140a865a53500ab1549fd366e1d05a50N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

140a865a53500ab1549fd366e1d05a50N.exe
Size

35KB
MD5

140a865a53500ab1549fd366e1d05a50
SHA1

0379daa1597336f36bebf8215d89e32652952641
SHA256

e9d4e7f4b2df802c216cb7c72c352d0abe8466d8b7cd5d4be3cb005e832cb8c9
SHA512

83c40d43592be26e5b41ac0583f2e4204053ce08b7ee3b3bac6f4d736d9d45bbc0e3980e9666c9f03e492d5b1da4108ec12be0373bf221efe423e9c62bec0064
SSDEEP

768:x8kt3aO0Cvg0bJBT4aL10OUIK0VDoGzjQrBr6yrHk0DGR8:xBKOFvg0bJxLGOPZDouSKi

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/out.upx

Files

140a865a53500ab1549fd366e1d05a50N.exe
.dll windows:5 windows x86 arch:x86

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:e6:a0:be:5a:c3:59:c7:ff:11:f4:b4:67:ab:20:fc
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

20/06/2018, 00:00

Not After

22/06/2021, 12:00

Subject

CN=ASUSTeK Computer Inc.,O=ASUSTeK Computer Inc.,L=Taipei City,ST=Taipei,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

f4:8a:6e:ea:97:6a:fa:85:f9:4c:6d:03:2d:97:64:77:08:2c:70:b4
Signer

Actual PE Digest

f4:8a:6e:ea:97:6a:fa:85:f9:4c:6d:03:2d:97:64:77:08:2c:70:b4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

main
mainA
mainW

Sections

UPX0
Size: - Virtual size: 4.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

05:e6:a0:be:5a:c3:59:c7:ff:11:f4:b4:67:ab:20:fcCertificate

Extended Key Usages

Key Usages

f4:8a:6e:ea:97:6a:fa:85:f9:4c:6d:03:2d:97:64:77:08:2c:70:b4Signer

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 4.1MB

UPX1 Size: 31KB - Virtual size: 32KB

UPX2 Size: 512B - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 82KB - Virtual size: 82KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 8KB - Virtual size: 4.0MB

.reloc Size: 16KB - Virtual size: 16KB

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

05:e6:a0:be:5a:c3:59:c7:ff:11:f4:b4:67:ab:20:fc
Certificate

f4:8a:6e:ea:97:6a:fa:85:f9:4c:6d:03:2d:97:64:77:08:2c:70:b4
Signer

UPX0
Size: - Virtual size: 4.1MB

UPX1
Size: 31KB - Virtual size: 32KB

UPX2
Size: 512B - Virtual size: 4KB

.text
Size: 82KB - Virtual size: 82KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 8KB - Virtual size: 4.0MB

.reloc
Size: 16KB - Virtual size: 16KB