5e4e3622549120e3bf3669cd4cc30859_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5e4e3622549120e3bf3669cd4cc30859_JaffaCakes118
Size

450KB
MD5

5e4e3622549120e3bf3669cd4cc30859
SHA1

48984f3c0fff037c6b21192a4075e09238ef21e4
SHA256

7859edb18c6c4f6dadeac8123a349e97387433dae961b4dd717f203b6134938d
SHA512

70979d4af0093ad6f6f2d25e165d02c91fcd774d5b60a9012bae76210b0b90560bfd2fd71bbd4b9a88601bc0a3a5fc5a1d08a3b358dda561979cab427aac5ffa
SSDEEP

12288:/FZFKtnNGPQBetpZvxGBz+hXIC2wUIae5BPfgaXZY:/FZQxMtpxUthyfrJY

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/fangtangyinkongocc/方塘音控.exe
unpack002/$PLUGINSDIR/kylin68.exe

Files

5e4e3622549120e3bf3669cd4cc30859_JaffaCakes118
.rar
fangtangyinkongocc/下载说明.htm
.html
fangtangyinkongocc/使用帮助(河东软件园).url
.url
fangtangyinkongocc/使用说明.txt
fangtangyinkongocc/方塘音控.exe
.exe windows:4 windows x86 arch:x86

18bc6fa81e19f21156316b1ae696ed6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
lstrcmpiA
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA

user32

ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
TrackPopupMenu
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/kylin68.exe
.exe windows:4 windows x86 arch:x86

c85e49f51a4269c1477c44ceecce4a68

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mixerSetControlDetails
mixerClose
mixerGetControlDetailsA
mixerGetLineControlsA
mixerGetNumDevs
mixerGetDevCapsA
mixerGetLineInfoA
mixerGetID
mixerOpen

kernel32

SetEnvironmentVariableA
IsBadCodePtr
GetStringTypeW
GetDriveTypeA
HeapReAlloc
GetStringTypeA
VirtualAlloc
CompareStringA
HeapAlloc
CompareStringW
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
HeapDestroy
VirtualFree
HeapCreate
GetEnvironmentStrings
SetHandleCount
GetEnvironmentStringsW
UnhandledExceptionFilter
FreeEnvironmentStringsW
FreeEnvironmentStringsA
HeapFree
GetACP
GetFileType
SetStdHandle
GetTimeZoneInformation
GetLocalTime
GetSystemTime
CreateThread
TerminateProcess
ExitThread
ExitProcess
HeapValidate
RaiseException
GetStdHandle
GetCommandLineA
GetStartupInfoA
lstrcpyW
DebugBreak
RtlUnwind
GetTempFileNameA
GetTickCount
GetDiskFreeSpaceA
ReleaseMutex
SetErrorMode
WaitForMultipleObjects
CreateSemaphoreA
CreateMutexA
ReleaseSemaphore
OutputDebugStringA
CopyFileA
GlobalSize
GetPrivateProfileStringA
GetCurrentDirectoryA
WritePrivateProfileStringA
SystemTimeToFileTime
SetFileAttributesA
SetFileTime
GetFileSize
LocalFileTimeToFileTime
GetFileTime
GetThreadLocale
GetFileAttributesA
GetShortPathNameA
GetVolumeInformationA
GetStringTypeExA
GetFullPathNameA
SetEndOfFile
DeleteFileA
MoveFileA
FlushFileBuffers
UnlockFile
LockFile
ReadFile
SetFilePointer
WriteFile
DuplicateHandle
CreateFileA
GetCurrentProcess
FindNextFileA
ResetEvent
PulseEvent
GetProfileIntA
FindFirstFileA
FindClose
LocalReAlloc
VirtualProtect
TlsGetValue
TlsFree
TlsSetValue
GlobalReAlloc
EnterCriticalSection
GlobalHandle
TlsAlloc
InitializeCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetProcessVersion
GetOEMCP
GetCPInfo
GlobalFlags
SizeofResource
GetPrivateProfileIntA
IsBadStringPtrA
IsBadReadPtr
IsBadWritePtr
FileTimeToSystemTime
IsBadStringPtrW
FileTimeToLocalFileTime
lstrcmpA
lstrlenW
GlobalAlloc
SetLastError
GetCurrentThread
MulDiv
LocalFree
CloseHandle
FindResourceA
FormatMessageA
LockResource
MultiByteToWideChar
LocalAlloc
GetProfileStringA
lstrcpynA
CreateEventA
SetEvent
WaitForSingleObject
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
SuspendThread
ResumeThread
GetThreadPriority
SetThreadPriority
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
FreeLibrary
LoadLibraryA
GetWindowsDirectoryA
lstrcpyA
WinExec
lstrlenA
lstrcatA
GetModuleFileNameA
GlobalLock
LoadResource
GetVersionExA
GetVersion
FreeResource
GetLastError
GlobalFree
GlobalUnlock

user32

GetOpenClipboardWindow
OpenClipboard
SetClipboardViewer
GetClipboardOwner
ChangeClipboardChain
FlashWindow
WindowFromPoint
SetParent
GetLastActivePopup
FindWindowA
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
DlgDirSelectComboBoxExA
DlgDirSelectExA
DlgDirListComboBoxA
DlgDirListA
GetDesktopWindow
SetCapture
KillTimer
SetTimer
EnableScrollBar
RedrawWindow
LockWindowUpdate
GetDCEx
ShowOwnedPopups
IsWindowVisible
ValidateRgn
ValidateRect
InvalidateRgn
InvalidateRect
GetUpdateRgn
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ClientToScreen
BringWindowToTop
GetWindowRgn
SetWindowRgn
ArrangeIconicWindows
IsZoomed
HiliteMenuItem
GetSystemMenu
DrawMenuBar
SetMenu
GetMenu
PostMessageA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SendDlgItemMessageA
GetClientRect
MapWindowPoints
PeekMessageA
DispatchMessageA
PostThreadMessageA
SetWindowContextHelpId
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
MapDialogRect
GetClipboardViewer
GetTopWindow
MessageBoxA
IsChild
GetParent
GetWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetKeyState
SendMessageA
DefWindowProcA
GetClassNameA
GetDlgCtrlID
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetWindowContextHelpId
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
EndDialog
GetActiveWindow
SetActiveWindow
EnableWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
TrackPopupMenu
SetMenuDefaultItem
LoadIconA
wsprintfA
PostQuitMessage
GetCursorPos
GetSystemMetrics
LoadCursorA
CopyIcon
IsWindow
SetWindowLongA
SetCursor
ReleaseCapture
CloseWindow
OpenIcon
SetMenuItemBitmaps
LoadBitmapA
GetMenuCheckMarkDimensions
TabbedTextOutA
CharToOemA
OemToCharA
wvsprintfA
TranslateMessage
GetMessageA
IsRectEmpty
PtInRect
SetRect
SetRectEmpty
InflateRect
CheckMenuItem
UnionRect
SubtractRect
GetSysColorBrush
WindowFromDC
ExcludeUpdateRgn
FillRect
FrameRect
InvertRect
DrawIcon
DrawStateA
CreateCaret
GetCaretPos
SetCaretPos
HideCaret
ShowCaret
SetForegroundWindow
GetForegroundWindow
SendNotifyMessageA
SetScrollPos
GetScrollPos
GetPropA
DrawEdge
DrawFrameControl
DrawFocusRect
DrawTextA
GetTabbedTextExtentA
GrayStringA
ScrollDC
CreateMenu
CreatePopupMenu
IsMenu
DeleteMenu
IsClipboardFormatAvailable
InSendMessage
RegisterClipboardFormatA
DestroyIcon
MsgWaitForMultipleObjects
CopyAcceleratorTableA
CharNextA
GetWindowThreadProcessId
ReuseDDElParam
TranslateAcceleratorA
LoadAcceleratorsA
CharUpperA
DestroyCursor
SetCursorPos
GetAsyncKeyState
UnpackDDElParam
GetClipboardFormatNameA
GetDialogBaseUnits
DestroyMenu
LoadStringA
WaitMessage
CheckMenuRadioItem
GetMenuContextHelpId
SetMenuContextHelpId
LoadMenuIndirectA
LoadMenuA
RemoveMenu
ModifyMenuA
InsertMenuA
GetSubMenu
GetMenuItemInfoA
GetMenuStringA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
EnableMenuItem
GetFocus
SetFocus
AppendMenuA
GetSysColor
MessageBeep
UnregisterClassA
DefDlgProcA
IsWindowUnicode

gdi32

SetBitmapBits
EqualRgn
SetViewportExtEx
GetStockObject
OffsetViewportOrgEx
GetClipBox
SetTextColor
GetDCOrgEx
GetObjectA
CreateBitmap
SetBkColor
CloseMetaFile
CreateEnhMetaFileA
CreateMetaFileA
ExtTextOutA
UnrealizeObject
CloseEnhMetaFile
CreatePen
CreatePenIndirect
GetObjectType
CreateSolidBrush
CreateHatchBrush
ExtCreatePen
CreatePatternBrush
CreateDIBPatternBrushPt
CreateBrushIndirect
CreateFontA
CreateBitmapIndirect
CreateFontIndirectA
SetBitmapDimensionEx
GetBitmapDimensionEx
GetBitmapBits
CreateDiscardableBitmap
CreatePalette
CreateCompatibleBitmap
GetPaletteEntries
SetPaletteEntries
CreateHalftonePalette
GetNearestPaletteIndex
ResizePalette
AnimatePalette
CreateRectRgnIndirect
CreateEllipticRgn
CreateRectRgn
CreatePolygonRgn
CreatePolyPolygonRgn
CreateEllipticRgnIndirect
PathToRegion
ExtCreateRegion
CreateRoundRectRgn
SetRectRgn
CombineRgn
GetRegionData
GetRgnBox
PtInRegion
OffsetRgn
CreateDCA
CreateICA
RectInRegion
GetDeviceCaps
GetBrushOrgEx
CreateCompatibleDC
EnumObjects
SelectObject
SetBrushOrgEx
RealizePalette
UpdateColors
GetNearestColor
GetBkMode
GetPolyFillMode
GetBkColor
GetStretchBltMode
GetTextColor
GetROP2
GetViewportOrgEx
GetViewportExtEx
GetMapMode
GetWindowExtEx
DPtoLP
GetWindowOrgEx
FillRgn
FrameRgn
LPtoDP
PaintRgn
PtVisible
InvertRgn
GetCurrentPositionEx
Arc
RectVisible
Chord
Ellipse
Polyline
Polygon
PolyPolygon
Pie
RoundRect
PatBlt
Rectangle
StretchBlt
GetPixel
BitBlt
FloodFill
ExtFloodFill
SetPixel
GetTextExtentPoint32A
GetTextAlign
TextOutA
GetTextMetricsA
GetTextCharacterExtra
GetTextFaceA
GetAspectRatioFilterEx
Escape
GetCharWidthA
GetBoundsRect
ResetDCA
SetBoundsRect
GetCharABCWidthsA
GetFontData
GetOutlineTextMetricsA
GetGlyphOutlineA
StartDocA
GetKerningPairsA
EndPage
SetAbortProc
StartPage
EndDoc
MaskBlt
AbortDoc
SetPixelV
CreateDIBitmap
GetTextExtentPointA
DeleteMetaFile
CopyMetaFileA
StretchDIBits
PlayMetaFile
EnumMetaFile
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
GetClipRgn
DeleteObject
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
MoveToEx
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
AngleArc
PlgBlt
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
RestoreDC
SaveDC
DeleteDC
PlayEnhMetaFile
GdiComment
WidenPath
StrokePath
StrokeAndFillPath
SetMiterLimit
GetPath
GetMiterLimit
FlattenPath
FillPath
EndPath
CloseFigure
BeginPath
AbortPath
GetCharWidthFloatA
GetCharABCWidthsFloatA
ExtEscape
DrawEscape
PolyBezier
GetCurrentObject
GetColorAdjustment
PolyPolyline
GetArcDirection

comdlg32

PageSetupDlgA
ChooseColorA
CommDlgExtendedError
PrintDlgA
GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegQueryValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyA
RegSetValueA
RegEnumKeyA
RegCreateKeyA
SetFileSecurityA
GetFileSecurityA

shell32

ExtractIconA
DragQueryFileA
DragFinish
SHGetFileInfoA
DragAcceptFiles
Shell_NotifyIconA
SHChangeNotify
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA

comctl32

ImageList_SetBkColor
ImageList_Draw
ImageList_GetIcon
ImageList_GetBkColor
ImageList_ReplaceIcon
ImageList_Replace
ImageList_Remove
ImageList_AddMasked
ImageList_Add
ImageList_GetImageInfo
ImageList_SetOverlayImage
ImageList_Write
ImageList_Read
ImageList_Merge
ImageList_LoadImageA
ImageList_Create
ImageList_Destroy
ord13
ord8
ord17
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragMove
ImageList_SetDragCursorImage
ImageList_DragShowNolock
ImageList_GetDragImage
ImageList_DragEnter
ImageList_DragLeave
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ord14
ImageList_GetImageCount

