CanLang
CanLangWangLuo
QQ924426165
QsTqm
ServiceMain
aRxb
Static task
static1
Behavioral task
behavioral1
Sample
846f6c15d93b8a11a17356da0943be84be71f7488c766801e9ea90d060855914.dll
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
846f6c15d93b8a11a17356da0943be84be71f7488c766801e9ea90d060855914.dll
Resource
win10v2004-20220812-en
Target
846f6c15d93b8a11a17356da0943be84be71f7488c766801e9ea90d060855914
Size
195KB
MD5
1565a19b16d9cb42fa7f8cc987ef1cf0
SHA1
cf479894efe3a30de6031d998f292cd55701f67e
SHA256
846f6c15d93b8a11a17356da0943be84be71f7488c766801e9ea90d060855914
SHA512
464ca283c58c6493b6df477d112a1536db2006deb113cd1eed2f488028b630f28b62546ff6cd4cb0c4e133f2e62feefd8f0e7e45cbc6e55583bdb4a97a9742e1
SSDEEP
6144:jHDxYD5ArnstBRlhBjMuM2OeEfBMSwwHEGo+:rD6D5vBRl/MzfB
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
WinExec
GetProcessHeap
MultiByteToWideChar
lstrlenA
GetLastError
RaiseException
InterlockedExchange
LocalAlloc
LoadLibraryA
GetProcAddress
Sleep
FreeLibrary
wsprintfA
ReleaseDC
GetDC
SetRect
LoadCursorA
SendMessageA
IsWindow
RegSetKeySecurity
BuildExplicitAccessWithNameA
SetNamedSecurityInfoA
SetEntriesInAclA
GetNamedSecurityInfoA
SHGetFileInfoA
SHGetSpecialFolderPathA
SHDeleteKeyA
_stricmp
_strnicmp
_strupr
_adjust_fdiv
memset
??2@YAPAXI@Z
??3@YAXPAX@Z
memcpy
__CxxFrameHandler
memmove
ceil
_ftol
strlen
strstr
_CxxThrowException
memcmp
strchr
malloc
strcpy
strcmp
free
_except_handler3
strrchr
strcat
strncpy
atoi
_snprintf
strncmp
_errno
wcscpy
strncat
wcstombs
_access
sprintf
rand
srand
_beginthreadex
calloc
??1type_info@@UAE@XZ
_initterm
_strcmpi
CanLang
CanLangWangLuo
QQ924426165
QsTqm
ServiceMain
aRxb
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