Overview

overview

7

Static

static

7

Lenin_Scri...do.htm

windows7-x64

1

Lenin_Scri...do.htm

windows10-2004-x64

1

Lenin_Scri...ert.js

windows7-x64

1

Lenin_Scri...ert.js

windows10-2004-x64

1

Lenin_Scri...ds.htm

windows7-x64

1

Lenin_Scri...ds.htm

windows10-2004-x64

1

Lenin_Scri...-1.htm

windows7-x64

1

Lenin_Scri...-1.htm

windows10-2004-x64

1

Lenin_Scri...-3.htm

windows7-x64

1

Lenin_Scri...-3.htm

windows10-2004-x64

1

Lenin_Scri...ads.js

windows7-x64

1

Lenin_Scri...ads.js

windows10-2004-x64

1

Lenin_Scri...RS.dll

windows7-x64

1

Lenin_Scri...RS.dll

windows10-2004-x64

1

Lenin_Scri...nd.dll

windows7-x64

7

Lenin_Scri...nd.dll

windows10-2004-x64

7

Lenin_Scri...or.dll

windows7-x64

1

Lenin_Scri...or.dll

windows10-2004-x64

1

Lenin_Scri...en.dll

windows7-x64

1

Lenin_Scri...en.dll

windows10-2004-x64

1

Lenin_Scri...og.dll

windows7-x64

1

Lenin_Scri...og.dll

windows10-2004-x64

1

Lenin_Scri...ls.dll

windows7-x64

1

Lenin_Scri...ls.dll

windows10-2004-x64

3

Lenin_Scri...ll.dll

windows7-x64

1

Lenin_Scri...ll.dll

windows10-2004-x64

3

Lenin_Scri...le.dll

windows7-x64

1

Lenin_Scri...le.dll

windows10-2004-x64

1

Lenin_Scri...dx.dll

windows7-x64

1

Lenin_Scri...dx.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1e15fc37b9058a1607afe41621df62e1

  • Size

    234KB

  • MD5

    1e15fc37b9058a1607afe41621df62e1

  • SHA1

    087f4c4b39afc4cbda9837c2e85e81bbd8475748

  • SHA256

    eabb567d402c51623e0563016748fdb1b8d701b6bcb0509eb65f8aa05d694162

  • SHA512

    8d8d0774fa4fc2c702210ac2a60e7672ea16c8f835204214d55d6a809a6ca13124780903a5374e3faa2e41c7f68d6ec7e8f9f693fbd553bee6212678626c7717

  • SSDEEP

    6144:/5A6s3TRyFnIAZbU8dmItQ/bFqeqMwtulXZ475WGEP:BA6mlyf9DdmIm/Jfdl452P

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 9 IoCs

    Checks for missing Authenticode signature.

