c4354c0f7f70259ac308f8edb89b7db1

Sharing

Copy URL

Twitter E-mail

General

Target

c4354c0f7f70259ac308f8edb89b7db1
Size

7.0MB
MD5

c4354c0f7f70259ac308f8edb89b7db1
SHA1

4f5c8dbbc56216f345e235e268599805f3b3cc16
SHA256

6c81239278fc22aac98e866a51d12a33a20b30a1a674173dc387fb3f18491f9e
SHA512

5fa5af4be31e77c3ca9d355b44a76c7fc9fdab7f7d9fc3d990d6a0d6e81ab03b5e7a451ce8f3c75d7ef855c51edb6079e3e17a85d45ab7d28d8dd30b0f92bf4c
SSDEEP

196608:V5C2tOD3ymgeQbg0fU1MEP4ttGN5V+6JfJL/X1Hjl:6vDigQbg51MEwtCV+YxB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/chomefree6.6B.exe

Files

c4354c0f7f70259ac308f8edb89b7db1
.rar
chomefree6.6B.exe
.exe windows:4 windows x86 arch:x86

e3668ca57337e2ff25fa353e5eb62a83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
IsBadWritePtr
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStrings
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetStdHandle
SizeofResource
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapSize
CreateThread
ExitThread
HeapReAlloc
ExitProcess
RtlUnwind
GetStartupInfoW
GetFileAttributesW
SetErrorMode
GetCurrentProcess
FlushFileBuffers
WritePrivateProfileStringW
GlobalFlags
lstrcmpiW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
InterlockedDecrement
GetCurrentThread
lstrcmpA
GetModuleFileNameW
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
CreateEventW
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
lstrcatW
lstrcmpW
GetModuleHandleW
GetVersionExA
GetModuleHandleA
GlobalFree
MulDiv
lstrcpyW
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
lstrcpynW
GetWindowsDirectoryW
SetFileTime
GetCurrentDirectoryW
LocalFileTimeToFileTime
SystemTimeToFileTime
ReadFile
SetFilePointer
CreateFileW
WriteFile
WinExec
WideCharToMultiByte
lstrlenW
CreateDirectoryW
TerminateProcess
HeapAlloc
HeapFree
SetLastError
FreeLibrary
LoadLibraryW
GetProcAddress
LoadLibraryA
CreateMutexW
GetLastError
ReleaseMutex
CloseHandle
MultiByteToWideChar
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
SetCurrentDirectoryW
SetEnvironmentVariableW
WaitForSingleObject
Sleep
GetVersionExW
FindResourceW
LoadResource
LockResource

user32

DestroyMenu
GetSysColorBrush
WindowFromPoint
PostQuitMessage
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
WinHelpW
GetCapture
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
GetClassInfoExW
GetClassLongW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
LoadIconW
PeekMessageW
MapWindowPoints
MessageBoxW
GetKeyState
SetForegroundWindow
GetMenu
AdjustWindowRectEx
GetClassInfoW
RegisterClassW
UnregisterClassW
DefWindowProcW
CallWindowProcW
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
CopyRect
GetWindow
EndPaint
BeginPaint
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowTextLengthW
GetFocus
SetWindowPos
SetFocus
IsWindowEnabled
ShowWindow
GetDlgCtrlID
SetWindowTextW
GetWindowLongW
IsDialogMessageW
IsDlgButtonChecked
SendDlgItemMessageW
GetDlgItem
CheckRadioButton
RegisterWindowMessageW
SetWindowLongW
CopyIcon
DestroyCursor
MessageBeep
IsWindow
GetSysColor
GetMessagePos
LoadCursorW
IsWindowVisible
GetParent
KillTimer
SetTimer
RedrawWindow
ReleaseDC
GetDC
ScreenToClient
GetClientRect
InflateRect
PtInRect
SetCursor
wsprintfW
InvalidateRect
UpdateWindow
GetWindowRect
PostMessageW
EnumChildWindows
GetWindowTextW
GetClassNameW
FindWindowW
EnableWindow
SendMessageW

gdi32

DeleteObject
CreateBitmap
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateSolidBrush
GetClipBox
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
GetTextExtentPoint32W
GetStockObject
GetObjectW
CreateFontIndirectW
CreateFontW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegOpenKeyExW
RegQueryValueW
CloseServiceHandle
RegSetValueExW
RegCreateKeyExW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyW
RegCloseKey
OpenServiceW
OpenSCManagerW
QueryServiceStatus

shell32

SHBrowseForFolderW
SHGetMalloc
ShellExecuteExW
SHGetPathFromIDListW
ShellExecuteW
SHGetSpecialFolderLocation

comctl32

ord17

shlwapi

PathFindExtensionW
PathFindFileNameW
SHDeleteKeyW

ole32

CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7.5MB - Virtual size: 7.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
安装说明.url
.url

Sharing

General

Malware Config

Signatures

Files

e3668ca57337e2ff25fa353e5eb62a83

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

Sections

.text Size: 156KB - Virtual size: 154KB

.rdata Size: 48KB - Virtual size: 46KB

.data Size: 8KB - Virtual size: 21KB

.rsrc Size: 7.5MB - Virtual size: 7.5MB

.text
Size: 156KB - Virtual size: 154KB

.rdata
Size: 48KB - Virtual size: 46KB

.data
Size: 8KB - Virtual size: 21KB

.rsrc
Size: 7.5MB - Virtual size: 7.5MB