General
-
Target
superbubsy.zip
-
Size
9.0MB
-
MD5
40f49ad0fd4ae2ab30c3c8832beb9aea
-
SHA1
93e373b3fe6a03d9519ab3ba3133079412f076af
-
SHA256
6a44650a8a5a878a9ef007f466e6708c4d97e80d66c3bc8a7515b6483f5e5195
-
SHA512
6dd6a5704b7e99ba4c3ef6ddc69c0db8fc8b20a08cea45bccaada6075f6193e9857195b292204ab82e44c7723f5807d71b0b686696905d72f49241fad4f03cba
-
SSDEEP
196608:2zgzzkrrDdV9BpkVjxe2Y5OadJlYcMs28+wS392UDj0rAt8lrzFznfYhA:2zB779BpkV8DOoqbs2dwS39pXL2l1znb
Malware Config
Signatures
-
resource yara_rule static1/unpack001/superbubsy.part01.exe upx -
Unsigned PE 6 IoCs
Checks for missing Authenticode signature.
resource unpack001/superbubsy.part01.exe unpack002/out.upx unpack003/superbubsy/u.___ unpack005/superbubsy/u.___ unpack007/superbubsy/u.___ unpack009/superbubsy/u.___
Files
-
superbubsy.zip.zip
Password: infectado
-
superbubsy.part01.exe.exe windows x86
Password: infectado
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 128KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 66KB - Virtual size: 68KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 10KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 72KB - Virtual size: 72KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 82KB - Virtual size: 81KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
superbubsy.part02.rar.rar
Password: infectado
-
superbubsy/Levels/Lvllist
-
superbubsy/Movies/Bub_01t.avi
-
superbubsy/Movies/Bub_02t.avi
-
superbubsy/Movies/Bub_03t.avi
-
superbubsy/Movies/Bubin.avi
-
superbubsy/Sprites/Spr_Bub.fst
-
superbubsy/Unpack.bat
-
superbubsy/gam.uha
-
superbubsy/mid.uha
-
superbubsy/ogg.uha
-
superbubsy/root.uha
-
superbubsy/u.___.exe windows x86
Password: infectado
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
Sections
Size: - Virtual size: 300KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 97KB - Virtual size: 100KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
superbubsy.part03.rar.rar
Password: infectado
-
superbubsy/Levels/Lvllist
-
superbubsy/Movies/Bub_01t.avi
-
superbubsy/Movies/Bub_02t.avi
-
superbubsy/Movies/Bub_03t.avi
-
superbubsy/Movies/Bubin.avi
-
superbubsy/Sprites/Spr_Bub.fst
-
superbubsy/Unpack.bat
-
superbubsy/gam.uha
-
superbubsy/mid.uha
-
superbubsy/ogg.uha
-
superbubsy/root.uha
-
superbubsy/u.___.exe windows x86
Password: infectado
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
Sections
Size: - Virtual size: 300KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 97KB - Virtual size: 100KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
superbubsy.part04.rar.rar .ps1
Password: infectado
-
superbubsy/Levels/Lvllist
-
superbubsy/Movies/Bub_01t.avi
-
superbubsy/Movies/Bub_02t.avi
-
superbubsy/Movies/Bub_03t.avi
-
superbubsy/Movies/Bubin.avi
-
superbubsy/Sprites/Spr_Bub.fst
-
superbubsy/Unpack.bat
-
superbubsy/gam.uha
-
superbubsy/mid.uha
-
superbubsy/ogg.uha
-
superbubsy/root.uha
-
superbubsy/u.___.exe windows x86
Password: infectado
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
Sections
Size: - Virtual size: 300KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 97KB - Virtual size: 100KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
superbubsy.part05.rar.rar
Password: infectado
-
superbubsy/Levels/Lvllist
-
superbubsy/Movies/Bub_01t.avi
-
superbubsy/Movies/Bub_02t.avi
-
superbubsy/Movies/Bub_03t.avi
-
superbubsy/Movies/Bubin.avi
-
superbubsy/Sprites/Spr_Bub.fst
-
superbubsy/Unpack.bat
-
superbubsy/gam.uha
-
superbubsy/mid.uha
-
superbubsy/ogg.uha
-
superbubsy/root.uha
-
superbubsy/u.___.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
Sections
Size: - Virtual size: 300KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 97KB - Virtual size: 100KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
superbubsy.part06.rar.rar
-
superbubsy.part07.rar.rar