General

  • Target

    edkdpu.zip

  • Size

    77.7MB

  • MD5

    4b83e98030b4931166fb6be77773bce8

  • SHA1

    11d6e04430abe5e4143845fcf0ad0f86b87fc74d

  • SHA256

    f45bcf726922fe01b71eb17cdaea8fcea57bdeefced3054e118732a41805f15f

  • SHA512

    37e2b382e3f906d8b9a7fbeee6511a20e6186770f8454c48f9f374f9b7eddd1467634d59a39605fe79c3f3e854068f31c0ceee79bac22ffb18011344519f7166

  • SSDEEP

    1572864:e/RuquMtjMd/wG3F+Z+NQ2RdnBW0vW67scv2TmCYh+vzFtnDdX5vFoQkBBr:eE3d/H3FTpnnBpvW67smNDh+LdXT+nr

Score
9/10

Malware Config

Signatures

  • Detected Nirsoft tools 1 IoCs

    Free utilities often used by attackers which can steal passwords, product keys, etc.

  • Unsigned PE 13 IoCs

    Checks for missing Authenticode signature.

Files

  • edkdpu.zip
    .zip
  • tox tweaking/Emu/KeyAuthEmulator.deps.json
  • tox tweaking/Emu/KeyAuthEmulator.dll
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • tox tweaking/Emu/KeyAuthEmulator.exe
    .exe windows:6 windows x64 arch:x64

    6a91eb82bfd19d2706c7d43c46f7064e


    Headers

    Imports

    Sections

  • tox tweaking/Emu/KeyAuthEmulator.runtimeconfig.json
  • tox tweaking/Emu/secret.txt
  • tox tweaking/ToX Premium UtilityCRACK.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • tox tweaking/niggers/Basic.nip
  • tox tweaking/niggers/DevManView.exe
    .exe windows:4 windows x64 arch:x64

    fe266af95ae0f37d1609f05d789a2fe0


    Code Sign

    Headers

    Imports

    Sections

  • tox tweaking/niggers/DeviceCleanup.exe
    .exe windows:5 windows x64 arch:x64

    c08d3d26064239a79f795d1f80fb52a5


    Code Sign

    Headers

    Imports

    Sections

  • tox tweaking/niggers/GameUserSettings.ini
  • tox tweaking/niggers/LowGraphics.nip
  • tox tweaking/niggers/MaxFPS.nip
  • tox tweaking/niggers/Microsoft-uiXAML2.8.Appx
    .appx
  • AppxBlockMap.xml
    .xml
  • AppxManifest.xml
    .xml
  • AppxMetadata/CodeIntegrity.cat
  • AppxSignature.p7x
  • Microsoft.UI.Xaml.dll
    .dll windows:6 windows x64 arch:x64

    cd2511fe0afac31e49793c33a75ecb68


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Microsoft.UI.Xaml.winmd
    .dll windows:6 windows x86 arch:x86


    Headers

    Sections

  • Microsoft.UI.Xaml/Assets/NoiseAsset_256x256_PNG.png
    .png
  • [Content_Types].xml
    .xml
  • logo.png
    .png
  • resources.pri
  • tox tweaking/niggers/MicrosoftEdgeSetup.exe
    .exe windows:5 windows x86 arch:x86

    7899cb8ba886a0690bdc28d8b481bbd1


    Code Sign

    Headers

    Imports

    Sections

  • tox tweaking/niggers/NSudoLG.exe
    .exe windows:6 windows x64 arch:x64

    1188b455132bc86c7e9e68ae98ce4171


    Headers

    Imports

    Sections

  • tox tweaking/niggers/NVIDIA Control Panel.exe
    .exe windows:6 windows x64 arch:x64

    3d7eeab1dee7f38fb22072ebd77b5fea


    Code Sign

    Headers

    Imports

    Sections

  • tox tweaking/niggers/New_Project_1.png
    .png
  • tox tweaking/niggers/OpenShell Settings.xml
    .xml
  • tox tweaking/niggers/PowerRun.exe
    .exe windows:5 windows x86 arch:x86

