Overview

overview

7

Static

static

3

SESM200425...76.exe

windows7-x64

7

SESM200425...76.exe

windows10-2004-x64

7

$PLUGINSDI...ge.dll

windows7-x64

3

$PLUGINSDI...ge.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    a1e8891473ef25747792b75d0b1d0a06.bin

  • Size

    1.5MB

  • MD5

    303b56bf2264cacf15a41a560aa518df

  • SHA1

    5e77eebb604a0e4e8b2ef2c757efdb3f777edb65

  • SHA256

    65c3277469b54d64d63b392deb58f00af553897588430eb3bf2a7f1476bab41b

  • SHA512

    3a08d3633cd34bd8438e3d5d6212dc3ba2bf70c54638d72fa226500e2e5f14f634d2fe184afed6312ca5e811b55eead54b62020ecfb06363e362d574449c9e7f

  • SSDEEP

    24576:UIcCHnW3MLIj8nGe0quO13QSXLqMcWR22crEp2kfufHsrbiWRHUAnXM1hHF:UIcC231j40KjcWYVrEpEvsrpHRnXMzl

Score
3/10

Malware Config

Signatures

  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

Files

  • a1e8891473ef25747792b75d0b1d0a06.bin
    .zip

    Password: infected

  • 3f9d7044a494030384eac541c96f590d7fb46615b653bef1eff3b56102772d6e.zip
    .zip

    Password: infected

  • SESM20042580 UKWT5376.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    6e7f9a29f2c85394521a08b9f31f6275


    Headers

    Imports

    Sections

  • $PLUGINSDIR/BgImage.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    32b0f5880a0efd258c6be2f7a14f4a9f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    5e62e8e248e7364886b604bd1fcf4c13


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    6b5c4f7d679059f68f1269aad3a5cecd


    Headers

    Imports

    Exports

    Sections

  • Storkbsbutikken/Acrididae.mar
  • Storkbsbutikken/Barde.brn
  • Storkbsbutikken/Intermezzo.txt
  • Storkbsbutikken/Sejlbrtterne.fem
  • Storkbsbutikken/Symmetriegenskaben.Lys
  • Storkbsbutikken/Tvaervektoren185.Bas
  • Storkbsbutikken/lumen.jpg
    .jpg

    Password: infected

  • Storkbsbutikken/prejudged.obn
  • Storkbsbutikken/reputableness.krf