e9b834e3b5e79bd2f72b00daa6dd14bd0ba5a765e2e97a2cb03248073ac72f59

Sharing

Copy URL Twitter E-mail

General

Target

e9b834e3b5e79bd2f72b00daa6dd14bd0ba5a765e2e97a2cb03248073ac72f59
Size

11.1MB
MD5

1e4621d57e1a9eee43106a9bc4457fb6
SHA1

0d8531fa9d6df1e7ac0d3ed009d7fbbda870a998
SHA256

e9b834e3b5e79bd2f72b00daa6dd14bd0ba5a765e2e97a2cb03248073ac72f59
SHA512

ca6ca2be7c630ffcf8eb4e3a64c47a27b5958656a3f5b35ad0ae372df7894429663ff4594e7ac122d01e018de16b8643504f84630c0cb9dd216620a1f0d71bd0
SSDEEP

196608:REUp8BVnPskJdz2VU1OzatXBcWNk0PXoqhwGd5V7KguNBDXKkbyqH:3p8VskJ4V0OO5+N0/oqhNdLuBTKkbym

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ӲMAC.exe

Files

e9b834e3b5e79bd2f72b00daa6dd14bd0ba5a765e2e97a2cb03248073ac72f59
.zip
ʹ÷.txt
ӲMAC.exe
.exe windows:5 windows x64 arch:x64

955c05bdf94272d13e829ad5a692d696

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Administrator\Desktop\macmod源代码\x64\Release\qd.pdb

Imports

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetDriveTypeW
LCMapStringW
CompareStringW
WriteConsoleW
GetConsoleCP
SetHandleCount
GetCurrentDirectoryW
CreateFileW
SetEnvironmentVariableA
GetStringTypeW
GetTimeZoneInformation
IsValidCodePage
GetConsoleMode
GetStdHandle
FlsAlloc
FlsFree
FlsSetValue
FlsGetValue
HeapCreate
GetVersion
HeapSetInformation
RtlCaptureContext
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetFileType
SetStdHandle
HeapSize
HeapQueryInformation
CreateThread
ExitThread
VirtualQuery
GetSystemInfo
SetThreadStackGuarantee
VirtualAlloc
RtlPcToFileHeader
RaiseException
HeapReAlloc
RtlLookupFunctionEntry
RtlUnwindEx
GetStartupInfoW
GetCommandLineA
HeapAlloc
GetSystemTimeAsFileTime
ExitProcess
HeapFree
DecodePointer
EncodePointer
FindResourceExW
VirtualProtect
SearchPathA
GetProfileIntA
GetNumberFormatA
GetWindowsDirectoryA
GetTickCount
GetTempFileNameA
GetOEMCP
GetCPInfo
GetACP
lstrcpyA
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
InitializeCriticalSection
TlsGetValue
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesA
GetFileAttributesExA
FindNextFileA
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalGetAtomNameA
GlobalFindAtomA
GetVersionExA
LoadLibraryW
lstrcmpW
GlobalAddAtomA
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GetPrivateProfileIntA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
CompareStringA
lstrcmpA
GetModuleHandleW
FreeLibrary
GetCurrentProcessId
GlobalFree
GlobalSize
FormatMessageA
LocalFree
lstrlenW
MulDiv
GetFullPathNameA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ActivateActCtx
LoadLibraryA
GetLastError
DeactivateActCtx
SetLastError
GetModuleHandleA
GetProcAddress
lstrcmpiA
lstrlenA
GetThreadLocale
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalAlloc
GlobalUnlock
GlobalLock
GetVolumeInformationA
GetCurrentDirectoryA
CopyFileA
WinExec
SetCurrentDirectoryA
GetTempPathA
WriteFile
CreateFileA
RemoveDirectoryA
DeleteFileA
Sleep
ReadFile
CloseHandle
CreateProcessA
GetStartupInfoA
CreatePipe
FreeResource
FindResourceA
MultiByteToWideChar
GetModuleFileNameA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte

user32

IsRectEmpty
CopyAcceleratorTableA
OffsetRect
CharNextA
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoA
SetRectEmpty
KillTimer
SetTimer
RealChildWindowFromPoint
DeleteMenu
WaitMessage
ReleaseCapture
LoadCursorW
WindowFromPoint
SetCapture
LoadCursorA
GetSysColorBrush
ShowWindow
MoveWindow
IsDialogMessageA
CheckDlgButton
InvalidateRect
DrawStateA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetWindowLongPtrA
SetWindowLongPtrA
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
ShowOwnedPopups
SetCursor
GetMessageA
GetSystemMenu
DispatchMessageA
IsWindowVisible
GetKeyState
PeekMessageA
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
SetRect
CheckMenuItem
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
GetFocus
PtInRect
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
MapVirtualKeyA
GetKeyNameTextA
ReleaseDC
GetDC
CopyRect
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
RegisterWindowMessageA
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
SetWindowRgn
PostQuitMessage
GetWindowThreadProcessId
GetWindowLongA
GetParent
EnableWindow
LoadIconW
SendMessageA
GetWindowRgn
GetLastActivePopup
IsWindowEnabled
MessageBoxA
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
CharUpperA
PostMessageA
SetClipboardData
EmptyClipboard
CloseClipboard
IsClipboardFormatAvailable
OpenClipboard
DestroyCursor
NotifyWinEvent
SubtractRect
MapVirtualKeyExA
IsCharLowerA
GetDoubleClickTime
RedrawWindow
CreateMenu
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
PostThreadMessageA
GetKeyboardState
FindWindowExA
SetWindowTextA
GetWindowTextA
FindWindowA
mouse_event
SetCursorPos
GetCursorPos
GetWindowRect
DrawIcon
GetClientRect
IntersectRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
InflateRect
EnableMenuItem
LoadMenuW
CharUpperBuffA
CopyIcon
IsIconic
GetSystemMetrics
FrameRect
LoadImageW
CopyImage
GetIconInfo
HideCaret
InvertRect
RegisterClipboardFormatA
LockWindowUpdate
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardLayout
ToAsciiEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
SetClassLongPtrA
DestroyAcceleratorTable
SetParent
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadImageA
LoadAcceleratorsA
InsertMenuItemA
BringWindowToTop
TranslateAcceleratorA
UnregisterClassA
DestroyIcon
GetMenuDefaultItem
SetMenuDefaultItem
GetMenuItemInfoA
CreatePopupMenu
IsMenu
DestroyMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
IsZoomed
GetAsyncKeyState
TranslateMessage
GetUpdateRect

gdi32

CreateRectRgn
GetObjectA
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateBitmap
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateDIBitmap
CreateFontIndirectA
CreateCompatibleBitmap
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
GetBkColor
GetTextColor
GetRgnBox
GetTextExtentPoint32A
SetRectRgn
GetMapMode
DPtoLP
CreateRoundRectRgn
CreateDIBSection
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExA
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetTextFaceA
SetPixelV
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
PatBlt
CreateRectRgnIndirect
CreateDCA
CopyMetaFileA
CombineRgn
GetDeviceCaps

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegEnumValueA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA
RegQueryValueA
RegEnumKeyA
RegCreateKeyExA

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetFileInfoA
SHGetPathFromIDListA
ShellExecuteA
SHGetFolderPathA
SHGetSpecialFolderPathA
DragQueryFileA
SHAppBarMessage
DragFinish
SHBrowseForFolderA

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

UrlUnescapeA
PathFindFileNameA
PathFindExtensionA
PathIsUNCA
PathStripToRootA
PathRemoveFileSpecW

ole32

ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoCreateGuid
CLSIDFromProgID
CLSIDFromString
CoUninitialize
CoCreateInstance
CoInitializeEx
CoInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleGetClipboard
DoDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleLockRunning
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop

oleaut32

VariantCopy
VariantInit
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
VariantChangeType
VariantClear
SysAllocStringLen
SysAllocStringByteLen
SafeArrayDestroy
SysFreeString

oledlg

ord8

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup

wininet

InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetQueryDataAvailable
HttpOpenRequestA
InternetOpenUrlA
InternetConnectA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
HttpQueryInfoA

imagehlp

MapFileAndCheckSumA

winmm

PlaySoundA
timeGetTime

iphlpapi

GetAdaptersInfo

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 558KB - Virtual size: 558KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10.9MB - Virtual size: 10.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
修改MAC操作演示视频链接双击打开查看.url
.url

Sharing

General

Malware Config

Signatures

Files

955c05bdf94272d13e829ad5a692d696

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

wininet

imagehlp

winmm

iphlpapi

oleacc

imm32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 558KB - Virtual size: 558KB

.data Size: 34KB - Virtual size: 83KB

.pdata Size: 80KB - Virtual size: 80KB

text Size: 3KB - Virtual size: 2KB

data Size: 2KB - Virtual size: 1KB

.rsrc Size: 10.9MB - Virtual size: 10.9MB

.reloc Size: 104KB - Virtual size: 103KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 558KB - Virtual size: 558KB

.data
Size: 34KB - Virtual size: 83KB

.pdata
Size: 80KB - Virtual size: 80KB

text
Size: 3KB - Virtual size: 2KB

data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 10.9MB - Virtual size: 10.9MB

.reloc
Size: 104KB - Virtual size: 103KB