旧的捕鱼解密[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

旧的捕鱼解密.exe
Size

340KB
MD5

0bcc9748928b3ea8ef9493e2c698e765
SHA1

37d41dc5142024040cfac7ac2c2f58752a99afe7
SHA256

86ed070214c322aaa5a939a710bbc67e57b1d0e6e10ac2f9a8cbd5e41cd16b60
SHA512

38d14e10148a269ef19bbad9e8b414a443747b452c0af7219e48664926ec972fe9f29f9ec2d03c72edb7646d4c80bce3c634d9cdd070447f5458f101033e7140
SSDEEP

6144:0fGDZbYtWPEDovyx7LZ903/JogxxYmJOG:0fgbYgPtvyxh903/JXxG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
旧的捕鱼解密.exe

Files

旧的捕鱼解密.exe
.exe windows x86

df59089c5f1b2f5f1796a43151df058b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushInstructionCache
GetCurrentProcess
InterlockedIncrement
GetModuleHandleW
GetModuleFileNameW
lstrlenW
lstrcpyW
GetLastError
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
lstrcmpiW
lstrcpynW
InitializeCriticalSection
DeleteFileW
SetLastError
GetFullPathNameW
FindFirstFileW
FindNextFileW
FindClose
HeapAlloc
LeaveCriticalSection
EnterCriticalSection
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
SetEndOfFile
GetProcessHeap
GetTimeZoneInformation
LCMapStringW
LCMapStringA
WideCharToMultiByte
CreateFileW
FlushFileBuffers
SetStdHandle
GetUserDefaultLCID
EnumSystemLocalesA
IsValidCodePage
IsValidLocale
GetStringTypeW
GetStringTypeA
GetDateFormatA
GetTimeFormatA
GetCPInfo
GetOEMCP
IsBadCodePtr
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetCommandLineW
GetCommandLineA
HeapFree
RaiseException
InterlockedDecrement
DeleteCriticalSection
GetCurrentThreadId
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetFilePointer
GetStartupInfoA
GetFileType
SetHandleCount
ReadFile
VirtualQuery
SetUnhandledExceptionFilter
VirtualFree
VirtualProtect
GetVersionExW
GetVersionExA
GetCurrentProcessId
CloseHandle
SetEvent
OpenEventA
lstrlenA
lstrcpyA
OutputDebugStringA
OutputDebugStringW
WaitForSingleObject
VirtualAlloc
UnmapViewOfFile
IsBadReadPtr
GetSystemInfo
MapViewOfFile
CreateFileMappingA
GetCurrentThread
GetVersion
OpenFileMappingA
GetModuleFileNameA
DebugBreak
GetStdHandle
WriteFile
GetProcAddress
LoadLibraryA
RtlUnwind
IsBadWritePtr
HeapValidate
GetModuleHandleA
GetStartupInfoW
ExitProcess
FatalAppExitA
TerminateProcess
SetConsoleCtrlHandler
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
HeapReAlloc
HeapDestroy
HeapCreate

user32

PeekMessageA
IsWindowUnicode
GetMessageW
DefWindowProcW
GetActiveWindow
MsgWaitForMultipleObjects
DialogBoxParamW
GetMessageA
TranslateMessage
DispatchMessageW
LoadImageW
LoadStringW
GetParent
GetWindowRect
SystemParametersInfoW
GetClientRect
MapWindowPoints
SetWindowPos
MessageBoxW
GetDlgItem
SetDlgItemTextW
MessageBeep
SetFocus
GetWindowLongW
GetWindow
SendMessageW
GetWindowTextLengthW
GetWindowTextW
IsWindow
EndDialog
GetSystemMetrics
CharNextW
SetWindowLongW
DestroyWindow
UnregisterClassW
UnregisterClassA
DispatchMessageA

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegCloseKey
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegCreateKeyExW
OpenThreadToken
RegDeleteValueW
RegDeleteKeyW
RevertToSelf
SetThreadToken

shell32

SHBrowseForFolderW
SHGetPathFromIDListW

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoReleaseMarshalData
CoMarshalInterface
CreateStreamOnHGlobal
CoUnmarshalInterface
CoRevokeClassObject
CoRegisterClassObject

oleaut32

SysFreeString
VarUI4FromStr

comctl32

InitCommonControlsEx

Sections

.textbss
Size: - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df59089c5f1b2f5f1796a43151df058b

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.textbss Size: - Virtual size: 121KB

.text Size: 268KB - Virtual size: 267KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 12KB - Virtual size: 16KB

.idata Size: 8KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 3KB

.textbss
Size: - Virtual size: 121KB

.text
Size: 268KB - Virtual size: 267KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 12KB - Virtual size: 16KB

.idata
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 3KB