General

  • Target

    New folder (4).rar

  • Size

    1.1MB

  • MD5

    356f6e8762d1d5bc83d902e5d75e0533

  • SHA1

    82a22059cac559ceb65019edf0b6ff0d4bb17bcc

  • SHA256

    7a8aee0ff7f0eb5c8eda7fecdad3616e44adf6da1cd89dac50ae7e322f9d9ce3

  • SHA512

    8747c1ee01dd7fe2d0e09354c3fd24b273aca7dd4c2bd9117a515b5e626d6397913bba45c32e05d5de5a3e19bccd988256244c1a671cc55b31c3796a902c92c1

  • SSDEEP

    24576:LkxtJ6z9Gt46DvZsUuA3lVVBnM/CMp/cmRHm1E06Bbq:Lk389Gt46DBsRMlVMaMp/FH9Bbq

Score
9/10
upx

Malware Config

Signatures

  • Detected Nirsoft tools 12 IoCs

    Free utilities often used by attackers which can steal passwords, product keys, etc.

  • NirSoft MailPassView 1 IoCs

    Password recovery tool for various email clients

  • NirSoft WebBrowserPassView 1 IoCs

    Password recovery tool for various web browsers

  • UPX packed file 6 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 15 IoCs

    Checks for missing Authenticode signature.

Files

  • New folder (4).rar
    .rar
  • New folder (4)/free robbux/BrowsingHistoryView.exe
    .exe windows:4 windows x86 arch:x86

    1646aac7ca275f80eea62f58f5805cfc


    Code Sign

    Headers

    Imports

    Sections

  • New folder (4)/free robbux/ChromeHistoryView.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • New folder (4)/free robbux/ChromePass.cfg
  • New folder (4)/free robbux/ChromePass.exe
    .exe windows:4 windows x86 arch:x86

    d8199d1ceb9095a2f8fb9efefd4d6df1


    Headers

    Imports

    Sections

  • New folder (4)/free robbux/OperaPassView.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • New folder (4)/free robbux/PasswordFox.cfg
  • New folder (4)/free robbux/PasswordFox.exe
    .exe windows:4 windows x86 arch:x86

    0c1cc348cdf4220d099e042ad8198507


    Headers

    Imports

    Sections

  • New folder (4)/free robbux/README.md
  • New folder (4)/free robbux/RouterPassView.exe
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • New folder (4)/free robbux/SkypeLogView.exe
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • New folder (4)/free robbux/WebBrowserPassView.exe
    .exe windows:4 windows x86 arch:x86

    0b724349c1c21f22b761c2f8ff385ec3


    Headers

    Imports

    Sections

  • New folder (4)/free robbux/autorun.inf
  • New folder (4)/free robbux/av.ico
  • New folder (4)/free robbux/iepv.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • New folder (4)/free robbux/mailpv.cfg
  • New folder (4)/free robbux/mailpv.exe
    .exe windows:4 windows x86 arch:x86

    0b809905358c0eaa9b7750661bba40ef


    Headers

    Imports

    Sections

  • New folder (4)/free robbux/mspass.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • New folder (4)/free robbux/pspv.exe
    .exe windows:4 windows x86 arch:x86

    a625442ad6eaa488d197846f8b30467b


    Headers

    Imports

    Sections

  • New folder (4)/free robbux/robuxboi.bat
  • New folder (4)/free robbux/webbrowserpassview.cfg