Overview

overview

3

Static

static

3

InTeL_m0dd...pt.exe

windows7-x64

1

InTeL_m0dd...pt.exe

windows10-2004-x64

1

InTeL_m0dd...cko.js

windows7-x64

1

InTeL_m0dd...cko.js

windows10-2004-x64

1

InTeL_m0dd...o.html

windows7-x64

1

InTeL_m0dd...o.html

windows10-2004-x64

1

InTeL_m0dd...ko.xml

windows7-x64

1

InTeL_m0dd...ko.xml

windows10-2004-x64

1

InTeL_m0dd...us.xml

windows7-x64

1

InTeL_m0dd...us.xml

windows10-2004-x64

1

InTeL_m0dd...le.vbs

windows7-x64

1

InTeL_m0dd...le.vbs

windows10-2004-x64

1

InTeL_m0dd...ub.exe

windows7-x64

InTeL_m0dd...ub.exe

windows10-2004-x64

InTeL_m0dd...y.html

windows7-x64

1

InTeL_m0dd...y.html

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    InTeL_m0dd-Test101-ms0640.rar

  • Size

    166KB

  • MD5

    eba95d73077c762dfd5c05fd871db38a

  • SHA1

    3d24bb74a27c91c3bb272421b8e5792d00bd76aa

  • SHA256

    16b8ff658e8f4ecb8f3a1ecdbd3d8d0fdce88216301038421d330d29ef3e103a

  • SHA512

    217cf17a4a43a163928c5cbc161814b170e31f2068bf0ce0850b22d23a65850990fe410bcac1de18c24c690d7babf0f2d5f5fc506c898d630da5c5500516485f

  • SSDEEP

    3072:AbS9HAJYvb2HTieDwSGFo1aQZHX7p/xh4pJNLDYhoHLEouWlHhwDIV:AbS56Yvb2HT7wS98qxhKvLDYhuEouGhX

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • InTeL_m0dd-Test101-ms0640.rar
    .rar

    Password: infected

  • InTeL_m0dd-Test101-ms0640/MS0640.cpp
  • InTeL_m0dd-Test101-ms0640/MS0640.h
  • InTeL_m0dd-Test101-ms0640/Misc.aps
  • InTeL_m0dd-Test101-ms0640/Misc.rc
  • InTeL_m0dd-Test101-ms0640/advscan.cpp
  • InTeL_m0dd-Test101-ms0640/advscan.h
  • InTeL_m0dd-Test101-ms0640/aimspread.cpp
  • InTeL_m0dd-Test101-ms0640/aimspread.h
  • InTeL_m0dd-Test101-ms0640/asn.cpp
  • InTeL_m0dd-Test101-ms0640/asn.h
  • InTeL_m0dd-Test101-ms0640/commands.cpp
  • InTeL_m0dd-Test101-ms0640/commands.h
  • InTeL_m0dd-Test101-ms0640/configs.h
  • InTeL_m0dd-Test101-ms0640/crypt.cpp
  • InTeL_m0dd-Test101-ms0640/crypt.h
  • InTeL_m0dd-Test101-ms0640/dcom.cpp
  • InTeL_m0dd-Test101-ms0640/dcom.h
  • InTeL_m0dd-Test101-ms0640/ddos.cpp
  • InTeL_m0dd-Test101-ms0640/ddos.h
  • InTeL_m0dd-Test101-ms0640/defines.h
  • InTeL_m0dd-Test101-ms0640/download.cpp
  • InTeL_m0dd-Test101-ms0640/download.h
  • InTeL_m0dd-Test101-ms0640/encrypt.exe
    .exe windows x86

