f447772ef46c613bd93ae45f482e8687242f4658c6030eb79be41f8650e21543 | Triage

Sharing

General

Target

f447772ef46c613bd93ae45f482e8687242f4658c6030eb79be41f8650e21543
Size

67KB
MD5

e3ece5a6447024cecc678a93070d22eb
SHA1

06243fed845427242b2afee40ba1ddd3f9f23d66
SHA256

f447772ef46c613bd93ae45f482e8687242f4658c6030eb79be41f8650e21543
SHA512

af9a69ddfbc9baa70150a0d8d101deba06d1368377af5c6cbc79225d3022c0fd68bd4a0d2a8f0d7d9544b2217eaff4f07a00cafcba0feb9902a1641072f306c1
SSDEEP

1536:ZBuZq7Gjy+6xj9ye198Eik4btEfdlS1dUvN4S6rhFSn5CdXH0:oqq89h2tEfTN8unUdk

Score

3^/10

qr link

Malware Config

Signatures

One or more HTTP URLs in qr code identified
Detects presence of HTTP links in QR codes.
qr link

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MouseWizard.exe

Files

f447772ef46c613bd93ae45f482e8687242f4658c6030eb79be41f8650e21543
.rar
Coordinate.txt
MouseWizard.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\Work\sc\Gitee\mouse-wizard\MouseWizard\obj\Debug\MouseWizard.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MouseWizard.exe.config
.xml
MouseWizard.pdb
Time.txt
jb51.net.txt
使用声明.txt
关注公众号获取更多惊喜资源.jpg
.jpg
- http://weixin.qq.com/r/gh0DG8LEJp9ZrYZ490iQ
去脚本之家看看.url
服务器软件.url