2efd1d8b0759aab1322546c2db1fa4e4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2efd1d8b0759aab1322546c2db1fa4e4_JaffaCakes118
Size

812KB
MD5

2efd1d8b0759aab1322546c2db1fa4e4
SHA1

e3d513ddad52b7658620e48a29689c235b2c1e9e
SHA256

9852c2f6ab99983f1dd303ba3fe664a0f41c50740fd3a2a4e211e6d4a249cb57
SHA512

b1c68630cde4aa119d880f56b14f4c29d4b17be45e42b17175f39c122cfcd910218a5af3b87e788f0b1d6d41cd93b82c213305784a81820fc4d17f543345ae59
SSDEEP

12288:QGEWz96qkM1xZwCwqUvGX8ZUWtU0VWPx7lndCkjO6b3SpC+FSB2d/+C:QC6qkkxeCH07H1VGVdd7WnFSB2o

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
sample	vmprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2efd1d8b0759aab1322546c2db1fa4e4_JaffaCakes118

Files

2efd1d8b0759aab1322546c2db1fa4e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a0576aed76a3bca3468f5e4b86f9839

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetBkMode
AddFontResourceA
CreateFontIndirectA
EnumMetaFile
WidenPath
GetEnhMetaFileW
GetWindowOrgEx
PathToRegion
CreateRectRgn
CreateRectRgnIndirect
Polygon
ResetDCW
GetDIBColorTable
StretchBlt
GetEnhMetaFileHeader
CreateBitmap
OffsetViewportOrgEx
SelectPalette
SetPaletteEntries
SwapBuffers
CopyMetaFileA
GetObjectType
GetGlyphOutlineW
CloseEnhMetaFile
SetWinMetaFileBits
SetWorldTransform
GetColorAdjustment
Chord
GetCharWidthFloatA
DeleteEnhMetaFile
CreateFontIndirectW
GdiComment
RectInRegion
PlayMetaFile
ExtEscape
PolyBezier
CreateBitmapIndirect
BeginPath
DeleteDC
CopyEnhMetaFileA
GetRgnBox
SetTextAlign
GetTextExtentExPointA
GetBitmapBits
SetViewportExtEx
SetBkMode
ExcludeClipRect
SetPixelV
CreateDIBitmap
SetWindowOrgEx
PaintRgn
TextOutW
Pie
GetTextCharsetInfo
SetEnhMetaFileBits
GetPixelFormat
GetMetaFileBitsEx
AbortDoc
SetPolyFillMode
GetNearestColor
GetTextExtentExPointW
CreateMetaFileW
GetCharacterPlacementW
PtVisible
CloseMetaFile
SetRectRgn
GetBrushOrgEx
GetEnhMetaFileA
GetEnhMetaFilePaletteEntries
CreateDIBSection
GetCurrentObject
EnumObjects
GetMiterLimit
PolyBezierTo
PlgBlt
LineDDA
PlayMetaFileRecord
FlattenPath
GetBoundsRect
GetLayout
CreateHatchBrush
GetCharABCWidthsFloatW
GetTextExtentPoint32W
ResetDCA
GetGlyphOutlineA
GetNearestPaletteIndex
CreateRoundRectRgn
GetTextExtentPointA
SetMiterLimit
SetDIBitsToDevice
RealizePalette
SetBitmapDimensionEx
EnumFontFamiliesW
Arc
SetDIBits
FillPath
GetAspectRatioFilterEx
Rectangle
ExtFloodFill
GetCharWidthW
StartPage
ScaleViewportExtEx
StrokePath
LPtoDP
CreateMetaFileA
SetROP2
OffsetWindowOrgEx
StartDocA
CreateEllipticRgnIndirect
SetLayout
GetSystemPaletteEntries
SelectClipPath
GetTextFaceW
GetPaletteEntries
CreateCompatibleDC
SetTextJustification
TextOutA
CreateBrushIndirect
StartDocW
GetEnhMetaFileBits
CreatePatternBrush
CreateDIBPatternBrushPt
SetBrushOrgEx
GetWindowExtEx
InvertRgn
SaveDC
PatBlt
GetKerningPairsA
GdiFlush
GetClipBox
GetDIBits
ExtTextOutW
GetPixel
EnumFontFamiliesExW
GetTextMetricsA
ScaleWindowExtEx
RestoreDC
CloseFigure
UnrealizeObject
EndPage
SetMapMode
GetRegionData
GetViewportOrgEx
GetCharWidthA
Polyline
PlayEnhMetaFile
CreatePenIndirect
PolyPolyline
CreatePolyPolygonRgn
SetICMProfileA
OffsetRgn
Ellipse
GetTextCharset
ModifyWorldTransform
CreateFontA
EnumEnhMetaFile
GetObjectW
GetOutlineTextMetricsA
StrokeAndFillPath
GetBitmapDimensionEx
SetWindowExtEx
PolylineTo
ChoosePixelFormat
GetTextColor
PtInRegion
CreatePalette
GetGraphicsMode
GetPolyFillMode
ExtCreateRegion
DeleteMetaFile
LineTo
CreatePen
PolyDraw
GetCurrentPositionEx
SetMapperFlags
DescribePixelFormat
TranslateCharsetInfo
EndDoc
GetMetaRgn
GetDeviceCaps
GetMetaFileA
RectVisible
SetDIBColorTable
SetPixelFormat
EqualRgn
GetCharABCWidthsFloatA
GetTextMetricsW
CreateCompatibleBitmap
ExtTextOutA
SetTextCharacterExtra
CreateDCW
ResizePalette
GetArcDirection
FrameRgn
GetTextExtentPoint32A
CopyEnhMetaFileW
GetStretchBltMode
SetViewportOrgEx
ExtCreatePen
SelectClipRgn
SetArcDirection
PlayEnhMetaFileRecord
SetBitmapBits
GetCharABCWidthsW
DPtoLP
SetBoundsRect
OffsetClipRgn
ExtSelectClipRgn
SetColorAdjustment
CopyMetaFileW
SetTextColor
GetClipRgn
SetStretchBltMode
CreateEnhMetaFileW
GetROP2
MaskBlt
MoveToEx
DeleteObject
CreateDiscardableBitmap
SetDCBrushColor
SetPixel
GetTextExtentPointW
CreateEllipticRgn
FillRgn
CreateEnhMetaFileA
SetGraphicsMode
Escape
ArcTo
EnumFontsW
EnumFontFamiliesExA
CreateDCA
CreatePolygonRgn
GetWinMetaFileBits
SetDCPenColor
GetCharWidth32W
GetTextCharacterExtra
GetFontLanguageInfo
GetBkColor
SelectObject
GetViewportExtEx
AngleArc
AnimatePalette
IntersectClipRect
CreateICW
CreateSolidBrush
GetCharWidth32A
StretchDIBits
GetMapMode
PolyPolygon
AbortPath
BitBlt
UpdateColors
GetObjectA
GetStockObject
DrawEscape
SetICMMode
CreateFontW
RemoveFontResourceA
GetTextAlign
GetTextFaceA
GetCharABCWidthsA
FloodFill
SetAbortProc
SetBkColor
GetPath
SetMetaFileBitsEx
RoundRect
CreateHalftonePalette
CombineRgn
GetFontData
CreateICA
EnumFontFamiliesA
GetDCOrgEx
EnumFontsA
EndPath

