General

  • Target

    19X.rar

  • Size

    17.7MB

  • MD5

    703e04361ca1e3a3f50c519dc72969df

  • SHA1

    515ec03934a9731c157367092935eed3cb22570e

  • SHA256

    b6fbd300520e46f761b778cfc7595b43db385c79a1d7e4c4ce40e782f78a1c01

  • SHA512

    74faa807deb7e03ad5f22244cd7556b0d7c3e22efb90bdad61590581128e6e3062b461af150bcac4ee7c638c1369ed5ea2a6a881d9c258ad76220d9c63f48ce4

  • SSDEEP

    393216:xFYpkGpGjixj+wg6DfEqVYpFgKeZVzjJfNCVFZyxze3z8Gpmc4:TwX/Z+qDcqCngKe73DCVFoxz+zLpy

Score
7/10

Malware Config

Signatures

  • Themida packer 3 IoCs

    Detects Themida, an advanced Windows software protection system.

  • Unsigned PE 8 IoCs

    Checks for missing Authenticode signature.

Files

  • 19X.rar
    .rar
  • 2023年11月新发布-财会人员薪资补贴调整新政策所需材料.exe.vir
    .exe windows:6 windows x64


    Headers

    Sections

  • Due invoices Mazaya_pdf_pdf.vbe.vir
    .ps1
  • tools-读取浏览器敏感信息.exe.vir
    .exe windows:6 windows x64

    67375d033e34a8ce017a42bfac07388e


    Headers

    Imports

    Exports

    Sections

  • 信息收集模板.scr.vir
    .exe windows:6 windows x64

    ec2908a203a9fcced1b070e8db1923a7


    Headers

    Imports

    Sections

  • 公司资料.exe.vir
    .exe windows:6 windows x64


    Headers

    Sections

  • 安全检查资产上报收集表-20231103-___xlsx.scr.vir
    .exe windows:6 windows x64

    42e7514dba1f196bf70852cf303d000c


    Headers

    Imports

    Sections

  • 提交材料.exe.vir
    .exe windows:6 windows x64


    Headers

    Sections

  • 李志-账号密码记录-解压密码-20231116.exe.vir
    .exe windows:6 windows x64

    3bec48b52c00f36b3f35434846086bee


    Headers

    Imports

    Exports

    Sections

  • 陈力-病例.exe.vir
    .exe windows:6 windows x64

    d8929aaf89748ffdb39f2949bd0f2cba


    Headers

    Imports

    Sections