General

  • Target

    2d3ac826e45c79aca3716316ae5b21bc.bin

  • Size

    3.2MB

  • MD5

    f3a660e1c684e755022e08ab3c491f6a

  • SHA1

    ff55cffbbc832dffc1a1997e30fb7fad4e661f70

  • SHA256

    2f9428fcf12b9d8a677d433062ebc720e6ae7685a36184aef06b91e55833c890

  • SHA512

    86aad64e90cfc4808bd530fec9f66c484dda422c6c3850dc1d22dd8ef05d08592c4d2b1b3e43a133ef9155c6a9f75d922822fad0052d65d5831645087e689d04

  • SSDEEP

    49152:1ija2vrdtCjlWvvE8rAd4hfyh74UxpkpJo4dlhjXgMu2KWBkZsPuJHWWDtI:4fdtwkv8h4hqN4Ux0oE0MuxWiKJ

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2d3ac826e45c79aca3716316ae5b21bc.bin
    .zip

    Password: infected

  • 30438a48463c536433c61446a1f8e874ad7ba451180c1bff69461b2a9d7abdd9.zip
    .zip
  • DriverSuite_for_win.exe
    .exe windows x86

    Password: infected

    f8c12f7b1b7b68b646d178437ec9f983


    Code Sign

    Headers

    Imports

    Sections

  • SIack_Desk_v3-271.exe
    .exe windows x86

    Password: infected

    ef5ee1a30d4a83fd2256bd92297da50a


    Headers

    Imports

    Exports

    Sections

  • rev_3286/ActiveXInstallService.admx
  • rev_3286/AddRemovePrograms.admx
  • rev_3286/AppCompat.admx
  • rev_3286/AppXRuntime.admx
    .xml
  • rev_3286/AppxPackageManager.admx
  • rev_3286/AuditSettings.admx
    .xml
  • rev_3286/AutoPlay.admx
  • rev_3286/Biometrics.admx
  • rev_3286/Bits.admx
  • rev_3286/CEIPEnable.admx
  • rev_3286/COM.admx
  • rev_3286/CipherSuiteOrder.admx
  • rev_3286/Conf.admx
  • rev_3286/ControlPanel.admx
  • rev_3286/ControlPanelDisplay.admx
  • rev_3286/Cpls.admx
  • rev_3286/CredSsp.admx
  • rev_3286/CredUI.admx
  • rev_3286/CredentialProviders.admx
  • rev_3286/CtrlAltDel.admx
  • rev_3286/DCOM.admx
  • rev_3286/DFS.admx
  • rev_3286/DWM.admx
  • rev_3286/Desktop.admx
  • rev_3286/DeviceCompat.admx
  • rev_3286/DeviceInstallation.admx
  • rev_3286/DeviceSetup.admx
  • rev_3286/DigitalLocker.admx
  • rev_3286/DiskDiagnostic.admx
  • rev_3286/DiskNVCache.admx
  • rev_3286/DiskQuota.admx
  • rev_3286/DistributedLinkTracking.admx
  • rev_3286/DnsClient.admx
  • rev_3286/EAIME.admx
  • rev_3286/EarlyLaunchAM.admx
  • rev_3286/EdgeUI.admx
  • rev_3286/EncryptFilesonMove.admx
  • rev_3286/ErrorReporting.admx
  • rev_3286/EventForwarding.admx
    .xml
  • rev_3286/EventLog.admx
  • rev_3286/EventViewer.admx
  • rev_3286/Explorer.admx
  • rev_3286/ExternalBoot.admx
    .xml
  • rev_3286/FileHistory.admx
  • rev_3286/FileRecovery.admx
  • rev_3286/FileRevocation.admx
  • rev_3286/FileServerVSSProvider.admx
  • rev_3286/FileSys.admx
    .xml
  • rev_3286/FolderRedirection.admx
  • rev_3286/FramePanes.admx
  • rev_3286/GameExplorer.admx
  • rev_3286/Globalization.admx
  • rev_3286/GroupPolicy-Server.admx
  • rev_3286/GroupPolicy.admx
  • rev_3286/GroupPolicyPreferences.admx
  • rev_3286/Help.admx
  • rev_3286/HelpAndSupport.admx
  • rev_3286/ICM.admx
  • rev_3286/IIS.admx
  • rev_3286/InkWatson.admx
  • rev_3286/Kerberos.admx
  • rev_3286/LanmanServer.admx
  • rev_3286/LeakDiagnostic.admx
  • rev_3286/LinkLayerTopologyDiscovery.admx
  • rev_3286/LocationProviderAdm.admx
  • rev_3286/Logon.admx
  • rev_3286/MMC.admx
  • rev_3286/MMCSnapIns2.admx
  • rev_3286/MMCSnapins.admx
  • rev_3286/MSDT.admx
  • rev_3286/MSI.admx
  • rev_3286/MediaCenter.admx
  • rev_3286/MobilePCMobilityCenter.admx
  • rev_3286/MobilePCPresentationSettings.admx
  • rev_3286/Msi-FileRecovery.admx
  • rev_3286/NAPXPQec.admx
  • rev_3286/NCSI.admx
  • rev_3286/Netlogon.admx
  • rev_3286/NetworkConnections.admx
  • rev_3286/NetworkIsolation.admx
  • rev_3286/NetworkProjection.admx
  • rev_3286/OfflineFiles.admx
  • rev_3286/P2P-pnrp.admx
  • rev_3286/ParentalControls.admx
  • rev_3286/PeerToPeerCaching.admx
  • rev_3286/PenTraining.admx
  • rev_3286/PerformanceDiagnostics.admx
  • rev_3286/PerformancePerftrack.admx
  • rev_3286/Power.admx
  • rev_3286/PowerShellExecutionPolicy.admx
  • rev_3286/PreviousVersions.admx
  • rev_3286/Printing.admx
  • rev_3286/Printing2.admx
  • rev_3286/Programs.admx
  • rev_3286/PswdSync.admx
  • rev_3286/QOS.admx
  • rev_3286/RPC.admx
  • rev_3286/RacWmiProv.admx
  • rev_3286/Radar.admx
  • rev_3286/ReAgent.admx
  • rev_3286/Reliability.admx
  • rev_3286/RemoteAssistance.admx
  • rev_3286/RemovableStorage.admx
  • rev_3286/Scripts.admx
  • rev_3286/Securitycenter.admx
  • rev_3286/Sensors.admx
  • rev_3286/ServerManager.admx
  • rev_3286/Servicing.admx
  • rev_3286/SettingSync.admx
  • rev_3286/Setup.admx
  • rev_3286/SharedFolders.admx
  • rev_3286/Sharing.admx
  • rev_3286/Shell-CommandPrompt-RegEditTools.admx
  • rev_3286/ShellWelcomeCenter.admx
  • rev_3286/Sidebar.admx
  • rev_3286/SkyDrive.admx
    .xml
  • rev_3286/Smartcard.admx
  • rev_3286/Snis.admx
  • rev_3286/Snmp.admx
  • rev_3286/SoundRec.admx
  • rev_3286/StartMenu.admx
  • rev_3286/SystemRestore.admx
  • rev_3286/TPM.admx
  • rev_3286/TabletPCInputPanel.admx
  • rev_3286/TabletShell.admx
  • rev_3286/TaskScheduler.admx
  • rev_3286/Taskbar.admx
  • rev_3286/TerminalServer-Server.admx
  • rev_3286/TerminalServer.admx
  • rev_3286/Thumbnails.admx
  • rev_3286/TouchInput.admx
  • rev_3286/UserProfiles.admx
  • rev_3286/VolumeEncryption.admx
  • rev_3286/W32Time.admx
  • rev_3286/WCM.admx
  • rev_3286/WDI.admx
  • rev_3286/WPN.admx
  • rev_3286/WinCal.admx
    .xml
  • rev_3286/WinInit.admx
  • rev_3286/WinLogon.admx
  • rev_3286/Windows.admx
  • rev_3286/WindowsAnytimeUpgrade.admx
  • rev_3286/WindowsBackup.admx
  • rev_3286/WindowsColorSystem.admx
  • rev_3286/WindowsConnectNow.admx
  • rev_3286/WindowsDefender.admx
  • rev_3286/WindowsExplorer.admx
  • rev_3286/WindowsFileProtection.admx
  • rev_3286/WindowsFirewall.admx
  • rev_3286/WindowsMail.admx
  • rev_3286/WindowsMediaDRM.admx
  • rev_3286/WindowsMediaPlayer.admx
  • rev_3286/WindowsMessenger.admx
  • rev_3286/WindowsProducts.admx
  • rev_3286/WindowsRemoteManagement.admx
  • rev_3286/WindowsRemoteShell.admx
  • rev_3286/WindowsServer.admx
  • rev_3286/WindowsUpdate.admx
  • rev_3286/Winsrv.admx
  • rev_3286/WordWheel.admx
  • rev_3286/WorkFolders-Client.admx
  • rev_3286/WorkplaceJoin.admx
    .xml
  • rev_3286/fthsvc.admx
  • rev_3286/hotspotauth.admx
  • rev_3286/iSCSI.admx
  • rev_3286/inetres.admx
    .xml
  • rev_3286/kdc.admx
  • rev_3286/msched.admx
    .xml
  • rev_3286/nca.admx
  • rev_3286/pca.admx
  • rev_3286/sdiageng.admx
  • rev_3286/srm-fci.admx
  • rev_3286/syscond-en-US/ActiveXInstallService.adml
    .xml
  • rev_3286/syscond-en-US/AddRemovePrograms.adml
    .xml
  • rev_3286/syscond-en-US/AppCompat.adml
    .xml
  • rev_3286/syscond-en-US/AppXRuntime.adml
    .xml
  • rev_3286/syscond-en-US/AppxPackageManager.adml
    .xml
  • rev_3286/syscond-en-US/AttachmentManager.adml
    .xml
  • rev_3286/syscond-en-US/AuditSettings.adml
    .xml
  • rev_3286/syscond-en-US/AutoPlay.adml
    .xml
  • rev_3286/syscond-en-US/Biometrics.adml
    .xml
  • rev_3286/syscond-en-US/Bits.adml
    .xml
  • rev_3286/syscond-en-US/CEIPEnable.adml
    .xml
  • rev_3286/syscond-en-US/COM.adml
    .xml
  • rev_3286/syscond-en-US/CipherSuiteOrder.adml
    .xml
  • rev_3286/syscond-en-US/Conf.adml
    .xml
  • rev_3286/syscond-en-US/ControlPanel.adml
    .xml
  • rev_3286/syscond-en-US/ControlPanelDisplay.adml
    .xml
  • rev_3286/syscond-en-US/Cpls.adml
    .xml
  • rev_3286/syscond-en-US/CredSsp.adml
    .xml
  • rev_3286/syscond-en-US/CredUI.adml
    .xml
  • rev_3286/syscond-en-US/CredentialProviders.adml
    .xml
  • rev_3286/syscond-en-US/CtrlAltDel.adml
    .xml
  • rev_3286/syscond-en-US/DCOM.adml
    .xml
  • rev_3286/syscond-en-US/DFS.adml
    .xml
  • rev_3286/syscond-en-US/DWM.adml
    .xml
  • rev_3286/syscond-en-US/Desktop.adml
    .xml
  • rev_3286/syscond-en-US/DeviceCompat.adml
    .xml
  • rev_3286/syscond-en-US/DeviceInstallation.adml
    .xml
  • rev_3286/syscond-en-US/DeviceSetup.adml
    .xml
  • rev_3286/syscond-en-US/DigitalLocker.adml
    .xml
