Overview

overview

3

Static

static

3

AcsReader.dll

windows7-x64

1

AcsReader.dll

windows10-2004-x64

1

BHMDefine05.dll

windows7-x64

1

BHMDefine05.dll

windows10-2004-x64

1

BLData60.dll

windows7-x64

1

BLData60.dll

windows10-2004-x64

1

BLKhachHang1.dll

windows7-x64

1

BLKhachHang1.dll

windows10-2004-x64

1

BNH_SECURYTY05.dll

windows7-x64

1

BNH_SECURYTY05.dll

windows10-2004-x64

1

BSHotelSercurity.dll

windows7-x64

1

BSHotelSercurity.dll

windows10-2004-x64

1

EasyD12_500.dll

windows7-x64

1

EasyD12_500.dll

windows10-2004-x64

1

Guest05.dll

windows7-x64

1

Guest05.dll

windows10-2004-x64

1

HotelSyste...ns.dll

windows7-x64

1

HotelSyste...ns.dll

windows10-2004-x64

1

ISS.Coms.dll

windows7-x64

1

ISS.Coms.dll

windows10-2004-x64

1

ISS.Controls.dll

windows7-x64

1

ISS.Controls.dll

windows10-2004-x64

1

ISS.LiveUp...er.dll

windows7-x64

1

ISS.LiveUp...er.dll

windows10-2004-x64

1

PKMInterfa...ch.exe

windows7-x64

1

PKMInterfa...ch.exe

windows10-2004-x64

1

PKMInterfa...st.exe

windows7-x64

3

PKMInterfa...st.exe

windows10-2004-x64

3

Xceed.Edit....6.dll

windows7-x64

1

Xceed.Edit....6.dll

windows10-2004-x64

1

Xceed.Grid.v3.9.dll

windows7-x64

1

Xceed.Grid.v3.9.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    18a3ac6bb1584ee37bb5fef5bffb52d777f7969fb004352fa6ff0b6f7028e516.zip.zip

  • Size

    2.6MB

  • MD5

    d1f3272a6070c2b90ab84dd0224db357

  • SHA1

    f183b0abed1bf6bd5adba6aa98e4364f44e29ce3

  • SHA256

    53ab15597f188424b54f018e9f76741a6ae1ea33d371634f7c275222e7f1143b

  • SHA512

    b6d5d949b9e2b80ec795aaf9e358a89df9c9865dc9840a25c48540a60350c99b6a2b7e93b6addd3db81861ddaac29dfe144f73b9f594987a5f33908e52f260f3

  • SSDEEP

    49152:UN9vtXFC7UXS/GD7JRy8bCZ+/iNBWAOS+Ru6DZ0Vlp5aTB9RXlMNbLSn:UN9VFC7UXwGD1qNBW5QGZDB1M9LSn

Score
3/10

Malware Config

Signatures

  • Unsigned PE 31 IoCs

    Checks for missing Authenticode signature.

Files

  • 18a3ac6bb1584ee37bb5fef5bffb52d777f7969fb004352fa6ff0b6f7028e516.zip.zip
    .zip

    Password: infected

  • 18a3ac6bb1584ee37bb5fef5bffb52d777f7969fb004352fa6ff0b6f7028e516.zip
    .zip
  • AcsReader.dll
    .dll windows:4 windows x86


    Headers

    Exports

    Sections

  • BHMDefine05.dll
    .dll windows:4 windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • BLData60.dll
    .dll windows:4 windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • BLData60.xml
  • BLKhachHang1.dll
    .dll windows:4 windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • BLKhachHang1.xml
  • BNH_SECURYTY05.dll
    .dll windows:4 windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • BNH_SECURYTY05.xml
  • BSHotelSercurity.dll
    .dll windows:4 windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • BSHotelSercurity.xml
  • EasyD12_500.dll
    .dll windows:4 windows x86

    fa2f033ffd938e09f202e02ab80f7a0b


    Headers

    Imports

    Exports

    Sections

  • Guest05.dll
    .dll windows:4 windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Guest05.xml
  • HotelSystemOptions.dll
    .dll windows:4 windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • HotelSystemOptions.xml
  • ISS.Coms.dll
    .dll windows:4 windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ISS.Controls.dll
    .dll windows:4 windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ISS.LiveUpdate.Downloader.dll
    .dll windows:4 windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • PKMInterfaceADEL.vshost.exe.config
    .xml
  • PKMInterfaceBeTech.exe
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • PKMInterfaceBeTech.exe.config
    .xml
  • PKMInterfaceBeTech.vshost.exe
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • PKMInterfaceBeTech.vshost.exe.config
    .xml
  • PKMInterfaceBeTech.xml
  • Xceed.Editors.v2.6.dll
    .dll windows:4 windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Xceed.Editors.v2.6.xml
  • Xceed.Grid.v3.9.dll
    .dll windows:4 windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Xceed.Grid.v3.9.xml
  • Xceed.SmartUI.UIStyle.v3.6.dll
    .dll windows:4 windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Xceed.SmartUI.UIStyle.v3.6.xml
  • Xceed.SmartUI.v3.6.dll
    .dll windows:4 windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Xceed.SmartUI.v3.6.xml
  • Xceed.UI.v1.4.dll
    .dll windows:4 windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Xceed.UI.v1.4.xml
  • Xceed.Validation.v1.3.dll
    .dll windows:4 windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Xceed.Validation.v1.3.xml
  • acr120u.dll
    .dll windows:4 windows x86

    e07d5252a6c3df879c61b35875d2f053


    Headers

    Imports

    Exports

    Sections

  • btlock57L.dll
    .dll windows:4 windows x86


    Headers

    Exports

    Sections

  • btmf1232.dll
    .dll windows:4 windows x86

    f79df0062549ceff895c6a575e7a5c5a


    Headers

    Imports

    Exports

    Sections

  • vai/BNH_SECURYTY05.resources.dll
    .dll windows:4 windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • vi-VN/BNH_SECURYTY05.resources.dll
    .dll windows:4 windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • vi/BLData60.resources.dll
    .dll windows:4 windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • vi/BLKhachHang1.resources.dll
    .dll windows:4 windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • vi/BNH_SECURYTY05.resources.dll
    .dll windows:4 windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • vi/BSHotelSercurity.resources.dll
    .dll windows:4 windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • vi/HotelSystemOptions.resources.dll
    .dll windows:4 windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • zymsr232.dll
    .dll windows:4 windows x86

    35699f96254a20432e0349a550224072


    Headers

    Imports

    Exports

    Sections

  • zymurusb.dll
    .dll windows:4 windows x86

    7b1f1b8c5143185879b7d55f6f3bf530


    Headers

    Imports

    Exports

    Sections