11cfc93ce08d812c18c2af97e0b1f62ed868301920c8adcaf45b39457d501203[.]zip[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

11cfc93ce08d812c18c2af97e0b1f62ed868301920c8adcaf45b39457d501203.zip.zip
Size

2.7MB
MD5

1021ebde369c212bbfa143a29b5743d4
SHA1

a2ce682272eba66f5f83365ccd638bd6c4e97aa8
SHA256

341c5c0f40510900e139d9d4c60cec4a17be2859871702efafdf42daf5cc69b6
SHA512

7427fecaf3b992a331650c4c0ed35ef7b78d0dcd7cc06f8fb8d768874e1b11c93bf3afd2153f4494c70dcab75dc7ed9fd990d825ab6cf5ceecfb4f48e8904838
SSDEEP

49152:EpqiAiC8CkSxIjHY/nKiH39bUZ+gJAJeCrBjvFPhpvSCnhWYVMqwhqf5Sx8IOw:mqiBQIj4/nKq3iZ+gYrBZPhpvRnhWYVY

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 2 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack002/fmod.dll	acprotect
static1/unpack002/ijl10.dll	acprotect

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack002/acidkids.exe	upx
static1/unpack002/fmod.dll	upx
static1/unpack002/ijl10.dll	upx

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack002/acidkids.exe
unpack002/fmod.dll
unpack004/out.upx
unpack002/ijl10.dll
unpack005/out.upx

Files

11cfc93ce08d812c18c2af97e0b1f62ed868301920c8adcaf45b39457d501203.zip.zip
.zip

Password: infected
11cfc93ce08d812c18c2af97e0b1f62ed868301920c8adcaf45b39457d501203.zip
.zip
acidkids.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 244KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 161KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
acidkids.nfo
disclaim.er
file_id.diz
fmod.dll
.dll windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

_FMUSIC_FreeSong@4
_FMUSIC_GetBPM@4
_FMUSIC_GetGlobalVolume@4
_FMUSIC_GetMasterVolume@4
_FMUSIC_GetName@4
_FMUSIC_GetNumChannels@4
_FMUSIC_GetNumInstruments@4
_FMUSIC_GetNumOrders@4
_FMUSIC_GetNumPatterns@4
_FMUSIC_GetNumSamples@4
_FMUSIC_GetOrder@4
_FMUSIC_GetPattern@4
_FMUSIC_GetPatternLength@8
_FMUSIC_GetPaused@4
_FMUSIC_GetRow@4
_FMUSIC_GetSample@8
_FMUSIC_GetSpeed@4
_FMUSIC_GetTime@4
_FMUSIC_GetType@4
_FMUSIC_IsFinished@4
_FMUSIC_IsPlaying@4
_FMUSIC_LoadSong@4
_FMUSIC_LoadSongMemory@8
_FMUSIC_OptimizeChannels@12
_FMUSIC_PlaySong@4
_FMUSIC_SetMasterVolume@8
_FMUSIC_SetOrder@8
_FMUSIC_SetOrderCallback@12
_FMUSIC_SetPanSeperation@8
_FMUSIC_SetPaused@8
_FMUSIC_SetRowCallback@12
_FMUSIC_SetZxxCallback@8
_FMUSIC_StopAllSongs@0
_FMUSIC_StopSong@4
_FMUSIC_UsesLinearFrequencies@4
_FSOUND_3D_GetAttributes@12
_FSOUND_3D_Listener_GetAttributes@32
_FSOUND_3D_Listener_SetAttributes@32
_FSOUND_3D_Listener_SetDistanceFactor@4
_FSOUND_3D_Listener_SetDopplerFactor@4
_FSOUND_3D_Listener_SetRolloffFactor@4
_FSOUND_3D_PlaySound@16
_FSOUND_3D_SetAttributes@12
_FSOUND_3D_Update@0
_FSOUND_CD_Eject@0
_FSOUND_CD_GetNumTracks@0
_FSOUND_CD_GetPaused@0
_FSOUND_CD_GetTrack@0
_FSOUND_CD_Play@4
_FSOUND_CD_SetPaused@4
_FSOUND_CD_SetPlayMode@4
_FSOUND_CD_Stop@0
_FSOUND_Close@0
_FSOUND_DSP_ClearMixBuffer@0
_FSOUND_DSP_Create@12
_FSOUND_DSP_Free@4
_FSOUND_DSP_GetActive@4
_FSOUND_DSP_GetBufferLength@0
_FSOUND_DSP_GetClearUnit@0
_FSOUND_DSP_GetClipAndCopyUnit@0
_FSOUND_DSP_GetMusicUnit@0
_FSOUND_DSP_GetPriority@4
_FSOUND_DSP_GetSFXUnit@0
_FSOUND_DSP_SetActive@8
_FSOUND_DSP_SetPriority@8
_FSOUND_File_SetCallbacks@20
_FSOUND_Geometry_AddList@4
_FSOUND_Geometry_AddPolygon@28
_FSOUND_Geometry_List_Begin@4
_FSOUND_Geometry_List_Create@4
_FSOUND_Geometry_List_End@4
_FSOUND_Geometry_List_Free@4
_FSOUND_Geometry_Material_Create@0
_FSOUND_Geometry_Material_Free@4
_FSOUND_Geometry_Material_GetAttributes@20
_FSOUND_Geometry_Material_Set@4
_FSOUND_Geometry_Material_SetAttributes@20
_FSOUND_GetCPUUsage@0
_FSOUND_GetChannelsPlaying@0
_FSOUND_GetCurrentPosition@4
_FSOUND_GetCurrentSample@4
_FSOUND_GetCurrentVU@4
_FSOUND_GetDriver@0
_FSOUND_GetDriverCaps@8
_FSOUND_GetDriverName@4
_FSOUND_GetError@0
_FSOUND_GetFrequency@4
_FSOUND_GetMaxChannels@0
_FSOUND_GetMaxSamples@0
_FSOUND_GetMixer@0
_FSOUND_GetMute@4
_FSOUND_GetNumDrivers@0
_FSOUND_GetNumHardwareChannels@0
_FSOUND_GetOutput@0
_FSOUND_GetOutputRate@0
_FSOUND_GetPan@4
_FSOUND_GetPaused@4
_FSOUND_GetPriority@4
_FSOUND_GetReserved@4
_FSOUND_GetSFXMasterVolume@0
_FSOUND_GetSurround@4
_FSOUND_GetVersion@0
_FSOUND_GetVolume@4
_FSOUND_Init@12
_FSOUND_IsPlaying@4
_FSOUND_MixBuffers@28
_FSOUND_PlaySound@8
_FSOUND_PlaySoundAttrib@20
_FSOUND_Record_GetDriver@0
_FSOUND_Record_GetDriverName@4
_FSOUND_Record_GetNumDrivers@0
_FSOUND_Record_GetPosition@0
_FSOUND_Record_SetDriver@4
_FSOUND_Record_StartSample@8
_FSOUND_Record_Stop@0
_FSOUND_Reverb_GetEnvironment@16
_FSOUND_Reverb_GetEnvironmentAdvanced@52
_FSOUND_Reverb_SetEnvironment@16
_FSOUND_Reverb_SetEnvironmentAdvanced@52
_FSOUND_Reverb_SetMix@8
_FSOUND_Sample_Alloc@28
_FSOUND_Sample_Free@4
_FSOUND_Sample_Get@4
_FSOUND_Sample_GetDefaults@20
_FSOUND_Sample_GetLength@4
_FSOUND_Sample_GetLoopPoints@12
_FSOUND_Sample_GetMode@4
_FSOUND_Sample_LoadMpeg@12
_FSOUND_Sample_LoadMpegMemory@16
_FSOUND_Sample_LoadRaw@12
_FSOUND_Sample_LoadWav@12
_FSOUND_Sample_LoadWavMemory@16
_FSOUND_Sample_Lock@28
_FSOUND_Sample_SetDefaults@20
_FSOUND_Sample_SetLoopMode@8
_FSOUND_Sample_SetLoopPoints@12
_FSOUND_Sample_SetMinMaxDistance@12
_FSOUND_Sample_Unlock@20
_FSOUND_Sample_Upload@12
_FSOUND_SetBufferSize@4
_FSOUND_SetDriver@4
_FSOUND_SetFrequency@8
_FSOUND_SetHWND@4
_FSOUND_SetMaxHardwareChannels@4
_FSOUND_SetMinHardwareChannels@4
_FSOUND_SetMixer@4
_FSOUND_SetMute@8
_FSOUND_SetOutput@4
_FSOUND_SetPan@8
_FSOUND_SetPanSeperation@4
_FSOUND_SetPaused@8
_FSOUND_SetPriority@8
_FSOUND_SetReserved@8
_FSOUND_SetSFXMasterVolume@4
_FSOUND_SetSurround@8
_FSOUND_SetVolume@8
_FSOUND_SetVolumeAbsolute@8
_FSOUND_StopAllChannels@0
_FSOUND_StopSound@4
_FSOUND_Stream_Close@4
_FSOUND_Stream_Create@20
_FSOUND_Stream_GetLength@4
_FSOUND_Stream_GetPaused@4
_FSOUND_Stream_GetPosition@4
_FSOUND_Stream_GetTime@4
_FSOUND_Stream_Open@12
_FSOUND_Stream_OpenMpeg@8
_FSOUND_Stream_OpenWav@8
_FSOUND_Stream_Play@8
_FSOUND_Stream_SetPaused@8
_FSOUND_Stream_SetPosition@8
_FSOUND_Stream_Stop@4

