4cba97f17bb5eae5[.]7z | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4cba97f17bb5eae5.7z
Size

9KB
MD5

af6485597248b08711786c836557b14b
SHA1

bc6ce9559a557a49837a461d240d952be103a918
SHA256

246b65f0ca25ab4ce728a01a1187e0405819202f104aa31e494e2dd8d716ecf1
SHA512

dc9f3b18ca97b27dc707c1631130c52c2513b9ad88fe72310049551412e60c39a1207f9699d70e36f7032bc7d0802b906fcad7bd47e063ec04749d87733f472e
SSDEEP

192:Az41v+Hzdrjh9nSiAm14FnQ+0FIeYcoi2HQIURpKOOXV8K:Az4lsx4J0o3QIkuXV8K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/xor.exe

Files

4cba97f17bb5eae5.7z
.7z
xor.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\10608\source\repos\xor\xor\obj\Release\xor.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
xor.exe.config
xor.pdb
说明.txt