kernel32

SetConsoleCtrlHandler
_lclose
VirtualUnlock
BackupWrite
ReleaseMutex
SetEvent
GetDiskFreeSpaceExW
QueryPerformanceFrequency
WriteFile
SearchPathW
CreateWaitableTimerW
MapViewOfFileEx
FormatMessageW
CreateDirectoryExA
GlobalLock
IsBadStringPtrW
OpenEventW
EnumResourceLanguagesW
LCMapStringA
FlushViewOfFile
GlobalAddAtomA
Beep
lstrcpyW
GetProcAddress
UnhandledExceptionFilter
Module32FirstW
FindAtomW
LockFileEx
Process32Next
DisableThreadLibraryCalls
GetSystemInfo
AllocConsole
SleepEx
GetThreadTimes
LockResource
WaitForSingleObject
SetFileAttributesA
GetNumberFormatW
GetConsoleOutputCP
SetTapePosition
GetSystemDefaultLangID
_lcreat
Toolhelp32ReadProcessMemory
GetQueuedCompletionStatus
WriteConsoleA
GetProcessWorkingSetSize
EnterCriticalSection
WaitForMultipleObjects
GetStringTypeW
CopyFileW
MoveFileExW
GetTempPathA
GetTapeParameters
FlushFileBuffers
CommConfigDialogW
DeleteFileA
FindCloseChangeNotification
GetFileType
LoadResource
WritePrivateProfileStructW
SetProcessShutdownParameters
RemoveDirectoryW
OpenSemaphoreW
GlobalFindAtomA
Module32First
OpenEventA
GetThreadLocale
HeapDestroy
EnumLanguageGroupLocalesW
GetCurrentThread
IsValidLocale
VirtualQueryEx
IsValidCodePage
Heap32ListNext
FreeLibrary
GetMailslotInfo
GetVolumePathNameA
GetEnvironmentStrings
_llseek
BeginUpdateResourceW
WriteConsoleW
ConvertDefaultLocale
EscapeCommFunction
IsDBCSLeadByte
OpenFileMappingA
EnumResourceNamesW
VirtualAllocEx
GetPrivateProfileSectionNamesA
CreateSemaphoreA
TerminateProcess
EnumCalendarInfoExW
GetCurrentDirectoryA
CreateFileA
InitializeCriticalSection
IsDBCSLeadByteEx
AddAtomW
GetModuleHandleA
GetOverlappedResult
VerLanguageNameA
SetMailslotInfo
MultiByteToWideChar
GetDiskFreeSpaceA
GetLastError
GlobalHandle
FindNextFileW
WaitForDebugEvent
GlobalAlloc
GetProcessVersion
IsBadCodePtr
GlobalMemoryStatus
GetStringTypeA
QueueUserWorkItem
GetComputerNameExW
GetSystemWindowsDirectoryA
SetConsoleMode
GetTimeFormatW
GetTickCount
EnumSystemLanguageGroupsW
GetSystemDirectoryA
RaiseException
lstrcmpiW
ExitProcess
GetVolumeInformationA
LocalUnlock
SetCommMask
Process32First
BeginUpdateResourceA
GetCommConfig
CompareStringA
DeleteCriticalSection
FindFirstFileExW
GetCPInfo
CopyFileExW
LocalHandle
TryEnterCriticalSection
GetFullPathNameW
SetCurrentDirectoryA
lstrcmpA
GlobalSize
OutputDebugStringW
SetComputerNameW
IsDebuggerPresent
CompareStringW
CreateWaitableTimerA
WinExec
GetThreadContext
GlobalGetAtomNameW
GlobalReAlloc
WaitNamedPipeA
VerSetConditionMask
OpenSemaphoreA
FileTimeToDosDateTime
GlobalFindAtomW
GetProfileIntW
DeleteVolumeMountPointW
WaitCommEvent
SetThreadContext
SwitchToThread
GetStartupInfoW
QueryDosDeviceA
BackupRead
IsBadStringPtrA
LockFile
CreateProcessA
CopyFileA
MoveFileW
DefineDosDeviceA
FreeConsole
_hread
FindResourceA
EndUpdateResourceW
SetSystemTime
FileTimeToLocalFileTime
SystemTimeToFileTime
GetVolumeInformationW
SetLocalTime
TlsAlloc
SetStdHandle
MapViewOfFile
_hwrite
FileTimeToSystemTime
DeviceIoControl
EnumSystemLocalesA
SetCommTimeouts
OpenMutexW
QueryDosDeviceW
InterlockedExchange
GlobalUnlock
GetDriveTypeA
GetSystemDirectoryW
GetCurrencyFormatA
ReadConsoleInputA
DeleteFileW
CreateIoCompletionPort
GetCompressedFileSizeW
GetEnvironmentVariableA
GetWindowsDirectoryA
DebugBreak
FindClose
GetPrivateProfileStringW
EnumResourceNamesA
InterlockedDecrement
HeapCompact
GetSystemTimeAsFileTime
SetWaitableTimer
UpdateResourceW
SetUnhandledExceptionFilter
ReadDirectoryChangesW
GetProcessHeaps
GlobalFree
FindResourceExW
AreFileApisANSI
ContinueDebugEvent
FlushInstructionCache
SystemTimeToTzSpecificLocalTime
GetFileTime
FindFirstChangeNotificationA
SetCommConfig
GetTempPathW
VerifyVersionInfoA
SetConsoleTitleW
GetProfileStringW
WideCharToMultiByte
_lopen
GetTimeFormatA
UnmapViewOfFile
GetCommTimeouts
CreateFileMappingW
HeapCreate
SuspendThread
FlushConsoleInputBuffer
GetLocalTime
InterlockedExchangeAdd
GetCommProperties
ExitThread
LocalLock
WritePrivateProfileStringW
GetBinaryTypeA
SetProcessAffinityMask
MulDiv
GetSystemPowerStatus
DeleteFiber
CreateNamedPipeA
Thread32Next
SetEnvironmentVariableW
GetTempFileNameA
LoadLibraryW
CreateDirectoryA
OpenThread
MoveFileExA
LoadLibraryA
FreeEnvironmentStringsW
LocalSize
GetCurrentDirectoryW
SetErrorMode
GetComputerNameExA
QueueUserAPC
CloseHandle
HeapValidate
SizeofResource
GetProfileIntA
HeapSize
GetFileSize
GetStringTypeExA
GetComputerNameW
GetFileAttributesW
TlsSetValue
PulseEvent
GetFullPathNameA
GetPrivateProfileStringA
SetupComm
CreateMutexW
GetExitCodeThread
GetSystemTime
lstrcpynA
lstrcatA
TlsFree
SetEnvironmentVariableA
OpenProcess
GetStringTypeExW
SetVolumeLabelW
LocalFree
ExpandEnvironmentStringsW
SetTimeZoneInformation
CancelIo
GetHandleInformation
ClearCommError
Process32NextW
FindNextFileA
CreateThread
_lread
GetCommState
GetCommandLineA
Heap32ListFirst
ProcessIdToSessionId
FormatMessageA
EnumResourceLanguagesA
IsBadWritePtr
DebugActiveProcess
TerminateThread
LocalReAlloc
CreateMailslotA
GetStdHandle
GetLocaleInfoW
IsBadReadPtr
VirtualProtect
CopyFileExA
lstrcpyA
GetNumberFormatA
GetModuleHandleW
UnlockFile
GetConsoleCP
LCMapStringW
GetStartupInfoA
CreateToolhelp32Snapshot
GetProcessAffinityMask
GetLogicalDrives
LocalFileTimeToFileTime
LoadLibraryExA
GetACP
SetThreadLocale
LeaveCriticalSection
WritePrivateProfileStringA
ConvertThreadToFiber
GetShortPathNameW
QueryPerformanceCounter
CreatePipe
GetCPInfoExA
Heap32First
RtlUnwind
ResumeThread
GetDiskFreeSpaceW
GetComputerNameA
GetPrivateProfileIntA
FindFirstChangeNotificationW
HeapReAlloc
WriteFileEx
Heap32Next
DeleteAtom
FindFirstVolumeW
CreateEventA
PeekNamedPipe
UnlockFileEx
WriteConsoleOutputW
GetProfileSectionA
CreateFileW
CreateFiber
WriteProfileStringW
GetFileAttributesExW
WriteProfileStringA
CreateProcessW
EnumCalendarInfoA
DeleteVolumeMountPointA
SetEndOfFile
OpenFileMappingW
SetFileTime
PurgeComm
DisconnectNamedPipe
GetVersion
FindVolumeClose
GetDateFormatA
GetVersionExA
SetVolumeMountPointA
FreeResource
OpenMutexA
GetCommandLineW
GetModuleFileNameA
ReleaseSemaphore
GetFileAttributesExA
lstrcpynW
WritePrivateProfileSectionA
GetProfileStringA
VerifyVersionInfoW
VirtualQuery
HeapAlloc
GetAtomNameA
GetTempFileNameW
FindFirstFileW
SetNamedPipeHandleState
GetFileInformationByHandle
GetWindowsDirectoryW
Thread32First
GetUserDefaultLangID
OpenFile
VirtualLock
GetVersionExW
GetVolumePathNameW
FindNextVolumeW
GetDiskFreeSpaceExA
GetLongPathNameA
GlobalFlags
WaitForMultipleObjectsEx
LocalAlloc
GetEnvironmentVariableW
FindNextChangeNotification
VirtualFree
SetFilePointerEx
UpdateResourceA
lstrcmpiA
ReadFile
InterlockedCompareExchange
EnumCalendarInfoW
InterlockedIncrement
GlobalMemoryStatusEx
SwitchToFiber
SetVolumeLabelA
GetModuleFileNameW
GetFileAttributesA
IsProcessorFeaturePresent
GetCommModemStatus
SetThreadAffinityMask
GetVolumeNameForVolumeMountPointA
TlsGetValue
FindResourceExA
GetShortPathNameA
GlobalDeleteAtom
MoveFileA
FindResourceW
GetConsoleMode
GetCurrentProcess
SetHandleCount
LocalCompact
GetFileSizeEx
WriteProcessMemory
GetTimeZoneInformation
SetCurrentDirectoryW
SetHandleInformation
CreateSemaphoreW
HeapFree
GetCurrentProcessId
CreateFileMappingA
VirtualAlloc
lstrcatW
CompareFileTime
GetPrivateProfileSectionA
SetConsoleCursorPosition
GetLogicalDriveStringsA
InitializeCriticalSectionAndSpinCount
LoadLibraryExW
GetExitCodeProcess
GetSystemTimeAdjustment
WaitForSingleObjectEx
OutputDebugStringA
GetProcessTimes
SetProcessWorkingSetSize
Process32FirstW
SetThreadExecutionState
WritePrivateProfileStructA
lstrlenA
GetCurrentThreadId
GetDriveTypeW
CreateMutexA
FindFirstFileA
GetOEMCP
VirtualProtectEx
SetLastError
GetPrivateProfileIntW
SetFilePointer
DuplicateHandle
ResetEvent
GetVolumeNameForVolumeMountPointW
ExpandEnvironmentStringsA
SetPriorityClass
SetThreadPriority
SetCommBreak
GetEnvironmentStringsW
ReadProcessMemory
RtlFillMemory
GetCommMask
_lwrite
Module32NextW
GlobalGetAtomNameA
EnumUILanguagesW
GlobalAddAtomW
SearchPathA
GetLogicalDriveStringsW
CreateNamedPipeW
BuildCommDCBA
WaitNamedPipeW
Sleep
GetPrivateProfileStructA
GetConsoleScreenBufferInfo
PostQueuedCompletionStatus
GetDateFormatW
GetLongPathNameW
SetCommState
GetUserDefaultUILanguage
EndUpdateResourceA
GetSystemDefaultLCID
CreateDirectoryW
TransmitCommChar
DosDateTimeToFileTime
RemoveDirectoryA
WritePrivateProfileSectionW
GetLocaleInfoA
FreeEnvironmentStringsA
ClearCommBreak
FatalAppExitA
GetProcessHeap
BackupSeek

winspool.drv

AbortPrinter
OpenPrinterA
FindNextPrinterChangeNotification
EnumPortsA
GetPrinterA
SetPrinterDataW
EnumPrintersW
EnumFormsW
EndDocPrinter
SetPrinterA
GetFormW
SetPrinterW
AddFormW
EnumPortsW
DeviceCapabilitiesA
ord204
FindFirstPrinterChangeNotification
DeletePrinterDriverA
DocumentPropertiesW
StartDocPrinterW
FreePrinterNotifyInfo
DocumentPropertiesA
DeleteFormW
DeletePrintProcessorW
WritePrinter
EnumJobsA
AddPrinterA
AddPrinterDriverA
ClosePrinter
SetJobW
GetJobW
DeletePrintProcessorA
EndPagePrinter
OpenPrinterW
EnumPrinterDriversA
PrinterProperties
GetPrinterDriverA
EnumJobsW
DeviceCapabilitiesW
DeletePrinter
GetPrinterW
EnumPrintersA
GetJobA
GetPrinterDriverDirectoryA
StartPagePrinter
StartDocPrinterA

oleaut32

LoadTypeLi

shell32

ord155
SHGetSpecialFolderPathA
DragQueryFileW
SHCreateDirectoryExA
CommandLineToArgvW
SHGetInstanceExplorer
SHAppBarMessage
SHGetPathFromIDListW
DuplicateIcon
SHGetFolderPathA
Shell_NotifyIconW
ShellExecuteExW
SHGetDataFromIDListA
SHGetFolderLocation
SHGetFileInfoA
SHBindToParent
ShellExecuteW
SHGetSpecialFolderLocation
SHGetDesktopFolder
FindExecutableA
ShellExecuteA
DragQueryPoint
SHFreeNameMappings
SHBrowseForFolderA
SHGetFileInfoW
DoEnvironmentSubstW
ShellExecuteExA
SHGetFolderPathW
ExtractIconExW
SHBrowseForFolderW
ExtractIconExA
DragAcceptFiles
SHGetDataFromIDListW
ExtractIconW
SHChangeNotify
SHGetPathFromIDListA
SHGetSpecialFolderPathW
FindExecutableW
Shell_NotifyIconA
SHAddToRecentDocs
SHEmptyRecycleBinA
SHFileOperationA
DragFinish
SHCreateDirectoryExW
SHGetMalloc
DragQueryFileA
ExtractIconA
SHFileOperationW

ole32

CLSIDFromProgID
OleLoadFromStream
StgCreateDocfileOnILockBytes
CoDisconnectObject
OleUninitialize
OleSaveToStream
CoReleaseMarshalData
OleIsCurrentClipboard
OleCreateFromFile
OleSetMenuDescriptor
GetHGlobalFromILockBytes
CoFileTimeNow
OleLockRunning
CoImpersonateClient
IsAccelerator
ReadFmtUserTypeStg
OleCreateStaticFromData
OleRun
CoRevertToSelf
OleGetIconOfClass
GetClassFile
CoRevokeClassObject
OleDuplicateData
IIDFromString
DoDragDrop
CreateStreamOnHGlobal
OleCreateMenuDescriptor
StgCreateDocfile
OleCreateLinkFromData
OleDestroyMenuDescriptor
CoFreeUnusedLibraries
CoCopyProxy
CreateBindCtx
CoCreateGuid
OleSetContainedObject
CLSIDFromString
OleCreate
OleSave
ProgIDFromCLSID
CoTaskMemFree
CoMarshalInterThreadInterfaceInStream
GetRunningObjectTable
OleDraw
WriteClassStm
OleRegGetUserType
CreateGenericComposite
WriteFmtUserTypeStg
CoRegisterMessageFilter
OleCreateLinkToFile
CoTreatAsClass
CoInitialize
CreateOleAdviseHolder
GetHGlobalFromStream
BindMoniker
OleRegEnumVerbs
CoGetClassObject
ReleaseStgMedium
CoRevokeMallocSpy
CoMarshalInterface
OleFlushClipboard
StringFromIID
CoLockObjectExternal
CoCreateInstance
CoTaskMemAlloc
ReadClassStg
OleQueryCreateFromData
OleTranslateAccelerator
CoInitializeEx
CreateFileMoniker
CoRegisterMallocSpy
CoUninitialize
OleRegGetMiscStatus
StgOpenStorageOnILockBytes
CreateClassMoniker
MkParseDisplayName
CoInitializeSecurity
CreateILockBytesOnHGlobal
CoGetMalloc
ReadClassStm
StringFromGUID2
StgIsStorageFile
OleGetClipboard
OleLoad
CoQueryProxyBlanket
RevokeDragDrop
StgIsStorageILockBytes
StgCreateStorageEx
CoCreateInstanceEx
OleInitialize
WriteClassStg
OleIsRunning
CoGetInterfaceAndReleaseStream
CoTaskMemRealloc
PropVariantClear
CoSuspendClassObjects
CoResumeClassObjects
CreateDataAdviseHolder
CoRegisterClassObject
StgOpenStorage
CoGetObject
OleSetClipboard
OleCreateFromData
CoLoadLibrary
SetConvertStg
OleQueryLinkFromData
CreateItemMoniker
StringFromCLSID
FreePropVariantArray
CoSetProxyBlanket
CoUnmarshalInterface
RegisterDragDrop

comctl32

ImageList_LoadImage
ImageList_LoadImageW
PropertySheetW
CreateToolbarEx
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_DragShowNolock
ImageList_Create
ImageList_Merge
ImageList_EndDrag
ImageList_SetOverlayImage
ImageList_GetDragImage
ImageList_GetBkColor
ImageList_GetIcon
ImageList_Read
ImageList_DrawEx
ImageList_BeginDrag
FlatSB_ShowScrollBar
CreatePropertySheetPageW
ImageList_DragEnter
InitializeFlatSB
ImageList_GetImageInfo
DrawStatusTextW
ImageList_SetImageCount
ImageList_SetBkColor
InitCommonControlsEx
ImageList_Replace
ImageList_SetDragCursorImage
ImageList_Draw
ImageList_Duplicate
ImageList_Write
_TrackMouseEvent
ImageList_DragLeave
ImageList_Destroy
ImageList_AddIcon
CreateStatusWindowW
ImageList_DrawIndirect
PropertySheetA
ImageList_DragMove
ImageList_LoadImageA
ImageList_AddMasked
MakeDragList
CreatePropertySheetPageA
FlatSB_EnableScrollBar
ImageList_GetImageCount
ImageList_Remove
CreateUpDownControl
ImageList_Copy
ImageList_SetIconSize
DestroyPropertySheetPage
ImageList_Add
ord17
ImageList_SetFlags

user32

GetSysColorBrush
TabbedTextOutW
AppendMenuA
CopyAcceleratorTableW
GetClassWord
GetDialogBaseUnits
GetWindowTextW
CallNextHookEx
SetClipboardData
MonitorFromRect
GetMenuStringA
TranslateAcceleratorA
SetCursorPos
GetCursorInfo
IsZoomed
BroadcastSystemMessage
DispatchMessageA
GetMenuContextHelpId
UnregisterDeviceNotification
IsCharAlphaA
SetWindowTextW
DefFrameProcW
ChildWindowFromPointEx
GetIconInfo
GetWindowRect
CharLowerBuffA
IsChild
DefWindowProcW
MonitorFromPoint
CloseWindowStation
CloseWindow
GetAncestor
GetLastInputInfo
MenuItemFromPoint
DefWindowProcA
RegisterClassW
IsWindow
GetInputState
GetWindowDC
AdjustWindowRect
DrawIconEx
GetMenuBarInfo
TrackMouseEvent
OffsetRect
DialogBoxParamA
ShowOwnedPopups
GetParent
GetDlgItemTextW
GetNextDlgGroupItem
GetPropA
CreateDialogIndirectParamA
IsCharAlphaNumericA
wsprintfW
GetClipCursor
LoadBitmapA
GetMessagePos
SetMenuInfo
SetScrollInfo
DialogBoxIndirectParamW
GetMonitorInfoA
MapVirtualKeyExW
SetScrollPos
GetDCEx
OpenClipboard
ActivateKeyboardLayout
SetFocus
InSendMessage
CheckRadioButton
SetWindowLongW
DestroyCursor
EqualRect
MessageBoxW
mouse_event
GetUserObjectInformationW
GetGUIThreadInfo
GetMenuItemCount
GetMessageExtraInfo
InsertMenuA
GetScrollRange
GetCaretBlinkTime
OemToCharBuffA
ExcludeUpdateRgn
ToAsciiEx
SetMenuItemInfoW
SendMessageTimeoutW
BeginPaint
PackDDElParam
GetDesktopWindow
IsClipboardFormatAvailable
DrawTextExW
CreateDialogParamA
LoadCursorA
GetWindow
OpenWindowStationA
DefFrameProcA
UnregisterClassA
GetWindowTextLengthA
DlgDirListA
CreateIconFromResourceEx
ModifyMenuA
DrawAnimatedRects
GetClassInfoA
GetUserObjectSecurity
FreeDDElParam
CopyAcceleratorTableA
GetMessageA
IsDialogMessageW
GetClipboardFormatNameW
SetCaretPos
LoadCursorFromFileW
GetMenuState
KillTimer
HiliteMenuItem
ShowWindow
InsertMenuItemA
SystemParametersInfoA
GetWindowWord
FrameRect
GetScrollBarInfo
CreateDialogParamW
GetKeyState
DdeNameService
DdePostAdvise
LoadStringW
CharUpperBuffA
RealChildWindowFromPoint
GetMenuItemID
DdeInitializeA
RegisterClassExW
GetCursorPos
SetScrollRange
DestroyWindow
UnpackDDElParam
GetThreadDesktop
GetMenuStringW
DestroyAcceleratorTable
IsRectEmpty
GetDlgItem
DdeGetLastError
DdeCreateStringHandleA
SetMenuItemInfoA
CreateCursor
GetScrollInfo
UnhookWinEvent
PostMessageW
TrackPopupMenuEx
EnumThreadWindows
SetWindowsHookExW
RedrawWindow
DestroyCaret
ClientToScreen
PostQuitMessage
DdeConnect
CloseDesktop
GetWindowTextA
RemovePropA
ShowCaret
FillRect
SetDlgItemTextA
GetNextDlgTabItem
VkKeyScanExA
EnumWindows
EnableMenuItem
GetClassInfoExW
GetWindowThreadProcessId
SwapMouseButton
GetDlgItemInt
AppendMenuW
GetDC
CharLowerW
InsertMenuW
GetActiveWindow
LoadMenuW
IsDlgButtonChecked
GetQueueStatus
FindWindowExW
SendMessageW
SetMenuItemBitmaps
EndPaint
ChangeDisplaySettingsW
DdeDisconnect
AllowSetForegroundWindow
WaitMessage
wvsprintfA
CheckDlgButton
SetLayeredWindowAttributes
DragDetect
GetProcessWindowStation
DialogBoxParamW
DeleteMenu
GetCaretPos
CountClipboardFormats
DialogBoxIndirectParamA
SwitchDesktop
CreateCaret
SetWindowRgn
LockSetForegroundWindow
ToUnicodeEx
GetMessageTime
GetScrollPos
IsWindowEnabled
RegisterDeviceNotificationW
UpdateWindow
DlgDirSelectExA
IsCharLowerW
NotifyWinEvent
IsCharAlphaNumericW
SetActiveWindow
LoadKeyboardLayoutA
CreateMDIWindowW
GetKeyNameTextA
DlgDirListComboBoxW
GetUserObjectInformationA
AttachThreadInput
GetPropW
CallMsgFilterA
CharPrevA
SendDlgItemMessageA
ReplyMessage
DrawFrameControl
GetTopWindow
DdeQueryStringA
SendDlgItemMessageW
GetClipboardOwner
ChangeDisplaySettingsA
GetMenuItemInfoA
DdeCreateDataHandle
LoadImageA
OpenDesktopW
LoadBitmapW
SetCursor
MsgWaitForMultipleObjectsEx
DrawTextA
RemoveMenu
ToUnicode
ValidateRgn
IsIconic
GetSystemMenu
SetRect
LookupIconIdFromDirectory
IsWindowUnicode
HideCaret
PeekMessageW
EnumChildWindows
SetThreadDesktop
ChildWindowFromPoint
MapWindowPoints
PeekMessageA
IsDialogMessageA
