sogou_pinyin_setup[.]exe[.]vir | Triage

Sharing

General

Target

sogou_pinyin_setup.exe.vir
Size

27.2MB
MD5

baa2dd7792ec4a2eb7ce1f264f00dbe7
SHA1

3583d8a85186109df28777ef5b6f488c36953e52
SHA256

b744434a869151f18941e0beca35a2b882b9e76a84e5fac9aeaaa01442e00730
SHA512

45e128b63b3d50d2edc76c85ee0efe678c92f9b9ed6d024a5aaab012af4c9964f34fadd52f5a36564ea3b9870e29e485bd4cfc3b90d6b961929a5a640394f21e
SSDEEP

393216:SFvXwZ28wyvVFU66M0YN1FHXkBxabTmRHWfAcmbOowkkVAeAGhQfJ58b:eP82fydFrL1lXkBxabCJ4AcmZV6Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
sogou_pinyin_setup.exe.vir

Files

sogou_pinyin_setup.exe.vir
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 25.0MB - Virtual size: 25.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