4b2d290ffcf1ab6451e52447eb7a18c0

Sharing

Copy URL Twitter E-mail

General

Target

4b2d290ffcf1ab6451e52447eb7a18c0
Size

100KB
MD5

4b2d290ffcf1ab6451e52447eb7a18c0
SHA1

8414a97f192469b45e9bd2f2059efe37c67e5b35
SHA256

2c45600fde3f113e30c8d6bae5974b585cc47bdd347053c6d9d5497581a18aeb
SHA512

05b116c69c547bdb5effde1e0707869899913525f25d0169fc25f6169617bf7af3a0626e36e1b4712b27f562ff01c2e370ef049a968442ca557beb08d67812f7
SSDEEP

1536:snl9xQrfSANNO4wogV4PwECjpWHYS54hQpPQwva/9jJRGpuCwfpQZUVXd04xto+J:sKrdNNO4EoC3S54hqQRNLGMcUXLF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/amcap.exe

Files

4b2d290ffcf1ab6451e52447eb7a18c0
.rar
QuickHelp.htm
.html
amcap.exe
.exe windows:4 windows x86 arch:x86

8efef97578db4f6293f769d31683125d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime
timeSetEvent

msacm32

acmFormatChooseA
acmMetrics

olepro32

ord250

rpcrt4

RpcStringFreeA
UuidFromStringA
UuidToStringA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

comctl32

CreateToolbarEx

kernel32

RaiseException
InitializeCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
GetPriorityClass
GetCurrentProcess
MulDiv
GetDiskFreeSpaceA
FreeLibrary
LoadLibraryA
GetFullPathNameA
GetFileSize
lstrcmpiA
lstrlenW
lstrlenA
InterlockedIncrement
InterlockedDecrement
GetVolumeInformationA
SetPriorityClass
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalAlloc
GetModuleFileNameA
LoadLibraryExA
IsDBCSLeadByte
GetCurrentProcessId
Sleep
GetCommandLineA
LeaveCriticalSection
EnterCriticalSection
GetFileAttributesA
GetLocalTime
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetSystemDefaultLCID
CreateFileA
CreateEventA
SetEvent
WaitForSingleObject
ResetEvent
GetCurrentThreadId
SetThreadPriority
GetThreadPriority
GetCurrentThread
WaitForMultipleObjects
GetTickCount
CreateThread
CreateSemaphoreA
GetSystemInfo
VirtualAlloc
VirtualProtect
ExitProcess
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
LocalAlloc
SetUnhandledExceptionFilter
GetOEMCP
GetCPInfo
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
IsBadReadPtr
IsBadCodePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
ReadFile
SetFilePointer
GetLastError
CloseHandle
WideCharToMultiByte
MultiByteToWideChar
GetThreadLocale
GetLocaleInfoA
TerminateProcess
GetACP
InterlockedExchange
lstrcpynA
GetModuleHandleA
GetProcAddress
GetVersionExA
SetStdHandle
VirtualQuery
RtlUnwind
GetStartupInfoA
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapCreate
VirtualFree
IsBadWritePtr
FlushFileBuffers
WriteFile

user32

DefWindowProcA
PostMessageA
GetMenuItemInfoA
UpdateWindow
IsCharAlphaA
IsCharAlphaNumericA
SetFocus
MessageBeep
GetDlgItemTextA
IsDlgButtonChecked
SetDlgItemTextA
CheckDlgButton
GetDlgCtrlID
GetDlgItemInt
SetDlgItemInt
EnableWindow
EnableMenuItem
InvalidateRect
SetWindowTextA
SetWindowPlacement
GetAsyncKeyState
SetMenuItemInfoA
SetRectEmpty
MessageBoxA
IsZoomed
EndPaint
BeginPaint
PostQuitMessage
CreateWindowExA
GetWindowTextA
GetSubMenu
RemoveMenu
RegisterWindowMessageA
CreatePopupMenu
GetDC
ReleaseDC
SetTimer
SetWindowLongA
ShowWindow
CheckMenuItem
GetSysColor
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
TranslateMessage
RegisterClassA
LoadIconA
LoadCursorA
LoadAcceleratorsA
GetMenuItemCount
GetQueueStatus
DialogBoxParamA
GetDlgItem
EndDialog
GetDesktopWindow
GetWindowLongA
GetClientRect
MoveWindow
SendMessageA
IsWindowVisible
SetWindowPos
KillTimer
IsRectEmpty
SetRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSystemMetrics
PostThreadMessageA
MsgWaitForMultipleObjects
AppendMenuA
GetKeyState
PeekMessageA
DispatchMessageA
TranslateAcceleratorA
GetMenu
WaitMessage
CharNextA

gdi32

CreateCompatibleDC
GetTextMetricsA
GetStockObject
GetObjectA
CreateDIBitmap
GetDeviceCaps
CreateFontIndirectA
CreateFontA
CreateSolidBrush
PatBlt
ExtTextOutA
DeleteDC
SelectObject
GetTextExtentPoint32A
CreateCompatibleBitmap
SetTextColor
SetBkColor
TextOutA
DeleteObject

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegCloseKey
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetMalloc
SHGetPathFromIDListA

ole32

CoTaskMemFree
CoCreateInstance
GetRunningObjectTable
CoTaskMemAlloc
CoTaskMemRealloc
CreateItemMoniker
CreateBindCtx
CoInitializeEx
CoUninitialize
CoInitialize
MkParseDisplayName

oleaut32

SysAllocString
SysFreeString
VarUI4FromStr
VariantClear
VariantInit

shlwapi

PathFindExtensionA
PathAddExtensionA
PathAppendA
PathFileExistsA
PathFindExtensionW
PathRenameExtensionA

gdiplus

GdipSaveImageToFile
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup
GdiplusShutdown
GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage

Sections

.text
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
readme.txt
下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

8efef97578db4f6293f769d31683125d

Headers

File Characteristics

Imports

winmm

msacm32

olepro32

rpcrt4

version

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

gdiplus

Sections

.text Size: 160KB - Virtual size: 158KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 160KB - Virtual size: 158KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 16KB - Virtual size: 13KB