1218病毒样本[.]7z

Sharing

Copy URL Twitter E-mail

General

Target

1218病毒样本.7z
Size

3.8MB
MD5

38167431cd42fa2d10130d3eccf66de8
SHA1

0b600f9d6ceeebb58acba9323cbd858f4baeba4f
SHA256

b8772564451e31debd614c6511d4ec900396d650e5a42a9d14a94f161f94636c
SHA512

14a6d3f3efb34c56c9ac01ba6cd54c0de9f4fdf3103cb4c73fb0fc0dfce38d46753b5332ca9cdaae7c0232df4b8b13071f4c6717eb12a3558d8eaead150e180c
SSDEEP

98304:X34tT9FGKkLhwHgHzX1e35/JvpHhKRRCgGaVnwuJ:X34nFFHgHzWvJhK+GwM

Score

N/A

Malware Config

Signatures

Files

1218病毒样本.7z
.7z

Password: infected
点击安装(飞机)简体中文语言包_v34.exe
.exe windows x64

48950b0e9acc0fbfecfa8d50b4751111

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetConsoleOutputCP
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
LCMapStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
GetStdHandle
ExitProcess
ReadConsoleW
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
IsValidCodePage
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineA
RtlPcToFileHeader
RtlUnwindEx
GetConsoleMode
SetFilePointerEx
FindFirstFileExW
GetFileType
GetCPInfo
GetStringTypeW
LCMapStringEx
GetLocaleInfoEx
FormatMessageA
RaiseException
OutputDebugStringW
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
WriteConsoleW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
FindNextFileW
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetUserDefaultLCID
GetTempFileNameW
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
FindResourceExW
Sleep
GetFileAttributesW
GetProfileIntW
GetTickCount64
SearchPathW
GetWindowsDirectoryW
GetTempPathW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
DeleteFileW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryW
FileTimeToSystemTime
GlobalGetAtomNameW
GlobalFlags
VerifyVersionInfoW
lstrcpyW
VerSetConditionMask
ResumeThread
SetThreadPriority
CreateEventW
WaitForSingleObject
CloseHandle
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
SetErrorMode
lstrcmpA
GetVersionExW
GetCurrentThread
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetSystemDirectoryW
EncodePointer
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcessId
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GetModuleHandleExW
GetModuleFileNameW
OutputDebugStringA
SetLastError
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
GetProcessHeap
DeleteCriticalSection
GetProcAddress
DecodePointer
HeapAlloc
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
HeapFree
GetCommandLineW
GetModuleHandleW
FindResourceW
LoadResource
LockResource
SizeofResource
LoadLibraryW
QueryPerformanceFrequency
RtlUnwind

user32

SetMenuDefaultItem
GetMenuDefaultItem
GetMenuItemInfoW
CreatePopupMenu
NotifyWinEvent
WindowFromPoint
SetCursor
MessageBeep
SetWindowRgn
DeleteMenu
GetSystemMenu
LoadMenuW
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetAsyncKeyState
CharUpperW
IsZoomed
TrackMouseEvent
IntersectRect
InflateRect
RealChildWindowFromPoint
OffsetRect
SendDlgItemMessageA
EnumDisplayMonitors
SystemParametersInfoW
SetRectEmpty
SetLayeredWindowAttributes
TranslateMessage
GetMessageW
LoadCursorW
GetSysColorBrush
GetSystemMetrics
PostQuitMessage
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
GetWindow
IsRectEmpty
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
SetRect
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
GetDlgCtrlID
IsIconic
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetParent
BringWindowToTop
LockWindowUpdate
EnableWindow
GetMenuStringW
GetMenuState
GetSubMenu
SetWindowPos
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
PostMessageW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
UpdateLayeredWindow
DestroyMenu
EnableScrollBar
UnionRect
MonitorFromPoint
CopyImage
MapDialogRect
ShowOwnedPopups
DestroyIcon
DrawEdge
DrawFrameControl
DrawFocusRect
DrawIconEx
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
MapVirtualKeyW
LoadAcceleratorsW
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
GetTopWindow
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
DrawStateW
UpdateWindow
CopyIcon
InvalidateRect
GetClientRect
FillRect
GetClassNameW
LoadBitmapW
SendMessageW
IsWindow
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongW
GetDesktopWindow
GetParent
MessageBoxW
GetWindowThreadProcessId
GetLastActivePopup
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetDC
GetWindowDC
ReleaseDC
BeginPaint
EndPaint
ClientToScreen
ScreenToClient
SetClassLongPtrW
LoadImageW
OpenClipboard
CloseClipboard
GetSysColor
GetFocus
GetWindowRect
GetCursorPos
PtInRect
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
SetCursorPos
SetClipboardData
EmptyClipboard
RegisterClipboardFormatW
CharUpperBuffW
ModifyMenuW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
GetWindowRgn
GetComboBoxInfo
DestroyCursor
DrawIcon
InvertRect
HideCaret
GetNextDlgGroupItem
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
GetKeyNameTextW
IsCharLowerW
GetIconInfo
GetDoubleClickTime
WaitMessage
PostThreadMessageW
FrameRect
SetForegroundWindow

