Overview

overview

7

Static

static

7

10.exe

windows7-x64

3

10.exe

windows10-2004-x64

3

12DNF小马.exe

windows7-x64

7

12DNF小马.exe

windows10-2004-x64

7

521DNF-HA(新).exe

windows7-x64

1

521DNF-HA(新).exe

windows10-2004-x64

3

DNF掉线�...��.bat

windows7-x64

1

DNF掉线�...��.bat

windows10-2004-x64

7

冒火.dll

windows7-x64

7

冒火.dll

windows10-2004-x64

7

查看最�...��.url

windows7-x64

1

查看最�...��.url

windows10-2004-x64

1

觉醒.dll

windows7-x64

7

觉醒.dll

windows10-2004-x64

7

风暴.dll

windows7-x64

7

风暴.dll

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0e295b3c69a6d5cb87154b6a6451476e

  • Size

    1.8MB

  • MD5

    0e295b3c69a6d5cb87154b6a6451476e

  • SHA1

    1e529b5b9f1f9a03055dc0fa60bafe1f33cb2212

  • SHA256

    25a1ed638307b5c361a117048961fffb5533a2925553a2cb44ae61fc5389c23e

  • SHA512

    c96272cdf46f25fc448cfa82ed58216450231abb5587a61742124477f195ed60b8b4e4a0f97809fc1226ac34e13de6e21e586f75eee6f1f90a3e8294457d04e1

  • SSDEEP

    49152:E8cn66NYhXWSiMJI97u0WXccyoo9CtiBNRK5lH:dcvNYNjiII97ujccyYtiJK/

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 3 IoCs

    Detects file using ACProtect software.

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

Files

  • 0e295b3c69a6d5cb87154b6a6451476e
    .rar
  • 10.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • 12DNF小马.exe
    .exe windows:4 windows x86 arch:x86

    3a9367306c18b77e986592eac8088866


    Headers

    Imports

    Sections

  • 521DNF-HA(新).exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • Cfg.xml
  • DNF掉线数据清理1.3版.bat
  • 使用说明.txt
  • 冒火.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • 查看最新代码.url
  • 注册码.reg
  • 觉醒.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • 风暴.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections