获取服务器加密字符串[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

获取服务器加密字符串.exe
Size

212KB
MD5

0d2b1b2621c0e09f800d0b30baada5a6
SHA1

8537829e3b5af8c85d62a95e6a6c6750805dbbd1
SHA256

477e4278101e416a1b55365c6165ad3ede7de203d3bc2fc70715d067aad5ae4d
SHA512

8e83e9236b15fbf85ecebf83f2cb2f8eaaefb9f8e6968dfd51cd8cf05e13442d66957c1ff0714156553134d3446fbb96ca1f3ae2f1169808852f9b6143a8cfcd
SSDEEP

384:1igm1NtaIHJMXGkvwKwq6unl0E/nZNOVIHiIthAl0E/nZNOVIHiItD0xqllvL6Wx:1o17XE/CVOE/CVnrhGbYE/CV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
获取服务器加密字符串.exe

Files

获取服务器加密字符串.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