01babc97958c4524b213c3c75d1d64d11b7a273fc7b8d66cbe33bddafaeba198

Sharing

Copy URL

Twitter E-mail

General

Target

01babc97958c4524b213c3c75d1d64d11b7a273fc7b8d66cbe33bddafaeba198
Size

427KB
MD5

f4bda010b62aaa63ba21f5b2693612b1
SHA1

de1c137c6ba80ea52b2f87a7d1f49613b7144045
SHA256

01babc97958c4524b213c3c75d1d64d11b7a273fc7b8d66cbe33bddafaeba198
SHA512

4acb27210b6379a7aa4031b8ec21e01beb270c7bfebde854a3c80c413a6d0a36340ce60069dbe7cbbdbdd0252ec16b0fc67c8f7670ad93923f3d407e6823f7d2
SSDEEP

12288:oZiVaUSACxY2RMPSVod7xM+Of2tZL3a56cj:BVaUSA2MKw7WYtYYcj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PortScan.exe

Files

01babc97958c4524b213c3c75d1d64d11b7a273fc7b8d66cbe33bddafaeba198
.zip
PortScan.exe
.exe windows:4 windows x86

76eee4a1303f04686b9d0dea124be061

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrlenW
GetLastError
MultiByteToWideChar
CompareStringW
GetStringTypeExW
GetThreadLocale
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
FormatMessageW
LockResource
LoadResource
FindResourceExW
CloseHandle
CreateThread
TerminateThread
GetExitCodeThread
MoveFileW
GetLocaleInfoW
WriteFile
CreateFileW
GetModuleFileNameW
LocalFree
LocalAlloc
GetCurrentDirectoryW
SizeofResource
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
OpenProcess
WaitForSingleObject
TerminateProcess
GetCurrentProcess
GetFileAttributesW
SetErrorMode
GetFileSize
FindClose
HeapFree
ExpandEnvironmentStringsW
GetSystemDirectoryW
GetWindowsDirectoryW
SetFileAttributesW
WritePrivateProfileStringW
DeleteFileW
ReadFile
FlushFileBuffers
UnmapViewOfFile
SetFilePointer
GetFileInformationByHandle
SetEndOfFile
MapViewOfFile
CreateFileMappingW
OpenFileMappingW
SetFileTime
GetCommandLineW
FileTimeToSystemTime
FileTimeToLocalFileTime
SystemTimeToFileTime
GetSystemTime
LocalFileTimeToFileTime
GetDateFormatW
GetTimeFormatW
Sleep
CreateEventW
SetEvent
ResetEvent
WaitForMultipleObjectsEx
GetSystemDefaultLangID
GetUserDefaultLangID
GetThreadSelectorEntry
GetCurrentProcessId
GetVersionExA
LoadLibraryW
FreeLibrary
GetProcAddress
GetVersionExW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetPrivateProfileStringW
GetVolumeInformationW
QueryPerformanceFrequency
QueryPerformanceCounter
GetEnvironmentVariableW
GetModuleFileNameA
lstrcpyA
GetTimeZoneInformation
GetVersion
SetFileAttributesA
CreateFileA
GetVolumeInformationA
GetFullPathNameA
FindFirstFileA
FindNextFileA
SetVolumeLabelA
lstrlenA
GetDriveTypeA
GetLocaleInfoA
GetFileAttributesA
GetFileTime
FileTimeToDosDateTime
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapAlloc
HeapReAlloc
RaiseException
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
CompareStringA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
IsBadReadPtr
IsBadCodePtr
LoadLibraryA
SetStdHandle
SetEnvironmentVariableA
GetProcessHeap
GetCurrentThreadId
CreateSemaphoreW
ReleaseSemaphore
DeleteFileA
CreateDirectoryA
GetCurrentDirectoryA
SetUnhandledExceptionFilter
ExitThread
GetTickCount
GetTempPathW
GetLocalTime

