General

Malware Config

Signatures

Files

• 385b0ef67843d7b640b616b16b2a764d636112645eb63682e054b8b55e84686c

  .zip
• 下载说明.htm

  .html .js
• 魔力神器_大家来找茬辅助.exe

  .exe windows x86

  b022054f001d96196a46ec55b25c0f87

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  iphlpapi

  GetAdaptersInfo

  winmm

  waveOutGetNumDevs

  ws2_32

  socket

  rasapi32

  RasHangUpA

  kernel32

  GetVersionExA

  GetVersion

  GetLastError

  GetModuleFileNameW

  GetModuleHandleA

  LoadLibraryA

  LocalAlloc

  LocalFree

  GetModuleFileNameA

  ExitProcess

  user32

  SetRect

  gdi32

  TextOutA

  winspool.drv

  OpenPrinterA

  advapi32

  RegOpenKeyExA

  shell32

  DragQueryFileA

  ole32

  CLSIDFromString

  oleaut32

  VariantCopyInd

  comctl32

  ImageList_DragMove

  wininet

  InternetGetConnectedState

  comdlg32

  GetOpenFileNameA

  Sections

  .text

  Size: - Virtual size: 774KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: - Virtual size: 287KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: - Virtual size: 374KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .vmp0

  Size: - Virtual size: 6.2MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .vmp1

  Size: 7.3MB - Virtual size: 7.3MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 20KB - Virtual size: 19KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