Overview

overview

7

Static

static

7

dControl/?????.url

windows7-x64

6

dControl/?????.url

windows10-2004-x64

3

dControl/dControl.exe

windows7-x64

7

dControl/dControl.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f95f4d17abbcfd64a5cca639cd4c47620955435db9a2c63e1b68a6b74bdb1e77

  • Size

    452KB

  • MD5

    bcbe239e4936c26dfa1a36ea5da7ed8f

  • SHA1

    a726eed030f6cf6239be4c430cf61d0177769cea

  • SHA256

    f95f4d17abbcfd64a5cca639cd4c47620955435db9a2c63e1b68a6b74bdb1e77

  • SHA512

    06d79258b435bdad2b4eec9c4ef19f7da3e736f303f96fb0152c7e28be00e6df84de1b6cb082519aea3b8d55c3860d1bb720fd5e04e37f2ced01c94fb8bd9f99

  • SSDEEP

    12288:GNRCQ0wbQDG8kjVy9KhxHu7G6h4AbKuZCMo:GNRKVkMUTHu7pgX

Score
7/10
qrlinkupx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • AutoIT Executable 1 IoCs

    AutoIT scripts compiled to PE executables.

  • One or more HTTP URLs in qr code identified

    Detects presence of HTTP links in QR codes.

    qrlink
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f95f4d17abbcfd64a5cca639cd4c47620955435db9a2c63e1b68a6b74bdb1e77
    .zip
  • dControl/?????.url
    .url
  • dControl/????????.jpg
    .jpg

    • http://weixin.qq.com/r/AiiutiXEk3jsrWHV930Q

  • dControl/dControl.exe
    .exe windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • out.upx
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • dControl/dControl.ini