79b940cedb20098990864f8f0a60372f[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

79b940cedb20098990864f8f0a60372f.bin
Size

15.9MB
MD5

0e270edd86a39a41090f23cc719f8618
SHA1

87680dd9ad50dd605bb277b8fdce7a1de4548ecb
SHA256

1dc50c8e0ac6fda0126ac5fa44745d0eab3042d7a6f33ef0edbdf9ed670a8379
SHA512

28b02efc09d0208ac2108cfd8c52f5478e7108b6a42592ad9f0fe8c5b37729538432c3419fcfcd0d1060e9feb37a3b0246cdce26dfcfec43122e31cbcfd62369
SSDEEP

393216:AIENKgdOGvVE1RO7IFCYIm+C1nCGeE3/RyOGfLyt:AIEmGvVE1RLCYI+CGNRVGjyt

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/8c4a21abb710c7461e914ffaac2e0e0bd9f787ecea09c40eb6fcebee6c0b7459.exe	upx

Files

79b940cedb20098990864f8f0a60372f.bin
.zip

Password: infected
8c4a21abb710c7461e914ffaac2e0e0bd9f787ecea09c40eb6fcebee6c0b7459.exe
.exe windows:5 windows x86 arch:x86

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-01-2021 00:00

Not After

06-01-2031 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12-03-2019 00:00

Not After

31-12-2028 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

aa:b0:e5:90:6a:fe:ad:7b:95:69:37:97:4d:80:16:ef
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

18-08-2020 00:00

Not After

18-08-2022 23:59

Subject

CN=Remote Utilities LLC,O=Remote Utilities LLC,POSTALCODE=119331,STREET=d. 29 E 12 pom. I K 5 RM 5\, prospekt Vernadskogo,L=Moscow,ST=Moskovskaya oblast,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

69:9f:af:2d:9c:e4:c3:96:df:c0:6e:17:44:6d:fd:30:5d:62:7b:5b:07:6f:6d:e3:c9:12:74:3f:5a:2a:46:cd
Signer

Actual PE Digest

69:9f:af:2d:9c:e4:c3:96:df:c0:6e:17:44:6d:fd:30:5d:62:7b:5b:07:6f:6d:e3:c9:12:74:3f:5a:2a:46:cd

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 19.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14.7MB - Virtual size: 14.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Password: infected

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95Certificate

Key Usages

aa:b0:e5:90:6a:fe:ad:7b:95:69:37:97:4d:80:16:efCertificate

Extended Key Usages

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

69:9f:af:2d:9c:e4:c3:96:df:c0:6e:17:44:6d:fd:30:5d:62:7b:5b:07:6f:6d:e3:c9:12:74:3f:5a:2a:46:cdSigner

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 19.8MB

UPX1 Size: 1.7MB - Virtual size: 1.7MB

.rsrc Size: 14.7MB - Virtual size: 14.7MB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

aa:b0:e5:90:6a:fe:ad:7b:95:69:37:97:4d:80:16:ef
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

69:9f:af:2d:9c:e4:c3:96:df:c0:6e:17:44:6d:fd:30:5d:62:7b:5b:07:6f:6d:e3:c9:12:74:3f:5a:2a:46:cd
Signer

UPX0
Size: - Virtual size: 19.8MB

UPX1
Size: 1.7MB - Virtual size: 1.7MB

.rsrc
Size: 14.7MB - Virtual size: 14.7MB