oledlg

ord4
ord9
ord5
ord6
ord7
ord3
ord8

ole32

OleQueryLinkFromData
CoTaskMemFree
CoCreateInstance
OleTranslateAccelerator
OleQueryCreateFromData
OleRegEnumVerbs
CoInitialize
OleRegGetMiscStatus
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CreateOleAdviseHolder
CreateDataAdviseHolder
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
CoDisconnectObject
OleSaveToStream
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
DoDragDrop
CoLockObjectExternal
StringFromGUID2
GetRunningObjectTable
OleSetMenuDescriptor
OleGetClipboard
IsAccelerator
GetClassFile
CreateStreamOnHGlobal
CoTaskMemAlloc
OleDuplicateData
CreateBindCtx
SetConvertStg
WriteFmtUserTypeStg
OleIsRunning
WriteClassStm
OleGetIconOfClass
GetHGlobalFromILockBytes
StgIsStorageILockBytes
OleSave
OleLoad
OleCreate
OleCreateLinkToFile
OleCreateFromFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSetContainedObject
OleLockRunning
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
CoGetMalloc
OleRegGetUserType
WriteClassStg
CreateFileMoniker
CreateGenericComposite
CreateItemMoniker
OleFlushClipboard
OleSetClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoRegisterClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
OleRun
ReleaseStgMedium
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg

olepro32

ord253

oleaut32

SafeArrayAccessData
SafeArrayPtrOfIndex
SysAllocStringLen
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromDate
VarDateFromStr
VarBstrFromCy
VarCyFromStr
SysStringByteLen
VariantChangeType
SysAllocStringByteLen
SysAllocString
VariantCopy
VariantClear
SafeArrayCreate
SafeArrayRedim
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayUnaccessData
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
DosDateTimeToVariantTime
VariantTimeToSystemTime
SysReAllocStringLen
SysStringLen
LoadTypeLi
SysFreeString

wsock32

htonl
socket
connect
sendto
getpeername
WSAAsyncSelect
send
WSAGetLastError
gethostbyname
closesocket
recv
ioctlsocket
htons
accept
ntohs
shutdown
listen
inet_ntoa
bind
getsockopt
setsockopt
getsockname
inet_addr
WSASetLastError
WSAStartup
WSACleanup
gethostname
recvfrom

wininet

FtpGetFileA
GopherGetLocatorTypeA
InternetGetLastResponseInfoA
GopherFindFirstFileA
InternetFindNextFileA
FtpFindFirstFileA
HttpQueryInfoA
HttpSendRequestExA
HttpEndRequestA
HttpSendRequestA
HttpAddRequestHeadersA
InternetErrorDlg
HttpOpenRequestA
GopherOpenFileA
GopherGetAttributeA
GopherCreateLocatorA
InternetCrackUrlA
FtpPutFileA
FtpOpenFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
FtpCreateDirectoryA
FtpRenameFileA
FtpDeleteFileA
InternetConnectA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetGetCookieA
InternetSetCookieA
InternetSetStatusCallback
InternetSetOptionExA
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetQueryOptionA
InternetCanonicalizeUrlA

Sections

.text
Size: 1020KB - Virtual size: 1016KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18bc6fa81e19f21156316b1ae696ed6b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 153KB

.ndata Size: - Virtual size: 32KB

.rsrc Size: 4KB - Virtual size: 4KB

c85e49f51a4269c1477c44ceecce4a68

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

wininet

Sections

.text Size: 1020KB - Virtual size: 1016KB

.rdata Size: 132KB - Virtual size: 130KB

.data Size: 76KB - Virtual size: 89KB

.rsrc Size: 84KB - Virtual size: 82KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 153KB

.ndata
Size: - Virtual size: 32KB

.rsrc
Size: 4KB - Virtual size: 4KB

.text
Size: 1020KB - Virtual size: 1016KB

.rdata
Size: 132KB - Virtual size: 130KB

.data
Size: 76KB - Virtual size: 89KB

.rsrc
Size: 84KB - Virtual size: 82KB