Static task
static1
General
-
Target
muma.rar
-
Size
41.5MB
-
MD5
3e805842b4ccd93b8934f1e4ccfc8d9b
-
SHA1
a380a4a020b9ae7eef8014241fa4652ea120283f
-
SHA256
b8978dd5dfc9254fb96cf208b2e91e9953002083968aee6b86881d9eba985666
-
SHA512
08c8d82e4c726726d7660f1bdcc492fd79bcc1d0e5d3aaf5dd82c3ba5f9f657717c7ff8f204278c1b834d41479ca37f64a85ebd5258430a1b5b94521607d55e2
-
SSDEEP
786432:jZM8XCr2YWNLzO3dxmNj0z1ntwT8arzqm70tLR0UblzpXc2UYCGgRQFRF:HzYim3XmNQz1ntj9moz0Ubc2UZ9RI3
Malware Config
Signatures
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource unpack001/上号器DUDUCHUPIN.vmp_se.exe unpack001/神妙RAP共享.exe
Files
-
muma.rar.rar
-
上号器DUDUCHUPIN.vmp_se.exe.exe windows x86
aa0d3bf5bff8e378e57fa457707d01be
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetACP
user32
LoadIconA
gdi32
GetTextMetricsA
winmm
waveOutUnprepareHeader
winspool.drv
OpenPrinterA
advapi32
RegSetValueExA
shell32
ShellExecuteA
ole32
CLSIDFromProgID
oleaut32
VariantClear
comctl32
ImageList_Destroy
ws2_32
inet_ntoa
comdlg32
ChooseColorA
msvcrt
strncpy
iphlpapi
GetInterfaceInfo
psapi
GetMappedFileNameW
Sections
.text Size: 1.1MB - Virtual size: 1.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.sedata Size: 984KB - Virtual size: 984KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 52KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.sedata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
神妙RAP共享.exe.exe windows x86
0c5c065f8eb68f0427b7134d7e3eb973
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
Process32Next
GetSystemTime
user32
ModifyMenuA
GetFocus
advapi32
DeleteService
RegCloseKey
gdi32
SetMapMode
LineTo
winspool.drv
DocumentPropertiesA
OpenPrinterA
comctl32
ord17
ord17
shlwapi
PathFileExistsA
rasapi32
RasHangUpA
winmm
waveOutRestart
ws2_32
ntohl
shell32
DragQueryFileA
ole32
OleUninitialize
oleaut32
VariantCopy
wininet
InternetCanonicalizeUrlA
comdlg32
GetFileTitleA
Sections
.text Size: - Virtual size: 1.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 13.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 611KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 40KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.svmp1 Size: - Virtual size: 16.6MB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.svmp2 Size: 26.4MB - Virtual size: 26.4MB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.svmp3 Size: 4.8MB - Virtual size: 4.8MB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.svmp4 Size: 15.5MB - Virtual size: 15.5MB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE