SeetrolCenter[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SeetrolCenter.exe
Size

1.8MB
MD5

1e4464e6289b7f65f06f39b4d3961a16
SHA1

31a6e5785cce24740d5eae41a9499325e7c6b17d
SHA256

a03082e74e763c832eb2b0dd99876336050c60b36574948888838b8b5e4a352b
SHA512

c696598f99460f8e3b3d1dfa5e9c6f6008553e0dc36e46a573a9770e64bff46faab150ac3bb76a0a5c1afbdb4f0941e7227b85392c184d978180890eba0d0f83
SSDEEP

49152:QrK0ZzUXwsI2LeiU9jdTMMsjOPpZHo8RMZ3J8YxmGFCoGqpw8v4jBu:QrPp0PLeiU9jdwrjYpxo8RMZZPmGIoGa

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

SeetrolCenter.exe
.exe windows x86

Code Sign

07:2d:97:ee:bc:a5:55:7e:a6:26:17:20:8c:28:cb:0a
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/02/2021, 00:00

Not After

12/02/2024, 23:59

Subject

SERIALNUMBER=105-86-49262,CN=Knowhow Electel Inc.,O=Knowhow Electel Inc.,L=Yeongdeungpo-gu,ST=Seoul,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

eb:90:9b:cf:98:9f:97:88:13:2b:d7:3b:9a:28:8e:0d:49:c7:83:d2:5c:f2:e2:f6:43:b8:2e:51:d4:91:7f:c8
Signer

Actual PE Digest

eb:90:9b:cf:98:9f:97:88:13:2b:d7:3b:9a:28:8e:0d:49:c7:83:d2:5c:f2:e2:f6:43:b8:2e:51:d4:91:7f:c8

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=105-86-49262,CN=Knowhow Electel Inc.,O=Knowhow Electel Inc.,L=Yeongdeungpo-gu,ST=Seoul,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024b52

15/04/2022, 12:07
Valid: true

Chain 1

SERIALNUMBER=105-86-49262,CN=Knowhow Electel Inc.,O=Knowhow Electel Inc.,L=Yeongdeungpo-gu,ST=Seoul,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024b52

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 4.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 203KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

07:2d:97:ee:bc:a5:55:7e:a6:26:17:20:8c:28:cb:0aCertificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

eb:90:9b:cf:98:9f:97:88:13:2b:d7:3b:9a:28:8e:0d:49:c7:83:d2:5c:f2:e2:f6:43:b8:2e:51:d4:91:7f:c8Signer

Signature Validations

Verification

15/04/2022, 12:07 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 4.7MB

UPX1 Size: 1.7MB - Virtual size: 1.7MB

.rsrc Size: 95KB - Virtual size: 96KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 1.4MB - Virtual size: 1.4MB

.data Size: 35KB - Virtual size: 64KB

.rsrc Size: 2.8MB - Virtual size: 2.8MB

.reloc Size: 203KB - Virtual size: 203KB

07:2d:97:ee:bc:a5:55:7e:a6:26:17:20:8c:28:cb:0a
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

eb:90:9b:cf:98:9f:97:88:13:2b:d7:3b:9a:28:8e:0d:49:c7:83:d2:5c:f2:e2:f6:43:b8:2e:51:d4:91:7f:c8
Signer

15/04/2022, 12:07
Valid: true

UPX0
Size: - Virtual size: 4.7MB

UPX1
Size: 1.7MB - Virtual size: 1.7MB

.rsrc
Size: 95KB - Virtual size: 96KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 35KB - Virtual size: 64KB

.rsrc
Size: 2.8MB - Virtual size: 2.8MB

.reloc
Size: 203KB - Virtual size: 203KB