bbe9cca30ce03b65e300c898b0321d63de1cecf8f87c9b0e57f56f135d9a1eb8

Sharing

Copy URL Twitter E-mail

General

Target

bbe9cca30ce03b65e300c898b0321d63de1cecf8f87c9b0e57f56f135d9a1eb8
Size

2.7MB
MD5

48cfd9b284ba0d2ae1847c25ccf0a43b
SHA1

2ce0e97dce8b3ed2b4d2322fb827d904bbe76958
SHA256

bbe9cca30ce03b65e300c898b0321d63de1cecf8f87c9b0e57f56f135d9a1eb8
SHA512

343b1666c924c0059b1b600b42c6fa0162e4cf7e465d4ddbf7f0c994978d4699eb5d67dac032a51ee58c1ac64975013d0162e4a881256c76fc08e9ede2147d34
SSDEEP

49152:wV6bdLs8dhIbTxsxkWANs0vhB6oDG83y4sf4VlE6kYyO5kUf1dFdB:xw8TYCfANLZa8idMeoPB

Score

N/A

Malware Config

Signatures

Files

bbe9cca30ce03b65e300c898b0321d63de1cecf8f87c9b0e57f56f135d9a1eb8
.rar
RegWork.2.5.1注册表编辑器/Favorites.dat
RegWork.2.5.1注册表编辑器/RWResChs.dll
.dll windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.rdata
Size: 4KB - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RegWork.2.5.1注册表编辑器/RegWork.exe
.exe windows x86

12df3b7a9b17a8980a08ebc5beb18601

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32

GetTokenInformation

comctl32

ImageList_ReplaceIcon

gdi32

GetViewportOrgEx

oleaut32

VarR8FromStr

shell32

SHGetPathFromIDList

shlwapi

SHSetValueA

user32

CallNextHookEx

version

VerQueryValueA

comdlg32

GetOpenFileNameA

ole32

CoCreateInstance

Sections

.text
Size: 266KB - Virtual size: 848KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
RegWork.2.5.1注册表编辑器/RegWorkshop.ini
RegWork.2.5.1注册表编辑器/backup/1639498874/DEFAULT
RegWork.2.5.1注册表编辑器/backup/1639498874/S-1-5-21-2189691879-1162004727-2955967034-1001
RegWork.2.5.1注册表编辑器/backup/1639498874/S-1-5-21-2189691879-1162004727-2955967034-1001_Classes
RegWork.2.5.1注册表编辑器/backup/1639498874/SAM
RegWork.2.5.1注册表编辑器/backup/1639498874/SECURITY
RegWork.2.5.1注册表编辑器/backup/1639498874/SOFTWARE
RegWork.2.5.1注册表编辑器/backup/1639498874/SYSTEM
RegWork.2.5.1注册表编辑器/undo.dat
RegWork.2.5.1注册表编辑器/undo.idx

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.rdata Size: 4KB - Virtual size: 128B

.rsrc Size: 56KB - Virtual size: 52KB

.reloc Size: 4KB - Virtual size: 8B

12df3b7a9b17a8980a08ebc5beb18601

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

gdi32

oleaut32

shell32

shlwapi

user32

version

comdlg32

ole32

Sections

.text Size: 266KB - Virtual size: 848KB

.rsrc Size: 14KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 128B

.rsrc
Size: 56KB - Virtual size: 52KB

.reloc
Size: 4KB - Virtual size: 8B

.text
Size: 266KB - Virtual size: 848KB

.rsrc
Size: 14KB - Virtual size: 16KB