381274bfb3e8c4763da65d36ab876f99_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

381274bfb3e8c4763da65d36ab876f99_JaffaCakes118
Size

1.3MB
MD5

381274bfb3e8c4763da65d36ab876f99
SHA1

2c9d7395b94d6ef3020d9e4c940cb9b8cbfa4fe0
SHA256

a781b63fc413b0a82c7b7cdfb36b8285715bef12f51d100f68220115e5d6fb19
SHA512

b047385c41e8502dc8d5f83086cc0c9f3e0e429269a59562e5a8ff3e3182ef6e0cc2311caffefed705804e3d9a60fd7aa99ab4e97291de029e0466959363395c
SSDEEP

24576:fbnfRZEVuqhbXnHbeQhRfDNx7XItlCqa1gjn/5oLQ1tKgAjWYP:lZSuAnRzxx74t5mgjn/5oLQ1tb8P

Score

5^/10

pdf link

Malware Config

Signatures

Malformed data in PDF
A PDF can contain malformed data to evade detection
pdf
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cvery.comvc91453453634/DSXLIB_0-9/XCardApp/Bin/XcardApp.exe
unpack001/cvery.comvc91453453634/Win_OSD_SDK/WIN32BIN/convfont.exe
unpack001/cvery.comvc91453453634/Win_OSD_SDK/WIN32BIN/qbmp.exe
unpack001/cvery.comvc91453453634/Win_OSD_SDK/WIN32BIN/rgb2x.exe

Files

381274bfb3e8c4763da65d36ab876f99_JaffaCakes118
.rar
cvery.comvc91453453634/DSXLIB_0-9/AppUtilLib/Bin/AppUtilLib.h
cvery.comvc91453453634/DSXLIB_0-9/AppUtilLib/Bin/AppUtilLib.lib
cvery.comvc91453453634/DSXLIB_0-9/SDDirectShowX/Bin/IDSX.h
cvery.comvc91453453634/DSXLIB_0-9/SDDirectShowX/Bin/SDDirectShowX.lib
cvery.comvc91453453634/DSXLIB_0-9/SDDirectShowX/Bin/XCardControl.h
cvery.comvc91453453634/DSXLIB_0-9/XCardApp/Bin/XcardApp.exe
.exe windows:4 windows x86 arch:x86

24badda4cefd502ec457b269a5d73bd8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
lstrcpyA
GetFileType
GetCPInfo
GetACP
GetEnvironmentVariableA
CreateEventA
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
InitializeCriticalSection
EnterCriticalSection
WaitForSingleObject
CreateThread
ResetEvent
HeapValidate
CreateSemaphoreA
FreeLibrary
GetTickCount
GetCurrentThread
InterlockedExchange
GetCurrentThreadId
SetThreadPriority
GetThreadPriority
lstrlenA
InterlockedDecrement
GetCurrentProcessId
SetLocalTime
EscapeCommFunction
SetCommTimeouts
GetCommTimeouts
SetCommState
GetCommState
CreateFileA
OutputDebugStringA
ReadFile
SetCommMask
Sleep
lstrlenW
GetLastError
MultiByteToWideChar
WideCharToMultiByte
LocalFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RtlUnwind
IsBadWritePtr
IsBadReadPtr
LCMapStringW
RaiseException
DebugBreak
GetStdHandle
WriteFile
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
lstrcatA
CloseHandle
SetEvent
HeapDestroy
HeapCreate
HeapFree
VirtualFree
HeapAlloc
HeapReAlloc
VirtualAlloc
SetUnhandledExceptionFilter
SetConsoleCtrlHandler
FlushFileBuffers
SetStdHandle
GetOEMCP
IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetFilePointer
LCMapStringA

user32

LoadIconA
LoadCursorA
RegisterClassExA
UpdateWindow
LoadAcceleratorsA
ShowWindow
CreateWindowExA
keybd_event
TranslateMessage
DispatchMessageA
DefWindowProcA
EndDialog
LoadStringA
CallWindowProcA
PostQuitMessage
DestroyWindow
SetWindowTextA
GetDC
ReleaseDC
SetWindowLongA
wsprintfA
DialogBoxParamA
GetMessageA
SendMessageA
TranslateAcceleratorA
BeginPaint
EndPaint
GetClientRect
MessageBoxA
LoadBitmapA
CheckMenuItem
GetMenu
EnableMenuItem
SetFocus
MsgWaitForMultipleObjects
wvsprintfA
PeekMessageA
PostThreadMessageA
GetQueueStatus

gdi32

SetBkColor
CreateCompatibleDC
GetObjectA
CreateBitmap
SetBkMode
CreateCompatibleBitmap
BitBlt
StretchBlt
DeleteObject
CreateDCA
GetDeviceCaps
DeleteDC
CreateFontIndirectA
SelectObject
CreateSolidBrush
PatBlt

ole32

CoInitialize
CoCreateInstance
CreateItemMoniker
GetRunningObjectTable
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize

comctl32

ord6
CreateToolbarEx
InitCommonControlsEx

comdlg32

GetOpenFileNameA

shell32

ShellExecuteExA

oleaut32

VariantInit
VariantClear
SysAllocString
VariantChangeType
SetErrorInfo
CreateErrorInfo
GetErrorInfo
SysFreeString

ws2_32

gethostbyname
gethostname

winmm

timeGetTime
timeBeginPeriod
timeGetDevCaps
timeKillEvent
timeSetEvent

Sections

.text
Size: 212KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cvery.comvc91453453634/DSXLIB_0-9/XCardApp/Scr/StdAfx.cpp
cvery.comvc91453453634/DSXLIB_0-9/XCardApp/Scr/StdAfx.h
cvery.comvc91453453634/DSXLIB_0-9/XCardApp/Scr/UtilOption.cpp
cvery.comvc91453453634/DSXLIB_0-9/XCardApp/Scr/UtilOption.h
cvery.comvc91453453634/DSXLIB_0-9/XCardApp/Scr/XCardApp.aps
cvery.comvc91453453634/DSXLIB_0-9/XCardApp/Scr/XCardApp.cpp
cvery.comvc91453453634/DSXLIB_0-9/XCardApp/Scr/XCardApp.dsw
cvery.comvc91453453634/DSXLIB_0-9/XCardApp/Scr/XCardApp.h
cvery.comvc91453453634/DSXLIB_0-9/XCardApp/Scr/XCardApp.ncb
cvery.comvc91453453634/DSXLIB_0-9/XCardApp/Scr/XCardApp.opt
cvery.comvc91453453634/DSXLIB_0-9/XCardApp/Scr/XCardApp.plg
.html
cvery.comvc91453453634/DSXLIB_0-9/XCardApp/Scr/XCardApp.rc
cvery.comvc91453453634/DSXLIB_0-9/XCardApp/Scr/XcardApp.dsp
cvery.comvc91453453634/DSXLIB_0-9/XCardApp/Scr/XcardApp.ico
cvery.comvc91453453634/DSXLIB_0-9/XCardApp/Scr/playwnd.ico
cvery.comvc91453453634/DSXLIB_0-9/XCardApp/Scr/resource.h
cvery.comvc91453453634/DSXLIB_0-9/XCardApp/Scr/toolbar1.bmp
cvery.comvc91453453634/DSXLIB_0-9/history.txt
cvery.comvc91453453634/Win_OSD_SDK/Doc/OSDlib.PDF
.pdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/QBitmap/QBitmap.dsp
cvery.comvc91453453634/Win_OSD_SDK/SRC/QBitmap/QBitmap.dsw
cvery.comvc91453453634/Win_OSD_SDK/SRC/QBitmap/QBitmap.h
cvery.comvc91453453634/Win_OSD_SDK/SRC/QBitmap/QBitmapFunc.cpp
cvery.comvc91453453634/Win_OSD_SDK/SRC/QBitmap/rmadef.h
cvery.comvc91453453634/Win_OSD_SDK/SRC/RGB2X/main.cpp
cvery.comvc91453453634/Win_OSD_SDK/SRC/RGB2X/rgb2x.dsp
cvery.comvc91453453634/Win_OSD_SDK/SRC/RGB2X/rgb2x.dsw
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/CONV_FONT/char24_Norm/charR24.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/CONV_FONT/courB24_Italic/courO24.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/CONV_FONT/courB24_Norm/courB24.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/CONV_FONT/courR24_Norm/courR24.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/Addit_expl.txt
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/Imakefile.txt
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/LU_LEGALNOTICE.txt
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/charI08.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/charI10.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/charI12.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/charI14.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/charI18.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/charI24.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/charR08.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/charR10.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/charR12.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/charR14.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/charR18.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/charR24.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/courB08.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/courB10.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/courB12.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/courB14.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/courB18.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/courB24.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/courBO08.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/courBO10.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/courBO12.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/courBO14.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/courBO18.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/courBO24.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/courO08(1).bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/courO10.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/courO12.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/courO14.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/courO18.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/courO24.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/courR08.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/courR10.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/courR12.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/courR14.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/courR18.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/courR24.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/cursor.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/deccurs.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/decsess.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/timB08.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/timB10.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/timB12.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/timB14.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/timB18.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/timB24.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/timBI08.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/timBI10.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/timBI12.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/timBI14.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/timBI18.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/timBI24.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/timI08.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/timI10.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/timI12.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/timI14.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/timI18.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/timI24.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/timR08.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/timR10.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/timR12.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/timR14.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/timR18.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/Font/Font_From_Magazine/timR24.bdf
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/convfont.cpp
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/convfont.dsp
cvery.comvc91453453634/Win_OSD_SDK/SRC/convfont/convfont.dsw
cvery.comvc91453453634/Win_OSD_SDK/WIN32BIN/convfont.exe
.exe windows:4 windows x86 arch:x86

2d90932c90ff2dad7a3daeb549eb88f7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
ExitProcess
TerminateProcess
GetCurrentProcess
RtlUnwind
GetModuleFileNameA
GetCommandLineA
GetVersion
GetLastError
CloseHandle
WriteFile
ReadFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
IsBadWritePtr
IsBadReadPtr
HeapValidate
CreateFileA
DebugBreak
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
GetCurrentDirectoryA
SetConsoleCtrlHandler
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
HeapFree
VirtualFree
SetStdHandle
FlushFileBuffers
HeapAlloc
HeapReAlloc
VirtualAlloc
SetEndOfFile
SetUnhandledExceptionFilter
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 188KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cvery.comvc91453453634/Win_OSD_SDK/WIN32BIN/qbmp.exe
.exe windows:4 windows x86 arch:x86

116cc94474b55c0b9e408e37927dc41d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
CloseHandle
ReadFile
CreateFileA
FreeEnvironmentStringsA
GetModuleFileNameA
SetEndOfFile
HeapFree
HeapAlloc
GetCommandLineA
GetVersion
ExitProcess
RtlUnwind
GetLastError
WriteFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
TerminateProcess
lstrcpynA
UnhandledExceptionFilter
IsBadWritePtr
IsBadCodePtr
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
FlushFileBuffers
HeapReAlloc
HeapSize
SetStdHandle
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetProcAddress
LoadLibraryA
SetUnhandledExceptionFilter
IsBadReadPtr

winmm

mmioOpenA
mmioWrite
mmioClose

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
cvery.comvc91453453634/Win_OSD_SDK/WIN32BIN/rgb2x.exe
.exe windows:4 windows x86 arch:x86

80d4139be9ad015aa048d18b0d6ffa68

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mmioSeek
mmioOpenA
mmioWrite
mmioClose
mmioRead

kernel32

HeapDestroy
HeapCreate
ReadFile
SetEndOfFile
LCMapStringA
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
HeapReAlloc
HeapFree
GetLastError
VirtualFree
VirtualAlloc
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
SetFilePointer
LCMapStringW
TerminateProcess
GetCurrentProcess
CloseHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
RtlUnwind
SetConsoleCtrlHandler
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
CreateFileA
GetCPInfo
GetACP
GetOEMCP

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cvery.comvc91453453634/osd/RmOsd9xAtlSrv.h
cvery.comvc91453453634/osd/SDKbook.pdf
.pdf
- http://developer.SigmaDesigns.com
cvery.comvc91453453634/下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

24badda4cefd502ec457b269a5d73bd8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

comctl32

comdlg32

shell32

oleaut32

ws2_32

winmm

Sections

.text Size: 212KB - Virtual size: 209KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 20KB - Virtual size: 24KB

.idata Size: 8KB - Virtual size: 5KB

.rsrc Size: 8KB - Virtual size: 6KB

.reloc Size: 8KB - Virtual size: 6KB

2d90932c90ff2dad7a3daeb549eb88f7

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 188KB - Virtual size: 184KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 3.3MB

.idata Size: 4KB - Virtual size: 1KB

.reloc Size: 16KB - Virtual size: 14KB

116cc94474b55c0b9e408e37927dc41d

Headers

File Characteristics

Imports

kernel32

winmm

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 13KB - Virtual size: 18KB

80d4139be9ad015aa048d18b0d6ffa68

Headers

File Characteristics

Imports

winmm

kernel32

Sections

.text Size: 180KB - Virtual size: 179KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 20KB - Virtual size: 22KB

.idata Size: 4KB - Virtual size: 2KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 212KB - Virtual size: 209KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 20KB - Virtual size: 24KB

.idata
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 8KB - Virtual size: 6KB

.text
Size: 188KB - Virtual size: 184KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 3.3MB

.idata
Size: 4KB - Virtual size: 1KB

.reloc
Size: 16KB - Virtual size: 14KB

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 13KB - Virtual size: 18KB

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 20KB - Virtual size: 22KB

.idata
Size: 4KB - Virtual size: 2KB

.reloc
Size: 8KB - Virtual size: 4KB