General

  • Target

    e232829c1eab38af322b9e96779902f9

  • Size

    5.5MB

  • MD5

    e232829c1eab38af322b9e96779902f9

  • SHA1

    28c5c9120077852b08de56a476376fd00b087139

  • SHA256

    5b25f67fdba08868d2a1a1e8491edac8589f6eb3b99d4f37e6bc25524e72aa0f

  • SHA512

    67da547f0bc7f8594ae2e278758cf741c015e90defa42ec15a0f1393a2b398b49d6ed22eb6338975b0db8578015e8e32e53686ae26fef755ae79e9f6054fe7d4

  • SSDEEP

    98304:dnXHO3YopMOTL6X0gm5XZKzmmnc+am+MT4+u/Qu6FU7niRh+SGUsOUqZh3hwouR:dnX25XPgmZmmsCM0+u/Qu6G7nIh+SGUO

Score
7/10

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Malformed or missing cross-reference table in PDF

    Malformed or missing cross-reference tables are often used to evade detection

  • Unsigned PE 14 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs

Files

  • e232829c1eab38af322b9e96779902f9
    .rar
  • GUP_Install(Cn).exe
    .exe windows:4 windows x86 arch:x86

    dfb06052e74b26a42b0e490bd1c07959


    Headers

    Imports

    Sections

  • $PLUGINSDIR/BrandingURL.dll
    .dll windows:4 windows x86 arch:x86

    135de77644e2add2fd9dd8176740e7e0


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    0b51ce6ce6bf8d5c68b3ea9f3ac1bf2c


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • 7z.dll
    .dll windows:4 windows x86 arch:x86

    25bcc7010e8e7f0e059da50586853709


    Headers

    Imports

    Exports

    Sections

  • 7z.exe
    .exe windows:4 windows x86 arch:x86

    2efb558b40291d5b63f14a2b16bcaf76


    Headers

    Imports

    Sections

  • Data/Data.db
  • GUP.exe
    .exe windows:4 windows x86 arch:x86

    ae0a5112fe1176f4e5f6e1bc95e4c209


    Headers

    Imports

    Sections

  • Key.gmreg
  • Resource/Bin/468X60.dat
  • Resource/Bin/AppPlus.DLL
    .dll windows:4 windows x86 arch:x86

    0604c0dbce47adb65895bea32415c605


    Headers

    Imports

    Exports

    Sections

  • Resource/Bin/Codejock.CommandBars.v13.2.1.lic
  • Resource/Bin/Codejock.Controls.v13.2.1.lic
  • Resource/Bin/Codejock.PropertyGrid.v13.2.1.lic
  • Resource/Bin/CommandBars0.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    ab48fc060534707a9f10591cc7ca69a1


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Resource/Bin/Controls0.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    53f774b8d48d0b20f28125035a767967


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Resource/Bin/G.dll
    .dll windows:4 windows x86 arch:x86

    70aa7e4af9351a4a11163b4edc29b626


    Headers

    Imports

    Exports

    Sections

  • Resource/Bin/Gax.dll
    .dll windows:4 windows x86 arch:x86

    5867874cfed7eebbf10ef059dbad6450


    Headers

    Imports

    Exports

    Sections

  • Resource/Bin/GmAPI.dll
    .dll windows:4 windows x86 arch:x86

    8635d674d6983c0b686dc6eba7566cea


    Headers

    Imports

    Exports

    Sections

  • Resource/Bin/PropertyGrid0.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    c4b865637a10291cc7efc829d7b22bd7


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Resource/Bin/VSFlex80.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    7e3569e524e53302e1ce88f7f469e0a7


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Resource/Bin/gregn50.dll
    .dll regsvr32 windows:5 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:5 windows x86 arch:x86


    Headers

    Sections

  • Resource/Bin/hyp.lrf
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • Resource/Bin/info.dat
  • Resource/Bin/main.lrf
  • Resource/Bin/xml.dll
    .dll windows:4 windows x86 arch:x86

