点击此处安装语言包[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

点击此处安装语言包.exe
Size

512KB
MD5

e30eaaaf00b51d5e700fda878a71e7f5
SHA1

d0eae0610cdeb54c3d94b543d58103b53e0046d3
SHA256

e86c3d40ffe1551c9e732ba06616297499e31b9dbd84f55340b91a098d7fe998
SHA512

3b5d58e53b4f91957fdd927ef54c6e794eac1d7ea280223a7a926f99d4d49e5a2e1ab395f172ceea321fbfffbcc609efdd13f124dca7d24188d20f5d289ad840
SSDEEP

12288:fl6YN2p+5/To0zZFLkbMmFLpuubtqt38TIauC7vhutKUT:f50+55U8otqh8Tk

Score

1^/10

Malware Config

Signatures

Files

点击此处安装语言包.exe
.exe windows x86

a4ba1611a3c6475066091d7483246d88

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
UnmapViewOfFile
CreateFileA
FindClose
FindFirstFileA
SetFilePointer
ReadFile
SystemTimeToFileTime
GetCurrentDirectoryA
lstrlenA
lstrcpyA
LocalFileTimeToFileTime
CreateDirectoryA
GetFileAttributesA
SetFileTime
WriteFile
GetLastError
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateThread
CloseHandle
FreeConsole
lstrcatA
GetProcessHeap
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
GetTimeZoneInformation
GetLocaleInfoW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetFullPathNameA
SetStdHandle
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
FlushFileBuffers
QueryPerformanceCounter
GetStartupInfoA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
VirtualAlloc
VirtualFree
HeapCreate
IsValidCodePage
GetOEMCP
GetACP
HeapSize
InitializeCriticalSectionAndSpinCount
GetModuleFileNameA
CompareStringA
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
InterlockedExchange
MultiByteToWideChar
GetProcAddress
FreeLibrary
SetLastError
GetTickCount
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
LoadLibraryA
GetModuleHandleA
WaitForSingleObject
FormatMessageA
PeekNamedPipe
WaitForMultipleObjects
GetFileType
GetStdHandle
ExpandEnvironmentStringsA
GetModuleHandleW
ExitProcess
RtlUnwind
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
GetCommandLineA
GetCPInfo
LCMapStringA
LCMapStringW
HeapReAlloc
GetSystemTimeAsFileTime
ExitThread
GetCurrentThreadId
GetCurrentProcessId
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
GetDriveTypeA
GetConsoleCP
GetConsoleMode
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
DeleteFileA

user32

wsprintfA

shell32

ShellExecuteA

wldap32

ord46
ord27
ord301
ord33
ord79
ord35
ord32
ord200
ord30
ord26
ord50
ord60
ord143
ord211
ord22
ord41

ws2_32

WSACleanup
socket
htonl
htons
WSAStartup
listen
accept
send
closesocket
WSASetLastError
__WSAFDIsSet
WSAGetLastError
select
recv
WSAIoctl
setsockopt
getsockname
ntohs
getsockopt
getpeername
connect
freeaddrinfo
getaddrinfo
recvfrom
sendto
ioctlsocket
gethostname
ntohl
bind

crypt32

CertFreeCertificateContext

advapi32

CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptGetHashParam
CryptDestroyKey
CryptEncrypt
CryptImportKey

Sections

.text
Size: 376KB - Virtual size: 375KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4ba1611a3c6475066091d7483246d88

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

wldap32

ws2_32

crypt32

advapi32

Sections

.text Size: 376KB - Virtual size: 375KB

.rdata Size: 85KB - Virtual size: 84KB

.data Size: 7KB - Virtual size: 15KB

.rsrc Size: 18KB - Virtual size: 17KB

.reloc Size: 25KB - Virtual size: 25KB

.text
Size: 376KB - Virtual size: 375KB

.rdata
Size: 85KB - Virtual size: 84KB

.data
Size: 7KB - Virtual size: 15KB

.rsrc
Size: 18KB - Virtual size: 17KB

.reloc
Size: 25KB - Virtual size: 25KB