Overview

overview

10

Static

static

3

b187478ed3...1b.exe

windows7-x64

10

b187478ed3...1b.exe

windows10-2004-x64

10

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7fb6a8bbcc54cc1619ffd51aa9818fd6.bin

  • Size

    271KB

  • MD5

    0f412c984c41a147dec6b5613d37e8f2

  • SHA1

    2ac23a4c383a9d94604f6d2983a97b98b0a1d6a4

  • SHA256

    6a43e959a6b6ac945b6e2fd64cefc457cb2a87c76ccdcb139b1c9b457b75dbf4

  • SHA512

    49adbbe7506059ec7191c92c410c4281e043dd79cb1b8928c2dd27bc89fde9cfac43d076be703509364faf54653e70c19920455c4fef493570a28c866c8b478a

  • SSDEEP

    6144:Z8rM4NvaHHtRw33Kam6BK4FzurmPIlhcjMbMA+k7IK:ZqOtVsBK6GII/x75

Score
3/10

Malware Config

Signatures

  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • 7fb6a8bbcc54cc1619ffd51aa9818fd6.bin
    .zip

    Password: infected

  • b187478ed3f00d2157b587ff89b0241c3db74e50370bb3b5e25aac165a09891b.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    e160ef8e55bb9d162da4e266afd9eef3


    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    8c8a576201f68de1a3f26fc723b9f30f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    6b7d154c806f1e47db325229c300c6df


    Headers

    Imports

    Exports

    Sections

  • Embedsfrelsers.txt
  • Krigssti/Carpodacus/transcendence.for
  • Krigssti/Refractor.skr
  • Krigssti/misrelation.mod
  • Krigssti/netts.paa
  • Krigssti/reptiles.pol
  • Krigssti/snifferes.ano
  • Krigssti/stavefejlens.spo
  • Mgtigste.bal
  • Rasing179.Sup
  • spiritless.Mon