Overview

overview

6

Static

static

3

drivers/wi...RV.sys

windows7-x64

1

drivers/wi...RV.sys

windows10-2004-x64

1

drivers/wi...RV.sys

windows7-x64

1

drivers/wi...RV.sys

windows10-2004-x64

1

drivers/wi...RV.sys

windows7-x64

1

drivers/wi...RV.sys

windows10-2004-x64

1

drivers/wi...RV.sys

windows7-x64

1

drivers/wi...RV.sys

windows10-2004-x64

1

drivers/wi...RV.sys

windows7-x64

1

drivers/wi...RV.sys

windows10-2004-x64

1

drivers/wi...RV.sys

windows7-x64

1

drivers/wi...RV.sys

windows10-2004-x64

1

drivers/wi...RV.sys

windows7-x64

1

drivers/wi...RV.sys

windows10-2004-x64

1

mscanner-f...dm.dll

windows7-x64

1

mscanner-f...dm.dll

windows10-2004-x64

1

mscanner-f...st.exe

windows7-x64

5

mscanner-f...st.exe

windows10-2004-x64

5

mscanner-f...PN.ps1

windows7-x64

3

mscanner-f...PN.ps1

windows10-2004-x64

3

mscanner-f...me.url

windows7-x64

6

mscanner-f...me.url

windows10-2004-x64

3

drivers/wi...RV.sys

windows7-x64

1

drivers/wi...RV.sys

windows10-2004-x64

1

drivers/wi...RV.sys

windows7-x64

1

drivers/wi...RV.sys

windows10-2004-x64

1

drivers/wi...RV.sys

windows7-x64

1

drivers/wi...RV.sys

windows10-2004-x64

1

drivers/wi...RV.sys

windows7-x64

1

drivers/wi...RV.sys

windows10-2004-x64

1

drivers/wi...RV.sys

windows7-x64

1

drivers/wi...RV.sys

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    mscanner-free-portable.zip

  • Size

    12.4MB

  • MD5

    e5f33cbcc7fc88d7e81efec94d0aa377

  • SHA1

    14e9db4d846504b5b98831d074afb319fa2b1325

  • SHA256

    1e17c590eacd8547f4becb80ae2f49bc94b3877b870bb9a4caa38336b97c1bff

  • SHA512

    38232029d230b828788294d6435aebab75653c311319da33eeaaf79f9917e5b9ed53cd14098325427e9e0da383c14c048b145dd66a80622869952967412e659c

  • SSDEEP

    196608:xzBN40hGzKp9okpNBJimbZPXS0EQHKGRUJlUxpP07XGfjH2xrXmwlTpjTAf64cgj:xzBNKOwkpNXpLE4K+UEpPPWxXJprgj

Score
3/10

Malware Config

Signatures

  • Unsigned PE 12 IoCs

    Checks for missing Authenticode signature.

Files

  • mscanner-free-portable.zip
    .zip
  • mscanner-free-portable/x64/core.dll
    .zip
  • drivers/win7/amd64/MDA_NTDRV.sys
    .sys windows:6 windows x64 arch:x64

    c7bce6d53c2b7a032ae8e88bd6efa8f2


    Headers

    Imports

    Sections

  • drivers/win7/i386/MDA_NTDRV.sys
    .sys windows:6 windows x86 arch:x86

    c50e07f3c00e76404fa0d1348a11541a


    Headers

    Imports

    Sections

  • drivers/winlh/amd64/MDA_NTDRV.sys
    .sys windows:6 windows x64 arch:x64

    c7bce6d53c2b7a032ae8e88bd6efa8f2


    Headers

    Imports

    Sections

  • drivers/winlh/i386/MDA_NTDRV.sys
    .sys windows:6 windows x86 arch:x86

    c50e07f3c00e76404fa0d1348a11541a


    Headers

    Imports

    Sections

  • drivers/winnet/amd64/MDA_NTDRV.sys
    .sys windows:6 windows x64 arch:x64

    c6c3757641cc088e31875efbec074068


    Code Sign

    Headers

    Imports

    Sections

  • drivers/winnet/i386/MDA_NTDRV.sys
    .sys windows:6 windows x86 arch:x86

    c282198bc24c5a8e2d143c1f82a4470a


    Headers

    Imports

    Sections

  • drivers/winxp/i386/MDA_NTDRV.sys
    .sys windows:6 windows x86 arch:x86

    c282198bc24c5a8e2d143c1f82a4470a


    Headers

    Imports

    Sections

  • mscanner-free-portable/x64/dm.api
    .dll windows:5 windows x64 arch:x64

    351b182fefb6c188a88749b83afabad1


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • mscanner-free-portable/x64/dm.st.exe
    .exe windows:5 windows x64 arch:x64

    1fa08bc506abdedc32ce7588aa02e757


    Code Sign

    Headers

    Imports

    Sections

  • mscanner-free-portable/x64/languages/ARJ.lng
  • mscanner-free-portable/x64/languages/BGR.lng
  • mscanner-free-portable/x64/languages/CHS.lng
  • mscanner-free-portable/x64/languages/CHT.lng
  • mscanner-free-portable/x64/languages/CSY.lng
  • mscanner-free-portable/x64/languages/DEU.lng
  • mscanner-free-portable/x64/languages/ELL.lng
  • mscanner-free-portable/x64/languages/ENG.lng
  • mscanner-free-portable/x64/languages/ESP.lng
  • mscanner-free-portable/x64/languages/FIN.lng
  • mscanner-free-portable/x64/languages/FRA.lng
  • mscanner-free-portable/x64/languages/HEB.lng
  • mscanner-free-portable/x64/languages/HRV.lng
  • mscanner-free-portable/x64/languages/HUN.lng
  • mscanner-free-portable/x64/languages/ITA.lng
  • mscanner-free-portable/x64/languages/JPN.lng
    .ps1
  • mscanner-free-portable/x64/languages/KOR.lng
  • mscanner-free-portable/x64/languages/NLD.lng
  • mscanner-free-portable/x64/languages/NOR.lng
  • mscanner-free-portable/x64/languages/PLK.lng
  • mscanner-free-portable/x64/languages/PTG.lng
  • mscanner-free-portable/x64/languages/ROM.lng
  • mscanner-free-portable/x64/languages/RUS.lng
  • mscanner-free-portable/x64/languages/SLV.lng
  • mscanner-free-portable/x64/languages/SVE.lng
  • mscanner-free-portable/x64/languages/TRK.lng
  • mscanner-free-portable/x64/languages/UKR.lng
  • mscanner-free-portable/x64/readme.url
    .url
  • mscanner-free-portable/x86/core.dll
    .zip
  • drivers/win7/amd64/MDA_NTDRV.sys
    .sys windows:6 windows x64 arch:x64

    c7bce6d53c2b7a032ae8e88bd6efa8f2


    Headers

    Imports

    Sections

  • drivers/win7/i386/MDA_NTDRV.sys
    .sys windows:6 windows x86 arch:x86

    c50e07f3c00e76404fa0d1348a11541a


    Headers

    Imports

    Sections

  • drivers/winlh/amd64/MDA_NTDRV.sys
    .sys windows:6 windows x64 arch:x64

    c7bce6d53c2b7a032ae8e88bd6efa8f2


    Headers

    Imports

    Sections

  • drivers/winlh/i386/MDA_NTDRV.sys
    .sys windows:6 windows x86 arch:x86

    c50e07f3c00e76404fa0d1348a11541a


    Headers

    Imports

    Sections

  • drivers/winnet/amd64/MDA_NTDRV.sys
    .sys windows:6 windows x64 arch:x64

    c6c3757641cc088e31875efbec074068


    Code Sign

    Headers

    Imports

    Sections

  • drivers/winnet/i386/MDA_NTDRV.sys
    .sys windows:6 windows x86 arch:x86

    c282198bc24c5a8e2d143c1f82a4470a


    Headers

    Imports

    Sections

  • drivers/winxp/i386/MDA_NTDRV.sys
    .sys windows:6 windows x86 arch:x86

    c282198bc24c5a8e2d143c1f82a4470a


    Headers

    Imports

    Sections

  • mscanner-free-portable/x86/dm.api
    .dll windows:5 windows x86 arch:x86

    48be9861e036760e6ee3fb322a536b5b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • mscanner-free-portable/x86/dm.st.exe
    .exe windows:5 windows x86 arch:x86

    31b05fa1bc23aebb211e9d4a572d91b8


    Code Sign

    Headers

    Imports

    Sections

  • mscanner-free-portable/x86/languages/ARJ.lng
  • mscanner-free-portable/x86/languages/BGR.lng
  • mscanner-free-portable/x86/languages/CHS.lng
  • mscanner-free-portable/x86/languages/CHT.lng
  • mscanner-free-portable/x86/languages/CSY.lng
  • mscanner-free-portable/x86/languages/DEU.lng
  • mscanner-free-portable/x86/languages/ELL.lng
  • mscanner-free-portable/x86/languages/ENG.lng
  • mscanner-free-portable/x86/languages/ESP.lng
  • mscanner-free-portable/x86/languages/FIN.lng
  • mscanner-free-portable/x86/languages/FRA.lng
  • mscanner-free-portable/x86/languages/HEB.lng
  • mscanner-free-portable/x86/languages/HRV.lng
  • mscanner-free-portable/x86/languages/HUN.lng
  • mscanner-free-portable/x86/languages/ITA.lng
  • mscanner-free-portable/x86/languages/JPN.lng
    .ps1
  • mscanner-free-portable/x86/languages/KOR.lng
  • mscanner-free-portable/x86/languages/NLD.lng
  • mscanner-free-portable/x86/languages/NOR.lng
  • mscanner-free-portable/x86/languages/PLK.lng
  • mscanner-free-portable/x86/languages/PTG.lng
  • mscanner-free-portable/x86/languages/ROM.lng
  • mscanner-free-portable/x86/languages/RUS.lng
  • mscanner-free-portable/x86/languages/SLV.lng
  • mscanner-free-portable/x86/languages/SVE.lng
  • mscanner-free-portable/x86/languages/TRK.lng
  • mscanner-free-portable/x86/languages/UKR.lng
  • mscanner-free-portable/x86/readme.url
    .url