7af657b0e31027457377b49c1a88d7ab | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7af657b0e31027457377b49c1a88d7ab
Size

158KB
MD5

7af657b0e31027457377b49c1a88d7ab
SHA1

5b61aa14352629181cc451c0f46e31acc92d6564
SHA256

4155cfeaa369a06777cf455040df5d1c6700f29cbbfd80a08b3eb3bafbb29b65
SHA512

22f37f20263d4a0491a8e37c51ea6e54e6365a56762be512fd392e8e8f57de99d98b80acdce1b2c431434af593e80af153e3758e7568b8465900bfd65e70af68
SSDEEP

3072:ikkFGsoefIY1Eea7K1JcbEQoBW/j2/W0cgeONI7ZTUWLOm2MpBiQb/wS20gM7v/3:ikkE4Zy7K1qElwj2z7NIieOm2E8Qb32M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PubwinEP蓝屏修复.EXE

Files

7af657b0e31027457377b49c1a88d7ab
.zip
Laping.reg
PubwinEP蓝屏修复.EXE
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 10KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 12B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ep.reg