ef07758098fe7774018e3c38916d637fe93e8d9463bfd33c36758bb6469c539f

Sharing

Copy URL Twitter E-mail

General

Target

ef07758098fe7774018e3c38916d637fe93e8d9463bfd33c36758bb6469c539f
Size

9.5MB
MD5

1a21340a5f44cae24d81b7213db94871
SHA1

b8c69b34c8e8d7266025da1bdabf2877b510f09a
SHA256

ef07758098fe7774018e3c38916d637fe93e8d9463bfd33c36758bb6469c539f
SHA512

8bceaf073d30a464c2ad029ebd4f4eb31824de5f313dd5b3121601e73d13abbfdcb2bad20aa6b68de887839066589d2ea91af247a094cf30ef327ea29d7dbf9e
SSDEEP

196608:TcxCGkmVWIlhpErpDSKOwqa8Fr68Yw4KJVOcUmcofHckTYRaoLy:TlGkylXONtOwq/FrawFUmcHHEoLy

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

ef07758098fe7774018e3c38916d637fe93e8d9463bfd33c36758bb6469c539f
.exe windows:6 windows x86 arch:x86

Code Sign

2d:2b:7d:36:c7:4d:ea:61:b7:b4:fb:72:f9:64:97:13
Certificate

Issuer

CN=Cloudbox,O=Azu,1.2.840.113549.1.9.1=#13096d6963726f736f6674

Not Before

31/12/2019, 16:00

Not After

31/12/2079, 16:00

Subject

CN=Cloudbox,O=Azu,1.2.840.113549.1.9.1=#13096d6963726f736f6674

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31/05/2021, 06:43

Not After

17/09/2029, 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

f1:64:25:8c:09:b6:e2:7b:e2:0e:32:60:8e:4b:f4:a8
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

19/05/2021, 05:42

Not After

18/05/2032, 05:42

Subject

CN=Certum Timestamp 2021,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ed:cf:b0:2b:d6:e1:f0:93:7e:c8:2a:77:6e:8d:00:37:d8:ca:38:50
Signer

Actual PE Digest

ed:cf:b0:2b:d6:e1:f0:93:7e:c8:2a:77:6e:8d:00:37:d8:ca:38:50

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 964KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 9.4MB - Virtual size: 9.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Code Sign

2d:2b:7d:36:c7:4d:ea:61:b7:b4:fb:72:f9:64:97:13Certificate

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27Certificate

Key Usages

f1:64:25:8c:09:b6:e2:7b:e2:0e:32:60:8e:4b:f4:a8Certificate

Extended Key Usages

Key Usages

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87Certificate

Extended Key Usages

Key Usages

ed:cf:b0:2b:d6:e1:f0:93:7e:c8:2a:77:6e:8d:00:37:d8:ca:38:50Signer

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 964KB

UPX1 Size: 9.4MB - Virtual size: 9.4MB

.rsrc Size: 68KB - Virtual size: 72KB

2d:2b:7d:36:c7:4d:ea:61:b7:b4:fb:72:f9:64:97:13
Certificate

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

f1:64:25:8c:09:b6:e2:7b:e2:0e:32:60:8e:4b:f4:a8
Certificate

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

ed:cf:b0:2b:d6:e1:f0:93:7e:c8:2a:77:6e:8d:00:37:d8:ca:38:50
Signer

UPX0
Size: - Virtual size: 964KB

UPX1
Size: 9.4MB - Virtual size: 9.4MB

.rsrc
Size: 68KB - Virtual size: 72KB