Resubmissions

30/03/2024, 14:33

240330-rxab8shb28 8

01/05/2023, 11:52

230501-n15e1ahb8s 10

21/03/2023, 09:18

230321-k9l38she38 1

General

  • Target

    pcworldx64installer.zip

  • Size

    11.3MB

  • MD5

    9ac2d6a90b5fad415a589907dd5ea7ea

  • SHA1

    bd41eb8d00f88972812752bbe3a3be91d986d73f

  • SHA256

    13716fdf716aa8479df57501ce208cae4fc31e5a5bb9f483764ba76fdbea4b0d

  • SHA512

    bb19610fe3dcd940e81d09ad65523b784bab2162609d960166528e40bbd998ff8eed275dd888b59052e70b18766621c092ea5fc388d39bea4a7f694190c9379f

  • SSDEEP

    196608:4DiDSy66GIbqTpOSLRfyvA8QRGqtgA9aHPa4eAYwKbacjTy1tdW9Rd+PrLv+8Otp:4DQQZFh8Qb6VHPd8wKbacjTy1O9RkfWj

Score
1/10

Malware Config

Signatures

Files

  • pcworldx64installer.zip
    .zip
  • .local/.threat_dragon/.git/HEAD
  • .local/.threat_dragon/.git/config
  • .local/.threat_dragon/.git/description
  • .local/.threat_dragon/.git/index
  • .local/.threat_dragon/.git/packed-refs
  • .local/.threat_dragon/.gitattributes
  • .local/.threat_dragon/.gitignore
  • .local/.threat_dragon/.jshintignore
  • .local/.threat_dragon/.jshintrc
  • .local/.threat_dragon/.snyk
  • .local/.threat_dragon/.travis.yml
  • .local/.threat_dragon/LICENSE.txt
  • .local/.threat_dragon/README.md
  • .local/.threat_dragon/app/app.js
    .js
  • .local/.threat_dragon/app/config.autoupdate.js
    .js
  • .local/.threat_dragon/app/config.exceptionHandler.js
    .js
  • .local/.threat_dragon/app/config.route.js
    .js
  • .local/.threat_dragon/app/layout/index.js
    .js
  • .local/.threat_dragon/app/layout/shell.html
  • .local/.threat_dragon/app/layout/shell.js
    .js
  • .local/.threat_dragon/app/layout/update.html
  • .local/.threat_dragon/app/services/datacontext.js
    .js
  • .local/.threat_dragon/app/services/datacontextdemo.js
    .js
  • .local/.threat_dragon/app/services/electron.js
    .js
  • .local/.threat_dragon/app/services/index.js
    .js
  • .local/.threat_dragon/app/services/threatmodellocator.js
    .js
  • .local/.threat_dragon/app/threatmodels/desktopreport.html
  • .local/.threat_dragon/app/threatmodels/desktopreport.js
    .js
  • .local/.threat_dragon/app/threatmodels/index.js
    .js
  • .local/.threat_dragon/app/welcome/index.js
    .js
  • .local/.threat_dragon/app/welcome/welcome.html
  • .local/.threat_dragon/app/welcome/welcome.js
    .js
  • .local/.threat_dragon/config/squirrel.js
    .js
  • .local/.threat_dragon/content/app.css
  • .local/.threat_dragon/content/bootstrap-custom.css
  • .local/.threat_dragon/content/bootstrap-theme.css
  • .local/.threat_dragon/content/icons/icon.icns
  • .local/.threat_dragon/content/icons/icon.ico
  • .local/.threat_dragon/content/icons/png/1024x1024.gif
    .gif
  • .local/.threat_dragon/content/icons/png/1024x1024.png
    .png
  • .local/.threat_dragon/content/icons/png/128x128.png
    .png
  • .local/.threat_dragon/content/icons/png/16x16.png
    .png
  • .local/.threat_dragon/content/icons/png/24x24.png
    .png
  • .local/.threat_dragon/content/icons/png/256x256.png
    .png
  • .local/.threat_dragon/content/icons/png/32x32.png
    .png
  • .local/.threat_dragon/content/icons/png/48x48.png
    .png
  • .local/.threat_dragon/content/icons/png/512x512.png
    .png
  • .local/.threat_dragon/content/icons/png/64x64.png
    .png
  • .local/.threat_dragon/content/icons/png/96x96.png
    .png
  • .local/.threat_dragon/content/icons/png/cupcakes-installing.gif
    .gif
  • .local/.threat_dragon/content/icons/win/td.ico
