c3f4604e3982b917edac9104a5941a645ecab935b4c45649aeb640b0ec9d2cd6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c3f4604e3982b917edac9104a5941a645ecab935b4c45649aeb640b0ec9d2cd6
Size

1.4MB
MD5

4ed6b8ab1cf3befc91b256f8ef8712e3
SHA1

bb6b6e6c24de5b58d8e5048205675be4063f86e6
SHA256

c3f4604e3982b917edac9104a5941a645ecab935b4c45649aeb640b0ec9d2cd6
SHA512

96ae3d869fa8a50194db4b9a8d78f06b5f6d87db0a29677e63087cf360ed8b10da76974c7d486c15be26c73d2aa2981f954546d499a2492e8925d022f9115409
SSDEEP

24576:KFVD364I7htY6ovU6+xudpXliFKNVURzk52tV7pXPTBMWrTvUFKazCYmC1Dm:KDbITxo0c1VN+g52lr/7uXq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/DllHijackAuditorv35.exe

Files

c3f4604e3982b917edac9104a5941a645ecab935b4c45649aeb640b0ec9d2cd6
.rar
ALI213.txt
DllHijackAuditorv35.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 768KB - Virtual size: 768KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.enigma1
Size: 140KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma2
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
游侠网最新单机游戏.url
游侠网热门MOD补丁.url