09f00b6e-a2d5-44e9-b09e-ea572b7c36c3[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

09f00b6e-a2d5-44e9-b09e-ea572b7c36c3.rar
Size

2.8MB
MD5

101efc3d9558c38fe3f8e23b669959f1
SHA1

f3978bb1865927cac913d59646b29a88f6168994
SHA256

9d4d9066031fe44e626382814e95bef6c98f256fc50ba6b7ed7bc1678d9acd49
SHA512

21dcf31b0cc54e9ef7a9f7ad7103bae9375697743fa6edd599e13e3fb273cd425bec0e2e704f399b3764c717d8406290edd2fbf0bc0e8dc9eedbd8eea910f8c9
SSDEEP

49152:Tkg6fdewXf5K6sg8f3aGix7/FYCRCh6k7Csgrd+KAJwmjcP+uj2SeyQgx:Q3AwP5Mg8/olcIw0rLAiGc+ujn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/图片3242.exe

Files

09f00b6e-a2d5-44e9-b09e-ea572b7c36c3.rar
.rar
图片3242.iso
.iso
图片3242.exe
.exe windows x86

015b7d4d4e3047e338c33f99bb292147

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glEnable
glClearDepth
glClearColor
glMatrixMode
glViewport
wglMakeCurrent
wglCreateContext
glEnd
glVertex3f
glColor3f
glBegin
glRotatef
glTranslatef
glLoadIdentity
glClear

glu32

gluPerspective

kernel32

LCMapStringEx
QueryPerformanceFrequency
OutputDebugStringW
CreateFileW
CreateDirectoryW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
FindNextFileW
FindFirstFileExW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
GetTimeZoneInformation
lstrcpyA
VirtualAlloc
GetModuleFileNameA
CopyFileA
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
GetProcAddress
LoadLibraryA
OpenProcess
GlobalMemoryStatusEx
GetEnvironmentVariableA
FindFirstFileA
FindNextFileA
FindClose
ExitProcess
MultiByteToWideChar
SetLastError
GetLastError
HeapFree
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
HeapSize
HeapReAlloc
HeapAlloc
DecodePointer
DeleteCriticalSection
GetStringTypeW
GetProcessHeap
SetThreadPriority
RtlUnwind
GetModuleHandleExW
HeapValidate
GetSystemInfo
GetDriveTypeW
GetFullPathNameW
GetCommandLineA
GetCommandLineW
CreateThread
ExitThread
FreeLibraryAndExitThread
HeapQueryInformation
GetStdHandle
GetFileType
WriteConsoleW
SetStdHandle
CompareStringW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetCurrentDirectoryW
GetExitCodeProcess
CreateProcessW
GetFileAttributesExW
ResumeThread
VirtualQuery
RaiseException
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
GetWindowsDirectoryA
SearchPathA
Sleep
ResetEvent
GetTempPathA
GetTickCount64
GetUserDefaultLCID
GetTempFileNameA
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
FindResourceExW
FileTimeToSystemTime
lstrcmpiA
GetCurrentProcess
GetHandleInformation
DuplicateHandle
GetVolumeInformationA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
FlushFileBuffers
GetACP
GetFileSize
GetFileAttributesA
CreateFileA
VerifyVersionInfoA
VerSetConditionMask
GetThreadLocale
DeleteFileA
GetCurrentDirectoryA
GetProfileIntA
GetCPInfo
GetOEMCP
VirtualProtect
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetAtomNameA
InitializeCriticalSectionAndSpinCount
FormatMessageA
LocalFree
GlobalSize
MulDiv
GetCurrentProcessId
WaitForSingleObject
SetEvent
SetErrorMode
GlobalUnlock
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalFree
lstrcmpA
GlobalLock
GlobalAlloc
GetVersionExA
GetCurrentThread
WideCharToMultiByte
FindResourceW
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
lstrcmpW
GlobalDeleteAtom
LoadLibraryW
SizeofResource
LockResource
LoadResource
LoadLibraryExW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeResource
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
OutputDebugStringA

