Overview

overview

10

Static

static

3

perm/mac/R...64.dll

windows7-x64

1

perm/mac/R...64.dll

windows10-2004-x64

1

perm/mac/R...sh.exe

windows7-x64

1

perm/mac/R...sh.exe

windows10-2004-x64

1

perm/mac/rtkio64.sys

windows7-x64

1

perm/mac/rtkio64.sys

windows10-2004-x64

1

perm/mac/r...64.sys

windows10-2004-x64

1

perm/mac/spoof.bat

windows7-x64

1

perm/mac/spoof.bat

windows10-2004-x64

1

perm/seria...64.exe

windows7-x64

1

perm/seria...64.exe

windows10-2004-x64

1

perm/seria...of.bat

windows7-x64

10

perm/seria...of.bat

windows10-2004-x64

10

perm/seria...er.bat

windows7-x64

1

perm/seria...er.bat

windows10-2004-x64

1

perm/seria...64.sys

windows7-x64

1

perm/seria...64.sys

windows10-2004-x64

1

perm/seria...64.sys

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Perm.rar

  • Size

    546KB

  • MD5

    af6d56efa38a97c6ae552773d0ebed55

  • SHA1

    4bfd6aa9fd1fcf161763fcfcd78f166462784a90

  • SHA256

    f15a78efd211bae6dd492d449beeb3844bd758a5241cfa48d0fd19dbe766102d

  • SHA512

    ff35805d195db830f4d7840208c081d1876791609350fde7fd36beec2ddddc04f4dc91b9b24b147bf209f8e02563fae464b5bf87e5e1974ed7422e7880e03959

  • SSDEEP

    12288:Ynino1Rp78K3gxYT9GrXz32VJvCjl34NgrHJ3IWY/IjLsw8:27Di8SYhQz3Cfg1Y84

Score
3/10

Malware Config

Signatures

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • Perm.rar
    .rar
  • perm/mac/RTIoLib64.dll
    .dll windows:4 windows x64 arch:x64

    625a9a2139046104e37e4654c9a0a63d


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • perm/mac/RealTek_flash.exe
    .exe windows:6 windows x64 arch:x64

    39dfab18f435aa1ac7d1cb18d1a19c2d


    Code Sign

    Headers

    Imports

    Sections

  • perm/mac/rtkio64.sys
    .sys windows:6 windows x64 arch:x64

    4343c9c0b78ee21e895f10d929c240d4


    Code Sign

    Headers

    Imports

    Sections

  • perm/mac/rtkiow10x64.sys
    .sys windows:10 windows x64 arch:x64

    317f02ddc9809d608a9bf63ce24e9550


    Headers

    Imports

    Sections

  • perm/mac/spoof.bat
  • perm/serials/AMIDEWINx64.EXE
    .exe windows:5 windows x64 arch:x64

    5d7543265f1d05f9bd6a417f4988fb48


    Headers

    Imports

    Sections

  • perm/serials/AmiSpoof.bat
  • perm/serials/SerialsChecker.bat
  • perm/serials/amifldrv64.sys
    .sys windows:6 windows x64 arch:x64

    4fbdc03e4487f98fb59360ea5b3e640d


    Code Sign

    Headers

    Imports

    Sections

  • perm/serials/amigendrv64.sys
    .sys windows:10 windows x64 arch:x64

    f9141c3df8f7ec7b3f2d46265a3b5528


    Code Sign

    Headers

    Imports

    Sections