bf28e1391c91a7335007130edd887ee1ca48d70d5d2f17e103d50901510d87ce

Sharing

Copy URL Twitter E-mail

General

Target

bf28e1391c91a7335007130edd887ee1ca48d70d5d2f17e103d50901510d87ce
Size

12.0MB
MD5

7120c3f20aefbc6200b773a60563825d
SHA1

629a647e4ee7634cc4c454780b3c7055801647e6
SHA256

bf28e1391c91a7335007130edd887ee1ca48d70d5d2f17e103d50901510d87ce
SHA512

e3919cd261fa452074d95335ea2775c585de2fce1163733ab0d71ad0f0d038e1dbe33359c0af3e153b53a9478282a6930246090fecc7b6da127cb6f0b9775e2a
SSDEEP

196608:iR5h9jHvcud88rjsox6Ki8Jb+pGgyqP5nVA7PHhBmAGlN3jJGUS6RlR0rS6OUbuc:iTjHxd8SsortCnETmAGz3PvGrS6OUKc

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/RKinFee/RKinFee_专业版_v2.2.6.5.exe	aspack_v212_v242

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/RKinFee/RKinFee_专业版_v2.2.6.5.exe
unpack002/兔子游戏清理工具v1.0.4.exe

Files

bf28e1391c91a7335007130edd887ee1ca48d70d5d2f17e103d50901510d87ce
.zip
RKinFee/RKinFee_专业版_v2.2.6.5.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 544KB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11.0MB - Virtual size: 21.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 73KB - Virtual size: 632KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 191KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
RKinFee/【1】教程：注册登录教程.url
.url
RKinFee/【2】教程：打不开或无法登录的教程.url
.url
RKinFee/【3】教程：功能无效或游戏闪退的教程.url
.url
RKinFee/【4】购买：双击打开购卡链接.url
.url
RKinFee/【5】工具：兔子游戏清理工具v1.0.4.zip
.zip
兔子游戏清理工具v1.0.4.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

XMDM
Size: - Virtual size: 672KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vbMC
Size: 300KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
解决win10 11提示包含病毒方法.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 544KB - Virtual size: 2.9MB

.rdata Size: 11.0MB - Virtual size: 21.2MB

.data Size: 73KB - Virtual size: 632KB

.rsrc Size: 3KB - Virtual size: 192KB

.aspack Size: 191KB - Virtual size: 192KB

.adata Size: - Virtual size: 4KB

Headers

File Characteristics

Sections

XMDM Size: - Virtual size: 672KB

vbMC Size: 300KB - Virtual size: 304KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 544KB - Virtual size: 2.9MB

.rdata
Size: 11.0MB - Virtual size: 21.2MB

.data
Size: 73KB - Virtual size: 632KB

.rsrc
Size: 3KB - Virtual size: 192KB

.aspack
Size: 191KB - Virtual size: 192KB

.adata
Size: - Virtual size: 4KB

XMDM
Size: - Virtual size: 672KB

vbMC
Size: 300KB - Virtual size: 304KB

.rsrc
Size: 4KB - Virtual size: 4KB