0703872f890593a8fbb963af88b841c700d80261c58d0f766081f9edf4cf096c

Sharing

Copy URL

Twitter E-mail

General

Target

0703872f890593a8fbb963af88b841c700d80261c58d0f766081f9edf4cf096c
Size

334KB
MD5

f796d826122f17ca1bd937f2a2e0f36e
SHA1

ed0df6fab085258da82bbfb80ef95cd4bdd8d426
SHA256

0703872f890593a8fbb963af88b841c700d80261c58d0f766081f9edf4cf096c
SHA512

b741a63a4a411b1327db8c28599f62d76cd745e1257fbc502755e67105630f47b59757741425181b9089c4f9486b08559b338394eab17793c571fc58046db5c4
SSDEEP

6144:4vX5KTgifQAN2GfZAcyLsg3tbn/G6KTey6TBj5zAEczrsgx8A1/yafQ7bAU:UiYAN2i3g97/G6K6yY5zAEczrR8A1/VK

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

0703872f890593a8fbb963af88b841c700d80261c58d0f766081f9edf4cf096c
.exe windows x86

Code Sign

4d:ea:c2:23:e1:a2:d2:77:bc:fe:0e:e1:33:f5:d4:e2
Certificate

Issuer

CN=王义翔,O=编程人员：王义翔,1.2.840.113549.1.9.1=#1300

Not Before

31-03-2022 09:41

Not After

31-12-2039 23:59

Subject

CN=王义翔,O=编程人员：王义翔,1.2.840.113549.1.9.1=#1300

14:c9:03:f7:49:78:ed:e9:a5:46:94:7e:2c:f1:88:e0:00:34:70:61
Signer

Actual PE Digest

14:c9:03:f7:49:78:ed:e9:a5:46:94:7e:2c:f1:88:e0:00:34:70:61

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=王义翔,O=编程人员：王义翔,1.2.840.113549.1.9.1=#1300

13-01-2023 12:37
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 536KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 290KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 492KB - Virtual size: 491KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

4d:ea:c2:23:e1:a2:d2:77:bc:fe:0e:e1:33:f5:d4:e2Certificate

14:c9:03:f7:49:78:ed:e9:a5:46:94:7e:2c:f1:88:e0:00:34:70:61Signer

Signature Validations

Verification

13-01-2023 12:37 Valid: false

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 536KB

UPX1 Size: 290KB - Virtual size: 292KB

.rsrc Size: 41KB - Virtual size: 44KB

Headers

File Characteristics

Sections

.text Size: 492KB - Virtual size: 491KB

.rdata Size: 80KB - Virtual size: 77KB

.data Size: 72KB - Virtual size: 183KB

.rsrc Size: 60KB - Virtual size: 56KB

4d:ea:c2:23:e1:a2:d2:77:bc:fe:0e:e1:33:f5:d4:e2
Certificate

14:c9:03:f7:49:78:ed:e9:a5:46:94:7e:2c:f1:88:e0:00:34:70:61
Signer

13-01-2023 12:37
Valid: false

UPX0
Size: - Virtual size: 536KB

UPX1
Size: 290KB - Virtual size: 292KB

.rsrc
Size: 41KB - Virtual size: 44KB

.text
Size: 492KB - Virtual size: 491KB

.rdata
Size: 80KB - Virtual size: 77KB

.data
Size: 72KB - Virtual size: 183KB

.rsrc
Size: 60KB - Virtual size: 56KB