32fcc8edf692873ef6a690addac83060016722b25251472e80f898dbf6b35c58

Sharing

Copy URL

Twitter E-mail

General

Target

32fcc8edf692873ef6a690addac83060016722b25251472e80f898dbf6b35c58
Size

232KB
MD5

a86afdbeee5c7f060d0e617ed77325c0
SHA1

2c674b3c31c27caaaadeaab7637fe032d454674d
SHA256

32fcc8edf692873ef6a690addac83060016722b25251472e80f898dbf6b35c58
SHA512

d2694136c0224fa1a4dc1dab42fc753a664852bac35b8581480198028695d99d351bfb77a24d66f5b568d0cdb0c4a3b07e703412bad145b56eedae62ee61f9b0
SSDEEP

6144:+iNrMUhTgyEsx/nwPwZoEbKuo7CPnKDG/VQNwc:+GrMCgyEsx/kwZ7DoePnKDG/VYwc

Score

N/A

Malware Config

Signatures

Files

32fcc8edf692873ef6a690addac83060016722b25251472e80f898dbf6b35c58
.exe windows x86

121b063d11c9ca7aa33fe6a3a466fd07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
CreateEventA
CloseHandle
WaitForSingleObject
ResetEvent
InterlockedExchange
CancelIo
OutputDebugStringA
lstrcatA
InterlockedDecrement
GetLastError
MultiByteToWideChar
lstrlenA
RtlUnwind
RaiseException
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
GetCurrentProcess
GetFileAttributesA
InterlockedIncrement
WideCharToMultiByte
CreateThread
GetCurrentThreadId
TlsSetValue
TlsGetValue
ExitThread
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TlsAlloc
SetLastError
SetUnhandledExceptionFilter
GetModuleFileNameA
GetEnvironmentVariableA
LoadLibraryA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
HeapSize
WriteFile
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FlushFileBuffers
SetFilePointer
CreateFileA
GetCPInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
SetEndOfFile
ReadFile
FreeLibrary
LocalFree
GetVersionExA
GetProcAddress
LocalAlloc

user32

IsWindow
SendMessageA
CreateWindowExA

advapi32

RegOpenKeyExA

ole32

CLSIDFromString
CoUninitialize
OleRun
CoCreateInstance
CoInitialize
CLSIDFromProgID

oleaut32

VariantClear
SysAllocString
SysFreeString
GetErrorInfo

msvfw32

ICSendMessage

Exports

Exports

heimai
mianshalunt
qq841374296
xiaoyuanyuan

Sections

.text
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGE
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

121b063d11c9ca7aa33fe6a3a466fd07

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

msvfw32

Exports

Exports

Sections

.text Size: 148KB - Virtual size: 146KB

PAGE Size: 24KB - Virtual size: 21KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 24KB - Virtual size: 35KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 148KB - Virtual size: 146KB

PAGE
Size: 24KB - Virtual size: 21KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 24KB - Virtual size: 35KB

.rsrc
Size: 16KB - Virtual size: 16KB