b408a326ab56935a94b044060df20e92f5daec5958932bcb25e8cb85136ae93a

Sharing

Copy URL Twitter E-mail

General

Target

b408a326ab56935a94b044060df20e92f5daec5958932bcb25e8cb85136ae93a
Size

1.2MB
MD5

21c90d6a26637b12adf1bdfda3365ee7
SHA1

dd021ce572b0fe0b069bd35d58a4c692df320aea
SHA256

b408a326ab56935a94b044060df20e92f5daec5958932bcb25e8cb85136ae93a
SHA512

e7117d8c93b851f58e2a8d8893240accb58b6e702a3a34a21a1c0d1e3f261da36e0f96808fb8a9d24d2601c4d274259f6ce42319f561908e7fca1daf7312d864
SSDEEP

24576:M8S3id8gSHz8coR6T1cKZsDvAzLIcXA77TODCOguqT6H5fyDkyO2gPYbZV:MD68gSHzpEScKGD6uXO1O6VANgANV

Score

N/A

Malware Config

Signatures

Files

b408a326ab56935a94b044060df20e92f5daec5958932bcb25e8cb85136ae93a
.rar
菲律宾一员工宿舍两名中国小伙互殴鲜血直流，警方正在调查案件起因.exe
.exe windows x86

511bb841aa4091526a5ec42ad8367056

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
VirtualFree
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

SetWindowContextHelpId

gdi32

GetViewportExtEx

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA

advapi32

RegCreateKeyExA

shell32

DragFinish

shlwapi

PathStripToRootA

oledlg

ord8

ole32

CoRevokeClassObject

oleaut32

VariantChangeType

odbc32

ord2

Sections

.text
Size: - Virtual size: 699KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.DONGDON
Size: - Virtual size: 938KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.DONGDON
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

511bb841aa4091526a5ec42ad8367056

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

odbc32

Sections

.text Size: - Virtual size: 699KB

.rdata Size: - Virtual size: 152KB

.data Size: - Virtual size: 225KB

.DONGDON Size: - Virtual size: 938KB

.DONGDON Size: 1.2MB - Virtual size: 1.2MB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: - Virtual size: 699KB

.rdata
Size: - Virtual size: 152KB

.data
Size: - Virtual size: 225KB

.DONGDON
Size: - Virtual size: 938KB

.DONGDON
Size: 1.2MB - Virtual size: 1.2MB

.rsrc
Size: 2KB - Virtual size: 2KB