beb3b8deed6bd0dd02eaf946c5cbb804d088025754859f9cac332979c2d0cc64

Sharing

Copy URL

Twitter E-mail

General

Target

beb3b8deed6bd0dd02eaf946c5cbb804d088025754859f9cac332979c2d0cc64
Size

1.7MB
MD5

bfc018f18ec341ced8c3522600d80ecb
SHA1

68053fd2563273989e583afd5f9214f18bdcf4f1
SHA256

beb3b8deed6bd0dd02eaf946c5cbb804d088025754859f9cac332979c2d0cc64
SHA512

028808f635f7c3472b5666191b560b183c7710ee21382112acb762be496292658ad009ec2e9557bb41f68bfdb2e33fba1e27d76ff112e5e40bc0989b53774e9e
SSDEEP

49152:yXA68cvw2i9tITfZQf7bSb+giqvK0YTdQIp76gkie8r:8N8cvw2qfWnKJQOve8r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
beb3b8deed6bd0dd02eaf946c5cbb804d088025754859f9cac332979c2d0cc64

Files

beb3b8deed6bd0dd02eaf946c5cbb804d088025754859f9cac332979c2d0cc64
.dll windows:5 windows x86 arch:x86

d4af84d5665e5689b0aa474336c255a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\桌面\`````\购买的登陆器源码\中国龙反作弊系统1.8正版CS获取头像版本\Release\MAE_Protect.pdb

Imports

winmm

timeGetTime

imm32

ImmGetCompositionStringA

opengl32

glPopMatrix

kernel32

FormatMessageW

user32

SendMessageA

gdi32

GetDIBits

advapi32

SystemFunction036

shell32

ShellExecuteA

wininet

InternetCloseHandle

ws2_32

inet_pton

version

GetFileVersionInfoA

gdiplus

GdipBitmapUnlockBits

wintrust

WinVerifyTrust

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Exports

Exports

_DllMain@12

Sections

.text
Size: 767KB - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1007KB - Virtual size: 1008KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4af84d5665e5689b0aa474336c255a1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winmm

imm32

opengl32

kernel32

user32

gdi32

advapi32

shell32

wininet

ws2_32

version

gdiplus

wintrust

msvcrt

iphlpapi

psapi

Exports

Exports

Sections

.text Size: 767KB - Virtual size: 4.8MB

.sedata Size: 1007KB - Virtual size: 1008KB

.idata Size: 1024B - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 767KB - Virtual size: 4.8MB

.sedata
Size: 1007KB - Virtual size: 1008KB

.idata
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB

.sedata
Size: 4KB - Virtual size: 4KB