968af9b5a50953ad092ffbbf589a14ec

Sharing

Copy URL Twitter E-mail

General

Target

968af9b5a50953ad092ffbbf589a14ec
Size

182KB
MD5

968af9b5a50953ad092ffbbf589a14ec
SHA1

ea363184820e2feddefe2700a5798ab68c7b271b
SHA256

4ffe5c4f28b0142a97b53bb141b06d86c8b3dcb26b529ee1212fb73bdbac7a52
SHA512

3fb7e59e61eb282c2de5dcbc41947ef34a1082216bee88df701bb61003f570b651d0236e75c6c7f358e297a3284e4e9d984ab9bab650be1fd0e809cb8cd95757
SSDEEP

3072:rrT97ROsro+PkpJEuKVNlf86U1Ah9/mmBczYk6xCBGXOAfYpeRqEOS0/H/Pt:RROsLMJjK90I9/FK95kXypeOjPt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/IeRepair.exe

Files

968af9b5a50953ad092ffbbf589a14ec
.rar
ADS.CFG
Ie2k.dat
Ie9x.dat
IeNop.Dat
IeRepair.exe
.exe windows:4 windows x86 arch:x86

87bccec8ae774342f5d52e5cf1e3cb88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

mfc42

ord1776
ord4424
ord1644
ord1146
ord939
ord941
ord537
ord2764
ord5440
ord6383
ord5450
ord6394
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord801
ord692
ord795
ord5943
ord1168
ord2621
ord1134
ord2725
ord5290
ord3402
ord3721
ord567
ord2302
ord4299
ord6215
ord2086
ord6880
ord755
ord470
ord6883
ord6143
ord541
ord4204
ord4644
ord1771
ord6366
ord2413
ord2024
ord4217
ord2576
ord4397
ord3352
ord3577
ord5953
ord924
ord6055
ord2937
ord5890
ord1200
ord4219
ord2581
ord4401
ord3639
ord6282
ord6283
ord5861
ord5608
ord3097
ord922
ord5710
ord4278
ord1871
ord6270
ord2863
ord823
ord2438
ord3663
ord3654
ord2584
ord4220
ord1862
ord500
ord3701
ord772
ord860
ord535
ord686
ord384
ord4224
ord2818
ord4710
ord6334
ord1175
ord2864
ord2919
ord2379
ord4234
ord2301
ord825
ord324
ord540
ord800
ord641
ord3597
ord4425
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord858
ord2614
ord4277
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord4853
ord4376
ord5265
ord4129
ord926
ord4698
ord1576

msvcrt

_setmbcp
_controlfp
_stricmp
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
_CxxThrowException
strstr
_purecall
acos
cos
sin
calloc
ceil
floor
realloc
strncmp
toupper
strcpy
fwrite
strncpy
strlen
memcpy
_EH_prolog
memset
fopen
fprintf
fclose
strrchr
sprintf
__p___argc
__p___argv
_mbscmp
_ftol
malloc
free
exit
__CxxFrameHandler

kernel32

GetCurrentProcess
VirtualProtect
FlushInstructionCache
GetStartupInfoA
MulDiv
GetSystemTime
CreateThread
WaitForSingleObject
SetEvent
CloseHandle
CreateEventA
HeapFree
GetProcessHeap
HeapAlloc
GetTempPathA
GetTempFileNameA
lstrcatA
GetLastError
lstrcpyA
SizeofResource
DeleteCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetModuleHandleA
LeaveCriticalSection
lstrcmpA
lstrcpynA
GetCurrentThreadId
CreateDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
WinExec
lstrcmpiA
FindResourceA
LoadResource
LockResource
lstrlenA
GetVersion
GetVersionExA
GetWindowsDirectoryA
GetSystemDirectoryA
DeleteFileA
GetModuleFileNameA
SetLastError