user32

GetDlgItemTextW
EnableWindow
IsWindowEnabled
CheckDlgButton
IsDlgButtonChecked
CheckRadioButton
ScreenToClient
PostQuitMessage
PeekMessageW
MessageBoxW
GetWindowPlacement
SetWindowPlacement
GetFocus
GetForegroundWindow
SystemParametersInfoW
AdjustWindowRectEx
RegisterWindowMessageW
GetDlgCtrlID
DrawFocusRect
FillRect
ReleaseDC
GetDC
GetSysColor
GetKeyState
DrawEdge
InflateRect
GetWindowTextW
GetWindowTextLengthW
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
DialogBoxParamW
DialogBoxIndirectParamW
CreateDialogParamW
CreateDialogIndirectParamW
SetDlgItemTextW
EndDialog
OffsetRect
GetWindowDC
IsWindowVisible
SetCapture
ReleaseCapture
GetCapture
GetDoubleClickTime
GetMessagePos
RegisterClassW
MsgWaitForMultipleObjects
DispatchMessageW
TranslateMessage
DrawFrameControl
IsZoomed
LoadIconW
UnhookWindowsHookEx
WindowFromPoint
OemToCharA
CharToOemA
GetSubMenu
LoadStringW
CallWindowProcW
GetPropW
SetPropW
KillTimer
SetTimer
GetCursorPos
GetWindowRect
SetFocus
CharNextW
SendDlgItemMessageW
SetCursor
SetWindowTextW
GetSystemMetrics
LoadImageW
SetWindowPos
DestroyIcon
GetDlgItem
SendMessageW
MapDialogRect
PostMessageW
ShowWindow
DrawTextW
FrameRect
GetSysColorBrush
PtInRect
DefWindowProcW
EndPaint
BeginPaint
SetWindowLongW
GetWindowLongW
MoveWindow
GetParent
MapWindowPoints
GetClientRect
GetMenuItemCount
GetMenuItemInfoW
DeleteMenu
InsertMenuItemW
SetMenuItemInfoW
EnableMenuItem
GetMenuState
SetForegroundWindow
TrackPopupMenu
DestroyMenu
CreatePopupMenu
LoadMenuIndirectW
DestroyWindow
CreateWindowExW
RegisterClassExW
LoadCursorW
UpdateWindow
InvalidateRect
RemovePropW
LoadMenuW

gdi32

RestoreDC
GetPixel
SaveDC
Ellipse
CreateDIBSection
CreateCompatibleBitmap
EnumFontFamiliesExW
GetTextFaceW
GetTextColor
CreateFontIndirectW
GetObjectW
DeleteObject
GetTextExtentPoint32W
CreateFontW
GetTextMetricsW
CreatePen
CreateSolidBrush
SetTextColor
SetBkMode
SelectObject
GetBkColor
PolyPolyline
TextOutW
Polyline
CreateCompatibleDC
SetStretchBltMode
StretchBlt
BitBlt
DeleteDC
GetDeviceCaps
RoundRect
SetBkColor
GetStockObject

ws2_32

gethostname
gethostbyaddr
closesocket
ntohs
ioctlsocket
socket
WSAAddressToStringW
select
getservbyport
WSAStartup
WSACleanup
inet_ntoa
htons
htonl
WSAGetLastError
__WSAFDIsSet
accept
recvfrom
send
recv
sendto
WSAConnect
WSAAsyncSelect
setsockopt
WSASocketW
getpeername
getsockname
WSARecv
WSASend
bind
listen
connect
inet_addr

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

comctl32

ImageList_GetImageCount
ImageList_DrawEx
ImageList_Draw
ImageList_Remove
ImageList_Create
ImageList_ReplaceIcon
ImageList_SetBkColor
ord17
ImageList_Destroy
ImageList_GetIcon

winmm

timeGetTime

mpr

WNetOpenEnumW
WNetCloseEnum
WNetEnumResourceW
WNetAddConnection3W
WNetCancelConnection2W
WNetUseConnectionW

comdlg32

CommDlgExtendedError
GetSaveFileNameW
GetOpenFileNameW

advapi32

QueryServiceStatus
GetUserNameW
EnumDependentServicesW
StartServiceW
OpenServiceW
ControlService
OpenSCManagerW
CloseServiceHandle
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
CryptDeriveKey
CryptEncrypt
CryptDestroyKey
RegCreateKeyW
RegSetValueExW
RegDeleteValueW
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
RegEnumValueW

shell32

SHGetFileInfoW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteExW

ole32

CoInitialize
CoCreateGuid
CreateStreamOnHGlobal
CLSIDFromString
OleRun
CLSIDFromProgID
CoUninitialize
CoCreateInstance
CoTaskMemFree
StringFromGUID2

oleaut32

SysFreeString
SysAllocString
VariantClear
SafeArrayPtrOfIndex
VariantInit
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
SafeArrayDestroy

Sections

.text
Size: 496KB - Virtual size: 492KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 368KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
使用说明.txt
软件学堂-提供最安全的pc软件_免费Mac软件和最热门的游戏下载.url
.url

Sharing

General

Malware Config

Signatures

Files

76eee4a1303f04686b9d0dea124be061

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ws2_32

version

comctl32

winmm

mpr

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 496KB - Virtual size: 492KB

.rdata Size: 64KB - Virtual size: 61KB

.data Size: 56KB - Virtual size: 125KB

.rsrc Size: 368KB - Virtual size: 365KB

.text
Size: 496KB - Virtual size: 492KB

.rdata
Size: 64KB - Virtual size: 61KB

.data
Size: 56KB - Virtual size: 125KB

.rsrc
Size: 368KB - Virtual size: 365KB