CollapseLoader-1[.]2[.]5[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

CollapseLoader-1.2.5.zip
Size

561KB
MD5

28b01b6784ac56d3654c7be1a12be7a9
SHA1

ab1f59f9d22f6dfd0ffa66fbb64719045413ed47
SHA256

9309cbe621ced13494dd892250ea9ef33716713f316c384ad094b7dbd1ff73a3
SHA512

4528a80853f5d24aa2f0296c6b257a441bc86f824f0b474d6dfbda9985a5861ff4bcfc4731adc5c7b913f2a6433edaaf92bb82fd7d401b453c1272b343db7dff
SSDEEP

12288:AjhP5pYyRfJsBQpUcMa3GCIaoiNFbf1TsW3suy2t8RjZ99t6FRzcHFNw:A7tOBQpUnCI4bFRNya8ZZ16DclNw

Score

8^/10

upx

Malware Config

Signatures

Patched UPX-packed file 1 IoCs

Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.

resource	yara_rule
static1/unpack002/out.upx	patched_upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/CollapseLoader-1.2.5/upx/upx.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CollapseLoader-1.2.5/upx/upx.exe
unpack002/out.upx

Files

CollapseLoader-1.2.5.zip
.zip
CollapseLoader-1.2.5/.github/workflows/main.yml
.ps1
CollapseLoader-1.2.5/.gitignore
CollapseLoader-1.2.5/.vscode/launch.json
CollapseLoader-1.2.5/README.md
CollapseLoader-1.2.5/builder.py
CollapseLoader-1.2.5/collapse/main.py
CollapseLoader-1.2.5/collapse/utils/API.py
CollapseLoader-1.2.5/collapse/utils/Cheat.py
CollapseLoader-1.2.5/collapse/utils/CheatCleaner.py
CollapseLoader-1.2.5/collapse/utils/Cheats.py
CollapseLoader-1.2.5/collapse/utils/Data.py
CollapseLoader-1.2.5/collapse/utils/Fabric/FabricCheat.py
CollapseLoader-1.2.5/collapse/utils/LogChecker.py
CollapseLoader-1.2.5/collapse/utils/Logger.py
CollapseLoader-1.2.5/collapse/utils/Logo.py
CollapseLoader-1.2.5/collapse/utils/ModManager.py
CollapseLoader-1.2.5/collapse/utils/RPC.py
CollapseLoader-1.2.5/collapse/utils/Registry.py
CollapseLoader-1.2.5/collapse/utils/Selector.py
CollapseLoader-1.2.5/collapse/utils/Settings.py
CollapseLoader-1.2.5/collapse/utils/Updater.py
CollapseLoader-1.2.5/logo.ico
CollapseLoader-1.2.5/requirements.txt
CollapseLoader-1.2.5/run.py
CollapseLoader-1.2.5/scripts/ci_cd.ps1
CollapseLoader-1.2.5/scripts/un_ci_cd.ps1
CollapseLoader-1.2.5/upx/upx.exe
.exe windows:4 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 547KB - Virtual size: 548KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 896KB - Virtual size: 896KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.5MB

UPX1 Size: 547KB - Virtual size: 548KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 896KB - Virtual size: 896KB

.data Size: 3KB - Virtual size: 2KB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.pdata Size: 35KB - Virtual size: 34KB

.xdata Size: 36KB - Virtual size: 36KB

.bss Size: - Virtual size: 12KB

.idata Size: 6KB - Virtual size: 5KB

.CRT Size: 512B - Virtual size: 112B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 1KB - Virtual size: 1KB

UPX0
Size: - Virtual size: 1.5MB

UPX1
Size: 547KB - Virtual size: 548KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 896KB - Virtual size: 896KB

.data
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.pdata
Size: 35KB - Virtual size: 34KB

.xdata
Size: 36KB - Virtual size: 36KB

.bss
Size: - Virtual size: 12KB

.idata
Size: 6KB - Virtual size: 5KB

.CRT
Size: 512B - Virtual size: 112B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1KB - Virtual size: 1KB