Overview

overview

7

Static

static

3

Tools/Colo...rs.exe

windows7-x64

1

Tools/Colo...rs.exe

windows10-2004-x64

1

Tools/FSCa...re.exe

windows7-x64

3

Tools/FSCa...re.exe

windows10-2004-x64

3

Tools/FSCa...lp.chm

windows7-x64

1

Tools/FSCa...lp.chm

windows10-2004-x64

1

Tools/FSCa...ir.exe

windows7-x64

1

Tools/FSCa...ir.exe

windows10-2004-x64

1

Tools/FSCa...us.exe

windows7-x64

1

Tools/FSCa...us.exe

windows10-2004-x64

1

Tools/FSCa...er.exe

windows7-x64

3

Tools/FSCa...er.exe

windows10-2004-x64

3

Tools/Hotk...yP.exe

windows7-x64

6

Tools/Hotk...yP.exe

windows10-2004-x64

6

Tools/Hotk...lp.chm

windows7-x64

1

Tools/Hotk...lp.chm

windows10-2004-x64

1

Tools/Hotk...ok.dll

windows7-x64

3

Tools/Hotk...ok.dll

windows10-2004-x64

1

Tools/Hotk...64.dll

windows7-x64

1

Tools/Hotk...64.dll

windows10-2004-x64

1

Tools/Hotk...64.exe

windows7-x64

1

Tools/Hotk...64.exe

windows10-2004-x64

1

Tools/HotkeyP/spy.exe

windows7-x64

1

Tools/HotkeyP/spy.exe

windows10-2004-x64

1

Tools/Mous...nc.exe

windows7-x64

3

Tools/Mous...nc.exe

windows10-2004-x64

3

Tools/Note...d2.bat

windows7-x64

3

Tools/Note...d2.bat

windows10-2004-x64

7

Tools/Note...d2.exe

windows7-x64

1

Tools/Note...d2.exe

windows10-2004-x64

1

Tools/ScreenToGif.exe

windows7-x64

1

Tools/ScreenToGif.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e3026e2bd11e4d1f35c49a32bdc24d1b29dd62394d68c51361f590ff7886e091

  • Size

    8.8MB

  • MD5

    d4f571e435e6da2cf54de74cfb402ab8

  • SHA1

    e7946566076374f85a12009373fc8c9e20447b9f

  • SHA256

    e3026e2bd11e4d1f35c49a32bdc24d1b29dd62394d68c51361f590ff7886e091

  • SHA512

    cd6129454c08726c39c0b8f07e00517dc8a6b704f21ed24a22db52d86da53c9bcdca590028621a18a0eee1f3d754db8cbf3ecbe4a2069145df2c46344d005e85

  • SSDEEP

    196608:7m5fGsNb80iKwnH27WjVSuI9grI6KJ7u0AhTY2mpm/S9nNiQF2HVi:KQjfnHSgVSD9grI3Izhv8mKyJw

Score
3/10

Malware Config

Signatures

  • Unsigned PE 14 IoCs

    Checks for missing Authenticode signature.

Files

  • e3026e2bd11e4d1f35c49a32bdc24d1b29dd62394d68c51361f590ff7886e091
    .zip
  • Tools/Colors/Colors.exe
    .exe windows:4 windows x86

    20ab20cda695f2387e2af82d0af33896


    Headers

    Imports

    Sections

  • Tools/Colors/Languages/Colors.zh_CN.po
  • Tools/Colors/Languages/LCLStrConsts/lclstrconsts.uk.po
  • Tools/Colors/Languages/LCLStrConsts/lclstrconsts.zh_CN.po
  • Tools/Colors/Settings.ini
  • Tools/FSCapture/FSCapture.exe
    .exe windows:4 windows x86


    Headers

    Sections

  • Tools/FSCapture/FSCaptureHelp.chm
    .chm
  • Tools/FSCapture/FSCrossHair.exe
    .exe windows:4 windows x86


    Headers

    Sections

  • Tools/FSCapture/FSFocus.exe
    .exe windows:4 windows x86


    Headers

    Sections

  • Tools/FSCapture/FSLogo.png
    .png
  • Tools/FSCapture/FSRecorder.exe
    .exe windows:4 windows x86


    Headers

    Sections

  • Tools/FSCapture/Portable.db
  • Tools/FSCapture/TBSettings.db
  • Tools/FSCapture/fsc.db
  • Tools/FSCapture/fsrec.db
  • Tools/HotkeyP/HotkeyP.exe
    .exe windows:5 windows x64

    2999f032c3973dcf3f40164e13f5890c


    Headers

    Imports

    Sections

  • Tools/HotkeyP/help.chm
    .chm
  • Tools/HotkeyP/hook.dll
    .dll windows:4 windows x86

    0341dd2384a2e495628b0b437c16baad


    Headers

    Imports

    Exports

    Sections

  • Tools/HotkeyP/hook64.dll
    .dll windows:5 windows x64

    9be235e82459e0cb207d22423e4d94b2


    Headers

    Imports

    Exports

    Sections

  • Tools/HotkeyP/hook64.exe
    .exe windows:5 windows x64

    5e606c62474ecc10020e5afb0d0e4262


    Headers

    Imports

    Sections

  • Tools/HotkeyP/hotkeyp_使用说明.txt
  • Tools/HotkeyP/hotkeyp_奶酪配置.htk
  • Tools/HotkeyP/language/Chinese (Simplified).lng
  • Tools/HotkeyP/spy.exe
    .exe windows:4 windows x86

    c6d7525a664281581b52973c78462ced


    Headers

    Imports

    Sections

  • Tools/MouseInc/MouseInc.Settings.zip
    .zip
  • Tools/MouseInc/MouseInc.exe
    .exe windows:6 windows x86

    e168ff854bfcc24ef45a9c39ff100ce0


    Headers

    Imports

    Sections

  • Tools/MouseInc/MouseInc.json
  • Tools/MouseInc/使用说明.txt
  • Tools/Notepad2/Notepad2.bat
    .bat .vbs
  • Tools/Notepad2/Notepad2.exe
    .exe windows:5 windows x86

    da346fe050b19c7bda9d340dd5b0ad5b


    Headers

    Imports

    Sections

  • Tools/Notepad2/Notepad2.ini
  • Tools/ScreenToGif.exe
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Tools/Snapshot.exe
    .exe windows:5 windows x86

    fe36eb0020e53cc44bb8a601947f260f


    Code Sign

    Headers

    Imports

    Sections

  • Tools/设置默认浏览器.exe
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Tools/设置默认浏览器_使用说明.url.url