1fb20007ab88a518933bb172b3081725

Sharing

Copy URL Twitter E-mail

General

Target

1fb20007ab88a518933bb172b3081725
Size

447KB
MD5

1fb20007ab88a518933bb172b3081725
SHA1

b82576e37074530a050ca5208a326a7e8e3bcece
SHA256

0e2ac3fceaaf23d5f355d39e3d323fc644361ac942484de00b51c34ebd3d8d3c
SHA512

5f563cd61860d0745b73cb53bc9d9294747a5873b22cc3a9e2bbd115046c6cb4a4d7cee0e3dd23191824f42bfc9d8cf5dad50c61a15474422279fd61a82b8c22
SSDEEP

12288:CApSw12yCiNvOSKNLTohiB/cUFCSkQ1LWBXK8J6Z2Pg:CAIkZKNvohiWUFCSkQ1LWBbIZx

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Crack/EarthTime.exe
unpack001/Setup.exe

Files

1fb20007ab88a518933bb172b3081725
.rar
Crack/EarthTime.exe
.exe windows:4 windows x86 arch:x86

85cb9d2e552d2085c94eebed59cb2c0c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

comctl32

ord17

kernel32

GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
LoadLibraryA
VirtualQuery
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetOEMCP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetTimeZoneInformation
WideCharToMultiByte
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapCreate
HeapDestroy
HeapReAlloc
VirtualAlloc
VirtualFree
GetProcAddress
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
GetProcessHeap
GetVersionExA
GetCommandLineA
CreateThread
ResumeThread
ExitThread
RtlUnwind
HeapFree
GetLastError
HeapAlloc
GetSystemTimeAsFileTime
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
FlushFileBuffers
lstrlenA
GlobalSize
IsBadReadPtr
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
IsBadHugeReadPtr
lstrcmpA
GlobalHandle
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
DeleteCriticalSection
RaiseException
FindFirstFileA
FindNextFileA
FindClose
GetLocaleInfoA
FindResourceA
LoadResource
LockResource
GetShortPathNameA
MultiByteToWideChar
CreateDirectoryA
GetFileAttributesA
GetModuleHandleA
CloseHandle
GetFileSize
WriteFile
SetFilePointer
ReadFile
CreateFileA
Sleep
DeleteFileA
SetEnvironmentVariableA
GetACP

user32

DestroyWindow
GetFocus
GetWindowTextA
DefWindowProcA
SetFocus
InvalidateRect
EndPaint
KillTimer
IsWindowEnabled
FindWindowExA
SystemParametersInfoA
LoadCursorA
LoadIconA
GetMessageA
SetTimer
IsIconic
IsWindowVisible
ScreenToClient
DrawFrameControl
FrameRect
PostQuitMessage
PtInRect
CreateDialogParamA
LoadMenuA
GetSubMenu
SetMenuDefaultItem
GetCursorPos
TrackPopupMenuEx
SetRect
DrawEdge
LoadImageA
GetMenu
SetMenuItemInfoA
IsZoomed
EnumChildWindows
GetClassNameA
ChildWindowFromPoint
DrawTextA
SetWindowTextA
LoadStringA
MessageBoxA
PeekMessageA
DispatchMessageA
TranslateMessage
DialogBoxParamA
PostMessageA
GetDesktopWindow
CopyRect
EndDialog
SetForegroundWindow
ShowWindow
BringWindowToTop
SendDlgItemMessageA
GetWindowRect
SetWindowPos
GetDlgCtrlID
GetParent
FillRect
SetDlgItemTextA
EnableWindow
SendMessageA
GetDlgItemTextA
GetDlgItem
GetClientRect
MapWindowPoints
CreateWindowExA
SetWindowLongA
GetDC
ReleaseDC
MoveWindow
CreateCursor
RegisterClassA
GetWindowLongA
BeginPaint
DrawFocusRect

gdi32

CreateDIBSection
SetDIBColorTable
CreateCompatibleDC
DeleteDC
CreatePen
SetStretchBltMode
StretchDIBits
MoveToEx
LineTo
GetTextExtentPoint32A
CreateSolidBrush
CreateFontA
SelectObject
SetBkMode
SetTextColor
DeleteObject
CreateFontIndirectA

comdlg32

GetOpenFileNameA
ChooseColorA

advapi32

CryptVerifySignatureA
CryptDestroyHash
CryptAcquireContextA
CryptReleaseContext
GetUserNameA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
CryptHashData
CryptCreateHash
CryptImportKey

shell32

SHGetPathFromIDListA
Shell_NotifyIconA
FindExecutableA
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