  • .local/.threat_dragon/content/images/threatdragon.ico
  • .local/.threat_dragon/content/images/threatdragon_logo_image.svg
  • .local/.threat_dragon/content/images/thumbnail.jpg
    .jpg
  • .local/.threat_dragon/content/threatdragon.css
  • .local/.threat_dragon/content/threatdragon.min.css
  • .local/.threat_dragon/content/ubuntu.css
  • .local/.threat_dragon/electron-builder.json
  • .local/.threat_dragon/fonts/4iCs6KVjbNBYlgoKfw72.woff2
  • .local/.threat_dragon/fonts/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
  • .local/.threat_dragon/fonts/FontAwesome.otf
  • .local/.threat_dragon/fonts/fontawesome-webfont.eot
  • .local/.threat_dragon/fonts/fontawesome-webfont.svg
    .xml
  • .local/.threat_dragon/fonts/fontawesome-webfont.ttf
  • .local/.threat_dragon/fonts/fontawesome-webfont.woff
  • .local/.threat_dragon/fonts/fontawesome-webfont.woff2
  • .local/.threat_dragon/fonts/glyphicons-halflings-regular.eot
  • .local/.threat_dragon/fonts/glyphicons-halflings-regular.svg
    .xml
  • .local/.threat_dragon/fonts/glyphicons-halflings-regular.ttf
  • .local/.threat_dragon/fonts/glyphicons-halflings-regular.woff
  • .local/.threat_dragon/fonts/glyphicons-halflings-regular.woff2
  • .local/.threat_dragon/index.html
    .html
  • .local/.threat_dragon/installer-lin.js
    .js
  • .local/.threat_dragon/installer-osx.js
    .js
  • .local/.threat_dragon/installer-win.js
    .js
  • .local/.threat_dragon/karma.conf.js
    .js
  • .local/.threat_dragon/main.js
    .js
  • .local/.threat_dragon/package-lock.json
  • .local/.threat_dragon/package.json
  • .local/.threat_dragon/public/content/images/thumbnail.jpg
    .jpg
  • .local/.threat_dragon/screenshots/diagram.PNG
    .png
  • .local/.threat_dragon/screenshots/threat.PNG
    .png
  • .local/.threat_dragon/screenshots/welcome.PNG
    .png
  • .local/.threat_dragon/tests/specs/datacontext_spec.js
    .js
  • .local/.threat_dragon/tests/specs/datacontextdemo_spec.js
    .js
  • .local/.threat_dragon/tests/specs/desktopreport_spec.js
    .js
  • .local/.threat_dragon/tests/specs/shell_spec.js
    .js
  • .local/.threat_dragon/tests/specs/support/jasmin.json
  • .local/.threat_dragon/tests/specs/test.js
    .js
  • .local/.threat_dragon/tests/specs/threatmodellocator_spec.js
    .js
  • .local/.threat_dragon/tests/specs/welcome_spec.js
    .js
  • .local/bin/normalizer
    .sh linux
  • .local/certifi-2021.5.30.dist-info/INSTALLER
  • .local/certifi-2021.5.30.dist-info/LICENSE
  • .local/certifi-2021.5.30.dist-info/METADATA
  • .local/certifi-2021.5.30.dist-info/RECORD
  • .local/certifi-2021.5.30.dist-info/WHEEL
  • .local/certifi-2021.5.30.dist-info/top_level.txt
  • .local/certifi/__init__.py
  • .local/certifi/__main__.py
  • .local/certifi/__pycache__/__init__.cpython-38.pyc
  • .local/certifi/__pycache__/__main__.cpython-38.pyc
  • .local/certifi/__pycache__/core.cpython-38.pyc
  • .local/certifi/cacert.pem
  • .local/certifi/core.py
  • .local/charset_normalizer-2.0.3.dist-info/INSTALLER
  • .local/charset_normalizer-2.0.3.dist-info/LICENSE
  • .local/charset_normalizer-2.0.3.dist-info/METADATA
  • .local/charset_normalizer-2.0.3.dist-info/RECORD
  • .local/charset_normalizer-2.0.3.dist-info/WHEEL
  • .local/charset_normalizer-2.0.3.dist-info/entry_points.txt
  • .local/charset_normalizer-2.0.3.dist-info/top_level.txt
  • .local/charset_normalizer/__init__.py
  • .local/charset_normalizer/__pycache__/__init__.cpython-38.pyc
  • .local/charset_normalizer/__pycache__/api.cpython-38.pyc
