7f5f5ec8bbc203573c4b82bddaee3a9f

Sharing

Copy URL Twitter E-mail

General

Target

7f5f5ec8bbc203573c4b82bddaee3a9f
Size

689KB
MD5

7f5f5ec8bbc203573c4b82bddaee3a9f
SHA1

fdfd3fa7e906606ec67425f3626f8296ded27bea
SHA256

e67cb022ccb9b424355372fbba94b130239fe28df604167584d667e3e9e48bbf
SHA512

65831cd383e8c0c5c03634b5b58a3aa388a2457cd930f424f7c5ec7832a67da1f8bd4a7618dd8404bc7fdcdf2095709d6e2a0deb600aef566b7967510ce1b334
SSDEEP

12288:9+vRktTp6KpDO4tQHepCo52VqDP0ybS81IgPkveeq9shN5/K9dbs8gozf:YvRGAQDaH+qYP081IVeeq9UN5/Knbs8Z

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/HA_TornadoFlashPlayer1.7_yfy/Tornado.dat	aspack_v212_v242

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/HA_TornadoFlashPlayer1.7_yfy/Tornado.dat
unpack001/HA_TornadoFlashPlayer1.7_yfy/TornadoSaver.dat
unpack001/HA_TornadoFlashPlayer1.7_yfy/Tornadofp.exe
unpack001/HA_TornadoFlashPlayer1.7_yfy/注册.exe

Files

7f5f5ec8bbc203573c4b82bddaee3a9f
.rar
HA_TornadoFlashPlayer1.7_yfy/Tornado.chm
.chm
HA_TornadoFlashPlayer1.7_yfy/Tornado.dat
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 286KB - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 18KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 39KB - Virtual size: 832KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HA_TornadoFlashPlayer1.7_yfy/TornadoSaver.dat
.exe windows:4 windows x86 arch:x86

20ef897442a4d84f1ab2e208f35daa86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mixerOpen
mixerGetDevCapsA
mixerGetNumDevs
mixerSetControlDetails
mixerGetControlDetailsA
mixerClose
mixerGetLineControlsA
mixerGetLineInfoA

kernel32

SetErrorMode
GetFileTime
FileTimeToLocalFileTime
GetTickCount
FileTimeToSystemTime
GetFileAttributesA
GetFileSize
GetStartupInfoA
ExitProcess
TerminateProcess
HeapAlloc
RaiseException
RtlUnwind
HeapSize
GetACP
GetTimeZoneInformation
HeapFree
GetOEMCP
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapReAlloc
TlsAlloc
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetCPInfo
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
FreeEnvironmentStringsA
UnhandledExceptionFilter
InitializeCriticalSection
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GetVersionExA
DeleteFileA
LoadLibraryA
GetProcAddress
FreeLibrary
GetCommandLineA
CreateSemaphoreA
GetLastError
LocalAlloc
MulDiv
FormatMessageA
LocalFree
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
lstrcpynA
SetLastError
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GlobalUnlock
GlobalFree
FindResourceA
LoadResource
LockResource
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
GetModuleHandleA
CloseHandle
GetModuleFileNameA
HeapDestroy
HeapCreate
GetStringTypeW

user32

GetClassNameA
PtInRect
GetDesktopWindow
CharNextA
LoadCursorA
GetSysColorBrush
LoadStringA
DestroyMenu
CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
MoveWindow
SetWindowTextA
IsDialogMessageA
CharUpperA
MapDialogRect
SetWindowContextHelpId
EndDialog
CreateDialogIndirectParamA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetActiveWindow
IsWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
CopyRect
EndDeferWindowPos
TabbedTextOutA
GrayStringA
GetTopWindow
IsChild
GetCapture
WinHelpA
EndPaint
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
SetWindowPlacement
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
GetWindowPlacement
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
DrawTextA
wsprintfA
MessageBoxA
SetCursor
PostQuitMessage
EnableWindow
PostMessageA
GetWindowRect
GetCursorPos
KillTimer
IsIconic
GetSystemMetrics
DrawIcon
SendMessageA
SetTimer
LoadIconA
GetForegroundWindow
SystemParametersInfoA
FindWindowA
ShowWindow
GetClientRect
DefWindowProcA
GetDlgCtrlID
BeginDeferWindowPos
UnregisterClassA

gdi32

CreateSolidBrush
GetObjectA
SetBkColor
SetTextColor
GetClipBox
DeleteDC
CreateBitmap
DeleteObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SelectObject
RestoreDC
SaveDC
GetStockObject

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegOpenKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegCreateKeyA

comctl32

ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
CoRevokeClassObject
CoRegisterMessageFilter
CoTaskMemAlloc
CoTaskMemFree

olepro32

ord253

oleaut32

SysFreeString
SysAllocStringByteLen
VariantClear
VariantCopy
SysAllocString
VariantChangeType
VariantTimeToSystemTime
SysAllocStringLen
SysStringLen

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HA_TornadoFlashPlayer1.7_yfy/Tornadofp.exe
.exe windows:4 windows x86 arch:x86

38daed77c545f890cc3b5a82cf079c1d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FindCloseUrlCache
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA

winmm

mixerGetLineControlsA
mixerOpen
mixerGetNumDevs
mixerGetDevCapsA
mixerGetControlDetailsA
mixerClose
mixerSetControlDetails
mixerGetLineInfoA

imagehlp

MakeSureDirectoryPathExists

kernel32

SetUnhandledExceptionFilter
GetDriveTypeA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
GetStdHandle
IsBadCodePtr
CompareStringA
CompareStringW
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
SetHandleCount
SetEvent
WaitForSingleObject
DeleteFileA
WinExec
lstrcpynA
CreateThread
LoadLibraryA
GetProcAddress
GlobalAlloc
lstrlenW
CreateFileA
WriteFile
GlobalUnlock
GlobalFree
CopyFileA
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCurrentProcess
GetModuleFileNameA
CreateEventA
FreeLibrary
GetVersion
GetVersionExA
GetSystemDirectoryA
CreateSemaphoreA
GetLastError
CloseHandle
Sleep
lstrlenA
GetTimeZoneInformation
HeapReAlloc
GetACP
HeapSize
RaiseException
GetFileType
SetStdHandle
ExitThread
GetProfileStringA
GetCommandLineA
GetStartupInfoA
SetEnvironmentVariableA
HeapAlloc
HeapFree
TerminateProcess
ExitProcess
RtlUnwind
GetTickCount
SetErrorMode
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
FileTimeToLocalFileTime
FileTimeToSystemTime
GetOEMCP
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
SizeofResource
GlobalFlags
MulDiv
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetTempFileNameA
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
DuplicateHandle
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
FormatMessageA
LocalFree
FindNextFileA
FindFirstFileA
SetLastError
FindClose
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetModuleHandleA
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
SuspendThread
SetThreadPriority
ResumeThread
GlobalDeleteAtom
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
lstrcmpA
lstrcatA
lstrcpyA
GetWindowsDirectoryA
FindResourceA
LoadResource
LockResource
GetCPInfo
GlobalLock

user32

LoadStringA
GetClassNameA
IsZoomed
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
TranslateAcceleratorA
LoadAcceleratorsA
CharNextA
SetRectEmpty
EndPaint
BeginPaint
GetWindowDC
FindWindowA
PtInRect
DestroyCursor
CharUpperA
wvsprintfA
MapDialogRect
SetWindowContextHelpId
DestroyMenu
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
MapWindowPoints
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
UnhookWindowsHookEx
CallWindowProcA
GetMessageTime
GetMessagePos
PostThreadMessageA
RegisterWindowMessageA
OffsetRect
IntersectRect
GetWindowPlacement
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetMessageA
TranslateMessage
DispatchMessageA
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
SetWindowsHookExA
MessageBoxA
ShowOwnedPopups
PostMessageA
CopyAcceleratorTableA
GetNextDlgTabItem
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetKeyState
IsMenu
RemovePropA
SetActiveWindow
SetPropA
MessageBeep
GetParent
InflateRect
SetWindowLongA
SetCursor
LoadImageA
GetFocus
DrawFocusRect
ReleaseCapture
GetWindowRect
WindowFromPoint
UnionRect
ScreenToClient
SetCapture
GrayStringA
TabbedTextOutA
DeleteMenu
LoadBitmapA
GetSysColorBrush
GetMenuStringA
CreateMenu
CreatePopupMenu
GetMenuItemID
GetMenuState
GetMenuItemCount
InsertMenuA
AppendMenuA
DrawTextA
DrawIconEx
CopyRect
DrawEdge
SystemParametersInfoA
SetRect
GetMenuItemInfoA
GetSysColor
CheckMenuItem
SetParent
RegisterClipboardFormatA
LockWindowUpdate
GetDCEx
GetTabbedTextExtentA
GetNextDlgGroupItem
SetWindowPos
GetForegroundWindow
PostQuitMessage
ClientToScreen
GetCursorPos
GetSubMenu
ModifyMenuA
EnableMenuItem
LoadIconA
DestroyIcon
ReleaseDC
IsRectEmpty
GetDC
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
FillRect
ExitWindowsEx
InvalidateRect
ShowCursor
KillTimer
GetClientRect
GetSystemMetrics
LoadMenuA
SetTimer
EnableWindow
LoadCursorA
IsWindow
GetWindow
GetDesktopWindow
GetPropA
IsIconic
ShowWindow
SetForegroundWindow
GetLastActivePopup
SendMessageA
GetMenu
SetMenu
UpdateWindow
EndDeferWindowPos
HideCaret
ShowCaret
UnregisterClassA
DefDlgProcA
IsWindowUnicode
ExcludeUpdateRgn

