8072afc38d75f1952ebf07f25969684c

Sharing

Copy URL Twitter E-mail

General

Target

8072afc38d75f1952ebf07f25969684c
Size

238KB
MD5

8072afc38d75f1952ebf07f25969684c
SHA1

638d30d2a0afcdfb14f85fd829258e1649cecba1
SHA256

31c031a7a15b09da093b5256a165f7d91a5344d249d8ea4af7fec7299fc154bf
SHA512

946928b8a4b071d644fecfc1315e409d30da383a52cd41562d8da76406e5c448c0545c75a2aa5aff882fbd1944fa90896cc805e36d63e7bf3ac014d5a2fc5bfd
SSDEEP

6144:96g+uAZK3svcLWgX4vGqYQYx+Dr26mZ35pWUMcFw:96JupuXE4vaHx+kpKJ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/beat.exe	upx

Unsigned PE 13 IoCs

Checks for missing Authenticode signature.

resource
unpack001/AceMan - Wind Me Up.exe
unpack001/AceMan - Wonders from a Hat.exe
unpack001/LaFemmeImmortelle.exe
unpack001/Punqtured-Auf_Wiederscene.exe
unpack001/beat.exe
unpack002/out.upx
unpack001/bf-goodbye_bp.exe
unpack001/dalezy_-_monolith.exe
unpack001/horizon.exe
unpack001/m0d_-_nebulous_fiction.exe
unpack001/payne_the_glassbottle_incident.exe
unpack001/teo-sunbeam.exe
unpack001/wayfinder-spherical.exe

Files

8072afc38d75f1952ebf07f25969684c
.rar
AceMan - Wind Me Up.exe
.exe windows:5 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress

Sections

kkrunchy
Size: 27KB - Virtual size: 5.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
AceMan - Wonders from a Hat.exe
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 30KB - Virtual size: 164KB
LaFemmeImmortelle.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Sections

packerBY
Size: - Virtual size: 136KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bero^fr
Size: 28KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Punqtured-Auf_Wiederscene.exe
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

8
Size: 29KB - Virtual size: 99KB
beat.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 3.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
bf-goodbye_bp.exe
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

12�o��
Size: 64KB - Virtual size: 2777.1MB
dalezy_-_monolith.exe
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 12KB - Virtual size: 3.2MB
horizon.exe
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 14KB - Virtual size: 876KB
m0d_-_nebulous_fiction.exe
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 20KB - Virtual size: 3.3MB
payne_the_glassbottle_incident.exe
.exe windows:5 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress

Sections

kkrunchy
Size: 16KB - Virtual size: 6.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
teo-sunbeam.exe
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 11KB - Virtual size: 3.2MB
wayfinder-spherical.exe
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 15KB - Virtual size: 3.2MB

Sharing

General

Malware Config

Signatures

Files

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

kkrunchy Size: 27KB - Virtual size: 5.9MB

Headers

File Characteristics

Sections

 Size: 30KB - Virtual size: 164KB

Headers

File Characteristics

Sections

packerBY Size: - Virtual size: 136KB

bero^fr Size: 28KB - Virtual size: 60KB

Headers

File Characteristics

Sections

8 Size: 29KB - Virtual size: 99KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 3.2MB

UPX1 Size: 15KB - Virtual size: 16KB

UPX2 Size: 512B - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 19KB - Virtual size: 3.2MB

Headers

File Characteristics

Sections

12�o�� Size: 64KB - Virtual size: 2777.1MB

Headers

File Characteristics

Sections

Size: 12KB - Virtual size: 3.2MB

Headers

File Characteristics

Sections

 Size: 14KB - Virtual size: 876KB

Headers

File Characteristics

Sections

Size: 20KB - Virtual size: 3.3MB

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

kkrunchy Size: 16KB - Virtual size: 6.0MB

Headers

File Characteristics

Sections

Size: 11KB - Virtual size: 3.2MB

Headers

File Characteristics

Sections

 Size: 15KB - Virtual size: 3.2MB

kkrunchy
Size: 27KB - Virtual size: 5.9MB

Size: 30KB - Virtual size: 164KB

packerBY
Size: - Virtual size: 136KB

bero^fr
Size: 28KB - Virtual size: 60KB

8
Size: 29KB - Virtual size: 99KB

UPX0
Size: - Virtual size: 3.2MB

UPX1
Size: 15KB - Virtual size: 16KB

UPX2
Size: 512B - Virtual size: 4KB

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 19KB - Virtual size: 3.2MB

12�o��
Size: 64KB - Virtual size: 2777.1MB

Size: 14KB - Virtual size: 876KB

kkrunchy
Size: 16KB - Virtual size: 6.0MB

Size: 15KB - Virtual size: 3.2MB