Overview

overview

10

Static

static

7

Kapu.rar

windows10-ltsc 2021-x64

10

DirectX2D.dll

windows10-ltsc 2021-x64

1

Environment.xml

windows10-ltsc 2021-x64

3

Loader.exe

windows10-ltsc 2021-x64

10

Other/Environment.xml

windows10-ltsc 2021-x64

3

Other/RestSharp.dll

windows10-ltsc 2021-x64

1

Other/Sentlog.dll

windows10-ltsc 2021-x64

1

Other/achevelog.dll

windows10-ltsc 2021-x64

1

Other/d2patch.dll

windows10-ltsc 2021-x64

1

Other/jasc...ch.dll

windows10-ltsc 2021-x64

1

Other/patch.dll

windows10-ltsc 2021-x64

1

Sentlog.dll

windows10-ltsc 2021-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Kapu.rar

  • Size

    1.9MB

  • MD5

    bde953e9edade9135691a71d64f5efef

  • SHA1

    7f29914cde929688a6e6255cb479cd86e8b60275

  • SHA256

    dc813f57acd54cd1d0067adadc56cb9347efa0f6eb2628427158d3c75eafa1ff

  • SHA512

    628fbad49c1e8a215506538043c90e0077264ed9393306e59eaa31f3c5ee51d21247bf7e92b78147e6772afbc2a6faebb3201abbbe526ab423f62e752ec40cf3

  • SSDEEP

    24576:/+U5nQsmY2j9L80lbapoeRu/88AGcqx/GsbCxndz46fl6OXOY1sZSxCP/pzZqOp8:/75nYxLbbabNU3gndsHqsCCx5ZqlzMkv

Score
7/10

Malware Config

Signatures

  • .NET Reactor proctector 1 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Unsigned PE 7 IoCs

    Checks for missing Authenticode signature.

Files

  • Kapu.rar
    .rar

    Password: 123

  • DirectX2D.dll
  • Environment.ini
    .xml
  • Loader.exe
    .exe windows:4 windows x86 arch:x86

    Password: 123

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Other/Environment.ini
    .xml
  • Other/RestSharp.dll
    .dll windows:4 windows x86 arch:x86

    Password: 123

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Other/Sentlog.dll
    .dll windows:4 windows x86 arch:x86

    Password: 123

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Other/achevelog.dll
    .dll windows:4 windows x86 arch:x86

    Password: 123

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Other/d2patch.dll
    .dll windows:4 windows x86 arch:x86

    Password: 123

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Other/jascriptfortpatch.pdb
    .dll windows:4 windows x86 arch:x86

    Password: 123

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Other/patch.dll
    .dll windows:6 windows x64 arch:x64

    Password: 123

    83b0fddc22f18606f3545454f033ed85


    Headers

    Imports

    Exports

    Sections

  • Sentlog.dll
    .dll windows:4 windows x86 arch:x86

    Password: 123

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections