Overview

overview

7

Static

static

7

midas.dll

windows7-x64

1

midas.dll

windows10-2004-x64

1

qtintf70.dll

windows7-x64

1

qtintf70.dll

windows10-2004-x64

1

白雪考�...��.exe

windows7-x64

5

白雪考�...��.exe

windows10-2004-x64

5

midas.dll

windows7-x64

1

midas.dll

windows10-2004-x64

1

qtintf70.dll

windows7-x64

1

qtintf70.dll

windows10-2004-x64

1

scktsrvr.exe

windows7-x64

1

scktsrvr.exe

windows10-2004-x64

1

考试服务器.exe

windows7-x64

3

考试服务器.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    58527e80027b00d8a3232c6a3c451914

  • Size

    3.1MB

  • MD5

    58527e80027b00d8a3232c6a3c451914

  • SHA1

    cd528bcdb72df79c444545e650b1502e5ff0e278

  • SHA256

    8ded7b6c4a3b52e5c6dd74cd5e6ee67283043d7dfda5a2f081a8a7e3a4abd59a

  • SHA512

    978b5b0d2c3c66126ec2859a0d373e7360b8734666dff4777f1af51c827418590f8d7394e60cbf97172aa45480dbb3746fff5d19ed7a2cb5ad527af1397191fa

  • SSDEEP

    49152:9YzK18J8LsI6N1kgNv8wWuYBBD2HtV2S9cWSoX0Y6Hr3Evm9S7ZY59XSZ64g6Axa:9Gx1vWuAm2SH1Xf407ZYXXA2xyeCcW

Score
7/10
aspackv2

Malware Config

Signatures

  • ASPack v2.12-2.42 2 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • Unsigned PE 7 IoCs

    Checks for missing Authenticode signature.

Files

  • 58527e80027b00d8a3232c6a3c451914
    .rar
  • 下载说明.htm
    .html .js polyglot
  • 安装说明.txt
  • 白雪考试客户端.rar
    .rar
  • midas.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    eddb7e47f4231b6f1d4357541f93cb6f


    Headers

    Imports

    Exports

    Sections

  • qtintf70.dll
    .dll windows:4 windows x86 arch:x86

    a462a8ea5d21858d5a940280a75737bb


    Headers

    Imports

    Exports

    Sections

  • 安装说明.txt
  • 白雪考试系统客户端.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • 考试服务器.rar
    .rar
  • WhiteSnowKS.mdb
  • midas.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    eddb7e47f4231b6f1d4357541f93cb6f


    Headers

    Imports

    Exports

    Sections

  • qtintf70.dll
    .dll windows:4 windows x86 arch:x86

    a462a8ea5d21858d5a940280a75737bb


    Headers

    Imports

    Exports

    Sections

  • scktsrvr.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • 安装说明.txt
  • 考试服务器.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections