Process Monitor 3[.]70完整汉化版[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Process Monitor 3.70完整汉化版.exe
Size

2.0MB
MD5

e26394bf2aebc2a501345c34480851b0
SHA1

07b4578ca666113c06e4f7ab519f971bb143a4b0
SHA256

f234b164600b2f871c2a1fe21fe8e1c82ad00b2e947ec3917ac21fd238b532af
SHA512

9bd1bbd606df17f14c4ecbffd431aa4cee3e327c19cf3a0c32e23fc6fc8046711c64efccc6a221e06861b061e9cf9a85b246df56fc2bac005e1c8e07bcdabe82
SSDEEP

49152:3Ul0IUdaVT6ykWIyEsYq6YcsvbfLS+QvljL6:3UlDoaVT6ykWIymq6YcsvbLS79y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Process Monitor 3.70完整汉化版.exe

Files

Process Monitor 3.70完整汉化版.exe
.exe windows:6 windows x86 arch:x86

3a00f16dbc38d9643653b5e8963e65f1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

listen
closesocket
send
socket
bind
getsockname
connect
accept
recv
getservbyport
gethostbyname
WSASetLastError
getservbyname
htons
gethostbyaddr
inet_ntoa
inet_addr
htonl
WSAStartup
ntohs
WSAGetLastError

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

comctl32

ord17
ImageList_Create
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_Add
ImageList_SetOverlayImage
ImageList_GetIcon
ImageList_GetIconSize
CreateStatusWindowW
InitCommonControlsEx
ImageList_Destroy
ImageList_DrawEx

fltlib

FilterConnectCommunicationPort
FilterGetMessage
FilterSendMessage
FilterReplyMessage

kernel32

SetFilePointer
TryEnterCriticalSection
VirtualAlloc
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
VerSetConditionMask
FileTimeToLocalFileTime
LocalFileTimeToFileTime
ReadFile
WriteFile
FormatMessageW
VerifyVersionInfoW
FileTimeToSystemTime
SystemTimeToFileTime
GetDateFormatW
GetTimeFormatW
GetNumberFormatW
QueryPerformanceCounter
QueryPerformanceFrequency
HeapCreate
HeapDestroy
HeapAlloc
HeapFree
HeapSize
SetEvent
ResetEvent
ReleaseSemaphore
CreateEventW
WaitForMultipleObjects
CreateSemaphoreW
ExitProcess
GetFileSize
SetThreadPriority
GetComputerNameA
GetFileAttributesExW
HeapReAlloc
GetProcessHeap
SetProcessShutdownParameters
GetComputerNameW
SetConsoleCtrlHandler
GetCurrentProcessId
OpenThread
GetThreadContext
GetSystemDirectoryA
TrySubmitThreadpoolCallback
LoadLibraryA
FindClose
FindFirstFileW
FindNextFileW
DecodePointer
RaiseException
InitializeCriticalSectionEx
GetEnvironmentVariableW
SetEnvironmentVariableW
ExpandEnvironmentStringsA
LoadLibraryExA
CreateFileW
RtlUnwind
OutputDebugStringW
WideCharToMultiByte
MultiByteToWideChar
InitializeSListHead
GetCurrentThreadId
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
GetLocaleInfoW
CompareStringW
GlobalLock
GlobalUnlock
GlobalAlloc
OpenProcess
CreateProcessW
SetCurrentDirectoryW
EnumResourceNamesW
GetSystemInfo
GlobalMemoryStatusEx
GetFullPathNameW
GetFileAttributesW
FindResourceW
SizeofResource
LockResource
LoadResource
TlsSetValue
TlsFree
GetModuleHandleExW
GetConsoleCP
ExitThread
FreeLibraryAndExitThread
LCMapStringW
GetSystemDirectoryW
GetCurrentProcess
SetFileAttributesW
DeleteFileW
GetCurrentDirectoryW
ExpandEnvironmentStringsW
DeleteCriticalSection
InitializeCriticalSection
GetTickCount64
GetSystemTimeAsFileTime
CreateThread
Sleep
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GetModuleFileNameW
LocalFree
LocalAlloc
GetFileType
GetCommandLineW
GetStdHandle
GlobalAddAtomW
MulDiv
LoadLibraryW
GetProcAddress
GetModuleHandleW
FreeLibrary
GetTickCount
GetLastError
LoadLibraryExW
GetVersionExW
SetLastError
GetConsoleMode
SetConsoleMode
SetEndOfFile
ReadConsoleInputW
ReadConsoleW
GetConsoleOutputCP
GetFileSizeEx
SetFilePointerEx
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetStringTypeW
FlushFileBuffers
WriteConsoleW
GetCurrentThread
EncodePointer

user32

GetClassNameW
LoadBitmapW
CopyImage
IsDialogMessageW
GetWindowDC
WindowFromPoint
InsertMenuW
GetMenuItemCount
GetSubMenu
EnableMenuItem
CheckMenuItem
DestroyMenu
CreatePopupMenu
GetMenu
LoadMenuW
TranslateAcceleratorW
LoadAcceleratorsW
IsWindowEnabled
KillTimer
GetAsyncKeyState
CheckRadioButton
GetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
CreateDialogParamW
IsZoomed
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
FlashWindowEx
RegisterClassW
PostQuitMessage
DispatchMessageW
TranslateMessage
GetMessageW
DrawFrameControl
RegisterWindowMessageW
GetWindow
GetActiveWindow
LoadImageW
ClientToScreen
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetWindowThreadProcessId
FindWindowExW
FindWindowW
SetForegroundWindow
IsIconic
EnumChildWindows
CreateIconFromResourceEx
PtInRect
GetMonitorInfoW
MonitorFromPoint
GetIconInfo
DrawIconEx
DestroyIcon
LoadIconW
SetClassLongW
FrameRect
GetCursor
IsDlgButtonChecked
DestroyWindow
PostMessageW
LoadStringW
GetAncestor
GetDesktopWindow
EnableWindow
DialogBoxParamW
ChildWindowFromPoint
GetWindowTextW
SetDlgItemTextW
MoveWindow
SetWindowTextW
GetDlgItem
EndDialog
DialogBoxIndirectParamW
GetScrollInfo
SetScrollInfo
LoadCursorW
GetParent
EqualRect
UnionRect
ScreenToClient
MessageBeep
SetWindowTextA
SetActiveWindow
SetMenuDefaultItem
GetMenuItemInfoW
InsertMenuItemW
SetMenuInfo
GetClassLongW
SetWindowLongW
GetWindowLongW
OffsetRect
IntersectRect
InflateRect
FillRect
GetSysColorBrush
GetSysColor
MapWindowPoints
GetCursorPos
SetCursor
MessageBoxW
GetWindowRect
GetClientRect
GetPropW
SetPropW
ScrollWindowEx
ValidateRect
InvalidateRect
GetUpdateRgn
GetUpdateRect
EndPaint
BeginPaint
ReleaseDC
TrackPopupMenu
WaitForInputIdle
DeleteMenu
GetDC
UpdateWindow
DrawTextW
GetSystemMetrics
SetTimer
ReleaseCapture
SetCapture
GetCapture
GetKeyState
GetFocus
SetFocus
SetWindowPos
ShowWindow
CreateWindowExW
RegisterClassExW
CallWindowProcW
DefWindowProcW
SendMessageW
CheckDlgButton

gdi32

SetROP2
SaveDC
RestoreDC
Polyline
Rectangle
GdiFlush
SetPixel
GetPixel
CreateFontW
CreateBitmap
Polygon
MoveToEx
LineTo
GetBitmapBits
GetObjectW
CreateFontIndirectW
EndPage
StartPage
EndDoc
CreateCompatibleBitmap
BitBlt
SetMapMode
GetTextMetricsW
SetTextColor
SetBkMode
SetBkColor
SelectObject
SelectClipRgn
RectInRegion
GetStockObject
GetDeviceCaps
GetBkMode
GetBkColor
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreatePen
CreateCompatibleDC
StartDocW

comdlg32

PrintDlgW
GetSaveFileNameW
FindTextW
ChooseFontW
ChooseColorW
GetOpenFileNameW

advapi32

AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA
RegEnumValueW
ConvertStringSidToSidW
ConvertSidToStringSidW
RegSetValueW
RegEnumKeyW
RegCreateKeyExW
LookupAccountSidW
MapGenericMask
GetTokenInformation
GetLengthSid
FreeSid
EqualSid
AllocateAndInitializeSid
RegDeleteValueW
RegDeleteKeyW
LookupPrivilegeValueW
RegQueryValueExW
OpenProcessToken
RegOpenKeyExW
RegOpenKeyW
RegCreateKeyW
RegSetValueExW
RegCloseKey

shell32

SHChangeNotify
SHGetFileInfoW
SHGetPathFromIDListW
DragQueryFileW
CommandLineToArgvW
ShellExecuteExW
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetMalloc

ole32

CreateBindCtx
CoCreateInstance
RegisterDragDrop
ReleaseStgMedium
OleInitialize
CoSetProxyBlanket
CoInitialize

oleaut32

SysFreeString
SysStringLen
SafeArrayDestroy
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
VariantInit
VariantClear
VariantCopy
VariantChangeType
SysAllocStringByteLen
VariantTimeToSystemTime
SysAllocStringLen
SafeArrayGetElement

shlwapi

SHAutoComplete

ntdll

RtlGetVersion

Sections

.text
Size: 599KB - Virtual size: 599KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 189KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a00f16dbc38d9643653b5e8963e65f1

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

version

comctl32

fltlib

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

ntdll

Sections

.text Size: 599KB - Virtual size: 599KB

.rdata Size: 189KB - Virtual size: 188KB

.data Size: 5KB - Virtual size: 30KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.reloc Size: 38KB - Virtual size: 37KB

.text
Size: 599KB - Virtual size: 599KB

.rdata
Size: 189KB - Virtual size: 188KB

.data
Size: 5KB - Virtual size: 30KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.reloc
Size: 38KB - Virtual size: 37KB