d51fc9c44909d80324644a9418cd36911497131bbc021909c214f9edb61888e9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d51fc9c44909d80324644a9418cd36911497131bbc021909c214f9edb61888e9
Size

3.2MB
MD5

88549b7eca9a10412602821119063f6b
SHA1

549334fe632b678d293165e654c502008e4549e8
SHA256

d51fc9c44909d80324644a9418cd36911497131bbc021909c214f9edb61888e9
SHA512

edbb812a0138656658d02ed7682d7ffe0a78671bcd113d6d92c591ece29548c152b0c09454c4092defba81e9532e7e641325bcdc0a351f29d2b627bb35ab86d8
SSDEEP

49152:AgKyWZSxg1zcBMXnnskilvoVAUokNEl6NQw7IbRDCO3vTFwhmd4Ah1sVehr/Zf:ASjMXshAVRBWAQvbdbFwEeO3lZf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/2034hezi/2034盒子.exe

Files

d51fc9c44909d80324644a9418cd36911497131bbc021909c214f9edb61888e9
.zip
2034hezi/2034盒子.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 808KB - Virtual size: 808KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 25KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
使用说明.txt
更多下载.html