eb8c7d4a1998329c4e909b59f8e68b4420d07f6eea6ca07cec17ba8ea7c52e90

General

Target

eb8c7d4a1998329c4e909b59f8e68b4420d07f6eea6ca07cec17ba8ea7c52e90
Size

222KB
MD5

39b4bf9b6bd3e6e17a5b93377380f2d8
SHA1

db3bdb8e80069582dae6c824e11476a89ed83be4
SHA256

eb8c7d4a1998329c4e909b59f8e68b4420d07f6eea6ca07cec17ba8ea7c52e90
SHA512

c711454827c324c5bcd108a5ff5ab453195135bf3d108c94df5f35572b9bb9926211483ed313a04c5def92b116287a1d643dc27331e251a45d9956ac6a6470e6
SSDEEP

6144:m4F2k87I455797MGDLXmcPJ+iW3P6KgsQABVeCN:m4l8Z997MGDLZP4S7RABVeCN

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/方方格子Excel工具箱注册机2022.exe
unpack001/方方格子注册机/FFCellOfflineRegister.exe

Files

eb8c7d4a1998329c4e909b59f8e68b4420d07f6eea6ca07cec17ba8ea7c52e90
.zip
方方格子Excel工具箱注册机2022.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Time0
Size: - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Time1
Size: 278KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
方方格子注册机/FFCellOfflineRegister.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
方方格子注册机/FFCellOfflineRegister.pdb

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: - Virtual size: 21KB

.Time0 Size: - Virtual size: 181KB

.Time1 Size: 278KB - Virtual size: 278KB

.rsrc Size: 33KB - Virtual size: 33KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 16KB - Virtual size: 16KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: - Virtual size: 21KB

.Time0
Size: - Virtual size: 181KB

.Time1
Size: 278KB - Virtual size: 278KB

.rsrc
Size: 33KB - Virtual size: 33KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B