gdi32

Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateCompatibleBitmap
CreateDIBitmap
CreateRectRgn
CreateRectRgnIndirect
EnumFontFamiliesW
GetTextCharsetInfo
GetTextMetricsW
GetTextExtentPoint32W
CombineRgn
PatBlt
SetRectRgn
DPtoLP
CreateRoundRectRgn
CreateDIBSection
CreateEllipticRgn
Ellipse
GetBkColor
GetTextColor
CreatePolygonRgn
Polygon
Polyline
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
GetRgnBox
OffsetRgn
Rectangle
EnumFontFamiliesExW
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceW
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
CreateBitmap
BitBlt
GetObjectW
GetStockObject
DeleteObject
CreateSolidBrush
GetDeviceCaps
CreateDCW
CreateFontIndirectW
DeleteDC
CopyMetaFileW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegEnumKeyExW
RegEnumValueW
RegSetValueExW
RegDeleteValueW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteW
SHAppBarMessage
DragQueryFileW
SHBrowseForFolderW
DragFinish

shlwapi

PathFindExtensionW
PathStripToRootW
StrFormatKBSizeW
PathRemoveFileSpecW
PathIsUNCW
PathFindFileNameW

uxtheme

GetCurrentThemeName
GetThemeSysColor
GetThemeColor
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeParentBackground
DrawThemeText
OpenThemeData
CloseThemeData
GetWindowTheme

ole32

OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoInitializeEx
OleCreateMenuDescriptor
OleLockRunning
CreateStreamOnHGlobal
DoDragDrop
CoInitialize
CoCreateInstance
CoDisconnectObject
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringLen
LoadTypeLi
SysFreeString
VariantCopy
VarBstrFromDate
SysAllocString
VariantChangeType
VariantClear
VariantInit

ws2_32

freeaddrinfo
getaddrinfo
recv
send
connect
socket
closesocket
WSAGetLastError
WSACleanup
WSAStartup

winmm

PlaySoundW

gdiplus

GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageWidth
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipGetImageHeight
GdipGetImagePixelFormat
GdipBitmapUnlockBits
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipCreateFromHDC
GdipBitmapLockBits
GdipSetInterpolationMode
GdipFree
GdipAlloc
GdiplusShutdown
GdipGetImagePalette

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Exports

Exports

FoundryAsyncOp_AbortAllCommandsOnHost
FoundryInitializeHandleDllID
VixCrypto_ComputeHash
Vix_TranslateKeySafeError

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 562KB - Virtual size: 562KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
聊天细节话术+.exe
.exe windows x86

14b2912807eac56f615b692c2d3f9c29

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

tapi32

lineAnswer
lineShutdown
lineInitialize
lineGetDevConfig
lineConfigDialogEdit
lineMakeCall
lineDial
lineDrop
lineDeallocateCall
lineTranslateAddress
lineGetAddressCaps
lineGetCallStatus
lineGetAddressStatus
lineGetDevCaps
lineClose
lineOpen
lineSetStatusMessages
lineNegotiateAPIVersion
lineGetIcon
lineGetID
lineGetCountry
lineGetTranslateCaps
lineSetCurrentLocation
lineSetDevConfig
lineTranslateDialog

kernel32

RaiseException
ExitProcess
GetCommandLineA
HeapValidate
IsBadReadPtr
VirtualAlloc
CreateThread
ExitThread
DebugBreak
GetStdHandle
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryW
GetACP
IsValidCodePage
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
HeapFree
VirtualFree
HeapAlloc
HeapSize
HeapReAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
GetExitCodeProcess
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
OpenEventA
FileTimeToLocalFileTime
GetDateFormatA
GetTimeFormatA
RtlUnwind
GetFileSizeEx
FileTimeToSystemTime
GetModuleHandleW
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedIncrement
GetOEMCP
GetCPInfo
InterlockedDecrement
GetModuleFileNameW
GlobalFlags
GetAtomNameA
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
MoveFileA
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
GetFullPathNameA
GetTempFileNameA
GetFileTime
GetCurrentProcessId
InterlockedExchange
GetCurrentThread
GetLocaleInfoA
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcpyW
GlobalReAlloc
lstrcmpA
MulDiv
lstrlenW
GlobalSize
GlobalAlloc
SuspendThread
ResumeThread
SetThreadPriority
CompareStringA
SetLastError
MultiByteToWideChar
LoadLibraryA
lstrcmpW
FreeLibrary
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
SetFileTime
GetFileAttributesA
CreateDirectoryA
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFilePointer
GetTickCount
LocalAlloc
lstrcatA
CreateProcessA
GetCurrentDirectoryA
GetDiskFreeSpaceA
GetVersionExA
GlobalMemoryStatus
lstrcpynA
lstrlenA
FreeConsole
CreateToolhelp32Snapshot
Process32First
Process32Next
lstrcmpiA
FlushViewOfFile
FindFirstFileA
FindClose
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GlobalMemoryStatusEx
GetSystemInfo
DeleteFileA
lstrcpyA
ResetEvent
ReadFile
Sleep
WriteFile
WaitCommEvent
GetOverlappedResult
ClearCommError
WaitForMultipleObjects
FormatMessageA
LocalFree
SetEvent
WaitForSingleObject
TerminateThread
GetLastError
CreateFileA
SetupComm
PurgeComm
GetCommState
GetCommTimeouts
GetCommProperties
GetCommMask
SetCommState
SetCommTimeouts
CreateEventA
SetCommMask
EscapeCommFunction
CloseHandle
GetFileType
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
TlsGetValue

user32

InflateRect
SetRect
RegisterClipboardFormatA
CopyAcceleratorTableA
IsRectEmpty
DestroyIcon
GetClipboardFormatNameA
SetRectEmpty
UnpackDDElParam
ReuseDDElParam
DestroyMenu
TranslateAcceleratorA
LoadAcceleratorsA
CharUpperA
PtInRect
DestroyCursor
SetCursorPos
ReleaseCapture
GetWindowThreadProcessId
SetCursor
PostQuitMessage
LoadMenuA
ModifyMenuA
InsertMenuItemA
GetMenuItemInfoA
EnableMenuItem
CheckMenuItem
DeleteMenu
CreatePopupMenu
CreateMenu
GrayStringA
GetTabbedTextExtentA
DrawTextExA
DrawTextA
DrawFocusRect
DrawEdge
DrawIcon
FillRect
GetSysColorBrush
GetCursorPos
GetMessageA
RemoveMenu
IsMenu
GetMenuItemCount
GetSubMenu
GetMenuState
GetMenuStringA
AppendMenuA
InsertMenuA
GetMenuItemID
ShowWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
LoadCursorA
PostThreadMessageA
GetForegroundWindow
SetForegroundWindow
WindowFromPoint
GetLastActivePopup
FindWindowA
ShowScrollBar
GetNextDlgTabItem
SetCapture
RedrawWindow
ShowOwnedPopups
IsWindowVisible
ValidateRect
InvalidateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ClientToScreen
BringWindowToTop
SetWindowRgn
IsZoomed
GetMenuCheckMarkDimensions
LoadBitmapA
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageA
GetSysColor
SetMenuItemBitmaps
RegisterWindowMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
LoadIconA
SendDlgItemMessageA
GetClientRect
MapWindowPoints
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
wsprintfA
DefWindowProcA
UnregisterClassA
KillTimer
SetTimer
WinHelpA
GetDesktopWindow
SetWindowLongA
GetWindowLongA
MessageBoxA
SendMessageA
IsWindowEnabled
GetDlgItem
DestroyWindow
CreateDialogIndirectParamA
EnableWindow
IsWindow
SetActiveWindow
GetActiveWindow
EndDialog
PostMessageA
TabbedTextOutA
GetSystemMetrics
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
GetMessagePos
GetMessageTime
GetMenu
SetMenu
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassNameA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
GetDlgCtrlID
GetKeyState
GetWindowTextA
GetWindowTextLengthA
TrackPopupMenu
GetCapture
GetWindow
GetParent
IsChild
GetTopWindow
SetScrollPos

gdi32

CreateSolidBrush
CreatePen
EndPage
SetAbortProc
AbortDoc
EndDoc
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
CreatePatternBrush
GetObjectType
GetStockObject
GetDeviceCaps
CreateDCA
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
ExtTextOutA
CreateEllipticRgn
GetCurrentObject
DeleteDC
BitBlt
GetObjectA
SelectObject
CreateCompatibleDC
GetNearestColor
GetBkColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
DeleteObject
GetTextExtentPointA
CreateFontIndirectA
CreateCompatibleBitmap
StartDocA
Escape
GetCharWidthA
GetTextMetricsA
GetTextFaceA
GetTextAlign
GetTextExtentPoint32A
TextOutA
SetPixel
GetPixel
PatBlt
Rectangle
Ellipse
GetCurrentPositionEx
RectVisible
PtVisible
LPtoDP
StartPage
DPtoLP
GetWindowExtEx
GetWindowOrgEx
GetViewportExtEx
GetViewportOrgEx

shell32

ExtractIconA
DragQueryFileA
DragFinish
SHGetFileInfoA
ShellExecuteA

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoInitializeEx
CoGetClassObject
CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize
StringFromCLSID

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
VariantCopy
SafeArrayCreate
SafeArrayRedim
SafeArrayGetLBound
SafeArrayGetUBound
SysAllocStringByteLen
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VarUdateFromDate
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetDim

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathRemoveFileSpecW
PathFindExtensionA

oleacc

CreateStdAccessibleObject
LresultFromObject

winspool.drv

GetJobA
OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetFileTitleA

advapi32

RevertToSelf
SetThreadToken
RegCreateKeyA
GetFileSecurityA
SetFileSecurityA
RegOpenKeyA
RegEnumKeyA
RegQueryValueA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueA
RegCloseKey
OpenThreadToken

odbc32

ord14
ord72
ord4
ord48
ord49
ord20
ord17
ord59
ord8
ord44
ord19
ord46
ord12
ord68
ord41
ord2
ord1
ord50
ord45
ord51
ord15
ord9
ord3
ord11
ord18
ord13
ord5
ord16
ord10

Sections

.text
Size: 902KB - Virtual size: 902KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 242KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

48950b0e9acc0fbfecfa8d50b4751111

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

ws2_32

winmm

gdiplus

oleacc

imm32

Exports

Exports

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 562KB - Virtual size: 562KB

.data Size: 30KB - Virtual size: 60KB

.pdata Size: 85KB - Virtual size: 85KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 59KB - Virtual size: 58KB

14b2912807eac56f615b692c2d3f9c29

Headers

DLL Characteristics

File Characteristics

Imports

tapi32

kernel32

user32

gdi32

shell32

ole32

oleaut32

shlwapi

oleacc

winspool.drv

comdlg32

advapi32

odbc32

Sections

.text Size: 902KB - Virtual size: 902KB

.rdata Size: 242KB - Virtual size: 242KB

.data Size: 2.6MB - Virtual size: 2.6MB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 562KB - Virtual size: 562KB

.data
Size: 30KB - Virtual size: 60KB

.pdata
Size: 85KB - Virtual size: 85KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 59KB - Virtual size: 58KB

.text
Size: 902KB - Virtual size: 902KB

.rdata
Size: 242KB - Virtual size: 242KB

.data
Size: 2.6MB - Virtual size: 2.6MB

.rsrc
Size: 32KB - Virtual size: 32KB