63ca49e70ecb0e379010393b8c7dafb4351186ef9a50e6428f8670986389762b

Sharing

Copy URL Twitter E-mail

General

Target

63ca49e70ecb0e379010393b8c7dafb4351186ef9a50e6428f8670986389762b
Size

1.0MB
MD5

46f1f51976d061145e2fedced66247e8
SHA1

5dc53111015516955f48a12395f76fc0ce155b8c
SHA256

63ca49e70ecb0e379010393b8c7dafb4351186ef9a50e6428f8670986389762b
SHA512

fde89979f19e5fd3a83d77c682097ce9c4895d612d1df57c539ac012952137aa7ec0b434147a86ff2fa82387d076a55cb966a2455e01eceec334c4068daf7ad0
SSDEEP

24576:6sm9D2ky6ui5UYx6gX7ApbmQTGl5hfxHluGSdK9g:7sikru7M7AwQTo/SdK9g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63ca49e70ecb0e379010393b8c7dafb4351186ef9a50e6428f8670986389762b

Files

63ca49e70ecb0e379010393b8c7dafb4351186ef9a50e6428f8670986389762b
.exe windows:5 windows x86 arch:x86

08c0e025eab4b0764273a0f42a606378

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\zhanlue\haozip\bin\Win32\release\pdb\HaoZipCD.pdb

Imports

kernel32

GetACP
MultiByteToWideChar
WideCharToMultiByte
ResumeThread
ReadFile
WriteFile
SetFileTime
SetFilePointer
SetEndOfFile
GetFileSize
GetFileTime
InitializeCriticalSection
LoadLibraryA
HeapFree
OpenProcess
HeapAlloc
LocalFree
GetProcessHeap
LockResource
GetSystemInfo
LoadResource
lstrcmpiW
GetEnvironmentVariableW
lstrcatW
FormatMessageW
FindNextFileW
FindClose
CreateDirectoryW
GetFullPathNameW
GetTempPathW
SetFileAttributesW
DeleteFileW
GetCurrentDirectoryW
GetWindowsDirectoryW
CopyFileW
GetTempFileNameW
MoveFileW
InterlockedExchangeAdd
GetFileSizeEx
QueryDosDeviceW
GetCurrentProcessId
GetLogicalDriveStringsW
GetTickCount
InterlockedExchange
GlobalMemoryStatusEx
TlsGetValue
TlsAlloc
SwitchToThread
GetStringTypeW
CreateFileMappingW
UnmapViewOfFile
GetFileAttributesExW
DeviceIoControl
FileTimeToSystemTime
WriteConsoleW
ReadConsoleW
SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetTimeZoneInformation
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
HeapSize
GetFileType
HeapReAlloc
GetStdHandle
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
SetConsoleCtrlHandler
RtlUnwind
QueryPerformanceCounter
GetStartupInfoW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
CreateFileW
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
OutputDebugStringW
IsDebuggerPresent
GetLongPathNameW
FindFirstFileW
LoadLibraryExW
GetModuleFileNameW
ReleaseMutex
CreateMutexW
Sleep
GetVersionExW
GetCurrentProcess
GetPrivateProfileStringW
ExpandEnvironmentStringsW
LoadLibraryW
GetFileAttributesW
ResetEvent
SetEvent
CreateEventW
WaitForSingleObject
MapViewOfFile
lstrlenW
lstrcpyW
GetVolumeInformationW
WaitForMultipleObjects
GetModuleHandleW
MoveFileExW
FindResourceW
CloseHandle
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
SetLastError
FreeLibrary
DeleteCriticalSection
GetProcAddress
DecodePointer
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
TlsFree
GetSystemTimeAsFileTime
EncodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
TlsSetValue

user32

UnregisterClassW
DialogBoxParamW
SetWindowLongW
LoadIconW
TranslateMessage
PeekMessageW
DispatchMessageW
GetClassLongW
FillRect
IsMenu
CopyRect
DrawStateW
GetSysColor
DrawIconEx
GetMenuItemInfoW
GetMenuItemCount
SetMenuItemInfoW
SystemParametersInfoW
ShowScrollBar
GetDC
SetScrollRange
GetWindow
GetWindowRect
SetWindowPos
MessageBoxW
MonitorFromWindow
EndDialog
GetMonitorInfoW
MapWindowPoints
GetClientRect
GetDlgItem
GetParent
GetWindowLongW
DefWindowProcW
GetMenuState
CallWindowProcW
DestroyWindow
CreateWindowExW
GetSystemMetrics
CreatePopupMenu
RegisterClassExW
TrackPopupMenu
GetSubMenu
IsWindow
SetTimer
DestroyIcon
DestroyMenu
LoadCursorW
GetWindowDC
wsprintfW
CheckMenuItem
AppendMenuW
DrawTextW
SetRect
KillTimer
PostQuitMessage
GetClassInfoExW
RegisterWindowMessageW
SetForegroundWindow
ReleaseDC
GetCursorPos
GetMessageW
SendMessageW
LoadStringW
GetActiveWindow

gdi32

CreateCompatibleDC
GetBkMode
SetTextColor
SetBkMode
CreatePen
SetViewportOrgEx
GetObjectW
CreateCompatibleBitmap
SetBkColor
CreateSolidBrush
GetCurrentObject
ExtTextOutW
GetTextMetricsW
CreateFontIndirectW
SelectObject
GetTextExtentPoint32W
DeleteObject
DeleteDC
BitBlt

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegOpenKeyExW
RegOpenKeyW
RegDeleteValueW
RegCreateKeyW
RegSetValueExW
RegCloseKey
GetUserNameW
RegCreateKeyExW
RegQueryValueExW

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation
Shell_NotifyIconW
ShellExecuteExW
SHGetSpecialFolderPathW
SHGetFolderPathW

ole32

CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize

shlwapi

StrCpyNW

comctl32

ImageList_GetIcon
ImageList_Create
ImageList_Remove
ImageList_ReplaceIcon
ImageList_GetIconSize

Sections

.text
Size: 815KB - Virtual size: 815KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

08c0e025eab4b0764273a0f42a606378

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

comctl32

Sections

.text Size: 815KB - Virtual size: 815KB

.rdata Size: 181KB - Virtual size: 180KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 20KB - Virtual size: 20KB

.reloc Size: 38KB - Virtual size: 37KB

.text
Size: 815KB - Virtual size: 815KB

.rdata
Size: 181KB - Virtual size: 180KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 20KB - Virtual size: 20KB

.reloc
Size: 38KB - Virtual size: 37KB