CreateAcceleratorTableW
InvalidateRgn
MessageBoxA
GetClipboardViewer
MonitorFromWindow
GetMenuCheckMarkDimensions
TranslateMDISysAccel
DrawStateA
ModifyMenuW
CascadeWindows
InvertRect
CopyImage
GetClipboardData
LoadCursorW
GetUpdateRect
SetRectEmpty
OpenIcon
CreateWindowExA
FindWindowA
DrawFocusRect
CharLowerBuffW
SetWindowPos
LoadImageW
SendMessageA
DrawStateW
OpenWindowStationW
LoadAcceleratorsA
GetWindowContextHelpId
LoadStringA
LoadMenuA
BeginDeferWindowPos
CloseClipboard
GetClassLongA
DdeFreeStringHandle
MapDialogRect
SetClipboardViewer
CreateAcceleratorTableA
WaitForInputIdle
IsCharUpperA
MessageBoxExA
DispatchMessageW
IntersectRect
SubtractRect
InsertMenuItemW
SetParent
LookupIconIdFromDirectoryEx
MsgWaitForMultipleObjects
GetClassNameA
GetClassInfoExA
DlgDirSelectComboBoxExA
ShowCursor
DefMDIChildProcA
CreateWindowExW
CharNextExA
CreateMDIWindowA
AnimateWindow
InflateRect
DdeUnaccessData
GetMonitorInfoW
EnableScrollBar
CopyIcon
DdeCreateStringHandleW
ArrangeIconicWindows
TileChildWindows
IsDialogMessage
MoveWindow
GetMenuInfo
DefDlgProcA
GetSystemMetrics
DeferWindowPos
CreatePopupMenu
CharUpperW
DefMDIChildProcW
PostThreadMessageA
CreateDesktopW
DrawTextW
DdeUninitialize
IsCharLowerA
GetClassInfoW
ScrollWindowEx
UnhookWindowsHookEx
GetKeyboardLayoutNameA
LoadAcceleratorsW
EmptyClipboard
GetCapture
SetPropA
CheckMenuRadioItem
SetWindowTextA
AdjustWindowRectEx
CreateDialogIndirectParamW
DdeAccessData
EnumDisplayMonitors
DrawTextExA
CreateIcon
FlashWindowEx
SetDlgItemInt
SetTimer
IsWindowVisible
wsprintfA
GetMenuItemInfoW
GetTitleBarInfo
PostMessageA
GrayStringW
DestroyIcon
ChangeClipboardChain
SendNotifyMessageW
GetLastActivePopup
EndDialog
MessageBeep
FindWindowExA
GetDlgItemTextA
WindowFromDC
SetWindowsHookExA
CheckMenuItem
DrawEdge
GetSysColor
CharToOemA
GetKeyboardState
EnumDisplaySettingsA
GetSubMenu
EnableWindow
SendNotifyMessageA
ShowScrollBar
DestroyMenu
GetCursor
GetKeyboardLayout
DdeFreeDataHandle
SetDoubleClickTime
SetCapture
GrayStringA
CreateIconFromResource
GetClientRect
WindowFromPoint
EnumDesktopWindows
DdeClientTransaction
SetProcessWindowStation
TranslateMessage
RegisterHotKey
FindWindowW
SystemParametersInfoW
SetClassLongA
CopyRect
CharNextW
GetClassNameW
SetMessageExtraInfo
GetMenuDefaultItem
SetDlgItemTextW
SendInput
CallWindowProcA
PtInRect
GetAsyncKeyState
InvalidateRect
ScrollDC
SetMenuDefaultItem
SendMessageTimeoutA
GetWindowLongA
ScrollWindow
GetWindowModuleFileNameW
SetClassLongW
GetMenuItemRect
CharNextA
CharUpperBuffW
BringWindowToTop
DrawCaption
SetMenu
ReleaseCapture
SetPropW
TileWindows
RegisterWindowMessageW
GetClassLongW
GetWindowPlacement
RegisterWindowMessageA
ClipCursor
GetFocus
SetForegroundWindow
GetDlgCtrlID
EnumClipboardFormats
SetWindowPlacement
keybd_event
GetUpdateRgn
GetForegroundWindow
EnumDisplaySettingsW
SetMenuContextHelpId
SetUserObjectSecurity
RemovePropW
IsMenu
RegisterClassExA
GetDoubleClickTime
ToAscii
UnionRect
CharToOemBuffA
DdeInitializeW
LoadMenuIndirectA
MapVirtualKeyW
SetCaretBlinkTime
TrackPopupMenu
OpenDesktopA
SetWindowLongA
WinHelpW
GetKeyboardLayoutList
ReuseDDElParam
GetOpenClipboardWindow
RegisterClipboardFormatW
ShowWindowAsync
LockWindowUpdate
ExitWindowsEx
RegisterClipboardFormatA
DlgDirListComboBoxA
GetWindowInfo
UnregisterClassW
GetTabbedTextExtentA
GetKeyNameTextW
TranslateAcceleratorW
MapVirtualKeyA
GetWindowLongW
ValidateRect
PostThreadMessageW
ScreenToClient
DdeGetData
OpenInputDesktop
CharLowerA
OemToCharA
GetClipboardFormatNameA
GetWindowTextLengthW
GetMessageW
FlashWindow
TabbedTextOutA
LoadIconW
CreateIconIndirect
UnregisterHotKey
SetKeyboardState
MessageBoxIndirectA
LoadMenuIndirectW
EndDeferWindowPos
LoadCursorFromFileA
SetWindowContextHelpId
CallWindowProcW
VkKeyScanW
MapVirtualKeyExA
DdeQueryStringW
CharUpperA
RegisterClassA
ReleaseDC
GetComboBoxInfo
wvsprintfW
WinHelpA
DrawMenuBar
CreateMenu
VkKeyScanA
LoadIconA
GetWindowRgn

comdlg32

ChooseColorA
GetOpenFileNameW
FindTextW
ReplaceTextW
GetOpenFileNameA
PrintDlgA
PageSetupDlgW
GetSaveFileNameW
ChooseFontA
PrintDlgW
FindTextA
GetFileTitleW
GetSaveFileNameA
CommDlgExtendedError
GetFileTitleA
ReplaceTextA
ChooseFontW
PrintDlgExA
ChooseColorW
PageSetupDlgA

Exports

Exports

�г�:��|�E�3��hrF֯��&�D��I<h4��9�-%�,��p��vG!�U�L@�6��e��뺕,��|i!u�T�)�2z�`"-�Ly'n@to��B m�l�x��7�}� z5��l�z��K�M� Jb��F��r��.�Z:�|��Ζ*��:��Vv��w�M�@1��ޝ��#��/\��$��)��b��4h��X�(�?��,A�-��ț��I��1L�u B6��P�S�h�.{I��m��/�*�B��ٞ6U�b��KT��y.2�02�Rtۙg�Q�C�s^��m2GsA��P�e�j��S�G|��7F��O�eQ��/�sQ㟗S|]��YJ~j��O�I�e4z�ʮ� ��F��ձ`F �]v��e��Hs@��)i��k�X�Umv �\:uGnҿ.eV��Gb}fG��z�� ۡ�o�#W��5��FO�IXK��d�p�ӘS0��Z��F"[D�& �c3�c�� M��S�� \�ئ��/��e<��~3�}b�Os�Y�Ʊ�yd��.JZ�U�h��VE�q�?��՞�N��eC��B!��뭧 ��};�+� ��zV��S�;Kށ�%˫eԉq�H��F#DJ��~�=��w�Y��f�ꐈ�s��KO V��k��,�9z�4�� q��,1�i� ?�$�>z�H:0)��rpg�."��=�u�`�Ҥ,aemϲ8��޷^��S��I��Pl��Q2��F;��`�/�OZб� ��м�t'��@ɔ*�:� !Y_��F��Q�u �%�[^UM�Xh��)-��K^.k~�oe��e�K7݈�u��=#��oϒ��nA��T�HU;��x��\I��B��.D�a8��I��?๮ۑ��U�F�o^��d�5� 轟]V��ġ��kg��9��e_ �XUi�4��!:�*_�$!b3�.9݈�wr��c$>�؜�n�ڏ��n+&_E y�j��G)��v��,5��_7�&pc(�qW��<.X�m��1:��;�w<��>��ˡQ��<�Qw�.3��`�G��;Rv�c*�� %i�g$�9�ed��^�7i��}�C��Cm�=��f9��E��t#��x#��"�ޒ��k��l ��g��³ʒ��vd�V1��fU�w�� keS2��.��=<,��J�򌖗��I�t��+�}t@4z�D�&��gʻ�g`��`�2��_oB�8��Pr5��]W��ƙ�=!��߶٥$��r�,�1 ��5-.>�tE��j��f(�>�>��g� �K�-ռ4�Ƨ�D~VF/�:r)|��{b{ϝ^�&��Q�|�'�A&V~r�"٦��o��6��m��rd�nD�yʽ��G�f'I�ￜ{j\�v�H�E�y�97�Ǭ�6��v�{�HF�t��`K�c�A��H�M��K/MՏVkFF�9��]8�͢�a~��J��L&�x!rO�Iѳ��Lw�.?�vg��_�ʱ��C�$��0�MHI�n��"�u�3ʀ�Ʃ�&��:��h�"7g�6��*�;��4�I�L\xuEzߥ� �\Б��y]�DHĔ\P"��e�]E�8��S��<(��Z\^0]�O,{s�6�`.�ߋ�t1�n">@ql��T�jK37i�'άWb��е;*�FjLd�*��Al ]lK��M6^�n݇sZ�eu�q��Rfa��! H�.A�t:ۗ�-��d�C�z _��R��p)�ޫ*k��B�C�@�t��/}R�S��=p=��_/jB�3mԽq䆸��:��`��_�M��/��/' ��#�<�<��_��o<Q�;� |-UR��nU,�� :1x}W��]�m��w��>�\�'�� 71qй\�9��{f��Oz�SR2J��Ǩ擖��i4y&�I��cpvO��<R��K�L1��lu�l{~��nnT�"tF� [\��П��4��A�1��R�Ⱥ�L��BR�H��pQͿ4SG��I��B=_�RL�]�$f�/,�%,��$��/��{��Ju�c|�+9��~��Á��=Q7E��"%��,�;�5�g>o��쩤_�B��^�ƭ�-�� ?n�Y^]h��WZ�Jvy�B�ª4xj��Q��0Ņۋ(e�r� �!��`�m�5[k� ��(1�~��@��[��f�a��>(�ʡӵj��cR�>�� (��c��C`�5J��*q��Y�M�H��i��(��C�8�n6��kg1�xJ�}��u@��}�z.��QG��dJY��X�Π��_�+��Z��_��2�� W�ƛ�� J�6̱�S[s�l^��d��*U��`��eR5�࿷WG�c7�F .V!��4��]�:��2Q�s�߁��M��@��䊀D��Vyޡ �R��G�^%�6n��" �La�c&��'�N��6�\��%|��.;�Y��_�ک�=��h�k��C@��?h�' �\+�Dx�.ɂ�c�~Q�^'��<#<|L��{[��*��5[��=�V��R�S)D�K�a_p]/�]�F.#��o��toj^��.�e��h1HH*gb�q��i�J�h��9��Ƅ� �ˊJg�V��f�D��@`�9$��S� p9Y1L{D��#�Y��]�%fO�J��;&~ F#�g��&��A �s��t�e{�od��V�.3��Q7��u��[A��j6'�%�8.~�zQ��Y�{�傓�|�&bj_>��g�=�D\�U�&7$��#��b�}3��N�l��~��}�1ْ

Sections

.text
Size: - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 486KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.tls
Size: 4KB - Virtual size: 24B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 776KB - Virtual size: 774KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a0576aed76a3bca3468f5e4b86f9839

Headers

File Characteristics

Imports

gdi32

kernel32

winspool.drv

oleaut32

shell32

ole32

comctl32

user32

comdlg32

Exports

Exports

Sections

.text Size: - Virtual size: 106KB

.rdata Size: - Virtual size: 486KB

.data Size: - Virtual size: 169KB

.rsrc Size: 24KB - Virtual size: 36KB

.vmp0 Size: - Virtual size: 24KB

.tls Size: 4KB - Virtual size: 24B

.vmp1 Size: 776KB - Virtual size: 774KB

.reloc Size: 4KB - Virtual size: 160B

.text
Size: - Virtual size: 106KB

.rdata
Size: - Virtual size: 486KB

.data
Size: - Virtual size: 169KB

.rsrc
Size: 24KB - Virtual size: 36KB

.vmp0
Size: - Virtual size: 24KB

.tls
Size: 4KB - Virtual size: 24B

.vmp1
Size: 776KB - Virtual size: 774KB

.reloc
Size: 4KB - Virtual size: 160B