f40e06fd5cded595d384b507df4228ea03b8502424daeb09f19bdf60aae4277b

Sharing

Copy URL Twitter E-mail

General

Target

f40e06fd5cded595d384b507df4228ea03b8502424daeb09f19bdf60aae4277b
Size

195KB
MD5

f364d1a1047877d3d749a35bed07def4
SHA1

ef730540fe6369d37c304a4ea19957c4a610bf1c
SHA256

f40e06fd5cded595d384b507df4228ea03b8502424daeb09f19bdf60aae4277b
SHA512

4d5bf1e1891c36fd1f58400489ae30680de0e4b43035dfe7e843fb3a86093c2caa96167476950c2480cafd8811b7888bb5e418cc88c54682307d8ba3931ecf33
SSDEEP

3072:HXv21OKCud128b6lJ4LTfP5s/rgaMUogZloDxqcTnUdYdLnED7zsuOEBnkicT:u1OKCuPVXPC2x8l5cTUdH7zs3E9kiQ

Score

N/A

Malware Config

Signatures

Files

f40e06fd5cded595d384b507df4228ea03b8502424daeb09f19bdf60aae4277b
.rar
3346游戏须知.txt
天龙伙伴.exe
.exe windows x86

97d64f09a41df9dbb459925e2e24d201

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleFileNameExA
EnumProcessModules

kernel32

FindFirstFileA
FlushFileBuffers
GetFileSize
GetFullPathNameA
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
GetVolumeInformationA
FileTimeToLocalFileTime
GetFileAttributesExA
GetFileSizeEx
GetFileTime
SetErrorMode
GetTickCount
IsDebuggerPresent
IsProcessorFeaturePresent
AreFileApisANSI
GetSystemTimeAsFileTime
GetCommandLineA
RtlUnwind
GetSystemInfo
VirtualAlloc
FindClose
VirtualQuery
SetStdHandle
GetFileType
ExitProcess
GetModuleHandleExW
HeapQueryInformation
IsValidCodePage
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
MoveFileExW
GetTimeZoneInformation
GetStdHandle
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetStringTypeW
GetDateFormatW
GetTimeFormatW
LCMapStringW
OutputDebugStringW
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
CreateFileA
GetCPInfo
GetOEMCP
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
FileTimeToSystemTime
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
GetVersionExA
GetCurrentThread
GetThreadLocale
GetCurrentProcessId
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
FindResourceA
FreeResource
FormatMessageA
MulDiv
LocalFree
LoadLibraryW
GetModuleHandleW
GetModuleFileNameW
SetLastError
GetACP
MultiByteToWideChar
FreeLibraryAndExitThread
GetExitCodeThread
ResumeThread
SuspendThread
VirtualFreeEx
WaitForSingleObject
CreateRemoteThread
GetModuleHandleA
WriteProcessMemory
VirtualAllocEx
lstrlenA
Sleep
Process32Next
Process32First
CreateToolhelp32Snapshot
DeleteFileA
CreateThread
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcpyA
GetModuleFileNameA
OutputDebugStringA
TerminateProcess
OpenProcess
ReadProcessMemory
CloseHandle
GetCurrentProcess
DeleteCriticalSection
DecodePointer
EnterCriticalSection
HeapSize
GetLastError
RaiseException
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
CreateDirectoryA
GetFileAttributesA
FreeLibrary
GetProcAddress
LoadLibraryA
InterlockedDecrement
VirtualProtect

user32

PostThreadMessageA
IsRectEmpty
SetRect
InvalidateRgn
InvalidateRect
CopyAcceleratorTableA
ReleaseCapture
SetCapture
CharUpperA
IntersectRect
DestroyMenu
RealChildWindowFromPoint
GetCursorPos
TranslateMessage
GetMessageA
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
OffsetRect
CharNextA
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
ReleaseDC
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageA
SetWindowTextA
SetDlgItemTextA
MoveWindow
MonitorFromWindow
WinHelpA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassLongA
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ValidateRect
GetForegroundWindow
UpdateWindow
SetMenu
GetMenu
GetCapture
GetKeyState
EnableWindow
MessageBoxA
SendMessageA
UnregisterClassA
GetFocus
SetFocus
GetDlgCtrlID
SetWindowPos
IsChild
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
PostMessageA
GetMessageTime
GetMessagePos
RegisterClipboardFormatA
PeekMessageA
DispatchMessageA
MessageBeep
GetNextDlgGroupItem
KillTimer
SetTimer
LoadIconW
GetWindowRect
GetWindowLongA
GetMonitorInfoA
SetWindowLongA
GetSysColorBrush
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
EnumWindows
GetWindowThreadProcessId
GetClassNameA
SetForegroundWindow
keybd_event
MapVirtualKeyA
GetWindowPlacement
SetWindowPlacement
ShowWindow
IsWindowVisible
LoadIconA
RegisterHotKey
UnregisterHotKey
LoadCursorA
SetCursor
RedrawWindow
SendDlgItemMessageA
GetParent
GetSubMenu
GetMenuItemID
GetMenuItemCount
IsWindow
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
RegisterWindowMessageA
GetDesktopWindow
GetDC

gdi32

SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetBkColor
GetTextColor
GetMapMode
GetRgnBox
ExtTextOutA
TextOutA
GetObjectA
CreateSolidBrush
DeleteDC
SetMapMode
SetBkMode
SelectObject
ExtSelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetClipBox
Escape
DeleteObject
CreateRectRgnIndirect
CreateBitmap
SetTextColor
SetBkColor
GetDeviceCaps
CreateFontIndirectA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteKeyA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
OpenProcessToken
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueA

shell32

ShellExecuteA
Shell_NotifyIconA

comctl32

InitCommonControlsEx

shlwapi

PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA

ole32

CoTaskMemFree
CoUninitialize
CoInitialize
CoCreateGuid
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoTaskMemAlloc
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter

oleaut32

VariantInit
VariantClear
VariantChangeType
OleCreateFontIndirect
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysAllocStringLen
VariantCopy
SysAllocString
SysAllocStringByteLen
SysFreeString
GetErrorInfo

oledlg

ord8

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetReadFile

winmm

PlaySoundA

tl_6x

ord2
ord1

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 265KB - Virtual size: 265KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cici_dat
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 39KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

97d64f09a41df9dbb459925e2e24d201

Headers

DLL Characteristics

File Characteristics

Imports

psapi

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

version

wininet

winmm

tl_6x

oleacc

Sections

.text Size: 265KB - Virtual size: 265KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 11KB - Virtual size: 28KB

cici_dat Size: 512B - Virtual size: 4B

.rsrc Size: 67KB - Virtual size: 67KB

.reloc Size: 39KB - Virtual size: 42KB

.text
Size: 265KB - Virtual size: 265KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 11KB - Virtual size: 28KB

cici_dat
Size: 512B - Virtual size: 4B

.rsrc
Size: 67KB - Virtual size: 67KB

.reloc
Size: 39KB - Virtual size: 42KB