19749435c265787fd8fbebb9a0520a88 | Triage

Sharing

General

Target

19749435c265787fd8fbebb9a0520a88
Size

2.6MB
MD5

19749435c265787fd8fbebb9a0520a88
SHA1

6a967b0f394b72596dd9dbce458accd17c7935be
SHA256

3bb1ce5be78b664b7ca63e113e45b59e60d33acf8614614120b35ffacc4a208a
SHA512

6d46dd7e77b8c6e64fe1c2059182cec900c8c0869f7d2ba48fee30f397e1ac7b250c0ff699b6378f70cbf69cc9621e9a56becb8acaf094d48fb762fcf012e7f3
SSDEEP

49152:5TKkv00HtAulnTFiu7Fcwxn8zau9u50tnsLHHe/Gk/OEWxKTtbWICIAfMAlB5QNG:cKNAknTFAwRA20tnsLH+unEWhICZn5zx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/补丁安装器.exe

Files

19749435c265787fd8fbebb9a0520a88
.rar
155绿色软件站.url
.url
补丁安装器.exe
.exe windows:5 windows x86 arch:x86

5ab6d2e41c6f0facac460aa8ae123969

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32 kernel32

PostMessageA �H

Sections

CODE
Size: 1.6MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.haowz
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.haowz
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