2d2ed8ea4dcb3353cf11dc564d5d2b79 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d2ed8ea4dcb3353cf11dc564d5d2b79
Size

1.1MB
MD5

2d2ed8ea4dcb3353cf11dc564d5d2b79
SHA1

e0ff560ddd4fbdff562b9197242902a0ce10a0c8
SHA256

a61a3632c65bca71fb26625d99f36785d4139dc1c5994aa99ce53b3ecd1b2c73
SHA512

b98121009dc8f7de7066cb65164a333819fc7a44d6b755c6b71d503221db32b36037212a69db4e944b3d3dfaf708a8848de908d9d173afe88aa7ef49406468ae
SSDEEP

24576:UQErIgfgHBbs7T371/z+LvxDEplenZiB8IQwUNqgrWSgHJSW5U:UURboTxgvMleIBttT71vi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/HA_CPUMon-v146_CZ.EXE

Files

2d2ed8ea4dcb3353cf11dc564d5d2b79
.rar
HA_CPUMon-v146_CZ.EXE
.exe windows:4 windows x86 arch:x86

37c0608f24ea4f5b69005df26d5dd626

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress

Sections

.text
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.LordFox
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
下载说明.htm
.html .js polyglot
安装说明.txt
非常世纪资源网.url
.url