1c71353788f777df6b1fdff553d383f8_hacktools_xiaoba_JC[.]exe | Triage

Sharing

General

Target

1c71353788f777df6b1fdff553d383f8_hacktools_xiaoba_JC.exe
Size

3.2MB
MD5

1c71353788f777df6b1fdff553d383f8
SHA1

c23f2a012c6239801bdf8ffabb514c4dbe801ab4
SHA256

26c21397b627e21fa7b1d2bacd96b3d3e426fc7d5468830c8c6b769ad59b0ecc
SHA512

13c8930dca345f952a62e64a862a1ad35df0a1eb16791676fcdbfca7f681fe1063e04c0bc7335c9e39d790cada1470d3ce3356fd9ddcb0301de59c4e85861c21
SSDEEP

49152:6zG1BqCBGJdodXAGRe5CFHRoHgmAZf1NJ:DBIKRAGRe5K2UZV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c71353788f777df6b1fdff553d383f8_hacktools_xiaoba_JC.exe

Files

1c71353788f777df6b1fdff553d383f8_hacktools_xiaoba_JC.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

CODE
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 444KB - Virtual size: 442KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 808KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