20c02225ef4711a0a9fa10c7126a948e419a0417c9805d2b360910f472316e80 | Triage

Sharing

General

Target

20c02225ef4711a0a9fa10c7126a948e419a0417c9805d2b360910f472316e80
Size

458KB
MD5

6fe8257cdabfd4b5cffd1628efe9583d
SHA1

3b1dd3a52b76ae4dacc0f43cf2df500c5e4ed694
SHA256

20c02225ef4711a0a9fa10c7126a948e419a0417c9805d2b360910f472316e80
SHA512

1c3991381958e05a2ed3fe93355be742724157a76bbecea9d721b62a1fecc268468f15a925e338512da32b03dbbc493158b9989c43880d7c8441feb0589eb265
SSDEEP

12288:XGy2/LsnXUvfUPgrxhbPkQayPaK8UINFdx99nvbLGHv14D:Xz2Trv2UxhTBSKIf19njLGHd4D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/处理材料/6.exe

Files

20c02225ef4711a0a9fa10c7126a948e419a0417c9805d2b360910f472316e80
.zip
处理材料/6.exe
.exe windows x86

efabbc75a6445136f9c3983eaff9c04a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

RegisterClassA

gdi32

SelectClipRgn

winmm

midiStreamRestart

winspool.drv

ClosePrinter

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

OleInitialize

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

ws2_32

recvfrom

comdlg32

GetFileTitleA

Sections

.text
Size: 374KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 430KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
处理材料/cemPiaIu.flv