Overview

overview

7

Static

static

3

HookDll.dll

windows7-x64

1

HookDll.dll

windows10-2004-x64

1

NTFSys.dll

windows7-x64

1

NTFSys.dll

windows10-2004-x64

1

NetSet.exe

windows7-x64

1

NetSet.exe

windows10-2004-x64

1

NewFace2.dll

windows7-x64

3

NewFace2.dll

windows10-2004-x64

3

SEBarClt.exe

windows7-x64

7

SEBarClt.exe

windows10-2004-x64

7

SEBarSvr.exe

windows7-x64

7

SEBarSvr.exe

windows10-2004-x64

7

SEReg.exe

windows7-x64

1

SEReg.exe

windows10-2004-x64

1

SEUpdate.exe

windows7-x64

7

SEUpdate.exe

windows10-2004-x64

7

SyncExp.exe

windows7-x64

1

SyncExp.exe

windows10-2004-x64

3

SyncExpSim.exe

windows7-x64

1

SyncExpSim.exe

windows10-2004-x64

3

TimeDll.dll

windows7-x64

1

TimeDll.dll

windows10-2004-x64

1

帮助.chm

windows7-x64

1

帮助.chm

windows10-2004-x64

1

SEBarClt.exe

windows7-x64

1

SEBarClt.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    8d023eca550f13b8709d3ab859dcb589

  • Size

    2.5MB

  • MD5

    8d023eca550f13b8709d3ab859dcb589

  • SHA1

    524f38b5c07577fdc57b22e48ed05d7687f550f8

  • SHA256

    c9c32965ce2b08a2af92139d04daa921490bb6027a6ed3160272874f90de4d41

  • SHA512

    50c9ad0c1da6ea81c030c6c0727c9e73d092f2119debc1f8617379dce1f924c7043a56f73617fbd22bb459a2a65b257bf7a7832c247f5b181078a35d8fcd6c37

  • SSDEEP

    49152:dUJSxnzM2rteRDUGKjmcIZzM79C8FBVUGkJcJMEniK+ty8WQ6DcNvf:dUExnfeD3FT+VkJ0UKNDc

Score
3/10

Malware Config

Signatures

  • Unsigned PE 12 IoCs

    Checks for missing Authenticode signature.

Files

  • 8d023eca550f13b8709d3ab859dcb589
    .rar
  • BatchRun.ini
  • HookDll.dll
    .dll windows:1 windows x86 arch:x86

    215083a45fe1a2a3760d5acbd6821d20


    Headers

    Imports

    Exports

    Sections

  • NTFSys.dll
    .dll windows:4 windows x86 arch:x86

    09d0478591d4f788cb3e5ea416c25237


    Headers

    Imports

    Exports

    Sections

  • NetSet.exe
    .exe windows:1 windows x86 arch:x86

    0a4f0116c57e7c1b809ad6ab4cad0a4d


    Headers

    Imports

    Sections

  • NewFace2.dll
    .dll windows:4 windows x86 arch:x86

    09d0478591d4f788cb3e5ea416c25237


    Headers

    Imports

    Exports

    Sections

  • SEBarClt.exe
    .exe windows:1 windows x86 arch:x86

    3ece359cf0b18d83abc5e3c5f453781c


    Headers

    Imports

    Sections

  • SEBarSvr.exe
    .exe windows:1 windows x86 arch:x86

    0e1d98c2bdac5ee533bd1e2240899910


    Headers

    Imports

    Sections

  • SEReg.exe
    .exe windows:1 windows x86 arch:x86

    aca6dbcb94ac3121abfdb1c29ee04738


    Headers

    Imports

    Sections

  • SEUpdate.exe
    .exe windows:1 windows x86 arch:x86

    215083a45fe1a2a3760d5acbd6821d20


    Headers

    Imports

    Sections

  • SyncExp.exe
    .exe windows:1 windows x86 arch:x86

    0ff1dababd6a515b43c9ba15df89dd55


    Headers

    Imports

    Sections

  • SyncExp1.cfg
  • SyncExpSim.exe
    .exe windows:1 windows x86 arch:x86

    f545a60cdaa5bd3d3255da2b45d8d3d4


    Headers

    Imports

    Sections

  • TimeDll.dll
    .dll windows:1 windows x86 arch:x86

    da31afc05c9094e2d608de462ca458d9


    Headers

    Imports

    Exports

    Sections

  • readme.txt
  • 下载说明.htm
    .html .js polyglot
  • 安装说明.txt
  • 帮助.CHM
    .chm
  • 简化客户端.zip
    .zip
  • SEBarClt.exe
    .exe windows:1 windows x86 arch:x86

    3ece359cf0b18d83abc5e3c5f453781c


    Headers

    Imports

    Sections

  • ˵.txt