General

Malware Config

Signatures

Files

• 0ffd7869b0d45a4982460530d75707c1705448f5dd2f7f672c5c98a6a41966e9

  .rar
• solidworks绿色版.exe

  .exe windows x86

  98a63e308facf8b8733f5fafb6d78f2c

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  TerminateProcess

  lstrcpyA

  VerLanguageNameA

  lstrlenA

  MultiByteToWideChar

  GlobalAlloc

  lstrcatA

  GetVersion

  GetCurrentThreadId

  GetCurrentThread

  lstrcmpiA

  lstrcmpA

  GlobalDeleteAtom

  InterlockedIncrement

  InterlockedDecrement

  WideCharToMultiByte

  LocalFree

  lstrcpynA

  LocalAlloc

  FlushFileBuffers

  TlsAlloc

  GlobalHandle

  TlsFree

  GlobalReAlloc

  TlsSetValue

  LocalReAlloc

  TlsGetValue

  GlobalFlags

  WritePrivateProfileStringA

  GlobalFindAtomA

  GlobalAddAtomA

  GlobalGetAtomNameA

  GetProcessVersion

  SetErrorMode

  GetCPInfo

  GetOEMCP

  RtlUnwind

  GetSystemTime

  GetLocalTime

  RaiseException

  GetACP

  HeapSize

  SetStdHandle

  GetFileType

  UnhandledExceptionFilter

  FreeEnvironmentStringsA

  FreeEnvironmentStringsW

  GetEnvironmentStrings

  GetEnvironmentStringsW

  SetHandleCount

  GetStdHandle

  GetEnvironmentVariableA

  HeapDestroy

  HeapCreate

  VirtualFree

  VirtualAlloc

  IsBadWritePtr

  LCMapStringW

  SetUnhandledExceptionFilter

  GetStringTypeA

  GetStringTypeW

  IsBadCodePtr

  CompareStringA

  CompareStringW

  SetEnvironmentVariableA

  InterlockedExchange

  GetVersionExA

  GetCurrentProcess

  GetLastError

  SetFilePointer

  GlobalLock

  GlobalUnlock

  GlobalFree

  CreateToolhelp32Snapshot

  Process32First

  Process32Next

  LeaveCriticalSection

  EnterCriticalSection

  DeleteCriticalSection

  InitializeCriticalSection

  CreateThread

  SetLastError

  GetTimeZoneInformation

  GetTickCount

  Sleep

  LCMapStringA

  LoadLibraryA

  GetProcAddress

  FreeLibrary

  GetCommandLineA

  MoveFileA

  CreateFileA

  WriteFile

  CreateDirectoryA

  GetStartupInfoA

  CreateProcessA

  WaitForSingleObject

  CloseHandle

  GetModuleFileNameA

  IsBadReadPtr

  HeapFree

  HeapReAlloc

  HeapAlloc

  ExitProcess

  GetModuleHandleA

  GetProcessHeap

  RtlMoveMemory

  user32

  GetPropA

  SetPropA

  GetClassLongA

  CreateWindowExA

  GetMenuItemID

  GetSubMenu

  GetMenu

  RegisterClassA

  GetClassInfoA

  WinHelpA

  GetCapture

  GetTopWindow

  CopyRect

  GetClientRect

  AdjustWindowRectEx

  GetSysColor

  MapWindowPoints

  LoadIconA

  LoadCursorA

  GetSysColorBrush

  LoadStringA

  DestroyMenu

  CallWindowProcA

  RemovePropA

  DefWindowProcA

  GetMessageTime

  GetMessagePos

  GetForegroundWindow

  SetForegroundWindow

  RegisterWindowMessageA

  IsIconic

  GetWindowPlacement

  SetFocus

  SetWindowPos

  GetMenuItemCount

  GetDlgCtrlID

  DestroyWindow

  UnhookWindowsHookEx

  GrayStringA

  DrawTextA

  TabbedTextOutA

  ClientToScreen

  GetMenuCheckMarkDimensions

  LoadBitmapA

  GetMenuState

  ModifyMenuA

  SetMenuItemBitmaps

  CheckMenuItem

  EnableMenuItem

  GetFocus

  GetNextDlgTabItem

  GetActiveWindow

  GetKeyState

  CallNextHookEx

  ValidateRect

  SetWindowsHookExA

  GetLastActivePopup

  IsWindowEnabled

  EnableWindow

  SetCursor

  PostMessageA

  PostQuitMessage

  GetParent

  GetWindow

  PtInRect

  IsWindowVisible

  GetWindowLongA

  GetWindowTextA

  FindWindowExA

  GetCursorPos

  SetWindowLongA

  GetDlgItem

  ShowWindow

  SystemParametersInfoA

  GetDC

  ReleaseDC

  GetClassNameA

  SendMessageA

  GetWindowRect

  GetSystemMetrics

  SetWindowTextA

  PeekMessageA

  GetMessageA

  TranslateMessage

  DispatchMessageA

  wsprintfA

  MessageBoxA

  GetMenuInfo

  SetMenuInfo

  DialogBoxParamA

  GetClassInfoExA

  TrackMouseEvent

  UnregisterClassA

  gdi32

  GetObjectA

  GetStockObject

  GetDeviceCaps

  DeleteDC

  CreateBitmap

  SaveDC

  RestoreDC

  SetBkColor

  SetTextColor

  SetMapMode

  SetViewportOrgEx

  OffsetViewportOrgEx

  SetViewportExtEx

  SetWindowExtEx

  ScaleWindowExtEx

  GetClipBox

  Escape

  ExtTextOutA

  TextOutA

  RectVisible

  ScaleViewportExtEx

  SelectObject

  PtVisible

  DeleteObject

  shlwapi

  PathFileExistsA

  shell32

  Shell_NotifyIconA

  DragFinish

  DragQueryFileA

  ShellExecuteA

  DragAcceptFiles

  atl

  ord42

  rasapi32

  RasGetConnectStatusA

  RasHangUpA

  winspool.drv

  ClosePrinter

  OpenPrinterA

  DocumentPropertiesA

  comctl32

  ord17

  wsock32

  WSAStartup

  WSACleanup

  select

  closesocket

  recv

  send

  wininet

  InternetReadFile

  HttpQueryInfoA

  HttpSendRequestA

  HttpOpenRequestA

  InternetCrackUrlA

  InternetCanonicalizeUrlA

  InternetCloseHandle

  InternetSetOptionA

  InternetConnectA

  InternetOpenA

  version

  GetFileVersionInfoSizeA

  GetFileVersionInfoA

  VerQueryValueA

  advapi32

  RegOpenKeyExA

  RegSetValueExA

  RegCreateKeyExA

  RegCloseKey

  Sections

  .text

  Size: 172KB - Virtual size: 170KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 20KB - Virtual size: 19KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 24KB - Virtual size: 181KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 32KB - Virtual size: 30KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE