Overview

overview

3

Static

static

3

OSFMount_1...��.exe

windows7-x64

3

OSFMount_1...��.exe

windows10-2004-x64

3

$APPDATA/O...nt.exe

windows7-x64

1

$APPDATA/O...nt.exe

windows10-2004-x64

1

$APPDATA/O...nt.exe

windows7-x64

1

$APPDATA/O...nt.exe

windows10-2004-x64

1

$APPDATA/O...nt.sys

windows7-x64

1

$APPDATA/O...nt.sys

windows10-2004-x64

1

$APPDATA/O...nt.exe

windows7-x64

1

$APPDATA/O...nt.exe

windows10-2004-x64

1

$APPDATA/O...nt.exe

windows7-x64

1

$APPDATA/O...nt.exe

windows10-2004-x64

1

$APPDATA/O...nt.sys

windows7-x64

1

$APPDATA/O...nt.sys

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    OSFMount_1.5.1012(挂载img镜像,支持x64和x86).exe

  • Size

    767KB

  • MD5

    43d66d51e14a593bb58c056845225c2d

  • SHA1

    3420596825122b0d396944e1592b1b368cbfc76f

  • SHA256

    18b8e8c6bed7edf8ff7433c94f51048aabc64c4f935e1736c7b8a188c70a8cfd

  • SHA512

    492c728aa14e93f2b46137ef1d233ed5573d7b01c6472e4b1309b0356a5b63dbe4851330fed8df711fb8dee599601fb23b3f53fe724a9ae9dd23bee3c8ea02b1

  • SSDEEP

    12288:qT9Mld5TSxEfKf0P8mTgS4O0jae/YNB+NkkgcbQppJdc+21X1cyTt8+jKX2AflIV:qT9AfZKrC6p/sGkkHCGJX1cMZjQ2+WyI

Score
3/10

Malware Config

Signatures

  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • OSFMount_1.5.1012(挂载img镜像,支持x64和x86).exe
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • $APPDATA/OSFMount_X32/OSFMount.com
    .exe windows:5 windows x86 arch:x86

    1cc0d47ad3644a8be778e601acbb05ce


    Code Sign

    Headers

    Imports

    Sections

  • $APPDATA/OSFMount_X32/OSFMount.exe
    .exe windows:5 windows x86 arch:x86

    fe889094bdab5b1db8af63fa6f9964a2


    Headers

    Imports

    Sections

  • $APPDATA/OSFMount_X32/OSFMount.sys
    .sys windows:6 windows x86 arch:x86

    d114112efdbea45fd8b41b5145f89d4f


    Code Sign

    Headers

    Imports

    Sections

  • $APPDATA/OSFMount_X64/OSFMount.com
    .exe windows:5 windows x64 arch:x64

    7fba5589d3bbda11ab050ec478b88352


    Code Sign

    Headers

    Imports

    Sections

  • $APPDATA/OSFMount_X64/OSFMount.exe
    .exe windows:5 windows x64 arch:x64

    1bd8798d7a34ed8b69f19df7793ab3e9


    Headers

    Imports

    Sections

  • $APPDATA/OSFMount_X64/OSFMount.sys
    .sys windows:6 windows x64 arch:x64

    80684d4e26d9948d0e2175bd15e0314f


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections