Overview

overview

7

Static

static

7

WinHelper/IH.dll

windows7-x64

3

WinHelper/IH.dll

windows10-2004-x64

3

WinHelper/Send.dll

windows7-x64

7

WinHelper/Send.dll

windows10-2004-x64

7

WinHelper/...er.exe

windows7-x64

7

WinHelper/...er.exe

windows10-2004-x64

7

WinHelper/...��.url

windows7-x64

1

WinHelper/...��.url

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    888cbd997c1deaff4d75074bf0ef158c

  • Size

    1.2MB

  • MD5

    888cbd997c1deaff4d75074bf0ef158c

  • SHA1

    e53dfcadce4d4b0523edb58c595d03d53a74cdd5

  • SHA256

    c140beff425460659a29af2b9a90bfc82c32f8e2da9e0ed3188759356909cf02

  • SHA512

    bb032fdc41dd747991d3ab1b81b9d7bf4056b222b23597f5cb76781070234431dfc5eca93e9190f2fc568c33370dbed89934fbcb9f480eac0629bf5b1454cbc5

  • SSDEEP

    24576:WWjEJ1wMroxTF5qotIQQEidXEL476CDTUFDt3dc+9C/ClfHPZN:1KwMCqotI9Us7yFn/C/6PBN

Score
7/10
aspackv2upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • ASPack v2.12-2.42 2 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

Files

  • 888cbd997c1deaff4d75074bf0ef158c
    .rar
  • WinHelper/14-7-2009 PM 11-26-42.jpg
    .jpg
  • WinHelper/IH.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • WinHelper/ReadMe.txt
  • WinHelper/Send.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • WinHelper/TextFile/WinHelper.ini
  • WinHelper/TextFile/user.ini
  • WinHelper/WinHelper.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • WinHelper/新云软件.url
    .url