776ff528468df3e9e61f0356c1585e61_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

776ff528468df3e9e61f0356c1585e61_JaffaCakes118
Size

823KB
MD5

776ff528468df3e9e61f0356c1585e61
SHA1

985954504cce773526bddb698e66dd6f25570438
SHA256

5a43afc768d9bb61da9a253b9f2ac7d50205bcd01138cad60f6327dddeae623a
SHA512

55515af8729fcea345beffae96295d9d6ca11e50170c46e7553b8b16de9b976ccf90ad77e25573027f988148afcf0d1a12ec654d82ad35010ce73c78c73256cf
SSDEEP

12288:vf7iaeDPbLuY54B/CmuX6hZEwdsZrFm+d/hbL6eF9hIsu2Yc4A128vutXce1/Bc2:vHeDT54gm/hZog+d/hH9X+jG4MpqDGqN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/系统组件/HaoErp2010.dll

Files

776ff528468df3e9e61f0356c1585e61_JaffaCakes118
.rar
AdPlan/SK_SsendAd.asp
.vbs
AdPlan/新云软件.url
.url
Client/SK_AddClient.asp
.vbs
Client/SK_AddLinkman.asp
.vbs
Client/SK_AddVisit.asp
.vbs
Client/SK_AjaxClient.asp
.vbs
Client/SK_ModClient.asp
.vbs
Client/SK_ModLinkman.asp
.vbs
Client/SK_ModVisit.asp
.vbs
Client/SK_MyClient.asp
.vbs
Client/SK_MyLinkman.asp
.vbs
Client/SK_MyRecClient.asp
.vbs
Client/SK_MyRecLinkman.asp
.vbs
Client/SK_MyVisit.asp
.vbs
Client/SK_ReadClient.asp
.vbs
Client/SK_ReadLinkman.asp
.vbs
Client/SK_ReadVisit.asp
.vbs
Client/SK_SClient.asp
.vbs
Client/SK_SLinkman.asp
.vbs
Client/SK_SVisit.asp
Common/CheckInput.asp
.vbs
Common/SelectDiskFile.Asp
.vbs
Common/clock.asp
.js
DataTran/HaoErp.DataSource.asp
.vbs
DataTran/HaoErp.DataTran.asp
DataTran/HaoErp.ImportList.asp
.vbs
Database/HaoErp2010.mdb
Default.asp
.vbs
Editor/editor/css/behaviors/disablehandles.htc
Editor/editor/css/behaviors/showtableborders.htc
Editor/editor/css/fck_editorarea.css
Editor/editor/css/fck_internal.css
Editor/editor/css/fck_showtableborders_gecko.css
Editor/editor/css/images/block_address.png
.png
Editor/editor/css/images/block_blockquote.png
.png
Editor/editor/css/images/block_div.png
.png
Editor/editor/css/images/block_h1.png
.png
Editor/editor/css/images/block_h2.png
.png
Editor/editor/css/images/block_h3.png
.png
Editor/editor/css/images/block_h4.png
.png
Editor/editor/css/images/block_h5.png
.png
Editor/editor/css/images/block_h6.png
.png
Editor/editor/css/images/block_p.png
.png
Editor/editor/css/images/block_pre.png
.png
Editor/editor/css/images/fck_anchor.gif
.gif
Editor/editor/css/images/fck_flashlogo.gif
.gif
Editor/editor/css/images/fck_hiddenfield.gif
.gif
Editor/editor/css/images/fck_pagebreak.gif
.gif
Editor/editor/css/images/fck_plugin.gif
.gif
Editor/editor/dialog/common/fck_dialog_common.css
Editor/editor/dialog/common/fck_dialog_common.js
.js
Editor/editor/dialog/common/images/locked.gif
.gif
Editor/editor/dialog/common/images/reset.gif
.gif
Editor/editor/dialog/common/images/unlocked.gif
.gif
Editor/editor/dialog/fck_about.html
.html .js polyglot
Editor/editor/dialog/fck_about/logo_fckeditor.gif
.gif
Editor/editor/dialog/fck_about/logo_fredck.gif
.gif
Editor/editor/dialog/fck_about/sponsors/spellchecker_net.gif
.gif
Editor/editor/dialog/fck_anchor.html
.html .js polyglot
Editor/editor/dialog/fck_button.html
.html .js polyglot
Editor/editor/dialog/fck_checkbox.html
.html .js polyglot
Editor/editor/dialog/fck_colorselector.html
.html .js polyglot
Editor/editor/dialog/fck_div.html
.html .js polyglot
Editor/editor/dialog/fck_docprops.html
.html .js polyglot
Editor/editor/dialog/fck_docprops/fck_document_preview.html
.html .js polyglot
Editor/editor/dialog/fck_flash.html
.html .js polyglot
Editor/editor/dialog/fck_flash/fck_flash.js
.js
Editor/editor/dialog/fck_flash/fck_flash_preview.html
.html .js polyglot
Editor/editor/dialog/fck_form.html
.html .js polyglot
Editor/editor/dialog/fck_hiddenfield.html
.html .js polyglot
Editor/editor/dialog/fck_image.html
.html .js polyglot
Editor/editor/dialog/fck_image/fck_image.js
.js
Editor/editor/dialog/fck_image/fck_image_preview.html
.html .js polyglot
Editor/editor/dialog/fck_link.html
.html .js polyglot
Editor/editor/dialog/fck_link/fck_link.js
.js
Editor/editor/dialog/fck_listprop.html
.html .js polyglot
Editor/editor/dialog/fck_paste.html
.html .js polyglot
Editor/editor/dialog/fck_radiobutton.html
.html .js polyglot
Editor/editor/dialog/fck_replace.html
.html .js polyglot
Editor/editor/dialog/fck_select.html
.html .js polyglot
Editor/editor/dialog/fck_select/fck_select.js
.js
Editor/editor/dialog/fck_smiley.html
.html .js polyglot
Editor/editor/dialog/fck_source.html
.html .js polyglot
Editor/editor/dialog/fck_specialchar.html
.html .js polyglot
Editor/editor/dialog/fck_spellerpages.html
.html .js polyglot
Editor/editor/dialog/fck_spellerpages/spellerpages/controlWindow.js
.js
Editor/editor/dialog/fck_spellerpages/spellerpages/controls.html
.html .js polyglot
Editor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php
.js
Editor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.pl
.sh .js linux polyglot
Editor/editor/dialog/fck_spellerpages/spellerpages/spellChecker.js
.js
Editor/editor/dialog/fck_spellerpages/spellerpages/spellchecker.html
.js
Editor/editor/dialog/fck_spellerpages/spellerpages/spellerStyle.css
Editor/editor/dialog/fck_spellerpages/spellerpages/wordWindow.js
.js
Editor/editor/dialog/fck_table.html
.html .js polyglot
Editor/editor/dialog/fck_tablecell.html
.html .js polyglot
Editor/editor/dialog/fck_template.html
.html .js polyglot
Editor/editor/dialog/fck_template/images/template1.gif
.gif
Editor/editor/dialog/fck_template/images/template2.gif
.gif
Editor/editor/dialog/fck_template/images/template3.gif
.gif
Editor/editor/dialog/fck_textarea.html
.html .js polyglot
Editor/editor/dialog/fck_textfield.html
.html .js polyglot
Editor/editor/dtd/fck_dtd_test.html
.html .js polyglot
Editor/editor/dtd/fck_xhtml10strict.js
.js
Editor/editor/dtd/fck_xhtml10transitional.js
.js
Editor/editor/fckdebug.html
.html .js polyglot
Editor/editor/fckdialog.html
.html .js polyglot
Editor/editor/fckeditor.html
.html .js polyglot
Editor/editor/fckeditor.original.html
.js
Editor/editor/filemanager/browser/default/browser.css
Editor/editor/filemanager/browser/default/browser.html
.html .js polyglot
Editor/editor/filemanager/browser/default/frmactualfolder.html
.html .js polyglot
Editor/editor/filemanager/browser/default/frmcreatefolder.html
.html .js polyglot
Editor/editor/filemanager/browser/default/frmfolders.html
.html .js polyglot
Editor/editor/filemanager/browser/default/frmresourceslist.html
.html .js polyglot
Editor/editor/filemanager/browser/default/frmresourcetype.html
.html .js polyglot
Editor/editor/filemanager/browser/default/frmupload.html
.html .js polyglot
Editor/editor/filemanager/browser/default/images/ButtonArrow.gif
.gif
Editor/editor/filemanager/browser/default/images/Folder.gif
.gif
Editor/editor/filemanager/browser/default/images/Folder32.gif
.gif
Editor/editor/filemanager/browser/default/images/FolderOpened.gif
.gif
Editor/editor/filemanager/browser/default/images/FolderOpened32.gif
.gif
Editor/editor/filemanager/browser/default/images/FolderUp.gif
.gif
Editor/editor/filemanager/browser/default/images/Thumbs.db
Editor/editor/filemanager/browser/default/images/icons/32/ai.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/avi.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/bmp.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/cs.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/default.icon.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/dll.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/doc.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/exe.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/fla.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/gif.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/htm.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/html.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/jpg.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/js.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/mdb.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/mp3.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/pdf.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/png.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/ppt.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/rdp.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/swf.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/swt.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/txt.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/vsd.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/xls.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/xml.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/32/zip.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/Thumbs.db
Editor/editor/filemanager/browser/default/images/icons/ai.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/avi.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/bmp.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/cs.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/default.icon.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/dll.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/doc.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/exe.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/fla.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/gif.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/htm.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/html.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/jpg.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/js.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/mdb.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/mp3.