General

  • Target

    PBCCRCPassGuardEdge.exe

  • Size

    2.7MB

  • MD5

    c0568331b9984599f57d7bbe11e17cd9

  • SHA1

    4860334bc492832586a10f28aaa4c1e9c59ed847

  • SHA256

    57a1929e2863a92d4e1dfdc5c0f34edfd28e7b7a8995a5afb5da3653d1ca4856

  • SHA512

    cb58825cef114ca73eac6bbf5995077c5b34a627a36b5557c1be591aec5312b2ce1708b01cfe7db665f8586e3e5181e2ff455a487a2ea6718784ae8cbbd226f6

  • SSDEEP

    49152:FtXXx7d5hSa3sWgOAhnvpAyw0rqMjdomso+NMnCPFLesr8xEZgCCDPLpGrpWBATJ:h7d5IalgOAjyaqM59sbNMnyezxEZ87LS

Score
3/10

Malware Config

Signatures

  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs

Files

  • PBCCRCPassGuardEdge.exe
    .exe windows:4 windows x86 arch:x86

    e160ef8e55bb9d162da4e266afd9eef3


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/KillProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    153027ec3b10bcea606b777657dd3402


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    8c8a576201f68de1a3f26fc723b9f30f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/killer.dll
    .dll windows:6 windows x86 arch:x86

    1e610ae5b22b178828e96c6a76ffe702


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    38e7b5c3ee58b43a91f9679e94aabd09


    Headers

    Imports

    Exports

    Sections

  • $TEMP/certmgr.exe
    .exe windows:6 windows x86 arch:x86

    bd490e9e0eeda7d29c71947cf7f73ea0


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/certutil.exe
    .exe windows:6 windows x86 arch:x86

    43467bab58091396e54cd8edc93c68f5


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/wosign.cer
  • PBCCRCPassGuardX.exe
    .exe windows:5 windows x86 arch:x86

    93b5873eff41c5658dfd93d0d99b64ea


    Code Sign

    Headers

    Imports

    Sections

  • PBCCRCPassGuardXInput.exe
    .exe windows:5 windows x86 arch:x86

    2dbdcfa87d330575c724e3290b991423


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • PBCCRCPassGuardXInputService.exe
    .exe windows:5 windows x86 arch:x86

    1e259b8fedffa590de5130b84ee1fc10


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • uninst.exe.nsis