关于华能核电公司华能山东石岛湾核电有限公司γ核射线测量仪等物项采购项目竞标公平性的质疑和恶意竞标现象的举报材料[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

关于华能核电公司华能山东石岛湾核电有限公司γ核射线测量仪等物项采购项目竞标公平性的质疑和恶意竞标现象的举报材料.exe
Size

4.7MB
MD5

369aa0bd416d8c59d2fd99bb9adcd742
SHA1

db863122bdc9825fd8580c159afd8b90b30385d1
SHA256

c101951105358f16245d50e1f38e8629a257ef7d9cfca5370f5967b3af531d68
SHA512

a6f7bf507899dff95015102e003fecc1cba7b4f92eefc3a285f1fc34637bdb32e304075268daab87b0ec0f71e80f309f001ed69214fa5e4853c42604239767a5
SSDEEP

49152:7GtlqefQ4hUJ4WaOg4aqZowfBRpTeaCVPJINTvy63eCfkVw6xgloM6IdLw4wcXt0:vbZMquUp/LN2X+hC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
关于华能核电公司华能山东石岛湾核电有限公司γ核射线测量仪等物项采购项目竞标公平性的质疑和恶意竞标现象的举报材料.exe

Files

关于华能核电公司华能山东石岛湾核电有限公司γ核射线测量仪等物项采购项目竞标公平性的质疑和恶意竞标现象的举报材料.exe
.exe windows:6 windows x64 arch:x64

4a57e18cf7100875f7182ca4fefb4133

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\data\landun\workspace\p-5bce86f67a404d76903982b6a3998118\wxwork_flutter\wxwork_desktop_flutter\build\windows\runner\Release\FlutterPlugins.pdb

Imports

crypt32

CryptQueryObject
CertGetNameStringW
CertFreeCertificateContext
CertCreateCertificateContext
CryptMsgGetParam
CryptMsgClose

wintrust

WinVerifyTrust

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

InitOnceBeginInitialize
InitOnceComplete
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
InitializeSListHead
GetFileInformationByHandle
GetEnvironmentVariableW
SetCurrentDirectoryW
CreateDirectoryW
OutputDebugStringW
FlushFileBuffers
GetDiskFreeSpaceExW
GetFileAttributesW
GetFileAttributesExW
GetFileTime
DeleteFileW
GetFullPathNameW
RemoveDirectoryW
SetEndOfFile
SetFileAttributesW
SetFilePointerEx
SetFileTime
DeviceIoControl
DecodePointer
RaiseException
GetLastError
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
InitializeCriticalSectionEx
DeleteCriticalSection
GetCommandLineW
LocalFree
WideCharToMultiByte
AllocConsole
FreeLibrary
GetModuleHandleW
GetProcAddress
LoadLibraryA
PostQueuedCompletionStatus
EnterCriticalSection
LeaveCriticalSection
TlsAlloc
TlsFree
LoadLibraryW
FormatMessageA
FormatMessageW
CloseHandle
QueryPerformanceFrequency
CreateMutexW
OpenMutexW
GetCurrentProcessId
GetModuleFileNameW
IsDebuggerPresent
SetEvent
CreateEventW
WaitForMultipleObjects
OpenProcess
K32GetModuleFileNameExW
ReadFile
ConnectNamedPipe
DisconnectNamedPipe
CreateNamedPipeW
GetOverlappedResult
Sleep
CreateFileW
WriteFile
WaitNamedPipeW
SearchPathW
DuplicateHandle
SetUnhandledExceptionFilter
SetErrorMode
InitializeCriticalSection
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
OpenThread
SuspendThread
CreateProcessW
GetTickCount
VirtualQuery
VirtualAllocEx
ReadProcessMemory
WriteProcessMemory
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
CreateToolhelp32Snapshot
Thread32First
Thread32Next
Module32FirstW
Module32NextW
GetCurrentDirectoryW
SetLastError
MultiByteToWideChar
InitializeSRWLock
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
CreateEventA
WaitForSingleObjectEx
GetSystemTimeAsFileTime
GetVersionExW
LCMapStringA
GetStringTypeExA
GetUserDefaultLCID
VerSetConditionMask
CreateIoCompletionPort
GetQueuedCompletionStatus
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
SleepEx
SetWaitableTimer
QueueUserAPC
TerminateThread
TlsGetValue
TlsSetValue
VerifyVersionInfoW
GetStdHandle
GetFileType
RtlVirtualUnwind
QueryPerformanceCounter
GlobalMemoryStatus
FlushConsoleInputBuffer
GetWindowsDirectoryW
CreateDirectoryExW
CopyFileExW
MoveFileExW
AreFileApisANSI
WakeAllConditionVariable
SleepConditionVariableSRW
ReleaseSemaphore
WaitForMultipleObjectsEx
OpenEventA
ResumeThread
GetSystemInfo
GetLogicalProcessorInformation
GetModuleHandleA
VirtualProtect

user32

SetParent
ReleaseDC
GetDC
GetDesktopWindow
MessageBoxW
GetUserObjectInformationW
UnregisterClassW
GetUpdateRect
DefWindowProcW
PostQuitMessage
RegisterClassW
GetProcessWindowStation
RegisterClassExW
CreateWindowExW
DestroyWindow
MoveWindow
SetWindowPos
BringWindowToTop
SetFocus
GetForegroundWindow
SetForegroundWindow
GetClientRect
PostMessageW
SetWindowLongPtrW
GetWindowLongPtrW
LoadCursorW
LoadIconW
MonitorFromPoint
GetAncestor
ShowWindow
GetMessageW
TranslateMessage
DispatchMessageW
LoadAcceleratorsW
TranslateAcceleratorW
SetTimer
KillTimer
LoadStringA

gdi32

GetObjectW
GetDIBits
GetDeviceCaps
DeleteObject
CreateCompatibleBitmap

shell32

SHGetFolderPathW
CommandLineToArgvW

ole32

CoUninitialize
CoInitializeEx

advapi32

ReportEventW
RegCloseKey
RegCreateKeyExW
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
DeregisterEventSource
RegisterEventSourceW
GetUserNameW

shlwapi

PathFileExistsW

ws2_32

WSAStartup
WSACleanup

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 929KB - Virtual size: 929KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 602KB - Virtual size: 602KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a57e18cf7100875f7182ca4fefb4133

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

crypt32

wintrust

version

kernel32

user32

gdi32

shell32

ole32

advapi32

shlwapi

ws2_32

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.rdata Size: 929KB - Virtual size: 929KB

.data Size: 189KB - Virtual size: 207KB

.pdata Size: 174KB - Virtual size: 174KB

.rsrc Size: 602KB - Virtual size: 602KB

.reloc Size: 22KB - Virtual size: 21KB

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 929KB - Virtual size: 929KB

.data
Size: 189KB - Virtual size: 207KB

.pdata
Size: 174KB - Virtual size: 174KB

.rsrc
Size: 602KB - Virtual size: 602KB

.reloc
Size: 22KB - Virtual size: 21KB