gdi32

CreateDIBitmap
GetTextExtentPointA
SelectObject
GetDIBits
RealizePalette
EndDoc
EndPage
AbortDoc
StartPage
StartDocA
SetAbortProc
LPtoDP
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
DeleteDC
GetViewportOrgEx
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
GetMapMode
SetRectRgn
CombineRgn
StretchDIBits
GetCharWidthA
CreateFontA
GetTextColor
GetBkColor
GetTextMetricsA
GetNearestColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetROP2
GetTextFaceA
GetWindowOrgEx
DPtoLP
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
CreateRectRgnIndirect
Escape
ExtTextOutA
TextOutA
RectVisible
Rectangle
PatBlt
CreateDIBSection
PtVisible
Ellipse
GetTextExtentPoint32A
DeleteObject
CreatePen
GetTextExtentPoint32W
CreateFontIndirectA
GetBkMode
GetObjectA
GetStockObject
SelectPalette
GetDeviceCaps
CreateDCA
CreateCompatibleDC
CreateSolidBrush
BitBlt
CreateCompatibleBitmap

comdlg32

CommDlgExtendedError
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA
PrintDlgA
GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

OpenProcessToken
RegSetValueA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegCreateKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
GetFileSecurityA
RegQueryValueA
RegOpenKeyExA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
SetFileSecurityA

shell32

ExtractIconA
SHGetFileInfoA
DragAcceptFiles
DragQueryFileA
DragFinish
ShellExecuteA
Shell_NotifyIconA
SHBrowseForFolderA
SHGetPathFromIDListA

comctl32

ImageList_GetIcon
ImageList_EndDrag
ImageList_DragShowNolock
ImageList_Draw
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_BeginDrag
ImageList_GetImageInfo
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_Create
ord17
ImageList_Destroy
ImageList_DrawIndirect

oledlg

ord8

ole32

StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleInitialize
OleUninitialize
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoRevokeClassObject
CoFreeUnusedLibraries
CLSIDFromString
CLSIDFromProgID
CoInitialize

olepro32

ord253

oleaut32

SysStringLen
SysFreeString
SysAllocStringByteLen
VariantCopy
SysAllocString
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
VariantChangeType

Sections

.text
Size: 372KB - Virtual size: 371KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HA_TornadoFlashPlayer1.7_yfy/defaultflash.bmp
HA_TornadoFlashPlayer1.7_yfy/defaultlist.bmp
HA_TornadoFlashPlayer1.7_yfy/key.txt
HA_TornadoFlashPlayer1.7_yfy/license.txt
HA_TornadoFlashPlayer1.7_yfy/下载说明.htm
.html .js polyglot
HA_TornadoFlashPlayer1.7_yfy/汉化说明.txt
HA_TornadoFlashPlayer1.7_yfy/注册.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

FFF
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

FFF
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

FFF
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

FFF
Size: - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 286KB - Virtual size: 604KB

.rdata Size: 18KB - Virtual size: 44KB

.data Size: 39KB - Virtual size: 832KB

.data1 Size: 512B - Virtual size: 4KB

.CRT Size: 4KB - Virtual size: 4KB

.rsrc Size: 88KB - Virtual size: 88KB

.aspack Size: 4KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

20ef897442a4d84f1ab2e208f35daa86

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 136KB - Virtual size: 135KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 12KB - Virtual size: 22KB

.rsrc Size: 16KB - Virtual size: 12KB

38daed77c545f890cc3b5a82cf079c1d

Headers

File Characteristics

Imports

wininet

winmm

imagehlp

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 372KB - Virtual size: 371KB

.rdata Size: 84KB - Virtual size: 82KB

.data Size: 24KB - Virtual size: 39KB

.rsrc Size: 132KB - Virtual size: 127KB

Headers

File Characteristics

Sections

FFF Size: - Virtual size: 36KB

FFF Size: 2KB - Virtual size: 4KB

FFF Size: 3KB - Virtual size: 4KB

FFF Size: - Virtual size: 1024B

.text
Size: 286KB - Virtual size: 604KB

.rdata
Size: 18KB - Virtual size: 44KB

.data
Size: 39KB - Virtual size: 832KB

.data1
Size: 512B - Virtual size: 4KB

.CRT
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 88KB - Virtual size: 88KB

.aspack
Size: 4KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

.text
Size: 136KB - Virtual size: 135KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 12KB - Virtual size: 22KB

.rsrc
Size: 16KB - Virtual size: 12KB

.text
Size: 372KB - Virtual size: 371KB

.rdata
Size: 84KB - Virtual size: 82KB

.data
Size: 24KB - Virtual size: 39KB

.rsrc
Size: 132KB - Virtual size: 127KB

FFF
Size: - Virtual size: 36KB

FFF
Size: 2KB - Virtual size: 4KB

FFF
Size: 3KB - Virtual size: 4KB

FFF
Size: - Virtual size: 1024B