Resubmissions

27-11-2024 20:39

241127-zfpdtszjes 6

27-11-2024 20:33

241127-zbwbksvqhl 6

25-11-2024 22:14

241125-15w1mswlcp 6

25-11-2024 20:57

241125-zryrmswke1 6

28-09-2024 18:21

240928-wzje5ssdlc 10

General

  • Target

    Terabox_1.32.0.1.exe

  • Size

    85.5MB

  • MD5

    b73657d85fe21f889cdbaf4f1724ff57

  • SHA1

    c10e0f8cf0abda003931c5b27ce2416a076b0478

  • SHA256

    9ed5767db68fb669b3f18a0565cae471ee3800b94a187c4512e5a6691797c511

  • SHA512

    b013b7015e90043e2d8c021d9ea9a87505c36ffcb4619eb5fd06bd0e2c5742c3bc3fddc3a448112def652ab26d5372fee4a2d6f95c3c5ce09a000ffb7bf457f1

  • SSDEEP

    1572864:yBumaBVNigHypMDTKWRhvRL7b3NWPVQ6kzjn:yBumaRigyp8TDRhvRD3APVr6jn

Score
4/10

Malware Config

Signatures

  • HTTP links in PDF interactive object 1 IoCs

    Detects HTTP links in interactive objects within PDF files.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • Terabox_1.32.0.1.exe
    .exe windows:4 windows x86 arch:x86

    Password: asdfghjkl

    70ba7b98f15c35ada8b905dc41d081a2


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/NsisInstallUI.dll
    .dll windows:6 windows x86 arch:x86

    Password: asdfghjkl

    70950d979d28e8967877a4ba74600c29


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/SetupCfg.ini
  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    Password: asdfghjkl

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/VersionInfo.xml
    .xml
  • $PLUGINSDIR/nsProcessW.dll
    .dll windows:5 windows x86 arch:x86

    Password: asdfghjkl

    439074d1c01f7b16781bdf060930814a


    Headers

    Imports

    Exports

    Sections

  • $TEMP/kernel.dll
    .dll windows:6 windows x86 arch:x86

    Password: asdfghjkl

    e9011d1bacbe39130d699a14df315f9b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • AppProperty.xml
  • AppUtil.dll
    .dll regsvr32 windows:6 windows x86 arch:x86

    Password: asdfghjkl

    44c09d1f1fd06fe50ed84f2b1acf5a30


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • AutoUpdate/AutoUpdateUtil.dll
    .dll windows:5 windows x86 arch:x86

    Password: asdfghjkl

    74ed2e0cfd8c52ea07e54ce32e28844b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • AutoUpdate/Autoupdate.exe
    .exe windows:5 windows x86 arch:x86

    Password: asdfghjkl

    a99b610134f8456ef127815c255fafeb


    Code Sign

    Headers

    Imports

    Sections

  • AutoUpdate/VersionInfo.xml
    .xml
  • AutoUpdate/config.ini
  • BugReport.exe
    .exe windows:5 windows x86 arch:x86

    Password: asdfghjkl

    f0aa8565098264f5b8cb07829da01e28


    Code Sign

    Headers

    Imports

    Sections

  • Bull140U.dll
    .dll regsvr32 windows:6 windows x86 arch:x86

    a5c34b0723b481d1608f2f8a32a2dd62


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • CEF license.txt
  • ChromeManifest.json
  • ChromeNativeMessagingHost.exe
    .exe windows:6 windows x86 arch:x86

    3b2974ff943ef743c5f1707201cacac0


    Code Sign

    Headers

    Imports

    Sections

  • DuiEngine license.txt
  • HelpUtility.exe
    .exe windows:5 windows x86 arch:x86

    ccaeb1eb2298aa655d652274bf5dcddd


    Code Sign

    Headers

    Imports

    Sections

  • TeraBox.exe
    .exe windows:5 windows x86 arch:x86

    7f4a8adb4ea4facccf45b22fac02d55b


    Code Sign

    Headers

    Imports

    Sections

  • TeraBoxHost.exe
    .exe windows:5 windows x86 arch:x86

    e0392e05da9aea23779725f3083ca64a


    Code Sign

    Headers

    Imports

    Sections

  • TeraBoxRender.exe
    .exe windows:5 windows x86 arch:x86

    55ad07890b9f3c9d308dadb00e8ec550


    Code Sign

    Headers

    Imports

    Sections

  • TeraBoxTorrentFile.ico
  • TeraBoxWebService.exe
    .exe windows:5 windows x86 arch:x86

    e785ccafba2b39c139db9791a90cd6c3


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • VersionInfo
  • VersionInfo2
  • YunDb.dll
    .dll regsvr32 windows:6 windows x86 arch:x86

    273f74633c15bfd1a997e17d272a6b24


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • YunDls.dll
    .dll regsvr32 windows:6 windows x86 arch:x86

    05c3ed78289cb9ba0b3a1ea97ec0624d


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • YunLogic.dll
    .dll regsvr32 windows:6 windows x86 arch:x86

    30c29ba836ced19398dcff58251f774b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • YunOfficeAddin.dll
    .dll regsvr32 windows:6 windows x86 arch:x86

    c3f5540c657d960f53b8754888ecbdb4


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • YunOfficeAddin64.dll
    .dll regsvr32 windows:6 windows x64 arch:x64

    f1029cdd9cab094ecce34cd85625edbb


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • YunShellExt.dll
    .dll regsvr32 windows:6 windows x86 arch:x86

    ee7fdc1d18459cb51785098aa90060e1


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • YunShellExt64.dll
    .dll regsvr32 windows:6 windows x64 arch:x64

    f7d482c28499331547c989ecc13b8c6e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • YunUtilityService.exe
    .exe windows:5 windows x86 arch:x86

    3bb618f14de7c35e84f2defb1e046894


    Code Sign

    Headers

    Imports

    Sections

  • api-ms-win-core-console-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-datetime-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-debug-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-errorhandling-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-file-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-file-l1-2-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-file-l2-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-handle-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-heap-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-interlocked-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-libraryloader-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-localization-l1-2-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-memory-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-namedpipe-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-processenvironment-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-processthreads-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-processthreads-l1-1-1.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-profile-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-rtlsupport-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-string-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-synch-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-synch-l1-2-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-sysinfo-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-timezone-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-core-util-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-conio-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-convert-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-environment-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-filesystem-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-heap-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-locale-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-math-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-multibyte-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-private-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-process-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-runtime-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-stdio-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-string-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-time-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • api-ms-win-crt-utility-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • autobackup.ico
  • browserres/cef.pak
  • browserres/cef_100_percent.pak
  • browserres/cef_200_percent.pak
  • browserres/cef_extensions.pak
  • browserres/devtools_resources.pak
  • browserres/locales/en-US.pak
  • browserres/locales/zh-CN.pak
  • cacert.pem
  • cefbrowser.dll
    .dll windows:5 windows x86 arch:x86

    49643a4e3b547e236a5abd059c37ed13


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • chrome_elf.dll
    .dll windows:5 windows x86 arch:x86

    4d0ed3f3db74367b9a740697ddaddf89


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • concrt140.dll
    .dll windows:6 windows x86 arch:x86

    f2b3df05bf4af79c11bdb712e26b04be


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • d3dcompiler_47.dll
    .dll windows:10 windows x86 arch:x86

    0f31485cd3d6d36b416b744fa9701f28


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • icudtl.dat
  • kernel.dll
    .dll windows:6 windows x86 arch:x86

    e9011d1bacbe39130d699a14df315f9b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • kernelUpdate.exe
    .exe windows:5 windows x86 arch:x86

    4881271972668fecb07d261dfc2b8cb7


    Code Sign

    Headers

    Imports

    Sections

  • libEGL.dll
    .dll windows:5 windows x86 arch:x86

    c6ec092a26e9a149b7d4b0028f289ae7


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • libGLESv2.dll
    .dll windows:5 windows x86 arch:x86

    e7ad2f7447925c8a7c24b5d10968c8a6


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • libcef.dll
    .dll windows:5 windows x86 arch:x86

    6e4c1d89126a5254fe90eb12cdff6c0a


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • minosagent.dll
    .dll windows:6 windows x86 arch:x86

    759494315f9e18203e6f57d106316380


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • module/TeraBoxModuleList.db
  • module/VastPlayer/VastPlayer.dll
    .dll windows:5 windows x86 arch:x86

    74a7a21900dc77520de77c62c2aa7fdb


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • module/VastPlayer/d3dx9_43.dll
    .dll windows:6 windows x86 arch:x86

    5fb75b2a87c1fa7cc3d7904a0b97084a


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • msvcp140.dll
    .dll windows:6 windows x86 arch:x86

    06cc814dbeda830328b76c5b11d9db1c


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • resource.db
  • skin/skin.zip
    .zip
  • snapshot_blob.bin
  • sounds/1.wav
  • sounds/2.wav
  • sounds/3.wav
  • sounds/4.wav
  • terabox_ext_chrome.crx
    .zip
  • terabox_license.pdf
    .pdf
  • terabox_logo.ico
  • ucrtbase.dll
    .dll windows:10 windows x86 arch:x86

    71f1d8a10f840ffee6964317e974d463


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • uninst.exe
    .exe windows:4 windows x86 arch:x86

    70ba7b98f15c35ada8b905dc41d081a2


    Code Sign

    Headers

    Imports

    Sections

  • updateagent.dll
    .dll windows:6 windows x86 arch:x86

    8dcfb09e29b5d6e47ed1b3ecd0289de7


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • v8_context_snapshot.bin
  • vcruntime140.dll
    .dll windows:6 windows x86 arch:x86

    e44143d5ae0c7f7d377cee38e4466c05


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • xImage.dll
    .dll windows:6 windows x86 arch:x86

    0e810effe878bf134e999e5e3d176494


    Code Sign

    Headers

    Imports

    Exports

    Sections