1e26a6d7fa4302187a4c9c7d2a53f880

Sharing

Copy URL

Twitter E-mail

General

Target

1e26a6d7fa4302187a4c9c7d2a53f880
Size

1.4MB
MD5

1e26a6d7fa4302187a4c9c7d2a53f880
SHA1

ba1ccdb7bddeba61695260293a2a95009528c70f
SHA256

cd8797fb61abf0c409bbe63bbe73edd6e49bc7d591bcf83fe4a462907b1be2fd
SHA512

a1c914023c60756ca51746a9649f93ce19c1a02aa242bb202dae7ffdd362dc84667674801b932122af82879e2454b63b6cc128873bc010590342ee740480b392
SSDEEP

24576:Syp8ua2PoDWZ9OZ6PZP/fg38YGXI5ZhdZAMcQ8uHKPj94ehD7YarY7y84vP0gbB1:Syp5wDWZ9OEZ+8YGXqZhdZAMcQ8nJfqQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/patch.exe
unpack001/setup.exe

Files

1e26a6d7fa4302187a4c9c7d2a53f880
.rar
patch.exe
.exe windows:4 windows x86 arch:x86

1eae0d37eb5a00a753e7a55351af7932

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowRgn
SetWindowLongA
SetFocus
SetWindowTextA
ShowWindow
SetDlgItemTextA
SetClassLongA
SetCapture
SendMessageA
ReleaseCapture
RedrawWindow
PtInRect
OffsetRect
MessageBoxA
LoadIconA
LoadCursorA
IsDlgButtonChecked
InvalidateRect
GetWindowRect
GetWindowLongA
GetParent
GetDlgItemTextA
GetDlgItem
GetDlgCtrlID
GetCursorPos
GetCapture
GetActiveWindow
EndDialog
DrawTextA
DialogBoxParamA
CheckDlgButton
CallWindowProcA

kernel32

RtlZeroMemory
CompareStringA
GetModuleFileNameA
SetCurrentDirectoryA
CreateDirectoryA
FlushFileBuffers
WriteFile
lstrlenA
lstrcpyA
lstrcmpiA
lstrcatA
WinExec
CloseHandle
CopyFileA
CreateFileA
CreateFileMappingA
DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
FindResourceA
FreeLibrary
GetCommandLineA
GetFileAttributesA
GetFileSize
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
LoadLibraryA
LoadResource
MapViewOfFile
RtlMoveMemory
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFilePointer
SizeofResource
UnmapViewOfFile

shell32

ShellExecuteA

gdi32

GetStockObject
RoundRect
SelectObject
CreateFontIndirectA
CreateSolidBrush
ExtCreateRegion
GetObjectA
SetTextColor
SetBkMode
SetBkColor

comctl32

InitCommonControls

advapi32

RegCreateKeyExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

comdlg32

GetOpenFileNameA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
setup.exe
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
下载说明.htm
.html .js polyglot
汉化说明.txt

Sharing

General

Malware Config

Signatures

Files

1eae0d37eb5a00a753e7a55351af7932

Headers

File Characteristics

Imports

user32

kernel32

shell32

gdi32

comctl32

advapi32

comdlg32

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 3KB

.rsrc Size: 3KB - Virtual size: 2KB

Headers

DLL Characteristics

File Characteristics

Sections

CODE Size: 36KB - Virtual size: 35KB

DATA Size: 1024B - Virtual size: 584B

BSS Size: - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 2KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: - Virtual size: 2KB

.rsrc Size: 30KB - Virtual size: 30KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 3KB - Virtual size: 2KB

CODE
Size: 36KB - Virtual size: 35KB

DATA
Size: 1024B - Virtual size: 584B

BSS
Size: - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 2KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: - Virtual size: 2KB

.rsrc
Size: 30KB - Virtual size: 30KB