Sections

.text
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Crack/下载说明.htm
.html .js polyglot
Crack/安装说明.txt
Crack/非常世纪资源网.url
.url
Setup.exe
.exe windows:4 windows x86 arch:x86

ed82a4a34f20482ed46c0850f4469ce3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsRelativeA
PathIsNetworkPathA
SHDeleteKeyA

kernel32

CreateDirectoryA
GetSystemDirectoryA
GetWindowsDirectoryA
GetCurrentProcess
GetDiskFreeSpaceA
GetProcAddress
GetModuleHandleA
GetExitCodeProcess
OpenProcess
ResumeThread
SetPriorityClass
GetCurrentThread
SetThreadPriority
CreateProcessA
lstrlenA
GetTempPathA
MultiByteToWideChar
GetVersionExA
GetModuleFileNameA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
RaiseException
GetConsoleMode
GetConsoleCP
FindResourceA
CopyFileA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSection
LoadLibraryA
GetStdHandle
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
HeapSize
LoadResource
LockResource
BeginUpdateResourceA
SizeofResource
UpdateResourceA
EndUpdateResourceA
GetLocaleInfoA
SetFilePointer
ReadFile
CreateFileA
GetFileSize
CreateFileMappingA
MapViewOfFile
WriteFile
CloseHandle
UnmapViewOfFile
RemoveDirectoryA
FindFirstFileA
DeleteFileA
Sleep
FindNextFileA
FindClose
GetFileAttributesA
FlushFileBuffers
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetSystemTimeAsFileTime
RtlUnwind
GetLastError
HeapFree
HeapAlloc
ExitThread
CreateThread
ExitProcess
GetCommandLineA
GetProcessHeap
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

user32

DialogBoxParamA
SystemParametersInfoA
FindWindowExA
GetWindowThreadProcessId
ExitWindowsEx
PostMessageA
LoadIconA
SetClassLongA
CreateDialogParamA
EnableWindow
SetDlgItemTextA
ShowWindow
EndDialog
SendDlgItemMessageA
LoadStringA
SetForegroundWindow
MessageBoxA
EnumChildWindows
GetWindowTextA
SetWindowTextA
PeekMessageA
DispatchMessageA
TranslateMessage
SendMessageA
GetDlgItemTextA
GetDlgItem
GetClientRect
MapWindowPoints
CreateWindowExA
SetWindowLongA
GetDC
ReleaseDC
MoveWindow
CreateIconFromResource
RegisterClassA
GetWindowLongA
BeginPaint
DrawTextA
GetFocus
DrawFocusRect
EndPaint
InvalidateRect
SetFocus
DefWindowProcA
DestroyWindow

gdi32

CreateFontA
CreateFontIndirectA
GetStockObject
SelectObject
SetBkMode
SetTextColor
DeleteObject

advapi32

RegCreateKeyExA
GetUserNameA
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegEnumValueA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
ControlService
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

shell32

SHGetMalloc
SHChangeNotify
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA
SHGetSpecialFolderLocation

ole32

CoCreateInstance
CoInitialize
CoUninitialize

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
下载说明.htm
.html .js polyglot
非常世纪资源网.url
.url

Sharing

General

Malware Config

Signatures

Files

85cb9d2e552d2085c94eebed59cb2c0c

Headers

File Characteristics

Imports

winmm

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 148KB - Virtual size: 145KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 64KB - Virtual size: 115KB

.rsrc Size: 168KB - Virtual size: 167KB

ed82a4a34f20482ed46c0850f4469ce3

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 88KB - Virtual size: 85KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 32KB - Virtual size: 30KB

.text
Size: 148KB - Virtual size: 145KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 64KB - Virtual size: 115KB

.rsrc
Size: 168KB - Virtual size: 167KB

.text
Size: 88KB - Virtual size: 85KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 32KB - Virtual size: 30KB