Overview

overview

3

Static

static

3

易窗U盘...32.dll

windows7-x64

1

易窗U盘...32.dll

windows10-2004-x64

1

易窗U盘...32.dll

windows7-x64

1

易窗U盘...32.dll

windows10-2004-x64

1

易窗U盘...nu.dll

windows7-x64

1

易窗U盘...nu.dll

windows10-2004-x64

1

易窗U盘...py.exe

windows7-x64

1

易窗U盘...py.exe

windows10-2004-x64

1

易窗U盘...un.dll

windows7-x64

1

易窗U盘...un.dll

windows10-2004-x64

1

易窗U盘...om.dll

windows7-x64

1

易窗U盘...om.dll

windows10-2004-x64

1

易窗U盘...��.url

windows7-x64

1

易窗U盘...��.url

windows10-2004-x64

1

易窗U盘...��.bat

windows7-x64

1

易窗U盘...��.bat

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    b49bac2f6685e885e21432a36a2511ec

  • Size

    360KB

  • MD5

    b49bac2f6685e885e21432a36a2511ec

  • SHA1

    5edcda9e8f0910a07892af11282dfd51623b64c4

  • SHA256

    e3e123677c6f953dcf2b06b828fa7ee23b1ed57dad8db6d10a52115fcca36c90

  • SHA512

    005368b0d3b9077c270de441d3cf20ec587ef97959f7ab69a4d0f3966fc2065fe0271697481ea90bd252ca90f238789e1b2d436c98a54768021c002de79627b5

  • SSDEEP

    6144:hRYbwHOAsBC7w1+/ohSxpTPoZZDXYIW0bXaSDkLxEKPmbBME6lQxQIptQfXIXfqJ:vYbKJs4cSk/DXnrBDmfmNEQnjyXkfZS1

Score
3/10

Malware Config

Signatures

  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

Files

  • b49bac2f6685e885e21432a36a2511ec
    .rar
  • 易窗U盘资料备份(升级版)/Comdlg32.ocx
    .dll regsvr32 windows:4 windows x86 arch:x86

    988f29c1eb8054253091352741683c76


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • 易窗U盘资料备份(升级版)/OK.ICO
  • 易窗U盘资料备份(升级版)/RICHTX32.OCX
    .dll regsvr32 windows:4 windows x86 arch:x86

    aaca01ab2cd35af160b8025e9dcfad9f


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • 易窗U盘资料备份(升级版)/VsMenu.ocx
    .dll regsvr32 windows:4 windows x86 arch:x86

    8acedade15fdb56bcc08c81510081696


    Headers

    Imports

    Exports

    Sections

  • 易窗U盘资料备份(升级版)/flashcopy.exe
    .exe windows:4 windows x86 arch:x86

    9b3570518b4d82c28cd0c42450642b34


    Headers

    Imports

    Sections

  • 易窗U盘资料备份(升级版)/floppy.ico
  • 易窗U盘资料备份(升级版)/scrrun.dll
    .dll regsvr32 windows:6 windows x86 arch:x86

    9c107e05f0cfbed8ae6b990f258c1351


    Headers

    Imports

    Exports

    Sections

  • 易窗U盘资料备份(升级版)/wshom.ocx
    .dll regsvr32 windows:6 windows x86 arch:x86

    e541d37996dbcd4113805eb12b0e91f6


    Headers

    Imports

    Exports

    Sections

  • 易窗U盘资料备份(升级版)/新云软件.url
    .url
  • 易窗U盘资料备份(升级版)/易窗U盘资料备份说明.txt
  • 易窗U盘资料备份(升级版)/绿化.bat