Files

  • 1e15fc37b9058a1607afe41621df62e1
    .rar
  • Lenin_Script/#Beginner - IRCops, Who they are, and What they do.htm
    .html
  • Lenin_Script/#Beginner - IRCops, Who they are, and What they do_files/Thumbs.db
  • Lenin_Script/#Beginner - IRCops, Who they are, and What they do_files/ball-r.gif
    .gif
  • Lenin_Script/#Beginner - IRCops, Who they are, and What they do_files/cor-gb2.jpg
    .jpg
  • Lenin_Script/#Beginner - IRCops, Who they are, and What they do_files/cor-gt2.jpg
    .jpg
  • Lenin_Script/#Beginner - IRCops, Who they are, and What they do_files/globe2tt.gif
    .gif
  • Lenin_Script/#Beginner - IRCops, Who they are, and What they do_files/goose-sm3.jpg
    .jpg
  • Lenin_Script/#Beginner - IRCops, Who they are, and What they do_files/logo6a.gif
    .gif
  • Lenin_Script/#Beginner - IRCops, Who they are, and What they do_files/mseovert.js
  • Lenin_Script/#Beginner - IRCops, Who they are, and What they do_files/spacer.gif
    .gif
  • Lenin_Script/#Beginner - IRCops, Who they are, and What they do_files/star-r.gif
    .gif
  • Lenin_Script/#Beginner - IRCops, Who they are, and What they do_files/star.gif
    .gif
  • Lenin_Script/#Beginner - IRCops, Who they are, and What they do_files/style.css
  • Lenin_Script/#Beginner - IRCops, Who they are, and What they do_files/tealline.gif
  • Lenin_Script/#Beginner - IRCops, Who they are, and What they do_files/vspacer.gif
    .gif
  • Lenin_Script/Commands.htm
    .html .js polyglot
  • Lenin_Script/aliases.ini
  • Lenin_Script/ascii/ASCII.TXT
  • Lenin_Script/ascii/BOMB.TXT
  • Lenin_Script/ascii/BUNNY.TXT
  • Lenin_Script/ascii/CASTLE.TXT
  • Lenin_Script/ascii/CAT.TXT
  • Lenin_Script/ascii/CAT2.TXT
  • Lenin_Script/ascii/CROSS.TXT
  • Lenin_Script/ascii/DRAGON.TXT
  • Lenin_Script/ascii/EAGLE.TXT
  • Lenin_Script/ascii/EAGLE2.TXT
  • Lenin_Script/ascii/FIRE.TXT
  • Lenin_Script/ascii/FISH.TXT
  • Lenin_Script/ascii/KISS.TXT
  • Lenin_Script/ascii/NYC.TXT
  • Lenin_Script/ascii/OPS.TXT
  • Lenin_Script/ascii/OWL.TXT
  • Lenin_Script/ascii/P&B1.TXT
  • Lenin_Script/ascii/PONY.TXT
  • Lenin_Script/ascii/PRAY.TXT
  • Lenin_Script/ascii/ROSE3.TXT
  • Lenin_Script/ascii/SEAHORSE.TXT
  • Lenin_Script/ascii/SNOWMAN.TXT
  • Lenin_Script/ascii/TIGGER.TXT
  • Lenin_Script/ascii/UNIVERSE.TXT
  • Lenin_Script/ascii/WOLF.TXT
  • Lenin_Script/ascii/WOLF2.TXT
  • Lenin_Script/bordem_net full commands.htm
    .html .js polyglot
  • Lenin_Script/bordem_net full commands_files/ads.htm
    .html
  • Lenin_Script/bordem_net full commands_files/bnlogo_4.png
    .png
  • Lenin_Script/bordem_net full commands_files/i-1.htm
    .html
  • Lenin_Script/bordem_net full commands_files/i-1_files/stylebn.css
  • Lenin_Script/bordem_net full commands_files/i-3.htm
    .html
  • Lenin_Script/bordem_net full commands_files/i-3_files/stylebn.css
  • Lenin_Script/bordem_net full commands_files/show_ads.js
    .js
  • Lenin_Script/bordem_net full commands_files/stbit_3.png
    .png
  • Lenin_Script/bordem_net full commands_files/stvbit_2.png
    .png
  • Lenin_Script/bordem_net full commands_files/stylebn.css
  • Lenin_Script/bordem_net full commands_files/tnav_about.png
    .png
  • Lenin_Script/bordem_net full commands_files/tnav_forums.png
    .png
  • Lenin_Script/bordem_net full commands_files/tnav_home.png
    .png
  • Lenin_Script/bordem_net full commands_files/tnav_irc.png
    .png
  • Lenin_Script/bordem_net full commands_files/tnav_left_2.png
    .png
  • Lenin_Script/bordem_net full commands_files/tnav_right.png
    .png
  • Lenin_Script/bordem_net full commands_files/tnav_vpn.png
    .png
  • Lenin_Script/cc.dat
  • Lenin_Script/control.ini
  • Lenin_Script/dll/BARS.MDX
    .dll windows:4 windows x86 arch:x86

    99eee5c933b3e274b3f9aa164c57762c


    Headers

    Imports

    Exports

    Sections

  • Lenin_Script/dll/Band/band.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Lenin_Script/dll/color.dll
    .dll windows:4 windows x86 arch:x86

    307f6ce041b4742807da176fa552840b


    Headers

    Imports

    Exports

    Sections

  • Lenin_Script/dll/ctl_gen.mdx
    .dll windows:4 windows x86 arch:x86

    36f31ad565ef7d1c14a9e5b079ac75ff


    Headers

    Imports

    Exports

    Sections

  • Lenin_Script/dll/dialog.mdx
    .dll windows:4 windows x86 arch:x86

    252fa339fb91c0295d5e0b214a533f22


    Headers

    Imports

    Exports

    Sections

  • Lenin_Script/dll/dlls.dll
    .dll .js windows:1 windows x86 arch:x86 polyglot


    Headers

    Exports

    Sections

  • Lenin_Script/dll/edll.dll
    .dll windows:4 windows x86 arch:x86

    90ada8e0b4781f42f93ff46909622167


    Headers

    Imports

    Exports

    Sections

  • Lenin_Script/dll/findfile.dll
    .dll windows:4 windows x86 arch:x86

    93249d734980dc6fa995ed513202b3c3


    Headers

    Imports

    Exports

    Sections

  • Lenin_Script/dll/mdx.dll
    .dll windows:4 windows x86 arch:x86

    34b86dab5c0b41a24220fe3732aef3a1


    Headers

    Imports

    Exports

    Sections