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/pdf.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/png.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/ppt.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/rdp.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/swf.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/swt.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/txt.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/vsd.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/xls.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/xml.gif
.gif
Editor/editor/filemanager/browser/default/images/icons/zip.gif
.gif
Editor/editor/filemanager/browser/default/images/spacer.gif
.gif
Editor/editor/filemanager/browser/default/js/common.js
.js
Editor/editor/filemanager/browser/default/js/fckxml.js
.js
Editor/editor/filemanager/connectors/asp/basexml.asp
Editor/editor/filemanager/connectors/asp/class_upload.asp
.vbs
Editor/editor/filemanager/connectors/asp/commands.asp
.vbs
Editor/editor/filemanager/connectors/asp/config.asp
.vbs
Editor/editor/filemanager/connectors/asp/connector.asp
.vbs
Editor/editor/filemanager/connectors/asp/io.asp
.vbs
Editor/editor/filemanager/connectors/asp/upload.asp
.vbs
Editor/editor/filemanager/connectors/asp/util.asp
.vbs
Editor/editor/filemanager/connectors/uploadtest.html
.js
Editor/editor/images/anchor.gif
.gif
Editor/editor/images/arrow_ltr.gif
.gif
Editor/editor/images/arrow_rtl.gif
.gif
Editor/editor/images/smiley/msn/angel_smile.gif
.gif
Editor/editor/images/smiley/msn/angry_smile.gif
.gif
Editor/editor/images/smiley/msn/broken_heart.gif
.gif
Editor/editor/images/smiley/msn/cake.gif
.gif
Editor/editor/images/smiley/msn/confused_smile.gif
.gif
Editor/editor/images/smiley/msn/cry_smile.gif
.gif
Editor/editor/images/smiley/msn/devil_smile.gif
.gif
Editor/editor/images/smiley/msn/embaressed_smile.gif
.gif
Editor/editor/images/smiley/msn/envelope.gif
.gif
Editor/editor/images/smiley/msn/heart.gif
.gif
Editor/editor/images/smiley/msn/kiss.gif
.gif
Editor/editor/images/smiley/msn/lightbulb.gif
.gif
Editor/editor/images/smiley/msn/omg_smile.gif
.gif
Editor/editor/images/smiley/msn/regular_smile.gif
.gif
Editor/editor/images/smiley/msn/sad_smile.gif
.gif
Editor/editor/images/smiley/msn/shades_smile.gif
.gif
Editor/editor/images/smiley/msn/teeth_smile.gif
.gif
Editor/editor/images/smiley/msn/thumbs_down.gif
.gif
Editor/editor/images/smiley/msn/thumbs_up.gif
.gif
Editor/editor/images/smiley/msn/tounge_smile.gif
.gif
Editor/editor/images/smiley/msn/whatchutalkingabout_smile.gif
.gif
Editor/editor/images/smiley/msn/wink_smile.gif
.gif
Editor/editor/images/spacer.gif
.gif
Editor/editor/js/fckadobeair.js
.js
Editor/editor/js/fckeditorcode_gecko.js
.js
Editor/editor/js/fckeditorcode_ie.js
.js
Editor/editor/lang/zh-cn.js
Editor/editor/plugins/autogrow/fckplugin.js
.js
Editor/editor/plugins/bbcode/_sample/sample.config.js
Editor/editor/plugins/bbcode/_sample/sample.html
.html .js polyglot
Editor/editor/plugins/bbcode/fckplugin.js
.js
Editor/editor/plugins/dragresizetable/fckplugin.js
.js
Editor/editor/plugins/placeholder/fck_placeholder.html
