46275b6f36113392201299d8ad6e7d0c4528055037810c4628d93aa241c440c3[.]zip[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

46275b6f36113392201299d8ad6e7d0c4528055037810c4628d93aa241c440c3.zip.zip
Size

12.2MB
MD5

54320b1b50f89e28bcf89189dbeb4efe
SHA1

f22165cf6fe8dec5e0eb33f0475accc3e0797ef2
SHA256

056f69d0adf598868e58669c3cbbcdbda40f3be1da45d0f89ed2fdce4724c418
SHA512

ff28d9ed7dad7c0f3ec4164827c09e1514e5f25dc6fa1ea745c2eaebb93b1ed45a95e52edb1f5336d900ebd6939bbfcb640cd8f395a2138ba398c7474156d30a
SSDEEP

196608:VOfQA3Mr2Ecw2dKaBwiLupWb+torx/qJurS64NZe2UiHWR+oLsFw+HqGapp0xhj9:s5a9/GBwiLuJ4awtAZ1UnonTHqGnUa

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack002/We aRe oNe 2.2/We_aRe_oNe_2.2.exe	upx

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
static1/unpack003/out.upx	autoit_exe

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack002/We aRe oNe 2.2/We_aRe_oNe_2.2.exe
unpack003/out.upx

Files

46275b6f36113392201299d8ad6e7d0c4528055037810c4628d93aa241c440c3.zip.zip
.zip

Password: infected
46275b6f36113392201299d8ad6e7d0c4528055037810c4628d93aa241c440c3.zip
.zip
We aRe oNe 2.2/We_aRe_oNe_2.2.exe
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 796KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 263KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 355KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 512KB - Virtual size: 512KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
We aRe oNe 2.2/designs/Aluminium.design
We aRe oNe 2.2/designs/Aluminium/AluminiumBG.jpg
We aRe oNe 2.2/designs/Aluminium/AluminiumBG.png
.png
We aRe oNe 2.2/designs/Aluminium/AluminiumInfoBG.jpg
We aRe oNe 2.2/designs/Aluminium/AluminiumInfoBG.png
.png
We aRe oNe 2.2/designs/Aluminium/Textur.jpg
.jpg
We aRe oNe 2.2/designs/Aluminium/icon.jpg
We aRe oNe 2.2/designs/Aluminium/pics/Housetime.png
.png
We aRe oNe 2.2/designs/Aluminium/pics/coretime.jpg
We aRe oNe 2.2/designs/Aluminium/pics/coretime.png
.png
We aRe oNe 2.2/designs/Aluminium/pics/hardbase.jpg
We aRe oNe 2.2/designs/Aluminium/pics/hardbase.png
.png
We aRe oNe 2.2/designs/Aluminium/pics/housetime.jpg
We aRe oNe 2.2/designs/Aluminium/pics/technobase.jpg
We aRe oNe 2.2/designs/Aluminium/pics/technobase.png
.png
We aRe oNe 2.2/designs/Aluminium/pics/trancebase.jpg
We aRe oNe 2.2/designs/Aluminium/pics/trancebase.png
.png
We aRe oNe 2.2/designs/Aluminium/ui/closebox.jpg
We aRe oNe 2.2/designs/Aluminium/ui/closebox.png
.png
We aRe oNe 2.2/designs/Aluminium/ui/infobox.jpg
We aRe oNe 2.2/designs/Aluminium/ui/infobox.png
.png
We aRe oNe 2.2/designs/Aluminium/ui/movedown.jpg
We aRe oNe 2.2/designs/Aluminium/ui/movedown.png
.png
We aRe oNe 2.2/designs/Aluminium/ui/moveup.jpg
We aRe oNe 2.2/designs/Aluminium/ui/moveup.png
.png
We aRe oNe 2.2/designs/Aluminium/ui/play_pause.jpg
We aRe oNe 2.2/designs/Aluminium/ui/play_pause.png
.png
We aRe oNe 2.2/designs/Aluminium/ui/settingsbox.jpg
We aRe oNe 2.2/designs/Aluminium/ui/settingsbox.png
.png
We aRe oNe 2.2/designs/Aluminium/ui/stop_button.jpg
We aRe oNe 2.2/designs/Aluminium/ui/stop_button.png
.png
We aRe oNe 2.2/designs/NFS HP/background.jpg
We aRe oNe 2.2/designs/NFS HP/background.png
.png
We aRe oNe 2.2/designs/NFS HP/pics/coretime.jpg
We aRe oNe 2.2/designs/NFS HP/pics/coretime.png
.png
We aRe oNe 2.2/designs/NFS HP/pics/hardbase.jpg
We aRe oNe 2.2/designs/NFS HP/pics/hardbase.png
.png
We aRe oNe 2.2/designs/NFS HP/pics/housetime.jpg
We aRe oNe 2.2/designs/NFS HP/pics/housetime.png
.png
We aRe oNe 2.2/designs/NFS HP/pics/technobase.jpg
We aRe oNe 2.2/designs/NFS HP/pics/technobase.png
.png
We aRe oNe 2.2/designs/NFS HP/pics/trancebase.jpg
We aRe oNe 2.2/designs/NFS HP/pics/trancebase.png
.png
We aRe oNe 2.2/designs/NFS HP/template.psd
We aRe oNe 2.2/designs/We_aRe_oNe.design
We aRe oNe 2.2/designs/Winter.design
We aRe oNe 2.2/designs/Winter/background.jpg
