Overview

overview

7

Static

static

3

6e597597cf...a8.exe

windows7-x64

7

6e597597cf...a8.exe

windows10-2004-x64

7

$PLUGINSDI...ol.dll

windows7-x64

3

$PLUGINSDI...ol.dll

windows10-2004-x64

3

$PLUGINSDI...in.dll

windows7-x64

3

$PLUGINSDI...in.dll

windows10-2004-x64

3

$PLUGINSDI...es.dll

windows7-x64

3

$PLUGINSDI...es.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...st.dll

windows7-x64

3

$PLUGINSDI...st.dll

windows10-2004-x64

3

$PLUGINSDIR/Math.dll

windows7-x64

3

$PLUGINSDIR/Math.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...es.dll

windows7-x64

3

$PLUGINSDI...es.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDIR/ip.dll

windows7-x64

3

$PLUGINSDIR/ip.dll

windows10-2004-x64

3

$PLUGINSDI...ay.dll

windows7-x64

3

$PLUGINSDI...ay.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDIR/time.dll

windows7-x64

3

$PLUGINSDIR/time.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    6e597597cf93f53f49c88789ad23b525f5028a44487d3aa73361f032c0fd67a8

  • Size

    1.7MB

  • MD5

    193444a324f2cf7a602ab46145bb72a8

  • SHA1

    a04cbe8926489977d0c154ead6b1f8a6fae0e760

  • SHA256

    6e597597cf93f53f49c88789ad23b525f5028a44487d3aa73361f032c0fd67a8

  • SHA512

    48c650a30e9e46211f630bb0114beb2496aef26361dbf637702d9bd40fcfd6f85c786f33158bd177e14eaa3afdd3338106b36ce46fac04497274e0b0b152bc36

  • SSDEEP

    49152:NTjOk1seP5n12rcQMiRlUuyvIpzuJ3t2Yrsdepmcb/:lkrcaRlnxzad3rsdepT/

Score
3/10

Malware Config

Signatures

  • Unsigned PE 16 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • 6e597597cf93f53f49c88789ad23b525f5028a44487d3aa73361f032c0fd67a8
    .exe windows:4 windows x86 arch:x86

    671f2a1f8aee14d336bab98fea93d734


    Headers

    Imports

    Sections

  • $PLUGINSDIR/AccessControl.dll
    .dll windows:4 windows x86 arch:x86

    b79de4e8687b3fce7173ec8dc917f685


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/AltaPlugin.dll
    .dll windows:5 windows x86 arch:x86

    d620209ec1b5ec9a4dcbcc66c303729e


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/CPUFeatures.dll
    .dll windows:5 windows x86 arch:x86

    3bda189a1e76125240bd7a57dc0d49a7


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/HwInfo.dll
    .dll windows:4 windows x86 arch:x86

    4e6a4062a56dafcc8b54b60996e9ff37


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/LockedList.dll
    .dll windows:6 windows x86 arch:x86

    935d05a3355dd7910c24140217209860


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/Math.dll
    .dll windows:4 windows x86 arch:x86

    2901e557a7c7634663a88bdc712c6678


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/RealProgress.dll
    .dll windows:4 windows x86 arch:x86

    866b4c5806cbf5bb7c6efdb2d39ea1b3


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    240ca92ecc1c291801c451c447e16c12


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ToggleInstFiles.dll
    .dll windows:4 windows x86 arch:x86

    102d7c44fc91438761fd5be100c0690e


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:4 windows x86 arch:x86

    5197e2b5d0b686a43ee5fcfc134f44d9


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    13b1bef222622e1e4753306d634849ab


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ip.dll
    .dll windows:1 windows x86 arch:x86


    Headers

    Exports

    Sections

  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsArray.dll
    .dll windows:6 windows x86 arch:x86

    ddfc5272f0f38c6d49db71b2dfaa312e


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    cfc8bb9e11188db414351d2620c98f39


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/time.dll
    .dll windows:4 windows x86 arch:x86

    52d8e191fc300dee721dd8473cf053f5


    Headers

    Imports

    Exports

    Sections