f943d0e4be29abc739a658ca25c068884d52f258e99e4784146770c234b9b8ce | Triage

Sharing

General

Target

f943d0e4be29abc739a658ca25c068884d52f258e99e4784146770c234b9b8ce
Size

7.3MB
MD5

0bdb466b73541e13dde8618712b3e07f
SHA1

025445867adb479e434ab78604785116fe52a94b
SHA256

f943d0e4be29abc739a658ca25c068884d52f258e99e4784146770c234b9b8ce
SHA512

0bb2a30954881a5c07aa248865d205e15033f8dac9ddcf8247c2ec728dc424484d5a72fec5127066348d6abf008c62cdd17b5160dbd4acf253fd5c968c162e5e
SSDEEP

196608:MCh83PaiF5kdtoFrfuzOu+tUnNeVKKREUq:vi/ykZfuzOuVNed

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f943d0e4be29abc739a658ca25c068884d52f258e99e4784146770c234b9b8ce

Files

f943d0e4be29abc739a658ca25c068884d52f258e99e4784146770c234b9b8ce
.dll windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

GameLogin
InitGame
QQPwd
Tlv0511
__get_byte
__set_byte
utf8togb2312

Sections

Size: 5.7MB - Virtual size: 8.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bbrzmmqm
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jonlvrmc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE