Overview

overview

3

Static

static

3

Release no...ral.js

windows7-x64

1

Release no...ral.js

windows10-2004-x64

1

Release no...ex.vbs

windows7-x64

1

Release no...ex.vbs

windows10-2004-x64

1

Release no...x.html

windows7-x64

1

Release no...x.html

windows10-2004-x64

1

Release no...pt.exe

windows7-x64

1

Release no...pt.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Release no_cpp.rar

  • Size

    241KB

  • MD5

    62bc8519bf3eb573c58f23494b36ab00

  • SHA1

    d4f89233ae93d818bd15b5f9215408c26368d335

  • SHA256

    d0f88eac6605fd56dba810ab447c5ccb620dddd5ac41f24e96d8c5c539c988b5

  • SHA512

    184bcb5743ba151d2709f7e00c50475298d2ad1fd019e087ab04bd201617915c9d8e3d5d5af499df31dcffb047bfaf741d33f4174a73ebddeee81b2aaf5c6289

  • SSDEEP

    6144:USF1OYZ9PjmuBCOPm1sSfEYl8lf/FIZcrIah5E:USvjj7KfEYGd/GZ+6

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Release no_cpp.rar
    .rar

    Password: infected

  • Release no_cpp/Code/advscan.cpp
  • Release no_cpp/Code/asn.cpp
  • Release no_cpp/Code/general.cpp
    .js
  • Release no_cpp/Code/reptilex.cpp
    .vbs
  • Release no_cpp/Code/spambot_pstore.cpp
  • Release no_cpp/Headers/Config/configs.h
  • Release no_cpp/Headers/Config/strings.h
  • Release no_cpp/Headers/advscan.h
  • Release no_cpp/Headers/asn.h
  • Release no_cpp/Headers/commands.h
  • Release no_cpp/Headers/crypt.h
  • Release no_cpp/Headers/defines.h
  • Release no_cpp/Headers/download.h
  • Release no_cpp/Headers/externs.h
  • Release no_cpp/Headers/functions.h
  • Release no_cpp/Headers/includes.h
  • Release no_cpp/Headers/info.h
  • Release no_cpp/Headers/irc.h
  • Release no_cpp/Headers/loaddlls.h
  • Release no_cpp/Headers/netutils.h
  • Release no_cpp/Headers/processes.h
  • Release no_cpp/Headers/protocol.h
  • Release no_cpp/Headers/pstore.h
  • Release no_cpp/Headers/regcontrol.h
  • Release no_cpp/Headers/reptile.h
  • Release no_cpp/Headers/secure.h
  • Release no_cpp/Headers/service.h
  • Release no_cpp/Headers/spambot.h
  • Release no_cpp/Headers/threads.h
  • Release no_cpp/Headers/utility.h
  • Release no_cpp/Headers/visit.h
  • Release no_cpp/Release/advscan.obj
  • Release no_cpp/Release/asn.obj
  • Release no_cpp/Release/general.obj
  • Release no_cpp/Release/pstorec.tlh
  • Release no_cpp/Release/pstorec.tli
  • Release no_cpp/Release/reptilex.obj
  • Release no_cpp/Release/spambot_pstore.obj
  • Release no_cpp/Release/vc60.idb
  • Release no_cpp/Reptilex.dsp
  • Release no_cpp/Reptilex.dsw
  • Release no_cpp/Reptilex.ncb
  • Release no_cpp/Reptilex.opt
  • Release no_cpp/Reptilex.plg
    .html
  • Release no_cpp/encrypt.exe
    .exe windows x86

    Password: infected

    d37c06b7a012aae518363f1da9c49f07


    Headers

    Imports

    Sections