7289c47fbb138637e40357e7abfe212f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7289c47fbb138637e40357e7abfe212f_JaffaCakes118
Size

1.1MB
MD5

7289c47fbb138637e40357e7abfe212f
SHA1

07794e7427c06ca51e02f196b32a73e4c368031b
SHA256

eea728e8046fa97fd2c86fd9cb9acf90e3790615f06197c1ff78381969c5a5ad
SHA512

c6ad903573ffe9785a9e6426a3ceaebce1b49dd6877c2d2df9cd9c5273bb5cb5816f09a26cbc277196757f0e96c8c2378576560155a60163ce15c2122c0f16cc
SSDEEP

24576:wd1afEHmAYr7CWai+cPwDQPGTTibhhXjARLN8IvXk7Iw6nSq:wfvmPbZNPGTTibhhTAR9dSq

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/OmegaSeeder.exe
unpack001/SkinCrafterDll.dll
unpack001/TorrentConnector.dll

Files

7289c47fbb138637e40357e7abfe212f_JaffaCakes118
.zip
OmegaSeeder.exe
.exe windows:4 windows x86 arch:x86

f6627eed5fe82e88a946f1c143376c86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\WakeNet\player\test\torrent\release\OmegaTorrent.pdb

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

wininet

InternetOpenA
InternetSetStatusCallbackA
InternetOpenUrlA
InternetCloseHandle
InternetSetStatusCallback
HttpQueryInfoA
InternetReadFile
InternetConnectA
HttpOpenRequestA
HttpSendRequestA

iphlpapi

GetAdaptersInfo

kernel32

GlobalAddAtomA
GlobalGetAtomNameA
GetModuleFileNameW
lstrcmpA
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalFlags
LocalAlloc
GlobalReAlloc
GlobalHandle
LocalReAlloc
GetCPInfo
GetOEMCP
GetThreadLocale
GetCurrentDirectoryA
MoveFileA
FlushFileBuffers
GetCurrentProcess
SetErrorMode
GetFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
VirtualAlloc
GlobalFindAtomA
HeapReAlloc
ExitThread
CreateThread
GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RtlUnwind
RaiseException
HeapSize
ExitProcess
GetACP
LCMapStringA
LCMapStringW
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetFileType
GetConsoleCP
GetConsoleMode
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GlobalDeleteAtom
lstrcmpW
GlobalAlloc
MulDiv
GlobalFree
FreeResource
Process32Next
Process32First
GetCurrentProcessId
CreateToolhelp32Snapshot
TerminateProcess
OpenProcess
CreateMutexA
CreateDirectoryA
GetVersionExA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFilePointer
GetFileSize
lstrcatA
GetSystemDirectoryA
WaitForSingleObject
DeviceIoControl
ReadFile
WriteFile
SetFilePointerEx
SetEndOfFile
CreateFileA
FreeLibrary
CloseHandle
GetCurrentThreadId
DeleteCriticalSection
CreateIoCompletionPort
PostQueuedCompletionStatus
InterlockedExchangeAdd
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
ReleaseMutex
InterlockedCompareExchange
InterlockedDecrement
GetQueuedCompletionStatus
InterlockedIncrement
QueryPerformanceFrequency
QueryPerformanceCounter
CopyFileA
TlsSetValue
TlsGetValue
DeleteFileA
TlsFree
LocalFree
GetTempPathA
TlsAlloc
GetTempFileNameA
CreateSemaphoreA
ReleaseSemaphore
CreateFileW
FormatMessageA
GetVersion
CompareStringA
InterlockedExchange
MultiByteToWideChar
GetModuleFileNameA
GetFullPathNameA
GetFileAttributesA
GetTickCount
Sleep
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetLastError
SetLastError
lstrcpyA
lstrlenA
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GlobalUnlock
GlobalLock
GetFileAttributesExA

user32

UnregisterClassA
SetParent
GetDCEx
LockWindowUpdate
SetMenu
TranslateAcceleratorA
WindowFromPoint
GetWindowDC
ReleaseDC
GetDC
GrayStringA
DrawTextExA
TabbedTextOutA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
CheckMenuItem
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageA
MapWindowPoints
TrackPopupMenu
GetKeyState
GetMenu
MessageBoxA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
DefWindowProcA
IntersectRect
GetSysColorBrush
GetMenuState
GetMenuItemID
GetMenuItemCount
GetWindowTextLengthA
GetWindowTextA
SetWindowPos
SetFocus
GetDlgCtrlID
IsDialogMessageA
SendDlgItemMessageA
GetWindow
GetDesktopWindow
GetActiveWindow
IsWindowEnabled
GetNextDlgTabItem
EndDialog
FindWindowA
RegisterWindowMessageA
GetDlgItem
SetPropA
ClientToScreen
RemovePropA
CallWindowProcA
GetPropA
wsprintfA
EnableMenuItem
ShowScrollBar
LoadBitmapA
SetActiveWindow
SetForegroundWindow
IsIconic
IsWindowVisible
GetCursorPos
GetSubMenu
LoadMenuA
LoadIconA
PostMessageA
SystemParametersInfoA
GetWindowLongA
ShowWindow
CreateWindowExA
MoveWindow
ShowOwnedPopups
TranslateMessage
ValidateRect
GetMenuItemInfoA
PostQuitMessage
UnpackDDElParam
ReuseDDElParam
DestroyMenu
GetWindowThreadProcessId
SetWindowLongA
SetWindowTextA
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
GetWindowPlacement
BringWindowToTop
CreateDialogIndirectParamA
DestroyWindow
IsWindow
FillRect
GetWindowRect
EndPaint
BeginPaint
GetUpdateRect
FrameRect
UpdateWindow
DrawTextA
GetParent
SetCursor
GetCursor
ReleaseCapture
DispatchMessageA
GetMessageA
SetCapture
GetCapture
IsChild
GetFocus
SetTimer
InflateRect
DrawFrameControl
OffsetRect
GetSystemMetrics
SetRect
CopyRect
KillTimer
PtInRect
GetClientRect
ScreenToClient
GetMessagePos
InvalidateRect
LoadCursorA
GetSysColor
SendMessageA
EnableWindow
CloseClipboard
GetClipboardData
OpenClipboard
SendMessageTimeoutA

gdi32

OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreatePatternBrush
SetViewportOrgEx
CreatePen
SetRectRgn
CombineRgn
PatBlt
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
SelectClipRgn
CreateCompatibleDC
MoveToEx
LineTo
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
GetDeviceCaps
CreateFontIndirectA
DeleteObject
SetTextColor
StretchBlt
GetBkColor
CreateSolidBrush
CreateRectRgn
GetClipBox
CreateFontA
GetObjectA
GetTextExtentPoint32A
CreateRectRgnIndirect
GetStockObject
BitBlt
CreateCompatibleBitmap

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA

shell32

SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
Shell_NotifyIconA
SHBrowseForFolderA
DragQueryFileA
DragFinish

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

ws2_32

WSASetLastError
bind
setsockopt
ntohs
WSARecvFrom
htons
WSAGetLastError
closesocket
htonl
ntohl
socket
inet_ntoa
WSAStringToAddressA
WSAIoctl
accept
listen
getsockopt
__WSAFDIsSet
freeaddrinfo
getsockname
select
WSARecv
getaddrinfo
inet_addr
connect
ioctlsocket
WSAAddressToStringA
getpeername
WSASocketA
WSASendTo
WSAStartup
WSACleanup
WSASend

mswsock

GetAcceptExSockaddrs
AcceptEx

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 224KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SkinCrafterDll.dll
.dll windows:4 windows x86 arch:x86

8adf4dcd87bc0a5878820eb28d5b4aaa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msimg32

