2b234a508997eeef957d6b260fb7a5e3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b234a508997eeef957d6b260fb7a5e3
Size

5.5MB
MD5

2b234a508997eeef957d6b260fb7a5e3
SHA1

529b8df22f485397f8a26c9d63e34fda73b2274e
SHA256

3ff8b3296cc95d4b16bdecc726238115e9f4b6e2c936de1d8c98cf36e15c5163
SHA512

3b3499a2b235e5fc2ea760c4592adfa13254b10dc0d2aaee688309248875327c8ebbe35f461d17a1000a919660e24d0d5181d239eb9cc749f7b647451723ba45
SSDEEP

98304:mlwnzR0dFQfDhwascwjmd1IOHUMpnrx61DtI4Kcak+HQuq2rbNlpNbfqdQjXlhn:owzR0W+/4I/2S5I4KcB+HF1bzfqcjn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/install.exe

Files

2b234a508997eeef957d6b260fb7a5e3
.rar
install.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 512KB - Virtual size: 512KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 11KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
logo.gif
.gif
readme.txt
下载说明.htm
.html .js polyglot