1871c4656bed53b50672e04691b90968 | Triage

Sharing

General

Target

1871c4656bed53b50672e04691b90968
Size

10KB
MD5

1871c4656bed53b50672e04691b90968
SHA1

118f87e9c32060b739bc1f9326b5da3927397bb2
SHA256

403563a713f4c0d458404e650d814a4497b2e61a1608bbe58c2e1fde191eb57c
SHA512

8db6800ebd488a97433dc349e1562d2bd841d91c99eae4cc4baa2e05d3b88704a48d44c952a2f6253c494fa705663ec79109d4a777c2dab7ae6c12f58b824588
SSDEEP

192:zTOcLatUdZI2Hu8rYA/rXWOunpjEAGS0RCDDt0zr/z+4WjwLAUfWAU+GPK0tspG:RLZIWu8r7/rmdnp420RCt0KjwLAUfhaL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/蘑菇QQ消息轰炸机V1.9.exe

Files

1871c4656bed53b50672e04691b90968
.rar
新云软件.url
.url
蘑菇QQ消息轰炸机V1.9.exe
.exe windows:4 windows x86 arch:x86

585a7884528886b704a0618d0def3335

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord593
ord594
ord595
ord599
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord100

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