Static task
static1
Behavioral task
behavioral1
Sample
新云软件.url
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
新云软件.url
Resource
win10v2004-20231215-en
Behavioral task
behavioral3
Sample
绿色进销存2.0.exe
Resource
win7-20231215-en
Behavioral task
behavioral4
Sample
绿色进销存2.0.exe
Resource
win10v2004-20231222-en
General
-
Target
8f0e8289393b77b2a6e319a553e098f8
-
Size
379KB
-
MD5
8f0e8289393b77b2a6e319a553e098f8
-
SHA1
ab51181006472034a7f2c90fce1089b8b67b7051
-
SHA256
b5f5c7f6146dbba3a3115d7219ee9e01218af5ab339f1be7da95c5d0b43c6ddc
-
SHA512
bc7eaa338112a620a3571e1bdbcfe75ca9a8dadfb720092c692b80b2ecb0c51399b051bf1b9ea458c2d3a1e1648b27000670f8840232cfb8945926a1132b04b8
-
SSDEEP
6144:AeSaeDCu+xaT/ePHcmrY1OUP7qyhpqpJq7+5efqLM6Vqii+f7ecZ/W:A6eDwx+/eEmQOQGyDGq76t7VDnZe
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/绿色进销存2.0.exe
Files
-
8f0e8289393b77b2a6e319a553e098f8.rar
-
sjq/hhgzs/cpfl.ini
-
sjq/hhgzs/sjq1.ini
-
sjq/hhgzs/sjq10.ini
-
sjq/hhgzs/sjq11.ini
-
sjq/hhgzs/sjq12.ini
-
sjq/hhgzs/sjq13.ini
-
sjq/hhgzs/sjq14.ini
-
sjq/hhgzs/sjq15.ini
-
sjq/hhgzs/sjq16.ini
-
sjq/hhgzs/sjq17.ini
-
sjq/hhgzs/sjq18.ini
-
sjq/hhgzs/sjq19.ini
-
sjq/hhgzs/sjq2.ini
-
sjq/hhgzs/sjq20.ini
-
sjq/hhgzs/sjq21.ini
-
sjq/hhgzs/sjq22.ini
-
sjq/hhgzs/sjq23.ini
-
sjq/hhgzs/sjq24.ini
-
sjq/hhgzs/sjq25.ini
-
sjq/hhgzs/sjq26.ini
-
sjq/hhgzs/sjq27.ini
-
sjq/hhgzs/sjq28.ini
-
sjq/hhgzs/sjq29.ini
-
sjq/hhgzs/sjq3.ini
-
sjq/hhgzs/sjq30.ini
-
sjq/hhgzs/sjq4.ini
-
sjq/hhgzs/sjq5.ini
-
sjq/hhgzs/sjq6.ini
-
sjq/hhgzs/sjq7.ini
-
sjq/hhgzs/sjq8.ini
-
sjq/hhgzs/sjq9.ini
-
sjq/hhgzs/zch.ini
-
sjq/hhgzs/zch1.ini
-
sjq/hhgzs/zch10.ini
-
sjq/hhgzs/zch2.ini
-
sjq/hhgzs/zch3.ini
-
sjq/hhgzs/zch4.ini
-
sjq/hhgzs/zch5.ini
-
sjq/hhgzs/zch6.ini
-
sjq/hhgzs/zch7.ini
-
sjq/hhgzs/zch8.ini
-
sjq/hhgzs/zch9.ini
-
sjq/sjqjh/sjq1.ini
-
sjq/sjqjh/sjq10.ini
-
sjq/sjqjh/sjq11.ini
-
sjq/sjqjh/sjq12.ini
-
sjq/sjqjh/sjq13.ini
-
sjq/sjqjh/sjq14.ini
-
sjq/sjqjh/sjq15.ini
-
sjq/sjqjh/sjq16.ini
-
sjq/sjqjh/sjq17.ini
-
sjq/sjqjh/sjq18.ini
-
sjq/sjqjh/sjq19.ini
-
sjq/sjqjh/sjq2.ini
-
sjq/sjqjh/sjq20.ini
-
sjq/sjqjh/sjq21.ini
-
sjq/sjqjh/sjq22.ini
-
sjq/sjqjh/sjq23.ini
-
sjq/sjqjh/sjq24.ini
-
sjq/sjqjh/sjq3.ini
-
sjq/sjqjh/sjq4.ini
-
sjq/sjqjh/sjq5.ini
-
sjq/sjqjh/sjq6.ini
-
sjq/sjqjh/sjq7.ini
-
sjq/sjqjh/sjq8.ini
-
sjq/sjqjh/sjq9.ini
-
sjq/sjqxh/sjq1.ini
-
sjq/sjqxh/sjq10.ini
-
sjq/sjqxh/sjq11.ini
-
sjq/sjqxh/sjq12.ini
-
sjq/sjqxh/sjq13.ini
-
sjq/sjqxh/sjq14.ini
-
sjq/sjqxh/sjq15.ini
-
sjq/sjqxh/sjq16.ini
-
sjq/sjqxh/sjq17.ini
-
sjq/sjqxh/sjq18.ini
-
sjq/sjqxh/sjq19.ini
-
sjq/sjqxh/sjq2.ini
-
sjq/sjqxh/sjq20.ini
-
sjq/sjqxh/sjq21.ini
-
sjq/sjqxh/sjq22.ini
-
sjq/sjqxh/sjq23.ini
-
sjq/sjqxh/sjq24.ini
-
sjq/sjqxh/sjq3.ini
-
sjq/sjqxh/sjq4.ini
-
sjq/sjqxh/sjq5.ini
-
sjq/sjqxh/sjq6.ini
-
sjq/sjqxh/sjq7.ini
-
sjq/sjqxh/sjq8.ini
-
sjq/sjqxh/sjq9.ini
-
新云软件.url.url
-
绿色进销存2.0.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 988KB - Virtual size: 985KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 4KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
rsrr Size: 2KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE