a0b85dd9ec40471be7b4adf5ed042828cf409ad04cb7f8aa9bc11ea63257ea5e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a0b85dd9ec40471be7b4adf5ed042828cf409ad04cb7f8aa9bc11ea63257ea5e
Size

10.4MB
MD5

5faab12d025440959cf110e123a76ebd
SHA1

eea78c4af2b48faf681141fb706734222f819030
SHA256

a0b85dd9ec40471be7b4adf5ed042828cf409ad04cb7f8aa9bc11ea63257ea5e
SHA512

1c4ab16b491285d70ac28baac2083ace401d5391e4dc6d10d673ef61d823339f0b1c15608f553b6d0eb44bb5d112b7498a0c4d7f7b1b0f1ca50a39531fd8432c
SSDEEP

196608:3Ct4yoW+0PL81a5rLZroUP7UPZ1+qE3eYv6LjFFCAy+:Dr+n5XFTUx0qEuYkj7CAy+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0b85dd9ec40471be7b4adf5ed042828cf409ad04cb7f8aa9bc11ea63257ea5e

Files

a0b85dd9ec40471be7b4adf5ed042828cf409ad04cb7f8aa9bc11ea63257ea5e
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 280KB - Virtual size: 506KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 24KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 20KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CaiHong
Size: - Virtual size: 7.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