9f5c1f58bf1c3ccb99079b5e107fa85d186b7d1bb024c810136d9b205da337c9

Sharing

Copy URL Twitter E-mail

General

Target

9f5c1f58bf1c3ccb99079b5e107fa85d186b7d1bb024c810136d9b205da337c9
Size

7.7MB
MD5

e4917bb2e7a2a6d3b0bf7cf7b4dd7226
SHA1

e892df4141cbec56afd2b4f935d40e5c67686635
SHA256

9f5c1f58bf1c3ccb99079b5e107fa85d186b7d1bb024c810136d9b205da337c9
SHA512

197fa53d199b564927c9ae88f883c767b74ee7081d6f1b7578532254fdcc361b0ce6526502bb601090c10bc23c951c0a72e97534308f1106590fa142a980bdd9
SSDEEP

196608:US0TfIT2zH2pE7iJRqM0W2osz2iq3S8iiQxRB3t/n0PT:30lsJl78BaS8iimjtf0PT

Score

N/A

Malware Config

Signatures

Files

9f5c1f58bf1c3ccb99079b5e107fa85d186b7d1bb024c810136d9b205da337c9
.rar
冬至幻灵游侠2.5服务端+登录器/readme.txt
冬至幻灵游侠2.5服务端+登录器/使用说明.bat
冬至幻灵游侠2.5服务端+登录器/冬至幻灵游侠2.5服务端.zip
.zip
2.5.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 323KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
冬至幻灵游侠2.5服务端+登录器/幻灵人物资料yx_user表参数详解.gif
.gif
冬至幻灵游侠2.5服务端+登录器/幻灵游侠2.5专用登录器(通用版).exe
.exe windows x86

73ec795c6c369c6ce2c3b4c3f6477daa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcatA
InitializeCriticalSection
GetProcAddress
LocalFree
RaiseException
LocalAlloc
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
DuplicateHandle
GetShortPathNameA
ResumeThread
WriteProcessMemory
GetPrivateProfileSectionA
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW

user32

DefWindowProcA
AdjustWindowRectEx

Sections

0
Size: 512B - Virtual size: 556B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

1
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

2
Size: 121KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3
Size: 258KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

4
Size: 46KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

6
Size: 7KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
冬至幻灵游侠2.5服务端+登录器/说明.txt
冬至幻灵游侠2.5服务端+登录器/雷火软件站.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

CODE Size: 36KB - Virtual size: 35KB

DATA Size: 1024B - Virtual size: 584B

BSS Size: - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 2KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: - Virtual size: 2KB

.rsrc Size: 323KB - Virtual size: 322KB

73ec795c6c369c6ce2c3b4c3f6477daa

Headers

File Characteristics

Imports

kernel32

user32

Sections

0 Size: 512B - Virtual size: 556B

1 Size: 512B - Virtual size: 404B

2 Size: 121KB - Virtual size: 201KB

3 Size: 258KB - Virtual size: 257KB

4 Size: 46KB - Virtual size: 71KB

5 Size: 3KB - Virtual size: 3KB

6 Size: 7KB - Virtual size: 28KB

CODE
Size: 36KB - Virtual size: 35KB

DATA
Size: 1024B - Virtual size: 584B

BSS
Size: - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 2KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: - Virtual size: 2KB

.rsrc
Size: 323KB - Virtual size: 322KB

0
Size: 512B - Virtual size: 556B

1
Size: 512B - Virtual size: 404B

2
Size: 121KB - Virtual size: 201KB

3
Size: 258KB - Virtual size: 257KB

4
Size: 46KB - Virtual size: 71KB

5
Size: 3KB - Virtual size: 3KB

6
Size: 7KB - Virtual size: 28KB