66e18a3e44de72aaab59dd2863a03586

Sharing

Copy URL Twitter E-mail

General

Target

66e18a3e44de72aaab59dd2863a03586
Size

1.1MB
MD5

66e18a3e44de72aaab59dd2863a03586
SHA1

d072d442d9c9c7c7e619d5e0efd12a0169c94290
SHA256

846eee7550679c5cb7c4b2c40572cc8c8da7546567acb4e7825ef2933c6bc16c
SHA512

1e16858c3798544a24c45d6c8fa65fcfbfde5a1f72e4f4f8175e38c2f91e1b543da0cb98c3b14217f7357bd87ff366f65655bfac85e0646f2deedd85d5b82a7d
SSDEEP

24576:kyT0SnEd91o40UUvXWcc26SOz4MseqwiHFFnS1:dTVEbCMUvXTcLz45RFnS1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/xsmxsyd-v11.11.11.1.exe

Files

66e18a3e44de72aaab59dd2863a03586
.rar
xsmxsyd-v11.11.11.1.exe
.exe windows:5 windows x86 arch:x86

dbb1eb5c3476069287a73206929932fd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx
ord17

shlwapi

SHAutoComplete

kernel32

DeleteFileW
DeleteFileA
CreateDirectoryA
CreateDirectoryW
FindClose
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
GetTickCount
WideCharToMultiByte
GlobalAlloc
GetVersionExW
GetFullPathNameA
GetFullPathNameW
GetModuleFileNameW
FindResourceW
GetModuleHandleW
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
CompareStringA
ExitProcess
GetLocaleInfoW
GetNumberFormatW
SetFileAttributesW
GetDateFormatW
GetTimeFormatW
FileTimeToSystemTime
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
WaitForSingleObject
Sleep
GetTempPathW
MoveFileExW
UnmapViewOfFile
GetCommandLineW
MapViewOfFile
CreateFileMappingW
OpenFileMappingW
SetEnvironmentVariableW
GetProcAddress
LocalFileTimeToFileTime
SystemTimeToFileTime
GetSystemTime
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
GetCPInfo
SetCurrentDirectoryW
LoadLibraryW
FreeLibrary
SetFileAttributesA
GetFileAttributesW
GetFileAttributesA
WriteFile
GetStdHandle
ReadFile
GetCurrentDirectoryW
CreateFileW
CreateFileA
GetFileType
SetEndOfFile
SetFilePointer
MoveFileW
SetFileTime
GetCurrentProcess
CloseHandle
SetLastError
GetLastError
DosDateTimeToFileTime

user32

wvsprintfW
ReleaseDC
GetDC
SendMessageW
SetDlgItemTextW
SetFocus
EndDialog
DestroyIcon
SendDlgItemMessageW
GetDlgItemTextW
GetClassNameW
DialogBoxParamW
IsWindowVisible
WaitForInputIdle
SetForegroundWindow
GetSysColor
PostMessageW
LoadBitmapW
LoadIconW
CharToOemA
OemToCharA
FindWindowExW
wvsprintfA
GetParent
MapWindowPoints
CreateWindowExW
UpdateWindow
SetWindowTextW
LoadCursorW
RegisterClassExW
SetWindowLongW
GetWindowLongW
DefWindowProcW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
DestroyWindow
GetClientRect
IsWindow
CharToOemBuffW
MessageBoxW
ShowWindow
GetDlgItem
EnableWindow
OemToCharBuffA
CharUpperA
CharToOemBuffA
LoadStringW
SetWindowPos
GetWindowTextW
GetSystemMetrics
GetWindow
CharUpperW
GetWindowRect
CopyRect

gdi32

GetDeviceCaps
GetObjectW
CreateCompatibleBitmap
SelectObject
StretchBlt
CreateCompatibleDC
DeleteObject
DeleteDC

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

advapi32

RegOpenKeyExW
LookupPrivilegeValueW
OpenProcessToken
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
SetFileSecurityW
SetFileSecurityA
AdjustTokenPrivileges

shell32

SHChangeNotify
ShellExecuteExW
SHFileOperationW
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW

ole32

CreateStreamOnHGlobal
OleInitialize
CoCreateInstance
OleUninitialize
CLSIDFromString

oleaut32

VariantInit

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

dbb1eb5c3476069287a73206929932fd

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

shlwapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 70KB - Virtual size: 70KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 63KB

.CRT Size: 512B - Virtual size: 16B

.rsrc Size: 57KB - Virtual size: 56KB

.text
Size: 70KB - Virtual size: 70KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 63KB

.CRT
Size: 512B - Virtual size: 16B

.rsrc
Size: 57KB - Virtual size: 56KB