伯俊驿氪数据同步推送服务[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

伯俊驿氪数据同步推送服务.exe
Size

45KB
MD5

7cf043d7eb47c068959c074ca0a379e5
SHA1

164447962134c0a51f96f36ce647989ccf0c5035
SHA256

ba5e719103aa60249f68eda4d92a18592b6b072b83e18f504588e455a45a5e94
SHA512

33a178d88db470a18ac71fda865912a86611f3e55e27952c1d5fdf6021d4ca3e8b245762f7b5f60404ef4b184a3492a68be1dfb3937a80e691830c8836c4b1fa
SSDEEP

768:iGYJxkXcRIx8T7yvXbdT70HVdFuhhhppRk5dHIittg1wzsJlmtQzCDrT:owxU7270/FD/ng1wzsJsuCD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
伯俊驿氪数据同步推送服务.exe

Files

伯俊驿氪数据同步推送服务.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