telegram_cn_10[.]20[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

telegram_cn_10.20.zip
Size

540KB
MD5

5fb961f6266e29e571e25164e9d1a4a4
SHA1

bd3b214d884aa2269bc0c941857df797e04136d3
SHA256

09b3653a1bca2c83f40c29de0d1ccf17f05a7c4756eefcb403932b31a2ae0cc4
SHA512

ced0cace89d77d823b09573451db8d8e12dc3c3533a6a2e1a0e24da6be5002d958a7d222575cce7cc2fc0918b2f487195b80d797a2151cda0233be4910fdb213
SSDEEP

6144:oEU4ot4cK466RLodUIcmq3EHbN42Q/rLOfCBEU3XlBhbL9V1EhD9XFdLCKoPCsOo:36RLy7+2qPhbLS9XFc3OcdxsdLtDelh5

Score

N/A

Malware Config

Signatures

Files

telegram_cn_10.20.zip
.zip

Password: infected
点击安‍装-纸飞机简‌体中文包.com
.exe windows x64

093b03aebec3c56bf033b422b3f44468

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WriteConsoleA
GetConsoleOutputCP
SetEnvironmentVariableA
OpenEventA
FileTimeToLocalFileTime
OpenFileMappingA
SetStdHandle
GetTimeZoneInformation
FindFirstFileA
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
QueryPerformanceCounter
LCMapStringW
LCMapStringA
LoadLibraryW
FlsFree
FlsAlloc
FlsSetValue
FlsGetValue
GetACP
HeapReAlloc
HeapCreate
HeapSetInformation
RtlVirtualUnwind
OutputDebugStringW
GetFileType
WriteConsoleW
OutputDebugStringA
GetStdHandle
DebugBreak
ExitProcess
ExitThread
CreateThread
RtlPcToFileHeader
RaiseException
RtlUnwindEx
RtlLookupFunctionEntry
GetStartupInfoA
GetProcessHeap
HeapAlloc
HeapFree
GetCommandLineA
VirtualQuery
GetSystemInfo
VirtualAlloc
GetSystemTimeAsFileTime
RtlCaptureContext
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
IsBadReadPtr
HeapValidate
HeapSize
SetFileAttributesA
GetDiskFreeSpaceA
GetTempFileNameA
GetFileTime
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
GetHandleInformation
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
FindResourceExA
GetCurrentThread
GetLocaleInfoA
ConvertDefaultLocale
EnumResourceLanguagesA
GetOEMCP
GetCPInfo
GlobalFlags
SetEvent
WaitForSingleObject
GetProfileIntA
VirtualProtect
SuspendThread
ResumeThread
GetThreadPriority
SetThreadPriority
lstrcmpW
GetCurrentThreadId
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
FreeResource
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
FreeLibrary
GetModuleFileNameW
GetCurrentProcessId
SetErrorMode
lstrcmpA
GetThreadLocale
GetAtomNameA
GlobalGetAtomNameA
GetModuleHandleA
MulDiv
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
FindNextFileA
SetLastError
GetTickCount
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
FileTimeToSystemTime
SetFileTime
WriteFile
GetFileAttributesA
LocalFileTimeToFileTime
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
CloseHandle
SetFilePointer
CreateFileA
GetVersion
CompareStringA
lstrcmpiA
GetStringTypeExA
MultiByteToWideChar
CompareStringW
lstrlenA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetModuleFileNameA
GetProcAddress
LoadLibraryA
GetLastError
CreateEventA
Sleep
lstrlenW
CreateDirectoryA
FindClose
GetDriveTypeA

user32

GetKeyNameTextA
GetClipboardFormatNameA
GetDialogBaseUnits
UnregisterClassA
UnpackDDElParam
ReuseDDElParam
DestroyMenu
ReleaseCapture
SetCursor
SetRectEmpty
GetCursorPos
GetAsyncKeyState
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
OpenIcon
CloseWindow
PostThreadMessageA
GetWindowContextHelpId
SetWindowContextHelpId
SendNotifyMessageA
GetForegroundWindow
SetForegroundWindow
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
FlashWindow
WindowFromPoint
SetParent
FindWindowExA
FindWindowA
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
DlgDirSelectComboBoxExA
DlgDirSelectExA
DlgDirListComboBoxA
DlgDirListA
SetCapture
KillTimer
SetTimer
DrawCaption
EnableScrollBar
RedrawWindow
LockWindowUpdate
GetDCEx
ShowOwnedPopups
IsWindowVisible
ValidateRgn
ValidateRect
InvalidateRgn
InvalidateRect
GetUpdateRgn
GetUpdateRect
GetWindowDC
ClientToScreen
BringWindowToTop
GetWindowRgn
SetWindowRgn
ArrangeIconicWindows
IsZoomed
HiliteMenuItem
GetSystemMenu
DrawMenuBar
SetMenu
GetMenu
DragDetect
GetMenuCheckMarkDimensions
RegisterWindowMessageA
GetClassInfoExA
GetClassInfoA
RegisterClassA
SendDlgItemMessageA
GetClientRect
MapWindowPoints
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
MapVirtualKeyA
GetCapture
WinHelpA
TrackPopupMenuEx
TrackPopupMenu
SetWindowPlacement
GetKeyState
GetDlgCtrlID
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassLongPtrA
GetClassNameA
GetWindowLongPtrA
SetPropA
GetPropA
CallWindowProcA
SetWindowLongPtrA
RemovePropA
GetMessageTime
GetMessagePos
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
GetDlgItem
UnhookWindowsHookEx
MessageBoxA
GetWindowLongA
GetParent
GetLastActivePopup
IsWindowEnabled
EnableWindow
GetWindowThreadProcessId
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetWindowTextLengthA
GetWindowTextA
CheckMenuRadioItem
GetMenuContextHelpId
SetMenuContextHelpId
LoadMenuIndirectA
LoadMenuA
SetMenuItemBitmaps
ModifyMenuA
InsertMenuItemA
SetMenuItemInfoA
GetMenuItemInfoA
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
DeleteMenu
CreatePopupMenu
CreateMenu
ScrollDC
GrayStringA
GetTabbedTextExtentA
DrawTextExA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
DrawTextA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawStateA
DrawIcon
InvertRect
FrameRect
FillRect
ExcludeUpdateRgn
WindowFromDC
LoadBitmapA
GetSysColorBrush
PeekMessageA
TabbedTextOutA
PostMessageA
SendMessageA
IsWindow
DestroyIcon
IsRectEmpty
PtInRect
SetRect
InflateRect
UnionRect
LoadIconA
LoadCursorA
CreateWindowExA
ShowWindow
UpdateWindow
DestroyWindow
DefWindowProcA
BeginPaint
EndPaint
PostQuitMessage
EndDialog
CharUpperA
wsprintfA
GetDesktopWindow
SubtractRect
DispatchMessageW
GetMessageW
IsWindowUnicode
GetWindow
MsgWaitForMultipleObjects
MapDialogRect
RemoveMenu
IsMenu
GetMenuItemCount
GetSubMenu
GetMenuState
GetMenuStringA
AppendMenuA
InsertMenuA
GetMenuItemID
DrawAnimatedRects

shlwapi

PathFindFileNameA
PathRemoveExtensionA
PathIsUNCA
PathFindExtensionA
PathStripToRootA

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdi32

GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetMapMode
GetGraphicsMode
GetWorldTransform
GetViewportOrgEx
GetViewportExtEx
GetWindowOrgEx
GetWindowExtEx
DPtoLP
LPtoDP
FillRgn
FrameRgn
InvertRgn
PaintRgn
PtVisible
RectVisible
GetRegionData
GetCurrentPositionEx
Arc
Polyline
Chord
Ellipse
Pie
Polygon
UnrealizeObject
GetStockObject
GetObjectA
ExtTextOutA
CloseEnhMetaFile
CreateEnhMetaFileA
CloseMetaFile
CreateMetaFileA
GetDeviceCaps
CreateDCA
CopyMetaFileA
CreatePen
CreatePenIndirect
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreateBrushIndirect
CreatePatternBrush
CreateDIBPatternBrushPt
CreateFontIndirectA
CreateFontA
CreateBitmap
CreateBitmapIndirect
SetBitmapBits
GetBitmapBits
SetBitmapDimensionEx
GetBitmapDimensionEx
CreateCompatibleBitmap
CreateDiscardableBitmap
CreatePalette
CreateHalftonePalette
GetPaletteEntries
SetPaletteEntries
AnimatePalette
GetNearestPaletteIndex
ResizePalette
PolyPolygon
Rectangle
RoundRect
PatBlt
BitBlt
StretchBlt
GetPixel
SetPixel
FloodFill
ExtFloodFill
TextOutA
GetTextExtentPoint32A
GetTextAlign
GetTextFaceA
GetTextMetricsA
GetTextCharacterExtra
GetCharWidthA
GetFontLanguageInfo
GetCharacterPlacementA
GetAspectRatioFilterEx
Escape
SetBoundsRect
GetBoundsRect
ResetDCA
GetBkMode
GetCharABCWidthsA
GetFontData
GetKerningPairsA
GetGlyphOutlineA
StartDocA
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
MaskBlt
PlgBlt
SetPixelV
AngleArc
GetArcDirection
PolyPolyline
GetColorAdjustment
GetCurrentObject
PolyBezier
DrawEscape
ExtEscape
GetCharABCWidthsFloatA
GetCharWidthFloatA
AbortPath
BeginPath
CloseFigure
EndPath
FillPath
FlattenPath
GetMiterLimit
GetPath
SetMiterLimit
StrokeAndFillPath
StrokePath
WidenPath
GdiComment
PlayEnhMetaFile
GetDCOrgEx
GetClipBox
SetTextColor
SetBkColor
DeleteDC
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
DeleteObject
GetClipRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
EnumMetaFile
PlayMetaFile
StretchDIBits
EnumFontFamiliesExA
GetBkColor
UpdateColors
RealizePalette
GetNearestColor
SelectObject
EnumObjects
SetBrushOrgEx
GetBrushOrgEx
CreateCompatibleDC
CreateICA
RectInRegion
PtInRegion
GetRgnBox
SetRectRgn
OffsetRgn
EqualRgn
CombineRgn
GetOutlineTextMetricsA
GetObjectType
ExtCreateRegion
PathToRegion
CreateRoundRectRgn
CreatePolyPolygonRgn
CreatePolygonRgn
CreateEllipticRgnIndirect
CreateEllipticRgn
CreateRectRgnIndirect
CreateRectRgn

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

GetFileTitleA

advapi32

RevertToSelf
SetThreadToken
GetFileSecurityA
SetFileSecurityA
RegCreateKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegSetValueA
RegCloseKey
OpenThreadToken

shell32

DragFinish
DragQueryFileA
SHGetFileInfoA
ExtractIconA
DragAcceptFiles

ole32

OleRun
CLSIDFromProgID
CoDisconnectObject
CLSIDFromString
StringFromGUID2
CoCreateInstance
ReleaseStgMedium
CoTaskMemAlloc
CoTreatAsClass
CoReleaseMarshalData
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CreateBindCtx
OleDuplicateData
CreateStreamOnHGlobal
CoMarshalInterface
CoUnmarshalInterface
CoRevokeClassObject
CoRegisterClassObject
StringFromCLSID

oleaut32

SysFreeString
SafeArrayUnaccessData
SysStringByteLen
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
SysAllocStringByteLen
SysStringLen
SafeArrayAccessData
SafeArrayRedim
SafeArrayCreate
VariantClear
VariantCopy
VariantChangeType
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VarBstrFromDec
VarDecFromStr
SysAllocStringLen
VarDateFromStr
VarBstrFromDate
VariantInit
SysAllocString
LoadTypeLi
DosDateTimeToVariantTime
VariantTimeToSystemTime
VarUdateFromDate
VarDateFromUdate
SystemTimeToVariantTime
SafeArrayGetLBound

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 626KB - Virtual size: 626KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

093b03aebec3c56bf033b422b3f44468

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shlwapi

oleacc

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 626KB - Virtual size: 626KB

.data Size: 15KB - Virtual size: 40KB

.pdata Size: 74KB - Virtual size: 74KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 626KB - Virtual size: 626KB

.data
Size: 15KB - Virtual size: 40KB

.pdata
Size: 74KB - Virtual size: 74KB

.rsrc
Size: 48KB - Virtual size: 47KB