General

  • Target

    Extrude v1.rar

  • Size

    1.2MB

  • MD5

    7f6049eb13f0def8ecc2b24a7f192197

  • SHA1

    b28503756867d0df88d153859d31a41340d4df67

  • SHA256

    779944ef7b50dcc97c14b28c133b36f93c33299381e17ce80444562fdd82a79c

  • SHA512

    99b44531770eec32f1c453c2085635687e663700491dbfff44e0c7ad4f2f64ca43b011204af7ac8de8796ee28d2b913d8c4d6253334133465723264c50270058

  • SSDEEP

    24576:PcDxi5YA59TMJLvdVRLRfyW12l4v1hv8riCtE:th9TALpRfyEJNhU2

Score
10/10

Malware Config

Signatures

  • DCRat payload 1 IoCs

    Detects payload of DCRat, commonly dropped by NSIS installers.

  • Dcrat family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • AutoIT Executable 1 IoCs

    AutoIT scripts compiled to PE executables.

Files

  • Extrude v1.rar
    .rar

    Password: 12345

  • Extrude v1/2.0 Extrude .rar
    .rar

    Password: 12345

  • DefenderControl.zip
    .zip

    Password: 12345

  • dControl.exe
    .exe windows x86

    Password: 12345


    Code Sign

    Headers

    Sections

  • out.upx
    .exe windows x86


    Headers

    Sections

  • dControl.ini
  • DirectX.exe
    .exe windows x86

    Password: 12345

    1494de9b53e05fc1f40cb92afbdd6ce4


    Code Sign

    Headers

    Imports

    Sections

  • Extrude instr(rus).txt
  • Extrude.exe
    .exe windows x86

    Password: 12345

    fcf1390e9ce472c7270447fc5c61a0c1


    Headers

    Imports

    Sections

  • с++.txt