272d6a2f66333dfc16392cf2d96e91df_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

272d6a2f66333dfc16392cf2d96e91df_JaffaCakes118
Size

2.6MB
MD5

272d6a2f66333dfc16392cf2d96e91df
SHA1

36363c73b3fcee58d8150092596879eb1569e9a4
SHA256

1c5a3f6269173bb44d5a3631c21576d7d8aa3de3fae5fd21923cd5c4edd018ec
SHA512

e00af820ab2904f46d06de56864642ad5d18a62ae2b1b7b2b15163fdbbd1baa53143a48eceef9253ca7bc48eaa580311ba9d94172394429167d353cff868b14a
SSDEEP

49152:PRSWsPTxQXcqBxX2zwePx+IH0umZ3wPh7A3WQSKXiqqAWOUQTOcgBz:PkWWMZewePoIHV9IVXnnTW

Score

3^/10

Malware Config

Signatures

Unsigned PE 9 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PackageTmp/Scripts/install_lodop.exe
unpack001/PackageTmp/bin/AjaxControlToolkit.dll
unpack001/PackageTmp/bin/OA.BLL.dll
unpack001/PackageTmp/bin/OA.Common.dll
unpack001/PackageTmp/bin/OA.Config.dll
unpack001/PackageTmp/bin/OA.Data.dll
unpack001/PackageTmp/bin/OA.Users.dll
unpack001/PackageTmp/bin/TTCLXT.Web.dll
unpack001/PackageTmp/bin/YYControls.dll

