411f8d5ac6df118feadaaf394a381432 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

411f8d5ac6df118feadaaf394a381432
Size

749KB
MD5

411f8d5ac6df118feadaaf394a381432
SHA1

f8832fb793ac49ca4d361d34e04e1a591a0077f0
SHA256

0660437c3efc9ed5d827ba98429a6b3ea6995daefbf8727b9bebf8bf9ce1493f
SHA512

a06163bdf1bc4eafca09fd08e0e5f2c233b01dd7a462d7bf2ba39ad82905a875a677db3767aa0fbca71dafc4884872da9ee2d9e0b76dad4f73c054d326795386
SSDEEP

12288:uGM7JcpGmT/0YpHsDESaK5IGkw9BUkLs3CORAaShBIQcjvgR9tv+FVvazBVdTmg4:0JAGmT0AKESa4kUUkolKaS+YWFVvazBI

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/nspack/Setup.exe
unpack001/nspack/nSpack.exe

Files

411f8d5ac6df118feadaaf394a381432
.rar
nspack/NSPACK.CHM
.chm
nspack/Setup.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

nsp0
Size: 112B - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nsp1
Size: 125KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
nspack/nSpack.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

nsp0
Size: 407B - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nsp1
Size: 296KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
nspack/下载说明.htm
.html .js polyglot
下载说明.htm
.html .js polyglot