unlock_all[.]7z

Sharing

Copy URL Twitter E-mail

General

Target

unlock_all.7z
Size

5.6MB
MD5

8b82f3c44eedac738ea59975cd5286c2
SHA1

fe1cb05beebffc6301c61ede1c177101256e268c
SHA256

c81afceb66552cec84087048397470bcc1ac7386957b8f78db9283d33bfa5e2f
SHA512

94c1a8776d50198bf1addf0534747224d0307dedb8c2ddf22b1f2c1e510dc5698618fb9af6e94231ae2f0be1fee3e5cc4f746cecf5a8d0680a1654180e879b55
SSDEEP

98304:/1K8l/Hhuq0ODyQDS+5H4K2kBdgTX2pDgIkdQAt+XobRv4i+1nf3yY96uDGqu:7uZvQDS+d4KJfSX2SIkCY+Xob+pf3yvd

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
static1/unpack001/unlock all/mw2_cheat_v5.exe	themida

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/unlock all/ShawtysLobby.exe
unpack001/unlock all/mw2_cheat_v5.exe

Files

unlock_all.7z
.7z

Password: Malware123!!
unlock all/22h2fix.bat
unlock all/MW2_SHAWTYS_V5_READ_ME.txt
unlock all/MW2_UNLOCK_ALL_READ_ME.txt
unlock all/ShawtysLobby.exe
.exe windows:5 windows x64

Password: Malware123!!

88381b84da56810b869e897e6d45bd58

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress

user32

EnumChildWindows

Sections

.text
Size: 512B - Virtual size: 3B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bxpck
Size: 8.0MB - Virtual size: 8.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.main
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 161KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
unlock all/bG6TS7eU
unlock all/mw2_cheat_v5.exe
.exe windows:6 windows x64

Password: Malware123!!

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 390KB - Virtual size: 968KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 62KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 2KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 30KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 12B

Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 5.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
unlock all/zetIBhwN

Sharing

General

Malware Config

Signatures

Files

Password: Malware123!!

Password: Malware123!!

88381b84da56810b869e897e6d45bd58

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 512B - Virtual size: 3B

.rdata Size: 512B - Virtual size: 212B

.bxpck Size: 8.0MB - Virtual size: 8.0MB

.main Size: 1.4MB - Virtual size: 1.4MB

.rsrc Size: 161KB - Virtual size: 164KB

Password: Malware123!!

Headers

DLL Characteristics

File Characteristics

Sections

Size: 390KB - Virtual size: 968KB

Size: 62KB - Virtual size: 176KB

Size: 2KB - Virtual size: 19KB

Size: 30KB - Virtual size: 55KB

Size: 512B - Virtual size: 56B

Size: 512B - Virtual size: 9B

.voltbl Size: 512B - Virtual size: 12B

Size: 512B - Virtual size: 432B

Size: 2KB - Virtual size: 2KB

.idata Size: 2KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 4KB

.themida Size: - Virtual size: 5.9MB

.boot Size: 3.4MB - Virtual size: 3.4MB

.reloc Size: 16B - Virtual size: 4KB

.text
Size: 512B - Virtual size: 3B

.rdata
Size: 512B - Virtual size: 212B

.bxpck
Size: 8.0MB - Virtual size: 8.0MB

.main
Size: 1.4MB - Virtual size: 1.4MB

.rsrc
Size: 161KB - Virtual size: 164KB

.voltbl
Size: 512B - Virtual size: 12B

.idata
Size: 2KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 4KB

.themida
Size: - Virtual size: 5.9MB

.boot
Size: 3.4MB - Virtual size: 3.4MB

.reloc
Size: 16B - Virtual size: 4KB