Overview

overview

7

Static

static

7

bbea585c59...01.exe

windows7-x64

7

bbea585c59...01.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

ArchiveInfo.dll

windows7-x64

3

ArchiveInfo.dll

windows10-2004-x64

3

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

WinCatalogL.chm

windows7-x64

1

WinCatalogL.chm

windows10-2004-x64

1

WinCatalogL.exe

windows7-x64

7

WinCatalogL.exe

windows10-2004-x64

7

arc/zip.dll

windows7-x64

1

arc/zip.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    bbea585c59582db8a263cb559e3ac801

  • Size

    624KB

  • MD5

    bbea585c59582db8a263cb559e3ac801

  • SHA1

    32cc9f20792e28a3b209e0999e50e4fa703416da

  • SHA256

    37ae49ba8084f3aab3c3ec5d195cd0f21a777e2ae26d14aaff1af74a954b8b7d

  • SHA512

    fadbcec63a8e1bcc11bef823dee9b647e78fceac54af1e58c2e779a2a974b5a9e488be0d4c7337b41bbadef6601c31e33718d79940153423787b40472fc8a491

  • SSDEEP

    12288:PSKVM/vCMbg9fIfgaM8nIXRyvVMZQRvxVsyihuIlr8rTG9C0iJxEVBwJD3WKXXHx:PSKG/q36JMMRdja5lr8ra9/iJyT63W4R

Score
7/10
aspackv2upx

Malware Config

Signatures

  • ASPack v2.12-2.42 2 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 9 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs
    installer

Files

  • bbea585c59582db8a263cb559e3ac801
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/StartMenu.dll
    .dll windows:4 windows x86 arch:x86

    a648aeaa164b592c1e8892a10400b5ae


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • ArchiveInfo.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Uninstall.exe
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • WinCatalogL.chm
    .chm
  • WinCatalogL.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • arc/zip.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • licence.txt
  • readme.txt