f588c41ff4141be6d74aca762126994ee96ea9aaaf689ba306c99d27c5467922

Sharing

Copy URL Twitter E-mail

General

Target

f588c41ff4141be6d74aca762126994ee96ea9aaaf689ba306c99d27c5467922
Size

1.0MB
MD5

3595d5729de68e47e14c35018a7f990d
SHA1

8bbd0ea465fa6757bc032657ae6bdba88d864fa2
SHA256

f588c41ff4141be6d74aca762126994ee96ea9aaaf689ba306c99d27c5467922
SHA512

10864e3de1078415361b61902114f10744979ed10440b5c15e58b654aecab0674f584a7a6819b1b407aa944a2e5567b8724e43c19985898edf76d06248f93189
SSDEEP

24576:gqIgZFgqS/QexqM6tw7/K6o2DFbuDM0HfHaTIEtnvO1Q:zSqAnUA/BMMmfdEpO1Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/BT搜索_BTSOU v22.10.05/BTSOU.exe
unpack001/BT搜索_BTSOU v22.10.05/Interop.ThunderAgentLib.dll
unpack001/BT搜索_BTSOU v22.10.05/MySql.Data.dll

Files

f588c41ff4141be6d74aca762126994ee96ea9aaaf689ba306c99d27c5467922
.zip
BT搜索_BTSOU v22.10.05/BTSOU.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Chenql\BT搜\24.03.20\202403191735 v24.03.20\BTSOU\BTSOU\bin\Debug\Dotfuscated\BTSOU.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 800KB - Virtual size: 800KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BT搜索_BTSOU v22.10.05/Interop.ThunderAgentLib.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BT搜索_BTSOU v22.10.05/MySql.Data.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\build\sb_1-7385477-1654893247.25\connector-net\MySQL.Data\src\obj\Release\net452\MySql.Data.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BT搜索_BTSOU v22.10.05/data.ryx
BT搜索_BTSOU v22.10.05/使用说明.jpg
.jpg
BT搜索_BTSOU v22.10.05/常见问题.txt
BT搜索_BTSOU v22.10.05/更新说明.txt

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 800KB - Virtual size: 800KB

.rsrc Size: 29KB - Virtual size: 29KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 27KB - Virtual size: 26KB

.rsrc Size: 1024B - Virtual size: 880B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 800KB - Virtual size: 800KB

.rsrc
Size: 29KB - Virtual size: 29KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 27KB - Virtual size: 26KB

.rsrc
Size: 1024B - Virtual size: 880B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 1.4MB - Virtual size: 1.4MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B