General

  • Target

    DAMsetup.exe

  • Size

    2.8MB

  • MD5

    c4f6847c160205eaaba5af06dc3d5873

  • SHA1

    74c1c9a22e85305cb21ff22e68800f96daaa8464

  • SHA256

    5443b1c3aa80091b7e0d86681892e0871a7f1954dfa5cfd33318bc597116dd52

  • SHA512

    997687ab9f5b1507690ffb6d474d7f3cb81d4204e5e7face86c5d1fb54030d8c7c53ad16e533650b5a88abbdf6ab84e58dd8b7d3adb6d049aa244d08d1a950bc

  • SSDEEP

    49152:YKVrCbIS6kXtqMsSOqzw9iDxivzrp/SLyB+Lgyl8WLpqIDXssjromawYuwD:YKVry6ItqqkUVivXpGLLVpq3sPomy

Score
3/10

Malware Config

Signatures

  • Unsigned PE 47 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 6 IoCs

Files

  • DAMsetup.exe
    .exe windows:4 windows x86 arch:x86

    57e98d9a5a72c8d7ad8fb7a6a58b3daf


    Headers

    Imports

    Sections

  • $PLUGINSDIR/Dialer.dll
    .dll windows:4 windows x86 arch:x86

    1f1fddd20def884fc86e064d8f2333ae


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/DotNetChecker.dll
    .dll windows:6 windows x86 arch:x86

    5ad36eab05b8e2d08aa628c3ac87e927


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    610235b90207a63ccf481f0d4375d329


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/StdUtils.dll
    .dll windows:5 windows x86 arch:x86

    ecbe1fbe5190eab5d326930114ad14a8


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    8c8a576201f68de1a3f26fc723b9f30f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:4 windows x86 arch:x86

    2457671c10c5aa708d9619798ec0139c


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/customPage002.ini
  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/makensis.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsisdl.dll
    .dll windows:4 windows x86 arch:x86

    35098e8775f91723e90a28745ef6495b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/registry.dll
    .dll windows:4 windows x86 arch:x86

    cd53277eaa7bbb8fb5b2b678274dcb4e


    Headers

    Imports

    Exports

    Sections

  • $TEMP/setupc.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • DamBho.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • DamFirefox/chrome.manifest
  • DamFirefox/chrome/dammz.jar
    .zip
  • content/contents.rdf
    .xml
  • content/ctmn.js
    .js
  • content/ctmn.xul
    .xml
  • content/dam.css
  • content/dl.gif
    .gif
  • content/dl.js
    .js
  • content/dl.xul
    .xml
  • content/mg.gif
    .gif
  • DamFirefox/components/DamMz.dll
    .dll windows:5 windows x86 arch:x86

    fcd2bde51c22e50522f0f2defa43aa78


    Headers

    Imports

    Exports

    Sections

  • DamFirefox/components/idammz.xpt
  • DamFirefox/components2/DamMz.dll
    .dll windows:5 windows x86 arch:x86

