BI26012422[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

BI26012422.zip
Size

82.1MB
MD5

fe76b306e8c07555ac14eacaef851f89
SHA1

8132dd73ea1713562b334f1faa863f4dafca6369
SHA256

7c4581a748b6c7c1de5372f1091c080c43b4d3c4a668d74694cfdaa049015109
SHA512

561948dd83190762bc749e6fb089339350967dffaff247aa49e966e3a1508754eeba176f61e6c5d4f9a28b2014833656bc3ad6b6dac11efd8cdf4420ad95de69
SSDEEP

1572864:uCTnNo+2sM4SV732NqYrSOHt3yNh8HYNJtpAQPVqdKc+dFtjhJ6/Zq7t:uCTW+2sMJV732gYrDN384Y3PfJtl4/Y

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/BreakIt - 26.01.24/x4C7HmeFk7T8d2.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/BreakIt - 26.01.24/x4C7HmeFk7T8d2.exe
unpack002/out.upx

Files

BI26012422.zip
.zip
BreakIt - 26.01.24/BreakIt - Support/Bill - 26.01.24.png
.png
BreakIt - 26.01.24/BreakIt - Support/THANKING.txt
BreakIt - 26.01.24/VirusTotal - Result/virustotal.txt
BreakIt - 26.01.24/x4C7HmeFk7T8d2.exe
.exe windows:5 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 224KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 126KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 224KB

UPX1 Size: 126KB - Virtual size: 128KB

.rsrc Size: 61KB - Virtual size: 64KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 167KB - Virtual size: 167KB

.rdata Size: 75KB - Virtual size: 74KB

.data Size: 3KB - Virtual size: 12KB

.pdata Size: 9KB - Virtual size: 8KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 61KB - Virtual size: 61KB

.reloc Size: 2KB - Virtual size: 1KB

UPX0
Size: - Virtual size: 224KB

UPX1
Size: 126KB - Virtual size: 128KB

.rsrc
Size: 61KB - Virtual size: 64KB

.text
Size: 167KB - Virtual size: 167KB

.rdata
Size: 75KB - Virtual size: 74KB

.data
Size: 3KB - Virtual size: 12KB

.pdata
Size: 9KB - Virtual size: 8KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 61KB - Virtual size: 61KB

.reloc
Size: 2KB - Virtual size: 1KB