Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc
General
-
Target
1b6d04ab5d5e03ec81db2c856b86d98d.bin
-
Size
508KB
-
MD5
468691482fcc8a4bc8d4d98ef08142da
-
SHA1
3fd4d0230f89f2ae5cad324349f918b86c5e8757
-
SHA256
0f2758eaec0ee44781bf8f81baff6ed6ccb6f1564149261edbc4ec26ee3a8bea
-
SHA512
5a8b9a55c91d56df51c006efd5d50e147284bb349ed24ae1ea5e3a77f5b24f74cf9690f30272b33e0739b234c31d0b3f689e72a2a6bcc9f34b934ffba0744bb5
-
SSDEEP
12288:m6pEtfaEVRMWYtqxvbhvc3g3uYKDdGKvMeoA6m5Kh+9ciWaSoQA:mBfaEbMptqB1vc3pvEk6Dw3LSc
Score
3/10
Malware Config
Signatures
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
-
NSIS installer 2 IoCs
Files
-
1b6d04ab5d5e03ec81db2c856b86d98d.bin
Password: infected
-
06da41b55005d6cb69ad1090b1e908d48b7110fe0b96f36c4c8cef33996c8ff7.exe
Password: infected
59a4a44a250c4cf4f2d9de2b3fe5d95f
Headers
Imports
Sections
-
$PLUGINSDIR/System.dll
Password: infected
8c8a576201f68de1a3f26fc723b9f30f
Headers
Imports
Exports
Sections
-
Adventure_1.bmp
Password: infected
-
Aftrkkere.Lan
-
Snowl.Tog
-
Tilskde/changes-prevent-symbolic.symbolic.png
Password: infected
-
battery-level-50-symbolic.svg