Overview

overview

7

Static

static

7

vpnclient/28ip.html

windows7-x64

1

vpnclient/28ip.html

windows10-2004-x64

1

vpnclient/gonggao.htm

windows7-x64

1

vpnclient/gonggao.htm

windows10-2004-x64

1

vpnclient/ip.html

windows7-x64

1

vpnclient/ip.html

windows10-2004-x64

1

vpnclient/ssm.html

windows7-x64

1

vpnclient/ssm.html

windows10-2004-x64

1

vpnclient/top.htm

windows7-x64

1

vpnclient/top.htm

windows10-2004-x64

1

vpnclient2/28vpn.exe

windows7-x64

7

vpnclient2/28vpn.exe

windows10-2004-x64

7

vpnclient2....0.exe

windows7-x64

7

vpnclient2....0.exe

windows10-2004-x64

7

vpnclient2....0.exe

windows7-x64

7

vpnclient2....0.exe

windows10-2004-x64

7

vpnclient2...ao.htm

windows7-x64

1

vpnclient2...ao.htm

windows10-2004-x64

1

vpnclient2/top.htm

windows7-x64

1

vpnclient2/top.htm

windows10-2004-x64

1

top.htm

windows7-x64

1

top.htm

windows10-2004-x64

1

vpnclient2...t2.lnk

windows7-x64

3

vpnclient2...t2.lnk

windows10-2004-x64

6

vpnclient2...op.htm

windows7-x64

1

vpnclient2...op.htm

windows10-2004-x64

1

vpnclient2...op.htm

windows7-x64

1

vpnclient2...op.htm

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    a9fca341ce8fcb9da33c098f954f17c8

  • Size

    1.9MB

  • MD5

    a9fca341ce8fcb9da33c098f954f17c8

  • SHA1

    9378b9b499cc8caf71c6f25598d3e8ed6364edb7

  • SHA256

    46d28f5a37a3cae54a72b238f72e75c648f67d57db505adda259619442525bd6

  • SHA512

    c1738016f9c00741d1f880cbb0fe450eebe5cae2caf86f35da707a42cc17643ac3ae33b13416dc69fe0468788455938d5a4fc4eae1eb87e59f114063cc2930aa

  • SSDEEP

    49152:a3mWCgCYjyVcX7PNNBpjBlqAwRmhEFiPF2hzDNXzO/0uetGR:a3mWayTX7lpqAsFiMhnNDA

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

Files

  • a9fca341ce8fcb9da33c098f954f17c8
    .rar
  • vpnclient/28ip.html
  • vpnclient/gonggao.htm
    .html
  • vpnclient/images/Thumbs.db
  • vpnclient/images/gonggao.gif
    .gif
  • vpnclient/images/khd.css
  • vpnclient/images/wenzi_1.jpg
    .jpg
  • vpnclient/images/wenzi_2.jpg
    .jpg
  • vpnclient/images/wenzi_bt.jpg
    .jpg
  • vpnclient/images/wenzi_left.jpg
    .jpg
  • vpnclient/images/zhuce.gif
    .gif
  • vpnclient/ip.html
  • vpnclient/ssm.html
    .html .js polyglot
  • vpnclient/top.htm
    .html
  • vpnclient/toppic.jpg
    .jpg
  • vpnclient2/28vpn.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • vpnclient2/28vpn_en_5.0.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • vpnclient2/28vpn_zh_5.0.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • vpnclient2/gonggao.htm
    .html
  • vpnclient2/images/1.gif
    .gif
  • vpnclient2/images/2.gif
    .gif
  • vpnclient2/images/3.gif
    .gif
  • vpnclient2/images/Thumbs.db
  • vpnclient2/images/gonggao.gif
    .gif
  • vpnclient2/images/khd.css
  • vpnclient2/images/wenzi_1.jpg
    .jpg
  • vpnclient2/images/wenzi_2.jpg
    .jpg
  • vpnclient2/images/wenzi_bt.jpg
    .jpg
  • vpnclient2/images/wenzi_left.jpg
    .jpg
  • vpnclient2/images/zhuce.gif
    .gif
  • vpnclient2/top.htm
    .html
  • vpnclient2/top.rar
    .rar
  • top.htm
    .html
  • vpnclient2/toppic88888.jpg
    .gif
  • vpnclient2/vpnclient2.lnk
    .lnk
  • vpnclient2/vpnlist.txt
  • vpnclient2/vpnlisten.txt
  • vpnclient2/youyou.ico
  • vpnclient2/复件 (2) top.htm
    .html
  • vpnclient2/复件 top.htm
    .html