Overview

overview

8

Static

static

3

Perm Unban...IN.exe

windows7-x64

1

Perm Unban...IN.exe

windows10-2004-x64

1

Perm Unban...64.exe

windows7-x64

1

Perm Unban...64.exe

windows10-2004-x64

1

Perm Unban...16.exe

windows7-x64

Perm Unban...16.exe

windows10-2004-x64

Perm Unban...IT.exe

windows7-x64

1

Perm Unban...IT.exe

windows10-2004-x64

1

Perm Unban...LL.dll

windows7-x64

3

Perm Unban...LL.dll

windows10-2004-x64

3

Perm Unban...YS.sys

windows7-x64

1

Perm Unban...YS.sys

windows10-2004-x64

1

Perm Unban...64.sys

windows7-x64

1

Perm Unban...64.sys

windows10-2004-x64

1

Perm Unban...64.sys

windows7-x64

1

Perm Unban...64.sys

windows10-2004-x64

1

Perm Unban...sk.exe

windows7-x64

6

Perm Unban...sk.exe

windows10-2004-x64

6

Perm Unban...ry.bat

windows7-x64

1

Perm Unban...ry.bat

windows10-2004-x64

1

Perm Unban...ip.bat

windows7-x64

8

Perm Unban...ip.bat

windows10-2004-x64

8

Perm Unban...ge.bat

windows7-x64

1

Perm Unban...ge.bat

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Perm_Unban.rar

  • Size

    1.6MB

  • MD5

    9a1093a7c043967fc846483c5679ba95

  • SHA1

    ce7108708cbcaf06f5e5dfb9fb27b6df6626aefe

  • SHA256

    e80cd34b19512bd5dd8ca13bc15ccca22d48508388793327fa98be4a1d04faad

  • SHA512

    c6df0b8d642ab126f14e012c2b3554a3ee3a557334281bad3b50901741afb17f9b90e2a3d83eb5647b0c623e920dd9f37fb6179b8d4fdb05d593863b8baec160

  • SSDEEP

    24576:WV3mMVFNLlqq+AeKJJHHPFFZUUUB3dC0XkD671o2AVT/+bVfDi/JvNzzxxYYgXDB:afFtbZY3dC00ko5bOGRFnxCYsseDL

Score
3/10

Malware Config

Signatures

  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

Files

  • Perm_Unban.rar
    .rar
  • Perm Unban/GRINX64v2/AMIDEWIN.EXE
    .exe windows:4 windows x86 arch:x86

    e4bef79f59242df9daf28c2c8193c40e


    Headers

    Imports

    Sections

  • Perm Unban/GRINX64v2/AMIDEWINx64.EXE
    .exe windows:6 windows x64 arch:x64

    ed928bd060b03bab412d37a11b9d26a0


    Headers

    Imports

    Sections

  • Perm Unban/GRINX64v2/DMI16.EXE
  • Perm Unban/GRINX64v2/DMIEDIT.EXE
    .exe windows:6 windows x64 arch:x64

    9bbd972bee7030506f62236dff565e85


    Headers

    Imports

    Sections

  • Perm Unban/GRINX64v2/README.txt
  • Perm Unban/GRINX64v2/UCOREDLL.DLL
    .dll windows:4 windows x86 arch:x86

    6b893ca0388ae7a60f134fafc899b16d


    Headers

    Imports

    Exports

    Sections

  • Perm Unban/GRINX64v2/UCORESYS.SYS
    .sys windows:4 windows x86 arch:x86

    072f277c4d89044b84c482307008a355


    Code Sign

    Headers

    Imports

    Sections

  • Perm Unban/GRINX64v2/UCOREVXD.VXD
  • Perm Unban/GRINX64v2/UCOREW64.SYS
    .sys windows:4 windows x64 arch:x64

    0dcd262801389f839ce909cb173448e2


    Code Sign

    Headers

    Imports

    Sections

  • Perm Unban/GRINX64v2/amifldrv64.sys
    .sys windows:6 windows x64 arch:x64

    363922cc73591e60f2af113182414230


    Code Sign

    Headers

    Imports

    Sections

  • Perm Unban/HardDisk.exe
    .exe windows:5 windows x86 arch:x86

    6b71a51c953ff20af290e7286a7dad23


    Headers

    Imports

    Sections

  • Perm Unban/Registry.bat
  • Perm Unban/Reset_ip.bat
  • Perm Unban/regedit_change.bat