Overview

overview

10

Static

static

3

f9f42cf434...dN.exe

windows7-x64

3

f9f42cf434...dN.exe

windows10-2004-x64

3

info.vbe

windows7-x64

8

info.vbe

windows10-2004-x64

8

$R9/Plugins/tftp.exe

windows7-x64

8

$R9/Plugins/tftp.exe

windows10-2004-x64

10

info.vbe

windows7-x64

8

info.vbe

windows10-2004-x64

8

$TEMP/tftp.exe

windows7-x64

10

$TEMP/tftp.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    f9f42cf4347328b9a8ed414be241f5b99a2136bc5293a151483894095f572f6dN

  • Size

    3.4MB

  • MD5

    c4b2546c77c619d3cb01923f9d03ecf0

  • SHA1

    057ac398003d7baa53d59931950e7f7f48541f4a

  • SHA256

    f9f42cf4347328b9a8ed414be241f5b99a2136bc5293a151483894095f572f6d

  • SHA512

    c9e77b2f9c9efdb5d56f6d1037f86aea5165c3bbc4dee14996db12deb8d187958c3bc77d6fa679e895e985a663254c134f189baab84c4ac0671247814b9d498d

  • SSDEEP

    24576:M0EOkF/TJSz8rrQUnFZ+6Ligkg5fIPoB3BnONMeJ3W62R4:M+kdTEgrrPnq6ey5f1QOM3R

Score
3/10

Malware Config

Signatures

  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • f9f42cf4347328b9a8ed414be241f5b99a2136bc5293a151483894095f572f6dN
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $R9/Plugins/info.zip
    .zip
  • info.vbe
    .vbe .jse
  • $R9/Plugins/tftp.exe
    .exe windows:4 windows x86 arch:x86

    82a9fe96ebb06ba9620e541eb1f34f8d


    Headers

    Imports

    Sections

  • $TEMP/info.zip
    .zip
  • info.vbe
    .vbe .jse
  • $TEMP/tftp.exe
    .exe windows:4 windows x86 arch:x86

    82a9fe96ebb06ba9620e541eb1f34f8d


    Headers

    Imports

    Sections