186b8a9cba5e90fb2bd0ed3cc2985d27b58e9a7be8fd515934fb001fcb296917

Sharing

Copy URL Twitter E-mail

General

Target

186b8a9cba5e90fb2bd0ed3cc2985d27b58e9a7be8fd515934fb001fcb296917
Size

2.4MB
MD5

f6412befb5d45b5686e5c9b45856a912
SHA1

b283fcdf73cc945f7aa01aae710cc169a325441e
SHA256

186b8a9cba5e90fb2bd0ed3cc2985d27b58e9a7be8fd515934fb001fcb296917
SHA512

285824fe88949cd9979fd755641428641b326a34d13870cffbf969e75e0c23a2102974d6e6540f1ef4695449e8fc91c2063dc3ad892cbb40e1942ecab7de4e9b
SSDEEP

49152:Gs4g0vTsBN9ZO11X63Fg0r2yKp/Wt4RoHQy8xW6eb9/17vFTUQlBIm9flTOsAE/k:GsDp9ZO11XwFg03Kp/FRoHQy8xWH17vD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
186b8a9cba5e90fb2bd0ed3cc2985d27b58e9a7be8fd515934fb001fcb296917

Files

186b8a9cba5e90fb2bd0ed3cc2985d27b58e9a7be8fd515934fb001fcb296917
.exe windows:5 windows x86 arch:x86

9e8367572062ecb0b0067d6c7d7f3215

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Projects_New\ClickPro\proj\stuike\bin\Release\压测助手.pdb

Imports

kernel32

GetDriveTypeA
FindFirstFileExA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RtlUnwind
RaiseException
ExitThread
CreateThread
SetStdHandle
ExitProcess
HeapQueryInformation
HeapSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
GetStdHandle
HeapCreate
HeapAlloc
GetStringTypeW
GetLocaleInfoW
HeapReAlloc
GetCurrentDirectoryW
SetHandleCount
GetConsoleCP
GetConsoleMode
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetDriveTypeW
CompareStringW
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
SetEnvironmentVariableA
DecodePointer
EncodePointer
GetDateFormatA
GetTimeFormatA
VirtualQuery
VirtualAlloc
GetSystemTimeAsFileTime
WideCharToMultiByte
PeekNamedPipe
HeapFree
FindResourceExW
SearchPathA
GetProfileIntA
GetNumberFormatA
GetFileSizeEx
LocalFileTimeToFileTime
GetFileAttributesExA
GetACP
GetOEMCP
GlobalFlags
GetDiskFreeSpaceA
GetTempFileNameA
GetFileTime
ReplaceFileA
GetUserDefaultLCID
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
GetFullPathNameA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
MoveFileA
GetStringTypeExA
GetModuleHandleW
lstrcmpA
LocalAlloc
FileTimeToLocalFileTime
SetEvent
GetThreadLocale
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
CreateEventA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalFindAtomA
CompareStringA
LoadLibraryW
ActivateActCtx
DeactivateActCtx
lstrcmpW
CopyFileA
MulDiv
SetLastError
InterlockedIncrement
InterlockedExchange
GetWindowsDirectoryA
GlobalMemoryStatusEx
CreateSemaphoreA
Module32Next
Module32First
CreateFileW
SetErrorMode
GetFileInformationByHandle
CreateFileMappingA
FileTimeToSystemTime
UnmapViewOfFile
MapViewOfFile
DuplicateHandle
GetCurrentDirectoryA
GetFileType
SetFileTime
SystemTimeToFileTime
DosDateTimeToFileTime
GetLocalTime
GetTimeZoneInformation
GetCurrentThread
SetThreadPriority
GetShortPathNameA
GetCurrentProcess
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
GetExitCodeProcess
ReadFile
CreateProcessA
GetStartupInfoA
CreatePipe
GetVolumeInformationA
GetSystemInfo
TerminateProcess
lstrcmpiA
GetCurrentProcessId
CreateToolhelp32Snapshot
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
FormatMessageA
FindResourceA
WriteProcessMemory
OpenProcess
FreeLibrary
FindClose
FindNextFileA
DeleteFileA
RemoveDirectoryA
SetFileAttributesA
GetFileAttributesA
FindFirstFileA
WriteFile
SetFilePointer
GetFileSize
GetTempPathA
LocalFree
GetCommandLineW
GetModuleHandleA
GetExitCodeThread
CreateDirectoryA
GlobalDeleteAtom
GlobalAddAtomA
lstrcpyA
GlobalAlloc
GlobalSize
GlobalUnlock
GlobalLock
WinExec
ResumeThread
WaitForSingleObject
VirtualProtect
GetProcAddress
LoadLibraryA
InterlockedDecrement
Sleep
SuspendThread
GlobalFree
OutputDebugStringA
GetModuleFileNameA
GetVersionExA
CloseHandle
DeviceIoControl
CreateFileA
GetTickCount
GetCPInfo
MultiByteToWideChar
lstrlenW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
GetSystemTime
lstrlenA
FindResourceW
LoadResource
LockResource
SizeofResource

