Overview

overview

5

Static

static

5

8d44dce68d...90.exe

windows7-x64

5

8d44dce68d...90.exe

windows10-2004-x64

5

$PLUGINSDI...re.dll

windows7-x64

3

$PLUGINSDI...re.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...ib.dll

windows7-x64

3

$PLUGINSDI...ib.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$_15_/HWSignature.dll

windows7-x64

3

$_15_/HWSignature.dll

windows10-2004-x64

3

14.4.0.930...re.dll

windows7-x64

3

14.4.0.930...re.dll

windows10-2004-x64

3

SogouExe/H...Ex.dll

windows7-x64

3

SogouExe/H...Ex.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8d44dce68d4aa0b94899bd37c7345891288f086b83440f16cbde8a58566ff290

  • Size

    367KB

  • MD5

    88307ae5f2474c8bc0ee4dfd0d9cb81b

  • SHA1

    ebcc059ed3bfb03f60d04377807ae27ec4e3136a

  • SHA256

    8d44dce68d4aa0b94899bd37c7345891288f086b83440f16cbde8a58566ff290

  • SHA512

    280374864ff5a132ef545f4cda810643ea390502dfc339fd61325dc35a9b82ed47206a0e64782a287140f10ecb9ad5ac454b3f547e0bb2dbf0e992076e87e0a8

  • SSDEEP

    6144:IumAR4qQKTpf5EiXoCrImbBq3lovNqlom7OTZNJdd:iApdpf5EiXI201nab/Hd

Score
5/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

Files

  • 8d44dce68d4aa0b94899bd37c7345891288f086b83440f16cbde8a58566ff290
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/HWSignature.dll
    .dll windows:6 windows x86 arch:x86

    cdd42c264bacf432f4003380d6c8ce27


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:5 windows x86 arch:x86

    cd90e33ffbc335413a25300c682c83df


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/SetupLib.dll
    .dll windows:6 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $_15_/HWSignature.dll
    .dll windows:6 windows x86 arch:x86

    cdd42c264bacf432f4003380d6c8ce27


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • 14.4.0.9302/HWSignature.dll
    .dll windows:6 windows x86 arch:x86

    cdd42c264bacf432f4003380d6c8ce27


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • SogouExe/HWSignatureEx.dll
    .dll windows:6 windows x86 arch:x86

    cdd42c264bacf432f4003380d6c8ce27


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • out.upx
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections