Overview

overview

7

Static

static

7

RUNME.bat

windows7-x64

3

RUNME.bat

windows10-2004-x64

7

Warcraft.3...Kg.exe

windows7-x64

7

Warcraft.3...Kg.exe

windows10-2004-x64

7

crack.exe

windows7-x64

7

crack.exe

windows10-2004-x64

7

keygen.exe

windows7-x64

3

keygen.exe

windows10-2004-x64

3

patch.exe

windows7-x64

3

patch.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    58f08848286500aab62f865f73100bc8

  • Size

    89KB

  • MD5

    58f08848286500aab62f865f73100bc8

  • SHA1

    6539a02bd914dc0a728dee6366ca25fcfe68856e

  • SHA256

    1eafad62fd6156016de4c5f7681948860878080eebf71cfc4340bf62a306ddb8

  • SHA512

    3837530ff28a65f8ec2b28bf15738edf1058fbfaff680ad5f6f0fb6ea517e6619ec36115b77b451f1268d3df8bb20ce80d6f1715682f31763473711f016bfd99

  • SSDEEP

    1536:P5tUIMHvf2181x02ZarSKLvkJfgRZYJC1IGvBbVv9T3Vnp9ywOJW19u:P5VMn26x0PrD+YRZrZbVvNl/OQnu

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

Files

  • 58f08848286500aab62f865f73100bc8
    .rar
  • RUNME.bat
  • Warcraft_3_The_Frozen_Throne_by_FFF.zip
    .zip
  • Warcraft.3.The.Frozen.Throne_KEYGEN-FFF/FFF.NFO
  • Warcraft.3.The.Frozen.Throne_KEYGEN-FFF/FILE_ID.DIZ
  • Warcraft.3.The.Frozen.Throne_KEYGEN-FFF/War3x-TFT-Kg.exe
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • crack.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • keygen.exe
    .exe windows:4 windows x86 arch:x86

    09d0478591d4f788cb3e5ea416c25237


    Headers

    Imports

    Sections

  • patch.exe
    .exe windows:4 windows x86 arch:x86

    5bef038545e081c225032878a6cedf0d


    Headers

    Imports

    Sections