General

Malware Config

Signatures

Files

• 44c241c6ac7b81730c49129dcd94d755ae58bfdb77e43e73f35eccd10911a0f1

  .rar
• wjj11.exe

  .exe windows x86

  138e4a7206e25dc2e617507c025a11b6

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  lstrlenA

  Sleep

  DeleteFileA

  WaitForSingleObject

  CreateProcessA

  lstrcmpA

  SetEndOfFile

  SetFilePointer

  CloseHandle

  UnmapViewOfFile

  MapViewOfFile

  CreateFileMappingA

  GetLastError

  CreateFileA

  lstrcpyA

  GetTempPathA

  GetModuleHandleA

  GetStartupInfoA

  user32

  wsprintfA

  shell32

  ShellExecuteA

  msvcrt

  __p__commode

  _onexit

  _exit

  _XcptFilter

  exit

  _acmdln

  __getmainargs

  _initterm

  __setusermatherr

  _adjust_fdiv

  __dllonexit

  __p__fmode

  __set_app_type

  _except_handler3

  _controlfp

  Sections

  .text

  Size: 4KB - Virtual size: 1KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 4KB - Virtual size: 1002B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 4KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 4KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .fyf
  

  Size: 252KB - Virtual size:

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .fyf
  ��

  Size: 684KB - Virtual size:

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .fyf
  

  Size: 796KB - Virtual size:

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

• 使用说明.htm

  .html
• 使用说明.txt
• 小游戏.htm
• 常用软件合集.htm