b3e0a331f06b1327586856e68e650c72cd637f3e520ba6737d6fb3aadcd83954 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3e0a331f06b1327586856e68e650c72cd637f3e520ba6737d6fb3aadcd83954
Size

222KB
MD5

e308aff93225feb8bfa9397f13904518
SHA1

45fc359dedcac37c6aa4190e782be77b267c0619
SHA256

b3e0a331f06b1327586856e68e650c72cd637f3e520ba6737d6fb3aadcd83954
SHA512

dfd0f2b820d5c8a36c0ae977dad74db59f8193bb7903b7fd5b255d430c09cf21c655a7e04d88d2fd16c1022378eef5bb09d57c8e08ac46ee6a34cd0cbe1d533b
SSDEEP

6144:TZoK3IVS8o9rSuARukjAVD8/NxgXvEOxv:TrsSxOT6D8DgTF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/更改文件或文件夹的修改时间方法/D0GE_FlTmAd.exe

Files

b3e0a331f06b1327586856e68e650c72cd637f3e520ba6737d6fb3aadcd83954
.zip
更改文件或文件夹的修改时间方法/D0GE_FlTmAd.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\编程\代码\注册表系列\Explorer\D0GE_FlTmAd\obj\Debug\D0GE_FlTmAd.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 651KB - Virtual size: 650KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
更改文件或文件夹的修改时间方法/方法.txt