1624cdae79fa9da05723b2e5721fc334_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1624cdae79fa9da05723b2e5721fc334_JaffaCakes118
Size

2.2MB
MD5

1624cdae79fa9da05723b2e5721fc334
SHA1

08b1b46f6afa68d2b102d8d3861d71f3a35c1f6e
SHA256

764a5ab8bcfd18baa57764b6156ff1e71c94313ea102f68515e8ddc47b414672
SHA512

c24d6e62e790e73dbcb35f5c6bc499c7c5255bf3d4f25272e93184a76413a115c4c46252898eedd65fc7bd470612369167ffdd6ae8aeef875e6efba8cfc6d5cb
SSDEEP

49152:DXUEkbOU+YUXxLjuL5NkuS6ibbnZBI6U9Xg3ubQKHhX:jUEAOU+YU9ubFSHbnnReSubQSR

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
static1/unpack001/usbencryptor/USBEncryptor.exe	vmprotect

Files

1624cdae79fa9da05723b2e5721fc334_JaffaCakes118
.rar
usbencryptor/USBEncryptor.exe
.exe windows:5 windows x86 arch:x86

19b5db55b181cf5582059355d6d978ef

Code Sign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7c:e2:10:b0:cf:b7:e4:df:9d:17:3d:86:0f:08:16:53
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

17/12/2009, 00:00

Not After

17/12/2010, 23:59

Subject

CN=Shanghai Eff-Soft Information Technology Co.\, Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Shanghai Eff-Soft Information Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

9a:d4:af:f3:c9:42:8f:e0:d6:26:b5:1a:96:80:01:00:cf:ed:85:50
Signer

Actual PE Digest

9a:d4:af:f3:c9:42:8f:e0:d6:26:b5:1a:96:80:01:00:cf:ed:85:50

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\USBEncrypt\1.0\GUI\bin\USBEncryptor_Minisize.pdb

Imports

kernel32

RaiseException
ExitProcess
GetSystemTimeAsFileTime
GetCPInfo
HeapReAlloc
HeapSize
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
HeapDestroy
VirtualFree
FatalAppExitA
VirtualAlloc
GetACP
GetOEMCP
LCMapStringW
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
GetStringTypeA
UnhandledExceptionFilter
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
SetCurrentDirectoryA
SetEnvironmentVariableA
TerminateProcess
HeapAlloc
ExitThread
RtlUnwind
IsDebuggerPresent
GetDiskFreeSpaceW
GetTempFileNameW
LocalFileTimeToFileTime
GetFileAttributesExW
SetErrorMode
SystemTimeToFileTime
GlobalFlags
GetShortPathNameW
GetFileSize
UnlockFile
LockFile
GetThreadLocale
GetStringTypeExW
MoveFileW
GetAtomNameW
GlobalGetAtomNameW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
SuspendThread
ResumeThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
FileTimeToLocalFileTime
FileTimeToSystemTime
ReleaseSemaphore
CreateSemaphoreW
GetProfileIntW
lstrcpynW
GetPrivateProfileSectionNamesW
OpenProcess
LoadLibraryExA
VirtualQuery
VirtualProtect
EnumResourceTypesW
EnumResourceNamesW
GetLocalTime
GetDateFormatW
GetTimeFormatW
HeapFree
SetUnhandledExceptionFilter
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
IsValidCodePage
IsDBCSLeadByteEx
GetFullPathNameW
GetFullPathNameA
GetCurrentDirectoryW
GetCurrentDirectoryA
DuplicateHandle
GetCurrentThreadId
GetProcessHeap
GlobalMemoryStatus
GetThreadTimes
GetProcessTimes
GetProcessWorkingSetSize
GetStartupInfoW
QueryPerformanceCounter
GetFileSizeEx
_lread
GetVolumeNameForVolumeMountPointA
SetVolumeMountPointA
DeleteVolumeMountPointA
SetEndOfFile
GetFileTime
_lwrite
SetFileTime
GetCurrentThread
SetThreadPriority
SetFilePointerEx
GetSystemInfo
InterlockedIncrement
ResetEvent
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
GetSystemDirectoryW
FindResourceA
GetVolumePathNameA
OutputDebugStringA
GetVersionExA
DefineDosDeviceW
DefineDosDeviceA
VirtualUnlock
VirtualLock
GetStdHandle
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
ReleaseMutex
MulDiv
LoadLibraryExW
LoadLibraryW
lstrcatW
WinExec
lstrcpyW
CreateEventW
GetCurrentProcessId
GetTickCount
CreateThread
WaitForMultipleObjects
SetEvent
GetDiskFreeSpaceA
GetExitCodeThread
TerminateThread
DeleteCriticalSection
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
SetVolumeLabelW
GetFileAttributesW
FindFirstFileW
DeleteFileW
lstrcmpW
SetFileAttributesW
FindNextFileW
FindClose
RemoveDirectoryW
CreateProcessW
GetTempPathA
CreateProcessA
CreateMutexW
FreeResource
InitializeCriticalSection
GetLogicalDrives
GetVolumeInformationW
CreateToolhelp32Snapshot
Module32FirstW
GetWindowsDirectoryW
Module32NextW
GetDriveTypeA
QueryDosDeviceA
FormatMessageW
LocalSize
FlushFileBuffers
Sleep
LoadLibraryA
GetModuleHandleA
FreeLibrary
GetDriveTypeW
SetFilePointer
ReadFile
GetProcAddress
GetCurrentProcess
DeviceIoControl
LocalFree
LocalAlloc
lstrcmpiW
GetTempPathW
CreateDirectoryW
CreateFileW
WriteFile
GetModuleFileNameW
GetModuleHandleW
GetVersion
FindResourceExW
CreateFileA
CloseHandle
GetUserDefaultLangID
SetLastError
GetModuleFileNameA
CopyFileA
GetVolumeInformationA
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
GetVersionExW
lstrlenA
FindResourceW
LoadResource
LockResource
SizeofResource
GetLastError
GetStringTypeW

