General

  • Target

    71a0508bf75b1b3f84606026ca9dd764

  • Size

    5.9MB

  • MD5

    71a0508bf75b1b3f84606026ca9dd764

  • SHA1

    dbb4dd16882685410e70b1babfaf6b832be4183a

  • SHA256

    1df95ebb57c93ce4374ff3ba6fcdad3662af67015abade8925c242a04e1b6b6c

  • SHA512

    c44509540183529e3fefbc50d92a93356fb891483712c8500eac818e7c7ec2cb85eea51aebdcc3043e6067a2abd3cdc1d90148047808f26f9883beccf751b60d

  • SSDEEP

    98304:h1Nwt0IdVFLa+CWaPknoMiIgSLr/e9Yo0Pa7Re+P9sZ5QH/i0tu1S9Qnlr8ik1Xz:G9fVDaPknBiBSLy91t7RpgRns9Qlwx1D

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 71a0508bf75b1b3f84606026ca9dd764
    .zip

    Password: infected

  • npp.8.4.1.Installer.x64.zip
    .zip
  • DATA PROTECTION/Privacy Policy.txt
  • DATA PROTECTION/combase.dll
    .dll windows:6 windows x64 arch:x64

    ba8646d28f2e7b54e7bcd331d13af3a6


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • DATA PROTECTION/freebl3.dll
    .dll windows:6 windows x64 arch:x64

    8a564fee0e9aa5547525f921a1b23c12


    Headers

    Imports

    Exports

    Sections

  • npp.8.4.1.Installer.x64.exe
    .exe windows:6 windows x64 arch:x64

    013c74198fc6e42dcf33737d6c40c012


    Code Sign

    Headers

    Imports

    Sections