54e79d2f59d1fcd653c2e7ef52b53e42 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

54e79d2f59d1fcd653c2e7ef52b53e42
Size

53KB
MD5

54e79d2f59d1fcd653c2e7ef52b53e42
SHA1

9747eab62af6a85ef7f735fdd01e481b87ea16f4
SHA256

28cfa07d9f736af71356cb256ea5d7c73431fb37fbfcb5ec24a0e15297ef5b21
SHA512

9c5c6eba95aa45c9567cafb7c7116d812fce1e615f42ebfae59e47c1c2303bf8b1afcd35d6c82a42a354f215fdb2dd39799842526ae20b863c047d1a361ad547
SSDEEP

768:ShgdhoXiMB3C3qEeccEnSou/1veCwlf//ETY/YB68CzCUTEg8XrVzVAy1uTXucVD:Sy2St3qOnSou3qfT1zCRdV31rcVmp9q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ha_Procx-v1.00/ProcX.exe

Files

54e79d2f59d1fcd653c2e7ef52b53e42
.rar
ha_Procx-v1.00/ProcX.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 21KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 26KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.flat
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ha_Procx-v1.00/新云软件.url
.url