b010df196e46ebd592466a806c06916c78ac822f08057874bbfffc95cf9a5929

Sharing

Copy URL

Twitter E-mail

General

Target

b010df196e46ebd592466a806c06916c78ac822f08057874bbfffc95cf9a5929
Size

13.9MB
MD5

eed52f5fe8b9d0636fc66e05315916c0
SHA1

864485533a40b3557e2ae3e312480adf132d7b37
SHA256

b010df196e46ebd592466a806c06916c78ac822f08057874bbfffc95cf9a5929
SHA512

8c95ed56ed98dc982b7431e71871cee66e3c1782b438fb714acec64b5bd6ced6422e6523c61a02c69af2211b8bbdbbdfbd4461a195a58762b05b7ca1513d3c62
SSDEEP

196608:10u3I44047/CvUD4Eh3NSem3UYHqE+iOT8ZGwTTYjuPRQA1+R2:3lGDDRNyCXi7TTEuZQwP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b010df196e46ebd592466a806c06916c78ac822f08057874bbfffc95cf9a5929

Files

b010df196e46ebd592466a806c06916c78ac822f08057874bbfffc95cf9a5929
.exe windows:5 windows x86 arch:x86

42ecdd9b3b3ce7e5fd1053d3309c4f45

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\cyc_sefttest\装机大师\系统装机大师\bin\安装包\AppInstallWizard.pdb

Imports

kernel32

FindFirstFileW
FlushFileBuffers
GetFileSize
GetFullPathNameW
GetVolumeInformationW
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
GetCurrentProcess
FileTimeToSystemTime
SystemTimeToFileTime
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesW
GetFileAttributesExW
GetFileSizeEx
GetFileTime
SetFileAttributesW
GetCommandLineW
RtlUnwind
ExitProcess
GetModuleHandleExW
AreFileApisANSI
ExitThread
IsDebuggerPresent
IsProcessorFeaturePresent
HeapQueryInformation
GetStdHandle
GetFileType
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetTickCount
IsValidCodePage
GetOEMCP
GetCPInfo
GetLocaleInfoW
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
SetStdHandle
WriteConsoleW
ReadConsoleW
SetEnvironmentVariableA
CreateFileA
FindResourceA
GetDriveTypeA
GetVolumeInformationA
FindClose
DeviceIoControl
GetDiskFreeSpaceExA
MapViewOfFile
UnmapViewOfFile
GetSystemDirectoryA
GetTempPathW
CreateFileMappingW
GetSystemInfo
GetTempPathA
OpenFile
GetFileAttributesA
FindFirstFileA
InterlockedDecrement
TryEnterCriticalSection
InterlockedCompareExchange
CompareStringW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
FormatMessageW
MulDiv
LocalFree
GlobalSize
GlobalFindAtomW
LoadLibraryA
GetSystemDirectoryW
LeaveCriticalSection
EnterCriticalSection
EncodePointer
GetCurrentProcessId
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GlobalFree
GlobalUnlock
FreeResource
FindResourceW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
SizeofResource
LockResource
LoadResource
LoadLibraryExW
FreeLibrary
GetVersionExW
GetCurrentThreadId
GetCurrentThread
LoadLibraryW
GetProcAddress
GetModuleHandleA
GetModuleFileNameW
SetLastError
OutputDebugStringA
GetACP
WideCharToMultiByte
MultiByteToWideChar
CreateFileW
DeleteFileW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetFullPathNameA
HeapCompact
FlushViewOfFile
WaitForSingleObjectEx
UnlockFileEx
FormatMessageA
HeapCreate
HeapValidate
LockFileEx
GetDiskFreeSpaceW
CreateFileMappingA
GetDiskFreeSpaceA
GetVersionExA
GetSystemTime
DeleteFileA
CreateProcessW
Sleep
WinExec
CreateThread
WaitForSingleObject
DeleteCriticalSection
DecodePointer
HeapSize
RaiseException
HeapDestroy
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
OutputDebugStringW
GetLastError
CreateMutexW
CloseHandle
GetModuleHandleW

