°²È«²¹¶¡[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

°²È«²¹¶¡.zip
Size

64KB
MD5

f7da3ce8eaa47c4f38bb2ff2ad3d04e5
SHA1

5950a3d056482dc90147cce0ac87c2d10fb66c77
SHA256

fcaf9d996aea0af170c1139c0d3e1c96cf59c4c300f9ae4a95fd0f826ef6ba6e
SHA512

edc8cf2b316c5e38e56cff2944b00def7ae677f7b9ad747e408417fe2a51c1135226af8615e3eeba7ab7eb191f3c0abd3ac237b9ac6de05567fc787404b01953
SSDEEP

1536:gxl0iIdbccFAOMkRq9Dog9lPhs/TlkAmtDHv8Wh8F:gz0DF1ls9ZHPSrlc0U8F

Score

1^/10

Malware Config

Signatures

Files

°²È«²¹¶¡.zip
.zip
安全补丁.exe
.exe windows x64

a679745234d5b98528223a44db33029b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

RtlCaptureContext
UnhandledExceptionFilter
GetModuleHandleA
TlsAlloc
InitializeSListHead
GetModuleHandleW
GetModuleHandleExW
TlsFree
SetFilePointerEx
ExitProcess
WideCharToMultiByte
TlsSetValue
IsProcessorFeaturePresent
GetProcessHeap
RtlLookupFunctionEntry
FindFirstFileExW
GetCurrentProcess
GetOEMCP
EnterCriticalSection
RtlVirtualUnwind
GetStartupInfoW
GetModuleFileNameW
GetConsoleMode
LeaveCriticalSection
RtlUnwindEx
CreateFileW
TlsGetValue
GetCommandLineW
GetCPInfo
SetLastError
WriteFile
HeapAlloc
GetEnvironmentStringsW
CloseHandle
FreeLibrary
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
LoadLibraryExW
TerminateProcess
FindNextFileW
HeapFree
MultiByteToWideChar
WaitForSingleObject
GetCurrentProcessId
FlushFileBuffers
LCMapStringW
SetEnvironmentVariableW
GetLastError
CreateThread
GetSystemTimeAsFileTime
IsValidCodePage
InitializeCriticalSectionAndSpinCount
CompareStringW
GetACP
GetStringTypeW
HeapReAlloc
GetCurrentThreadId
GetFileType
WriteConsoleW
GetProcAddress
SetStdHandle
DeleteCriticalSection
RaiseException
GetCommandLineA
GetStdHandle
IsDebuggerPresent
HeapSize
QueryPerformanceCounter
GetConsoleOutputCP
FindClose

Sections

.adata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kmdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a679745234d5b98528223a44db33029b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.adata Size: 2KB - Virtual size: 2KB

.pdata Size: 4KB - Virtual size: 3KB

.text Size: 86KB - Virtual size: 85KB

.data Size: 46KB - Virtual size: 45KB

.kmdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.adata
Size: 2KB - Virtual size: 2KB

.pdata
Size: 4KB - Virtual size: 3KB

.text
Size: 86KB - Virtual size: 85KB

.data
Size: 46KB - Virtual size: 45KB

.kmdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB