0020763c4d31004524dba94960c09397

Sharing

Copy URL

Twitter E-mail

General

Target

0020763c4d31004524dba94960c09397
Size

247KB
MD5

0020763c4d31004524dba94960c09397
SHA1

4444779161d2db851c5e84434123ae0bf37e303a
SHA256

ec1cff31ea32e1265983e8ade647d823c6422588d549497f77969a524435d34e
SHA512

a95bb96b62085b44e3ad11355b5eca139fb5f2a545280029e5d62142b7b04fb4dc377681226b30fe49f10e604f193753365faa6dc04e93d5cb28c6f250edc770
SSDEEP

6144:t3My0bLVCzFiffT3Pgfm6iGvAO/NGRjmZ:t8tLmEXTfEiWADRj8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/450514557/ftpServer.exe

Files

0020763c4d31004524dba94960c09397
.rar
450514557/About.dcu
450514557/About.dfm
450514557/About.pas
450514557/About.~df
450514557/About.~pa
450514557/Dir.dcu
450514557/Dir.dfm
450514557/Dir.pas
450514557/Dir.~df
450514557/Dir.~pa
450514557/Main.dcu
450514557/Main.dfm
450514557/Main.pas
.js
450514557/Main.~df
450514557/Main.~pa
.js
450514557/NewUser.dcu
450514557/NewUser.dfm
450514557/NewUser.pas
450514557/NewUser.~df
450514557/NewUser.~pa
450514557/ftpServer.cfg
450514557/ftpServer.dof
450514557/ftpServer.dpr
450514557/ftpServer.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 195KB - Virtual size: 508KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
450514557/ftpServer.res
450514557/ftpServer.~dp
450514557/users.txt
450514557/下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 195KB - Virtual size: 508KB

DATA Size: 2KB - Virtual size: 8KB

BSS Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 36KB

.rsrc Size: 14KB - Virtual size: 52KB

.aspack Size: 6KB - Virtual size: 8KB

.rsrc Size: - Virtual size: 4KB

CODE
Size: 195KB - Virtual size: 508KB

DATA
Size: 2KB - Virtual size: 8KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 36KB

.rsrc
Size: 14KB - Virtual size: 52KB

.aspack
Size: 6KB - Virtual size: 8KB

.rsrc
Size: - Virtual size: 4KB