Sections

UPX0
Size: - Virtual size: 236KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
gfx.pak
ijl10.dll
.dll windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

ijlErrorStr
ijlFree
ijlGetLibVersion
ijlInit
ijlRead
ijlWrite

Sections

UPX0
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msx/33.XM
msx/fantasy.xm
msx/flusing.xm
msx/orbit.xm
msx/out_of.xm
msx/roy_da.xm
msx/scoth.xm
msx/space_ho.xm
msx/trafka_l.xm
msx/yellow_f.xm

Sharing

General

Malware Config

Signatures

Files

Password: infected

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 244KB

UPX1 Size: 161KB - Virtual size: 164KB

.rsrc Size: 9KB - Virtual size: 12KB

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 236KB

UPX1 Size: 64KB - Virtual size: 64KB

.rsrc Size: 7KB - Virtual size: 8KB

Headers

File Characteristics

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 16KB - Virtual size: 142KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 8KB

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 104KB

UPX1 Size: 48KB - Virtual size: 52KB

.rsrc Size: 1KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 124KB - Virtual size: 124KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 1000B

.reloc Size: 2KB - Virtual size: 2KB

UPX0
Size: - Virtual size: 244KB

UPX1
Size: 161KB - Virtual size: 164KB

.rsrc
Size: 9KB - Virtual size: 12KB

UPX0
Size: - Virtual size: 236KB

UPX1
Size: 64KB - Virtual size: 64KB

.rsrc
Size: 7KB - Virtual size: 8KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 16KB - Virtual size: 142KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 8KB

UPX0
Size: - Virtual size: 104KB

UPX1
Size: 48KB - Virtual size: 52KB

.rsrc
Size: 1KB - Virtual size: 4KB

.text
Size: 124KB - Virtual size: 124KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 1000B

.reloc
Size: 2KB - Virtual size: 2KB