70850d67620eb4df3ec50d57044336ab

Sharing

Copy URL

Twitter E-mail

General

Target

70850d67620eb4df3ec50d57044336ab
Size

381KB
MD5

70850d67620eb4df3ec50d57044336ab
SHA1

100079c0a6bc2fd9142ed37bdcef7068990070f6
SHA256

760d5099e0b5243dfa99b207303bfb4e984a28109aedb39ade444541f52d20c0
SHA512

65ebe9ccecf8b8dd06cd67c616f4d4d39a191ba492516b786f135fe9ba955202fdd502a340c5cf2bd6c4d6dd5b2fc73db8268b78789a3c0920837650ebf4a086
SSDEEP

6144:X573d+f92r6DFcPCY2VQ2mleL12JMdXuKUm+OPfmwHW9nKGGZk8m6DoGG46mlGOO:X573d+V2mD71m2V1L+JaEvl6DoGG4bGV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/单页模板扒手_v3.1.exe

Files

70850d67620eb4df3ec50d57044336ab
.rar
使用说明.txt
单页模板扒手_v3.1.exe
.exe windows:4 windows x86 arch:x86

69811f1991c0bb0e5c5799c6e08a9f27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
IsBadReadPtr
GetTickCount
GetModuleFileNameA
CreateFileA
ReadFile
GetFileSize
SetFilePointer
WriteFile
WaitForSingleObject
CreateProcessA
GetStartupInfoA
SetEndOfFile
CreateDirectoryA
Sleep
GlobalUnlock
GlobalLock
LCMapStringA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
lstrlenA
GetACP
HeapReAlloc
RaiseException
LCMapStringW
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
RtlUnwind
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetLastError
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedIncrement
InterlockedDecrement
GetVersion
GetCommandLineA
GetProcAddress
LoadLibraryA
VirtualFree
VirtualAlloc
HeapAlloc
ExitProcess
GetProcessHeap
LocalAlloc
GetCurrentThreadId
LocalFree
lstrcpynA
WideCharToMultiByte
MultiByteToWideChar
CloseHandle
TerminateThread
CreateThread
GetCPInfo
RtlFillMemory
RtlMoveMemory
GetOEMCP
GetModuleHandleA

shlwapi

StrToIntExA

user32

CheckMenuItem
SetMenuItemInfoA
SetMenuItemBitmaps
SetMenuDefaultItem
wsprintfA
DispatchMessageA
RemoveMenu
GetMessageA
PeekMessageA
CloseClipboard
GetClipboardData
OpenClipboard
TranslateMessage
MenuItemFromPoint
LoadIconA
DestroyIcon
MsgWaitForMultipleObjects
SendMessageA
CallWindowProcA
GetAsyncKeyState
DefWindowProcA
KillTimer
SetTimer
GetDialogBaseUnits
GetMenuDefaultItem
GetMenuInfo
GetMenuState
CreateMenu
GetMenuItemInfoA
SendDlgItemMessageA
SetDlgItemTextA
GetDlgItemTextA
SetDlgItemInt
GetDlgItemInt
CreateDialogParamA
DialogBoxParamA
RegisterClassExA
GetClassInfoExA
RegisterWindowMessageA
DrawMenuBar
SetMenu
GetMenu
GetSystemMetrics
GetClientRect
EndDialog
DestroyWindow
DefMDIChildProcA
SetCursor
IsZoomed
IsIconic
GetSysColor
FillRect
TrackMouseEvent
SetWindowLongA
UnhookWindowsHookEx
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetWindowLongA
GetMenuStringA
TrackPopupMenu
SetForegroundWindow
CheckMenuRadioItem
GetMenuItemID
GetSubMenu
SetMenuInfo
InsertMenuA
GetMenuItemCount
AppendMenuA
DestroyMenu
LoadMenuA
GetSystemMenu
CreatePopupMenu
SetClassLongA
SetWindowRgn
RemovePropA
GetPropA
SetPropA
MessageBoxA
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
EnableWindow
IsWindowEnabled
ShowWindow
IsWindowVisible
SetParent
PostMessageA
SetWindowPos
MoveWindow
ScreenToClient
GetParent
UpdateWindow
ValidateRect
InvalidateRect
GetWindowRect
GetFocus
SetFocus
GetClassNameA
IsWindow
GetDlgItem
GetMenuItemRect

wininet

InternetOpenA
InternetConnectA
InternetCloseHandle
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
HttpQueryInfoA
InternetSetCookieA

atl

ord42
ord47

shell32

DragAcceptFiles
Shell_NotifyIconA
DragFinish
DragQueryFileA

gdi32

DeleteObject
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetObjectA
StretchBlt
CreateSolidBrush
CreatePatternBrush
CreateRoundRectRgn
SetTextColor
SetBkColor
GetStockObject

comdlg32

GetSaveFileNameA
GetOpenFileNameA

ntdll

RtlCompareMemory

advapi32

RegOpenKeyA
RegCloseKey
RegQueryValueExA

ole32

CoInitialize
CoUninitialize

oleaut32

VarR8FromCy
VarR8FromBool
SafeArrayCreate
SysAllocString
VariantClear
SafeArrayDestroy

Sections

.text
Size: 212KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 308KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

69811f1991c0bb0e5c5799c6e08a9f27

Headers

File Characteristics

Imports

kernel32

shlwapi

user32

wininet

atl

shell32

gdi32

comdlg32

ntdll

advapi32

ole32

oleaut32

Sections

.text Size: 212KB - Virtual size: 208KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 308KB - Virtual size: 361KB

.rsrc Size: 100KB - Virtual size: 99KB

.text
Size: 212KB - Virtual size: 208KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 308KB - Virtual size: 361KB

.rsrc
Size: 100KB - Virtual size: 99KB