UVUpdater[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

UVUpdater.exe
Size

3.6MB
MD5

b8963ae73b8b089cf37e62090d7eb0e0
SHA1

4c2a137ae089f2bc7f859d2f0aa3ce63d909b179
SHA256

4489f1958cf326b66575ff82dcd72f98520a072f254e3b558d16a14d7e9eadd7
SHA512

cb945b8a2ba2172317f3b99509c9c6c0a86c10c898e45f8c0718c1ceca7ecd3eb8fd30cc84c024ef5089ccd164a8d39839920045ff2fa723d27938d66bf6c85d
SSDEEP

49152:gFYgD9pDSu9sssq8nOF94dEnzn/bn3Dsbar+Z3fUH83h/BwcGPrv3x8SbM/mCgRb:wYgTDJisMu9OoT3+i+ZP//Gdv2X/yeI

Score

1^/10

Malware Config

Signatures

Files

UVUpdater.exe
.zip

Password: S@ndb0x!2023@@
Device/HarddiskVolume4/Program Files (x86)/UltraViewer/Update/UVUpdater.exe
.exe windows x86

Password: S@ndb0x!2023@@

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

c6:e9:49:fc:b3:ed:fb:a7:4b:e2:5a:7c:f4:aa:d2:05
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/12/2020, 00:00

Not After

27/11/2023, 23:59

Subject

CN=DUC FABULOUS CO.\,LTD,O=DUC FABULOUS CO.\,LTD,STREET=4/179 Minh Khai\, Hai Ba Trung\, Ha Noi\, Viet Nam,L=Minh Khai,ST=Ha Noi,C=VN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:35:a7:5a:5b:26:31:66:42:5b:39:aa:af:00:28:0e:22:8f:ba:23
Signer

Actual PE Digest

33:35:a7:5a:5b:26:31:66:42:5b:39:aa:af:00:28:0e:22:8f:ba:23

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=DUC FABULOUS CO.\,LTD,O=DUC FABULOUS CO.\,LTD,STREET=4/179 Minh Khai\, Hai Ba Trung\, Ha Noi\, Viet Nam,L=Minh Khai,ST=Ha Noi,C=VN

27/03/2023, 18:22
Valid: true

Chain 1

CN=DUC FABULOUS CO.\,LTD,O=DUC FABULOUS CO.\,LTD,STREET=4/179 Minh Khai\, Hai Ba Trung\, Ha Noi\, Viet Nam,L=Minh Khai,ST=Ha Noi,C=VN

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 142B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
manifest.json

Sharing

General

Malware Config

Signatures

Files

Password: S@ndb0x!2023@@

Password: S@ndb0x!2023@@

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

c6:e9:49:fc:b3:ed:fb:a7:4b:e2:5a:7c:f4:aa:d2:05Certificate

Extended Key Usages

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

33:35:a7:5a:5b:26:31:66:42:5b:39:aa:af:00:28:0e:22:8f:ba:23Signer

Signature Validations

Verification

27/03/2023, 18:22 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 3.7MB - Virtual size: 3.7MB

.sdata Size: 512B - Virtual size: 142B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 12B

c6:e9:49:fc:b3:ed:fb:a7:4b:e2:5a:7c:f4:aa:d2:05
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

33:35:a7:5a:5b:26:31:66:42:5b:39:aa:af:00:28:0e:22:8f:ba:23
Signer

27/03/2023, 18:22
Valid: true

.text
Size: 3.7MB - Virtual size: 3.7MB

.sdata
Size: 512B - Virtual size: 142B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 12B