    870b8e75c7190e202e9c6c81dff1040c


    Code Sign

    Headers

    Imports

    Sections

  • tox tweaking/niggers/SCEWIN.zip
    .zip
  • Export.bat
  • Import.bat
  • SCEWIN_64.exe
    .exe windows:5 windows x64 arch:x64

    c6ad08a1589dd9cf353748c20ce378ce


    Code Sign

    Headers

    Imports

    Sections

  • amifldrv64.sys
    .sys windows:6 windows x64 arch:x64

    4fbdc03e4487f98fb59360ea5b3e640d


    Code Sign

    Headers

    Imports

    Sections

  • amigendrv64.sys
    .sys windows:10 windows x64 arch:x64

    07a42e80559d960b176c0fc8fd309bfe


    Code Sign

    Headers

    Imports

    Sections

  • tox tweaking/niggers/SCEWIN_64.exe
    .exe windows:5 windows x64 arch:x64

    c6ad08a1589dd9cf353748c20ce378ce


    Code Sign

    Headers

    Imports

    Sections

  • tox tweaking/niggers/SetACL.exe
    .exe windows:6 windows x64 arch:x64

    d4f9425f57877ed12395f309e063b715


    Code Sign

    Headers

    Imports

    Sections

  • tox tweaking/niggers/ToX.pow
  • tox tweaking/niggers/ToX3.nip
  • tox tweaking/niggers/Ultimate.pow
  • tox tweaking/niggers/VC_redist.x64.exe
    .exe windows:5 windows x86 arch:x86

    1a5cdbf711fee14b077e599d13fddab2


    Code Sign

    Headers

    Imports

    Sections

  • tox tweaking/niggers/amifldrv64.sys
    .sys windows:6 windows x64 arch:x64

    4fbdc03e4487f98fb59360ea5b3e640d


    Code Sign

    Headers

    Imports

    Sections

  • tox tweaking/niggers/amigendrv64.sys
    .sys windows:10 windows x64 arch:x64

    07a42e80559d960b176c0fc8fd309bfe


    Code Sign

    Headers

    Imports

    Sections

  • tox tweaking/niggers/bfsvc.exe
    .exe windows:10 windows x64 arch:x64

    4f5a2ab974ab5b0fcfe38aac2a4c390c


    Headers

    Imports

    Sections

  • tox tweaking/niggers/cru.zip
    .zip
  • CRU/CRU.exe
    .exe windows:4 windows x86 arch:x86

    cafc89e1b0a9b2c5b10389d6d19936ce


    Headers

    Imports

    Exports

    Sections

  • CRU/Info.txt
  • CRU/reset-all.exe
    .exe windows:5 windows x86 arch:x86

    32f33abb2edf5d9be4310f0050d459d0


    Headers

    Imports

    Sections

  • CRU/restart.exe
    .exe windows:5 windows x86 arch:x86

    cf4f510acda53bad738cb1d4e01b1c70


    Headers

    Imports

    Sections

  • CRU/restart64.exe
    .exe windows:5 windows x64 arch:x64

    2a69fe822ced9bf301916c1307e497a9


    Headers

    Imports

    Sections

  • tox tweaking/niggers/devcon.exe
    .exe windows:6 windows x64 arch:x64

    ce4a5cfcfb0452b87e013f07f4d59f9c


    Headers

    Imports

    Sections

  • tox tweaking/niggers/file.zip
    .zip
  • Export.bat
  • Import.bat
  • SCEWIN_64.exe
    .exe windows:5 windows x64 arch:x64

    c6ad08a1589dd9cf353748c20ce378ce


    Code Sign

    Headers

    Imports

    Sections

  • amifldrv64.sys
    .sys windows:6 windows x64 arch:x64

    4fbdc03e4487f98fb59360ea5b3e640d


    Code Sign

    Headers

    Imports

    Sections

  • amigendrv64.sys
    .sys windows:10 windows x64 arch:x64

    07a42e80559d960b176c0fc8fd309bfe


    Code Sign

    Headers

    Imports

    Sections

  • tox tweaking/niggers/oldversion.txt
  • tox tweaking/niggers/openshell.exe
    .exe windows:6 windows x86 arch:x86

    e7430d879d98b61bb54478ef2eeb197c


    Headers

    Imports

    Sections

  • tox tweaking/niggers/openshell.reg
  • tox tweaking/niggers/procexp.exe
    .exe windows:6 windows x86 arch:x86

    553433ab8c22c54672a94bfb04f1fc03


    Code Sign

    Headers

    Imports

    Sections

  • tox tweaking/niggers/servers.txt
  • tox tweaking/niggers/str.exe
    .exe windows:6 windows x64 arch:x64

    51b4d6245ba673d7bc7bbd32358b03fc


    Headers

    Imports

    Sections

  • tox tweaking/niggers/version.txt
  • tox tweaking/readme.txt