Overview

overview

7

Static

static

3

Upgrader.exe

windows7-x64

7

Upgrader.exe

windows10-2004-x64

7

$PLUGINSDIR/INetC.dll

windows7-x64

3

$PLUGINSDIR/INetC.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    Upgrader.exe

  • Size

    618KB

  • MD5

    5b8767e4dc06cee6fa069edf4ff41b53

  • SHA1

    ce664dffdfe46be3f52ba9d88eb72a4148badc8e

  • SHA256

    eefc06d60d7c04d4537e7bd3be080d53d01e9a4c3075e910b70190f121cc830d

  • SHA512

    e5762a439bcf983581907cfe372227db4f8778092da70f860fc3aa4384a18723fa917b5c7c23c5d3f941ed5abc7b2dcdd3488e1cac8c651599ecaea97d50778b

  • SSDEEP

    12288:Tbio2ERgOatu1mfydC/3W62iFHszz/B5ezHp/cGnD7Ch+//:Tbio2ER1P7d2+4Hszz55cRcQD7CA/

Score
3/10

Malware Config

Signatures

  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

Files

  • Upgrader.exe
    .exe windows:4 windows x86 arch:x86

    56a78d55f3f7af51443e58e0ce2fb5f6


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/INetC.dll
    .dll windows:6 windows x86 arch:x86

    c203fb9778aa257498fa4da0dd616de3


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/LangDLL.dll
    .dll windows:4 windows x86 arch:x86

    3e8d18bb71c7ebbda2ddc2a4bb03547b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/StartMenu.dll
    .dll windows:4 windows x86 arch:x86

    80469f6834e579db68a646d49780b9d5


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ZipDLL.dll
    .dll windows:6 windows x86 arch:x86

    8c68ce7348d2ee29251cdd1a7f3c1f15


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    6b5c4f7d679059f68f1269aad3a5cecd


    Headers

    Imports

    Exports

    Sections

  • placeholder.txt
  • uninstall.exe.nsis