Static

static

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    소방외부망연결.exe

  • Size

    535KB

  • MD5

    e0d65297833461da23808df8581d988e

  • SHA1

    a4d29ea57733c7602a50f3447053c7a9c5888a85

  • SHA256

    9cd18354d4587d38fd064accb89e49ce1d51f171b98f22b5baadd770fcaee53b

  • SHA512

    e7e8a0bbf5dc4fe2f1a354c1419b18a1760551b6646230b8577fe42e937d54f43e67d882c17f0e1657913c863c96b77cc713968427cbefdc7fd13fb19dcc3591

  • SSDEEP

    12288:ti6QQqdhT/FSR2gKaUdK6gMNhYs5Lcatw5DT0TD7BMDdbB:U6fqfFS8rdK6PNhuaC530jSDX

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 7 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • 소방외부망연결.exe
    .exe windows:4 windows x86 arch:x86

    1c042238f43557c055fca8642de8a074


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    d83f71e61ee459ee63ca3e829966a9dc


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/version.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • $TEMP/CertSetup.bat
  • $TEMP/ca.der
  • $TEMP/certadm.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    9def81300d9f42cc672af7d7039eb19e


    Headers

    Imports

    Exports

    Sections

  • $TEMP/certutil.exe
    .exe windows:5 windows x86 arch:x86

    c74ec1242c5a191987c2a2004b210f4f


    Headers

    Imports

    Sections

  • $TEMP/cryptnet.dll
    .dll regsvr32 windows:6 windows x86 arch:x86

    829cf4f283f23c97d5d0040ce892f9ba


    Headers

    Imports

    Exports

    Sections