14ffffa6ed45fd5c7bb878ac0219d18041df28f8828f63ea531ab2bf3c0cc499 | Triage

Sharing

General

Target

14ffffa6ed45fd5c7bb878ac0219d18041df28f8828f63ea531ab2bf3c0cc499
Size

1.1MB
MD5

ecad6e26d031cde65743194611ee9cc0
SHA1

95e7288935ffdb5f52f1e76e8f74f5c3e1e6e497
SHA256

14ffffa6ed45fd5c7bb878ac0219d18041df28f8828f63ea531ab2bf3c0cc499
SHA512

619c9ced04648240dc5213f355c9bf3a07792e45e20e128378189970a94bb6418d3571c14d42e465c69b09f178594fd680183b3feac439fa80b33069c5eaf8fb
SSDEEP

24576:9Ybv8gpNhEPfiSGqCEESSl5L7hFpKU3aDRfURCLDec4HwfCp4RChIV4dM:SpTIqS1zEV5f32R8RCYY8Ne

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/BDRT Rv1.exe	upx

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
static1/unpack002/out.upx	autoit_exe

Files

14ffffa6ed45fd5c7bb878ac0219d18041df28f8828f63ea531ab2bf3c0cc499
.rar
BDRT Rv1.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 608KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 264KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 514KB - Virtual size: 513KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMPORTANT.txt
Readme.png
.png
Screenshot1.png
.png
Screenshot2.png
.png
Screenshot3.png
.png
Visit www.PirateCity.NET.url
.url