a593ca8d278b0d59e5e15fa3474e76f6e3f4af919d911e67150dd2a5d81f469e

Resubmissions

20/02/2024, 04:19

240220-ex14qsag6t 7

19/10/2023, 03:02

231019-djywsadc6s 7

Sharing

Copy URL Twitter E-mail

General

Target

a593ca8d278b0d59e5e15fa3474e76f6e3f4af919d911e67150dd2a5d81f469e
Size

666KB
MD5

2ddeda242d443413ac15705486a75111
SHA1

e34afff6f3a92aaa4c1d77277be30b4ad520a5ab
SHA256

a593ca8d278b0d59e5e15fa3474e76f6e3f4af919d911e67150dd2a5d81f469e
SHA512

1c09bd19c298e25586181feab5704632fe79713de43bb9060fefeb9433389e03f6d186dabdd8ec6036543eb3cac1b3118af5a58386ddc6ddbca370cf16d30d1b
SSDEEP

12288:NnrsFd7aoUm3FQMn8oUd3Tg8RybUPMO4nEfsFuPzp2+uVWMG4M7ceqfoSiY:dgH7aopn8oiDh0XEfsYpvtHC

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

a593ca8d278b0d59e5e15fa3474e76f6e3f4af919d911e67150dd2a5d81f469e
.exe windows:4 windows x86 arch:x86

Code Sign

11:85:c2:6b:ba:eb:c0:92:46:61:fc:6f:dc:bf:ac:da
Certificate

Issuer

CN=CMSOFT.CN,ST=野人家园,C=China,1.2.840.113549.1.9.1=#0c11737570706f727440636d736f66742e636e

Not Before

21/05/2023, 10:30

Not After

31/12/2039, 23:59

Subject

CN=CMSOFT.CN,ST=野人家园,C=China,1.2.840.113549.1.9.1=#0c11737570706f727440636d736f66742e636e

6c:97:31:71:71:d4:d4:6f
Certificate

Issuer

CN=GDCA TrustAUTH R4 Generic CA,O=Global Digital Cybersecurity Authority Co.\, Ltd.,C=CN

Not Before

14/03/2017, 06:51

Not After

12/03/2027, 06:51

Subject

CN=GDCA Timestamp Signer,OU=数安时代科技股份有限公司,L=广州市,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7d:09:97:fe:f0:47:ea:7a
Certificate

Issuer

CN=GDCA TrustAUTH R5 ROOT,O=GUANG DONG CERTIFICATE AUTHORITY CO.\,LTD.,C=CN

Not Before

26/11/2014, 05:13

Not After

31/12/2040, 15:59

Subject

CN=GDCA TrustAUTH R5 ROOT,O=GUANG DONG CERTIFICATE AUTHORITY CO.\,LTD.,C=CN

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

28:35:6a:9c:70:b4:55:78
Certificate

Issuer

CN=GDCA TrustAUTH R5 ROOT,O=GUANG DONG CERTIFICATE AUTHORITY CO.\,LTD.,C=CN

Not Before

07/04/2016, 09:58

Not After

30/12/2030, 16:00

Subject

CN=GDCA TrustAUTH R4 Generic CA,O=Global Digital Cybersecurity Authority Co.\, Ltd.,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

f1:55:86:cf:ec:50:f5:0e:8a:69:71:06:14:f8:d2:f7:ab:09:92:4c:90:49:12:f7:d0:e1:f6:4a:a4:dd:ac:45
Signer

Actual PE Digest

f1:55:86:cf:ec:50:f5:0e:8a:69:71:06:14:f8:d2:f7:ab:09:92:4c:90:49:12:f7:d0:e1:f6:4a:a4:dd:ac:45

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 1.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 634KB - Virtual size: 636KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Code Sign

11:85:c2:6b:ba:eb:c0:92:46:61:fc:6f:dc:bf:ac:daCertificate

6c:97:31:71:71:d4:d4:6fCertificate

Extended Key Usages

Key Usages

7d:09:97:fe:f0:47:ea:7aCertificate

Key Usages

28:35:6a:9c:70:b4:55:78Certificate

Key Usages

f1:55:86:cf:ec:50:f5:0e:8a:69:71:06:14:f8:d2:f7:ab:09:92:4c:90:49:12:f7:d0:e1:f6:4a:a4:dd:ac:45Signer

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.8MB

UPX1 Size: 634KB - Virtual size: 636KB

.rsrc Size: 25KB - Virtual size: 28KB

11:85:c2:6b:ba:eb:c0:92:46:61:fc:6f:dc:bf:ac:da
Certificate

6c:97:31:71:71:d4:d4:6f
Certificate

7d:09:97:fe:f0:47:ea:7a
Certificate

28:35:6a:9c:70:b4:55:78
Certificate

f1:55:86:cf:ec:50:f5:0e:8a:69:71:06:14:f8:d2:f7:ab:09:92:4c:90:49:12:f7:d0:e1:f6:4a:a4:dd:ac:45
Signer

UPX0
Size: - Virtual size: 1.8MB

UPX1
Size: 634KB - Virtual size: 636KB

.rsrc
Size: 25KB - Virtual size: 28KB