General

  • Target

    7ba92e689457fbf2c9aeff431e22b253

  • Size

    6.4MB

  • MD5

    7ba92e689457fbf2c9aeff431e22b253

  • SHA1

    255fc3dd6396b014134b742bf711705de21417e3

  • SHA256

    53b83d1e385bc4b7d678eb2eeb26a7877428137bfb6824bfba7531713f266e72

  • SHA512

    d23268c742529a695d1f0c4366e1778b1aebf5944c30d679bc42ad3ca9dc50104aa1002477249411c5b7e2e67337e202915d4aff586368af4452f959bc823310

  • SSDEEP

    98304:8eOHb4ZE1sZbCtdL97oKQweye9pzJrjrRlpkV8PeYtyHXmMD+kYe3x+fRkVYQRaO:8z4ZE1sZcMiDe7N/TpzPdm9DWmTSz8L

Score
3/10

Malware Config

Signatures

  • Unsigned PE 12 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs

Files

  • 7ba92e689457fbf2c9aeff431e22b253
    .exe windows:5 windows x86 arch:x86

    ff8d8dbb96b7ab762c0ce51911e4d104


    Headers

    Imports

    Sections

  • $PLUGINSDIR/BindDLL.dll
    .dll windows:4 windows x86 arch:x86

    e364f030c9c8c63bd441eaacd90ea774


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/CommonFuncDll.dll
    .dll windows:4 windows x86 arch:x86

    83c2cafde09ab4ccc97e01c176885f14


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/CoreAAC.ax
    .dll regsvr32 windows:4 windows x86 arch:x86

    603a5553c41f87f262cc1e933305d724


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/CoreAVC.2.0.0.0.ax
    .dll regsvr32 windows:5 windows x86 arch:x86

    a51dab6f4a70c7f5108331c3fee35df0


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/CoreAVC.ax
    .dll regsvr32 windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • $PLUGINSDIR/FWUpnp.dll
    .dll windows:5 windows x86 arch:x86

    0f59a417be517814d6255c7c7ab35c48


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/FindProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    37c57c99267b241d11cb1f6f96b0ba5e


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/GdiPlus.dll
    .dll windows:6 windows x86 arch:x86

    ef4c749f5dec4632456950949469f18c


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/GetCommentsInfoDll.dll
    .dll windows:4 windows x86 arch:x86

    1e2dbd1840e910287de8240532354090


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/HTTP_ASF_SOURCE.ax
    .dll regsvr32 windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • $PLUGINSDIR/Hookkernel.dll
    .dll windows:5 windows x86 arch:x86

    39a0c6105a00746b436b64ffd0d840f1


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/InetLoad.dll
    .dll windows:4 windows x86 arch:x86

    55e79df82a11a9c3b96f7ebb44d55181


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/KillProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    109c032cfbd301a5463d71c5477714b2


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/Live.dll
    .dll windows:4 windows x86 arch:x86

    97cd466186ada82f5db40728997a3c96


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/Loader.exe
    .exe windows:4 windows x86 arch:x86

    b1c84e6836e0f576436b4de2b8b1dbec


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/MP4Splitter.ax
    .dll regsvr32 windows:5 windows x86 arch:x86

    6a413d2443eac83c2997189f40595191


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/MngModule.dll
    .dll windows:5 windows x86 arch:x86

    a6d780066aa41ed5aef943b6057563e4


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/OPlayer.ocx
    .dll regsvr32 windows:5 windows x86 arch:x86

    e87042775d72236a1f6ce77e3f839551


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/PPAP.exe
    .exe windows:4 windows x86 arch:x86

    a7c2770340db65b3dcb79c29aa100aca


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/PPBindDAC.dll
    .dll windows:4 windows x86 arch:x86

    087c746d736fa3dada6a6d2512421d64


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/PPHookShell.dll
    .dll windows:5 windows x86 arch:x86

    89f107d056c4c082a3da5d76aa15ed89


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/PPInstallLog.dll
    .dll windows:4 windows x86 arch:x86

    256af4ebe940c94257ae641d926c73e1


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/PPLive.exe
    .exe windows:4 windows x86 arch:x86

    a7c2770340db65b3dcb79c29aa100aca


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/PPLiveU.exe
    .exe windows:4 windows x86 arch:x86

    a7c2770340db65b3dcb79c29aa100aca


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/PPP.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    26e699a07497a0a4833efef20414c5ac


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ProductUpdate.dll
    .dll windows:5 windows x86 arch:x86

    bc4f9b67c87b419fb3372dab82641136


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/Send_Log_Kernel_Module.dll
    .dll windows:4 windows x86 arch:x86

    43e12366080d2670a77e2262b7a2a482


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/TipsClient.dll
    .dll windows:4 windows x86 arch:x86

    bbc42149d4f5bf66ccd7430e6c3cf560


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/VAProxyD.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    39e4649a28b0278fe059d01d71e5a556


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/VSFilter.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    46a9d4ca48472d86a80dadc3420d345e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/admodule.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    84d3fae859555f3fa806d87efe60a956


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/audioswitcher.ax
    .dll regsvr32 windows:4 windows x86 arch:x86

    44d6c239fec5f9a713dd7e36b1afeee9


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/cknsis.dll
    .dll windows:4 windows x86 arch:x86

    6e60a7a9a1520a277d7cd7d5baecf56a


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/crashreporter.exe
    .exe windows:4 windows x86 arch:x86

    ecf049fd1e443d20553200f13e1deea6


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/gtapi_signed.dll
    .dll windows:4 windows x86 arch:x86

    7ffe854b1d056041e067b211f52d2336


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ikan-p.ico
  • $PLUGINSDIR/mframe.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    b1a4cd97a03147d1e3e766f3602fd630


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/mir.dll
    .dll windows:4 windows x86 arch:x86

    1bb9ac75bcddcad19ef884bc3d73f3fc


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    1e2884056e655f2b7bc5a904e352fc80


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/omng.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    a6e5006b188407994d8c582dbcefc07b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/peer.dll
    .dll windows:5 windows x86 arch:x86

    c61c0cd15465d6c46af4bae47f0bddc1


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/pnsis.dll
    .dll windows:4 windows x86 arch:x86

    31c6ac2144003ec772b515931addb3ad


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/pplugin2.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    2a8bfb8a1144751d8d12e443415e4f1c


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ppp.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    46929088280429ac3354990b94720261


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/sop.dll
    .dll windows:5 windows x86 arch:x86

    63ffc46e98a761cd967aad54cbb3823e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/sqlite3.dll
    .dll windows:4 windows x86 arch:x86

    ae203af973724c4f20d47874300ff971


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/time.dll
    .dll windows:4 windows x86 arch:x86

    2e3a4d1f132aea64d421c1e936bcc407


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/tpi.dll
    .dll windows:4 windows x86 arch:x86

    90547e4eb5ec31263ac362ca3152bc21


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/uilib.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    61981375a0143ab4be30bf9bbb2f8885


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • icons/ikan-p.ico