一键制作[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

一键制作.exe
Size

606KB
MD5

93068674e92167c8417aff9b5dd52192
SHA1

48ce397bcdd30ffab199aaa853a08a2c023b864f
SHA256

c95a8ffcbc6899b2b31b318a6297c6f1f473d31f907f2d8be7e19818f68b5557
SHA512

a5415496e09b1c2865a9c4b9d13be60466122dede6e6cd2941a144d6e35e415e257c1a0acb4d3fda7c2a2f9e6f953fd88fbb34e066a2adf4fef0c53589229f68
SSDEEP

12288:iGoErqYNP84+IX7yA7aaLyvNNEbkUfIdrZWtdx1DYCHp:fNfNP84XryyaNNckUf69W/xdJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
一键制作.exe

Files

一键制作.exe
.exe windows:4 windows x86 arch:x86

3b435ad78248582b5f2e76c3ed46313f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileW
VirtualFree
GetModuleHandleW
GetDiskFreeSpaceExW
LockResource
LoadResource
SizeofResource
FindResourceW
GetDriveTypeW
GetLogicalDriveStringsW
QueryPerformanceFrequency
WinExec
WriteProcessMemory
CreateMutexA
ReleaseMutex
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
ExpandEnvironmentStringsW
GetCurrentThreadId
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetFullPathNameW
FormatMessageA
DeviceIoControl
DefineDosDeviceW
WaitNamedPipeW
FlushFileBuffers
GlobalMemoryStatus
VirtualAlloc
GlobalMemoryStatusEx
MoveFileW
GetProcessTimes
SleepEx
SetCurrentDirectoryW
FormatMessageW
QueryDosDeviceW
LoadLibraryExW
SetFilePointerEx
SetSystemPowerState
FileTimeToSystemTime
SystemTimeToFileTime
GetFileAttributesExW
InitializeCriticalSection
DeleteCriticalSection
SetLocalTime
SetEnvironmentVariableA
GlobalAddAtomA
GetTempPathW
LCMapStringA
GetLogicalDrives
VirtualProtect
CreateMutexW
VirtualQueryEx
GetThreadContext
SetThreadContext
VirtualProtectEx
lstrcpyA
SetEvent
GetFileSize
FileTimeToLocalFileTime
SetEndOfFile
GetFileSizeEx
GetLongPathNameW
GetShortPathNameW
GetVolumeInformationW
CreateHardLinkW
SetFileAttributesW
SetFileTime
LocalFileTimeToFileTime
GetStdHandle
GetTimeZoneInformation
TerminateThread
WaitForMultipleObjects
GlobalDeleteAtom
ResetEvent
Beep
InterlockedExchange
GetACP
RaiseException
FindFirstFileW
lstrcmpiW
lstrcatW
lstrcpyW
lstrlenW
CompareStringW
CompareStringA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetOEMCP
GetStringTypeW
GetStringTypeA
GetCPInfo
GetCommandLineA
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
IsBadWritePtr
HeapCreate
HeapDestroy
LCMapStringW
GetSystemInfo
VirtualQuery
SetStdHandle
GetStartupInfoA
GetFileType
SetHandleCount
HeapSize
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
GetVersionExA
RtlUnwind
MultiByteToWideChar
WideCharToMultiByte
GetVersionExW
LocalFree
GetCurrentDirectoryW
SetEnvironmentVariableW
HeapReAlloc
CreatePipe
DuplicateHandle
SetFilePointer
GetEnvironmentStringsW
FreeEnvironmentStringsW
CreateNamedPipeA
SetNamedPipeHandleState
CreateEventW
WriteFile
ConnectNamedPipe
ReadFile
GetOverlappedResult
InterlockedDecrement
GetCommandLineW
GetVersion
ReadProcessMemory
SearchPathW
LoadLibraryW
CreateJobObjectW
AssignProcessToJobObject
ResumeThread
GetExitCodeProcess
TerminateJobObject
ExitProcess
GetModuleHandleA
CreateDirectoryW
FindNextFileW
CreateFileW
OpenProcess
GetProcessAffinityMask
GetProcessHeap
HeapFree
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetEnvironmentVariableW
SetLastError
CreateFileMappingA
OpenFileMappingA
TerminateProcess
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
CreateProcessW
WaitForSingleObject
GetEnvironmentVariableA
Sleep
LoadLibraryA
GetProcAddress
GetLocaleInfoA
GetCurrentProcess
SetProcessWorkingSetSize
CreateThread
GetCurrentProcessId
GetModuleFileNameW
GetLastError
HeapAlloc
lstrcpynW
FindClose
CloseHandle
LeaveCriticalSection
EnterCriticalSection
MulDiv
GetTickCount
GetStartupInfoW
EnumResourceNamesW
FreeLibrary

user32

EmptyClipboard
SetClipboardData
CloseClipboard
GetForegroundWindow
AttachThreadInput
GetWindowThreadProcessId
GetSysColor
DestroyIcon
LoadCursorW
SetCursor
RegisterWindowMessageW
UpdateWindow
SetScrollPos
GetScrollInfo
GetWindowDC
IsIconic
OpenDesktopW
SetThreadDesktop
SwitchDesktop
CloseDesktop
GetMessageW
DialogBoxParamW
RegisterClassExW
DefWindowProcW
LoadMenuW
LockWorkStation
GetMenu
GetMenuItemCount
DialogBoxIndirectParamW
GetDlgItemTextW
GetWindowTextLengthW
RedrawWindow
CallWindowProcW
GetKeyState
GetSubMenu
OpenClipboard
GetMenuStringW
ModifyMenuW
UnregisterHotKey
RegisterHotKey
EnumDisplayDevicesW
EnumDisplaySettingsW
ChangeDisplaySettingsExW
GetDesktopWindow
SetParent
BeginPaint
FillRect
EndPaint
SetLayeredWindowAttributes
InvalidateRect
EndDialog
SendMessageTimeoutW
CharToOemA
UnhookWindowsHookEx
SetWindowsHookExW
GetAsyncKeyState
PostQuitMessage
CallNextHookEx
GetKeyboardState
CharUpperA
EnumChildWindows
FindWindowExW
FindWindowW
GetNextDlgTabItem
GetFocus
IsWindowEnabled
GetWindow
GetClassNameW
GetClipboardData
PostMessageW
SendMessageW
keybd_event
IsWindow
CharUpperW
GetCursorPos
CreatePopupMenu
TrackPopupMenu
SetTimer
KillTimer
GetWindowRect
LoadStringA
LoadImageW
PtInRect
EnumWindows
CreateIconFromResourceEx
DestroyCursor
CopyImage
GetWindowInfo
IsWindowVisible
SetCursorPos
DrawIconEx
OffsetRect
SetScrollInfo
ScrollWindow
SetCapture
ReleaseCapture
ShowCursor
ScreenToClient
DrawIcon
LoadBitmapW
SetWindowRgn
CreateIconFromResource
MessageBoxW
GetMenuItemID
DestroyMenu
wsprintfA
MsgWaitForMultipleObjects
AppendMenuW
LoadStringW
MessageBoxA
FindWindowA
GetLastInputInfo
PeekMessageW
TranslateMessage
DispatchMessageW
SystemParametersInfoW
GetSystemMenu
EnableMenuItem
ClientToScreen
GetClientRect
wsprintfW
DrawTextW
SetWindowTextW
GetSystemMetrics
ShowScrollBar
EnableWindow
SetFocus
MoveWindow
SetActiveWindow
SetForegroundWindow
BringWindowToTop
CreateWindowExW
GetDlgCtrlID
GetParent
LoadIconW
ReleaseDC
GetDC
SetDlgItemTextW
DestroyWindow
GetDlgItem
SetWindowPos
ShowWindow
SetWindowLongW
GetWindowLongW
GetWindowTextW

gdi32

CreateCompatibleDC
Polyline
GetTextMetricsW
Rectangle
GetBkColor
CreateBitmap
CreateCompatibleBitmap
CreatePen
Ellipse
CreateEllipticRgn
GetObjectW
CreateFontW
CreateRectRgn
GetPixel
CombineRgn
DeleteObject
BitBlt
SetBkColor
ExtTextOutW
GetDeviceCaps
AddFontResourceW
CreateSolidBrush
SetBkMode
SetTextColor
GetStockObject
SelectObject
DeleteDC

advapi32

SetEntriesInAclW
RegSaveKeyW
RegLoadKeyW
RegUnLoadKeyW
GetNamedSecurityInfoW
BuildExplicitAccessWithNameA
SetEntriesInAclA
SetNamedSecurityInfoW
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptReleaseContext
AbortSystemShutdownW
StartServiceW
OpenServiceW
CreateServiceW
CloseServiceHandle
OpenSCManagerW
DeleteService
ControlService
SetServiceStatus
FreeSid
CreateRestrictedToken
AllocateAndInitializeSid
OpenProcessToken
RegisterServiceCtrlHandlerW
StartServiceCtrlDispatcherW
CreateProcessWithLogonW
CreateProcessAsUserW
SetSecurityInfo
GetSecurityInfo
AdjustTokenPrivileges
LookupPrivilegeValueW
RegDeleteKeyW
CryptDestroyHash
InitiateSystemShutdownW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
RegDeleteValueW
RegEnumValueW
RegQueryInfoKeyW
RegOpenKeyExW
RegSetValueExA

shell32

DragQueryFileW
SHGetPathFromIDListW
SHChangeNotify
SHBrowseForFolderW
Shell_NotifyIconW
DragAcceptFiles
SHFileOperationW
SHGetSpecialFolderPathW
ShellExecuteExW

ole32

CoCreateInstance

oleaut32

SysAllocString
SysFreeString
VariantClear

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

setupapi

SetupDiClassNameFromGuidA
CM_Locate_DevNodeW
SetupDiGetDeviceInstanceIdW
SetupDiClassNameFromGuidW
SetupDiDestroyDeviceInfoList
SetupDiChangeState
SetupDiSetClassInstallParamsW
SetupDiGetDeviceInstanceIdA
SetupDiGetDeviceInterfaceDetailW
CM_Get_Parent
CM_Get_DevNode_Status
CM_Request_Device_EjectW
CM_Query_And_Remove_SubTreeW
SetupDiOpenClassRegKey
SetupDiEnumDeviceInterfaces
CM_Reenumerate_DevNode

shlwapi

StrStrW
StrChrW
StrCpyNW
StrCmpNIW
StrStrIW
StrCpyW
StrCmpNW
StrRChrW

Exports

Exports

MemoryCopy
WndProc1
WndProc2
WndProc3
_WndProc1P@16
_WndProc2p@16
_WndProc3p@16

Sections

.text
Size: 458KB - Virtual size: 457KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b435ad78248582b5f2e76c3ed46313f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

version

setupapi

shlwapi

Exports

Exports

Sections

.text Size: 458KB - Virtual size: 457KB

.rdata Size: 77KB - Virtual size: 77KB

.data Size: 7KB - Virtual size: 17KB

.rsrc Size: 62KB - Virtual size: 62KB

.text
Size: 458KB - Virtual size: 457KB

.rdata
Size: 77KB - Virtual size: 77KB

.data
Size: 7KB - Virtual size: 17KB

.rsrc
Size: 62KB - Virtual size: 62KB