b3c8f71f1ba06c6cf053aa8c58d8ec74ffd32cbd28536704115681d974af5faa

Sharing

Copy URL Twitter E-mail

General

Target

b3c8f71f1ba06c6cf053aa8c58d8ec74ffd32cbd28536704115681d974af5faa
Size

2.7MB
MD5

aba57b21ba8bf5bfccc9e4579fdb8350
SHA1

baa12e37deb1fadc9accf1cea300fff06fd79159
SHA256

b3c8f71f1ba06c6cf053aa8c58d8ec74ffd32cbd28536704115681d974af5faa
SHA512

9829b169b34d99340c4a4fa50bd6b9ef5072f34684d41542347cfcb7070267b80e0109acabcc6a8d8b0cdb2d578b69602d8f91f8cd0c69347ac34790c162eac9
SSDEEP

49152:J8z2ATnoBcHM7wfxWEvmQDcTFV9W38s9FIesmSRLkpH+H2:Jw2yjsmxWDjFf16FjyLkpeH2

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack002/dmiscope.exe
unpack002/download.exe
unpack002/keygen.exe

Files

b3c8f71f1ba06c6cf053aa8c58d8ec74ffd32cbd28536704115681d974af5faa
.zip
dmiscope_137212/Dmiscope.rar
.rar
dmiscope.chm
.chm
dmiscope.exe
.exe windows:5 windows x86 arch:x86

30fe412b1cd417dd9cd63801153f778a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegQueryValueA
RegCloseKey
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyA
RegSetValueA
AllocateAndInitializeSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
GetSecurityDescriptorDacl

kernel32

SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
IsBadWritePtr
VirtualAlloc
LCMapStringW
LCMapStringA
VirtualFree
CreateThread
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
GetACP
RaiseException
TerminateProcess
HeapAlloc
HeapReAlloc
HeapFree
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
ExitProcess
GetCommandLineA
GetStartupInfoA
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
SystemTimeToFileTime
LocalFileTimeToFileTime
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WriteFile
GetCurrentProcess
DuplicateHandle
FindResourceExA
SizeofResource
GetOEMCP
GetCPInfo
GetCurrentDirectoryA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
LocalLock
LocalUnlock
GetProcessVersion
GetDiskFreeSpaceA
SetFileTime
GetFullPathNameA
GetTempFileNameA
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
lstrlenA
lstrcpynA
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalFindAtomA
lstrcpyA
GlobalAddAtomA
GlobalDeleteAtom
lstrcmpA
FreeLibrary
GetProcAddress
LoadLibraryA
GetPrivateProfileIntA
GetTempPathA
GetFileAttributesA
CloseHandle
GetFileTime
CreateFileA
CreateProcessA
GetWindowsDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetTickCount
GetVersionExA
GetModuleHandleA
FindClose
GetLastError
FindFirstFileA
SetLastError
GetShortPathNameA
SetEvent
CreateEventA
GetModuleFileNameA
LoadResource
FindResourceA
IsBadReadPtr
GetFileSize
WaitForSingleObject
GlobalFree
LocalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
SetFilePointer
ReadFile
CreateMutexA
ReleaseMutex
GetDateFormatA
Sleep
GetCurrentThreadId
GetProfileStringA
lstrcmpiA
GetCurrentThread
LockResource

gdi32

SetBkMode
GetTextExtentPointA
RectInRegion
GetRgnBox
OffsetRgn
SetAbortProc
StartPage
EndPage
EndDoc
AbortDoc
EnumFontFamiliesExA
DPtoLP
SetRectRgn
StretchDIBits
CreateDCA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateRectRgn
SetTextAlign
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
BitBlt
RestoreDC
SaveDC
StartDocA
DeleteDC
SetBkColor
SetTextColor
GetClipBox
GetBkMode
GetCurrentObject
GetStockObject
SetBoundsRect
InvertRgn
CombineRgn
GetCharWidthA
GetTextMetricsA
CreateRectRgnIndirect
CreateSolidBrush
CreateFontA
CreateDIBitmap
CreateCompatibleBitmap
CreateBitmap
PatBlt
Ellipse
CreateCompatibleDC
SelectObject
GetTextExtentPoint32A
CreatePatternBrush
DeleteObject
GetDeviceCaps
CreateFontIndirectA
GetObjectA

