10_限时补丁[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

10_限时补丁.rar
Size

90KB
MD5

253b12a3bcbbac6eccc88bf017407498
SHA1

002570a4d5700057a1f9f2e33f01f374c84d35a2
SHA256

4219a3d694d3d30dc23cbb845cf49abebd95d49cef3e71c9b37d46c49479a71a
SHA512

bea7443da2e3718073867cd41f2b3910f341b874bdb6f271c467a883cbe9f85e796ca34ad4beec373becf16c1daf40f76e2da2746f0a9ae8244665b53cdf16df
SSDEEP

1536:sKzRjGm3Do4GtrRc72igol6Fty0cFKWrQ4Cldm5R9TisX8RTt5oXezpzTIBN/:suh39GDE2ZoctypFKWr+nm5R1isX8R5i

Score

N/A

Malware Config

Signatures

Files

10_限时补丁.rar
.rar
HansLang.rs
HansLicense.exe
.exe windows x86

8192156be4e5812b824e919fac237983

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
LoadLibraryA
GetProcAddress
FreeLibrary
QueryPerformanceCounter
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetModuleFileNameA
GetFileAttributesA
CloseHandle
CreateFileA
GetWindowsDirectoryA
GetPrivateProfileStringA
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
GetLastError
TerminateProcess
GetCurrentProcess
SetFilePointer
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
ReadFile
SetEndOfFile

user32

MessageBoxA

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HansLmtL.dll
.dll windows x86

e1a362cd7216f87a14005398f98fe46f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
GetFileAttributesA
GetTickCount
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
GetStringTypeW
FindClose
FindFirstFileA
ReleaseMutex
WaitForSingleObject
CreateMutexA
DeviceIoControl
CloseHandle
LocalFree
GetLastError
LocalAlloc
GetProcAddress
GetModuleHandleA
QueryDosDeviceA
GetVersionExA
CreateFileA
LoadLibraryA
GetSystemTimeAsFileTime
RtlUnwind
GetCurrentThreadId
GetCommandLineA
MultiByteToWideChar
ReadFile
GetFileType
HeapAlloc
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
RaiseException
Sleep
ExitProcess
SetHandleCount
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
VirtualQuery
SetFilePointer
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetConsoleCP
GetConsoleMode
SetEndOfFile
GetProcessHeap
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
HeapSize
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetFullPathNameA
GetCurrentDirectoryA
FlushFileBuffers
GetTimeZoneInformation
GetStringTypeA
SetEnvironmentVariableA

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA

Exports

Exports

DllCreateInterface
DllGetCmdInfo
DllGetVerInfo

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8192156be4e5812b824e919fac237983

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 9KB

e1a362cd7216f87a14005398f98fe46f

Headers

File Characteristics

Imports

kernel32

setupapi

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 51KB - Virtual size: 58KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 9KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 51KB - Virtual size: 58KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 7KB - Virtual size: 7KB