Overview

overview

5

Static

static

3

Nicepage-6.16.5.exe

windows7-x64

4

Nicepage-6.16.5.exe

windows10-2004-x64

4

$PLUGINSDIR/INetC.dll

windows7-x64

3

$PLUGINSDIR/INetC.dll

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

$R0/Uninst...ge.exe

windows7-x64

5

$R0/Uninst...ge.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    Nicepage-6.16.5.exe

  • Size

    784KB

  • MD5

    263d1daeb6d6c51ddb70c8d4345b3b57

  • SHA1

    c2553091370e0060df49db1fa67379a57983cfde

  • SHA256

    db608402c047653636714225096dc1a7813ce9be4ed4534b909d4597ae422d03

  • SHA512

    42a452eef8aa0c0bde4869e07592d2b5a8614b8c7c33476552ebfa1a8d1831b628c786f846106d678c2b7007746e52a05106f31ad97fbd1811a83cbab84d9048

  • SSDEEP

    24576:PbYH3nMRDu1739G1szLSvJwxC0WzPgdV/YL:UXMRK739fqvCg0WTgLk

Score
3/10

Malware Config

Signatures

  • Unsigned PE 8 IoCs

    Checks for missing Authenticode signature.

Files

  • Nicepage-6.16.5.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    b34f154ec913d2d2c435cbd644e91687


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/INetC.dll
    .dll windows:5 windows x86 arch:x86

    Password: infected

    2c10f6f3e9eaa15d70f14c96e757b2e2


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/SpiderBanner.dll
    .dll windows:5 windows x86 arch:x86

    Password: infected

    90179d905cdca282880541c826651c15


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/StdUtils.dll
    .dll windows:5 windows x86 arch:x86

    Password: infected

    7b79709c0d5576549eb261e3410f95f8


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    e1c0bd3d5b9f3f5cec7ea773ff66ac6e


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/WinShell.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    a75c904bad153f5af2c37cfdf66eba5c


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    d31c5eb927119d00232e4d4b0e32fcdb


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsis7z.dll
    .dll windows:6 windows x86 arch:x86

    Password: infected

    2656ea25cde98f31a490513c2db04ae8


    Headers

    Imports

    Exports

    Sections

  • $R0/Uninstall Nicepage.exe
    .exe windows:4 windows x86 arch:x86

    b34f154ec913d2d2c435cbd644e91687


    Code Sign

    Headers

    Imports

    Sections