fc3c4c2b71fa92116505e22c0a02e004db76f39f91fa9f444db45faac0f83ee5

Sharing

Copy URL Twitter E-mail

General

Target

fc3c4c2b71fa92116505e22c0a02e004db76f39f91fa9f444db45faac0f83ee5
Size

565KB
MD5

81335da54f6b8715c588fc5fbaec7fc5
SHA1

22ec2d4833cf433780be171e53d154b0e8f5b063
SHA256

fc3c4c2b71fa92116505e22c0a02e004db76f39f91fa9f444db45faac0f83ee5
SHA512

333b5a45167686da9af580252f2da9bb80dc1b5c5be3c699871df382b40c73ed71b4067e81e59da570a31841dc2973483c411ef4f27dc67f4048250aa36adecb
SSDEEP

12288:r1PvIwrBQXq0ZDmBlhCX4XeG37hmkahu8cox1s/tl0IyriCX1fxZkEMfY:rFNraXyBlhfhmkao8c6s/0IyOChafY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/FlowChartStrTool_v1.0.0.9/Debug/FlowChartStrTool.exe

Files

fc3c4c2b71fa92116505e22c0a02e004db76f39f91fa9f444db45faac0f83ee5
.zip
FlowChartStrTool_v1.0.0.9/Cleaner.bat
FlowChartStrTool_v1.0.0.9/Debug/Config/Langs.ini
FlowChartStrTool_v1.0.0.9/Debug/FlowChartStrTool.exe
.exe windows:5 windows x86 arch:x86

3612563442cd174c7a0863a59e04f9c8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\__pkg\2023\_UI\FlowChartStrTool\FlowChartStrTool_v1.0.0.9\Debug\FlowChartStrTool.pdb

Imports

mfc90ud

ord8902
ord1453
ord5779
ord753
ord811
ord5487
ord6142
ord1476
ord486
ord406
ord4899
ord1769
ord3033
ord6466
ord7593
ord2032
ord8780
ord4659
ord2250
ord2251
ord2410
ord2411
ord7203
ord7569
ord2565
ord5863
ord8084
ord5835
ord8633
ord6816
ord7044
ord872
ord2942
ord3761
ord8266
ord5062
ord598
ord5990
ord3231
ord2863
ord286
ord1561
ord8687
ord3258
ord9237
ord4013
ord5948
ord963
ord7029
ord6407
ord2174
ord4426
ord9152
ord291
ord4477
ord2166
ord935
ord6270
ord6271
ord3378
ord6093
ord8111
ord1189
ord1186
ord781
ord2113
ord4156
ord5945
ord5933
ord3402
ord3389
ord442
ord915
ord2126
ord8225
ord9385
ord7456
ord673
ord5281
ord930
ord6164
ord6121
ord9366
ord5738
ord9368
ord6537
ord2906
ord2861
ord8169
ord5747
ord1389
ord7462
ord9297
ord7868
ord5781
ord2716
ord4474
ord7626
ord7628
ord3337
ord5991
ord6804
ord7638
ord7603
ord8152
ord4323
ord6707
ord3140
ord1857
ord5054
ord690
ord6772
ord5530
ord4358
ord3462
ord5841
ord6282
ord9105
ord8553
ord2717
ord2723
ord6879
ord8199
ord9161
ord5195
ord4398
ord961
ord6306
ord8588
ord8926
ord3790
ord292
ord2255
ord2954
ord6440
ord487
ord812
ord5329
ord3377
ord1140
ord7201
ord9073
ord6864
ord5673
ord1133
ord8692
ord9110
ord950
ord4661
ord8783
ord2339
ord2336
ord5987
ord2033
ord6446
ord7538
ord2701
ord7420
ord9365
ord6377
ord7604
ord3245
ord1900
ord2849
ord5197
ord7015
ord6487
ord2307
ord8868
ord7644
ord7642
ord1218
ord1223
ord1227
ord1225
ord1229
ord3551
ord3571
ord3555
ord3561
ord3559
ord3557
ord3574
ord3569
ord3553
ord3576
ord3564
ord3546
ord3548
ord3566
ord3256
ord3243
ord2209
ord9367
ord5739
ord9369
ord5071
ord7299
ord8730
ord4493
ord1968
ord7562
ord2782
ord2385
ord2384
ord2306
ord7590
ord3804
ord4122
ord4320
ord6518
ord4097
ord4348
ord3807
ord3996
ord3796
ord5598
ord5599
ord5589
ord3994
ord5994
ord6712
ord6465
ord3143
ord1860
ord8287
ord427
ord302
ord354
ord2493
ord768
ord701
ord723
ord5294
ord5531
ord6531
ord7400
ord5497
ord4008
ord943
ord1663
ord1408
ord1503

msvcr90d

??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
strlen
_CxxThrowException
fread
_time64
_mktime64
_gmtime64_s
_localtime64_s
__CxxFrameHandler3
_snprintf_s
wcstok_s
_CrtDbgReport
free
strcpy
wcscpy
_vsnprintf_s
_vsnwprintf_s
_snwprintf_s
wcscpy_s
strcpy_s
calloc
_recalloc
memcmp
_wcsicmp
memmove_s
wcslen
_wtol
memset
_wtoi
wcscat_s
_wfopen_s
fclose
wcsncpy_s
_CrtDbgReportW
_invalid_parameter
_errno
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
_invoke_watson
_controlfp_s
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
_CRT_RTC_INITW
_initterm_e
_initterm
_CrtSetCheckCount
_wcmdln
exit
_cexit
_XcptFilter
_exit
__wgetmainargs
_amsg_exit
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
??_V@YAXPAX@Z

kernel32

GetModuleFileNameW
GetPrivateProfileStringW
Sleep
GetTickCount
WritePrivateProfileStringW
lstrlenW
GetLocalTime
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
OpenFileMappingA
GetCurrentThread
CreateFileMappingA
MapViewOfFile
GetSystemInfo
UnmapViewOfFile
VirtualAlloc
GetLastError
OutputDebugStringW
OutputDebugStringA
OpenEventA
SetEvent
CloseHandle
LocalFileTimeToFileTime
DeleteFileW
FileTimeToSystemTime
MulDiv
InterlockedExchange
InterlockedCompareExchange
GetStartupInfoW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
IsDebuggerPresent
RaiseException
DebugBreak
MultiByteToWideChar
lstrlenA
GetProcAddress
LoadLibraryA
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
GetProcessHeap
VirtualQuery
FreeLibrary
FileTimeToLocalFileTime
CreateDirectoryW
UnhandledExceptionFilter

user32

PeekMessageW
GetSystemMetrics
GetMessagePos
CopyRect
IsRectEmpty
PtInRect
SetRect
SetRectEmpty
EqualRect
InflateRect
OffsetRect
IntersectRect
SubtractRect
UnionRect

comctl32

InitCommonControlsEx

shlwapi

PathIsDirectoryW
PathFileExistsW

oleaut32

SysFreeString

msvcp90d

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Debug_message@std@@YAXPB_W0I@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
??1_Container_base_secure@std@@QAE@XZ
?_Orphan_all@_Container_base_secure@std@@QBEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0_Container_base_secure@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

advapi32

RevertToSelf
SetThreadToken
OpenThreadToken

Sections

.textbss
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 186KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlowChartStrTool_v1.0.0.9/Debug/程序/ParamSpec.dat
FlowChartStrTool_v1.0.0.9/Debug/程序/注释.dat
FlowChartStrTool_v1.0.0.9/Debug/程序/界面.txt
.js
FlowChartStrTool_v1.0.0.9/Debug/程序/程序.sj
FlowChartStrTool_v1.0.0.9/FlowChartStrTool.sln
FlowChartStrTool_v1.0.0.9/FlowChartStrTool.suo
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/Debug/BuildLog.htm
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/Debug/FlowChartStrTool.exe.embed.manifest
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/Debug/FlowChartStrTool.exe.embed.manifest.res
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/Debug/FlowChartStrTool.exe.intermediate.manifest
.xml
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/Debug/FlowChartStrTool.res
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/Debug/mt.dep
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/EditListCtrl.cpp
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/EditListCtrl.h
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/FlowChartStrTool.cpp
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/FlowChartStrTool.h
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/FlowChartStrTool.rc
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/FlowChartStrTool.vcproj
.xml
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/FlowChartStrTool.vcproj.LAPTOP-KN66NGKD.TAIKO.user
.xml
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/FlowChartStrToolDlg.cpp
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/FlowChartStrToolDlg.h
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/GeneralFunction.cpp
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/GeneralFunction.h
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/InputDlg.cpp
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/InputDlg.h
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/ReadMe.txt
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/Resource.h
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/res/FlowChartStrTool.ico
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/res/FlowChartStrTool.rc2
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/stdafx.cpp
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/stdafx.h
FlowChartStrTool_v1.0.0.9/FlowChartStrTool/targetver.h
FlowChartStrTool_v1.0.0.9/更新说明.txt

Sharing

General

Malware Config

Signatures

Files

3612563442cd174c7a0863a59e04f9c8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mfc90ud

msvcr90d

kernel32

user32

comctl32

shlwapi

oleaut32

msvcp90d

advapi32

Sections

.textbss Size: - Virtual size: 80KB

.text Size: 186KB - Virtual size: 185KB

.rdata Size: 41KB - Virtual size: 41KB

.data Size: 1KB - Virtual size: 2KB

.idata Size: 8KB - Virtual size: 8KB

.rsrc Size: 30KB - Virtual size: 29KB

.reloc Size: 9KB - Virtual size: 9KB

.textbss
Size: - Virtual size: 80KB

.text
Size: 186KB - Virtual size: 185KB

.rdata
Size: 41KB - Virtual size: 41KB

.data
Size: 1KB - Virtual size: 2KB

.idata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 30KB - Virtual size: 29KB

.reloc
Size: 9KB - Virtual size: 9KB