    301a2e1e7f3ab66ade7225a9101941f7


    Headers

    Imports

    Exports

    Sections

  • Resource/Icon/1.ico
  • Resource/Icon/1002.ico
  • Resource/Icon/1003.ico
  • Resource/Icon/1004.ico
  • Resource/Icon/1005.ico
  • Resource/Icon/1006.ico
  • Resource/Icon/1007.ico
  • Resource/Icon/1008.ico
  • Resource/Icon/1009.ico
  • Resource/Icon/1010.ico
  • Resource/Icon/1011.ico
  • Resource/Icon/1013.ico
  • Resource/Icon/1014.ico
  • Resource/Icon/1015.ico
  • Resource/Icon/1016.ico
  • Resource/Icon/102.ico
  • Resource/Icon/103.ico
  • Resource/Icon/104.ico
  • Resource/Icon/105.ico
  • Resource/Icon/1100.ico
  • Resource/Icon/1118.ico
  • Resource/Icon/1119.ico
  • Resource/Icon/1137.ico
  • Resource/Icon/1201.ico
  • Resource/Icon/1202.ico
  • Resource/Icon/1203.ico
  • Resource/Icon/1204.ico
  • Resource/Icon/1205.ico
  • Resource/Icon/1206.ico
  • Resource/Icon/1208.ico
  • Resource/Icon/1209.ico
  • Resource/Icon/1210.ico
  • Resource/Icon/1212.ico
  • Resource/Icon/1213.ico
  • Resource/Icon/1214.ico
  • Resource/Icon/1215.ico
  • Resource/Icon/1217.ico
  • Resource/Icon/1218.ico
  • Resource/Icon/1219.ico
  • Resource/Icon/1220.ico
  • Resource/Icon/200.ico
  • Resource/Icon/202.ico
  • Resource/Icon/203.ico
  • Resource/Icon/204.ico
  • Resource/Icon/205.ico
  • Resource/Icon/206.ico
  • Resource/Icon/207.ico
  • Resource/Icon/210.ico
  • Resource/Icon/211.ico
  • Resource/Icon/212.ico
  • Resource/Icon/213.ico
  • Resource/Icon/214.ico
  • Resource/Icon/215.ico
  • Resource/Icon/216.ico
  • Resource/Icon/217.ico
  • Resource/Icon/219.ico
  • Resource/Icon/220.ico
  • Resource/Icon/221.ico
  • Resource/Icon/301.ico
  • Resource/Icon/302.ico
  • Resource/Icon/303.ico
  • Resource/Icon/304.ico
  • Resource/Icon/305.ico
  • Resource/Icon/4.ico
  • Resource/Icon/400.ico
  • Resource/Icon/402.ico
  • Resource/Icon/403.ico
  • Resource/Icon/404.ico
  • Resource/Icon/405.ico
  • Resource/Icon/5.ico
  • Resource/Icon/700.ico
  • Resource/Icon/701.ico
  • Resource/Icon/702.ico
  • Resource/Icon/704.ico
  • Resource/Icon/705.ico
  • Resource/Icon/706.ico
  • Resource/Icon/707.ico
  • Resource/Icon/708.ico
  • Resource/Icon/709.ico
  • Resource/Icon/710.ico
  • Resource/Icon/711.ico
  • Resource/Icon/712.ico
  • Resource/Icon/715.ico
  • Resource/Icon/718.ico
  • Resource/Icon/719.ico
  • Resource/Icon/720.ico
  • Resource/Icon/724.ico
  • Resource/Icon/728.ico
  • Resource/Icon/729.ico
  • Resource/Icon/730.ico
  • Resource/Icon/731.ico
  • Resource/Icon/732.ico
  • Resource/Icon/733.ico
  • Resource/Icon/800.ico
  • Resource/Icon/802.ico
  • Resource/Icon/803.ico
  • Resource/Icon/805.ico
  • Resource/Icon/806.ico
  • Resource/Icon/807.ico
  • Resource/Icon/808.ico
  • Resource/Icon/809.ico
  • Resource/Icon/811.ico
  • Resource/Icon/812.ico
  • Resource/Icon/813.ico
  • Resource/Icon/814.ico
  • Resource/Icon/815.ico
  • Resource/Icon/816.ico
  • Resource/Icon/818.ico
  • Resource/Icon/819.ico
  • Resource/Icon/820.ico
  • Resource/Icon/821.ico
  • Resource/Icon/822.ico
  • Resource/Icon/823.ico
  • Resource/Icon/824.ico
  • Resource/Icon/825.ico
  • Resource/Icon/826.ico
  • Resource/Icon/828.ico
  • Resource/Icon/829.ico
  • Resource/Icon/831.ico
  • Resource/Icon/832.ico
  • Resource/Icon/833.ico
  • Resource/Icon/834.ico
  • Resource/Icon/835.ico
  • Resource/Icon/836.ico
  • Resource/Icon/837.ico
  • Resource/Icon/838.ico
  • Resource/Icon/839.ico
  • Resource/Icon/840.ico
  • Resource/Icon/841.ico
  • Resource/Icon/854.ico
  • Resource/Icon/855.ico
  • Resource/Icon/856.ico
  • Resource/Icon/900.ico
  • Resource/Icon/910.ico
  • Resource/Icon/913.ico
  • Resource/Icon/Tree/DataSource/0.ico
  • Resource/Icon/Tree/DataSource/1.ico
  • Resource/Icon/Tree/MyPrinting/0.ico
  • Resource/Icon/Tree/MyPrinting/1.ico
  • Resource/Icon/Tree/MyPrinting/2.ico
  • manuals.pdf
    .pdf
  • uninst.exe
    .exe windows:4 windows x86 arch:x86

    dfb06052e74b26a42b0e490bd1c07959


    Headers

    Imports

    Sections

  • 新云软件.url
    .url