f00c53df90a52804fdc7c1996689caf62e3520ae9ca70953245f91610df0dd23

Sharing

Copy URL Twitter E-mail

General

Target

f00c53df90a52804fdc7c1996689caf62e3520ae9ca70953245f91610df0dd23
Size

973KB
MD5

1ef745c94111d1060b7d59113340d0c2
SHA1

b37810143d84bd7a8b32cc2e28a24d7c98832be8
SHA256

f00c53df90a52804fdc7c1996689caf62e3520ae9ca70953245f91610df0dd23
SHA512

bc1475eb4f3d8a9fe781baa2b1149ad18fa03c0ac3554f38f43f9fb78e400f4214f5a108fbd52a8aed416f4f48f7cc1f8418621ccf6930447df0fcc31670baf1
SSDEEP

24576:vf3Vb/r993s1zlPMhLLSXKHMHu5EcDgF2/26QmH:n3JfUzl0LSXI5vk2/24

Score

3^/10

qr link

Malware Config

Signatures

One or more HTTP URLs in qr code identified
Detects presence of HTTP links in QR codes.
qr link

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Homedale_v2.13_Single/Homedale_v2.13_Single.exe

Files

f00c53df90a52804fdc7c1996689caf62e3520ae9ca70953245f91610df0dd23
.zip
Homedale_v2.13_Single/Homedale_v2.13_Single.exe
.exe windows:4 windows x86 arch:x86

e698e6d86c68fa9f015ad69329ccc844

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetLocalTime
LocalFileTimeToFileTime
GetDateFormatW
GetTimeFormatW
GetCommandLineW
CreateThread
TerminateThread
GetFileAttributesW
SetErrorMode
GetFileSize
FindClose
FindFirstFileW
CreateFileW
GetCurrentDirectoryW
GetTempPathW
ExpandEnvironmentStringsW
GetSystemDirectoryW
GetWindowsDirectoryW
GetTempFileNameW
SetFileAttributesW
CreateDirectoryW
MoveFileW
FindNextFileW
WritePrivateProfileStringW
GetShortPathNameW
MoveFileExW
RemoveDirectoryW
DeleteFileW
ReadFile
WriteFile
FlushFileBuffers
UnmapViewOfFile
SetFilePointer
GetFileInformationByHandle
DeviceIoControl
SetEndOfFile
MapViewOfFile
CreateFileMappingW
OpenFileMappingW
SetFileTime
GetModuleFileNameW
LocalFree
LocalAlloc
SizeofResource
MulDiv
GetSystemDefaultLangID
GetUserDefaultLangID
GetSystemTime
FreeLibrary
GetProcAddress
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetCommTimeouts
SetupComm
GetCommTimeouts
GetCommState
SetCommState
SetLastError
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetVersionExW
SetUnhandledExceptionFilter
GetThreadSelectorEntry
GetCurrentProcessId
GetVersionExA
CreateEventW
SetEvent
ResetEvent
WaitForMultipleObjectsEx
GetPrivateProfileStringW
GetPrivateProfileStructW
WritePrivateProfileStructW
QueryPerformanceFrequency
QueryPerformanceCounter
GetVolumeInformationW
GetEnvironmentVariableW
GetModuleFileNameA
lstrcpyA
GetTimeZoneInformation
GetVersion
SetFileAttributesA
CreateFileA
GetVolumeInformationA
GetFullPathNameA
FindFirstFileA
FindNextFileA
SetVolumeLabelA
lstrlenA
GetDriveTypeA
GetLocaleInfoA
GetFileAttributesA
GetFileTime
FileTimeToDosDateTime
RtlUnwind
HeapFree
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
RaiseException
TlsSetValue
TlsAlloc
TlsGetValue
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
HeapSize
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
CompareStringA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
IsBadReadPtr
IsBadCodePtr
LoadLibraryA
SetStdHandle
SetEnvironmentVariableA
SystemTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindResourceExW
LoadResource
LockResource
GetLocaleInfoW
FormatMessageW
GetCurrentThreadId
GetTickCount
GetCurrentProcess
TerminateProcess
GetExitCodeProcess
CreateProcessW
CloseHandle
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
GetThreadLocale
GetStringTypeExW
CompareStringW
MultiByteToWideChar
GetLastError
GetProcessHeap
DeleteFileA
CreateDirectoryA
GetCurrentDirectoryA
FreeConsole
Sleep
GetModuleHandleW
lstrlenW
LoadLibraryW

user32

DeleteMenu
GetMenuItemInfoW
SetMenu
GetMenuItemCount
SetMenuInfo
FillRect
ReleaseDC
GetDC
GetDlgCtrlID
OffsetRect
GetWindowDC
FindWindowExW
DrawFocusRect
DrawFrameControl
IsZoomed
RegisterClassW
DrawIconEx
RegisterWindowMessageW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
AdjustWindowRectEx
LoadIconW
MsgWaitForMultipleObjectsEx
DispatchMessageW
TranslateMessage
MsgWaitForMultipleObjects
UnhookWindowsHookEx
LoadBitmapW
WindowFromPoint
RegisterClipboardFormatW
CreateIconIndirect
DrawEdge
GetWindowTextLengthW
CopyRect
DrawMenuBar
RemoveMenu
LoadAcceleratorsW
IsDialogMessageW
TranslateAcceleratorW
TranslateMDISysAccel
GetMessageW
DefFrameProcW
OemToCharA
CharToOemA
CreateDialogIndirectParamW
CreateDialogParamW
DialogBoxIndirectParamW
DialogBoxParamW
LoadStringW
SetClassLongW
GetMenu
InsertMenuItemW
GetFocus
IsWindow
SetWindowPlacement
GetWindowPlacement
MessageBoxW
PeekMessageW
PostQuitMessage
GetParent
ScreenToClient
IsDlgButtonChecked
CheckDlgButton
IsWindowEnabled
EnableWindow
GetDlgItem
MapWindowPoints
GetDlgItemInt
GetDlgItemTextW
SetDlgItemInt
SendDlgItemMessageW
SetCursor
SetWindowTextW
GetSystemMetrics
LoadImageW
SetWindowLongW
GetSysColor
GetKeyState
SendMessageW
DrawTextW
SetWindowPos
DestroyIcon
CharNextW
InvalidateRect
MapDialogRect
EndPaint
FrameRect
GetSysColorBrush
BeginPaint
DefWindowProcW
GetWindowLongW
LoadMenuIndirectW
RemovePropW
SetForegroundWindow
PostMessageW
SystemParametersInfoW
GetWindowRect
DrawAnimatedRects
IsWindowVisible
MoveWindow
SetFocus
KillTimer
SetTimer
GetClientRect
ShowWindow
UpdateWindow
LoadCursorW
RegisterClassExW
CreateWindowExW
SetMenuDefaultItem
SetMenuItemInfoW
CheckMenuItem
EnableMenuItem
GetMenuState
TrackPopupMenu
DestroyMenu
GetForegroundWindow
CreatePopupMenu
LoadMenuW
GetSubMenu
CallWindowProcW
GetPropW
SetPropW
PtInRect
GetMessagePos
GetDoubleClickTime
GetWindowTextW
GetCapture
ReleaseCapture
InflateRect
SetCapture
GetCursorPos
EndDialog
DestroyWindow
SetDlgItemTextW

gdi32

GetDIBits
SetTextColor
PolyPolyline
CreatePen
SelectObject
Polyline
DeleteObject
RestoreDC
GetTextMetricsW
GetTextExtentPoint32W
SetBkColor
RoundRect
SetPolyFillMode
CreateFontW
GetTextFaceW
SaveDC
CreateFontIndirectW
GetObjectW
EnumFontFamiliesExW
DeleteDC
CreateCompatibleBitmap
CreateDIBSection
CreateCompatibleDC
BitBlt
StretchBlt
SetStretchBltMode
Ellipse
GetPixel
GetDeviceCaps
TextOutW
GetBkColor
Rectangle
SetROP2
CreateHatchBrush
GetTextColor
Polygon
ExcludeClipRect
CreateSolidBrush
SetBkMode
GetStockObject

comctl32

ImageList_Destroy
ImageList_GetIcon
ImageList_GetImageCount
ImageList_DrawEx
ImageList_Draw
ord17
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Create

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

winmm

timeGetTime
PlaySoundW

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

advapi32

QueryServiceStatus
RegCreateKeyExW
RegSetKeySecurity
RegCloseKey
EnumDependentServicesW
StartServiceW
OpenServiceW
ControlService
OpenSCManagerW
CloseServiceHandle
GetUserNameW
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyW
CryptDecrypt
CryptDeriveKey
CryptEncrypt
CryptDestroyKey
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptAcquireContextW
CryptReleaseContext
RegEnumValueW
RegEnumKeyExW
RegDeleteKeyW
RegSetValueExW
RegDeleteValueW

shell32

Shell_NotifyIconW
SHGetFileInfoW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteExW
DragQueryFileW

ole32

CLSIDFromProgID
OleRun
CLSIDFromString
StringFromGUID2
CoTaskMemAlloc
CoInitialize
ReleaseStgMedium
CreateStreamOnHGlobal
CoUninitialize
OleSave
OleSetMenuDescriptor
OleSetContainedObject
CoCreateInstance
CoCreateGuid
CoTaskMemFree
OleDraw

oleaut32

SysFreeString
VariantClear
SafeArrayPtrOfIndex
VariantInit
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
SysAllocString

ws2_32

WSACleanup
WSAStartup
inet_ntoa
WSAAddressToStringW

Sections

.text
Size: 484KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Homedale_v2.13_Single/关注微信 - 更多福利.png
.png
- http://weixin.qq.com/r/wii4oJjEU8UsrdzD933Q
Homedale_v2.13_Single/果核剥壳 - 全网更新最快.url
.url

Sharing

General

Malware Config

Signatures

Files

e698e6d86c68fa9f015ad69329ccc844

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

version

winmm

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

Sections

.text Size: 484KB - Virtual size: 480KB

.rdata Size: 64KB - Virtual size: 61KB

.data Size: 76KB - Virtual size: 101KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 484KB - Virtual size: 480KB

.rdata
Size: 64KB - Virtual size: 61KB

.data
Size: 76KB - Virtual size: 101KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB