dFx1NkU4yM4gqKGFTvSczi[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

dFx1NkU4yM4gqKGFTvSczi.zip
Size

324.9MB
MD5

3efd568f7445e252a1a373d3cce6fe38
SHA1

585cd3b3f2dd9050e06fb82bab4c4464ff56f09d
SHA256

d08730959989f3d421722336f96452158c23a371f64b56d6a1c878d30c13f23d
SHA512

96ff818a5454613cbddfa7f9e21f09354a82b34873a7df32b8cc6e11f2395eb3c8fd3a5b97d8eb20cb9d87afecf0e20d0612e5c77c1bdd7266f9def653bd04d7
SSDEEP

6291456:e+X1pPqtbynotD/isBVFxmN8DA9hYBbqbvb5iVIGdvKDUZPgphiM3SDLVjKdS+D:7lpPqtbSoNisrFxmN8DahUcbU9vzsgMJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 7 IoCs

Checks for missing Authenticode signature.

resource
unpack002/MacBook BoardViewer software and Schematic/BoardViewer点位软件/._cache_BoardViewer.exe
unpack002/MacBook BoardViewer software and Schematic/BoardViewer点位软件/Ionic.Zip.dll
unpack002/MacBook BoardViewer software and Schematic/BoardViewer点位软件/SharpDX.DXGI.dll
unpack002/MacBook BoardViewer software and Schematic/BoardViewer点位软件/SharpDX.Direct2D1.dll
unpack002/MacBook BoardViewer software and Schematic/BoardViewer点位软件/SharpDX.Direct3D11.dll
unpack002/MacBook BoardViewer software and Schematic/BoardViewer点位软件/SharpDX.dll
unpack002/MacBook BoardViewer software and Schematic/BoardViewer点位软件/Volante.dll

Files

dFx1NkU4yM4gqKGFTvSczi.zip
.zip

Password: unzip-me
file-acquisition-raw-issues.PevbBdbWg96kvwBn4ZVecx.xml
.xml
files-raw.5v73DfeaPC18xvOurIWSoW.xml
.xml
mac course.zip_
.zip .pdf

Password: unzip-me
01. Explication of the basic components.pdf
.pdf

Password: unzip-me
02. Explication of triode and operational amplifier.pdf
.pdf

Password: unzip-me
03. Explication of FET(Field Effect Transistor).pdf
.pdf

Password: unzip-me
04. Explication of Logic Gates Chips.pdf
.pdf

Password: unzip-me
05. Explication of common chips for MacBook.pdf
.pdf

Password: unzip-me
06. Analysis and Maintenance Method of Standby 3.42V Circuits.pdf
.pdf

Password: unzip-me
07. Analysis and Maintenance Method of Protective isolation Circuits.pdf
.pdf

