Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc
General
-
Target
cc1de5fc5a01a4157d61a28961ace142.bin
-
Size
260KB
-
MD5
b46edf8d1d6b2a371bfe295e36f19966
-
SHA1
91e4a4cc5af29af7ff6ecb8a68367e7b2acac434
-
SHA256
d2189bfbd86b7270e48ea40d4e8ce8eb86169ced2ad9df3c5a7cd5b1a80ada54
-
SHA512
0b2d0681631c34e7ab0e6efa52226169a9b6d8458ea5d6f87a7e7fafb840b07c2b7afbdc4cd2aae280d9390af70fcbc85a75cfdfcce27e41c75a58555543c2d8
-
SSDEEP
6144:pAZdAO6poxbg0dnTwsZ7hg9YOfwt/jh3S:SmO6Mc0dnZZlg9otA
Score
3/10
Malware Config
Signatures
-
Unsigned PE 3 IoCs
Checks for missing Authenticode signature.
-
NSIS installer 2 IoCs
Files
-
cc1de5fc5a01a4157d61a28961ace142.bin
Password: infected
-
31eb29c56f113f47c0e4d29f346f685db8a00b9394efa9643caafa254f0618d7.exe
Password: infected
57e98d9a5a72c8d7ad8fb7a6a58b3daf
Headers
Imports
Sections
-
$PLUGINSDIR/System.dll
Password: infected
8c8a576201f68de1a3f26fc723b9f30f
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/nsDialogs.dll
Password: infected
ddbd50fe6279559edf7d1f1d89b42c2c
Headers
Imports
Exports
Sections
-
Cheatery.Eme
-
Obumbrant240/Joceline.bac
-
Obumbrant240/Landbrugsejendommen/Gadeuordens.Myr
-
Obumbrant240/Landbrugsejendommen/Kildeskatternes.pro
-
Obumbrant240/Landbrugsejendommen/Plagers.nan
-
Obumbrant240/Landbrugsejendommen/cedry.sun
-
Obumbrant240/Landbrugsejendommen/detentionslokalerne.int
-
Obumbrant240/Landbrugsejendommen/emnespecifik.tvi
-
quileses.gna
-
sauchs.sph
-
stamaktiers.syl
-
swivet.lut
-
telexes.lge
-
uddannelsesinstitution.kom
-
unpity.txt
-
viperoidea.for
-
zan.fri
-
zymotoxic.tre