DriverTalent_setup_8[.]0[.]8[.]18[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

DriverTalent_setup_8.0.8.18.exe
Size

24.3MB
MD5

5e6f3a4ba6dc536f0956ce2d315a9321
SHA1

41ab8578a5d9c56e2a8b868febbf204c546ecfa1
SHA256

0d2c3d6756bb341c5e51e0b42ee41a9a72232718fd2681490a38e559b0797b79
SHA512

df387d91fa6ead7d9939241af75dcc10a3bd7c300d2339544e47580af35ed9e3a92b5c63e3c1afd25e30600eab058e049b637e7f4b2acbac6a405031901c2e4c
SSDEEP

786432:qbi9FXqau4mAJVk/ymNcCMPEyneNyIJUUQT:te4mAJVkKFCMPEWeNyIJUUQT

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
upx

Processes:

resource yara_rule

sample upx
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

unpack001/out.upx

resource	yara_rule
sample	upx

resource
unpack001/out.upx

Files

DriverTalent_setup_8.0.8.18.exe
.exe windows:5 windows x86 arch:x86

Password: driver

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-01-2021 00:00

Not After

06-01-2031 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:0b:0a:87:4d:e8:39:4c:73:9a:31:7c:51:80:fc:e0
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

17-04-2020 00:00

Not After

21-04-2023 12:00

Subject

CN=Shenzhen DriveTheLife Software Technology Co.Ltd,O=Shenzhen DriveTheLife Software Technology Co.Ltd,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11-02-2011 12:00

Not After

10-02-2026 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15-04-2011 19:41

Not After

15-04-2021 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:1b:fc:20:0d:7a:09:4f:68:85:e6:4d:c0:f0:df:07
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

17-04-2020 00:00

Not After

21-04-2023 12:00

Subject

CN=Shenzhen DriveTheLife Software Technology Co.Ltd,O=Shenzhen DriveTheLife Software Technology Co.Ltd,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-01-2021 00:00

Not After

06-01-2031 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cf:65:b1:3b:33:6f:93:4d:81:c5:5e:2c:08:93:77:ce:ad:9c:26:94:50:a9:87:aa:a5:fc:0c:31:2e:5e:a7:80
Signer

Actual PE Digest

cf:65:b1:3b:33:6f:93:4d:81:c5:5e:2c:08:93:77:ce:ad:9c:26:94:50:a9:87:aa:a5:fc:0c:31:2e:5e:a7:80

Digest Algorithm

sha256

PE Digest Matches

true

12:3b:c6:7b:e1:02:cd:fe:fb:50:26:49:ce:c3:f0:22:8c:07:a2:cf
Signer

Actual PE Digest

12:3b:c6:7b:e1:02:cd:fe:fb:50:26:49:ce:c3:f0:22:8c:07:a2:cf

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24.1MB - Virtual size: 24.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 368KB - Virtual size: 368KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24.1MB - Virtual size: 24.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: driver

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

01:0b:0a:87:4d:e8:39:4c:73:9a:31:7c:51:80:fc:e0Certificate

Extended Key Usages

Key Usages

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bdCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

61:1c:b2:8a:00:00:00:00:00:26Certificate

Key Usages

0b:1b:fc:20:0d:7a:09:4f:68:85:e6:4d:c0:f0:df:07Certificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

cf:65:b1:3b:33:6f:93:4d:81:c5:5e:2c:08:93:77:ce:ad:9c:26:94:50:a9:87:aa:a5:fc:0c:31:2e:5e:a7:80Signer

12:3b:c6:7b:e1:02:cd:fe:fb:50:26:49:ce:c3:f0:22:8c:07:a2:cfSigner

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 24.4MB

UPX1 Size: 244KB - Virtual size: 244KB

.rsrc Size: 24.1MB - Virtual size: 24.1MB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 368KB - Virtual size: 368KB

.rdata Size: 98KB - Virtual size: 98KB

.data Size: 4KB - Virtual size: 15KB

.gfids Size: 512B - Virtual size: 368B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 24.1MB - Virtual size: 24.1MB

.reloc Size: 14KB - Virtual size: 14KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

01:0b:0a:87:4d:e8:39:4c:73:9a:31:7c:51:80:fc:e0
Certificate

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

61:1c:b2:8a:00:00:00:00:00:26
Certificate

0b:1b:fc:20:0d:7a:09:4f:68:85:e6:4d:c0:f0:df:07
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

cf:65:b1:3b:33:6f:93:4d:81:c5:5e:2c:08:93:77:ce:ad:9c:26:94:50:a9:87:aa:a5:fc:0c:31:2e:5e:a7:80
Signer

12:3b:c6:7b:e1:02:cd:fe:fb:50:26:49:ce:c3:f0:22:8c:07:a2:cf
Signer

UPX0
Size: - Virtual size: 24.4MB

UPX1
Size: 244KB - Virtual size: 244KB

.rsrc
Size: 24.1MB - Virtual size: 24.1MB

.text
Size: 368KB - Virtual size: 368KB

.rdata
Size: 98KB - Virtual size: 98KB

.data
Size: 4KB - Virtual size: 15KB

.gfids
Size: 512B - Virtual size: 368B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 24.1MB - Virtual size: 24.1MB

.reloc
Size: 14KB - Virtual size: 14KB