  • rev_3286/syscond-en-US/DiskDiagnostic.adml
    .xml
  • rev_3286/syscond-en-US/DiskNVCache.adml
    .xml
  • rev_3286/syscond-en-US/DiskQuota.adml
    .xml
  • rev_3286/syscond-en-US/DistributedLinkTracking.adml
    .xml
  • rev_3286/syscond-en-US/DnsClient.adml
    .xml
  • rev_3286/syscond-en-US/EAIME.adml
    .xml
  • rev_3286/syscond-en-US/EarlyLaunchAM.adml
  • rev_3286/syscond-en-US/EdgeUI.adml
    .xml
  • rev_3286/syscond-en-US/EncryptFilesonMove.adml
    .xml
  • rev_3286/syscond-en-US/ErrorReporting.adml
    .xml
  • rev_3286/syscond-en-US/EventForwarding.adml
    .xml
  • rev_3286/syscond-en-US/EventLog.adml
    .xml
  • rev_3286/syscond-en-US/EventViewer.adml
    .xml
  • rev_3286/syscond-en-US/Explorer.adml
    .xml
  • rev_3286/syscond-en-US/ExternalBoot.adml
    .xml
  • rev_3286/syscond-en-US/FileHistory.adml
    .xml
  • rev_3286/syscond-en-US/FileRecovery.adml
    .xml
  • rev_3286/syscond-en-US/FileRevocation.adml
    .xml
  • rev_3286/syscond-en-US/FileServerVSSProvider.adml
    .xml
  • rev_3286/syscond-en-US/FileSys.adml
    .xml
  • rev_3286/syscond-en-US/FolderRedirection.adml
    .xml
  • rev_3286/syscond-en-US/FramePanes.adml
    .xml
  • rev_3286/syscond-en-US/GameExplorer.adml
    .xml
  • rev_3286/syscond-en-US/Globalization.adml
    .xml
  • rev_3286/syscond-en-US/GroupPolicy-Server.adml
    .xml
  • rev_3286/syscond-en-US/GroupPolicy.adml
    .xml
  • rev_3286/syscond-en-US/GroupPolicyPreferences.adml
    .xml
  • rev_3286/syscond-en-US/Help.adml
    .xml
  • rev_3286/syscond-en-US/HelpAndSupport.adml
    .xml
  • rev_3286/syscond-en-US/ICM.adml
    .xml
  • rev_3286/syscond-en-US/IIS.adml
    .xml
  • rev_3286/syscond-en-US/InetRes.adml
    .xml
  • rev_3286/syscond-en-US/InkWatson.adml
    .xml
  • rev_3286/syscond-en-US/KDC.adml
    .xml
  • rev_3286/syscond-en-US/Kerberos.adml
    .xml
  • rev_3286/syscond-en-US/LanmanServer.adml
    .xml
  • rev_3286/syscond-en-US/LeakDiagnostic.adml
    .xml
  • rev_3286/syscond-en-US/LinkLayerTopologyDiscovery.adml
    .xml
  • rev_3286/syscond-en-US/LocationProviderAdm.adml
    .xml
  • rev_3286/syscond-en-US/Logon.adml
    .xml
  • rev_3286/syscond-en-US/MMC.adml
    .xml
  • rev_3286/syscond-en-US/MMCSnapIns2.adml
    .xml
  • rev_3286/syscond-en-US/MMCSnapins.adml
    .xml
  • rev_3286/syscond-en-US/MSDT.adml
    .xml
  • rev_3286/syscond-en-US/MSI.adml
    .xml
  • rev_3286/syscond-en-US/MediaCenter.adml
    .xml
  • rev_3286/syscond-en-US/MobilePCMobilityCenter.adml
    .xml
  • rev_3286/syscond-en-US/MobilePCPresentationSettings.adml
    .xml
  • rev_3286/syscond-en-US/Msi-FileRecovery.adml
    .xml