We aRe oNe 2.2/designs/Winter/background.png
.png
We aRe oNe 2.2/designs/Winter/icon.jpg
We aRe oNe 2.2/designs/Winter/infobkg.jpg
We aRe oNe 2.2/designs/Winter/infobkg.png
.png
We aRe oNe 2.2/designs/Winter/pics/coretime.jpg
We aRe oNe 2.2/designs/Winter/pics/coretime.png
.png
We aRe oNe 2.2/designs/Winter/pics/hardbase.jpg
We aRe oNe 2.2/designs/Winter/pics/hardbase.png
.png
We aRe oNe 2.2/designs/Winter/pics/housetime.jpg
We aRe oNe 2.2/designs/Winter/pics/housetime.png
.png
We aRe oNe 2.2/designs/Winter/pics/technobase.jpg
We aRe oNe 2.2/designs/Winter/pics/technobase.png
.png
We aRe oNe 2.2/designs/Winter/pics/trancebase.jpg
We aRe oNe 2.2/designs/Winter/pics/trancebase.png
.png
We aRe oNe 2.2/designs/Winter/template.psd
We aRe oNe 2.2/designs/Winter/ui/closebox.jpg
We aRe oNe 2.2/designs/Winter/ui/closebox.png
.png
We aRe oNe 2.2/designs/Winter/ui/infobox.jpg
We aRe oNe 2.2/designs/Winter/ui/infobox.png
.png
We aRe oNe 2.2/designs/Winter/ui/movedown.jpg
We aRe oNe 2.2/designs/Winter/ui/movedown.png
.png
We aRe oNe 2.2/designs/Winter/ui/moveup.jpg
We aRe oNe 2.2/designs/Winter/ui/moveup.png
.png
We aRe oNe 2.2/designs/Winter/ui/play_pause.jpg
We aRe oNe 2.2/designs/Winter/ui/play_pause.png
.png
We aRe oNe 2.2/designs/Winter/ui/settingsbox.jpg
We aRe oNe 2.2/designs/Winter/ui/settingsbox.png
.png
We aRe oNe 2.2/designs/Winter/ui/stop_button.jpg
We aRe oNe 2.2/designs/Winter/ui/stop_button.png
.png
We aRe oNe 2.2/designs/WoW Cataclysm.design
We aRe oNe 2.2/designs/WoW Cataclysm/bkg.jpg
We aRe oNe 2.2/designs/WoW Cataclysm/bkg.png
.png
We aRe oNe 2.2/designs/WoW Cataclysm/template.psd
We aRe oNe 2.2/designs/WoW Cataclysm/ui/CT.jpg
We aRe oNe 2.2/designs/WoW Cataclysm/ui/CT.png
.png
We aRe oNe 2.2/designs/WoW Cataclysm/ui/HB.jpg
We aRe oNe 2.2/designs/WoW Cataclysm/ui/HB.png
.png
We aRe oNe 2.2/designs/WoW Cataclysm/ui/HT.jpg
We aRe oNe 2.2/designs/WoW Cataclysm/ui/HT.png
.png
We aRe oNe 2.2/designs/WoW Cataclysm/ui/TB.jpg
We aRe oNe 2.2/designs/WoW Cataclysm/ui/TB.png
.png
We aRe oNe 2.2/designs/WoW Cataclysm/ui/TRB.jpg
We aRe oNe 2.2/designs/WoW Cataclysm/ui/TRB.png
.png
We aRe oNe 2.2/designs/nfs_hp.design
We aRe oNe 2.2/icon.jpg
We aRe oNe 2.2/pics/coretime.jpg
.jpg
We aRe oNe 2.2/pics/facebook_small.jpg
.jpg
We aRe oNe 2.2/pics/hardbase.jpg
.jpg
We aRe oNe 2.2/pics/housetime.jpg
.jpg
We aRe oNe 2.2/pics/technobase.jpg
.jpg
We aRe oNe 2.2/pics/technobase_cover.jpg
We aRe oNe 2.2/pics/trancebase.jpg
.jpg
We aRe oNe 2.2/pics/twitter_small.jpg
.jpg
We aRe oNe 2.2/pics/weareone.jpg
We aRe oNe 2.2/save.ini
We aRe oNe 2.2/startup.mp3
We aRe oNe 2.2/stream/coretime.asx
We aRe oNe 2.2/stream/coretime.pls
We aRe oNe 2.2/stream/hardbase.asx
We aRe oNe 2.2/stream/hardbase.pls
We aRe oNe 2.2/stream/housetime.asx
We aRe oNe 2.2/stream/housetime.pls
We aRe oNe 2.2/stream/technobase.asx
We aRe oNe 2.2/stream/technobase.pls
We aRe oNe 2.2/stream/trancebase.asx
We aRe oNe 2.2/stream/trancebase.pls
We aRe oNe 2.2/ui/closebox.jpg
.jpg
We aRe oNe 2.2/ui/infobox.jpg
We aRe oNe 2.2/ui/movedown.jpg
.jpg
We aRe oNe 2.2/ui/moveup.jpg
.jpg
We aRe oNe 2.2/ui/play_pause.jpg
We aRe oNe 2.2/ui/settingsbox.jpg
We aRe oNe 2.2/ui/stop_button.jpg

Sharing

General

Malware Config

Signatures

Files

Password: infected

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 796KB

UPX1 Size: 263KB - Virtual size: 264KB

.rsrc Size: 355KB - Virtual size: 356KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 512KB - Virtual size: 512KB

.rdata Size: 54KB - Virtual size: 54KB

.data Size: 26KB - Virtual size: 105KB

.rsrc Size: 363KB - Virtual size: 362KB

UPX0
Size: - Virtual size: 796KB

UPX1
Size: 263KB - Virtual size: 264KB

.rsrc
Size: 355KB - Virtual size: 356KB

.text
Size: 512KB - Virtual size: 512KB

.rdata
Size: 54KB - Virtual size: 54KB

.data
Size: 26KB - Virtual size: 105KB

.rsrc
Size: 363KB - Virtual size: 362KB