5f75aae916e800b5f65c0bbfa179cf3f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

Reason

office: invalid record header

General

Target

5f75aae916e800b5f65c0bbfa179cf3f_JaffaCakes118
Size

4.6MB
MD5

5f75aae916e800b5f65c0bbfa179cf3f
SHA1

a32cb7640b31d2c0ebc3eed8c5380e609500def3
SHA256

a1d6f857f971b7fe9c1cc2b29b0267412833ae99c7044e402f0a613244e6f442
SHA512

716298c44fc4a6f18632ce71004fa1c712dc8af9d309eb0b26571919d6989d77385a44cdfc9c304f67f10bb3955a6ca61e3241728f67b103a6fcdc71ffc5698a
SSDEEP

98304:o1a7lg/eph/H8hKN3Lqy0RnG8Xt6KuVZTAlBXXn7ZVhwasBko8GiLRZLnNkHx:j7lg/c56KN3LH0RnG896KhRn7ZTEko8s

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/JyMem/JyMem.exe
unpack001/JyMem/PunUnitLib.dll
unpack001/JyMem/QTINTF.DLL
unpack001/JyMem/傲客特别补丁.exe

Files

5f75aae916e800b5f65c0bbfa179cf3f_JaffaCakes118
.rar
JyMem/JyMem.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 10KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
JyMem/PunUnitLib.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

CompactDatabase
Decrypt
DispFormPos
Encrypt
GetExpressionValue
GetIdeDiskSerialNumber
GetPass
GetRegPass
Get_DiskSerialNo
IsValidDir
MoneyMinToBig
OpenForm
SavePass
SearchFile
ShowMess

Sections

CODE
Size: 483KB - Virtual size: 483KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 390B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
JyMem/QTINTF.DLL
.dll windows:4 windows x86 arch:x86

ed2e9704a88ac23cf71d7afbae3ece78

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

CloseHandle
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
EnterCriticalSection
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentThreadId
GetDateFormatA
GetDriveTypeA
GetDriveTypeW
GetEnvironmentStrings
GetFileAttributesA
GetFileAttributesW
GetFileSize
GetFileTime
GetFileType
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoA
GetLogicalDrives
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultLangID
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExA
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalSize
GlobalUnlock
HeapAlloc
HeapFree
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
MoveFileA
MoveFileW
MultiByteToWideChar
OutputDebugStringA
RaiseException
ReadFile
RemoveDirectoryA
RemoveDirectoryW
RtlUnwind
SetConsoleCtrlHandler
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetErrorMode
SetFilePointer
SetHandleCount
SetLastError
SetThreadLocale
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WideCharToMultiByte
WriteFile

wsock32

WSAAsyncSelect

comdlg32

PrintDlgA
PrintDlgW

gdi32

AbortDoc
Arc
BeginPath
BitBlt
Chord
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBitmap
CreateEllipticRgn
CreateFontIndirectA
CreateFontIndirectW
CreateHatchBrush
CreatePalette
CreatePatternBrush
CreatePen
CreatePolygonRgn
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
Ellipse
EndDoc
EndPage
EndPath
EnumFontFamiliesExA
EnumFontFamiliesW
EqualRgn
ExtCreatePen
ExtCreateRegion
FillPath
GdiFlush
GetCharABCWidthsA
GetCharABCWidthsFloatW
GetCharABCWidthsW
GetCurrentPositionEx
GetDIBits
GetDeviceCaps
GetNearestPaletteIndex
GetObjectA
GetObjectW
GetPaletteEntries
GetRegionData
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextExtentPoint32W
GetTextFaceA
GetTextFaceW
GetTextMetricsA
GetTextMetricsW
GetWindowExtEx
LineTo
MaskBlt
ModifyWorldTransform
MoveToEx
OffsetRgn
OffsetViewportOrgEx
PatBlt
Pie
PolyBezier
Polygon
Polyline
PtInRegion
RealizePalette
RectInRegion
Rectangle
ResizePalette
RoundRect
SelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBitsToDevice
SetGraphicsMode
SetPaletteEntries
SetPixelV
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
SetTextColor
SetWindowOrgEx
SetWorldTransform
StartDocA
StartDocW
StartPage
StretchBlt
StretchDIBits
TextOutW
UnrealizeObject
UpdateColors

shell32

ExtractIconExA

user32

BeginPaint
CallNextHookEx
ChangeClipboardChain
ChildWindowFromPoint
ClientToScreen
CloseClipboard
CreateCaret
CreateCursor
CreateIconIndirect
CreateWindowExA
DefWindowProcA
DefWindowProcW
DestroyCursor
DestroyIcon
DestroyWindow
DispatchMessageA
DispatchMessageW
DrawFocusRect
DrawIconEx
EmptyClipboard
EnableMenuItem
EndPaint
EnumClipboardFormats
EnumThreadWindows
GetCaretBlinkTime
GetClientRect
GetClipboardData
GetCursorPos
GetDC
GetDesktopWindow
GetDoubleClickTime
GetKeyState
GetMessageA
GetMessageW
GetSysColor
GetSystemMetrics
GetUpdateRgn
GetWindowDC
GetWindowLongA
GetWindowRect
HideCaret
InvalidateRect
IsIconic
IsWindowVisible
IsZoomed
KillTimer
LoadCursorA
LoadCursorW
LoadIconA
LoadIconW
MapVirtualKeyA
MapVirtualKeyW
MessageBeep
MessageBoxA
MoveWindow
OpenClipboard
PeekMessageA
PeekMessageW
PostMessageW
RegisterClassA
RegisterClassW
RegisterClipboardFormatA
RegisterWindowMessageA
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
ScreenToClient
ScrollWindow
SendMessageA
SendMessageW
SetCapture
SetCaretBlinkTime
SetCaretPos
SetClipboardData
SetClipboardViewer
SetCursor
SetCursorPos
SetDoubleClickTime
SetForegroundWindow
SetParent
SetRect
SetTimer
SetWindowLongA
SetWindowPos
SetWindowRgn
SetWindowTextA
SetWindowTextW
SetWindowsHookExA
ShowWindow
SystemParametersInfoA
SystemParametersInfoW
TrackPopupMenuEx
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UnregisterClassW
UpdateWindow
ValidateRgn
WindowFromPoint
wsprintfA
GetSystemMenu

imm32

ImmGetContext
ImmReleaseContext
ImmSetCompositionFontA
ImmSetCompositionFontW
ImmSetCompositionWindow

ole32

CoGetMalloc
CoLockObjectExternal
DoDragDrop
OleInitialize
OleUninitialize
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop

