198554ef0ec275d6002af1151462b39c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

198554ef0ec275d6002af1151462b39c_JaffaCakes118
Size

827KB
MD5

198554ef0ec275d6002af1151462b39c
SHA1

a2cee571bb17e5fc142b462909330dc0d5d30feb
SHA256

d35716e33ee9388607ee23953a43d125c8d7100c9aaec971b8dcb69492c2ea49
SHA512

3bca30578e683688459eecd54592e3c9215f5019ba6e740f83bf41e00abd26dfc0536c637a988f773fd2037a529b8f8d47321cb698e61947abb50ca7f4aeb33c
SSDEEP

24576:6YlMfqXU3RPI1Goy+gEvn5mU77rKVnUvJWTuNv+y0:6SMyXU3RI1G7Evnx7/4Upv+y0

Score

3^/10

Malware Config

Signatures

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
198554ef0ec275d6002af1151462b39c_JaffaCakes118
unpack001/MACDll.dll
unpack001/PowerISO.exe
unpack001/lame_enc.dll
unpack001/libFLAC.dll
unpack001/piso.exe

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

198554ef0ec275d6002af1151462b39c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Lang/cn_sc.lng
MACDll.dll
.dll windows:4 windows x86 arch:x86

211b6645c39271c5f09a8cb76f620589

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
FindClose
FindFirstFileW
FlushFileBuffers
SetStdHandle
WideCharToMultiByte
MultiByteToWideChar
CloseHandle
CreateFileW
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
GetFileSize
DeleteFileW
Sleep
InterlockedDecrement
InterlockedIncrement
RtlUnwind
GetCommandLineA
GetVersion
RaiseException
HeapFree
HeapAlloc
GetProcAddress
GetModuleHandleA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
HeapReAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
LoadLibraryA
GetStringTypeA
GetStringTypeW

user32

GetDlgItemTextW
MessageBoxW
EndDialog
SetDlgItemTextW
GetDlgItem
SendMessageW
DialogBoxParamW
TranslateMessage
PeekMessageW
DispatchMessageW

Exports

Exports

CompressFile
ConvertFile
DecompressFile
FillWaveFormatEx
FillWaveHeader
GetFieldTagW
GetID3Tag
GetInterfaceCompatibility
GetVersionNumber
RemoveTag
SetFieldTagW
ShowFileInfoDialog
TagFileSimple
VerifyFile
c_APECompress_AddData
c_APECompress_Create
c_APECompress_Destroy
c_APECompress_Finish
c_APECompress_GetBufferBytesAvailable
c_APECompress_Kill
c_APECompress_LockBuffer
c_APECompress_Start
c_APECompress_StartW
c_APECompress_UnlockBuffer
c_APEDecompress_Create
c_APEDecompress_CreateW
c_APEDecompress_Destroy
c_APEDecompress_GetData
c_APEDecompress_GetInfo
c_APEDecompress_Seek

Sections

.text
Size: 128KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PowerISO.exe
.exe windows:4 windows x86 arch:x86

0aa883d250a5d2fe9109cb99c6b4c78e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteKeyW

winmm

waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutClose
waveOutReset
waveOutOpen
waveOutGetDevCapsW
mixerGetDevCapsW
mixerOpen
mixerGetNumDevs
mixerClose
mixerGetLineControlsW
mixerGetLineInfoW
mixerGetControlDetailsW
mixerSetControlDetails

kernel32

HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
LCMapStringA
VirtualAlloc
IsBadWritePtr
GetCurrentDirectoryA
SetUnhandledExceptionFilter
GetStringTypeA
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetDriveTypeA
CompareStringA
GetACP
RaiseException
SetEnvironmentVariableA
GetWindowsDirectoryA
GetSystemDirectoryA
InterlockedExchange
QueryPerformanceCounter
FindResourceA
GlobalAddAtomA
GetProfileStringA
WaitForSingleObject
ExitProcess
LocalFileTimeToFileTime
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetLastError
FindClose
ReadFile
SetLastError
CloseHandle
Sleep
SetEvent
CreateThread
GetTickCount
GetLocalTime
ResumeThread
SuspendThread
LocalFree
LocalAlloc
GlobalUnlock
GlobalLock
GlobalFree
WriteFile
HeapFree
TerminateProcess
RtlUnwind
GetSystemTimeAsFileTime
HeapAlloc
GetSystemTime
GetTimeZoneInformation
SetErrorMode
GlobalSize
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
TlsAlloc
DeviceIoControl
GetFileSize
ResetEvent
GetOEMCP
FreeLibrary
SetFileTime
GlobalFlags
DeleteCriticalSection
lstrcmpiA
GetFileTime
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
lstrcmpA
GetModuleHandleA
GetCurrentThreadId
GlobalDeleteAtom
lstrlenA
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
MulDiv
GetSystemDefaultLangID
SetEndOfFile
SetThreadExecutionState
CreateEventA
GetOverlappedResult
GetCurrentThread
GetExitCodeProcess
SetFilePointer
GetCurrentProcessId
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
SetThreadPriority
GlobalHandle
LoadResource
SizeofResource
LockResource
GlobalAlloc
GetCurrentProcess
GetVersion
DefineDosDeviceW
GetLogicalDrives

user32

GetDCEx
ValidateRect
ShowOwnedPopups
PostQuitMessage
DrawFocusRect
SetParent
SetRect
IsRectEmpty
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
SetRectEmpty
TranslateMessage
DestroyCursor
SetCursorPos
DestroyMenu
EndPaint
BeginPaint
GetWindowDC
MapDialogRect
GetAsyncKeyState
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
ShowWindow
MoveWindow
IsDlgButtonChecked
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
DeferWindowPos
CopyRect
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
TrackPopupMenu
CallNextHookEx
UnhookWindowsHookEx
GetMessageTime
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
IntersectRect
IsIconic
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
DestroyWindow
IsWindowEnabled
MessageBoxA
GetWindowTextLengthA
HideCaret
GetDlgCtrlID
EnumChildWindows
DrawMenuBar
GetSystemMetrics
GetDlgItem
SetFocus
IsWindow
ReleaseCapture
SetCapture
SetMenuDefaultItem
GetCursorPos
GetMenuItemCount
IsWindowVisible
FillRect
DestroyIcon
GetDesktopWindow
LockWindowUpdate
CheckMenuRadioItem
GetSysColorBrush
GetCapture
PtInRect
GetMessagePos
UpdateWindow
OffsetRect
IsZoomed
ScreenToClient
ClientToScreen
WindowFromPoint
SetClipboardData
OpenClipboard
ShowCaret
ExcludeUpdateRgn
GetWindowTextA
DrawTextA
GetClassInfoA
DefDlgProcA
DefWindowProcA
CharNextA
SetWindowsHookExA
SendMessageA
GetClassNameA
KillTimer
SetTimer
InvalidateRect
GetParent
GetWindowRect
GetSubMenu
CheckMenuItem
EnableMenuItem
CreatePopupMenu
RemoveMenu
GetMenuItemID
BroadcastSystemMessage
GetMenu
GetCaretPos
GetClientRect
SetCursor
InflateRect
GetSysColor
RedrawWindow
ReleaseDC
GetDC
EndDeferWindowPos
BeginDeferWindowPos
EqualRect
GetFocus
EmptyClipboard
CloseClipboard
GetKeyState
CheckRadioButton

gdi32

GetClipBox
CreateRectRgnIndirect
SaveDC
RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
CreatePen
CreateSolidBrush
CreatePatternBrush
SetRectRgn
CombineRgn
StretchDIBits
LPtoDP
GetDeviceCaps
SetBkColor
SetTextColor
Escape
RectVisible
PtVisible
CreateRectRgn
CreateBitmap
DeleteDC
CreateDIBSection
GetDIBits
SetDIBits
DeleteObject
CreateCompatibleBitmap
BitBlt
GetStockObject
PatBlt
StretchBlt
SetStretchBltMode
ExtTextOutA
GetTextExtentPointA
SelectObject
CreateDIBitmap
CreateCompatibleDC

winspool.drv

ClosePrinter

advapi32

RegCloseKey
OpenProcessToken
RegQueryValueExA
RegOpenKeyExA
GetTokenInformation

shell32

DragAcceptFiles
SHGetSpecialFolderPathW
SHGetDesktopFolder
DragFinish
SHGetMalloc

comctl32

ord17
ImageList_Destroy
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_AddMasked
PropertySheetW
DestroyPropertySheetPage
ImageList_Create
CreatePropertySheetPageW

ole32

OleDuplicateData
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
RevokeDragDrop
CoTaskMemAlloc
CoRevokeClassObject
CoLockObjectExternal
RegisterDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
DoDragDrop
OleGetClipboard
CoTaskMemFree
CreateStreamOnHGlobal
ReleaseStgMedium
CoInitialize
CoRegisterMessageFilter

olepro32

ord251

Sections

.text
Size: 912KB - Virtual size: 908KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 827KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
lame_enc.dll
.dll windows:4 windows x86 arch:x86

1d5556150849be0cbc0bce1645aa0399

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OutputDebugStringA
GetModuleFileNameA
GetPrivateProfileIntA
GetCommandLineA
GetVersion
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
GetCurrentProcess
GetProcAddress
GetModuleHandleA
GetLastError
CloseHandle
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
VirtualAlloc
HeapReAlloc
SetFilePointer
RaiseException
FlushFileBuffers
ReadFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetStdHandle
CreateFileA
GetStringTypeA
GetStringTypeW
CreateFileW
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
RtlUnwind
SetEndOfFile

Exports

Exports

beCloseStream
beDeinitStream
beEncodeChunk
beEncodeChunkFloatS16NI
beFlushNoGap
beInitStream
beVersion
beWriteInfoTag
beWriteInfoTagW
beWriteVBRHeader
beWriteVBRHeaderW
id3tag_add_v2
id3tag_init
id3tag_set_album
id3tag_set_artist
id3tag_set_comment
id3tag_set_genre
id3tag_set_title
id3tag_set_track
id3tag_set_year
id3tag_v1_only
id3tag_v2_only
lame_close
lame_encode_buffer_interleaved
lame_encode_flush
lame_get_in_samplerate
lame_get_num_channels
lame_get_num_samples
lame_get_out_samplerate
lame_get_scale
lame_get_scale_left
lame_get_scale_right
lame_init
lame_init_bitstream
lame_init_params
lame_mp3_tags_fid
lame_set_bWriteVbrTag
lame_set_in_samplerate
lame_set_num_channels
lame_set_num_samples
lame_set_out_samplerate
lame_set_scale
lame_set_scale_left
lame_set_scale_right

Sections

.text
Size: 180KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libFLAC.dll
.dll windows:4 windows x86 arch:x86

3a578b1e8977c8e4eb6e3e0cb14d130d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

malloc
realloc
qsort
frexp
_ftol
fclose
_errno
ftell
fopen
fseek
fread
fwrite
free
rename
memchr
_iob
_wfopen
_setmode
strtod
strchr
strncmp
_initterm
_adjust_fdiv
calloc
strrchr
memmove
_strdup
_unlink
_stat
_utime
_chmod
_strnicmp
_fstat
_fileno

