c32909080668de34794d43e5d5694db37933ff7aed3285c81a08826d3ae26501 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c32909080668de34794d43e5d5694db37933ff7aed3285c81a08826d3ae26501
Size

12.8MB
MD5

a1bf590f7f73159a0cfc4b69bf975f18
SHA1

767fd307a5609e96f258886b901e5d927747e69e
SHA256

c32909080668de34794d43e5d5694db37933ff7aed3285c81a08826d3ae26501
SHA512

370d28ca774b54250e43487bbb0980d7f27bcfdd84b82ef072593c8b096199afec595f38d4c0a36797a96feefceb39a0a2690a5c4a75b749acfd135b262b80bc
SSDEEP

393216:wUxdcLgl6jHj01QGhSJLchspmpd+ZO0Bi43A:fXcUl6jHg7c+Gm7fci4w

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

c32909080668de34794d43e5d5694db37933ff7aed3285c81a08826d3ae26501
.exe windows x86

Code Sign

6e:b0:3f:62:39:5f:d2:7c:be:ed:93:8e:65:50:80:b5
Certificate

Issuer

CN=VirtualHotBar,O=VirtualHotBar,1.2.840.113549.1.9.1=#0c10686f7462617240686f7470652e746f70

Not Before

11/08/2022, 07:45

Not After

31/12/2039, 23:59

Subject

CN=VirtualHotBar,O=VirtualHotBar,1.2.840.113549.1.9.1=#0c10686f7462617240686f7470652e746f70

3f:e7:37:70:5b:eb:ab:5b:04:70:e7:38:02:3b:93:22:3a:d8:55:09
Signer

Actual PE Digest

3f:e7:37:70:5b:eb:ab:5b:04:70:e7:38:02:3b:93:22:3a:d8:55:09

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 5.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 12.6MB - Virtual size: 12.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 286KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE