Overview

overview

7

Static

static

7

08f932e28c...0N.exe

windows7-x64

3

08f932e28c...0N.exe

windows10-2004-x64

3

$PLUGINSDI...nt.dll

windows7-x64

3

$PLUGINSDI...nt.dll

windows10-2004-x64

3

$PLUGINSDI...nd.dll

windows7-x64

3

$PLUGINSDI...nd.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...te.dll

windows7-x64

3

$PLUGINSDI...te.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...om.dll

windows7-x64

7

$PLUGINSDI...om.dll

windows10-2004-x64

7

$PLUGINSDIR/xml.dll

windows7-x64

3

$PLUGINSDIR/xml.dll

windows10-2004-x64

3

$TEMP/$_89...in.dll

windows7-x64

3

$TEMP/$_89...in.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    08f932e28cb2ca6e7a76f6eef90cfbb0N.exe

  • Size

    1.8MB

  • MD5

    08f932e28cb2ca6e7a76f6eef90cfbb0

  • SHA1

    b0ef136fdd95f6973d83e4141d5a6dea5d9c95c8

  • SHA256

    32cff60c9c0a140260a531773a211ab5395f3b42e1308e1bf1c30ec023039d60

  • SHA512

    03662ee96b9062f03d59c4c0298fd0b5737e35871aab4dab11ee925d02cc3519f6333762afe45228f9b9364249b78623fc438aa97374f016400d881146b3c731

  • SSDEEP

    49152:KNfrndikxqMydN1eybpbew8rFba2p3STS+9vD5BV:gfrP5yz1eybpbiBa2p3SBH

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 11 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • 08f932e28cb2ca6e7a76f6eef90cfbb0N.exe
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • $PLUGINSDIR/ButtonEvent.dll
    .dll windows:4 windows x86 arch:x86

    0ece15e7d9bb35972aec701f46192460


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/MyNsisExtend.dll
    .dll windows:4 windows x86 arch:x86

    9cb11d0d4bed69c64ae8d0549b4ce4ce


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    9cce555dd3ff1b6c7dc92d64c794c51a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/locate.dll
    .dll windows:4 windows x86 arch:x86

    7f8181c74f882a780c7cd485241e8b51


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    1e2884056e655f2b7bc5a904e352fc80


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsRandom.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/xml.dll
    .dll windows:4 windows x86 arch:x86

    b5ed5b3a951d4443ce56e5453702d536


    Headers

    Imports

    Exports

    Sections

  • $TEMP/$_89_/GMSkin_Image_2012_v1.zip
    .zip
  • skin.xml
  • skin/Thumbs.db
  • skin/icon1.png
    .png
  • skin/保存目录.png
    .png
  • skin/关闭.png
    .png
  • skin/协议背景.png
    .png
  • skin/卸载背景.png
    .png
  • skin/图片背景框.png
    .png
  • skin/多选.png
    .png
  • skin/安装.png
    .png
  • skin/安装01.png
    .png
  • skin/安装02.png
    .png
  • skin/安装03.png
    .png
  • skin/安装04.png
    .png
  • skin/安装05.png
    .png
  • skin/安装协议.png
    .png
  • skin/安装完成.png
    .png
  • skin/安装完成按钮.png
    .png
  • skin/完成.png
    .png
  • skin/广告关闭.png
    .png
  • skin/按钮.png
    .png
  • skin/最小化.png
    .png
  • skin/最小化2.png
    .png
  • skin/格子.png
    .png
  • skin/欢迎.png
    .png
  • skin/浏览.png
    .png
  • skin/游戏弹出.png
    .png
  • skin/软件弹出.png
    .png
  • skin/进度条.png
    .png
  • skin/进度条背景.png
    .png
  • skin/选项.png
    .png
  • skin/默认背景.png
    .png
  • $TEMP/$_89_/MyNsisSkin.dll
    .dll windows:4 windows x86 arch:x86

    8b2c18b411d31cbef33f61e5be07509a


    Headers

    Imports

    Exports

    Sections

  • $TEMP/$_89_/config.dat
  • $TEMP/$_89_/game.jpg
    .jpg
  • ai.z2f
    .zip
  • ai/Tasks/PlayerInteractions.tsk
  • ai/Tasks/actor.tsk
  • ai/Tasks/animals/CamelDromedary.beh
  • ai/Tasks/animals/CamelDromedary.tsk
  • ai/Tasks/animals/GazelleThomsons.beh
  • ai/Tasks/animals/GazelleThomsons.tsk
  • ai/Tasks/animals/PeafowlCommon.beh
  • ai/Tasks/animals/PeafowlCommon.tsk
  • ai/Tasks/animals/TigerBengal.beh
  • ai/Tasks/animals/TigerBengal.tsk
  • ai/Tasks/animals/animal.beh
  • ai/Tasks/animals/animal.tsk
  • ai/Tasks/animals/predator_prey.tsk
  • ai/Tasks/enrichment/ScratchPost.tsk
  • ai/Tasks/foliage/Kapok_Rainforest.tsk
  • ai/Tasks/foliage/Maple_Temperate.tsk
  • ai/Tasks/foliage/Tree.tsk
  • ai/Tasks/foliage/UmbrellaAcacia_Savannah.tsk
  • ai/Tasks/foliage/b_BrowseTree.tsk
  • ai/Tasks/foliage/b_GrazeGrass.tsk
  • ai/Tasks/foliage/foliage.tsk
  • ai/Tasks/foliage/plant.tsk
  • ai/Tasks/food/Carcass.tsk
  • ai/Tasks/food/Carcass_Meat.tsk
  • ai/Tasks/food/FoodDish.tsk
  • ai/Tasks/food/FoodDish_Bamboo.tsk
  • ai/Tasks/food/FoodDish_Bananas.tsk
  • ai/Tasks/food/FoodDish_Branches.tsk
  • ai/Tasks/food/FoodDish_Fish.tsk
  • ai/Tasks/food/FoodDish_Grass.tsk
  • ai/Tasks/food/FoodDish_Hay.tsk
  • ai/Tasks/food/FoodDish_Lettuce.tsk
  • ai/Tasks/food/FoodDish_Meat.tsk
  • ai/Tasks/food/FoodDish_Shrimp.tsk
  • ai/Tasks/food/FoodDish_Water.tsk
  • ai/Tasks/food/Terrain_Bamboo.tsk
  • ai/Tasks/food/Terrain_Bananas.tsk
  • ai/Tasks/food/Terrain_Branches.tsk
  • ai/Tasks/food/Terrain_Fish.tsk
  • ai/Tasks/food/Terrain_Grass.tsk
  • ai/Tasks/food/Terrain_Hay.tsk
  • ai/Tasks/food/Terrain_Lettuce.tsk
  • ai/Tasks/food/Terrain_Meat.tsk
  • ai/Tasks/global/b_RubObject_Large.tsk
  • ai/Tasks/global/b_RubObject_Medium.tsk
  • ai/Tasks/guests/AdultGuest.beh
  • ai/Tasks/guests/AdultGuest.tsk
  • ai/Tasks/guests/AdultGuestInteractions.beh
  • ai/Tasks/guests/AdultGuestInteractions.tsk
  • ai/Tasks/guests/Guest.beh
  • ai/Tasks/guests/YoungGuest.beh
  • ai/Tasks/guests/amusement/amusement.beh
  • ai/Tasks/guests/amusement/amusement.tsk
  • ai/Tasks/guests/attack/Attack.beh
  • ai/Tasks/guests/attack/Attack.tsk
  • ai/Tasks/guests/bathroom/Bathroom.beh
  • ai/Tasks/guests/bathroom/Bathroom.tsk
  • ai/Tasks/guests/dessert/Pretzel.beh
  • ai/Tasks/guests/dessert/Pretzel.tsk
  • ai/Tasks/guests/drink/Soda.beh
  • ai/Tasks/guests/drink/Soda.tsk
  • ai/Tasks/guests/food/Hotdog.beh
  • ai/Tasks/guests/food/Hotdog.tsk
  • ai/Tasks/guests/gift/Gift.beh
  • ai/Tasks/guests/gift/Gift.tsk
  • ai/Tasks/guests/guest.tsk
  • ai/Tasks/guests/guestfeedback/GuestEmotes.tsk
  • ai/Tasks/guests/seating/Seating.beh
  • ai/Tasks/guests/seating/Seating.tsk
  • ai/Tasks/guests/trash/Trash.beh
  • ai/Tasks/guests/trash/Trash.tsk
  • ai/Tasks/guests/viewanimal/AdultGuest_VA.beh
  • ai/Tasks/guests/viewanimal/Binoculars.beh
  • ai/Tasks/guests/viewanimal/Binoculars.tsk
  • ai/Tasks/guests/viewanimal/Footstool.beh
  • ai/Tasks/guests/viewanimal/Footstool.tsk
  • ai/Tasks/guests/viewanimal/ViewAnimal.beh
  • ai/Tasks/guests/viewanimal/ViewAnimal.tsk
  • ai/Tasks/guests/viewanimal/YoungGuest_VA.beh
  • ai/Tasks/rocks/b_ScentMarkable.tsk
  • ai/Tasks/shelters/ShadeStructure_Shelter.tsk
  • ai/Tasks/shelters/SmallStable_Shelter.tsk
  • ai/Tasks/shelters/SmallWooden_Shelter.tsk
  • ai/Tasks/staff/Educator.beh
  • ai/Tasks/staff/Educator.tsk
  • ai/Tasks/staff/Keeper.beh
  • ai/Tasks/staff/Keeper.tsk
  • ai/Tasks/staff/Staff.beh
  • ai/Tasks/staff/Staff.tsk
  • ai/Tasks/staff/Worker.beh
  • ai/Tasks/staff/Worker.tsk
  • ai/ZTAI.xml
  • ai/ambientsmgr.xml
  • ai/guestMgr.xml
  • ai/staffMgr.xml
  • biomes.z2f