详情系统[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

详情系统.exe
Size

2.5MB
MD5

cac20a183ef9a5b197b35fdb2909eff9
SHA1

211c850a88b18a012f36e2917cee758e26b88422
SHA256

845a305853710ebae7daeb42a7bd3638af0b0d62ed6b28cab345464e07ae6208
SHA512

0315f0b8d0838b9e3e572e63f4a1bccb35fd5c22f9824124661179b9c6e72be5bfacc0f410033e025e23c840add866c22d8fecf870bb7dcb035b420ffc768c77
SSDEEP

49152:YBkKZL6TWr4ukkiJpzqk9vMF2MFpuEAAWiQfIJ7DI:kkK3cukouE3UIt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
详情系统.exe

Files

详情系统.exe
.exe windows:5 windows x64 arch:x64

d12867a0b60cc47e159988528cef4b56

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetFileAttributesW
GetFileSize
CreateFileW
GetCurrentDirectoryW
lstrcmpA
lstrlenA
CompareStringA
GetLocaleInfoW
GetSystemDefaultUILanguage
ConvertDefaultLocale
GlobalFindAtomW
GetCurrentThread
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
SetThreadPriority
ResumeThread
SystemTimeToFileTime
ReplaceFileW
SetFileTime
GetFileTime
GetTempFileNameW
GetFullPathNameW
GetDiskFreeSpaceW
LocalAlloc
TlsGetValue
InitializeCriticalSection
TlsAlloc
GlobalHandle
TlsSetValue
LocalReAlloc
ReleaseActCtx
GlobalFlags
GetProfileIntW
SearchPathW
SetFilePointer
GetTempPathW
GetStringTypeExW
GetThreadLocale
lstrcmpiW
DeleteFileW
ReadFile
WriteFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileW
GetVolumeInformationW
GetShortPathNameW
VirtualProtect
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesExW
LocalFileTimeToFileTime
GetFileSizeEx
GetWindowsDirectoryW
GetNumberFormatW
FindResourceExW
GlobalReAlloc
RtlLookupFunctionEntry
RtlUnwindEx
RaiseException
RtlPcToFileHeader
ExitThread
DecodePointer
EncodePointer
GetStartupInfoW
SetThreadStackGuarantee
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
HeapReAlloc
ExitProcess
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
TerminateProcess
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
GetStdHandle
HeapSetInformation
GetVersion
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
WriteConsoleW
SetEnvironmentVariableA
GlobalDeleteAtom
GetVersionExW
FreeLibrary
CompareStringW
lstrcmpW
GetCurrentProcessId
GlobalGetAtomNameW
GlobalAddAtomW
ActivateActCtx
DeactivateActCtx
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
LocalFree
MulDiv
lstrcpyW
MultiByteToWideChar
FreeResource
GetCommandLineA
GetModuleHandleW
GetConsoleWindow
CreateThread
GetModuleFileNameW
GetTickCount
MoveFileW
LoadResource
LockResource
SizeofResource
FindResourceW
OpenProcess
GetExitCodeProcess
WriteProcessMemory
VirtualAlloc
TryEnterCriticalSection
SetWaitableTimer
CreateWaitableTimerW
ResetEvent
lstrlenW
WideCharToMultiByte
CancelIo
CreateEventW
SetLastError
GetCurrentThreadId
SwitchToThread
GetLastError
FormatMessageW
SetEvent
WaitForSingleObject
Sleep
CloseHandle
CreateEventA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
HeapDestroy
HeapCreate
HeapFree
HeapAlloc
LoadLibraryW
GetProcAddress
GetUserDefaultUILanguage
VirtualFree

user32

KillTimer
SetCapture
LoadCursorW
MessageBeep
GetCursorPos
CharUpperW
GetIconInfo
CopyImage
DrawFrameControl
GetMenuItemInfoW
IsMenu
DrawStateW
FillRect
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
ValidateRect
LockWindowUpdate
DrawEdge
DrawFocusRect
GetSysColorBrush
DrawIconEx
CharUpperBuffW
UnionRect
EnableScrollBar
UpdateLayeredWindow
MonitorFromPoint
GetMessageW
PostQuitMessage
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatW
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
PostThreadMessageW
WaitMessage
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
SetRect
EnumDisplayMonitors
SetLayeredWindowAttributes
SetCursorPos
RealChildWindowFromPoint
GetKeyNameTextW
MapVirtualKeyW
SetMenuDefaultItem
IsClipboardFormatAvailable
CopyAcceleratorTableW
FrameRect
GetUpdateRect
GetMenuDefaultItem
CopyIcon
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableW
SubtractRect
GetDoubleClickTime
GetNextDlgGroupItem
DestroyCursor
EnumChildWindows
CharNextW
InvalidateRgn
DrawIcon
InvertRect
HideCaret
CreateMenu
GetWindowRgn
IsCharLowerW
MapVirtualKeyExW
GetTabbedTextExtentW
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
IsChild
SetWindowsHookExW
CallNextHookEx
SetPropW
GetPropW
RemovePropW
GetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
BeginDeferWindowPos
SetTimer
GetWindowLongPtrW
SetWindowLongPtrW
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
MessageBoxW
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
PtInRect
SetWindowPlacement
GetWindowPlacement
DefWindowProcW
CallWindowProcW
GetClassNameW
GetSysColor
UnpackDDElParam
ReuseDDElParam
LoadMenuW
DestroyMenu
WinHelpW
SetWindowPos
LoadImageW
DestroyIcon
SetFocus
GetWindowThreadProcessId
GetActiveWindow
IsWindowEnabled
EqualRect
GetDlgItem
SetWindowLongW
GetDlgCtrlID
GetKeyState
LoadIconW
SetCursor
ReleaseCapture
LoadAcceleratorsW
SetActiveWindow
InvalidateRect
InsertMenuItemW
CreatePopupMenu
GetClassInfoW
IntersectRect
GetMenu
GetLastActivePopup
BringWindowToTop
SetMenu
GetDesktopWindow
GetWindowLongW
TranslateAcceleratorW
IsWindow
DestroyWindow
GetSystemMetrics
GetClassLongPtrW
SetForegroundWindow
SetParent
GetParent
GetTopWindow
GetCapture
RedrawWindow
IsWindowVisible
GetClientRect
GetWindowRect
SetWindowRgn
IsZoomed
IsIconic
PostMessageW
SendMessageW
OffsetRect
SetRectEmpty
IsRectEmpty
CopyRect
GetWindow
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
GetInputState
PostThreadMessageA
ShowWindow
UpdateWindow
EnableWindow
ClientToScreen
GetSystemMenu
DeleteMenu
InflateRect
DestroyAcceleratorTable
SetClassLongPtrW
SystemParametersInfoW
GetAsyncKeyState
NotifyWinEvent
WindowFromPoint
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
EndDeferWindowPos
CheckDlgButton
CheckMenuItem

