76e7ce6d1ce18de6137bab0a7193cc71

General

Target

76e7ce6d1ce18de6137bab0a7193cc71
Size

1.5MB
MD5

76e7ce6d1ce18de6137bab0a7193cc71
SHA1

abb2f6b05d2736f2c8505156aec344dc8b53df11
SHA256

484c5321323f984b158cb910432ae959b94982d11ad077114700818792af784c
SHA512

6081b16959e8517fdfd7a45f9731c001536296c06025aa89d095d547242aed3c0cea6e8bb5a73c13a818e2380b1f0351806cab6fce6cffe764c4c8cf48c46cf6
SSDEEP

24576:0MEPQkDumQs61CIutaTkBwA60+NjGsX+/aQUGxNYTUe2+GPxKZv86pA0:0M3kSmX61CzsoW4suGGwTUe2BP0v86pr

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CP_QQ随意邮.exe
unpack001/注册机.exe

Files

76e7ce6d1ce18de6137bab0a7193cc71
.rar
CP_QQ随意邮.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 451KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

WinLicen
Size: 973KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mackt
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 96KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
注册机.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

KeyMake
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

AntiKill
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

Size: 451KB - Virtual size: 1.2MB

.rsrc Size: 60KB - Virtual size: 228KB

.idata Size: 512B - Virtual size: 4KB

WinLicen Size: 973KB - Virtual size: 1.4MB

.mackt Size: 4KB - Virtual size: 12KB

.data0 Size: 96KB - Virtual size: 100KB

.data1 Size: - Virtual size: 4KB

Headers

File Characteristics

Sections

KeyMake Size: - Virtual size: 40KB

AntiKill Size: 11KB - Virtual size: 12KB

.rsrc Size: 6KB - Virtual size: 8KB

.rsrc
Size: 60KB - Virtual size: 228KB

.idata
Size: 512B - Virtual size: 4KB

WinLicen
Size: 973KB - Virtual size: 1.4MB

.mackt
Size: 4KB - Virtual size: 12KB

.data0
Size: 96KB - Virtual size: 100KB

.data1
Size: - Virtual size: 4KB

KeyMake
Size: - Virtual size: 40KB

AntiKill
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 6KB - Virtual size: 8KB