8ede8c6eec68ff8b7a078c558e802e69 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ede8c6eec68ff8b7a078c558e802e69
Size

4KB
MD5

8ede8c6eec68ff8b7a078c558e802e69
SHA1

728f5bba055b647ed304e42f4dd0294559e624ab
SHA256

7bcb73282ae8c17cba59fea58cdc905a4322488c60128217c7b0ce87cacbc80e
SHA512

b4347e0ac1f5db8bac33c5f4efd73697c7361c5be3f93adb9f329ce040a88416b5397f074b7a0f67000d495ee42a800b6d8ac160ed2b9bfea8e1bf279f3a3fb7
SSDEEP

96:kyedwfQaCvc8p0OyPqEsvCJmwVm8ASNuTFxsuIiyjK39DyIASFO7:kyakExRBvcmwVmhSYTFxsuI7jK1b87

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/jianfan/繁体转换器.exe

Files

8ede8c6eec68ff8b7a078c558e802e69
.rar
jianfan/繁体转换器.exe
.exe windows:4 windows x86 arch:x86

31be2d0fed513835e01a49fe34a4475d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord595
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord717
ProcCallEngine
ord100

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
jianfan/绿盟-首页.url
.url