advapi32

RegCloseKey
RegDeleteValueW
RegSetValueW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
SetFileSecurityW
GetFileSecurityW
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegCreateKeyW
RegQueryValueExW
RegSetValueExW

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetImageCount
ImageList_GetIconSize
ImageList_Create
ImageList_GetIcon
ImageList_ReplaceIcon
InitCommonControlsEx
ImageList_Destroy
ImageList_DrawEx

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW

oledlg

OleUIBusyW

gdiplus

GdipGetImageGraphicsContext
GdipDrawImageI
GdipBitmapLockBits
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits

ws2_32

connect
closesocket
WSACleanup
WSAStartup
WSAIoctl
setsockopt
gethostbyname
socket
recv
htons
WSASetLastError
WSACloseEvent
shutdown
WSAResetEvent
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
WSACreateEvent
WSAEventSelect
WSAGetLastError
send
select

winmm

timeGetTime
PlaySoundW

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

gdi32

ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
CreatePatternBrush
GetObjectType
CreateFontIndirectW
DPtoLP
StartPage
CopyMetaFileW
CreateDCW
CreateCompatibleDC
DeleteDC
SelectObject
GetObjectW
DeleteObject
CreateDIBSection
CreateCompatibleBitmap
SetTextColor
SetBkColor
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutW
RectVisible
PtVisible
CreateBitmap
CreatePen
CreateRoundRectRgn
StartDocW
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
SetLayout
GetLayout
PatBlt
GetTextExtentPoint32W
GetTextMetricsW
SetDIBColorTable
BitBlt
GetDIBits
RealizePalette
SelectPalette
GetStockObject
CreateRectRgn
CombineRgn
StretchBlt
GetPixel
SetPixel
CreateSolidBrush
CreateHatchBrush
CreateRectRgnIndirect
CreateEllipticRgn
CreatePolygonRgn
GetBkColor
GetTextColor
Polyline
Ellipse
Polygon
ExtTextOutW
RoundRect
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
GetDeviceCaps
SetPixelV
GetTextFaceW
GetTextAlign
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetNearestColor
EnumFontFamiliesExW
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetSystemPaletteEntries
GetNearestPaletteIndex
SetROP2
SetStretchBltMode
EndPage
SetAbortProc
AbortDoc
EndDoc
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetRectRgn
GetMapMode
GetCharWidthW
OffsetRgn
GetRgnBox
Rectangle
CreatePalette
GetPaletteEntries
ExtFloodFill
SetPaletteEntries
GetViewportOrgEx
LPtoDP
GetWindowOrgEx

winspool.drv

ClosePrinter
OpenPrinterW
GetJobW
DocumentPropertiesW

comdlg32

GetFileTitleW

shell32

DragFinish
SHAppBarMessage
ShellExecuteW
SHGetFileInfoW
SHAddToRecentDocs
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
ExtractIconW
DragQueryFileW

ole32

CoRevokeClassObject
CoRegisterMessageFilter
CoInitializeEx
OleGetClipboard
OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
StgCreateDocfileOnILockBytes
CoGetClassObject
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoInitialize
CoCreateInstance
CoUninitialize
OleInitialize
CoTaskMemFree
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
CreateStreamOnHGlobal
OleDuplicateData
StringFromCLSID
CoTaskMemAlloc
ReleaseStgMedium

oleaut32

SysFreeString
SysAllocString
SysStringLen
VariantCopy
VariantInit
SafeArrayDestroy
VariantChangeType
VariantClear
SysAllocStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
OleCreateFontIndirect

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 614KB - Virtual size: 613KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 632B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d12867a0b60cc47e159988528cef4b56

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

msimg32

comctl32

shlwapi

oledlg

gdiplus

ws2_32

winmm

oleacc

imm32

gdi32

winspool.drv

comdlg32

shell32

ole32

oleaut32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 614KB - Virtual size: 613KB

.data Size: 38KB - Virtual size: 96KB

.pdata Size: 89KB - Virtual size: 88KB

text Size: 3KB - Virtual size: 2KB

data Size: 2KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 632B

.reloc Size: 78KB - Virtual size: 78KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 614KB - Virtual size: 613KB

.data
Size: 38KB - Virtual size: 96KB

.pdata
Size: 89KB - Virtual size: 88KB

text
Size: 3KB - Virtual size: 2KB

data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 632B

.reloc
Size: 78KB - Virtual size: 78KB