user32

SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
CheckRadioButton
SendDlgItemMessageA
IsDlgButtonChecked
IsDialogMessageA
GetWindowTextA
GetWindowTextLengthA
GetDlgCtrlID
SetWindowPos
SetFocus
GetWindowPlacement
IntersectRect
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
DefWindowProcA
TrackPopupMenu
GetMenu
RegisterClassA
GetClassInfoA
wsprintfA
WinHelpA
IsChild
GetTopWindow
SetScrollPos
GetScrollPos
SetScrollInfo
GetScrollInfo
EqualRect
AdjustWindowRectEx
SetActiveWindow
GetNextDlgTabItem
LoadAcceleratorsA
DestroyMenu
TranslateAcceleratorA
IsWindowEnabled
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
DefFrameProcA
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
WindowFromPoint
GetAsyncKeyState
CreateDialogIndirectParamA
EndDialog
LoadStringA
WaitMessage
SetParent
SetCursorPos
DestroyCursor
IsRectEmpty
DeleteMenu
GetSysColorBrush
GetTabbedTextExtentA
IsClipboardFormatAvailable
InsertMenuA
GetMenuStringA
GetDCEx
LockWindowUpdate
GetDialogBaseUnits
CharUpperA
PostThreadMessageA
FindWindowA
InvertRect
SetWindowTextA
MsgWaitForMultipleObjects
GetDlgItem
BeginDeferWindowPos
DeferWindowPos
GetMessageA
GetActiveWindow
ValidateRect
MapWindowPoints
PostQuitMessage
EndDeferWindowPos
SetWindowLongA
SetRectEmpty
RegisterClipboardFormatA
CheckMenuItem
EnableMenuItem
DestroyCaret
CreateCaret
ShowOwnedPopups
GetLastActivePopup
MapDialogRect
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
SetMenu
SetDlgItemTextA
PtInRect
GetCapture
ReleaseCapture
DragDetect
SetCapture
RegisterWindowMessageA
SetCaretPos
HideCaret
ShowCaret
EnableScrollBar
GetFocus
DrawFocusRect
GetWindowLongA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetClassNameA
InvalidateRect
GetCursorPos
SetRect
ExcludeUpdateRgn
DefDlgProcA
CharNextA
IsWindowUnicode
GetMenuItemID
ScreenToClient
KillTimer
SetTimer
RedrawWindow
FrameRect
GetDC
ReleaseDC
CreateMenu
AppendMenuA
GetMenuItemCount
ModifyMenuA
SetMenuItemInfoA
GetSystemMenu
GetUpdateRect
DrawFrameControl
DrawIconEx
ChildWindowFromPointEx
InflateRect
CopyRect
DrawEdge
OffsetRect
FillRect
GetSysColor
DrawStateA
DestroyIcon
GetMenuItemInfoA
GetMenuDefaultItem
SystemParametersInfoA
IsMenu
LoadImageA
GetWindowRect
IsZoomed
GetWindow
GetKeyState
GetClientRect
LoadIconA
IsIconic
ShowWindow
SetForegroundWindow
MessageBoxA
PeekMessageA
TranslateMessage
DispatchMessageA
GetWindowThreadProcessId
GetSystemMetrics
MoveWindow
MessageBeep
LoadCursorA
SetCursor
GetParent
PostMessageA
LoadMenuA
LoadBitmapA
GetSubMenu
EnableWindow
SendMessageA
IsWindow
IsWindowVisible
UpdateWindow
GetDesktopWindow
UnregisterClassA

dmiapi

RegisterCallback
DeregisterCallback
DoPCDiagRequest

tscust

TSC_ShowSplashScreen
TSC_IsEvaluationCopy
TSC_EnableRegisterReminder
TSC_GetSerialNumber

cwpha

AwdCreateProfSection
AwdOpenProfSection
_AllocMem
AwdGetProfString
_FreeMem
AwdGetProfInt
AwdCloseProfSection

shell32

ExtractIconA
DragQueryFileA
DragFinish
DragAcceptFiles
ShellExecuteExA
SHGetFileInfoA

comctl32

ImageList_Destroy
ImageList_AddMasked
ord17
ImageList_GetIcon
ImageList_Draw
ImageList_GetImageInfo
ImageList_Add
ImageList_ReplaceIcon
ImageList_SetBkColor
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_GetImageCount
ImageList_Create
ImageList_LoadImageA

comdlg32

PrintDlgA
CommDlgExtendedError
FindTextA
ReplaceTextA
GetSaveFileNameA
ChooseFontA
GetFileTitleA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

ole32

OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize

oleaut32

SysFreeString

oledlg

ord8

Sections

.text
Size: 460KB - Virtual size: 457KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

InitCode
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

shared
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 404KB - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
download.exe
.exe windows:4 windows x86 arch:x86

