0077227a0dbe46b076b8a64e35cc2fc4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0077227a0dbe46b076b8a64e35cc2fc4
Size

2.8MB
MD5

0077227a0dbe46b076b8a64e35cc2fc4
SHA1

4800231b375f8d80439185ba11b6d588d241e340
SHA256

9cbd7af4d5d57e7532118ec9d2fd3a376b07041c98d7d01565e1d8a2696f0c58
SHA512

83bfe5eaea92fde0cb3878f114abad5623c583d0f2d7373ea7c7d24c03af1cef48b87643747629cac6c206d6f94554809dfd215ba43ec138309b55ea37fda24c
SSDEEP

49152:tPBduemZjdcpYWtkTkhJFQE/MO/fyrL7De9vkPBxmhgx3LV6YCW:tPBdzmZx217DFFlyH7De9odLIYl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/迷你黑白助手0.28.5版本专用.exe

Files

0077227a0dbe46b076b8a64e35cc2fc4
.rar
效果图.bmp
辅助窗口介绍.bmp
迷你黑白助手0.28.5版本专用.exe
.exe windows:4 windows x86 arch:x86

f270c85eaf9934af943efc4d9346a359

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetWindowRect

gdi32

CreateCompatibleDC

gdiplus

GdipCreateFromHDC

ole32

CoTaskMemFree

imm32

ImmGetCompositionStringW

shell32

ShellExecuteA

shlwapi

PathFileExistsA

winmm

PlaySoundA

rasapi32

RasGetConnectStatusA

ws2_32

gethostname

winspool.drv

OpenPrinterA

comdlg32

GetFileTitleA

advapi32

RegCreateKeyA

oleaut32

VariantTimeToSystemTime

comctl32

ImageList_Destroy

oledlg

ord8

wininet

InternetCloseHandle

Sections

.text
Size: 1.8MB - Virtual size: 6.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE