43185ef53194ae73badfc058eec4b6df_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

43185ef53194ae73badfc058eec4b6df_JaffaCakes118
Size

166KB
MD5

43185ef53194ae73badfc058eec4b6df
SHA1

5c6b5e5bbe9d29521110ea27851d2542586306cf
SHA256

ec6e07dad9d7ff34a6598597289c2d2496bf7fe8c5cfc0f9e7abb67ef0da2ae4
SHA512

e2b7b79231cc366527ba23863093fad6470e41ebefc36196af74b3ac9c8914a45f670513f1fee39a210d2b5f533e2d582f55c244e373669820bdc3e2ee4ed749
SSDEEP

3072:9WFgqGpCwnfROMmlr/yAQ85Q2xzN0FC1BhYxdeJk6QwkIC5NB4+QDP/vRJbi:GgqGUwnsMKfRpyqgUN/QHW+QP/JJe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/5525216/SMS_BCB/prjRebbieSMS.EXE

Files

43185ef53194ae73badfc058eec4b6df_JaffaCakes118
.rar
5525216/SMS_BCB/cmpp.h
5525216/SMS_BCB/cmppsocket_bcb.cpp
5525216/SMS_BCB/cmppsocket_bcb.h
5525216/SMS_BCB/md5.cpp
5525216/SMS_BCB/md5.h
5525216/SMS_BCB/prjRebbieSMS.EXE
.exe windows:4 windows x86 arch:x86

bfafef39b41bf588c38a0f4e4c04c26e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rtl60.bpl

@System@initialization$qqrv
@System@Finalization$qqrv
@System@@CheckAutoResult$qqrl
@System@FindClassHInstance$qqrp17System@TMetaClass
@System@FindHInstance$qqrpv
@System@@Dispose$qqrpvt1
@System@@New$qqripv
@System@@AddRefArray$qqrv
@System@@AddRefRecord$qqrv
@System@@FinalizeArray$qqrpvt1ui
@System@@FinalizeRecord$qqrpvt1
@System@@InitializeRecord$qqrpvt1
@System@@Write0LString$qqrr15System@TTextRecx17System@AnsiString
@System@@LStrSetLength$qqrv
@System@@LStrPos$qqrv
@System@@LStrInsert$qqrv
@System@@LStrDelete$qqrv
@System@@LStrCopy$qqrv
@System@@UniqueStringA$qqrr17System@AnsiString
@System@@LStrToPChar$qqrx17System@AnsiString
@System@@LStrAddRef$qqrpv
@System@@LStrCmp$qqrv
@System@@LStrCatN$qqrv
@System@@LStrCat3$qqrv
@System@@LStrCat$qqrv
@System@@LStrLen$qqrx17System@AnsiString
@System@@LStrToString$qqrv
@System@@LStrFromWArray$qqrr17System@AnsiStringpbi
@System@@LStrFromArray$qqrr17System@AnsiStringpci
@System@@LStrFromString$qqrr17System@AnsiStringrx28System@%SmallString$iuc$255%
@System@@LStrFromPChar$qqrr17System@AnsiStringpc
@System@@LStrFromChar$qqrr17System@AnsiStringc
@System@@LStrFromPCharLen$qqrr17System@AnsiStringpci
@System@@LStrLAsg$qqrpvpxv
@System@@LStrAsg$qqrpvpxv
@System@@LStrArrayClr$qqrpvi
@System@@LStrClr$qqrpv
@System@BeginThread$qqrpvuipqqrpv$it1uirui
@System@@Assert$qqrx17System@AnsiStringt1i
@System@@Halt$qqri
@System@@DoneExcept$qqrv
@System@@RaiseAgain$qqrv
@System@@RaiseExcept$qqrv
@System@@HandleAutoException$qqrv
@System@@HandleFinally$qqrv
@System@@HandleOnException$qqrv
@System@@HandleAnyException$qqrv
@System@@BeforeDestruction$qqrp14System@TObjectzc
@System@@AfterConstruction$qqrp14System@TObject
@System@@ClassDestroy$qqrp14System@TObject
@System@@ClassCreate$qqrp17System@TMetaClasso
@System@TObject@Dispatch$qqrpv
@System@TObject@BeforeDestruction$qqrv
@System@TObject@AfterConstruction$qqrv
@System@TObject@DefaultHandler$qqrpv
@System@TObject@SafeCallException$qqrp14System@TObjectpv
@System@TObject@ClassInfo$qqrp17System@TMetaClass
@System@@IsClass$qqrp14System@TObjectp17System@TMetaClass
@System@TObject@Free$qqrv
@System@TObject@$bdtr$qqrv
@System@TObject@$bctr$qqrv
@System@TObject@FreeInstance$qqrv
@System@TObject@NewInstance$qqrp17System@TMetaClass
@System@TObject@ClassParent$qqrp17System@TMetaClass
@System@TObject@ClassName$qqrp17System@TMetaClass
@System@TObject@ClassType$qqrv
@System@@_CToPasStr$qqrp28System@%SmallString$iuc$255%pxc
@System@@WriteLn$qqrr15System@TTextRec
@System@@FillChar$qqrpvic
@System@@PStrCpy$qqrp28System@%SmallString$iuc$255%t1
@System@@ROUND$qqrv
@System@@SetLength$qqrp28System@%SmallString$iuc$255%uc
@System@@Pos$qqrv
@System@ParamStr$qqri
@System@ParamCount$qqrv
@System@Move$qqrpxvpvi
@System@@Copy$qqrv
@System@@_IOTest$qqrv
@System@ExceptAddr$qqrv
@System@ExceptObject$qqrv
@System@@FreeMem$qqrpv
@System@@GetMem$qqri
@System@DebugHook
@System@Output
@System@IsConsole
@System@InitProc
@System@IsLibrary
@System@MainThreadID
@System@MainInstance
@System@SafeCallErrorProc
@System@ExceptObjProc
@System@ExceptProc
@$xp$14System@TObject
@System@TObject@
@$xp$13System@String
@Types@initialization$qqrv
@Types@Finalization$qqrv
@Sysconst@initialization$qqrv
@Sysconst@Finalization$qqrv
@Sysutils@initialization$qqrv
@Sysutils@Finalization$qqrv
@Sysutils@AnsiPos$qqrx17System@AnsiStringt1
@Sysutils@Beep$qqrv
@Sysutils@Exception@$bctr$qqrx17System@AnsiStringpx14System@TVarRecxi
@Sysutils@Exception@$bctr$qqrx17System@AnsiString
@Sysutils@Abort$qqrv
@Sysutils@SysErrorMessage$qqri
@Sysutils@FormatDateTime$qqrx17System@AnsiString16System@TDateTime
@Sysutils@Now$qqrv
@Sysutils@FormatFloat$qqrx17System@AnsiStringg
@Sysutils@CurrToStr$qqr15System@Currency
@Sysutils@FloatToStr$qqrg
@Sysutils@Format$qqrx17System@AnsiStringpx14System@TVarRecxi
@Sysutils@StrPCopy$qqrpcx17System@AnsiString
@Sysutils@StrCopy$qqrpcpxc
@Sysutils@StrLen$qqrpxc
@Sysutils@GetCurrentDir$qqrv
@Sysutils@ExpandFileName$qqrx17System@AnsiString
@Sysutils@ExtractFileExt$qqrx17System@AnsiString
@Sysutils@ExtractFileName$qqrx17System@AnsiString
@Sysutils@ExtractFileDrive$qqrx17System@AnsiString
@Sysutils@ExtractFilePath$qqrx17System@AnsiString
@Sysutils@ChangeFileExt$qqrx17System@AnsiStringt1
@Sysutils@FileExists$qqrx17System@AnsiString
@Sysutils@FileWrite$qqripxvui
@Sysutils@StrToIntDef$qqrx17System@AnsiStringi
@Sysutils@StrToInt$qqrx17System@AnsiString
@Sysutils@IntToHex$qqrji
@Sysutils@IntToHex$qqrii
@Sysutils@IntToStr$qqrj
@Sysutils@IntToStr$qqri
@Sysutils@Trim$qqrx17System@AnsiString
@Sysutils@LowerCase$qqrx17System@AnsiString
@Sysutils@UpperCase$qqrx17System@AnsiString
@Sysutils@TimeSeparator
@Sysutils@DateSeparator
@Sysutils@Win32CSDVersion
@Sysutils@Win32BuildNumber
@Sysutils@Win32MinorVersion
@Sysutils@Win32MajorVersion
@Sysutils@Win32Platform
@Sysutils@EConvertError@
@Sysutils@EExternalException@
@Sysutils@EExternal@
@Sysutils@EAbort@
@$xp$18Sysutils@Exception
@Sysutils@Exception@
@Varutils@initialization$qqrv
@Varutils@Finalization$qqrv
@Variants@initialization$qqrv
@Variants@Finalization$qqrv
@Rtlconsts@initialization$qqrv
@Rtlconsts@Finalization$qqrv
@Typinfo@initialization$qqrv
@Typinfo@Finalization$qqrv
@Typinfo@GetOrdProp$qqrp14System@TObjectp17Typinfo@TPropInfo
@Typinfo@GetPropInfo$qqrp17Typinfo@TTypeInfox17System@AnsiString
@Typinfo@GetEnumName$qqrp17Typinfo@TTypeInfoi
@Activex@initialization$qqrv
@Activex@Finalization$qqrv
@Classes@initialization$qqrv
@Classes@Finalization$qqrv
@Classes@TThread@Terminate$qqrv
@Classes@TThread@Resume$qqrv
@Classes@TThread@SetPriority$qqr23Classes@TThreadPriority
@Classes@TThread@DoTerminate$qqrv
@Classes@TThread@AfterConstruction$qqrv
@Classes@TThread@$bdtr$qqrv
@Classes@TThread@$bctr$qqro
@Classes@TMemoryStream@Write$qqrpxvi
@Classes@TMemoryStream@Realloc$qqrri
@Classes@TMemoryStream@SetSize$qqri
@Classes@TMemoryStream@$bdtr$qqrv
@Classes@TCustomMemoryStream@Seek$qqrius
@Classes@TCustomMemoryStream@Read$qqrpvi
@Classes@TCustomMemoryStream@SetPointer$qqrpvi
@Classes@TFileStream@$bctr$qqrx17System@AnsiStringus
@Classes@TStream@WriteDescendent$qqrp18Classes@TComponentt1
@Classes@TStream@CopyFrom$qqrp15Classes@TStreamj
@Classes@TStream@WriteBuffer$qqrpxvi
@Classes@TStream@ReadBuffer$qqrpvi
@Classes@TStream@Seek$qqrxj19Classes@TSeekOrigin
@Classes@TStream@SetSize$qqrxj
@Classes@TStream@GetSize$qqrv
@Classes@TStream@SetPosition$qqrxj
@Classes@TStream@GetPosition$qqrv
@Classes@TStringList@CompareStrings$qqrx17System@AnsiStringt1
@Classes@TStringList@CustomSort$qqrpqqrp19Classes@TStringListii$i
@Classes@TStringList@Sort$qqrv
@Classes@TStringList@SetUpdateState$qqro
@Classes@TStringList@SetCapacity$qqri
@Classes@TStringList@PutObject$qqrip14System@TObject
@Classes@TStringList@Put$qqrix17System@AnsiString
@Classes@TStringList@InsertItem$qqrix17System@AnsiStringp14System@TObject
@Classes@TStringList@InsertObject$qqrix17System@AnsiStringp14System@TObject
@Classes@TStringList@Insert$qqrix17System@AnsiString
@Classes@TStringList@IndexOf$qqrx17System@AnsiString
@Classes@TStringList@GetObject$qqri
@Classes@TStringList@GetCount$qqrv
@Classes@TStringList@GetCapacity$qqrv
@Classes@TStringList@Get$qqri
@Classes@TStringList@Find$qqrx17System@AnsiStringri
@Classes@TStringList@Exchange$qqrii
@Classes@TStringList@Delete$qqri
@Classes@TStringList@Clear$qqrv
@Classes@TStringList@Changing$qqrv
@Classes@TStringList@Changed$qqrv
@Classes@TStringList@AddObject$qqrx17System@AnsiStringp14System@TObject
@Classes@TStringList@Add$qqrx17System@AnsiString
@Classes@TStringList@$bdtr$qqrv
@Classes@TStrings@SetTextStr$qqrx17System@AnsiString
@Classes@TStrings@SetText$qqrpc
@Classes@TStrings@SaveToStream$qqrp15Classes@TStream
@Classes@TStrings@SaveToFile$qqrx17System@AnsiString
@Classes@TStrings@Move$qqrii
@Classes@TStrings@LoadFromStream$qqrp15Classes@TStream
@Classes@TStrings@LoadFromFile$qqrx17System@AnsiString
@Classes@TStrings@IndexOfObject$qqrp14System@TObject
@Classes@TStrings@IndexOfName$qqrx17System@AnsiString
@Classes@TStrings@GetTextStr$qqrv
@Classes@TStrings@GetText$qqrv
@Classes@TStrings@EndUpdate$qqrv
@Classes@TStrings@DefineProperties$qqrp14Classes@TFiler
@Classes@TStrings@BeginUpdate$qqrv
@Classes@TStrings@Assign$qqrp19Classes@TPersistent
@Classes@TStrings@AddStrings$qqrp16Classes@TStrings
@Classes@TStrings@Append$qqrx17System@AnsiString
@Classes@TPersistent@AssignTo$qqrp19Classes@TPersistent
@Classes@TList@Notify$qqrpv25Classes@TListNotification
@Classes@TList@Sort$qqrpqqrpvt1$i
@Classes@TList@IndexOf$qqrpv
@Classes@TList@Grow$qqrv
@Classes@TList@Get$qqri
@Classes@TList@Error$qqrp17System@TMetaClassx17System@AnsiStringi
@Classes@TList@Delete$qqri
@Classes@TList@Clear$qqrv
@Classes@TList@Add$qqrpv
@Classes@TList@$bdtr$qqrv
@Classes@Rect$qqriiii
@Classes@TThread@
@$xp$21Classes@TMemoryStream
@Classes@TMemoryStream@
@Classes@TFileStream@
@$xp$19Classes@TStringList
@Classes@TStringList@
@$xp$13Classes@TList
@Classes@TList@

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateFileMappingA
CreateProcessA
CreateSemaphoreA
CreateThread
DeleteCriticalSection
DeleteFileA
DuplicateHandle
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
ExitThread
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindResourceA
FlushInstructionCache
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetComputerNameA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStrings
GetEnvironmentVariableA
GetFileAttributesA
GetFileSize
GetFileTime
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetSystemDefaultLangID
GetSystemInfo
GetThreadContext
GetTickCount
GetTimeZoneInformation
GetVersion
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedExchange
IsBadReadPtr
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
MapViewOfFile
MulDiv
MultiByteToWideChar
OutputDebugStringA
PulseEvent
RaiseException
ReadFile
ReleaseSemaphore
ResumeThread
RtlUnwind
SetConsoleCtrlHandler
SetEndOfFile
SetFilePointer
SetHandleCount
Sleep
SuspendThread
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStringA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

wsock32

WSAAsyncSelect
WSACleanup
WSAGetLastError
WSAStartup
closesocket
connect
gethostbyname
gethostname
htonl
htons
ioctlsocket
inet_ntoa
ntohl
recv
select
send
socket

comctl32

ImageList_Add
ImageList_Create
ImageList_Destroy

gdi32

CreateCompatibleDC
CreateFontA
CreateFontIndirectA
CreateSolidBrush
DeleteDC
DeleteObject
GetDeviceCaps
GetObjectA
GetPixel
GetTextExtentPoint32A
SelectObject
SetBkMode
SetPixel
SetTextColor
StretchBlt
TextOutA
TranslateCharsetInfo

user32

CopyRect
CreateDialogParamA
DefWindowProcA
DestroyWindow
DialogBoxParamA
DispatchMessageA
EndDialog
EnumThreadWindows
EnumWindows
FillRect
FrameRect
GetClassNameA
GetDC
GetDesktopWindow
GetDlgItem
GetFocus
GetForegroundWindow
GetSystemMetrics
GetWindowDC
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
InvalidateRect
IsWindow
IsWindowVisible
KillTimer
LoadBitmapA
MessageBeep
MessageBoxA
MoveWindow
OffsetRect
PeekMessageA
ReleaseDC
SendMessageA
SendMessageTimeoutA
SetFocus
SetForegroundWindow
SetTimer
SetWindowLongA
SetWindowPlacement
SetWindowPos
ShowWindow
SystemParametersInfoA
TranslateMessage
WaitForInputIdle
wsprintfA

Exports

Exports

@$xp$15Ecore@TLoadType
@$xp$16Ecore@TLogOption
@$xp$17Ecore@TLogOptions
@$xp$17Ecore@TModuleType
@$xp$18Econsts@EConsts__1
@$xp$18Econsts@EConsts__2
@$xp$18Econsts@EConsts__3
@$xp$18Ecore@TShowOptions
@$xp$18Etypes@TShowOption
@$xp$19Etypes@TMessageType
@$xp$21Ecore@TForegroundType
@$xp$22Ecore@TCustomizedTexts
@$xp$23Ecore@TEmailConfirmType
@$xp$23Ecore@TEmailSendOptions
@$xp$26Ecore@TEurekaModuleOptions
@$xp$26Esockets@TEurekaClientSMTP
@$xp$26Esockets@TSocketErrorEvent
@$xp$27Esockets@EEurekaSocketError
@$xp$28Ecore@TTerminateBtnOperation
@$xp$28Esockets@TEurekaClientSocket
@$xp$29Exceptionlog@PEurekaDebugInfo
@$xp$29Exceptionlog@TEurekaDebugInfo
@$xp$29Exceptionlog@TEurekaStackList
@$xp$30Exceptionlog@PEurekaModuleInfo
@$xp$30Exceptionlog@TEurekaActionType
@$xp$30Exceptionlog@TEurekaModuleInfo
@$xp$30Exceptionlog@TEurekaModuleType
@$xp$31Exceptionlog@EFrozenApplication
@$xp$31Exceptionlog@TEurekaDebugDetail
@$xp$31Exceptionlog@TEurekaModulesList
@$xp$32Exceptionlog@PEurekaFunctionInfo
@$xp$32Exceptionlog@TEurekaFunctionInfo
@$xp$32Exceptionlog@TEurekaLogErrorCode
@$xp$33Exceptionlog@TEurekaFunctionsList
@$xp$33Exceptionlog@TExceptionActionProc
@$xp$33Exceptionlog@TExceptionNotifyProc
@$xp$35Exceptionlog@EEurekaLogGeneralError
@$xp$35Exceptionlog@TEurekaExceptionRecord
@$xp$36Exceptionlog@TEurekaExtraInformation
@Econsts@EMsgs
@Econsts@EShowOptions
@Econsts@EVals
@Econsts@EurekaLogCurrentVersion
@Econsts@Finalization$qqrv
@Econsts@initialization$qqrv
@Ecore@ActivateInterlanLog$qqrv
@Ecore@ActivateInterlanLogAndSaving$qqrv
@Ecore@Finalization$qqrv
@Ecore@ForceSaveLog$qqrv
@Ecore@InternalLog$qqrx17System@AnsiStringpx14System@TVarRecxii
@Ecore@IntoIDE$qqrv
@Ecore@IsInterlanLogActive$qqrv
@Ecore@LastEurekaVersion
@Ecore@RADDir$qqrv
@Ecore@RADSimpleVer$qqrv
@Ecore@RADVer$qqrv
@Ecore@RADVerNum$qqrv
@Ecore@ReadKey$qqrui17System@AnsiStringt2
@Ecore@SaveLog$qqrv
@Ecore@TEurekaModuleOptions@
@Ecore@TEurekaModuleOptions@$bctr$qqr17System@AnsiString
@Ecore@TEurekaModuleOptions@$bdtr$qqrv
@Ecore@TEurekaModuleOptions@Assign$qqrp26Ecore@TEurekaModuleOptions
@Ecore@TEurekaModuleOptions@GetCustomizedTexts$qqr19Etypes@TMessageType
@Ecore@TEurekaModuleOptions@LoadFromStream$qqrp15Classes@TStream
@Ecore@TEurekaModuleOptions@OutputFile$qqr17System@AnsiString
@Ecore@TEurekaModuleOptions@OutputLogFile$qqrv
@Ecore@TEurekaModuleOptions@SaveToStream$qqrp15Classes@TStream
@Ecore@TEurekaModuleOptions@SetActive$qqrxo
@Ecore@TEurekaModuleOptions@SetCustomizedTexts$qqr19Etypes@TMessageType17System@AnsiString
@Ecore@TEurekaModuleOptions@SetFreezeActivate$qqrxo
@Ecore@TEurekaModuleOptions@SetToDefaultOptions$qqrv
@Ecore@initialization$qqrv
@Ehook@Finalization$qqrv
@Ehook@HookDllProcedureEx$qqr17System@AnsiStringt1t1pv
@Ehook@HookProcedureEx$qqrpvt117System@AnsiString
@Ehook@ReHook_ProcedureByCaller$qqrpv
@Ehook@TryHookDllProcedureEx$qqrpx17System@AnsiStringxi17System@AnsiStringt3pvrpvo
@Ehook@initialization$qqrv
@Elang@Finalization$qqrv
@Elang@UserCharSet$qqrv
@Elang@initialization$qqrv
@Esockets@EEurekaSocketError@
@Esockets@Finalization$qqrv
@Esockets@TEurekaClientSMTP@
@Esockets@TEurekaClientSMTP@GetText$qqrpxusxi
@Esockets@TEurekaClientSMTP@Open$qqrv
@Esockets@TEurekaClientSMTP@SendCommand$qqr17System@AnsiStringpxusxi
@Esockets@TEurekaClientSocket@
@Esockets@TEurekaClientSocket@$bctr$qqrx17System@AnsiStringusui
@Esockets@TEurekaClientSocket@$bdtr$qqrv
@Esockets@TEurekaClientSocket@Cleanup$qqrv
@Esockets@TEurekaClientSocket@Close$qqrv
@Esockets@TEurekaClientSocket@Error$qqrx17System@AnsiStringpx14System@TVarRecxi
@Esockets@TEurekaClientSocket@LookupName$qqrx17System@AnsiString
@Esockets@TEurekaClientSocket@Open$qqrv
@Esockets@TEurekaClientSocket@ReceiveBuf$qqrpvi
@Esockets@TEurekaClientSocket@ReceiveFullText$qqrv
@Esockets@TEurekaClientSocket@ReceiveText$qqrv
@Esockets@TEurekaClientSocket@SendBuf$qqrpvi
@Esockets@TEurekaClientSocket@SendText$qqrx17System@AnsiString
@Esockets@TEurekaClientSocket@Startup$qqrv
@Esockets@initialization$qqrv
@Etypes@Finalization$qqrv
@Etypes@initialization$qqrv
@Exceptionlog@CurrentEurekaLogOptions$qqrv
@Exceptionlog@EEurekaLogGeneralError@
@Exceptionlog@EFrozenApplication@
@Exceptionlog@ExceptionActionNotify
@Exceptionlog@ExceptionNotify
@Exceptionlog@Finalization$qqrv
@Exceptionlog@ForceApplicationTermination$qqr28Ecore@TTerminateBtnOperation
@Exceptionlog@GetCurrentCallStack$qqrv
@Exceptionlog@GetLastEurekaLogErrorCode$qqrv
@Exceptionlog@GetLastEurekaLogErrorMsg$qqrv
@Exceptionlog@InternalSendMail$qqr17System@AnsiStringt1t1t1
@Exceptionlog@IsEurekaLogInstalled$qqrv
@Exceptionlog@StandardEurekaError$qqrx17System@AnsiString
@Exceptionlog@StandardEurekaNotify$qqrp14System@TObjectpv
@Exceptionlog@TEurekaFunctionsList@
@Exceptionlog@TEurekaFunctionsList@$bdtr$qqrv
@Exceptionlog@TEurekaFunctionsList@Clear$qqrv
@Exceptionlog@TEurekaFunctionsList@Delete$qqri
@Exceptionlog@TEurekaFunctionsList@GetItem$qqri
@Exceptionlog@TEurekaModulesList@
@Exceptionlog@TEurekaModulesList@$bdtr$qqrv
@Exceptionlog@TEurekaModulesList@Clear$qqrv
@Exceptionlog@TEurekaModulesList@Delete$qqri
@Exceptionlog@TEurekaModulesList@GetItem$qqri
@Exceptionlog@TEurekaStackList@
@Exceptionlog@TEurekaStackList@$bdtr$qqrv
@Exceptionlog@TEurekaStackList@AddFrom$qqrp29Exceptionlog@TEurekaDebugInfo
@Exceptionlog@TEurekaStackList@Clear$qqrv
@Exceptionlog@TEurekaStackList@Delete$qqri
@Exceptionlog@TEurekaStackList@GetItem$qqri
@Exceptionlog@initialization$qqrv
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 313KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
5525216/SMS_BCB/prjRebbieSMS.bpf
5525216/SMS_BCB/prjRebbieSMS.bpr
.xml
5525216/SMS_BCB/prjRebbieSMS.drc
5525216/SMS_BCB/sgip.h
5525216/SMS_VC/cmpp.h
5525216/SMS_VC/cmppsocket_VC.cpp
5525216/SMS_VC/cmppsocket_VC.dsp
5525216/SMS_VC/cmppsocket_VC.dsw
5525216/SMS_VC/cmppsocket_VC.h
5525216/SMS_VC/md5.cpp
5525216/SMS_VC/md5.h
5525216/SMS_VC/sgip.h
5525216/下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

bfafef39b41bf588c38a0f4e4c04c26e

Headers

File Characteristics

Imports

rtl60.bpl

advapi32

kernel32

version

wsock32

comctl32

gdi32

user32

Exports

Exports

Sections

.text Size: 313KB - Virtual size: 316KB

.data Size: 43KB - Virtual size: 1.1MB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 16KB - Virtual size: 20KB

.edata Size: 7KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 8KB

.reloc Size: 14KB - Virtual size: 16KB

.text
Size: 313KB - Virtual size: 316KB

.data
Size: 43KB - Virtual size: 1.1MB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 16KB - Virtual size: 20KB

.edata
Size: 7KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 8KB

.reloc
Size: 14KB - Virtual size: 16KB