4ab4846124e6d5a6d278f8faf74a1bdc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ab4846124e6d5a6d278f8faf74a1bdc
Size

2.7MB
MD5

4ab4846124e6d5a6d278f8faf74a1bdc
SHA1

7d2ee5faac42befffdff4b2145dad947de9598a1
SHA256

514922e6d44b0603187da86a984e1d123e188aa1c270f23986b02e2688013f6d
SHA512

98f71bb479167ae1822fce4cc50ab0105f447d4092b1f642bc8952edc33ee735400e9c3c96b81002b3835bbaf8667c722c66a5b78e6ee67d726524a86cc45a45
SSDEEP

49152:8TQfxvzv1Zh/XxU2FWRWseqDwdPOujg1TqyEVV9nmWFRM9Z:HJvzvZBHWM5o1FEVVhm66

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CP_QQ随意邮.exe

Files

4ab4846124e6d5a6d278f8faf74a1bdc
.rar
CP_QQ随意邮.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 596KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

WinLicen
Size: 1.7MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
help.chm
.chm
新云软件.url
.url