kon-boot v1[.]1[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

kon-boot v1.1.rar
Size

1.8MB
MD5

7e263fba50c2ff52b5672eb3c6d14215
SHA1

c58e17b0cb0453bac3ecf45dd2c1f656520f7846
SHA256

2e624503d8770b3931549e1e9f6f6cf7aae47474f7a122f55eceeff8b8c8335e
SHA512

b834a58dfd99bd8498af6db3c63cf75491b6947044cf667c150bb5967fc907260b17c256f7c59a1f782558b0666a787b7b714910ab28194f95d484efad83120a
SSDEEP

49152:bEEV7iGVxqE3JiVqIivW8faxM6DyXlFIfkGItHN/ZCge:bEEBiIxZiVqIitaxM0gN/4n

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/KONUSB/KonBootInstall.exe
unpack001/KONUSB/grubinst.exe

Files

kon-boot v1.1.rar
.rar
EULA
Help_Files/KonBootCDInstallGuide.pdf
.pdf
Help_Files/KonBootHelp.pdf
.pdf
Help_Files/KonBootUSBGuide.pdf
.pdf
KONCD/konCD.iso
.iso
[BOOT]/Boot-1.44M.img
KONFLOPPY/Readme.txt
KONFLOPPY/konFLOPPY.img
KONUSB/COPYING
KONUSB/KonBootInstall.exe
.exe windows x86

05157d622e65010d12b3e163fb029900

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileW
WaitForSingleObject
CreateProcessW
GlobalFree
GlobalAlloc
CloseHandle
CreateFileW
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
UnhandledExceptionFilter

msvcrt

__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_initterm
_amsg_exit
__setusermatherr
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_controlfp
getc
fgetwc
_iob
_vsnwprintf
memset
printf
_adjust_fdiv

ntdll

NtDeviceIoControlFile
RtlUnwind

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
KONUSB/USBFILES/grldr
KONUSB/USBFILES/konFloppy.img
KONUSB/USBFILES/menu.lst
KONUSB/grubinst.exe
.exe windows x86

b338d01052cdf5b613512746cbe05ed6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_close
_lseek
_open
_read
_write
__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_errno
_iob
_lseeki64
_onexit
_setmode
atexit
fflush
fgetc
fprintf
fputs
free
malloc
memcpy
memset
perror
signal
sprintf
strchr
strcmp
strcpy
strlen
strncmp
strtol
strtoul

kernel32

ExitProcess
SetUnhandledExceptionFilter

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 928B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Konboot Steps v.1.1.txt
Version.txt

Sharing

General

Malware Config

Signatures

Files

05157d622e65010d12b3e163fb029900

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ntdll

Sections

.text Size: 8KB - Virtual size: 7KB

.data Size: 1024B - Virtual size: 1KB

b338d01052cdf5b613512746cbe05ed6

Headers

File Characteristics

Imports

msvcrt

kernel32

Sections

.text Size: 27KB - Virtual size: 27KB

.data Size: 9KB - Virtual size: 9KB

.rdata Size: 7KB - Virtual size: 6KB

.bss Size: - Virtual size: 928B

.idata Size: 1KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 7KB

.data
Size: 1024B - Virtual size: 1KB

.text
Size: 27KB - Virtual size: 27KB

.data
Size: 9KB - Virtual size: 9KB

.rdata
Size: 7KB - Virtual size: 6KB

.bss
Size: - Virtual size: 928B

.idata
Size: 1KB - Virtual size: 1KB