General

Malware Config

Signatures

Files

• 57620f62c4373fed074b06b7bd63796d4981b0622ee70c01ffd931d7c227ae65

  .rar
• 传奇通用变速器7.0/一刀插件官网：55fz.com.url

  .url
• 传奇通用变速器7.0/万千辅助官网：wanqianfz.com.url

  .url
• 传奇通用变速器7.0/传奇守护者官网：184pk.com.url

  .url
• 传奇通用变速器7.0/传奇通用变速器7.0.exe

  .exe windows x86

  bb6967b4b01e1dfdc4070e67da00e6e4

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  lstrlenA

  GetProcAddress

  LoadLibraryA

  GetVersionExA

  LCMapStringA

  SetEndOfFile

  GetOEMCP

  GetACP

  GetCPInfo

  GetModuleFileNameA

  IsBadReadPtr

  SetUnhandledExceptionFilter

  GetStringTypeW

  GetStringTypeA

  MultiByteToWideChar

  MoveFileA

  GetFileType

  GetStdHandle

  SetHandleCount

  GetEnvironmentStringsW

  GetEnvironmentStrings

  WideCharToMultiByte

  FreeEnvironmentStringsW

  FreeEnvironmentStringsA

  UnhandledExceptionFilter

  IsBadWritePtr

  VirtualAlloc

  GetSystemDirectoryA

  GetModuleHandleA

  FreeResource

  SetFilePointer

  IsBadCodePtr

  FlushFileBuffers

  GetTempPathA

  GetFileSize

  ReadFile

  GetLastError

  CloseHandle

  DeleteFileA

  FindResourceA

  LoadResource

  VirtualFree

  HeapCreate

  HeapDestroy

  GetEnvironmentVariableA

  HeapSize

  GetVersion

  GetCommandLineA

  GetStartupInfoA

  RtlUnwind

  GetCurrentProcess

  SizeofResource

  LockResource

  CreateFileA

  WriteFile

  SetStdHandle

  TerminateProcess

  ExitProcess

  HeapReAlloc

  HeapAlloc

  HeapFree

  LCMapStringW

  GetModuleFileNameW

  GetModuleHandleA

  LoadLibraryA

  LocalAlloc

  LocalFree

  GetModuleFileNameA

  ExitProcess

  user32

  CreateWindowExA

  GetClientRect

  SetWindowTextA

  UnregisterHotKey

  KillTimer

  RegisterHotKey

  SetFocus

  SetTimer

  GetDlgItemTextA

  keybd_event

  GetDlgItem

  SendMessageA

  SetDlgItemTextA

  MapVirtualKeyA

  IsDlgButtonChecked

  EndPaint

  wsprintfA

  EnableWindow

  DialogBoxParamA

  MessageBoxA

  DestroyWindow

  EndDialog

  BeginPaint

  gdi32

  SetBkMode

  SetTextColor

  TextOutA

  CreateFontIndirectA

  SelectObject

  advapi32

  RegOpenKeyA

  ControlService

  CloseServiceHandle

  OpenServiceA

  OpenSCManagerA

  AllocateAndInitializeSid

  FreeSid

  RegSetValueExA

  RegCloseKey

  CreateServiceA

  StartServiceA

  DeleteService

  shell32

  ShellExecuteA

  ole32

  CoInitialize

  CoUninitialize

  oleaut32

  SysAllocString

  VariantInit

  wsock32

  htonl

  atl

  ord47

  ord42

  comctl32

  InitCommonControlsEx

  winmm

  timeBeginPeriod

  timeEndPeriod

  wininet

  InternetReadFile

  InternetOpenA

  InternetSetOptionA

  HttpQueryInfoA

  HttpSendRequestA

  HttpAddRequestHeadersA

  HttpOpenRequestA

  InternetConnectA

  InternetCloseHandle

  InternetOpenUrlA

  Sections

  .text

  Size: - Virtual size: 40KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: - Virtual size: 18KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .vmp0

  Size: - Virtual size: 10KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .vmp1

  Size: 232KB - Virtual size: 229KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 8KB - Virtual size: 234KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

• 传奇通用变速器7.0/使用方法.txt
• 传奇通用变速器7.0/变速器官网：yuzhoupk.com.url

  .url
• 传奇通用变速器7.0/简单挂官网：s1904.com.url

  .url
• 传奇通用变速器7.0/请关闭杀毒软件，方可正常运行辅助.txt