4c1835b67d3054a86f778c01eef8d064

Sharing

Copy URL Twitter E-mail

General

Target

4c1835b67d3054a86f778c01eef8d064
Size

1.2MB
MD5

4c1835b67d3054a86f778c01eef8d064
SHA1

c8501143e4e481706d39512c35c106f38ccafcf8
SHA256

5d8386d1a2f2a9b7bd929c293eb27e9b3a32095be391ef904c218f0c2a8dbdec
SHA512

797613f28b1693b964decf78f87d6fb2f7766138c238104e7dffbbf2d151c3bf11d67dff0619d1f0b5e1c15e4b331b66090c8400fc305c84f037e9f1d96f93c5
SSDEEP

24576:YkBCqof/MWDCQ7LBnlSVROfFOWN7c5bXerYR9UwnuHyV:lBrmTBG2Lc5mYRK6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/gtcn.exe

Files

4c1835b67d3054a86f778c01eef8d064
.rar
gtcn.exe
.exe windows:4 windows x86 arch:x86

ec9fe2df073f9adb523d740ca14e7bb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Create
ord17
ImageList_AddMasked
ImageList_Destroy

kernel32

FindFirstFileA
CloseHandle
SetFileTime
CompareFileTime
GetFileAttributesA
GetTempFileNameA
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
lstrcatA
CreateDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
Sleep
CopyFileA
GetFileSize
GetModuleFileNameA
GetModuleHandleA
lstrcpynA
GetCommandLineA
DeleteFileA
GetTickCount
GetUserDefaultLangID
GetDiskFreeSpaceA
GetVersion
GlobalUnlock
GlobalLock
GlobalAlloc
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetWindowsDirectoryA
lstrcpyA
lstrlenA
GetSystemDirectoryA
MulDiv
SetFilePointer
ReadFile
WriteFile
GetPrivateProfileStringA
FindNextFileA
FindClose
lstrcmpiA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
WritePrivateProfileStringA
GlobalFree
WaitForSingleObject
GetExitCodeProcess
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
GetCurrentProcess
ExitProcess
GetTempPathA

user32

SetTimer
DestroyWindow
CreateDialogParamA
DialogBoxParamA
GetClassInfoA
CreateWindowExA
SystemParametersInfoA
RegisterClassA
IsWindowEnabled
EndDialog
SetFocus
SetWindowPos
ScreenToClient
GetWindowLongA
EnableWindow
SetClassLongA
GetSysColor
LoadCursorA
SetCursor
GetDlgItemTextA
MapWindowPoints
GetMessagePos
LoadBitmapA
CallWindowProcA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
MessageBoxA
SetWindowTextA
PostQuitMessage
ShowWindow
SetForegroundWindow
CharNextA
wsprintfA
CharPrevA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
GetWindowRect
LoadImageA
GetDC
PeekMessageA
ExitWindowsEx
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
SetRect
FillRect
GetWindowTextA
DrawTextA
EndPaint
DispatchMessageA

gdi32

SetBkColor
GetDeviceCaps
CreateFontIndirectA
CreateSolidBrush
DeleteObject
CreateFontA
SetBkMode
SetTextColor
GetStockObject
SelectObject

advapi32

RegEnumKeyA
RegQueryValueExA
RegSetValueExA
RegCreateKeyA
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey
RegEnumValueA

shell32

ShellExecuteA
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHFileOperationA

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

ec9fe2df073f9adb523d740ca14e7bb5

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

version

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 142KB

.rsrc Size: 3KB - Virtual size: 4KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 142KB

.rsrc
Size: 3KB - Virtual size: 4KB