  • .local/charset_normalizer/__pycache__/cd.cpython-38.pyc
  • .local/charset_normalizer/__pycache__/constant.cpython-38.pyc
  • .local/charset_normalizer/__pycache__/legacy.cpython-38.pyc
  • .local/charset_normalizer/__pycache__/md.cpython-38.pyc
  • .local/charset_normalizer/__pycache__/models.cpython-38.pyc
  • .local/charset_normalizer/__pycache__/utils.cpython-38.pyc
  • .local/charset_normalizer/__pycache__/version.cpython-38.pyc
  • .local/charset_normalizer/api.py
  • .local/charset_normalizer/assets/__init__.py
  • .local/charset_normalizer/assets/__pycache__/__init__.cpython-38.pyc
  • .local/charset_normalizer/cd.py
  • .local/charset_normalizer/cli/__pycache__/__init__.cpython-38.pyc
  • .local/charset_normalizer/cli/__pycache__/normalizer.cpython-38.pyc
  • .local/charset_normalizer/cli/normalizer.py
  • .local/charset_normalizer/constant.py
  • .local/charset_normalizer/legacy.py
  • .local/charset_normalizer/md.py
  • .local/charset_normalizer/models.py
  • .local/charset_normalizer/utils.py
  • .local/charset_normalizer/version.py
  • .local/idna-3.2.dist-info/INSTALLER
  • .local/idna-3.2.dist-info/LICENSE.md
  • .local/idna-3.2.dist-info/METADATA
  • .local/idna-3.2.dist-info/RECORD
  • .local/idna-3.2.dist-info/WHEEL
  • .local/idna-3.2.dist-info/top_level.txt
  • .local/idna/__init__.py
  • .local/idna/__pycache__/__init__.cpython-38.pyc
  • .local/idna/__pycache__/codec.cpython-38.pyc
  • .local/idna/__pycache__/compat.cpython-38.pyc
  • .local/idna/__pycache__/core.cpython-38.pyc
  • .local/idna/__pycache__/idnadata.cpython-38.pyc
  • .local/idna/__pycache__/intranges.cpython-38.pyc
  • .local/idna/__pycache__/package_data.cpython-38.pyc
  • .local/idna/__pycache__/uts46data.cpython-38.pyc
  • .local/idna/codec.py
  • .local/idna/compat.py
  • .local/idna/core.py
  • .local/idna/idnadata.py
  • .local/idna/intranges.py
  • .local/idna/package_data.py
  • .local/idna/uts46data.py
  • .local/requests-2.26.0.dist-info/INSTALLER
  • .local/requests-2.26.0.dist-info/LICENSE
  • .local/requests-2.26.0.dist-info/METADATA
  • .local/requests-2.26.0.dist-info/RECORD
  • .local/requests-2.26.0.dist-info/WHEEL
  • .local/requests-2.26.0.dist-info/top_level.txt
  • .local/requests/__init__.py
  • .local/requests/__pycache__/__init__.cpython-38.pyc
  • .local/requests/__pycache__/__version__.cpython-38.pyc
  • .local/requests/__pycache__/_internal_utils.cpython-38.pyc
  • .local/requests/__pycache__/adapters.cpython-38.pyc
  • .local/requests/__pycache__/api.cpython-38.pyc
  • .local/requests/__pycache__/auth.cpython-38.pyc
  • .local/requests/__pycache__/certs.cpython-38.pyc
  • .local/requests/__pycache__/compat.cpython-38.pyc
  • .local/requests/__pycache__/cookies.cpython-38.pyc
  • .local/requests/__pycache__/exceptions.cpython-38.pyc
  • .local/requests/__pycache__/help.cpython-38.pyc
  • .local/requests/__pycache__/hooks.cpython-38.pyc
  • .local/requests/__pycache__/models.cpython-38.pyc
  • .local/requests/__pycache__/packages.cpython-38.pyc
  • .local/requests/__pycache__/sessions.cpython-38.pyc
  • .local/requests/__pycache__/status_codes.cpython-38.pyc
  • .local/requests/__pycache__/structures.cpython-38.pyc
  • .local/requests/__pycache__/utils.cpython-38.pyc
  • .local/requests/__version__.py
  • .local/requests/_internal_utils.py
  • .local/requests/adapters.py
  • .local/requests/api.py
  • .local/requests/auth.py
  • .local/requests/certs.py
    .py .sh linux
  • .local/requests/compat.py
  • .local/requests/cookies.py
  • .local/requests/exceptions.py
  • .local/requests/help.py
  • .local/requests/hooks.py
  • .local/requests/models.py
  • .local/requests/packages.py
  • .local/requests/sessions.py
  • .local/requests/status_codes.py
  • .local/requests/structures.py
  • .local/requests/utils.py
  • .local/resource/RedistList/Columm/bangJarfuls/bicronLoopier.xml
    .xml
  • .local/resource/RedistList/Columm/bangJarfuls/fullamWhealedParpend.xml
    .xml
  • .local/resource/RedistList/Columm/bangJarfuls/hamital.xml
    .xml
  • .local/resource/RedistList/Columm/bangJarfuls/peptoneLaikHomely.xml
    .xml
  • .local/resource/RedistList/Columm/bangJarfuls/spurreyGladsMorae.xml
    .xml
  • .local/resource/RedistList/Columm/bangJarfuls/whissle.xml
    .xml
  • .local/resource/RedistList/Columm/dagEavesChest.xml
    .xml
  • .local/resource/RedistList/Columm/fooled/favnJacklegHangar.xml
    .xml
  • .local/resource/RedistList/Columm/fooled/inhalerFaba.xml
    .xml
  • .local/resource/RedistList/Columm/fooled/luggingAinhum.xml
    .xml
  • .local/resource/RedistList/Columm/fooled/parfaitUnfelon.xml
    .xml
  • .local/resource/RedistList/Columm/fooled/pokey.xml
    .xml
  • .local/resource/RedistList/Columm/fooled/raringCzechScreaky.xml
    .xml
  • .local/resource/RedistList/Columm/gamebagSilting.xml
    .xml
  • .local/resource/RedistList/Columm/seismal.xml
    .xml
  • .local/resource/RedistList/Columm/spavinsScalls.xml
    .xml
  • .local/resource/RedistList/Columm/tappitAllying/astrerDoolies.xml
    .xml
  • .local/resource/RedistList/Columm/tappitAllying/oreticMintersSemiurn.xml
    .xml
  • .local/resource/RedistList/Columm/tappitAllying/pompanoTapetal.xml
    .xml
  • .local/resource/RedistList/Columm/tappitAllying/shimmerAlquierEspinos.xml
    .xml
  • .local/resource/RedistList/Columm/tappitAllying/thraxAcarid.xml
    .xml
  • .local/resource/RedistList/Columm/tappitAllying/unlushSpleetMidmorn.xml
    .xml
  • .local/resource/RedistList/Columm/whipsKnarredFilles/carniesLamp.xml
    .xml
  • .local/resource/RedistList/Columm/whipsKnarredFilles/ferriRichestMacacos.xml
    .xml
  • .local/resource/RedistList/Columm/whipsKnarredFilles/flicky.xml
    .xml
  • .local/resource/RedistList/Columm/whipsKnarredFilles/grataPotting.xml
    .xml
  • .local/resource/RedistList/Columm/whipsKnarredFilles/hepcat.xml
    .xml
  • .local/resource/RedistList/Columm/whipsKnarredFilles/insteamLapinTybalt.xml
    .xml
  • .local/resource/RedistList/Columm/whipsKnarredFilles/korwaColonel.xml
    .xml
  • .local/resource/RedistList/Columm/whipsKnarredFilles/laniateMalisonMinoan.xml
    .xml
  • .local/resource/RedistList/Columm/whipsKnarredFilles/margauxSteghTaluche.xml
    .xml
  • .local/resource/RedistList/Columm/whipsKnarredFilles/nilousSubpoolGazabos.xml
    .xml
  • .local/resource/RedistList/Columm/whipsKnarredFilles/poxed.xml
    .xml
  • .local/resource/RedistList/Columm/yeatPulasMolle.xml
    .xml
  • .local/resource/RedistList/FrameworkList.xml
  • .local/resource/RedistList/alaiDampy.xml
    .xml
  • .local/resource/RedistList/exerceSprettyMitua.xml
    .xml
  • .local/resource/RedistList/legatoVacates.xml
    .xml
  • .local/resource/RedistList/nainHealful.xml
    .xml
  • .local/resource/RedistList/raxing.xml
    .xml
  • .local/resource/RedistList/unniceDicetyl.xml
    .xml
  • .local/resource/backuptron/drive/drivers/AppManMigrationPlugin.dll
    .dll regsvr32 windows x64

