a774c39339320f89f2dd82009075e2d02a81d48649e837b5212c8f682dad7a42 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a774c39339320f89f2dd82009075e2d02a81d48649e837b5212c8f682dad7a42
Size

458KB
MD5

2944f1c4146ac9f416a62c39af340f7c
SHA1

f89238632966c9bdae105ac2ffa3127c3f77220a
SHA256

a774c39339320f89f2dd82009075e2d02a81d48649e837b5212c8f682dad7a42
SHA512

7e5f164f238094e523d0d813d60d9060c07a58ee0182e5142ceb9e2aac93a4097583a4fa5063b2421ffe72a4fd4792965444c94e344ce9d8669c8b49e80f851a
SSDEEP

12288:DGy2/LsnXUvfUPgrxhbPkQayPaK8UINFdx99nvbLGHv14B:Dz2Trv2UxhTBSKIf19njLGHd4B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/处理材料文件/6.exe

Files

a774c39339320f89f2dd82009075e2d02a81d48649e837b5212c8f682dad7a42
.zip
处理材料文件/6.exe
.exe windows x86

efabbc75a6445136f9c3983eaff9c04a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

RegisterClassA

gdi32

SelectClipRgn

winmm

midiStreamRestart

winspool.drv

ClosePrinter

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

OleInitialize

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

ws2_32

recvfrom

comdlg32

GetFileTitleA

Sections

.text
Size: 374KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 430KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
处理材料文件/cemPiaIu.flv