.html .js polyglot
Editor/editor/plugins/placeholder/fckplugin.js
.js
Editor/editor/plugins/placeholder/lang/de.js
Editor/editor/plugins/placeholder/lang/en.js
Editor/editor/plugins/placeholder/lang/es.js
Editor/editor/plugins/placeholder/lang/fr.js
Editor/editor/plugins/placeholder/lang/it.js
Editor/editor/plugins/placeholder/lang/pl.js
Editor/editor/plugins/placeholder/placeholder.gif
.gif
Editor/editor/plugins/simplecommands/fckplugin.js
Editor/editor/plugins/tablecommands/fckplugin.js
Editor/editor/skins/_fckviewstrips.html
.html .js polyglot
Editor/editor/skins/default/fck_dialog.css
Editor/editor/skins/default/fck_dialog_ie6.js
.js
Editor/editor/skins/default/fck_editor.css
Editor/editor/skins/default/fck_strip.gif
.gif
Editor/editor/skins/default/images/dialog.sides.gif
.gif
Editor/editor/skins/default/images/dialog.sides.png
.png
Editor/editor/skins/default/images/dialog.sides.rtl.png
.png
Editor/editor/skins/default/images/sprites.gif
.gif
Editor/editor/skins/default/images/sprites.png
.png
Editor/editor/skins/default/images/toolbar.arrowright.gif
.gif
Editor/editor/skins/default/images/toolbar.buttonarrow.gif
.gif
Editor/editor/skins/default/images/toolbar.collapse.gif
.gif
Editor/editor/skins/default/images/toolbar.end.gif
.gif
Editor/editor/skins/default/images/toolbar.expand.gif
.gif
Editor/editor/skins/default/images/toolbar.separator.gif
.gif
Editor/editor/skins/default/images/toolbar.start.gif
.gif
Editor/fckconfig.js
.js
Editor/fckeditor.asp
.vbs
Editor/fckpackager.xml
.xml
Editor/fckstyles.xml
.xml
Editor/fcktemplates.xml
.xml
Function/HaoErp.Common.Asp
.vbs
Function/HaoErp.Dll.asp
.vbs
Function/HaoErp.Fso.Asp
.vbs
Function/HaoErp.Function.asp
.vbs
Function/HaoErp.Md5.asp
.vbs
Function/HaoErp.SendMail.Asp
.vbs
Function/HaoErp.Sms.Asp
.vbs
Function/HaoErp.Update.asp
.vbs
Function/HaoErp.Version.asp
Function/HaoErp.XmlHttp.Asp
.vbs
Images/FileType/Folder.gif
.gif
Images/calendar.gif
.gif
Images/clock.gif
.gif
Images/print.jpg
.jpg
Include/Code2Info.en.asp
.vbs
Include/Config.asp
Include/ConfigGenuine.asp
Include/Conn.asp
.vbs
Include/ConnGb_DbFile.Asp
Include/Conn_DbFile.Asp
Include/ConstGb.Asp
.vbs
Include/MD5_Code.asp
.vbs
Include/SK_Calendar.js
.js
Include/SK_Check.js
.js
Include/SK_CheckPs.js
.js
Include/SK_Conn.asp
.vbs
Include/SK_Session.asp
.vbs
Include/UpLoadClass.asp
.vbs
Include/md5.asp
.vbs
InfoSend/SK_AccountList.asp
.vbs
InfoSend/SK_SendLog.asp
.vbs
InfoSend/SendPlanDo.asp
.vbs
InfoSend/SendSmsDo.asp
.vbs
InfoSend/Sk_SendAd.Asp
.vbs
InfoSend/Sk_SendGate.Asp
.vbs
InfoSend/Sk_SendPlan.Asp
.vbs
Install/CopyFile/index.asp
Install/Index.asp
.vbs
Language/Chinese.asp
Language/English.asp
Language/Tw.asp
Login/Login.asp
Login/SK_Center.asp
.js
Login/SK_Check.asp
Login/SK_Default.asp
.vbs
Login/SK_Down.asp
.vbs
Login/SK_Index.asp
Login/SK_Left.asp
.vbs
Login/SK_MyExit.asp
.vbs
Login/SK_MyInfo.asp
.vbs
Login/SK_MyPass.asp
.vbs
Login/SK_Regedit.asp
Login/SK_Top.asp
Login/images/main_55.gif
.gif
Login/images/main_55_1.gif
.gif
Office/SK_AddFavorite.asp
.vbs
Office/SK_AddFiles.asp
.vbs
Office/SK_AddMyLog.asp
.vbs
Office/SK_AddNews.asp
.vbs
Office/SK_Comm.asp
.vbs
Office/SK_Favorite.asp
.vbs
Office/SK_Files.asp
.vbs
Office/SK_ModFavorite.asp
.vbs
Office/SK_ModFiles.asp
.vbs
Office/SK_ModMyLog.asp
.vbs
Office/SK_ModNews.asp
.vbs
Office/SK_MyLog.asp
.vbs
Office/SK_News.asp
.vbs
Office/SK_ReadFavorite.asp
.vbs
Office/SK_ReadFiles.asp
.vbs
Office/SK_ReadMyLog.asp
.vbs
Office/SK_ReadNews.asp
.vbs
Skin/01/images/22.gif
.gif
Skin/01/images/33.gif
.gif
Skin/01/images/E1.gif
.gif
Skin/01/images/E2.gif
.gif
Skin/01/images/E3.gif
.gif
Skin/01/images/F_bg.gif
.gif
Skin/01/images/F_bg1.gif
.gif
Skin/01/images/L_01.gif
.gif
Skin/01/images/L_02.gif
.gif
Skin/01/images/L_03.gif
.gif
Skin/01/images/L_04.gif
.gif
Skin/01/images/L_05.gif
.gif
Skin/01/images/L_06.gif
.gif
Skin/01/images/L_07.gif
.gif
Skin/01/images/L_08.gif
.gif
Skin/01/images/L_09.gif
.gif
Skin/01/images/L_10.gif
.gif
Skin/01/images/QF_bg.gif
.gif
Skin/01/images/QF_tagleft.gif
.gif
Skin/01/images/QF_tagright.gif
.gif
Skin/01/images/Read.gif
.gif
Skin/01/images/Readed.gif
.gif
Skin/01/images/Reok.gif
.gif
Skin/01/images/Report_bar1.gif
.gif
Skin/01/images/Report_bar2.gif
.gif
Skin/01/images/Report_bar4.gif
.gif
Skin/01/images/Report_bar6.gif
.gif
Skin/01/images/Report_bar7.gif
.gif
Skin/01/images/Report_split1.gif
.gif
Skin/01/images/SK_07.gif
.gif
Skin/01/images/SK_08.gif
.gif
Skin/01/images/SK_09.gif
.gif
Skin/01/images/SK_13.gif
.gif
Skin/01/images/SK_14.gif
.gif
Skin/01/images/SK_Add1.gif
.gif
Skin/01/images/SK_B_4.gif
.gif
Skin/01/images/SK_Botton1.gif
.gif
Skin/01/images/SK_EInfo.gif
.gif
Skin/01/images/SK_EPass.gif
.gif
Skin/01/images/SK_Exit.gif
.gif
Skin/01/images/SK_Line.gif
.gif
Skin/01/images/SK_R_Menu_bg.gif
.gif
Skin/01/images/SK_ReOk.gif
.gif
Skin/01/images/SK_Save.gif
.gif
Skin/01/images/SK_Web.gif
.gif
Skin/01/images/SK_math.gif
.gif
Skin/01/images/SK_tb.gif
.gif
Skin/01/images/Sk_Add.gif
.gif
Skin/01/images/Sk_AddEasy.gif
.gif
Skin/01/images/add.gif
.gif
Skin/01/images/bar9.gif
.gif
Skin/01/images/del.gif
.gif
Skin/01/images/edit.gif
.gif
Skin/01/images/jdown.gif
.gif
Skin/01/images/left_bg02.gif
.gif
Skin/01/images/login.gif
.gif
Skin/01/images/login_03.gif
.gif
Skin/01/images/login_04.gif
.gif
Skin/01/images/login_06.gif
.gif
Skin/01/images/login_07.gif
.gif
Skin/01/images/login_08.gif
.gif
Skin/01/images/login_09.gif
.gif
Skin/01/images/login_10.gif
.gif
Skin/01/images/login_11.gif
.gif
Skin/01/images/main_01.gif
.gif
Skin/01/images/main_03.gif
.gif
Skin/01/images/main_05.gif
.gif
Skin/01/images/main_06.gif
.gif
Skin/01/images/main_07.gif
.gif
Skin/01/images/main_10.gif
.gif
Skin/01/images/main_11.gif
.gif
Skin/01/images/main_13.gif
.gif
Skin/01/images/main_15.gif
.gif
Skin/01/images/main_17.gif
.gif
Skin/01/images/main_19.gif
.gif
Skin/01/images/main_21.gif
.gif
Skin/01/images/main_28.gif
.gif
Skin/01/images/main_29.gif
.gif
Skin/01/images/main_30.gif
.gif
Skin/01/images/main_31.gif
.gif
Skin/01/images/main_32.gif
.gif
Skin/01/images/main_34.gif
.gif
Skin/01/images/main_34_1.gif
.gif
Skin/01/images/main_35.gif
.gif
Skin/01/images/main_40.gif
.gif
Skin/01/images/main_43.gif
.gif
Skin/01/images/main_50.gif
.gif
Skin/01/images/main_55.gif
.gif
Skin/01/images/main_55_1.gif
.gif
Skin/01/images/main_69.gif
.gif
Skin/01/images/main_71.gif
