分辨率设置[.]EXE | Triage

Sharing

Copy URL Twitter E-mail

General

Target

分辨率设置.EXE
Size

935KB
MD5

9fb260ef3d1043e7e7c6c7d37a9ecbf9
SHA1

98658cd773545e2eaac2f97c7f84ebeeb0a53437
SHA256

b170c5fab4cf1639838c0df0607281006c87e2facfc8b41efb3f8db39694709e
SHA512

7465af9f5d57ea9a0ef8697efaadaac28009916b2679395ce7527d6c35f47c62a5c0320e1147d5b6c4312c764ce25a52928529983ad937676a3d7e2cd5cef577
SSDEEP

12288:y6aJyANxMcH5jNb8BQXmQKQSmTpR76JkQblCbm6vTlF0M6myeNTDyKjkH3VKpif:y6ajjMcZjCmT/OkQx6vTD0MpTZJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
分辨率设置.EXE

Files

分辨率设置.EXE
.exe windows x64

c086bc9de3d34586f34c04e4345dd520

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

shlwapi

StrStrW

user32

GetDC

gdi32

BitBlt

advapi32

FreeSid

shell32

SHChangeNotify

version

VerQueryValueW

setupapi

CM_Get_Parent

Exports

Exports

LoadEnvi
MemoryCompare
MemoryCopy
MemorySet
WndProc1
WndProc1_
WndProc2
WndProc2_
WndProc3
WndProc3_

Sections

.MPRESS1
Size: 429KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 501KB - Virtual size: 501KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE