07ba93db3fab2ddc8585a404f5281957

Sharing

Copy URL

Twitter E-mail

General

Target

07ba93db3fab2ddc8585a404f5281957
Size

2.7MB
MD5

07ba93db3fab2ddc8585a404f5281957
SHA1

3e626a63479f9cf6a0b87ee8e6db44ad2bc70ae1
SHA256

06acbb47b730654cd044cbfb0239f0bac4f7284589d9a6f4c4e21acb533f67ed
SHA512

ec97f11869d3007f3773561dc51fdbab5d2f2bf245f923375310e39716961758647429728e7133da73f164ebc233cd6777ecc83ce99efb5043287564d45a1ebb
SSDEEP

49152:gP7HJLj7dq0YVUwU3obEUmQU/NBvh4nYJleaCM:gTRndJ8mbnhRHp

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/out.upx

Files

07ba93db3fab2ddc8585a404f5281957
.exe windows:5 windows x86 arch:x86

Code Sign

4b:53:d6:46:92:ff:64
Certificate

Issuer

SERIALNUMBER=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

26-03-2013 12:57

Not After

30-03-2014 15:26

Subject

CN=Descarga Segura LLC,O=Descarga Segura LLC,L=Wilmington,ST=DE,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Certificate

Issuer

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

Not Before

29-06-2004 17:06

Not After

29-06-2034 17:06

Subject

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

03:01
Certificate

Issuer

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

Not Before

16-11-2006 01:54

Not After

16-11-2026 01:54

Subject

SERIALNUMBER=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

28:63:c1:39:e3:a1:c3:88:2b:12:f9:b1:79:15:e3:72:d1:38:27:56
Signer

Actual PE Digest

28:63:c1:39:e3:a1:c3:88:2b:12:f9:b1:79:15:e3:72:d1:38:27:56

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 260KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 141KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

4b:53:d6:46:92:ff:64Certificate

Extended Key Usages

Key Usages

Certificate

03:01Certificate

Key Usages

28:63:c1:39:e3:a1:c3:88:2b:12:f9:b1:79:15:e3:72:d1:38:27:56Signer

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 260KB

UPX1 Size: 141KB - Virtual size: 144KB

.rsrc Size: 11KB - Virtual size: 12KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 174KB - Virtual size: 173KB

.rdata Size: 49KB - Virtual size: 48KB

.data Size: 7KB - Virtual size: 15KB

.rsrc Size: 112KB - Virtual size: 111KB

.reloc Size: 36KB - Virtual size: 35KB

4b:53:d6:46:92:ff:64
Certificate

03:01
Certificate

28:63:c1:39:e3:a1:c3:88:2b:12:f9:b1:79:15:e3:72:d1:38:27:56
Signer

UPX0
Size: - Virtual size: 260KB

UPX1
Size: 141KB - Virtual size: 144KB

.rsrc
Size: 11KB - Virtual size: 12KB

.text
Size: 174KB - Virtual size: 173KB

.rdata
Size: 49KB - Virtual size: 48KB

.data
Size: 7KB - Virtual size: 15KB

.rsrc
Size: 112KB - Virtual size: 111KB

.reloc
Size: 36KB - Virtual size: 35KB