Overview

overview

7

Static

static

7

9f44a0080e...0N.exe

windows7-x64

3

9f44a0080e...0N.exe

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$TEMP/ulicense.rtf

windows7-x64

4

$TEMP/ulicense.rtf

windows10-2004-x64

1

FarmFrenzy...ca.exe

windows7-x64

7

FarmFrenzy...ca.exe

windows10-2004-x64

7

FarmFrenzy...rp.exe

windows7-x64

1

FarmFrenzy...rp.exe

windows10-2004-x64

1

JNGLoad.dll

windows7-x64

1

JNGLoad.dll

windows10-2004-x64

3

Squall.dll

windows7-x64

1

Squall.dll

windows10-2004-x64

1

htmlayout.dll

windows7-x64

7

htmlayout.dll

windows10-2004-x64

7

wrapper.dll

windows7-x64

7

wrapper.dll

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9f44a0080e6b7b8e5870761b34e50440N.exe

  • Size

    4.8MB

  • MD5

    9f44a0080e6b7b8e5870761b34e50440

  • SHA1

    77358a4d427c6099ab5b35e8c024f0e4a6e0c213

  • SHA256

    f427ee4f0cc17f25b61042dca853999b5a39490f979ada463d205201495e9c04

  • SHA512

    a0a0adf64d6063605070c0eee1f0bd0c20bbdd930a0c1df8cc8b9761cbc38ce751130224faff4c2022e0389c728b15797deb40948b8bd4a7bf2f3550071121a0

  • SSDEEP

    98304:66Q2rqI0O7L41KUOY3Aqrvj99849cOjk2WQV14ayHLQ3AC:66Q2rqI0O7Lfa3Aqrz849cckI14FMN

Score
7/10
upxaspackv2

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • ASPack v2.12-2.42 1 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 9 IoCs

    Checks for missing Authenticode signature.

Files

  • 9f44a0080e6b7b8e5870761b34e50440N.exe
    .exe windows:5 windows x86 arch:x86

    b729b61eb1515fcf7b3e511e4e66258b


    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/bar.bmp
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:5 windows x86 arch:x86

    9ea5bdc8c90dfcffe309465c26c89758


    Headers

    Imports

    Exports

    Sections

  • $TEMP/ulicense.rtf
    .rtf
  • Data/Data.pack
  • FarmFrenzy3_America.exe
    .exe windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • FarmFrenzy3_America.wrp.exe
    .exe windows:4 windows x86 arch:x86

    e94e021976b1047ad56fe91cb5099023


    Headers

    Imports

    Sections

  • JNGLoad.dll
    .dll windows:4 windows x86 arch:x86

    b019958100a358b3512fda93f23b2ae9


    Headers

    Imports

    Exports

    Sections

  • Squall.dll
    .dll windows:4 windows x86 arch:x86

    683559c4c245f4cde98c8ffb08209927


    Headers

    Imports

    Exports

    Sections

  • htmlayout.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • license.txt
  • manifest.xml
    .xml
  • partner.ini
  • registrator.ini
  • wrapper.dll
    .dll windows:5 windows x86 arch:x86


    Headers

    Exports

    Sections