5bac6e65f57110d78e67ae335dfe7d67 | Triage

Sharing

General

Target

5bac6e65f57110d78e67ae335dfe7d67
Size

3.1MB
MD5

5bac6e65f57110d78e67ae335dfe7d67
SHA1

270654890a6e96fc0f2f43901522420bb528965d
SHA256

bf2432a5e2b6f70b6843e09d6180a93b5f7b5a55019eeb7b4cb34884e5baeb2d
SHA512

9aa741997a8607aeac8fafabc7bba29ba6773c88f6f92b6906de7399fe5cbfa8dc7e4a6946b0c4f15ceb1d4147a9c7bcf2a18f67505d866564e0f1eb05dda59f
SSDEEP

98304:CLgxb5/K/b5zkFaBjLQaMG/+NxGV5iQ4i9:hl/IOF8jLQm6GeTM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/lzjpq5.0_skycn.exe

Files

5bac6e65f57110d78e67ae335dfe7d67
.rar
lzjpq5.0_skycn.exe
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
新云软件.url
.url