General

  • Target

    a12d29bd2eeaaa04f875cff8a95aa478

  • Size

    3.0MB

  • MD5

    a12d29bd2eeaaa04f875cff8a95aa478

  • SHA1

    b8373fa6ff7c7b864013a830b46c6870eda278ff

  • SHA256

    69ea7b336fd017f1696fa2e8c37cb109321796cf2d40324aa545f6a8ec447808

  • SHA512

    f8a8e37a77c7e1071359872fe7975c8276322454985c6faee1ae9f506926d779abc363308a46a377e0605c7dd3b30defeb2b00a06858126ff9a6d737ba46e644

  • SSDEEP

    49152:wGkBuabuO0bWyn+SYibL849M9TXOcrpaEV6pNPUbNl3FESr7bX4kxZiq:jkEGu1a2+SRL8KMrMkOPUn1ESr7LZiq

Score
3/10

Malware Config

Signatures

  • Unsigned PE 30 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs

Files

  • a12d29bd2eeaaa04f875cff8a95aa478
    .zip
  • p2pover.exe
    .exe windows:4 windows x86 arch:x86

    97318da386948415d08cef4a9006d669


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/KillProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    815c88741b87a0210c457b00b57bf9c6


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    4ec328f99bdd944fc98d8a5cf11f7a62


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • $TEMP/winpcap40/Packet.dll
    .dll windows:4 windows x86 arch:x86

    088fedd367765cf098ba8150e3ad9014


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $TEMP/winpcap40/PacketVista.dll
    .dll windows:4 windows x86 arch:x86

    125f6213a1434f84285a3dc24077bb0e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $TEMP/winpcap40/WanPacket.dll
    .dll windows:4 windows x86 arch:x86

    c4f10a94feffedd44a2a094b559256d7


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $TEMP/winpcap40/npf.sys
    .sys windows:6 windows x86 arch:x86

    5d756b1deabd7b6ee3f068c3a075da59


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/winpcap40/npf64.sys
    .sys windows:6 windows x64 arch:x64

    4984370b0a32e217ec04e87b22d6fede


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/winpcap40/npptools.dll
    .dll windows:5 windows x86 arch:x86

    8a413931cc2969954673fc05bd8fd353


    Headers

    Imports

    Exports

    Sections

  • $TEMP/winpcap40/pthreadVC.dll
    .dll windows:4 windows x86 arch:x86

    90ee61357770484e2d085958b94141a3


    Headers

    Imports

    Exports

    Sections

  • $TEMP/winpcap40/wpcap.dll
    .dll windows:4 windows x86 arch:x86

    6a6ab6ea5f347cadbd2f3e8091a86bbb


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • LiteUnzip.dll
    .dll windows:4 windows x86 arch:x86

    39d9f1f80dba9c8cd529de9f5dcfb84e


    Headers

    Imports

    Exports

    Sections

  • LiteZip.dll
    .dll windows:4 windows x86 arch:x86

    d106e627907a9a6d85cce365108761b2


    Headers

    Imports

    Exports

    Sections

  • Uninstall.exe
    .exe windows:4 windows x86 arch:x86

    97318da386948415d08cef4a9006d669


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/KillProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    815c88741b87a0210c457b00b57bf9c6


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/LangDLL.dll
    .dll windows:4 windows x86 arch:x86

    946eb0a1e85c9ade4acaf634eb5a64f1


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • acl/WWW[ʱ].acl
  • acl/WWWģ[ʱ].acl
  • acl/[ʱ].acl
  • acl/P2P[ʱ].acl
  • adbrowser.exe
    .exe windows:4 windows x86 arch:x86

    14373624fb3d7401ef847d0c7c27a7df


    Headers

    Imports

    Exports

    Sections

  • backup.ini
  • bwtest.exe
    .exe windows:4 windows x86 arch:x86

    9755d59a18ef5217a97d67fd73c2ce5f


    Headers

    Imports

    Sections

  • bwtest.ico
  • config/ed2k.dat
  • config/sample.blk
  • config/sample.wht
  • core.dll
    .dll windows:4 windows x86 arch:x86

    b3383dfdf5ebf1bee49b8502fe355d28


    Headers

    Imports

    Exports

    Sections

  • detoured.dll
    .dll windows:4 windows x86 arch:x86

    6c8408bb5d7d5a5b75b9314f94e68763


    Headers

    Imports

    Exports

    Sections

  • lang/chs/config.dll
    .dll windows:4 windows x86 arch:x86

    0f6f76191f0eaba8a88d06d71202c598


    Headers

    Imports

    Exports

    Sections

  • lang/chs/gui.xml
  • lang/chs/rsc.dll
    .dll windows:4 windows x86 arch:x86

    5c54715227e960c5019e7a45d4b9d02a


    Headers

    Imports

    Sections

  • lang/eng/config.dll
    .dll windows:4 windows x86 arch:x86

    0f6f76191f0eaba8a88d06d71202c598


    Headers

    Imports

    Exports

    Sections

  • lang/eng/gui.xml
  • lang/eng/rsc.dll
    .dll windows:4 windows x86 arch:x86

    5c54715227e960c5019e7a45d4b9d02a


    Headers

    Imports

    Sections

  • lang/string.dat
  • list/WWWģ.wht
  • list/WWWģ.blk
  • mac-prefixes
  • modules/dlctrl.dll
    .dll windows:4 windows x86 arch:x86

    b986a2e48331012062e0fbc635631320


    Headers

    Imports

    Exports

    Sections

  • modules/imctrl.dll
    .dll windows:4 windows x86 arch:x86

    d0828209b8ce9e3c8410df6207db4861


    Headers

    Imports

    Exports

    Sections

  • modules/p2pctrl.dll
    .dll windows:4 windows x86 arch:x86

    c62bc5399958dccfb27611997287d5bb


    Headers

    Imports

    Exports

    Sections

  • modules/sitectrl.dll
    .dll windows:4 windows x86 arch:x86

    8a43421642bee18bcb50bc92f274a77c


    Headers

    Imports

    Exports

    Sections

  • p2pfilter.sys
    .sys windows:4 windows x86 arch:x86

    595687010f92ae0ff547af4bee977f33


    Headers

    Imports

    Sections

  • p2pover.exe
    .exe windows:4 windows x86 arch:x86

    f5da669d1bb915e2f2d38c1ce7df32f2


    Headers

    Imports

    Exports

    Sections

  • pvt.dat
  • pvt.dll
    .dll windows:4 windows x86 arch:x86

    c7b0d7e04c4d964d398dc70595a40760


    Headers

    Imports

    Exports

    Sections

  • readme.txt
  • rule.dat
  • schedule.dat
  • setup.dat
  • skins/office2007.ski
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • skins/vista.ski
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • stat.dll
    .dll windows:4 windows x86 arch:x86

    839bf7d32ff7bf3a001990de2af88107


    Headers

    Imports

    Exports

    Sections

  • tbw.ico
  • tour/tour.exe
    .exe windows:4 windows x86 arch:x86

    edac6f2832c09832b3092087830a038a


    Headers

    Imports

    Sections

  • update.dll
    .dll windows:4 windows x86 arch:x86

    536314b2a90ee7ef28d8b503473edf37


    Headers

    Imports

    Exports

    Sections

  • version.dat
  • ʹ˵.url
    .url
  • .url
    .url