72d07b3078199fe2927c7a3774f5c774d11f064e073d1534e2abba26eb81d7ca

Sharing

Copy URL

Twitter E-mail

General

Target

72d07b3078199fe2927c7a3774f5c774d11f064e073d1534e2abba26eb81d7ca
Size

3.8MB
MD5

ab95fa1ca55d0df075a87a9ff6b7a3ea
SHA1

e70e903447ad1bdf92ce62d5282809f242a2fb4c
SHA256

72d07b3078199fe2927c7a3774f5c774d11f064e073d1534e2abba26eb81d7ca
SHA512

b31eb6f0221b817f9c305e86c1125e8ce019736f4411d2cfe9e3a8fcbdf0175ce21b1b3d5229277440d0dc87e9c58b5a1218b6079e3855c5492ba4bca3d2fba0
SSDEEP

98304:aXWzLDITmyby4V8e/Of6PnFLOAkGkzdnEVomFHKnP:IwUTmymM/OfoFLOyomFHKnP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72d07b3078199fe2927c7a3774f5c774d11f064e073d1534e2abba26eb81d7ca

Files

72d07b3078199fe2927c7a3774f5c774d11f064e073d1534e2abba26eb81d7ca
.exe windows:5 windows x86 arch:x86

8a401d1ce03e2e1ebbaf4ed345e3bfd3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\CYC\装机大师_ventoy_merge\系统装机大师\bin\安装包\ApplicationInstallWizardOnlinePro.pdb

Imports

kernel32

GlobalHandle
LocalAlloc
LocalReAlloc
GetCurrentDirectoryW
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
DeleteFileW
CreateFileW
FindClose
FindFirstFileW
FlushFileBuffers
GetFileSize
GetFullPathNameW
GetVolumeInformationW
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
GetCurrentProcess
FileTimeToSystemTime
SystemTimeToFileTime
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesW
GetFileAttributesExW
GetFileSizeEx
GetFileTime
SetFileAttributesW
GetCommandLineW
RtlUnwind
ExitProcess
GetModuleHandleExW
AreFileApisANSI
ExitThread
IsDebuggerPresent
IsProcessorFeaturePresent
TlsAlloc
GetStdHandle
GetFileType
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetTickCount
IsValidCodePage
GetOEMCP
GetCPInfo
GetConsoleCP
GetConsoleMode
SetFilePointerEx
SetConsoleCtrlHandler
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStringTypeW
SetStdHandle
WriteConsoleW
ReadConsoleW
SetEnvironmentVariableA
CreateFileA
FindResourceA
MoveFileExW
GetModuleFileNameA
OpenFile
SystemTimeToTzSpecificLocalTime
GlobalReAlloc
GetDriveTypeA
FindFirstFileA
GetDriveTypeW
GetSystemDirectoryA
GetSystemInfo
GetVolumeInformationA
DeviceIoControl
GetDiskFreeSpaceExA
PeekNamedPipe
InterlockedDecrement
GetLocalTime
InterlockedCompareExchange
InterlockedExchange
InitializeCriticalSection
FormatMessageW
MulDiv
LocalFree
GlobalFindAtomW
LoadLibraryA
GetSystemDirectoryW
EncodePointer
GetCurrentProcessId
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GlobalFree
GlobalUnlock
FreeResource
FindResourceW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
SizeofResource
LockResource
LoadResource
LoadLibraryExW
FreeLibrary
GetVersionExW
GetCurrentThreadId
GetCurrentThread
LoadLibraryW
GetProcAddress
GetModuleHandleA
GetModuleFileNameW
SetLastError
OutputDebugStringA
GetACP
WideCharToMultiByte
MultiByteToWideChar
TlsFree
TlsSetValue
TlsGetValue
FindFirstFileExW
GetFileInformationByHandle
SleepEx
FormatMessageA
WaitForMultipleObjects
ExpandEnvironmentStringsA
GetSystemTime
GlobalMemoryStatus
FlushConsoleInputBuffer
ReadConsoleInputA
CreateProcessW
WinExec
CreateThread
WaitForSingleObject
DeleteCriticalSection
DecodePointer
HeapSize
RaiseException
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection
Sleep
OutputDebugStringW
GetLastError
CreateMutexW
CloseHandle
HeapQueryInformation
GetModuleHandleW
SetConsoleMode

user32

RegisterClassExW
GetWindowRgn
DestroyCaret
IsZoomed
SetWindowRgn
GetCaretPos
RemovePropW
GetPropW
SetPropW
RedrawWindow
SetForegroundWindow
GetForegroundWindow
UpdateWindow
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
IsDialogMessageW
GetWindow
SetWindowLongW
GetWindowTextW
SetWindowTextW
SetFocus
GetDlgCtrlID
MoveWindow
ShowWindow
GetLastActivePopup
GetWindowThreadProcessId
SetCursor
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
GetKeyState
IsWindowVisible
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
GetDesktopWindow
GetWindowLongW
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
IsWindow
UnhookWindowsHookEx
PostQuitMessage
GetParent
SendDlgItemMessageA
MessageBoxW
UnregisterClassW
SetRect
DestroyMenu
CharUpperW
DestroyIcon
PostMessageW
KillTimer
SetTimer
SendMessageW
MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation
EnableWindow
IsIconic
GetSysColorBrush
GetSystemMetrics
InvalidateRect
GetAsyncKeyState
SetWindowPos
EndPaint
BeginPaint
OffsetRect
IntersectRect
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetClientRect
RealChildWindowFromPoint
SystemParametersInfoW
LoadCursorW
WindowFromPoint
ClientToScreen
ReleaseCapture
SetCapture
GetMonitorInfoW
MonitorFromWindow
WinHelpW
LoadIconW
GetTopWindow
GetClassNameW
GetClassLongW
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect

shlwapi

PathFileExistsA
PathIsDirectoryW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathIsRootA

gdiplus

GdipResetClip
GdipCreatePen1
GdipDeletePen
GdipDrawPath
GdipDeletePath
GdipSetClipPath
GdipGetImageWidth
GdipCreateBitmapFromFile
GdipCreateHBITMAPFromBitmap
GdipLoadImageFromStream
GdipCreateSolidFill
GdipDeleteBrush
GdipFillPath
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipCreateFont
GdipDeleteFont
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetTextRenderingHint
GdipDrawString
GdipCreatePath
GdipAddPathArcI
GdipAddPathLineI
GdipClosePathFigure
GdiplusStartup
GdipAddPathRectangleI
GdipAddPathEllipseI
GdipResetPath
GdipDrawImageRectRect
GdipSetSmoothingMode
GdipDisposeImage
GdipCloneImage
GdipAlloc
GdipFree
GdipDeleteGraphics
GdipCreateFromHDC
GdipGetImageHeight

ws2_32

ioctlsocket
closesocket
connect
recv
gethostbyname
send
select
WSACleanup
setsockopt
shutdown
inet_addr
WSAGetLastError
gethostname
sendto
recvfrom
listen
accept
freeaddrinfo
getaddrinfo
ntohs
getsockopt
getsockname
getpeername
bind
WSASetLastError
__WSAFDIsSet
htons
WSAStartup
socket

oleacc

LresultFromObject
CreateStdAccessibleObject

imagehlp

MakeSureDirectoryPathExists

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA

gdi32

LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectObject
SetBkMode
SetMapMode
GetStockObject
GetClipBox
Escape
DeleteDC
CreateRectRgn
CreatePen
CreateCompatibleDC
BitBlt
DeleteObject
GetDeviceCaps
GetObjectW
SetTextColor
CreateBitmap
CreateRoundRectRgn
SetPixel
PtInRegion
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetTextExtentPoint32W
CreateCompatibleBitmap
CreateFontW
EnumFontFamiliesExW
GetDIBits
CreateDIBSection
SetBkColor

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCloseKey
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
RegOpenKeyExW
DeregisterEventSource
ReportEventA
RegisterEventSourceA

shell32

SHGetSpecialFolderPathA
ShellExecuteW
DragQueryFileW
DragAcceptFiles

ole32

CoCreateInstance
CoInitialize
CoTaskMemFree
CoCreateGuid
CoUninitialize
CoInitializeEx
CoSetProxyBlanket
CoInitializeSecurity
CreateStreamOnHGlobal

oleaut32

VariantChangeType
VariantClear
VariantInit
SysAllocString
SysFreeString
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayPutElement
SafeArrayGetUBound

msimg32

AlphaBlend

comctl32

_TrackMouseEvent

imm32

ImmSetCompositionWindow
ImmGetContext
ImmReleaseContext

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 411KB - Virtual size: 410KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a401d1ce03e2e1ebbaf4ed345e3bfd3

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

shlwapi

gdiplus

ws2_32

oleacc

imagehlp

wininet

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

msimg32

comctl32

imm32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 411KB - Virtual size: 410KB

.data Size: 98KB - Virtual size: 124KB

.rsrc Size: 1.7MB - Virtual size: 1.7MB

.reloc Size: 106KB - Virtual size: 105KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 411KB - Virtual size: 410KB

.data
Size: 98KB - Virtual size: 124KB

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

.reloc
Size: 106KB - Virtual size: 105KB