e5086ed1926ade4c66b4c65f2059d639f90515793206127a8d0fa923e55f9e1f

Sharing

Copy URL Twitter E-mail

General

Target

e5086ed1926ade4c66b4c65f2059d639f90515793206127a8d0fa923e55f9e1f
Size

32KB
MD5

f2026cb152868a2d68af9e3bd74cdb40
SHA1

0518828dc270557b117b8b04b138fe07ae453613
SHA256

e5086ed1926ade4c66b4c65f2059d639f90515793206127a8d0fa923e55f9e1f
SHA512

30567d2e5a4579e475124104c5d23f75503cf97eb118f772829b6292f1957a50d522e5a74403e791a75528f2eaca667c375d3c9829e0bec7d01932ebccf2e67e
SSDEEP

768:P4OZT8bDxgNWf1Aq7ox0pJxl9DXJwOlScZ1FfUfOjxI4Ki4p9wLnjd5m:QG4DG8o0vxl9zJwKXpcfOjmiK9wLp5m

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

e5086ed1926ade4c66b4c65f2059d639f90515793206127a8d0fa923e55f9e1f
.exe windows x86

Code Sign

5a:bc:cc:83:4d:a0:b3:80:40:2e:5c:b2:b4:20:37:25
Certificate

Issuer

CN=Root Agency

Not Before

04/09/2009, 22:59

Not After

31/12/2039, 23:59

Subject

CN=CDC,O=TaiWan Microwoman technologies inc.

e9:4a:eb:a0:89:68:43:b2:13:a6:5e:c2:9e:c1:25:5f:54:fd:9e:27
Signer

Actual PE Digest

e9:4a:eb:a0:89:68:43:b2:13:a6:5e:c2:9e:c1:25:5f:54:fd:9e:27

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=CDC,O=TaiWan Microwoman technologies inc.

01/12/2022, 14:34
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Code Sign

5a:bc:cc:83:4d:a0:b3:80:40:2e:5c:b2:b4:20:37:25Certificate

e9:4a:eb:a0:89:68:43:b2:13:a6:5e:c2:9e:c1:25:5f:54:fd:9e:27Signer

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 36KB

UPX1 Size: 25KB - Virtual size: 28KB

UPX2 Size: 512B - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 12KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 36KB - Virtual size: 37KB

5a:bc:cc:83:4d:a0:b3:80:40:2e:5c:b2:b4:20:37:25
Certificate

e9:4a:eb:a0:89:68:43:b2:13:a6:5e:c2:9e:c1:25:5f:54:fd:9e:27
Signer

01/12/2022, 14:34
Valid: false

UPX0
Size: - Virtual size: 36KB

UPX1
Size: 25KB - Virtual size: 28KB

UPX2
Size: 512B - Virtual size: 4KB

.text
Size: 12KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 36KB - Virtual size: 37KB