General

  • Target

    use_2024_tо_оpen.zip

  • Size

    20.6MB

  • MD5

    cff8fde17bcd1c67cb0791ec1001ba99

  • SHA1

    9c86a538728ac433a776805feb3a317b0c8d5a46

  • SHA256

    fe0593054f44a6a4b539226863754dafe261b7eca389fba1089706b7e83933ea

  • SHA512

    5a1e1e4fa6aeed36f929daed8e86a9cc095a8a946dc5c44477fe0aa302c32c7fac5ba0ab849ef1ec72d5f83a2dbeac74f91a842e34fe7f5bba287ff999a9a70e

  • SSDEEP

    393216:mfyuMjZNcx0my+PfPAZL/RCbtcfy4pntrFQND/iA0uLVs4dyQR8w5RS:KOXcxI+PgZrshcT3+9izbM8ec

Score
3/10

Malware Config

Signatures

  • Unsigned PE 7 IoCs

    Checks for missing Authenticode signature.

Files

  • use_2024_tо_оpen.zip
    .zip
  • use_2024_t?_?pen/ICQLiteShell.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    36da04e9d80185202c5dff27d69487ef


    Headers

    Imports

    Exports

    Sections

  • use_2024_t?_?pen/ICQRT.dll
    .dll windows:4 windows x86 arch:x86

    eea1a54f9a41b7445dc95356daf71d0a


    Headers

    Imports

    Exports

    Sections

  • use_2024_t?_?pen/Language/WinRar.exe
    .exe windows:5 windows x64 arch:x64

    629fae0a56e3262e208711dda6ae6b1d


    Code Sign

    Headers

    Imports

    Sections

  • use_2024_t?_?pen/Language/an.txt
  • use_2024_t?_?pen/Language/ar.txt
  • use_2024_t?_?pen/Language/az.txt
  • use_2024_t?_?pen/Language/ba.txt
  • use_2024_t?_?pen/Language/be.txt
  • use_2024_t?_?pen/Language/bg.txt
  • use_2024_t?_?pen/Language/bn.txt
  • use_2024_t?_?pen/Language/ca.txt
  • use_2024_t?_?pen/Language/co.txt
  • use_2024_t?_?pen/Language/cs.txt
  • use_2024_t?_?pen/Language/da.txt
  • use_2024_t?_?pen/Language/de.txt
  • use_2024_t?_?pen/Language/el.txt
  • use_2024_t?_?pen/Language/eng.txt
  • use_2024_t?_?pen/Language/es.txt
  • use_2024_t?_?pen/Language/et.txt
  • use_2024_t?_?pen/Language/eu.txt
  • use_2024_t?_?pen/Language/ext.txt
  • use_2024_t?_?pen/Language/fa.txt
  • use_2024_t?_?pen/Language/fi.txt
  • use_2024_t?_?pen/Language/fr.txt
  • use_2024_t?_?pen/Language/fur.txt
  • use_2024_t?_?pen/Language/fy.txt
  • use_2024_t?_?pen/Language/ga.txt
  • use_2024_t?_?pen/Language/gl.txt
  • use_2024_t?_?pen/Language/gu.txt
  • use_2024_t?_?pen/Language/he.pak
  • use_2024_t?_?pen/Language/he.txt
  • use_2024_t?_?pen/Language/hi.pak
  • use_2024_t?_?pen/Language/hi.txt
  • use_2024_t?_?pen/Language/hr.pak
  • use_2024_t?_?pen/Language/hr.txt
  • use_2024_t?_?pen/Language/hu.pak
  • use_2024_t?_?pen/Language/hu.txt
  • use_2024_t?_?pen/Language/hy.txt
  • use_2024_t?_?pen/Language/id.txt
  • use_2024_t?_?pen/Language/is.txt
  • use_2024_t?_?pen/Language/it.txt
  • use_2024_t?_?pen/Language/ja.txt
  • use_2024_t?_?pen/Language/ka.txt
  • use_2024_t?_?pen/Language/kaa.txt
  • use_2024_t?_?pen/Language/kab.txt
  • use_2024_t?_?pen/Language/kk.txt
  • use_2024_t?_?pen/Language/ko.txt
  • use_2024_t?_?pen/Language/ku-ckb.txt
  • use_2024_t?_?pen/Language/ky.txt
  • use_2024_t?_?pen/Language/lij.txt
  • use_2024_t?_?pen/Language/lt.txt
  • use_2024_t?_?pen/Language/mk.txt
  • use_2024_t?_?pen/Language/mn.txt
  • use_2024_t?_?pen/Language/mng.txt
  • use_2024_t?_?pen/Language/mng2.txt
  • use_2024_t?_?pen/Language/mr.txt
  • use_2024_t?_?pen/Language/ne.txt
  • use_2024_t?_?pen/Language/nl.txt
  • use_2024_t?_?pen/Language/pa-in.txt
  • use_2024_t?_?pen/Language/pl.txt
  • use_2024_t?_?pen/Language/ps.txt
  • use_2024_t?_?pen/Language/pt-br.txt
  • use_2024_t?_?pen/Language/pt.txt
  • use_2024_t?_?pen/Language/ro.txt
  • use_2024_t?_?pen/Language/ru.txt
  • use_2024_t?_?pen/Language/sa.txt
  • use_2024_t?_?pen/Language/si.txt
  • use_2024_t?_?pen/Language/sk.txt
  • use_2024_t?_?pen/Language/sl.txt
  • use_2024_t?_?pen/Language/sr-spc.txt
  • use_2024_t?_?pen/Language/sr-spl.txt
  • use_2024_t?_?pen/Language/sv.txt
  • use_2024_t?_?pen/Language/sw.txt
  • use_2024_t?_?pen/Language/ta.txt
  • use_2024_t?_?pen/Language/tg.txt
  • use_2024_t?_?pen/Language/th.txt
  • use_2024_t?_?pen/Language/tk.txt
  • use_2024_t?_?pen/Language/tr.txt
  • use_2024_t?_?pen/Language/tt.txt
  • use_2024_t?_?pen/Language/ug.txt
  • use_2024_t?_?pen/Language/uk.txt
  • use_2024_t?_?pen/Language/uz-cyrl.txt
  • use_2024_t?_?pen/Language/uz.txt
  • use_2024_t?_?pen/Language/va.txt
  • use_2024_t?_?pen/Language/vi.txt
  • use_2024_t?_?pen/Language/yo.txt
  • use_2024_t?_?pen/Language/zh-cn.txt
  • use_2024_t?_?pen/Language/zh-tw.txt
  • use_2024_t?_?pen/LiteRes.dll
    .dll windows:4 windows x86 arch:x86

