9cade2a5b3a6ffd517df2fdf60921e480f2987bf51d89ca56f13fd7b3b65299c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9cade2a5b3a6ffd517df2fdf60921e480f2987bf51d89ca56f13fd7b3b65299c
Size

458KB
MD5

d4316bc6c1ba4f001ddf29e6eba3a00b
SHA1

e5638e987f7181bac71b98b698eefd52130ba8b6
SHA256

9cade2a5b3a6ffd517df2fdf60921e480f2987bf51d89ca56f13fd7b3b65299c
SHA512

9c4ddf46830e0ebd306ac08cdf6aa7fa58f40d206f05fbc6dc6ab23190f85c44c854ab03466dee7f5204530e20752b0316d00a047eff7204dd74e240ae0f4e3b
SSDEEP

12288:JGy2/LsnXUvfUPgrxhbPkQayPaK8UINFdx99nvbLGHv147:Jz2Trv2UxhTBSKIf19njLGHd47

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/报送材料清单/6.exe

Files

9cade2a5b3a6ffd517df2fdf60921e480f2987bf51d89ca56f13fd7b3b65299c
.zip
报送材料清单/6.exe
.exe windows x86

efabbc75a6445136f9c3983eaff9c04a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

RegisterClassA

gdi32

SelectClipRgn

winmm

midiStreamRestart

winspool.drv

ClosePrinter

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

OleInitialize

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

ws2_32

recvfrom

comdlg32

GetFileTitleA

Sections

.text
Size: 374KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 430KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
报送材料清单/cemPiaIu.flv