4e25a76f5f9d3873bb746f2fd5e35e19 | Triage

Sharing

General

Target

4e25a76f5f9d3873bb746f2fd5e35e19
Size

4.9MB
MD5

4e25a76f5f9d3873bb746f2fd5e35e19
SHA1

2318a1028e196cf7614e21504bc4e0eb64149791
SHA256

e9821cadf33dfdeb0b7f1bf2fdcc519e870250f32c5f60ee470510ec5db9a4be
SHA512

0072eeafb70ee7f0a8d1ede6e705b1596b6dbe2f69497da05e37af88628b414c518c1456f0c021977729b7154f0809072ffe45fdb910d66a930e60ced1ee108b
SSDEEP

98304:VKlmolN3w/ZO9sI7N9LphzMKdKwULuvsqouqtZB2r/IC60H4gDe:4lmolyhO2ATLphawGuvsRuwx0dC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/koanvcd.exe

Files

4e25a76f5f9d3873bb746f2fd5e35e19
.rar
koanvcd.exe
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
新云软件.url
.url