Overview

overview

7

Static

static

3

WinDjView-...up.exe

windows7-x64

7

WinDjView-...up.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

WinDjView.exe

windows7-x64

3

WinDjView.exe

windows10-2004-x64

3

uninstall.exe

windows7-x64

7

uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    WinDjView-2.1-Setup.exe

  • Size

    2.8MB

  • MD5

    c838f4233c838ce7cb8d22e6efdf9f23

  • SHA1

    b595ef472e50bc70a6b2a2991516775bf0d36e26

  • SHA256

    c46a0b6b2c1c289b99fc92212443c911b80a899ddc772442e1a47264c9039c5c

  • SHA512

    f2261ea46a673550fda858b6fa50c92b1935dfbb7d3214f0f7f280fc16dfb32da6da6e5fc92ca44fab81b8112f7e0fcc3bfa438e9ae3852f4253b21213affec8

  • SSDEEP

    49152:dUeaYszOPwqrkg9GpgWHkigF8qedxZxxyu5z9dSYPzpGYFV9RBqCsf:dDbweop9E8qyPzD5z9dzdV9RoCW

Score
3/10

Malware Config

Signatures

  • Unsigned PE 9 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • WinDjView-2.1-Setup.exe
    .exe windows:4 windows x86 arch:x86

    61259b55b8912888e90f516ca08dc514


    Headers

    Imports

    Sections

  • $PLUGINSDIR/LangDLL.dll
    .dll windows:4 windows x86 arch:x86

    3e8d18bb71c7ebbda2ddc2a4bb03547b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:4 windows x86 arch:x86

    2a2e0e82c0dc9890f9201e8bd8ecbff2


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    6b5c4f7d679059f68f1269aad3a5cecd


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/yandex-distr-en.bmp
  • $PLUGINSDIR/yandex-distr.bmp
  • WinDjView.exe
    .exe windows:5 windows x86 arch:x86

    fa96e278a619706703a7c149edda816e


    Headers

    Imports

    Sections

  • uninstall.exe
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/LangDLL.dll
    .dll windows:4 windows x86 arch:x86

    9b6b6a7858e17fb0b17e1c1428330343


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp