d6c043850364f519d970e26f1bd83804

Sharing

Copy URL Twitter E-mail

General

Target

d6c043850364f519d970e26f1bd83804
Size

320KB
MD5

d6c043850364f519d970e26f1bd83804
SHA1

635b1573bc976173b59b04932468bca2ca4592a1
SHA256

d1bc888e1f5d9b0fbf4b51f3406fb7ec20580854879040c7b010a455d868a90d
SHA512

9e4783d92e2565639698cdf039c71f57c11691544061230cfc284bc9cf2848172884d0683796419f484d9bf791ff9c8343ad5cae44df70a277a8b8a5f7a8a5e4
SSDEEP

6144:OI0RGYHT8Ui07yl8WR1aND/fvgm3xO9qy92UmtjaY+EuWc3Xud5R+uYC5e:n0xvHWR1GTvXBqmCJWhVYC5e

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/305019210/Examples/MyDll.dll
unpack001/305019210/Examples/MyProg.exe
unpack001/305019210/Files/isbunzip.dll
unpack001/305019210/Files/isbzip.dll

Files

d6c043850364f519d970e26f1bd83804
.rar
305019210/Components/.cvsignore
305019210/Components/MBCSUtil.pas
305019210/Components/NewCheckListBox.pas
.vbs
305019210/Components/NewFCtrl.pas
305019210/Components/NewFCtrl.r32
305019210/Components/NewProgressBar.pas
305019210/Components/NewStaticText.pas
305019210/Components/RichEditViewer.pas
305019210/Components/SynHighlighterISXCode.pas
305019210/Components/SynHighlighterInno.pas
305019210/Components/TmSchemaISX.pas
305019210/Components/UxThemeISX.pas
305019210/Examples/CodeClasses.iss
305019210/Examples/CodeDlg.iss
305019210/Examples/CodeDll.iss
305019210/Examples/CodeExample1.iss
305019210/Examples/Example1.iss
305019210/Examples/Example2.iss
305019210/Examples/Example3.iss
305019210/Examples/ISPPExample1.iss
305019210/Examples/ISPPExample1License.txt
305019210/Examples/MyDll.dll
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

MyDllFunc

Sections

CODE
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 610B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 70B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
305019210/Examples/MyDll/C/MyDll.c
305019210/Examples/MyDll/C/MyDll.def
305019210/Examples/MyDll/C/MyDll.dsp
305019210/Examples/MyDll/C/MyDll.dsw
305019210/Examples/MyDll/Delphi/MyDll.dpr
305019210/Examples/MyProg.exe
.exe windows:1 windows x86 arch:x86

a96d166ab17e011e8049d87211158ae5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

Sections

code
Size: 198B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IMPORTS
Size: 6B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

imports
Size: 82B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

relocs
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

resource
Size: 944B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
305019210/Examples/MyProg.hlp
305019210/Files/.cvsignore
305019210/Files/Default.isl
305019210/Files/WizModernImage.bmp
305019210/Files/WizModernImage2.bmp
305019210/Files/WizModernSmallImage.bmp
305019210/Files/WizModernSmallImage2.bmp
305019210/Files/isbunzip.dll
.dll windows:4 windows x86 arch:x86

6c8408bb5d7d5a5b75b9314f94e68763

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls

Exports

Exports

BZ2_bzDecompress
BZ2_bzDecompressEnd
BZ2_bzDecompressInit

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 253B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
305019210/Files/isbzip.dll
.dll windows:4 windows x86 arch:x86

