eaf271fd1fa34289db6d2a45e552b18487268ca2e698bdd00efb6185db46ea7a | Triage

Sharing

General

Target

eaf271fd1fa34289db6d2a45e552b18487268ca2e698bdd00efb6185db46ea7a
Size

431KB
MD5

68081f0c71bbb997617a1556515f8be7
SHA1

70eb94d1bb4b8a05afc4d821809c6dae025090e0
SHA256

eaf271fd1fa34289db6d2a45e552b18487268ca2e698bdd00efb6185db46ea7a
SHA512

04b4c07cb31831cae22fa28e20d64cd96c310b4c95683a3c1158442e47d27b04793b5c3970caafd7c90177b8478a0990da5722d055fc27ee6b82484c5f7945c8
SSDEEP

12288:skGotfsSbJbhjTF6rQkJh/Y78KeGrocPE:sj0fvQEkFGrhs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/微信多开.exe

Files

eaf271fd1fa34289db6d2a45e552b18487268ca2e698bdd00efb6185db46ea7a
.zip
微信多开.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.nsp0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 793KB - Virtual size: 796KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE