0b5a48d3e09ef74bbfd04e1f0a3f5cc5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0b5a48d3e09ef74bbfd04e1f0a3f5cc5_JaffaCakes118
Size

1.2MB
MD5

0b5a48d3e09ef74bbfd04e1f0a3f5cc5
SHA1

b73b8cdf480058d63571aeb2186998f722c442ea
SHA256

86d30b05342c65e4576114efa36272aea49e5696fd70c57b871a81f09d8d2e75
SHA512

04678275147a1c695811236a83aa0467f1671b8c0a1b1443a4c9c7fadc25bb88315eb7f60d2aa0e0899015ab4425f7dcbce39d5774df66efa2f29279fc60438f
SSDEEP

24576:oVcaNKcudepFgZe+UQ8rKyDUfxPMDsl+nblIDO5PhW1Eu/VvzxD15sm:ucaNgu6ZxL8vE+qulbW1Eun1im

Score

10^/10

upx aspackv2

Malware Config

Signatures

Nirsoft 1 IoCs

resource	yara_rule
static1/unpack002/out.upx	Nirsoft

ASPack v2.12-2.42 4 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/GreenBrowserGB_6.9.1223/Plugin/Tools/FavoritesView.exe	aspack_v212_v242
static1/unpack001/GreenBrowserGB_6.9.1223/Plugin/Tools/QuickTools.exe	aspack_v212_v242
static1/unpack001/GreenBrowserGB_6.9.1223/Resource/GreenBrowserUpdate.exe	aspack_v212_v242
static1/unpack001/GreenBrowserGB_6.9.1223/Resource/GreenImageConvert.exe	aspack_v212_v242

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/GreenBrowserGB_6.9.1223/Plugin/QuickMute+/nircmd.exe	upx

Unsigned PE 9 IoCs

Checks for missing Authenticode signature.

resource
unpack001/GreenBrowserGB_6.9.1223/GreenBrowser.exe
unpack001/GreenBrowserGB_6.9.1223/Plugin/QuickMute+/nircmd.exe
unpack002/out.upx
unpack001/GreenBrowserGB_6.9.1223/Plugin/SnapShot/SnapShot.exe
unpack001/GreenBrowserGB_6.9.1223/Plugin/Tools/FavoritesView.exe
unpack001/GreenBrowserGB_6.9.1223/Plugin/Tools/QuickMute.exe
unpack001/GreenBrowserGB_6.9.1223/Plugin/Tools/QuickTools.exe
unpack001/GreenBrowserGB_6.9.1223/Resource/GreenBrowserUpdate.exe
unpack001/GreenBrowserGB_6.9.1223/Resource/GreenImageConvert.exe

Files

0b5a48d3e09ef74bbfd04e1f0a3f5cc5_JaffaCakes118
.zip
GreenBrowserGB_6.9.1223/FavIcon/www.5igb.com.ico
GreenBrowserGB_6.9.1223/GreenBrowser.exe
.exe windows:4 windows x86 arch:x86

a79e1e4f152c8b8acafe2de195bbf8ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostbyname
gethostname
WSAStartup
WSACleanup

winmm

sndPlaySoundA

kernel32

GetSystemTime
HeapReAlloc
GetStartupInfoA
ExitProcess
CreateThread
ExitThread
TerminateProcess
HeapSize
GetACP
SetStdHandle
GetFileType
GetEnvironmentVariableA
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
SetErrorMode
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalUnlock
GlobalLock
GetPrivateProfileIntA
GetLocalTime
FreeLibrary
GetProcAddress
LoadLibraryA
FindClose
FindNextFileA
lstrcmpA
FindFirstFileA
CreateDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryA
lstrcmpiA
GetTimeZoneInformation
lstrcmpW
FindFirstFileW
DeleteFileA
CopyFileA
MoveFileA
OpenFile
FileTimeToDosDateTime
GetModuleFileNameA
lstrlenA
GetTickCount
QueryPerformanceCounter
GetPrivateProfileStringA
MultiByteToWideChar
ExpandEnvironmentStringsA
WritePrivateProfileStringA
GlobalAlloc
WideCharToMultiByte
GlobalSize
GetFileAttributesA
GetOEMCP
GetCPInfo
GetProcessVersion
SizeofResource
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
TlsAlloc
GetCurrentThread
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
DuplicateHandle
lstrcpynA
SetLastError
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
FormatMessageA
GetProfileIntA
GlobalGetAtomNameA
HeapFree
HeapAlloc
RtlUnwind
FindNextFileW
GetProfileStringA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LockResource
FindResourceA
LoadResource
RaiseException
InterlockedExchange
MulDiv
GetVersion
GetEnvironmentStrings
CreateProcessA
GlobalMemoryStatus
QueryPerformanceFrequency
GetPrivateProfileSectionA
GetFileSize
UnmapViewOfFile
GetCurrentProcessId
OpenProcess
LocalAlloc
LocalFree
GetWindowsDirectoryA
GetTempPathA
WriteFile
GetCurrentProcess
SetProcessWorkingSetSize
WritePrivateProfileSectionA
lstrcatA
lstrcpyA
GlobalFree
GetModuleHandleA
GetShortPathNameA
lstrlenW
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentThreadId
GetCommandLineA
DeleteCriticalSection
HeapDestroy
CreateSemaphoreA
GetLastError
CreateFileA
CloseHandle
CreateMutexA
WaitForSingleObject
CreateFileMappingA
MapViewOfFile
ReleaseMutex
GetVersionExA

user32

LoadAcceleratorsA
ReuseDDElParam
UnpackDDElParam
LoadStringA
CharUpperA
PostQuitMessage
ShowOwnedPopups
MessageBeep
SetWindowContextHelpId
MapDialogRect
CopyAcceleratorTableA
InvertRect
PostThreadMessageA
SetWindowTextA
IsDialogMessageA
CheckDlgButton
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
AdjustWindowRectEx
EqualRect
DeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
MessageBoxA
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
IntersectRect
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
GetDlgItem
IsWindowEnabled
EndPaint
DrawEdge
DrawIconEx
GrayStringA
DrawTextA
TabbedTextOutA
GetSystemMenu
GetDCEx
RedrawWindow
GetClassLongA
FillRect
BeginDeferWindowPos
EndDeferWindowPos
GetSysColorBrush
wsprintfA
DestroyMenu
OffsetRect
InflateRect
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
CreateAcceleratorTableA
GetKeyboardLayoutNameA
SetFocus
FindWindowA
BringWindowToTop
mouse_event
MoveWindow
SetParent
TranslateAcceleratorA
DestroyWindow
GetTopWindow
DestroyAcceleratorTable
EnumWindows
GetWindowThreadProcessId
IsChild
DeleteMenu
CheckMenuRadioItem
SetPropA
SetWindowPos
RegisterWindowMessageA
TrackPopupMenuEx
GetDC
DefDlgProcA
IsWindowUnicode
ReleaseDC
EnumChildWindows
WindowFromPoint
IsZoomed
GetClassNameA
GetFocus
ShowScrollBar
UnregisterHotKey
RegisterHotKey
CharNextA
GetPropA
GetLastActivePopup
IsIconic
SetForegroundWindow
SetMenu
UpdateWindow
MapVirtualKeyA
GetKeyNameTextA
keybd_event
VkKeyScanA
InsertMenuA
SetMenuItemInfoA
BeginPaint
GetWindowDC
GetMessageA
TranslateMessage
ValidateRect
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
DefFrameProcA
wvsprintfA
GetMenuCheckMarkDimensions
SetRect
SetMenuItemBitmaps
GetNextDlgGroupItem
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
PtInRect
GetDesktopWindow
LoadMenuA
ModifyMenuA
LockWindowUpdate
LoadImageA
SetWindowLongA
GetWindow
LoadIconA
GetMenuItemCount
GetMenuItemInfoA
GetMenuState
GetMenuItemID
CheckMenuItem
EnableMenuItem
GetParent
UnionRect
IsRectEmpty
SetRectEmpty
GetWindowLongA
ShowWindow
CreatePopupMenu
GetWindowRect
ClientToScreen
IsMenu
AppendMenuA
GetSubMenu
GetMenuStringA
SystemParametersInfoA
DrawStateA
FindWindowExA
InvalidateRect
GetClientRect
CopyRect
GetSysColor
DestroyIcon
ReleaseCapture
SetCapture
PostMessageA
GetCursor
GetCursorPos
ScreenToClient
SetCursor
SetTimer
KillTimer
LoadCursorA
RegisterClipboardFormatA
GetKeyState
LoadBitmapA
GetSystemMetrics
SendMessageA
IsWindow
IsWindowVisible
EnableWindow
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
TrackPopupMenu

gdi32

RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
SaveDC
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
GetMapMode
SetRectRgn
CombineRgn
DPtoLP
GetTextMetricsA
LPtoDP
GetBkColor
CopyMetaFileA
CreateRectRgnIndirect
CreateFontA
GetCharWidthA
StretchDIBits
SetBkColor
SetTextColor
GetClipBox
GetBkMode
Ellipse
CreatePen
CreateDIBSection
CreateSolidBrush
Escape
TextOutA
RectVisible
PtVisible
CreateRectRgn
PatBlt
CreateCompatibleBitmap
BitBlt
GetTextColor
ExtTextOutA
EnumFontFamiliesA
GetTextExtentPoint32A
CreateDCA
GetStockObject
SelectPalette
RealizePalette
GetDIBits
CreateCompatibleDC
GetDeviceCaps
CreateBitmap
SelectObject
DeleteDC
GetObjectA
CreateFontIndirectA
GetTextExtentPointA
CreateDIBitmap
DeleteObject

comdlg32

GetFileTitleA
GetOpenFileNameA
ChooseColorA
GetSaveFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegDeleteKeyA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyA
RegDeleteValueA
RegCreateKeyA
RegOpenKeyExA
RegEnumKeyA

shell32

DragAcceptFiles
SHAppBarMessage
SHFileOperationA
Shell_NotifyIconA
DragFinish
SHGetSpecialFolderLocation
SHGetFileInfoA
SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetDesktopFolder
ShellExecuteExA
ShellExecuteA
DragQueryFileA

comctl32

ImageList_DragLeave
ImageList_EndDrag
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_Draw
ImageList_GetIcon
ImageList_AddMasked
ImageList_SetImageCount
ImageList_Add
ImageList_GetIconSize
ord17
ImageList_Destroy
ImageList_Create
ImageList_BeginDrag
ImageList_Duplicate

oledlg

ord8

ole32

CoInitialize
CoUninitialize
CoRevokeClassObject
CoRegisterClassObject
CoCreateInstance
CoGetClassObject
CoTaskMemFree
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
ReleaseStgMedium
OleGetClipboard
CLSIDFromProgID
CLSIDFromString
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemAlloc
OleUninitialize
CoFreeUnusedLibraries
OleDuplicateData
OleFlushClipboard
OleIsCurrentClipboard
StgOpenStorageOnILockBytes
OleInitialize

olepro32

ord253

oleaut32

SysStringLen
VariantTimeToSystemTime
SysAllocStringLen
VariantChangeType
SysAllocStringByteLen
VariantCopy
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
VariantInit
RegisterTypeLi
LoadTypeLi
VariantClear
SysAllocString
SysFreeString

urlmon

ObtainUserAgentString
CoInternetGetSession
UrlMkSetSessionOption

wininet

InternetOpenUrlA
InternetCrackUrlA
InternetSetStatusCallback
InternetCanonicalizeUrlA
InternetCloseHandle
InternetOpenA
InternetQueryOptionA
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
DeleteUrlCacheEntry
InternetGetLastResponseInfoA
HttpQueryInfoA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
GetUrlCacheEntryInfoA
GetUrlCacheEntryInfoExA
InternetSetOptionA
FindCloseUrlCache

imm32

ImmGetOpenStatus
ImmSetOpenStatus
ImmReleaseContext
ImmSimulateHotKey
ImmGetContext

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

Exports

Exports

?interfaceMap@CCustomControlSite@@1UAFX_INTERFACEMAP@@B

Sections

.text
Size: 939KB - Virtual size: 939KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
GreenBrowserGB_6.9.1223/GreenBrowser.exe.manifest
.xml
GreenBrowserGB_6.9.1223/Groups/ɣ.cgp
GreenBrowserGB_6.9.1223/Groups/.cgp
GreenBrowserGB_6.9.1223/Groups/.cgp
GreenBrowserGB_6.9.1223/Groups/.cgp
GreenBrowserGB_6.9.1223/Groups/.cgp
GreenBrowserGB_6.9.1223/Groups/ҵĵ.cgp
GreenBrowserGB_6.9.1223/Language/ChineseGB.ini
GreenBrowserGB_6.9.1223/Plugin/Alexa/alexa.htm
.html
GreenBrowserGB_6.9.1223/Plugin/Alexa/alexa.ico
GreenBrowserGB_6.9.1223/Plugin/Alexa/plugin.ini
GreenBrowserGB_6.9.1223/Plugin/EditHtml/icon.ico
GreenBrowserGB_6.9.1223/Plugin/EditHtml/plugin.ini
GreenBrowserGB_6.9.1223/Plugin/EditHtml/script.htm
.html .js polyglot
GreenBrowserGB_6.9.1223/Plugin/GrayBackground/GrayBackground.ico
GreenBrowserGB_6.9.1223/Plugin/GrayBackground/plugin.ini
GreenBrowserGB_6.9.1223/Plugin/GrayBackground/script.htm
.html .js polyglot
GreenBrowserGB_6.9.1223/Plugin/GrayColor/icon.ico
GreenBrowserGB_6.9.1223/Plugin/GrayColor/plugin.ini
GreenBrowserGB_6.9.1223/Plugin/GrayColor/script.htm
.html
GreenBrowserGB_6.9.1223/Plugin/ImageBestFitWidth/ImageBestFitWidth.htm
.html .js polyglot
GreenBrowserGB_6.9.1223/Plugin/ImageBestFitWidth/ImageBestFitWidth.ico
GreenBrowserGB_6.9.1223/Plugin/ImageBestFitWidth/plugin.ini
GreenBrowserGB_6.9.1223/Plugin/KillAd/killad.htm
.html .js polyglot
GreenBrowserGB_6.9.1223/Plugin/KillAd/killad.ico
GreenBrowserGB_6.9.1223/Plugin/KillAd/plugin.ini
GreenBrowserGB_6.9.1223/Plugin/Linkify/link.ico
GreenBrowserGB_6.9.1223/Plugin/Linkify/linkify.htm
.html .js polyglot
GreenBrowserGB_6.9.1223/Plugin/Linkify/plugin.ini
GreenBrowserGB_6.9.1223/Plugin/LiquidLayout/icon.ico
GreenBrowserGB_6.9.1223/Plugin/LiquidLayout/plugin.ini
GreenBrowserGB_6.9.1223/Plugin/LiquidLayout/script.htm
.html .js polyglot
GreenBrowserGB_6.9.1223/Plugin/MouseUnlock/MouseUnlock.htm
.html .js polyglot
GreenBrowserGB_6.9.1223/Plugin/MouseUnlock/MouseUnlock.ico
GreenBrowserGB_6.9.1223/Plugin/MouseUnlock/plugin.ini
GreenBrowserGB_6.9.1223/Plugin/NextPage/Next.htm
.html .js polyglot
GreenBrowserGB_6.9.1223/Plugin/NextPage/Next.ico
GreenBrowserGB_6.9.1223/Plugin/NextPage/plugin.ini
GreenBrowserGB_6.9.1223/Plugin/QuickMute+/QuickMute.ico
GreenBrowserGB_6.9.1223/Plugin/QuickMute+/nircmd.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
GreenBrowserGB_6.9.1223/Plugin/QuickMute+/plugin.ini
GreenBrowserGB_6.9.1223/Plugin/SnapShot/SnapShot.exe
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 230KB - Virtual size: 684KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
GreenBrowserGB_6.9.1223/Plugin/TipPassword/TipPassword.ico
GreenBrowserGB_6.9.1223/Plugin/TipPassword/plugin.ini
GreenBrowserGB_6.9.1223/Plugin/TipPassword/script.htm
.html .js polyglot
GreenBrowserGB_6.9.1223/Plugin/Tools/FavoritesView.cfg
GreenBrowserGB_6.9.1223/Plugin/Tools/FavoritesView.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 26KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 6KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
GreenBrowserGB_6.9.1223/Plugin/Tools/QuickMute.exe
.exe windows:4 windows x86 arch:x86

5fc62f57139de89d1289a7b1b3955e79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mixerGetControlDetailsA
mixerSetControlDetails
mixerOpen
mixerGetLineInfoA
mixerClose
mixerGetLineControlsA

mfc42

ord2385
ord470
ord755
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord641
ord2514
ord2621
ord1134
ord5265
ord4376
ord4853
ord4998
ord6052
ord4078
ord1775
ord4407
ord5241
ord1576
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord1146
ord1168
ord324
ord4234
ord4710
ord2379

msvcrt

__set_app_type
_controlfp
__CxxFrameHandler
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_setmbcp
_except_handler3

kernel32

GetStartupInfoA
GetModuleHandleA

user32

DrawIcon
EnableWindow
IsIconic
GetSystemMetrics
GetClientRect
LoadIconA
SendMessageA

