2ae0d307bd527dd0c4ed83fc738b90bb

Sharing

Copy URL

Twitter E-mail

General

Target

2ae0d307bd527dd0c4ed83fc738b90bb
Size

1.9MB
MD5

2ae0d307bd527dd0c4ed83fc738b90bb
SHA1

87355a42fa409ccff74f1499ce80e2d30d2f0b18
SHA256

de4e2737b3ade3dd46461c2c658c2045a4a8f6b0c6598b2bf084aa98b062e99d
SHA512

9313ea6edfa91f1f6515edcb81b5fc1f65c96361e2d2e48a18d30a1e2370477ca5d93e0f6fdd64cb623e6547279f60ff44424b241cd33599c220a5c6d6f4525b
SSDEEP

49152:6WROkPY+VSXCX2T2I9H9AgwrpQY3gby6Gs3bKNT2iKe5:vFSfdKiYCGs0KI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/473110835/f_ssgl.exe

Files

2ae0d307bd527dd0c4ed83fc738b90bb
.rar
473110835/DL_MAIN.PAS
473110835/DL_MAIN.ddp
473110835/DL_MAIN.dfm
473110835/HELP.CHM
.chm
473110835/U_editbase.dcu
473110835/U_editbase.ddp
473110835/U_editbase.dfm
473110835/U_editbase.pas
473110835/U_look.dcu
473110835/U_look.ddp
473110835/U_look.dfm
473110835/U_look.pas
.js
473110835/Unit2.ddp
473110835/Unit2.dfm
473110835/Unit2.pas
473110835/bdemerge.ini
473110835/data/30.db
473110835/data/DBDWORK.INI
473110835/data/already_class.db
473110835/data/apply.DB
473110835/data/apply.FAM
473110835/data/apply.PX
473110835/data/apply.TV
473110835/data/apply.VAL
473110835/data/apply.X02
473110835/data/apply.XG0
473110835/data/apply.Y02
473110835/data/apply.YG0
473110835/data/class_base.PX
473110835/data/class_base.db
473110835/data/czy.PX
473110835/data/czy.db
473110835/data/date.db
473110835/data/dl.DB
473110835/data/dl.FAM
473110835/data/dl.PX
473110835/data/dl.TV
473110835/data/dljl.DB
473110835/data/first.FAM
473110835/data/first.TV
473110835/data/first.db
473110835/data/fj.DB
473110835/data/kc30.db
473110835/data/kc31.FAM
473110835/data/kc31.TV
473110835/data/kc31.db
473110835/data/kc41.db
473110835/data/kc42.db
473110835/data/kc43.db
473110835/data/kc45.db
473110835/data/kc_base.DB
473110835/data/pk30.db
473110835/data/pk31.db
473110835/data/pk41.db
473110835/data/pk_sign.PX
473110835/data/pk_sign.X02
473110835/data/pk_sign.XG0
473110835/data/pk_sign.Y02
473110835/data/pk_sign.YG0
473110835/data/pk_sign.db
473110835/data/pkdate.mdb
473110835/data/room_base.db
473110835/data/set_week.db
473110835/data/tech_base.db
473110835/data/tech_gc.db
473110835/data/temp.DB
473110835/data/temp2.DB
473110835/data/xuexiao.DB
473110835/data/xuexiao.FAM
473110835/data/xuexiao.PX
473110835/data/xuexiao.TV
473110835/dl_main.dcu
473110835/dlll.dcu
473110835/dlll.ddp
473110835/dlll.dfm
473110835/dlll.pas
473110835/f_ssgl.cfg
473110835/f_ssgl.dof
473110835/f_ssgl.dpr
473110835/f_ssgl.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 9KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
473110835/f_ssgl.hm3
473110835/f_ssgl.res
473110835/main.dcu
473110835/main.ddp
473110835/main.dfm
473110835/main.pas
.js
473110835/new.dcu
473110835/new.ddp
473110835/new.dfm
473110835/new.pas
473110835/password.dcu
473110835/password.ddp
473110835/password.dfm
473110835/password.pas
473110835/pk.ini
473110835/report.ddp
473110835/report.dfm
473110835/report.pas
473110835/report/pkb.frf
473110835/ssgl.dcu
473110835/ssgl.dfm
473110835/ssgl.pas
473110835/techer.ini
473110835/u_abort.dcu
473110835/u_abort.ddp
473110835/u_abort.dfm
473110835/u_abort.pas
473110835/u_add_user.dcu
473110835/u_add_user.dfm
473110835/u_add_user.pas
473110835/u_apply.dcu
473110835/u_apply.ddp
473110835/u_apply.dfm
473110835/u_apply.pas
473110835/u_base.dcu
473110835/u_base.ddp
473110835/u_base.dfm
473110835/u_base.pas
473110835/u_data.dcu
473110835/u_data.ddp
473110835/u_data.dfm
473110835/u_data.pas
473110835/u_edit_kc.dcu
473110835/u_edit_kc.ddp
473110835/u_edit_kc.dfm
473110835/u_edit_kc.pas
473110835/u_gzshow.dcu
473110835/u_gzshow.ddp
473110835/u_gzshow.dfm
473110835/u_gzshow.pas
473110835/u_in_pk.dcu
473110835/u_in_pk.dfm
473110835/u_in_pk.pas
473110835/u_set_tj.dcu
473110835/u_set_tj.ddp
473110835/u_set_tj.dfm
473110835/u_set_tj.pas
.js
473110835/u_wrong.dcu
473110835/u_wrong.ddp
473110835/u_wrong.dfm
473110835/u_wrong.pas
473110835/yhdl.dcu
473110835/yhdl.ddp
473110835/yhdl.dfm
473110835/yhdl.pas
473110835/zjyh.dcu
473110835/zjyh.ddp
473110835/zjyh.dfm
473110835/zjyh.pas
473110835/下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 1.9MB - Virtual size: 1.9MB

DATA Size: 19KB - Virtual size: 19KB

BSS Size: - Virtual size: 9KB

.idata Size: 12KB - Virtual size: 11KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 127KB - Virtual size: 126KB

.rsrc Size: 1.0MB - Virtual size: 1.0MB

CODE
Size: 1.9MB - Virtual size: 1.9MB

DATA
Size: 19KB - Virtual size: 19KB

BSS
Size: - Virtual size: 9KB

.idata
Size: 12KB - Virtual size: 11KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 127KB - Virtual size: 126KB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB