2c432279027f80b718d7b8d04fc826f43b8f1f421aeb937a0d5d3d6d972fec01

Sharing

Copy URL

Twitter E-mail

General

Target

2c432279027f80b718d7b8d04fc826f43b8f1f421aeb937a0d5d3d6d972fec01
Size

680KB
MD5

664d3280d695c3aeaa07832fcbf1379e
SHA1

e9a8ba59a59ed6168b3d0c010afcf5f385dc5b04
SHA256

2c432279027f80b718d7b8d04fc826f43b8f1f421aeb937a0d5d3d6d972fec01
SHA512

f89b50d938a4a4c3d75a64c887d3ec115a49f873b6694ad4ce33259a206f9029ff1a1279f28a187b12c097969f307c005c236f28cf6136f2309fefc829c41ac5
SSDEEP

12288:c7h9H8B2Bc8XFf6I6CsTw+OSBabqBsSANDRdmgeLUUE9wEekoIxJAwC72iOwoSk:Qh8laFS7CsT8AraS0DRdmhXE+EbJZiOh

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

2c432279027f80b718d7b8d04fc826f43b8f1f421aeb937a0d5d3d6d972fec01
.exe windows:4 windows x86 arch:x86

Code Sign

11:85:c2:6b:ba:eb:c0:92:46:61:fc:6f:dc:bf:ac:da
Certificate

Issuer

CN=CMSOFT.CN,ST=野人家园,C=China,1.2.840.113549.1.9.1=#0c11737570706f727440636d736f66742e636e

Not Before

21-05-2023 10:30

Not After

31-12-2039 23:59

Subject

CN=CMSOFT.CN,ST=野人家园,C=China,1.2.840.113549.1.9.1=#0c11737570706f727440636d736f66742e636e

6c:97:31:71:71:d4:d4:6f
Certificate

Issuer

CN=GDCA TrustAUTH R4 Generic CA,O=Global Digital Cybersecurity Authority Co.\, Ltd.,C=CN

Not Before

14-03-2017 06:51

Not After

12-03-2027 06:51

Subject

CN=GDCA Timestamp Signer,OU=数安时代科技股份有限公司,L=广州市,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7d:09:97:fe:f0:47:ea:7a
Certificate

Issuer

CN=GDCA TrustAUTH R5 ROOT,O=GUANG DONG CERTIFICATE AUTHORITY CO.\,LTD.,C=CN

Not Before

26-11-2014 05:13

Not After

31-12-2040 15:59

Subject

CN=GDCA TrustAUTH R5 ROOT,O=GUANG DONG CERTIFICATE AUTHORITY CO.\,LTD.,C=CN

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

28:35:6a:9c:70:b4:55:78
Certificate

Issuer

CN=GDCA TrustAUTH R5 ROOT,O=GUANG DONG CERTIFICATE AUTHORITY CO.\,LTD.,C=CN

Not Before

07-04-2016 09:58

Not After

30-12-2030 16:00

Subject

CN=GDCA TrustAUTH R4 Generic CA,O=Global Digital Cybersecurity Authority Co.\, Ltd.,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

84:bf:0b:ff:8a:ab:48:a8:75:3e:34:53:ee:81:ed:8b:d0:2a:73:2b:8d:18:56:a6:5d:87:59:5e:0b:77:cd:7c
Signer

Actual PE Digest

84:bf:0b:ff:8a:ab:48:a8:75:3e:34:53:ee:81:ed:8b:d0:2a:73:2b:8d:18:56:a6:5d:87:59:5e:0b:77:cd:7c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 1.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 646KB - Virtual size: 648KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Code Sign

11:85:c2:6b:ba:eb:c0:92:46:61:fc:6f:dc:bf:ac:daCertificate

6c:97:31:71:71:d4:d4:6fCertificate

Extended Key Usages

Key Usages

7d:09:97:fe:f0:47:ea:7aCertificate

Key Usages

28:35:6a:9c:70:b4:55:78Certificate

Key Usages

84:bf:0b:ff:8a:ab:48:a8:75:3e:34:53:ee:81:ed:8b:d0:2a:73:2b:8d:18:56:a6:5d:87:59:5e:0b:77:cd:7cSigner

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.7MB

UPX1 Size: 646KB - Virtual size: 648KB

.rsrc Size: 27KB - Virtual size: 28KB

11:85:c2:6b:ba:eb:c0:92:46:61:fc:6f:dc:bf:ac:da
Certificate

6c:97:31:71:71:d4:d4:6f
Certificate

7d:09:97:fe:f0:47:ea:7a
Certificate

28:35:6a:9c:70:b4:55:78
Certificate

84:bf:0b:ff:8a:ab:48:a8:75:3e:34:53:ee:81:ed:8b:d0:2a:73:2b:8d:18:56:a6:5d:87:59:5e:0b:77:cd:7c
Signer

UPX0
Size: - Virtual size: 1.7MB

UPX1
Size: 646KB - Virtual size: 648KB

.rsrc
Size: 27KB - Virtual size: 28KB