Overview

overview

8

Static

static

7

loader lat...ns.pdf

windows7-x64

1

loader lat...ns.pdf

windows10-2004-x64

1

loader lat...er.exe

windows7-x64

1

loader lat...er.exe

windows10-2004-x64

1

tournament.../c.bat

windows7-x64

1

tournament.../c.bat

windows10-2004-x64

1

tournament...c1.bat

windows7-x64

8

tournament...c1.bat

windows10-2004-x64

8

tournament...c2.bat

windows7-x64

7

tournament...c2.bat

windows10-2004-x64

1

tournament...c3.bat

windows7-x64

1

tournament...c3.bat

windows10-2004-x64

1

tournament...c4.bat

windows7-x64

8

tournament...c4.bat

windows10-2004-x64

8

tournament...cf.bat

windows7-x64

7

tournament...cf.bat

windows10-2004-x64

5

tournament...c1.bat

windows7-x64

8

tournament...c1.bat

windows10-2004-x64

8

tournament...c2.bat

windows7-x64

7

tournament...c2.bat

windows10-2004-x64

1

tournament...c3.bat

windows7-x64

1

tournament...c3.bat

windows10-2004-x64

1

tournament...c4.bat

windows7-x64

1

tournament...c4.bat

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    loader_latest_09.05.24.rar

  • Size

    7.7MB

  • MD5

    46b180d184a046bf9bf88352927619e7

  • SHA1

    032e467329935885439e92a4f94f5967fc24eb7d

  • SHA256

    376858c6ce3aad560aa7e580529da858f3f6dc382131219054896d0f3bc95bf2

  • SHA512

    a568aadc51d7e658f8a5d3e450cbac434f845fca8e20afe7d450e0a91fb488cc0afd4dadcdb2908d156fa78c405f8f54b8616ce019cef9b3e4c4a8d2ce1cd601

  • SSDEEP

    196608:HIJjbyIL3JcVQGEIsOg4ozlNet+Vl12++58lsm4phxiCZ:HI/3rQ7IlqAc5S0jYCZ

Score
7/10
pdflinkvmprotect

Malware Config

Signatures

  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • HTTP links in PDF interactive object 1 IoCs

    Detects HTTP links in interactive objects within PDF files.

    pdflink
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • loader_latest_09.05.24.rar
    .rar
  • loader latest 09.05.24/Permanent spoofer instructions.pdf
    .pdf

    • https://1.1.1.1/

  • loader latest 09.05.24/beasty spoofer.1337
  • loader latest 09.05.24/beasty spoofer.exe
    .exe windows:6 windows x64 arch:x64

    6c677b52d1c391c2249b2369eb57fb54


    Headers

    Imports

    Sections

  • loader latest 09.05.24/tournament cleaner fn.rar
    .rar
  • tournament cleaner fn/c.bat
  • tournament cleaner fn/c1.bat
  • tournament cleaner fn/c2.bat
  • tournament cleaner fn/c3.bat
  • tournament cleaner fn/c4.bat
    .bat .vbs
  • tournament cleaner fn/cf.bat
  • tournament cleaner fn/sc1.bat
    .bat .vbs
  • tournament cleaner fn/sc2.bat
  • tournament cleaner fn/sc3.bat
  • tournament cleaner fn/sc4.bat