ida-pro-keygen[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

ida-pro-keygen.zip
Size

258KB
MD5

6d09767f95b113001291539aa5cf3846
SHA1

b31bb29801cd465add6c3f52415c56ea00cc5ae4
SHA256

b2b66f0ac642bac85af44c6bb0c471f3a8e6c95ca78e441f5e66a6b5c4646dc2
SHA512

7deb30d727354d5b62329dcb2305cdd835d270e1b09fd2b169a00b1d375e0ae72a0908f0a5f6d17f658a9b91d7a6859cd44ffad577aea3b23e65992f33d3e8d7
SSDEEP

6144:1+crC9Tlu8grH9cSPzDlKJnW3W9Qm7ylA+ZXS:1+O+yHqSPYA3WB7ylS

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/IDA-Pro-KeyGen/repack/innounp.exe	upx

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/IDA-Pro-KeyGen/anon_idb.exe
unpack001/IDA-Pro-KeyGen/ida_key.exe
unpack001/IDA-Pro-KeyGen/patch_ida.exe
unpack001/IDA-Pro-KeyGen/repack/innounp.exe
unpack002/out.upx

Files

ida-pro-keygen.zip
.zip
IDA-Pro-KeyGen/README.txt
IDA-Pro-KeyGen/anon_idb
.elf linux x86
IDA-Pro-KeyGen/anon_idb.exe
.exe windows:4 windows x86 arch:x86

a7238a194e7a87979d7dd5931e41e02d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__getmainargs
__initenv
__lconv_init
__p__acmdln
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_initterm
_iob
_onexit
abort
calloc
exit
fprintf
free
fwrite
malloc
memcpy
memmove
memset
printf
puts
signal
strlen
strncmp
vfprintf
_write
_strdup
_read
_open
_lseek
_close

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IDA-Pro-KeyGen/ida-tmplv5.key
IDA-Pro-KeyGen/ida-tmplv6v7.key
IDA-Pro-KeyGen/ida_key
.elf linux x86
IDA-Pro-KeyGen/ida_key.exe
.exe windows:4 windows x86 arch:x86

bebc2b7344296f2c0025a711cf248150

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleW
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

__argv
__dllonexit
__getmainargs
__initenv
__lconv_init
__mb_cur_max
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_errno
_fmode
_initterm
_iob
_lock
_onexit
_unlock
calloc
ctime
exit
fclose
fgets
fopen
fprintf
fputc
fread
free
fseek
fwrite
getc
getenv
islower
isspace
isupper
isxdigit
localeconv
malloc
memcpy
memset
mktime
printf
putc
putchar
puts
rand
realloc
setlocale
signal
srand
strchr
strcpy
strerror
strlen
strncmp
strtol
strtoul
abort
time
tolower
ungetc
vfprintf
wcslen
atoi

Sections

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IDA-Pro-KeyGen/patch_ida
.elf linux x86
IDA-Pro-KeyGen/patch_ida.exe
.exe windows:4 windows x86 arch:x86

1b53b06dfcab6e508701c8bf34f192bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileAttributesA
GetLastError
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
__getmainargs
__initenv
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_errno
_findclose
_findfirst
_fmode
_fullpath
_initterm
_iob
_lock
_onexit
_stat
_unlock
calloc
exit
fclose
fopen
fprintf
fread
free
fseek
fwrite
malloc
memcpy
printf
puts
signal
strcpy
strerror
strlen
strncmp
strstr
abort
vfprintf
_findnext
_strdup
_chdir

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IDA-Pro-KeyGen/repack/innounp.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 556KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 134KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 580KB - Virtual size: 580KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 12B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IDA-Pro-KeyGen/repack/install_script.iss_dif
IDA-Pro-KeyGen/src/Makefile
IDA-Pro-KeyGen/src/anon_idb.c
IDA-Pro-KeyGen/src/base64.c
IDA-Pro-KeyGen/src/bigint.c
IDA-Pro-KeyGen/src/bigint.h
IDA-Pro-KeyGen/src/bigint_impl.h
IDA-Pro-KeyGen/src/ida_key.c
IDA-Pro-KeyGen/src/md5.c
IDA-Pro-KeyGen/src/md5.h
IDA-Pro-KeyGen/src/patch_ida.c

Sharing

General

Malware Config

Signatures

Files

a7238a194e7a87979d7dd5931e41e02d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 300B

.rdata Size: 2KB - Virtual size: 1KB

.bss Size: - Virtual size: 4KB

.idata Size: 1KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 8B

bebc2b7344296f2c0025a711cf248150

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 75KB - Virtual size: 74KB

.data Size: 1024B - Virtual size: 736B

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 32B

1b53b06dfcab6e508701c8bf34f192bc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 80B

.rdata Size: 2KB - Virtual size: 1KB

.bss Size: - Virtual size: 16KB

.idata Size: 2KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 32B

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 556KB

UPX1 Size: 134KB - Virtual size: 136KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

Sections

CODE Size: 580KB - Virtual size: 580KB

DATA Size: 28KB - Virtual size: 28KB

BSS Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 3KB

.tls Size: - Virtual size: 12B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: - Virtual size: 33KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 300B

.rdata
Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 4KB

.idata
Size: 1KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B

.text
Size: 75KB - Virtual size: 74KB

.data
Size: 1024B - Virtual size: 736B

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 32B

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 80B

.rdata
Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 16KB

.idata
Size: 2KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 32B

UPX0
Size: - Virtual size: 556KB

UPX1
Size: 134KB - Virtual size: 136KB

.rsrc
Size: 2KB - Virtual size: 4KB

CODE
Size: 580KB - Virtual size: 580KB

DATA
Size: 28KB - Virtual size: 28KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 3KB

.tls
Size: - Virtual size: 12B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: - Virtual size: 33KB

.rsrc
Size: 9KB - Virtual size: 9KB