General

  • Target

    23f6a7146e15036fcecba8d979a518013c34901ef42d93ce49cbed5884449941

  • Size

    249KB

  • MD5

    412d2bc8e42311c3e83e6cec5f36a62d

  • SHA1

    4dd0506ad2685923543da188f567b55c6eda04e0

  • SHA256

    23f6a7146e15036fcecba8d979a518013c34901ef42d93ce49cbed5884449941

  • SHA512

    7b831f3e9f69abf6d435383fc5e40f2d3128a3604e8a700e9c9dfa32a6fd9f505e2443b6fa47fc9e6c6540dc94aaeda1bfae2783305e9d80cb12fa2acce3aaba

  • SSDEEP

    6144:UInzYsT3GaUHxay94OajjWKhb8toq4TItCvxpUBR984:Bn3GaiayuThXTCkcx84

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

Files

  • 23f6a7146e15036fcecba8d979a518013c34901ef42d93ce49cbed5884449941
    .rar
  • pB0T v5.8 www.koxpdeposu.com/CodedByAlcazer.stl
  • pB0T v5.8 www.koxpdeposu.com/Okumadan Kullanma!.txt
  • pB0T v5.8 www.koxpdeposu.com/PBot.exe
    .exe windows x86


    Headers

    Sections

  • out.upx
    .exe windows x86


    Headers

    Sections

  • pB0T v5.8 www.koxpdeposu.com/PRoBot Pointer Finder.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • pB0T v5.8 www.koxpdeposu.com/PRoBot.dll
    .dll windows x86

    6a1d2470ed2aa60d3cb9db7bd1ff57f2


    Headers

    Imports

    Sections

  • pB0T v5.8 www.koxpdeposu.com/PRoBot.ini
  • pB0T v5.8 www.koxpdeposu.com/alert.wav
  • pB0T v5.8 www.koxpdeposu.com/tabctl32.ocx
    .dll regsvr32 windows x86

    e0cb36c66e5c120ef20ebc4f30366345


    Code Sign

    Headers

    Imports

    Exports

    Sections