3a803552dc0e95ccc9a165e0c401d4d8f167a505c91aa1f9fa442c30bc70a97d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a803552dc0e95ccc9a165e0c401d4d8f167a505c91aa1f9fa442c30bc70a97d
Size

111KB
MD5

004169d5fe56d2308d64333d56b511d8
SHA1

7f255bf4dd468413f0a560da167a18f2be6ade57
SHA256

3a803552dc0e95ccc9a165e0c401d4d8f167a505c91aa1f9fa442c30bc70a97d
SHA512

52e821a9e70d1bd91bf70adbaa3841a766405b6823fe3f83c148345f1cd4cdf30a5fed0c0c974219012a055b832eef7e63757909e86b13087a428c092a2233dc
SSDEEP

3072:JxGpBIWrDxouR5dH+a1AjA63+S0+f2v2bhA+cMlJh:J1w893gHvM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a803552dc0e95ccc9a165e0c401d4d8f167a505c91aa1f9fa442c30bc70a97d

Files

3a803552dc0e95ccc9a165e0c401d4d8f167a505c91aa1f9fa442c30bc70a97d
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\lizhihao\Downloads\阀控HMIv1 (2)\Temp\obj\x86\Release\阀控HMIv1.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