Overview

overview

7

Static

static

7

960b06fd7b...0b.exe

windows7-x64

7

960b06fd7b...0b.exe

windows10-2004-x64

7

$PLUGINSDI...ry.dll

windows7-x64

1

$PLUGINSDI...ry.dll

windows10-2004-x64

1

$PLUGINSDI...TB.exe

windows7-x64

7

$PLUGINSDI...TB.exe

windows10-2004-x64

7

$PLUGINSDIR/IS.dll

windows7-x64

3

$PLUGINSDIR/IS.dll

windows10-2004-x64

3

$PLUGINSDIR/NET.dll

windows7-x64

1

$PLUGINSDIR/NET.dll

windows10-2004-x64

3

$PLUGINSDI...lp.dll

windows7-x64

1

$PLUGINSDI...lp.dll

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ON.dll

windows7-x64

7

$PLUGINSDI...ON.dll

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    960b06fd7b2e23856481f7939f05ac0b

  • Size

    1.8MB

  • MD5

    960b06fd7b2e23856481f7939f05ac0b

  • SHA1

    1a59f6a4c503b2bc66f2597c54210f02212e6667

  • SHA256

    13ace56487bc2324dd996677173167ab7c1e25eab4da46049f6cf70be8b55d0d

  • SHA512

    7f50c6294fa40d2b0a2be68d122aa7156cebf1e5d46ea259bba493356fd8d3573facd1c8d6886d27bf9267d56601af9a5924bde54074f98db38f5c2fb85e241b

  • SSDEEP

    49152:rE5nkyEeuSmsFNZH39JkMWMjN5nc2M7CGfELxhZPKhLH03Z0:ru9EKmsnKKoCNKT0G

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 8 IoCs

    Checks for missing Authenticode signature.

Files

  • 960b06fd7b2e23856481f7939f05ac0b
    .exe windows:5 windows x86 arch:x86

    be41bf7b8cc010b614bd36bbca606973


    Headers

    Imports

    Sections

  • $PLUGINSDIR/DecryptLibrary.dll
    .dll windows:6 windows x86 arch:x86

    9ea8c56cb1502e7af1e2ccbbd907d406


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/DeltaTB.exe
    .exe windows:5 windows x86 arch:x86

    226aad043c0e4ff419de3af885a5d607


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/GetPrivateInstaller.exe.crypted
  • $PLUGINSDIR/IS.dll
    .dll windows:6 windows x86 arch:x86

    43087810d965c117d20dd5225a45da5d


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/NET.dll
    .dll windows:6 windows x86 arch:x86

    13747ecad4b929762d73c9d1ad62f57f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/OCSetupHlp.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    bcc9fc26368b3f6e1a5258f41bed8ac8


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:5 windows x86 arch:x86

    9ea5bdc8c90dfcffe309465c26c89758


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsJSON.dll
    .dll windows:5 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:5 windows x86 arch:x86


    Headers

    Sections