Overview

overview

6

Static

static

3

x64__insta...__.zip

windows7-x64

1

x64__insta...__.zip

windows10-2004-x64

1

__x64___se...__.zip

windows7-x64

1

__x64___se...__.zip

windows10-2004-x64

1

SettingMon...nv.dll

windows10-2004-x64

1

SettingMon...or.dll

windows10-2004-x64

1

SettingMon...vc.dll

windows10-2004-x64

1

SettingMon...df.dll

windows10-2004-x64

1

SettingSyn...nc.dll

windows10-2004-x64

1

SettingSyn...tr.dll

windows10-2004-x64

1

SettingSyn...el.dll

windows10-2004-x64

1

SettingSyn...lg.dll

windows10-2004-x64

1

dab/dab.dll

windows10-2004-x64

1

dab/diagperf.dll

windows10-2004-x64

1

dab/fcon.dll

windows10-2004-x64

1

dab/hal.dll

windows10-2004-x64

1

provcore/ReAgent.dll

windows10-2004-x64

1

provcore/msasn1.dll

windows10-2004-x64

1

provcore/n...er.dll

windows10-2004-x64

1

provcore/provcore.dll

windows10-2004-x64

1

setup.msi

windows7-x64

6

setup.msi

windows10-2004-x64

6

vmrdvcore/mssph.dll

windows10-2004-x64

1

vmrdvcore/...rs.dll

windows10-2004-x64

1

vmrdvcore/tapisrv.dll

windows10-2004-x64

1

vmrdvcore/...re.dll

windows10-2004-x64

1

password.jpg

windows7-x64

3

password.jpg

windows10-2004-x64

3

Resubmissions

08/07/2024, 05:31

240708-f72cxswhmc 7

08/07/2024, 05:21

240708-f192gsthql 6

08/07/2024, 05:17

240708-fy43fswemd 3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    x64__installer___x32__.zip

  • Size

    35.4MB

  • MD5

    52f88358d0d626e20523518d9da98802

  • SHA1

    cf8690fba8977fdaed659bbd1f3648fbe490fd8a

  • SHA256

    14f7b0c1994ddcb34f291f61db1c3a713c2785b489a160aeb273fe88a0d4ad81

  • SHA512

    e57708f7b3effdf4a0365550a33ef18065e0fdb1c2edd1c81824db79741a5e46b069f4435961e5278f03059019237ddc8d7b5a298f7efcc51568aee3389c7e10

  • SSDEEP

    786432:IQvz40evztq2vi2p639Bk7jiIIna9HBdc3/M4gW/PnKT146P5vFJ8BfcLte:1vU0evxq262kLk9BVgvMOA1Vvj8Bf0e

Score
3/10

Malware Config

Signatures

  • Unsigned PE 17 IoCs

    Checks for missing Authenticode signature.

Files

  • x64__installer___x32__.zip
    .zip

    Password: 2024

  • __x64___setup___x32__.zip
    .zip

    Password: 2024

  • SettingMonitor/SessEnv.dll
    .dll windows:10 windows x64 arch:x64

    Password: 2024

    c252150e2ab272715077e6f59b74980d


    Headers

    Imports

    Exports

    Sections

  • SettingMonitor/SettingMonitor.dll
    .dll windows:10 windows x64 arch:x64

    Password: 2024

    4d80d07630c7e6d5d9d8f47c9eb385d7


    Headers

    Imports

    Exports

    Sections

  • SettingMonitor/pnrpsvc.dll
    .dll windows:10 windows x64 arch:x64

    Password: 2024

    37f774d87f855a0f404a69308f3151da


    Headers

    Imports

    Exports

    Sections

  • SettingMonitor/uudf.dll
    .dll windows:10 windows x64 arch:x64

    Password: 2024

    b38628cfe74c2369b1284d127e70c2cb


    Headers

    Imports

    Exports

    Sections

  • SettingSync/SettingSync.dll
    .dll windows:10 windows x64 arch:x64

    Password: 2024

    7b47ecf8ca02907cd93bfb196ed60609


    Headers

    Imports

    Exports

    Sections

  • SettingSync/rasmontr.dll
    .dll windows:10 windows x64 arch:x64

    Password: 2024

    18970be6d7b652fcb1413c038f894c24


    Headers

    Imports

    Exports

    Sections

  • SettingSync/schannel.dll
    .dll windows:10 windows x64 arch:x64

    Password: 2024

    f9a7e6d2b3de9b36a6c1af314faffb97


    Headers

    Imports

    Exports

    Sections

  • SettingSync/sppcommdlg.dll
    .dll windows:10 windows x64 arch:x64

    9e7a74f359a4f7d11d4fce9a42612bae


    Headers

    Imports

    Exports

    Sections

  • dab/dab.dll
    .dll windows:10 windows x64 arch:x64

    9aec5c4aa0eee59fdd831e6d45f17768


    Headers

    Imports

    Exports

    Sections

  • dab/diagperf.dll
    .dll regsvr32 windows:10 windows x64 arch:x64

    b306282d5919c33c601b0599c6b8ce39


    Headers

    Imports

    Exports

    Sections

  • dab/fcon.dll
    .dll windows:10 windows x64 arch:x64

    e49a29f9efd90448f49e5fd8823a3bef


    Headers

    Imports

    Exports

    Sections

  • dab/hal.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • provcore/ReAgent.dll
    .dll windows:10 windows x64 arch:x64

    69b8547cc70479063e783239d816f920


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • provcore/msasn1.dll
    .dll windows:10 windows x64 arch:x64

    f79599ca729d557e0381ec0a41471a27


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • provcore/networkhelper.dll
    .dll windows:10 windows x64 arch:x64

    a27bcbd490e1101d8155e000cd94272f


    Headers

    Imports

    Exports

    Sections

  • provcore/provcore.dll
    .dll windows:10 windows x64 arch:x64

    81a888cb3ce408320e5ea1e6d2c40d06


    Headers

    Imports

    Exports

    Sections

  • setup.msi
    .msi
  • vmrdvcore/mssph.dll
    .dll regsvr32 windows:10 windows x64 arch:x64

    5dfbf61ae94045240f766cbfaff03ede


    Headers

    Imports

    Exports

    Sections

  • vmrdvcore/perfctrs.dll
    .dll windows:10 windows x64 arch:x64

    2405ad06873b3990210b1b04a23682fd


    Headers

    Imports

    Exports

    Sections

  • vmrdvcore/tapisrv.dll
    .dll windows:10 windows x64 arch:x64

    6aba8903eb7e4be23e07d9607806e424


    Headers

    Imports

    Exports

    Sections

  • vmrdvcore/vmrdvcore.dll
    .dll windows:10 windows x64 arch:x64

    055a22c998dd9328accc6de5710f416b


    Headers

    Imports

    Exports

    Sections

  • password.jpg
    .jpg