Ls_Update[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Ls_Update.exe
Size

143KB
MD5

f712fc7213de154c4ef7232829df883b
SHA1

b76de3876a02c4bcb732e04303e75bcc1d042df0
SHA256

b54f910ae015885b6ab5e223430b8420bd1f6509fff4d738e72ae773720e494b
SHA512

a3b778e4d1a0672781efbd76d26f54d66bfd9b2cecd87e1e3e93ea0b025b3c75799b97b458ec52744e0f8cfeaee2cde0c27a2ffdcf84f2da8f82e6e2311c6e78
SSDEEP

384:SvopoXzoCOV2efhyxekvwKwq6uzY9OyaRt9ewrGaWp8zaY9OyaRt9ewrGaWp91:qopoXzoLOx6OZRt96a2AOZRt96a291

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Ls_Update.exe

Files

Ls_Update.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\ERP_CS\插件库\Lskj.Update\obj\x86\Debug\Ls_Update.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