SecuriteInfo[.]com[.]Trojan[.]Win32[.]Rbot[.]19875[.]28818[.]exe

General

Target

SecuriteInfo.com.Trojan.Win32.Rbot.19875.28818.exe
Size

1.3MB
MD5

cd7182296e132106d01911ca9e0b081d
SHA1

030f1365f35fed7a58abd88b0e31c02dd1493431
SHA256

6f512de4f1f8042692aa363aed8a9230500b226aadcaf776f05f12f15c6fbfd0
SHA512

0a143f7a14acfbd60dc1f08e3e9c4d64c7d7b69c59b8f4c3fd9e49ec22d12d385760c25bea95a695a416c5e1b65be283dd0bcd4f64c5196c47a65b2afb1c13fa
SSDEEP

24576:YgbWbciWKAzT6HVLjs4+MkyPz4ihL4Qq/XVHaPOMv9YP28FWZluYD2G2qqq:1iba16VfEhyPzF4Z/XVHahvuPh

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Trojan.Win32.Rbot.19875.28818.exe
unpack001/out.upx

Files

SecuriteInfo.com.Trojan.Win32.Rbot.19875.28818.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Exports

Exports

@@Dnslib@Finalize
@@Dnslib@Initialize
@@Hard@Finalize
@@Hard@Initialize
@@Ipranges@Finalize
@@Ipranges@Initialize
@@Pchecker@Finalize
@@Pchecker@Initialize
@@Pfavorite@Finalize
@@Pfavorite@Initialize
@@Pfilter@Finalize
@@Pfilter@Initialize
@@Pscheme@Finalize
@@Pscheme@Initialize
@@Psubmit@Finalize
@@Psubmit@Initialize
@@Rblcheck@Finalize
@@Rblcheck@Initialize
@@Timelimit@Finalize
@@Timelimit@Initialize
@@Unitbrowserproxy@Finalize
@@Unitbrowserproxy@Initialize
@@Unitchecker@Finalize
@@Unitchecker@Initialize
@@Unitclosewait@Finalize
@@Unitclosewait@Initialize
@@Unitcountrysel@Finalize
@@Unitcountrysel@Initialize
@@Unitexportfilter@Finalize
@@Unitexportfilter@Initialize
@@Unitftpadd@Finalize
@@Unitftpadd@Initialize
@@Unitlinefilter@Finalize
@@Unitlinefilter@Initialize
@@Unitmain@Finalize
@@Unitmain@Initialize
@@Unitpopadd@Finalize
@@Unitpopadd@Initialize
@@Unitregister@Finalize
@@Unitregister@Initialize
@@Unitregreminder@Finalize
@@Unitregreminder@Initialize
@@Unitselectlanguage@Finalize
@@Unitselectlanguage@Initialize
@@Unitsplash@Finalize
@@Unitsplash@Initialize
__GetExceptDLLinfo
___CPPdebugHook
_frmBrowserProxy
_frmChecker
_frmCloseWait
_frmCountrySel
_frmExportFilter
_frmFtpAdd
_frmLineFilter
_frmMain
_frmPopAdd
_frmRegReminder
_frmRegister
_frmSelectLanguage
_frmSplash

Sections

UPX0
Size: - Virtual size: 3.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 901KB - Virtual size: 904KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 455KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 484KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 452KB - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 158KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 3.8MB

UPX1 Size: 901KB - Virtual size: 904KB

.rsrc Size: 455KB - Virtual size: 456KB

Headers

File Characteristics

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.data Size: 484KB - Virtual size: 1.9MB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 15KB - Virtual size: 16KB

.didata Size: 1024B - Virtual size: 4KB

.edata Size: 2KB - Virtual size: 4KB

.rsrc Size: 452KB - Virtual size: 452KB

.reloc Size: 158KB - Virtual size: 160KB

UPX0
Size: - Virtual size: 3.8MB

UPX1
Size: 901KB - Virtual size: 904KB

.rsrc
Size: 455KB - Virtual size: 456KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.data
Size: 484KB - Virtual size: 1.9MB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 15KB - Virtual size: 16KB

.didata
Size: 1024B - Virtual size: 4KB

.edata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 452KB - Virtual size: 452KB

.reloc
Size: 158KB - Virtual size: 160KB