b429a82b4e0eb7d8b64f8df790d3f57b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b429a82b4e0eb7d8b64f8df790d3f57b
Size

935KB
MD5

b429a82b4e0eb7d8b64f8df790d3f57b
SHA1

d9076a9bb97d830e68f35a0b1c6456c55bfbf42a
SHA256

b140ee238b269405c2cef1ed4a91709da271694134d945825853927192b50496
SHA512

b4a2a67402bb58015bac2ce1baa3fc9e40b224512ca09a72dd50ea1b5b11176504c495771c36282616938caaa45a451dc1dd596e8c3d51ff6b3e9350b70de10e
SSDEEP

24576:qZJAQK3p/Deankcn6MI3LCFAD6rKQaq5hTn4+6:qI33p/B6MIG6taxY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/XPlite.exe

Files

b429a82b4e0eb7d8b64f8df790d3f57b
.rar
License.txt
Readme.txt
XPLite License.txt
XPlite.chm
.chm
XPlite.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.main
Size: - Virtual size: 972KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 860KB - Virtual size: 860KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
lite_cn.utf8
新云软件.url
.url