General

  • Target

    42fc5462964e17bcbc2e6fe2e621bfecf2d241d8df5c31bb1bd48144df7ccd67

  • Size

    75KB

  • MD5

    72e5f385db136beff079622851953461

  • SHA1

    2748185e029092cec9ee2b0e7a824f324092d9c9

  • SHA256

    42fc5462964e17bcbc2e6fe2e621bfecf2d241d8df5c31bb1bd48144df7ccd67

  • SHA512

    780c8f6b9a1b967c9cf2773198c4ec28be2f424373b431cbc5fcfc180df30ca348d8d8c0b908db014275428b6a4accb15f67eb376464f52bd4a7167bfa2121ec

  • SSDEEP

    1536:Yszo2iRq8bjAmnQzG5vZl2e2tYIzkQtTvQYlTjd/8QvJ:jzoTRpbLQQhlVIoQdQYpjR8QvJ

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

Files

  • 42fc5462964e17bcbc2e6fe2e621bfecf2d241d8df5c31bb1bd48144df7ccd67
    .zip
  • EasyWebSvr/EasyWebSvr.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • EasyWebSvr/EasyWebSvr.ini
  • EasyWebSvr/demo/hello.asp
    .html
  • EasyWebSvr/demo/hello.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • EasyWebSvr/demo/hello.php
    .html
  • EasyWebSvr/demo/hello.pl
  • EasyWebSvr/demo/index.htm
    .html
  • EasyWebSvr/demo/msg.dat
  • EasyWebSvr/demo/phpinfo.php
    .html
  • EasyWebSvr/demo/readme.txt
  • EasyWebSvr/demo/viewmsg.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • EasyWebSvr/readme.txt