a35b73e91370be9eb7f9f1bd08a35df572c292f7beb7994554748481fc91080e

Sharing

Copy URL Twitter E-mail

General

Target

a35b73e91370be9eb7f9f1bd08a35df572c292f7beb7994554748481fc91080e
Size

315KB
MD5

535ae7fb0d913ff047619bbb6c620a3b
SHA1

c4af71b44abb1da4b2f631f907ace3145455f010
SHA256

a35b73e91370be9eb7f9f1bd08a35df572c292f7beb7994554748481fc91080e
SHA512

4ff5990ce5c48d2ffd441e1d4af368e0c0566da6ae9c073183fb2212cebf40dd38f4171044043f796e683b9ce70a71592af4f89dda0adca7a943175730f36bdb
SSDEEP

6144:etb/OsxYnhLmOR6lfDGV+u5sMgQYThERu/yacvdJDTMX0iS4fuP4:3sxgmOaS5sMgQY1Eu6aMrTi0iS4w4

Score

N/A

Malware Config

Signatures

Files

a35b73e91370be9eb7f9f1bd08a35df572c292f7beb7994554748481fc91080e
.rar
WinDirStat_1.1.2.79_中文綠色版/ShedkoFolderico3_8807299.ico
WinDirStat_1.1.2.79_中文綠色版/desktop.ini
WinDirStat_1.1.2.79_中文綠色版/windirstat.chm
.chm
WinDirStat_1.1.2.79_中文綠色版/windirstat.exe
.exe windows x86

b3e2efb711bd309a22addde2f35c372c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
ExitThread
CreateThread
HeapReAlloc
TerminateProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
VirtualAlloc
LCMapStringW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
LocalFree
HeapAlloc
ExitProcess
HeapFree
RtlUnwind
GetCurrentDirectoryA
FindResourceExA
LocalFileTimeToFileTime
GetShortPathNameA
CreateFileA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
SystemTimeToFileTime
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GlobalFlags
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
VirtualProtect
FindFirstFileA
FileTimeToLocalFileTime
FindNextFileA
FindClose
InterlockedDecrement
GetDiskFreeSpaceA
GetTempFileNameA
GetFileTime
SetFileTime
lstrcmpA
SetLastError
MulDiv
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
SetThreadPriority
GlobalFree
GetFullPathNameA
GetModuleFileNameA
ResumeThread
GetUserDefaultLangID
GetCurrentProcess
GetStringTypeExA
CompareStringW
CompareStringA
lstrlenW
lstrcmpiA
GetVersion
RaiseException
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SearchPathA
FreeLibrary
GetModuleHandleA
GetProcAddress
LoadLibraryA
GetUserDefaultLCID
GetWindowsDirectoryA
GetFileAttributesA
GetProfileIntA
GlobalAlloc
GlobalLock
lstrcpyA
GlobalUnlock
GetDriveTypeA
GetTickCount
GetCurrentThreadId
GetSystemDirectoryA
FileTimeToSystemTime
GetDateFormatA
GetTimeFormatA
GetEnvironmentVariableA
GetLogicalDrives
SetErrorMode
GetVolumeInformationA
GetDiskFreeSpaceExA
lstrlenA
CreateProcessA
CloseHandle
FreeResource
GetLastError
lstrcpynA
MultiByteToWideChar
WideCharToMultiByte
FormatMessageA
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
LCMapStringA

user32

GetNextDlgGroupItem
SetWindowContextHelpId
ShowOwnedPopups
GetSystemMenu
IsRectEmpty
SetParent
IsZoomed
MapDialogRect
GetAsyncKeyState
DestroyCursor
SetCursorPos
GetMenuItemInfoA
DestroyMenu
UnpackDDElParam
ReuseDDElParam
SetCursor
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
SetMenu
TranslateAcceleratorA
wsprintfA
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetMenuStringA
InsertMenuA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
WinHelpA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxA
TrackPopupMenuEx
TrackPopupMenu
SetScrollPos
GetScrollPos
GetMenu
PostMessageA
GetMenuItemID
InvalidateRgn
EqualRect
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
SetMenuItemBitmaps
GetMenuState
CheckMenuItem
GetMenuCheckMarkDimensions
SetWindowsHookExA
CallNextHookEx
IsWindowVisible
GetKeyState
ValidateRect
SendMessageA
GetWindowRect
GetClientRect
HideCaret
EnableWindow
IsWindow
InflateRect
DrawEdge
ClientToScreen
ScreenToClient
InvalidateRect
GetParent
GetSysColor
OffsetRect
CreateWindowExA
ReleaseDC
GetDC
GetActiveWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetMessageA
ReleaseCapture
SetCapture
CopyAcceleratorTableA
CharNextA
DestroyIcon
GetDCEx
WindowFromPoint
FindWindowA
SetRect
GetCapture
LoadStringA
LockWindowUpdate
UnregisterClassA
CharUpperA
RegisterWindowMessageA
SetForegroundWindow
UpdateWindow
BringWindowToTop
DrawFocusRect
GetFocus
LoadBitmapA
CopyRect
SetClipboardData
EmptyClipboard
OpenClipboard
RemoveMenu
GetMenuItemCount
EnableMenuItem
MessageBeep
GetSysColorBrush
AdjustWindowRectEx
RegisterClipboardFormatA
DeleteMenu
SetMenuDefaultItem
GetSubMenu
ModifyMenuA
LoadMenuA
RedrawWindow
GetDesktopWindow
PostQuitMessage
DispatchMessageA
TranslateMessage
PeekMessageA
MsgWaitForMultipleObjects
PtInRect
SetTimer
KillTimer
RegisterClassA
GetClassInfoA
GetCursorPos
PostThreadMessageA
LoadCursorA
LoadIconA
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
CloseClipboard
AppendMenuA

gdi32

CreateFontIndirectA
SetRectRgn
CombineRgn
GetMapMode
GetTextExtentPoint32A
StretchDIBits
GetCharWidthA
CreateFontA
GetTextMetricsA
EnumFontFamiliesExA
GetBkColor
GetTextColor
GetRgnBox
CreateSolidBrush
CreatePen
GetStockObject
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateRectRgn
GetWindowExtEx
GetViewportExtEx
CreateCompatibleBitmap
SelectClipRgn
DeleteObject
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
PatBlt
CreateRectRgnIndirect
Ellipse
GetDeviceCaps
Pie
GetPixel
GetObjectA
SetPixel
BitBlt
Rectangle
CreateCompatibleDC

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA
ChooseColorA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

GetUserNameA
RegOpenKeyExA
RegQueryValueExA
RegSetValueA
RegOpenKeyA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyA
RegCloseKey

shell32

DragFinish
ShellExecuteExA
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHFileOperationA
ExtractIconA
DragQueryFileA
ShellExecuteA
SHBrowseForFolderA
SHGetFileInfoA

comctl32

ImageList_Draw
ImageList_GetIcon
ImageList_SetBkColor
ImageList_AddMasked
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_Duplicate
ord8
ord17
ImageList_Destroy
PropertySheetA
DestroyPropertySheetPage
ImageList_ReplaceIcon
CreatePropertySheetPageA

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysStringLen
SysAllocStringByteLen
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
SysAllocString
OleCreateFontIndirect

Sections

.text
Size: 440KB - Virtual size: 437KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3e2efb711bd309a22addde2f35c372c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 440KB - Virtual size: 437KB

.rdata Size: 108KB - Virtual size: 104KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 72KB - Virtual size: 68KB

.text
Size: 440KB - Virtual size: 437KB

.rdata
Size: 108KB - Virtual size: 104KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 72KB - Virtual size: 68KB