e6c4b7344b12115e5fbe05e0a85c3003da08863a97bda9fa5156747c97d6b2ad

Sharing

Copy URL

Twitter E-mail

General

Target

e6c4b7344b12115e5fbe05e0a85c3003da08863a97bda9fa5156747c97d6b2ad
Size

11.4MB
MD5

a6498a2cd1e47e40def9cd795c07a3b3
SHA1

1da40d9f0f77cded8a99bdb02bc6f40c33c85299
SHA256

e6c4b7344b12115e5fbe05e0a85c3003da08863a97bda9fa5156747c97d6b2ad
SHA512

10873ac5f1df9b2290c7df7fde2965c771754a2a9c457448c33c895f3cf0c3924fc029216b5cf63818bafc964fd9c3ec00c240ae2c8e236add347b54940488dc
SSDEEP

196608:50FzKveQNfIrMbY5vnSfySwHAFgnO9wkPHJu+eByXYvx4I8u8qcImXNjgRUT5d+V:6FzGfIoKHAanewkPHJUIYWtERUTOVCl3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e6c4b7344b12115e5fbe05e0a85c3003da08863a97bda9fa5156747c97d6b2ad

Files

e6c4b7344b12115e5fbe05e0a85c3003da08863a97bda9fa5156747c97d6b2ad
.exe windows:5 windows x86 arch:x86

65232b9e24417e45694ed2295f50e71f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\swm\新视高2020版\newone\Release\newone.pdb

Imports

wsock32

htons
bind
recv
WSAAsyncSelect
select
connect
inet_ntoa
WSAGetLastError
WSACleanup
WSAStartup
send
ioctlsocket
inet_addr
gethostbyname
gethostname
recvfrom
closesocket
setsockopt
socket

mpr

WNetCancelConnection2A
WNetAddConnection2A

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

kernel32

GlobalGetAtomNameA
lstrcmpA
GetThreadLocale
lstrcmpiA
DeleteFileA
SetFilePointer
LockFile
UnlockFile
SetEndOfFile
GetFileSize
GetVolumeInformationA
GetFullPathNameA
CreateActCtxW
ReleaseActCtx
lstrcpyA
GlobalReAlloc
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
GetPrivateProfileIntA
SetThreadPriority
ResumeThread
GlobalFlags
GetACP
TlsGetValue
lstrcmpW
TlsSetValue
LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
GetFileAttributesExA
GetFileSizeEx
GetCurrentDirectoryA
GetProfileIntA
VirtualProtect
GetTempFileNameA
GetTempPathA
GetWindowsDirectoryA
GetNumberFormatA
FindResourceExW
EncodePointer
DecodePointer
ExitThread
HeapAlloc
HeapFree
GetConsoleCP
GetCommandLineA
HeapSetInformation
HeapReAlloc
SetStdHandle
RtlUnwind
RaiseException
VirtualAlloc
VirtualQuery
ExitProcess
HeapQueryInformation
HeapSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsValidCodePage
LCMapStringW
GlobalAddAtomA
SetHandleCount
HeapCreate
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsProcessorFeaturePresent
GetStringTypeW
CompareStringW
SetEnvironmentVariableA
GetProcessHeap
GlobalSize
lstrlenW
MulDiv
FindResourceA
FreeResource
CheckRemoteDebuggerPresent
SearchPathA
CreateThread
IsBadReadPtr
ProcessIdToSessionId
GetComputerNameA
GetModuleHandleA
GetSystemInfo
QueryPerformanceCounter
SetCurrentDirectoryW
GetModuleFileNameW
QueryPerformanceFrequency
GetNumberOfConsoleInputEvents
ReadConsoleInputW
SetConsoleTextAttribute
CompareStringA
FillConsoleOutputAttribute
GetConsoleScreenBufferInfo
SetConsoleCursorPosition
WriteConsoleW
WriteConsoleInputW
ReadConsoleA
ReleaseSemaphore
CreateSemaphoreA
DeleteCriticalSection
SetEvent
WaitForSingleObject
CancelIo
SetConsoleCtrlHandler
EnterCriticalSection
InterlockedExchange
LeaveCriticalSection
InitializeCriticalSection
UnregisterWaitEx
GetExitCodeProcess
GetStdHandle
GetStartupInfoW
DuplicateHandle
SetHandleInformation
PeekNamedPipe
CreateEventA
RegisterWaitForSingleObject
ConnectNamedPipe
WaitNamedPipeW
SwitchToThread
GlobalFindAtomA
GetTimeZoneInformation
LocalAlloc
CreateNamedPipeW
UnregisterWait
SetNamedPipeHandleState
GetFileType
GetConsoleMode
QueueUserWorkItem
FlushFileBuffers
SetLastError
GetLongPathNameW
CreateFileW
GetCurrentDirectoryW
ReadDirectoryChangesW
FreeLibrary
GetQueuedCompletionStatus
CreateIoCompletionPort
SetErrorMode
PostQueuedCompletionStatus
GetCurrentThreadId
InterlockedIncrement
InterlockedCompareExchange
InterlockedDecrement
FindNextFileA
FindFirstFileA
FindClose
GetFileTime
ReadFile
FileTimeToSystemTime
FileTimeToLocalFileTime
TerminateProcess
OpenProcess
LocalFree
FormatMessageA
CreateProcessA
GetCurrentProcessId
GetTickCount
GetCurrentProcess
GetVersionExA
lstrlenA
GlobalFree
GlobalHandle
GlobalUnlock
GlobalAlloc
GlobalLock
_lclose
_lread
_lopen
GetProcAddress
LoadLibraryA
GetFileAttributesA
GetDriveTypeA
GetSystemTimeAsFileTime
MultiByteToWideChar
WriteFile
SetFileAttributesA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
WinExec
GetPrivateProfileStringA
Sleep
CopyFileA
GetSystemDirectoryA
GetLastError
CloseHandle
CreateFileA
GetModuleFileNameA
WritePrivateProfileStringA
GlobalDeleteAtom
LoadLibraryW
ActivateActCtx
FillConsoleOutputCharacterW
DeactivateActCtx
SetCurrentDirectoryA
CreateDirectoryA
TlsAlloc

user32

UpdateLayeredWindow
EnableScrollBar
UnionRect
SetRect
SetLayeredWindowAttributes
EnumDisplayMonitors
CopyAcceleratorTableA
IsClipboardFormatAvailable
SetMenuDefaultItem
DrawIconEx
DrawFocusRect
DrawFrameControl
DrawEdge
UnregisterClassA
GetMenuItemInfoA
RealChildWindowFromPoint
ShowOwnedPopups
GetMessageA
PostThreadMessageA
GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatA
WaitMessage
PostQuitMessage
CharUpperBuffA
UnpackDDElParam
ReuseDDElParam
GetWindowThreadProcessId
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
SetParent
LockWindowUpdate
ValidateRect
BringWindowToTop
IsMenu
MonitorFromPoint
SystemParametersInfoA
CreatePopupMenu
LoadImageW
LoadImageA
DrawStateA
CopyImage
GetIconInfo
DestroyIcon
IsRectEmpty
IsIconic
IsZoomed
GetCursorPos
SetCursor
ReleaseCapture
LoadCursorW
WindowFromPoint
SetCapture
GetSystemMenu
LoadMenuW
DeleteMenu
IntersectRect
OffsetRect
InflateRect
SetRectEmpty
DestroyAcceleratorTable
NotifyWinEvent
SetWindowRgn
GetWindowDC
GrayStringA
DrawTextExA
TabbedTextOutA
FillRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
CheckMenuItem
RegisterWindowMessageA
LoadIconW
LoadIconA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
GetMenuDefaultItem
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
GetKeyState
DestroyCursor
SetScrollRange
GetScrollRange
ShowScrollBar
IsWindowVisible
GetClassInfoExA
GetClassInfoA
GetSysColor
AdjustWindowRectEx
GetWindowRect
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
GetWindowPlacement
CallWindowProcA
GetMenu
MoveWindow
SetWindowLongA
CheckDlgButton
GetWindowTextLengthA
GetScrollPos
SetScrollPos
GetWindow
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
IsWindow
GetWindowLongA
IsWindowEnabled
GetNextDlgTabItem
SetWindowPos
CreateWindowExA
RegisterClassA
DefWindowProcA
EndPaint
BeginPaint
ReleaseDC
GetDC
SetForegroundWindow
GetSystemMetrics
CharUpperA
GetDlgCtrlID
SendDlgItemMessageA
CheckRadioButton
DestroyWindow
ShowWindow
DispatchMessageA
TranslateMessage
SetClassLongA
SetCursorPos
FrameRect
CopyIcon
ToAsciiEx
MapVirtualKeyA
GetKeyboardLayout
MapVirtualKeyExA
IsCharLowerA
GetWindowRgn
DrawIcon
IsDialogMessageA
PeekMessageA
UpdateWindow
GetDlgItem
GetDlgItemTextA
SetFocus
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
RedrawWindow
CreateMenu
GetDoubleClickTime
HideCaret
InvertRect
InvalidateRgn
CharNextA
RemovePropA
EnumChildWindows
EndDialog
SetDlgItemTextA
MessageBeep
SetWindowTextA
DrawTextA
SendMessageA
DestroyMenu
TrackPopupMenu
ClientToScreen
EnableMenuItem
GetSubMenu
LoadMenuA
DialogBoxParamA
GetAsyncKeyState
KillTimer
EnumWindows
FindWindowA
GetWindowTextA
SetTimer
DrawMenuBar
InvalidateRect
GetClientRect
PostMessageA
GetParent
LoadCursorA
GetFocus
MessageBoxA
EnableWindow
GetNextDlgGroupItem
SubtractRect
GetUpdateRect
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
GetKeyNameTextA
CreateAcceleratorTableA
LoadAcceleratorsW
SetMenu
GetKeyboardState
ScrollWindow

gdi32

CreateSolidBrush
CreateHatchBrush
CreateRoundRectRgn
PatBlt
GetTextExtentPoint32A
GetTextMetricsA
SetDIBColorTable
GetDIBits
RealizePalette
CreateCompatibleBitmap
CombineRgn
StretchBlt
SetPixel
CreateDIBSection
CreateFontIndirectA
CreateRectRgnIndirect
SetRectRgn
GetMapMode
DPtoLP
OffsetRgn
GetRgnBox
CreateEllipticRgn
CreatePolygonRgn
GetBkColor
GetTextColor
Polyline
Ellipse
Polygon
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
Rectangle
ExtFloodFill
GetObjectType
GetPaletteEntries
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
GetWindowOrgEx
LPtoDP
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
EnumFontFamiliesExA
GetTextFaceA
SetPixelV
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
CreatePen
SetWindowOrgEx
SetViewportOrgEx
ExtTextOutA
RectVisible
SelectPalette
CreateCompatibleDC
CreatePatternBrush
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
GetObjectA
ExtSelectClipRgn
SetBkColor
CopyMetaFileA
GetDeviceCaps
SetTextAlign
SetTextColor
GetStockObject
DeleteDC
Escape
CreateDCA
SetDIBitsToDevice
TextOutA
ScaleWindowExtEx
SetWindowExtEx
SelectObject
DeleteObject
CreatePalette
CreateFontA
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
OffsetWindowOrgEx

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetOpenFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegEnumValueA
RegEnumKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA

shell32

SHGetPathFromIDListA
SHFileOperationA
DragQueryFileA
DragFinish
SHGetFileInfoA
SHAppBarMessage
ShellExecuteA
SHBrowseForFolderA
DragAcceptFiles
SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder

comctl32

InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Create
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Destroy
ImageList_DrawEx

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecA
PathRemoveFileSpecW

ole32

CoUninitialize
CoInitializeSecurity
CoInitializeEx
CreateILockBytesOnHGlobal
CoCreateInstance
CoRevokeClassObject
CoSetProxyBlanket
CoTaskMemFree
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CreateStreamOnHGlobal
CoCreateGuid
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CLSIDFromProgID
StgOpenStorageOnILockBytes
CLSIDFromString
OleLockRunning
CoInitialize
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
OleGetClipboard
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
CoGetClassObject

oleaut32

SysStringLen
SafeArrayDestroy
VarBstrFromDate
VariantCopy
SysAllocStringLen
VariantChangeType
SysAllocStringByteLen
VariantClear
VariantInit
SysFreeString
SysAllocString
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime

oledlg

ord8

gdiplus

GdipCreateBitmapFromScan0
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipDrawImagePointsI
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipCloneImage
GdipAlloc
GdipFree
GdipLoadImageFromFile
GdipDeleteGraphics
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup

ws2_32

FreeAddrInfoW
WSASocketW
getsockopt
WSAIoctl
shutdown
WSARecv
listen
WSASend
WSADuplicateSocketW
WSARecvFrom
WSASetLastError

iphlpapi

GetAdaptersInfo

rpcrt4

UuidFromStringA
UuidFromStringW

virbox32

VBProtectBegin
VBProtectEnd

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 8.9MB - Virtual size: 8.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 660KB - Virtual size: 659KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mark
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 373KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65232b9e24417e45694ed2295f50e71f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wsock32

mpr

psapi

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

ws2_32

iphlpapi

rpcrt4

virbox32

oleacc

imm32

winmm

Sections

.text Size: 8.9MB - Virtual size: 8.9MB

.rdata Size: 660KB - Virtual size: 659KB

.data Size: 56KB - Virtual size: 306KB

.mark Size: 1024B - Virtual size: 1024B

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 373KB - Virtual size: 372KB

.text
Size: 8.9MB - Virtual size: 8.9MB

.rdata
Size: 660KB - Virtual size: 659KB

.data
Size: 56KB - Virtual size: 306KB

.mark
Size: 1024B - Virtual size: 1024B

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 373KB - Virtual size: 372KB