2c2c538fc9dea0189c348ec52f53b648

Sharing

Copy URL

Twitter E-mail

General

Target

2c2c538fc9dea0189c348ec52f53b648
Size

116KB
MD5

2c2c538fc9dea0189c348ec52f53b648
SHA1

1f236682a2fb42b850c568d3a6f38a598476f893
SHA256

cd027bca1b9ec59e1650397593bd52a13743f4e9e994de08cd810092fd7ea827
SHA512

b9befaf16d89b87f40d9c84da6d912d1f7fd54f152fe51671cffb90bea397c2eee0eddd9cc1872e3330895cd2e0e448447e95704b81f097cca22516eba378070
SSDEEP

3072:DQhBgdZTh7L6H3ICo80SMbwJ4d1o6dFIMhlDtTBpnEGLJjh:khBMtuH3I7SM+s//IolnJEmjh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/myweb.exe

Files

2c2c538fc9dea0189c348ec52f53b648
.rar
myweb.exe
.exe windows:4 windows x86 arch:x86

58e4f8857d6df3e5ded5d0d4883dfc20

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
GetFileSize
ReadFile
CreateFileA
SetEndOfFile
WriteFile
DeleteFileA
SetFileAttributesA
CopyFileA
GetTempFileNameA
GetTempPathA
FileTimeToSystemTime
FileTimeToLocalFileTime
lstrcpynA
SystemTimeToFileTime
CompareFileTime
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
GetSystemTime
GetTickCount
GetVolumeInformationA
GetSystemDirectoryA
LeaveCriticalSection
ResumeThread
SetThreadPriority
SetPriorityClass
GetDriveTypeA
CreateDirectoryA
EnterCriticalSection
GetCurrentThreadId
GetVersion
GetExitCodeProcess
Sleep
CreateThread
SizeofResource
LockResource
LoadResource
FindResourceA
GetExitCodeThread
WideCharToMultiByte
GetACP
ResetEvent
CreateEventA
SetEvent
FileTimeToDosDateTime
GetFileTime
WaitForSingleObject
CloseHandle
GetCurrentProcess
FlushInstructionCache
lstrcmpiA
lstrlenA
lstrcpyA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
MultiByteToWideChar
GetLocalTime
FindFirstFileA
FindNextFileA
FindClose
GetFileAttributesA
GetModuleFileNameA
CreateProcessA
lstrcatA
RemoveDirectoryA
TerminateProcess
RtlUnwind
VirtualAlloc
VirtualFree
GetVersionExA
GetEnvironmentVariableA
HeapCreate
HeapReAlloc
ExitProcess
HeapSize
GetStartupInfoA
GetModuleHandleA
GetCommandLineA
InterlockedDecrement
InterlockedIncrement
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetProcAddress
GetLastError
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetCPInfo
GetOEMCP
LoadLibraryA
SetStdHandle
FlushFileBuffers
GetSystemTimeAsFileTime
HeapFree
HeapAlloc

user32

GetWindowTextA
OpenClipboard
GetWindowTextLengthA
EmptyClipboard
CloseClipboard
LoadMenuA
LoadStringA
RedrawWindow
SetClipboardData
PeekMessageA
PostThreadMessageA
EnumWindows
SetForegroundWindow
DestroyMenu
GetSystemMetrics
RegisterWindowMessageA
CallWindowProcA
GetWindowLongA
SetWindowLongA
GetParent
PostMessageA
wsprintfA
GetForegroundWindow
AttachThreadInput
BringWindowToTop
UpdateWindow
ShowWindow
DestroyWindow
IsWindowVisible
GetWindowThreadProcessId
LoadImageA
CheckMenuItem
LoadCursorA
MoveWindow
TrackPopupMenu
GetActiveWindow
DialogBoxParamA
CheckRadioButton
SendDlgItemMessageA
MessageBoxA
IsDlgButtonChecked
SetTimer
KillTimer
GetDlgItemTextA
SetDlgItemTextA
CheckDlgButton
EnableWindow
EndPaint
GetFocus
DrawFocusRect
ReleaseDC
GetClassNameA
CreateCursor
DrawTextA
OffsetRect
CharNextA
IsWindow
FillRect
BeginPaint
InvalidateRect
PtInRect
SetCursor
SetCapture
GetCapture
EnableMenuItem
GetSubMenu
GetDesktopWindow
SendMessageA
GetClientRect
DefWindowProcA
ReleaseCapture
ScreenToClient
GetWindowRect
EndDialog
GetWindow
SetWindowPos
SystemParametersInfoA
MapWindowPoints
SetFocus
GetDlgItem
SetWindowTextA
GetCursorPos
DestroyCursor
SetRectEmpty
GetDC
CreateWindowExA
GetDlgItemInt

gdi32

DeleteObject
CreateFontIndirectA
GetObjectA
SetTextColor
SetBkMode
DeleteDC
CreateSolidBrush
SetBkColor
SelectObject

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegCreateKeyExA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetFileInfoA
ShellExecuteA
SHGetSpecialFolderLocation
ShellExecuteExA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysAllocStringLen
SysFreeString

ws2_32

setsockopt
WSACleanup
WSAStartup
getsockname
accept
listen
connect
ioctlsocket
recv
select
__WSAFDIsSet
getsockopt
send
closesocket
bind
WSAGetLastError
socket
htons
ntohs
gethostname
gethostbyname
getpeername

wininet

InternetTimeToSystemTime
InternetTimeFromSystemTime

comctl32

ImageList_LoadImageA
InitCommonControlsEx

Sections

.text
Size: 212KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

58e4f8857d6df3e5ded5d0d4883dfc20

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

wininet

comctl32

Sections

.text Size: 212KB - Virtual size: 208KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 36KB - Virtual size: 39KB

.rsrc Size: 28KB - Virtual size: 24KB

.text
Size: 212KB - Virtual size: 208KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 36KB - Virtual size: 39KB

.rsrc
Size: 28KB - Virtual size: 24KB