3f712f79dafb5ed1ee77e712227f41710cf79f66ec251caefdc879861efcd3da | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f712f79dafb5ed1ee77e712227f41710cf79f66ec251caefdc879861efcd3da
Size

25KB
MD5

9e966e4843ac223715be0db4145a5020
SHA1

3db803c62b40a9411fcd46971692b3561806912d
SHA256

3f712f79dafb5ed1ee77e712227f41710cf79f66ec251caefdc879861efcd3da
SHA512

a290ba1a3ae85ae4efc5c9d8a2b43fe4658e650e2efd07e20abefffe27e9f9e33269df8b7ec7a37293a4bb4484a7b0b631a1e210ea7f9bab1cf692e1032f30aa
SSDEEP

768:XY/YJH3npCtVmxDrDLLTiGBaEO0hHpU/suSkwpvnhfRoquM:X8YJH3pCtVeDPoIposvLlnhP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/投诉/投诉举报证据.exe

Files

3f712f79dafb5ed1ee77e712227f41710cf79f66ec251caefdc879861efcd3da
.zip
投诉/投诉举报证据.exe
.exe windows:6 windows x64

f6e633d1e87fd8aa5ed31db6916aadff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

wininet

InternetReadFile
InternetCloseHandle
InternetOpenA
InternetOpenUrlA

crypt32

CryptStringToBinaryA

kernel32

CloseHandle
GetProcessHeap
LoadResource
FindResourceW
CreateFileA
SizeofResource
VirtualProtect
WriteFile
LockResource
HeapAlloc

shell32

ShellExecuteA
ord680

Sections

.text
Size: 1024B - Virtual size: 836B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