user32

LoadImageA
DestroyIcon
EmptyClipboard
SetClipboardData
CloseClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
MessageBeep
CopyAcceleratorTableA
CharNextA
LoadAcceleratorsW
WaitMessage
ReleaseCapture
SetRect
GetAsyncKeyState
UnpackDDElParam
GetClipboardFormatNameA
RealChildWindowFromPoint
CopyImage
IntersectRect
SystemParametersInfoA
DestroyMenu
SetRectEmpty
GetWindowThreadProcessId
SetCursor
TranslateMessage
GetMessageA
GetCursorPos
InvertRect
FrameRect
DrawFocusRect
DrawStateA
GrayStringA
DrawTextExA
DrawTextA
DrawIcon
SetMenuDefaultItem
GetMenuDefaultItem
SetMenuItemInfoA
GetMenuItemInfoA
InsertMenuItemA
DeleteMenu
RemoveMenu
ModifyMenuA
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
EnableMenuItem
CheckMenuItem
CreatePopupMenu
CreateMenu
GetMenuState
LoadImageW
LoadMenuW
LoadMenuA
DrawFrameControl
CreateAcceleratorTableA
EndDialog
CreateDialogIndirectParamA
DrawIconEx
IsRectEmpty
OffsetRect
InflateRect
FillRect
GetSysColorBrush
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
TabbedTextOutA
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
CharUpperBuffA
IsClipboardFormatAvailable
IsCharLowerA
MapVirtualKeyExA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
EqualRect
CopyRect
GetSysColor
MessageBoxA
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ScrollWindow
TrackPopupMenu
MonitorFromPoint
TrackMouseEvent
CharUpperA
SetCursorPos
UnionRect
GetDoubleClickTime
GetIconInfo
CopyIcon
DestroyAcceleratorTable
SetClassLongA
GetKeyNameTextA
MapVirtualKeyA
UpdateLayeredWindow
LoadAcceleratorsA
SetMenu
GetMenu
TranslateAcceleratorA
ReuseDDElParam
RegisterClipboardFormatA
GetKeyboardLayout
GetKeyboardState
GetMenuStringA
ToAsciiEx
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
GetComboBoxInfo
DestroyCursor
DrawEdge
GetDC
GetSystemMetrics
UnregisterClassA
PeekMessageA
SendMessageA
PostMessageA
PostThreadMessageA
PostQuitMessage
IsWindow
IsChild
ShowOwnedPopups
IsWindowVisible
IsIconic
BringWindowToTop
IsZoomed
GetNextDlgGroupItem
GetNextDlgTabItem
OpenClipboard
GetActiveWindow
GetFocus
GetCapture
SetCapture
SetTimer
KillTimer
SetParent
EnableWindow
DrawMenuBar
GetSystemMenu
UpdateWindow
SetActiveWindow
GetForegroundWindow
SetForegroundWindow
GetWindowDC
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
SetWindowRgn
GetWindowRgn
InvalidateRect
ValidateRect
InvalidateRgn
RedrawWindow
LockWindowUpdate
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
EnableScrollBar
GetClientRect
GetWindowRect
SetWindowContextHelpId
HideCaret
ClientToScreen
ScreenToClient
MapWindowPoints
WindowFromPoint
SubtractRect
GetWindowLongA
GetDesktopWindow
GetKeyState
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
DispatchMessageA
RegisterWindowMessageA
NotifyWinEvent
MapDialogRect
LoadIconW
LoadIconA
LoadCursorW
LoadCursorA
GetWindow
GetLastActivePopup
GetTopWindow
GetParent

gdi32

GetBoundsRect
GetBkColor
FrameRgn
FillRgn
ExtFloodFill
Escape
CreateSolidBrush
CreateRoundRectRgn
CreateRectRgnIndirect
CreateRectRgn
CreatePatternBrush
CreatePen
CreatePalette
CreateHatchBrush
CreateFontIndirectA
CreateEllipticRgn
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
CombineRgn
BitBlt
CreateBitmap
ExtTextOutA
GetObjectA
SetTextColor
SetBkColor
DeleteDC
SetPixelFormat
ChoosePixelFormat
SwapBuffers
GetTextColor
GetTextExtentPoint32A
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
OffsetRgn
PatBlt
PtInRegion
PtVisible
RectVisible
Rectangle
RealizePalette
RoundRect
SelectObject
SetPaletteEntries
SetPixel
SetPixelV
StretchBlt
SetRectRgn
TextOutA
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
GetTextFaceA
DeleteObject
ExcludeClipRect
GetClipBox
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CopyMetaFileA
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
CreateDIBSection
SetDIBColorTable
EnumFontFamiliesExA
GetSystemPaletteEntries
GetDeviceCaps
GetMapMode
GetNearestPaletteIndex
GetObjectType
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetTextMetricsA
Ellipse

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
GetLengthSid
OpenProcessToken

shell32

DragQueryFileA
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetDesktopFolder
SHAppBarMessage
ShellExecuteA
DragFinish
SHGetFileInfoA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
StrFormatKBSizeA
PathFindExtensionA

uxtheme

GetThemeColor
IsAppThemed
GetThemePartSize
DrawThemeText
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
GetWindowTheme
GetThemeSysColor
OpenThemeData
CloseThemeData
DrawThemeBackground
GetCurrentThemeName

ole32

IsAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoRegisterMessageFilter
CoRevokeClassObject
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleInitialize
CoFreeUnusedLibraries
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
StringFromGUID2
CoGetClassObject
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoInitialize
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
CoCreateInstance
CoInitializeSecurity
CoInitializeEx
OleTranslateAccelerator
OleUninitialize

oleaut32

SysAllocStringLen
VariantChangeType
SysAllocStringByteLen
OleCreateFontIndirect
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
LoadTypeLi
SysFreeString
VariantCopy
VarBstrFromDate
SysAllocString
VariantClear
VariantInit

oledlg

ord8

gdiplus

GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipGetImageWidth
GdipBitmapLockBits
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipGetImageHeight
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipBitmapUnlockBits
GdipDisposeImage
GdipCloneImage
GdipSetInterpolationMode
GdiplusStartup
GdipAlloc
GdiplusShutdown
GdipFree
GdipCreateFromHDC

ws2_32

WSACleanup
closesocket
recv
send
connect
htons
inet_addr
socket
WSAStartup

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 614KB - Virtual size: 613KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

015b7d4d4e3047e338c33f99bb292147

Headers

DLL Characteristics

File Characteristics

Imports

opengl32

glu32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 3.6MB - Virtual size: 3.6MB

.rdata Size: 614KB - Virtual size: 613KB

.data Size: 23KB - Virtual size: 52KB

.rsrc Size: 4.7MB - Virtual size: 4.7MB

.reloc Size: 198KB - Virtual size: 198KB

.text
Size: 3.6MB - Virtual size: 3.6MB

.rdata
Size: 614KB - Virtual size: 613KB

.data
Size: 23KB - Virtual size: 52KB

.rsrc
Size: 4.7MB - Virtual size: 4.7MB

.reloc
Size: 198KB - Virtual size: 198KB