1a44d9201479bd2c885728df790f71a7

Sharing

Copy URL

Twitter E-mail

General

Target

1a44d9201479bd2c885728df790f71a7
Size

395KB
MD5

1a44d9201479bd2c885728df790f71a7
SHA1

bb77c50df14fcfba54bb552164867fcf101d7dad
SHA256

180b79bb107985987d6bc14de2ecee7948cb023bc455818100b6521059fdd829
SHA512

43e9d01a789244ca7a1f4bd6ce8c039c3a506c645f9eca0f1acd44a1710907c0cafd83e25b86d5589c6e9534f7b42356ae5808a06794518c55abccdd77ac6991
SSDEEP

12288:nSG1huyKcMGQThuHJ2eUHsYhdWtMuU9RQh9k8e:SUKM0hWHUM6dWyOhKp

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/jmrj/软件杂编/sys/VB40032.DLL
unpack001/jmrj/软件杂编/sys/rjzb1.exe
unpack001/jmrj/软件杂编/开始运行.exe

Files

1a44d9201479bd2c885728df790f71a7
.rar
jmrj/下载说明.htm
.html .js polyglot
jmrj/软件杂编/dat/年代.txt
jmrj/软件杂编/sys/VB40032.DLL
.dll windows:1 windows x86 arch:x86

07bebe0245f57bd5ea8738e7cd4d783f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

msvcrt20

_CIexp
_except_handler3
_adjust_fdiv
_initterm
_onexit
__dllonexit
strtoul
_ultoa
atol
_ltoa
exit
_isatty
memcpy
wcslen
_chdrive
_getdrive
strchr
memmove
getenv
_clearfp
_ftol
_chdir
_errno
_getdcwd
_chmod
strncpy
_access
_getcwd
free
__p__pctype
modf
_splitpath
memchr
floor
_CIpow
_adj_fdivr_m32
_adj_fdiv_r
_adj_fdiv_m32i
_adj_fdivr_m64
_adj_fdiv_m64
_adj_fdiv_m32
__p__environ
__p__wenviron
_wgetenv
qsort
_adj_fpatan
_locking
_close
_lseek
_write
_read
_sopen
rename
_purecall
remove
_rmdir
_mkdir
_findfirst
_findnext
_findclose
__doserrno
_commit
wcstod
strtod
wcspbrk
wcsncmp
_fcvt
_ecvt
_itoa
strstr
toupper
strpbrk
strrchr
iswctype
wcschr
wcscat
_wcsicmp
atoi
wcscmp
wcsncpy
_isctype
__p___mb_cur_max
malloc
wcscpy
_strnicmp
_fpreset
_statusfp
_exit

kernel32

CreateFileMappingA
LocalAlloc
LocalFree
SetHandleCount
GetSystemDirectoryA
SetErrorMode
GetCurrentProcessId
FileTimeToLocalFileTime
Sleep
GetSystemTime
LoadLibraryExA
GlobalDeleteAtom
ExitProcess
UnhandledExceptionFilter
GetStartupInfoA
CloseHandle
SetLocalTime
VirtualProtect
GetVersionExA
SystemTimeToFileTime
FileTimeToSystemTime
GetFileTime
SetFileTime
IsValidCodePage
LoadLibraryW
LCMapStringA
LCMapStringW
CompareStringW
GetUserDefaultLangID
CreateProcessW
RtlUnwind
RaiseException
FormatMessageW
WinExec
GetVersion
GetCurrentProcess
FlushInstructionCache
CompareStringA
lstrcmpiW
MultiByteToWideChar
CreateProcessA
GetUserDefaultLCID
GetLocaleInfoA
FreeResource
WaitForSingleObject
GetExitCodeProcess
VirtualFree
VirtualQuery
VirtualAlloc
GetCurrentThreadId
GlobalSize
WideCharToMultiByte
GetProfileStringA
GetModuleHandleA
GlobalAddAtomA
SearchPathA
GlobalReAlloc
GetFileAttributesA
CreateFileA
GetFullPathNameA
SetLastError
GetFileType
GlobalHandle
SizeofResource
FindResourceA
LoadResource
LockResource
_lwrite
_lread
GetWindowsDirectoryA
GetTempPathA
GetTempFileNameA
_llseek
GetLastError
_lclose
MulDiv
GetPrivateProfileStringA
IsBadReadPtr
SetCurrentDirectoryA
lstrcmpiA
GetTickCount
GetVolumeInformationA
GetDriveTypeA
GetCurrentDirectoryA
GetShortPathNameA
FindFirstFileA
FindClose
GlobalAlloc
lstrcatA
IsDBCSLeadByte
lstrlenA
GlobalFree
GlobalLock
lstrcpyA
GlobalUnlock
lstrcmpA
GetProcAddress
GetModuleFileNameA
LoadLibraryA
GetLocalTime
FreeLibrary
SetFileAttributesA
GetCommandLineA

user32

SendDlgItemMessageA
ClientToScreen
ScreenToClient
GetMessagePos
FillRect
GetMessageTime
ReleaseDC
SetWindowPos
GetClassNameA
GetParent
InvalidateRect
UpdateWindow
SetMenuDefaultItem
DispatchMessageA
GetDoubleClickTime
TrackPopupMenu
UnhookWindowsHookEx
EnableWindow
IsWindow
PostMessageA
CallWindowProcA
GetWindow
CharNextA
InflateRect
DrawFocusRect
CharPrevA
LoadBitmapA
GetWindowTextA
CopyRect
CharLowerA
GetCaretPos
KillTimer
SetCaretPos
GetWindowDC
DestroyIcon
CharUpperA
IsIconic
GetWindowTextLengthA
IsZoomed
SetFocus
DrawMenuBar
DestroyMenu
WinHelpA
DefMDIChildProcA
SetActiveWindow
FindWindowW
CharUpperBuffA
CharUpperBuffW
LoadStringW
SetWindowsHookExW
CharLowerBuffW
VkKeyScanW
GetKeyboardState
keybd_event
SetKeyboardState
GetForegroundWindow
GetWindowLongA
VkKeyScanA
DeferWindowPos
EndDeferWindowPos
MoveWindow
BeginDeferWindowPos
GetClientRect
GetSystemMenu
IsWindowVisible
SetWindowTextA
wsprintfA
WaitForInputIdle
CloseClipboard
EmptyClipboard
OpenClipboard
SetScrollRange
ShowWindow
IsClipboardFormatAvailable
GetKeyState
IsChild
GetCapture
GetFocus
SendMessageA
MapWindowPoints
GetWindowRect
DdeConnect
DdeFreeStringHandle
DdeFreeDataHandle
DdeCreateStringHandleA
DdeNameService
DdeQueryStringA
DdeQueryConvInfo
DdeUninitialize
DdeInitializeA
DdeSetUserHandle
FindWindowA
SetWindowLongA
SetRect
CharToOemA
LoadStringA
UnregisterClassA
SetWindowWord
GetClassLongA
DestroyWindow
GetAsyncKeyState
SetPropA
GetPropA
RemovePropA
GetTabbedTextExtentA
CreateIcon
CreateCursor
EnumClipboardFormats
DestroyCursor
GetCursor
LoadIconA
IsDialogMessageA
IsRectEmpty
CreateDialogParamA
GetLastActivePopup
PostQuitMessage
MessageBeep
DialogBoxParamA
MessageBoxA
DrawIcon
EndDialog
SetDlgItemTextA
CreatePopupMenu
GetMenu
OffsetRect
BringWindowToTop
LoadAcceleratorsA
TranslateMDISysAccel
RegisterClipboardFormatA
GetClipboardFormatNameA
CharToOemBuffA
OemToCharA
ShowCursor
PostThreadMessageA
WaitMessage
CallNextHookEx
SetWindowsHookExA
RegisterWindowMessageA
AttachThreadInput
DdeClientTransaction
DdeAbandonTransaction
DdePostAdvise
DdeCreateDataHandle
DdeGetData
DdeGetLastError
SetCursor
PtInRect
SetMenu
DdeDisconnect
GetUpdateRgn
SetCapture
WindowFromPoint
ReleaseCapture
GetScrollPos
SetParent
SetTimer
LoadCursorA
SetScrollPos
SetCursorPos
GetClipboardData
SetClipboardData
SetForegroundWindow
PeekMessageA
GetCursorPos
CheckMenuItem
ModifyMenuA
GetMenuState
GetMenuItemID
GetDlgItem
GetSubMenu
GetMenuStringA
AppendMenuA
GetMenuItemCount
DeleteMenu
RegisterClassA
DefFrameProcA
TabbedTextOutA
IntersectRect
IsWindowEnabled
TranslateMessage
RemoveMenu
EnableMenuItem
GetActiveWindow
InsertMenuA
GetClassInfoA
DrawTextA
GetDC
CharLowerBuffA
GetSystemMetrics
GetSysColor
FrameRect
ValidateRect
CreateMenu
CreateWindowExA
SetWindowContextHelpId
BeginPaint
EndPaint
DefWindowProcA
GetDesktopWindow
GetWindowThreadProcessId

