Overview

overview

7

Static

static

7

Temp/Guna.UI.dll

windows7-x64

1

Temp/Guna.UI.dll

windows10-2004-x64

1

Temp/Loader.exe

windows7-x64

7

Temp/Loader.exe

windows10-2004-x64

7

Temp/Siticone.UI.dll

windows7-x64

1

Temp/Siticone.UI.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Temp.rar

  • Size

    1.1MB

  • MD5

    c71d753be5fd26925f2e42f08e407c0e

  • SHA1

    767902130130f709578e399f1c117d61c3676684

  • SHA256

    7c65b88ef0a72e591d1d19bf315bfb758c6c3698723557d1daa0e16c91dd4737

  • SHA512

    88f7196e6a49146fd962afa834c4dc96c659eb5f4c017e47a623ba41f7e7d2b47104a20ae23fb17e0090eb847490a2528529459e73502a9f798a1c6e22eaf07f

  • SSDEEP

    24576:Edinm64Ct/iUP0hYa63B1XYNNJtvL/4vnrZdhkAUtIFeq9mlpdYoP:EImiJNJR2JrerZctIBAp1P

Score
7/10

Malware Config

Signatures

  • .NET Reactor proctector 1 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • Temp.rar
    .rar
  • Temp/Guna.UI.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Temp/Loader.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Temp/Siticone.UI.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections