General

  • Target

    c8f381041b2a14435c1016e34349e4af

  • Size

    330KB

  • MD5

    c8f381041b2a14435c1016e34349e4af

  • SHA1

    219d074d28c7024b1bc7f29cd297a6954ea28ecd

  • SHA256

    4b1e740f5751491c432249d71c8d77086bb18f8178d5f9d5dd037d8dfe52bb0e

  • SHA512

    c85e5b023d7d8c8afd157e3b4cb37ba4930ac676601d2461a8ab934e050c942423fefc14a5a8b1285f5f077f70ce0561176d6ac6c2d6654a14464b085a8e8287

  • SSDEEP

    6144:js9Cv1/Ns5EzxzALNhzOidbxkgRGSZj6EEY4p4L8BUtGe7exDfsXU86:SC1NsqzGLmidxfZj6hY45etGqexD0UV

Score
7/10

Malware Config

Signatures

  • ASPack v2.12-2.42 1 IoCs

    Detects executables packed with ASPack v2.12-2.42

  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs

Files

  • c8f381041b2a14435c1016e34349e4af
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • $PLUGINSDIR/Processes.dll
    .dll windows:5 windows x86 arch:x86

    eaa5f91829171a65db414b9e64ec9548


    Headers

    Imports

    Exports

    Sections

  • rb.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • ufa.exe
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • uninstall.exe
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • $PLUGINSDIR/Processes.dll
    .dll windows:5 windows x86 arch:x86

    eaa5f91829171a65db414b9e64ec9548


    Headers

    Imports

    Exports

    Sections