Overview

overview

7

Static

static

5

Device/Har...hi.exe

windows7-x64

7

Device/Har...hi.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$TEMP/AskI....0.exe

windows7-x64

7

$TEMP/AskI....0.exe

windows10-2004-x64

7

$TEMP/AskT....0.exe

windows7-x64

3

$TEMP/AskT....0.exe

windows10-2004-x64

3

ImgBurn.exe

windows7-x64

6

ImgBurn.exe

windows10-2004-x64

6

ImgBurnPreview.exe

windows7-x64

5

ImgBurnPreview.exe

windows10-2004-x64

5

uninstall.exe

windows7-x64

7

uninstall.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    SetupImgBurn_2.5.5.0.exe

  • Size

    5.2MB

  • MD5

    619d21e44e26dbf73b9ed5ec80c1b2e5

  • SHA1

    be437e0914cafd208c27e2b7c999016c7f11ec17

  • SHA256

    615251aa346f80a67f5cab890b56826149aac677ecd63f7286a0f13f00a5deda

  • SHA512

    616419482ab51bba19885a58d085bdea581b261b245924aeaa007a6e644dfced9c9e8cf6181e63f1a315a342ceeb865ec87271d53a050fe37d9a8788fe07c31b

  • SSDEEP

    98304:C0UjjEpU7NkBKv1TgolulzCUn8Oyq71YKVeBm8RU0iVLU/UeovaroICTehSYYn7f:C0cZgKvflGz38Oyq7Omesj0aLe412ycQ

Score
5/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 8 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs
    installer

Files

  • SetupImgBurn_2.5.5.0.exe
    .zip

    Password: India@2023@@

  • Device/HarddiskVolume4/Data/KABILAN/Product Info/Leica/Leica Bond Systems/Bulletins/BOND Tools/Archive/Create_Bart-PE_Boot_CD/SetupImgBurn_2.5.5.0.exe
    .exe windows:4 windows x86 arch:x86

    Password: India@2023@@

    28bf0daf8a3316982b18eab48466d4b1


    Headers

    Imports

    Sections

  • $PLUGINSDIR/AskToolbar_CustomPage.ini
  • $PLUGINSDIR/AskToolbar_Screenshot.bmp
  • $PLUGINSDIR/FindProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    Password: India@2023@@

    8df26927f8978d4eb40ff179c0aa961b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    Password: India@2023@@

    dec6b15c0428dbfe68002d314aeabddf


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/StartMenu.dll
    .dll windows:4 windows x86 arch:x86

    Password: India@2023@@

    de7050df8e553fc993ed65243e635c72


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    Password: India@2023@@

    539885b66bececd722cab5745db8e222


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $TEMP/AskInstallChecker-1.5.0.0.exe
    .exe windows:5 windows x86 arch:x86

    Password: India@2023@@

    66c8920bc3035d736f66f927d463ca2b


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/AskToolbarInstaller-1.9.1.0.exe
    .exe windows:5 windows x86 arch:x86

    Password: India@2023@@

    206513a2c97fa61166fe9ae13d91d955


    Code Sign

    Headers

    Imports

    Sections

  • ImgBurn.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • ImgBurnPreview.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • ReadMe.txt
  • Sounds/Error.wav
  • Sounds/Success.wav
  • Uniblue/DriverScanner.ico
  • Uniblue/RegistryBooster.ico
  • Uniblue/SpeedUpMyPC.ico
  • uninstall.exe
    .exe windows:4 windows x86 arch:x86

    28bf0daf8a3316982b18eab48466d4b1


    Headers

    Imports

    Sections

  • manifest.json