kernel32

SetUnhandledExceptionFilter
DisableThreadLibraryCalls

Exports

Exports

FLAC_API_SUPPORTS_OGG_FLAC
FLAC__ChannelAssignmentString
FLAC__ENTROPY_CODING_METHOD_PARTITIONED_RICE2_ESCAPE_PARAMETER
FLAC__ENTROPY_CODING_METHOD_PARTITIONED_RICE2_PARAMETER_LEN
FLAC__ENTROPY_CODING_METHOD_PARTITIONED_RICE_ESCAPE_PARAMETER
FLAC__ENTROPY_CODING_METHOD_PARTITIONED_RICE_ORDER_LEN
FLAC__ENTROPY_CODING_METHOD_PARTITIONED_RICE_PARAMETER_LEN
FLAC__ENTROPY_CODING_METHOD_PARTITIONED_RICE_RAW_LEN
FLAC__ENTROPY_CODING_METHOD_TYPE_LEN
FLAC__EntropyCodingMethodTypeString
FLAC__FRAME_FOOTER_CRC_LEN
FLAC__FRAME_HEADER_BITS_PER_SAMPLE_LEN
FLAC__FRAME_HEADER_BLOCKING_STRATEGY_LEN
FLAC__FRAME_HEADER_BLOCK_SIZE_LEN
FLAC__FRAME_HEADER_CHANNEL_ASSIGNMENT_LEN
FLAC__FRAME_HEADER_CRC_LEN
FLAC__FRAME_HEADER_RESERVED_LEN
FLAC__FRAME_HEADER_SAMPLE_RATE_LEN
FLAC__FRAME_HEADER_SYNC
FLAC__FRAME_HEADER_SYNC_LEN
FLAC__FRAME_HEADER_ZERO_PAD_LEN
FLAC__FrameNumberTypeString
FLAC__MetadataTypeString
FLAC__Metadata_ChainStatusString
FLAC__Metadata_SimpleIteratorStatusString
FLAC__STREAM_METADATA_APPLICATION_ID_LEN
FLAC__STREAM_METADATA_CUESHEET_INDEX_NUMBER_LEN
FLAC__STREAM_METADATA_CUESHEET_INDEX_OFFSET_LEN
FLAC__STREAM_METADATA_CUESHEET_INDEX_RESERVED_LEN
FLAC__STREAM_METADATA_CUESHEET_IS_CD_LEN
FLAC__STREAM_METADATA_CUESHEET_LEAD_IN_LEN
FLAC__STREAM_METADATA_CUESHEET_MEDIA_CATALOG_NUMBER_LEN
FLAC__STREAM_METADATA_CUESHEET_NUM_TRACKS_LEN
FLAC__STREAM_METADATA_CUESHEET_RESERVED_LEN
FLAC__STREAM_METADATA_CUESHEET_TRACK_ISRC_LEN
FLAC__STREAM_METADATA_CUESHEET_TRACK_NUMBER_LEN
FLAC__STREAM_METADATA_CUESHEET_TRACK_NUM_INDICES_LEN
FLAC__STREAM_METADATA_CUESHEET_TRACK_OFFSET_LEN
FLAC__STREAM_METADATA_CUESHEET_TRACK_PRE_EMPHASIS_LEN
FLAC__STREAM_METADATA_CUESHEET_TRACK_RESERVED_LEN
FLAC__STREAM_METADATA_CUESHEET_TRACK_TYPE_LEN
FLAC__STREAM_METADATA_IS_LAST_LEN
FLAC__STREAM_METADATA_LENGTH_LEN
FLAC__STREAM_METADATA_PICTURE_COLORS_LEN
FLAC__STREAM_METADATA_PICTURE_DATA_LENGTH_LEN
FLAC__STREAM_METADATA_PICTURE_DEPTH_LEN
FLAC__STREAM_METADATA_PICTURE_DESCRIPTION_LENGTH_LEN
FLAC__STREAM_METADATA_PICTURE_HEIGHT_LEN
FLAC__STREAM_METADATA_PICTURE_MIME_TYPE_LENGTH_LEN
FLAC__STREAM_METADATA_PICTURE_TYPE_LEN
FLAC__STREAM_METADATA_PICTURE_WIDTH_LEN
FLAC__STREAM_METADATA_SEEKPOINT_FRAME_SAMPLES_LEN
FLAC__STREAM_METADATA_SEEKPOINT_PLACEHOLDER
FLAC__STREAM_METADATA_SEEKPOINT_SAMPLE_NUMBER_LEN
FLAC__STREAM_METADATA_SEEKPOINT_STREAM_OFFSET_LEN
FLAC__STREAM_METADATA_STREAMINFO_BITS_PER_SAMPLE_LEN
FLAC__STREAM_METADATA_STREAMINFO_CHANNELS_LEN
FLAC__STREAM_METADATA_STREAMINFO_MAX_BLOCK_SIZE_LEN
FLAC__STREAM_METADATA_STREAMINFO_MAX_FRAME_SIZE_LEN
FLAC__STREAM_METADATA_STREAMINFO_MD5SUM_LEN
FLAC__STREAM_METADATA_STREAMINFO_MIN_BLOCK_SIZE_LEN
FLAC__STREAM_METADATA_STREAMINFO_MIN_FRAME_SIZE_LEN
FLAC__STREAM_METADATA_STREAMINFO_SAMPLE_RATE_LEN
FLAC__STREAM_METADATA_STREAMINFO_TOTAL_SAMPLES_LEN
FLAC__STREAM_METADATA_TYPE_LEN
FLAC__STREAM_METADATA_VORBIS_COMMENT_ENTRY_LENGTH_LEN
FLAC__STREAM_METADATA_VORBIS_COMMENT_NUM_COMMENTS_LEN
FLAC__STREAM_SYNC
FLAC__STREAM_SYNC_LEN
FLAC__STREAM_SYNC_STRING
FLAC__SUBFRAME_LPC_QLP_COEFF_PRECISION_LEN
FLAC__SUBFRAME_LPC_QLP_SHIFT_LEN
FLAC__SUBFRAME_TYPE_CONSTANT_BYTE_ALIGNED_MASK
FLAC__SUBFRAME_TYPE_FIXED_BYTE_ALIGNED_MASK
FLAC__SUBFRAME_TYPE_LEN
FLAC__SUBFRAME_TYPE_LPC_BYTE_ALIGNED_MASK
FLAC__SUBFRAME_TYPE_VERBATIM_BYTE_ALIGNED_MASK
FLAC__SUBFRAME_WASTED_BITS_FLAG_LEN
FLAC__SUBFRAME_ZERO_PAD_LEN
FLAC__StreamDecoderErrorStatusString
FLAC__StreamDecoderInitStatusString
FLAC__StreamDecoderLengthStatusString
FLAC__StreamDecoderReadStatusString
FLAC__StreamDecoderSeekStatusString
FLAC__StreamDecoderStateString
FLAC__StreamDecoderTellStatusString
FLAC__StreamDecoderWriteStatusString
FLAC__StreamEncoderInitStatusString
FLAC__StreamEncoderSeekStatusString
FLAC__StreamEncoderStateString
FLAC__StreamEncoderTellStatusString
FLAC__StreamEncoderWriteStatusString
FLAC__StreamMetadata_Picture_TypeString
FLAC__SubframeTypeString
FLAC__VENDOR_STRING
FLAC__VERSION_STRING
FLAC__format_cuesheet_is_legal
FLAC__format_picture_is_legal
FLAC__format_sample_rate_is_subset
FLAC__format_sample_rate_is_valid
FLAC__format_seektable_is_legal
FLAC__format_seektable_sort
FLAC__format_vorbiscomment_entry_is_legal
FLAC__format_vorbiscomment_entry_name_is_legal
FLAC__format_vorbiscomment_entry_value_is_legal
FLAC__metadata_chain_check_if_tempfile_needed
FLAC__metadata_chain_delete
FLAC__metadata_chain_merge_padding
FLAC__metadata_chain_new
FLAC__metadata_chain_read
FLAC__metadata_chain_read_ogg
FLAC__metadata_chain_read_ogg_with_callbacks
FLAC__metadata_chain_read_with_callbacks
FLAC__metadata_chain_sort_padding
FLAC__metadata_chain_status
FLAC__metadata_chain_write
FLAC__metadata_chain_write_with_callbacks
FLAC__metadata_chain_write_with_callbacks_and_tempfile
FLAC__metadata_get_cuesheet
FLAC__metadata_get_picture
FLAC__metadata_get_streaminfo
FLAC__metadata_get_tags
FLAC__metadata_get_tagsW
FLAC__metadata_iterator_delete
FLAC__metadata_iterator_delete_block
FLAC__metadata_iterator_get_block
FLAC__metadata_iterator_get_block_type
FLAC__metadata_iterator_init
FLAC__metadata_iterator_insert_block_after
FLAC__metadata_iterator_insert_block_before
FLAC__metadata_iterator_new
FLAC__metadata_iterator_next
FLAC__metadata_iterator_prev
FLAC__metadata_iterator_set_block
FLAC__metadata_object_application_set_data
FLAC__metadata_object_clone
FLAC__metadata_object_cuesheet_calculate_cddb_id
FLAC__metadata_object_cuesheet_delete_track
FLAC__metadata_object_cuesheet_insert_blank_track
FLAC__metadata_object_cuesheet_insert_track
FLAC__metadata_object_cuesheet_is_legal
FLAC__metadata_object_cuesheet_resize_tracks
FLAC__metadata_object_cuesheet_set_track
FLAC__metadata_object_cuesheet_track_clone
FLAC__metadata_object_cuesheet_track_delete
FLAC__metadata_object_cuesheet_track_delete_index
FLAC__metadata_object_cuesheet_track_insert_blank_index
FLAC__metadata_object_cuesheet_track_insert_index
FLAC__metadata_object_cuesheet_track_new
FLAC__metadata_object_cuesheet_track_resize_indices
FLAC__metadata_object_delete
FLAC__metadata_object_is_equal
FLAC__metadata_object_new
FLAC__metadata_object_picture_is_legal
FLAC__metadata_object_picture_set_data
FLAC__metadata_object_picture_set_description
FLAC__metadata_object_picture_set_mime_type
FLAC__metadata_object_seektable_delete_point
FLAC__metadata_object_seektable_insert_point
FLAC__metadata_object_seektable_is_legal
FLAC__metadata_object_seektable_resize_points
FLAC__metadata_object_seektable_set_point
FLAC__metadata_object_seektable_template_append_placeholders
FLAC__metadata_object_seektable_template_append_point
FLAC__metadata_object_seektable_template_append_points
FLAC__metadata_object_seektable_template_append_spaced_points
FLAC__metadata_object_seektable_template_append_spaced_points_by_samples
FLAC__metadata_object_seektable_template_sort
FLAC__metadata_object_vorbiscomment_append_comment
FLAC__metadata_object_vorbiscomment_delete_comment
FLAC__metadata_object_vorbiscomment_entry_from_name_value_pair
FLAC__metadata_object_vorbiscomment_entry_matches
FLAC__metadata_object_vorbiscomment_entry_to_name_value_pair
FLAC__metadata_object_vorbiscomment_find_entry_from
FLAC__metadata_object_vorbiscomment_insert_comment
FLAC__metadata_object_vorbiscomment_remove_entries_matching
FLAC__metadata_object_vorbiscomment_remove_entry_matching
FLAC__metadata_object_vorbiscomment_replace_comment
FLAC__metadata_object_vorbiscomment_resize_comments
FLAC__metadata_object_vorbiscomment_set_comment
FLAC__metadata_object_vorbiscomment_set_vendor_string
FLAC__metadata_simple_iterator_delete
FLAC__metadata_simple_iterator_delete_block
FLAC__metadata_simple_iterator_get_application_id
FLAC__metadata_simple_iterator_get_block
FLAC__metadata_simple_iterator_get_block_length
FLAC__metadata_simple_iterator_get_block_offset
FLAC__metadata_simple_iterator_get_block_type
FLAC__metadata_simple_iterator_init
FLAC__metadata_simple_iterator_insert_block_after
FLAC__metadata_simple_iterator_is_last
FLAC__metadata_simple_iterator_is_writable
FLAC__metadata_simple_iterator_new
FLAC__metadata_simple_iterator_next
FLAC__metadata_simple_iterator_prev
FLAC__metadata_simple_iterator_set_block
FLAC__metadata_simple_iterator_status
FLAC__stream_decoder_delete
FLAC__stream_decoder_finish
FLAC__stream_decoder_flush
FLAC__stream_decoder_get_bits_per_sample
FLAC__stream_decoder_get_blocksize
FLAC__stream_decoder_get_channel_assignment
FLAC__stream_decoder_get_channels
FLAC__stream_decoder_get_decode_position
FLAC__stream_decoder_get_md5_checking
FLAC__stream_decoder_get_resolved_state_string
FLAC__stream_decoder_get_sample_rate
FLAC__stream_decoder_get_state
FLAC__stream_decoder_get_total_samples
FLAC__stream_decoder_init_FILE
FLAC__stream_decoder_init_file
FLAC__stream_decoder_init_fileW
FLAC__stream_decoder_init_ogg_FILE
FLAC__stream_decoder_init_ogg_file
FLAC__stream_decoder_init_ogg_stream
FLAC__stream_decoder_init_stream
FLAC__stream_decoder_new
FLAC__stream_decoder_process_single
FLAC__stream_decoder_process_until_end_of_metadata
FLAC__stream_decoder_process_until_end_of_stream
FLAC__stream_decoder_reset
FLAC__stream_decoder_seek_absolute
FLAC__stream_decoder_set_md5_checking
FLAC__stream_decoder_set_metadata_ignore
FLAC__stream_decoder_set_metadata_ignore_all
FLAC__stream_decoder_set_metadata_ignore_application
FLAC__stream_decoder_set_metadata_respond
FLAC__stream_decoder_set_metadata_respond_all
FLAC__stream_decoder_set_metadata_respond_application
FLAC__stream_decoder_set_ogg_serial_number
FLAC__stream_decoder_skip_single_frame
FLAC__stream_encoder_delete
FLAC__stream_encoder_disable_constant_subframes
FLAC__stream_encoder_disable_fixed_subframes
FLAC__stream_encoder_disable_verbatim_subframes
FLAC__stream_encoder_finish
FLAC__stream_encoder_get_bits_per_sample
FLAC__stream_encoder_get_blocksize
FLAC__stream_encoder_get_channels
FLAC__stream_encoder_get_do_escape_coding
FLAC__stream_encoder_get_do_exhaustive_model_search
FLAC__stream_encoder_get_do_md5
FLAC__stream_encoder_get_do_mid_side_stereo
FLAC__stream_encoder_get_do_qlp_coeff_prec_search
FLAC__stream_encoder_get_loose_mid_side_stereo
FLAC__stream_encoder_get_max_lpc_order
FLAC__stream_encoder_get_max_residual_partition_order
FLAC__stream_encoder_get_min_residual_partition_order
FLAC__stream_encoder_get_qlp_coeff_precision
FLAC__stream_encoder_get_resolved_state_string
FLAC__stream_encoder_get_rice_parameter_search_dist
FLAC__stream_encoder_get_sample_rate
FLAC__stream_encoder_get_state
FLAC__stream_encoder_get_streamable_subset
FLAC__stream_encoder_get_total_samples_estimate
FLAC__stream_encoder_get_verify
FLAC__stream_encoder_get_verify_decoder_error_stats
FLAC__stream_encoder_get_verify_decoder_state
FLAC__stream_encoder_init_FILE
FLAC__stream_encoder_init_file
FLAC__stream_encoder_init_fileW
FLAC__stream_encoder_init_ogg_FILE
FLAC__stream_encoder_init_ogg_file
FLAC__stream_encoder_init_ogg_stream
FLAC__stream_encoder_init_stream
FLAC__stream_encoder_new
FLAC__stream_encoder_process
FLAC__stream_encoder_process_interleaved
FLAC__stream_encoder_set_apodization
FLAC__stream_encoder_set_bits_per_sample
FLAC__stream_encoder_set_blocksize
FLAC__stream_encoder_set_channels
FLAC__stream_encoder_set_compression_level
FLAC__stream_encoder_set_do_escape_coding
FLAC__stream_encoder_set_do_exhaustive_model_search
FLAC__stream_encoder_set_do_md5
FLAC__stream_encoder_set_do_mid_side_stereo
FLAC__stream_encoder_set_do_qlp_coeff_prec_search
FLAC__stream_encoder_set_loose_mid_side_stereo
FLAC__stream_encoder_set_max_lpc_order
FLAC__stream_encoder_set_max_residual_partition_order
FLAC__stream_encoder_set_metadata
FLAC__stream_encoder_set_min_residual_partition_order
FLAC__stream_encoder_set_ogg_serial_number
FLAC__stream_encoder_set_qlp_coeff_precision
FLAC__stream_encoder_set_rice_parameter_search_dist
FLAC__stream_encoder_set_sample_rate
FLAC__stream_encoder_set_streamable_subset
FLAC__stream_encoder_set_total_samples_estimate
FLAC__stream_encoder_set_verify
FLAC__treamEncoderReadStatusString

Sections

.text
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
piso.exe
.exe windows:4 windows x86 arch:x86

08c6c6afda2527b8a47741d922302b10

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcirt

?cout@@3Vostream_withassign@@A
??6ostream@@QAEAAV0@PBD@Z
?flush@@YAAAVostream@@AAV1@@Z
?cerr@@3Vostream_withassign@@A

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
_splitpath
strchr
printf
sprintf

kernel32

GetConsoleMode
GetStdHandle
CreateMutexA
CreateNamedPipeA
GetCurrentDirectoryA
CreateProcessA
ResumeThread
WaitForSingleObject
Sleep
GetExitCodeProcess
WriteFile
ConnectNamedPipe
ReadFile
TerminateThread
CreateThread
CloseHandle
SetConsoleMode

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 23KB - Virtual size: 22KB

211b6645c39271c5f09a8cb76f620589

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 128KB - Virtual size: 125KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 16KB - Virtual size: 18KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 8KB - Virtual size: 7KB

0aa883d250a5d2fe9109cb99c6b4c78e

Headers

File Characteristics

Imports

shlwapi

winmm

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

ole32

olepro32

Sections

.text Size: 912KB - Virtual size: 908KB

.rdata Size: 116KB - Virtual size: 112KB

.data Size: 144KB - Virtual size: 827KB

.rsrc Size: 244KB - Virtual size: 241KB

1d5556150849be0cbc0bce1645aa0399

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 180KB - Virtual size: 177KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 12KB - Virtual size: 210KB

.reloc Size: 12KB - Virtual size: 8KB

3a578b1e8977c8e4eb6e3e0cb14d130d

Headers

File Characteristics

Imports

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 113KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 23KB - Virtual size: 22KB

.text
Size: 128KB - Virtual size: 125KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 16KB - Virtual size: 18KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 912KB - Virtual size: 908KB

.rdata
Size: 116KB - Virtual size: 112KB

.data
Size: 144KB - Virtual size: 827KB

.rsrc
Size: 244KB - Virtual size: 241KB

.text
Size: 180KB - Virtual size: 177KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 12KB - Virtual size: 210KB

.reloc
Size: 12KB - Virtual size: 8KB

.text
Size: 116KB - Virtual size: 113KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 240B