General

  • Target

    f_0009b2.zip

  • Size

    970KB

  • MD5

    e5936603b16aa4187bca522827215912

  • SHA1

    47591f9eb330b396f312a1f2d601d033848047c4

  • SHA256

    f7fa4389d2ae2942304932ad939f14f59456785be97d18d79869b810fa0eaa08

  • SHA512

    63c87e3bf44adc84a06cf3e446d7269e9b2692bb159b38209f8560d8b5d7334ede36151cec35cc680fb3abe45cf953054aa63c470fd34fa85e45a5bc89b9af77

  • SSDEEP

    24576:yQwVwj8AnWJOTvCq65sK92tkXZFSLGnMYra:uVdJOTaZ95pFXnMb

Score
3/10

Malware Config

Signatures

  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

Files

  • f_0009b2.zip
    .zip

    Password: infected

  • f_0009b2
    .zip
  • goodbyedpi-0.2.3rc1/0_russia_update_blacklist_file.cmd
  • goodbyedpi-0.2.3rc1/1_russia_blacklist.cmd
  • goodbyedpi-0.2.3rc1/1_russia_blacklist_dnsredir.cmd
  • goodbyedpi-0.2.3rc1/2_any_country.cmd
  • goodbyedpi-0.2.3rc1/2_any_country_dnsredir.cmd
  • goodbyedpi-0.2.3rc1/licenses/LICENSE-getline.txt
  • goodbyedpi-0.2.3rc1/licenses/LICENSE-goodbyedpi.txt
  • goodbyedpi-0.2.3rc1/licenses/LICENSE-uthash.txt
  • goodbyedpi-0.2.3rc1/licenses/LICENSE-windivert.txt
  • goodbyedpi-0.2.3rc1/russia-blacklist.txt
  • goodbyedpi-0.2.3rc1/russia-youtube.txt
  • goodbyedpi-0.2.3rc1/service_install_russia_blacklist.cmd
  • goodbyedpi-0.2.3rc1/service_install_russia_blacklist_dnsredir.cmd
  • goodbyedpi-0.2.3rc1/service_remove.cmd
  • goodbyedpi-0.2.3rc1/x86/WinDivert.dll
    .dll windows:4 windows x86 arch:x86

    a8e7995c1f834b606568ac0eb04eba9c


    Headers

    Imports

    Exports

    Sections

  • goodbyedpi-0.2.3rc1/x86/WinDivert32.sys
    .sys windows:10 windows x86 arch:x86

    1238f7a80c6673337c15a82af3ef4030


    Code Sign

    Headers

    Imports

    Sections

  • goodbyedpi-0.2.3rc1/x86/WinDivert64.sys
    .sys windows:10 windows x64 arch:x64

    505c54af7fa8f0482014ca4fe5cdd53d


    Code Sign

    Headers

    Imports

    Sections

  • goodbyedpi-0.2.3rc1/x86/goodbyedpi.exe
    .exe windows:4 windows x86 arch:x86

    82c819ba431c1c7cf5d862c6f86b0857


    Headers

    Imports

    Sections

  • goodbyedpi-0.2.3rc1/x86_64/WinDivert.dll
    .dll windows:4 windows x64 arch:x64

    0b649f8e17494bb31b47f6e959a1769c


    Headers

    Imports

    Exports

    Sections

  • goodbyedpi-0.2.3rc1/x86_64/WinDivert64.sys
    .sys windows:10 windows x64 arch:x64

    505c54af7fa8f0482014ca4fe5cdd53d


    Code Sign

    Headers

    Imports

    Sections

  • goodbyedpi-0.2.3rc1/x86_64/goodbyedpi.exe
    .exe windows:4 windows x64 arch:x64

    82346c3181cfa36a7cae3c63af4f3e2e


    Headers

    Imports

    Sections