43cb3358e354d1c322e79f820b54de86b9f49933210d6f55f1af34dafd1107c7[.]zip[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

43cb3358e354d1c322e79f820b54de86b9f49933210d6f55f1af34dafd1107c7.zip.zip
Size

1.3MB
MD5

1ea5c1525b836b9ed637577bd6f92f94
SHA1

053e10894c836db3c6a1dd3d43483d128f571391
SHA256

abda2668ea65273fbf4e8430c80304fe8f1698e43eb1199d9a002fcdae7c35da
SHA512

865d18d6a4e067212aad6e0ebce3848139e1b5bbcc9b82dcb93597628ec8c7e04c9a6e8d28492db4c1912d50950f6af90880e46aba7053ae36e661abcdfabb24
SSDEEP

24576:AatmUzlRzDFvd+750jh9kN9czPQPFxOmuObOMnFEBwMC:VmUJ1JVU50jM9GmVbOLqMC

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack002/IJL15.DLL	acprotect

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack002/IJL15.DLL	upx
static1/unpack002/ciastko.exe	upx

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack002/BASS.DLL
unpack002/IJL15.DLL
unpack003/out.upx
unpack002/ciastko.exe

Files

43cb3358e354d1c322e79f820b54de86b9f49933210d6f55f1af34dafd1107c7.zip.zip
.zip

Password: infected
43cb3358e354d1c322e79f820b54de86b9f49933210d6f55f1af34dafd1107c7.zip
.zip
BASS.DLL
.dll windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

BASS_Apply3D
BASS_CDFree
BASS_CDInDrive
BASS_CDInit
BASS_CDPlay
BASS_ChannelGet3DAttributes
BASS_ChannelGet3DPosition
BASS_ChannelGetAttributes
BASS_ChannelGetData
BASS_ChannelGetEAXMix
BASS_ChannelGetFlags
BASS_ChannelGetLevel
BASS_ChannelGetPosition
BASS_ChannelIsActive
BASS_ChannelPause
BASS_ChannelRemoveDSP
BASS_ChannelRemoveSync
BASS_ChannelResume
BASS_ChannelSet3DAttributes
BASS_ChannelSet3DPosition
BASS_ChannelSetAttributes
BASS_ChannelSetDSP
BASS_ChannelSetEAXMix
BASS_ChannelSetPosition
BASS_ChannelSetSync
BASS_ChannelStop
BASS_ErrorGetCode
BASS_Free
BASS_Get3DFactors
BASS_Get3DPosition
BASS_GetA3DHFAbsorbtion
BASS_GetA3DResManager
BASS_GetCPU
BASS_GetDSoundObject
BASS_GetDeviceDescription
BASS_GetEAXParameters
BASS_GetGlobalVolumes
BASS_GetInfo
BASS_GetVersion
BASS_GetVolume
BASS_Init
BASS_MusicFree
BASS_MusicGetLength
BASS_MusicGetName
BASS_MusicLoad
BASS_MusicPlay
BASS_MusicPlayEx
BASS_MusicSetAmplify
BASS_MusicSetPanSep
BASS_MusicSetPositionScaler
BASS_Pause
BASS_SampleCreate
BASS_SampleCreateDone
BASS_SampleFree
BASS_SampleGetInfo
BASS_SampleLoad
BASS_SamplePlay
BASS_SamplePlay3D
BASS_SamplePlay3DEx
BASS_SamplePlayEx
BASS_SampleSetInfo
BASS_SampleStop
BASS_Set3DAlgorithm
BASS_Set3DFactors
BASS_Set3DPosition
BASS_SetA3DHFAbsorbtion
BASS_SetA3DResManager
BASS_SetBufferLength
BASS_SetEAXParameters
BASS_SetGlobalVolumes
BASS_SetLogCurves
BASS_SetVolume
BASS_Start
BASS_Stop
BASS_StreamCreate
BASS_StreamCreateFile
BASS_StreamFree
BASS_StreamGetBlockLength
BASS_StreamGetLength
BASS_StreamPlay

Sections

Size: 86KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
DATA.RS
IJL15.DLL
.dll windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

ijlErrorStr
ijlFree
ijlGetLibVersion
ijlInit
ijlRead
ijlWrite

Sections

UPX0
Size: - Virtual size: 260KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 120KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 312KB - Virtual size: 309KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSX18.XM
ciastko.exe
.exe windows:1 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 3.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
damned.log
infofile.txt
msx00.xm
msx01.xm
msx02.xm
msx03.xm
msx04.xm
msx05.xm
msx06.xm
msx07.xm
msx08.xm
msx09.xm
msx10.xm
msx11.xm
msx12.xm
msx13.xm
msx14.xm
msx15.xm
msx16.xm
msx17.xm
msx19.xm

Sharing

General

Malware Config

Signatures

Files

Password: infected

Headers

File Characteristics

Exports

Exports

Sections

Size: 86KB - Virtual size: 244KB

Size: 3KB - Virtual size: 3KB

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 260KB

UPX1 Size: 120KB - Virtual size: 124KB

.rsrc Size: 1KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 312KB - Virtual size: 309KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 21KB

.data1 Size: 12KB - Virtual size: 9KB

.rsrc Size: 4KB - Virtual size: 904B

.reloc Size: 12KB - Virtual size: 10KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 3.1MB

UPX1 Size: 148KB - Virtual size: 148KB

.rsrc Size: 2KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 260KB

UPX1
Size: 120KB - Virtual size: 124KB

.rsrc
Size: 1KB - Virtual size: 4KB

.text
Size: 312KB - Virtual size: 309KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 21KB

.data1
Size: 12KB - Virtual size: 9KB

.rsrc
Size: 4KB - Virtual size: 904B

.reloc
Size: 12KB - Virtual size: 10KB

UPX0
Size: - Virtual size: 3.1MB

UPX1
Size: 148KB - Virtual size: 148KB

.rsrc
Size: 2KB - Virtual size: 4KB