Overview

overview

7

Static

static

3

change hwi...IN.exe

windows7-x64

1

change hwi...IN.exe

windows10-2004-x64

1

change hwi...64.exe

windows7-x64

1

change hwi...64.exe

windows10-2004-x64

1

change hwid/DMI16.exe

windows7-x64

change hwid/DMI16.exe

windows10-2004-x64

change hwi...IT.exe

windows7-x64

1

change hwi...IT.exe

windows10-2004-x64

1

change hwi...LL.dll

windows7-x64

3

change hwi...LL.dll

windows10-2004-x64

3

change hwi...YS.sys

windows7-x64

1

change hwi...YS.sys

windows10-2004-x64

1

change hwi...64.sys

windows7-x64

1

change hwi...64.sys

windows10-2004-x64

1

change hwi...64.sys

windows7-x64

1

change hwi...64.sys

windows10-2004-x64

1

change hwi...ge.exe

windows7-x64

7

change hwi...ge.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    change hwid.zip

  • Size

    3.6MB

  • MD5

    02483b8a97b2461846d170ff0c7e3993

  • SHA1

    903c1fd54bc9b0c41a58ca786e9a43cc06d5c705

  • SHA256

    f091b5d99a8fc5c89375a3a6f00980f110d37964813713d565257cddbb5f0984

  • SHA512

    50d6f17412bba329e720f963995b21b4044dc1e62d52114adebe9c0f01910f34eaf78efccbc7c6743ce9285f12928312428c1bb02022f53fabd26431b5425d93

  • SSDEEP

    98304:iR2reB0QyK4QfAFyA316VNZL4dsZqq9FAR+Y9E/Ot7D:iMeB0Tj16bZLiiqqtY9E/4D

Score
3/10

Malware Config

Signatures

  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

Files

  • change hwid.zip
    .zip
  • change hwid/AMIDEWIN.EXE
    .exe windows:4 windows x86 arch:x86

    e4bef79f59242df9daf28c2c8193c40e


    Headers

    Imports

    Sections

  • change hwid/AMIDEWINx64.EXE
    .exe windows:6 windows x64 arch:x64

    ed928bd060b03bab412d37a11b9d26a0


    Headers

    Imports

    Sections

  • change hwid/DMI16.EXE
  • change hwid/DMIEDIT.EXE
    .exe windows:6 windows x64 arch:x64

    9bbd972bee7030506f62236dff565e85


    Headers

    Imports

    Sections

  • change hwid/Read me.txt
  • change hwid/UCOREDLL.DLL
    .dll windows:4 windows x86 arch:x86

    6b893ca0388ae7a60f134fafc899b16d


    Headers

    Imports

    Exports

    Sections

  • change hwid/UCORESYS.SYS
    .sys windows:4 windows x86 arch:x86

    072f277c4d89044b84c482307008a355


    Code Sign

    Headers

    Imports

    Sections

  • change hwid/UCOREVXD.VXD
  • change hwid/UCOREW64.SYS
    .sys windows:4 windows x64 arch:x64

    0dcd262801389f839ce909cb173448e2


    Code Sign

    Headers

    Imports

    Sections

  • change hwid/amifldrv64.sys
    .sys windows:6 windows x64 arch:x64

    363922cc73591e60f2af113182414230


    Code Sign

    Headers

    Imports

    Sections

  • change hwid/drive change.exe
    .exe windows:6 windows x86 arch:x86

    18b31546654757186c18a83004821b2a


    Headers

    Imports

    Sections