gdi32

OffsetWindowOrgEx
SaveDC
CreateSolidBrush
GetTextExtentPointA
UnrealizeObject
SetBkColor
CreateHatchBrush
CreatePen
SelectObject
SetTextColor
SetBrushOrgEx
PatBlt
StretchBlt
ExtTextOutA
GetClipBox
RealizePalette
SetBkMode
GetTextMetricsA
GetStockObject
GetViewportExtEx
GetDeviceCaps
SelectPalette
MoveToEx
SetROP2
GetObjectA
RestoreDC
GetROP2
LineTo
CreateCompatibleBitmap
IntersectClipRect
Escape
RoundRect
CreateCompatibleDC
DeleteDC
CombineRgn
Ellipse
CreateDCA
ExcludeClipRect
SetRectRgn
Rectangle
GetWindowExtEx
SetWindowOrgEx
CreateRectRgn
TextOutA
SetAbortProc
BitBlt
EnumFontsA
CreateBrushIndirect
Arc
CreatePenIndirect
SetStretchBltMode
GetPixel
Pie
StretchDIBits
CreateBitmap
GetBitmapBits
CopyEnhMetaFileA
CreatePalette
CopyMetaFileA
CreateDIBitmap
GetPaletteEntries
GetNearestColor
ScaleViewportExtEx
SetViewportExtEx
GetDIBits
SetWindowExtEx
SetMapMode
SetViewportOrgEx
CloseMetaFile
CreateMetaFileA
DeleteMetaFile
SelectClipRgn
CreateRectRgnIndirect
PlayMetaFile
CreateICA
EndDoc
StartPage
EndPage
AbortDoc
ResetDCA
CreatePatternBrush
StartDocA
DeleteObject
GetBkColor

advapi32

RegQueryValueExW
RegDeleteValueW
RegQueryInfoKeyA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyW
RegQueryValueExA
RegCloseKey
RegQueryValueW
RegEnumValueA
RegEnumValueW
RegEnumKeyW
RegDeleteValueA
RegOpenKeyA
RegDeleteKeyW
RegOpenKeyW
RegSetValueExA
RegSetValueExW
RegSetValueW
RegDeleteKeyA
RegEnumKeyA
RegCreateKeyA
RegSetValueA
RegQueryValueA

ole32

OleCreateFromFile
OleQueryCreateFromData
ReadClassStm
OleSaveToStream
CoIsOle1Class
OleDoAutoConvert
OleLoad
OleSave
OleQueryLinkFromData
MkParseDisplayName
CoLockObjectExternal
CreateILockBytesOnHGlobal
OleDuplicateData
CoGetMalloc
RevokeDragDrop
RegisterDragDrop
OleInitialize
OleBuildVersion
BindMoniker
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
OleCreateFromData
OleCreateLinkFromData
OleGetIconOfClass
OleGetClipboard
OleSetClipboard
OleCreateLink
OleCreateLinkToFile
GetClassFile
CLSIDFromProgID
OleGetAutoConvert
IsAccelerator
CoCreateInstance
OleSetMenuDescriptor
OleConvertIStorageToOLESTREAM
OleConvertOLESTREAMToIStorage
ReadClassStg
WriteClassStg
OleRun
CreateBindCtx
OleLockRunning
OleIsCurrentClipboard
OleFlushClipboard
ReleaseStgMedium
OleIsRunning
StgCreateDocfile
CoRegisterMessageFilter
CoRegisterClassObject
CoRevokeClassObject
CLSIDFromString
ProgIDFromCLSID
StringFromCLSID
StringFromGUID2
CoFreeUnusedLibraries
CoGetClassObject
IsValidInterface
CoDisconnectObject
CreateStreamOnHGlobal
OleUninitialize
StgIsStorageILockBytes

oleaut32

RegisterTypeLi
SafeArrayGetLBound
DispInvoke
VariantInit
VariantChangeType
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
VariantClear
SysFreeString
SysAllocStringByteLen
SysStringLen
SysAllocString
SafeArrayDestroy
SysStringByteLen
GetErrorInfo
SysAllocStringLen
SetErrorInfo
CreateErrorInfo
LoadRegTypeLi
LoadTypeLi
CreateDispTypeInfo
DispGetIDsOfNames
OaBuildVersion
VarUI1FromI2
SafeArrayGetUBound
GetActiveObject
VarBstrFromDate
VarBstrFromR4
SafeArrayLock
SafeArrayUnlock
VariantCopy
VariantCopyInd
SafeArrayDestroyDescriptor
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayDestroyData
RevokeActiveObject
VarDateFromStr
VarR8FromStr
VarCyFromStr
VarBstrFromCy
VarI2FromStr
VarCyFromR8
SysReAllocStringLen
SafeArrayPutElement
VariantChangeTypeEx
SafeArrayGetElement
SafeArrayGetDim
SafeArrayRedim
VarCyFromI4
VarBstrFromI2
VarBstrFromI4
VarBstrFromR8
SysReAllocString
VarI4FromStr
VarI4FromR8
VarR4FromStr
VarI2FromI4
VarR4FromR8

olepro32

ord254
ord252
ord248
ord251
ord250
ord253

Exports

Exports

AssignRecord
CopyRecord
CreateIExprSrvObj
DestructRecord
DllFunctionCall
EbGetHandleOfExecutingProject
EbGetObjConnectionCounts
EbGetVBAObject
EbResetProject
EbResetProjectNormal
GetMem1
GetMem2
GetMem4
GetMem8
GetMemNewObj
GetMemObj
GetMemStr
GetMemVar
IID_IVbaHost
IntlInitializeTable
MethCallEngine
ProcCallEngine
PutMem1
PutMem2
PutMem4
PutMem8
PutMemNewObj
PutMemObj
PutMemStr
PutMemVar
SetMemNewObj
SetMemObj
SetMemVar
ThunRTMain
TipCreateInstanceProject
TipGetAddressOfPredeclaredInstance
TipInvokeMethod
TipUnloadProject
UserDllMain
VBDllCanUnloadNow
VBDllGetClassObject
VBDllRegisterServer
VBDllUnRegisterServer
VarPtr
rtBoolFromErrVar
rtBstrFromErrVar
rtCyFromErrVar
rtI2FromErrVar
rtI4FromErrVar
rtR4FromErrVar
rtR8FromErrVar
rtUI1FromErrVar
rtcAbsVar
rtcAnsiValueBstr
rtcAppActivate
rtcAppleScript
rtcArray
rtcAtn
rtcBeep
rtcBstrFromAnsi
rtcBstrFromByte
rtcBstrFromChar
rtcBstrFromError
rtcBstrFromFormatVar
rtcByteValueBstr
rtcCVErrFromVar
rtcChangeDir
rtcChangeDrive
rtcCharValueBstr
rtcChoose
rtcCommandBstr
rtcCommandVar
rtcCompareBstr
rtcCos
rtcCreateObject
rtcCurrentDir
rtcCurrentDirBstr
rtcDDB
rtcDateAdd
rtcDateDiff
rtcDateFromVar
rtcDatePart
rtcDeleteSetting
rtcDir
rtcDoEvents
rtcEndOfFile
rtcEnvironBstr
rtcEnvironVar
rtcErrObj
rtcExp
rtcFV
rtcFileAttributes
rtcFileCopy
rtcFileDateTime
rtcFileLen
rtcFileLength
rtcFileLocation
rtcFileReset
rtcFileSeek
rtcFileWidth
rtcFixVar
rtcFreeFile
rtcGetAllSettings
rtcGetDateBstr
rtcGetDateValue
rtcGetDateVar
rtcGetDayOfMonth
rtcGetDayOfWeek
rtcGetErl
rtcGetFileAttr
rtcGetHourOfDay
rtcGetMinuteOfHour
rtcGetMonthOfYear
rtcGetObject
rtcGetPresentDate
rtcGetProjectLCID
rtcGetSecondOfMinute
rtcGetSetting
rtcGetTimeBstr
rtcGetTimeValue
rtcGetTimeVar
rtcGetTimer
rtcGetYear
rtcHexBstrFromVar
rtcHexVarFromVar
rtcIMEStatus
rtcIPMT
rtcIRR
rtcImmediateIf
rtcInStr
rtcInStrChar
rtcInputBox
rtcInputCharCount
rtcInputCharCountVar
rtcInputCount
rtcInputCountVar
rtcIntVar
rtcIsArray
rtcIsDate
rtcIsEmpty
rtcIsError
rtcIsMissing
rtcIsNull
rtcIsNumeric
rtcIsObject
rtcKillFiles
rtcLeftBstr
rtcLeftCharBstr
rtcLeftCharVar
rtcLeftTrimBstr
rtcLeftTrimVar
rtcLeftVar
rtcLenCharVar
rtcLenVar
rtcLog
rtcLowerCaseBstr
rtcLowerCaseVar
rtcMIRR
rtcMacId
rtcMakeDir
rtcMidBstr
rtcMidCharBstr
rtcMidCharVar
rtcMidVar
rtcMsgBox
rtcNPV
rtcNPer
rtcOctBstrFromVar
rtcOctVarFromVar
rtcPMT
rtcPPMT
rtcPV
rtcPackDate
rtcPackTime
rtcPartition
rtcQBColor
rtcR8ValFromBstr
rtcRandomNext
rtcRandomize
rtcRate
rtcRemoveDir
rtcRgb
rtcRightBstr
rtcRightCharBstr
rtcRightCharVar
rtcRightTrimBstr
rtcRightTrimVar
rtcRightVar
rtcSLN
rtcSYD
rtcSaveSetting
rtcSendKeys
rtcSetDateBstr
rtcSetDateVar
rtcSetFileAttr
rtcSetTimeBstr
rtcSetTimeVar
rtcSgnVar
rtcShell
rtcSin
rtcSpaceBstr
rtcSpaceVar
rtcSqr
rtcStrConvVar
rtcStrFromVar
rtcStringBstr
rtcStringVar
rtcSwitch
rtcTan
rtcTrimBstr
rtcTrimVar
rtcTypeName
rtcUpperCaseBstr
rtcUpperCaseVar
rtcVarBstrFromAnsi
rtcVarBstrFromByte
rtcVarBstrFromChar
rtcVarDateFromVar
rtcVarFromError
rtcVarFromFormatVar
rtcVarFromVar
rtcVarStrFromVar
rtcVarType