  • rev_3286/syscond-en-US/NAPXPQec.adml
    .xml
  • rev_3286/syscond-en-US/NCSI.adml
    .xml
  • rev_3286/syscond-en-US/Netlogon.adml
    .xml
  • rev_3286/syscond-en-US/NetworkConnections.adml
    .xml
  • rev_3286/syscond-en-US/NetworkIsolation.adml
  • rev_3286/syscond-en-US/NetworkProjection.adml
    .xml
  • rev_3286/syscond-en-US/OfflineFiles.adml
    .xml
  • rev_3286/syscond-en-US/P2P-pnrp.adml
    .xml
  • rev_3286/syscond-en-US/ParentalControls.adml
    .xml
  • rev_3286/syscond-en-US/PeerToPeerCaching.adml
    .xml
  • rev_3286/syscond-en-US/PenTraining.adml
    .xml
  • rev_3286/syscond-en-US/PerformanceDiagnostics.adml
    .xml
  • rev_3286/syscond-en-US/PerformancePerftrack.adml
    .xml
  • rev_3286/syscond-en-US/Power.adml
    .xml
  • rev_3286/syscond-en-US/PowerShellExecutionPolicy.adml
    .xml
  • rev_3286/syscond-en-US/PreviousVersions.adml
    .xml
  • rev_3286/syscond-en-US/Printing.adml
    .xml
  • rev_3286/syscond-en-US/Printing2.adml
    .xml
  • rev_3286/syscond-en-US/Programs.adml
    .xml
  • rev_3286/syscond-en-US/PswdSync.adml
    .xml
  • rev_3286/syscond-en-US/QOS.adml
    .xml
  • rev_3286/syscond-en-US/RPC.adml
    .xml
  • rev_3286/syscond-en-US/RacWmiProv.adml
    .xml
  • rev_3286/syscond-en-US/Radar.adml
    .xml
  • rev_3286/syscond-en-US/ReAgent.adml
    .xml
  • rev_3286/syscond-en-US/Reliability.adml
    .xml
  • rev_3286/syscond-en-US/RemoteAssistance.adml
    .xml
  • rev_3286/syscond-en-US/RemovableStorage.adml
    .xml
  • rev_3286/syscond-en-US/Scripts.adml
    .xml
  • rev_3286/syscond-en-US/Securitycenter.adml
    .xml
  • rev_3286/syscond-en-US/Sensors.adml
    .xml
  • rev_3286/syscond-en-US/ServerManager.adml
    .xml
  • rev_3286/syscond-en-US/Servicing.adml
    .xml
  • rev_3286/syscond-en-US/SettingSync.adml
    .xml
  • rev_3286/syscond-en-US/Setup.adml
    .xml
  • rev_3286/syscond-en-US/SharedFolders.adml
    .xml
  • rev_3286/syscond-en-US/Sharing.adml
    .xml
  • rev_3286/syscond-en-US/Shell-CommandPrompt-RegEditTools.adml
    .xml
  • rev_3286/syscond-en-US/ShellWelcomeCenter.adml
    .xml
  • rev_3286/syscond-en-US/Sidebar.adml
    .xml
  • rev_3286/syscond-en-US/SkyDrive.adml
    .xml
  • rev_3286/syscond-en-US/Smartcard.adml
    .xml
  • rev_3286/syscond-en-US/Snis.adml
    .xml
  • rev_3286/syscond-en-US/Snmp.adml
    .xml
  • rev_3286/syscond-en-US/SoundRec.adml
    .xml
  • rev_3286/syscond-en-US/StartMenu.adml
    .xml
  • rev_3286/syscond-en-US/SystemRestore.adml
    .xml
  • rev_3286/syscond-en-US/TPM.adml
    .xml
  • rev_3286/syscond-en-US/TabletPCInputPanel.adml
    .xml
  • rev_3286/syscond-en-US/TabletShell.adml
    .xml
