18081354918c5522a3d358fe3b8d9992 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18081354918c5522a3d358fe3b8d9992
Size

268KB
MD5

18081354918c5522a3d358fe3b8d9992
SHA1

90193c43aedf096a6b6a5c2410771c025afd8593
SHA256

2b7668461212f246787ee3997f73e60012d48788e685e2bfd89b32f73b9ab43d
SHA512

550716fbbd3fd8936d410cae88e50ebcc967c3a8cfd8c32ae4872ec154b968117cee7cc3498c82a04f1be00684a99ff5ca2fb78237db654683671709ff3ab722
SSDEEP

6144:tMbBaMiVeEvnmQFA8Y0lSgWRAsplZt4HyXitYhRK7UPrh8jee1:NhnqX0bsnZi3tgRI+2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/20051211nmQQ/农民QQ密保大盗(窃取邮箱版).exe

Files

18081354918c5522a3d358fe3b8d9992
.rar
20051211nmQQ/logo.gif
.gif
20051211nmQQ/qq.asp
.vbs
20051211nmQQ/sm.txt
20051211nmQQ/农民QQ密保大盗(窃取邮箱版).exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.Upack
Size: - Virtual size: 772KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 270KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
20051211nmQQ/农民QQ密保大盗(窃取邮箱版)配置说明.txt
使用说明.url
安装说明.url
让你放心、永不中毒的浏览器.url
说明.txt