6c8408bb5d7d5a5b75b9314f94e68763

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls

Exports

Exports

BZ2_bzCompress
BZ2_bzCompressEnd
BZ2_bzCompressInit

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 245B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
305019210/Projects/.cvsignore
305019210/Projects/ChildFrm.pas
305019210/Projects/CmnFunc.pas
305019210/Projects/CmnFunc2.pas
305019210/Projects/CompFileAssoc.pas
.js
305019210/Projects/CompForm.dfm
305019210/Projects/CompForm.dfm.txt
305019210/Projects/CompForm.pas
.js
305019210/Projects/CompInt.pas
.js
305019210/Projects/CompMsgs.pas
305019210/Projects/CompOptions.dfm
305019210/Projects/CompOptions.dfm.txt
305019210/Projects/CompOptions.pas
305019210/Projects/CompStartup.dfm
305019210/Projects/CompStartup.dfm.txt
305019210/Projects/CompStartup.pas
305019210/Projects/CompWizard.dfm
305019210/Projects/CompWizard.dfm.txt
305019210/Projects/CompWizard.pas
305019210/Projects/CompWizardFile.dfm
305019210/Projects/CompWizardFile.dfm.txt
305019210/Projects/CompWizardFile.pas
305019210/Projects/Compil32.dof
305019210/Projects/Compil32.dpr
305019210/Projects/Compil32.res
305019210/Projects/Compile.pas
.js
305019210/Projects/DebugClient.pas
305019210/Projects/DebugStruct.pas
305019210/Projects/Extract.pas
305019210/Projects/ISCC.dof
305019210/Projects/ISCC.dpr
305019210/Projects/ISCC.res
305019210/Projects/ISCmplr.dof
305019210/Projects/ISCmplr.dpr
305019210/Projects/ISCmplr.res
305019210/Projects/Images.res
305019210/Projects/InstFnc2.pas
.js
305019210/Projects/InstFunc.pas
.js
305019210/Projects/Install.pas
305019210/Projects/Int64Em.pas
305019210/Projects/Main.dfm
305019210/Projects/Main.dfm.txt
305019210/Projects/Main.pas
.js
305019210/Projects/MsgIDs.pas
305019210/Projects/Msgs.pas
305019210/Projects/NewDisk.dfm
305019210/Projects/NewDisk.dfm.txt
305019210/Projects/NewDisk.pas
305019210/Projects/RegSvr.dof
305019210/Projects/RegSvr.dpr
305019210/Projects/ScriptClasses_C.pas
305019210/Projects/ScriptClasses_R.pas
305019210/Projects/ScriptCompiler.pas
.js
305019210/Projects/ScriptDlg.pas
305019210/Projects/ScriptFunc.pas
.js
305019210/Projects/ScriptFunc_C.pas
305019210/Projects/ScriptFunc_R.pas
.js
305019210/Projects/ScriptRunner.pas
305019210/Projects/SelLangForm.dfm
305019210/Projects/SelLangForm.dfm.txt
305019210/Projects/SelLangForm.pas
305019210/Projects/Setup.dof
305019210/Projects/Setup.dpr
305019210/Projects/Setup.res
305019210/Projects/SetupEnt.pas
.js
305019210/Projects/SetupLdr.dof
305019210/Projects/SetupLdr.dpr
305019210/Projects/SetupLdr.res
305019210/Projects/SetupTypes.pas
305019210/Projects/Struct.pas
305019210/Projects/UIStateForm.pas
305019210/Projects/Undo.pas
305019210/Projects/Uninst.dof
305019210/Projects/Uninst.dpr
305019210/Projects/Uninst.res
305019210/Projects/UninstProgressDlg.h
305019210/Projects/UninstProgressDlg.pas
305019210/Projects/UninstProgressDlg.rc
305019210/Projects/UninstProgressDlg.res
305019210/Projects/UninstSharedFileDlg.h
305019210/Projects/UninstSharedFileDlg.pas
305019210/Projects/UninstSharedFileDlg.rc
305019210/Projects/UninstSharedFileDlg.res
305019210/Projects/VerInfo.pas
305019210/Projects/Version.inc
305019210/Projects/WinDlgs.pas
.js
305019210/Projects/Wizard.dfm
305019210/Projects/Wizard.dfm.txt
305019210/Projects/Wizard.pas
.js
305019210/Projects/XPTheme.manifest
.xml
305019210/Projects/XPTheme.pas
305019210/Projects/XPTheme.rc
305019210/Projects/XPTheme.res
305019210/Projects/_shfoldr.rc
305019210/Projects/_shfoldr.res
305019210/Projects/bzlib.pas
.js
305019210/Projects/zlib.pas
.js
305019210/Projects/zlib32/adler32.obj
305019210/Projects/zlib32/deflate.obj
305019210/Projects/zlib32/infblock.obj
305019210/Projects/zlib32/infcodes.obj
305019210/Projects/zlib32/inffast.obj
305019210/Projects/zlib32/inflate.obj
305019210/Projects/zlib32/inftrees.obj
305019210/Projects/zlib32/infutil.obj
305019210/Projects/zlib32/trees.obj
305019210/compile.bat
.bat .vbs
305019210/license.txt
305019210/mydelphi.8u8.com.txt
305019210/setup.iss
305019210/whatsnew.htm
.html
305019210/下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 3KB - Virtual size: 3KB

DATA Size: 512B - Virtual size: 128B

BSS Size: - Virtual size: 1KB

.idata Size: 1024B - Virtual size: 610B

.edata Size: 512B - Virtual size: 70B

.reloc Size: 512B - Virtual size: 296B

.rsrc Size: 512B - Virtual size:

a96d166ab17e011e8049d87211158ae5

Headers

File Characteristics

Imports

user32

Sections

code Size: 198B - Virtual size: 4KB

IMPORTS Size: 6B - Virtual size: 4KB

imports Size: 82B - Virtual size: 4KB

relocs Size: - Virtual size: 4KB

resource Size: 944B - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 4KB

6c8408bb5d7d5a5b75b9314f94e68763

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 13KB

.rdata Size: 4KB - Virtual size: 253B

.data Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 206B

6c8408bb5d7d5a5b75b9314f94e68763

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 245B

.data Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 216B

CODE
Size: 3KB - Virtual size: 3KB

DATA
Size: 512B - Virtual size: 128B

BSS
Size: - Virtual size: 1KB

.idata
Size: 1024B - Virtual size: 610B

.edata
Size: 512B - Virtual size: 70B

.reloc
Size: 512B - Virtual size: 296B

.rsrc
Size: 512B - Virtual size:

code
Size: 198B - Virtual size: 4KB

IMPORTS
Size: 6B - Virtual size: 4KB

imports
Size: 82B - Virtual size: 4KB

relocs
Size: - Virtual size: 4KB

resource
Size: 944B - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 16KB - Virtual size: 13KB

.rdata
Size: 4KB - Virtual size: 253B

.data
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 206B

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 245B

.data
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 216B