mb3-consumer-3[.]8[.]3[.]2965-2071673[.]7z

Sharing

Copy URL Twitter E-mail

General

Target

mb3-consumer-3.8.3.2965-2071673.7z
Size

8.4MB
MD5

7f09a34d66b816a029a14f70b8774833
SHA1

a0fa7dc76f8c42a0f47e6b209cdede447b5c8113
SHA256

1c044f384873d93b0f4962eb5986a75e92577b56bc1f0ce1d654f911388e20ab
SHA512

9d8a7eaffdc620fea517f6f74e3bcf5018a72be41c6d62edd1c80cb99a9a2e14eb82f5b3f21d67dfd99c1c17d833a67880e1aeabf3f99d01849e8bd8a4ea2c25
SSDEEP

196608:rbfcFPPUn+h6ww6U/XJ5BbHkZSHBt/H6Ul5gXP/EdBb4:nfsPPPu/Xdb4QDvz7gf8T4

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/mb3-consumer-3.8.3.2965-2071673.exe	upx

Files

mb3-consumer-3.8.3.2965-2071673.7z
.7z

Password: infected
mb3-consumer-3.8.3.2965-2071673.exe
.exe windows:5 windows x86 arch:x86

Code Sign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

36:92:62:2f:d8:26:08:22:46:4f:a3:ed
Certificate

Issuer

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

20/07/2022, 07:27

Not After

21/07/2023, 07:27

Subject

CN=IP Iaroslavskii Anton Andreyevich,O=IP Iaroslavskii Anton Andreyevich,L=Petrozavodsk,ST=Republic of Karelia,C=RU,1.2.840.113549.1.9.1=#0c1666756e646f726167616d65734079616e6465782e7275

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

36:92:62:2f:d8:26:08:22:46:4f:a3:ed
Certificate

Issuer

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

20/07/2022, 07:27

Not After

21/07/2023, 07:27

Subject

CN=IP Iaroslavskii Anton Andreyevich,O=IP Iaroslavskii Anton Andreyevich,L=Petrozavodsk,ST=Republic of Karelia,C=RU,1.2.840.113549.1.9.1=#0c1666756e646f726167616d65734079616e6465782e7275

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f4:92:d8:87:be:1c:8a:8c:68:d7:e9:e0:fd:e1:ab:e6:49:4f:f8:06:a2:8b:09:b9:05:9e:1e:84:2d:ff:63:70
Signer

Actual PE Digest

f4:92:d8:87:be:1c:8a:8c:68:d7:e9:e0:fd:e1:ab:e6:49:4f:f8:06:a2:8b:09:b9:05:9e:1e:84:2d:ff:63:70

Digest Algorithm

sha256

PE Digest Matches

true

9d:88:92:64:12:5c:6e:67:79:c6:e0:3f:95:1d:e3:66:15:89:93:ee
Signer

Actual PE Digest

9d:88:92:64:12:5c:6e:67:79:c6:e0:3f:95:1d:e3:66:15:89:93:ee

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 18.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 8.5MB - Virtual size: 8.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 127KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Password: infected

Code Sign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

36:92:62:2f:d8:26:08:22:46:4f:a3:edCertificate

Extended Key Usages

Key Usages

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47Certificate

Extended Key Usages

Key Usages

36:92:62:2f:d8:26:08:22:46:4f:a3:edCertificate

Extended Key Usages

Key Usages

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

f4:92:d8:87:be:1c:8a:8c:68:d7:e9:e0:fd:e1:ab:e6:49:4f:f8:06:a2:8b:09:b9:05:9e:1e:84:2d:ff:63:70Signer

9d:88:92:64:12:5c:6e:67:79:c6:e0:3f:95:1d:e3:66:15:89:93:eeSigner

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 18.0MB

UPX1 Size: 8.5MB - Virtual size: 8.5MB

.rsrc Size: 127KB - Virtual size: 128KB

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

36:92:62:2f:d8:26:08:22:46:4f:a3:ed
Certificate

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47
Certificate

36:92:62:2f:d8:26:08:22:46:4f:a3:ed
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

f4:92:d8:87:be:1c:8a:8c:68:d7:e9:e0:fd:e1:ab:e6:49:4f:f8:06:a2:8b:09:b9:05:9e:1e:84:2d:ff:63:70
Signer

9d:88:92:64:12:5c:6e:67:79:c6:e0:3f:95:1d:e3:66:15:89:93:ee
Signer

UPX0
Size: - Virtual size: 18.0MB

UPX1
Size: 8.5MB - Virtual size: 8.5MB

.rsrc
Size: 127KB - Virtual size: 128KB