    d4fd6eae43ded259ccc5d68c73841750


    Headers

    Imports

    Exports

    Sections

  • DamFirefox/components2/DamMz25.dll
    .dll windows:5 windows x86 arch:x86

    5648c991df33faaf9be8a5b14f66a2ea


    Headers

    Imports

    Exports

    Sections

  • DamFirefox/components2/DamMz26.dll
    .dll windows:5 windows x86 arch:x86

    50bbac0c22ef6b4ae362809f809ef233


    Headers

    Imports

    Exports

    Sections

  • DamFirefox/components2/DamMz27.dll
    .dll windows:5 windows x86 arch:x86

    50bbac0c22ef6b4ae362809f809ef233


    Headers

    Imports

    Exports

    Sections

  • DamFirefox/components2/DamMz28.dll
    .dll windows:5 windows x86 arch:x86

    0b690ef827097e859bcf07ba00add4f4


    Headers

    Imports

    Exports

    Sections

  • DamFirefox/components2/DamMz29.dll
    .dll windows:5 windows x86 arch:x86

    0b690ef827097e859bcf07ba00add4f4


    Headers

    Imports

    Exports

    Sections

  • DamFirefox/components2/DamMz30.dll
    .dll windows:5 windows x86 arch:x86

    0b690ef827097e859bcf07ba00add4f4


    Headers

    Imports

    Exports

    Sections

  • DamFirefox/components2/DamMz31.dll
    .dll windows:5 windows x86 arch:x86

    0b690ef827097e859bcf07ba00add4f4


    Headers

    Imports

    Exports

    Sections

  • DamFirefox/components2/DamMz32.dll
    .dll windows:5 windows x86 arch:x86

    917b3384630cb3c55b7098f0adde3107


    Headers

    Imports

    Exports

    Sections

  • DamFirefox/components2/DamMz33.dll
    .dll windows:5 windows x86 arch:x86

    917b3384630cb3c55b7098f0adde3107


    Headers

    Imports

    Exports

    Sections

  • DamFirefox/components2/DamMz34.dll
    .dll windows:5 windows x86 arch:x86

    d53b18fb51aba35dc26e0f98b22f8107


    Headers

    Imports

    Exports

    Sections

  • DamFirefox/components2/DamMz35.dll
    .dll windows:5 windows x86 arch:x86

    d53b18fb51aba35dc26e0f98b22f8107


    Headers

    Imports

    Exports

    Sections

  • DamFirefox/components2/DamMz36.dll
    .dll windows:6 windows x86 arch:x86

    01068c6aaef55a810c6ece64f114b800


    Headers

    Imports

    Exports

    Sections

  • DamFirefox/components2/DamMz37.dll
    .dll windows:6 windows x86 arch:x86

    01068c6aaef55a810c6ece64f114b800


    Headers

    Imports

    Exports

    Sections

  • DamFirefox/components2/DamMz38.dll
    .dll windows:6 windows x86 arch:x86

    4501c4c3109e843ee377e7cb3f70c779


    Headers

    Imports

    Exports

    Sections

  • DamFirefox/components2/DamMz39.dll
    .dll windows:6 windows x86 arch:x86

    4501c4c3109e843ee377e7cb3f70c779


    Headers

    Imports

    Exports

    Sections

  • DamFirefox/components2/DamMz40.dll
    .dll windows:6 windows x86 arch:x86

    a0df857064a89f890cbebfd2982cc0f3


    Headers

    Imports

    Exports

    Sections

  • DamFirefox/components2/DamMz41.dll
    .dll windows:6 windows x86 arch:x86

    1b6d81ff75ea684dc48f8a101e2d8926


    Headers

    Imports

    Exports

    Sections

  • DamFirefox/components2/DamMz42p.dll
    .dll windows:6 windows x86 arch:x86

    1b6d81ff75ea684dc48f8a101e2d8926


    Headers

    Imports

    Exports

    Sections

  • DamFirefox/icon.png
    .png
  • DamFirefox/install.rdf
    .xml
  • DamFirefox/old/chrome.manifest
  • DamFirefox/old/chrome/dammz.jar
    .zip
  • content/contents.rdf
    .xml
  • content/ctmn.js
    .js
  • content/ctmn.xul
    .xml
  • content/dam.css
  • content/dl.gif
    .gif
  • content/dl.js
    .js
  • content/dl.xul
    .xml
  • content/mg.gif
    .gif
  • DamFirefox/old/components/dammz.dll
    .dll windows:4 windows x86 arch:x86

