General

  • Target

    mewing version.rar

  • Size

    20.6MB

  • MD5

    2865ae4bec7a4e53210194e7eaf79983

  • SHA1

    9a2d6d00ff0a5ce87cb9f278a8a3a617820a91a8

  • SHA256

    dd9685647fc2a6bf15d38c6307315c61542dbb5bcab2f36a84e4086389245503

  • SHA512

    3502ab8f274e71a5b145ce88725ebe384737ca84613a33344571bf33457c1c802c06da9f0e74eca37c0472a4691dfae81471c47454b1f09274e6ae0797d65618

  • SSDEEP

    393216:kE4RcH3w2fhXuNiWTQP/BakFyV3htCRFW7a+j13NwebBu/L/13Q/hSeXVNNggaMn:ORcHTJXuvQPnM5htqFWW0PwemZg5SeXh

Score
3/10

Malware Config

Signatures

  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • mewing version.rar
    .rar
  • autoexec/test.lua
  • bin/LuaState.dll
    .dll windows:6 windows x64 arch:x64

    a5f4a6147d2ed8a25d3af1361ec14b14


    Headers

    Imports

    Exports

    Sections

  • bin/api.dll
    .dll windows:6 windows x64 arch:x64

    8dddbd7b83b4a6c40ec154c94d7c2475


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • bin/bridge.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • bin/bridge_callbacks.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • bin/encoder.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • bin/lua2py.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • bin/luau.dll
    .dll windows:6 windows x64 arch:x64

    dfd11645eb4732c0409f51f0532c3683


    Headers

    Imports

    Exports

    Sections

  • bin/newb.dll
  • bin/pydrive.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • bin/pydrive_2.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • bin/pykernel.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • bin/pymemory.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • bin/pysupport.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • bin/silent_reader.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • bin/utils.dll
    .dll windows:6 windows x86 arch:x86

    192f97404343ef4b20efee77a26645f5


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • main.exe
    .exe windows:6 windows x64 arch:x64

    059069f4df9784da751b0d719bcfcfd1


    Headers

    Imports

    Sections

  • workspace/.tests/appendfile.txt
  • workspace/.tests/isfile.txt
  • workspace/.tests/loadfile.txt
  • workspace/.tests/readfile.txt
  • workspace/.tests/writefile
  • workspace/.tests/writefile.txt