    ce6ef31899b31809ae0c71c094c6f083


    Headers

    Imports

    Sections

  • use_2024_t?_?pen/LiteSkinUtils.dll
    .dll windows:4 windows x86 arch:x86

    a8d043bdfc629c21151b760b23d3bcd9


    Headers

    Imports

    Exports

    Sections

  • use_2024_t?_?pen/Password for archive 2024
  • use_2024_t?_?pen/Resource/CMap/Identity-H
  • use_2024_t?_?pen/Resource/CMap/Identity-V
  • use_2024_t?_?pen/Resource/CMap/UCS2-GBK-EUC
  • use_2024_t?_?pen/Resource/CMap/UniKS-UTF16-H
  • use_2024_t?_?pen/Resource/CMap/UniKS-UTF16-V
  • use_2024_t?_?pen/Resource/Font/AdobePIStd.otf
  • use_2024_t?_?pen/Resource/Font/CourierStd-Bold.otf
  • use_2024_t?_?pen/Resource/Font/CourierStd-BoldOblique.otf
  • use_2024_t?_?pen/Resource/Font/CourierStd-Oblique.otf
  • use_2024_t?_?pen/Resource/Font/CourierStd.otf
  • use_2024_t?_?pen/Resource/Font/MinionPro-Bold.otf
  • use_2024_t?_?pen/Resource/Font/MinionPro-BoldIt.otf
  • use_2024_t?_?pen/Resource/Font/MinionPro-It.otf
  • use_2024_t?_?pen/Resource/Font/MinionPro-Regular.otf
  • use_2024_t?_?pen/Resource/Font/MyriadPro-Bold.otf
  • use_2024_t?_?pen/Resource/Font/MyriadPro-BoldIt.otf
  • use_2024_t?_?pen/Resource/Font/MyriadPro-It.otf
  • use_2024_t?_?pen/Resource/Font/MyriadPro-Regular.otf
  • use_2024_t?_?pen/Resource/Font/Pfm/SY______.PFM
  • use_2024_t?_?pen/Resource/Font/Pfm/zx______.pfm
  • use_2024_t?_?pen/Resource/Font/Pfm/zy______.pfm
  • use_2024_t?_?pen/Resource/Font/SY______.PFB
  • use_2024_t?_?pen/Resource/Font/ZX______.PFB
  • use_2024_t?_?pen/Resource/Font/ZY______.PFB
  • use_2024_t?_?pen/Resource/Locals/am.pak
  • use_2024_t?_?pen/Resource/Locals/ar.pak
  • use_2024_t?_?pen/Resource/Locals/fi.pak
  • use_2024_t?_?pen/Resource/Locals/fil.pak
  • use_2024_t?_?pen/Resource/Locals/fr.pak
  • use_2024_t?_?pen/Resource/Locals/gu.pak
  • use_2024_t?_?pen/Resource/Locals/he.pak
  • use_2024_t?_?pen/Resource/Locals/hi.pak
  • use_2024_t?_?pen/Resource/Locals/hr.pak
  • use_2024_t?_?pen/Resource/Locals/hu.pak
  • use_2024_t?_?pen/Resource/Locals/id.pak
  • use_2024_t?_?pen/Resource/Locals/lt.pak
  • use_2024_t?_?pen/Resource/Locals/lv.pak
  • use_2024_t?_?pen/Resource/Locals/x64/AdonisUI.ClassicTheme.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • use_2024_t?_?pen/Resource/Locals/x64/AdonisUI.ClassicTheme.xml
    .xml
  • use_2024_t?_?pen/Resource/Locals/x64/AdonisUI.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • use_2024_t?_?pen/Resource/Locals/x64/AdonisUI.xml
    .xml
  • use_2024_t?_?pen/Resource/Locals/x64/SQLite.Interop.dll
    .dll windows:6 windows x64 arch:x64

