General

  • Target

    8f36dde1cc56c41c6bf0da63a023acf0N.exe

  • Size

    2.7MB

  • MD5

    8f36dde1cc56c41c6bf0da63a023acf0

  • SHA1

    001634af373b3bd9017a62ecae71214b7b9c6156

  • SHA256

    e46141f1d741192361966ffa93790c3032ac6123d49a78c7271c101488b8848c

  • SHA512

    32771304c83ad649b947c9b5d102db43bcf01c2c1c3d4920bf82325f96fbc6c1aa6fc4c274c50cd6d44621ec2ef9b3e39ac8c48bbbf9cb7554d1ee247fe15f1e

  • SSDEEP

    49152:1KG0pl7yM9RTw0Pelu8G5UoeBJksdUD0f+GWeIWmRlo0:134H9RtPeoVOoOmZQVWtWm3Z

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 7 IoCs

    Checks for missing Authenticode signature.

Files

  • 8f36dde1cc56c41c6bf0da63a023acf0N.exe
    .exe windows:4 windows x86 arch:x86

    7ed0d71376e55d58ab36dc7d3ffda898


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/ShellExecAsUser.dll
    .dll windows:6 windows x86 arch:x86

    74eb4c5d129e78f52ccfa28e2d5c44c2


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/StartMenu.dll
    .dll windows:4 windows x86 arch:x86

    80469f6834e579db68a646d49780b9d5


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/md5dll.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    ec5fddc407d2b4e0a16fc4d786afc555


    Headers

    Imports

    Exports

    Sections

  • $TEMP/$0.nsis
  • $TEMP/$_85_/InstSupp.dll
    .dll windows:6 windows x86 arch:x86

    b9cf0767e22cb515529c8e5330dca183


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • FireFox/bootstrap.js
    .js
  • FireFox/chrome.manifest
  • FireFox/content/css/popup.css
  • FireFox/content/html/popup.html
    .html
  • FireFox/content/images/audio16.png
    .png
  • FireFox/content/images/error32.png
    .png
  • FireFox/content/images/icon16.png
    .png
  • FireFox/content/images/icon19.png
    .png
  • FireFox/content/images/icon32.png
    .png
  • FireFox/content/images/icon38.png
    .png
  • FireFox/content/images/icon48.png
    .png
  • FireFox/content/images/loading32.gif
    .gif
  • FireFox/content/images/ok32.png
    .png
  • FireFox/content/images/video16.png
    .png
  • FireFox/content/js/uid.js
  • FireFox/icon.png
    .png
  • FireFox/install.rdf
    .xml
  • FireFox/skin/icon16.png
    .png
  • FireFox/skin/icon32.png
    .png
  • FireFox/skin/toolbar.css
  • Modules/7z.dll
    .dll windows:4 windows x86 arch:x86

    71fc45db7a81ce236f432a828a4e8fcd


    Headers

    Imports

    Exports

    Sections

  • Modules/ArSp.dll
    .dll windows:6 windows x86 arch:x86

    4ed7437741b2d8023c306020fccb486f


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/BdUdr.dll
    .dll windows:6 windows x86 arch:x86

    e06ca1e2a865afc9943bfca9728cedb4


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/BrSp.dll
    .dll windows:6 windows x86 arch:x86

    f44971284508638e08ae8c4d5b63aa1a


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/CdPrc.dll
    .dll windows:6 windows x86 arch:x86

    6ec5aa307ea6940919d2cea1e22db304


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/Core.dll
    .dll windows:6 windows x86 arch:x86

    6cd14a259d294f46206c789d7c8541cc


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/InstSupp.dll
    .dll windows:6 windows x86 arch:x86

    b9cf0767e22cb515529c8e5330dca183


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/WInIn.dll
    .dll windows:6 windows x86 arch:x86

    0cf0f66bdfd4b109fe52657acbb94d3d


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/WbSt.dll
    .dll windows:6 windows x86 arch:x86

    ea0f27243a9302b6e303ef077587689c


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/WdCtl.dll
    .dll windows:6 windows x86 arch:x86

    2983d586e5b4549be55657e6e0047d0e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Ninja Loader.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • Ninja Loader.exe.config
  • NinjaMaintainer.exe
    .exe windows:6 windows x86 arch:x86

    9efb36435d4855f6f50e5e917a95a902


    Code Sign

    Headers

    Imports

    Sections

  • msvcp120.dll
    .dll windows:6 windows x86 arch:x86

    6ccda270a497a2c5a36a7f385cc9910d


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • msvcr120.dll
    .dll windows:6 windows x86 arch:x86

    aa8d086deb6960b10f8791df466a5610


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • uninstall.exe.nsis