Resubmissions

29-04-2024 12:06

240429-n985jsaa46 4

General

  • Target

    Backuptrans.Android.iphone.Viber.Transfer.Plus.3.1.83.(x64).rar

  • Size

    17.4MB

  • MD5

    2b995913d8088c5a1c30fec1a4a3f241

  • SHA1

    b47d3cc6ddd9152bfde813f6d8b0c24090d1dd18

  • SHA256

    b5e3f92898f99b477b299d5586be81ed934b26f41bb07035067357089cc1cd25

  • SHA512

    d79e6696d200465964d184821b1ba685e0fa379666cc26057303f4d01714fc91130a781ad16ff59ca38622e86b6c9bd4daf3c4a621c2a6a36cfae8af0970a873

  • SSDEEP

    393216:PPAtsSxcPQBhsipG5X21LHVK+FFQsDYUBleG2W799W:PPkbxDhpH1LHVKq2sDR/92WzW

Score
3/10

Malware Config

Signatures

  • Unsigned PE 21 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs

Files

  • Backuptrans.Android.iphone.Viber.Transfer.Plus.3.1.83.(x64).rar
    .rar

    Password: www.mysoftwarefree.com

  • Backuptrans.Android.iphone.Viber.Transfer.Plus.3.1.83.(x64)/MySoftwareFree.com.url
    .url
  • Backuptrans.Android.iphone.Viber.Transfer.Plus.3.1.83.(x64)/Software Files/Setup.exe
    .exe windows:4 windows x86 arch:x86

    Password: www.mysoftwarefree.com

    7fa974366048f9c551ef45714595665e


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    Password: www.mysoftwarefree.com

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    Password: www.mysoftwarefree.com

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • AdbWinApi2.dll
    .dll windows:6 windows x64 arch:x64

    Password: www.mysoftwarefree.com

    9c7a22b892f38488423a6adeebd1760c


    Headers

    Imports

    Exports

    Sections

  • AdbWinUsbApi2.dll
    .dll windows:6 windows x64 arch:x64

    Password: www.mysoftwarefree.com

    2ae447aa4d8ebc9cfe9be05120d243ef


    Headers

    Imports

    Exports

    Sections

  • QtCore4.dll
    .dll windows:6 windows x64 arch:x64

    Password: www.mysoftwarefree.com

    617e111d8cbf9d190fad64309d6f9f8f


    Headers

    Imports

    Exports

    Sections

  • QtGui4.dll
    .dll windows:6 windows x64 arch:x64

    Password: www.mysoftwarefree.com

    106765f305b9281f64b7d47cbf7c7a12


    Headers

    Imports

    Exports

    Sections

  • QtNetwork4.dll
    .dll windows:6 windows x64 arch:x64

    Password: www.mysoftwarefree.com

    a8c304a8b46af832d5d7fd791285bbc5


    Headers

    Imports

    Exports

    Sections

  • QtWebKit4.dll
    .dll windows:6 windows x64 arch:x64

    daf3af9abba71cbcbaee16995ed1a479


    Headers

    Imports

    Exports

    Sections

  • androidiPhoneViberTransferPlus.exe
    .exe windows:6 windows x64 arch:x64

    211170e5e483701be797c9cdfae13ce6


    Code Sign

    Headers

    Imports

    Sections

  • api-ms-win-core-console-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-console-l1-2-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-datetime-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-debug-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-errorhandling-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-file-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-file-l1-2-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-file-l2-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-handle-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-heap-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-interlocked-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-libraryloader-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-localization-l1-2-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-memory-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-namedpipe-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-processenvironment-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-processthreads-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-processthreads-l1-1-1.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-profile-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-rtlsupport-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-string-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-synch-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-synch-l1-2-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-sysinfo-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-timezone-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-util-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-conio-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-convert-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-environment-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-filesystem-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-heap-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-locale-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-math-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-multibyte-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-private-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-process-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-runtime-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-stdio-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-string-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-time-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-utility-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • archive.dll
    .dll windows:6 windows x64 arch:x64

    d560cf51311f1a2c658c837eecaab540


    Headers

    Imports

    Exports

    Sections

  • concrt140.dll
    .dll windows:6 windows x64 arch:x64

    63aed44aa4215730d764b1a62510b722


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • imageformats/qjpeg4.dll
    .dll windows:6 windows x64 arch:x64

    ea32077a9744af826fe985986b997891


    Headers

    Imports

    Exports

    Sections

  • libadb.dll
    .dll windows:6 windows x64 arch:x64

    561cce91b503cb3b6a7a494a3caaf583


    Headers

    Imports

    Exports

    Sections

  • libcrypto-1_1-x64.dll
    .dll windows:6 windows x64 arch:x64

    3332bf5273b861da646792f31cd66d8d


    Headers

    Imports

    Exports

    Sections

  • libcurl.dll
    .dll windows:6 windows x64 arch:x64

    24d37469c9bd4e808a075460d6e25de6


    Headers

    Imports

    Exports

    Sections

  • libmobiledevice.dll
    .dll windows:6 windows x64 arch:x64

    88cc11d0a66301a09bd1486846128f05


    Headers

    Imports

    Exports

    Sections

  • libplist2.dll
    .dll windows:6 windows x64 arch:x64

    19020cab4fbd5fbd11a9fadc152b35ab


    Headers

    Imports

    Exports

    Sections

  • libssl-1_1-x64.dll
    .dll windows:6 windows x64 arch:x64

    17a4957f83760d2160e1a55db833ba03


    Headers

    Imports

    Exports

    Sections

  • msvcp140.dll
    .dll windows:6 windows x64 arch:x64

    c3bac5b277d6a19414754b3ea09dbe12


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • sqlite_qt8.dll
    .dll windows:6 windows x64 arch:x64

    b07e2162fec5ea726d8d8a8093aef9ff


    Headers

    Imports

    Exports

    Sections

  • ucrtbase.dll
    .dll windows:10 windows x64 arch:x64

    405cde0fc80c30dcc3d783173dbd4143


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • uninst.exe.nsis
  • usbaapl/usbaapl.cat
  • usbaapl/usbaapl.inf
  • usbaapl/usbaapl.sys
    .sys windows:6 windows x86 arch:x86

    8737f462046e8661ff45ea128ba92123


    Headers

    Imports

    Sections

  • usbaapl/usbaapl64.cat
  • usbaapl/usbaapl64.inf
  • usbaapl/usbaapl64.sys
    .sys windows:6 windows x64 arch:x64

    c0d2e1595d14062390e8d0e6476d0c6d


    Headers

    Imports

    Sections

  • usbaapl/usbaaplrc.dll
    .dll windows:5 windows x86 arch:x86

    d056332cf3b8d6b9c5dfda1fdbccf8ca


    Code Sign

    Headers

    Imports

    Sections

  • usbmuxd.exe
    .exe windows:6 windows x64 arch:x64

    f528b7c7cb50e88e3a4534a9c7b074e4


    Headers

    Imports

    Sections

  • vbbb/bb1_01.png
    .png
  • vbbb/bb1_02.png
    .png
  • vbbb/bb1_03.png
    .png
  • vbbb/bb1_04.png
    .png
  • vbbb/bb1_05.png
    .png
  • vbbb/bb1_06.png
    .png
  • vbbb/bb1_07.png
    .png
  • vbbb/bb1_08.png
    .png
  • vbbb/bb1_09.png
    .png
  • vbbb/bb2_01.png
    .png
  • vbbb/bb2_02.png
    .png
  • vbbb/bb2_03.png
    .png
  • vbbb/bb2_04.png
    .png
  • vbbb/bb2_05.png
    .png
  • vbbb/bb2_06.png
    .png
  • vbbb/bb2_07.png
    .png
  • vbbb/bb2_08.png
    .png
  • vbbb/bb2_09.png
    .png
  • vbbb/contact.png
    .png
  • vbbb/empty_photo.jpg
    .jpg
  • vbbb/r_01.png
    .png
  • vbbb/r_02.png
    .png
  • vbbb/r_03.png
    .png
  • vbbb/r_04.png
    .png
  • vbbb/r_05.png
    .png
  • vbbb/r_06.png
    .png
  • vbbb/r_07.png
    .png
  • vbbb/r_08.png
    .png
  • vbbb/r_09.png
    .png
  • vbbb/style.css
  • vbbb/voice.png
    .png
  • vccorlib140.dll
    .dll windows:6 windows x64 arch:x64

    155af8b051ca03256aa6577e28579703


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • vcruntime140.dll
    .dll windows:6 windows x64 arch:x64

    f49ac71a58dd00b20fff27fd20515fff


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Backuptrans.Android.iphone.Viber.Transfer.Plus.3.1.83.(x64)/Software Files/crack/androidiPhoneViberTransferPlus.exe
    .exe windows:6 windows x64 arch:x64

    9381ce462880f36d733586af0813f044


    Headers

    Imports

    Sections

  • Backuptrans.Android.iphone.Viber.Transfer.Plus.3.1.83.(x64)/Software Files/www.mysoftwarefree.com.txt