user32

OffsetRect
IntersectRect
DestroyMenu
CharUpperW
DestroyIcon
IsIconic
GetSysColorBrush
GetSystemMetrics
EndPaint
BeginPaint
ReleaseDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
InvalidateRect
RealChildWindowFromPoint
SystemParametersInfoW
LoadCursorW
WindowFromPoint
ClientToScreen
ReleaseCapture
SetCapture
GetMonitorInfoW
MonitorFromWindow
WinHelpW
LoadIconW
GetTopWindow
GetClassNameW
GetClassLongW
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetClientRect
RemovePropW
GetPropW
SetPropW
GetCaretPos
RedrawWindow
SetForegroundWindow
GetForegroundWindow
UpdateWindow
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
MessageBoxW
UnregisterClassW
SetRect
PostMessageW
SetWindowPos
SetTimer
RegisterWindowMessageW
IsDialogMessageW
GetWindow
SetWindowLongW
GetWindowTextW
SetWindowTextW
SetFocus
GetDlgCtrlID
MoveWindow
ShowWindow
GetLastActivePopup
GetWindowThreadProcessId
SetCursor
CallNextHookEx
SetWindowRgn
IsZoomed
DestroyCaret
GetWindowRgn
RegisterClassExW
CloseClipboard
GetAsyncKeyState
GetClipboardData
OpenClipboard
KillTimer
SendMessageW
EnableWindow
UpdateLayeredWindow
SetCaretPos
HideCaret
CreateCaret
GetMenuItemCount
SetWindowsHookExW
GetCursorPos
ValidateRect
GetKeyState
IsWindowVisible
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
GetDesktopWindow
GetWindowLongW
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
IsWindow
UnhookWindowsHookEx
PostQuitMessage
GetParent
SendDlgItemMessageA
GetWindowDC

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
DragAcceptFiles
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
ShellExecuteW
DragQueryFileW

shlwapi

PathFileExistsA
PathIsDirectoryW
PathFileExistsW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathIsRootA

gdiplus

GdipGetImageHeight
GdipDrawImageRectRect
GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipCreateBitmapFromFile
GdipCreateHBITMAPFromBitmap
GdipLoadImageFromStream
GdipSetSmoothingMode
GdipCreateSolidFill
GdipDeleteBrush
GdipResetPath
GdipFillPath
GdipCreatePen1
GdipGetImageWidth
GdipDrawPath
GdipDeletePath
GdipCreateFontFamilyFromName
GdipDeleteGraphics
GdipCreateFont
GdipDeleteFont
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetTextRenderingHint
GdipDrawString
GdipDeleteFontFamily
GdipAddPathEllipseI
GdipAddPathRectangleI
GdipSetClipPath
GdipResetClip
GdipCreatePath
GdipAddPathArcI
GdipAddPathLineI
GdipClosePathFigure
GdipImageGetFrameDimensionsCount
GdipImageSelectActiveFrame
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipDeletePen

oleacc

CreateStdAccessibleObject
LresultFromObject

imagehlp

MakeSureDirectoryPathExists

winmm

timeSetEvent
timeGetDevCaps
timeKillEvent

gdi32

CreateCompatibleBitmap
CreateFontW
EnumFontFamiliesExW
GetTextExtentPoint32W
CreateDIBSection
PtInRegion
SetPixel
CreateRoundRectRgn
ScaleViewportExtEx
CreatePolygonRgn
FillRgn
GetObjectW
GetDeviceCaps
GetBitmapBits
GetDIBits
ScaleWindowExtEx
DeleteObject
BitBlt
CreateCompatibleDC
CreatePen
CreateRectRgn
CreateSolidBrush
DeleteDC
Escape
SetBitmapBits
SetTextColor
SetBkColor
OffsetViewportOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
CreateBitmap
SetMapMode
SetBkMode
SelectObject
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
GetStockObject
GetClipBox

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

ole32

CreateStreamOnHGlobal
OleSetContainedObject
CoInitializeSecurity
CoSetProxyBlanket
CoTaskMemFree
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
CoInitializeEx

oleaut32

VariantChangeType
VariantClear
VariantInit
SysAllocString
SysFreeString

msimg32

AlphaBlend

comctl32

_TrackMouseEvent

imm32

ImmAssociateContext
ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext
ImmDestroyContext

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28.0MB - Virtual size: 28.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42ecdd9b3b3ce7e5fd1053d3309c4f45

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

shell32

shlwapi

gdiplus

oleacc

imagehlp

winmm

gdi32

winspool.drv

advapi32

ole32

oleaut32

msimg32

comctl32

imm32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 196KB - Virtual size: 196KB

.data Size: 95KB - Virtual size: 114KB

.rsrc Size: 28.0MB - Virtual size: 28.0MB

.reloc Size: 84KB - Virtual size: 84KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 196KB - Virtual size: 196KB

.data
Size: 95KB - Virtual size: 114KB

.rsrc
Size: 28.0MB - Virtual size: 28.0MB

.reloc
Size: 84KB - Virtual size: 84KB