Overview

overview

10

Static

static

3

updatework.zip

windows10-2004-x64

1

Update/Blo....4.exe

windows10-2004-x64

7

Update/Loa...ED.exe

windows10-2004-x64

10

Update/README.txt

windows10-2004-x64

1

Update/bin...ox.dll

windows10-2004-x64

1

Update/bin...ns.dll

windows10-2004-x64

1

Update/bin...on.dll

windows10-2004-x64

1

Update/bin...UI.dll

windows10-2004-x64

1

Update/bin...le.dll

windows10-2004-x64

1

Update/bin...ty.dll

windows10-2004-x64

1

Update/bin...rk.dll

windows10-2004-x64

1

Update/bin...ir.png

windows10-2004-x64

3

Update/bin/lua.xml

windows10-2004-x64

1

Update/con...AP.txt

windows10-2004-x64

1

Update/con...gs.txt

windows10-2004-x64

1

Update/con...VH.txt

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    updatework.zip

  • Size

    11.1MB

  • MD5

    206775bfaf7d4528280960f00b10a764

  • SHA1

    6ef89bbc6fd7a56f1379c93ff850e5c57d7a5954

  • SHA256

    61e0e0802d4b980560b93bf09549e879727fac55ce22483f1c48706c0713804a

  • SHA512

    737090d2d2b2a337e7f035198de147aafe8336e6de921dcdc8442dcbde1a7fd1ce8162389cd11d1e6539c9b5727ff0381547e241247681ded884db95d75204eb

  • SSDEEP

    196608:vLlVkEM/ezwqL9NF/Ro7RWXrNXxoIlGAukRHfP+Fd8qxvU1j8gfxp0+sTX7mzAc:vZuGzzL9q7RWXrjoIhnlX+FuqAjv0bTO

Score
3/10

Malware Config

Signatures

  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

Files

  • updatework.zip
    .zip
  • Update/Bloxstrap-v2.5.4.exe
    .exe windows:6 windows x64 arch:x64

    6dbf27f4c70fe2c8ed3e0122ba75d641


    Headers

    Imports

    Sections

  • Update/LoaderFIXED.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • Update/README.txt
  • Update/bin/FastColoredTextBox.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Update/bin/Microsoft.Expression.Interactions.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Update/bin/Newtonsoft.Json.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Update/bin/Siticone.UI.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Update/bin/System.ValueTuple.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Update/bin/System.Windows.Interactivity.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Update/bin/WPFSpark.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Update/bin/crosshair/crosshair.png
    .png
  • Update/bin/lua.xshd
    .xml
  • Update/configs/CUSTOMAP.txt
  • Update/configs/Settings.txt
  • Update/configs/teroll_HVH.txt