user32

GetMenu
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
RemoveMenu
SetWindowsHookExW
GetClipboardOwner
GetClipboardViewer
GetInputState
GetMessageTime
GetOpenClipboardWindow
GetProcessWindowStation
GetQueueStatus
GetCaretPos
CallNextHookEx
UnhookWindowsHookEx
EndDialog
SendDlgItemMessageW
GetDlgItem
SetWindowTextW
MessageBoxW
MessageBoxA
ReuseDDElParam
UnpackDDElParam
GetSystemMenu
SetParent
SendMessageTimeoutW
EnumWindows
EnumChildWindows
GetUpdateRect
BeginPaint
GetDialogBaseUnits
CallWindowProcW
GetClassInfoW
CreateWindowExW
GetWindowTextW
ChildWindowFromPoint
IsWindowEnabled
EqualRect
SetRectEmpty
LoadStringW
SystemParametersInfoW
GetMonitorInfoW
MonitorFromWindow
EnumDisplayMonitors
MonitorFromPoint
MonitorFromRect
ReleaseCapture
SetCapture
GetCapture
SetRect
MessageBeep
CopyIcon
GetMessagePos
ScreenToClient
DestroyMenu
DestroyCursor
BeginDeferWindowPos
IsWindowVisible
ShowScrollBar
EndDeferWindowPos
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
SetMenu
TrackPopupMenu
ScrollWindow
FillRect
TrackPopupMenuEx
SetCursor
WindowFromPoint
GetNextDlgTabItem
GetActiveWindow
ClientToScreen
GetWindowRgn
GetDlgCtrlID
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
AdjustWindowRectEx
RegisterClassW
EndPaint
GetClassInfoExW
UnionRect
GetDCEx
LockWindowUpdate
LoadBitmapW
GetWindowRect
GetClientRect
InvalidateRect
EnableWindow
SendMessageW
PostMessageW
GetWindow
GetParent
MapWindowPoints
PeekMessageW
DestroyWindow
GetTopWindow
DefWindowProcW
GetDesktopWindow
GetFocus
SetFocus
RemovePropW
GetPropW
SetPropW
GetClassLongW
WinHelpW
SendDlgItemMessageA
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextW
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
IsDialogMessageW
MoveWindow
ShowWindow
ScrollWindowEx
GetWindowThreadProcessId
CreateDialogIndirectParamW
GetKeyNameTextW
MapVirtualKeyW
PostQuitMessage
ValidateRect
TranslateMessage
GetMessageW
ShowOwnedPopups
GetMenuItemInfoW
CharUpperW
GetSysColorBrush
UnregisterClassW
DeleteMenu
WaitMessage
BringWindowToTop
CreatePopupMenu
InsertMenuItemW
IsChild
GetClassNameW
RegisterWindowMessageW
wsprintfW
DispatchMessageW
SetActiveWindow
GetLastActivePopup
GetForegroundWindow
LoadImageW
GetWindowTextLengthW
SetWindowRgn
DrawFocusRect
PtInRect
OffsetRect
TranslateAcceleratorW
DrawIcon
GetSubMenu
GetMenuBarInfo
LoadMenuW
IsIconic
RedrawWindow
SetTimer
KillTimer
LoadIconW
GetSystemMetrics
IsWindow
SetForegroundWindow
GetCursorPos
SetMenuDefaultItem
GetWindowLongW
FrameRect
InflateRect
GetIconInfo
CreateIconIndirect
DrawStateW
DestroyIcon
SetWindowLongW
LoadCursorW
UpdateWindow
ReleaseDC
CopyRect
IntersectRect
IsRectEmpty
GetDC
InvertRect
IsMenu
ShowCaret
HideCaret
FindWindowW
DrawAnimatedRects
SetCursorPos
GetMenuDefaultItem
CreateIconFromResourceEx
DrawIconEx
SetClipboardData
RegisterClipboardFormatW
IsZoomed
DrawFrameControl
LookupIconIdFromDirectoryEx
LoadMenuIndirectW
SetWindowLongA
GetWindowLongA
IsWindowUnicode
EnableScrollBar
CallWindowProcA
DefWindowProcA
DefFrameProcA
DefFrameProcW
DefDlgProcA
DefDlgProcW
DefMDIChildProcA
DefMDIChildProcW
RegisterClassA
DrawEdge
GetCursor
IsClipboardFormatAvailable
OpenClipboard
CloseClipboard
EmptyClipboard
CopyAcceleratorTableW
ToUnicodeEx
GetKeyboardState
GetKeyboardLayoutList
IsCharLowerW
MapVirtualKeyExW
GetKeyboardLayout
SetClassLongW
GetDoubleClickTime
CopyImage
GetClipboardFormatNameW
GetTabbedTextExtentA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
InSendMessage
CharNextW
MapDialogRect
SetWindowContextHelpId
GetAsyncKeyState
MsgWaitForMultipleObjects
SendNotifyMessageW
InvalidateRgn
GetNextDlgGroupItem
PostThreadMessageW
WindowFromDC
GetSysColor
GetKeyState
LoadAcceleratorsW
RegisterDeviceNotificationW

