82bab1e10078fe87661b5eceda6cd429_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

82bab1e10078fe87661b5eceda6cd429_JaffaCakes118
Size

780KB
MD5

82bab1e10078fe87661b5eceda6cd429
SHA1

2e0e55d91b1cade4b765b7ea4e557053ce8f9730
SHA256

f77c55a622f7a4a6905e831857ca838b6898e759edfbd87d6c66ba9eb58f0765
SHA512

a54b9d70cdfefea82d327db220a481716cd287e95b68381acd3ebc339b541b0efbb0d0283f2b75bb06706eb20d9c92039cbafa934d671c89ae82b335d193dfbf
SSDEEP

24576:h3bE/0DWYxZR9VoaD+iOrXlt3JkBTQ/mhP:9sEVxZR9VcltGamR

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack003/SGIP模拟网关/SGIPGW.exe	aspack_v212_v242

Unsigned PE 8 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cvery.comc3457654445/SGIPAPI1.3/SGIP.dll
unpack001/cvery.comc3457654445/客户端示例程序V1.31/SGIP.dll
unpack001/cvery.comc3457654445/客户端示例程序V1.31/SGIP_API_TEST.exe
unpack002/SGIP.dll
unpack002/SgipPro.exe
unpack002/TestSample.exe
unpack003/SGIP模拟网关/SGIPGW.exe
unpack005/sgipGW.exe

Files

82bab1e10078fe87661b5eceda6cd429_JaffaCakes118
.rar
cvery.comc3457654445/SGIPAPI1.3/SGIP.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

??0CSgip@@QAE@XZ
??1CSgip@@QAE@XZ
??_7CSgip@@6B@
?AddUserNumber@CSgip@@QAEHPAUsgipg_submit@@PBD@Z
?ChangeStatus@CSgip@@AAEXH_N@Z
?CreateConn@CSgip@@AAE_NXZ
?CreateLogFile@CSgip@@AAE_NXZ
?Dump@CSgip@@QAEXPAUsgipg_packet@@@Z
?GetErrMsg@CSgip@@QAEPBDH@Z
?GetSubmitConn@CSgip@@AAE_NAAUsgip_conn@@AAH@Z
?GetSubmitSeqId@CSgip@@QAEIXZ
?IsValidIPAddr@CSgip@@AAE_NPBD@Z
?LocalListen@CSgip@@AAE_NXZ
?LoginSmg@CSgip@@AAEHPAUsgip_conn@@@Z
?LogoutSmg@CSgip@@AAEXPAUsgip_conn@@@Z
?Release@CSgip@@QAEXXZ
?ReleaseConn@CSgip@@AAE_NXZ
?SgipServFunc@CSgip@@CGKPAX@Z
?SgipServProc@CSgip@@EAEKXZ
?Start@CSgip@@QAEHPADH0H00H0P6AXUdeliverstr@@@ZP6AXUreportstr@@@ZP6AXUmtrespstr@@@ZP6AXUmterrorstr@@@ZH@Z
?Submit@CSgip@@QAEXUsgipg_submit@@AAI1@Z
?SubmitFunc@CSgip@@QAEHUsgipg_submit@@II@Z
?TestPeerLogin@CSgip@@AAE_NXZ
?Trace@CSgip@@AAAXPBDZZ

Sections

.text
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
cvery.comc3457654445/SGIPAPI1.3/SGIP.h
cvery.comc3457654445/SGIPAPI1.3/SGIP.lib
cvery.comc3457654445/SGIPAPI1.3/SGIPAPI_Manual.chm
.chm
cvery.comc3457654445/下载说明.htm
.html .js polyglot
cvery.comc3457654445/客户端示例程序V1.31/Resource.h
cvery.comc3457654445/客户端示例程序V1.31/SGIP.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

??0CSgip@@QAE@XZ
??1CSgip@@QAE@XZ
??_7CSgip@@6B@
?AddUserNumber@CSgip@@QAEHPAUsgipg_submit@@PBD@Z
?ChangeStatus@CSgip@@AAEXH_N@Z
?CreateConn@CSgip@@AAE_NXZ
?CreateLogFile@CSgip@@AAE_NXZ
?Dump@CSgip@@QAEXPAUsgipg_packet@@@Z
?GetErrMsg@CSgip@@QAEPBDH@Z
?GetSubmitConn@CSgip@@AAE_NAAUsgip_conn@@AAH@Z
?GetSubmitSeqId@CSgip@@QAEIXZ
?IsValidIPAddr@CSgip@@AAE_NPBD@Z
?LocalListen@CSgip@@AAE_NXZ
?LoginSmg@CSgip@@AAEHPAUsgip_conn@@@Z
?LogoutSmg@CSgip@@AAEXPAUsgip_conn@@@Z
?Release@CSgip@@QAEXXZ
?ReleaseConn@CSgip@@AAE_NXZ
?SgipServFunc@CSgip@@CGKPAX@Z
?SgipServProc@CSgip@@EAEKXZ
?Start@CSgip@@QAEHPADH0H00H0P6AXUdeliverstr@@@ZP6AXUreportstr@@@ZP6AXUmtrespstr@@@ZP6AXUmterrorstr@@@ZH@Z
?Submit@CSgip@@QAEXUsgipg_submit@@AAI1@Z
?SubmitFunc@CSgip@@QAEHUsgipg_submit@@II@Z
?TestPeerLogin@CSgip@@AAE_NXZ
?Trace@CSgip@@AAAXPBDZZ

Sections

.text
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
cvery.comc3457654445/客户端示例程序V1.31/SGIP.h
cvery.comc3457654445/客户端示例程序V1.31/SGIP.lib
cvery.comc3457654445/客户端示例程序V1.31/SGIP_API_TEST.cpp
cvery.comc3457654445/客户端示例程序V1.31/SGIP_API_TEST.dsp
cvery.comc3457654445/客户端示例程序V1.31/SGIP_API_TEST.dsw
cvery.comc3457654445/客户端示例程序V1.31/SGIP_API_TEST.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 30KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
cvery.comc3457654445/客户端示例程序V1.31/SGIP_API_TEST.exp
cvery.comc3457654445/客户端示例程序V1.31/SGIP_API_TEST.lib
cvery.comc3457654445/客户端示例程序V1.31/SGIP_API_TEST.plg
.html
cvery.comc3457654445/客户端示例程序V1.31/StdAfx.cpp
cvery.comc3457654445/客户端示例程序V1.31/StdAfx.h
cvery.comc3457654445/客户端示例程序V1.31/setting.ini
cvery.comc3457654445/客户端示例程序V1.31/说明.txt
cvery.comc3457654445/客户端程序/sgippro1.3.rar
.rar
INTRO.TXT
SETTING.INI
SGIP.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

??0CSgip@@QAE@XZ
??1CSgip@@QAE@XZ
??_7CSgip@@6B@
?AddUserNumber@CSgip@@QAEHPAUsgipg_submit@@PBD@Z
?ChangeStatus@CSgip@@AAEXH_N@Z
?CreateConn@CSgip@@AAE_NXZ
?CreateLogFile@CSgip@@AAE_NXZ
?Dump@CSgip@@QAEXPAUsgipg_packet@@@Z
?GetErrMsg@CSgip@@QAEPBDH@Z
?GetSubmitConn@CSgip@@AAE_NAAUsgip_conn@@AAH@Z
?GetSubmitSeqId@CSgip@@QAEIXZ
?IsValidIPAddr@CSgip@@AAE_NPBD@Z
?LocalListen@CSgip@@AAE_NXZ
?LoginSmg@CSgip@@AAEHPAUsgip_conn@@@Z
?LogoutSmg@CSgip@@AAEXPAUsgip_conn@@@Z
?Release@CSgip@@QAEXXZ
?ReleaseConn@CSgip@@AAE_NXZ
?SgipServFunc@CSgip@@CGKPAX@Z
?SgipServProc@CSgip@@EAEKXZ
?Start@CSgip@@QAEHPADH0H00H0P6AXUdeliverstr@@@ZP6AXUreportstr@@@ZP6AXUmtrespstr@@@ZP6AXUmterrorstr@@@ZH@Z
?Submit@CSgip@@QAEXUsgipg_submit@@AAI1@Z
?SubmitFunc@CSgip@@QAEHUsgipg_submit@@II@Z
?TestPeerLogin@CSgip@@AAE_NXZ
?Trace@CSgip@@AAAXPBDZZ

Sections

.text
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SGIPDB.MDB
SgipPro.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 93KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
TestSample.exe
.exe windows:4 windows x86 arch:x86

0348308a99232309f351c9a8f971d029

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
HeapAlloc
HeapFree
TerminateProcess
HeapReAlloc
HeapSize
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RaiseException
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
GetTickCount
GetProfileStringA
GetOEMCP
GetCPInfo
SizeofResource
GetProcessVersion
WritePrivateProfileStringA
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalFlags
FreeLibrary
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalFree
LockResource
FindResourceA
LoadResource
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
GetCurrentThread
GetCurrentThreadId
MulDiv
GetModuleHandleA
SetLastError
GetModuleFileNameA
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
LoadLibraryA
GetProcAddress
SetEndOfFile
UnlockFile
LockFile
CloseHandle
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
lstrcpynA
lstrcmpiA
FormatMessageA
InterlockedIncrement
FileTimeToLocalFileTime
FileTimeToSystemTime
WideCharToMultiByte
GlobalLock
GlobalUnlock
LocalFree
lstrlenA
MultiByteToWideChar
GetLastError
SetUnhandledExceptionFilter
InterlockedDecrement

user32

MessageBeep
InvalidateRect
InflateRect
RegisterClipboardFormatA
PostThreadMessageA
LoadCursorA
GetDesktopWindow
PtInRect
GetClassNameA
DestroyMenu
LoadStringA
wvsprintfA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
CopyRect
GetNextDlgGroupItem
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
MessageBoxA
ReleaseDC
GetDC
LoadIconA
SendMessageA
UnregisterClassA
HideCaret
AdjustWindowRectEx
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
SetRect
CopyAcceleratorTableA
CharNextA
GetSysColorBrush
GetMessageA
TranslateMessage
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
AppendMenuA
GetSystemMenu
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
EnableWindow
GetWindowTextA
GetWindowTextLengthA
wsprintfA
CharUpperA
ScreenToClient
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
PostMessageA
PostQuitMessage
SetCursor
GetWindowLongA
IsWindowEnabled
GetLastActivePopup
GetParent
SetWindowsHookExA
GetCursorPos
PeekMessageA
CallWindowProcA
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible

gdi32

CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateBitmap
GetObjectA
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
DeleteObject
CreateDIBitmap
IntersectClipRect
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkMode
SetBkColor
GetStockObject
SelectObject
RestoreDC
SaveDC
GetTextExtentPointA
BitBlt
CreateCompatibleDC
DeleteDC

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

comctl32

ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoRegisterMessageFilter
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoInitialize
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleRun
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

VariantClear
VariantChangeType
VariantInit
SysAllocString
VariantCopy
SysAllocStringByteLen
SysAllocStringLen
SysStringLen
VariantTimeToSystemTime
GetErrorInfo
SysFreeString

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
我的网站.url
cvery.comc3457654445/网关模拟器V1.22/SGIPGW.rar
.rar
SGIP模拟网关/SGIPGW.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 96KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SGIP模拟网关/sgipgw.ini
SGIP模拟网关/skin/xpstyle/Buttons.bmp
SGIP模拟网关/skin/xpstyle/Checkbox.bmp
SGIP模拟网关/skin/xpstyle/Radio.bmp
SGIP模拟网关/skin/xpstyle/bottom.bmp
SGIP模拟网关/skin/xpstyle/close.bmp
SGIP模拟网关/skin/xpstyle/left.bmp
SGIP模拟网关/skin/xpstyle/max.bmp
SGIP模拟网关/skin/xpstyle/min.bmp
SGIP模拟网关/skin/xpstyle/restore.bmp
SGIP模拟网关/skin/xpstyle/right.bmp
SGIP模拟网关/skin/xpstyle/theme.ini
SGIP模拟网关/skin/xpstyle/top.bmp
SGIP模拟网关/中国联通sgip1.2模拟网关使用说明_V1.21.pdf
.pdf
SGIP模拟网关/说明.txt
我的网站.url
cvery.comc3457654445/网关模拟器V1.22/sgipGW_1.rar
.rar
sgipGW.exe
.exe windows:4 windows x86 arch:x86