TransparentBlt

mfc42

ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord2452
ord816
ord562
ord2381
ord5590
ord2571
ord3701
ord500
ord772
ord6142
ord3986
ord5981
ord3619
ord2405
ord2859
ord2754
ord4133
ord4297
ord5787
ord5788
ord283
ord2753
ord932
ord6759
ord5933
ord3880
ord3425
ord3054
ord6716
ord6692
ord3797
ord3055
ord3056
ord3296
ord2862
ord3754
ord3914
ord3297
ord4125
ord3803
ord4060
ord2937
ord3920
ord3293
ord6762
ord6678
ord4123
ord6696
ord6734
ord3546
ord3766
ord861
ord273
ord603
ord3693
ord2713
ord6157
ord6605
ord4023
ord5785
ord2841
ord2107
ord5450
ord6394
ord559
ord812
ord5862
ord6144
ord3566
ord2975
ord3757
ord3481
ord1168
ord1176
ord3752
ord1949
ord5440
ord1116
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord860
ord800
ord537
ord823
ord858
ord540
ord539
ord6467
ord825
ord909
ord394
ord4185
ord5628
ord535
ord4191
ord3435
ord3441
ord5860
ord5606
ord5678
ord5794
ord5873
ord6021
ord6189
ord4330
ord6186
ord5756
ord6192
ord5759
ord2971
ord289
ord613
ord3571
ord5781
ord696
ord3643
ord472
ord2380
ord1641
ord2414
ord3626
ord3706
ord323
ord1640
ord2714
ord2450
ord640
ord6880
ord702
ord912
ord5593
ord5683
ord5596
ord400
ord3649
ord5634
ord915
ord4188
ord879
ord4204
ord4129
ord5710
ord6662
ord2740
ord4275
ord2379
ord939
ord755
ord5875
ord6172
ord5789
ord470
ord2860
ord2864
ord3646
ord397
ord699
ord2818
ord665
ord1979
ord1969
ord3438
ord5572
ord6383
ord2915
ord2801
ord882
ord5651
ord3127
ord3616
ord404
ord3663
ord924
ord5186
ord350
ord354
ord703
ord2846

msvcrt

_strnicmp
_wcsnset
_stricmp
_strcmpi
_mbscmp
__CxxFrameHandler
_purecall
_CxxThrowException
atoi
_except_handler3
free
wcscmp
malloc
__RTDynamicCast
strstr
strncmp
wcschr
mbstowcs
swprintf
wcslen
wcscpy
_itow
_ftol
toupper
wcsstr
_snprintf
printf
rand
isdigit
_strupr
srand
sscanf
strncpy
__dllonexit
_onexit
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ

kernel32

LocalReAlloc
InterlockedExchange
HeapFree
GetProcessHeap
HeapAlloc
GetVersion
MulDiv
GetLastError
GetUserDefaultLangID
FindResourceExA
GetTimeFormatW
GetDateFormatW
GetLocaleInfoW
GetLocalTime
LocalFree
RaiseException
lstrcpyA
lstrcmpA
LoadLibraryW
GetModuleHandleA
FreeLibrary
LoadLibraryA
GetProcAddress
GlobalAlloc
GlobalFree
LocalAlloc
GetVersionExA
lstrcmpiA
lstrlenA
LoadResource
SizeofResource
GlobalLock
GlobalUnlock
Sleep
OutputDebugStringA
LocalSize
LocalLock
LocalUnlock
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte

user32

GetWindowTextW
GetWindowTextLengthW
CallWindowProcW
DrawStateA
GetSubMenu
AppendMenuA
RemoveMenu
WindowFromPoint
LoadIconA
GetIconInfo
TrackMouseEvent
DestroyWindow
RegisterClassA
GetClassInfoA
CreateWindowExA
DefWindowProcA
MessageBoxA
GetMenu
IsMenu
GetActiveWindow
SetRectEmpty
GetAncestor
InvalidateRect
SetCapture
ClientToScreen
ReleaseCapture
IsZoomed
LockWindowUpdate
GetCursorPos
GetWindowRgn
GetCapture
SetWindowRgn
GrayStringA
DrawTextA
TabbedTextOutA
EnableScrollBar
IsWindowEnabled
GetWindowLongA
GetTopWindow
GetForegroundWindow
RedrawWindow
SetWindowPos
GetWindow
IsWindow
RemovePropA
SetPropA
IsWindowUnicode
SetWindowLongW
SetWindowLongA
GetWindowTextLengthA
GetPropA
WindowFromDC
GetDC
ReleaseDC
GetSystemMetrics
GetMenuStringW
SetForegroundWindow
SetActiveWindow
GetWindowPlacement
SetWindowPlacement
CopyRect
IsRectEmpty
SetRect
GetWindowRect
OffsetRect
CopyImage
PtInRect
SetCursor
GetParent
SendMessageA
LoadCursorA
GetClientRect
GetClassNameA
PostMessageA
GetClassLongA
SetClassLongA
EnumThreadWindows
EnumChildWindows
GetMessagePos
KillTimer
SetTimer
EndPaint
MapWindowPoints
CallWindowProcA
BeginPaint
DrawEdge
GetSysColorBrush
GetWindowDC
DestroyIcon
EqualRect
UnionRect
GetScrollPos
FillRect
FrameRect
InflateRect
InvertRect
GetDlgCtrlID
IntersectRect
SubtractRect
DrawIconEx
UpdateWindow
GetSysColor
DrawFrameControl
DrawFocusRect
SystemParametersInfoA
IsWindowVisible
GetWindowTextA
GetMenuItemRect
SetMenuItemInfoA
GetMenuItemInfoA
GetMenuItemCount
GetMenuItemID
GetMenuState
GetDlgItem
SetFocus
GetNextDlgTabItem
DrawTextW
GetFocus
SendMessageW
GetMenuStringA
SystemParametersInfoW
ShowScrollBar
SetScrollInfo
SetScrollPos
ShowWindow
HideCaret
ShowCaret
GetCaretPos
SetCaretPos
GetKeyState
GetScrollInfo
CallNextHookEx
GetDesktopWindow
SetWindowsHookExA
UnhookWindowsHookEx
AdjustWindowRect
GetMenuBarInfo
PeekMessageA
DispatchMessageA
GetMessageA
GetDCEx
AdjustWindowRectEx
GetSystemMenu
DrawMenuBar
ScreenToClient
TrackPopupMenu
IsIconic

gdi32

RestoreDC
SetDIBColorTable
GetDIBColorTable
CreatePalette
CreateHalftonePalette
SelectPalette
RealizePalette
GetPaletteEntries
CreateDIBSection
GetObjectW
GetDeviceCaps
IntersectClipRect
GetClipRgn
GetTextMetricsA
ExtTextOutW
CreateFontIndirectW
SetStretchBltMode
GetClipBox
StretchBlt
Rectangle
CreatePatternBrush
SetBrushOrgEx
UnrealizeObject
SelectClipRgn
GetTextExtentPoint32A
PlayEnhMetaFile
SetPixel
CreateSolidBrush
Arc
Ellipse
GetTextExtentPoint32W
SetWindowOrgEx
SaveDC
CreatePen
GetObjectA
CreateFontIndirectA
GetPixel
GetTextExtentPointW
GetTextExtentPointA
GetTextMetricsW
SetBoundsRect
ExcludeClipRect
CreateRoundRectRgn
CreateEllipticRgn
PtInRegion
GetStockObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
SetViewportOrgEx
ExtSelectClipRgn
PatBlt
GetBkMode
GetTextColor
GetBkColor
GetCurrentObject
SetBkMode
SetTextColor
CreateRectRgn
OffsetRgn
GetRegionData
ExtCreateRegion
BeginPath
MoveToEx
LineTo
EndPath
WidenPath
PathToRegion
GetRgnBox
CreateRectRgnIndirect
CombineRgn
CreateCompatibleDC
SelectObject
CreateBitmap
CreateCompatibleBitmap
BitBlt
SetBkColor
DeleteObject
DeleteDC

