Overview

overview

10

Static

static

7

xchat-2.8.9.exe

windows7-x64

7

xchat-2.8.9.exe

windows10-2004-x64

10

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

README.html

windows7-x64

3

README.html

windows10-2004-x64

3

faq.html

windows7-x64

3

faq.html

windows10-2004-x64

3

minigtk.dll

windows7-x64

7

minigtk.dll

windows10-2004-x64

7

plugin20.html

windows7-x64

3

plugin20.html

windows10-2004-x64

3

plugins/xcdns.dll

windows7-x64

3

plugins/xcdns.dll

windows10-2004-x64

3

plugins/xcexec.dll

windows7-x64

3

plugins/xcexec.dll

windows10-2004-x64

3

plugins/xcperl.dll

windows7-x64

7

plugins/xcperl.dll

windows10-2004-x64

7

plugins/xcpython.dll

windows7-x64

3

plugins/xcpython.dll

windows10-2004-x64

3

plugins/xcpython.dll

windows7-x64

3

plugins/xcpython.dll

windows10-2004-x64

3

plugins/xctcl.dll

windows7-x64

7

plugins/xctcl.dll

windows10-2004-x64

7

uninstall.exe

windows7-x64

7

uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    xchat-2.8.9.exe

  • Size

    975KB

  • MD5

    0c592fa258088f7ccef673b91182ef28

  • SHA1

    9892106c2ed7000b3a64b5582cbc17d7f7bdbe64

  • SHA256

    193d6b392962b88c13fd66b6ba3b923097d21029d3abebda1a46d82114285365

  • SHA512

    d616b40c8dfc275029087062afc8fabcc431deaa1f6bca79c82c62c5c3b5e8c294b2744a0851e8cc4c7994ccd7edc860a1ac5d788ceefa3c418d6c52b58fb093

  • SSDEEP

    24576:J8gJTLQ0nBlo+erBf5++5FDQLhK9GahOk5EX0fWmbq:pTLQgi+erBfk9LhATl5EXM1q

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 3 IoCs

    Detects file using ACProtect software.

  • UPX packed file 6 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 19 IoCs

    Checks for missing Authenticode signature.

Files

  • xchat-2.8.9.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • $APPDATA/X-Chat 2/Icons/emot-frown.ico
  • $APPDATA/X-Chat 2/Icons/emot-smile.ico
  • $APPDATA/X-Chat 2/Icons/emot-tounge.ico
  • $APPDATA/X-Chat 2/Icons/emot-wink.ico
  • $APPDATA/X-Chat 2/Icons/te-action.ico
  • $APPDATA/X-Chat 2/Icons/te-join.ico
  • $APPDATA/X-Chat 2/Icons/te-part.ico
  • $APPDATA/X-Chat 2/colors.conf
  • $APPDATA/X-Chat 2/icons.conf
  • $APPDATA/X-Chat 2/pevents.conf
  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    57354bdeea3dfae6e948101add87501a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/StartMenu.dll
    .dll windows:4 windows x86 arch:x86

    28d94e5199b88ad374b3cb2118e31a66


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    4ec328f99bdd944fc98d8a5cf11f7a62


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • README.HTML
    .html
  • faq.html
    .html
  • gtkrc
  • lgpl.txt
  • locale/de/LC_MESSAGES/xchat.mo
  • locale/es/LC_MESSAGES/xchat.mo
  • locale/fi/LC_MESSAGES/xchat.mo
  • locale/fr/LC_MESSAGES/xchat.mo
  • locale/it/LC_MESSAGES/xchat.mo
  • locale/nl/LC_MESSAGES/xchat.mo
  • locale/sv/LC_MESSAGES/xchat.mo
  • minigtk.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • plugin20.html
    .html
  • plugins/xcdns.dll
    .dll windows:4 windows x86 arch:x86

    1094e8bf2568119a5ba4674b557efeb7


    Headers

    Imports

    Exports

    Sections

  • plugins/xcexec.dll
    .dll windows:4 windows x86 arch:x86

    c0d83728d9cb76a3373e4932f8862030


    Headers

    Imports

    Exports

    Sections

  • plugins/xcperl.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • plugins/xcpython.dll
    .dll windows:4 windows x86 arch:x86

    ca0970ab5402671d672c5911ce58913a


    Headers

    Imports

    Exports

    Sections

  • plugins/xcpython.mod
    .dll windows:4 windows x86 arch:x86

    ebe63c9bb8541f095f37842f052bc630


    Headers

    Imports

    Exports

    Sections

  • plugins/xctcl.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • uninstall.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    57354bdeea3dfae6e948101add87501a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • xchat.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections