7122c70082f94c3b567d94c7e9875cb23f6ff244d48884f2882b8c304fc3bbc9

Sharing

Copy URL

Twitter E-mail

General

Target

7122c70082f94c3b567d94c7e9875cb23f6ff244d48884f2882b8c304fc3bbc9
Size

200KB
MD5

1f2bccf67e9b1afc050da1ce36eb5930
SHA1

b65809055f908bed584c02997e31093ef940de91
SHA256

7122c70082f94c3b567d94c7e9875cb23f6ff244d48884f2882b8c304fc3bbc9
SHA512

b5606bca5961b6c97e5e794edfa1e2299259db2d0a53a14fd6c6fa4f109ec898330e0d2e7f1161ace01e85be8b9b658ab86929c722eb4a6f7728bf027bc4f055
SSDEEP

6144:ceymVONYFdlD3iNYxVLdIz68TqLtU0D/szn:SmVONYFdlD3iNYxVLiButU0D/4

Score

N/A

Malware Config

Signatures

Files

7122c70082f94c3b567d94c7e9875cb23f6ff244d48884f2882b8c304fc3bbc9
.exe windows x86

aa7b39fd837551c066be6f581320f4e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetTickCount
GetLocalTime
Sleep
CreateThread
FreeLibrary
GetCurrentProcessId
HeapAlloc
GetProcessHeap
MoveFileA
MultiByteToWideChar
lstrlenA
HeapFree
GlobalUnlock
OpenProcess
GetCurrentProcess
CloseHandle
InterlockedExchange
LocalAlloc
RtlUnwind
RaiseException
EnterCriticalSection
LeaveCriticalSection
ExitProcess
TerminateProcess
GetLastError
GetCurrentThreadId
TlsSetValue
TlsGetValue
ExitThread
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
TlsAlloc
SetLastError
SetUnhandledExceptionFilter
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
HeapSize
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
IsBadReadPtr
IsBadCodePtr
InterlockedDecrement
InterlockedIncrement
SetFilePointer
FlushFileBuffers
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
SetStdHandle

netapi32

NetLocalGroupAddMembers
NetUserAdd

msvfw32

ICSeqCompressFrameEnd
ICCompressorFree
ICClose
ICOpen
ICSendMessage
ICSeqCompressFrameStart
ICSeqCompressFrame

Exports

Exports

aabbccdd
daxuewuli
eeffgghh
gaoshu
gongchengshuxue
iijjkkmm

Sections

.text
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa7b39fd837551c066be6f581320f4e9

Headers

File Characteristics

Imports

kernel32

netapi32

msvfw32

Exports

Exports

Sections

.text Size: 144KB - Virtual size: 140KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 28KB - Virtual size: 36KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 144KB - Virtual size: 140KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 28KB - Virtual size: 36KB

.rsrc
Size: 8KB - Virtual size: 5KB