39fadd446870cd8c09bb4909808dc7c6190ec85c1e605c5e6f082313486e6824

Sharing

Copy URL Twitter E-mail

General

Target

39fadd446870cd8c09bb4909808dc7c6190ec85c1e605c5e6f082313486e6824
Size

260KB
MD5

cad41a49ac4a8e71cf18faed2044b32d
SHA1

44f6ae04884bcd54da8bc234411d543899f35aef
SHA256

39fadd446870cd8c09bb4909808dc7c6190ec85c1e605c5e6f082313486e6824
SHA512

a1671ab8a7db70c9d32359fe6460c05435da5983650dee03e4a4ae167064ee527fd0830c441d6271c24c5aa8374aec630247b1898dc07cfda6009faa961ca854
SSDEEP

6144:G5Y/SRitAdoyPvpuSlQcwfhUbSzPNfsrjxRwhcH:G5GS0tAd5uSlQVhUkfsrjxRwhcH

Score

N/A

Malware Config

Signatures

Files

39fadd446870cd8c09bb4909808dc7c6190ec85c1e605c5e6f082313486e6824
.rar
打狗菜刀/CCC/aspRwWithJMail.ccc
.vbs
打狗菜刀/CCC/aspSpy.ccc
.vbs
打狗菜刀/CCC/aspx.ccc
.js
打狗菜刀/CCC/php.ccc
打狗菜刀/CCC/phpSpy.ccc
.js
打狗菜刀/Customize/Customize.aspx
.asp .js
打狗菜刀/Customize/Customize.cfm
.vbs
打狗菜刀/Customize/Customize.jsp
.asp .js
打狗菜刀/cache.tmp
打狗菜刀/caidao.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 452KB - Virtual size: 450KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 104KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Silvana
Size: 325B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
打狗菜刀/db.mdb
打狗菜刀/db.tmp
.dll windows x86

3895396628a9f069869ae23ad67028b3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarTstGt
_CIcos
_adj_fptan
__vbaVarMove
__vbaStrI4
__vbaVarVargNofree
__vbaFreeVar
__vbaLenBstr
__vbaStrVarMove
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
ord516
__vbaStrErrVarCopy
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
__vbaLenVar
_adj_fdiv_m32
__vbaAryDestruct
__vbaExitProc
__vbaObjSet
ord595
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaVarIndexLoad
__vbaBoolVarNull
_CIsin
__vbaVarCmpGt
ord632
__vbaChkstk
__vbaStrCmp
__vbaVarTstEq
__vbaAryConstruct2
__vbaObjVar
DllFunctionCall
_adj_fpatan
_CIsqrt
__vbaExceptHandler
ord712
_adj_fprem
_adj_fdivr_m64
ord608
ord716
__vbaFPException
__vbaInStrVar
ord717
__vbaVarCat
ord645
_CIlog
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
ord573
ord681
__vbaFreeStrList
__vbaVarNot
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
__vbaVarSetVar
__vbaLateMemCall
__vbaInStrB
__vbaVarDup
__vbaVarLateMemCallLd
__vbaLateMemCallLd
ord617
_CIatan
__vbaStrMove
ord619
__vbaStrVarCopy
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllMain

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
打狗菜刀/readme.txt
.vbs

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 452KB - Virtual size: 450KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 104KB - Virtual size: 107KB

.rsrc Size: 44KB - Virtual size: 42KB

.Silvana Size: 325B - Virtual size: 4KB

3895396628a9f069869ae23ad67028b3

Headers

File Characteristics

Imports

msvbvm60

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 452KB - Virtual size: 450KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 104KB - Virtual size: 107KB

.rsrc
Size: 44KB - Virtual size: 42KB

.Silvana
Size: 325B - Virtual size: 4KB

.text
Size: 16KB - Virtual size: 15KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 1KB