b55329007ca589ca8e3eb77b1d01128c | Triage

Sharing

General

Target

b55329007ca589ca8e3eb77b1d01128c
Size

1.5MB
MD5

b55329007ca589ca8e3eb77b1d01128c
SHA1

3dd7d76b532919ab2627be7493daf79550b4590e
SHA256

45ff9af0174aa99fec93c37ab84271b2b75b447b4708eb208412ea6292e3c666
SHA512

7603b3ff758ac1ff04b60b86ac185a7b5734f4ac3abe9ec6e44f2dbdb5c6cb21ed61c1e9b713ff2d30aa6e6b4a4f3643457265db2318f231f8d1da5714a73f87
SSDEEP

24576:nM2WCQbUsaIL2OnpqvddD+DYTSwSj2aD4L6FL/9F1ocMDWVWWIMFEZOq4eT273:nM2WvUsabo2dC1RRxFzO4VFEseT8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/QQemailss/QQemail.exe

Files

b55329007ca589ca8e3eb77b1d01128c
.rar
QQemailss/QQemail.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 16KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 335KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
QQemailss/QQpz.ini
QQemailss/QQ邮件主题.ini
QQemailss/QQ邮件内容.ini
QQemailss/下载说明.htm
.html
QQemailss/旋风下载站.url