3cf21fb5518db4f932a1ca774edd31b65811ce5a7e86a972a828601c4118e69e

Sharing

Copy URL

Twitter E-mail

General

Target

3cf21fb5518db4f932a1ca774edd31b65811ce5a7e86a972a828601c4118e69e
Size

294KB
MD5

11cc76cb808c6230fc0c056473da528b
SHA1

8d1a190bcfc50677875ac10e540e4a935fe85d36
SHA256

3cf21fb5518db4f932a1ca774edd31b65811ce5a7e86a972a828601c4118e69e
SHA512

1b914d1c1d86d88e72f6039140e14931c42609c711680c84f23787579ccd11ad8a02bec49a4e6024be9a6af77fe7c141922416485c6e786e2b12ed86752844eb
SSDEEP

6144:72BHt9bOyySjfH3EYMabFmeV+oTfKNO2hCj3k1Zz/TXEBAFlNnLTuTDRhG:oKpWJbFmeV3iXNtXkAFl5D

Score

3^/10

qr link

Malware Config

Signatures

One or more HTTP URLs in qr code identified
Detects presence of HTTP links in QR codes.
qr link

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/bosskey22.0.0.3.exe

Files

3cf21fb5518db4f932a1ca774edd31b65811ce5a7e86a972a828601c4118e69e
.rar
bosskey22.0.0.3.exe
.exe windows:5 windows x86 arch:x86

673457ae2f8666af21b0b429019e1387

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\2021天使软件\软件\老板键Load -ok\Release\bosskey.pdb

Imports

kernel32

SystemTimeToTzSpecificLocalTime
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
WriteConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
SetStdHandle
GetFileAttributesExA
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
FindNextFileA
FindFirstFileExA
GetTimeZoneInformation
GetStringTypeW
GetFileType
LCMapStringW
GetStdHandle
ExitProcess
HeapQueryInformation
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
RtlUnwind
OutputDebugStringW
FileTimeToLocalFileTime
SetErrorMode
FileTimeToSystemTime
GetCPInfo
GetOEMCP
GetVolumeInformationA
GetFullPathNameA
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GlobalFlags
FormatMessageA
LocalFree
GlobalFree
GlobalGetAtomNameA
GlobalFindAtomA
FindResourceA
lstrcmpW
FreeResource
GetSystemDirectoryW
EncodePointer
MulDiv
GlobalUnlock
GetCurrentProcessId
GlobalAddAtomA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CompareStringA
FindResourceW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
SizeofResource
LockResource
LoadResource
LoadLibraryExW
GetModuleFileNameA
GetVersionExA
GetCurrentThread
SetEvent
LoadLibraryW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
SetLastError
GetACP
WideCharToMultiByte
MultiByteToWideChar
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
RaiseException
HeapSize
HeapReAlloc
DecodePointer
OutputDebugStringA
CloseHandle
WriteFile
GetLastError
GetCurrentThreadId
CreateThread
GetCurrentProcess
IsBadReadPtr
LoadLibraryA
GetProcessHeap
HeapFree
HeapAlloc
VirtualProtect
VirtualFree
VirtualAlloc
GetProcAddress
CreateFileW
FreeLibrary

user32

ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
LoadIconA
GetWindow
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowRect
GetWindowTextA
RemovePropA
GetPropA
SetPropA
GetScrollPos
RedrawWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPos
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RealChildWindowFromPoint
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
UnhookWindowsHookEx
GetLastActivePopup
GetWindowThreadProcessId
GetWindowLongA
MessageBoxA
IsWindowEnabled
SetCursor
PostQuitMessage
PostMessageA
SetWindowTextA
IsDialogMessageA
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetDesktopWindow
GetCapture
SendMessageA
IsIconic
EnableWindow
GetSystemMetrics
DrawIcon
GetClientRect
LoadIconW
UnregisterClassA
SendDlgItemMessageA
SetRectEmpty
OffsetRect
GetParent
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
LoadBitmapW
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
GetSysColorBrush
LoadCursorA
SetTimer
KillTimer
CharUpperA
DestroyMenu
CallNextHookEx
RegisterClassA
InvalidateRect

gdi32

PtVisible
RectVisible
RestoreDC
SaveDC
SelectObject
SetBkColor
SetMapMode
SetTextColor
GetObjectA
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetStockObject
GetDeviceCaps
GetClipBox
Escape
DeleteObject
DeleteDC
CreateBitmap

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathFindExtensionA

ole32

CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
CoTaskMemFree

oleaut32

VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 121KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
softconfig.ini
有问题点我！安装教程！.png
.png
- https://ssp.njxzwh.com/wp/redirect

Sharing

General

Malware Config

Signatures

Files

673457ae2f8666af21b0b429019e1387

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shlwapi

ole32

oleaut32

oleacc

Sections

.text Size: 186KB - Virtual size: 186KB

.rdata Size: 57KB - Virtual size: 57KB

.data Size: 121KB - Virtual size: 131KB

.gfids Size: 3KB - Virtual size: 3KB

.giats Size: 512B - Virtual size: 4B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 17KB - Virtual size: 20KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 186KB - Virtual size: 186KB

.rdata
Size: 57KB - Virtual size: 57KB

.data
Size: 121KB - Virtual size: 131KB

.gfids
Size: 3KB - Virtual size: 3KB

.giats
Size: 512B - Virtual size: 4B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 17KB - Virtual size: 20KB

.reloc
Size: 13KB - Virtual size: 13KB