截图2024年7月19日15点11分[.]jpg[.]scr | Triage

Sharing

Copy URL Twitter E-mail

General

Target

截图2024年7月19日15点11分.jpg.scr
Size

952KB
MD5

332a8ed8e9c3f05a7b0472b8cb4e7d1b
SHA1

2af427f43634e697f98002f2d2d4b1cd1367f633
SHA256

f5b63eea8963a4a37e9a55037fea6a3c6adabf3de44540de9fbdb5407958839a
SHA512

0ff8970f479879345be589ec28127afdd03bb045f1c9bf63afdb3a32441a22d5d382fbe356188e88adc231ee4d313113a624cafa8d1e3572592b2a0516ef152e
SSDEEP

24576:KRYEQJa8Kpiaxe64FHWAT6zZ/w/5tQrS8m0gS:dwTe64F2mW5CtB8m0V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
截图2024年7月19日15点11分.jpg.scr

Files

截图2024年7月19日15点11分.jpg.scr
.exe windows:4 windows x86 arch:x86

5dc35476374febccc615eac4af5e9f3a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA

user32

CopyRect

advapi32

OpenSCManagerA

shell32

SHGetSpecialFolderPathA

msvcrt

_strcmpi

ws2_32

WSAStartup

comctl32

ord17

msvcp60

??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z

urlmon

URLDownloadToFileA

wininet

InternetGetConnectedState

gdi32

SetWindowExtEx

winspool.drv

OpenPrinterA

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 48KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 892KB - Virtual size: 892KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