ffdc8c530e88e50b4cf1c880c1db39f3bbe3affef60c66fc9535aff6d19c98d6

Sharing

Copy URL Twitter E-mail

General

Target

ffdc8c530e88e50b4cf1c880c1db39f3bbe3affef60c66fc9535aff6d19c98d6
Size

8.1MB
MD5

9c8c09a627167a4d894eb374bbdd6b90
SHA1

957166b2f79214bdf3762961a7178643d2b19d7b
SHA256

ffdc8c530e88e50b4cf1c880c1db39f3bbe3affef60c66fc9535aff6d19c98d6
SHA512

38bb4f5c751246e8227b351edfa7603de65ba3d2cf74049629450fb8acf29682144c007d6e658da38aaeab062ee812fde2512db2527fe9673e9333d019874cdd
SSDEEP

196608:fVk71UxFe+pfpDRC3JlXG2lXwCeI6Wm1l+1E0SjCjXH1Ad32:9kpUrfpo3JlXG2+I6z+S0SjiXGG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/７１７合击(高端).exe

Files

ffdc8c530e88e50b4cf1c880c1db39f3bbe3affef60c66fc9535aff6d19c98d6
.zip
170过滤.txt
717合击攻略.txt
BOOS提示.txt
经验列表.txt
７１７合击(高端).exe
.exe windows:5 windows x86 arch:x86

abb710b8e3825fbdbf14ac3132f8c2f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutUnprepareHeader

ws2_32

select

kernel32

GetVersionExA
GetVersion
IsDebuggerPresent
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

InvalidateRect

gdi32

FillRgn

winspool.drv

DocumentPropertiesA

advapi32

RegOpenKeyExA

shell32

ShellExecuteA

ole32

OleRun

oleaut32

LHashValOfNameSys

comctl32

ord17

comdlg32

GetFileTitleA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 11.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 432KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wsdun2
Size: - Virtual size: 744KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wsdun2
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp1
Size: - Virtual size: 417KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp2
Size: 8.1MB - Virtual size: 8.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

abb710b8e3825fbdbf14ac3132f8c2f8

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

comdlg32

msvcrt

iphlpapi

psapi

Sections

.text Size: - Virtual size: 1.3MB

.rdata Size: - Virtual size: 11.3MB

.data Size: - Virtual size: 432KB

.vmp0 Size: - Virtual size: 180KB

.wsdun2 Size: - Virtual size: 744KB

.idata Size: - Virtual size: 12KB

.wsdun2 Size: - Virtual size: 4KB

.vmp1 Size: - Virtual size: 417KB

.vmp2 Size: 8.1MB - Virtual size: 8.1MB

.rsrc Size: 160KB - Virtual size: 158KB

.text
Size: - Virtual size: 1.3MB

.rdata
Size: - Virtual size: 11.3MB

.data
Size: - Virtual size: 432KB

.vmp0
Size: - Virtual size: 180KB

.wsdun2
Size: - Virtual size: 744KB

.idata
Size: - Virtual size: 12KB

.wsdun2
Size: - Virtual size: 4KB

.vmp1
Size: - Virtual size: 417KB

.vmp2
Size: 8.1MB - Virtual size: 8.1MB

.rsrc
Size: 160KB - Virtual size: 158KB