Overview

overview

7

Static

static

3

DDLC_russi....2.exe

windows7-x64

7

DDLC_russi....2.exe

windows10-2004-x64

7

$PLUGINSDI...al.ini

windows7-x64

1

$PLUGINSDI...al.ini

windows10-2004-x64

1

$PLUGINSDI...er.bmp

windows7-x64

3

$PLUGINSDI...er.bmp

windows10-2004-x64

7

$PLUGINSDI...rd.bmp

windows7-x64

3

$PLUGINSDI...rd.bmp

windows10-2004-x64

7

characters/monika.png

windows7-x64

3

characters/monika.png

windows10-2004-x64

3

characters...ki.jpg

windows7-x64

3

characters...ki.jpg

windows10-2004-x64

3

characters/sayori.png

windows7-x64

3

characters/sayori.png

windows10-2004-x64

3

characters/yuri.chr

windows7-x64

3

characters/yuri.chr

windows10-2004-x64

3

game/bgm/c...ru.ogg

windows7-x64

1

game/bgm/c...ru.ogg

windows10-2004-x64

7

game/bgm/e...ru.ogg

windows7-x64

1

game/bgm/e...ru.ogg

windows10-2004-x64

7

game/fonts.rpa

windows7-x64

3

game/fonts.rpa

windows10-2004-x64

3

game/gui/end_ru.png

windows7-x64

3

game/gui/end_ru.png

windows10-2004-x64

3

game/gui/i...ru.png

windows7-x64

3

game/gui/i...ru.png

windows10-2004-x64

3

game/gui/i...ru.png

windows7-x64

3

game/gui/i...ru.png

windows10-2004-x64

3

game/gui/logo_ru.png

windows7-x64

3

game/gui/logo_ru.png

windows10-2004-x64

3

game/gui/n...ru.png

windows7-x64

3

game/gui/n...ru.png

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    DDLC_russian_patch_3.2.exe

  • Size

    14.2MB

  • MD5

    bc7900b11ee151ebe0933a8207e681bd

  • SHA1

    edbd986032c3bb78b780aa8148cb2edf41b013c5

  • SHA256

    8a30778288d5c28cfcfdc8811153b9ef192da7e65f6614432d37e1898cd8b7a3

  • SHA512

    8f43f3047bf7c75cb2d5886e0f12ce25fd6535b701a9176614e0bc91c8e76448558d1cff01cd85329d8998a92b12fdd69d4bbe6e4345fea04009a2275225ad87

  • SSDEEP

    393216:cSkBm0j0rABzrVuIn/9lexAZjUY6kQZKptwk8tg/:cJBYIn/9lATY6lZfO

Score
3/10
qrlink

Malware Config

Signatures

  • One or more HTTP URLs in qr code identified

    Detects presence of HTTP links in QR codes.

    qrlink
  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs
    installer

Files

  • DDLC_russian_patch_3.2.exe
    .exe windows:4 windows x86 arch:x86

    57e98d9a5a72c8d7ad8fb7a6a58b3daf


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    610235b90207a63ccf481f0d4375d329


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    8c8a576201f68de1a3f26fc723b9f30f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • README_RU.html
    .html
  • Uninstall DDLC Russian Patch.exe
    .exe windows:4 windows x86 arch:x86

    57e98d9a5a72c8d7ad8fb7a6a58b3daf


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    610235b90207a63ccf481f0d4375d329


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • characters/monika.chr
    .png
  • characters/natsuki.chr
    .jpg
  • characters/sayori.chr
    .png

    • https://vk.io/TNuz

  • characters/yuri.chr
  • game/bgm/credits_ru.ogg
  • game/bgm/end-voice_ru.ogg
  • game/fonts.rpa
  • game/gui/end_ru.png
    .png
  • game/gui/icon_mac_ru.png
    .png
  • game/gui/icon_win_ru.png
    .png
  • game/gui/logo_ru.png
    .png
  • game/gui/namebox_big_ru.png
    .png
  • game/gui/namebox_ru.png
    .png
  • game/gui/overlay/confirm_glitch2_ru.png
    .png
  • game/gui/overlay/confirm_glitch_ru.png
    .png
  • game/gui/poem_dismiss_big_ru.png
    .png
  • game/gui/poem_dismiss_ru.png
    .png
  • game/gui/textbox_big_ru.png
    .png
  • game/gui/textbox_monika_big_ru.png
    .png
  • game/images/bg/bsod_ru.png
    .png
  • game/images/bg/ent-logo.png
    .png
  • game/images/bg/notebook-glitch_ru.png
    .png
  • game/images/bg/notebook_ru.png
    .png
  • game/images/bg/poem-glitch1_big_ru.png
    .png
  • game/images/bg/poem_big_ru.jpg
    .jpg
  • game/images/bg/poem_y1_big_ru.jpg
    .jpg
  • game/images/bg/poem_y2_big_ru.jpg
    .jpg
  • game/images/bg/warning2_ru.png
    .png
  • game/images/bg/warning_ru.png
    .png
  • game/images/poem_special/poem_end_clearall_3_ru.png
    .png
  • game/images/poem_special/poem_end_ru.png
    .png
  • game/images/poem_special/poem_special10_ru.png
    .png
  • game/images/poem_special/poem_special11_ru.png
    .png
  • game/images/poem_special/poem_special1_ru.png
    .png
  • game/images/poem_special/poem_special2_ru.png
    .png
  • game/images/poem_special/poem_special3_ru.png
    .png
  • game/images/poem_special/poem_special4_ru.png
    .png
  • game/images/poem_special/poem_special5a_ru.png
    .png
  • game/images/poem_special/poem_special5b_ru.png
    .png
  • game/images/poem_special/poem_special6_ru.png
    .png
  • game/images/poem_special/poem_special8_ru.png
    .png
  • game/images/poem_special/poem_special9_ru.png
    .png
  • game/scripts.rpa