c810a9ea3819cd959568b7645075ecca | Triage

Sharing

General

Target

c810a9ea3819cd959568b7645075ecca
Size

3.4MB
MD5

c810a9ea3819cd959568b7645075ecca
SHA1

ba7c07e773d45dbe67342ed83667cd6a988cb34e
SHA256

0eee699e3cb23d2c54e5268b231a8751bcfd05f980088a82af0f90f99448ba34
SHA512

f4286dcd9c3abd9a890f81cce7a830e84063071bb1e0156163321157f1c35752b77568c3d7d128be3c668b371ae9a8b9d3790a554b9fb3d6a7e179e080e7133c
SSDEEP

98304:O2wMEHSy1ijElYJaJUoMCtA4QIGbjd44IVRMapZdQezCXNG1:KDyvYYI6ohtAHIV/NC9G1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/tjydhz2005.exe

Files

c810a9ea3819cd959568b7645075ecca
.rar
tjydhz2005.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
下载说明.htm
.html .js polyglot