4f73952f0db7fb3988a459adbe3cb0b1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4f73952f0db7fb3988a459adbe3cb0b1
Size

641KB
MD5

4f73952f0db7fb3988a459adbe3cb0b1
SHA1

a723bc6c50436bcec40dd4db9fdf050fbf9d9a5a
SHA256

96146f7269d77dd312efd6ac34f1bd0fbad1d7af51d1ef923f4c964d1ebb3ad2
SHA512

fbe8b1085d5064c56a8e7b58f1a4183b3b0ac0591742b12f08dba0222d45d6f5e7732034fa5e58cc9ba4f9f47f5f58f842403031fa66dc86b43648670fcc1887
SSDEEP

12288:7i9hwVHet/64KD2Ksl3LAWWbCz4c6teaKXxbnSnoJrS24MMQlu5vQUquQQ88:YYilbysh7Snu40s9r88

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/QuickRun.exe

Files

4f73952f0db7fb3988a459adbe3cb0b1
.rar
QuickRun.exe
.exe windows:1 windows x86 arch:x86

820ab24e53af2dbafc74d24f87e40262

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

MessageBoxA

comctl32

InitCommonControls

kernel32

LoadLibraryA
GetProcAddress

Sections

.shrink
Size: 408KB - Virtual size: 852KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shrink
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shrink
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shrink
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shrink
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shrink
Size: 512B - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shrink
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
help.chm
.chm
下载说明.htm
.html .js polyglot
说明.txt