8859902ee46d4372a8fc63e199dc4ab9

Sharing

Copy URL Twitter E-mail

General

Target

8859902ee46d4372a8fc63e199dc4ab9
Size

2.7MB
MD5

8859902ee46d4372a8fc63e199dc4ab9
SHA1

e0868ce6a9293cd5596304e463947bcd0ae1e566
SHA256

b905368a3f6b2525378fc32ed5858233490eb020d103b9a9c126424218828935
SHA512

d0f3c35db243be9d59fa6dcf78aba3f0cf739ae10856dff15d588d0ef440aa11d3c98aefaff758eec7b97a6ef8384888167ea66fbab984aa57cde7750c2671fe
SSDEEP

49152:9jK41Nt+9MOVayll7iiMfB/I4ZEckZWKhTbaxgkwXCMElKG7FskOmjy2p+k6fEO4:NK41X+9M+vcN5x7KhTbTPElKS0mjyEBl

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 4 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/greko-10.2-ja/Android (run as xboard engine)/GreKo-102-android-ja	upx
static1/unpack001/greko-10.2-ja/Linux/GreKo-102-32-ja	upx
static1/unpack001/greko-10.2-ja/Linux/GreKo-102-64-ja	upx
static1/unpack001/greko-10.2-ja/Windows/Greko-102-32-ja.exe	upx

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/greko-10.2-ja/Windows/GreKo-102-64-ja.exe
unpack001/greko-10.2-ja/Windows/GreKo-102-64-pop-ja.exe
unpack001/greko-10.2-ja/Windows/Greko-102-32-ja.exe
unpack002/out.upx

Files

8859902ee46d4372a8fc63e199dc4ab9
.zip
greko-10.2-ja/Android (run as xboard engine)/GreKo-102-android-ja
.elf linux arm
greko-10.2-ja/Book/book.bin
greko-10.2-ja/Linux/GreKo-102-32-ja
.elf linux x86
greko-10.2-ja/Linux/GreKo-102-64-ja
.elf linux x64
greko-10.2-ja/Linux/GreKo.ini
greko-10.2-ja/Linux/book.bin
greko-10.2-ja/Logos/Thumbs.db
greko-10.2-ja/Logos/greko_100x50.gif
greko-10.2-ja/Logos/greko_130x65.gif
greko-10.2-ja/Src/src/GreKo.sln
greko-10.2-ja/Src/src/GreKo.vcproj
.xml
greko-10.2-ja/Src/src/Makefile
greko-10.2-ja/Src/src/Makefile.linux
greko-10.2-ja/Src/src/bitboards.cpp
greko-10.2-ja/Src/src/bitboards.h
greko-10.2-ja/Src/src/book.cpp
greko-10.2-ja/Src/src/book.h
greko-10.2-ja/Src/src/config.h
greko-10.2-ja/Src/src/defaults.h
greko-10.2-ja/Src/src/eval.cpp
greko-10.2-ja/Src/src/eval.h
greko-10.2-ja/Src/src/main.cpp
greko-10.2-ja/Src/src/moves.cpp
greko-10.2-ja/Src/src/moves.h
greko-10.2-ja/Src/src/notation.cpp
greko-10.2-ja/Src/src/notation.h
greko-10.2-ja/Src/src/position.cpp
greko-10.2-ja/Src/src/position.h
greko-10.2-ja/Src/src/search.cpp
greko-10.2-ja/Src/src/search.h
greko-10.2-ja/Src/src/types.h
greko-10.2-ja/Src/src/unix.cpp
greko-10.2-ja/Src/src/utils.cpp
greko-10.2-ja/Src/src/utils.h
greko-10.2-ja/Src/src/win32.cpp
greko-10.2-ja/Thumbs.db
greko-10.2-ja/Windows/GreKo-102-64-ja.exe
.exe windows:5 windows x64 arch:x64

cc861723d81c3d0282bd2595327117c3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

MessageBoxA

comctl32

InitCommonControls

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 134KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1024KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data1
Size: 2KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.x64
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
greko-10.2-ja/Windows/GreKo-102-64-pop-ja.exe
.exe windows:5 windows x64 arch:x64

cc861723d81c3d0282bd2595327117c3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

MessageBoxA

comctl32

InitCommonControls

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 133KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1024KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data1
Size: 2KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.x64
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
greko-10.2-ja/Windows/GreKo.ini
greko-10.2-ja/Windows/Greko-102-32-ja.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 102KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 1010KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
greko-10.2-ja/Windows/book.bin
greko-10.2-ja/history.txt
greko-10.2-ja/logo.bmp

Sharing

General

Malware Config

Signatures

Files

cc861723d81c3d0282bd2595327117c3

Headers

DLL Characteristics

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 134KB - Virtual size: 268KB

.rdata Size: 39KB - Virtual size: 84KB

.data Size: 2KB - Virtual size: 1024KB

.pdata Size: 6KB - Virtual size: 12KB

.data1 Size: 2KB - Virtual size: 12KB

.trace Size: 3KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 8KB

.x64 Size: 6KB - Virtual size: 8KB

cc861723d81c3d0282bd2595327117c3

Headers

DLL Characteristics

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 133KB - Virtual size: 268KB

.rdata Size: 39KB - Virtual size: 84KB

.data Size: 2KB - Virtual size: 1024KB

.pdata Size: 6KB - Virtual size: 12KB

.data1 Size: 2KB - Virtual size: 12KB

.trace Size: 3KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 8KB

.x64 Size: 6KB - Virtual size: 8KB

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.1MB

UPX1 Size: 102KB - Virtual size: 104KB

.rsrc Size: 1024B - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 151KB - Virtual size: 151KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 5KB - Virtual size: 1010KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 134KB - Virtual size: 268KB

.rdata
Size: 39KB - Virtual size: 84KB

.data
Size: 2KB - Virtual size: 1024KB

.pdata
Size: 6KB - Virtual size: 12KB

.data1
Size: 2KB - Virtual size: 12KB

.trace
Size: 3KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 8KB

.x64
Size: 6KB - Virtual size: 8KB

.text
Size: 133KB - Virtual size: 268KB

.rdata
Size: 39KB - Virtual size: 84KB

.data
Size: 2KB - Virtual size: 1024KB

.pdata
Size: 6KB - Virtual size: 12KB

.data1
Size: 2KB - Virtual size: 12KB

.trace
Size: 3KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 8KB

.x64
Size: 6KB - Virtual size: 8KB

UPX0
Size: - Virtual size: 1.1MB

UPX1
Size: 102KB - Virtual size: 104KB

.rsrc
Size: 1024B - Virtual size: 4KB

.text
Size: 151KB - Virtual size: 151KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 5KB - Virtual size: 1010KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 14KB - Virtual size: 13KB