Overview

overview

7

Static

static

7

SunloginCl...nt.exe

windows7-x64

7

SunloginCl...nt.exe

windows10-2004-x64

7

SunloginCl...ok.dll

windows7-x64

1

SunloginCl...ok.dll

windows10-2004-x64

1

SunloginCl...nt.exe

windows7-x64

7

SunloginCl...nt.exe

windows10-2004-x64

7

SunloginCl...oi.dll

windows7-x64

1

SunloginCl...oi.dll

windows10-2004-x64

1

SunloginCl...on.exe

windows7-x64

7

SunloginCl...on.exe

windows10-2004-x64

7

SunloginCl...ms.sys

windows7-x64

1

SunloginCl...ms.sys

windows10-2004-x64

1

SunloginCl...on.exe

windows7-x64

1

SunloginCl...on.exe

windows10-2004-x64

1

SunloginCl...ms.sys

windows7-x64

1

SunloginCl...ms.sys

windows10-2004-x64

1

SunloginCl...ir.dll

windows7-x64

1

SunloginCl...ir.dll

windows10-2004-x64

1

SunloginCl...ir.sys

windows7-x64

1

SunloginCl...ir.sys

windows10-2004-x64

1

SunloginCl...on.exe

windows7-x64

7

SunloginCl...on.exe

windows10-2004-x64

7

SunloginCl...ir.dll

windows7-x64

1

SunloginCl...ir.dll

windows10-2004-x64

1

SunloginCl...ir.sys

windows7-x64

1

SunloginCl...ir.sys

windows10-2004-x64

1

SunloginCl...on.exe

windows7-x64

1

SunloginCl...on.exe

windows10-2004-x64

1

SunloginCl...pn.sys

windows7-x64

1

SunloginCl...pn.sys

windows10-2004-x64

1

SunloginCl...on.exe

windows7-x64

7

SunloginCl...on.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    64b0acb745e9402bb552b89815cf82ba

  • Size

    7.2MB

  • MD5

    64b0acb745e9402bb552b89815cf82ba

  • SHA1

    17f2c8b312ebbb1be6fe13051a13642ad584cabd

  • SHA256

    7aa3b2a29a696d87d462b24cbab75ad4cb2ee491e3dbc25b401d1a66850c938c

  • SHA512

    7aebfd8c54090f2d34be073a6d7cff8e22eaee5a6cd9fca72174cfbd8fc1480a1a9641dcb2c185ad464a71fbb797cce35530f25764f777692fda8dc497b0b419

  • SSDEEP

    196608:W1jdIicQFLvTqauwx1otUC/K/gcqiuk7ukeEukyV:WZdFdFLvTqabutUtgcqkakehkyV

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

Files

  • 64b0acb745e9402bb552b89815cf82ba
    .rar
  • SunloginClient/._cache_SunloginClient.exe
    .exe windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • out.upx
    .exe windows:5 windows x86 arch:x86


    Headers

    Exports

    Sections

  • SunloginClient/RCHook.dll
    .dll windows:5 windows x86 arch:x86

    9c5b7783f2d98480c6bf90371877c421


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • SunloginClient/SunloginClient.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • SunloginClient/athr_swoi.dll
    .dll windows:5 windows x86 arch:x86

    c0c49ad1bd09ada18617f7a9b267c4f5


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • SunloginClient/config.ini
  • SunloginClient/driver/DpmsMonitor/devcon.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • SunloginClient/driver/DpmsMonitor/oraydpms.inf
  • SunloginClient/driver/DpmsMonitor/oraydpms.sys
    .sys windows:5 windows x86 arch:x86

    f44ab25b8fad72484ed2d8cd6a4f8142


    Code Sign

    Headers

    Imports

    Sections

  • SunloginClient/driver/DpmsMonitor/oraydpmsx86.cat
  • SunloginClient/driver/DpmsMonitor64/devcon.exe
    .exe windows:5 windows x64 arch:x64

    8e16e9e75085e872e16ade60c7b12438


    Code Sign

    Headers

    Imports

    Sections

  • SunloginClient/driver/DpmsMonitor64/oraydpms.inf
  • SunloginClient/driver/DpmsMonitor64/oraydpms.sys
    .sys windows:5 windows x64 arch:x64

    8bbf433c96c6eb12402d54d148e9cb42


    Code Sign

    Headers

    Imports

    Sections

  • SunloginClient/driver/DpmsMonitor64/oraydpmsx64.cat
  • SunloginClient/driver/Mirror/OrayMir.dll
    .dll windows:5 windows x86 arch:x86

