Overview

overview

7

Static

static

3

52c4541734...0N.exe

windows7-x64

7

52c4541734...0N.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

get.cmd

windows7-x64

1

get.cmd

windows10-2004-x64

3

ls.cmd

windows7-x64

1

ls.cmd

windows10-2004-x64

1

split.cmd

windows7-x64

1

split.cmd

windows10-2004-x64

3

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

zAnsi.exe

windows7-x64

1

zAnsi.exe

windows10-2004-x64

3

zBck.exe

windows7-x64

3

zBck.exe

windows10-2004-x64

3

zBeg.exe

windows7-x64

1

zBeg.exe

windows10-2004-x64

3

zBoxbackup.exe

windows7-x64

3

zBoxbackup.exe

windows10-2004-x64

3

zByteSwap.exe

windows7-x64

1

zByteSwap.exe

windows10-2004-x64

3

zClock.exe

windows7-x64

3

zClock.exe

windows10-2004-x64

3

zComp.exe

windows7-x64

1

zComp.exe

windows10-2004-x64

3

zDelTree.exe

windows7-x64

1

zDelTree.exe

windows10-2004-x64

3

zDir.exe

windows7-x64

1

zDir.exe

windows10-2004-x64

3

zDirSync.exe

windows7-x64

3

zDirSync.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    52c45417346ec66003be870876e5aed0N.exe

  • Size

    4.7MB

  • MD5

    52c45417346ec66003be870876e5aed0

  • SHA1

    f72d0a83302b2da65c00312586362b5395e01b44

  • SHA256

    1d08b33d67ae41585ddbf7c172844e7e6ea5c8191a7738e0e8c6a831f6cb5b52

  • SHA512

    66ec9f7a7a0573fbf100078322fd135b39b85e76bdb1b089a6676b84e0a2965d50cd646d871689b6bb49d5378ef57c45a56802a5a068eca9a73ae422d613a2cb

  • SSDEEP

    98304:EGTeSgqHKekEq+J+4iE+3pp7rmPL0GPkLGknVTHkhicE8MtAkcXqhWmL78oGdYRy:ESeQK5d+XxcSkn9HkhicErtAkB5QdYRy

Score
3/10

Malware Config

Signatures

  • Unsigned PE 32 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • 52c45417346ec66003be870876e5aed0N.exe
    .exe windows:4 windows x86 arch:x86

    18bc6fa81e19f21156316b1ae696ed6b


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    57354bdeea3dfae6e948101add87501a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • get.cmd
  • ls.cmd
  • split.cmd
  • uninst.exe
    .exe windows:4 windows x86 arch:x86

    18bc6fa81e19f21156316b1ae696ed6b


    Headers

    Imports

    Sections

  • zAnsi.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zBck.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zBck01.ico
  • zBeg.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zBoxbackup.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zByteSwap.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zClock.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zComp.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zDelTree.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zDir.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zDirSync.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zDownload.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zEdit.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zEdit01.ico
  • zFileDownloader.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zFindAnsi.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zFindFiles.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zFindString.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zFoldEx.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zFtp.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zFtpEx.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zHelp.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zID3Edit.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zMem.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zMove.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zPrimeGen.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zSleep.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zSplit.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zSwap.cmd
  • zTools01.ico
  • zTools02.ico
  • zTools03.ico
  • zWinOp.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • zWriteln.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • ze.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections