7b98962ab0cfbc6f2f7b50a9d077bdafd3dfd4ef17cca863d9b95b2488feb343

Sharing

Copy URL

Twitter E-mail

General

Target

7b98962ab0cfbc6f2f7b50a9d077bdafd3dfd4ef17cca863d9b95b2488feb343
Size

4.7MB
MD5

9aee8bdd5859e8e4ddea12ddadbc590e
SHA1

64e437a6bf73c9a0084b80479a4e8df574065f7f
SHA256

7b98962ab0cfbc6f2f7b50a9d077bdafd3dfd4ef17cca863d9b95b2488feb343
SHA512

3cd2539c2f7aa70c0fe30b62d8cc081dd0725162cdc6f2bf987360bd4a5d1c7937ec6b64590e35a33450c2d228dc24d28d8118d0816a16eab42a55383cbd6b93
SSDEEP

98304:J56GhAtMWVXwyLSSJQvWUCLtb8LpyIK/tJY4SKLfBzo:JcGy3N9UCxqk17Y4SKU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b98962ab0cfbc6f2f7b50a9d077bdafd3dfd4ef17cca863d9b95b2488feb343

Files

7b98962ab0cfbc6f2f7b50a9d077bdafd3dfd4ef17cca863d9b95b2488feb343
.exe windows:6 windows x86 arch:x86

243791299897c13fe7d50dafd2aeea9d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Programming\WinProjects\JiYuTrainer\Release\JiYuTrainer.pdb

Imports

iphlpapi

SendARP
GetExtendedTcpTable

ws2_32

accept
listen
recvfrom
getaddrinfo
freeaddrinfo
ioctlsocket
__WSAFDIsSet
select
bind
gethostname
WSASetLastError
getpeername
getsockname
connect
getsockopt
send
recv
WSAGetLastError
InetPtonW
WSAIoctl
htons
socket
setsockopt
WSAAddressToStringW
GetAddrInfoW
WSACleanup
WSAStartup
ntohs
closesocket
sendto

comctl32

InitCommonControlsEx

dbghelp

MiniDumpWriteDump

shlwapi

PathFileExistsW
SHDeleteKeyW
PathRenameExtensionW
PathRemoveFileSpecW

kernel32

GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
GetProcAddress
GetModuleHandleW
GetTempPathW
CreateDirectoryW
CopyFileW
LoadLibraryW
DeleteFileW
Sleep
TerminateProcess
FindResourceW
LoadResource
LockResource
SizeofResource
WriteFile
SetFileAttributesW
CreateMutexW
DebugBreak
LocalFree
GetModuleFileNameW
GetCommandLineW
ExitProcess
CreateThread
DeviceIoControl
OutputDebugStringW
SetLastError
FreeLibrary
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
HeapFree
lstrlenW
GetPrivateProfileStringW
WritePrivateProfileStringW
WideCharToMultiByte
MultiByteToWideChar
FormatMessageW
GlobalAlloc
GlobalLock
GlobalFree
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
WaitForSingleObject
GetExitCodeThread
VirtualFreeEx
GetFileType
SetFilePointer
ReadFile
SystemTimeToFileTime
CreateFileW
DosDateTimeToFileTime
SetFileTime
FileTimeToSystemTime
GetFileInformationByHandle
FindNextFileW
FindClose
GlobalAddAtomW
lstrcpyW
TerminateThread
FormatMessageA
VerSetConditionMask
SleepEx
VerifyVersionInfoW
InitializeCriticalSectionEx
GetTickCount64
ExpandEnvironmentStringsA
GetStdHandle
WaitForMultipleObjects
PeekNamedPipe
WaitForSingleObjectEx
ReadConsoleW
GetConsoleMode
GetTimeZoneInformation
FreeLibraryAndExitThread
ExitThread
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
SetFilePointerEx
GetModuleHandleExW
LoadLibraryExW
RaiseException
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCPInfo
DecodePointer
EncodePointer
GetStringTypeW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
CreateEventW
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
CloseHandle
GetLastError
LeaveCriticalSection
EnterCriticalSection
WriteConsoleW
DeleteCriticalSection
InitializeCriticalSection
GetConsoleCP
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapReAlloc
GetFileSizeEx
FlushFileBuffers
SetStdHandle
GetFullPathNameW
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetEndOfFile
HeapSize
GetLocalTime
GetCurrentDirectoryW

user32

GetMessageW
SetMenuItemBitmaps
LoadBitmapW
GetSubMenu
LoadMenuW
RegisterWindowMessageW
RegisterHotKey
ExitWindowsEx
TrackPopupMenu
DispatchMessageW
PostQuitMessage
UnregisterHotKey
RegisterClassExW
LoadCursorW
UpdateWindow
GetDesktopWindow
GetWindow
CallNextHookEx
GetWindowRect
DestroyWindow
PostMessageW
DialogBoxParamW
EnableWindow
GetDlgItemTextW
CheckDlgButton
CreateDialogParamW
GetClientRect
MoveWindow
CreateWindowExW
SetDlgItemTextA
TranslateMessage
GetCursorPos
MessageBoxW
MessageBoxTimeoutW
FindWindowW
IsWindowVisible
ShowWindow
IsIconic
SetForegroundWindow
GetAsyncKeyState
SendMessageW
LoadIconW
SetDlgItemTextW
IsDlgButtonChecked
EndDialog
DefWindowProcW
SendDlgItemMessageW
GetDlgItem
SendMessageTimeoutW
wsprintfW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetWindowsHookExW
CloseDesktop
GetWindowLongW
UnhookWindowsHookEx
OpenDesktopW
GetSystemMetrics
SetTimer
KillTimer
MessageBoxIndirectW
EnumDesktopWindows
GetWindowTextW
GetWindowThreadProcessId
SetWindowPos
SetWindowLongW

gdi32

SetTextColor
SetBkColor
DeleteObject
GetStockObject
CreateFontW

comdlg32

GetOpenFileNameW

advapi32

RegQueryValueExW
CryptDestroyKey
CryptAcquireContextW
CryptEncrypt
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptImportKey
CryptGetHashParam
OpenSCManagerW
CreateServiceW
CloseServiceHandle
OpenServiceW
StartServiceW
ControlService
DeleteService
RegOpenKeyExW
LookupPrivilegeValueW
CryptReleaseContext
GetTokenInformation
RegCloseKey
OpenProcessToken
AdjustTokenPrivileges

shell32

CommandLineToArgvW
Shell_NotifyIconW
ShellExecuteW

ntdll

RtlUnwind

wininet

InternetGetConnectedState

wldap32

ord118
ord216
ord142
ord41
ord14
ord79
ord145
ord26
ord127
ord46
ord301
ord133
ord208
ord167
ord27
ord147

Sections

.text
Size: 495KB - Virtual size: 494KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.oli
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

243791299897c13fe7d50dafd2aeea9d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

iphlpapi

ws2_32

comctl32

dbghelp

shlwapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ntdll

wininet

wldap32

Sections

.text Size: 495KB - Virtual size: 494KB

.rdata Size: 137KB - Virtual size: 137KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 3.8MB - Virtual size: 3.8MB

.reloc Size: 25KB - Virtual size: 25KB

.oli Size: 1KB - Virtual size: 4KB

.text
Size: 495KB - Virtual size: 494KB

.rdata
Size: 137KB - Virtual size: 137KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 3.8MB - Virtual size: 3.8MB

.reloc
Size: 25KB - Virtual size: 25KB

.oli
Size: 1KB - Virtual size: 4KB