8d2f72f4b2eb1dfab197db1d68eb6673 | Triage

Sharing

General

Target

8d2f72f4b2eb1dfab197db1d68eb6673
Size

753KB
MD5

8d2f72f4b2eb1dfab197db1d68eb6673
SHA1

635aed3d62ca6d307b8452faef06ecf411ec4642
SHA256

1f7f100a17ea0e1893eeccb3fee16fc028e1e9bec94904b02d1a1d867466c0bb
SHA512

05b3913b6d5f4a21c18797001feeed8e0a30f8654887a4248eda4ece9d81ca8006bcecafe7a2f9fdeea5a60a559f0bebbcfdad71cba516d1ba8dd672271e7ad9
SSDEEP

12288:fE2XkxGrh9x3ZrKBj4TfQhJeKmPIYpD8ViCRMW/FkL+fZSxircJBoeghAddC:fE20x6P/+2YhxmZDk9/FM+fBrcJ6eghP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/jcjwcj95.exe

Files

8d2f72f4b2eb1dfab197db1d68eb6673
.rar
jcjwcj95.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
新云软件.url
.url