491152cb8f96e9f18757eafbdae61100_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

491152cb8f96e9f18757eafbdae61100_JaffaCakes118
Size

567KB
MD5

491152cb8f96e9f18757eafbdae61100
SHA1

a0fae134b58d5d1d37cb8c7ed46a3133b5974373
SHA256

f8081a20565202d0ff2c6f56a860609193757948995bd96bd62ac9e94a5d8a8d
SHA512

f159053afde7801d19248e4ad9e8093e504533b973627f216667eed4492136ed2573c6682ca2dfbc959d7fb6e040a12e4960a461f22c025930e15edb2aa245fb
SSDEEP

12288:FduG+SotlmuvOQ+xRUO2mlkUD+b7MW9Aij1/O7LzeTyYT4RbZKwIOdn:Du+otAu2Q2jraHcxsxT4pZKQn

Score

3^/10

Malware Config

Signatures

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Cleo/cleo.exe
unpack001/ReVOLVeR DoX/ReVOLVeR DoX.exe
unpack001/SA MP v0.2.1/SA MP v0.2.1.exe
unpack001/s0nicT h4ck v2/s0nicT h4ck v2.exe
unpack001/Спидометр/Спидометр.exe
unpack001/Флуд в чат/Флуд в чат.exe

Files

491152cb8f96e9f18757eafbdae61100_JaffaCakes118
.rar
Cleo/AirBreake.cs
Cleo/Dzagernaut.cs
Cleo/FLY.cs
Cleo/GO!.cs
Cleo/GOD.cs
Cleo/SUPER_CJ.cs
Cleo/SUPER_CJ2.cs
Cleo/Weapons.cs
Cleo/cleo.exe
.exe windows:4 windows x86 arch:x86

a6d1f237a38b6e7d3a48b606fa0d7939

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
SetFileSecurityA
SetFileSecurityW

kernel32

CloseHandle
CompareStringA
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
DosDateTimeToFileTime
ExitProcess
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceA
FreeLibrary
GetCPInfo
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetDateFormatA
GetFileAttributesA
GetFileAttributesW
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetNumberFormatA
GetProcAddress
GetProcessHeap
GetStdHandle
GetTempPathA
GetTickCount
GetTimeFormatA
GetVersionExA
GlobalAlloc
HeapAlloc
HeapFree
HeapReAlloc
IsDBCSLeadByte
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
MoveFileExA
MultiByteToWideChar
ReadFile
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetLastError
Sleep
SystemTimeToFileTime
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpiA
lstrlenA

comctl32

ord17

comdlg32

CommDlgExtendedError
GetOpenFileNameA

gdi32

DeleteObject

shell32

SHBrowseForFolderA
SHChangeNotify
SHFileOperationA
SHGetFileInfoA
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA

user32

CharToOemBuffA
CharUpperA
CopyRect
CreateWindowExA
DefWindowProcA
DestroyIcon
DestroyWindow
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
FindWindowExA
GetClassNameA
GetClientRect
GetDlgItem
GetDlgItemTextA
GetMessageA
GetParent
GetSysColor
GetSystemMetrics
GetWindow
GetWindowLongA
GetWindowRect
GetWindowTextA
IsWindow
IsWindowVisible
LoadBitmapA
LoadCursorA
LoadIconA
LoadStringA
MapWindowPoints
MessageBoxA
OemToCharA
OemToCharBuffA
PeekMessageA
PostMessageA
RegisterClassExA
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetFocus
SetMenu
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
TranslateMessage
UpdateWindow
WaitForInputIdle
wsprintfA
wvsprintfA

ole32

CLSIDFromString
CoCreateInstance
CreateStreamOnHGlobal
OleInitialize
OleUninitialize

Sections

.text
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Cleo/maximum_speed.cs
Cleo/Описание читов или куда жать чтобы активировался чит.txt
Cleo/Установка Cleo.txt
Place manager 3.0.1/places.ini
Place manager 3.0.1/places.txt
Place manager 3.0.1/ПрочтиМеня.txt
ReVOLVeR DoX/ReVOLVeR DoX.exe
.exe windows:4 windows x86 arch:x86

e8d1afc7a80a63d3b1411c2cc5e88246

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

sndPlaySoundA
timeSetEvent
timeKillEvent

msvfw32

DrawDibOpen
DrawDibClose
DrawDibDraw

avifil32

AVIStreamGetFrame
AVIStreamRelease
AVIStreamGetFrameClose
AVIStreamOpenFromFileA
AVIStreamGetFrameOpen
AVIFileInit
AVIFileExit
AVIStreamInfoA
AVIStreamSampleToTime
AVIStreamStart
AVIStreamLength

kernel32

SetErrorMode
FileTimeToSystemTime
FileTimeToLocalFileTime
HeapFree
HeapAlloc
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
ExitProcess
RtlUnwind
RaiseException
CreateThread
ExitThread
TerminateProcess
HeapSize
GetACP
GetEnvironmentVariableA
HeapDestroy
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFileTime
GetFileSize
GetFileAttributesA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
DeleteFileA
WinExec
lstrlenA
lstrcatA
lstrcpyA
CloseHandle
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
lstrcmpA
GetCurrentThread
SuspendThread
ResumeThread
ReadProcessMemory
lstrcpynA
MulDiv
SetLastError
LocalFree
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
FindResourceA
LoadResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
GetCurrentProcess
GetLastError
WideCharToMultiByte
GetModuleHandleA
SetEvent
GetProcAddress
FreeLibrary
LoadLibraryA
WaitForSingleObject
CreateEventA
GetTempPathA
GetTickCount
Sleep
GetModuleFileNameA
GetSystemDirectoryA
SetFileAttributesA
LockResource
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalReAlloc
GlobalFree
OpenProcess
WriteProcessMemory
HeapCreate

user32

IsWindowEnabled
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
BeginPaint
EndPaint
TabbedTextOutA
GrayStringA
CreateDialogIndirectParamA
GetActiveWindow
EndDialog
WindowFromPoint
LoadStringA
DestroyMenu
ValidateRect
TranslateMessage
GetMessageA
PostQuitMessage
CharUpperA
GetClassNameA
GetSysColorBrush
ShowWindow
MoveWindow
IsDialogMessageA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
SetActiveWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
GetTopWindow
GetCapture
WinHelpA
wsprintfA
RegisterClassA
GetMenu
GetWindowTextLengthA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
CallNextHookEx
GetClassLongA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindowLongA
SystemParametersInfoA
GetWindowPlacement
CreateIconFromResourceEx
CreateIconFromResource
GetIconInfo
CreateIconIndirect
MessageBoxA
GetWindow
IsWindowVisible
GetWindowTextA
GetWindowThreadProcessId
FindWindowA
UnregisterClassA
GetClassInfoA
UnhookWindowsHookEx
SetWindowsHookExA
GetMenuItemCount
RemoveMenu
AppendMenuA
ReleaseDC
SetWindowRgn
GetDlgItem
SetWindowTextA
IsIconic
DrawIcon
SetScrollRange
EnableScrollBar
GetScrollPos
GetScrollRange
SetScrollPos
GetDC
LoadMenuA
GetCursorPos
SetForegroundWindow
TrackPopupMenu
PostMessageA
GetMenuItemID
LoadIconA
GetSubMenu
SetMenuDefaultItem
RegisterWindowMessageA
UpdateWindow
RemovePropA
SetPropA
SetWindowLongA
GetPropA
CallWindowProcA
GetFocus
GetAsyncKeyState
ScrollDC
DrawTextA
FillRect
InflateRect
CopyRect
DrawFocusRect
SetRect
SetCapture
ReleaseCapture
ClientToScreen
PtInRect
RedrawWindow
SetTimer
KillTimer
LoadCursorA
SetCursor
GetSystemMetrics
InvalidateRect
IsWindow
GetClientRect
GetWindowRect
GetParent
OffsetRect
GetSysColor
EnableWindow
SendMessageA
SetWindowPos
EnumWindows

gdi32

SetROP2
OffsetRgn
CreateRectRgn
CreateDIBitmap
RealizePalette
CreatePalette
GetClipBox
SetTextColor
SetBkColor
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
CreateBitmap
MoveToEx
LineTo
SetTextAlign
FrameRgn
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetPixel
GetStockObject
CreateFontIndirectA
GetDIBits
CreateFontA
GetTextExtentPoint32A
GetBkColor
CreatePen
CreateSolidBrush
CreateDIBSection
SelectObject
ExtCreateRegion
BitBlt
CombineRgn
DeleteObject
CreateCompatibleDC
DeleteDC
GetObjectA
CreateCompatibleBitmap

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegCloseKey

shell32

ShellExecuteA
Shell_NotifyIconA

comctl32

ord17

Sections

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ReVOLVeR DoX/ПрочтиМеня (для недалеких умом).txt
SA MP v0.2.1/SA MP v0.2.1.exe
.exe windows:4 windows x86 arch:x86

3fdb4d3dc6d92cc6267fb8c176cf1d86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

sndPlaySoundA
timeKillEvent
timeSetEvent

msvfw32

DrawDibDraw
DrawDibClose
DrawDibOpen

avifil32

AVIStreamInfoA
AVIFileExit
AVIStreamStart
AVIStreamLength
AVIStreamGetFrameOpen
AVIStreamOpenFromFileA
AVIFileInit
AVIStreamRelease
AVIStreamGetFrameClose
AVIStreamSampleToTime
AVIStreamGetFrame

mfc42

ord3663
ord3626
ord795
ord2414
ord640
ord4284
ord613
ord2754
ord5785
ord1641
ord1640
ord289
ord4299
ord6880
ord2864
ord6197
ord755
ord470
ord5053
ord6172
ord5873
ord6215
ord2405
ord3797
ord3138
ord6453
ord1146
ord1168
ord5265
ord4376
ord4853
ord4998
ord2514
ord6052
ord1775
ord4425
ord3597
ord556
ord324
ord641
ord809
ord2302
ord4234
ord1088
ord2122
ord2642
ord4287
ord3092
ord4710
ord6199
ord1200
ord5280
ord5981
ord1795
ord4396
ord609
ord6241
ord3873
ord2859
ord3573
ord3693
ord4133
ord4297
ord5788
ord5875
ord3692
ord542
ord802
ord1085
ord5601
ord3706
ord3619
ord5789
ord939
ord4278
ord535
ord2764
ord540
ord940
ord3610
ord656
ord2370
ord6334
ord3584
ord543
ord803
ord1871
ord6307
ord521
ord1176
ord3874
ord3574
ord2860
ord4129
ord6170
ord2763
ord3813
ord823
ord4220
ord2584
ord3654
ord2438
ord2863
ord1644
ord3711
ord783
ord4694
ord5148
ord3742
ord818
ord2152
ord1233
ord1768
ord1175
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5714
ord4622
ord3738
ord561
ord815
ord6438
ord5289
ord5442
ord354
ord665
ord2086
ord2116
ord2575
ord2078
ord5651
ord3127
ord3616
ord1979
ord6385
ord5186
ord3507
ord5773
ord1576
ord350
ord4476
ord2450
ord941
ord2455
ord2546
ord291
ord922
ord2818
ord5572
ord2915
ord4683
ord5303
ord4699
ord5715
ord2256
ord565
ord1948
ord4226
ord817
ord6442
ord2726
ord1270
ord1232
ord5450
ord6394
ord2841
ord2107
ord5440
ord6383
ord5791
ord323
ord860
ord3571
ord3721
ord3402
ord3815
ord2379
ord2614
ord5710
ord858
ord800
ord4275
ord781
ord825
ord567
ord3708
ord4424
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1776
ord4078
ord6055
ord537
ord4224

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
printf
sprintf
atol
strcat
_purecall
time
srand
sqrt
_access
_splitpath
strncmp
_makepath
remove
_strupr
rand
labs
sin
strcpy
_strdup
_stricmp
_setmbcp
_gcvt
_ultoa
strtod
fabs
memset
isdigit
strtoul
abs
strchr
_ftol
realloc
strlen
malloc
free
strstr
memcpy
cos

kernel32

GetSystemDirectoryA
GetModuleFileNameA
Sleep
GetTickCount
GetTempPathA
CreateEventA
WaitForSingleObject
LoadLibraryA
FreeLibrary
GetProcAddress
SetEvent
GetModuleHandleA
WideCharToMultiByte
GetLastError
GetCurrentProcess
GetVersionExA
GetStartupInfoA
SetFileAttributesA
LockResource
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalLock
GlobalUnlock
GlobalReAlloc
GlobalFree
OpenProcess
WriteProcessMemory
ReadProcessMemory
DeleteFileA
WinExec
lstrlenA
lstrcatA
GlobalAlloc
CloseHandle
lstrcpyA

user32

TrackPopupMenu
SetForegroundWindow
PostMessageA
LoadMenuA
GetDC
SetScrollPos
GetScrollRange
GetScrollPos
EnableScrollBar
SetScrollRange
DrawIcon
IsIconic
SetWindowTextA
GetDlgItem
SetWindowPos
SetWindowRgn
ReleaseDC
AppendMenuA
RemoveMenu
GetMenuItemCount
SetWindowsHookExA
UnhookWindowsHookEx
GetClassInfoA
EnumWindows
FindWindowA
GetWindowThreadProcessId
GetWindowTextA
IsWindowVisible
GetWindow
MessageBoxA
CreateIconIndirect
GetIconInfo
CreateIconFromResource
CreateIconFromResourceEx
GetMenuItemID
LoadIconA
GetSubMenu
SetMenuDefaultItem
RegisterWindowMessageA
UpdateWindow
RemovePropA
SetPropA
SetWindowLongA
GetPropA
CallWindowProcA
GetFocus
GetAsyncKeyState
ScrollDC
DrawTextA
FillRect
InflateRect
CopyRect
DrawFocusRect
SetRect
SetCapture
ReleaseCapture
ClientToScreen
PtInRect
RedrawWindow
SetTimer
KillTimer
LoadCursorA
SetCursor
GetSystemMetrics
InvalidateRect
IsWindow
GetClientRect
GetWindowRect
GetParent
OffsetRect
GetSysColor
EnableWindow
SendMessageA
GetCursorPos

gdi32

CreatePalette
RealizePalette
CreateDIBitmap
CreateRectRgn
OffsetRgn
SetROP2
FrameRgn
SetPixel
GetStockObject
CreateFontIndirectA
CreateFontA
GetTextExtentPoint32A
GetBkColor
CreatePen
CreateSolidBrush
CreateDIBSection
SelectObject
ExtCreateRegion
CombineRgn
DeleteObject
GetDIBits
DeleteDC
GetObjectA
CreateBitmap
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap

advapi32

RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueA
RegQueryValueExA

shell32

Shell_NotifyIconA
ShellExecuteA

Sections

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SA MP v0.2.1/ПрочтиМеня.txt
s0nicT h4ck v2/s0nicT h4ck v2.exe
.exe windows:4 windows x86 arch:x86

e8d1afc7a80a63d3b1411c2cc5e88246

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

sndPlaySoundA
timeSetEvent
timeKillEvent

msvfw32

DrawDibOpen
DrawDibClose
DrawDibDraw

avifil32

AVIStreamGetFrame
AVIStreamRelease
AVIStreamGetFrameClose
AVIStreamOpenFromFileA
AVIStreamGetFrameOpen
AVIFileInit
AVIFileExit
AVIStreamInfoA
AVIStreamSampleToTime
AVIStreamStart
AVIStreamLength

kernel32

SetErrorMode
FileTimeToSystemTime
FileTimeToLocalFileTime
HeapFree
HeapAlloc
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
ExitProcess
RtlUnwind
RaiseException
CreateThread
ExitThread
TerminateProcess
HeapSize
GetACP
GetEnvironmentVariableA
HeapDestroy
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFileTime
GetFileSize
GetFileAttributesA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
DeleteFileA
WinExec
lstrlenA
lstrcatA
lstrcpyA
CloseHandle
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
lstrcmpA
GetCurrentThread
SuspendThread
ResumeThread
ReadProcessMemory
lstrcpynA
MulDiv
SetLastError
LocalFree
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
FindResourceA
LoadResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
GetCurrentProcess
GetLastError
WideCharToMultiByte
GetModuleHandleA
SetEvent
GetProcAddress
FreeLibrary
LoadLibraryA
WaitForSingleObject
CreateEventA
GetTempPathA
GetTickCount
Sleep
GetModuleFileNameA
GetSystemDirectoryA
SetFileAttributesA
LockResource
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalReAlloc
GlobalFree
OpenProcess
WriteProcessMemory
HeapCreate

user32

IsWindowEnabled
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
BeginPaint
EndPaint
TabbedTextOutA
GrayStringA
CreateDialogIndirectParamA
GetActiveWindow
EndDialog
WindowFromPoint
LoadStringA
DestroyMenu
ValidateRect
TranslateMessage
GetMessageA
PostQuitMessage
CharUpperA
GetClassNameA
GetSysColorBrush
ShowWindow
MoveWindow
IsDialogMessageA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
SetActiveWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
GetTopWindow
GetCapture
WinHelpA
wsprintfA
RegisterClassA
GetMenu
GetWindowTextLengthA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
CallNextHookEx
GetClassLongA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindowLongA
SystemParametersInfoA
GetWindowPlacement
CreateIconFromResourceEx
CreateIconFromResource
GetIconInfo
CreateIconIndirect
MessageBoxA
GetWindow
IsWindowVisible
GetWindowTextA
GetWindowThreadProcessId
FindWindowA
UnregisterClassA
GetClassInfoA
UnhookWindowsHookEx
SetWindowsHookExA
GetMenuItemCount
RemoveMenu
AppendMenuA
ReleaseDC
SetWindowRgn
GetDlgItem
SetWindowTextA
IsIconic
DrawIcon
SetScrollRange
EnableScrollBar
GetScrollPos
GetScrollRange
SetScrollPos
GetDC
LoadMenuA
GetCursorPos
SetForegroundWindow
TrackPopupMenu
PostMessageA
GetMenuItemID
LoadIconA
GetSubMenu
SetMenuDefaultItem
RegisterWindowMessageA
UpdateWindow
RemovePropA
SetPropA
SetWindowLongA
GetPropA
CallWindowProcA
GetFocus
GetAsyncKeyState
ScrollDC
DrawTextA
FillRect
InflateRect
CopyRect
DrawFocusRect
SetRect
SetCapture
ReleaseCapture
ClientToScreen
PtInRect
RedrawWindow
SetTimer
KillTimer
LoadCursorA
SetCursor
GetSystemMetrics
InvalidateRect
IsWindow
GetClientRect
GetWindowRect
GetParent
OffsetRect
GetSysColor
EnableWindow
SendMessageA
SetWindowPos
EnumWindows

gdi32

SetROP2
OffsetRgn
CreateRectRgn
CreateDIBitmap
RealizePalette
CreatePalette
GetClipBox
SetTextColor
SetBkColor
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
CreateBitmap
MoveToEx
LineTo
SetTextAlign
FrameRgn
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetPixel
GetStockObject
CreateFontIndirectA
GetDIBits
CreateFontA
GetTextExtentPoint32A
GetBkColor
CreatePen
CreateSolidBrush
CreateDIBSection
SelectObject
ExtCreateRegion
BitBlt
CombineRgn
DeleteObject
CreateCompatibleDC
DeleteDC
GetObjectA
CreateCompatibleBitmap

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegCloseKey

shell32

ShellExecuteA
Shell_NotifyIconA

comctl32

ord17

Sections

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
s0nicT h4ck v2/ПрочтиМеня (для незнающих английский язык).txt
Спидометр/ПрочтиМеня.txt
Спидометр/Спидометр.exe
.exe windows:4 windows x86 arch:x86

bc5ce990cf54f8d435a68eb97512f73e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
SetFileSecurityA
SetFileSecurityW

kernel32

CloseHandle
CompareStringA
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
DosDateTimeToFileTime
ExitProcess
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceA
FreeLibrary
GetCPInfo
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetDateFormatA
GetFileAttributesA
GetFileAttributesW
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetNumberFormatA
GetProcAddress
GetProcessHeap
GetStdHandle
GetTempPathA
GetTickCount
GetTimeFormatA
GetVersionExA
GlobalAlloc
HeapAlloc
HeapFree
HeapReAlloc
IsDBCSLeadByte
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
MoveFileExA
MultiByteToWideChar
ReadFile
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetLastError
Sleep
SystemTimeToFileTime
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpiA
lstrlenA

comctl32

ord17

comdlg32

CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA

gdi32

DeleteObject

shell32

SHBrowseForFolderA
SHChangeNotify
SHFileOperationA
SHGetFileInfoA
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA

user32

CharToOemA
CharToOemBuffA
CharUpperA
CopyRect
CreateWindowExA
DefWindowProcA
DestroyIcon
DestroyWindow
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
FindWindowExA
GetClassNameA
GetClientRect
GetDlgItem
GetDlgItemTextA
GetMessageA
GetParent
GetSysColor
GetSystemMetrics
GetWindow
GetWindowLongA
GetWindowRect
GetWindowTextA
IsWindow
IsWindowVisible
LoadBitmapA
LoadCursorA
LoadIconA
LoadStringA
MapWindowPoints
MessageBoxA
OemToCharA
OemToCharBuffA
PeekMessageA
PostMessageA
RegisterClassExA
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetFocus
SetMenu
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
TranslateMessage
UpdateWindow
WaitForInputIdle
wsprintfA
wvsprintfA

ole32

CLSIDFromString
CoCreateInstance
CreateStreamOnHGlobal
OleInitialize
OleUninitialize

Sections

.text
Size: 78KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Флуд в чат/ПрочтиМеня.txt
Флуд в чат/Флуд в чат.exe
.exe windows:4 windows x86 arch:x86

58ebcede4a19929b602088d94f0b6059

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaFreeVar
_adj_fdiv_m64
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord594
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
ord598
ord599
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
ord535
ord537
_CIlog
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6d1f237a38b6e7d3a48b606fa0d7939

Headers

File Characteristics

Imports

advapi32

kernel32

comctl32

comdlg32

gdi32

shell32

user32

ole32

Sections

.text Size: 73KB - Virtual size: 76KB

.data Size: 2KB - Virtual size: 28KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 100KB - Virtual size: 100KB

e8d1afc7a80a63d3b1411c2cc5e88246

Headers

File Characteristics

Imports

winmm

msvfw32

avifil32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 157KB - Virtual size: 282KB

.rsrc Size: 4KB - Virtual size: 3KB

3fdb4d3dc6d92cc6267fb8c176cf1d86

Headers

File Characteristics

Imports

winmm

msvfw32

avifil32

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

shell32

Sections

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 53KB - Virtual size: 164KB

.rsrc Size: 4KB - Virtual size: 3KB

e8d1afc7a80a63d3b1411c2cc5e88246

Headers

File Characteristics

Imports

winmm

msvfw32

avifil32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 157KB - Virtual size: 282KB

.rsrc Size: 4KB - Virtual size: 3KB

bc5ce990cf54f8d435a68eb97512f73e

Headers

.text
Size: 73KB - Virtual size: 76KB

.data
Size: 2KB - Virtual size: 28KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 100KB - Virtual size: 100KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 157KB - Virtual size: 282KB

.rsrc
Size: 4KB - Virtual size: 3KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 53KB - Virtual size: 164KB

.rsrc
Size: 4KB - Virtual size: 3KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 157KB - Virtual size: 282KB

.rsrc
Size: 4KB - Virtual size: 3KB

.text
Size: 78KB - Virtual size: 80KB

.data
Size: 2KB - Virtual size: 28KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 15KB - Virtual size: 16KB

.text
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 2KB