6f1628b6e044e8af215b4c3627f9ce7b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6f1628b6e044e8af215b4c3627f9ce7b_JaffaCakes118
Size

1.3MB
MD5

6f1628b6e044e8af215b4c3627f9ce7b
SHA1

eb1ad1db8f4d61c0f07900140d00340411fdbf54
SHA256

b8feebcc2b19f24b6f46724ffd4cb29a55c57e9b1793937bda4656b27192006b
SHA512

4c58b82be117f7bfc2469d6c6ce1d6c62a4552484420c2842c66ba10360151bdde4e021971012a58b329eda324415fd76278ef8c842f94e42acca58a7cc8b695
SSDEEP

24576:EeTPS8KeLL1dXxoU398KpeAP7siW/3ESJFWF24DlJjQo5jQ9R8GLXD1qJ:EeTTSU3oAjsLc6FkBh5jQ/LTa

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ForumDown_gpxz/!)安装电脑服务之家.exe
unpack001/ForumDown_gpxz/ForumDown/ForumDown.exe
unpack001/ForumDown_gpxz/ForumDown/JavaSoho.dll

Files

6f1628b6e044e8af215b4c3627f9ce7b_JaffaCakes118
.rar
ForumDown_gpxz/!)安装电脑服务之家.exe
.exe windows:4 windows x86 arch:x86

bc5ce990cf54f8d435a68eb97512f73e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
SetFileSecurityA
SetFileSecurityW

kernel32

CloseHandle
CompareStringA
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
DosDateTimeToFileTime
ExitProcess
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceA
FreeLibrary
GetCPInfo
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetDateFormatA
GetFileAttributesA
GetFileAttributesW
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetNumberFormatA
GetProcAddress
GetProcessHeap
GetStdHandle
GetTempPathA
GetTickCount
GetTimeFormatA
GetVersionExA
GlobalAlloc
HeapAlloc
HeapFree
HeapReAlloc
IsDBCSLeadByte
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
MoveFileExA
MultiByteToWideChar
ReadFile
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetLastError
Sleep
SystemTimeToFileTime
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpiA
lstrlenA

comctl32

ord17

comdlg32

CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA

gdi32

DeleteObject

shell32

SHBrowseForFolderA
SHChangeNotify
SHFileOperationA
SHGetFileInfoA
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA

user32

CharToOemA
CharToOemBuffA
CharUpperA
CopyRect
CreateWindowExA
DefWindowProcA
DestroyIcon
DestroyWindow
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
FindWindowExA
GetClassNameA
GetClientRect
GetDlgItem
GetDlgItemTextA
GetMessageA
GetParent
GetSysColor
GetSystemMetrics
GetWindow
GetWindowLongA
GetWindowRect
GetWindowTextA
IsWindow
IsWindowVisible
LoadBitmapA
LoadCursorA
LoadIconA
LoadStringA
MapWindowPoints
MessageBoxA
OemToCharA
OemToCharBuffA
PeekMessageA
PostMessageA
RegisterClassExA
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetFocus
SetMenu
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
TranslateMessage
UpdateWindow
WaitForInputIdle
wsprintfA
wvsprintfA

ole32

CLSIDFromString
CoCreateInstance
CreateStreamOnHGlobal
OleInitialize
OleUninitialize

Sections

.text
Size: 78KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ForumDown_gpxz/ForumDown/ForumDown.exe
.exe windows:4 windows x86 arch:x86

fe27cada5b619f95e6751c4f6d8bd057

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

comctl32

InitCommonControls

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectA
DeleteDC
DeleteObject
GetBkMode
GetDeviceCaps
GetStockObject
SelectObject
SetBkMode
SetTextColor
TextOutA

kernel32

AllocConsole
AreFileApisANSI
CloseHandle
CreateDirectoryA
CreateFileA
CreateMutexA
CreateProcessA
CreateSemaphoreA
CreateThread
DeleteFileA
DuplicateHandle
EnterCriticalSection
ExitProcess
ExitThread
FindClose
FindFirstFileA
FindNextFileA
FreeEnvironmentStringsA
GetCommandLineA
GetCommandLineW
GetConsoleOutputCP
GetConsoleTitleA
GetCurrentProcess
GetCurrentProcessId
GetEnvironmentStrings
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFullPathNameA
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetShortPathNameA
GetShortPathNameW
GetStartupInfoA
GetTempFileNameA
GetTempPathA
GetTickCount
GetVersionExA
GetWindowsDirectoryA
InitializeCriticalSection
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
MulDiv
MultiByteToWideChar
ReadFile
ReleaseMutex
RemoveDirectoryA
SearchPathA
SetConsoleTitleA
SetCurrentDirectoryA
SetEnvironmentVariableA
SetFilePointer
SetLastError
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcpynA
lstrlenA

msvcrt

_close
_fileno
_fstat
_isatty
_lseek
_open
_read
_stricmp
_wcslwr
_write
_HUGE
__getmainargs
__mb_cur_max
__p__environ
__set_app_type
_assert
_cexit
_errno
_fileno
_fmode
_fpreset
_iob
_isctype
_itoa
_mkdir
_pctype
_putenv
_rmdir
_setmode
_strupr
_tempnam
abort
atexit
atoi
ctime
difftime
exit
fclose
fflush
fgets
fopen
fprintf
fread
free
fseek
fwprintf
fwrite
getc
getenv
malloc
memchr
memcpy
memmove
memset
mktime
printf
rand
remove
signal
sprintf
srand
strcat
strchr
strcmp
strcpy
strncmp
strncpy
strrchr
strstr
strtok
strtol
strtoul
swprintf
time
vfprintf
wcschr
wcscmp
wcscpy
wcslen
wcsncmp
wcsncpy

shell32

SHGetDesktopFolder
SHGetMalloc
SHGetPathFromIDListA

user32

BeginPaint
CreateWindowExA
DefWindowProcA
DispatchMessageA
DrawTextExA
EndPaint
EnumWindows
ExitWindowsEx
FillRect
FindWindowA
GetDesktopWindow
GetForegroundWindow
GetLastActivePopup
GetMessageA
GetWindowRect
GetWindowThreadProcessId
InvalidateRect
IsIconic
IsWindowVisible
LoadCursorA
LoadIconA
LoadImageA
MessageBoxA
MessageBoxW
PostQuitMessage
RegisterClassA
SetForegroundWindow
SetTimer
SetWindowPos
ShowWindow
TranslateMessage
UpdateWindow

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 49KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ForumDown_gpxz/ForumDown/ForumDown.jar
.jar
ForumDown_gpxz/ForumDown/ForumHost.dat
ForumDown_gpxz/ForumDown/JavaSoho.dll
.dll windows:4 windows x86 arch:x86

71f9f8f1a2b5e7f76ce1e11e76737337

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLocaleInfoW
SetEnvironmentVariableA
SetStdHandle
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
IsBadCodePtr
Sleep
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
SetConsoleCtrlHandler
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
VirtualAlloc
VirtualFree
HeapFree
HeapReAlloc
HeapAlloc
FatalAppExitA
UnhandledExceptionFilter
TerminateProcess
ExitProcess
GetACP
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RaiseException
GetCommandLineA
OutputDebugStringA
GetStdHandle
DebugBreak
HeapValidate
RtlUnwind
ExitThread
CreateThread
SetFileAttributesA
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetFullPathNameA
GlobalFree
GetTempFileNameA
GetFileAttributesA
GetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
FindResourceExA
FormatMessageA
GetOEMCP
GetCPInfo
GetCurrentThread
SizeofResource
GlobalFlags
GetPrivateProfileIntA
GetProcessVersion
GetProfileIntA
MulDiv
VirtualProtect
ResumeThread
GetThreadPriority
SetThreadPriority
LoadLibraryA
FreeLibrary
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetProcAddress
LockResource
LoadResource
FreeResource
lstrcmpA
FileTimeToLocalFileTime
FileTimeToSystemTime
IsBadReadPtr
IsBadWritePtr
IsBadStringPtrA
IsBadStringPtrW
FindResourceA
GetLastError
SetLastError
GetVersion
lstrcpynA
GetModuleFileNameA
lstrcpyA
lstrcatA
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
GlobalLock
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
LocalFree
CreateEventA
SuspendThread
GetCurrentThreadId
SetEvent
WaitForSingleObject
InterlockedDecrement
InterlockedIncrement
DeviceIoControl
GlobalAlloc
CloseHandle
GetModuleHandleA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
CreateFileA

user32

SetCursor
GetClipboardFormatNameA
UnpackDDElParam
DestroyMenu
GetDialogBaseUnits
LoadAcceleratorsA
TranslateAcceleratorA
ReuseDDElParam
CharUpperA
DestroyIcon
DestroyCursor
SetCursorPos
ReleaseCapture
GetAsyncKeyState
GetMenuCheckMarkDimensions
OpenIcon
CloseWindow
LoadCursorA
PostThreadMessageA
MapDialogRect
GetWindowContextHelpId
SetWindowContextHelpId
SendNotifyMessageA
GetForegroundWindow
SetForegroundWindow
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
FlashWindow
WindowFromPoint
SetParent
GetLastActivePopup
FindWindowA
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
DlgDirSelectComboBoxExA
DlgDirSelectExA
DlgDirListComboBoxA
DlgDirListA
GetDesktopWindow
SetCapture
KillTimer
SetTimer
EnableScrollBar
RedrawWindow
LockWindowUpdate
GetDCEx
ShowOwnedPopups
IsWindowVisible
ValidateRgn
InvalidateRgn
InvalidateRect
GetUpdateRgn
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ClientToScreen
BringWindowToTop
GetWindowRgn
SetWindowRgn
ArrangeIconicWindows
IsZoomed
HiliteMenuItem
GetSystemMenu
DrawMenuBar
SetMenu
GetMenu
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
LoadIconA
SendDlgItemMessageA
GetClientRect
MapWindowPoints
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
GetParent
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetClassNameA
GetDlgCtrlID
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
SetWindowLongA
SystemParametersInfoA
IsIconic
GetWindowPlacement
RegisterWindowMessageA
EndDialog
GetActiveWindow
SetActiveWindow
EnableWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
wsprintfA
LoadStringA
PostQuitMessage
UnregisterClassA
CheckMenuRadioItem
GetMenuContextHelpId
SetMenuContextHelpId
LoadMenuIndirectA
LoadMenuA
SetMenuItemBitmaps
RemoveMenu
ModifyMenuA
InsertMenuA
GetSubMenu
GetMenuItemInfoA
GetMenuStringA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
AppendMenuA
DeleteMenu
IsMenu
CreatePopupMenu
CreateMenu
ScrollDC
GrayStringA
GetTabbedTextExtentA
DrawTextA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawStateA
DrawIcon
InvertRect
FrameRect
FillRect
ExcludeUpdateRgn
WindowFromDC
LoadBitmapA
GetSysColorBrush
SubtractRect
UnionRect
IntersectRect
OffsetRect
InflateRect
EqualRect
SetRectEmpty
SetRect
PtInRect
IsRectEmpty
CopyRect
UnhookWindowsHookEx
DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExA
SetWindowPos
GetWindow
GetWindowRect
CharToOemA
GetKeyState
CallNextHookEx
ValidateRect
PeekMessageA
GetCursorPos
SetWindowsHookExA
TabbedTextOutA
PostMessageA
IsWindow
SendMessageA
OemToCharA
GetSysColor

oleaut32

VariantClear
SysAllocString
SysAllocStringLen

comctl32

ImageList_DragLeave
ImageList_DragEnter
ImageList_GetDragImage
ord8
ord17
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ord13
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge
ImageList_Read
ImageList_Write
ord14
ImageList_GetImageCount
ImageList_Add
ImageList_AddMasked
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Draw
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_SetOverlayImage
ImageList_GetImageInfo
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragMove
ImageList_SetDragCursorImage
ImageList_DragShowNolock

atl

ord42
ord47

gdi32

CreateFontIndirectA
CreateDIBPatternBrushPt
CreatePatternBrush
CreateSolidBrush
CreateHatchBrush
CreateBrushIndirect
CreateFontA
CreateBitmap
CreateBitmapIndirect
SetBitmapBits
GetBitmapBits
SetBitmapDimensionEx
GetBitmapDimensionEx
CreateCompatibleBitmap
CreateDiscardableBitmap
CreatePalette
CreateHalftonePalette
GetPaletteEntries
SetPaletteEntries
AnimatePalette
GetNearestPaletteIndex
ResizePalette
CreateRectRgn
CreateRectRgnIndirect
CreateEllipticRgn
CreateEllipticRgnIndirect
CreatePolygonRgn
CreatePolyPolygonRgn
CreateRoundRectRgn
PathToRegion
ExtCreateRegion
GetRegionData
SetRectRgn
CombineRgn
EqualRgn
OffsetRgn
GetRgnBox
PtInRegion
RectInRegion
CreateDCA
CreateICA
CreateCompatibleDC
GetDeviceCaps
GetBrushOrgEx
SetBrushOrgEx
EnumObjects
SelectObject
GetNearestColor
RealizePalette
UpdateColors
GetBkColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
ExtCreatePen
GetViewportOrgEx
GetViewportExtEx
GetWindowOrgEx
GetWindowExtEx
DPtoLP
LPtoDP
FillRgn
FrameRgn
InvertRgn
PaintRgn
PtVisible
RectVisible
GetCurrentPositionEx
Arc
Polyline
Chord
Ellipse
Pie
Polygon
PolyPolygon
Rectangle
RoundRect
PatBlt
BitBlt
StretchBlt
GetPixel
SetPixel
FloodFill
ExtFloodFill
TextOutA
GetTextExtentPoint32A
GetTextAlign
GetTextFaceA
GetTextMetricsA
GetTextCharacterExtra
GetCharWidthA
GetAspectRatioFilterEx
Escape
SetBoundsRect
GetBoundsRect
ResetDCA
GetOutlineTextMetricsA
GetCharABCWidthsA
GetFontData
GetKerningPairsA
GetGlyphOutlineA
StartDocA
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
MaskBlt
PlgBlt
SetPixelV
AngleArc
GetArcDirection
PolyPolyline
GetColorAdjustment
GetCurrentObject
PolyBezier
DrawEscape
ExtEscape
GetCharABCWidthsFloatA
GetCharWidthFloatA
AbortPath
BeginPath
CloseFigure
EndPath
FillPath
FlattenPath
GetMiterLimit
GetPath
SetMiterLimit
StrokeAndFillPath
StrokePath
WidenPath
GdiComment
PlayEnhMetaFile
GetDCOrgEx
GetClipBox
SetTextColor
SetBkColor
DeleteDC
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
CreatePenIndirect
CreatePen
CreateMetaFileA
GetObjectType
UnrealizeObject
GetStockObject
GetObjectA
ExtTextOutA
CloseEnhMetaFile
CreateEnhMetaFileA
CloseMetaFile
GetMapMode
EnumFontFamiliesExA
StretchDIBits
PlayMetaFile
EnumMetaFile
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
GetClipRgn
DeleteObject
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
MoveToEx
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comdlg32

GetOpenFileNameA
ChooseColorA
GetFileTitleA
GetSaveFileNameA

advapi32

RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
SetFileSecurityA
GetFileSecurityA
RegEnumKeyA
RegCreateKeyA
RegCloseKey
RegSetValueA
RegQueryValueA

shell32

DragFinish
DragQueryFileA
SHGetFileInfoA
ExtractIconA
DragAcceptFiles

Exports

Exports

_Java_c_b_g_d_a_g_O0000@16
_Java_c_b_g_d_a_g_OO000@20
_Java_c_b_g_d_a_g_OOO00@8

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ForumDown_gpxz/ForumDown/alloy.jar
.zip
com/incors/plaf/AbstractCommonBorder.class
com/incors/plaf/a/a.class
com/incors/plaf/a/b.class
com/incors/plaf/alloy/AlloyBorders.class
com/incors/plaf/alloy/AlloyButtonUI.class
com/incors/plaf/alloy/AlloyCheckBoxUI.class
com/incors/plaf/alloy/AlloyColorChooserUI.class
com/incors/plaf/alloy/AlloyComboBoxUI.class
com/incors/plaf/alloy/AlloyCommonBorderFactory.class
com/incors/plaf/alloy/AlloyCommonUtilities.class
com/incors/plaf/alloy/AlloyDesktopIconUI.class
com/incors/plaf/alloy/AlloyEditorPaneUI.class
com/incors/plaf/alloy/AlloyFontTheme.class
com/incors/plaf/alloy/AlloyFormattedTextFieldUI.class
com/incors/plaf/alloy/AlloyIconFactory.class
com/incors/plaf/alloy/AlloyInternalFrameUI.class
com/incors/plaf/alloy/AlloyLabelUI.class
com/incors/plaf/alloy/AlloyListUI.class
com/incors/plaf/alloy/AlloyLookAndFeel.class
com/incors/plaf/alloy/AlloyMenuBarUI.class
com/incors/plaf/alloy/AlloyMenuItemUI.class
com/incors/plaf/alloy/AlloyMenuUI.class
com/incors/plaf/alloy/AlloyPanelUI.class
com/incors/plaf/alloy/AlloyPasswordFieldUI.class
com/incors/plaf/alloy/AlloyPopupMenuSeparatorUI.class
com/incors/plaf/alloy/AlloyPopupMenuUI.class
com/incors/plaf/alloy/AlloyProgressBarUI.class
com/incors/plaf/alloy/AlloyRadioButtonUI.class
com/incors/plaf/alloy/AlloyRootPaneUI.class
com/incors/plaf/alloy/AlloyScrollBarUI.class
com/incors/plaf/alloy/AlloySeparatorUI.class
com/incors/plaf/alloy/AlloySliderUI.class
com/incors/plaf/alloy/AlloySpinnerUI.class
com/incors/plaf/alloy/AlloySplitPaneUI.class
com/incors/plaf/alloy/AlloyTabbedPane2UI.class
com/incors/plaf/alloy/AlloyTabbedPaneUI.class
com/incors/plaf/alloy/AlloyTableHeaderUI.class
com/incors/plaf/alloy/AlloyTextAreaUI.class
com/incors/plaf/alloy/AlloyTextFieldUI.class
com/incors/plaf/alloy/AlloyTextPaneUI.class
com/incors/plaf/alloy/AlloyTheme.class
com/incors/plaf/alloy/AlloyToggleButtonUI.class
com/incors/plaf/alloy/AlloyToolBarSeparatorUI.class
com/incors/plaf/alloy/AlloyToolBarUI.class
com/incors/plaf/alloy/AlloyToolTipUI.class
com/incors/plaf/alloy/AlloyTreeUI.class
com/incors/plaf/alloy/DefaultAlloyTheme.class
com/incors/plaf/alloy/a/a.class
com/incors/plaf/alloy/a/b.class
com/incors/plaf/alloy/a/c.class
com/incors/plaf/alloy/a/d.class
com/incors/plaf/alloy/a/e.class
com/incors/plaf/alloy/a/f.class
com/incors/plaf/alloy/a/g.class
com/incors/plaf/alloy/a/h.class
com/incors/plaf/alloy/a/i.class
com/incors/plaf/alloy/alloy.properties
com/incors/plaf/alloy/alloy_de.properties
com/incors/plaf/alloy/alloy_fr.properties
com/incors/plaf/alloy/b.class
com/incors/plaf/alloy/ba.class
com/incors/plaf/alloy/bb.class
com/incors/plaf/alloy/bc.class
com/incors/plaf/alloy/bd.class
com/incors/plaf/alloy/be.class
com/incors/plaf/alloy/bf.class
com/incors/plaf/alloy/bg.class
com/incors/plaf/alloy/bh.class
com/incors/plaf/alloy/bi.class
com/incors/plaf/alloy/bj.class
com/incors/plaf/alloy/bk.class
com/incors/plaf/alloy/bl.class
com/incors/plaf/alloy/bm.class
com/incors/plaf/alloy/bn.class
com/incors/plaf/alloy/bo.class
com/incors/plaf/alloy/bp.class
com/incors/plaf/alloy/bq.class
com/incors/plaf/alloy/br.class
com/incors/plaf/alloy/bs.class
com/incors/plaf/alloy/bt.class
com/incors/plaf/alloy/bu.class
com/incors/plaf/alloy/bv.class
com/incors/plaf/alloy/bw.class
com/incors/plaf/alloy/bx.class
com/incors/plaf/alloy/by.class
com/incors/plaf/alloy/bz.class
com/incors/plaf/alloy/c.class
com/incors/plaf/alloy/ca.class
com/incors/plaf/alloy/cb.class
com/incors/plaf/alloy/cc.class
com/incors/plaf/alloy/cd.class
com/incors/plaf/alloy/ce.class
com/incors/plaf/alloy/cf.class
com/incors/plaf/alloy/cg.class
com/incors/plaf/alloy/ch.class
com/incors/plaf/alloy/ci.class
com/incors/plaf/alloy/cj.class
com/incors/plaf/alloy/ck.class
com/incors/plaf/alloy/cl.class
com/incors/plaf/alloy/cm.class
com/incors/plaf/alloy/cn.class
com/incors/plaf/alloy/co.class
com/incors/plaf/alloy/cp.class
com/incors/plaf/alloy/cq.class
com/incors/plaf/alloy/cr.class
com/incors/plaf/alloy/cs.class
com/incors/plaf/alloy/ct.class
com/incors/plaf/alloy/cu.class
com/incors/plaf/alloy/cv.class
com/incors/plaf/alloy/cw.class
com/incors/plaf/alloy/cx.class
com/incors/plaf/alloy/cy.class
com/incors/plaf/alloy/cz.class
com/incors/plaf/alloy/d.class
com/incors/plaf/alloy/da.class
com/incors/plaf/alloy/db.class
com/incors/plaf/alloy/dc.class
com/incors/plaf/alloy/dd.class
com/incors/plaf/alloy/de.class
com/incors/plaf/alloy/df.class
com/incors/plaf/alloy/dg.class
com/incors/plaf/alloy/dh.class
com/incors/plaf/alloy/di.class
com/incors/plaf/alloy/dj.class
com/incors/plaf/alloy/dk.class
com/incors/plaf/alloy/dl.class
com/incors/plaf/alloy/dm.class
com/incors/plaf/alloy/dn.class
com/incors/plaf/alloy/dp.class
com/incors/plaf/alloy/dq.class
com/incors/plaf/alloy/dr.class
com/incors/plaf/alloy/ds.class
com/incors/plaf/alloy/dt.class
com/incors/plaf/alloy/du.class
com/incors/plaf/alloy/dv.class
com/incors/plaf/alloy/dw.class
com/incors/plaf/alloy/dx.class
com/incors/plaf/alloy/dy.class
com/incors/plaf/alloy/dz.class
com/incors/plaf/alloy/e.class
com/incors/plaf/alloy/ea.class
com/incors/plaf/alloy/eb.class
com/incors/plaf/alloy/ec.class
com/incors/plaf/alloy/ed.class
com/incors/plaf/alloy/ee.class
com/incors/plaf/alloy/ef.class
com/incors/plaf/alloy/eg.class
com/incors/plaf/alloy/eh.class
com/incors/plaf/alloy/ei.class
com/incors/plaf/alloy/ej.class
com/incors/plaf/alloy/ek.class
com/incors/plaf/alloy/f.class
com/incors/plaf/alloy/g.class
com/incors/plaf/alloy/h.class
com/incors/plaf/alloy/i.class
com/incors/plaf/alloy/icons/CheckBackground.png
.png
com/incors/plaf/alloy/icons/CheckBackgroundPressed.png
.png
com/incors/plaf/alloy/icons/CheckBorder.png
.png
com/incors/plaf/alloy/icons/CheckMenuBackground.png
.png
com/incors/plaf/alloy/icons/CheckMenuBackgroundPressed.png
.png
com/incors/plaf/alloy/icons/CheckMenuBorder.png
.png
com/incors/plaf/alloy/icons/CheckMenuRollover.png
.png
com/incors/plaf/alloy/icons/CheckMenuSelection.png
.png
com/incors/plaf/alloy/icons/CheckMenuSelectionDisabled.png
.png
com/incors/plaf/alloy/icons/CheckMenuSelectionPressed.png
.png
com/incors/plaf/alloy/icons/CheckRollover.png
.png
com/incors/plaf/alloy/icons/CheckSelection.png
.png
com/incors/plaf/alloy/icons/CheckSelectionDisabled.png
.png
com/incors/plaf/alloy/icons/CheckSelectionPressed.png
.png
com/incors/plaf/alloy/icons/Computer16.png
.png
com/incors/plaf/alloy/icons/Error.png
.png
com/incors/plaf/alloy/icons/FileViewDetails18.png
.png
com/incors/plaf/alloy/icons/FileViewList18.png
.png
com/incors/plaf/alloy/icons/Floppy16.png
.png
com/incors/plaf/alloy/icons/Folder16.png
.png
com/incors/plaf/alloy/icons/FolderNew18.png
.png
com/incors/plaf/alloy/icons/FolderOpen16.png
.png
com/incors/plaf/alloy/icons/FolderUp18.png
.png
com/incors/plaf/alloy/icons/FrameClose.png
.png
com/incors/plaf/alloy/icons/FrameClosePressed.png
.png
com/incors/plaf/alloy/icons/FrameClosePressed_classic.png
.png
com/incors/plaf/alloy/icons/FrameCloseRollover.png
.png
com/incors/plaf/alloy/icons/FrameCloseRollover_classic.png
.png
com/incors/plaf/alloy/icons/FrameCloseSmall.png
.png
com/incors/plaf/alloy/icons/FrameCloseSmallPressed.png
.png
com/incors/plaf/alloy/icons/FrameCloseSmallPressed_classic.png
.png
com/incors/plaf/alloy/icons/FrameCloseSmallRollover.png
.png
com/incors/plaf/alloy/icons/FrameCloseSmallRollover_classic.png
.png
com/incors/plaf/alloy/icons/FrameCloseSmall_classic.png
.png
com/incors/plaf/alloy/icons/FrameClose_classic.png
.png
com/incors/plaf/alloy/icons/FrameClose_original.png
.png
com/incors/plaf/alloy/icons/FrameDefault.png
.png
com/incors/plaf/alloy/icons/FrameInactive.png
.png
com/incors/plaf/alloy/icons/FrameMaximize.png
.png
com/incors/plaf/alloy/icons/FrameMaximizePressed.png
.png
com/incors/plaf/alloy/icons/FrameMaximizePressed_classic.png
.png
com/incors/plaf/alloy/icons/FrameMaximizeRollover.png
.png
com/incors/plaf/alloy/icons/FrameMaximizeRollover_classic.png
.png
com/incors/plaf/alloy/icons/FrameMaximize_classic.png
.png
com/incors/plaf/alloy/icons/FrameMinimize.png
.png
com/incors/plaf/alloy/icons/FrameMinimizePressed.png
.png
com/incors/plaf/alloy/icons/FrameMinimizePressed_classic.png
.png
com/incors/plaf/alloy/icons/FrameMinimizeRollover.png
.png
com/incors/plaf/alloy/icons/FrameMinimizeRollover_classic.png
.png
com/incors/plaf/alloy/icons/FrameMinimize_classic.png
.png
com/incors/plaf/alloy/icons/FrameRestore.png
.png
com/incors/plaf/alloy/icons/FrameRestorePressed.png
.png
com/incors/plaf/alloy/icons/FrameRestorePressed_classic.png
.png
com/incors/plaf/alloy/icons/FrameRestoreRollover.png
.png
com/incors/plaf/alloy/icons/FrameRestoreRollover_classic.png
.png
com/incors/plaf/alloy/icons/FrameRestore_classic.png
.png
com/incors/plaf/alloy/icons/Harddisk16.png
.png
com/incors/plaf/alloy/icons/Home18.png
.png
com/incors/plaf/alloy/icons/Inform.png
.png
com/incors/plaf/alloy/icons/Page16.png
.png
com/incors/plaf/alloy/icons/Question.png
.png
com/incors/plaf/alloy/icons/RadioBackground.png
.png
com/incors/plaf/alloy/icons/RadioBackgroundPressed.png
.png
com/incors/plaf/alloy/icons/RadioBorder.png
.png
com/incors/plaf/alloy/icons/RadioMenuBackground.png
.png
com/incors/plaf/alloy/icons/RadioMenuBackgroundPressed.png
.png
com/incors/plaf/alloy/icons/RadioMenuBorder.png
.png
com/incors/plaf/alloy/icons/RadioMenuRollover.png
.png
com/incors/plaf/alloy/icons/RadioMenuSelection.png
.png
com/incors/plaf/alloy/icons/RadioMenuSelectionDisabled.png
.png
com/incors/plaf/alloy/icons/RadioMenuSelectionPressed.png
.png
com/incors/plaf/alloy/icons/RadioRollover.png
.png
com/incors/plaf/alloy/icons/RadioSelection.png
.png
com/incors/plaf/alloy/icons/RadioSelectionDisabled.png
.png
com/incors/plaf/alloy/icons/RadioSelectionPressed.png
.png
com/incors/plaf/alloy/icons/SliderHBackground.png
.png
com/incors/plaf/alloy/icons/SliderHBackgroundDisabled.png
.png
com/incors/plaf/alloy/icons/SliderHBorder.png
.png
com/incors/plaf/alloy/icons/SliderHBorderDisabled.png
.png
com/incors/plaf/alloy/icons/SliderHRollover.png
.png
com/incors/plaf/alloy/icons/SliderHTip.png
.png
com/incors/plaf/alloy/icons/SliderVBackground.png
.png
com/incors/plaf/alloy/icons/SliderVBackgroundDisabled.png
.png
com/incors/plaf/alloy/icons/SliderVBorder.png
.png
com/incors/plaf/alloy/icons/SliderVBorderDisabled.png
.png
com/incors/plaf/alloy/icons/SliderVR2LBackground.png
.png
com/incors/plaf/alloy/icons/SliderVR2LBackgroundDisabled.png
.png
com/incors/plaf/alloy/icons/SliderVR2LBorder.png
.png
com/incors/plaf/alloy/icons/SliderVR2LBorderDisabled.png
.png
com/incors/plaf/alloy/icons/SliderVR2LRollover.png
.png
com/incors/plaf/alloy/icons/SliderVR2LTip.png
.png
com/incors/plaf/alloy/icons/SliderVRollover.png
.png
com/incors/plaf/alloy/icons/SliderVTip.png
.png
com/incors/plaf/alloy/icons/TreeCollapsed.png
.png
com/incors/plaf/alloy/icons/TreeCollapsedR2L.png
.png
com/incors/plaf/alloy/icons/TreeExpanded.png
.png
com/incors/plaf/alloy/icons/Warn.png
.png
com/incors/plaf/alloy/j.class
com/incors/plaf/alloy/k.class
com/incors/plaf/alloy/l.class
com/incors/plaf/alloy/m.class
com/incors/plaf/alloy/n.class
com/incors/plaf/alloy/o.class
com/incors/plaf/alloy/p.class
com/incors/plaf/alloy/q.class
com/incors/plaf/alloy/r.class
com/incors/plaf/alloy/s.class
com/incors/plaf/alloy/t.class
com/incors/plaf/alloy/themes/CustomFontTheme.class
com/incors/plaf/alloy/themes/acid/AcidTheme.class
com/incors/plaf/alloy/themes/acid/a.class
com/incors/plaf/alloy/themes/acid/b.class
com/incors/plaf/alloy/themes/bedouin/BedouinTheme.class
com/incors/plaf/alloy/themes/bedouin/a.class
com/incors/plaf/alloy/themes/bedouin/b.class
com/incors/plaf/alloy/themes/custom/CustomThemeFactory.class
com/incors/plaf/alloy/themes/custom/a.class
com/incors/plaf/alloy/themes/custom/b.class
com/incors/plaf/alloy/themes/custom/c.class
com/incors/plaf/alloy/themes/custom/d.class
com/incors/plaf/alloy/themes/custom/e.class
com/incors/plaf/alloy/themes/glass/GlassTheme.class
com/incors/plaf/alloy/themes/glass/a.class
com/incors/plaf/alloy/themes/glass/b.class
com/incors/plaf/alloy/themes/glass/c.class
com/incors/plaf/alloy/themes/glass/d.class
com/incors/plaf/alloy/themes/glass/e.class
com/incors/plaf/alloy/u.class
com/incors/plaf/alloy/v.class
com/incors/plaf/alloy/w.class
com/incors/plaf/alloy/x.class
com/incors/plaf/alloy/y.class
com/incors/plaf/alloy/z.class
com/incors/plaf/b.class
com/incors/plaf/c.class
com/incors/plaf/d.class
com/incors/plaf/e.class
com/incors/plaf/f.class
com/incors/plaf/g.class
com/incors/plaf/h.class
com/incors/plaf/i.class
com/incors/plaf/j.class
com/incors/plaf/k.class
com/incors/plaf/l.class
com/incors/plaf/m.class
com/incors/plaf/n.class
com/incors/plaf/o.class
com/incors/plaf/p.class
com/incors/plaf/q.class
com/incors/plaf/r.class
com/incors/plaf/s.class
com/incors/plaf/t.class
com/incors/plaf/u.class
com/incors/plaf/v.class
com/incors/plaf/w.class
com/incors/plaf/x.class
ForumDown_gpxz/ForumDown/下载_readme.txt
ForumDown_gpxz/ForumDown/巴巴网址之家.url
ForumDown_gpxz/ForumDown/谷普下载.url
ForumDown_gpxz/乐吧网购物.htm

Sharing

General

Malware Config

Signatures

Files

bc5ce990cf54f8d435a68eb97512f73e

Headers

File Characteristics

Imports

advapi32

kernel32

comctl32

comdlg32

gdi32

shell32

user32

ole32

Sections

.text Size: 78KB - Virtual size: 80KB

.data Size: 2KB - Virtual size: 28KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 17KB - Virtual size: 17KB

fe27cada5b619f95e6751c4f6d8bd057

Headers

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

msvcrt

shell32

user32

Sections

.text Size: 121KB - Virtual size: 121KB

.data Size: 4KB - Virtual size: 4KB

.bss Size: - Virtual size: 49KB

.idata Size: 6KB - Virtual size: 5KB

.rsrc Size: 9KB - Virtual size: 9KB

71f9f8f1a2b5e7f76ce1e11e76737337

Headers

File Characteristics

Imports

kernel32

user32

oleaut32

comctl32

atl

gdi32

winspool.drv

comdlg32

advapi32

shell32

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 68KB - Virtual size: 66KB

.data Size: 52KB - Virtual size: 65KB

.idata Size: 20KB - Virtual size: 18KB

.reloc Size: 48KB - Virtual size: 45KB

.text
Size: 78KB - Virtual size: 80KB

.data
Size: 2KB - Virtual size: 28KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 17KB - Virtual size: 17KB

.text
Size: 121KB - Virtual size: 121KB

.data
Size: 4KB - Virtual size: 4KB

.bss
Size: - Virtual size: 49KB

.idata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 9KB - Virtual size: 9KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 68KB - Virtual size: 66KB

.data
Size: 52KB - Virtual size: 65KB

.idata
Size: 20KB - Virtual size: 18KB

.reloc
Size: 48KB - Virtual size: 45KB