Sections

.text
Size: 515KB - Virtual size: 514KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ENGINE
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
jmrj/软件杂编/sys/rjzb1.exe
.exe windows:4 windows x86 arch:x86

f9463d42b709b82750e5a724c8b84a9d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

vb40032

ord617
ord619
ord632
ord648
ord652
ord100
ord187
ord186
ord189
ord188
ord190
ord199
ord518
ord516
ord520
ord528
ord531
ord530
ord533
ord546
ord558
ord553
ord578
ord573
ord581
ord592
ord594
ord593
ord595
ord598
ord607
ord600
ord608
ord613

Sections

.text
Size: 154KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
jmrj/软件杂编/sys/rjzb1.ini
jmrj/软件杂编/开始运行.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
jmrj/软件杂编/联系我们.EML
.eml
email-html-2.txt
.html
email-plain-1.txt
下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

07bebe0245f57bd5ea8738e7cd4d783f

Headers

File Characteristics

Imports

msvcrt20

kernel32

user32

gdi32

advapi32

ole32

oleaut32

olepro32

Exports

Exports

Sections

.text Size: 515KB - Virtual size: 514KB

ENGINE Size: 45KB - Virtual size: 44KB

.bss Size: - Virtual size: 7KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 35KB - Virtual size: 34KB

.idata Size: 15KB - Virtual size: 14KB

.edata Size: 12KB - Virtual size: 11KB

.rsrc Size: 35KB - Virtual size: 34KB

.reloc Size: 35KB - Virtual size: 35KB

f9463d42b709b82750e5a724c8b84a9d

Headers

File Characteristics

Imports

vb40032

Sections

.text Size: 154KB - Virtual size: 156KB

.bss Size: - Virtual size: 4KB

.rsrc Size: 7KB - Virtual size: 8KB

.idata Size: 512B - Virtual size: 4KB

.reloc Size: 5KB - Virtual size: 8KB

Headers

File Characteristics

Sections

CODE Size: 8KB - Virtual size: 8KB

DATA Size: 512B - Virtual size: 124B

BSS Size: - Virtual size: 1KB

.idata Size: 1024B - Virtual size: 680B

.tls Size: - Virtual size: 4B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 1024B - Virtual size: 616B

.rsrc Size: 1024B - Virtual size: 1024B

.text
Size: 515KB - Virtual size: 514KB

ENGINE
Size: 45KB - Virtual size: 44KB

.bss
Size: - Virtual size: 7KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 35KB - Virtual size: 34KB

.idata
Size: 15KB - Virtual size: 14KB

.edata
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 35KB - Virtual size: 34KB

.reloc
Size: 35KB - Virtual size: 35KB

.text
Size: 154KB - Virtual size: 156KB

.bss
Size: - Virtual size: 4KB

.rsrc
Size: 7KB - Virtual size: 8KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: 5KB - Virtual size: 8KB

CODE
Size: 8KB - Virtual size: 8KB

DATA
Size: 512B - Virtual size: 124B

BSS
Size: - Virtual size: 1KB

.idata
Size: 1024B - Virtual size: 680B

.tls
Size: - Virtual size: 4B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 1024B - Virtual size: 616B

.rsrc
Size: 1024B - Virtual size: 1024B