3e8eb29d377be328dabaa6cc6f6703f1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3e8eb29d377be328dabaa6cc6f6703f1_JaffaCakes118
Size

261KB
MD5

3e8eb29d377be328dabaa6cc6f6703f1
SHA1

9cc1703763798564c6b1dd9bd9032da525f9396e
SHA256

42e0a9fe829e38ca920948e33ce3418c07bf112115cd0651eee6830d5584983e
SHA512

e37fad1bff90e9538e5ddd9c63d7ddac93f19cf0d8b16769130e06e8a532bf1eb1b490aa169f0de8423be901d657bef2f8786f535665179504a84cc862e910bf
SSDEEP

6144:XZXPP7xBK+H/15adgFv8ngPI61PboS5u5cSpmuk8IBrD9zr:JXPPVBzt5adg18O1JOcSK1D5

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
3e8eb29d377be328dabaa6cc6f6703f1_JaffaCakes118
unpack001/out.upx

Files

3e8eb29d377be328dabaa6cc6f6703f1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 508KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 252KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Exports

Exports

@$xp$26Shdocvw_tlb@TCppWebBrowser
@$xp$28Shdocvw_tlb@TCppShellWindows
@$xp$29Shdocvw_tlb@TCppShellUIHelper
@$xp$32Shdocvw_tlb@TCppInternetExplorer
@$xp$36Shdocvw_tlb@TShellFavoritesNameSpace
@$xp$ynpqqrp14System@TObjectrp20Controls@TDragObject$v
@$xp$ynpqqrp14System@TObjectt1ii$v
@$xp$ynpqqrp14System@TObjectt1ii19Controls@TDragStatero$v
@@Cppjabbb@Finalize
@@Cppjabbb@Initialize
@@Depositfiles@Finalize
@@Depositfiles@Initialize
@@Logger@Finalize
@@Logger@Initialize
@@Shdocvw_ocx@Finalize
@@Shdocvw_ocx@Initialize
@@Shdocvw_tlb@Finalize
@@Shdocvw_tlb@Initialize
@Shdocvw_ocx@Register$qqrv
@Shdocvw_tlb@CLSID_CppCScriptErrorList
@Shdocvw_tlb@CLSID_CppInternetExplorer
@Shdocvw_tlb@CLSID_CppSearchAssistantOC
@Shdocvw_tlb@CLSID_CppShellBrowserWindow
@Shdocvw_tlb@CLSID_CppShellUIHelper
@Shdocvw_tlb@CLSID_CppShellWindows
@Shdocvw_tlb@CLSID_CppWebBrowser
@Shdocvw_tlb@CLSID_CppWebBrowser_V1
@Shdocvw_tlb@CLSID_ShellFavoritesNameSpace
@Shdocvw_tlb@DIID_DShellNameSpaceEvents
@Shdocvw_tlb@DIID_DShellWindowsEvents
@Shdocvw_tlb@DIID_DWebBrowserEvents
@Shdocvw_tlb@DIID_DWebBrowserEvents2
@Shdocvw_tlb@DIID__SearchAssistantEvents
@Shdocvw_tlb@IID_IScriptErrorList
@Shdocvw_tlb@IID_ISearch
@Shdocvw_tlb@IID_ISearchAssistantOC
@Shdocvw_tlb@IID_ISearchAssistantOC2
@Shdocvw_tlb@IID_ISearchAssistantOC3
@Shdocvw_tlb@IID_ISearches
@Shdocvw_tlb@IID_IShellFavoritesNameSpace
@Shdocvw_tlb@IID_IShellNameSpace
@Shdocvw_tlb@IID_IShellUIHelper
@Shdocvw_tlb@IID_IShellWindows
@Shdocvw_tlb@IID_IWebBrowser
@Shdocvw_tlb@IID_IWebBrowser2
@Shdocvw_tlb@IID_IWebBrowserApp
@Shdocvw_tlb@LIBID_SHDocVw
@Shdocvw_tlb@TCppInternetExplorer@
@Shdocvw_tlb@TCppInternetExplorer@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppInternetExplorer@BeforeDestruction$qqrv
@Shdocvw_tlb@TCppInternetExplorer@ClientToWindow$qqrpit1
@Shdocvw_tlb@TCppInternetExplorer@Connect$qqrv
@Shdocvw_tlb@TCppInternetExplorer@ConnectTo$qqr69%TComInterface$24Shdocvw_tlb@IWebBrowser2px5_GUID$gIID_IWebBrowser2$%
@Shdocvw_tlb@TCppInternetExplorer@Disconnect$qqrv
@Shdocvw_tlb@TCppInternetExplorer@ExecWB$qqr20Shdocvw_tlb@OLECMDID25Shdocvw_tlb@OLECMDEXECOPTp10tagVARIANTt3
@Shdocvw_tlb@TCppInternetExplorer@GetDefaultInterface$qv
@Shdocvw_tlb@TCppInternetExplorer@GetDunk$qqrv
@Shdocvw_tlb@TCppInternetExplorer@GetProperty$qqrpb
@Shdocvw_tlb@TCppInternetExplorer@GoBack$qqrv
@Shdocvw_tlb@TCppInternetExplorer@GoForward$qqrv
@Shdocvw_tlb@TCppInternetExplorer@GoHome$qqrv
@Shdocvw_tlb@TCppInternetExplorer@GoSearch$qqrv
@Shdocvw_tlb@TCppInternetExplorer@InitServerData$qqrv
@Shdocvw_tlb@TCppInternetExplorer@InvokeEvent$qqrir42System@%DynamicArray$t17System@OleVariant%
@Shdocvw_tlb@TCppInternetExplorer@Navigate$qqrpbp10tagVARIANTt2t2t2
@Shdocvw_tlb@TCppInternetExplorer@Navigate2$qqrp10tagVARIANTt1t1t1t1
@Shdocvw_tlb@TCppInternetExplorer@PutProperty$qqrpb10tagVARIANT
@Shdocvw_tlb@TCppInternetExplorer@QueryStatusWB$qqr20Shdocvw_tlb@OLECMDID
@Shdocvw_tlb@TCppInternetExplorer@Quit$qqrv
@Shdocvw_tlb@TCppInternetExplorer@Refresh$qqrv
@Shdocvw_tlb@TCppInternetExplorer@Refresh2$qqrp10tagVARIANT
@Shdocvw_tlb@TCppInternetExplorer@ShowBrowserBar$qqrp10tagVARIANTt1t1
@Shdocvw_tlb@TCppInternetExplorer@Stop$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_AddressBar$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Application$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Busy$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Container$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Document$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_FullName$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_FullScreen$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_HWND$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Height$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Left$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_LocationName$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_LocationURL$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_MenuBar$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Name$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Offline$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Parent$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Path$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_ReadyState$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_RegisterAsBrowser$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_RegisterAsDropTarget$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Resizable$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Silent$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_StatusBar$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_StatusText$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_TheaterMode$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_ToolBar$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Top$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_TopLevelContainer$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Type$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Visible$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Width$qqrv
@Shdocvw_tlb@TCppInternetExplorer@set_AddressBar$qqrs
@Shdocvw_tlb@TCppInternetExplorer@set_FullScreen$qqrs
@Shdocvw_tlb@TCppInternetExplorer@set_Height$qqrl
@Shdocvw_tlb@TCppInternetExplorer@set_Left$qqrl
@Shdocvw_tlb@TCppInternetExplorer@set_MenuBar$qqrs
@Shdocvw_tlb@TCppInternetExplorer@set_Offline$qqrs
@Shdocvw_tlb@TCppInternetExplorer@set_RegisterAsBrowser$qqrs
@Shdocvw_tlb@TCppInternetExplorer@set_RegisterAsDropTarget$qqrs
@Shdocvw_tlb@TCppInternetExplorer@set_Resizable$qqrs
@Shdocvw_tlb@TCppInternetExplorer@set_Silent$qqrs
@Shdocvw_tlb@TCppInternetExplorer@set_StatusBar$qqrs
@Shdocvw_tlb@TCppInternetExplorer@set_StatusText$qqrpb
@Shdocvw_tlb@TCppInternetExplorer@set_TheaterMode$qqrs
@Shdocvw_tlb@TCppInternetExplorer@set_ToolBar$qqri
@Shdocvw_tlb@TCppInternetExplorer@set_Top$qqrl
@Shdocvw_tlb@TCppInternetExplorer@set_Visible$qqrs
@Shdocvw_tlb@TCppInternetExplorer@set_Width$qqrl
@Shdocvw_tlb@TCppShellUIHelper@
@Shdocvw_tlb@TCppShellUIHelper@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellUIHelper@AddChannel$qqrpb
@Shdocvw_tlb@TCppShellUIHelper@AddDesktopComponent$qqrpbt1p10tagVARIANTt3t3t3
@Shdocvw_tlb@TCppShellUIHelper@AddFavorite$qqrpbp10tagVARIANT
@Shdocvw_tlb@TCppShellUIHelper@AutoCompleteAttach$qqrp10tagVARIANT
@Shdocvw_tlb@TCppShellUIHelper@AutoCompleteSaveForm$qqrp10tagVARIANT
@Shdocvw_tlb@TCppShellUIHelper@AutoScan$qqrpbt1p10tagVARIANT
@Shdocvw_tlb@TCppShellUIHelper@BeforeDestruction$qqrv
@Shdocvw_tlb@TCppShellUIHelper@Connect$qqrv
@Shdocvw_tlb@TCppShellUIHelper@ConnectTo$qqr73%TComInterface$26Shdocvw_tlb@IShellUIHelperpx5_GUID$gIID_IShellUIHelper$%
@Shdocvw_tlb@TCppShellUIHelper@Disconnect$qqrv
@Shdocvw_tlb@TCppShellUIHelper@GetDefaultInterface$qv
@Shdocvw_tlb@TCppShellUIHelper@GetDunk$qqrv
@Shdocvw_tlb@TCppShellUIHelper@ImportExportFavorites$qqrspb
@Shdocvw_tlb@TCppShellUIHelper@InitServerData$qqrv
@Shdocvw_tlb@TCppShellUIHelper@IsSubscribed$qqrpb
@Shdocvw_tlb@TCppShellUIHelper@NavigateAndFind$qqrpbt1p10tagVARIANT
@Shdocvw_tlb@TCppShellUIHelper@RefreshOfflineDesktop$qqrv
@Shdocvw_tlb@TCppShellUIHelper@ResetFirstBootMode$qqrv
@Shdocvw_tlb@TCppShellUIHelper@ResetSafeMode$qqrv
@Shdocvw_tlb@TCppShellUIHelper@ShowBrowserUI$qqrpbp10tagVARIANT
@Shdocvw_tlb@TCppShellWindows@
@Shdocvw_tlb@TCppShellWindows@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellWindows@BeforeDestruction$qqrv
@Shdocvw_tlb@TCppShellWindows@Connect$qqrv
@Shdocvw_tlb@TCppShellWindows@ConnectTo$qqr71%TComInterface$25Shdocvw_tlb@IShellWindowspx5_GUID$gIID_IShellWindows$%
@Shdocvw_tlb@TCppShellWindows@Disconnect$qqrv
@Shdocvw_tlb@TCppShellWindows@FindWindowSW$qqrp10tagVARIANTt1ipli
@Shdocvw_tlb@TCppShellWindows@GetDefaultInterface$qv
@Shdocvw_tlb@TCppShellWindows@GetDunk$qqrv
@Shdocvw_tlb@TCppShellWindows@InitServerData$qqrv
@Shdocvw_tlb@TCppShellWindows@InvokeEvent$qqrir42System@%DynamicArray$t17System@OleVariant%
@Shdocvw_tlb@TCppShellWindows@Item$qqr10tagVARIANT
@Shdocvw_tlb@TCppShellWindows@OnActivated$qqrls
@Shdocvw_tlb@TCppShellWindows@OnCreated$qqrlp8IUnknown
@Shdocvw_tlb@TCppShellWindows@OnNavigate$qqrlp10tagVARIANT
@Shdocvw_tlb@TCppShellWindows@ProcessAttachDetach$qqrs
@Shdocvw_tlb@TCppShellWindows@Register$qqrp9IDispatchlipl
@Shdocvw_tlb@TCppShellWindows@RegisterPending$qqrlp10tagVARIANTt2ipl
@Shdocvw_tlb@TCppShellWindows@Revoke$qqrl
@Shdocvw_tlb@TCppShellWindows@_NewEnum$qqrv
@Shdocvw_tlb@TCppShellWindows@get_Count$qqrv
@Shdocvw_tlb@TCppWebBrowser@
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrp6HWND__
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrpv
@Shdocvw_tlb@TCppWebBrowser@CControlData
@Shdocvw_tlb@TCppWebBrowser@ClientToWindow$qqrpit1
@Shdocvw_tlb@TCppWebBrowser@CreateControl$qqrv
@Shdocvw_tlb@TCppWebBrowser@DEF_CTL_INTF
@Shdocvw_tlb@TCppWebBrowser@EventDispIDs
@Shdocvw_tlb@TCppWebBrowser@ExecWB$qqr20Shdocvw_tlb@OLECMDID25Shdocvw_tlb@OLECMDEXECOPTp10tagVARIANTt3
@Shdocvw_tlb@TCppWebBrowser@GetDefaultInterface$qqrv
@Shdocvw_tlb@TCppWebBrowser@GetProperty$qqrpb
@Shdocvw_tlb@TCppWebBrowser@GetWordBoolProp$qqri
@Shdocvw_tlb@TCppWebBrowser@GoBack$qqrv
@Shdocvw_tlb@TCppWebBrowser@GoForward$qqrv
@Shdocvw_tlb@TCppWebBrowser@GoHome$qqrv
@Shdocvw_tlb@TCppWebBrowser@GoSearch$qqrv
@Shdocvw_tlb@TCppWebBrowser@InitControlData$qqrv
@Shdocvw_tlb@TCppWebBrowser@Navigate$qqrpbp10tagVARIANTt2t2t2
@Shdocvw_tlb@TCppWebBrowser@Navigate2$qqrp10tagVARIANTt1t1t1t1
@Shdocvw_tlb@TCppWebBrowser@OptParam
@Shdocvw_tlb@TCppWebBrowser@PutProperty$qqrpb10tagVARIANT
@Shdocvw_tlb@TCppWebBrowser@QueryStatusWB$qqr20Shdocvw_tlb@OLECMDID
@Shdocvw_tlb@TCppWebBrowser@Quit$qqrv
@Shdocvw_tlb@TCppWebBrowser@Refresh$qqrv
@Shdocvw_tlb@TCppWebBrowser@Refresh2$qqrp10tagVARIANT
@Shdocvw_tlb@TCppWebBrowser@SetWordBoolProp$qqrio
@Shdocvw_tlb@TCppWebBrowser@ShowBrowserBar$qqrp10tagVARIANTt1t1
@Shdocvw_tlb@TCppWebBrowser@Stop$qqrv
@Shdocvw_tlb@TCppWebBrowser@get_Application$qqrv
@Shdocvw_tlb@TCppWebBrowser@get_Container$qqrv
@Shdocvw_tlb@TCppWebBrowser@get_Document$qqrv
@Shdocvw_tlb@TCppWebBrowser@get_Parent$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@
@Shdocvw_tlb@TShellFavoritesNameSpace@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TShellFavoritesNameSpace@BeforeDestruction$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@Connect$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@ConnectTo$qqr75%TComInterface$27Shdocvw_tlb@IShellNameSpacepx5_GUID$gIID_IShellNameSpace$%
@Shdocvw_tlb@TShellFavoritesNameSpace@CreateSubscriptionForSelection$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@DeleteSubscriptionForSelection$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@Disconnect$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@Expand$qqr10tagVARIANTi
@Shdocvw_tlb@TShellFavoritesNameSpace@Export$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@GetDefaultInterface$qv
@Shdocvw_tlb@TShellFavoritesNameSpace@GetDunk$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@Import$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@InitServerData$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@InvokeContextMenuCommand$qqrpb
@Shdocvw_tlb@TShellFavoritesNameSpace@InvokeEvent$qqrir42System@%DynamicArray$t17System@OleVariant%
@Shdocvw_tlb@TShellFavoritesNameSpace@MoveSelectionDown$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@MoveSelectionTo$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@MoveSelectionUp$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@NewFolder$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@ResetSort$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@SelectedItems$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@SetRoot$qqrpb
@Shdocvw_tlb@TShellFavoritesNameSpace@SetViewType$qqri
@Shdocvw_tlb@TShellFavoritesNameSpace@Synchronize$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@UnselectAll$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@get_Columns$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@get_CountViewTypes$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@get_Depth$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@get_EnumOptions$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@get_Flags$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@get_Mode$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@get_Root$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@get_SelectedItem$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@get_SubscriptionsEnabled$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@get_TVFlags$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@set_Columns$qqrpb
@Shdocvw_tlb@TShellFavoritesNameSpace@set_Depth$qqri
@Shdocvw_tlb@TShellFavoritesNameSpace@set_EnumOptions$qqrl
@Shdocvw_tlb@TShellFavoritesNameSpace@set_Flags$qqrul
@Shdocvw_tlb@TShellFavoritesNameSpace@set_Mode$qqrui
@Shdocvw_tlb@TShellFavoritesNameSpace@set_Root$qqr10tagVARIANT
@Shdocvw_tlb@TShellFavoritesNameSpace@set_SelectedItem$qqrp9IDispatch
@Shdocvw_tlb@TShellFavoritesNameSpace@set_TVFlags$qqrul
__GetExceptDLLinfo
___CPPdebugHook
_frmMain

Sections

.text
Size: 555KB - Virtual size: 556KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 508KB

UPX1 Size: 252KB - Virtual size: 256KB

.rsrc Size: 7KB - Virtual size: 8KB

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 555KB - Virtual size: 556KB

.data Size: 57KB - Virtual size: 96KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 10KB - Virtual size: 12KB

.edata Size: 15KB - Virtual size: 16KB

.rsrc Size: 20KB - Virtual size: 20KB

.reloc Size: 37KB - Virtual size: 40KB

UPX0
Size: - Virtual size: 508KB

UPX1
Size: 252KB - Virtual size: 256KB

.rsrc
Size: 7KB - Virtual size: 8KB

.text
Size: 555KB - Virtual size: 556KB

.data
Size: 57KB - Virtual size: 96KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 10KB - Virtual size: 12KB

.edata
Size: 15KB - Virtual size: 16KB

.rsrc
Size: 20KB - Virtual size: 20KB

.reloc
Size: 37KB - Virtual size: 40KB