General

  • Target

    5ad2a440d17c3dd6dea91e6e2d25626a0e77a08206625674fbf7ecf4c573b581

  • Size

    4.4MB

  • MD5

    f66f738c249cf222b15561bce38c8667

  • SHA1

    9479d9c4ddb2a3600732e6a39a02aa9e2e9026b8

  • SHA256

    5ad2a440d17c3dd6dea91e6e2d25626a0e77a08206625674fbf7ecf4c573b581

  • SHA512

    b469460cd9668b3ab22b07102181c93c97bc42f00309ca348c6c361b500e335acb037395de5e59e12994ce0fd3d956c6b0e3a9dea95696fe972a5b9f92742b51

  • SSDEEP

    98304:eM5ediVABwD8LvphlVhFnl96o7ydzabo+GCAMwdlKlSwx8wOMI:eM5kiSBTLBXXB/6BZso+GloSS5JI

Score
9/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

Files

  • 5ad2a440d17c3dd6dea91e6e2d25626a0e77a08206625674fbf7ecf4c573b581
    .zip
  • tfsgzfffz_gr/EThread.fne
    .dll windows x86

    63cbf8bd20c1290cfab1ed83b71ea939


    Headers

    Imports

    Exports

    Sections

  • tfsgzfffz_gr/HtmlView.fne
    .dll windows x86

    4dd740d34ccc499f7834e48dc7fd30a4


    Headers

    Imports

    Exports

    Sections

  • tfsgzfffz_gr/IPHlpApi.lib
  • tfsgzfffz_gr/SkinH_EL.dll
    .dll windows x86


    Headers

    Exports

    Sections

  • tfsgzfffz_gr/USER32.LIB
  • tfsgzfffz_gr/WININET.LIB
  • tfsgzfffz_gr/com.run
    .dll windows x86

    5867874cfed7eebbf10ef059dbad6450


    Headers

    Imports

    Exports

    Sections

  • tfsgzfffz_gr/dp1.fne
    .dll windows x86

    f4b4bca30df7e9c871bbc7c4aade35c8


    Headers

    Imports

    Exports

    Sections

  • tfsgzfffz_gr/eAPI.fne
    .dll windows x86

    a8ae28fb7870151eb1647d665ac5f31c


    Headers

    Imports

    Exports

    Sections

  • tfsgzfffz_gr/eMMedia.fne
    .dll regsvr32 windows x86

    f55e1fa95f66780a39514dfcf98ab337


    Headers

    Imports

    Exports

    Sections

  • tfsgzfffz_gr/fpmt12297
    .exe windows x86

    ae0a5112fe1176f4e5f6e1bc95e4c209


    Headers

    Imports

    Sections

  • tfsgzfffz_gr/iext.fnr
    .dll windows x86

    c026af21a6e107158b65bf9034b57c76


    Headers

    Imports

    Exports

    Sections

  • tfsgzfffz_gr/iext2.fne
    .dll windows x86

    7286ba50216c69a37eae6422826c4a4f


    Headers

    Imports

    Exports

    Sections

  • tfsgzfffz_gr/iext3.fne
    .dll windows x86

    828de777d0d26938b2b88952971795a1


    Headers

    Imports

    Exports

    Sections

  • tfsgzfffz_gr/iext5.fne
    .dll windows x86

    2cc11dbc00e8912d9e9e4d405d729709


    Headers

    Imports

    Exports

    Sections

  • tfsgzfffz_gr/internet.fne
    .dll windows x86

    947a94c34d0476950a2cd72e8004382c


    Headers

    Imports

    Exports

    Sections

  • tfsgzfffz_gr/kernel32.udd
  • tfsgzfffz_gr/krnln.fne
    .dll windows x86

    9fd3cbd6e4bcb197c9dcf1b36d9624c7


    Headers

    Imports

    Exports

    Sections

  • tfsgzfffz_gr/krnln.fnr
    .dll windows x86

    3fe89fa8d80000c8c9aa487e9ab5b867


    Headers

    Imports

    Exports

    Sections

  • tfsgzfffz_gr/shell.fne
    .dll windows x86

    982b55eb63f51858ab5dbdb343dfc3f3


    Headers

    Imports

    Exports

    Sections

  • tfsgzfffz_gr/spec.fne
    .dll windows x86

    be3fe1d11f8ee4e772d13163095b126a


    Headers

    Imports

    Exports

    Sections

  • tfsgzfffz_gr/东坡下载说明.txt
  • tfsgzfffz_gr/东坡软件下载.url
    .url
  • tfsgzfffz_gr/塔防三国志菲菲辅助V5.8.exe
    .exe windows x86

    ae0a5112fe1176f4e5f6e1bc95e4c209


    Headers

    Imports

    Sections