565bf36acde5503859c6947539342690cea22a75ee16d8489b97975f6ac631da | Triage

Sharing

Copy URL Twitter E-mail

General

Target

565bf36acde5503859c6947539342690cea22a75ee16d8489b97975f6ac631da
Size

459KB
MD5

0b8777cd1c704230cc1d6dc9ff1dcf60
SHA1

5b27546de5d35436dfd492e6c5c42a4450517885
SHA256

565bf36acde5503859c6947539342690cea22a75ee16d8489b97975f6ac631da
SHA512

cdab4616e0b4fa0baa26b46d4dd1acf6779f441e780af4a39deefaecbefd3f622631f95099309f0b1b1907f47fa61cfca43efe5db8b770b8d24d448e90aaa845
SSDEEP

12288:RGy2/LsnXUvfUPgrxhbPkQayPaK8UINFdx99nvbLGHv14uwO:Rz2Trv2UxhTBSKIf19njLGHd4u9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/关于管理企业集团最新规定/6.exe

Files

565bf36acde5503859c6947539342690cea22a75ee16d8489b97975f6ac631da
.zip
gmvhbDi.flv
关于管理企业集团最新规定/6.exe
.exe windows x86

efabbc75a6445136f9c3983eaff9c04a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

RegisterClassA

gdi32

SelectClipRgn

winmm

midiStreamRestart

winspool.drv

ClosePrinter

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

OleInitialize

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

ws2_32

recvfrom

comdlg32

GetFileTitleA

Sections

.text
Size: 374KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 430KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE