63676a97cc8d5ca6ac1f5022dc9848c1

Sharing

Copy URL Twitter E-mail

General

Target

63676a97cc8d5ca6ac1f5022dc9848c1
Size

5.4MB
MD5

63676a97cc8d5ca6ac1f5022dc9848c1
SHA1

b5aeb06587dc54622a13a0f243a437848476a8f6
SHA256

9db66124b379798d45426d3dfb5ba5f182685dbc7b465c3d4793b41bf3ef7d85
SHA512

047e5def0081120c39f6545ce94c1ee88f6c6aa1988ae5527602cc1c57dd655dd2fea8396c62e20389eb8de9983344632029c0ca23e189776a172aae2bc127c3
SSDEEP

98304:dUH9Jx9ALB/GjWNnFRqh6vHLKsvx31hDbZBpi3b0HONd46aAGW:yH9lAg6nFRyg9nhxBKb0HONditW

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/jjbxb/jiajiabx.exe
unpack001/jjbxb/jjbx.ime
unpack001/jjbxb/jjbx64.ime
unpack001/jjbxb/卸载.exe
unpack001/jjbxb/安装.exe

Files

63676a97cc8d5ca6ac1f5022dc9848c1
.rar
jjbxb/about.htm
.html
jjbxb/background.bmp
jjbxb/bd/abc.txt
jjbxb/bd/jiajia.txt
jjbxb/bd/weiruanpy.txt
jjbxb/bd/ziguanpy.txt
jjbxb/bd0.txt
jjbxb/bd1.txt
jjbxb/bd2.txt
jjbxb/bd3.txt
jjbxb/bd4.txt
jjbxb/bd5.txt
jjbxb/bd6.txt
jjbxb/bd7.txt
jjbxb/bihua.bin
jjbxb/button.bmp
jjbxb/clc.bin
jjbxb/dz.bin
jjbxb/fh0.txt
jjbxb/fh1.txt
jjbxb/fh2.txt
jjbxb/fh3.txt
jjbxb/fh4.txt
jjbxb/fh5.txt
jjbxb/fh6.txt
jjbxb/fh7.txt
jjbxb/fzm.bin
jjbxb/jiajiabx.exe
.exe windows:4 windows x86 arch:x86

8fafd786a2dc7319acabd6f1ab2d71b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmInstallIMEW

sensapi

IsNetworkAlive

kernel32

SetFilePointer
GetFileTime
GetFileSize
GetFileAttributesW
FileTimeToSystemTime
FileTimeToLocalFileTime
CreateFileW
MoveFileW
DeleteFileW
DuplicateHandle
GetCurrentProcess
SetEndOfFile
ReadFile
WriteFile
LockFile
UnlockFile
FlushFileBuffers
MultiByteToWideChar
WideCharToMultiByte
CreateDirectoryW
LCMapStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
LocalFree
lstrlenA
InterlockedDecrement
InterlockedIncrement
CreateThread
lstrcpyW
lstrcpyA
GetVersionExW
GetSystemDirectoryW
GetDriveTypeW
GetTickCount
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
InterlockedExchange
Sleep
SetProcessWorkingSetSize
GetFileAttributesExW
FindNextFileW
GetProcAddress
GetModuleHandleW
GetCommandLineW
GetCurrentThreadId
SetLastError
FlushInstructionCache
LockResource
FindResourceExW
GetProcessHeap
LoadLibraryA
GetSystemDirectoryA
HeapReAlloc
HeapFree
HeapAlloc
FreeLibrary
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
RaiseException
CreateFileA
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
RtlUnwind
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringA
FindClose
FindFirstFileW
GetVolumeInformationW
GetFullPathNameW
lstrcmpiW
GetModuleFileNameW
lstrlenW
GetLastError
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateMutexW
CloseHandle
WaitForSingleObject
InterlockedCompareExchange
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
HeapDestroy
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetOEMCP
GetCPInfo
HeapSize
GetACP
GetLocaleInfoA
GetThreadLocale
GetSystemTimeAsFileTime
VirtualProtect
GetModuleHandleA
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapCreate
GetTimeZoneInformation
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
VirtualQuery
GetSystemInfo
GetVersionExA

user32

UnregisterClassA
FindWindowW
SendMessageW
MessageBoxW
PostMessageW
UnloadKeyboardLayout
FindWindowExW
RegisterWindowMessageW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
DefWindowProcW
DestroyWindow
RegisterClassExW
GetClassInfoExW
LoadCursorW
CreateWindowExW
GetWindowLongW
CallWindowProcW
SetWindowLongW
PostQuitMessage
SetTimer
CharUpperW
CharNextW
LoadIconW
DestroyIcon
KillTimer

comdlg32

GetFileTitleW

advapi32

RegOpenKeyExW
GetNamedSecurityInfoW
RegCreateKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
GetUserNameW
RegSetValueExW
RegCreateKeyW
RegQueryValueExW
RegCloseKey
RegDeleteValueW
AllocateAndInitializeSid
SetNamedSecurityInfoW
SetEntriesInAclW
FreeSid

shell32

Shell_NotifyIconW
ShellExecuteW

ole32

CoCreateInstance
CoInitialize
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize

oleaut32

VarUI4FromStr

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW

ws2_32

WSAStartup
WSACloseEvent
closesocket
WSASend
WSAEnumNetworkEvents
WSAConnect
WSAEventSelect
WSASetEvent
WSACreateEvent
WSASocketW
WSASetLastError
gethostbyaddr
ntohs
getservbyport
gethostbyname
inet_ntoa
htonl
inet_addr
getservbyname
htons
WSAGetOverlappedResult
WSAGetLastError
WSARecv
WSAResetEvent
WSACleanup

Sections

.text
Size: 240KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
jjbxb/jj_biaod.htm
.html
jjbxb/jjbx.ime
.dll windows:4 windows x86 arch:x86

8190aaa05a848b49f8c39a3521426aed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

imm32

ImmGetCompositionFontW
ImmAssociateContext
ImmLockIMC
ImmCreateIMCC
ImmGetIMCCSize
ImmReSizeIMCC
ImmGenerateMessage
ImmLockIMCC
ImmUnlockIMCC
ImmUnlockIMC

kernel32

WideCharToMultiByte
GlobalFree
GlobalHandle
FindClose
FindFirstFileW
GetVolumeInformationW
GetFullPathNameW
CompareStringW
lstrcpynW
lstrcmpiW
GetModuleFileNameW
WinExec
CreateFileW
GetSystemDirectoryW
Sleep
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetPrivateProfileStringW
FindNextFileW
lstrcpyA
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
GetStartupInfoA
SetHandleCount
GetTimeZoneInformation
GetModuleFileNameA
GetStdHandle
ExitProcess
TlsFree
TlsSetValue
TlsAlloc
CopyFileW
GetModuleHandleA
GetOEMCP
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
SetUnhandledExceptionFilter
HeapCreate
GetCommandLineA
GetFileType
SetStdHandle
RtlUnwind
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
lstrlenA
MulDiv
MultiByteToWideChar
SetLastError
DuplicateHandle
GetFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FileTimeToLocalFileTime
FileTimeToSystemTime
FlushFileBuffers
UnlockFile
LockFile
WriteFile
SetEndOfFile
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CompareStringA
GetSystemTimeAsFileTime
SetEnvironmentVariableA
SetFilePointer
InterlockedDecrement
InterlockedIncrement
GlobalLock
GlobalUnlock
GetCurrentThreadId
CloseHandle
GetTickCount
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcpyW
GlobalAlloc
GetVersionExW
lstrlenW
lstrcmpW
GetCurrentProcess
FlushInstructionCache
GetFileAttributesW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
ReadFile
GetFileSize
GetLastError
TlsGetValue

user32

GetFocus
DrawFocusRect
FillRect
CallWindowProcW
GetDlgCtrlID
IsWindowEnabled
GetDC
CharNextW
DrawTextW
CharUpperW
DialogBoxIndirectParamW
SetRectEmpty
GetClassInfoExW
RegisterClassExW
MessageBoxW
GetSysColor
ReleaseDC
GetWindowDC
DialogBoxParamW
MoveWindow
EndPaint
BeginPaint
MessageBeep
SetFocus
SetDlgItemTextW
SetDlgItemInt
SendDlgItemMessageW
GetDlgItemInt
EnableWindow
FindWindowExW
MapDialogRect
EndDialog
GetParent
InvalidateRgn
RedrawWindow
IsChild
GetDesktopWindow
DestroyAcceleratorTable
CreateAcceleratorTableW
GetActiveWindow
FindWindowW
keybd_event
CallNextHookEx
SetWindowsHookExW
TrackPopupMenuEx
RegisterClassW
LoadIconW
LoadImageW
RegisterWindowMessageW
GetClientRect
MapWindowPoints
SetWindowContextHelpId
GetDlgItem
GetWindow
LoadCursorW
SetCursor
UpdateWindow
TrackMouseEvent
GetWindowTextLengthW
GetSubMenu
ReleaseCapture
CreateWindowExW
GetCapture
SetCapture
GetCursorPos
ScreenToClient
GetMenuStringW
DestroyMenu
RemoveMenu
InsertMenuW
EnableMenuItem
CheckMenuItem
LoadMenuW
GetWindowRect
SetWindowRgn
GetCaretPos
ClientToScreen
LoadBitmapW
CopyRect
PtInRect
ShowWindow
SetWindowPos
GetKeyState
PostMessageW
UnregisterClassW
SetTimer
KillTimer
IsWindowVisible
InvalidateRect
SetWindowLongW
DefWindowProcW
DestroyWindow
SendMessageW
UnhookWindowsHookEx
GetAncestor
GetWindowLongW
GetWindowTextW
SetWindowTextW
IsWindow
SystemParametersInfoW
MonitorFromPoint
GetMonitorInfoW
GetClassNameW
OffsetRect
UnregisterClassA

gdi32

SelectObject
DeleteObject
CreateFontW
CreateDCW
CreateRoundRectRgn
MaskBlt
ExtTextOutW
CreateBitmap
CreateCompatibleDC
GetTextExtentPoint32W
CreateCompatibleBitmap
SetBkMode
SetTextColor
TextOutW
FillRgn
FrameRgn
ExtSelectClipRgn
PatBlt
CreateSolidBrush
GetMapMode
SetMapMode
GetViewportExtEx
GetWindowExtEx
GetDeviceCaps
RectVisible
GetObjectW
CreateFontIndirectW
GetStockObject
DeleteDC
BitBlt
SetBkColor

comdlg32

GetSaveFileNameW
GetOpenFileNameW
ChooseFontW
ChooseColorW
GetFileTitleW

advapi32

RegSetValueExW
RegCreateKeyW
RegOpenKeyExW
RegQueryValueExW
GetUserNameW
RegCloseKey

shell32

ShellExecuteW

ole32

OleLockRunning
StringFromGUID2
CoGetClassObject
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CLSIDFromProgID
CLSIDFromString
CoTaskMemAlloc
CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

LoadTypeLi
SysStringLen
SysFreeString
SysAllocStringLen
SysAllocString
LoadRegTypeLi
OleCreateFontIndirect
SysStringByteLen
VariantClear
VariantInit
OleLoadPicture

shlwapi

PathRemoveExtensionW
PathIsUNCW
PathStripToRootW
PathFindFileNameW

comctl32

_TrackMouseEvent
CreatePropertySheetPageW
ord17
PropertySheetW
DestroyPropertySheetPage

Exports

Exports

ImeConfigure
ImeConversionList
ImeDestroy
ImeEnumRegisterWord
ImeEscape
ImeGetRegisterWordStyle
ImeInquire
ImeProcessKey
ImeRegisterWord
ImeSelect
ImeSetActiveContext
ImeSetCompositionString
ImeToAsciiEx
ImeUnregisterWord
NotifyIME

Sections

.text
Size: 231KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
jjbxb/jjbx64.ime
.dll windows:4 windows x64 arch:x64

704faa705f58dd4a81cfa331a49c247e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

imm32

ImmGetCompositionFontW
ImmAssociateContext
ImmLockIMC
ImmCreateIMCC
ImmGetIMCCSize
ImmReSizeIMCC
ImmGenerateMessage
ImmLockIMCC
ImmUnlockIMCC
ImmUnlockIMC

kernel32

GlobalFree
GlobalHandle
FindClose
FindFirstFileW
GetVolumeInformationW
GetFullPathNameW
CompareStringW
lstrcpynW
lstrcmpiW
GetModuleFileNameW
WinExec
CreateFileW
GetSystemDirectoryW
Sleep
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetPrivateProfileStringW
FindNextFileW
lstrcpyA
GetCurrentProcessId
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
GetStartupInfoA
SetHandleCount
GetTimeZoneInformation
GetModuleFileNameA
GetStdHandle
ExitProcess
RtlVirtualUnwind
FlsAlloc
TlsSetValue
FlsFree
TlsFree
WideCharToMultiByte
FlsGetValue
GetModuleHandleA
GetProcAddress
GetOEMCP
GetCPInfo
RtlCaptureContext
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
SetUnhandledExceptionFilter
HeapCreate
HeapSetInformation
GetCommandLineA
FlsSetValue
GetFileType
SetStdHandle
RtlUnwindEx
RtlLookupFunctionEntry
RtlPcToFileHeader
HeapSize
HeapReAlloc
HeapDestroy
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
GetProcessHeap
HeapAlloc
HeapFree
InterlockedPushEntrySList
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
CopyFileW
lstrlenA
MulDiv
MultiByteToWideChar
SetLastError
DuplicateHandle
LCMapStringW
GetStringTypeA
GetStringTypeW
LoadLibraryA
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FlushFileBuffers
UnlockFile
LockFile
WriteFile
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
CreateFileA
CompareStringA
SetEnvironmentVariableA
SetEndOfFile
SetFilePointer
GlobalLock
GlobalUnlock
GetCurrentThreadId
CloseHandle
GetTickCount
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcpyW
GlobalAlloc
GetVersionExW
lstrlenW
lstrcmpW
GetCurrentProcess
FlushInstructionCache
GetFileAttributesW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
__C_specific_handler
LeaveCriticalSection
EnterCriticalSection
RaiseException
ReadFile
GetFileSize
GetLastError

user32

GetFocus
DrawFocusRect
FillRect
GetDlgCtrlID
IsWindowEnabled
OffsetRect
GetDC
CharNextW
DrawTextW
CharUpperW
DialogBoxIndirectParamW
SetRectEmpty
GetSysColor
DialogBoxParamW
MoveWindow
RegisterClassExW
MessageBoxW
RegisterWindowMessageW
ReleaseDC
GetWindowDC
EndPaint
BeginPaint
MessageBeep
SetFocus
SetDlgItemTextW
SetDlgItemInt
SendDlgItemMessageW
GetDlgItemInt
InvalidateRgn
RedrawWindow
IsChild
GetDesktopWindow
DestroyAcceleratorTable
CreateAcceleratorTableW
GetActiveWindow
FindWindowW
keybd_event
CallNextHookEx
SetWindowsHookExW
TrackPopupMenuEx
RegisterClassW
LoadIconW
LoadImageW
GetClassInfoExW
EnableWindow
FindWindowExW
MapDialogRect
EndDialog
GetParent
GetClientRect
MapWindowPoints
SetWindowContextHelpId
GetDlgItem
GetWindow
LoadCursorW
SetCursor
UpdateWindow
TrackMouseEvent
SetWindowLongW
GetWindowTextLengthW
GetSubMenu
ReleaseCapture
CreateWindowExW
GetCapture
SetCapture
GetCursorPos
ScreenToClient
GetMenuStringW
DestroyMenu
RemoveMenu
InsertMenuW
EnableMenuItem
CheckMenuItem
LoadMenuW
GetWindowRect
SetWindowRgn
GetCaretPos
ClientToScreen
LoadBitmapW
CopyRect
PtInRect
ShowWindow
SetWindowLongPtrW
SetWindowPos
GetKeyState
PostMessageW
UnregisterClassW
SetTimer
KillTimer
IsWindowVisible
InvalidateRect
GetWindowLongPtrW
DefWindowProcW
DestroyWindow
SendMessageW
UnhookWindowsHookEx
GetAncestor
GetWindowLongW
GetWindowTextW
SetWindowTextW
IsWindow
SystemParametersInfoW
MonitorFromPoint
GetMonitorInfoW
GetClassNameW
CallWindowProcW
UnregisterClassA

gdi32

ExtTextOutW
MaskBlt
SetBkColor
DeleteDC
GetTextExtentPoint32W
SelectObject
DeleteObject
CreateFontW
CreateDCW
CreateBitmap
CreateCompatibleBitmap
SetBkMode
SetTextColor
TextOutW
FillRgn
FrameRgn
ExtSelectClipRgn
PatBlt
CreateSolidBrush
GetMapMode
SetMapMode
GetViewportExtEx
GetWindowExtEx
GetDeviceCaps
RectVisible
GetObjectW
CreateFontIndirectW
GetStockObject
CreateCompatibleDC
CreateRoundRectRgn
BitBlt

comdlg32

GetSaveFileNameW
GetOpenFileNameW
ChooseFontW
ChooseColorW
GetFileTitleW

advapi32

RegSetValueExW
RegCreateKeyW
RegOpenKeyExW
RegQueryValueExW
GetUserNameW
RegCloseKey

shell32

ShellExecuteW

ole32

OleLockRunning
StringFromGUID2
CoGetClassObject
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CLSIDFromProgID
CLSIDFromString
CoTaskMemAlloc
CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

VariantClear
SysAllocString
SysStringLen
SysFreeString
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SysStringByteLen
OleLoadPicture
VariantInit
SysAllocStringLen

shlwapi

PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathRemoveExtensionW

comctl32

_TrackMouseEvent
CreatePropertySheetPageW
ord17
PropertySheetW
DestroyPropertySheetPage

Exports

Exports

ImeConfigure
ImeConversionList
ImeDestroy
ImeEnumRegisterWord
ImeEscape
ImeGetRegisterWordStyle
ImeInquire
ImeProcessKey
ImeRegisterWord
ImeSelect
ImeSetActiveContext
ImeSetCompositionString
ImeToAsciiEx
ImeUnregisterWord
NotifyIME

Sections

.text
Size: 356KB - Virtual size: 355KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
jjbxb/license.rtf
.rtf
jjbxb/pinyin.bin
jjbxb/py/lib/基础词库.cky
jjbxb/pyfu.bin
jjbxb/pytips.htm
.html
jjbxb/readme.htm
.html
jjbxb/skins/Plus浅蓝.jsn
jjbxb/skins/SirS红色皮肤.jsn
jjbxb/skins/fjay黑色幽默.jsn
jjbxb/skins/xcyfq01.jsn
jjbxb/skins/xcyfq02.jsn
jjbxb/skins/卡通狗.jsn
jjbxb/skins/圣诞快乐.jsn
jjbxb/skins/幽幽兰香.jsn
jjbxb/skins/淡雅.jsn
jjbxb/skins/福临门.jsn
jjbxb/skins/飞鹰天下绿色水晶.jsn
jjbxb/top0.txt
jjbxb/top1.txt
jjbxb/top2.txt
jjbxb/top3.txt
jjbxb/top4.txt
jjbxb/top5.txt
jjbxb/top6.txt
jjbxb/top7.txt
jjbxb/uh.txt
jjbxb/usrword.txt
jjbxb/卸载.exe
.exe windows:4 windows x86 arch:x86

