1dabe406959f181794c887708492245b | Triage

Sharing

General

Target

1dabe406959f181794c887708492245b
Size

1.0MB
MD5

1dabe406959f181794c887708492245b
SHA1

3db7111e203aa163bf16b4817e80c241c0389dc5
SHA256

c605f05f3b3c4bbfef633280d32e2acd7d61224949a117b377da15e6c9f16728
SHA512

3f12776403eb269342806a05bf2021b4198bff6fae5de7f7b0b23306af5818bcf425ec9075e1e8c502627d98a4a680447be3431025a501f7383d0add673da8b3
SSDEEP

24576:8KEAxkiCMGR43kLV05X+FERfUahzMu1F/Lov/RgHOEKp:8MWDR4r+FE5nguF/LovpgHE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/tightvnc-1.3.8-setup.exe

Files

1dabe406959f181794c887708492245b
.rar
tightvnc-1.3.8-setup.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
使用说明.htm
.html
使用说明.txt