file_76e7de38f6fc40aa9048fb0c1f61899e_2024-04-05_08_01_30_668000[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

file_76e7de38f6fc40aa9048fb0c1f61899e_2024-04-05_08_01_30_668000.zip
Size

1.9MB
MD5

d1138539a43afa5a38a656456ceea467
SHA1

e1e9132cc59f8f79881d7f7e15d5a51f8fe1a7e7
SHA256

b7aa4ee8d25f60a070f75a5ba6ef369c8ddae0a09b1c5f2d7f2381add7b0aef5
SHA512

794adf852301827648de982eda6610c3191d0e427b51a1defa40e3f86c8eada02ce785da649c239fa2c0d41aa876a986240aed12e26fbe9c2534d88268f2c2e4
SSDEEP

49152:xlHgafk2I/1TYoS3xIH4s39yGL1B6gDEmVIV:AS3w4scnEVIV

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/entry_1_0/uTorrent.exe	upx

Files

file_76e7de38f6fc40aa9048fb0c1f61899e_2024-04-05_08_01_30_668000.zip
.zip
entry_1_0/uTorrent.exe
.exe windows:6 windows x86 arch:x86

Code Sign

0d:d1:cb:d1:68:65:b1:63:9d:b9:84:5c:ce:cb:d2:a2
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

31/01/2023, 00:00

Not After

30/01/2026, 23:59

Subject

CN=BitTorrent Inc,O=BitTorrent Inc,L=San Francisco,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

38:63:de:f8
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

24/12/1999, 17:50

Not After

24/07/2029, 14:15

Subject

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

22/07/2015, 19:02

Not After

22/06/2029, 19:32

Subject

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

07:d7:13:53:da:25:61:b4:61:e9:90:47:8a:4c:ce:04
Certificate

Issuer

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

19/01/2024, 16:46

Not After

01/06/2029, 00:00

Subject

CN=Entrust Timestamp Authority - TSA1,O=Entrust\, Inc.,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:9e:e8:af:61:0c:be:d4:3b:4e:5c:f4:13:b2:e9:bc:41:f2:3d:03:0d:3a:26:10:98:cc:cc:67:f4:b9:f5:d2
Signer

Actual PE Digest

0d:9e:e8:af:61:0c:be:d4:3b:4e:5c:f4:13:b2:e9:bc:41:f2:3d:03:0d:3a:26:10:98:cc:cc:67:f4:b9:f5:d2

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 3.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
manifest.json

Sharing

General

Malware Config

Signatures

Files

Code Sign

0d:d1:cb:d1:68:65:b1:63:9d:b9:84:5c:ce:cb:d2:a2Certificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5cCertificate

Key Usages

38:63:de:f8Certificate

Key Usages

58:da:13:ff:00:00:00:00:51:ce:0d:f7Certificate

Extended Key Usages

Key Usages

07:d7:13:53:da:25:61:b4:61:e9:90:47:8a:4c:ce:04Certificate

Extended Key Usages

Key Usages

0d:9e:e8:af:61:0c:be:d4:3b:4e:5c:f4:13:b2:e9:bc:41:f2:3d:03:0d:3a:26:10:98:cc:cc:67:f4:b9:f5:d2Signer

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 3.8MB

UPX1 Size: 1.8MB - Virtual size: 1.8MB

.rsrc Size: 124KB - Virtual size: 124KB

0d:d1:cb:d1:68:65:b1:63:9d:b9:84:5c:ce:cb:d2:a2
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

38:63:de:f8
Certificate

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

07:d7:13:53:da:25:61:b4:61:e9:90:47:8a:4c:ce:04
Certificate

0d:9e:e8:af:61:0c:be:d4:3b:4e:5c:f4:13:b2:e9:bc:41:f2:3d:03:0d:3a:26:10:98:cc:cc:67:f4:b9:f5:d2
Signer

UPX0
Size: - Virtual size: 3.8MB

UPX1
Size: 1.8MB - Virtual size: 1.8MB

.rsrc
Size: 124KB - Virtual size: 124KB