cbf6b8927dd422d9daa607863a3e4d73

Sharing

Copy URL Twitter E-mail

General

Target

cbf6b8927dd422d9daa607863a3e4d73
Size

4.0MB
MD5

cbf6b8927dd422d9daa607863a3e4d73
SHA1

a4b48cb6536c2408fe03301f1df6889c58624953
SHA256

bdb993475c6ec3897385cc2aacf16b5db47686e4b2ea6bcd952b811249d0e783
SHA512

4b1eb15649b709eaf3fe0c67db96f0423c7b2e5ec0ba02ee6ed117d4d97abe4f5a06369feb977cc9941447dbb022c3766596044d2b615541f3fc4ddb1b8c7e6b
SSDEEP

98304:UGbP3u0S5L1lygxJyWAxa5AKflQsxBBKXHlyrMiCmztD:UGDeRygxJSxh4ugslyrMLmztD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/IPC17.exe

Files

cbf6b8927dd422d9daa607863a3e4d73
.rar
IPC17.exe
.exe windows:4 windows x86 arch:x86

6018eca061e5101e7f81984350e3ce58

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

WriteFile
Sleep
LoadLibraryA
GetProcAddress
RaiseException
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
FindClose
GetSystemTime
SystemTimeToFileTime
GetDateFormatA
WideCharToMultiByte
FindResourceA
SizeofResource
LockResource
LoadResource
FindResourceExA
FileTimeToSystemTime
GetTimeFormatA
GetFileSize
CreateDirectoryA
RemoveDirectoryA
FormatMessageA
FindFirstFileA
lstrlenA
lstrcmpA
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapFree
HeapAlloc
CreateEventA
MoveFileA
GetDiskFreeSpaceA
GetModuleHandleA
GetModuleFileNameA
CloseHandle
ReadFile
GetTempPathA
GetExitCodeProcess
GetVersion
GetPrivateProfileStringA
GetTempFileNameA
GlobalAlloc
GlobalLock
GlobalUnlock
FindNextFileA
GetSystemDirectoryA
GetWindowsDirectoryA
GetEnvironmentVariableA
InterlockedIncrement
InterlockedDecrement
IsDBCSLeadByte
lstrcmpiA
lstrcpynA
LoadLibraryExA
MultiByteToWideChar
lstrlenW
ExitProcess
DebugBreak
HeapSize
HeapReAlloc
HeapDestroy
LocalAlloc
GetStartupInfoA
GetCommandLineA
SleepEx
SetFilePointer
FlushFileBuffers
CreateFileA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrcatA
lstrcpyA
VirtualProtect
GetExitCodeThread
WaitForSingleObject
GetLastError
CreateThread
FreeLibrary
VirtualAlloc
GetSystemInfo
VirtualQuery
DeleteFileA
RtlUnwind

user32

CreateDialogParamA
DestroyWindow
IsDialogMessageA
EndDialog
SetFocus
LoadIconA
DefWindowProcA
SetClipboardData
GetSystemMetrics
LoadImageA
SetWindowLongA
PostMessageA
EmptyClipboard
ScreenToClient
CloseClipboard
OpenClipboard
DestroyMenu
EnableMenuItem
GetSubMenu
LoadStringA
MessageBoxA
KillTimer
EnableWindow
SetTimer
GetWindowLongA
SetWindowTextA
LoadMenuA
TrackPopupMenu
CallWindowProcA
GetDlgItem
GetWindow
SystemParametersInfoA
GetWindowRect
GetParent
GetClientRect
MapWindowPoints
SetWindowPos
GetActiveWindow
SendMessageA
UnregisterClassA
CharNextA
wvsprintfA

advapi32

RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegDeleteValueA
RegEnumKeyExA
RegDeleteKeyA
RegQueryInfoKeyA
RegCreateKeyExA
RegQueryValueExA

shell32

SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteExA
ShellExecuteA

ole32

CoUninitialize
CoInitialize
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree

oleaut32

VarUI4FromStr

comctl32

DestroyPropertySheetPage
CreatePropertySheetPageA
PropertySheetA

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 812B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IPC17.ini
IPC17.msi
.msi
下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

6018eca061e5101e7f81984350e3ce58

Headers

File Characteristics

Imports

version

kernel32

user32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 63KB - Virtual size: 62KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 812B

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 63KB - Virtual size: 62KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 812B

.rsrc
Size: 15KB - Virtual size: 14KB