6fa0cd25c010d84dfbf7547d20d27b19

Sharing

Copy URL

Twitter E-mail

General

Target

6fa0cd25c010d84dfbf7547d20d27b19
Size

125KB
MD5

6fa0cd25c010d84dfbf7547d20d27b19
SHA1

0074bb848478d128aa8b68806369fb34b779548a
SHA256

e5f1241f99aec5159cfed2b37aa65df45875c242dd2c5e13e1653d6229fb9a60
SHA512

631070d51edb97ac5f393cddefe7e71e4e59af9fb83b77d5580e44192383d4ceb9e2a634dd03e3af1f143fa2dc0d6e533175da8a73acfb047cc5519cf13104a0
SSDEEP

3072:r4painpbY/S3a5HbMsxsr6MpLuHLzj0iMBozavVdSAvVjD:kpbqjfi62uH70IijvVjD

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/sdbot_syn_secure_1/tools/upx.exe	upx

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/sdbot_syn_secure_1/tools/cryptstr.exe
unpack001/sdbot_syn_secure_1/tools/mkpasswd.exe
unpack001/sdbot_syn_secure_1/tools/upx.exe

Files

6fa0cd25c010d84dfbf7547d20d27b19
.rar
sdbot_syn_secure_1/README.txt
sdbot_syn_secure_1/SDBOT05B.C
sdbot_syn_secure_1/crypt.h
sdbot_syn_secure_1/make-lcc.bat
.bat .vbs
sdbot_syn_secure_1/md5.c
sdbot_syn_secure_1/md5sum.c
sdbot_syn_secure_1/tools/cryptstr.exe
.exe windows:1 windows x86 arch:x86

e3f03b57f8c82ef8407ef77387caf7ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind

crtdll

__GetMainArgs
atoi
exit
gets
printf
raise
signal

Sections

.text
Size: 928B - Virtual size: 928B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 108B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 380B - Virtual size: 380B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
sdbot_syn_secure_1/tools/cryptstr.tar.gz
.gz
cryptstr.tar
.tar
cryptstr
.elf linux x86
cryptstr.c
sdbot_syn_secure_1/tools/mkpasswd.exe
.exe windows:1 windows x86 arch:x86

a1750d7b3ec33bc47fd97f1c4db89efe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind

crtdll

__GetMainArgs
exit
getchar
gets
memcpy
memset
printf
raise
signal
strcat
strcmp
strncat
strncmp

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 132B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 168B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 528B - Virtual size: 528B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
sdbot_syn_secure_1/tools/mkpasswd.tar.gz
.gz
mkpasswd.tar
.tar
crypt.h
main
.elf linux x86
main.c
md5.c
md5sum.c
sdbot_syn_secure_1/tools/upx.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

L
Size: - Virtual size: 112KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

T
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rol
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e3f03b57f8c82ef8407ef77387caf7ef

Headers

File Characteristics

Imports

kernel32

crtdll

Sections

.text Size: 928B - Virtual size: 928B

.rdata Size: 88B - Virtual size: 88B

.data Size: 108B - Virtual size: 108B

.idata Size: 380B - Virtual size: 380B

a1750d7b3ec33bc47fd97f1c4db89efe

Headers

File Characteristics

Imports

kernel32

crtdll

Sections

.text Size: 5KB - Virtual size: 5KB

.bss Size: - Virtual size: 132B

.data Size: 168B - Virtual size: 168B

.idata Size: 528B - Virtual size: 528B

Headers

File Characteristics

Sections

L Size: - Virtual size: 112KB

T Size: 79KB - Virtual size: 80KB

UPX2 Size: 512B - Virtual size: 4KB

.rol Size: - Virtual size: 1B

.text
Size: 928B - Virtual size: 928B

.rdata
Size: 88B - Virtual size: 88B

.data
Size: 108B - Virtual size: 108B

.idata
Size: 380B - Virtual size: 380B

.text
Size: 5KB - Virtual size: 5KB

.bss
Size: - Virtual size: 132B

.data
Size: 168B - Virtual size: 168B

.idata
Size: 528B - Virtual size: 528B

L
Size: - Virtual size: 112KB

T
Size: 79KB - Virtual size: 80KB

UPX2
Size: 512B - Virtual size: 4KB

.rol
Size: - Virtual size: 1B