Tangent_天正T20V7-V10补丁[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Tangent_天正T20V7-V10补丁.exe
Size

16.0MB
MD5

aec808c641f087d47aa1aca6a6f7c8e0
SHA1

cb340ec35becae2e97e3739b09b7ab04f581d423
SHA256

4e19ebf46f4ff4a8d017a67f591e71d6a487efaa91fde3a8275078a61253591c
SHA512

029ad9d3512d3c4893847f63045e26f57222df57f249f3dcaff1c6aa3a72b9981d6db9c7a180b5ddf3c437c10d97ff2140a4676323873d849681eb586a9fbd93
SSDEEP

393216:8QrX0iW93UJ1ERCLN06TlCSSAQ6oRnTtpe1kCsxWySkZXbEJCyRO/c0:fXTW93UrfNTT4udceWxtSoXIJxRO00

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Tangent_天正T20V7-V10补丁.exe

Files

Tangent_天正T20V7-V10补丁.exe
.exe windows:6 windows x64 arch:x64

83100e62002814553a3b1537a6a45e2b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WideCharToMultiByte
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

user32

GetFocus

advapi32

InitializeAcl

shell32

SHBrowseForFolderW

imm32

ImmGetContext

setupapi

SetupDiOpenDeviceInterfaceW

shlwapi

SHDeleteKeyW

wtsapi32

WTSFreeMemory

api-ms-win-shcore-scaling-l1-1-1

GetDpiForMonitor

d3d9

Direct3DCreate9

dwmapi

DwmSetWindowAttribute

uxtheme

ord47

d3d11

D3D11CreateDevice

dxgi

CreateDXGIFactory2

d3d12

ord102

dwrite

DWriteCreateFactory

api-ms-win-core-synch-l1-2-0

WakeByAddressAll

userenv

GetUserProfileDirectoryW

authz

AuthzFreeResourceManager

netapi32

NetApiBufferFree

version

GetFileVersionInfoW

winmm

timeSetEvent

ws2_32

WSAAsyncSelect

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateStringReference

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory

psapi

EnumProcessModules

gdi32

SwapBuffers

comdlg32

GetOpenFileNameW

ole32

DoDragDrop

oleaut32

SysFreeString

api-ms-win-core-winrt-error-l1-1-0

GetRestrictedErrorInfo

api-ms-win-core-winrt-error-l1-1-1

RoOriginateLanguageException

Exports

Exports

qt_startup_hook

Sections

.text
Size: - Virtual size: 12.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 584KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmimed
Size: - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zaas0
Size: - Virtual size: 5.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.zaas1
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zaas2
Size: 16.0MB - Virtual size: 16.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83100e62002814553a3b1537a6a45e2b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

imm32

setupapi

shlwapi

wtsapi32

api-ms-win-shcore-scaling-l1-1-1

d3d9

dwmapi

uxtheme

d3d11

dxgi

d3d12

dwrite

api-ms-win-core-synch-l1-2-0

userenv

authz

netapi32

version

winmm

ws2_32

api-ms-win-core-winrt-string-l1-1-0

api-ms-win-core-winrt-l1-1-0

psapi

gdi32

comdlg32

ole32

oleaut32

api-ms-win-core-winrt-error-l1-1-0

api-ms-win-core-winrt-error-l1-1-1

Exports

Exports

Sections

.text Size: - Virtual size: 12.9MB

.rdata Size: - Virtual size: 4.0MB

.data Size: - Virtual size: 255KB

.pdata Size: - Virtual size: 584KB

.qtmimed Size: - Virtual size: 331KB

_RDATA Size: - Virtual size: 292B

.zaas0 Size: - Virtual size: 5.4MB

.zaas1 Size: 7KB - Virtual size: 6KB

.zaas2 Size: 16.0MB - Virtual size: 16.0MB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: - Virtual size: 12.9MB

.rdata
Size: - Virtual size: 4.0MB

.data
Size: - Virtual size: 255KB

.pdata
Size: - Virtual size: 584KB

.qtmimed
Size: - Virtual size: 331KB

_RDATA
Size: - Virtual size: 292B

.zaas0
Size: - Virtual size: 5.4MB

.zaas1
Size: 7KB - Virtual size: 6KB

.zaas2
Size: 16.0MB - Virtual size: 16.0MB

.rsrc
Size: 5KB - Virtual size: 5KB