.gif
Skin/01/images/main_72.gif
.gif
Skin/01/images/main_74.gif
.gif
Skin/01/images/move.gif
.gif
Skin/01/images/msg.wav
Skin/01/images/no.gif
.gif
Skin/01/images/nomod.gif
.gif
Skin/01/images/print.gif
.gif
Skin/01/images/q1.gif
.gif
Skin/01/images/q2.gif
.gif
Skin/01/images/re.gif
.gif
Skin/01/images/register.gif
.gif
Skin/01/images/sign.gif
.gif
Skin/01/images/sj.gif
.gif
Skin/01/images/sk_print.css
Skin/01/images/sk_style.css
Skin/01/images/tab_03.gif
.gif
Skin/01/images/tab_05.gif
.gif
Skin/01/images/tab_07.gif
.gif
Skin/01/images/tab_12.gif
.gif
Skin/01/images/tab_15.gif
.gif
Skin/01/images/tab_17.gif
.gif
Skin/01/images/tab_18.gif
.gif
Skin/01/images/tab_19.gif
.gif
Skin/01/images/tab_20.gif
.gif
Skin/01/images/tab_bg.gif
.gif
Skin/01/images/tab_bg1.gif
.gif
Skin/01/images/tb.gif
.gif
Skin/01/images/tlogin.gif
.gif
Skin/01/images/tre.gif
.gif
Skin/01/images/xbmsg.WAV
Skin/01/images/yes.gif
.gif
Skin/images/000.gif
.gif
Skin/images/001.gif
.gif
Skin/images/A1.png
.png
Skin/images/A2.png
.png
Skin/images/A3.png
.png
Skin/images/A4.png
.png
Skin/images/AN01.gif
.gif
Skin/images/AN01.png
.png
Skin/images/BTRebg.gif
.gif
Skin/images/BTbg.gif
.gif
Skin/images/Left.gif
.gif
Skin/images/MB.gif
.gif
Skin/images/MT.gif
.gif
Skin/images/N1.gif
.gif
Skin/images/N2.gif
.gif
Skin/images/N3.gif
.gif
Skin/images/Rbg.gif
.gif
Skin/images/Report_bar1.gif
.gif
Skin/images/Report_bar2.gif
.gif
Skin/images/Report_bar4.gif
.gif
Skin/images/Report_bar6.gif
.gif
Skin/images/Report_bar7.gif
.gif
Skin/images/Report_split1.gif
.gif
Skin/images/Right.gif
.gif
Skin/images/SK_Add.gif
.gif
Skin/images/Styles.css
Skin/images/TD_bg.gif
.gif
Skin/images/TD_left.gif
.gif
Skin/images/TD_right.gif
.gif
Skin/images/WR.gif
.gif
Skin/images/add.gif
.gif
Skin/images/down.gif
.gif
Skin/images/fb.gif
.gif
Skin/images/flb.gif
.gif
Skin/images/frb.gif
.gif
Skin/images/up.gif
.gif
Skin/images/users.gif
.gif
Skin/images/warning.gif
.gif
System/Backup/2010-6-12.mdb
System/HaoErp.DataOptimized.asp
.vbs
System/HaoErp.UpDate.asp
.js
System/HaoErp.UpDate_Ajax.asp
.vbs
System/SK_AddUsers.asp
.vbs
System/SK_Area1.asp
.vbs
System/SK_Area2.asp
.vbs
System/SK_Area3.asp
.vbs
System/SK_BackupData.asp
.vbs
System/SK_Branch.asp
.vbs
System/SK_Dept.asp
.vbs
System/SK_LoginLog.asp
.vbs
System/SK_ModUsers.asp
.vbs
System/SK_Option.asp
.vbs
System/SK_ReadUsers.asp
.vbs
System/SK_SqlLog.asp
.vbs
System/SK_System.asp
.vbs
System/SK_Users.asp
.vbs
System/Update/Ok.gif
.gif
System/Update/ajaxrequest.js
.js
System/Update/loading.gif
.gif
System/index.asp
Update/201000615.asp
.vbs
Update/201000615.asp.Lock
Update/20100101.asp
.asp
Update/20100514.asp
.vbs
Update/20100514.asp.Lock
Update/20100701.asp
.vbs
Update/20100701.asp.Lock
Update/20100728.asp
.vbs
Update/20100728.asp.Lock
Upload/Thumbs.db
Upload/UpDir/200908211817088862.jpg
.jpg
Upload/UpDir/2010051365361109.gif
.gif
Upload/UpDir/2010051378081441.gif
.gif
Upload/UpDir/2010062167819297.jpg
.jpg
Upload/UpDir/Thumbs.db
Wap/Client.asp
.vbs
Wap/Function/HaoWap.Article.asp
.vbs
Wap/Function/HaoWap.common.asp
.vbs
Wap/Index.asp
.vbs
Wap/WapConst.asp
.vbs
系统组件/HaoErp2010.dll
.dll regsvr32 windows:4 windows x86 arch:x86