user32

UpdateLayeredWindow
EnableScrollBar
NotifyWinEvent
UnionRect
SetParent
DeleteMenu
SetLayeredWindowAttributes
EnumDisplayMonitors
UnregisterClassA
RealChildWindowFromPoint
ShowOwnedPopups
LoadAcceleratorsW
RegisterClipboardFormatA
PostQuitMessage
IsZoomed
CreateDialogIndirectParamA
EndDialog
DrawStateA
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
MessageBeep
GetNextDlgTabItem
GetNextDlgGroupItem
SetWindowContextHelpId
MapDialogRect
GetMenuItemInfoA
MapVirtualKeyA
GetKeyNameTextA
WindowFromPoint
GetMessageA
ValidateRect
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
LoadImageA
DestroyIcon
GetActiveWindow
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorA
CharNextA
IsIconic
LoadCursorW
SetWindowRgn
DrawIcon
ReleaseCapture
GetDesktopWindow
SetCapture
InvalidateRgn
IntersectRect
OffsetRect
SetRect
IsRectEmpty
CopyAcceleratorTableA
EndPaint
BeginPaint
GetWindowDC
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
IsWindowEnabled
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
MonitorFromPoint
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
RemovePropA
GetWindowTextLengthA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
CreateWindowExA
SendMessageA
EnableWindow
GetSysColor
RedrawWindow
CharLowerBuffA
GetClassInfoExA
GetClassInfoA
RegisterClassA
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
GetWindowLongA
SetWindowLongA
SetWindowPos
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
LoadIconW
wsprintfA
MessageBoxA
IsWindowVisible
AppendMenuA
IsMenu
GetMenuDefaultItem
PostThreadMessageA
InvertRect
HideCaret
GetIconInfo
CopyImage
DrawIconEx
DestroyAcceleratorTable
SetClassLongA
DrawFrameControl
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableA
LockWindowUpdate
LoadImageW
FrameRect
CopyIcon
CharUpperBuffA
WaitMessage
GetSystemMenu
LoadIconA
SystemParametersInfoA
DispatchMessageA
TranslateMessage
PeekMessageA
GetWindowThreadProcessId
GetDlgItem
GetWindow
UpdateWindow
IsCharLowerA
MapVirtualKeyExA
CreateMenu
IsClipboardFormatAvailable
GetUpdateRect
GetDoubleClickTime
SubtractRect
DestroyCursor
GetAsyncKeyState
GetKeyState
PostMessageA
IsWindow
GetClientRect
GetWindowRgn
CheckDlgButton
AdjustWindowRectEx
GetWindowRect
GetClassNameA
GetParent
FindWindowExA
EnumChildWindows
GetCursorPos
GetSystemMetrics
ClientToScreen
SetCursorPos
SetFocus
GetDC
ReleaseDC
InflateRect
PtInRect
MessageBoxIndirectW
GetFocus
GetSysColorBrush
InvalidateRect
CopyRect
FillRect
DrawTextA
DrawEdge
SetTimer
KillTimer
TabbedTextOutA
DrawTextExA
GrayStringA
LoadCursorA
RegisterWindowMessageA
SetCursor
DrawFocusRect
OpenClipboard
CloseClipboard
EmptyClipboard
SetClipboardData
LoadMenuW
GetSubMenu
SetForegroundWindow
SetMenuDefaultItem
RegisterHotKey
UnregisterHotKey
GetWindowTextA
GetPropA
SetPropA
CharLowerA
CharUpperA
FindWindowA
ShowWindow

gdi32

CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreatePolygonRgn
Polyline
Polygon
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExA
GetWindowOrgEx
GetViewportOrgEx
ExtFloodFill
SetPaletteEntries
PtInRegion
FillRgn
CreateRoundRectRgn
GetBoundsRect
GetTextFaceA
SetPixelV
GetPixel
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
GetTextMetricsA
CombineRgn
SetRectRgn
PatBlt
GetTextColor
CreateDIBSection
Ellipse
CreateEllipticRgn
GetRgnBox
CreateHatchBrush
CreatePen
GetObjectType
SelectPalette
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
FrameRgn
CreateSolidBrush
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
CreateDCA
CopyMetaFileA
GetDeviceCaps
Escape
TextOutA
RectVisible
PtVisible
ExtTextOutA
CreateRectRgn
BitBlt
GetBkColor
DPtoLP
GetViewportExtEx
GetWindowExtEx
GetMapMode
CreateCompatibleBitmap
LPtoDP
CreateCompatibleDC
CreateRectRgnIndirect
CreateFontIndirectA
GetObjectA
GetStockObject
SelectObject
GetTextExtentPoint32A
SetViewportOrgEx

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegEnumValueA
GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegEnumKeyA
RegOpenKeyExW
RegDeleteKeyA
RegSetValueA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegQueryValueExA
RegOpenKeyA
RegCreateKeyA

shell32

SHGetDesktopFolder
Shell_NotifyIconA
CommandLineToArgvW
SHGetFolderPathAndSubDirA
SHGetSpecialFolderPathA
ShellExecuteExA
SHGetFolderPathA
SHGetFolderPathW
SHBrowseForFolderA
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA
SHAddToRecentDocs
ExtractIconA
SHGetFileInfoA
DragQueryFileA
DragFinish
SHGetSpecialFolderPathW

comctl32

_TrackMouseEvent
InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathAppendA
PathFindExtensionA
StrCpyW
StrFormatByteSizeA
UrlUnescapeA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW

ole32

StringFromCLSID
ReleaseStgMedium
OleDuplicateData
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleDraw
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoInitializeEx
DoDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoTaskMemAlloc
CoCreateGuid
CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree

oleaut32

VariantChangeType
SysAllocString
VarBstrCmp
VariantTimeToSystemTime
SystemTimeToVariantTime
VarDateFromStr
SysAllocStringByteLen
SysStringLen
OleCreateFontIndirect
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantCopy
VariantInit
VarBstrFromDate
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SysAllocStringLen
VariantClear
SysFreeString

oledlg

ord8

urlmon

URLDownloadToFileA
ObtainUserAgentString
UrlMkSetSessionOption

gdiplus

GdiplusShutdown
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipDrawImageI
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipBitmapLockBits

netapi32

Netbios

wininet

InternetSetOptionA
InternetQueryOptionA
DeleteUrlCacheEntry
HttpQueryInfoA
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
FindCloseUrlCache
InternetSetCookieA
InternetGetCookieA
InternetCrackUrlA
HttpOpenRequestA
InternetConnectA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
InternetQueryDataAvailable
InternetSetOptionExA
InternetCanonicalizeUrlA
InternetSetCookieExW
InternetSetCookieExA
InternetSetCookieW

winmm

mixerGetNumDevs
mixerOpen
mixerGetDevCapsA
mixerGetLineInfoA
mixerGetLineControlsA
mixerSetControlDetails
mixerClose
PlaySoundA

imagehlp

ImageDirectoryEntryToDataEx

version

VerQueryValueW
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 443KB - Virtual size: 442KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e8367572062ecb0b0067d6c7d7f3215

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

urlmon

gdiplus

netapi32

wininet

winmm

imagehlp

version

oleacc

imm32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 443KB - Virtual size: 442KB

.data Size: 30KB - Virtual size: 69KB

.rsrc Size: 39KB - Virtual size: 38KB

.reloc Size: 215KB - Virtual size: 215KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 443KB - Virtual size: 442KB

.data
Size: 30KB - Virtual size: 69KB

.rsrc
Size: 39KB - Virtual size: 38KB

.reloc
Size: 215KB - Virtual size: 215KB