gdi32

ExcludeClipRect
IntersectClipRect
OffsetClipRgn
SetTextAlign
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
GetClipRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
StartDocW
PtVisible
RectVisible
ExtTextOutW
Escape
OffsetViewportOrgEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
GetClipBox
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateDIBPatternBrushPt
CreatePatternBrush
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
ExtCreatePen
CreateHatchBrush
ModifyWorldTransform
CreateRectRgnIndirect
SetRectRgn
GetMapMode
DPtoLP
GetCharWidthW
StretchDIBits
CreateEllipticRgn
LPtoDP
Ellipse
GetBkColor
ArcTo
SetMapMode
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
CopyMetaFileW
OffsetRgn
CreatePolygonRgn
CombineRgn
SelectClipRgn
FrameRgn
TextOutW
SetTextJustification
SetBkMode
MoveToEx
LineTo
GetDeviceCaps
CreateDCW
SetViewportOrgEx
SetViewportExtEx
CreateDIBSection
RoundRect
CreateFontIndirectW
GetTextExtentPoint32W
GetTextMetricsW
Polyline
CreatePen
CreateRectRgn
FillRgn
CreateRoundRectRgn
GetPixel
SetPixel
CreateBitmap
SelectObject
SetBkColor
SetTextColor
GetStockObject
DeleteObject
Polygon
EnumFontFamiliesExW
GetTextColor
PtInRegion
GetDIBits
GetViewportOrgEx
GetCurrentObject
GetTextCharsetInfo
GetBitmapBits
ExtCreateRegion
Rectangle
SetBrushOrgEx
CreatePalette
CreateDIBitmap
ExtFloodFill
GetWindowOrgEx
GetRgnBox
GetTextAlign
GetTextExtentPoint32A
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
CreateMetaFileW
CloseMetaFile
DeleteMetaFile
BitBlt
PatBlt
CreateCompatibleBitmap
CreateFontW
CreateSolidBrush
StretchBlt
CreateCompatibleDC
GetDCOrgEx
DeleteDC
GetObjectW

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW
GetJobW

advapi32

RegEnumKeyExA
ControlService
OpenServiceW
OpenSCManagerW
CreateServiceW
StartServiceW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCloseKey
RegQueryValueW
RegOpenKeyExW
RegOpenKeyExA
QueryServiceStatus
RegQueryValueExA
OpenServiceA
CreateServiceA
GetFileSecurityW
SetFileSecurityW
RegCreateKeyW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegSetValueW
CloseServiceHandle
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
CryptAcquireContextW
RegQueryValueExW
CryptGenRandom
CryptReleaseContext

shell32

ShellExecuteExW
SHAppBarMessage
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetMalloc
DragQueryFileW
DragFinish
ExtractIconW
ord680
SHChangeNotify
SHGetFileInfoW
ShellExecuteW
SHGetSpecialFolderPathW
Shell_NotifyIconW

comctl32

_TrackMouseEvent
InitializeFlatSB
ImageList_AddMasked
ImageList_Create
ord17
ImageList_GetIcon
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_DrawEx
ImageList_Destroy
ImageList_Add
PropertySheetW
FlatSB_GetScrollProp
ImageList_GetBkColor
ImageList_DrawIndirect
ImageList_GetImageInfo

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathRemoveExtensionW
PathFindExtensionW
PathStripPathW
PathStripPathA
PathRemoveFileSpecW

ole32

StringFromGUID2
CoDisconnectObject
OleDuplicateData
CoTreatAsClass
StringFromCLSID
CoCreateInstance
ReleaseStgMedium
CreateBindCtx
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
CoTaskMemAlloc
CLSIDFromString
CoInitializeEx
CoTaskMemFree
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
GetRunningObjectTable
OleUninitialize
OleInitialize
OleRun
StgCreateDocfile
CreateFileMoniker
StgOpenStorage
StgIsStorageFile
OleGetClipboard
RegisterDragDrop
CoUninitialize
RevokeDragDrop
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
CLSIDFromProgID
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleSave
WriteClassStm
OleSaveToStream
CreateStreamOnHGlobal
OleLockRunning
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreate
OleLoad
StgOpenStorageOnILockBytes
GetHGlobalFromILockBytes
OleSetContainedObject
OleCreateFromFile
OleCreateLinkToFile
OleGetIconOfClass
CreateItemMoniker
CreateGenericComposite
OleQueryCreateFromData
OleQueryLinkFromData
OleIsRunning
OleSetMenuDescriptor
CoGetClassObject
GetClassFile
CoFreeUnusedLibraries
CoRegisterClassObject
CoRevokeClassObject
CoRegisterMessageFilter
CoGetMalloc
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleRegEnumVerbs
CreateOleAdviseHolder
OleRegGetMiscStatus
CreateDataAdviseHolder
OleTranslateAccelerator
IsAccelerator
CoLockObjectExternal

oleaut32

VarDateFromStr
SetErrorInfo
GetErrorInfo
OleCreateFontIndirect
OleLoadPicturePath
VariantChangeTypeEx
VarUdateFromDate
SafeArrayCreateVector
SysAllocString
VarBstrFromDate
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
CreateErrorInfo
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstanceIdA
SetupDiGetClassDevsW

hhctrl.ocx

ord15

gdiplus

GdipLoadImageFromFile
GdipDeleteGraphics
GdipAlloc
GdipGetImageHeight
GdipCreateFromHDC
GdipDrawImageRectI
GdipCloneImage
GdipFree
GdipGetImageWidth
GdipLoadImageFromFileICM
GdipDisposeImage

ws2_32

closesocket

imagehlp

ImageDirectoryEntryToData

winmm

PlaySoundW

oledlg

OleUIBusyW
OleUIUpdateLinksW
OleUIPasteSpecialW
OleUIEditLinksW
OleUIChangeIconW
OleUIConvertW
OleUIInsertObjectW
OleUIAddVerbMenuW

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 213KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 235KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE

.reloc
Size: 230KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
usbencryptor/使用说明.txt
usbencryptor/简介.txt

Sharing

General

Malware Config

Signatures

Files

19b5db55b181cf5582059355d6d978ef

Code Sign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

61:0c:12:06:00:00:00:00:00:1bCertificate

Key Usages

7c:e2:10:b0:cf:b7:e4:df:9d:17:3d:86:0f:08:16:53Certificate

Extended Key Usages

Key Usages

9a:d4:af:f3:c9:42:8f:e0:d6:26:b5:1a:96:80:01:00:cf:ed:85:50Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

version

setupapi

hhctrl.ocx

gdiplus

ws2_32

imagehlp

winmm

oledlg

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 213KB - Virtual size: 289KB

.rsrc Size: 2.2MB - Virtual size: 2.2MB

.vmp0 Size: 235KB - Virtual size: 235KB

.vmp1 Size: 1024B - Virtual size: 676B

.reloc Size: 230KB - Virtual size: 230KB

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

61:0c:12:06:00:00:00:00:00:1b
Certificate

7c:e2:10:b0:cf:b7:e4:df:9d:17:3d:86:0f:08:16:53
Certificate

9a:d4:af:f3:c9:42:8f:e0:d6:26:b5:1a:96:80:01:00:cf:ed:85:50
Signer

.text
Size: 3.1MB - Virtual size: 3.1MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 213KB - Virtual size: 289KB

.rsrc
Size: 2.2MB - Virtual size: 2.2MB

.vmp0
Size: 235KB - Virtual size: 235KB

.vmp1
Size: 1024B - Virtual size: 676B

.reloc
Size: 230KB - Virtual size: 230KB