Overview

overview

7

Static

static

7

39027e0f0b...51.exe

windows7-x64

3

39027e0f0b...51.exe

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$TEMP/ulicense.rtf

windows7-x64

4

$TEMP/ulicense.rtf

windows10-2004-x64

1

FarmFrenzy...ca.exe

windows7-x64

7

FarmFrenzy...ca.exe

windows10-2004-x64

7

FarmFrenzy...rp.exe

windows7-x64

1

FarmFrenzy...rp.exe

windows10-2004-x64

1

JNGLoad.dll

windows7-x64

3

JNGLoad.dll

windows10-2004-x64

3

Squall.dll

windows7-x64

1

Squall.dll

windows10-2004-x64

1

htmlayout.dll

windows7-x64

7

htmlayout.dll

windows10-2004-x64

7

wrapper.dll

windows7-x64

7

wrapper.dll

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    39027e0f0b0ef827444755c3fab99d1e75a55731aca1271b5f603396b2432a51.exe

  • Size

    4.8MB

  • MD5

    9edaaed5e1d5f616e17c93b9de4da170

  • SHA1

    fe10e07f78a42ce78bc1929de06fbaeb5a572a49

  • SHA256

    39027e0f0b0ef827444755c3fab99d1e75a55731aca1271b5f603396b2432a51

  • SHA512

    635322c76adb548696543d06b7aedfef1ccf7bfc59ddf41d28d70df8c145881bfff2dbb33eea2a2d4448c163057948eecdc610bb573785f12257f08aa3b87c7e

  • SSDEEP

    98304:66Q2rqI0O7L41KUOY3Aqrvj99849cOjk2WQV14ayHLQ3AS:66Q2rqI0O7Lfa3Aqrz849cckI14FMV

Score
7/10
upxaspackv2

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • ASPack v2.12-2.42 1 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 9 IoCs

    Checks for missing Authenticode signature.

Files

  • 39027e0f0b0ef827444755c3fab99d1e75a55731aca1271b5f603396b2432a51.exe
    .exe windows:5 windows x86 arch:x86

    b729b61eb1515fcf7b3e511e4e66258b


    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/bar.bmp
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:5 windows x86 arch:x86

    9ea5bdc8c90dfcffe309465c26c89758


    Headers

    Imports

    Exports

    Sections

  • $TEMP/ulicense.rtf
    .rtf
  • Data/Data.pack
  • FarmFrenzy3_America.exe
    .exe windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • FarmFrenzy3_America.wrp.exe
    .exe windows:4 windows x86 arch:x86

    e94e021976b1047ad56fe91cb5099023


    Headers

    Imports

    Sections

  • JNGLoad.dll
    .dll windows:4 windows x86 arch:x86

    b019958100a358b3512fda93f23b2ae9


    Headers

    Imports

    Exports

    Sections

  • Squall.dll
    .dll windows:4 windows x86 arch:x86

    683559c4c245f4cde98c8ffb08209927


    Headers

    Imports

    Exports

    Sections

  • htmlayout.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • license.txt
  • manifest.xml
    .xml
  • partner.ini
  • registrator.ini
  • wrapper.dll
    .dll windows:5 windows x86 arch:x86


    Headers

    Exports

    Sections