c63c42164dfc9390763f490008ec0bc8

Sharing

Copy URL Twitter E-mail

General

Target

c63c42164dfc9390763f490008ec0bc8
Size

706KB
MD5

c63c42164dfc9390763f490008ec0bc8
SHA1

1483c06d6d4e6a815048d6bbd6cde97597593ea6
SHA256

70adfe9aa9a7b64ec158bcc424d92ef8ca9c979e42474d817548677e5f1922f1
SHA512

5446ca595220c49af0be04adb1b40afa6db207a1ecf0472d3d2ec281d24ec98e4b95da37974178a6442d8c9fd30a7e01a4d6afec97c2a80ce7fdecad4fb1acf4
SSDEEP

12288:ofG8IASgui30RcEjH+BJMNPKDp+7XNOp/Pm+N9yKEyKW8FbpX4G+CYjUjlVK9TKE:R8IASgP3JEjeBQPGUcXmO97IFbpF+CYF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/WbjjPlus26_20050714.exe

Files

c63c42164dfc9390763f490008ec0bc8
.zip
Readme.txt
WbjjPlus26_20050714.exe
.exe windows:4 windows x86 arch:x86

7c4e577cf05d80be4ee42f1f3bc6b42a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetDlgItemTextA
SendDlgItemMessageA
SetWindowLongA
ShowWindow
MessageBoxA
LoadBitmapA
GetDlgItem
SetParent
PostMessageA
MoveWindow

kernel32

ExitProcess
FindResourceA
FlushFileBuffers
GetDriveTypeA
CreateDirectoryA
CloseHandle
CreateFileA
GetModuleHandleA
GetSystemDirectoryA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
LoadResource
GetLastError
ReadFile
SetFilePointer
SetFileTime
SizeofResource
Sleep
WriteFile
lstrcatA
lstrcpyA
lstrlenA
GetModuleFileNameA
LockResource

comctl32

CreatePropertySheetPageA
PropertySheetA
InitCommonControls

comdlg32

GetSaveFileNameA

imm32

ImmInstallIMEA

advapi32

RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHGetSpecialFolderPathA
SHGetPathFromIDListA
SHBrowseForFolderA

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 524KB - Virtual size: 523KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
chinaz.com.txt
˵.htm
.html
ʹð.txt

Sharing

General

Malware Config

Signatures

Files

7c4e577cf05d80be4ee42f1f3bc6b42a

Headers

File Characteristics

Imports

user32

kernel32

comctl32

comdlg32

imm32

advapi32

shell32

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 524KB - Virtual size: 523KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 524KB - Virtual size: 523KB