d56eabb3d1152727470ff2a2b18d100ae6957ec09a057f7385cdefeb99fd1a7f

Sharing

Copy URL

Twitter E-mail

General

Target

d56eabb3d1152727470ff2a2b18d100ae6957ec09a057f7385cdefeb99fd1a7f
Size

3.3MB
MD5

c752a12dd5123422a11f505412a5f348
SHA1

e8ef30a8a1d4859e2e2338a17923d7a84a35116e
SHA256

d56eabb3d1152727470ff2a2b18d100ae6957ec09a057f7385cdefeb99fd1a7f
SHA512

5106c89e1705d1d5ec11d63784096ac2e94837374f416c0a370ffbfa4acaac68eb6921ffacd079096efd3aafca8a10dbcbb22c88fae615b8b9c71ce323740471
SSDEEP

98304:EIKxcnw+kDhCJrgkuVoOxHd+WjVrFLOAkGkzdnEVomFHKnP:EwshVxHd+wrFLOyomFHKnP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d56eabb3d1152727470ff2a2b18d100ae6957ec09a057f7385cdefeb99fd1a7f

Files

d56eabb3d1152727470ff2a2b18d100ae6957ec09a057f7385cdefeb99fd1a7f
.exe windows:5 windows x86 arch:x86

d4918b6da13c8755ca407385e8bb554e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\work_space\project\dexun\证券数据终端\开发库\client\ComputerTool\ComputerTool\Release\ComputerTool.pdb

Imports

kernel32

GetConsoleMode
ReadConsoleW
SetFilePointerEx
LCMapStringW
OutputDebugStringW
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
GetStdHandle
IsValidCodePage
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
HeapQueryInformation
IsProcessorFeaturePresent
IsDebuggerPresent
ExitThread
FindResourceA
CreateThread
VirtualQuery
VirtualAlloc
GetSystemInfo
GetModuleHandleExW
GetConsoleCP
RtlUnwind
GetCommandLineA
FindResourceExW
GetWindowsDirectoryA
SearchPathA
GetProfileIntA
Sleep
VirtualProtect
GetTempFileNameA
GetTempPathA
GetTickCount
GetFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
SetErrorMode
GetCPInfo
GetOEMCP
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
GetTimeZoneInformation
GetStringTypeW
ExitProcess
ReadFile
LockFile
GetFullPathNameA
FlushFileBuffers
FindFirstFileA
FindClose
FileTimeToSystemTime
GetACP
GetFileSize
GetFileAttributesA
CreateFileA
VerifyVersionInfoA
lstrcpyA
VerSetConditionMask
GetThreadLocale
DeleteFileA
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryA
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetSystemDirectoryW
EncodePointer
GlobalAddAtomA
ResumeThread
SetThreadPriority
WaitForSingleObject
CloseHandle
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalSize
GetCurrentProcessId
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
LoadLibraryW
LoadLibraryA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
SetLastError
OutputDebugStringA
CompareStringA
MultiByteToWideChar
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetModuleFileNameA
FreeLibrary
GetVersionExA
GetCurrentThreadId
GetCurrentThread
DeleteCriticalSection
DecodePointer
EnterCriticalSection
HeapSize
RaiseException
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
FindResourceW
WideCharToMultiByte
FreeResource
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
LockResource
GetLastError
LoadResource
SizeofResource

user32

GetWindowRgn
HideCaret
InvertRect
GetKeyboardState
GetKeyboardLayout
RegisterClipboardFormatA
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
UpdateLayeredWindow
GetUpdateRect
SetClassLongA
DestroyAcceleratorTable
ModifyMenuA
IsMenu
SetMenuDefaultItem
GetMenuDefaultItem
CopyIcon
GetIconInfo
GetDoubleClickTime
EnableScrollBar
LockWindowUpdate
CreatePopupMenu
BringWindowToTop
UnionRect
SetCursorPos
NotifyWinEvent
LoadMenuW
GetAsyncKeyState
CharUpperA
IsZoomed
TrackMouseEvent
LoadImageW
LoadImageA
DestroyIcon
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
MonitorFromPoint
SetParent
EnumDisplayMonitors
SetRectEmpty
SetLayeredWindowAttributes
MessageBeep
GetNextDlgGroupItem
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableA
CharNextA
KillTimer
SetTimer
RealChildWindowFromPoint
DeleteMenu
CopyImage
LoadCursorW
LoadCursorA
WindowFromPoint
ReleaseCapture
WaitMessage
SystemParametersInfoA
GetMenuItemInfoA
DestroyMenu
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
GetTopWindow
GetClassLongA
EqualRect
CopyRect
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
GetScrollRange
SetScrollRange
ScrollWindow
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
IsDialogMessageA
SetWindowLongA
SetWindowTextA
GetDlgCtrlID
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
SetFocus
GetClassNameA
InvalidateRect
UpdateWindow
SetCursor
ShowOwnedPopups
ValidateRect
GetKeyState
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
PtInRect
GetCursorPos
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
RemoveMenu
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
GetLastActivePopup
GetWindowThreadProcessId
DestroyCursor
CreateMenu
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
MapVirtualKeyExA
IsCharLowerA
PostThreadMessageA
IsClipboardFormatAvailable
FrameRect
GetDesktopWindow
GetWindowLongA
CharUpperBuffA
SubtractRect
GetKeyNameTextA
CreateAcceleratorTableA
LoadAcceleratorsW
MapVirtualKeyA
ShowScrollBar
ToAsciiEx
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
IsWindow
DrawIconEx
IsRectEmpty
OffsetRect
InflateRect
FillRect
DrawFocusRect
GetSysColorBrush
GetSysColor
MapWindowPoints
GetWindowRect
RedrawWindow
SetWindowRgn
DrawStateA
IsWindowVisible
DrawFrameControl
DrawEdge
RegisterWindowMessageA
MapDialogRect
GetWindow
GetParent
SetWindowContextHelpId
SetWindowPos
PostQuitMessage
PostMessageA
UnregisterClassA
EnableWindow
MessageBoxA
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
SendMessageA
AppendMenuA
GetSystemMenu
GetFocus
LoadIconW
SetCapture

gdi32

GetObjectA
MoveToEx
TextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
GetRgnBox
GetMapMode
SetRectRgn
DPtoLP
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
Rectangle
OffsetRgn
RoundRect
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExA
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
SetPixelV
GetTextFaceA
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SetBkColor
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
CreatePalette
DeleteDC
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreatePatternBrush
CreatePen
CreateCompatibleDC
CreateBitmap
BitBlt
GetDeviceCaps
CreateDCA
CopyMetaFileA
GetTextMetricsA
Polyline
Polygon
CreatePolygonRgn
ExtTextOutA
PatBlt
GetTextExtentPoint32A
GetTextColor
GetBkColor
Ellipse
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreateHatchBrush
CreateEllipticRgn
CombineRgn
SetBkMode

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegEnumKeyA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegCloseKey
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA

shell32

DragFinish
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetDesktopFolder
SHAppBarMessage
ShellExecuteA
SHGetMalloc
DragQueryFileA
SHGetFileInfoA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
StrFormatKBSizeA
PathFindExtensionA
PathRemoveFileSpecW

uxtheme

GetThemeColor
GetWindowTheme
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemePartSize
DrawThemeParentBackground
GetCurrentThemeName
IsAppThemed
DrawThemeText

ole32

OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoDisconnectObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
CreateStreamOnHGlobal
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoRegisterMessageFilter
CoRevokeClassObject
CoInitializeEx
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemFree
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop

oleaut32

SysAllocStringLen
VarBstrFromDate
VariantCopy
LoadTypeLi
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocString
OleCreateFontIndirect
VariantChangeType
VariantClear
VariantInit
SysAllocStringByteLen
SysFreeString

oledlg

ord8

gdiplus

GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipDrawImageRectI
GdipDeleteGraphics
GdipCreateFromHDC
GdipCloneImage
GdipAlloc
GdipFree
GdipLoadImageFromStream
GdiplusShutdown
GdiplusStartup
GdipSetInterpolationMode

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4918b6da13c8755ca407385e8bb554e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 315KB - Virtual size: 314KB

.data Size: 25KB - Virtual size: 54KB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.reloc Size: 119KB - Virtual size: 119KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 315KB - Virtual size: 314KB

.data
Size: 25KB - Virtual size: 54KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

.reloc
Size: 119KB - Virtual size: 119KB