f24e8458499b42aa8844e3db81c01b9fa3fe02985174c35d8aaf05f939c91688

Sharing

Copy URL

Twitter E-mail

General

Target

f24e8458499b42aa8844e3db81c01b9fa3fe02985174c35d8aaf05f939c91688
Size

183KB
MD5

6dd04d216cf34c3e99e7511c2667d089
SHA1

8d2d1d3a0ed71beb47deaafbdcb07942f63a8551
SHA256

f24e8458499b42aa8844e3db81c01b9fa3fe02985174c35d8aaf05f939c91688
SHA512

c66455ea719d66e53a935e3aec3cd5cc5a9d65b31a13b866f344d35b1648da86b3e6b07cd4c25573f904774866c2ecee4a619cd61a55d2c26ef57d1fe3da9ac3
SSDEEP

3072:s0CdBDcYpD/p3Zg9iCCx312pD5bKCOFM1cXLuoHTnGkzR:3CdFck/ppgpCh8D5eCOMcXBHTGkF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f24e8458499b42aa8844e3db81c01b9fa3fe02985174c35d8aaf05f939c91688

Files

f24e8458499b42aa8844e3db81c01b9fa3fe02985174c35d8aaf05f939c91688
.exe windows:6 windows x86 arch:x86

7d4774a2736c272b7b07ff488576a5df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\project\仿O泡果奶\荤版\Debug\opao.pdb

Imports

kernel32

CreateFileW
GetTempFileNameW
WriteFile
GetTempPathW
CloseHandle
LoadResource
LockResource
SizeofResource
FindResourceW
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
VirtualQuery
GetProcessHeap
HeapFree
HeapAlloc
IsProcessorFeaturePresent
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryW
lstrlenA
LoadLibraryExW
GetProcAddress
GetLastError
RaiseException
IsDebuggerPresent
DecodePointer
EncodePointer
GetTickCount64

user32

MessageBoxW
TranslateMessage
GetMessageW
CreateWindowExW
DispatchMessageW

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysFreeString

msvcp110d

??1_Container_base12@std@@QAE@XZ
?_Debug_message@std@@YAXPB_W0I@Z
??0_Container_base12@std@@QAE@XZ
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
??0id@locale@std@@QAE@I@Z
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z
?_Orphan_all@_Container_base12@std@@QAEXXZ

winmm

mciGetErrorStringW
mciSendStringW

msvcr110d

_CxxThrowException
__CxxFrameHandler3
??_V@YAXPAX@Z
_CrtDbgReportW
_lock
_unlock
_calloc_dbg
__dllonexit
_onexit
wcslen
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_XcptFilter
__crtGetShowWindowMode
_amsg_exit
__getmainargs
__set_app_type
_CrtSetCheckCount
wcscat_s
_exit
_cexit
_ismbblead
_configthreadlocale
__setusermatherr
_initterm_e
_initterm
_CRT_RTC_INITW
_fmode
_commode
_except_handler4_common
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
wcscpy_s
_wmakepath_s
_wsplitpath_s
__crtSetUnhandledExceptionFilter
_invoke_watson
_controlfp_s
memmove
strlen
memcpy
??2@YAPAXI@Z
_purecall
??3@YAXPAX@Z
exit
_acmdln

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d4774a2736c272b7b07ff488576a5df

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

ole32

oleaut32

msvcp110d

winmm

msvcr110d

Sections

.textbss Size: - Virtual size: 64KB

.text Size: 58KB - Virtual size: 57KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 1024B - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 102KB - Virtual size: 102KB

.reloc Size: 3KB - Virtual size: 2KB

.textbss
Size: - Virtual size: 64KB

.text
Size: 58KB - Virtual size: 57KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 1024B - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 102KB - Virtual size: 102KB

.reloc
Size: 3KB - Virtual size: 2KB