General

  • Target

    19784713277.zip

  • Size

    93.8MB

  • MD5

    0170563cc6d82852478ccd3faad39c12

  • SHA1

    89e357fd228852aa65946d9525b3ed83e85eaf61

  • SHA256

    1565a99ed69c22b2a18e2458e5652eaf7f2fe5c62e962b19da7cafd3aa2f804c

  • SHA512

    80445ee4083568611d83e857502af19d8dca4bc038b51f92b1f0eee541ad46b20693c32e542d912e4409e31de2d2e7ff8035f6fb100b3d7b298c3b526d927592

  • SSDEEP

    1572864:TtcqcD3Y55xYYYDfR2PHJBho/p7I2d4PYzAtyP7OL4H75Vipot7gAVYhfJec3wF:Tck556DZepBeFMY0tHkniOkAVFc3wF

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 2 IoCs

    Detects file using ACProtect software.

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 24 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs

Files

  • 19784713277.zip
    .zip

    Password: infected

  • 3739d14235ff791ab9f138b769613880d3426004e42eb8c96da33cc00b18f14a
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/AccessControl.dll
    .dll windows:5 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:5 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    afa8e526425f3585465337467d0b5909


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • AVStrike.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • AVStrike.exe.config
  • CButtonLib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Common Tools.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Core.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Interop.IWshRuntimeLibrary.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • KernelBase.dll
    .dll windows:6 windows x86 arch:x86

    42a9de385bba8b87b1179593596872e0


    Headers

    Imports

    Exports

    Sections

  • LumenWorks.Framework.IO.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • System.Data.SQLite.dll
    .dll windows:5 windows x86 arch:x86

    2eb25e53c06c81f6dbba492e20f41fbf


    Headers

    Imports

    Exports

    Sections

  • TaskScheduler.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Uninstall.exe
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/KillProc.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • db/AVStrikeDB.ldb
  • db/AVStrikeDB.ldb.bak
  • db/bytecode.cld
  • db/daily.cld
  • db/main.cld
  • db/mirrors.dat
  • libclamav.dll
    .dll windows:5 windows x86 arch:x86

    309ff38b311036f6edbee35b7d22f884


    Headers

    Imports

    Exports

    Sections

  • libclamavd.dll
    .dll windows:5 windows x86 arch:x86

    e23bf5a00e3e4e9d9432d7da2454e57c


    Headers

    Imports

    Exports

    Sections

  • log4net.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • scandll.dll
    .dll windows:5 windows x86 arch:x86

    9b9d164e98ed77c90cc8d812ce35531b


    Headers

    Imports

    Exports

    Sections

  • update_db.exe
    .exe windows:5 windows x86 arch:x86

    ede364991c4686dad611ddc217e0feac


    Headers

    Imports

    Sections