Resubmissions

02/03/2024, 23:20

240302-3bewdaac5s 8

02/03/2024, 22:47

240302-2qjx7sab3w 8

General

  • Target

    Adware.zip

  • Size

    7.5MB

  • MD5

    6bf5f553e1885bfaa3cf4c041891fb7d

  • SHA1

    0b52ee4af7ebdde087f69e540332b01eebce23a9

  • SHA256

    4a836b5dfbb49e09690dccdcce3296f66a3c7190ab03555140a8117695c6165f

  • SHA512

    8fcbbe1d4f07b401a8d8231536ddd9a45638a69e8149e5eb8c5778ec95851d7f99c5bfe0f046b2378052ec9027b7dcab36a23b5501efc1af2dffcb3997e82e8f

  • SSDEEP

    98304:nTlsSwcE6Chwes2+YMrOHbR6uihZsBNmkSdAM4qWMy/krx3OyMrD4lTvRU4o:TxEDdKOHFHihZsLmXzokrJJMrD49g

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 4 IoCs

    Detects file using ACProtect software.

  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 40 IoCs

    Checks for missing Authenticode signature.

Files

  • Adware.zip
    .zip
  • Adware/Reimage Repair.zip
    .zip
  • ReimageRepair.exe
    .exe windows:5 windows x86 arch:x86

    32f3282581436269b3a75b6675fe3e08


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/AccessControl.dll
    .dll windows:5 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:5 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/Banner.dll
    .dll windows:5 windows x86 arch:x86

    beba03bbad1f8d79d5b3c1359e913e0d


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ButtonEvent.dll
    .dll windows:5 windows x86 arch:x86

    59070d80178eb0db7b7113b7a8608502


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ExecDos.dll
    .dll windows:5 windows x86 arch:x86

    a5d239ed12c9442d63c73cb9ff7cad0e


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/IpConfig.dll
    .dll windows:5 windows x86 arch:x86

    3f0fda09180f619ca116344bede41608


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/LogEx.dll
    .dll windows:4 windows x86 arch:x86

    549d7b44067bbcdf42bf6a90a80a3a9e


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/MSIBanner.dll
    .dll windows:4 windows x86 arch:x86

    f4c348b6c8d3828e735f17c40df0e134


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:5 windows x86 arch:x86

    45d25ca52c312b2254c60dbcb30342d1


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/WmiInspector.dll
    .dll windows:5 windows x86 arch:x86

    7f0e53ce204644197ed8a4abb8792a26


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/inetc.dll
    .dll windows:4 windows x86 arch:x86

    86cdacc6fa5e3ff4938d358350751516


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/installer-164x314.bmp
  • $PLUGINSDIR/md5dll.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:5 windows x86 arch:x86

    9ea5bdc8c90dfcffe309465c26c89758


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsExec.dll
    .dll windows:5 windows x86 arch:x86

    8700d0ebbb41c81ea52718af1ab70a93


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/registry.dll
    .dll windows:4 windows x86 arch:x86

    421a02aae559045e04759aae146087eb


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/stack.dll
    .dll windows:4 windows x86 arch:x86

    454e327924e76e3c69e4915b2b6f1a25


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/xml.dll
    .dll windows:5 windows x86 arch:x86

    5bbd63919e9f724979e2ebcc7e04a7e6


    Headers

    Imports

    Exports

    Sections

  • $TEMP/sqlite3.exe
    .exe windows:4 windows x86 arch:x86

    ab6dc39f8604d36390ce39bdd9559b15


    Headers

    Imports

    Sections

  • Adware/Reimage Repair/ReimageRepair.exe
    .exe windows:5 windows x86 arch:x86

    32f3282581436269b3a75b6675fe3e08


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/AccessControl.dll
    .dll windows:5 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:5 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/Banner.dll
    .dll windows:5 windows x86 arch:x86

    beba03bbad1f8d79d5b3c1359e913e0d


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ButtonEvent.dll
    .dll windows:5 windows x86 arch:x86

    59070d80178eb0db7b7113b7a8608502


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ExecDos.dll
    .dll windows:5 windows x86 arch:x86

    a5d239ed12c9442d63c73cb9ff7cad0e


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/IpConfig.dll
    .dll windows:5 windows x86 arch:x86

    3f0fda09180f619ca116344bede41608


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/LogEx.dll
    .dll windows:4 windows x86 arch:x86

    549d7b44067bbcdf42bf6a90a80a3a9e


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/MSIBanner.dll
    .dll windows:4 windows x86 arch:x86

    f4c348b6c8d3828e735f17c40df0e134


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:5 windows x86 arch:x86

    45d25ca52c312b2254c60dbcb30342d1


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/WmiInspector.dll
    .dll windows:5 windows x86 arch:x86

    7f0e53ce204644197ed8a4abb8792a26


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/inetc.dll
    .dll windows:4 windows x86 arch:x86

    86cdacc6fa5e3ff4938d358350751516


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/installer-164x314.bmp
  • $PLUGINSDIR/md5dll.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:5 windows x86 arch:x86

    9ea5bdc8c90dfcffe309465c26c89758


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsExec.dll
    .dll windows:5 windows x86 arch:x86

    8700d0ebbb41c81ea52718af1ab70a93


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/registry.dll
    .dll windows:4 windows x86 arch:x86

    421a02aae559045e04759aae146087eb


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/stack.dll
    .dll windows:4 windows x86 arch:x86

    454e327924e76e3c69e4915b2b6f1a25


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/xml.dll
    .dll windows:5 windows x86 arch:x86

    5bbd63919e9f724979e2ebcc7e04a7e6


    Headers

    Imports

    Exports

    Sections

  • $TEMP/sqlite3.exe
    .exe windows:4 windows x86 arch:x86

    ab6dc39f8604d36390ce39bdd9559b15


    Headers

    Imports

    Sections

  • Adware/WinZip Driver Updater.zip
    .zip
  • WinZip Driver Updater.exe
    .exe windows:5 windows x86 arch:x86

    483f0c4259a9148c34961abbda6146c1


    Code Sign

    Headers

    Imports

    Sections

  • Adware/WinZip Driver Updater/WinZip Driver Updater.exe
    .exe windows:5 windows x86 arch:x86

    483f0c4259a9148c34961abbda6146c1


    Code Sign

    Headers

    Imports

    Sections

  • Adware/readme.md