689686c30731bdb11d92e389adee26f453311b4bdb5e02ffd71be805793bfbc8

Sharing

Copy URL Twitter E-mail

General

Target

689686c30731bdb11d92e389adee26f453311b4bdb5e02ffd71be805793bfbc8
Size

220KB
MD5

4a4fcf5d2cb6db49f270d76662d76d00
SHA1

c7a0b560fa1431709d2026cdae8dbc0420389d95
SHA256

689686c30731bdb11d92e389adee26f453311b4bdb5e02ffd71be805793bfbc8
SHA512

297a5835922084ee9d7b19e3586f4788313649efaf4da31ccb62f9bd632366a8c0f5b23c4a71a2680ab6dd20602b3dddafffd3182760e94398d37b7ca5f3306c
SSDEEP

6144:WeymVONYFdlD3iNYxVLdIz68TqLtU0x/sPXh1:QmVONYFdlD3iNYxVLiButU0x/ER

Score

N/A

Malware Config

Signatures

Files

689686c30731bdb11d92e389adee26f453311b4bdb5e02ffd71be805793bfbc8
.exe windows x86

aa7b39fd837551c066be6f581320f4e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetTickCount
GetLocalTime
Sleep
CreateThread
FreeLibrary
GetCurrentProcessId
HeapAlloc
GetProcessHeap
MoveFileA
MultiByteToWideChar
lstrlenA
HeapFree
GlobalUnlock
OpenProcess
GetCurrentProcess
CloseHandle
InterlockedExchange
LocalAlloc
RtlUnwind
RaiseException
EnterCriticalSection
LeaveCriticalSection
ExitProcess
TerminateProcess
GetLastError
GetCurrentThreadId
TlsSetValue
TlsGetValue
ExitThread
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
TlsAlloc
SetLastError
SetUnhandledExceptionFilter
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
HeapSize
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
IsBadReadPtr
IsBadCodePtr
InterlockedDecrement
InterlockedIncrement
SetFilePointer
FlushFileBuffers
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
SetStdHandle

netapi32

NetLocalGroupAddMembers
NetUserAdd

msvfw32

ICSeqCompressFrameEnd
ICCompressorFree
ICClose
ICOpen
ICSendMessage
ICSeqCompressFrameStart
ICSeqCompressFrame

Exports

Exports

aabbccdd
daxuewuli
eeffgghh
gaoshu
gongchengshuxue
iijjkkmm

Sections

.text
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa7b39fd837551c066be6f581320f4e9

Headers

File Characteristics

Imports

kernel32

netapi32

msvfw32

Exports

Exports

Sections

.text Size: 144KB - Virtual size: 140KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 28KB - Virtual size: 36KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 144KB - Virtual size: 140KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 28KB - Virtual size: 36KB

.rsrc
Size: 28KB - Virtual size: 28KB