7c8236bde7b3032e84bca7307e4e3ed7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WinExec
lstrcmpiW
RaiseException
lstrlenW
WideCharToMultiByte
GetLastError
GetDriveTypeW
SizeofResource
LockResource
LoadResource
FindResourceExW
RtlUnwind
IsDebuggerPresent
GetModuleFileNameW
GetSystemDirectoryW
GetVersionExW
FindResourceW
GetFileAttributesW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleA
GetStartupInfoW
ExitProcess
GetCommandLineW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess

user32

MessageBoxW
UnregisterClassA
CharNextW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
GetUserNameW

shlwapi

PathStripToRootW

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
jjbxb/安装.exe
.exe windows:4 windows x86 arch:x86

1d49ba442469acb691fced4e225c51f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

RtlUnwind
IsDebuggerPresent
GetFileAttributesW
CopyFileW
GetProcAddress
GetModuleHandleW
GetCurrentProcess
GetVersionExW
GetSystemDirectoryW
GetModuleFileNameW
GetDriveTypeW
WinExec
UnhandledExceptionFilter
RaiseException
lstrlenW
WideCharToMultiByte
GetLastError
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
TerminateProcess
GetSystemTimeAsFileTime
lstrcmpiW
InterlockedExchange
SetUnhandledExceptionFilter
GetCurrentProcessId
GetCurrentThreadId
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleA
GetStartupInfoW
ExitProcess
GetCommandLineW
QueryPerformanceCounter
GetTickCount

user32

MessageBoxW
UnregisterClassA
CharNextW

advapi32

GetUserNameW

shlwapi

PathStripToRootW

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
安装必读.url
.url
安装说明.txt
更新安装须知.txt
更新说明.txt

Sharing

General

Malware Config

Signatures

Files

8fafd786a2dc7319acabd6f1ab2d71b7

Headers

File Characteristics

Imports

imm32

sensapi

kernel32

user32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

ws2_32

Sections

.text Size: 240KB - Virtual size: 237KB

.rdata Size: 48KB - Virtual size: 45KB

.data Size: 16KB - Virtual size: 21KB

.rsrc Size: 4KB - Virtual size: 2KB

8190aaa05a848b49f8c39a3521426aed

Headers

File Characteristics

Imports

imm32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

Exports

Exports

Sections

.text Size: 231KB - Virtual size: 230KB

.rdata Size: 41KB - Virtual size: 41KB

.data Size: 9KB - Virtual size: 17KB

.rsrc Size: 26KB - Virtual size: 25KB

.reloc Size: 18KB - Virtual size: 17KB

704faa705f58dd4a81cfa331a49c247e

Headers

File Characteristics

Imports

imm32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

Exports

Exports

Sections

.text Size: 356KB - Virtual size: 355KB

.rdata Size: 83KB - Virtual size: 82KB

.data Size: 13KB - Virtual size: 22KB

.pdata Size: 25KB - Virtual size: 25KB

.rsrc Size: 26KB - Virtual size: 25KB

.reloc Size: 4KB - Virtual size: 3KB

7c8236bde7b3032e84bca7307e4e3ed7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

.text
Size: 240KB - Virtual size: 237KB

.rdata
Size: 48KB - Virtual size: 45KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 4KB - Virtual size: 2KB

.text
Size: 231KB - Virtual size: 230KB

.rdata
Size: 41KB - Virtual size: 41KB

.data
Size: 9KB - Virtual size: 17KB

.rsrc
Size: 26KB - Virtual size: 25KB

.reloc
Size: 18KB - Virtual size: 17KB

.text
Size: 356KB - Virtual size: 355KB

.rdata
Size: 83KB - Virtual size: 82KB

.data
Size: 13KB - Virtual size: 22KB

.pdata
Size: 25KB - Virtual size: 25KB

.rsrc
Size: 26KB - Virtual size: 25KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB