µã»÷°²×°-Ö½·É»ú¼òÌåÖÐÎÄ°ü (6)[.]zip

Resubmissions

06-11-2022 09:56

221106-lyfyhsghdr 1

06-11-2022 09:21

221106-lbaszsdeb7 1

Sharing

Copy URL

Twitter E-mail

General

Target

µã»÷°²×°-Ö½·É»ú¼òÌåÖÐÎÄ°ü (6).zip
Size

130KB
MD5

f727f7c3c5da5ef62e31f9be21e1bee4
SHA1

6108942f85b3548b585cda30f9bdb2c5e4f3a5e4
SHA256

aca332d08a56feefb7483596fd1acc0ac674c24609cc403dc3968f0ec166e211
SHA512

a037d47866d47ad9dc094bb4af720af3fea1784e310153695f3e7935b8468c9fe51f2edf11820666d8558ca07c8ff67f0f2ccf68ecb80cc5927335a34b8ded39
SSDEEP

3072:wD+FEXsgLQ+ezAiAxtI8hzFO4QjBDujtfH9KaT4fmCSQm9bjokgc:wD+FEXlNxtDhiafdtIxSfZhgc

Score

N/A

Malware Config

Signatures

Files

µã»÷°²×°-Ö½·É»ú¼òÌåÖÐÎÄ°ü (6).zip
.zip

Password: infected
点击安‍装-纸飞机简‌体中文包 (6).com
.exe windows x64

4963ba85b565d2b30e5ac693e65b206d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetCPInfo
GetOEMCP
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetCommandLineA
GetStartupInfoA
RtlUnwindEx
RaiseException
RtlPcToFileHeader
HeapReAlloc
HeapQueryInformation
HeapSize
ExitProcess
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
GetACP
HeapSetInformation
HeapCreate
GetStdHandle
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTimeZoneInformation
GetDriveTypeA
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
GlobalFindAtomA
lstrcmpW
GetVersionExA
GlobalDeleteAtom
GetLocaleInfoA
GetCurrentThreadId
GlobalFlags
GlobalAddAtomA
GetFullPathNameA
GetCurrentProcess
FlushFileBuffers
lstrcmpA
GlobalGetAtomNameA
DeleteCriticalSection
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentProcessId
FreeLibrary
GetModuleHandleA
GetModuleHandleW
CompareStringA
FileTimeToLocalFileTime
FindNextFileA
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MultiByteToWideChar
lstrlenA
GetTickCount
UnmapViewOfFile
FileTimeToSystemTime
SetFileTime
WriteFile
GetFileAttributesA
LocalFileTimeToFileTime
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
CloseHandle
SetFilePointer
CreateFileA
CopyFileA
FindResourceA
LoadResource
LockResource
SizeofResource
GetModuleFileNameA
GetProcAddress
LoadLibraryA
GetLastError
CreateEventA
Sleep
WideCharToMultiByte
lstrlenW
CreateDirectoryA
FindClose
IsValidCodePage
FindFirstFileA

user32

GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
GetWindowLongPtrA
SetWindowLongPtrA
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
GetClientRect
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CallWindowProcA
GetMenu
SystemParametersInfoA
GetWindowPlacement
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
SetForegroundWindow
IsIconic
PostMessageA
SetWindowPos
IsWindow
GetDlgItem
SetWindowsHookExA
CallNextHookEx
GetKeyState
PeekMessageA
ValidateRect
GetFocus
ClientToScreen
LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
SetWindowTextA
GetWindowTextA
GetWindowThreadProcessId
SendMessageA
GetWindowLongA
DestroyMenu
CopyRect
TranslateMessage
DispatchMessageA
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
DialogBoxParamA
DestroyWindow
DefWindowProcA
BeginPaint
EndPaint
PostQuitMessage
EndDialog
wsprintfA
GetSubMenu
GetMenuItemCount
GetParent
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
UnhookWindowsHookEx
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetMenuState
GetMenuItemID
SetMenuItemBitmaps

gdi32

DeleteDC
GetStockObject
RectVisible
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
GetDeviceCaps
PtVisible
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
DeleteObject
TextOutA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

psapi

EnumProcesses

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 219KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: infected

4963ba85b565d2b30e5ac693e65b206d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

psapi

oleaut32

Sections

.text Size: 219KB - Virtual size: 218KB

.rdata Size: 62KB - Virtual size: 61KB

.data Size: 10KB - Virtual size: 32KB

.pdata Size: 13KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 219KB - Virtual size: 218KB

.rdata
Size: 62KB - Virtual size: 61KB

.data
Size: 10KB - Virtual size: 32KB

.pdata
Size: 13KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 3KB