690c9e79bb34f8d71799aa65a51d3c5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageA
GetSystemDefaultLCID
GetProcAddress
GetTempFileNameA
MulDiv
CreateProcessA
WaitForSingleObject
GetStartupInfoA
IsDBCSLeadByte
Sleep
CompareStringA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
FreeLibrary
RemoveDirectoryA
FindNextFileA
WritePrivateProfileSectionA
WritePrivateProfileStringA
lstrcpynA
GetPrivateProfileSectionA
WriteFile
DeleteFileA
LocalAlloc
LockResource
LoadResource
FindResourceA
SizeofResource
GetModuleHandleA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
MultiByteToWideChar
lstrcmpiA
GetDiskFreeSpaceA
HeapAlloc
GetProcessHeap
HeapFree
GetModuleFileNameA
ExitProcess
CreateFileA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
SetFileAttributesA
GetFileSize
ReadFile
SetFilePointer
FindFirstFileA
CreateDirectoryA
GetLastError
GetPrivateProfileStringA
FindClose
GetFileAttributesA
lstrcatA
lstrlenA
GetWindowsDirectoryA
lstrcpyA
GetSystemDirectoryA
GetTempPathA
MoveFileExA
LoadLibraryA
LocalFree
GetShortPathNameA
FlushFileBuffers
CloseHandle
SetStdHandle
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersion
GetCommandLineA
RtlUnwind

user32

GetParent
GetDlgItem
SendDlgItemMessageA
EnableWindow
CheckRadioButton
SetWindowTextA
GetWindowTextA
LoadStringA
LoadImageA
MessageBoxA
IsDlgButtonChecked
GetDlgItemTextA
SetDlgItemTextA
ReleaseDC
GetDC
GetWindowLongA
SetFocus
PostMessageA
GetWindow
wsprintfA
GetDesktopWindow
DestroyWindow
CreateDialogParamA
DispatchMessageA
TranslateMessage
GetSysColor
GetSysColorBrush
FillRect
BeginPaint
DrawTextA
EndPaint
GetClientRect
ScreenToClient
MoveWindow
SetParent
MapDialogRect
GetNextDlgTabItem
GetWindowRect
CreateDialogIndirectParamA
IsWindow
InvalidateRect
IsWindowEnabled
ShowWindow
UpdateWindow
IsDialogMessageA
SetWindowPos
GetActiveWindow
SetActiveWindow
CharNextA
LoadIconA
SendMessageA
PeekMessageA
SetWindowLongA

gdi32

DeleteObject
CreatePalette
RealizePalette
GetDeviceCaps
CreateDIBitmap
GetObjectA
SelectPalette
EnumFontFamiliesExA
GetTextExtentPointA
GetStockObject
TextOutA
DeleteDC
SelectObject
CreateCompatibleDC
SetBkMode
BitBlt
SetTextColor
CreateSolidBrush
SetBkColor
CreateFontIndirectA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc

lz32

LZOpenFileA
LZCopy
LZClose

comctl32

ord17

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
keygen.exe
.exe windows:4 windows x86 arch:x86

5e513ed83f858872180b98254ec31728

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetStringTypeW

user32

MessageBoxA
GetDlgItem
SetWindowTextA
EndDialog
DialogBoxParamA

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
使用说明.txt
更多系统软件下载.html

Sharing

General

Malware Config

Signatures

Files

30fe412b1cd417dd9cd63801153f778a

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

dmiapi

tscust

cwpha

shell32

comctl32

comdlg32

winspool.drv

ole32

oleaut32

oledlg

Sections

.text Size: 460KB - Virtual size: 457KB

InitCode Size: 4KB - Virtual size: 952B

.data Size: 28KB - Virtual size: 44KB

.idata Size: 16KB - Virtual size: 12KB

shared Size: 4KB - Virtual size: 4B

.rsrc Size: 404KB - Virtual size: 400KB

690c9e79bb34f8d71799aa65a51d3c5d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

lz32

comctl32

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 72KB - Virtual size: 68KB

5e513ed83f858872180b98254ec31728

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 12KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 16KB - Virtual size: 12KB

.text
Size: 460KB - Virtual size: 457KB

InitCode
Size: 4KB - Virtual size: 952B

.data
Size: 28KB - Virtual size: 44KB

.idata
Size: 16KB - Virtual size: 12KB

shared
Size: 4KB - Virtual size: 4B

.rsrc
Size: 404KB - Virtual size: 400KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 72KB - Virtual size: 68KB

.text
Size: 12KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 16KB - Virtual size: 12KB