5a6acdf5510e6825bf2152c41e1e0bda48498658f550cf92cc4c459635bb27aa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a6acdf5510e6825bf2152c41e1e0bda48498658f550cf92cc4c459635bb27aa
Size

1.5MB
MD5

2fa346ccf8b9ce44bcf3072b527e98a3
SHA1

a1a4218aaca6476f4f41c5dce1469570872d8e87
SHA256

5a6acdf5510e6825bf2152c41e1e0bda48498658f550cf92cc4c459635bb27aa
SHA512

ba70f150dbba74955a38032974886ef679106602dd22981f7da349bff47653f70f1fd1d6866828e0b8bfd58a5ecfe0891a58c234d23c54b5cfac03e8a797eddb
SSDEEP

24576:Fa/n+vTtgZkb0dzZzHO7kWaoIEsJrpJaTF98JPvy38KOEQtvviKS7NHapUiBJdm8:FaviRgZ9d91WZglpSF9ew8SyxDdm4x1R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/团报工具/DWReport.exe

Files

5a6acdf5510e6825bf2152c41e1e0bda48498658f550cf92cc4c459635bb27aa
.zip
团报工具/DWReport.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 550KB - Virtual size: 550KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
团报工具/Zkcis.ini
团报工具/升级脚本/proc_CreateBReportYear.sql
团报工具/升级脚本/对比表语句.sql
团报工具/升级脚本/脚本1王磊.sql
.vbs
团报工具/模板/健康团报模板_不带名单.fx
.xml
团报工具/模板/健康团报模板_带名单.fx
.xml