cdebc5ebe81d1ffd82d543a8c4daf9ab894
Size

294KB
MD5

0e589dc718978b73ed7f0254e4e3a9af
SHA1

374bec41a2013ecaa7a42a17df32d08a846818f7
SHA256

893e59d63fa9947838bae5fdf6ff0cdebc5ebe81d1ffd82d543a8c4daf9ab894
SHA512

9477c4bad8e2e7c38c0199f8051f27fed1b570936268086603b3022dc6105ff2918dee744853ef57da230b9620cc12cb0ebfbae26b332c3eae665b9d060ca7eb
SSDEEP

6144:KWrbUaaWGp3Bua8w3tkRfFFvW72dqeDG2omltDd0+MhoMnXCGGjGGtGGxGgG0GyE:Kc4aaNitwdAfFF9gPaFMuMnXji6

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

893e59d63fa9947838bae5fdf6ff0cdebc5ebe81d1ffd82d543a8c4daf9ab894
.exe windows x86

Code Sign

01
Certificate

Issuer

O=Internet Widgits Pty Ltd,ST=AS,C=GG

Not Before

19-06-2013 22:51

Not After

19-06-2015 22:51

Subject

O=Internet Widgits Pty Ltd,ST=TY,C=TT

97:15:4d:ca:01:60:46:6e:fe:83:d1:74:8f:4f:12:bb:93:b1:1a:e3
Signer

Actual PE Digest

97:15:4d:ca:01:60:46:6e:fe:83:d1:74:8f:4f:12:bb:93:b1:1a:e3

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

O=Internet Widgits Pty Ltd,ST=TY,C=TT

01-12-2022 14:34
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 144KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 171KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 264KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Code Sign

01Certificate

97:15:4d:ca:01:60:46:6e:fe:83:d1:74:8f:4f:12:bb:93:b1:1a:e3Signer

Signature Validations

Verification

01-12-2022 14:34 Valid: false

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 144KB

UPX1 Size: 171KB - Virtual size: 172KB

.rsrc Size: 119KB - Virtual size: 120KB

Headers

File Characteristics

Sections

.text Size: 12KB - Virtual size: 8KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 264KB - Virtual size: 260KB

.idata Size: 8KB - Virtual size: 8KB

01
Certificate

97:15:4d:ca:01:60:46:6e:fe:83:d1:74:8f:4f:12:bb:93:b1:1a:e3
Signer

01-12-2022 14:34
Valid: false

UPX0
Size: - Virtual size: 144KB

UPX1
Size: 171KB - Virtual size: 172KB

.rsrc
Size: 119KB - Virtual size: 120KB

.text
Size: 12KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 264KB - Virtual size: 260KB

.idata
Size: 8KB - Virtual size: 8KB