88114c0b83f8b601c629e64f43fc31644af5a17e4f45e7d682e6770c01f907de

Sharing

Copy URL Twitter E-mail

General

Target

88114c0b83f8b601c629e64f43fc31644af5a17e4f45e7d682e6770c01f907de
Size

1.9MB
MD5

bfaa71a222c0a4c50e66f8c136062696
SHA1

e3da438e77ea4c67a55874e7a790ccbf6d8f7ce1
SHA256

88114c0b83f8b601c629e64f43fc31644af5a17e4f45e7d682e6770c01f907de
SHA512

30d973ebec1fd2fcff3460e4a0fcbcd3c6bdc10ecd66f0f314a4b605187ca01a20d20280b45235bf7e48ce12e13d9a964096df0de781ebbe7b93c5759f7d4b1b
SSDEEP

24576:0cWnbktJCK1Af5Voi2wPGvIX+BMjXGbbdXxVfxguFwehYIlnUX5k7dVsXeRO3wgJ:db1M2hX6XG1+uFwR4nUX6hrrgZkOQZNe

Score

1^/10

Malware Config

Signatures

Files

88114c0b83f8b601c629e64f43fc31644af5a17e4f45e7d682e6770c01f907de
.exe windows:6 windows x86 arch:x86

b5c0892fa36495b498d09f7c10228f02

Code Sign

22:ad:4c:85:d3:6a:fb:51:bf:00:06:d1:a4:34:d2:d7
Certificate

Issuer

CN=中国人寿股份有限公司深圳分公司

Not Before

13/09/2022, 02:50

Not After

31/12/2039, 23:59

Subject

CN=中国人寿股份有限公司深圳分公司

8d:64:9f:df:1b:e0:7d:b9:26:34:f0:87:b6:53:cc:8f:92:fa:32:f5
Signer

Actual PE Digest

8d:64:9f:df:1b:e0:7d:b9:26:34:f0:87:b6:53:cc:8f:92:fa:32:f5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStdHandle

Sections

.text
Size: - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vdata
Size: - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.symtab
Size: - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.vdata
Size: - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: - Virtual size: 1017KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5c0892fa36495b498d09f7c10228f02

Code Sign

22:ad:4c:85:d3:6a:fb:51:bf:00:06:d1:a4:34:d2:d7Certificate

8d:64:9f:df:1b:e0:7d:b9:26:34:f0:87:b6:53:cc:8f:92:fa:32:f5Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: - Virtual size: 1.0MB

.rdata Size: - Virtual size: 1.0MB

.data Size: - Virtual size: 275KB

.idata Size: - Virtual size: 988B

.vdata Size: - Virtual size: 57KB

.symtab Size: - Virtual size: 4B

.vdata Size: - Virtual size: 512B

.text Size: - Virtual size: 1017KB

.data Size: - Virtual size: 20KB

.text Size: 1.9MB - Virtual size: 1.9MB

.data Size: 1024B - Virtual size: 592B

.reloc Size: 1KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 496B

22:ad:4c:85:d3:6a:fb:51:bf:00:06:d1:a4:34:d2:d7
Certificate

8d:64:9f:df:1b:e0:7d:b9:26:34:f0:87:b6:53:cc:8f:92:fa:32:f5
Signer

.text
Size: - Virtual size: 1.0MB

.rdata
Size: - Virtual size: 1.0MB

.data
Size: - Virtual size: 275KB

.idata
Size: - Virtual size: 988B

.vdata
Size: - Virtual size: 57KB

.symtab
Size: - Virtual size: 4B

.vdata
Size: - Virtual size: 512B

.text
Size: - Virtual size: 1017KB

.data
Size: - Virtual size: 20KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.data
Size: 1024B - Virtual size: 592B

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 496B