246b9dfc97cbeecf337f3792c780cfc367a79eab33284a5bcae20a0b818b2bb0

Sharing

Copy URL Twitter E-mail

General

Target

246b9dfc97cbeecf337f3792c780cfc367a79eab33284a5bcae20a0b818b2bb0
Size

3.6MB
MD5

ae5cf587c826f228f82a1b8fa964ec4b
SHA1

87c910394429c87eea3b8542ab506f7e890cb22c
SHA256

246b9dfc97cbeecf337f3792c780cfc367a79eab33284a5bcae20a0b818b2bb0
SHA512

6521686c0665a1094f738a95152f684719bf06d3fe6717c0bae785dc8f763342cc2095a41e439502f8a7a2187ae3562a03483a9abfbec1f1fe44f0d87e87dd52
SSDEEP

98304:Vv52DIs4erd0BQapU7hT6ma/DUNBupUjqnrUoHj9MKKlhUrMxXRfp:VRkIs4eR0r27FabmupUj84oEvmsXFp

Score

N/A

Malware Config

Signatures

Files

246b9dfc97cbeecf337f3792c780cfc367a79eab33284a5bcae20a0b818b2bb0
.rar
TeamViewer4局域网专用(未打包).rar
.rar
TeamViewer4局域网专用(未打包)/TeamViewer.ini
TeamViewer4局域网专用(未打包)/TeamViewer4.exe
.exe windows x86

c1eba7231686f5b6b0f1675c1b0b0dd0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Create
InitCommonControlsEx
DestroyPropertySheetPage
PropertySheetW
ImageList_Remove
ImageList_Destroy
ImageList_SetBkColor
ImageList_LoadImageW
ImageList_ReplaceIcon
CreatePropertySheetPageW

wsock32

ioctlsocket
sendto
gethostbyname
bind
listen
accept
connect
getsockname
getpeername
send
__WSAFDIsSet
recvfrom
select
recv
inet_ntoa
htons
setsockopt
socket
ntohs
WSAGetLastError
htonl
WSAStartup
WSACleanup
shutdown
closesocket
gethostname
inet_addr

iphlpapi

GetBestInterface
GetIfEntry
GetAdaptersInfo
GetAdapterIndex
DeleteIPAddress
GetIpAddrTable

mpr

WNetEnumResourceW
WNetOpenEnumW
WNetCloseEnum

kernel32

DeviceIoControl
CreateThread
ResumeThread
SetThreadPriority
GetCurrentThread
CreateEventW
GetOverlappedResult
lstrcmpW
FileTimeToLocalFileTime
CreateFileA
FindNextFileA
SetUnhandledExceptionFilter
FindFirstFileA
DeleteFileA
QueryPerformanceCounter
GetUserDefaultLCID
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
SetHandleCount
GetOEMCP
GetTimeZoneInformation
HeapCreate
ExitThread
GetStringTypeA
LCMapStringA
GetStdHandle
GetFileType
lstrcpyW
ExitProcess
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetDateFormatA
GetTimeFormatA
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
FormatMessageA
GetFileTime
CreateWaitableTimerA
SetWaitableTimer
TlsSetValue
ResetEvent
TlsGetValue
TlsFree
TlsAlloc
GetThreadLocale
GetLocaleInfoA
GetACP
GetVersionExA
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
LocalAlloc
GetProcAddress
WritePrivateProfileStringW
OpenProcess
GlobalFree
SetEndOfFile
SetEnvironmentVariableA
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
IsValidLocale
EnumSystemLocalesA
CreateEventA
GetProcessHeap
InterlockedExchange
LoadLibraryA
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleHandleA
CompareStringA
SetProcessShutdownParameters
LocalUnlock
LocalSize
LocalLock
CompareFileTime
FileTimeToSystemTime
FindClose
SetErrorMode
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
GetLocalTime
LockResource
DeleteCriticalSection
FreeLibrary
LocalFree
GetCommandLineW
LoadResource
SizeofResource
InitializeCriticalSection
FlushFileBuffers
WriteFile
ReadFile
GetModuleFileNameA
GetFileSize
ReleaseMutex
InterlockedDecrement
CreateMutexA
InterlockedIncrement
GetLastError
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
Sleep
HeapAlloc
GetCurrentProcessId
WaitForMultipleObjects
RaiseException
LeaveCriticalSection
EnterCriticalSection
SetLastError
FlushInstructionCache
ReleaseSemaphore
GetSystemTimeAsFileTime
CreateSemaphoreA
SetEvent
WaitForSingleObject
GetCurrentProcess
GetCurrentThreadId
DuplicateHandle
GetTickCount
CloseHandle
HeapFree

user32

IsMenu
GetCursorInfo
SetThreadDesktop
OpenInputDesktop
CloseDesktop
GetUserObjectInformationW
GetThreadDesktop
CreateIconIndirect
InvalidateRgn
GetSystemMenu
GetMessagePos
GetNextDlgTabItem
EndDeferWindowPos
BeginDeferWindowPos
DrawEdge
DestroyAcceleratorTable
GetWindowPlacement
SetRectEmpty
SetWindowPlacement
FlashWindow
GetDialogBaseUnits
DeferWindowPos
MapDialogRect
GetCursor
DrawIconEx
GetDlgItemTextA
CreateWindowExA
CreatePopupMenu
FrameRect
GetIconInfo
GetCapture
DrawFocusRect
SetScrollPos
GetScrollInfo
ScrollWindowEx
GetScrollPos
SetScrollInfo
GetWindowDC
WindowFromPoint
GetShellWindow
ChildWindowFromPointEx
CreateMenu
ScreenToClient
IsWindowEnabled
RegisterWindowMessageA
GetMenuItemID
RedrawWindow
DeleteMenu
SetCursorPos
PostQuitMessage
ActivateKeyboardLayout
GetKeyboardLayout
GetMenuItemCount
SetActiveWindow
GetMenuState
MessageBoxA
UnhookWindowsHookEx
CallNextHookEx
GetAsyncKeyState
GetFocus
OpenDesktopW
RegisterWindowMessageW
CharLowerW
CharUpperW
UnregisterClassA
ShowWindow
SetWindowPos
IsWindow
TranslateMessage
GetWindow
GetWindowRect
MapWindowPoints
MoveWindow
InvalidateRect
GetParent
GetClientRect
DestroyWindow
KillTimer
SendInput
GetKeyState
ToUnicode
GetKeyboardState
ToAscii
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
ChangeClipboardChain
MessageBeep
SetTimer
TrackPopupMenuEx
GetDC
CheckMenuItem
EnableMenuItem
GetSubMenu
RemoveMenu
CheckMenuRadioItem
SetWindowRgn
SetFocus
EnumWindows
DestroyMenu
GetDlgCtrlID
GetDlgItem
GetDesktopWindow
BringWindowToTop
AdjustWindowRect
SetForegroundWindow
UpdateWindow
OffsetRect
SetParent
ShowScrollBar
CopyRect
GetSystemMetrics
FillRect
BeginPaint
EndPaint
SetRect
GetSysColor
DestroyIcon
IntersectRect
IsRectEmpty
EqualRect
InflateRect
UnionRect
ReleaseDC
EndDialog
BlockInput
GetActiveWindow
GetCursorPos
GetForegroundWindow
GetWindowThreadProcessId
GetGUIThreadInfo
IsWindowVisible
SetCursor
SetClipboardViewer
ClientToScreen
TrackMouseEvent
PtInRect
SetCapture
ReleaseCapture
DestroyCursor

gdi32

MaskBlt
SelectPalette
RealizePalette
GetObjectType
CreatePalette
SetBrushOrgEx
GetDIBits
GetSystemPaletteEntries
CreateDIBSection
PatBlt
CreatePatternBrush
SetStretchBltMode
SetDIBitsToDevice
CreateCompatibleBitmap
SetViewportOrgEx
DPtoLP
SetPixel
Polygon
Ellipse
SetTextColor
GetDeviceCaps
LineTo
MoveToEx
SetDIBColorTable
StrokeAndFillPath
EndPath
BeginPath
SetBkMode
SetBkColor
CreateBitmap
GetPixel
CreatePen
Rectangle
CreateSolidBrush
CombineRgn
StretchBlt
SelectObject
GetStockObject
DeleteDC
CreateCompatibleDC
DeleteObject
BitBlt
CreateRoundRectRgn
RoundRect
CreateRectRgn

advapi32

GetSidIdentifierAuthority
GetTokenInformation
EqualSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCloseKey
DeregisterEventSource
ReportEventW
RegisterEventSourceW
FreeSid
AdjustTokenPrivileges
LookupPrivilegeValueW
SetTokenInformation
DuplicateTokenEx
OpenProcessToken
AllocateAndInitializeSid
CryptReleaseContext
CryptAcquireContextA
CryptGenRandom
RegSetValueExA
RegEnumValueW
RegEnumKeyExA
RegEnumValueA
LookupAccountNameW
DuplicateToken
RegOpenKeyW
CreateProcessAsUserW
ImpersonateLoggedOnUser
RevertToSelf
SetEntriesInAclW
SetNamedSecurityInfoW

shell32

SHAppBarMessage
ord680
ord155
DragAcceptFiles
SHGetSpecialFolderLocation
CommandLineToArgvW

ole32

CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
RegisterDragDrop
CoTaskMemFree
CoUninitialize
OleInitialize
RevokeDragDrop
ReleaseStgMedium
StringFromGUID2
CoInitialize
CoCreateGuid
CoInitializeSecurity

oleaut32

VariantChangeType
VariantClear
VarUI4FromStr
SafeArrayGetDim
SafeArrayGetElement
SysAllocString
SysFreeString
VariantInit
VariantCopy

shlwapi

PathRemoveFileSpecW
PathCompactPathW

wininet

HttpEndRequestA
InternetQueryOptionW
InternetSetOptionW
InternetOpenW
HttpSendRequestA
InternetGoOnlineA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestExA
InternetWriteFile
InternetCloseHandle
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
InternetErrorDlg
HttpQueryInfoW
HttpQueryInfoA
InternetReadFile

crypt32

CertGetNameStringW
CertGetNameStringA
CertFreeCertificateContext
CryptVerifyMessageSignature

imagehlp

ImageGetCertificateData
ImageGetCertificateHeader
ImageEnumerateCertificates

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 696KB - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 123KB - Virtual size: 525KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 717KB - Virtual size: 720KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TeamViewer4局域网专用(未打包)/tv.ini
TeamViewer4局域网单文件.rar
.rar
当游网_www.3h3.com.URL
.url
说明.txt

Sharing

General

Malware Config

Signatures

Files

c1eba7231686f5b6b0f1675c1b0b0dd0

Headers

File Characteristics

Imports

comctl32

wsock32

iphlpapi

mpr

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

wininet

crypt32

imagehlp

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.rdata Size: 696KB - Virtual size: 696KB

.data Size: 123KB - Virtual size: 525KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 717KB - Virtual size: 720KB

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 696KB - Virtual size: 696KB

.data
Size: 123KB - Virtual size: 525KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 717KB - Virtual size: 720KB