02ecefa2fa3e39693edb2bd03936fa65 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02ecefa2fa3e39693edb2bd03936fa65
Size

2.0MB
MD5

02ecefa2fa3e39693edb2bd03936fa65
SHA1

51d4504d8e215087dd17c19cdfb58b3e7c6b3ff9
SHA256

e2e8027ec14b46066b55a4ee00a9ee56af96f708fe99d48a3c3d40de01962c30
SHA512

1784d011e4ace0c7c5251ed4f71ffa3d7cecdb634bc3b380ef5dce272621f79e333844da6ab8cdf46c3521cf1d1f30ec448d19ddc0e80ae72ba1139134078ef4
SSDEEP

49152:5oG8xE0ulSeWTV4yzeJloZ2OdpNEOgbyXUi1NsngPDt84Jl2Ct:5o5ulSeWTVtilcNEOgE91NsnCt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ABViewer 5.2.5.129/ABViewer.exe

Files

02ecefa2fa3e39693edb2bd03936fa65
.rar
ABViewer 5.2.5.129/ABViewer.chm
.chm
ABViewer 5.2.5.129/ABViewer.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.code
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0002EEF3
Size: 187KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 431KB - Virtual size: 472KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ABViewer 5.2.5.129/Chinese (Simplified).lng
ABViewer 5.2.5.129/English.lng
ABViewer 5.2.5.129/License.txt
ABViewer 5.2.5.129/Settings.ini
ABViewer 5.2.5.129/Settings.ini.bak
ABViewer 5.2.5.129/汉化说明.txt
下载说明.htm
.html .js polyglot
汉化说明.txt