3a398f7938dc2428d41d1acbf86cf42bd96404fa6026585a5ffa7df80dd40194

Sharing

Copy URL Twitter E-mail

General

Target

3a398f7938dc2428d41d1acbf86cf42bd96404fa6026585a5ffa7df80dd40194
Size

10.0MB
MD5

34ff6b538e69b15fd1d0d2e621d458e4
SHA1

dea2f7dee03ac0be598f624b33dd8d1791010561
SHA256

3a398f7938dc2428d41d1acbf86cf42bd96404fa6026585a5ffa7df80dd40194
SHA512

ec40155689c9e38d0edf8d51518716e2cf9a2a3239681b46fc6b181fb72146f843c029f9cd992961aaa2d91b120362d44296a4f9e81518b7e5b6b83cc20957ee
SSDEEP

196608:GRfW8QY+HtZFfDn9RFUMXJAnsCjqZOGFSMpx2J99evjgeUiWnWvCll+Yb+O5QDZk:Gfd3+NX9RlKvq9vpaPmMViWnWkMDO5QC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a398f7938dc2428d41d1acbf86cf42bd96404fa6026585a5ffa7df80dd40194

Files

3a398f7938dc2428d41d1acbf86cf42bd96404fa6026585a5ffa7df80dd40194
.exe windows:5 windows x86 arch:x86

24bdabd46b7cce338d89298646c680f5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\funiujiasuqi_3.0\CustomInstall\Bin\勿动!!!原始安装包.pdb

Imports

kernel32

WriteConsoleA
CreateFileA
GetStringTypeW
GetStringTypeA
FlushFileBuffers
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetHandleCount
GetFileType
SetStdHandle
GetConsoleMode
GetConsoleCP
LCMapStringA
LCMapStringW
IsValidCodePage
UnmapViewOfFile
GetCurrentDirectoryW
SetFileTime
CreateEventA
FindNextFileW
GetModuleHandleA
FindClose
GlobalUnlock
CreateFileW
GetTimeZoneInformation
ReadFile
GlobalAlloc
GetConsoleOutputCP
GlobalLock
CreateDirectoryW
SetFilePointer
FindFirstFileW
GetFileSize
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
TerminateProcess
OutputDebugStringW
GetOEMCP
CompareStringW
VirtualFree
HeapCreate
GetModuleFileNameA
GetStdHandle
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
RtlUnwind
GetStartupInfoA
GetCurrentProcess
Sleep
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
CreateSemaphoreA
GetFileAttributesExW
ResetEvent
SetEvent
WaitForSingleObject
GetCurrentProcessId
GetFileAttributesW
GetLocalTime
GetTickCount
SystemTimeToFileTime
WriteConsoleW
SetEndOfFile
WriteFile
CompareStringA
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetSystemTimeAsFileTime
WritePrivateProfileStringW
GetModuleFileNameW
VirtualAlloc
GetModuleHandleW
GetProcAddress
lstrlenW
GetLastError
CloseHandle
TerminateThread
LeaveCriticalSection
EnterCriticalSection
GetSystemDirectoryW
DeleteCriticalSection
InitializeCriticalSection
ExitProcess
LockResource
SizeofResource
FreeResource
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LoadResource
FindResourceW
DeleteFileW
SetEnvironmentVariableA
GetCPInfo
LoadLibraryW
GetACP
MulDiv
InterlockedIncrement
InterlockedDecrement
RaiseException
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
ExitThread
GetCurrentThreadId
CreateThread