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
GreenBrowserGB_6.9.1223/Plugin/Tools/QuickTools.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
GreenBrowserGB_6.9.1223/Plugin/Tools/QuickTools.ini
GreenBrowserGB_6.9.1223/Plugin/ViewPage/ViewPage_cn.htm
.html .js polyglot
GreenBrowserGB_6.9.1223/Plugin/ViewPage/plugin.ini
GreenBrowserGB_6.9.1223/Plugin/ViewPage/readme.txt
GreenBrowserGB_6.9.1223/Plugin/ViewPage/v.ico
GreenBrowserGB_6.9.1223/Plugin/ViewSelection/plugin.ini
GreenBrowserGB_6.9.1223/Plugin/ViewSelection/s.ico
GreenBrowserGB_6.9.1223/Plugin/ViewSelection/script.htm
.html .js polyglot
GreenBrowserGB_6.9.1223/Plugin/ViewSelection/script_ed_cn.htm
.html .js polyglot
GreenBrowserGB_6.9.1223/Resource/CollectorScript.txt.default
.js
GreenBrowserGB_6.9.1223/Resource/DownManager.ini.default
.vbs
GreenBrowserGB_6.9.1223/Resource/Filter.ini.default
GreenBrowserGB_6.9.1223/Resource/GreenBrowser.ini.default
GreenBrowserGB_6.9.1223/Resource/GreenBrowserUpdate.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
GreenBrowserGB_6.9.1223/Resource/GreenBrowserUpdate.exe.manifest
.xml
GreenBrowserGB_6.9.1223/Resource/GreenImageConvert.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
GreenBrowserGB_6.9.1223/Resource/PopFilter.WAV
GreenBrowserGB_6.9.1223/Resource/Proxy.ini.default
.js
GreenBrowserGB_6.9.1223/Resource/Resource.htm
GreenBrowserGB_6.9.1223/Resource/SearchEngine.ini.default
GreenBrowserGB_6.9.1223/Resource/SpeedDial.htm
.html .js polyglot
GreenBrowserGB_6.9.1223/Resource/baidu.ico
GreenBrowserGB_6.9.1223/Resource/google.ico
GreenBrowserGB_6.9.1223/Resource/image.ico
GreenBrowserGB_6.9.1223/Resource/search.ico
GreenBrowserGB_6.9.1223/Resource/sogou.ico
GreenBrowserGB_6.9.1223/Resource/taobao.ico
GreenBrowserGB_6.9.1223/Resource/ɣ.cgp
GreenBrowserGB_6.9.1223/Resource/.cgp
GreenBrowserGB_6.9.1223/Resource/.cgp
GreenBrowserGB_6.9.1223/Resource/.cgp
GreenBrowserGB_6.9.1223/Resource/.cgp
GreenBrowserGB_6.9.1223/Resource/ҵĵ.cgp
GreenBrowserGB_6.9.1223/Skin/A-Vista/BackGround.bmp
GreenBrowserGB_6.9.1223/Skin/A-Vista/FavBar.bmp
GreenBrowserGB_6.9.1223/Skin/A-Vista/Go.bmp
GreenBrowserGB_6.9.1223/Skin/A-Vista/MainMenu.bmp
GreenBrowserGB_6.9.1223/Skin/A-Vista/MainTool16.bmp
GreenBrowserGB_6.9.1223/Skin/A-Vista/MainTool24.bmp
GreenBrowserGB_6.9.1223/Skin/A-Vista/MainToolGray16.bmp
GreenBrowserGB_6.9.1223/Skin/A-Vista/MainToolGray24.bmp
GreenBrowserGB_6.9.1223/Skin/A-Vista/SearchBar.bmp
GreenBrowserGB_6.9.1223/Skin/A-Vista/StatusTool.bmp
GreenBrowserGB_6.9.1223/Skin/A-Vista/SystemBar.bmp
GreenBrowserGB_6.9.1223/Skin/A-Vista/TabActive.bmp
GreenBrowserGB_6.9.1223/Skin/A-Vista/TabActiveBottom.bmp
GreenBrowserGB_6.9.1223/Skin/A-Vista/TabNormal.bmp
GreenBrowserGB_6.9.1223/Skin/A-Vista/TabNormalBottom.bmp
GreenBrowserGB_6.9.1223/Skin/A-Vista/TaskBar.bmp
GreenBrowserGB_6.9.1223/Skin/Default/BackGround.bmp
GreenBrowserGB_6.9.1223/Skin/Default/Go.bmp
GreenBrowserGB_6.9.1223/Skin/Default/MainAnimIcon.bmp
GreenBrowserGB_6.9.1223/Skin/Default/MainMenu.bmp
GreenBrowserGB_6.9.1223/Skin/Default/MainTool16.bmp
GreenBrowserGB_6.9.1223/Skin/Default/MainTool24.bmp
GreenBrowserGB_6.9.1223/Skin/Default/MainToolGray16.bmp
GreenBrowserGB_6.9.1223/Skin/Default/MainToolGray24.bmp
GreenBrowserGB_6.9.1223/Skin/Default/SearchBar.bmp
GreenBrowserGB_6.9.1223/Skin/Default/StatusTool.bmp
GreenBrowserGB_6.9.1223/Skin/Default/SystemBar.bmp
GreenBrowserGB_6.9.1223/Skin/Grid/BackGround.bmp
GreenBrowserGB_6.9.1223/Skin/Grid/FavBar.bmp
GreenBrowserGB_6.9.1223/Skin/Grid/Go.bmp
GreenBrowserGB_6.9.1223/Skin/Grid/Skin.ini
GreenBrowserGB_6.9.1223/Skin/Grid/StatusTool.bmp
GreenBrowserGB_6.9.1223/Skin/Grid/TabActive.bmp
GreenBrowserGB_6.9.1223/Skin/Grid/TabNormal.bmp
GreenBrowserGB_6.9.1223/User/CollectorScript.txt
.js
GreenBrowserGB_6.9.1223/User/DownManager.ini
.vbs
GreenBrowserGB_6.9.1223/User/Filter.ini
GreenBrowserGB_6.9.1223/User/FormData.ini
GreenBrowserGB_6.9.1223/User/GreenBrowser.ini
GreenBrowserGB_6.9.1223/User/LastVisit.ini
GreenBrowserGB_6.9.1223/User/PreviousVisit.ini
GreenBrowserGB_6.9.1223/thanks.txt
GreenBrowserGB_6.9.1223/װ֪.txt

