51f83697cbba4afd28a4eac93adebbba73356b52bd91469631f7dc06f906f39b

Sharing

Copy URL Twitter E-mail

General

Target

51f83697cbba4afd28a4eac93adebbba73356b52bd91469631f7dc06f906f39b
Size

684KB
MD5

ddef5c82c29ce3304e256321c292ded8
SHA1

e401393903458c7acb2b958abe76c3a4aa0ae12b
SHA256

51f83697cbba4afd28a4eac93adebbba73356b52bd91469631f7dc06f906f39b
SHA512

65e3de6021b4c9c4b0e329016e38b0cb081b4ae1011fd675b96554f14784db38bc3c8c6bd0c214953bdf712f3d497cc789164a4ac950835e2c216770dcdf66a3
SSDEEP

12288:LArKuDZw6DihgDkdBSFXhgQqr8ZWos/rdCa/hWc/7yCWgX:UO2iuDtXWt8Zw7pW0WgX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/thmouseclick_22.0.0.1/天河鼠标连点器V22.0.0.1/天河鼠标连点器.exe

Files

51f83697cbba4afd28a4eac93adebbba73356b52bd91469631f7dc06f906f39b
.zip
thmouseclick_22.0.0.1/天河鼠标连点器V22.0.0.1/天河鼠标连点器.exe
.exe windows:5 windows x86 arch:x86

90ef3066263370e4c11f2f851ee60090

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\2021开发软件\全部\天河鼠标连点器Load\Release\THmouse.pdb

Imports

kernel32

SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesExA
SystemTimeToTzSpecificLocalTime
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
WriteConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
SetStdHandle
FileTimeToSystemTime
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
FindNextFileA
FindFirstFileExA
GetTimeZoneInformation
GetStringTypeW
GetFileType
LCMapStringW
CompareStringW
GetStdHandle
ExitProcess
HeapQueryInformation
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
RtlUnwind
OutputDebugStringW
GetCPInfo
GetOEMCP
GetVolumeInformationA
GetCurrentProcess
GetFullPathNameA
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GlobalFlags
FormatMessageA
LocalFree
GlobalFree
GlobalGetAtomNameA
GlobalFindAtomA
FindResourceA
lstrcmpW
FreeResource
GetSystemDirectoryW
EncodePointer
MulDiv
GlobalUnlock
GetCurrentProcessId
GlobalAddAtomA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CompareStringA
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
FindResourceW
SizeofResource
LockResource
LoadResource
LoadLibraryExW
GetModuleFileNameA
GetVersionExA
GetCurrentThread
GetCurrentThreadId
LoadLibraryW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
SetLastError
OutputDebugStringA
GetACP
WideCharToMultiByte
MultiByteToWideChar
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
HeapSize
HeapReAlloc
DecodePointer
CloseHandle
WriteFile
CreateThread
IsBadReadPtr
LoadLibraryA
GetProcessHeap
HeapFree
HeapAlloc
VirtualProtect
VirtualFree
VirtualAlloc
CreateFileW
GetProcAddress
FreeLibrary

user32

ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
LoadIconA
GetWindow
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowRect
GetWindowTextA
RemovePropA
GetPropA
SetPropA
GetScrollPos
RedrawWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
GetMenuItemCount
GetMenuItemID
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPos
DestroyWindow
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
SendMessageA
IsIconic
EnableWindow
GetSystemMetrics
RegisterWindowMessageA
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
UnhookWindowsHookEx
GetLastActivePopup
SetWindowTextA
IsDialogMessageA
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetDesktopWindow
GetSubMenu
DrawIcon
GetClientRect
LoadIconW
UnregisterClassA
SendDlgItemMessageA
SetRectEmpty
OffsetRect
GetParent
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
LoadBitmapW
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
PostMessageA
PostQuitMessage
SetCursor
IsWindowEnabled
MessageBoxA
GetWindowLongA
RealChildWindowFromPoint
GetSysColorBrush
LoadCursorA
SetTimer
KillTimer
InvalidateRect
CharUpperA
DestroyMenu
IsWindow
GetWindowThreadProcessId

gdi32

GetStockObject
PtVisible
RectVisible
RestoreDC
SaveDC
SelectObject
SetBkColor
SetMapMode
SetTextColor
GetDeviceCaps
GetObjectA
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetClipBox
Escape
DeleteObject
DeleteDC
CreateBitmap

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathFindExtensionA

ole32

CoTaskMemFree
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize

oleaut32

VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 185KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 546KB - Virtual size: 556KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
thmouseclick_22.0.0.1/天河鼠标连点器V22.0.0.1/天河鼠标连点器使用说明.txt
软件说明.txt

Sharing

General

Malware Config

Signatures

Files

90ef3066263370e4c11f2f851ee60090

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shlwapi

ole32

oleaut32

oleacc

Sections

.text Size: 185KB - Virtual size: 184KB

.rdata Size: 62KB - Virtual size: 62KB

.data Size: 546KB - Virtual size: 556KB

.rsrc Size: 17KB - Virtual size: 20KB

.reloc Size: 14KB - Virtual size: 14KB

.text
Size: 185KB - Virtual size: 184KB

.rdata
Size: 62KB - Virtual size: 62KB

.data
Size: 546KB - Virtual size: 556KB

.rsrc
Size: 17KB - Virtual size: 20KB

.reloc
Size: 14KB - Virtual size: 14KB