ba249bdc7b422f0ebbdaba5b7f51d7f8 | Triage

Sharing

General

Target

ba249bdc7b422f0ebbdaba5b7f51d7f8
Size

842KB
MD5

ba249bdc7b422f0ebbdaba5b7f51d7f8
SHA1

f77833ccbd8b29fcac16c48890689c61d4c2f210
SHA256

d0a300e4f383ec69a19a637b1c997cef17a873f40efe3363394184b3314d3617
SHA512

8f445ebb50454d963828580c9b6c16d5eae2166433555636243ae5f0159d36aa0fb237471235b5e17780b42ae38199b2ad51e384b07ad47070edec61e1042264
SSDEEP

12288:KBIa6ZrPwKv4Bve+W0ytqnMtMaaiaT1KNb8zSMqmSt0nKApzhygJO7/uVU:KBZibwa4WD0MuaTaTENbQTFn/z4H7/uC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/lxz20100101.exe

Files

ba249bdc7b422f0ebbdaba5b7f51d7f8
.rar
lxz20100101.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.nsp0
Size: - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 856KB - Virtual size: 860KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
新云软件.url
.url