General

Malware Config

Signatures

Files

• ecc3a87bd099d68fc0d32a0f7fe68275791b29c881d4864e4a7c19e6e2d0dc84

  .rar
• 【咚咚】Q游记1.0版本辅注/【咚咚】Q游记1.0版本辅注.exe

  .exe windows x86

  1b650099830dd8e29659197093ee8854

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  winmm

  waveOutOpen

  ws2_32

  WSAAsyncSelect

  kernel32

  TerminateProcess

  GetModuleFileNameW

  GetModuleHandleA

  LoadLibraryA

  LocalAlloc

  LocalFree

  GetModuleFileNameA

  ExitProcess

  user32

  CharUpperA

  gdi32

  BeginPath

  winspool.drv

  OpenPrinterA

  advapi32

  RegCloseKey

  shell32

  Shell_NotifyIconA

  ole32

  StgCreateDocfileOnILockBytes

  oleaut32

  SafeArrayUnaccessData

  comctl32

  ImageList_Destroy

  oledlg

  ord8

  comdlg32

  ChooseColorA

  Sections

  .text

  Size: - Virtual size: 505KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: - Virtual size: 901KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: - Virtual size: 223KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .vmp0

  Size: - Virtual size: 969KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .vmp1

  Size: 2.1MB - Virtual size: 2.1MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 12KB - Virtual size: 11KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

• 【咚咚】Q游记1.0版本辅注/下载说明.txt