E:\99_RXJH\热血江湖\2.0\01_源码\样儿v2.0-登录器新\Release\Logon.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
9c9474177eebcdffc65012df07e9e7b73b7aab7d0f0523f696208e041b682ad3.exe
Resource
win7-20240215-en
windows7-x64
8 signatures
150 seconds
Behavioral task
behavioral2
Sample
9c9474177eebcdffc65012df07e9e7b73b7aab7d0f0523f696208e041b682ad3.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
8 signatures
150 seconds
General
-
Target
9c9474177eebcdffc65012df07e9e7b73b7aab7d0f0523f696208e041b682ad3
-
Size
15.1MB
-
MD5
061b1432bba5948bd1b1622cc168b6cf
-
SHA1
672dc12d268ebdeecbc61f9a8490cae610c9c224
-
SHA256
9c9474177eebcdffc65012df07e9e7b73b7aab7d0f0523f696208e041b682ad3
-
SHA512
c2a225e3c976fb93e17bcf25121da10301759d2b8b4399d04fe7d93b65af4b3e9276fe85ea31cd2dbf984e9c9a9d6515e56dbc08d96a354882fcdd09a6cb769d
-
SSDEEP
196608:d0MimhBy2QpadQtwsK0LuFiCBIkQyYAl2+KCZXaaR:dHyRkP0LuFiCBIkl22RaaR
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 9c9474177eebcdffc65012df07e9e7b73b7aab7d0f0523f696208e041b682ad3
Files
-
9c9474177eebcdffc65012df07e9e7b73b7aab7d0f0523f696208e041b682ad3.exe windows:6 windows x86 arch:x86
e988d7dad8f188c5f2b0edd66366f872
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
Module32Next
Module32First
lstrcmpA
LocalFree
WriteProcessMemory
VirtualAllocEx
CreateRemoteThread
FileTimeToSystemTime
UnmapViewOfFile
GetLocalTime
GetFileInformationByHandle
SystemTimeToFileTime
SetFileTime
SetFilePointer
LocalFileTimeToFileTime
GetFileAttributesA
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
DecodePointer
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
Process32Next
Process32First
CreateToolhelp32Snapshot
MultiByteToWideChar
MoveFileExA
CopyFileA
FindResourceA
lstrlenA
lstrcpyA
WinExec
GetTickCount
OpenProcess
CreateProcessA
CreateThread
TerminateProcess
GetCurrentProcessId
GetCurrentProcess
Sleep
Beep
GetTempPathA
WriteFile
SetFileAttributesA
RemoveDirectoryA
ReadFile
GetFileSize
CreateFileA
CreateDirectoryA
SetCurrentDirectoryA
CreateMutexA
WaitForSingleObject
CloseHandle
DeleteFileA
GetCommandLineW
GetModuleFileNameA
GetLogicalDrives
GetDriveTypeA
GetCurrentDirectoryA
GetProcAddress
GetModuleHandleA
GetLastError
WideCharToMultiByte
WriteConsoleW
GetCurrentDirectoryW
SetCurrentDirectoryW
CreateFileW
SetConsoleCtrlHandler
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetTimeZoneInformation
GetDriveTypeW
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
GetFileAttributesExW
EnumSystemLocalesW
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
SetFilePointerEx
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
GetFullPathNameW
VirtualQuery
VirtualAlloc
GetSystemInfo
GetModuleHandleExW
ExitProcess
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
CompareStringEx
GetStringTypeW
LCMapStringEx
GetLocaleInfoEx
RaiseException
OutputDebugStringW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
CreateEventW
WaitForSingleObjectEx
ResetEvent
FindResourceW
SizeofResource
LockResource
LoadResource
SetLastError
GlobalAlloc
GlobalSize
GlobalUnlock
GlobalLock
GlobalFree
MulDiv
FormatMessageA
OutputDebugStringA
EncodePointer
GetCurrentThreadId
GetSystemDirectoryW
FreeLibrary
GetModuleFileNameW
GetModuleHandleW
LoadLibraryExW
LoadLibraryA
LoadLibraryW
GlobalDeleteAtom
lstrcmpW
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
CompareStringA
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindNextFileA
SystemTimeToTzSpecificLocalTime
InitializeCriticalSectionAndSpinCount
SetEvent
CreateEventA
SetThreadPriority
SuspendThread
ResumeThread
GetCurrentThread
GetVersionExA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
GetAtomNameA
GetThreadLocale
GetACP
GlobalFlags
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
VirtualProtect
GetOEMCP
GetCPInfo
FlushFileBuffers
GetFullPathNameA
LockFile
SetEndOfFile
UnlockFile
GetVolumeInformationA
DuplicateHandle
LoadLibraryExA
GetShortPathNameA
lstrcmpiA
MoveFileA
GetStringTypeExA
GetDiskFreeSpaceA
GetFileTime
GetTempFileNameA
ReplaceFileA
GetUserDefaultLCID
GetFileAttributesExA
GetFileSizeEx
VerSetConditionMask
VerifyVersionInfoA
GetWindowsDirectoryA
FindResourceExW
SetErrorMode
GetTickCount64
SearchPathA
GetProfileIntA
LocalLock
LocalUnlock
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
user32
CreateWindowExA
IsMenu
IsChild
DestroyWindow
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
GetDlgItem
GetDlgCtrlID
SetFocus
GetKeyState
GetCapture
GetMenu
SetMenu
UpdateWindow
SetActiveWindow
GetForegroundWindow
BeginPaint
EndPaint
ValidateRect
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropA
RemovePropA
GetWindowTextLengthA
ScreenToClient
MapWindowPoints
EqualRect
PtInRect
GetClassLongA
GetTopWindow
GetLastActivePopup
SetWindowsHookExA
UnhookWindowsHookEx
SetScrollInfo
GetScrollInfo
WinHelpA
MonitorFromWindow
GetMonitorInfoA
ShowWindow
MoveWindow
SetDlgItemInt
GetDlgItemInt
SetDlgItemTextA
GetDlgItemTextA
CheckDlgButton
CheckRadioButton
IsDlgButtonChecked
IsWindowEnabled
ScrollWindowEx
SetWindowTextA
IsDialogMessageA
CreateDialogIndirectParamA
EndDialog
IntersectRect
GetWindowThreadProcessId
LoadBitmapA
SetCapture
ReleaseCapture
SetTimer
KillTimer
IsRectEmpty
SystemParametersInfoA
GetMessageA
TranslateMessage
ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
GetMenuItemInfoA
WaitMessage
BringWindowToTop
LoadAcceleratorsA
TranslateAcceleratorA
InsertMenuItemA
GetMenuBarInfo
UnpackDDElParam
ReuseDDElParam
IsZoomed
GetKeyNameTextA
MapVirtualKeyA
GetSysColorBrush
LoadCursorA
TrackMouseEvent
LoadImageW
RealChildWindowFromPoint
CopyImage
GetAsyncKeyState
GetDialogBaseUnits
GetClassInfoA
CharNextA
CopyAcceleratorTableA
InvalidateRgn
SetRect
DeleteMenu
GetNextDlgGroupItem
MessageBeep
UnionRect
GetSystemMenu
SetParent
LoadMenuW
NotifyWinEvent
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
MonitorFromPoint
SetLayeredWindowAttributes
EnumDisplayMonitors
DrawIconEx
HideCaret
InvertRect
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
SetClassLongA
DrawEdge
DrawFrameControl
SetCursorPos
CopyIcon
LoadAcceleratorsW
RegisterClipboardFormatA
GetDCEx
LockWindowUpdate
CharUpperBuffA
ModifyMenuA
GetKeyboardLayout
GetKeyboardState
ToAsciiEx
CreateAcceleratorTableA
DestroyAcceleratorTable
PostThreadMessageA
GetComboBoxInfo
IsCharLowerA
MapVirtualKeyExA
GetDoubleClickTime
IsClipboardFormatAvailable
GetUpdateRect
MonitorFromRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
EnumChildWindows
SendNotifyMessageA
InSendMessage
WindowFromDC
CreateMenu
SubtractRect
GetWindowRgn
GetTabbedTextExtentA
GetTabbedTextExtentW
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
DispatchMessageA
RegisterWindowMessageA
LoadBitmapW
SendMessageA
SetWindowPos
EnableWindow
PostMessageA
GetWindowDC
ReleaseDC
SetWindowRgn
InvalidateRect
GetClientRect
GetWindowRect
LoadImageA
GetNextDlgTabItem
GetActiveWindow
LoadMenuA
DestroyMenu
GetSubMenu
TrackPopupMenuEx
DrawStateA
GetDC
SetCursor
ClientToScreen
WindowFromPoint
GetSysColor
DrawFocusRect
FillRect
FrameRect
GetClassInfoExA
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CopyRect
EnableMenuItem
CheckMenuItem
SetRectEmpty
SendDlgItemMessageA
InflateRect
OffsetRect
GetWindowLongA
RemoveMenu
GetParent
DestroyCursor
DestroyIcon
CreateIconIndirect
GetIconInfo
IsWindow
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringA
CharUpperA
RedrawWindow
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
UnregisterClassA
PostQuitMessage
PeekMessageA
CreateIconFromResource
LoadIconW
LoadIconA
LoadCursorW
CallNextHookEx
GetClassNameA
EnumWindows
GetCursorPos
GetWindowTextA
DrawIcon
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
IsIconic
ShowWindowAsync
wsprintfA
GetWindow
GetDesktopWindow
GetPropA
SetForegroundWindow
AdjustWindowRectEx
MessageBoxA
GetFocus
SetWindowLongA
gdi32
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
ExtSelectClipRgn
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SaveDC
StartDocA
ArcTo
PolyDraw
SelectPalette
SetTextCharacterExtra
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
CreateRectRgnIndirect
SelectClipRgn
RestoreDC
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetObjectType
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
GetDeviceCaps
CreateDCA
CopyMetaFileA
ExtTextOutA
SetColorAdjustment
GetTextFaceA
GetTextExtentPoint32W
GetTextExtentPointA
GetTextAlign
GetStretchBltMode
GetPolyFillMode
GetNearestColor
GetBkMode
GetROP2
SetPixelV
SetAbortProc
AbortDoc
EndPage
StartPage
EndDoc
DeleteMetaFile
CreateMetaFileA
CloseMetaFile
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
RoundRect
SetPaletteEntries
ExtFloodFill
Rectangle
GetCurrentObject
OffsetRgn
EnumFontFamiliesExA
Polyline
Polygon
CreatePolygonRgn
SetDIBColorTable
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
CreateRoundRectRgn
StretchDIBits
GetCharWidthA
CreateFontA
GetRgnBox
GetTextColor
GetTextMetricsA
GetTextExtentPoint32A
LPtoDP
CreateDIBSection
Ellipse
CreateEllipticRgn
DPtoLP
SetRectRgn
PatBlt
GetMapMode
BitBlt
CombineRgn
CreateCompatibleBitmap
CreateCompatibleDC
CreateRectRgn
DeleteObject
TextOutA
GetDIBits
SelectObject
StretchBlt
GetObjectA
CreateBitmap
DeleteDC
GetPixel
GetStockObject
SetBkColor
SetPixel
SetTextColor
CreateSolidBrush
Escape
PtVisible
RectVisible
GetBkColor
advapi32
RegOpenKeyExA
RegOpenKeyA
RegCreateKeyA
IsTextUnicode
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegQueryValueA
RegOpenKeyExW
SetFileSecurityA
GetFileSecurityA
RegEnumValueA
RegEnumKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
SetEntriesInAclA
SetSecurityInfo
BuildExplicitAccessWithNameA
RegSetValueA
shell32
SHBrowseForFolderA
SHGetMalloc
SHAppBarMessage
CommandLineToArgvW
ShellExecuteA
Shell_NotifyIconA
SHGetSpecialFolderPathA
SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA
ExtractIconA
SHGetDesktopFolder
SHAddToRecentDocs
SHGetFileInfoA
DragFinish
DragQueryFileA
ole32
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoRegisterClassObject
CoRevokeClassObject
CoRegisterMessageFilter
OleSetMenuDescriptor
OleLockRunning
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
CreateFileMoniker
OleRegGetMiscStatus
OleRegEnumVerbs
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
WriteClassStm
GetHGlobalFromILockBytes
CreateGenericComposite
CreateItemMoniker
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
CreateDataAdviseHolder
CreateOleAdviseHolder
OleIsCurrentClipboard
OleIsRunning
CoGetMalloc
OleQueryLinkFromData
OleQueryCreateFromData
OleSetClipboard
CoInitializeEx
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleRun
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
PropVariantCopy
CoDisconnectObject
StringFromGUID2
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
OleDraw
CreateStreamOnHGlobal
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoUninitialize
CoCreateInstance
CoInitialize
GetRunningObjectTable
OleFlushClipboard
oleaut32
VarBstrFromCy
VarCyFromStr
VarDateFromStr
VariantCopy
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
VarBstrFromDate
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
SysReAllocStringLen
SysStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
SysAllocString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
SysFreeString
VarBstrFromDec
SystemTimeToVariantTime
VariantTimeToSystemTime
VarDecFromStr
OleCreateFontIndirect
SafeArrayDestroy
SafeArrayCreateVector
msimg32
AlphaBlend
TransparentBlt
comctl32
_TrackMouseEvent
shlwapi
PathStripToRootA
PathRemoveExtensionA
PathFindExtensionA
PathFileExistsA
StrFormatKBSizeA
PathFindFileNameA
PathRemoveFileSpecW
PathIsUNCA
uxtheme
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
GetThemePartSize
CloseThemeData
OpenThemeData
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeBackground
IsAppThemed
DrawThemeText
oledlg
ord8
urlmon
URLDownloadToFileA
gdiplus
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipDrawImageI
GdipGetImageHeight
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipAlloc
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdipFree
GdipCloneImage
winmm
PlaySoundA
wininet
InternetSetOptionA
InternetReadFile
HttpOpenRequestA
InternetConnectA
InternetCloseHandle
HttpSendRequestA
HttpQueryInfoA
DeleteUrlCacheEntry
InternetOpenUrlA
InternetOpenA
ws2_32
sendto
WSASetLastError
WSAAsyncSelect
send
bind
closesocket
connect
htons
inet_addr
inet_ntoa
ntohl
recv
socket
gethostbyname
WSAStartup
WSACleanup
WSAGetLastError
accept
select
recvfrom
ntohs
htonl
getsockname
getpeername
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
oleacc
LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject
imm32
ImmReleaseContext
ImmGetOpenStatus
ImmGetContext
winspool.drv
OpenPrinterA
DocumentPropertiesA
GetJobA
ClosePrinter
Sections
.text Size: 2.7MB - Virtual size: 2.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 611KB - Virtual size: 611KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 73KB - Virtual size: 137KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 11.5MB - Virtual size: 11.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 219KB - Virtual size: 218KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