General

  • Target

    4c1211b1a94374690c8d81598cd4be92

  • Size

    1.7MB

  • MD5

    4c1211b1a94374690c8d81598cd4be92

  • SHA1

    aa9f49e5d7571763d95be0cc4889175bb94fa1d3

  • SHA256

    7aaf6f7c309684631fb7db4ac1084abb040016655eaa6346e1b3770a099360c1

  • SHA512

    44fcfdc9b10bda07c88ba081103d4e34238c74a68d839d7fc841bec3e2db4ede5044483dc531f8f8efaa2155ca02a44deea7c016608b414a77182244b119083d

  • SSDEEP

    49152:wnESqgWg+GDL1Ko0EdVIwgYdVNndQHAfikRkFE+K+f4b:gESqQ+Gn1Ko9SY9nHfv2FE3Rb

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4c1211b1a94374690c8d81598cd4be92
    .rar
  • Windows增强型记事本/Config.ini
  • Windows增强型记事本/Help.CHM
    .chm
  • Windows增强型记事本/MSCOMCTL.OCX
    .dll regsvr32 windows:4 windows x86 arch:x86

    b22bd7d6f2b83c193c4c7e9c0a2de8b2


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Windows增强型记事本/NOTEBOOK.EXE
    .exe windows:4 windows x86 arch:x86

    238170b4a067df6c79bb8acedf9b3235


    Headers

    Imports

    Sections

  • Windows增强型记事本/新云软件.url
    .url
  • Windows增强型记事本/说明.txt