Files

272d6a2f66333dfc16392cf2d96e91df_JaffaCakes118
.rar
PackageTmp/App_Themes/Default/Common.css
PackageTmp/App_Themes/Default/SmartGridView.css
PackageTmp/App_Themes/Default/SmartGridView.skin
PackageTmp/App_Themes/Default/bg_input_btn_hover.png
.png
PackageTmp/App_Themes/Default/button_bg.gif
.gif
PackageTmp/App_Themes/Default/list_hd_bg.png
.png
PackageTmp/App_Themes/Default/skin.gif
.gif
PackageTmp/Config/Default.config
PackageTmp/Config/Instore.config
PackageTmp/Config/Inventory.config
PackageTmp/Config/System.config
PackageTmp/Config/SystemSteup.config
PackageTmp/Config/UserInstore.config
PackageTmp/Data/Common/Ascx/Dept_Add.ascx
PackageTmp/Data/Common/Ascx/Dept_Main.ascx
PackageTmp/Data/Common/Ascx/Dept_Modi.ascx
PackageTmp/Data/Common/Ascx/Dept_Move.ascx
PackageTmp/Data/Common/Ascx/Role_Add.ascx
PackageTmp/Data/Common/Ascx/Role_Main.ascx
.js
PackageTmp/Data/Common/Ascx/Role_Modi.ascx
PackageTmp/Data/Common/Ascx/Role_Show.ascx
PackageTmp/Data/Common/Ascx/Role_Step.ascx
.js
PackageTmp/Data/Common/Ascx/User_Add.ascx
PackageTmp/Data/Common/Ascx/User_List.ascx
.js
PackageTmp/Data/Common/Ascx/User_Main.ascx
PackageTmp/Data/Common/Ascx/User_Modi.ascx
PackageTmp/Data/Common/CountManager.aspx
.asp
PackageTmp/Data/Common/DeptLeft.aspx
.asp
PackageTmp/Data/Common/DeptManager.aspx
.js
PackageTmp/Data/Common/DeptRight.aspx
.asp
PackageTmp/Data/Common/Dlg_SelectUser.aspx
.asp .js polyglot
PackageTmp/Data/Common/RoleManager.aspx
.asp
PackageTmp/Data/Common/SysLogManager.aspx
.asp .js polyglot
PackageTmp/Data/Common/UserLeft.aspx
.asp
PackageTmp/Data/Common/UserManager.aspx
.js
PackageTmp/Data/Common/UserRight.aspx
.asp
PackageTmp/Data/Common/ajax/GetUserList.aspx
PackageTmp/Data/Common/css/Style.css
PackageTmp/Data/Common/css/bg_input_btn_hover.png
.png
PackageTmp/Data/Common/css/button_bg.gif
.gif
PackageTmp/Data/Common/css/list_hd_bg.png
.png
PackageTmp/Data/Default.aspx
.asp .js polyglot
PackageTmp/Data/Desktop.aspx
.asp
PackageTmp/Data/Inventory/Ascx/Instore_Add.ascx
.js
PackageTmp/Data/Inventory/Ascx/Instore_List.ascx
.js
PackageTmp/Data/Inventory/Ascx/Instore_Show.ascx
PackageTmp/Data/Inventory/Ascx/Mtlbegin_Add.ascx
.js
PackageTmp/Data/Inventory/Ascx/Mtlbegin_List.ascx
.js
PackageTmp/Data/Inventory/Ascx/Mtlbegin_Show.ascx
PackageTmp/Data/Inventory/Ascx/Outstore_Add.ascx
.js
PackageTmp/Data/Inventory/Ascx/Outstore_List.ascx
.js
PackageTmp/Data/Inventory/Ascx/Outstore_show.ascx
PackageTmp/Data/Inventory/Ascx/Userstore_add.ascx
.js
PackageTmp/Data/Inventory/Ascx/Userstore_list.ascx
.js
PackageTmp/Data/Inventory/Ascx/Userstore_show.ascx
PackageTmp/Data/Inventory/Ascx/acceptSteup_Add.ascx
.js
PackageTmp/Data/Inventory/Ascx/acceptSteup_List.ascx
.js
PackageTmp/Data/Inventory/Ascx/acceptSteup_Show.ascx
PackageTmp/Data/Inventory/INSTOREManager.aspx
.asp
PackageTmp/Data/Inventory/MTLBEGINManager.aspx
.asp
PackageTmp/Data/Inventory/OUTSTOREManager.aspx
.asp
PackageTmp/Data/Inventory/USERSTOREManager.aspx
.asp
PackageTmp/Data/Inventory/acceptSteup.aspx
.asp
PackageTmp/Data/Inventory/getCheck.aspx
.asp
PackageTmp/Data/Inventory/getINSTOREDETAIL.aspx
.asp
PackageTmp/Data/Inventory/getInstore.aspx
.asp
PackageTmp/Data/Inventory/getOrder.aspx
.asp
PackageTmp/Data/Order/Ascx/Order_Add.ascx
.js
PackageTmp/Data/Order/Ascx/Order_List.ascx
.js
PackageTmp/Data/Order/Ascx/Order_Show.ascx
PackageTmp/Data/Order/OrderManager.aspx
.asp
PackageTmp/Data/Order/getCompany.aspx
.asp
PackageTmp/Data/Order/getDept.aspx
.asp
PackageTmp/Data/Order/getItem.aspx
.asp
PackageTmp/Data/Order/getMaterial.aspx
.asp
PackageTmp/Data/about.htm
PackageTmp/Data/globrand/Ascx/chaxun_inventory.ascx
.js
PackageTmp/Data/globrand/chaxun.aspx
.asp
PackageTmp/Data/images/01.gif
.gif
PackageTmp/Data/images/02.gif
.gif
PackageTmp/Data/images/03.gif
.gif
PackageTmp/Data/images/Banner.gif
.gif
PackageTmp/Data/images/Banner.jpg
.jpg
PackageTmp/Data/images/Error.png
.png
PackageTmp/Data/images/IconAlarm32.gif
.gif
PackageTmp/Data/images/IconUpdatesGray32.gif
.gif
PackageTmp/Data/images/LOGO.gif
.gif
PackageTmp/Data/images/LOGO1.gif
.gif
PackageTmp/Data/images/LOGO2.gif
.gif
PackageTmp/Data/images/ProgressSmall.gif
.gif
PackageTmp/Data/images/about.png
.png
PackageTmp/Data/images/add.gif
.gif
PackageTmp/Data/images/admin_left_1.gif
.gif
PackageTmp/Data/images/admin_left_2.gif
.gif
PackageTmp/Data/images/admin_left_3.gif
.gif
PackageTmp/Data/images/admin_left_4.gif
.gif
PackageTmp/Data/images/admin_left_5.gif
.gif
PackageTmp/Data/images/admin_left_6.gif
.gif
PackageTmp/Data/images/admin_left_7.gif
.gif
PackageTmp/Data/images/admin_left_8.gif
.gif
PackageTmp/Data/images/admin_left_9.gif
.gif
PackageTmp/Data/images/avi.gif
.gif
PackageTmp/Data/images/big.gif
.gif
PackageTmp/Data/images/bm.gif
.gif
PackageTmp/Data/images/bs.gif
.gif
PackageTmp/Data/images/close.gif
.gif
PackageTmp/Data/images/css.css
PackageTmp/Data/images/cz.gif
