Zotero-6[.]0[.]36_setup[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

Zotero-6.0.36_setup.exe
Size

49.2MB
MD5

831a4951e724fcea9c9ab526b9adf091
SHA1

1eb91738796cda059f722287d29e5c3f0bc6e69c
SHA256

9fd9d3167653d2b18ec0c507b40da4ac21fc3400ca8c0a97753c4211c969736a
SHA512

05dc946d0bd5558db96de6e2c9a187f3268adfe21f17f3531a36d6ede080fd33e29ddcc93b45640df2b19260e99b7740d746f065ac3b8225febfd3616fae8cc9
SSDEEP

1572864:pz8ds+B15N6XOgJazmV5RJ0JS/swFRX68bf30i3kD6y:pzQs4PN6XBJa4LK8/H/b8i3kD1

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/out.upx

Files

Zotero-6.0.36_setup.exe
.exe windows:4 windows x86 arch:x86

Code Sign

56:b6:29:cd:34:bc:78:f6
Certificate

Issuer

CN=SSL.com EV Root Certification Authority RSA R2,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

31-05-2017 18:14

Not After

30-05-2042 18:14

Subject

CN=SSL.com EV Root Certification Authority RSA R2,O=SSL Corporation,L=Houston,ST=Texas,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04
Certificate

Issuer

CN=SSL.com EV Root Certification Authority RSA R2,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

26-03-2019 17:44

Not After

22-03-2034 17:44

Subject

CN=SSL.com EV Code Signing Intermediate CA RSA R3,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7e:ab:ce:14:52:18:07:3c:97:6d:83:92:78:6a:72:9b
Certificate

Issuer

CN=SSL.com EV Code Signing Intermediate CA RSA R3,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

03-01-2024 16:46

Not After

02-01-2027 16:46

Subject

SERIALNUMBER=07147937,CN=Corporation for Digital Scholarship,O=Corporation for Digital Scholarship,L=Vienna,ST=Virginia,C=US,1.3.6.1.4.1.311.60.2.1.3=#13025553,1.3.6.1.4.1.311.60.2.1.2=#130856697267696e6961,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

5a:5a:ac:e8:1a:35:6e:b4:62:86:8d:57:7d:e0:3d:c7
Certificate

Issuer

CN=SSL.com Timestamping Issuing RSA CA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

19-02-2024 16:18

Not After

16-02-2034 16:18

Subject

CN=SSL.com Timestamping Unit 2024 E1,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56
Certificate

Issuer

CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

13-11-2019 18:50

Not After

12-11-2034 18:50

Subject

CN=SSL.com Timestamping Issuing RSA CA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

20:4e:d4:f7:5a:ae:45:95:7b:36:0f:19:56:84:5f:12:95:25:36:53:c4:83:bd:b7:87:aa:5d:c7:e4:da:0e:11
Signer

Actual PE Digest

20:4e:d4:f7:5a:ae:45:95:7b:36:0f:19:56:84:5f:12:95:25:36:53:c4:83:bd:b7:87:aa:5d:c7:e4:da:0e:11

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 42KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

56:b6:29:cd:34:bc:78:f6Certificate

Key Usages

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04Certificate

Extended Key Usages

Key Usages

7e:ab:ce:14:52:18:07:3c:97:6d:83:92:78:6a:72:9bCertificate

Extended Key Usages

Key Usages

5a:5a:ac:e8:1a:35:6e:b4:62:86:8d:57:7d:e0:3d:c7Certificate

Extended Key Usages

Key Usages

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56Certificate

Extended Key Usages

Key Usages

20:4e:d4:f7:5a:ae:45:95:7b:36:0f:19:56:84:5f:12:95:25:36:53:c4:83:bd:b7:87:aa:5d:c7:e4:da:0e:11Signer

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 88KB

UPX1 Size: 42KB - Virtual size: 44KB

.rsrc Size: 27KB - Virtual size: 28KB

Headers

File Characteristics

Sections

.text Size: 74KB - Virtual size: 74KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 27KB - Virtual size: 27KB

56:b6:29:cd:34:bc:78:f6
Certificate

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04
Certificate

7e:ab:ce:14:52:18:07:3c:97:6d:83:92:78:6a:72:9b
Certificate

5a:5a:ac:e8:1a:35:6e:b4:62:86:8d:57:7d:e0:3d:c7
Certificate

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56
Certificate

20:4e:d4:f7:5a:ae:45:95:7b:36:0f:19:56:84:5f:12:95:25:36:53:c4:83:bd:b7:87:aa:5d:c7:e4:da:0e:11
Signer

UPX0
Size: - Virtual size: 88KB

UPX1
Size: 42KB - Virtual size: 44KB

.rsrc
Size: 27KB - Virtual size: 28KB

.text
Size: 74KB - Virtual size: 74KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 27KB - Virtual size: 27KB