General
-
Target
Hirens.BootCD.15.2.zip
-
Size
592.5MB
-
MD5
d342bbd6bf7554aba24a376e41675dbf
-
SHA1
8b47f8f9c0cb46b01f19259c99f08d57223581c9
-
SHA256
46c2f1c4413305cd1ffb317a86c5c9bd31d5cc4d6754a3078a5d692698712d91
-
SHA512
123a288c9f69e33d18354b11aa1e126de5e05960ebedcaa2e3a3c59d7bff23cdbe9d4080c4bea961c9015594d01c28e82c7dcd8141ce6c27243d22fbc1a7c05d
-
SSDEEP
12582912:zFu+XkOcNIv3BavSGytUc6RQj9RVIR2ZhCFwc5z:zFues8avDyac6Q9RVIEAmYz
Malware Config
Signatures
-
resource yara_rule static1/unpack001/BurnCDCC.exe upx static1/unpack001/HBCDCustomizer.exe upx
Files
-
Hirens.BootCD.15.2.zip.zip
-
BurnCDCC.exe.exe windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 128KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 67KB - Virtual size: 68KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
BurnToCD.cmd
-
DefaultKeyboardPatch.zip.zip .vbs
-
Patch.cmd.cmd .vbs
-
PatchInfo.txt
-
data.dat.exe windows x86
4b8753f5be3052afeb0589065d1462f5
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
AddAtomA
ExitProcess
FindAtomA
GetAtomNameA
SetUnhandledExceptionFilter
msvcrt
__getmainargs
__p___argv
__p__environ
__p__fmode
__set_app_type
_cexit
_errno
_fileno
_iob
_onexit
_setmode
abort
atexit
exit
fclose
fflush
fopen
fprintf
fputc
fread
free
fwrite
getenv
isxdigit
malloc
memcpy
memset
perror
signal
strchr
strerror
strlen
strncmp
strncpy
toupper
vfprintf
Sections
.text Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 192B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: - Virtual size: 12KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
HBCD.txt
-
HBCDCustomizer.exe.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 56KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 69KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
Hiren's.BootCD.15.2.iso.iso
-
changes.txt