    a42f73521c784fa06f1d886fcbcefcba


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • use_2024_t?_?pen/Resource/Locals/x86/BouncyCastle.Crypto.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • use_2024_t?_?pen/Resource/Locals/x86/BouncyCastle.Crypto.xml
    .xml
  • use_2024_t?_?pen/Resource/Locals/x86/SQLite.Interop.dll
    .dll windows:6 windows x86 arch:x86

    39ace63b362beb47a2a7a8202a5c4f2d


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • use_2024_t?_?pen/Resource/SaslPrep/SaslPrepProfile_norm_bidi.spp
  • use_2024_t?_?pen/Resource/TypeSupport/Unicode/ICU/icudt26l.dat
  • use_2024_t?_?pen/Resource/TypeSupport/Unicode/Mappings/Adobe/symbol.txt
  • use_2024_t?_?pen/Resource/TypeSupport/Unicode/Mappings/Adobe/zdingbat.txt
  • use_2024_t?_?pen/Resource/TypeSupport/Unicode/Mappings/Mac/CENTEURO.TXT
  • use_2024_t?_?pen/Resource/TypeSupport/Unicode/Mappings/Mac/CORPCHAR.TXT
  • use_2024_t?_?pen/Resource/TypeSupport/Unicode/Mappings/Mac/CROATIAN.TXT
  • use_2024_t?_?pen/Resource/TypeSupport/Unicode/Mappings/Mac/CYRILLIC.TXT
  • use_2024_t?_?pen/Resource/TypeSupport/Unicode/Mappings/Mac/GREEK.TXT
  • use_2024_t?_?pen/Resource/TypeSupport/Unicode/Mappings/Mac/ICELAND.TXT
  • use_2024_t?_?pen/Resource/TypeSupport/Unicode/Mappings/Mac/ROMAN.TXT
  • use_2024_t?_?pen/Resource/TypeSupport/Unicode/Mappings/Mac/ROMANIAN.TXT
  • use_2024_t?_?pen/Resource/TypeSupport/Unicode/Mappings/Mac/SYMBOL.TXT
  • use_2024_t?_?pen/Resource/TypeSupport/Unicode/Mappings/Mac/TURKISH.TXT
  • use_2024_t?_?pen/Resource/TypeSupport/Unicode/Mappings/Mac/UKRAINE.TXT
  • use_2024_t?_?pen/Resource/TypeSupport/Unicode/Mappings/win/CP1250.TXT
  • use_2024_t?_?pen/Resource/TypeSupport/Unicode/Mappings/win/CP1251.TXT
  • use_2024_t?_?pen/Resource/TypeSupport/Unicode/Mappings/win/CP1252.TXT
  • use_2024_t?_?pen/Resource/TypeSupport/Unicode/Mappings/win/CP1253.TXT
  • use_2024_t?_?pen/Resource/TypeSupport/Unicode/Mappings/win/CP1254.TXT
  • use_2024_t?_?pen/Resource/TypeSupport/Unicode/Mappings/win/CP1257.TXT
  • use_2024_t?_?pen/Resource/TypeSupport/Unicode/Mappings/win/CP1258.TXT
  • use_2024_t?_?pen/Resource/opengl64.dll
  • use_2024_t?_?pen/Resource/resources.pak
  • use_2024_t?_?pen/S?tup.exe
    .exe windows:6 windows x86 arch:x86

    cc4d418dcfe8a887ed78a3c1e2af0b5d


    Headers

    Imports

    Sections

  • use_2024_t?_?pen/bentonite.cfg
    .png

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.