SecuriteInfo[.]com[.]Win64[.]DropperX-gen[.]9519[.]23032[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Win64.DropperX-gen.9519.23032.exe
Size

66.2MB
MD5

56f541eed394d049d5232f544c192223
SHA1

35868453db0c4b399669fe6b777c8bef1f8e013e
SHA256

99673ea70d232dc56b5050f3a9be1aa46b8d934a1acb95184843b4234bcaf5fd
SHA512

f6f0cf36ba9d8e2b505fcf2843bf64fd2726614c2f1ef535f61802dae2ed2e0bfa61257ef9813748e088e503d20f4485afe60860a6e0b5e2a4b10567a70f3e34
SSDEEP

1572864:QJqI122ZgchlGTamquCm/U49B7mNy41/759T0d8WO6:fI1XgcymAlBH49vTa8E

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/out.upx

Files

SecuriteInfo.com.Win64.DropperX-gen.9519.23032.exe
.exe windows:6 windows x64 arch:x64

Code Sign

36:98:f7:cc:67:6c:43:f4:1f:e4:51:31:a5:57:1b:a0:94:fc:42:11
Certificate

Issuer

CN=BlueTeamDev,OU=BlueTeamDevs,O=BlueTeamDev,L=Omaha,ST=NE,C=US,1.2.840.113549.1.9.1=#0c1e6e6f2d7265706c7940626c75657465616d6672616d65776f726b2e6f7267

Not Before

18/06/2023, 20:22

Not After

17/06/2024, 20:22

Subject

CN=BlueTeamDev,OU=BlueTeamDevs,O=BlueTeamDev,L=Omaha,ST=NE,C=US,1.2.840.113549.1.9.1=#0c1e6e6f2d7265706c7940626c75657465616d6672616d65776f726b2e6f7267

a3:12:6a:a1:ff:44:7e:96:c0:20:62:d7:be:35:7f:4b:d6:7c:a7:01
Signer

Actual PE Digest

a3:12:6a:a1:ff:44:7e:96:c0:20:62:d7:be:35:7f:4b:d6:7c:a7:01

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 184KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 91KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

36:98:f7:cc:67:6c:43:f4:1f:e4:51:31:a5:57:1b:a0:94:fc:42:11Certificate

a3:12:6a:a1:ff:44:7e:96:c0:20:62:d7:be:35:7f:4b:d6:7c:a7:01Signer

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 184KB

UPX1 Size: 91KB - Virtual size: 92KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 125KB - Virtual size: 124KB

.rdata Size: 48KB - Virtual size: 48KB

.data Size: 3KB - Virtual size: 67KB

.pdata Size: 6KB - Virtual size: 5KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

36:98:f7:cc:67:6c:43:f4:1f:e4:51:31:a5:57:1b:a0:94:fc:42:11
Certificate

a3:12:6a:a1:ff:44:7e:96:c0:20:62:d7:be:35:7f:4b:d6:7c:a7:01
Signer

UPX0
Size: - Virtual size: 184KB

UPX1
Size: 91KB - Virtual size: 92KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 125KB - Virtual size: 124KB

.rdata
Size: 48KB - Virtual size: 48KB

.data
Size: 3KB - Virtual size: 67KB

.pdata
Size: 6KB - Virtual size: 5KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB