7c47c65f1aa589c33355d80b1dc26625a313d71538ea966ea921a90db11193ef

Sharing

Copy URL

Twitter E-mail

General

Target

7c47c65f1aa589c33355d80b1dc26625a313d71538ea966ea921a90db11193ef
Size

2.8MB
MD5

435f8b9442e686cd9c387a977bbe62e2
SHA1

4be55ecca56e13240ca1c552c5e29a31ee4039a5
SHA256

7c47c65f1aa589c33355d80b1dc26625a313d71538ea966ea921a90db11193ef
SHA512

1aca3f9259bfcfced68bd61f6fbfe2ea853595dd400fabbfc6bd36072a40b35b294a5121b8b9e3149e85e78602bbdc0b607b27a19b312e2dbb9a06c1f07da824
SSDEEP

49152:JIUJOI9qAjhgFSNt9ReYiHqvRbIqHSyJX5LL9lS4CiIBgQMLNjhByk3gM9Hcw:JIUIZNIJeqpbICV5LLFQMLFhT7D

Score

8^/10

aspackv2 vmprotect

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

Processes:

resource	yara_rule
static1/unpack001/QQ邮箱群发王1.0/update.exe	aspack_v212_v242

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

Processes:

resource	yara_rule
static1/unpack001/QQ邮箱群发王1.0/破障QQ邮箱营销王免费版.exe	vmprotect

Files

7c47c65f1aa589c33355d80b1dc26625a313d71538ea966ea921a90db11193ef
.rar
QQ邮箱群发王1.0/ESPI.dll
.dll windows x86

4d8a5c64070707a8640fb1b471aa8b2d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACleanup
WSAStartup
WSASetLastError

kernel32

TlsGetValue
LocalReAlloc
TlsSetValue
GlobalAlloc
GlobalReAlloc
GlobalLock
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
TlsAlloc
LocalAlloc
LocalFree
InterlockedDecrement
DeleteCriticalSection
GetVersion
lstrcpynA
GetLastError
SetLastError
IsBadReadPtr
IsBadWritePtr
IsBadStringPtrA
IsBadStringPtrW
lstrcmpA
lstrlenA
FreeLibrary
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
OpenFileMappingA
ReleaseMutex
WaitForSingleObject
CloseHandle
OpenMutexA
CreateMutexA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
LoadLibraryA
GetProcAddress
ExpandEnvironmentStringsA
OutputDebugStringA
GetCurrentThreadId
GetModuleFileNameA
GetCurrentProcessId
GetLocaleInfoW
SetEnvironmentVariableA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
SetStdHandle
IsBadCodePtr
UnhandledExceptionFilter
Sleep
GetStringTypeW
GetStringTypeA
SetConsoleCtrlHandler
SetUnhandledExceptionFilter
VirtualAlloc
HeapReAlloc
HeapAlloc
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
FatalAppExitA
VirtualFree
HeapFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
InterlockedIncrement
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
TerminateProcess
ExitProcess
ExitThread
CreateThread
GetACP
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetStdHandle
DebugBreak
RaiseException
HeapValidate
GetCommandLineA
RtlUnwind
SetFileAttributesA
SystemTimeToFileTime
LocalFileTimeToFileTime
GetVersionExA
GetFileSize
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
SetErrorMode
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetFullPathNameA
GetTempFileNameA
GetFileAttributesA
GetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
FindResourceExA
FormatMessageA
GetOEMCP
GetCPInfo
GetCurrentThread
SizeofResource
CreateEventA
SetEvent
GlobalFlags
GetProcessVersion
GetPrivateProfileIntA
GetProfileIntA
MulDiv
VirtualProtect
SuspendThread
ResumeThread
GetThreadPriority
SetThreadPriority
lstrcatA
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
LockResource
FindResourceA
LoadResource
FreeResource
FileTimeToLocalFileTime
FileTimeToSystemTime
MultiByteToWideChar
WideCharToMultiByte

user32

DestroyMenu
UnpackDDElParam
GetClipboardFormatNameA
GetDialogBaseUnits
TranslateMessage
LoadStringA
GetMessageA
GetCursorPos
SetCursor
DestroyCursor
SetCursorPos
ReleaseCapture
CheckMenuRadioItem
GetMenuContextHelpId
SetMenuContextHelpId
LoadMenuIndirectA
LoadMenuA
RemoveMenu
ModifyMenuA
InsertMenuA
GetSubMenu
GetMenuItemInfoA
GetMenuStringA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
AppendMenuA
DeleteMenu
IsMenu
CreatePopupMenu
CreateMenu
ScrollDC
GrayStringA
GetTabbedTextExtentA
DrawTextA
DrawFocusRect
DrawEdge
DrawStateA
DrawIcon
InvertRect
FrameRect
FillRect
ExcludeUpdateRgn
WindowFromDC
GetSysColorBrush
SubtractRect
UnionRect
InflateRect
SetRectEmpty
SetRect
PtInRect
IsRectEmpty
GetAsyncKeyState
GetMenuCheckMarkDimensions
LoadBitmapA
SetMenuItemBitmaps
OpenIcon
CloseWindow
LoadCursorA
PostThreadMessageA
GetWindowContextHelpId
SetWindowContextHelpId
SendNotifyMessageA
GetForegroundWindow
SetForegroundWindow
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
FlashWindow
WindowFromPoint
SetParent
GetLastActivePopup
FindWindowA
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
DlgDirSelectComboBoxExA
DlgDirSelectExA
DlgDirListComboBoxA
DlgDirListA
GetDesktopWindow
SetCapture
KillTimer
SetTimer
LoadAcceleratorsA
RedrawWindow
LockWindowUpdate
GetDCEx
ShowOwnedPopups
IsWindowVisible
ValidateRgn
ValidateRect
InvalidateRgn
InvalidateRect
GetUpdateRgn
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ClientToScreen
BringWindowToTop
GetWindowRgn
SetWindowRgn
ArrangeIconicWindows
IsZoomed
HiliteMenuItem
GetSystemMenu
DrawMenuBar
SetMenu
GetMenu
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
LoadIconA
SendDlgItemMessageA
GetClientRect
MapWindowPoints
GetSysColor
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetParent
GetWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetKeyState
DefWindowProcA
GetClassNameA
GetDlgCtrlID
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
RegisterWindowMessageA
EndDialog
GetActiveWindow
TranslateAcceleratorA
ReuseDDElParam
CharUpperA
DestroyIcon
EnableScrollBar
SetActiveWindow
EnableWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
OemToCharA
CharToOemA
UnhookWindowsHookEx
PeekMessageA
PostQuitMessage
wsprintfA
TabbedTextOutA
PostMessageA
SendMessageA
MessageBoxA
IsWindow
DrawFrameControl
MapDialogRect

gdi32

SetTextJustification
CreatePenIndirect
CreatePen
GetObjectType
UnrealizeObject
GetStockObject
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
ExtTextOutA
CloseEnhMetaFile
CreateEnhMetaFileA
CloseMetaFile
CreateMetaFileA
CreateSolidBrush
CreateHatchBrush
CreateBrushIndirect
CreatePatternBrush
CreateDIBPatternBrushPt
CreateFontIndirectA
CreateFontA
CreateBitmapIndirect
SetBitmapBits
GetBitmapBits
SetBitmapDimensionEx
GetBitmapDimensionEx
CreateCompatibleBitmap
CreateDiscardableBitmap
CreatePalette
CreateHalftonePalette
GetPaletteEntries
SetPaletteEntries
AnimatePalette
GetNearestPaletteIndex
ResizePalette
CreateRectRgn
CreateRectRgnIndirect
CreateEllipticRgn
CreateEllipticRgnIndirect
CreatePolygonRgn
CreatePolyPolygonRgn
CreateRoundRectRgn
PathToRegion
ExtCreateRegion
GetRegionData
SetRectRgn
CombineRgn
EqualRgn
OffsetRgn
GetRgnBox
PtInRegion
RectInRegion
CreateDCA
CreateICA
CreateCompatibleDC
GetDeviceCaps
GetBrushOrgEx
SetBrushOrgEx
EnumObjects
SelectObject
GetNearestColor
RealizePalette
UpdateColors
GetBkColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetMapMode
GetViewportOrgEx
GetViewportExtEx
GetWindowOrgEx
GetWindowExtEx
DPtoLP
LPtoDP
FillRgn
FrameRgn
InvertRgn
PaintRgn
PtVisible
RectVisible
GetCurrentPositionEx
Arc
Polyline
Chord
Ellipse
Pie
Polygon
PolyPolygon
Rectangle
RoundRect
PatBlt
BitBlt
StretchBlt
GetPixel
SetPixel
FloodFill
ExtFloodFill
TextOutA
GetTextExtentPoint32A
GetTextAlign
GetTextFaceA
GetTextMetricsA
GetTextCharacterExtra
GetCharWidthA
GetAspectRatioFilterEx
Escape
SetBoundsRect
GetBoundsRect
ResetDCA
GetOutlineTextMetricsA
GetCharABCWidthsA
GetFontData
GetKerningPairsA
GetGlyphOutlineA
StartDocA
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
MaskBlt
PlgBlt
SetPixelV
AngleArc
GetArcDirection
PolyPolyline
GetColorAdjustment
GetCurrentObject
PolyBezier
DrawEscape
ExtEscape
GetCharABCWidthsFloatA
GetCharWidthFloatA
AbortPath
BeginPath
CloseFigure
EndPath
FillPath
FlattenPath
GetMiterLimit
GetPath
SetMiterLimit
StrokeAndFillPath
StrokePath
WidenPath
GdiComment
PlayEnhMetaFile
DeleteDC
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
EnumFontFamiliesExA
StretchDIBits
PlayMetaFile
EnumMetaFile
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
GetClipRgn
DeleteObject
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo
SetMapperFlags
SetTextCharacterExtra
ExtCreatePen
SetTextAlign
LineTo
MoveToEx
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx

comdlg32

GetOpenFileNameA
GetFileTitleA
ChooseColorA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

SetSecurityDescriptorDacl
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyA
RegSetValueA
RegQueryValueA
InitializeSecurityDescriptor

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
DragAcceptFiles
ExtractIconA

comctl32

ImageList_Destroy
ord13
ord8
ImageList_Create
DestroyPropertySheetPage
PropertySheetA
ord17
ImageList_LoadImageA
ImageList_Merge
ImageList_Read
ImageList_Write
ord14
ImageList_GetImageCount
ImageList_Add
ImageList_AddMasked
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_GetDragImage
ImageList_DragEnter
ImageList_DragLeave
CreatePropertySheetPageA
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_SetOverlayImage
ImageList_GetImageInfo
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragMove
ImageList_SetDragCursorImage
ImageList_DragShowNolock
ImageList_Draw

Exports

Exports

GetNPMVersion
SetPara
WSPStartup

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.inidata
Size: 4KB - Virtual size: 577B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQ邮箱群发王1.0/MailMdb.mdb
QQ邮箱群发王1.0/QQ邮箱群发器说明.doc
.doc windows office2003
QQ邮箱群发王1.0/UUWiseHelper.dll
.dll windows x86

2ad788c316446156ecb8a7d2a52bff07

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapAlloc
RtlUnwind
RaiseException
VirtualAlloc
HeapReAlloc
ExitProcess
HeapSize
SetStdHandle
GetFileType
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
HeapCreate
HeapDestroy
VirtualFree
GetConsoleCP
GetOEMCP
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
GetCPInfo
GlobalFindAtomA
lstrcmpW
GetVersionExA
GlobalFlags
WritePrivateProfileStringA
GetFileTime
GetFileSizeEx
GetFileAttributesA
GlobalGetAtomNameA
InterlockedIncrement
GetModuleHandleW
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
InterlockedDecrement
GetModuleFileNameW
GetCurrentProcessId
GlobalAddAtomA
WaitForSingleObject
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
CompareStringA
InterlockedExchange
lstrcmpA
GetModuleHandleA
GetProcAddress
CreateFileA
GetModuleFileNameA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
CloseHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
LocalAlloc
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLastError
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenA
Sleep
MultiByteToWideChar
FindClose
FindFirstFileA
FindResourceA
LoadResource
LockResource
SizeofResource
GetConsoleMode
WideCharToMultiByte

user32

DestroyMenu
ShowWindow
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
GetClientRect
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
SetWindowTextA
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowTextA
LoadCursorA
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnregisterClassA
UnhookWindowsHookEx
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetParent
SendMessageA
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostMessageA
PostQuitMessage
CharUpperA
GetSystemMetrics
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu

gdi32

DeleteDC
TextOutA
GetStockObject
RectVisible
PtVisible
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
GetDeviceCaps
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap
ExtTextOutA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

oleaut32

VariantInit
VariantClear
VariantChangeType

wininet

HttpOpenRequestA
InternetConnectA
HttpSendRequestExA
HttpEndRequestA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
HttpQueryInfoA
HttpAddRequestHeadersA
InternetQueryDataAvailable

Exports

Exports

getResult
getScore
login
pay
recognizeByByte
recognizeByPath
recognizeByStream
recognizeWithIdByByte
recognizeWithIdByPath
recognizeWithIdByStream
regUser
reportError
setSoftInfo
setTimeOut
uploadByPicChars
uploadByPicPath

Sections

.text
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQ邮箱群发王1.0/update.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 217KB - Virtual size: 508KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
QQ邮箱群发王1.0/yx_ADSL.ini
QQ邮箱群发王1.0/yx_config.ini
QQ邮箱群发王1.0/下载说明.txt
QQ邮箱群发王1.0/华彩联盟论坛.url
.url
QQ邮箱群发王1.0/华彩软件站-使用必读.url
.url
QQ邮箱群发王1.0/无法使用问题解答.txt
QQ邮箱群发王1.0/用前必看.txt
QQ邮箱群发王1.0/用户必看.doc
.doc windows office2003
QQ邮箱群发王1.0/破障QQ邮箱营销王免费版.exe
.exe windows x86

396b6516531a77e34071c24ef13ea8ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasEnumEntriesA

kernel32

IsBadWritePtr
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

GetForegroundWindow

gdi32

SetWindowExtEx

winmm

midiStreamOpen

msimg32

GradientFill

winspool.drv

OpenPrinterA

advapi32

RegOpenKeyExA

shell32

Shell_NotifyIconA

ole32

CoRevokeClassObject

oleaut32

LoadTypeLi

comctl32

ImageList_Read

oledlg

ord8

ws2_32

WSAAsyncSelect

wininet

InternetCloseHandle

comdlg32

ChooseFontA

Sections

.text
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d8a5c64070707a8640fb1b471aa8b2d

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 72KB - Virtual size: 68KB

.data Size: 52KB - Virtual size: 66KB

.idata Size: 20KB - Virtual size: 19KB

.inidata Size: 4KB - Virtual size: 577B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 48KB - Virtual size: 46KB

2ad788c316446156ecb8a7d2a52bff07

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shlwapi

oleaut32

wininet

Exports

Exports

Sections

.text Size: 183KB - Virtual size: 182KB

.rdata Size: 39KB - Virtual size: 38KB

.data Size: 9KB - Virtual size: 23KB

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 31KB - Virtual size: 31KB

Headers

File Characteristics

Sections

.text Size: 217KB - Virtual size: 508KB

.rdata Size: 20KB - Virtual size: 80KB

.data Size: 17KB - Virtual size: 184KB

.rsrc Size: 6KB - Virtual size: 116KB

.aspack Size: 104KB - Virtual size: 104KB

.adata Size: - Virtual size: 4KB

396b6516531a77e34071c24ef13ea8ce

Headers

File Characteristics

Imports

rasapi32

kernel32

user32

gdi32

winmm

msimg32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

oledlg

ws2_32

wininet

comdlg32

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 72KB - Virtual size: 68KB

.data
Size: 52KB - Virtual size: 66KB

.idata
Size: 20KB - Virtual size: 19KB

.inidata
Size: 4KB - Virtual size: 577B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 48KB - Virtual size: 46KB

.text
Size: 183KB - Virtual size: 182KB

.rdata
Size: 39KB - Virtual size: 38KB

.data
Size: 9KB - Virtual size: 23KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 31KB - Virtual size: 31KB

.text
Size: 217KB - Virtual size: 508KB

.rdata
Size: 20KB - Virtual size: 80KB

.data
Size: 17KB - Virtual size: 184KB

.rsrc
Size: 6KB - Virtual size: 116KB

.aspack
Size: 104KB - Virtual size: 104KB

.adata
Size: - Virtual size: 4KB

.text
Size: - Virtual size: 1.2MB

.rdata
Size: - Virtual size: 271KB

.data
Size: - Virtual size: 403KB

.vmp0
Size: - Virtual size: 1.1MB

.vmp1
Size: 1.7MB - Virtual size: 1.7MB

.rsrc
Size: 164KB - Virtual size: 161KB