27218a4a272e4831372e114667e21ec5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord2385
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4425
ord3597
ord800
ord641
ord860
ord540
ord324
ord825
ord2297
ord2362
ord2363
ord2370
ord4234
ord610
ord6139
ord287
ord1099
ord6283
ord6282
ord6334
ord2393
ord1200
ord665
ord1979
ord6385
ord2818
ord5186
ord354
ord4673
ord4274
ord3663
ord6375
ord4486
ord2554
ord2512
ord5731
ord1775
ord4407
ord5241
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord4424
ord3738
ord561
ord815
ord2841
ord2621
ord1247
ord1134
ord2107
ord5450
ord5440
ord6383
ord6394
ord1771
ord6366
ord2413
ord2024
ord4219
ord2581
ord6055
ord1776
ord5265
ord5290
ord3402
ord3639
ord798
ord692
ord533
ord567
ord2859
ord4275
ord1146
ord1168
ord2302
ord535
ord6662
ord858
ord4278
ord2763
ord5572
ord5442
ord2915
ord3318
ord353
ord537
ord4160
ord2863
ord2379
ord755
ord470
ord1832
ord5651
ord350
ord1871
ord823
ord2820
ord1105
ord4853
ord4376
ord4078
ord6052
ord2514
ord4710
ord4998
ord5199
ord3922
ord1089
ord4401
ord1576

msvcrt

_onexit
_exit
_XcptFilter
exit
__dllonexit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_ftol
_mbscmp
_mbsicmp
time
_CxxThrowException
_setmbcp
_itoa
_strupr
atoi
strncpy
??1type_info@@UAE@XZ
__CxxFrameHandler
wcslen

kernel32

InitializeCriticalSection
lstrlenA
LeaveCriticalSection
EnterCriticalSection
Sleep
GetModuleHandleA
GetStartupInfoA
DeleteCriticalSection

user32

SetTimer
AppendMenuA
GetSystemMenu
LoadIconA
SendMessageA
GetDC
GetSystemMetrics
IsIconic
KillTimer
wsprintfA
ReleaseDC
GetClientRect
EnableWindow
DrawIcon

gdi32

GetTextExtentPoint32A

wsock32

recv
ntohl
WSAGetLastError
closesocket
socket
bind
listen
accept
connect
send
select
ioctlsocket
inet_addr
htonl
htons

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
cvery.comc3457654445/网关模拟器V1.22/模拟网关说明.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 16KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 1KB - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 4KB

.aspack Size: 6KB - Virtual size: 8KB

.data Size: - Virtual size: 4KB

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 16KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 1KB - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 4KB

.aspack Size: 6KB - Virtual size: 8KB

.data Size: - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 30KB - Virtual size: 56KB

.rdata Size: 5KB - Virtual size: 16KB

.data Size: 2KB - Virtual size: 20KB

.aspack Size: 5KB - Virtual size: 8KB

.data Size: - Virtual size: 4KB

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 16KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 1KB - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 4KB

.aspack Size: 6KB - Virtual size: 8KB

.data Size: - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 93KB - Virtual size: 188KB

.rdata Size: 12KB - Virtual size: 44KB

.data Size: 4KB - Virtual size: 32KB

.rsrc Size: 6KB - Virtual size: 76KB

.aspack Size: 7KB - Virtual size: 8KB

.data Size: - Virtual size: 4KB

0348308a99232309f351c9a8f971d029

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 144KB - Virtual size: 143KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 12KB - Virtual size: 10KB

Headers

File Characteristics

.text
Size: 8KB - Virtual size: 16KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 1KB - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 4KB

.aspack
Size: 6KB - Virtual size: 8KB

.data
Size: - Virtual size: 4KB

.text
Size: 8KB - Virtual size: 16KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 1KB - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 4KB

.aspack
Size: 6KB - Virtual size: 8KB

.data
Size: - Virtual size: 4KB

.text
Size: 30KB - Virtual size: 56KB

.rdata
Size: 5KB - Virtual size: 16KB

.data
Size: 2KB - Virtual size: 20KB

.aspack
Size: 5KB - Virtual size: 8KB

.data
Size: - Virtual size: 4KB

.text
Size: 8KB - Virtual size: 16KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 1KB - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 4KB

.aspack
Size: 6KB - Virtual size: 8KB

.data
Size: - Virtual size: 4KB

.text
Size: 93KB - Virtual size: 188KB

.rdata
Size: 12KB - Virtual size: 44KB

.data
Size: 4KB - Virtual size: 32KB

.rsrc
Size: 6KB - Virtual size: 76KB

.aspack
Size: 7KB - Virtual size: 8KB

.data
Size: - Virtual size: 4KB

.text
Size: 144KB - Virtual size: 143KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 12KB - Virtual size: 10KB

.text
Size: 96KB - Virtual size: 192KB

.rdata
Size: 12KB - Virtual size: 44KB

.data
Size: 4KB - Virtual size: 28KB

.rsrc
Size: 5KB - Virtual size: 16KB

.aspack
Size: 7KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 3KB