d77b93bc81ef7a8fd12406887c648406 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d77b93bc81ef7a8fd12406887c648406
Size

561KB
MD5

d77b93bc81ef7a8fd12406887c648406
SHA1

51a8e96ca020585a30fdf09d39148df7589e769c
SHA256

03e2a45acaabfa1805ef2d4551184ae57bbbee3699475e689063230cb65fbb0d
SHA512

e6cfb7d9e4524662aa54b05c3cc1f4832641ad2713306276372174600e68ea6dbd552fa85bc6ba3ccb19100bdbc7ebba8ff9b5f8f7f2a1b2d0f197e124448a73
SSDEEP

12288:lgrPWlqySHoLtoNII0+wOpKD1WP4WdN01DzB5VhgGVzGi0cet:WrPom2q0+revWdC1DzBL5hu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/收发文件管理系统/wjgl.exe

Files

d77b93bc81ef7a8fd12406887c648406
.rar
下载说明.htm
.html .js polyglot
收发文件管理系统/wjgl.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

nsp0
Size: - Virtual size: 624KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nsp1
Size: 557KB - Virtual size: 563KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
收发文件管理系统/下载说明.htm
.html .js polyglot
收发文件管理系统/说明.txt