    90117d200bcbbb30e628d5a8cb2bf84f


    Code Sign

    Headers

    Imports

    Sections

  • SunloginClient/driver/Mirror/OrayMir.inf
  • SunloginClient/driver/Mirror/OrayMir.sys
    .sys windows:5 windows x86 arch:x86

    518167d6aeefde1975592d28cbae7110


    Code Sign

    Headers

    Imports

    Sections

  • SunloginClient/driver/Mirror/devcon.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • SunloginClient/driver/Mirror/omirhelp.dll
    .sys windows:5 windows x86 arch:x86

    d6b6bc5446c123b02c72dae20f272ce5


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • SunloginClient/driver/Mirror/oraymirx86.cat
  • SunloginClient/driver/Mirror64/OrayMir.dll
    .dll windows:5 windows x64 arch:x64

    2651cf2bbd648e84420a2d9767a8a58a


    Code Sign

    Headers

    Imports

    Sections

  • SunloginClient/driver/Mirror64/OrayMir.inf
  • SunloginClient/driver/Mirror64/OrayMir.sys
    .sys windows:5 windows x64 arch:x64

    715c39fe5bec009735221ebe60c90a5c


    Code Sign

    Headers

    Imports

    Sections

  • SunloginClient/driver/Mirror64/devcon.exe
    .exe windows:5 windows x64 arch:x64

    8e16e9e75085e872e16ade60c7b12438


    Code Sign

    Headers

    Imports

    Sections

  • SunloginClient/driver/Mirror64/omirhelp.dll
    .sys windows:5 windows x64 arch:x64

    eb927cd56b440445c2e10ef4a8c04b0c


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • SunloginClient/driver/Mirror64/oraymirx64.cat
  • SunloginClient/driver/Vpn/OrayVpn.inf
  • SunloginClient/driver/Vpn/OrayVpn.sys
    .sys windows:5 windows x86 arch:x86

    2bfd0a2e70b2afccfb395c679739c6e2


    Code Sign

    Headers

    Imports

    Sections

  • SunloginClient/driver/Vpn/devcon.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • SunloginClient/driver/Vpn/orayvpnx86.cat
  • SunloginClient/driver/Vpn64/OrayVpn.inf
  • SunloginClient/driver/Vpn64/OrayVpn.sys
    .sys windows:5 windows x64 arch:x64

    bd8275ddefe2f50defc00414fdb73397


    Code Sign

    Headers

    Imports

    Sections

  • SunloginClient/driver/Vpn64/devcon.exe
    .exe windows:5 windows x64 arch:x64

    8e16e9e75085e872e16ade60c7b12438


    Code Sign

    Headers

    Imports

    Sections

  • SunloginClient/driver/Vpn64/orayvpnx64.cat
  • SunloginClient/install.bat
  • SunloginClient/install_dpmsmonitor.bat
  • SunloginClient/install_mirror.bat
  • SunloginClient/install_vpn.bat
  • SunloginClient/log/cmd2.log.1
  • SunloginClient/log/cmd2.log.2
  • SunloginClient/log/desktop.log.1
  • SunloginClient/log/desktop.log.2
  • SunloginClient/log/desktop.log.3
  • SunloginClient/log/fastcode.log.1
  • SunloginClient/log/fastcode.log.2
  • SunloginClient/log/service.log
  • SunloginClient/log/service.log.1
  • SunloginClient/log/service.log.10
  • SunloginClient/log/service.log.11
  • SunloginClient/log/service.log.12
  • SunloginClient/log/service.log.13
  • SunloginClient/log/service.log.14
  • SunloginClient/log/service.log.2
  • SunloginClient/log/service.log.3
  • SunloginClient/log/service.log.4
  • SunloginClient/log/service.log.5
  • SunloginClient/log/service.log.6
  • SunloginClient/log/service.log.7
  • SunloginClient/log/service.log.8
  • SunloginClient/log/service.log.9
  • SunloginClient/log/shell.log
  • SunloginClient/log/shell.log.1
  • SunloginClient/log/shell.log.10
  • SunloginClient/log/shell.log.11
  • SunloginClient/log/shell.log.12
  • SunloginClient/log/shell.log.13
  • SunloginClient/log/shell.log.14
  • SunloginClient/log/shell.log.15
  • SunloginClient/log/shell.log.16
  • SunloginClient/log/shell.log.2
  • SunloginClient/log/shell.log.3
  • SunloginClient/log/shell.log.4
  • SunloginClient/log/shell.log.5
  • SunloginClient/log/shell.log.6
  • SunloginClient/log/shell.log.7
  • SunloginClient/log/shell.log.8
  • SunloginClient/log/shell.log.9
  • SunloginClient/scad.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections