静电喷枪测试V1[.]0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

静电喷枪测试V1.0.exe
Size

296KB
MD5

25f998b3703d8e3675b48410c49bf38b
SHA1

712c8d1ea2680fd2795e1654b11db0f25a807ddc
SHA256

0a8dc7f88f861592ff6f8c409a78555a8640ea0c3bcfc75b04154d5028b45d27
SHA512

a0f43662ed12f850161de294515fc838cc653600ab7a911102590922bee92ab79c8d365676c5eae77c529844f202fab290eb65d30c1f1415c1257db194ee3486
SSDEEP

6144:JJ9OlzOqB/sRBy77/s17/L7/L7/L7/s17/sOB1RBy:AJOm/sRo7727j7j7j727DB1Ro

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
静电喷枪测试V1.0.exe

Files

静电喷枪测试V1.0.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Administrator\Desktop\pq_ts\source\ZigBeeApp\obj\Debug\静电喷枪测试V1.0 Design by JiangYan.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 218KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