Overview

overview

7

Static

static

7

OX163/COMDLG32.dll

windows7-x64

1

OX163/COMDLG32.dll

windows10-2004-x64

1

OX163/MSCOMCTL.dll

windows7-x64

1

OX163/MSCOMCTL.dll

windows10-2004-x64

1

OX163/MSINET.dll

windows7-x64

1

OX163/MSINET.dll

windows10-2004-x64

1

OX163/OX163.exe

windows7-x64

5

OX163/OX163.exe

windows10-2004-x64

5

OX163/Search163.exe

windows7-x64

5

OX163/Search163.exe

windows10-2004-x64

5

OX163/Sear...lp.htm

windows7-x64

1

OX163/Sear...lp.htm

windows10-2004-x64

1

OX163/dao360.dll

windows7-x64

1

OX163/dao360.dll

windows10-2004-x64

1

OX163/incl...og.vbs

windows7-x64

1

OX163/incl...og.vbs

windows10-2004-x64

1

OX163/incl...at.vbs

windows7-x64

1

OX163/incl...at.vbs

windows10-2004-x64

1

OX163/incl...ru.vbs

windows7-x64

1

OX163/incl...ru.vbs

windows10-2004-x64

1

OX163/incl...wy.vbs

windows7-x64

1

OX163/incl...wy.vbs

windows10-2004-x64

1

OX163/incl...t).vbs

windows7-x64

1

OX163/incl...t).vbs

windows10-2004-x64

1

OX163/incl...rl.vbs

windows7-x64

1

OX163/incl...rl.vbs

windows10-2004-x64

1

OX163/incl...us.vbs

windows7-x64

1

OX163/incl...us.vbs

windows10-2004-x64

1

OX163/incl...ai.vbs

windows7-x64

1

OX163/incl...ai.vbs

windows10-2004-x64

1

OX163/incl...ru.vbs

windows7-x64

1

OX163/incl...ru.vbs

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0b3518cc92b935ecc05b42bad09646bd

  • Size

    2.6MB

  • MD5

    0b3518cc92b935ecc05b42bad09646bd

  • SHA1

    2e558c2eb1eee9f273481a5bc23d1cd99815197b

  • SHA256

    965fb4ed916d069e801d9b47a9cb3fe59a8a4aa19a60df0f978d9da6985a6dbf

  • SHA512

    61209fe22bf41acfe4ccacf99a0f34744b0e7388d58919ca732c3b6afd42e84f8e75d246e357a9448a8ad8b88090dd436d3a2410c59e9a8b0d05387962853ed2

  • SSDEEP

    49152:JdnUw9XIrQhfBbAgaWGsAgya5uRUlHhdfSaFh9gsAdHm0LsjWVQ3t5qQ2IDp:JdUJrmJbjafpWuSlHh0Yh9zcjLsi23tN

Score
7/10
aspackv2

Malware Config

Signatures

  • ASPack v2.12-2.42 2 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • Unsigned PE 9 IoCs

    Checks for missing Authenticode signature.

Files

  • 0b3518cc92b935ecc05b42bad09646bd
    .rar
  • OX163/COMDLG32.OCX
    .dll regsvr32 windows:4 windows x86 arch:x86

    988f29c1eb8054253091352741683c76


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • OX163/Help&Readme(帮助与说明).txt
  • OX163/MSCOMCTL.OCX
    .dll regsvr32 windows:4 windows x86 arch:x86

    ce21923007044b1701a0b2dc4ac9396b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • OX163/MSINET.OCX
    .dll regsvr32 windows:4 windows x86 arch:x86

    d940cf5b3d0dfb340396c0608ef1a0c5


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • OX163/OX163.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • OX163/OX163.exe.manifest
  • OX163/OX163setup.ini
  • OX163/Search163.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • OX163/Search163.exe.manifest
  • OX163/Search163_help.htm
    .html
  • OX163/Update(2009-08-21).txt
  • OX163/dao360.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    740d7cb11304862970f49454448a6e33


    Headers

    Imports

    Exports

    Sections

  • OX163/email.gif
    .gif
  • OX163/include/163blog.vbs
    .vbs
  • OX163/include/2cat.vbs
    .vbs
  • OX163/include/3dbooru.vbs
    .vbs
  • OX163/include/92wy.vbs
    .vbs
  • OX163/include/Help(about script).txt
    .vbs
  • OX163/include/OX163_Web_Browser_ctrl.vbs
    .vbs
  • OX163/include/OX163_htmlst_include.vbs
    .html .js polyglot
  • OX163/include/donmai_us.vbs
    .vbs
  • OX163/include/e-hentai.vbs
    .vbs
  • OX163/include/gelbooru.vbs
    .vbs
  • OX163/include/ggyy8.vbs
    .vbs
  • OX163/include/imouto.vbs
    .vbs
  • OX163/include/include.txt
  • OX163/include/konachan.vbs
    .vbs
  • OX163/include/picasa.vbs
    .vbs
  • OX163/include/pixiv.vbs
    .vbs
  • OX163/include/sky-fire.vbs
    .vbs
  • OX163/include/spymac.vbs
    .vbs
  • OX163/include/tom.vbs
    .vbs
  • OX163/include/xunlei.vbs
    .vbs
  • OX163/include/yahoo.vbs
    .vbs
  • OX163/include/yupoo.vbs
    .vbs .js
  • OX163/include/yxnpc.vbs
    .vbs
  • OX163/include/前往脚本更新与下载页.url
  • OX163/locked.gif
    .gif
  • OX163/msscript.ocx
    .dll regsvr32 windows:6 windows x86 arch:x86

    29d52fcd2e5378e1c0cc7cc55c22797b


    Headers

    Imports

    Exports

    Sections

  • OX163/msvbvm60.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    ce5958d8adf86078d58c0c6f95621ee9


    Headers

    Imports

    Exports

    Sections

  • OX163/scrrun.dll
    .dll regsvr32 windows:6 windows x86 arch:x86

    9c107e05f0cfbed8ae6b990f258c1351


    Headers

    Imports

    Exports

    Sections

  • OX163/shdocvw.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    ac86c8581efd2a8f0eea2b44b9a4a4ec


    Headers

    Imports

    Exports

    Sections

  • OX163/start.htm
    .html
  • OX163/wininet.dll
    .dll windows:6 windows x86 arch:x86

    b6b535b36f1b2140da157eadda0d3c51


    Headers

    Imports

    Exports

    Sections

  • OX163/zlib.dll
    .dll windows:4 windows x86 arch:x86

    7e3560e4dd2deaa398fa039458dd4b4b


    Headers

    Imports

    Exports

    Sections

  • OX163/新云软件.url
    .url