    f3c35e06a4cfcd29c89dae37a49d17d0


    Headers

    Imports

    Exports

    Sections

  • DamFirefox/old/components/idammz.xpt
  • DamFirefox/old/ex/META-INF/manifest.mf
  • DamFirefox/old/ex/META-INF/mozilla.rsa
  • DamFirefox/old/ex/META-INF/mozilla.sf
  • DamFirefox/old/ex/chrome.manifest
  • DamFirefox/old/ex/chrome/dammz.jar
    .zip
  • content/contents.rdf
    .xml
  • content/ctmn.js
    .js
  • content/ctmn.xul
    .xml
  • content/dam.css
  • content/dl.gif
    .gif
  • content/dl.js
    .js
  • content/dl.xul
    .xml
  • content/mg.gif
    .gif
  • DamFirefox/old/ex/icon.png
    .png
  • DamFirefox/old/ex/install.rdf
    .xml
  • DamFirefox/old/ex3/Thumbs.db
  • DamFirefox/old/ex3/dam.zip
    .zip
  • DAM128.png
    .png
  • DAM16.png
    .png
  • DAM48.png
    .png
  • META-INF/manifest.mf
  • META-INF/mozilla.rsa
  • META-INF/mozilla.sf
  • dam.js
    .js
  • manifest.json
  • DamFirefox/old/install.rdf
    .xml
  • DamLinkHandler.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • DownloadAcceleratorManager.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • DownloadAcceleratorManager.exe.config
  • Interop.SHDocVw.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • MediaGrabber.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • MediaGrabber.exe.config
  • MgDll.dll
    .dll windows:4 windows x86 arch:x86

    582f9e04b7d123889ecd3f1ad464872c


    Code Sign

    Headers

    Imports

    Sections

  • NpDam.dll
    .dll windows:4 windows x86 arch:x86

    e45f57938a52104a61867be79f0b5b9e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Rsc/Img/DAMchrome.gif
    .gif
  • Rsc/Img/DAMfirefox.gif
    .gif
  • Rsc/Img/about.gif
    .gif
  • Rsc/Img/mgrabber.gif
    .gif
  • Rsc/Img/ultimate.gif
    .gif
  • WRCsetup.exe
    .exe windows:4 windows x86 arch:x86

    4f67aeda01a0484282e8c59006b0b352


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/Dialer.dll
    .dll windows:4 windows x86 arch:x86

    1f1fddd20def884fc86e064d8f2333ae


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/DotNetChecker.dll
    .dll windows:6 windows x86 arch:x86

    eb50afd0a71d03e52fd6e17407e6715d


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    610235b90207a63ccf481f0d4375d329


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    8c8a576201f68de1a3f26fc723b9f30f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:4 windows x86 arch:x86

    2457671c10c5aa708d9619798ec0139c


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/makensis.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsisdl.dll
    .dll windows:4 windows x86 arch:x86

    35098e8775f91723e90a28745ef6495b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/registry.dll
    .dll windows:4 windows x86 arch:x86

    cd53277eaa7bbb8fb5b2b678274dcb4e


    Headers

    Imports

    Exports

    Sections

  • Browser/Images/Thumbs.db
  • Browser/Images/copy.gif
    .gif
  • Browser/Images/download.gif
    .gif
  • Browser/Images/exit.gif
    .gif
  • Browser/Images/explore.gif
    .gif
  • Browser/Images/hd.gif
    .gif
  • Browser/Images/help.gif
    .gif
  • Browser/Images/logo.gif
    .gif
  • Browser/Images/mirror.gif
    .gif
  • Browser/Images/open.gif
    .gif
  • Browser/Images/search.gif
    .gif
  • Browser/welcome.htm
    .html
  • Interop.SHDocVw.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Website Ripper Copier.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • Website Ripper Copier.exe.config
  • help.chm
    .chm
  • icon.ico
  • uninstall.exe.nsis
  • addAllUrls.htm
    .html .js polyglot
  • addUrl.htm
    .html .js polyglot
  • bi.dat
  • cap.htm
    .html .js polyglot
  • dam.crx
    .zip
  • DAM128.png
    .png
  • DAM16.png
    .png
  • DAM48.png
    .png
  • dam.js
    .js
  • manifest.json
  • damfhp.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • damfhp.exe.config
  • damhlpr.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • damhlpr.exe.config
  • damhlprf.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • damhlprf.exe.config
  • dhl
  • dhlf
  • help.chm
    .chm
  • reset.reg
  • runMg.htm
    .html
  • uninstall.exe
    .exe windows:4 windows x86 arch:x86

    57e98d9a5a72c8d7ad8fb7a6a58b3daf


    Headers

    Imports

    Sections

  • $PLUGINSDIR/KillProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    153027ec3b10bcea606b777657dd3402


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    8c8a576201f68de1a3f26fc723b9f30f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:4 windows x86 arch:x86

    2457671c10c5aa708d9619798ec0139c


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $TEMP/setupc.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections