Overview

overview

7

Static

static

3

WLmouseGM_V0109.exe

windows7-x64

7

WLmouseGM_V0109.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...in.dll

windows7-x64

1

$PLUGINSDI...in.dll

windows10-2004-x64

1

$PLUGINSDI...zU.dll

windows7-x64

3

$PLUGINSDI...zU.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    WLmouseGM_V0109.exe

  • Size

    32.4MB

  • MD5

    3830f5ff021af01765d23d4fac6daa98

  • SHA1

    66648cc19bf8e0275b347af7d52aaff270a26fe7

  • SHA256

    bf9f383bd10ca183ccf932eb42f55b47403164b21cf17df3efd9508db38d3960

  • SHA512

    23d8a92ea2b0540bfb2d8d7c61292fce05ef2c6d88099d143032913e18b0d4b5d4054bc4c4c40002bc889429b83fce9ccdfbeef608b73c4a14a3500f762cb6e9

  • SSDEEP

    786432:TZ7RLKhz6x7f2l84Pa2KERgulK2WJDqENHE+tkZn14ZIjxjukzyKbynM:VR5df2l8ua2dRcDqENk2A+k0QuM

Score
3/10

Malware Config

Signatures

  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • WLmouseGM_V0109.exe
    .exe windows:5 windows x86 arch:x86

    Password: qwerty

    be41bf7b8cc010b614bd36bbca606973


    Code Sign

    Headers

    Imports

    Sections

  • $FONTS/MiSans-Regular.ttf
  • $PLUGINSDIR/BgWorker.dll
    .dll windows:4 windows x86 arch:x86

    Password: qwerty

    db2755f409b81c4dbfc04f648cfb80b9


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    Password: qwerty

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/license.txt
  • $PLUGINSDIR/logo.ico
  • $PLUGINSDIR/nsNiuniuSkin.dll
    .dll windows:5 windows x86 arch:x86

    Password: qwerty

    d5c478d000c5c26f099a32477a25dc97


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsis7zU.dll
    .dll windows:6 windows x86 arch:x86

    Password: qwerty

    b6854db8fde386e6ef367d623b9e75d8


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/skin.zip
    .zip

    Password: qwerty

  • Button_wj.png
    .png

    Password: qwerty

  • Button_wj1.png
    .png

    Password: qwerty

  • DPIbj.png
    .png

    Password: qwerty

  • Next.png
    .png
  • Next1.png
    .png
  • RichBar_BK5.png
    .png
  • arrow_down.png
    .png
  • arrow_up.png
    .png
  • bg_pk_rule_2.png
    .png
  • bg_pk_rule_3.png
    .png
  • bgbottom.png
    .png
  • bkimage.png
    .png
  • btn.png
    .png
  • btn_close_normal.png
    .png
  • btn_gbi_down.png
    .png
  • btn_gbi_normal.png
    .png
  • [email protected]
    .png
  • btn_mini_down.png
    .png
  • btn_mini_normal.png
    .png
  • close_hot.png
    .png
  • close_normal.png
    .png
  • conent_bk.png
    .png
  • configpage.xml
  • default.xml
    .xml
  • finishpage.xml
  • install.xml
  • installingpage.xml
  • installlanguage.xml
  • lan_cn.ini
  • lan_en.ini
  • license.txt
  • license_bg.png
    .png
  • licensepage.xml
  • minisize_hot.png
    .png
  • minisize_normal.png
    .png
  • msgBox.xml
    .xml
  • msgBox2.xml
    .xml
  • msgWarning.png
    .png
  • msgbk.png
    .png
  • ok.png
    .png
  • process_bottom.png
    .png
  • process_top.png
    .png
  • scroll.png
    .png
  • scroll1.png
    .png
  • select.png
    .png
  • select1.png
    .png
  • uninst_process_bottom.png
    .png
  • uninst_process_top.png
    .png
  • uninstallfinishpage.xml
  • uninstallingpage.xml
  • uninstallpage.xml
  • unselect.png
    .png
  • unselect1.png
    .png
  • xzk.png
    .png
  • xzk1.png
    .png
  • app.7z
    .7z
  • logo.ico
  • uninst.exe.nsis