Sharing

General

Malware Config

Signatures

Files

a79e1e4f152c8b8acafe2de195bbf8ec

Headers

File Characteristics

Imports

wsock32

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

wininet

imm32

version

Exports

Exports

Sections

.text Size: 939KB - Virtual size: 939KB

.rdata Size: 190KB - Virtual size: 190KB

.data Size: 42KB - Virtual size: 64KB

.rsrc Size: 178KB - Virtual size: 178KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 60KB

UPX1 Size: 40KB - Virtual size: 40KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 63KB - Virtual size: 62KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 512B - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 2KB

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 230KB - Virtual size: 684KB

.rsrc Size: 10KB - Virtual size: 12KB

Headers

File Characteristics

Sections

Size: 26KB - Virtual size: 52KB

Size: 6KB - Virtual size: 32KB

Size: 512B - Virtual size: 8KB

.rsrc Size: 5KB - Virtual size: 16KB

.aspack Size: 8KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

5fc62f57139de89d1289a7b1b3955e79

Headers

File Characteristics

Imports

winmm

mfc42

msvcrt

kernel32

user32

Sections

.text Size: 4KB - Virtual size: 2KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 276B

.rsrc Size: 4KB - Virtual size: 2KB

Headers

File Characteristics

.text
Size: 939KB - Virtual size: 939KB

.rdata
Size: 190KB - Virtual size: 190KB

.data
Size: 42KB - Virtual size: 64KB

.rsrc
Size: 178KB - Virtual size: 178KB

UPX0
Size: - Virtual size: 60KB

UPX1
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 63KB - Virtual size: 62KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 512B - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 2KB

.text
Size: 230KB - Virtual size: 684KB

.rsrc
Size: 10KB - Virtual size: 12KB

.rsrc
Size: 5KB - Virtual size: 16KB

.aspack
Size: 8KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 2KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 276B

.rsrc
Size: 4KB - Virtual size: 2KB

.text
Size: 3KB - Virtual size: 8KB

.rdata
Size: 1KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 24KB

.aspack
Size: 24KB - Virtual size: 28KB

.adata
Size: - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB

.aspack
Size: 6KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

.text
Size: 2KB - Virtual size: 8KB

.rdata
Size: 1KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB

.aspack
Size: 6KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB