Overview

overview

7

Static

static

7

9980c97776...0N.exe

windows7-x64

3

9980c97776...0N.exe

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$TEMP/ulicense.rtf

windows7-x64

4

$TEMP/ulicense.rtf

windows10-2004-x64

1

FarmFrenzy...ca.exe

windows7-x64

7

FarmFrenzy...ca.exe

windows10-2004-x64

7

FarmFrenzy...rp.exe

windows7-x64

1

FarmFrenzy...rp.exe

windows10-2004-x64

1

JNGLoad.dll

windows7-x64

3

JNGLoad.dll

windows10-2004-x64

3

Squall.dll

windows7-x64

1

Squall.dll

windows10-2004-x64

1

htmlayout.dll

windows7-x64

7

htmlayout.dll

windows10-2004-x64

7

wrapper.dll

windows7-x64

7

wrapper.dll

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    9980c97776d06da2f6f5b35ac17abc90N.exe

  • Size

    4.8MB

  • MD5

    9980c97776d06da2f6f5b35ac17abc90

  • SHA1

    ae3689c8ce016c4e080e814a57691efa99b981fb

  • SHA256

    69cbcda2b5e713ec864d30a94e7b2effd4b23b26fbc081c5dba09ed6be1550e8

  • SHA512

    39aa08b6cbadbb68fb1d209cd20c043d4820b69a432357e42b95ef39d8cd3e91cf7e10341a696924c60be4f354161884481b45aca822ba1d59509a496ff9caf4

  • SSDEEP

    98304:66Q2rqI0O7L41KUOY3Aqrvj99849cOjk2WQV14ayHLQ3Ax:66Q2rqI0O7Lfa3Aqrz849cckI14FMq

Score
7/10
upxaspackv2

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • ASPack v2.12-2.42 1 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 9 IoCs

    Checks for missing Authenticode signature.

Files

  • 9980c97776d06da2f6f5b35ac17abc90N.exe
    .exe windows:5 windows x86 arch:x86

    b729b61eb1515fcf7b3e511e4e66258b


    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/bar.bmp
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:5 windows x86 arch:x86

    9ea5bdc8c90dfcffe309465c26c89758


    Headers

    Imports

    Exports

    Sections

  • $TEMP/ulicense.rtf
    .rtf
  • Data/Data.pack
  • FarmFrenzy3_America.exe
    .exe windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • FarmFrenzy3_America.wrp.exe
    .exe windows:4 windows x86 arch:x86

    e94e021976b1047ad56fe91cb5099023


    Headers

    Imports

    Sections

  • JNGLoad.dll
    .dll windows:4 windows x86 arch:x86

    b019958100a358b3512fda93f23b2ae9


    Headers

    Imports

    Exports

    Sections

  • Squall.dll
    .dll windows:4 windows x86 arch:x86

    683559c4c245f4cde98c8ffb08209927


    Headers

    Imports

    Exports

    Sections

  • htmlayout.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • license.txt
  • manifest.xml
    .xml
  • partner.ini
  • registrator.ini
  • wrapper.dll
    .dll windows:5 windows x86 arch:x86


    Headers

    Exports

    Sections