25041cd32262613adfdcfaaa61e7428f76806d34c1e4adb697270d845ca39b0d

Sharing

Copy URL Twitter E-mail

General

Target

25041cd32262613adfdcfaaa61e7428f76806d34c1e4adb697270d845ca39b0d
Size

6.5MB
MD5

7129848df81a60542e22570d2ac20848
SHA1

b6648e99580c3bea1ad57eade86c812aa4c6338c
SHA256

25041cd32262613adfdcfaaa61e7428f76806d34c1e4adb697270d845ca39b0d
SHA512

656be2194e15def927d54a9a4c37da1f241ecb2ede22eab1976e378045db6c1379b8008e74bf85dd84529375681f41a193f215b0f8ccbc99db663081d8da0224
SSDEEP

98304:8pqN+UwIE9gJa/XnJQgjky7BfZsBFRwot5fPoMkTBIzNggWLYoPK6gZ299pVdvgK:5NLauM7UjfPoMwI2bMoPK6U2ljvbl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25041cd32262613adfdcfaaa61e7428f76806d34c1e4adb697270d845ca39b0d

Files

25041cd32262613adfdcfaaa61e7428f76806d34c1e4adb697270d845ca39b0d
.exe windows:5 windows x86 arch:x86

b3b9989a4335e66de2b73b69b2cce827

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Desktop\主程序 MFC内存加载\主程序 MFC内存加载\Release\homepage.pdb

Imports

kernel32

FindNextFileA
FindFirstFileExW
FindFirstFileExA
SetConsoleCtrlHandler
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
GetStringTypeW
GetFileAttributesExW
CreateProcessW
GetExitCodeProcess
EnumSystemLocalesW
FindNextFileW
LCMapStringW
GetTimeFormatW
GetDateFormatW
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
VirtualQuery
GetSystemInfo
HeapQueryInformation
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
OutputDebugStringW
CreateFileW
WriteConsoleW
IsValidLocale
LeaveCriticalSection
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtectEx
VirtualQueryEx
ExitProcess
TerminateProcess
GetLastError
ReadProcessMemory
WriteProcessMemory
GetThreadContext
SetThreadContext
ResumeThread
ReadFile
CloseHandle
lstrlenA
LoadLibraryA
GetModuleFileNameA
GetModuleHandleA
CreateProcessA
CreateDirectoryA
CreateFileA
CopyFileA
DecodePointer
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
RaiseException
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
OutputDebugStringA
SetLastError
FreeResource
GetModuleFileNameW
GetModuleHandleW
LoadResource
LockResource
GlobalLock
GlobalUnlock
GlobalFree
LoadLibraryW
FindResourceA
SetEvent
WaitForSingleObject
CreateEventA
GetCurrentThreadId
SetThreadPriority
SuspendThread
GetCurrentThread
GetVersionExA
LoadLibraryExW
SizeofResource
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
FindResourceW
MultiByteToWideChar
WideCharToMultiByte
CompareStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GlobalAddAtomA
GetCurrentProcessId
MulDiv
EncodePointer
GetSystemDirectoryW
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
GlobalFlags
InitializeCriticalSection
EnterCriticalSection
FreeLibrary
GlobalSize
LocalFree
FormatMessageA
GetACP
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
GetCurrentDirectoryA
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
DeleteFileA
FindClose
FindFirstFileA
FlushFileBuffers
GetFileSize
GetFullPathNameA
LockFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
GetCurrentProcess
LoadLibraryExA
GetShortPathNameA
lstrcmpiA
MoveFileA
GetVolumeInformationA
GetThreadLocale
GetStringTypeExA
GetAtomNameA
VirtualProtect
GetOEMCP
GetCPInfo
FileTimeToSystemTime
SystemTimeToFileTime
GetWindowsDirectoryA
lstrcpyA
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
LocalFileTimeToFileTime
SetFileAttributesA
SetFileTime
SystemTimeToTzSpecificLocalTime
FindResourceExW
VerSetConditionMask
VerifyVersionInfoA
GetTempPathA
GetTempFileNameA
GetTickCount
GetProfileIntA
SearchPathA
Sleep
GetDiskFreeSpaceA
ReplaceFileA
GetUserDefaultLCID
LocalLock
LocalUnlock
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead

user32

EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
IsRectEmpty
DrawFocusRect
GetNextDlgGroupItem
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
LoadImageA
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
LoadImageW
TrackMouseEvent
GetMenuDefaultItem
CreatePopupMenu
MapDialogRect
GetAsyncKeyState
GetMenuItemInfoA
DestroyMenu
IntersectRect
InflateRect
LoadCursorW
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
CharUpperA
DestroyIcon
InvalidateRect
KillTimer
SetTimer
DeleteMenu
SystemParametersInfoA
CopyImage
GetDialogBaseUnits
OffsetRect
SetRectEmpty
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuState
GetMenuStringA
LoadCursorA
GetSysColorBrush
RealChildWindowFromPoint
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
GetTopWindow
GetClassNameA
GetClassLongA
PtInRect
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowRect
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenuEx
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
HideCaret
GetCapture
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
InvertRect
NotifyWinEvent
MapVirtualKeyA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
GetParent
LoadBitmapW
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
IsDialogMessageA
GetWindow
SetWindowLongA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
ScrollWindowEx
SetFocus
GetDlgCtrlID
SendDlgItemMessageA
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
SetWindowPos
MoveWindow
ShowWindow
GetKeyNameTextA
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongA
SetWindowRgn
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
DrawEdge
DrawFrameControl
IsZoomed
LoadMenuW
GetSystemMenu
SetCursorPos
CopyIcon
CopyAcceleratorTableA
FrameRect
UnionRect
UpdateLayeredWindow
MonitorFromPoint
IsWindow
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongA
GetDesktopWindow
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
IsWindowVisible
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
PostMessageA
PostQuitMessage
ShowOwnedPopups
SetCursor
MessageBoxA
GetWindowThreadProcessId
GetLastActivePopup
UnhookWindowsHookEx
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetDC
GetWindowDC
ReleaseDC
BeginPaint
EndPaint
ClientToScreen
ScreenToClient
GetSysColor
FillRect
GetComboBoxInfo
PostThreadMessageA
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
SendMessageA
IsIconic
EnableWindow
GetSystemMetrics
DrawIcon
GetClientRect
LoadIconW
UnregisterClassA
GetFocus
CheckMenuItem
GetTabbedTextExtentW
GetTabbedTextExtentA
DestroyCursor
GetWindowRgn
WindowFromDC
CreateMenu
InSendMessage
SendNotifyMessageA
SubtractRect
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
EnumChildWindows
GetDCEx
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffA
RegisterClipboardFormatA
ModifyMenuA
GetDoubleClickTime
SetMenuDefaultItem
LockWindowUpdate
SetRect
GetMenu
EnableMenuItem

gdi32

GetTextFaceA
GetTextExtentPoint32W
GetTextExtentPointA
GetTextAlign
GetStretchBltMode
GetPolyFillMode
GetNearestColor
GetBkMode
GetROP2
SetAbortProc
AbortDoc
EndPage
StartPage
EndDoc
DeleteMetaFile
CreateMetaFileA
CloseMetaFile
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
SetPaletteEntries
ExtFloodFill
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
RoundRect
GetCurrentObject
OffsetRgn
GetRgnBox
Rectangle
StretchDIBits
GetCharWidthA
CreateFontA
LPtoDP
CreateRoundRectRgn
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
CreateEllipticRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
GetDIBits
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
GetBkColor
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
EnumFontFamiliesExA
CreateCompatibleBitmap
DPtoLP
SetRectRgn
PatBlt
GetMapMode
CreateRectRgnIndirect
CombineRgn
GetTextMetricsA
GetTextExtentPoint32A
CreateFontIndirectA
CreateDCA
CopyMetaFileA
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
PolylineTo
PolyBezierTo
ExtTextOutA
TextOutA
MoveToEx
GetObjectA
ExtCreatePen
SetArcDirection
SelectClipPath
PolyDraw
ArcTo
StartDocA
SetColorAdjustment
ModifyWorldTransform
SetWorldTransform
EnumMetaFile
PlayMetaFileRecord
SetTextJustification
SetTextAlign
SetTextColor
SetTextCharacterExtra
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetGraphicsMode
SetMapperFlags
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetDeviceCaps
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
CreateCompatibleDC
BitBlt
CreateBitmap

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter
GetJobA

advapi32

SystemFunction036
GetFileSecurityA
SetFileSecurityA
RegEnumKeyExA
RegOpenKeyExW
RegEnumValueA
RegSetValueA
RegQueryValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
StartServiceA
StartServiceCtrlDispatcherA
SetServiceStatus
RegisterServiceCtrlHandlerA
OpenServiceA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegSetValueExA
RegOpenKeyExA
RegOpenKeyA
RegCloseKey

shell32

ShellExecuteA
SHAddToRecentDocs
ExtractIconA
SHGetFileInfoA
SHGetPathFromIDListA
ShellExecuteExA
SHAppBarMessage
SHBrowseForFolderA
SHGetMalloc
DragFinish
DragQueryFileA
SHGetDesktopFolder
SHGetSpecialFolderLocation

shlwapi

PathFindExtensionA
PathFindFileNameA
PathRemoveExtensionA
PathStripToRootA
PathRemoveFileSpecW
StrFormatKBSizeA
PathFileExistsA
PathIsUNCA

uxtheme

GetThemeSysColor
GetWindowTheme
IsAppThemed
GetThemePartSize
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent

ole32

OleLockRunning
OleSetMenuDescriptor
PropVariantCopy
RevokeDragDrop
CLSIDFromProgID
StgCreateDocfile
StgOpenStorage
StgOpenStorageOnILockBytes
StgIsStorageFile
CreateFileMoniker
CreateILockBytesOnHGlobal
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
StgCreateDocfileOnILockBytes
CreateGenericComposite
CreateItemMoniker
WriteClassStm
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleSaveToStream
OleSetContainedObject
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CreateStreamOnHGlobal
CoInitializeEx
CLSIDFromString
StringFromGUID2
CoDisconnectObject
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
WriteClassStg
ReadClassStg
CreateBindCtx
CoTreatAsClass
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
OleGetIconOfClass
GetHGlobalFromILockBytes
OleRun
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleIsRunning
CoGetMalloc
OleQueryLinkFromData
OleQueryCreateFromData
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CoGetClassObject
CoRegisterClassObject
CoRevokeClassObject
CoRegisterMessageFilter

oleaut32

LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
SysStringLen
SysReAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayRedim
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
SysAllocStringByteLen
SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VariantCopy
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarDecFromStr
SysAllocString
SysStringByteLen
VariantChangeType
VariantInit
VariantClear
SysFreeString
SafeArrayGetLBound
SysAllocStringLen

oledlg

ord8

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 2.2MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 495KB - Virtual size: 495KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3b9989a4335e66de2b73b69b2cce827

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 2.2MB - Virtual size: 2.1MB

.rdata Size: 495KB - Virtual size: 495KB

.data Size: 3.6MB - Virtual size: 3.6MB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 111KB - Virtual size: 112KB

.reloc Size: 171KB - Virtual size: 170KB

.text
Size: 2.2MB - Virtual size: 2.1MB

.rdata
Size: 495KB - Virtual size: 495KB

.data
Size: 3.6MB - Virtual size: 3.6MB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 111KB - Virtual size: 112KB

.reloc
Size: 171KB - Virtual size: 170KB