    3426e31e2eb9a00393a44c4098df121d


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • .local/resource/backuptron/drive/drivers/WMIMigrationPlugin.dll
    .dll regsvr32 windows x64

    5bd39b7d9c228f38d5cc4774b61b1f0e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • .local/resource/backuptron/recover/DMWmiBridgeProv.dll
    .dll regsvr32 windows x64

    3654398321e9ef24847f22d2e5c0feab


    Headers

    Imports

    Exports

    Sections

  • .local/resource/backuptron/recover/winsetup.dll
    .dll windows x64

    13ac5715282cc532d7063b3f0eee1e63


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • .local/resource/backuptron/recover/wxmsw30u_core_gcc_custom.dll
    .dll windows x64

    2ee64642a31d3f6dd8e8ee571294a762


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • .local/urllib3-1.26.6.dist-info/INSTALLER
  • .local/urllib3-1.26.6.dist-info/LICENSE.txt
  • .local/urllib3-1.26.6.dist-info/METADATA
  • .local/urllib3-1.26.6.dist-info/RECORD
  • .local/urllib3-1.26.6.dist-info/WHEEL
  • .local/urllib3-1.26.6.dist-info/top_level.txt
  • .local/urllib3/__init__.py
  • .local/urllib3/__pycache__/__init__.cpython-38.pyc
  • .local/urllib3/__pycache__/_collections.cpython-38.pyc
  • .local/urllib3/__pycache__/_version.cpython-38.pyc
  • .local/urllib3/__pycache__/connection.cpython-38.pyc
  • .local/urllib3/__pycache__/connectionpool.cpython-38.pyc
  • .local/urllib3/__pycache__/exceptions.cpython-38.pyc
  • .local/urllib3/__pycache__/fields.cpython-38.pyc
  • .local/urllib3/__pycache__/filepost.cpython-38.pyc
  • .local/urllib3/__pycache__/poolmanager.cpython-38.pyc
  • .local/urllib3/__pycache__/request.cpython-38.pyc
  • .local/urllib3/__pycache__/response.cpython-38.pyc
  • .local/urllib3/_collections.py
  • .local/urllib3/_version.py
  • .local/urllib3/connection.py
  • .local/urllib3/connectionpool.py
    .py .js
  • .local/urllib3/contrib/__pycache__/__init__.cpython-38.pyc
  • .local/urllib3/contrib/__pycache__/_appengine_environ.cpython-38.pyc
  • .local/urllib3/contrib/__pycache__/appengine.cpython-38.pyc
  • .local/urllib3/contrib/__pycache__/ntlmpool.cpython-38.pyc
  • .local/urllib3/contrib/__pycache__/pyopenssl.cpython-38.pyc
    .js
  • .local/urllib3/contrib/__pycache__/securetransport.cpython-38.pyc
    .js
  • .local/urllib3/contrib/__pycache__/socks.cpython-38.pyc
  • .local/urllib3/contrib/_appengine_environ.py
  • .local/urllib3/contrib/_securetransport/__pycache__/__init__.cpython-38.pyc
  • .local/urllib3/contrib/_securetransport/__pycache__/bindings.cpython-38.pyc
  • .local/urllib3/contrib/_securetransport/__pycache__/low_level.cpython-38.pyc
  • .local/urllib3/contrib/_securetransport/bindings.py
  • .local/urllib3/contrib/_securetransport/low_level.py
