Overview

overview

7

Static

static

7

d4fd84e18a...0N.exe

windows7-x64

7

d4fd84e18a...0N.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...ig.dll

windows7-x64

3

$PLUGINSDI...ig.dll

windows10-2004-x64

3

$PLUGINSDI...ry.dll

windows7-x64

3

$PLUGINSDI...ry.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...er.exe

windows7-x64

3

$PLUGINSDI...er.exe

windows10-2004-x64

3

$PLUGINSDI...ze.dll

windows7-x64

7

$PLUGINSDI...ze.dll

windows10-2004-x64

7

Newtonsoft.Json.dll

windows7-x64

1

Newtonsoft.Json.dll

windows10-2004-x64

1

ObjectListView.dll

windows7-x64

1

ObjectListView.dll

windows10-2004-x64

1

XFontManager.exe

windows7-x64

3

XFontManager.exe

windows10-2004-x64

3

fontinst.exe

windows7-x64

7

fontinst.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    d4fd84e18a0e4655c98da83647c59830N.exe

  • Size

    1.3MB

  • MD5

    d4fd84e18a0e4655c98da83647c59830

  • SHA1

    c2069e40cea5a8b10e77d02240782e289581fa48

  • SHA256

    3a972e30437d25fb84ed8f812af8b2465f049eac40a298a0b8147ec01fcd4ba1

  • SHA512

    db009f6b1bb1d180faee16af0b331b9222575652d234f50c7708df40b4086b038bb752520e6bf93a48d0c1d73a0d3eee33da94a862101a9a25cd9dedb8a51fcd

  • SSDEEP

    24576:k6uzp1+2RJE9TttfjxVH0A3SrLeoc2hXMdkdXEfHyilQWBzH:WFTE9TbflBCdc2ykhEfSzs

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 11 IoCs

    Checks for missing Authenticode signature.

Files

  • d4fd84e18a0e4655c98da83647c59830N.exe
    .exe windows:4 windows x86 arch:x86

    7ed0d71376e55d58ab36dc7d3ffda898


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/3429058.ttf.bmp
  • $PLUGINSDIR/FindProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    e26d7460d0c04056b9226a899477ba4d


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    4b45b7e00344a87332fbd12653854d1a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/IpConfig.dll
    .dll windows:5 windows x86 arch:x86

    3f0fda09180f619ca116344bede41608


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/Registry.dll
    .dll windows:4 windows x86 arch:x86

    421a02aae559045e04759aae146087eb


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:4 windows x86 arch:x86

    e644d8080c0d8d6edb0733f8965fd30e


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/downloader.exe
    .exe windows:5 windows x86 arch:x86

    a05d88650e5594db2afe874ec2674b55


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/finishpage230549.ini
  • $PLUGINSDIR/logo_Yandex_RU_UA_vertical.ico
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/nsResize.dll
    .dll windows:6 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:6 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/xfont.ru.logo.ico
  • $PLUGINSDIR/yandexbarpage2230549.ini
  • $PLUGINSDIR/yandexbrowser.ini
  • $PLUGINSDIR/yandexbrowsersetup.ico
  • 3429058.ttf
  • Newtonsoft.Json.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ObjectListView.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • XFontManager.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • XFontManager.exe.config
    .xml
  • db.zip
    .zip
  • fonts.hash
  • fonts.json
  • favorites.json
  • fontinst.exe
    .exe windows:4 windows x86 arch:x86

    7ed0d71376e55d58ab36dc7d3ffda898


    Headers

    Imports

    Sections

  • xfont.ru.ico
  • xfont.ru.logo.ico
  • Удаление (Uninstall).exe.nsis