45b16ac4c17b3c346e80f614ad4a81db

General

Target

45b16ac4c17b3c346e80f614ad4a81db
Size

1.2MB
MD5

45b16ac4c17b3c346e80f614ad4a81db
SHA1

dffe6f068b1e65127d31288254e542b19cdb34af
SHA256

36a5093153aa18a55c3f7798bdfd025e98cdd2e5865f8d35753a2a27b52ac4fc
SHA512

4db7191676e777c4e362b4caf424732436a3e8474a29477991b923976f7f3c466fc784902b262b494b818101c39397e0227ced5b5fae45c5e24e4969242b3d51
SSDEEP

24576:aZxM5/8AMPE46pLOgu4RukJ8EC4R6GJGJZEVdaL06qRh2+5/a/pu2:aZgm+CgLRiXM6GA7E3KQk+Epu2

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/040211BleachMT2/devil.dll	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/040211BleachMT2/devil.dll	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/040211BleachMT2/BleachMT2.exe
unpack001/040211BleachMT2/devil.dll

Files

45b16ac4c17b3c346e80f614ad4a81db
.rar
040211BleachMT2/BleachMT2.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 276KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
040211BleachMT2/devil.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

_icalloc@8
iBindImageTemp
iConvertImage
iConvertPal
iCopyPal
iGetFlipped
ialloc
ifree
ilActiveImage
ilActiveLayer
ilActiveMipmap
ilApplyPal
ilApplyProfile
ilBindImage
ilBlit
ilClearColour
ilClearImage
ilClearImage_
ilCloneCurImage
ilCloseImage
ilClosePal
ilCompressFunc
ilConvertBuffer
ilConvertImage
ilConvertPal
ilCopyImage
ilCopyImageAttr
ilCopyImage_
ilCopyPixels
ilCreateSubImage
ilDefaultImage
ilDeleteImages
ilDisable
ilEnable
ilFormatFunc
ilGenImages
ilGetAlpha
ilGetBoolean
ilGetBooleanv
ilGetBppFormat
ilGetBppPal
ilGetBppType
ilGetClear
ilGetCurImage
ilGetCurName
ilGetDXTCData
ilGetData
ilGetError
ilGetInteger
ilGetIntegerv
ilGetLumpPos
ilGetPalBaseType
ilGetPalette
ilGetString
ilGetTypeBpc
ilHint
ilInit
ilIsDisabled
ilIsEnabled
ilIsImage
ilIsValid
ilIsValidF
ilIsValidL
ilIsValidPal
ilKeyColour
ilLoad
ilLoadData
ilLoadDataF
ilLoadDataL
ilLoadF
ilLoadFromJpegStruct
ilLoadImage
ilLoadL
ilLoadPal
ilNewImage
ilNextPower2
ilOriginFunc
ilOverlayImage
ilPopAttrib
ilPushAttrib
ilRegisterFormat
ilRegisterLoad
ilRegisterMipNum
ilRegisterNumImages
ilRegisterOrigin
ilRegisterPal
ilRegisterSave
ilRegisterType
ilRemoveLoad
ilRemoveSave
ilReplaceCurImage
ilResetMemory
ilResetRead
ilResetWrite
ilResizeImage
ilSave
ilSaveData
ilSaveF
ilSaveFromJpegStruct
ilSaveImage
ilSaveL
ilSavePal
ilSetCurImage
ilSetData
ilSetDuration
ilSetError
ilSetInteger
ilSetMemory
ilSetPal
ilSetPixels
ilSetRead
ilSetString
ilSetWrite
ilShutDown
ilTexImage
ilTexImage_
ilTexSubImage_
ilTypeFromExt
ilTypeFunc

Sections

UPX0
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 253KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
040211BleachMT2/pack/icon.eix

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 276KB - Virtual size: 273KB

.data Size: 136KB - Virtual size: 409KB

.data1 Size: 4KB - Virtual size: 2KB

.rsrc Size: 40KB - Virtual size: 39KB

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 1.2MB

UPX1 Size: 253KB - Virtual size: 256KB

.rsrc Size: 9KB - Virtual size: 12KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 276KB - Virtual size: 273KB

.data
Size: 136KB - Virtual size: 409KB

.data1
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 40KB - Virtual size: 39KB

UPX0
Size: - Virtual size: 1.2MB

UPX1
Size: 253KB - Virtual size: 256KB

.rsrc
Size: 9KB - Virtual size: 12KB