Password: unzip-me
08. Analysis and Maintenance Method of 3V5V Standby Circuits.pdf
.pdf
09. Principle Analysis of Triggering Circuits.pdf
.pdf
10.Principle Analysis of Groups power supply after Triggering.pdf
.pdf
11. Principle Analysis of large inductor Circuits.pdf
.pdf
12.Analysis and Maintenance Method of level-to-level power supply.pdf
.pdf
13.Groups power supply Circuits after Triggering.pdf
.pdf
14.Summary of power supply circuit.pdf
.pdf
15.Analysis and Maintenance Method of ”all power good”.pdf
.pdf
16.PGClockReset Circuits.pdf
.pdf
17.Summary of No Turn on problem.pdf
.pdf
18.Analysis and Maintenance Method of Charging Circuits.pdf
.pdf
19. Analysis and Maintenance Method of no display.pdf
.pdf
FIXSTA1466 2013年最新版本 820-3437-B 无水印_纯图版.pdf
.pdf
FIXSTA1466 820-00165-A_纯图版.pdf
.pdf
FIXST苹果A1932 板号：820-01521_纯图版.pdf
.pdf
MacBook BoardViewer software and Schematic/13寸新款AIR A2179 820-01958.pdf
.pdf
MacBook BoardViewer software and Schematic/13寸新款AIR A2179 820-01958.brd
MacBook BoardViewer software and Schematic/16寸新款A2141 820-01700.brd
MacBook BoardViewer software and Schematic/820-3208-A.pdf
.pdf
MacBook BoardViewer software and Schematic/820-3209-A.brd
MacBook BoardViewer software and Schematic/820-3209-A.pdf
.pdf
MacBook BoardViewer software and Schematic/A1278 820-2879-B.brd
MacBook BoardViewer software and Schematic/A1278 820-2879-B.pdf
.pdf
MacBook BoardViewer software and Schematic/A1278 820-3115-B.brd
MacBook BoardViewer software and Schematic/A1278 hm65桥k90i.pdf
.pdf
MacBook BoardViewer software and Schematic/A1286.brd
MacBook BoardViewer software and Schematic/A1297 820-2610-a.pdf
.pdf
MacBook BoardViewer software and Schematic/A1297 K20_DVT2.brd
MacBook BoardViewer software and Schematic/A1370 (MLB K99).pdf
.pdf
MacBook BoardViewer software and Schematic/A1370 820-3208-A.brd
MacBook BoardViewer software and Schematic/A1370.brd
MacBook BoardViewer software and Schematic/A1398 820-00138.pdf
.pdf
MacBook BoardViewer software and Schematic/A1398 820-3332-A.brd
MacBook BoardViewer software and Schematic/A1398 820-3332-A.pdf
.pdf
MacBook BoardViewer software and Schematic/A1398_820-00138.brd
MacBook BoardViewer software and Schematic/A1465 820-00164-A.brd
MacBook BoardViewer software and Schematic/A1465 820-00164.pdf
.pdf
MacBook BoardViewer software and Schematic/A1465 820-3435-A.brd
MacBook BoardViewer software and Schematic/A1465 820-3435-B.pdf
.pdf
MacBook BoardViewer software and Schematic/A1466 820-3437-B.brd
MacBook BoardViewer software and Schematic/A1466 820-00165.brd
MacBook BoardViewer software and Schematic/A1466 820-00165.pdf
.pdf
MacBook BoardViewer software and Schematic/A1466 820-3437-B.pdf
.pdf
MacBook BoardViewer software and Schematic/A1502 820-3476-A.brd
MacBook BoardViewer software and Schematic/A1502 820-3476-A.pdf
.pdf
MacBook BoardViewer software and Schematic/A1502 820-4924-A.pdf
.pdf
MacBook BoardViewer software and Schematic/A1502_820-4924-A.brd
MacBook BoardViewer software and Schematic/A1534 820-00045-A.brd
MacBook BoardViewer software and Schematic/A1534 820-00045-A.pdf
.pdf
MacBook BoardViewer software and Schematic/A1534 820-00244.brd
MacBook BoardViewer software and Schematic/A1534 820-00244.pdf
.pdf
MacBook BoardViewer software and Schematic/A1706 820-00239.brd
MacBook BoardViewer software and Schematic/A1706 820-00239.pdf
.pdf
MacBook BoardViewer software and Schematic/A1707 820-00281-A.brd
MacBook BoardViewer software and Schematic/A1707 820-00281-A.pdf
.pdf
MacBook BoardViewer software and Schematic/A1708 820-00840-A.brd
MacBook BoardViewer software and Schematic/A1708 820-00840-A.pdf
.pdf
MacBook BoardViewer software and Schematic/A1932 820-01521 PJJ MLB Pre-EVT2.brd
MacBook BoardViewer software and Schematic/A1932 820-01521.pdf
.pdf
MacBook BoardViewer software and Schematic/A1989 820-00850-A.brd
MacBook BoardViewer software and Schematic/A1989 820-00850-A.pdf
.pdf
MacBook BoardViewer software and Schematic/A1990 820-01041-A.brd
MacBook BoardViewer software and Schematic/A1990 820-01041-A.pdf
.pdf
MacBook BoardViewer software and Schematic/A2141 820-01700.pdf
.pdf
MacBook BoardViewer software and Schematic/A2159 820-01598.pdf
.pdf
MacBook BoardViewer software and Schematic/A2159 J213.brd
MacBook BoardViewer software and Schematic/A2289 820-01987 .brd
MacBook BoardViewer software and Schematic/A2289 820-01987 .pdf
.pdf
MacBook BoardViewer software and Schematic/Apple MacBook Air 11 A1370.brd
MacBook BoardViewer software and Schematic/Apple Macbook Air A1370 820-2796 (MLB K99).pdf
.pdf
MacBook BoardViewer software and Schematic/BoardViewer点位软件/._cache_BoardViewer.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 953KB - Virtual size: 952KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MacBook BoardViewer software and Schematic/BoardViewer点位软件/BoardViewer设置使用方法.pdf
.pdf
MacBook BoardViewer software and Schematic/BoardViewer点位软件/Ionic.Zip.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 449KB - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MacBook BoardViewer software and Schematic/BoardViewer点位软件/Lang/ru-RU.lng
MacBook BoardViewer software and Schematic/BoardViewer点位软件/Lang/your-LANG.lng
MacBook BoardViewer software and Schematic/BoardViewer点位软件/SharpDX.DXGI.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MacBook BoardViewer software and Schematic/BoardViewer点位软件/SharpDX.Direct2D1.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 222KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MacBook BoardViewer software and Schematic/BoardViewer点位软件/SharpDX.Direct3D11.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MacBook BoardViewer software and Schematic/BoardViewer点位软件/SharpDX.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 536KB - Virtual size: 535KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MacBook BoardViewer software and Schematic/BoardViewer点位软件/Volante.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MacBook BoardViewer software and Schematic/LB_820-01700_BoardView_file_LO25.brd
MacBook BoardViewer software and Schematic/macbook pro A1398 820-3662-A 图纸.pdf
.pdf
MacBook BoardViewer software and Schematic/macbook pro A1398 820-3662-A 点位.brd
MacBook BoardViewer software and Schematic/点位专用客户端.zip
.zip
manifest.json
metadata.json
script.xml
.xml
sysinfo.L1C6B3qfCuahkoqUPVT35P.xml
.xml

Sharing

General

Malware Config

Signatures

Files

Password: unzip-me

Password: unzip-me

Password: unzip-me

Password: unzip-me

Password: unzip-me

Password: unzip-me

Password: unzip-me

Password: unzip-me

Password: unzip-me

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 953KB - Virtual size: 952KB

.rsrc Size: 38KB - Virtual size: 38KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 449KB - Virtual size: 448KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 85KB - Virtual size: 84KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 222KB - Virtual size: 222KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 164KB - Virtual size: 163KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 536KB - Virtual size: 535KB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

.text
Size: 953KB - Virtual size: 952KB

.rsrc
Size: 38KB - Virtual size: 38KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 449KB - Virtual size: 448KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 85KB - Virtual size: 84KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 222KB - Virtual size: 222KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 164KB - Virtual size: 163KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 536KB - Virtual size: 535KB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 191KB - Virtual size: 191KB

.rsrc
Size: 1024B - Virtual size: 960B

.reloc
Size: 512B - Virtual size: 12B