Overview

overview

10

Static

static

10

virussign....b0.exe

windows7-x64

10

virussign....b0.exe

windows10-2004-x64

10

virussign....60.exe

windows7-x64

7

virussign....60.exe

windows10-2004-x64

7

virussign....40.exe

windows7-x64

7

virussign....40.exe

windows10-2004-x64

7

virussign....e0.exe

windows7-x64

7

virussign....e0.exe

windows10-2004-x64

7

virussign....00.exe

windows7-x64

10

virussign....00.exe

windows10-2004-x64

10

virussign....90.exe

windows7-x64

7

virussign....90.exe

windows10-2004-x64

7

virussign....40.exe

windows7-x64

7

virussign....40.exe

windows10-2004-x64

7

virussign....10.exe

windows7-x64

5

virussign....10.exe

windows10-2004-x64

5

virussign....60.exe

windows7-x64

7

virussign....60.exe

windows10-2004-x64

7

virussign....c0.exe

windows7-x64

10

virussign....c0.exe

windows10-2004-x64

10

virussign....d0.exe

windows7-x64

7

virussign....d0.exe

windows10-2004-x64

7

virussign....b0.exe

windows7-x64

10

virussign....b0.exe

windows10-2004-x64

10

virussign....10.exe

windows7-x64

7

virussign....10.exe

windows10-2004-x64

7

virussign....e0.exe

windows7-x64

7

virussign....e0.exe

windows10-2004-x64

7

virussign....20.exe

windows7-x64

7

virussign....20.exe

windows10-2004-x64

7

virussign....c0.exe

windows7-x64

7

virussign....c0.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    virussign.com_20241117_LimitedFree.zip

  • Size

    31.1MB

  • MD5

    bfc2999b29b852cbf97de11290116c93

  • SHA1

    1b62ac8a846efb68ea1275b20c245ca5df597e2c

  • SHA256

    79651e8616f701122275edd7444d7f62478bc2a786d204ec2c59e9f01a5d417b

  • SHA512

    d4ed417241039a3837822a01c9b85d7857cc6e10b404fc1f0a0f08ec08525de805382ec1f4be8c53009fb37c52bde0055cd7f24a876721cd3e1729121ebbf215

  • SSDEEP

    786432:6GVKoV8yuSCrLsVszCN7jCAuMhzHOOhJ/BcI:9VKoW7rLsVsU7j1nhzHOOhJ/BcI

Score
10/10
pdflinkzimaminerupxredlinexmrig

Malware Config

Extracted

Family

redline

Botnet

zima

C2

176.113.115.145:4125

Attributes
  • auth_value

    2ef701d510c0d27e8a8e3270281678b1

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • XMRig Miner payload 3 IoCs
    miner
  • Xmrig family
    xmrig
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink
  • Unsigned PE 85 IoCs

    Checks for missing Authenticode signature.

Files

  • virussign.com_20241117_LimitedFree.zip
    .zip
  • virussign.com_02f388bc1604f25d2859b1b0f1a49780.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_0321b63b4eee1bcb09a61b94d2618f90.vir
    .jar
  • virussign.com_0737dfb247f4d2f8d6853aa5c17ecf10.vir
    .exe windows:5 windows x86 arch:x86

    b5899e33638cca14c0892b843fb7dc6b


    Headers

    Imports

    Sections

  • virussign.com_0b2257f3674ea7f780d67dcecc025fd0.vir
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • virussign.com_0ef8617c66138290f192dfda01ddb2e0.vir
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • virussign.com_130fc78c82be3d701d5294d2ace0d820.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_167d7b7c574fa3a8316db27287db1fd0.vir
    .dll windows:6 windows x64 arch:x64

    e97d35f08c59d7aa4965bd492953ffcb


    Headers

    Imports

    Exports

    Sections

  • virussign.com_177605f122eae7aa0c3554bd004178e0.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_1ba2f1ece1513eddc7613050c6377cd0.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_1f9071d3108a705589d49bf65611b630.vir
    .exe windows:4 windows x86 arch:x86

    7149be53ab0cc890706cc958454a7873


    Headers

    Imports

    Sections

  • virussign.com_24a016071e72ea6f44346dab045765c0.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_26c7ece4af147b694eeb5d76d680f8a0.vir
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • virussign.com_28ff1ac15ea717ec08f51fa35722d2a0.vir
    .exe windows:4 windows x86 arch:x86

    be6fa16f501de575a1d8eaaac5246ba0


    Headers

    Imports

    Sections

  • virussign.com_2a07016b8262ee080262119efcaccc50.vir
    .pdf

    • http://oapsirs.com/c3?utm_term=anti+ragging+form+fill+up

    • https://baxikulalul.weebly.com/uploads/1/3/4/5/134582220/52d2989562019.pdf

    • https://doladilaraju.weebly.com/uploads/1/3/4/8/134854069/rimotow_sojosafipegi_berewuze.pdf

    • https://dudadatariwax.weebly.com/uploads/1/4/1/2/141278787/zebagozixe.pdf

    • https://dukosufazofivid.weebly.com/uploads/1/4/2/5/142501756/3125342.pdf

    • https://gelidupumur.weebly.com/uploads/1/4/2/5/142516275/1501083.pdf

    • https://jisovoxolotew.weebly.com/uploads/1/4/1/4/141496369/7714506.pdf

    • https://labivuzixifazer.weebly.com/uploads/1/3/4/3/134310915/9247063.pdf

    • https://lebotuzipum.weebly.com/uploads/1/3/4/5/134519329/2444936.pdf

    • Show all
  • virussign.com_2d1c4391496576d593fafdcda6c0a6e0.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_31dc78b819f30a819c6b31a4bbe91cf0.vir
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • virussign.com_3615ddba3756219856b5e1eb1c3dde70.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_39e7e3ed0d9196161f14b651b8df3fb0.vir
    .exe windows:4 windows x86 arch:x86

    c06ddfbe3366daddf0cfd3e63c1b5390


    Headers

    Imports

    Sections

  • virussign.com_3df22ec03a382c5748c0ae546323a8a0.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_426c14851b4ba8e2d846cc8dcc607d50.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_47a65f8a895a5603d798962835b660e0.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_4863bf240aeaa3ae3f82c4ba4a691d80.vir
  • virussign.com_4b0c9c93d5d7e775ea729843c08d5040.vir
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • virussign.com_4c05ab0a0e2bc5c38858ba88583fe5d0.vir
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • virussign.com_50cbef2a3b2eacb6191cd956367aef80.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_5549935a5e41bc7653dcc7eb2050fe90.vir
    .exe windows:4 windows x86 arch:x86

    c06ddfbe3366daddf0cfd3e63c1b5390


    Headers

    Imports

    Sections

  • virussign.com_591c70080d88efb219d5226dd2395bf0.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_5d8a4b400d476d9ef18f97f1aed4e860.vir
    .exe windows:4 windows x86 arch:x86

    c06ddfbe3366daddf0cfd3e63c1b5390


    Headers

    Imports

    Sections

  • virussign.com_621d0b86776eed381c154d224468dbe0.vir
    .exe windows:4 windows x86 arch:x86

    c06ddfbe3366daddf0cfd3e63c1b5390


    Headers

    Imports

    Sections

  • virussign.com_668d55976c2b56ed878c0a5a1ca61be0.vir
    .exe windows:4 windows x86 arch:x86

    c06ddfbe3366daddf0cfd3e63c1b5390


    Headers

    Imports

    Sections

  • virussign.com_68293452bb1276ed5d1bcab7e45f2520.vir
    .pdf
  • virussign.com_6b5142b404b6bcccb4b1312792de5d40.vir
    .exe windows:4 windows x86 arch:x86

    c06ddfbe3366daddf0cfd3e63c1b5390


    Headers

    Imports

    Sections

  • virussign.com_6b5f1fbebc541ca5c03ffb875c20bfa0.vir
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • virussign.com_7058b3eaa40f656976c3d228cfcae4c0.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_738eae167ff898b76afc362203449020.vir
    .exe windows:4 windows x86 arch:x86

    1a7456d4a6d45fe1d34b128c25dd18ed


    Headers

    Imports

    Sections

  • virussign.com_7673c77d265195f5670222809d87b1d0.vir
    .exe windows:1 windows x86 arch:x86

    95e6f8741083e0c7d9a63d45e2472360


    Headers

    Imports

    Sections

  • virussign.com_77aa70f669e63140a76787c1a39a0710.vir
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • virussign.com_79223ea7951512be0ef3432dee0f67f0.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_7c12fba9b8ccb42383d90fc815dd60a0.vir
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • virussign.com_7e9d97351e2439ca95472996176f0ed0.vir
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • virussign.com_81796e6f2de5bd6b9a724f618f9a5ee0.vir
    .exe windows:4 windows x86 arch:x86

    c06ddfbe3366daddf0cfd3e63c1b5390


    Headers

    Imports

    Sections

  • virussign.com_844b35e53d6a778cef0dd150bfb31f20.vir
    .exe windows:4 windows x86 arch:x86

    c06ddfbe3366daddf0cfd3e63c1b5390


    Headers

    Imports

    Sections

  • virussign.com_87e15b2d1a468b710e258669ab622d70.vir
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • virussign.com_8b0d2c0d398e8bdf2369c902f8b4ccd0.vir
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • virussign.com_8df27eea15f0ac94949c2d20b61a18b0.vir
    .exe windows:4 windows x86 arch:x86

    c06ddfbe3366daddf0cfd3e63c1b5390


    Headers

    Imports

    Sections

  • virussign.com_916eb64155524eb7d5a2f14cedaba150.vir
    .exe windows:4 windows x86 arch:x86

    fd7c45aee0ba8572177134a2bcd2c82d


    Headers

    Imports

    Sections

  • virussign.com_9637435f8a06612bd05df4cc13efc6a0.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_998fff297534bab806566317500617b0.vir
    .exe windows:4 windows x86 arch:x86

    ebc6265200d8989371b723b2f52c43df


    Headers

    Imports

    Exports

    Sections

  • virussign.com_9a43be5b459637e3376e22d250a15500.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_9ef573d3ca789d977e451abb29a7f110.vir
    .exe windows:1 windows x86 arch:x86

    c2a87fabf96470db507b2e6b43bd92eb


    Headers

    Imports

    Sections

  • virussign.com_a1d4cedc0e365eb770c81d126b8c8b70.vir
    .exe windows:4 windows x86 arch:x86

    8c16c795b57934183422be5f6df7d891


    Headers

    Imports

    Sections

  • virussign.com_a41e91d9f7e40a78ca5857c61c8c8890.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_a704cb797b62019f7ed441e32f551f10.vir
    .exe windows:4 windows x86 arch:x86

    1639b1e17656fed4f63bac94cbb79cec


    Headers

    Imports

    Sections

  • virussign.com_a92374cfff476e3043ceb325ce046720.vir
    .pdf

    • http://undocs.org/sp/A/67/6/Rev

    • http://undocs.org/sp/A/67/6/Rev..

    • http://undocs.org/sp/A/67/651

    • http://undocs.org/sp/A/67/651/Add.1

    • http://undocs.org/sp/A/67/770

    • http://undocs.org/sp/A/68/6(Sect.29E)

    • http://undocs.org/sp/A/RES/66/246

    • http://undocs.org/sp/A/RES/67/254

  • virussign.com_a9f1d88bdfd196ed311a1d11ec4fa0b0.vir
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • virussign.com_aca5b19a668f338cc0876bbdac860930.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_af606b92200b0ab98039095e8ac221f0.vir
    .exe windows:4 windows x86 arch:x86

    c06ddfbe3366daddf0cfd3e63c1b5390


    Headers

    Imports

    Sections

  • virussign.com_b1b1effd8f1d1331f6c3247955c772f0.vir
    .exe windows:6 windows x64 arch:x64

    fd60dddc87379c239e8ac49516966c3e


    Headers

    Imports

    Exports

    Sections

  • virussign.com_b1d2087d1d88f80870106373da2011b0.vir
    .exe windows:1 windows x86 arch:x86

    0b36fc85e0cb5e337c80982db5210969


    Headers

    Imports

    Sections

  • virussign.com_b4a073dab1d51b27d63f81649310ab60.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_b793dc2ed636fdaee1a701e05fde1640.vir
    .exe windows:4 windows x86 arch:x86

    c06ddfbe3366daddf0cfd3e63c1b5390


    Headers

    Imports

    Sections

  • virussign.com_ba1f70e629bc3e70fba35036be583ce0.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_bcab6f30045483fd648d1924aba88b00.vir
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • virussign.com_bf4239be7de1ad8dddc78d1aff0d6090.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_c251643a9964695966b3f7a545401440.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_c3fa4d199e50171575cfa553fd205a10.vir
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • virussign.com_c527d92958bc1247a6471765e5449c60.vir
    .exe windows:4 windows x86 arch:x86

    c06ddfbe3366daddf0cfd3e63c1b5390


    Headers

    Imports

    Sections

  • virussign.com_c7d033cce29ec681f70bfb5f2ec867c0.vir
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • virussign.com_ca6b0e41f6273b8c6a022729b7a7efd0.vir
    .exe windows:4 windows x86 arch:x86

    3b884b93be1eaa99038bd3acaaa5f577


    Headers

    Imports

    Sections

  • virussign.com_ccf2dfc7e36c604f207bf823231b57b0.vir
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • virussign.com_cf449b9fd99f5da93cbb91c84e64e710.vir
    .exe windows:4 windows x86 arch:x86

    a96d166ab17e011e8049d87211158ae5


    Headers

    Imports

    Sections

  • virussign.com_d2157a5e0405795aa865f9264e231ee0.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_d4dd384ae38fed77098536c5b075c320.vir
    .exe windows:4 windows x86 arch:x86

    c06ddfbe3366daddf0cfd3e63c1b5390


    Headers

    Imports

    Sections

  • virussign.com_d7c1eea17ae01e04b622ede80b6732c0.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_daf029de435e7c58f2df9aa76cd69860.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_dd8e1e34389d4ccff33b0927aab8f720.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_e0829a46c43ed4e653b663850ede1c60.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_e2eff6b5251023f676e069ef280aa370.vir
    .exe windows:4 windows x86 arch:x86

    c06ddfbe3366daddf0cfd3e63c1b5390


    Headers

    Imports

    Sections

  • virussign.com_e39b658136eff58a819c8501d7f9c850.vir
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • virussign.com_e5b7eed66ac360ac19e031b7bae8e800.vir
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • virussign.com_e8354680be59b959920736ab57205320.vir
    .exe windows:4 windows x86 arch:x86

    23d47cbef5ef7b970f550a993e2e8f04


    Headers

    Imports

    Sections

  • virussign.com_eb258b999e5979d7307a028ebc79d3c0.vir
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • virussign.com_edaa65c61e104ada5a5bb855dc5ee020.vir
    .exe windows:4 windows x86 arch:x86

    be6fa16f501de575a1d8eaaac5246ba0


    Headers

    Imports

    Sections

  • virussign.com_efc06f87e69043e6589a84dbe3f1fc30.vir
    .exe windows:1 windows x86 arch:x86

    c2a87fabf96470db507b2e6b43bd92eb


    Headers

    Imports

    Sections

  • virussign.com_f229a34feaf41bd2979457cd5d07dc60.vir
    .exe windows:4 windows x86 arch:x86

    c06ddfbe3366daddf0cfd3e63c1b5390


    Headers

    Imports

    Sections

  • virussign.com_f402a8d69c4fa9f6e979db11c9c1b760.vir
    .pdf
  • virussign.com_f533276fafb008b6a2dfa4f89921e0b0.vir
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • virussign.com_f7b7e4cae6aeca1ef90cf3adef9ad2f0.vir
    .exe windows:1 windows x86 arch:x86

    0b36fc85e0cb5e337c80982db5210969


    Headers

    Imports

    Sections

  • virussign.com_fa63750c6f308b71fd058025f03463e0.vir
    .exe windows:4 windows x86 arch:x86

    5d6cad172c5535e4b6b6bbd246571621


    Headers

    Imports

    Sections

  • virussign.com_fd793ee055341c39e9b939f71a3273a0.vir
    .exe windows:4 windows x86 arch:x86

    c06ddfbe3366daddf0cfd3e63c1b5390


    Headers

    Imports

    Sections