Overview

overview

7

Static

static

7

9be9c8988a...fd.exe

windows7-x64

7

9be9c8988a...fd.exe

windows10-2004-x64

7

$PLUGINSDI...rol.js

windows7-x64

1

$PLUGINSDI...rol.js

windows10-2004-x64

1

$PLUGINSDI...nt.dll

windows7-x64

3

$PLUGINSDI...nt.dll

windows10-2004-x64

3

$PLUGINSDI...ist.js

windows7-x64

1

$PLUGINSDI...ist.js

windows10-2004-x64

1

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

$PLUGINSDI...nit.js

windows7-x64

1

$PLUGINSDI...nit.js

windows10-2004-x64

1

$PLUGINSDI...fer.js

windows7-x64

1

$PLUGINSDI...fer.js

windows10-2004-x64

1

$PLUGINSDI...ge.dll

windows7-x64

3

$PLUGINSDI...ge.dll

windows10-2004-x64

3

$PLUGINSDI...n12.js

windows7-x64

1

$PLUGINSDI...n12.js

windows10-2004-x64

1

$PLUGINSDI...ime.js

windows7-x64

1

$PLUGINSDI...ime.js

windows10-2004-x64

1

$PLUGINSDI...ket.js

windows7-x64

1

$PLUGINSDI...ket.js

windows10-2004-x64

1

$PLUGINSDI...ftp.js

windows7-x64

1

$PLUGINSDI...ftp.js

windows10-2004-x64

1

$PLUGINSDI...ttp.js

windows7-x64

1

$PLUGINSDI...ttp.js

windows10-2004-x64

1

$PLUGINSDI.../tp.js

windows7-x64

1

$PLUGINSDI.../tp.js

windows10-2004-x64

1

$PLUGINSDI...re.dll

windows7-x64

1

$PLUGINSDI...re.dll

windows10-2004-x64

1

$PLUGINSDI...re.dll

windows7-x64

1

$PLUGINSDI...re.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9be9c8988ab6bb7cdc044ac413d0c3fd

  • Size

    802KB

  • MD5

    9be9c8988ab6bb7cdc044ac413d0c3fd

  • SHA1

    5e916b307f0109a0d56490b1fb9e100f9d0a2e47

  • SHA256

    23821db04107d705b9b6a16a867aa01c55fc77f4e002efc9263e133d090b5b35

  • SHA512

    2728413b7624dfe41a90756a292dc477ed5bac20a88dd813dd0307731110afeaaeaa3f2462131a86873731e8efed26b378e87e7f4936577fd3658e7de02c626f

  • SSDEEP

    12288:ixpJ+TTSc1DM6nKEHJvG9608LytrLlmR+KV/RBTU:OpYT31Y6KSOn8LyJLlmNk

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 22 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • 9be9c8988ab6bb7cdc044ac413d0c3fd
    .exe windows:5 windows x86 arch:x86

    c86b02c21ff392ad6ffcf21dcd4a5588


    Headers

    Imports

    Sections

  • $PLUGINSDIR/AdvancedTests.lua
  • $PLUGINSDIR/BrowserControl.lua
    .js
  • $PLUGINSDIR/ButtonEvent.dll
    .dll windows:4 windows x86 arch:x86

    0ece15e7d9bb35972aec701f46192460


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/DownloadList.lua
    .js
  • $PLUGINSDIR/DownloadThread.lua
  • $PLUGINSDIR/Events.lua
  • $PLUGINSDIR/FloatingProgress.dll
    .dll windows:5 windows x86 arch:x86

    6ef0ba2a59a41ea0d58313176f4f9149


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/GuiInit.lua
    .js
  • $PLUGINSDIR/IntegratedOffer.lua
    .js
  • $PLUGINSDIR/LuaBridge.dll
    .dll windows:5 windows x86 arch:x86

    d90216d0c7e3a0e11b082b54332b0de9


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/LuaSocket/lua/ltn12.lua
    .js
  • $PLUGINSDIR/LuaSocket/lua/mime.lua
    .js
  • $PLUGINSDIR/LuaSocket/lua/socket.lua
    .js
  • $PLUGINSDIR/LuaSocket/lua/socket/ftp.lua
    .js
  • $PLUGINSDIR/LuaSocket/lua/socket/http.lua
    .js
  • $PLUGINSDIR/LuaSocket/lua/socket/smtp.lua
  • $PLUGINSDIR/LuaSocket/lua/socket/tp.lua
    .js
  • $PLUGINSDIR/LuaSocket/lua/socket/url.lua
  • $PLUGINSDIR/LuaSocket/mime/core.dll
    .dll windows:4 windows x86 arch:x86

    fe8e49b45d854066bc51a41f61066908


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/LuaSocket/socket/core.dll
    .dll windows:4 windows x86 arch:x86

    f7bb4b78321004f93f7e54fe50af1981


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/LuaXml_lib.dll
    .dll windows:4 windows x86 arch:x86

    0e4b7cfc82eb1d2e2840274f1659b95a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/NotifyIcon.dll
    .dll windows:5 windows x86 arch:x86

    e043e246d8abcbb9de2ad82c6e18cd88


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    4ec328f99bdd944fc98d8a5cf11f7a62


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UACInfo.dll
    .dll windows:5 windows x86 arch:x86

    0603f1e5036bb7e26cc82e7875b30a9b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/bit.dll
    .dll windows:5 windows x86 arch:x86

    c386ea6b5416735e46724de400d1557d


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/browserutils.dll
    .dll windows:5 windows x86 arch:x86

    34caecee8c0e203bd180194e023fa488


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/bundleinstall.lua
    .js
  • $PLUGINSDIR/callbackproxy.lua
    .js
  • $PLUGINSDIR/customNsWeb.dll
    .dll windows:5 windows x86 arch:x86

    c406b41faef9d450d598369f4d24e810


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/definitions.lua
    .js
  • $PLUGINSDIR/downloads.lua
    .js
  • $PLUGINSDIR/eagerinstall.lua
    .js
  • $PLUGINSDIR/env.lua
  • $PLUGINSDIR/extension.tlb
  • $PLUGINSDIR/ffi.dll
    .dll windows:5 windows x86 arch:x86

    49243da65777aa40d71712f25e529629


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/json.lua
  • $PLUGINSDIR/lua51.dll
    .dll windows:5 windows x86 arch:x86

    cd782bf2f23dfa520ca28ca40acf03a3


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/luacom.dll
    .dll windows:4 windows x86 arch:x86

    5f56694ee532c8969e60878f914fcebd


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/luaxml.lua
  • $PLUGINSDIR/net_utils.lua
  • $PLUGINSDIR/notifyicon.lua
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:5 windows x86 arch:x86

    90eea478feb0667dcdd7bccb241e74b3


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsis7z.dll
    .dll windows:5 windows x86 arch:x86

    4c04c20a976733bf789fead96eb58701


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsisunz.dll
    .dll windows:4 windows x86 arch:x86

    0f92772da9c737d2bac38919e9863980


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/offer_filters.lua
    .js
  • $PLUGINSDIR/offer_stats.lua
  • $PLUGINSDIR/packaged_app.lua
    .js
  • $PLUGINSDIR/processfreefile.lua
  • $PLUGINSDIR/sandbox.lua
    .js
  • $PLUGINSDIR/scheduler.lua
    .js
  • $PLUGINSDIR/service_registry.lua
  • $PLUGINSDIR/skin/res/common.css
  • $PLUGINSDIR/skin/res/common.js
    .js
  • $PLUGINSDIR/skin/res/jquery.js
    .js
  • $PLUGINSDIR/skin/res/knockout.js
    .js
  • $PLUGINSDIR/uistate.lua
  • $PLUGINSDIR/un.package.exe
    .exe windows:5 windows x86 arch:x86

    35b698a6fd5038f719a27b089cb1f48e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/utils.lua
    .js
  • $PLUGINSDIR/version.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/win32_constants.lua
  • $PLUGINSDIR/wininet/compat.lua
    .js
  • $PLUGINSDIR/wininet/core.lua
    .js
  • $PLUGINSDIR/wininet/defs.lua
    .js
  • $PLUGINSDIR/wininet/ftp.lua
    .js
  • $PLUGINSDIR/wininet/http.lua
    .js
  • $PLUGINSDIR/wininet/ltn12.lua
    .js
  • $PLUGINSDIR/wininet/url.lua
  • $PLUGINSDIR/wininet/wininet_h.lua
  • $PLUGINSDIR/wininet/wintypes.lua