user32

GetWindowTextLengthW
SetWindowTextW
DestroyWindow
MoveWindow
MonitorFromWindow
IsWindow
GetMonitorInfoW
KillTimer
SetTimer
SetWindowRgn
GetWindowRect
IsIconic
TrackPopupMenu
AppendMenuW
CreatePopupMenu
GetCursorPos
SetForegroundWindow
BringWindowToTop
GetClientRect
ScreenToClient
SetWindowLongW
GetWindowLongW
PostMessageW
SetWindowPos
ShowWindow
FindWindowW
ReleaseDC
GetWindowTextW
GetDC
SendMessageW
GetKeyState
GetFocus
PtInRect
CreateWindowExW
MapWindowPoints
IntersectRect
IsWindowVisible
GetUpdateRect
IsRectEmpty
EndPaint
BeginPaint
SetFocus
GetParent
GetWindow
GetActiveWindow
UnionRect
InvalidateRect
DispatchMessageW
TranslateMessage
GetMessageW
SetCapture
ReleaseCapture
CharNextW
DefWindowProcW
PostQuitMessage
EnableWindow
LoadImageW
GetSystemMetrics
RegisterClassW
LoadCursorW
RegisterClassExW
GetClassInfoExW
CallWindowProcW
GetPropW
SetPropW
OffsetRect
wvsprintfW
SetCursor
FillRect
DrawTextW
CharPrevW
SetRect
CreateCaret
HideCaret
ShowCaret
SetCaretPos
GetCaretPos
ClientToScreen
GetSysColor
GetCaretBlinkTime
InvalidateRgn
CreateAcceleratorTableW
GetGUIThreadInfo

gdi32

SetBkColor
GdiFlush
GetDeviceCaps
CreatePatternBrush
CombineRgn
GetCharABCWidthsW
GetTextExtentPoint32W
TextOutW
StretchBlt
SetTextColor
RoundRect
CreatePenIndirect
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
SelectClipRgn
GetObjectA
GetTextMetricsW
CreateCompatibleBitmap
SaveDC
BitBlt
RestoreDC
Rectangle
SetWindowOrgEx
GetStockObject
CreateFontIndirectW
CreatePen
MoveToEx
LineTo
SetStretchBltMode
SetBkMode
CreateSolidBrush
DeleteDC
CreateDIBSection
SelectObject
CreateCompatibleDC
GetObjectW
DeleteObject
CreateRoundRectRgn

advapi32

RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegDeleteKeyW
RegEnumKeyExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegDeleteValueW
RegSetValueExW

shell32

SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderPathW
ShellExecuteW

ole32

CoInitialize
CLSIDFromString
CLSIDFromProgID
OleLockRunning
CreateStreamOnHGlobal
CoUninitialize
CoCreateInstance

oleaut32

VariantInit
SysAllocString
VariantClear
SysFreeString

gdiplus

GdipDeleteFont
GdipLoadImageFromStreamICM
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipAlloc
GdipCreateBitmapFromScan0
GdipFree
GdiplusShutdown
GdipLoadImageFromStream
GdipImageSelectActiveFrame
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipGetImageWidth
GdipGetImageHeight
GdipGetFamily
GdipSetSolidFillColor
GdipDeleteGraphics
GdipDeleteStringFormat
GdipDeleteBrush
GdipDrawString
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipCreateStringFormat
GdipSetTextRenderingHint
GdipCreateFromHDC
GdipCloneBrush
GdipCreateSolidFill
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFontFamily
GdipDrawImage
GdipGraphicsClear
GdipDrawImageRectI
GdipSetPixelOffsetMode
GdipSetInterpolationMode
GdipSetCompositingQuality
GdipSetSmoothingMode
GdipGetImageGraphicsContext
GdipCreateLineBrushI

shlwapi

wnsprintfW
PathIsDirectoryW

comctl32

_TrackMouseEvent
ord17

imm32

ImmSetCompositionWindow
ImmSetCompositionFontW
ImmReleaseContext
ImmGetContext

Sections

.text
Size: 614KB - Virtual size: 613KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26.4MB - Virtual size: 26.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24bdabd46b7cce338d89298646c680f5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

gdiplus

shlwapi

comctl32

imm32

Sections

.text Size: 614KB - Virtual size: 613KB

.rdata Size: 101KB - Virtual size: 100KB

.data Size: 17KB - Virtual size: 25KB

.rsrc Size: 26.4MB - Virtual size: 26.4MB

.reloc Size: 30KB - Virtual size: 30KB

.text
Size: 614KB - Virtual size: 613KB

.rdata
Size: 101KB - Virtual size: 100KB

.data
Size: 17KB - Virtual size: 25KB

.rsrc
Size: 26.4MB - Virtual size: 26.4MB

.reloc
Size: 30KB - Virtual size: 30KB