79d4f8d5dabeba65d2a6dae2484f82e88dd77282821645f59fca5ba5d48a9336 | Triage

Submit
Reports

Overview

overview

3

Static

static

1

79d4f8d5da...36.exe

windows7-x64

3

79d4f8d5da...36.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

79d4f8d5dabeba65d2a6dae2484f82e88dd77282821645f59fca5ba5d48a9336.exe

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

79d4f8d5dabeba65d2a6dae2484f82e88dd77282821645f59fca5ba5d48a9336.exe

Resource

win10v2004-20240419-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

79d4f8d5dabeba65d2a6dae2484f82e88dd77282821645f59fca5ba5d48a9336
Size

107KB
MD5

0205623a120fc7311c824429f94de3cc
SHA1

8b88f2e36edbd6c2d63aae9f3bd5386703775035
SHA256

79d4f8d5dabeba65d2a6dae2484f82e88dd77282821645f59fca5ba5d48a9336
SHA512

3a7e7af6ead6ef1512cc636b91491dfed806a8dda369acc5b3a989d192a97dd3061cbf2a55bb6ad919a48de471e91f093e6072a655cc85e358c7e6f1755c24e8
SSDEEP

3072:6ROdLCrvStpWkEWd9JiyEEeMgmSFICJ2Yt7TX14fa3rGn6f8N:eELJidz2YtF4aqJ

Score

1^/10

Malware Config

Signatures

Files

79d4f8d5dabeba65d2a6dae2484f82e88dd77282821645f59fca5ba5d48a9336
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

70:79:32:88:cc:97:a5:4c:b9:18:cf:d0:80:1b:f9:5e
Certificate

Issuer

CN=河南开扩智能科技有限公司

Not Before

31/12/2019, 16:00

Not After

31/12/2098, 16:00

Subject

CN=河南开扩智能科技有限公司

15:f7:1d:ea:2e:68:d0:59:f3:95:94:92:f1:35:42:c5:a7:d3:ee:23
Signer

Actual PE Digest

15:f7:1d:ea:2e:68:d0:59:f3:95:94:92:f1:35:42:c5:a7:d3:ee:23

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\Project\GY.ERP\ERP\ERP.Win\obj\Release\ERP.Win.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy