aab9d5eddc210338513bbd78a0e46d20 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aab9d5eddc210338513bbd78a0e46d20
Size

506KB
MD5

aab9d5eddc210338513bbd78a0e46d20
SHA1

a19a50ddda1daaefee3d2b8aba86a7b0136b99f7
SHA256

4bcfb83756291006088caa023b80a9f49081ee070d4e7f714ff3fa51653373cc
SHA512

905cd40a774eb9bbe9d9c115f7ffe73192c23b7418fc19bcc356bb89dea06ab8e928ab0f2d173a2de07adf9068d042013f379b7f8d37f6361293eee08a26f9a6
SSDEEP

12288:nNSEUEs45AtNALM14lSME5NcWKiMyCSo7iU2Ph0rRfkJK8:nNPUg0oM1uEz+iMyCSo5fkJD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ColorSnap/ColorSnap.exe

Files

aab9d5eddc210338513bbd78a0e46d20
.rar
ColorSnap/ColorSnap.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 7KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ColorSnap/ColorTable.htm
.html
ColorSnap/ReadMe.txt
ColorSnap/store.nwd
ColorSnap/下载说明.htm
.html .js polyglot
下载说明.htm
.html .js polyglot