WebframeworkTools_V5[.]3_enhance_beta[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

WebframeworkTools_V5.3_enhance_beta.zip
Size

30.1MB
MD5

a989d8efaee845b149f12a7a62c64363
SHA1

48d68aac33f1caf83c17227acb825a67f6eb8961
SHA256

6731e52ad3af0f4796f6b7d3c95f8182dc3d00c8c602e4787f0cb022838edca6
SHA512

97e8533b404531c4943b22b63de8bc4c9d966f23e88a0e39ac9a1c80e08c110b9994990c6ff7e31f43a059e3f0a0a4a98b837ee3974609a0ee8e736c5db2c9f6
SSDEEP

786432:2XSgtHz7WKsf1iDvvPqidiSADbC0qTLxDI:2XP9z7lsf2vvPqXq9I

Score

7^/10

themida

Malware Config

Signatures

Themida packer 2 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
static1/unpack001/WebFrameworkTools.exe	themida
static1/unpack001/dllpluginExpGenerateok/UserDllpluginExpGenerate.exe	themida

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/WebFrameworkTools.exe
unpack001/dllpluginExpGenerateok/Dllplugins.dll
unpack001/dllpluginExpGenerateok/UserDllpluginExpGenerate.exe

Files

WebframeworkTools_V5.3_enhance_beta.zip
.zip
Readme.txt
WebFrameworkTools.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 212KB - Virtual size: 433KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 44KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 707KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 3.8MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 8.7MB - Virtual size: 9.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 373B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 8.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 5.2MB - Virtual size: 5.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
WebFrameworkTools.exe.config
.xml
cmd.bat
dllpluginExpGenerateok/Dllplugins.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dllpluginExpGenerateok/UserDllpluginExpGenerate.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 212KB - Virtual size: 433KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 44KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 707KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 3.8MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 481KB - Virtual size: 758KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 8.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 5.2MB - Virtual size: 5.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
webframeworkToolsV53.png
.png

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 212KB - Virtual size: 433KB

Size: 44KB - Virtual size: 170KB

Size: 707KB - Virtual size: 1.7MB

Size: 25KB - Virtual size: 24KB

Size: 3.8MB - Virtual size: 4.2MB

Size: 8.7MB - Virtual size: 9.2MB

Size: 373B - Virtual size: 912B

.imports Size: 1024B - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.themida Size: - Virtual size: 8.2MB

.boot Size: 5.2MB - Virtual size: 5.2MB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 180KB - Virtual size: 179KB

.rsrc Size: 1024B - Virtual size: 684B

.reloc Size: 512B - Virtual size: 12B

Headers

DLL Characteristics

File Characteristics

Sections

Size: 212KB - Virtual size: 433KB

Size: 44KB - Virtual size: 170KB

Size: 707KB - Virtual size: 1.7MB

Size: 25KB - Virtual size: 24KB

Size: 3.8MB - Virtual size: 4.2MB

Size: 481KB - Virtual size: 758KB

.imports Size: 1024B - Virtual size: 4KB

.rsrc Size: 67KB - Virtual size: 67KB

.themida Size: - Virtual size: 8.2MB

.boot Size: 5.2MB - Virtual size: 5.2MB

.imports
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB

.themida
Size: - Virtual size: 8.2MB

.boot
Size: 5.2MB - Virtual size: 5.2MB

.text
Size: 180KB - Virtual size: 179KB

.rsrc
Size: 1024B - Virtual size: 684B

.reloc
Size: 512B - Virtual size: 12B

.imports
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 67KB - Virtual size: 67KB

.themida
Size: - Virtual size: 8.2MB

.boot
Size: 5.2MB - Virtual size: 5.2MB