.gif
PackageTmp/Data/images/del.gif
PackageTmp/Data/images/delete.gif
.gif
PackageTmp/Data/images/dom_11.gif
.gif
PackageTmp/Data/images/edit.gif
.gif
PackageTmp/Data/images/enter.gif
.gif
PackageTmp/Data/images/exit.gif
.gif
PackageTmp/Data/images/flv.gif
.gif
PackageTmp/Data/images/folder.gif
.gif
PackageTmp/Data/images/folderOpen.gif
.gif
PackageTmp/Data/images/gif.gif
.gif
PackageTmp/Data/images/help.png
.png
PackageTmp/Data/images/home.png
.png
PackageTmp/Data/images/huikui.gif
.gif
PackageTmp/Data/images/huikui2.gif
.gif
PackageTmp/Data/images/jpg.gif
.gif
PackageTmp/Data/images/log.gif
.gif
PackageTmp/Data/images/loginkey.gif
.gif
PackageTmp/Data/images/loginman.gif
.gif
PackageTmp/Data/images/logintitle.gif
.gif
PackageTmp/Data/images/menudown.gif
.gif
PackageTmp/Data/images/menuup.gif
.gif
PackageTmp/Data/images/mlsign2.gif
.gif
PackageTmp/Data/images/new_folder.gif
.gif
PackageTmp/Data/images/news.gif
PackageTmp/Data/images/pie_chart.gif
.gif
PackageTmp/Data/images/reply.gif
PackageTmp/Data/images/rmvb.gif
.gif
PackageTmp/Data/images/save.gif
.gif
PackageTmp/Data/images/savecon.gif
.gif
PackageTmp/Data/images/saveexi.gif
.gif
PackageTmp/Data/images/scroll.gif
.gif
PackageTmp/Data/images/secpolicy.gif
.gif
PackageTmp/Data/images/set.gif
.gif
PackageTmp/Data/images/shutdown.png
.png
PackageTmp/Data/images/shutdown1.png
.png
PackageTmp/Data/images/small.gif
.gif
PackageTmp/Data/images/style.css
PackageTmp/Data/images/swf.gif
.gif
PackageTmp/Data/images/tab_bg.gif
.gif
PackageTmp/Data/images/tab_left.gif
.gif
PackageTmp/Data/images/tab_right.gif
.gif
PackageTmp/Data/images/telecom.gif
.gif
PackageTmp/Data/images/title.gif
.gif
PackageTmp/Data/images/title_bg_quit.gif
.gif
PackageTmp/Data/images/top-bg.gif
.gif
PackageTmp/Data/images/up.gif
.gif
PackageTmp/Data/images/upcancel.gif
.gif
PackageTmp/Data/images/wmv.gif
.gif
PackageTmp/Data/js/FunctionForMenu.js
PackageTmp/Data/js/GetDate.js
.js
PackageTmp/Data/js/d.js
.js
PackageTmp/Data/loging.htm
.js
PackageTmp/Data/steup/Ascx/Company_Add.ascx
PackageTmp/Data/steup/Ascx/Company_Modi.ascx
PackageTmp/Data/steup/Ascx/Company_Show.ascx
PackageTmp/Data/steup/Ascx/Company_list.ascx
.js
PackageTmp/Data/steup/Ascx/Mtltype_Add.ascx
PackageTmp/Data/steup/Ascx/Mtltype_Modi.ascx
PackageTmp/Data/steup/Ascx/Mtltype_list.ascx
PackageTmp/Data/steup/COMPANYManager.aspx
.asp
PackageTmp/Data/steup/ITEMmanager.aspx
.asp
PackageTmp/Data/steup/JDKManager.aspx
.asp
PackageTmp/Data/steup/MATERIALManager.aspx
.asp .js polyglot
PackageTmp/Data/steup/MTLTYPEManager.aspx
.asp
PackageTmp/Data/steup/UNITManager.aspx
.asp
PackageTmp/Default.aspx
.asp .js polyglot
PackageTmp/GetCode.aspx
PackageTmp/Logout.aspx
PackageTmp/Scripts/LodopFuncs.js
.js
PackageTmp/Scripts/install_lodop.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 408KB - Virtual size: 407KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PackageTmp/Scripts/jQuery.textSlider.js
.js
PackageTmp/Scripts/jquery-1.3.2.js
.js
PackageTmp/Scripts/jquery-1.4.1-vsdoc.js
.js
PackageTmp/Scripts/jquery-1.4.1.js
.js
PackageTmp/Scripts/jquery-1.4.1.min.js
.js
PackageTmp/Scripts/jquery-ui-1.7.2.custom.js
.js
PackageTmp/Scripts/jquery.uploadify.v2.1.0.min.js
.js
PackageTmp/TTWZCLXT_db_201102280200.BAK
PackageTmp/Web.config
PackageTmp/bin/AjaxControlToolkit.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\E\AjaxControlToolkit_AjaxTk\Orcas\AjaxControlToolkit\obj\Release\AjaxControlToolkit.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PackageTmp/bin/OA.BLL.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\dotNET项目\铁通物资管理系统\OA.BLL\obj\Debug\OA.BLL.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PackageTmp/bin/OA.BLL.pdb
PackageTmp/bin/OA.Common.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\dotNET项目\铁通物资管理系统\OA.Common\obj\Debug\OA.Common.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PackageTmp/bin/OA.Common.pdb
PackageTmp/bin/OA.Config.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\dotNET项目\铁通物资管理系统\OA.Config\obj\Debug\OA.Config.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PackageTmp/bin/OA.Config.pdb
PackageTmp/bin/OA.Data.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\dotNET项目\铁通物资管理系统\OA.Data\obj\Debug\OA.Data.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PackageTmp/bin/OA.Data.pdb
PackageTmp/bin/OA.Users.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\dotNET项目\铁通物资管理系统\OA.Users\obj\Debug\OA.Users.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PackageTmp/bin/OA.Users.pdb
PackageTmp/bin/TTCLXT.Web.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\dotNET项目\铁通物资管理系统\TTCLXT.Web\obj\Debug\TTCLXT.Web.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PackageTmp/bin/TTCLXT.Web.pdb
PackageTmp/bin/YYControls.XML
.xml
PackageTmp/bin/YYControls.dll
.dll .js windows:4 windows x86 arch:x86 polyglot

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\YYControls\YYControls\obj\Debug\YYControls.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PackageTmp/bin/YYControls.pdb
PackageTmp/images/01.jpg
.jpg
PackageTmp/images/02.jpg
.jpg
PackageTmp/images/Logo.gif
.gif
PackageTmp/images/ProgressSmall.gif
.gif
PackageTmp/images/scroll.gif
.gif
PackageTmp/images/users/bg_01.gif
.gif
PackageTmp/images/users/node_dept.gif
.gif
PackageTmp/images/users/node_user.gif
.gif
PackageTmp/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 408KB - Virtual size: 407KB

DATA Size: 7KB - Virtual size: 6KB

BSS Size: - Virtual size: 2KB

.idata Size: 8KB - Virtual size: 8KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 24KB - Virtual size: 24KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 41KB - Virtual size: 40KB

.rsrc Size: 1024B - Virtual size: 760B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 16KB - Virtual size: 15KB

.rsrc Size: 1024B - Virtual size: 776B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 9KB - Virtual size: 9KB

.rsrc Size: 1024B - Virtual size: 776B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 10KB - Virtual size: 10KB

.rsrc Size: 1024B - Virtual size: 760B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 37KB - Virtual size: 37KB

CODE
Size: 408KB - Virtual size: 407KB

DATA
Size: 7KB - Virtual size: 6KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 8KB - Virtual size: 8KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 24KB - Virtual size: 24KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 41KB - Virtual size: 40KB

.rsrc
Size: 1024B - Virtual size: 760B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 1024B - Virtual size: 776B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 1024B - Virtual size: 776B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 1024B - Virtual size: 760B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 37KB - Virtual size: 37KB

.rsrc
Size: 1024B - Virtual size: 776B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 120KB - Virtual size: 120KB

.rsrc
Size: 1024B - Virtual size: 792B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 172KB - Virtual size: 171KB

.rsrc
Size: 4KB - Virtual size: 1024B

.reloc
Size: 4KB - Virtual size: 12B