4625072de1303008c274c74b80bb73c1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

__vbaVarTstGt
__vbaVarSub
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaVarVargNofree
__vbaFreeVar
__vbaLenBstr
__vbaAptOffset
ord696
__vbaVarIdiv
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
ord516
__vbaVarIndexLoadRef
__vbaStrErrVarCopy
_adj_fprem1
ord518
__vbaI2Abs
__vbaVarCmpNe
__vbaStrCat
ord553
ord661
ord662
__vbaHresultCheckObj
ord556
ord557
__vbaVargVarCopy
__vbaLenVar
_adj_fdiv_m32
__vbaVarTstLe
__vbaVarCmpGe
__vbaAryDestruct
__vbaVarIndexLoadRefLock
__vbaVarForInit
ord593
ord594
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord304
__vbaVarIndexLoad
ord520
__vbaFPFix
__vbaBoolVarNull
__vbaVarTstLt
__vbaVargVar
__vbaRefVarAry
_CIsin
__vbaErase
ord709
__vbaVargVarMove
ord632
__vbaVarCmpGt
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaStrCmp
__vbaVarTstEq
ord560
__vbaDateR8
__vbaObjVar
ord561
ord562
__vbaVarOr
__vbaVarLateMemSt
__vbaCastObjVar
_adj_fpatan
__vbaRedim
EVENT_SINK_Release
__vbaNew
ord601
_CIsqrt
ord310
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaVarMul
__vbaExceptHandler
ord312
ord711
ord712
__vbaPrintFile
_adj_fprem
_adj_fdivr_m64
__vbaVarDiv
__vbaR8ErrVar
ord608
ord716
__vbaVarCmpLe
__vbaFPException
__vbaInStrVar
__vbaUbound
__vbaStrVarVal
__vbaVarCat
__vbaDateVar
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaVarLateMemCallLdRf
__vbaNew2
__vbaVarInt
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaVarSetObj
__vbaVarNot
__vbaVarCmpLt
__vbaFreeStrList
_adj_fdivr_m32
__vbaR8Var
_adj_fdiv_r
ord685
__vbaVarTstNe
ord101
__vbaVarSetVar
ord102
__vbaI4Var
ord103
__vbaVarCmpEq
ord104
ord610
ord105
__vbaLateMemCall
__vbaVarAdd
__vbaVarDup
__vbaVarMod
__vbaVarCopy
__vbaVarLateMemCallLd
__vbaVarTstGe
__vbaFpI4
__vbaVarSetObjAddref
ord617
_CIatan
__vbaStrMove
__vbaCastObj
ord619
ord542
ord543
_allmul
ord544
ord545
_CItan
ord546
__vbaAryUnlock
ord547
__vbaVarForNext
_CIexp
__vbaI4ErrVar
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 204KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
系统组件/停止IIS.bat
系统组件/彻底卸载组件.bat
系统组件/第一次注册组件.bat
系统组件/组件注册说明.txt
系统组件/重启IIS.bat
系统组件/重新注册组件.bat
说明文件/安装步骤.txt
说明文件/官方帮助.url
说明文件/系统介绍.txt
说明文件/诚征合作伙伴.txt

Sharing

General

Malware Config

Signatures

Files

4625072de1303008c274c74b80bb73c1

Headers

File Characteristics

Imports

msvbvm60

Exports

Exports

Sections

.text Size: 204KB - Virtual size: 200KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 28KB - Virtual size: 24KB

.reloc Size: 20KB - Virtual size: 17KB

.text
Size: 204KB - Virtual size: 200KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 28KB - Virtual size: 24KB

.reloc
Size: 20KB - Virtual size: 17KB