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

ShellExecuteA

comctl32

ImageList_GetIcon
ImageList_Draw
ImageList_GetImageInfo
ImageList_GetIconSize
ImageList_DrawEx
UninitializeFlatSB
InitializeFlatSB
ImageList_SetBkColor

ole32

GetHGlobalFromStream
CreateStreamOnHGlobal

oleaut32

SysAllocStringLen
VariantClear
SysFreeString
SysAllocString

oleacc

AccessibleObjectFromWindow

Exports

Exports

AboutSkinCrafter
AddAdditionalThread
AddDrawImage
AddDrawText
AddSkinFromFile
ApplyAddedSkin
ApplySkin
ClearSkin
ClearWnd
DeInitDecoration
DecorateAs
DefineLanguage
DeleteAddedSkin
DeleteAdditionalThread
DoDecorate
DoNotDecorate
ExcludeThreadWindows
ExcludeWnd
GetSkinCopyRight
GetUserData
GetUserDataSize
IncludeThreadWindows
IncludeWnd
InitDecoration
InitLicenKeys
LoadSkinFromData
LoadSkinFromFile
LoadSkinFromResource
RemoveAddedSkin
RemoveDrawItem
RemoveSkin
SetAddedCustomScrollbars
SetAddedCustomSkinWnd
SetCustomScrollbars
SetCustomSkinWnd
SetDecorationMode
UpdateControl
UpdateWnd

Sections

.text
Size: 368KB - Virtual size: 365KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TorrentConnector.dll
.dll regsvr32 windows:4 windows x86 arch:x86

d519aaa511e1a0076725786014d4679c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\WakeNet\player\test\torrent\plugin\TorrentConnector\Release\TorrentConnector.pdb

Imports

kernel32

InterlockedIncrement
InterlockedDecrement
IsDBCSLeadByte
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
GetFullPathNameA
InterlockedExchange
lstrcmpiA
DisableThreadLibraryCalls
SetThreadLocale
GetThreadLocale
GetACP
GetLocaleInfoA
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetLocaleInfoW
LoadLibraryA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
lstrlenA
GetLastError
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
GetStdHandle
Sleep
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualProtect
VirtualAlloc
GetProcAddress
GetSystemInfo
VirtualQuery
RtlUnwind
GetCurrentThreadId
GetCommandLineA
LCMapStringA
LCMapStringW
GetCPInfo
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
VirtualFree
HeapCreate
ExitProcess
WriteFile

user32

MessageBoxA
CharNextA
UnregisterClassA

advapi32

RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA

ole32

CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc

shell32

ShellExecuteA

oleaut32

RegisterTypeLi
UnRegisterTypeLi
SysAllocString
LoadTypeLi
LoadRegTypeLi
SysStringLen
VarUI4FromStr
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
skin.skf
state.dht

Sharing

General

Malware Config

Signatures

Files

f6627eed5fe82e88a946f1c143376c86

Headers

File Characteristics

PDB Paths

Imports

version

wininet

iphlpapi

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

ws2_32

mswsock

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 224KB - Virtual size: 221KB

.data Size: 36KB - Virtual size: 52KB

.rsrc Size: 68KB - Virtual size: 66KB

8adf4dcd87bc0a5878820eb28d5b4aaa

Headers

File Characteristics

Imports

msimg32

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

shell32

comctl32

ole32

oleaut32

oleacc

Exports

Exports

Sections

.text Size: 368KB - Virtual size: 365KB

.rdata Size: 64KB - Virtual size: 60KB

.data Size: 8KB - Virtual size: 30KB

.rsrc Size: 12KB - Virtual size: 8KB

.reloc Size: 28KB - Virtual size: 27KB

d519aaa511e1a0076725786014d4679c

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

ole32

shell32

oleaut32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 88KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 8KB - Virtual size: 9KB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 224KB - Virtual size: 221KB

.data
Size: 36KB - Virtual size: 52KB

.rsrc
Size: 68KB - Virtual size: 66KB

.text
Size: 368KB - Virtual size: 365KB

.rdata
Size: 64KB - Virtual size: 60KB

.data
Size: 8KB - Virtual size: 30KB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 28KB - Virtual size: 27KB

.text
Size: 92KB - Virtual size: 88KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 8KB - Virtual size: 9KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 12KB - Virtual size: 8KB