46b8a67919d367938bca8f237a95b0d7

Sharing

Copy URL Twitter E-mail

General

Target

46b8a67919d367938bca8f237a95b0d7
Size

350KB
MD5

46b8a67919d367938bca8f237a95b0d7
SHA1

02dd8e19d0b621fdc4d6a881ccc645be9bdd130a
SHA256

6fbea11380956bce96cc30eae793c9b4c6a9055e9a71ca9a824b70942b176521
SHA512

5074e7161534258f961d7d2977195efa264029d2649a4e8b31aef26311fdbb982573c058dfd70f54918a8cba908e283d7c4261bfd06c052fb596ac345b65cfee
SSDEEP

6144:m7E8WOXyS+28FXzssSnZgq7HjcTMNvx0dHMZItsVY1RAPIYuhtPE6i4JjHTKK:mhWOoXzigOH4DsZICCpHPu4JHKK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SETUP.EXE

Files

46b8a67919d367938bca8f237a95b0d7
.rar
FILE_ID.DIZ
SETUP.EXE
.exe windows:4 windows x86 arch:x86

0e5c530fb8dbe0cc3221c1f4d7247101

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SearchPathA
GetTimeZoneInformation
ResumeThread
SetPriorityClass
GetCurrentProcess
GetCurrentThread
SetThreadPriority
WriteFile
GetExitCodeProcess
lstrcpyA
ExitProcess
Sleep
GetTickCount
GetSystemDirectoryA
GetStartupInfoA
GetModuleHandleA
CreateProcessA
WaitForSingleObject
CopyFileA
LoadLibraryA
GetProcAddress
FreeLibrary
MulDiv
GetTempPathA
GetModuleFileNameA
FindClose
MoveFileExA
GetWindowsDirectoryA
lstrcatA
CreateFileA
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CloseHandle
SetFilePointer
SetEndOfFile
MultiByteToWideChar
FindFirstFileA
FindNextFileA
lstrlenA

user32

ReleaseDC
LoadCursorA
RegisterClassExA
LoadStringA
LoadAcceleratorsA
InvalidateRect
LoadIconA
IsDlgButtonChecked
GetClientRect
MessageBoxA
SetWindowPos
GetDesktopWindow
GetWindowRect
EndDialog
GetDlgItemTextA
SetDlgItemTextA
LoadImageA
SetWindowTextA
DialogBoxParamA
UpdateWindow
SetForegroundWindow
GetDlgItem
SetClassLongA
GetKeyboardLayoutList
RedrawWindow
ExitWindowsEx
PostQuitMessage
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
GetMessageA
DefWindowProcA
DestroyWindow
BeginPaint
InflateRect
DrawTextA
EndPaint
CreateWindowExA
SendMessageA
GetDC
wsprintfA
ShowWindow

gdi32

SetBkMode
SetTextColor
GetTextExtentPoint32A
CreateCompatibleDC
GetObjectA
BitBlt
StretchBlt
DeleteDC
GetDeviceCaps
CreateFontA
DeleteObject
SelectObject
CreateSolidBrush

advapi32

RegQueryValueExA
RegOpenKeyA
RegDeleteKeyA
RegDeleteValueA
RegQueryValueA
RegCreateKeyA
RegSetValueExA
RegCloseKey

shell32

SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA

ole32

OleUninitialize
OleInitialize
CoCreateInstance
StgOpenStorage

winmm

PlaySoundA
mciSendStringA

msvcrt

strrchr
_filelength
_strlwr
_chmod
_stricmp
_memicmp
_unlink
_rmdir
_strdup
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
setlocale
__p___argc
__p___argv
ftell
calloc
isalnum
_mbsrchr
strtok
_splitpath
rename
_access
__CxxFrameHandler
_fsopen
fseek
fread
memcmp
??2@YAPAXI@Z
fwrite
_tempnam
fopen
fclose
malloc
mbstowcs
wcstombs
sprintf
_mkdir
_CxxThrowException
memcpy
memset
??3@YAXPAX@Z
free
atoi
strcmp
strcat
strcpy
strlen
memmove
strchr
strstr
_fileno

comctl32

ord17

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

wininet

InternetGetConnectedState
InternetGetCookieA

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

0e5c530fb8dbe0cc3221c1f4d7247101

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

winmm

msvcrt

comctl32

version

wininet

Sections

.text Size: 20KB - Virtual size: 18KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 36KB - Virtual size: 33KB

.text
Size: 20KB - Virtual size: 18KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 36KB - Virtual size: 33KB