Sample details: 8e616bb922ffdf2a4af1110e877380e6 --

Hashes
MD5: 8e616bb922ffdf2a4af1110e877380e6
SHA1: 165e34797fd8b11f4300ec88d47d664b7e4e2bf2
SHA256: 42907dadd3f64ee39d7cc6d85022fc5e8f44bb1399a8b05d3b8748f277aa0660
SSDEEP: 24576:NtHPInxHkm9/Ms2YyK99HQLPhdxPeIWBstpmeXG3DvMSKm/Cs5Wda2E:NxIn0s2tK9ZU5DPeJBstUvL66VP
Details
File Type: PE32
Added: 2019-10-09 06:53:28
Yara Hits
YRP/VC8_Microsoft_Corporation | YRP/Microsoft_Visual_Cpp_8 | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasDebugData | YRP/IsBeyondImageSize | YRP/HasRichSignature | YRP/maldoc_find_kernel32_base_method_1 | YRP/domain | YRP/contentis_base64 | YRP/ThreadControl__Context | YRP/anti_dbg | YRP/win_registry | YRP/win_files_operation | YRP/TEAN |
Source
http://wulantuoya.cn/wp-content/themes/JieStyle-Two-master/fonts/2c.jpg
Strings
		!This program cannot be run in DOS mode.
`.rdata
@.data
.gfids
@.rsrc
@.reloc
J+J|t	
j7hprA
URPQQhP6@
;t$,v-
UQPXY]Y[
^$+^8+
<et	<pu
W8^.u:
W8^.u:
rr	jrZ
rr	jrZ
YYh`rA
< t1<	t-
<xt"<Xt
Wj0XPV
WWWPWS
u-PWWS
SSVWh 
f9:t!V
QQSWj0j@
PPPPPWS
PP9E u:PPVWP
PPPPPPPP
v	N+D$
v	N+D$
xicenaperi
kernel32.dll
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
InitializeCriticalSectionEx
__based(
__cdecl
__pascal
__stdcall
__thiscall
__fastcall
__vectorcall
__clrcall
__eabi
__ptr64
__restrict
__unaligned
restrict(
 delete
operator
`vftable'
`vbtable'
`vcall'
`typeof'
`local static guard'
`string'
`vbase destructor'
`vector deleting destructor'
`default constructor closure'
`scalar deleting destructor'
`vector constructor iterator'
`vector destructor iterator'
`vector vbase constructor iterator'
`virtual displacement map'
`eh vector constructor iterator'
`eh vector destructor iterator'
`eh vector vbase constructor iterator'
`copy constructor closure'
`udt returning'
`local vftable'
`local vftable constructor closure'
 new[]
 delete[]
`omni callsig'
`placement delete closure'
`placement delete[] closure'
`managed vector constructor iterator'
`managed vector destructor iterator'
`eh vector copy constructor iterator'
`eh vector vbase copy constructor iterator'
`dynamic initializer for '
`dynamic atexit destructor for '
`vector copy constructor iterator'
`vector vbase copy constructor iterator'
`managed vector copy constructor iterator'
`local static thread guard'
operator "" 
 Type Descriptor'
 Base Class Descriptor at (
 Base Class Array'
 Class Hierarchy Descriptor'
 Complete Object Locator'
`h````
xpxxxx
(null)
[aOni*{
~ $s%r
@b;zO]
v2!L.2
IND)ind)
CorExitProcess
NAN(SNAN)
nan(snan)
NAN(IND)
nan(ind)
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
 !"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
UUUUUU
333333
?333333
?UUUUUU
?$rxxx
UUUUUU
?333333
?333333
?UUUUUU
?$rxxx
RUUUUU
GetCurrentPackageId
LCMapStringEx
LocaleNameToLCID
1#QNAN
1#SNAN
?ZEM-'^
?{yK+;
?765@Z
?e')lW
i^^?(>
Y:/(A6>
_hypot
_nextafter
?5Wg4p
"B <1=
C:\veyojebakawuji-riv neyoyefavobuwotononi vazihenesoniko.pdb
.text$mn
.idata$5
.00cfg
.CRT$XCA
.CRT$XCAA
.CRT$XCZ
.CRT$XIA
.CRT$XIAA
.CRT$XIAC
.CRT$XIC
.CRT$XIZ
.CRT$XLA
.CRT$XLZ
.CRT$XPA
.CRT$XPX
.CRT$XPXA
.CRT$XPZ
.CRT$XTA
.CRT$XTZ
.rdata
.rdata$T
.rdata$sxdata
.rdata$zzzdbg
.rtc$IAA
.rtc$IZZ
.rtc$TAA
.rtc$TZZ
.xdata$x
.idata$2
.idata$3
.idata$4
.idata$6
.tls$ZZZ
.gfids$x
.gfids$y
.rsrc$01
.rsrc$02
GlobalUnlock
LocalAlloc
VirtualProtect
VirtualAllocEx
HeapAlloc
HeapWalk
TerminateProcess
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetThreadContext
LockFile
GetFileSizeEx
RequestDeviceWakeup
GetFileTime
GetSystemTimes
PeekNamedPipe
CreateMailslotW
lstrcmpW
lstrlenA
WriteFileGather
OpenSemaphoreA
LoadLibraryA
LoadLibraryW
GetModuleFileNameW
GetFirmwareEnvironmentVariableW
FindResourceExW
EndUpdateResourceW
WritePrivateProfileSectionW
GetPrivateProfileSectionNamesA
GetCurrentDirectoryW
CreateDirectoryExA
DefineDosDeviceW
GetFileAttributesExW
DeleteFileW
CopyFileA
IsBadStringPtrA
GetDefaultCommConfigA
GetDefaultCommConfigW
OpenJobObjectW
QueryInformationJobObject
SetVolumeMountPointW
ReleaseActCtx
GetCalendarInfoW
SetCalendarInfoA
EnumDateFormatsA
GetUserDefaultLangID
ReadConsoleInputA
AllocConsole
KERNEL32.dll
InSendMessage
IsWindow
LoadBitmapW
LoadStringA
DefFrameProcA
GetMonitorInfoW
USER32.dll
ClearEventLogA
ObjectPrivilegeAuditAlarmW
AreAnyAccessesGranted
DeleteAce
AddAccessDeniedAceEx
SetSecurityDescriptorControl
SetFileSecurityW
GetFileSecurityW
RegCloseKey
RegConnectRegistryW
RegCreateKeyA
RegOpenKeyExA
RegQueryValueA
RegQueryValueExA
RegQueryValueExW
OpenSCManagerA
RegisterServiceCtrlHandlerW
ADVAPI32.dll
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetCurrentProcess
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RtlUnwind
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
GetStdHandle
WriteFile
GetACP
HeapFree
GetFileType
GetStringTypeW
DecodePointer
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetProcessHeap
CloseHandle
SetStdHandle
RaiseException
HeapSize
HeapReAlloc
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
WriteConsoleW
CreateFileW