user32

InflateRect
WindowFromDC
GetMessagePos
SetCursor
SetFocus
GetCapture
IsMenu
EqualRect
ValidateRect
IntersectRect
GetWindowWord
SetWindowWord
DrawStateA
GetFocus
IsWindowEnabled
DrawFrameControl
GetWindowTextA
GetIconInfo
CharUpperBuffA
ShowScrollBar
SetScrollRange
SetScrollPos
SetScrollInfo
GetScrollRange
GetScrollPos
GetScrollInfo
EnableScrollBar
GetMenu
SetMenu
GetClassLongA
GetSystemMenu
DestroyMenu
LockWindowUpdate
ScreenToClient
IsWindowVisible
SetCapture
ReleaseCapture
DestroyWindow
BeginPaint
EndPaint
PtInRect
FrameRect
InvalidateRect
UpdateWindow
UnregisterClassA
LoadCursorA
RegisterClassExA
CreateWindowExA
GetKeyState
OffsetRect
IsRectEmpty
GetWindowInfo
IsZoomed
MoveWindow
GetWindowDC
SetWindowRgn
SetWindowPos
RemovePropA
SetPropA
SetWindowLongA
RedrawWindow
CallWindowProcA
DefWindowProcA
DispatchMessageA
GetMessageA
UnhookWindowsHookEx
SetWindowsHookExA
GetParent
GetActiveWindow
GetPropA
CallNextHookEx
LoadMenuA
SetMenuDefaultItem
GetCursorPos
SetForegroundWindow
IsWindow
MessageBoxA
wsprintfA
IsIconic
GetClientRect
DrawIcon
GetWindowRect
LoadIconA
MapWindowPoints
SubtractRect
GetWindowPlacement
ClientToScreen
DrawMenuBar
FindWindowA
ShowWindow
FlashWindow
GetSubMenu
GetSysColorBrush
CreatePopupMenu
GetMenuItemID
GetMenuState
GetMenuItemCount
AppendMenuA
GetSystemMetrics
GetDesktopWindow
GetDC
DrawTextA
ReleaseDC
DrawIconEx
DestroyIcon
GetSysColor
CopyRect
FillRect
DrawEdge
SetRect
GetMenuItemInfoA
EnableWindow
KillTimer
GetWindow
GetClassNameA
GetWindowLongA
PostMessageA
FindWindowExA
SendMessageA
SetTimer

gdi32

SetWindowOrgEx
PlayEnhMetaFile
CreatePatternBrush
SetBrushOrgEx
UnrealizeObject
GetRgnBox
SelectClipRgn
IntersectClipRect
MoveToEx
LineTo
ExtFloodFill
ExcludeClipRect
PtInRegion
StretchDIBits
GetClipBox
ExtSelectClipRgn
SetStretchBltMode
SetDIBitsToDevice
CreateDIBitmap
SaveDC
RestoreDC
Polygon
StretchBlt
SelectPalette
RealizePalette
CreateBitmap
SetBkColor
CreateICA
GetDIBits
GetRegionData
ExtCreateRegion
GetTextExtentPointA
SetTextColor
SetBkMode
GetStockObject
CreateRectRgnIndirect
CreateRectRgn
OffsetRgn
CombineRgn
PatBlt
ExtTextOutA
TextOutA
GetObjectA
GetPixel
RectVisible
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
GetTextExtentPoint32A
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
CreatePen
GetDeviceCaps

advapi32

RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyA
RegCloseKey

shell32

Shell_NotifyIconA
ShellExecuteA
SHFileOperationA
ExtractIconExA

comctl32

ImageList_Draw
ImageList_GetIcon
ImageList_GetIconSize
ImageList_DrawEx
InitCommonControlsEx
_TrackMouseEvent

msvcirt

?close@ifstream@@QAEXXZ
??1ifstream@@UAE@XZ
??1ios@@UAE@XZ
??_Difstream@@QAEXXZ
_mtlock
?get@istream@@IAEAAV1@PADHH@Z
?open@ifstream@@QAEXPBDHH@Z
?openprot@filebuf@@2HB
??0ifstream@@QAE@XZ
_mtunlock

msvcp60

??0_Lockit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??1_Lockit@std@@QAE@XZ

Sections

.text
Size: 220KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

87bccec8ae774342f5d52e5cf1e3cb88

Headers

File Characteristics

Imports

version

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

shell32

comctl32

msvcirt

msvcp60

Sections

.text Size: 220KB - Virtual size: 218KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 16KB - Virtual size: 78KB

.rsrc Size: 196KB - Virtual size: 192KB

.text
Size: 220KB - Virtual size: 218KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 16KB - Virtual size: 78KB

.rsrc
Size: 196KB - Virtual size: 192KB