7d7ad2b107383a22e0a501724970ae14

Sharing

Copy URL Twitter E-mail

General

Target

7d7ad2b107383a22e0a501724970ae14
Size

1.9MB
MD5

7d7ad2b107383a22e0a501724970ae14
SHA1

4e878f22a8f43213305cc418b258b4185155e44a
SHA256

a08486b6ff8c9c616aa7e2ea59683f02383e302dd7253062167ec9e972425e5e
SHA512

5b1e14ab70322ed1ea965b901b51c8ca13369eb6a2dae4a8c327cf901d86e6bc329fa945c5aa92e47d6fd48f725214200fd9ffc9d004d72b9075d08e8b0cd434
SSDEEP

49152:m4inN6T5twvFWX2ORdg8gOkcBKxPojUpDAh49sl0bmeCBD5VJ:P5evFWNdxPBRUih49I0bmvJ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/imgview0.6 for R4/img2ipk.exe	upx
static1/unpack001/imgview0.6 for R4/misc/CoverMaker/CoverMaker.exe	upx
static1/unpack001/imgview0.6 for R4/misc/攋懝IPK僼傽僀儖廋暅僣乕儖.exe	upx

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/imgview0.6 for R4/img2ipk.exe
unpack001/imgview0.6 for R4/misc/CoverMaker/CoverMaker.exe
unpack001/imgview0.6 for R4/misc/攋懝IPK僼傽僀儖廋暅僣乕儖.exe

Files

7d7ad2b107383a22e0a501724970ae14
.rar
imgview0.6 for R4/example.ipk
imgview0.6 for R4/hist_eng.txt
imgview0.6 for R4/hist_jpn.txt
imgview0.6 for R4/img2ipk.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 496KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 313KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
imgview0.6 for R4/img2ipk.ini
imgview0.6 for R4/imgview.ini
imgview0.6 for R4/imgview06_R4TF_M3Simply-R4DS (MicroSD Card).nds
imgview0.6 for R4/misc/CoverMaker/CoverMaker.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 456KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 266KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
imgview0.6 for R4/misc/CoverMaker/Theme_Higurashi_H_01.ini
imgview0.6 for R4/misc/CoverMaker/Theme_Higurashi_H_01.png
.png
imgview0.6 for R4/misc/CoverMaker/Theme_Higurashi_H_Hart.ini
imgview0.6 for R4/misc/CoverMaker/Theme_Higurashi_H_Hart.png
.png
imgview0.6 for R4/misc/CoverMaker/Theme_Higurashi_H_Hukidashi.ini
imgview0.6 for R4/misc/CoverMaker/Theme_Higurashi_H_Hukidashi.png
.png
imgview0.6 for R4/misc/CoverMaker/Theme_Higurashi_H_lite.ini
imgview0.6 for R4/misc/CoverMaker/Theme_Higurashi_H_lite.png
.png
imgview0.6 for R4/misc/CoverMaker/Theme_Higurashi_H_mado.ini
imgview0.6 for R4/misc/CoverMaker/Theme_Higurashi_H_mado.png
.png
imgview0.6 for R4/misc/CoverMaker/Theme_Higurashi_V_lite.ini
imgview0.6 for R4/misc/CoverMaker/Theme_Higurashi_V_lite.png
.png
imgview0.6 for R4/misc/CoverMaker/Theme_Simple_H.ini
imgview0.6 for R4/misc/CoverMaker/Theme_Simple_H.png
.png
imgview0.6 for R4/misc/CoverMaker/Theme_Simple_H.psd
imgview0.6 for R4/misc/CoverMaker/Theme_Simple_V.ini
imgview0.6 for R4/misc/CoverMaker/Theme_Simple_V.png
.png
imgview0.6 for R4/misc/CoverMaker/Theme_Simple_V.psd
imgview0.6 for R4/misc/CoverMaker/Theme_Title_H.ini
imgview0.6 for R4/misc/CoverMaker/Theme_Title_H.png
.png
imgview0.6 for R4/misc/CoverMaker/Theme_Title_H.psd
imgview0.6 for R4/misc/CoverMaker/Theme_Title_V.ini
imgview0.6 for R4/misc/CoverMaker/Theme_Title_V.png
.png
imgview0.6 for R4/misc/CoverMaker/Theme_Title_V.psd
imgview0.6 for R4/misc/CoverMaker/Theme_儕儃儞_H.ini
imgview0.6 for R4/misc/CoverMaker/Theme_儕儃儞_H.png
.png
imgview0.6 for R4/misc/CoverMaker/Theme_儕儃儞_V.ini
imgview0.6 for R4/misc/CoverMaker/Theme_儕儃儞_V.png
.png
imgview0.6 for R4/misc/CoverMaker/Theme_忺傝榞(壴).ini
imgview0.6 for R4/misc/CoverMaker/Theme_忺傝榞(壴).png
.png
imgview0.6 for R4/misc/攋懝IPK僼傽僀儖廋暅僣乕儖.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 280KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 162KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
imgview0.6 for R4/readme_eng.txt
imgview0.6 for R4/readme_jpn.txt
imgview0.6 for R4/说明.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 496KB

UPX1 Size: 313KB - Virtual size: 316KB

.rsrc Size: 5KB - Virtual size: 8KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 456KB

UPX1 Size: 266KB - Virtual size: 268KB

.rsrc Size: 5KB - Virtual size: 8KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 280KB

UPX1 Size: 162KB - Virtual size: 164KB

.rsrc Size: 4KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 496KB

UPX1
Size: 313KB - Virtual size: 316KB

.rsrc
Size: 5KB - Virtual size: 8KB

UPX0
Size: - Virtual size: 456KB

UPX1
Size: 266KB - Virtual size: 268KB

.rsrc
Size: 5KB - Virtual size: 8KB

UPX0
Size: - Virtual size: 280KB

UPX1
Size: 162KB - Virtual size: 164KB

.rsrc
Size: 4KB - Virtual size: 4KB