89ccc88bdf51d8ff396357b06a36d38380f8ec2b01585d4bd1af7d2b36d205a3 | Triage

Sharing

General

Target

89ccc88bdf51d8ff396357b06a36d38380f8ec2b01585d4bd1af7d2b36d205a3
Size

7.8MB
MD5

243215a8e32958ab212d90696087f411
SHA1

5e78cf4b29704308d71212f67abad7c94fbe11bb
SHA256

89ccc88bdf51d8ff396357b06a36d38380f8ec2b01585d4bd1af7d2b36d205a3
SHA512

18ba08fb24da1c585c3c21d49c3de70f74c8a785f933caeeb2136850c5d5b8907de205b149753418371b3c5aef9382286cc60b6feed8f468a05612bfdc8b38c5
SSDEEP

196608:8kj6WokFWk7zjU+nOgdIWpX7uql2RY5yQllawslF7c6X:8PEWczA9YzutYJlwHlF7v

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

89ccc88bdf51d8ff396357b06a36d38380f8ec2b01585d4bd1af7d2b36d205a3
.exe windows:4 windows x86 arch:x86

Code Sign

2f:7f:63:10:95:a5:8d:6c:b6:03:47:7a:7a:72:30:8a
Certificate

Issuer

CN=Root Agency

Not Before

19/11/2023, 10:10

Not After

31/12/2039, 23:59

Subject

CN=天梦零惜,O=天梦零惜,1.2.840.113549.1.9.1=#0c11333636303638333330354071712e636f6d

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 6.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 7.6MB - Virtual size: 7.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 162KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE