1af433e2e0f724339ce00808b7275bfd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1af433e2e0f724339ce00808b7275bfd
Size

1.2MB
MD5

1af433e2e0f724339ce00808b7275bfd
SHA1

f9c6c2468e202acbb0cc6d8201b7cb34538ed74d
SHA256

7f05336bf73e22580691588f731295c8e899a0ea3c279b268381b032efd4c99a
SHA512

3e030c0220b485557df1b3975267280e6344285e9c896316cb003b1f7205306ba65c6838c52bc2667fd774d63f88179615594cc9fe25beaaabda87b765f2527c
SSDEEP

24576:FA4vAs0pURSWCw1/RexIH3uhBu5r2EyTx7oGG2uiyneBNEQ4Bvvf:Gi0enjBiBu5NGpGxiXvb4V3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/asd/脑筋转转转.exe

Files

1af433e2e0f724339ce00808b7275bfd
.rar
asd/riddle.ffmx
asd/下载说明.htm
.html .js polyglot
asd/脑筋转转转.exe
.exe windows:4 windows x86 arch:x86

3c0e70bfa5f73f1f1cef484e2bcb5bf8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA

user32

MessageBoxA

Sections

CODE
Size: 608KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 7KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 81KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
下载说明.htm
.html .js polyglot