  • .local/urllib3/contrib/appengine.py
  • .local/urllib3/contrib/ntlmpool.py
  • .local/urllib3/contrib/pyopenssl.py
    .py .js
  • .local/urllib3/contrib/securetransport.py
    .py .js
  • .local/urllib3/contrib/socks.py
  • .local/urllib3/exceptions.py
  • .local/urllib3/fields.py
  • .local/urllib3/filepost.py
  • .local/urllib3/packages/__init__.py
  • .local/urllib3/packages/__pycache__/__init__.cpython-38.pyc
  • .local/urllib3/packages/__pycache__/six.cpython-38.pyc
  • .local/urllib3/packages/backports/__pycache__/__init__.cpython-38.pyc
  • .local/urllib3/packages/backports/__pycache__/makefile.cpython-38.pyc
  • .local/urllib3/packages/backports/makefile.py
  • .local/urllib3/packages/six.py
  • .local/urllib3/packages/ssl_match_hostname/__init__.py
  • .local/urllib3/packages/ssl_match_hostname/__pycache__/__init__.cpython-38.pyc
  • .local/urllib3/packages/ssl_match_hostname/__pycache__/_implementation.cpython-38.pyc
  • .local/urllib3/packages/ssl_match_hostname/_implementation.py
  • .local/urllib3/poolmanager.py
  • .local/urllib3/request.py
  • .local/urllib3/response.py
  • .local/urllib3/util/__init__.py
  • .local/urllib3/util/__pycache__/__init__.cpython-38.pyc
  • .local/urllib3/util/__pycache__/connection.cpython-38.pyc
  • .local/urllib3/util/__pycache__/proxy.cpython-38.pyc
  • .local/urllib3/util/__pycache__/queue.cpython-38.pyc
  • .local/urllib3/util/__pycache__/request.cpython-38.pyc
  • .local/urllib3/util/__pycache__/response.cpython-38.pyc
  • .local/urllib3/util/__pycache__/retry.cpython-38.pyc
  • .local/urllib3/util/__pycache__/ssl_.cpython-38.pyc
  • .local/urllib3/util/__pycache__/ssltransport.cpython-38.pyc
    .js
  • .local/urllib3/util/__pycache__/timeout.cpython-38.pyc
  • .local/urllib3/util/__pycache__/url.cpython-38.pyc
  • .local/urllib3/util/__pycache__/wait.cpython-38.pyc
  • .local/urllib3/util/connection.py
    .py .js
  • .local/urllib3/util/proxy.py
  • .local/urllib3/util/queue.py
  • .local/urllib3/util/request.py
  • .local/urllib3/util/response.py
  • .local/urllib3/util/retry.py
  • .local/urllib3/util/ssl_.py
  • .local/urllib3/util/ssltransport.py
    .py .js
  • .local/urllib3/util/timeout.py
  • .local/urllib3/util/url.py
  • .local/urllib3/util/wait.py
  • README.md/Exeinfo_Installer BackBlu.jpg
    .jpg
  • README.md/Exeinfo_slicerX.jpg
    .jpg
  • README.md/desktop.ini
  • README.md/entry.bat
  • README.md/exeinfope_skinDNA.jpg
    .jpg
  • README.md/exeinfope_skinGoldMetal.jpg
    .jpg
  • README.md/exeinfope_skin__.jpg
    .jpg
  • README.md/inst/75287FF2F4C886F3s
  • README.md/inst/B0DC0509863835E0s
  • README.md/inst/cache_24_5
  • README.md/inst/cache_24_6
  • README.md/inst/particovl.bat
    .bat .vbs
  • Setup_x64.exe.lnk
    .lnk