d5d9f7a8ba2bce13f97227d9b4fa0561ea72732bc8801defc04447693d4406db | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d5d9f7a8ba2bce13f97227d9b4fa0561ea72732bc8801defc04447693d4406db
Size

5.9MB
MD5

c6d6eaeba8ace958ed6aabae18875ef4
SHA1

7e897d87710807422ec2b07d9ed1e384d3fcb2e2
SHA256

d5d9f7a8ba2bce13f97227d9b4fa0561ea72732bc8801defc04447693d4406db
SHA512

bd7b33566d32fb5072d1966dbb6bb91099e544ece301542308522a14ba2d96d1f24778bf1fd4112dbae6f91734a36f9f80cf7dca79c80e17f2c4e5d57a156d10
SSDEEP

98304:zge9f+eJ5LbHVlaHqQ1NaXJw9QxCqk23i3ggGe9SfcoLDPiHkKos7FLOAkGkzdn0:zxf5cBudLps7FLOyomFHKnPAwXFdhz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5d9f7a8ba2bce13f97227d9b4fa0561ea72732bc8801defc04447693d4406db

Files

d5d9f7a8ba2bce13f97227d9b4fa0561ea72732bc8801defc04447693d4406db
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\_workspace\GIT仓库\开发软件\MEGMEET_DCSource\Release\CP8802.pdb

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.enigma1
Size: 5.5MB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma2
Size: 304KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE