Overview

overview

10

Static

static

10

fbcf2757ae...ce.exe

windows7-x64

3

fbcf2757ae...ce.exe

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$TEMP/ulicense.rtf

windows7-x64

4

$TEMP/ulicense.rtf

windows10-2004-x64

1

FarmFrenzy...ca.exe

windows7-x64

9

FarmFrenzy...ca.exe

windows10-2004-x64

9

FarmFrenzy...rp.exe

windows7-x64

1

FarmFrenzy...rp.exe

windows10-2004-x64

1

JNGLoad.dll

windows7-x64

1

JNGLoad.dll

windows10-2004-x64

3

Squall.dll

windows7-x64

1

Squall.dll

windows10-2004-x64

1

htmlayout.dll

windows7-x64

9

htmlayout.dll

windows10-2004-x64

9

wrapper.dll

windows7-x64

9

wrapper.dll

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    fbcf2757ae185b737e980435ffbdaeed4c722629a3d2a56b62bfafdcd44926ce

  • Size

    4.8MB

  • MD5

    ef69b75519724af3fb7da61af591df40

  • SHA1

    63a38efae3aba8ec731eafaa5f6aa5eba6069aa0

  • SHA256

    fbcf2757ae185b737e980435ffbdaeed4c722629a3d2a56b62bfafdcd44926ce

  • SHA512

    759867a235841739887686fd7aca368cba09ffe4e533cf54eeb8801940ab0ccc1b7c6816e16a386fbcbb82d14ddf274245d53636443dc886c7f64d6d49c43360

  • SSDEEP

    98304:66Q2rqI0O7L41KUOY3Aqrvj99849cOjk2WQV14ayHLQ3AI:66Q2rqI0O7Lfa3Aqrz849cckI14FMn

Score
10/10
upxaspackv2

Malware Config

Signatures

  • UPX dump on OEP (original entry point) 1 IoCs
  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • ASPack v2.12-2.42 1 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 9 IoCs

    Checks for missing Authenticode signature.

Files

  • fbcf2757ae185b737e980435ffbdaeed4c722629a3d2a56b62bfafdcd44926ce
    .exe windows:5 windows x86 arch:x86

    b729b61eb1515fcf7b3e511e4e66258b


    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/bar.bmp
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:5 windows x86 arch:x86

    9ea5bdc8c90dfcffe309465c26c89758


    Headers

    Imports

    Exports

    Sections

  • $TEMP/ulicense.rtf
    .rtf
  • Data/Data.pack
  • FarmFrenzy3_America.exe
    .exe windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • FarmFrenzy3_America.wrp.exe
    .exe windows:4 windows x86 arch:x86

    e94e021976b1047ad56fe91cb5099023


    Headers

    Imports

    Sections

  • JNGLoad.dll
    .dll windows:4 windows x86 arch:x86

    b019958100a358b3512fda93f23b2ae9


    Headers

    Imports

    Exports

    Sections

  • Squall.dll
    .dll windows:4 windows x86 arch:x86

    683559c4c245f4cde98c8ffb08209927


    Headers

    Imports

    Exports

    Sections

  • htmlayout.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • license.txt
  • manifest.xml
    .xml
  • partner.ini
  • registrator.ini
  • wrapper.dll
    .dll windows:5 windows x86 arch:x86


    Headers

    Exports

    Sections