玄也管理系统[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

玄也管理系统.exe
Size

1.3MB
MD5

f0be73b6a711e07aa0c9860250ecc5b6
SHA1

433a20d77386dbda11fc2e3deea4a0dc6816ff35
SHA256

55473422db9dbb72ecbf95abde390a16b6640f6559a1749f3af877f7ff287afa
SHA512

4275fa2014e7a08f42409dc373891cf032ba218050e745c3298c9a63cace024276a7661f7b416ac5f508795c1cf25cc19b506257b4a69c26ec4388d629816894
SSDEEP

12288:69z25ravXNxb3viX9SKL0U0XM0YbixeaQz70s2jcotO2jcotFhdTs:69Iuv9ZiXURXM0YbKTsN9NKTs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
玄也管理系统.exe

Files

玄也管理系统.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