Exports

Exports

_QApplication_activeModalWidget
_QApplication_activePopupWidget
_QApplication_activeWindow
_QApplication_allWidgets
_QApplication_argc
_QApplication_argv
_QApplication_beep
_QApplication_clipboard
_QApplication_closeAllWindows
_QApplication_closingDown
_QApplication_colorSpec
_QApplication_commitData
_QApplication_create
_QApplication_cursorFlashTime
_QApplication_defaultCodec
_QApplication_desktop
_QApplication_desktopSettingsAware
_QApplication_destroy
_QApplication_doubleClickInterval
_QApplication_enter_loop
_QApplication_exec
_QApplication_exit
_QApplication_exit_loop
_QApplication_flushX
_QApplication_focusWidget
_QApplication_font
_QApplication_fontMetrics
_QApplication_globalStrut
_QApplication_hasGlobalMouseTracking
_QApplication_hook_create
_QApplication_hook_destroy
_QApplication_hook_hook_aboutToQuit
_QApplication_hook_hook_guiThreadAwake
_QApplication_hook_hook_lastWindowClosed
_QApplication_installTranslator
_QApplication_isEffectEnabled
_QApplication_isSessionRestored
_QApplication_loopLevel
_QApplication_mainWidget
_QApplication_notify
_QApplication_overrideCursor
_QApplication_palette
_QApplication_polish
_QApplication_postEvent
_QApplication_processEvents
_QApplication_processEvents2
_QApplication_processOneEvent
_QApplication_quit
_QApplication_removePostedEvents
_QApplication_removeTranslator
_QApplication_restoreOverrideCursor
_QApplication_saveState
_QApplication_sendEvent
_QApplication_sendPostedEvents
_QApplication_sendPostedEvents2
_QApplication_sessionId
_QApplication_setColorSpec
_QApplication_setCursorFlashTime
_QApplication_setDefaultCodec
_QApplication_setDesktopSettingsAware
_QApplication_setDoubleClickInterval
_QApplication_setEffectEnabled
_QApplication_setFont
_QApplication_setGlobalMouseTracking
_QApplication_setGlobalStrut
_QApplication_setMainWidget
_QApplication_setOverrideCursor
_QApplication_setPalette
_QApplication_setStartDragDistance
_QApplication_setStartDragTime
_QApplication_setStyle
_QApplication_setWheelScrollLines
_QApplication_setWinStyleHighlightColor
_QApplication_startDragDistance
_QApplication_startDragTime
_QApplication_startingUp
_QApplication_style
_QApplication_syncX
_QApplication_topLevelWidgets
_QApplication_translate
_QApplication_translate2
_QApplication_wakeUpGuiThread
_QApplication_wheelScrollLines
_QApplication_widgetAt
_QApplication_widgetAt2
_QApplication_winEventFilter
_QApplication_winFocus
_QApplication_winMouseButtonUp
_QApplication_winStyleHighlightColor
_QApplication_winVersion
_QBitmap_create
_QBitmap_create2
_QBitmap_create3
_QBitmap_create4
_QBitmap_create5
_QBitmap_create6
_QBitmap_create7
_QBitmap_destroy
_QBitmap_from_QPixmap
_QBitmap_xForm
_QBrush_color
_QBrush_create
_QBrush_create2
_QBrush_create3
_QBrush_create4
_QBrush_create5
_QBrush_destroy
_QBrush_hook_create
_QBrush_hook_destroy
_QBrush_pixmap
_QBrush_setColor
_QBrush_setPixmap
_QBrush_setStyle
_QBrush_style
_QButtonGroup_count
_QButtonGroup_create
_QButtonGroup_create2
_QButtonGroup_create3
_QButtonGroup_create4
_QButtonGroup_destroy
_QButtonGroup_find
_QButtonGroup_hook_create
_QButtonGroup_hook_destroy
_QButtonGroup_hook_hook_clicked
_QButtonGroup_hook_hook_pressed
_QButtonGroup_hook_hook_released
_QButtonGroup_id
_QButtonGroup_insert
_QButtonGroup_isExclusive
_QButtonGroup_isRadioButtonExclusive
_QButtonGroup_moveFocus
_QButtonGroup_remove
_QButtonGroup_selected
_QButtonGroup_setButton
_QButtonGroup_setExclusive
_QButtonGroup_setRadioButtonExclusive
_QButton_accel
_QButton_animateClick
_QButton_autoRepeat
_QButton_autoResize
_QButton_create
_QButton_destroy
_QButton_focusNextPrevChild
_QButton_group
_QButton_hook_create
_QButton_hook_destroy
_QButton_hook_hook_clicked
_QButton_hook_hook_pressed
_QButton_hook_hook_released
_QButton_hook_hook_stateChanged
_QButton_hook_hook_toggled
_QButton_isDown
_QButton_isExclusiveToggle
_QButton_isOn
_QButton_isToggleButton
_QButton_pixmap
_QButton_setAccel
_QButton_setAutoRepeat
_QButton_setAutoResize
_QButton_setDown
_QButton_setPixmap
_QButton_setText
_QButton_state
_QButton_text
_QButton_toggle
_QButton_toggleType
_QByteArray_create
_QByteArray_destroy
_QCheckBox_create
_QCheckBox_create2
_QCheckBox_destroy
_QCheckBox_hook_create
_QCheckBox_hook_destroy
_QCheckBox_isChecked
_QCheckBox_isTristate
_QCheckBox_setChecked
_QCheckBox_setNoChange
_QCheckBox_setTristate
_QCheckBox_sizeHint
_QCheckBox_sizePolicy
_QCheckListItem_create
_QCheckListItem_create2
_QCheckListItem_create3
_QCheckListItem_create4
_QCheckListItem_create5
_QCheckListItem_destroy
_QCheckListItem_hook_create
_QCheckListItem_hook_destroy
_QCheckListItem_isEnabled
_QCheckListItem_isOn
_QCheckListItem_paintCell
_QCheckListItem_paintFocus
_QCheckListItem_setEnabled
_QCheckListItem_setOn
_QCheckListItem_setup
_QCheckListItem_text
_QCheckListItem_text2
_QCheckListItem_type
_QCheckListItem_width
_QChildEvent_child
_QChildEvent_create
_QChildEvent_destroy
_QChildEvent_hook_create
_QChildEvent_hook_destroy
_QChildEvent_inserted
_QChildEvent_removed
_QClipboard_clear
_QClipboard_data
_QClipboard_hook_create
_QClipboard_hook_destroy
_QClipboard_hook_hook_dataChanged
_QClipboard_image
_QClipboard_pixmap
_QClipboard_setData
_QClipboard_setImage
_QClipboard_setPixmap
_QClipboard_setText
_QClipboard_text
_QClipboard_text2
_QCloseEvent_accept
_QCloseEvent_create
_QCloseEvent_destroy
_QCloseEvent_hook_create
_QCloseEvent_hook_destroy
_QCloseEvent_ignore
_QCloseEvent_isAccepted
_QClxApplication_create
_QClxApplication_destroy
_QClxApplication_setWndProcHook
_QClxBitBtn_create
_QClxBitBtn_destroy
_QClxCheckListItem_create
_QClxCheckListItem_create2
_QClxCheckListItem_destroy
_QClxDesign_setDesignOptions
_QClxDragObject_addFormat
_QClxDragObject_create
_QClxDragObject_destroy
_QClxDragObject_encodedData
_QClxDragObject_format
_QClxDragObject_provides
_QClxDrawUtil_DrawItem
_QClxDrawUtil_DrawPlainRect
_QClxDrawUtil_DrawPlainRect2
_QClxDrawUtil_DrawShadeLine
_QClxDrawUtil_DrawShadeLine2
_QClxDrawUtil_DrawShadePanel
_QClxDrawUtil_DrawShadePanel2
_QClxDrawUtil_DrawShadeRect
_QClxDrawUtil_DrawShadeRect2
_QClxDrawUtil_DrawWinButton
_QClxDrawUtil_DrawWinButton2
_QClxDrawUtil_DrawWinPanel
_QClxDrawUtil_DrawWinPanel2
_QClxFileDialog_create
_QClxFileDialog_create2
_QClxFileDialog_create3
_QClxFileDialog_defaultExt
_QClxFileDialog_destroy
_QClxFileDialog_dir
_QClxFileDialog_dirPath
_QClxFileDialog_done
_QClxFileDialog_eventFilter
_QClxFileDialog_getExistingDirectory
_QClxFileDialog_getExistingDirectory2
_QClxFileDialog_getExistingDirectory3
_QClxFileDialog_getOpenFileName
_QClxFileDialog_getOpenFileName2
_QClxFileDialog_getOpenFileNames
_QClxFileDialog_getOpenFileNames2
_QClxFileDialog_getSaveFileName
_QClxFileDialog_getSaveFileName2
_QClxFileDialog_hook_addFile
_QClxFileDialog_hook_create
_QClxFileDialog_hook_destroy
_QClxFileDialog_hook_hook_closeRequest
_QClxFileDialog_hook_hook_dirEntered
_QClxFileDialog_hook_hook_fileHighlighted
_QClxFileDialog_hook_hook_fileSelected
_QClxFileDialog_hook_hook_filterChanged
_QClxFileDialog_iconProvider
_QClxFileDialog_isContentsPreviewEnabled
_QClxFileDialog_isInfoPreviewEnabled
_QClxFileDialog_isRegisteredExtension
_QClxFileDialog_mode
_QClxFileDialog_previewMode
_QClxFileDialog_rereadDir
_QClxFileDialog_resortDir
_QClxFileDialog_selectAll
_QClxFileDialog_selectedExt
_QClxFileDialog_selectedFile
_QClxFileDialog_selectedFiles
_QClxFileDialog_selectedFilter
_QClxFileDialog_setContentsPreview
_QClxFileDialog_setContentsPreviewEnabled
_QClxFileDialog_setDefaultExt
_QClxFileDialog_setDir
_QClxFileDialog_setDir2
_QClxFileDialog_setEditText
_QClxFileDialog_setFilter
_QClxFileDialog_setFilterIndex
_QClxFileDialog_setFilters
_QClxFileDialog_setFilters2
_QClxFileDialog_setFilters3
_QClxFileDialog_setIconProvider
_QClxFileDialog_setInfoPreview
_QClxFileDialog_setInfoPreviewEnabled
_QClxFileDialog_setMode
_QClxFileDialog_setPreviewMode
_QClxFileDialog_setSelection
_QClxFileDialog_setShowHiddenFiles
_QClxFileDialog_setViewMode
_QClxFileDialog_show
_QClxFileDialog_showHiddenFiles
_QClxFileDialog_viewMode
_QClxFileIconProvider_create
_QClxFileIconProvider_destroy
_QClxFileIconProvider_hook_create
_QClxFileIconProvider_hook_destroy
_QClxFileIconProvider_pixmap
_QClxFilePreview_destroy
_QClxIODevice_create
_QClxIODevice_destroy
_QClxIconViewHooks_create
_QClxIconViewHooks_destroy
_QClxIconViewHooks_hook_PaintFocus
_QClxIconViewHooks_hook_PaintItem
_QClxIconViewHooks_hook_change
_QClxIconViewHooks_hook_changing
_QClxIconViewHooks_hook_destroyed
_QClxIconViewHooks_hook_setSelected
_QClxIconViewItem_create
_QClxIconViewItem_create2
_QClxIconViewItem_destroy
_QClxLineEdit_autoSelect
_QClxLineEdit_clearSelection
_QClxLineEdit_create
_QClxLineEdit_destroy
_QClxLineEdit_hasMarkedText
_QClxLineEdit_hideSelection
_QClxLineEdit_markedText
_QClxLineEdit_resetSelection
_QClxLineEdit_selLen
_QClxLineEdit_selStart
_QClxLineEdit_setAutoSelect
_QClxLineEdit_setHideSelection
_QClxLineEdit_setMarkedText
_QClxLineEdit_setSelStart
_QClxLineEdit_setSelection
_QClxLineEdit_updateSelection
_QClxListBoxHooks_create
_QClxListBoxHooks_destroy
_QClxListBoxHooks_hook_measure
_QClxListBoxHooks_hook_paint
_QClxListBoxItem_create
_QClxListBoxItem_destroy
_QClxListBoxItem_getData
_QClxListBoxItem_height
_QClxListBoxItem_setCustomHighlighting
_QClxListBoxItem_setData
_QClxListBoxItem_width
_QClxListViewHooks_create
_QClxListViewHooks_destroy
_QClxListViewHooks_hook_PaintBranches
_QClxListViewHooks_hook_PaintCell
_QClxListViewHooks_hook_change
_QClxListViewHooks_hook_changing
_QClxListViewHooks_hook_checked
_QClxListViewHooks_hook_destroyed
_QClxListViewHooks_hook_expanded
_QClxListViewHooks_hook_expanding
_QClxListViewHooks_hook_setSelected
_QClxListViewItem_create
_QClxListViewItem_create2
_QClxListViewItem_destroy
_QClxMimeSourceFactory_create
_QClxMimeSourceFactory_data
_QClxMimeSourceFactory_destroy
_QClxMimeSourceFactory_setDataCallBack
_QClxMimeSource_addFormat
_QClxMimeSource_create
_QClxMimeSource_create2
_QClxMimeSource_destroy
_QClxMimeSource_encodedData
_QClxMimeSource_format
_QClxMimeSource_provides
_QClxObjectMap_add
_QClxObjectMap_find
_QClxObjectMap_findClxObject
_QClxObjectMap_remove
_QClxObjectMap_setAddCallback
_QClxObjectMap_setRemoveCallback
_QClxSlider_create
_QClxSlider_destroy
_QClxSlider_drawTicks
_QClxSpinBox_create
_QClxSpinBox_create2
_QClxSpinBox_destroy
_QClxSpinBox_downButton
_QClxSpinBox_editor
_QClxSpinBox_upButton
_QClxStyleHooks_create
_QClxStyleHooks_destroy
_QClxStyleHooks_hook_StyleDestroyed
_QClxStyleHooks_hook_bevelButtonRect
_QClxStyleHooks_hook_buttonRect
_QClxStyleHooks_hook_comboButtonFocusRect
_QClxStyleHooks_hook_comboButtonRect
_QClxStyleHooks_hook_drawArrow
_QClxStyleHooks_hook_drawBevelButton
_QClxStyleHooks_hook_drawButton
_QClxStyleHooks_hook_drawButtonMask
_QClxStyleHooks_hook_drawCheckMark
_QClxStyleHooks_hook_drawComboButton
_QClxStyleHooks_hook_drawComboButtonMask
_QClxStyleHooks_hook_drawExclusiveIndicator
_QClxStyleHooks_hook_drawExclusiveIndicatorMask
_QClxStyleHooks_hook_drawFocusRect
_QClxStyleHooks_hook_drawIndicator
_QClxStyleHooks_hook_drawIndicatorMask
_QClxStyleHooks_hook_drawItem
_QClxStyleHooks_hook_drawPanel
_QClxStyleHooks_hook_drawPopupMenuItem
_QClxStyleHooks_hook_drawPopupPanel
_QClxStyleHooks_hook_drawPushButton
_QClxStyleHooks_hook_drawPushButtonLabel
_QClxStyleHooks_hook_drawRect
_QClxStyleHooks_hook_drawRectStrong
_QClxStyleHooks_hook_drawScrollBarControls
_QClxStyleHooks_hook_drawSeparator
_QClxStyleHooks_hook_drawSlider
_QClxStyleHooks_hook_drawSliderGroove
_QClxStyleHooks_hook_drawSliderGrooveMask
_QClxStyleHooks_hook_drawSliderMask
_QClxStyleHooks_hook_drawSplitter
_QClxStyleHooks_hook_drawTab
_QClxStyleHooks_hook_drawTabMask
_QClxStyleHooks_hook_drawToolButton
_QClxStyleHooks_hook_drawToolButton2
_QClxStyleHooks_hook_extraPopupMenuItemWidth
_QClxStyleHooks_hook_itemRect
_QClxStyleHooks_hook_polish
_QClxStyleHooks_hook_polish2
_QClxStyleHooks_hook_polish3
_QClxStyleHooks_hook_polishPopupMenu
_QClxStyleHooks_hook_popupMenuItemHeight
_QClxStyleHooks_hook_popupSubmenuIndicatorWidth
_QClxStyleHooks_hook_pushButtonContentsRect
_QClxStyleHooks_hook_scrollBarMetrics
_QClxStyleHooks_hook_tabbarMetrics
_QClxStyleHooks_hook_toolButtonRect
_QClxStyleHooks_hook_unPolish
_QClxStyleHooks_hook_unPolish2
_QClxStyle_buttonShift
_QClxStyle_create
_QClxStyle_create2
_QClxStyle_defaultFrameWidth
_QClxStyle_destroy
_QClxStyle_exclusiveIndicatorSize
_QClxStyle_indicatorSize
_QClxStyle_init
_QClxStyle_maximumSliderDragDistance
_QClxStyle_refresh
_QClxStyle_scrollBarExtent
_QClxStyle_scrollBarMetrics
_QClxStyle_setButtonShift
_QClxStyle_setDefaultFrameWidth
_QClxStyle_setExclusiveIndicatorSize
_QClxStyle_setIndicatorSize
_QClxStyle_setMaximumSliderDragDistance
_QClxStyle_setScrollBarExtent
_QClxStyle_setSliderLength
_QClxStyle_setSplitterWidth
_QClxStyle_sliderLength
_QClxStyle_splitterWidth
_QClxStyle_tabbarMetrics
_QClxWidget_MaxWidgetSize
_QColorDialog_customColor
_QColorDialog_customCount
_QColorDialog_getColor
_QColorDialog_getRgba
_QColorDialog_hook_create
_QColorDialog_hook_destroy
_QColorDialog_setCustomColor
_QColorDrag_canDecode
_QColorDrag_create
_QColorDrag_create2
_QColorDrag_decode
_QColorDrag_destroy
_QColorDrag_hook_create
_QColorDrag_hook_destroy
_QColorDrag_setColor
_QColorGroup_background
_QColorGroup_base
_QColorGroup_brightText
_QColorGroup_brush
_QColorGroup_button
_QColorGroup_buttonText
_QColorGroup_color
_QColorGroup_create

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 109KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 157KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
JyMem/Qr/frAwokeFx.frf
JyMem/Qr/frAwokeFx1.frf
JyMem/Qr/frAwokeFx2.frf
JyMem/Qr/frDHgoodDetail.frf
JyMem/Qr/frDhbill.frf
JyMem/Qr/frDhrecDetail.frf
JyMem/Qr/frEmpList.frf
JyMem/Qr/frEmpXianqing.frf
JyMem/Qr/frGoodJTHdetail.frf
JyMem/Qr/frGoodList.frf
JyMem/Qr/frGoodMan.frf
JyMem/Qr/frGoodXFdetail.frf
JyMem/Qr/frGoodXFdetail1.frf
JyMem/Qr/frHYxiaofeiFx.frf
JyMem/Qr/frHyJiaobanDetail.frf
JyMem/Qr/frHyJiaobanDetail1.frf
JyMem/Qr/frHyJiaobanDetail2.frf
JyMem/Qr/frHyXiaoFeiDetail.frf
JyMem/Qr/frHyXiaoFeiDetail1.frf
JyMem/Qr/frHyXuFeiDetail.frf
JyMem/Qr/frKCgoodDetail.frf
JyMem/Qr/frMemBiaoQian.frf
JyMem/Qr/frMemList.frf
JyMem/Qr/frMemXianqing.frf
JyMem/Qr/frMemXingFeng.frf
JyMem/Qr/frMemXuFeiBill.frf
JyMem/Qr/frMemXuFeiBill1.frf
JyMem/Qr/frStatFx.frf
JyMem/Qr/frXFbill.frf
JyMem/Qr/frXsRecEdit.frf
JyMem/Qr/frXsRecEdit1.frf
JyMem/Qr/frXsrecDetail.frf
JyMem/Qr/frXsrecTotal.frf
JyMem/Sample1.xls
.xls windows office2003
JyMem/Sample2.xls
.xls windows office2003
JyMem/config.ini
.vbs
JyMem/data/Member.mdb
JyMem/help.CHM
.chm
JyMem/images/3.jpg
.jpg
JyMem/readme.txt
JyMem/whatisnew.txt
JyMem/傲客特别补丁.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

linholer
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 455KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 327B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
JyMem/许可协议.txt

Sharing

Errors

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 2.3MB - Virtual size: 2.3MB

DATA Size: 22KB - Virtual size: 22KB

BSS Size: - Virtual size: 10KB

.idata Size: 13KB - Virtual size: 13KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 160KB - Virtual size: 159KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 483KB - Virtual size: 483KB

DATA Size: 8KB - Virtual size: 7KB

BSS Size: - Virtual size: 3KB

.idata Size: 19KB - Virtual size: 18KB

.edata Size: 512B - Virtual size: 390B

.reloc Size: 32KB - Virtual size: 31KB

.rsrc Size: 20KB - Virtual size: 20KB

ed2e9704a88ac23cf71d7afbae3ece78

Headers

File Characteristics

Imports

advapi32

kernel32

wsock32

comdlg32

gdi32

shell32

user32

imm32

ole32

Exports

Exports

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.data Size: 1.2MB - Virtual size: 1.2MB

.tls Size: 512B - Virtual size: 4KB

.idata Size: 8KB - Virtual size: 8KB

.edata Size: 109KB - Virtual size: 112KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 157KB - Virtual size: 160KB

Headers

File Characteristics

Sections

linholer Size: - Virtual size: 32KB

Size: 3KB - Virtual size: 4KB

Size: 455KB - Virtual size: 456KB

Size: 327B - Virtual size: 4KB

Size: 4KB - Virtual size: 4KB

CODE
Size: 2.3MB - Virtual size: 2.3MB

DATA
Size: 22KB - Virtual size: 22KB

BSS
Size: - Virtual size: 10KB

.idata
Size: 13KB - Virtual size: 13KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 160KB - Virtual size: 159KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

CODE
Size: 483KB - Virtual size: 483KB

DATA
Size: 8KB - Virtual size: 7KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 19KB - Virtual size: 18KB

.edata
Size: 512B - Virtual size: 390B

.reloc
Size: 32KB - Virtual size: 31KB

.rsrc
Size: 20KB - Virtual size: 20KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.data
Size: 1.2MB - Virtual size: 1.2MB

.tls
Size: 512B - Virtual size: 4KB

.idata
Size: 8KB - Virtual size: 8KB

.edata
Size: 109KB - Virtual size: 112KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 157KB - Virtual size: 160KB

linholer
Size: - Virtual size: 32KB