85ef54212f600e6f7c10637f2d7473637aad33a6dc37613ef8cd2530cbc17305

Sharing

Copy URL

Twitter E-mail

General

Target

85ef54212f600e6f7c10637f2d7473637aad33a6dc37613ef8cd2530cbc17305
Size

122KB
MD5

3629c8347c1928efd61cc8c535ef7890
SHA1

47b66098855581a991d2bce062dbcc81b81fa280
SHA256

85ef54212f600e6f7c10637f2d7473637aad33a6dc37613ef8cd2530cbc17305
SHA512

bbcb6e9093b8ab7ae899127f610fc622276669d7431dbe9acab29c0944b1e0b23ae993583fbefdd8317d1adc60a1111753ed92c7367b89af0304f0cadeeafb03
SSDEEP

3072:36rU4TgPuoOGXVuS1j5eeAD5Vb/CNF39iF87f:KrU4CuoOGXIAhRb9QUf

Score

N/A

Malware Config

Signatures

Files

85ef54212f600e6f7c10637f2d7473637aad33a6dc37613ef8cd2530cbc17305
.rar
wed.rar
.rar
PassField.dic
TableName.dic
UserField.dic
WED.exe
.exe windows x86

ed86ca6aa5136f7d421c2b2e64ad969e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

closesocket
WSAGetLastError
recv
__WSAFDIsSet
send
socket
ioctlsocket
htons
inet_addr
gethostbyname
connect
select
WSAStartup

kernel32

GlobalHandle
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
WritePrivateProfileStringA
SetLastError
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetVersion
FreeLibrary
GetProcessVersion
GetFileAttributesA
GetFileSize
GetFileTime
GetCPInfo
GetOEMCP
GlobalUnlock
FileTimeToLocalFileTime
RtlUnwind
ExitProcess
TerminateProcess
HeapFree
CreateThread
ExitThread
SetStdHandle
GetFileType
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
lstrcatA
SetErrorMode
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
LoadLibraryA
InterlockedExchange
GetProcAddress
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
LocalFree
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
WaitForSingleObject
CloseHandle
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GetLastError
SetConsoleCursorPosition
GetStdHandle
GetConsoleScreenBufferInfo
GetCommandLineA
GetModuleHandleA
GetModuleFileNameA
Sleep
FileTimeToSystemTime

user32

RegisterWindowMessageA
SetWindowPos
SetWindowLongA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
DefWindowProcA
GetDlgItem
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
LoadIconA
ShowWindow
GetSysColorBrush
DestroyMenu
GetWindowPlacement
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
UnhookWindowsHookEx
GetLastActivePopup
IsWindowEnabled
MessageBoxA
EnableWindow
GetWindowTextA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetWindowLongA
GetClassNameA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
SetCursor
LoadStringA
GetSystemMetrics
wsprintfA
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
SendMessageA
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
PostMessageA
PostQuitMessage
SystemParametersInfoA
LoadCursorA
IsIconic
CharUpperA

gdi32

ExtTextOutA
TextOutA
Escape
RectVisible
GetObjectA
DeleteObject
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkColor
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
GetDeviceCaps
PtVisible
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

comctl32

ord17

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
wis.rar
.rar
帮助.url
.url
建站无忧jz5u.com说明.txt

Sharing

General

Malware Config

Signatures

Files

ed86ca6aa5136f7d421c2b2e64ad969e

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 8KB - Virtual size: 24KB

.rsrc Size: 4KB - Virtual size: 336B

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 8KB - Virtual size: 24KB

.rsrc
Size: 4KB - Virtual size: 336B