Overview

overview

10

Static

static

10

06ffb7bbd7...da3906

linux_amd64

06ffb7bbd7...da3906

linux_mipsel

06ffb7bbd7...da3906

linux_mips

154080c584...95.msi

windows7_x64

8

154080c584...95.msi

windows10_x64

8

1650ced30c...c5.exe

windows7_x64

1650ced30c...c5.exe

windows10_x64

1a70a7de8a...4a.exe

windows7_x64

8

1a70a7de8a...4a.exe

windows10_x64

8

ISSUES INV....1.exe

windows7_x64

10

ISSUES INV....1.exe

windows10_x64

10

350fbd43ce...ed.exe

windows7_x64

350fbd43ce...ed.exe

windows10_x64

44faf11719...12.exe

windows7_x64

1

44faf11719...12.exe

windows10_x64

1

4853dc09bb...5f6.js

windows7_x64

1

4853dc09bb...5f6.js

windows10_x64

1

4ba637df90...3f4a9e

linux_amd64

4ba637df90...3f4a9e

linux_mipsel

4ba637df90...3f4a9e

linux_mips

4f8c1840d6...92df06

linux_amd64

4f8c1840d6...92df06

linux_mipsel

4f8c1840d6...92df06

linux_mips

623534bf15...72.vbs

windows7_x64

10

623534bf15...72.vbs

windows10_x64

10

65df637db2...00083b

linux_amd64

65df637db2...00083b

linux_mipsel

65df637db2...00083b

linux_mips

717ad3ee2b...47.dll

windows7_x64

10

717ad3ee2b...47.dll

windows10_x64

10

71ba20bdd8...99.pps

windows7_x64

10

71ba20bdd8...99.pps

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1.zip

  • Size

    9.2MB

  • MD5

    b058ec95cb680a10ef84508b3e59dcb0

  • SHA1

    c2f5087a31b4724609fde3df3baba836a675b85d

  • SHA256

    a1c7157e3d321dc5966c65601335e053edb2c4a1e6cf4f1f678b974a4f2dbf26

  • SHA512

    d065692a5fac686a37bd93a609c7abc21574986a2097b91f28d6882f04bd38d5b81dd058176dc632bee913f5a2e172a03ada8c0d1b0bcbf0b5a82adb9d011c47

Score
10/10
macroxlm

Malware Config

Signatures

  • .NET Reactor proctector 1 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Suspicious Office macro 3 IoCs

    Office document equipped with 4.0 macros.

    macroxlm
  • NSIS installer 2 IoCs
    installer

Files

  • 1.zip
    .zip

    Password: infected

  • 06ffb7bbd7dd6a47bd3fdb77f86e2bc3b3a9d0112496eed24f75581164da3906
    .elf linux
  • 154080c5844ed76332320fcf3f1773391d80200f18f9025fd05b55b86f8ff795
    .msi
  • 1650ced30cfb68451bb432b44f72fa93687d95d83f70fa039658d8cb665508c5
    .exe windows x86


  • 1a70a7de8a393638b80336e9d2b225c2fd199d9d3eed3ad2c007656cc20c2b4a
    .exe windows x86


  • 2771c9b15d6a7ce670af03b2709545a4553f187098db3ac7616b25aa8067bd1e
    .rar
  • ISSUES INVOICE E-4136 REV.1.exe
    .exe windows x86


  • 350fbd43ce6f7d1d3d636aa5b94187d4dcc8e866527cfdc9c9ce226aea3500ed
    .exe windows x86


  • 44faf11719b3a679e7a6dd5db40033ec4dd6e1b0361c145b81586cb735a64112
    .exe windows x86


  • 4853dc09bbd4a61610a354d5fcd0f9e376e284124c5ff949ba49457eed1f55f6
    .js
  • 4ba637df90076330cdace697a87aafc6dd1d1b3a35b4ad924aad80aa7c3f4a9e
    .elf linux x86
  • 4f8c1840d692d8248f3b7cb478acfbb7e65bdeecd64790a163eaa0db5592df06
    .elf linux x64
  • 623534bf150f2538edb27e51ed56b92f464adb5da8e2db378ec3a666fcb64772
    .vbs
  • 65df637db227ff1685bdf82ab676de4ed70bffd4c96e6cde70d575217700083b
    .elf linux x64
  • 717ad3ee2b9ae94aac5bd01bce9bb945d8c620e3a60f241864dede3646f3dd47
    .dll windows x86 regsvr32


    Exports

  • 71ba20bdd899fde2a4e2967bc6c719f2c96146cc80c3dd8953431cb82d4df199
    .pps windows office2003
  • 7696fa96542ff737b9eb4152fb3e2c0c04c5972d724d93efe7666fb4b7038f4f
    .exe windows x86


  • 89ab99f5721b691e5513f4192e7c96eb0981ddb6c2d2b94c1a32e2df896397b8
    .exe windows x86


  • 8bcc9ea07aa49b1c774327cb2fffaea269806805538b40aa8b7d2a89b8cfbca8
    .dll windows x86


  • 8eb3ba4bf74f0ec17a13a504d3f68a9ce7a71b93b2b1b5274b691b17ecc1a3ed
    .exe windows x86


  • 90bfa67161e3c835aa16b29bf8861fa138708af978597e1a04ff98e79ed61a53
    .dll windows x86


  • a44afa0907b48e04657561e24ca6e009777c607827d08086dff676b1249b9de9
    .dll windows x86 regsvr32


    Exports

  • b057ac2640418b1490c82aaaee24b62a76b94a6e47e0b4ed7fb19fd030783b6d
    .elf linux x86
  • b360aec1b9a2f3bd41c1fdf68acb487728fce3e7b47dbaeffd7dbb6fab621baa
    .elf linux sh
  • b4eb8e75e74fb03a7a28cf17d98413fed877a43137d458e488216f8e938c551c
    .xls windows office2003
  • be96e4fd3e4b3e9420aff07aa8865c1900f1ecb4f52297bfcccb254ef263a737
    .vbs
  • bfd643cf18986969f199d1deb54a11af5d4b62c118d17ab8ee473eb758839814
    .ps1
  • c41074592226333dee840e9164629107ee070cc7eee344a11720578fe7e52acd
  • c7a9cf7edcb74210ab3d98121f29f8ca4c54d11e3d0240edc7ecdbe9e1a85e2e
    .exe windows x86


  • d2efca8ecf1e864e10c22469f0e1d06cdc17a8c4b5aa4afe0975525230171042
    .exe windows x86


  • d8cee88209eafdf76e683c275e9bcd74f02f3604d70fd5591a272d7320e1e27b
    .rar
  • Order items 2652-21-22.exe
    .exe windows x86


  • e24f03db97f321cac1a81ae747465be307c949c91d366941e9501d42c3c7a8ed
    .exe windows x86