Overview

overview

7

Static

static

3

EmuGuard_P...up.exe

windows11-21h2-x64

7

$PLUGINSDI...dl.dll

windows11-21h2-x64

3

$PLUGINSDI...nu.dll

windows11-21h2-x64

3

$PLUGINSDI...em.dll

windows11-21h2-x64

3

$PLUGINSDI...rd.bmp

windows11-21h2-x64

3

$PLUGINSDI...gs.dll

windows11-21h2-x64

3

$PLUGINSDI...ls.dll

windows11-21h2-x64

3

EmuGuard.exe

windows11-21h2-x64

6

config.json

windows11-21h2-x64

3

curl/LICENSE

windows11-21h2-x64

1

curl/README.md

windows11-21h2-x64

3

curl/curl-...le.crt

windows11-21h2-x64

1

curl/curl.exe

windows11-21h2-x64

1

curl/libcurl-x64.dll

windows11-21h2-x64

1

emuguardLd.exe

windows11-21h2-x64

7

A.pyc

windows11-21h2-x64

3

leidian0.config

windows11-21h2-x64

3

proxy.exe

windows11-21h2-x64

3

uninstall.exe

windows11-21h2-x64

7

$PLUGINSDI...LL.dll

windows11-21h2-x64

3

$PLUGINSDI...em.dll

windows11-21h2-x64

3

$PLUGINSDI...ls.dll

windows11-21h2-x64

3

Resubmissions

25/09/2024, 19:19

240925-x1gtdasgpm 7

25/09/2024, 19:15

240925-xyqnhawcja 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    EmuGuard_Pre_Beta_x64-setup.exe

  • Size

    11.5MB

  • MD5

    a876787aefb81d169b0b4cd56b962948

  • SHA1

    669415d8a1d65562f949c152d76ca5b959a3c31a

  • SHA256

    0d3618b81cf30b780a4a728154f84dda61248302b36d4b634e55e503f8943730

  • SHA512

    d57042366bedbf8d916c5bb45a8c7ca80893422915a8ef3ea27bc04c6919a99bd459d7629131b67f3049e186046e726901a1556d9a3c5187878e07988b734e87

  • SSDEEP

    196608:x6mTr6PunFSCKSrb94wKWfy8re39moOBJHREiqe0Zk/htfm7uv7dF/4fsHBXAt9W:x6mTHc0XDB6QetAPxEiqe0Wtfm7o7kfO

Score
3/10
pyinstaller

Malware Config

Signatures

  • Detects Pyinstaller 1 IoCs
    pyinstaller
  • Unsigned PE 13 IoCs

    Checks for missing Authenticode signature.

Files

  • EmuGuard_Pre_Beta_x64-setup.exe
    .exe windows:4 windows x86 arch:x86

    61259b55b8912888e90f516ca08dc514


    Headers

    Imports

    Sections

  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    ed06d61f6957c32cd324837726a5a070


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/StartMenu.dll
    .dll windows:4 windows x86 arch:x86

    80469f6834e579db68a646d49780b9d5


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    6b5c4f7d679059f68f1269aad3a5cecd


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsis_tauri_utils.dll
    .dll windows:6 windows x86 arch:x86

    78c44bf8cc28f4ebbfe7d4b4aa3acf86


    Headers

    Imports

    Exports

    Sections

  • EmuGuard.exe
    .exe windows:6 windows x64 arch:x64

    46fdf6fdac15b28d943f75b0cca27401


    Headers

    Imports

    Sections

  • config.json
  • curl/LICENSE
  • curl/README.md
  • curl/curl-ca-bundle.crt
  • curl/curl.exe
    .exe windows:4 windows x64 arch:x64

    79e3d58649f9b107c43913d66b7c92dd


    Code Sign

    Headers

    Imports

    Sections

  • curl/libcurl-x64.dll
    .dll windows:4 windows x64 arch:x64

    841de498c97481970f67108500c120b3


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • emuguardLd.exe
    .exe windows:6 windows x64 arch:x64

    72c4e339b7af8ab1ed2eb3821c98713a


    Headers

    Imports

    Sections

  • A.pyc
  • leidian0.config
  • proxy.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • uninstall.exe
    .exe windows:4 windows x86 arch:x86

    61259b55b8912888e90f516ca08dc514


    Headers

    Imports

    Sections

  • $PLUGINSDIR/LangDLL.dll
    .dll windows:4 windows x86 arch:x86

    3e8d18bb71c7ebbda2ddc2a4bb03547b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsis_tauri_utils.dll
    .dll windows:6 windows x86 arch:x86

    78c44bf8cc28f4ebbfe7d4b4aa3acf86


    Headers

    Imports

    Exports

    Sections