bruteratel | 6aad5b54e7fb29419822a7908b9723e7

Sharing

Copy URL Twitter E-mail

General

Target

6aad5b54e7fb29419822a7908b9723e7
Size

2.3MB
MD5

6aad5b54e7fb29419822a7908b9723e7
SHA1

6938376ad4098a452e57d8de1c3112acfb7461bc
SHA256

20e79c4bdb55163a786a2e3e2f0011659c7a9d376bef792080bb4f334ae54fac
SHA512

c1352609d2ff88449ab1227df63782dae6a9d8b3988a0239b26ae06dc0493ea5048aaec81ce488067138aef513dfcc023b440400cd867c6e385ce75af16f3091
SSDEEP

49152:sHBGnLD2cnEOiqwnvMeYaCE3UmUtXhH/PoNQJu2RexKn/hoCT9Z+:XPntiqwn0FaCE3tUtZoNQ02ReQ/h4

Score

10^/10

upx bruteratel

Malware Config

Signatures

Bruteratel family
bruteratel

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
6aad5b54e7fb29419822a7908b9723e7
unpack001/out.upx

Files

6aad5b54e7fb29419822a7908b9723e7
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 2.9MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

??0Parser@QJson@@QAE@XZ
??0ParserRunnable@QJson@@QAE@PAVQObject@@@Z
??0QObjectHelper@QJson@@QAE@XZ
??0Serializer@QJson@@QAE@XZ
??0SerializerRunnable@QJson@@QAE@PAVQObject@@@Z
??1Parser@QJson@@QAE@XZ
??1ParserRunnable@QJson@@UAE@XZ
??1QObjectHelper@QJson@@QAE@XZ
??1Serializer@QJson@@QAE@XZ
??1SerializerRunnable@QJson@@UAE@XZ
??_7ParserRunnable@QJson@@6BQObject@@@
??_7ParserRunnable@QJson@@6BQRunnable@@@
??_7SerializerRunnable@QJson@@6BQObject@@@
??_7SerializerRunnable@QJson@@6BQRunnable@@@
??_FParserRunnable@QJson@@QAEXXZ
??_FSerializerRunnable@QJson@@QAEXXZ
?allowSpecialNumbers@Parser@QJson@@QAEX_N@Z
?allowSpecialNumbers@Serializer@QJson@@QAEX_N@Z
?errorLine@Parser@QJson@@QBEHXZ
?errorString@Parser@QJson@@QBE?AVQString@@XZ
?indentMode@Serializer@QJson@@QBE?AW4IndentMode@2@XZ
?metaObject@ParserRunnable@QJson@@UBEPBUQMetaObject@@XZ
?metaObject@SerializerRunnable@QJson@@UBEPBUQMetaObject@@XZ
?parse@Parser@QJson@@QAE?AVQVariant@@ABVQByteArray@@PA_N@Z
?parse@Parser@QJson@@QAE?AVQVariant@@PAVQIODevice@@PA_N@Z
?parsingFinished@ParserRunnable@QJson@@IAEXABVQVariant@@_NABVQString@@@Z
?parsingFinished@SerializerRunnable@QJson@@IAEXABVQByteArray@@_NABVQString@@@Z
?qobject2qvariant@QObjectHelper@QJson@@SA?AV?$QMap@VQString@@VQVariant@@@@PBVQObject@@ABVQStringList@@@Z
?qt_metacall@ParserRunnable@QJson@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacall@SerializerRunnable@QJson@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@ParserRunnable@QJson@@UAEPAXPBD@Z
?qt_metacast@SerializerRunnable@QJson@@UAEPAXPBD@Z
?qt_static_metacall@ParserRunnable@QJson@@CAXPAVQObject@@W4Call@QMetaObject@@HPAPAX@Z
?qt_static_metacall@SerializerRunnable@QJson@@CAXPAVQObject@@W4Call@QMetaObject@@HPAPAX@Z
?qvariant2qobject@QObjectHelper@QJson@@SAXABV?$QMap@VQString@@VQVariant@@@@PAVQObject@@@Z
?run@ParserRunnable@QJson@@UAEXXZ
?run@SerializerRunnable@QJson@@UAEXXZ
?serialize@Serializer@QJson@@QAE?AVQByteArray@@ABVQVariant@@@Z
?serialize@Serializer@QJson@@QAEXABVQVariant@@PAVQIODevice@@PA_N@Z
?setData@ParserRunnable@QJson@@QAEXABVQByteArray@@@Z
?setDoublePrecision@Serializer@QJson@@QAEXH@Z
?setIndentMode@Serializer@QJson@@QAEXW4IndentMode@2@@Z
?setJsonObject@SerializerRunnable@QJson@@QAEXABVQVariant@@@Z
?specialNumbersAllowed@Parser@QJson@@QBE_NXZ
?specialNumbersAllowed@Serializer@QJson@@QBE_NXZ
?staticMetaObject@ParserRunnable@QJson@@2UQMetaObject@@B
?staticMetaObject@SerializerRunnable@QJson@@2UQMetaObject@@B
?staticMetaObjectExtraData@ParserRunnable@QJson@@0UQMetaObjectExtraData@@B
?staticMetaObjectExtraData@SerializerRunnable@QJson@@0UQMetaObjectExtraData@@B
?tr@ParserRunnable@QJson@@SA?AVQString@@PBD0@Z
?tr@ParserRunnable@QJson@@SA?AVQString@@PBD0H@Z
?tr@SerializerRunnable@QJson@@SA?AVQString@@PBD0@Z
?tr@SerializerRunnable@QJson@@SA?AVQString@@PBD0H@Z
?trUtf8@ParserRunnable@QJson@@SA?AVQString@@PBD0@Z
?trUtf8@ParserRunnable@QJson@@SA?AVQString@@PBD0H@Z
?trUtf8@SerializerRunnable@QJson@@SA?AVQString@@PBD0@Z
?trUtf8@SerializerRunnable@QJson@@SA?AVQString@@PBD0H@Z

Sections

.text
Size: 3.4MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 2.9MB

UPX1 Size: 2.3MB - Virtual size: 2.3MB

.rsrc Size: 34KB - Virtual size: 36KB

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

.text Size: 3.4MB - Virtual size: 3.3MB

.rdata Size: 1.5MB - Virtual size: 1.5MB

.data Size: 43KB - Virtual size: 72KB

.rsrc Size: 34KB - Virtual size: 33KB

.reloc Size: 147KB - Virtual size: 146KB

UPX0
Size: - Virtual size: 2.9MB

UPX1
Size: 2.3MB - Virtual size: 2.3MB

.rsrc
Size: 34KB - Virtual size: 36KB

.text
Size: 3.4MB - Virtual size: 3.3MB

.rdata
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 43KB - Virtual size: 72KB

.rsrc
Size: 34KB - Virtual size: 33KB

.reloc
Size: 147KB - Virtual size: 146KB