af9fb91971c288864ec55eb2995fd5d3e2e16abd1d3908ab4e286c2c18aef69f

Sharing

Copy URL Twitter E-mail

General

Target

af9fb91971c288864ec55eb2995fd5d3e2e16abd1d3908ab4e286c2c18aef69f
Size

13.1MB
MD5

c6a9b9b5a707e82b74852332f1ef23a7
SHA1

7575cab50fcdcf2f2dbe9db538b122f5f40551f6
SHA256

af9fb91971c288864ec55eb2995fd5d3e2e16abd1d3908ab4e286c2c18aef69f
SHA512

a2ab9dce67fa4e03ca85909b2b7552fc31f80ba762f4a1c64eed954277472b0369fbe223b470794deddd18daf202dbb5dd218debed026dabe759072ce65a8182
SSDEEP

393216:EWpHB25rd9J2bs3pUJsNG0Sx9i7LLAma03nL1c:dpB8hybwpUJsIpyLk07K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/神茶-11.14.sp.exe

Files

af9fb91971c288864ec55eb2995fd5d3e2e16abd1d3908ab4e286c2c18aef69f
.zip
更多辅助.txt
硬汉视频（白嫖永久VIP）.url
.url
神茶-11.14.sp.exe
.exe windows:4 windows x86 arch:x86

a22888300a735f5ce66ccaca75af112c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

DrawDibDraw

avifil32

AVIStreamGetFrame

winmm

midiStreamRestart

ws2_32

inet_ntoa

rasapi32

RasHangUpA

kernel32

GetSystemDirectoryA

user32

LoadStringA

gdi32

RoundRect

winspool.drv

DocumentPropertiesA

comdlg32

ChooseColorA

advapi32

RegCloseKey

shell32

Shell_NotifyIconA

ole32

OleInitialize

oleaut32

LoadTypeLi

comctl32

ord17

wininet

InternetCloseHandle

Sections

.text
Size: - Virtual size: 857KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 545KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.svmp1
Size: - Virtual size: 6.3MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp2
Size: 6.2MB - Virtual size: 6.2MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp3
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp4
Size: 5.2MB - Virtual size: 5.1MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp5
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp6
Size: 456KB - Virtual size: 454KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
网站发布页以及QQ群.url
.url
老司机免费福利资源.url
.url
濴2.txt
IP.txt
ݱͼ.png
.png
Ϸصַ.txt

Sharing

General

Malware Config

Signatures

Files

a22888300a735f5ce66ccaca75af112c

Headers

File Characteristics

Imports

msvfw32

avifil32

winmm

ws2_32

rasapi32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

wininet

Sections

.text Size: - Virtual size: 857KB

.rdata Size: - Virtual size: 326KB

.data Size: - Virtual size: 545KB

.rsrc Size: 32KB - Virtual size: 30KB

.svmp1 Size: - Virtual size: 6.3MB

.svmp2 Size: 6.2MB - Virtual size: 6.2MB

.svmp3 Size: 2.5MB - Virtual size: 2.5MB

.svmp4 Size: 5.2MB - Virtual size: 5.1MB

.svmp5 Size: 12KB - Virtual size: 9KB

.svmp6 Size: 456KB - Virtual size: 454KB

.text
Size: - Virtual size: 857KB

.rdata
Size: - Virtual size: 326KB

.data
Size: - Virtual size: 545KB

.rsrc
Size: 32KB - Virtual size: 30KB

.svmp1
Size: - Virtual size: 6.3MB

.svmp2
Size: 6.2MB - Virtual size: 6.2MB

.svmp3
Size: 2.5MB - Virtual size: 2.5MB

.svmp4
Size: 5.2MB - Virtual size: 5.1MB

.svmp5
Size: 12KB - Virtual size: 9KB

.svmp6
Size: 456KB - Virtual size: 454KB