5b6654d6f907d26d2626a046c57898b6 | Triage

Sharing

General

Target

5b6654d6f907d26d2626a046c57898b6
Size

1.1MB
MD5

5b6654d6f907d26d2626a046c57898b6
SHA1

91929eb0e205c2588aea1747781bbda693a506cf
SHA256

7e3470c65061ff390bf0685ea367546acfc5dd00e99b58dade29fb03f86c417b
SHA512

541a2164fee7f445fbfc54f06c0b7d7de2e95a537c8b98082ee5069ea6510cbaf2509fa382e25263cec0ebbe5aab4ea5e5ca9db3c30d639a60ad59703750c43c
SSDEEP

24576:973GyBE7BBRvens6S6tq/voDZAsiw7NuwQUtchh2KD2neM5mRtnnryA9:972pRenDs0Csi6iYy99

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/店铺利润小精灵.exe

Files

5b6654d6f907d26d2626a046c57898b6
.rar
data.mdb
店铺利润小精灵.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 831KB - Virtual size: 831KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
新云软件.url
.url