b935665e8469e7a2ee803f8b085feb2a99a334b3cba64e155bcf30dea2ca4dfc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b935665e8469e7a2ee803f8b085feb2a99a334b3cba64e155bcf30dea2ca4dfc
Size

1.0MB
MD5

9ba8d5a9646e8c3c36cb8470fbb3b3c1
SHA1

2e04d238bdca0fcf6f2027b67fe51d042d134c31
SHA256

b935665e8469e7a2ee803f8b085feb2a99a334b3cba64e155bcf30dea2ca4dfc
SHA512

12a3fe4863390bb4c79e0b462b557a1cd92d7fba9630ce35c6c28f1063e371f3dafb29e23a32034e5c90053fd3c7defa91742b67adc26ad0c6e1b33eed382b27
SSDEEP

6144:nwQiHHJQF2z6vQBLL/nAGvODuFpEpVNfYesBfv6:wHpw2z6iL5dqCi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b935665e8469e7a2ee803f8b085feb2a99a334b3cba64e155bcf30dea2ca4dfc

Files

b935665e8469e7a2ee803f8b085feb2a99a334b3cba64e155bcf30dea2ca4dfc
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\My Documents\个人资料\vbnet\报警20190403\九院\管理机\管理客户端\管理客户端\obj\x86\Debug\管理客户端.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 780KB - Virtual size: 779KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 185B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 267KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