73eb2588d1916b73d51788f00e6bb15df5e755b7c3134144b811633d530d164d

Sharing

Copy URL Twitter E-mail

General

Target

73eb2588d1916b73d51788f00e6bb15df5e755b7c3134144b811633d530d164d
Size

4.3MB
MD5

a5719ced1e5192d3820eba88aabfcff6
SHA1

0759d092769c34682c67a0138e899be5201d7715
SHA256

73eb2588d1916b73d51788f00e6bb15df5e755b7c3134144b811633d530d164d
SHA512

2a697b5fd3659cb34246ee0d57209d3405a018baac9b332348cd379a68f633e93c06bcb6dad37913ce667c4f410d7413c6b54e7dc59cdf726819de1ce4994941
SSDEEP

98304:hXVPkNIopaKjKRRcJykhuAFLOAkGkzdnEVomFHKnPG:QNtAqycFLOyomFHKnPG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73eb2588d1916b73d51788f00e6bb15df5e755b7c3134144b811633d530d164d

Files

73eb2588d1916b73d51788f00e6bb15df5e755b7c3134144b811633d530d164d
.exe windows:6 windows x64 arch:x64

56ff3b48f158d1b36d3c06aa0ee0576e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Administrator\Desktop\C盾C++网络验证例子1\x64\Release\registerlogin.pdb

Imports

kernel32

GetConsoleMode
GetConsoleOutputCP
GetTimeZoneInformation
LCMapStringW
GetStdHandle
GetFileType
SetStdHandle
VirtualQuery
FindFirstFileExW
GetOEMCP
QueryPerformanceFrequency
HeapQueryInformation
GetCommandLineW
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
CreateThread
ExitProcess
RtlUnwindEx
RtlPcToFileHeader
OutputDebugStringW
SetFilePointerEx
FindNextFileW
IsValidCodePage
VirtualAlloc
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
WriteConsoleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
GetACP
RtlCaptureContext
WaitForSingleObjectEx
ResetEvent
GetTempFileNameW
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
Sleep
GetProfileIntW
GetTickCount
SearchPathW
GetWindowsDirectoryW
FindResourceExW
GetFileAttributesW
GetTempPathW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
DeleteFileW
GetCurrentDirectoryW
GetThreadLocale
FileTimeToSystemTime
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalGetAtomNameW
InitializeCriticalSection
GlobalFlags
InitializeCriticalSectionAndSpinCount
VerifyVersionInfoW
lstrcpyW
VerSetConditionMask
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetVersionExW
GetCurrentThread
ResumeThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
CloseHandle
GetCurrentProcessId
WideCharToMultiByte
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalSize
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
CompareStringW
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleExW
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
SetLastError
EncodePointer
OutputDebugStringA
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
GetLastError
RaiseException
DecodePointer
FindResourceW
SizeofResource
GetPrivateProfileIntA
LockResource
LoadResource
LoadLibraryW
GetProcAddress
OpenProcess
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
GetSystemInfo

user32

IntersectRect
GetAsyncKeyState
CopyImage
RealChildWindowFromPoint
SendDlgItemMessageA
GetMenuItemInfoW
DestroyMenu
DrawIconEx
IsRectEmpty
OffsetRect
InflateRect
DrawFocusRect
SetWindowRgn
DrawFrameControl
DrawEdge
EnumDisplayMonitors
SystemParametersInfoW
LoadCursorW
SetRectEmpty
GetSysColorBrush
SetLayeredWindowAttributes
MapVirtualKeyW
GetKeyNameTextW
MapDialogRect
SetWindowContextHelpId
SetCursor
ShowOwnedPopups
PostQuitMessage
TranslateMessage
GetMessageW
InvalidateRect
DrawStateW
GetCursorPos
FillRect
ClientToScreen
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
RemoveMenu
InsertMenuW
GetMenuState
GetMenuStringW
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
SetDlgItemTextW
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
GetWindowLongW
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
IsZoomed
CharUpperW
SetCapture
LockWindowUpdate
SetClassLongPtrW
OpenClipboard
wsprintfA
CloseClipboard
SetActiveWindow
UpdateWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
ReleaseCapture
SetTimer
KillTimer
LoadMenuW
DeleteMenu
MessageBeep
WindowFromPoint
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
DeferWindowPos
BeginDeferWindowPos
MonitorFromPoint
DestroyIcon
WaitMessage
CharNextW
CopyAcceleratorTableW
InvalidateRgn
SetRect
TrackMouseEvent
SendMessageW
SetDlgItemTextA
GetDlgItemTextA
EnableWindow
MessageBoxA
MessageBoxW
FindWindowW
GetWindowThreadProcessId
IsIconic
GetSystemMetrics
GetSystemMenu
AppendMenuW
DrawIcon
GetClientRect
GetWindowRect
SetParent
UnregisterClassW
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
GetParent
LoadBitmapW
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
GetMessagePos
GetMessageTime
PostMessageW
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
BringWindowToTop
GetClassInfoExW
CreateWindowExW
IsWindow
IsMenu
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
SetClipboardData
EmptyClipboard
LoadImageW
GetDoubleClickTime
GetIconInfo
CopyIcon
ModifyMenuW
GetUpdateRect
RegisterClipboardFormatW
CharUpperBuffW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
FrameRect
PostThreadMessageW
IsCharLowerW
MapVirtualKeyExW
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsClipboardFormatAvailable
SubtractRect
CreateMenu
GetComboBoxInfo
HideCaret
InvertRect
DestroyCursor
GetWindowRgn
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
GetNextDlgGroupItem

gdi32

GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
CreateCompatibleBitmap
CreateDIBitmap
ExcludeClipRect
EnumFontFamiliesW
GetTextCharsetInfo
GetTextMetricsW
CombineRgn
CreateEllipticRgn
Ellipse
GetBkColor
GetTextColor
GetTextExtentPoint32W
CreatePolygonRgn
Polygon
Polyline
GetMapMode
SetRectRgn
DPtoLP
CreateRoundRectRgn
CreateDIBSection
GetRgnBox
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
Rectangle
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
EnumFontFamiliesExW
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceW
Escape
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
BitBlt
GetDeviceCaps
CreateDCW
CopyMetaFileW
GetObjectW
SetTextColor
SetBkColor
CreateBitmap
CreateFontIndirectW
CreateCompatibleDC
DeleteDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW

shell32

SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
DragFinish
DragQueryFileW
ShellExecuteW
SHAppBarMessage
SHGetFileInfoW

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW
PathIsUNCW
PathRemoveFileSpecW
PathStripToRootW
StrFormatKBSizeW
PathFindExtensionW

uxtheme

GetWindowTheme
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetThemeSysColor
GetCurrentThemeName
DrawThemeText
GetThemePartSize

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleLockRunning
IsAccelerator
OleGetClipboard
StgCreateDocfileOnILockBytes
CoLockObjectExternal
OleTranslateAccelerator
RegisterDragDrop
RevokeDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoInitializeEx
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

OleCreateFontIndirect
VarBstrFromDate
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocString
SystemTimeToVariantTime

oledlg

OleUIBusyW

gdiplus

GdipCreateBitmapFromScan0
GdipDrawImageI
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipBitmapLockBits
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetInterpolationMode
GdipBitmapUnlockBits

ws2_32

closesocket
WSACleanup
send
connect
socket
inet_pton
htons
WSAStartup
recv

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 606KB - Virtual size: 605KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56ff3b48f158d1b36d3c06aa0ee0576e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 606KB - Virtual size: 605KB

.data Size: 31KB - Virtual size: 63KB

.pdata Size: 86KB - Virtual size: 85KB

_RDATA Size: 512B - Virtual size: 252B

.rsrc Size: 1.7MB - Virtual size: 1.7MB

.reloc Size: 61KB - Virtual size: 61KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 606KB - Virtual size: 605KB

.data
Size: 31KB - Virtual size: 63KB

.pdata
Size: 86KB - Virtual size: 85KB

_RDATA
Size: 512B - Virtual size: 252B

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

.reloc
Size: 61KB - Virtual size: 61KB