    Password: infected

    d37c06b7a012aae518363f1da9c49f07


    Headers

    Imports

    Sections

  • InTeL_m0dd-Test101-ms0640/externs.h
  • InTeL_m0dd-Test101-ms0640/fphost.cpp
  • InTeL_m0dd-Test101-ms0640/fphost.h
  • InTeL_m0dd-Test101-ms0640/ftpd.cpp
  • InTeL_m0dd-Test101-ms0640/ftpd.h
  • InTeL_m0dd-Test101-ms0640/functions.h
  • InTeL_m0dd-Test101-ms0640/gecko.dsp
  • InTeL_m0dd-Test101-ms0640/gecko.dsw
  • InTeL_m0dd-Test101-ms0640/gecko.opt
    .js
  • InTeL_m0dd-Test101-ms0640/gecko.plg
    .html
  • InTeL_m0dd-Test101-ms0640/gecko.sln
  • InTeL_m0dd-Test101-ms0640/gecko.suo
  • InTeL_m0dd-Test101-ms0640/gecko.vcproj
    .xml
  • InTeL_m0dd-Test101-ms0640/gecko.vcproj.NIXUS.N1xus.user
    .xml
  • InTeL_m0dd-Test101-ms0640/imail.cpp
  • InTeL_m0dd-Test101-ms0640/imail.h
  • InTeL_m0dd-Test101-ms0640/includes.h
  • InTeL_m0dd-Test101-ms0640/info.cpp
  • InTeL_m0dd-Test101-ms0640/info.h
  • InTeL_m0dd-Test101-ms0640/ioctlcmd.h
  • InTeL_m0dd-Test101-ms0640/irc.cpp
  • InTeL_m0dd-Test101-ms0640/irc.h
  • InTeL_m0dd-Test101-ms0640/loaddlls.cpp
  • InTeL_m0dd-Test101-ms0640/loaddlls.h
  • InTeL_m0dd-Test101-ms0640/lsass.cpp
  • InTeL_m0dd-Test101-ms0640/lsass.h
  • InTeL_m0dd-Test101-ms0640/ms06-40-w2k.h
  • InTeL_m0dd-Test101-ms0640/ms06-40-wXP.h
  • InTeL_m0dd-Test101-ms0640/netbios.cpp
  • InTeL_m0dd-Test101-ms0640/netbios.h
  • InTeL_m0dd-Test101-ms0640/netdde.cpp
  • InTeL_m0dd-Test101-ms0640/netdde.h
  • InTeL_m0dd-Test101-ms0640/netutils.cpp
  • InTeL_m0dd-Test101-ms0640/netutils.h
  • InTeL_m0dd-Test101-ms0640/passwd.h
  • InTeL_m0dd-Test101-ms0640/pnp139.cpp
  • InTeL_m0dd-Test101-ms0640/pnp139.h
  • InTeL_m0dd-Test101-ms0640/pnp445.cpp
  • InTeL_m0dd-Test101-ms0640/pnp445.h
  • InTeL_m0dd-Test101-ms0640/processes.cpp
  • InTeL_m0dd-Test101-ms0640/processes.h
  • InTeL_m0dd-Test101-ms0640/protocol.cpp
  • InTeL_m0dd-Test101-ms0640/protocol.h
  • InTeL_m0dd-Test101-ms0640/regcontrol.cpp
  • InTeL_m0dd-Test101-ms0640/regcontrol.h
  • InTeL_m0dd-Test101-ms0640/reptile.cpp
    .vbs
  • InTeL_m0dd-Test101-ms0640/reptile.h
  • InTeL_m0dd-Test101-ms0640/resource.h
  • InTeL_m0dd-Test101-ms0640/secure.cpp
  • InTeL_m0dd-Test101-ms0640/secure.h
  • InTeL_m0dd-Test101-ms0640/service.cpp
  • InTeL_m0dd-Test101-ms0640/service.h
  • InTeL_m0dd-Test101-ms0640/socks4.cpp
  • InTeL_m0dd-Test101-ms0640/socks4.h
  • InTeL_m0dd-Test101-ms0640/strings.h
  • InTeL_m0dd-Test101-ms0640/stub.exe
  • InTeL_m0dd-Test101-ms0640/threads.cpp
  • InTeL_m0dd-Test101-ms0640/threads.h
  • InTeL_m0dd-Test101-ms0640/utility.cpp
  • InTeL_m0dd-Test101-ms0640/utility.dsp
  • InTeL_m0dd-Test101-ms0640/utility.dsw
  • InTeL_m0dd-Test101-ms0640/utility.h
  • InTeL_m0dd-Test101-ms0640/utility.ncb
  • InTeL_m0dd-Test101-ms0640/utility.opt
  • InTeL_m0dd-Test101-ms0640/utility.plg
    .html
  • InTeL_m0dd-Test101-ms0640/wkssvc.cpp
  • InTeL_m0dd-Test101-ms0640/wkssvc.h