  • rev_3286/syscond-en-US/TaskScheduler.adml
    .xml
  • rev_3286/syscond-en-US/Taskbar.adml
    .xml
  • rev_3286/syscond-en-US/TerminalServer-Server.adml
    .xml
  • rev_3286/syscond-en-US/TerminalServer.adml
    .xml
  • rev_3286/syscond-en-US/Thumbnails.adml
    .xml
  • rev_3286/syscond-en-US/TouchInput.adml
    .xml
  • rev_3286/syscond-en-US/UserProfiles.adml
    .xml
  • rev_3286/syscond-en-US/VolumeEncryption.adml
    .xml
  • rev_3286/syscond-en-US/W32Time.adml
    .xml
  • rev_3286/syscond-en-US/WCM.adml
    .xml
  • rev_3286/syscond-en-US/WDI.adml
    .xml
  • rev_3286/syscond-en-US/WPN.adml
    .xml
  • rev_3286/syscond-en-US/WinCal.adml
    .xml
  • rev_3286/syscond-en-US/WinInit.adml
    .xml
  • rev_3286/syscond-en-US/WinLogon.adml
    .xml
  • rev_3286/syscond-en-US/Windows.adml
    .xml
  • rev_3286/syscond-en-US/WindowsAnytimeUpgrade.adml
    .xml
  • rev_3286/syscond-en-US/WindowsBackup.adml
    .xml
  • rev_3286/syscond-en-US/WindowsColorSystem.adml
    .xml
  • rev_3286/syscond-en-US/WindowsConnectNow.adml
    .xml
  • rev_3286/syscond-en-US/WindowsDefender.adml
  • rev_3286/syscond-en-US/WindowsExplorer.adml
    .xml
  • rev_3286/syscond-en-US/WindowsFileProtection.adml
    .xml
  • rev_3286/syscond-en-US/WindowsFirewall.adml
    .xml
  • rev_3286/syscond-en-US/WindowsMail.adml
    .xml
  • rev_3286/syscond-en-US/WindowsMediaDRM.adml
    .xml
  • rev_3286/syscond-en-US/WindowsMediaPlayer.adml
    .xml
  • rev_3286/syscond-en-US/WindowsMessenger.adml
    .xml
  • rev_3286/syscond-en-US/WindowsProducts.adml
    .xml
  • rev_3286/syscond-en-US/WindowsRemoteManagement.adml
    .xml
  • rev_3286/syscond-en-US/WindowsRemoteShell.adml
    .xml
  • rev_3286/syscond-en-US/WindowsServer.adml
    .xml
  • rev_3286/syscond-en-US/WindowsUpdate.adml
    .xml
  • rev_3286/syscond-en-US/Winsrv.adml
    .xml
  • rev_3286/syscond-en-US/WordWheel.adml
    .xml
  • rev_3286/syscond-en-US/WorkFolders-Client.adml
    .xml
  • rev_3286/syscond-en-US/WorkplaceJoin.adml
    .xml
  • rev_3286/syscond-en-US/fthsvc.adml
    .xml
  • rev_3286/syscond-en-US/hotspotauth.adml
    .xml
  • rev_3286/syscond-en-US/iSCSI.adml
    .xml
  • rev_3286/syscond-en-US/msched.adml
    .xml
  • rev_3286/syscond-en-US/nca.adml
  • rev_3286/syscond-en-US/pca.adml
    .xml
  • rev_3286/syscond-en-US/sdiageng.adml
    .xml
  • rev_3286/syscond-en-US/srm-fci.adml
    .xml
  • rev_3286/syscond-en-US/tcpip.adml
    .xml
  • rev_3286/syscond-en-US/wlansvc.adml
    .xml
  • rev_3286/syscond-en-US/wwansvc.adml
    .xml
  • rev_3286/tcpip.admx
    .xml
  • rev_3286/wlansvc.admx
    .xml
  • rev_3286/wwansvc.admx
    .xml