8de96a6fb62923205f72b0e8b86a04ab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8de96a6fb62923205f72b0e8b86a04ab_JaffaCakes118
Size

955KB
MD5

8de96a6fb62923205f72b0e8b86a04ab
SHA1

d681b099449fd078ab248a0b6e8f1e9ceeef8c06
SHA256

4dd93a22839ae2727676aff7ceb08db59ef968ff25784f7207212c4ffb9918f6
SHA512

3848b36b70ee9b27e5273daaf852e45a69375004015d39f2778945908e49c24b9c5429d1eb81919d7d4df734866b4861a77bc86e93bb5b21bd2db27ad17c13a7
SSDEEP

24576:6GWj48pnU5WJciV1XA55wckqnz0P+Sz7IjNUu4T0Z:6bj48UQci3smgDGu4IZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/931967/soure/MobileSearchIII/MobileSearch.exe
unpack001/931967/通讯录.exe

Files

8de96a6fb62923205f72b0e8b86a04ab_JaffaCakes118
.rar
931967/soure/MobileSearchIII/Address.INI
931967/soure/MobileSearchIII/CallerID.TXT
931967/soure/MobileSearchIII/Help.TXT
931967/soure/MobileSearchIII/MobileSearch.INI
931967/soure/MobileSearchIII/MobileSearch.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Exports

Exports

@$xp$15Kshooks@TKsHook
@$xp$15Zkslib@z_stream
@$xp$16Ksbitmap@TKColor
@$xp$16Kscontnrs@TQueue
@$xp$16Kscontnrs@TStack
@$xp$16Zkslib@ZKsLib__1
@$xp$16Zkslib@ZKsLib__2
@$xp$16Zkslib@ZKsLib__3
@$xp$16Zkslib@ZKsLib__4
@$xp$16Zkslib@ZKsLib__5
@$xp$16Zkslib@ZKsLib__6
@$xp$16Zkslib@ZKsLib__7
@$xp$16Zkslib@ZKsLib__8
@$xp$16Zkslib@free_func
@$xp$16Zkslib@z_streamp
@$xp$17Ksgrids@TGridRect
@$xp$17Zkslib@alloc_func
@$xp$17Zkslib@check_func
@$xp$18Ksbitmap@TKsBitmap
@$xp$18Ksforms@TKsHitTest
@$xp$18Ksgrids@KsGrids__3
@$xp$18Ksgrids@KsGrids__4
@$xp$18Ksgrids@TGridCoord
@$xp$18Ksgrids@TGridState
@$xp$19Ksbitmap@PKColorRec
@$xp$19Ksbitmap@TKColorRec
@$xp$19Ksedits@PEditAction
@$xp$19Ksedits@TActionType
@$xp$19Ksedits@TEditAction
@$xp$19Ksforms@TPaintEvent
@$xp$19Ksgrids@TGridOption
@$xp$19Ksgrids@TMovedEvent
@$xp$19Ksitems@TKsItemView
@$xp$19Kstabs@TTabPosition
@$xp$19Zkslib@inflate_mode
@$xp$20Kscontnrs@TClassList
@$xp$20Kseffects@TKsCounter
@$xp$20Ksgrids@TGridOptions
@$xp$20Ksgrids@TInplaceEdit
@$xp$20Ksitems@EKsItemError
@$xp$20Kstabs@TDrawTabEvent
@$xp$20Zksstream@EZlibError
@$xp$21Ksbitmap@PKColorArray
@$xp$21Ksbitmap@TKColorArray
@$xp$21Kscontnrs@TObjectList
@$xp$21Ksedits@TEditCharCase
@$xp$21Ksedits@TKsCustomEdit
@$xp$21Ksedits@TPasswordKind
@$xp$21Ksforms@TKsBorderIcon
@$xp$21Ksforms@TKsCustomForm
@$xp$21Ksforms@TKsPerfomance
@$xp$21Ksgrids@TGetEditEvent
@$xp$21Ksgrids@TGridDrawInfo
@$xp$21Ksgrids@TGridMovement
@$xp$21Ksgrids@TKsCustomGrid
@$xp$21Ksgrids@TSetEditEvent
@$xp$21Kshints@TKsCustomHint
@$xp$21Ksitems@TKsCustomItem
@$xp$21Ksskindbgrids@TColumn
@$xp$21Ksskinobjects@TSeKind
@$xp$21Zkslib@internal_state
@$xp$22Ksbitmap@TKsBitmapLink
@$xp$22Ksbitmap@TKsBitmapList
@$xp$22Kscontnrs@TObjectQueue
@$xp$22Kscontnrs@TObjectStack
@$xp$22Kscontnrs@TOrderedList
@$xp$22Kscontrolbars@TRowSize
@$xp$22Kseffects@TKsAnimation
@$xp$22Ksforms@TKsBorderIcons
@$xp$22Ksforms@TKsBorderStyle
@$xp$22Ksforms@TKsWindowState
@$xp$22Ksgrids@TDrawCellEvent
@$xp$22Ksgrids@TGridDrawState
@$xp$22Ksitems@TKsMDIItemKind
@$xp$22Kslistboxs@TKsFontType
@$xp$22Ksmenus@TKsMenuBarView
@$xp$22Ksskinobjects@TSeAlign
@$xp$22Ksskinobjects@TSeState
@$xp$22Zkslib@pInternal_state
@$xp$23Ksgrids@TGetExtentsFunc
@$xp$23Kslabels@TKsCustomLabel
@$xp$23Ksmenuform@TKsPopupForm
@$xp$23Ksmenuform@TKsPopupView
@$xp$23Kspanels@TKsCustomPanel
@$xp$23Ksskinedits@TSeSkinEdit
@$xp$23Ksskinforms@TSeSkinForm
@$xp$23Ksskinhints@TSeSkinHint
@$xp$23Ksskinitems@TSeSkinItem
@$xp$23Ksskinobjects@TSeAction
@$xp$24Ksbitmap@PKColorRecArray
@$xp$24Ksbitmap@TKColorRecArray
@$xp$24Ksbuttons@TKsButtonState
@$xp$24Kscontnrs@TComponentList
@$xp$24Kscontrols@TKsScrollCode
@$xp$24Ksedits@TEditActionStack
@$xp$24Ksgrids@TSelectCellEvent
@$xp$24Kshooks@TKsHookComponent
@$xp$24Kslistboxs@KsListBoxs__2
@$xp$24Kslistboxs@KsListBoxs__3
@$xp$24Kslistboxs@KsListBoxs__4
@$xp$24Kslistboxs@TKsFontDevice
@$xp$24Ksmenus@TKsCustomMenuBar
@$xp$24Kstabs@TKsCustomTabSheet
@$xp$24Kstabs@TTabChangingEvent
@$xp$25Ksbuttons@TKsCustomButton
@$xp$25Kscomboboxs@TKsComboStyle
@$xp$25Kscontrols@TKsScrollEvent
@$xp$25Ksgrids@TGridAxisDrawInfo
@$xp$25Ksgrids@TKsCustomDrawGrid
@$xp$25Kshooks@THookMessageEvent
@$xp$25Ksitems@TKsInsertItemProc
@$xp$25Kslistboxs@TDrawItemEvent
@$xp$25Ksmenuform@TKsPopupWindow
@$xp$25Ksskinlabels@TSeSkinLabel
@$xp$25Ksskinobjects@TSeRollKind
@$xp$25Ksskinpanels@TSeSkinPanel
@$xp$25Zkslib@inflate_block_mode
@$xp$25Zkslib@inflate_codes_mode
@$xp$26Ksitems@TKsCustomItemClass
@$xp$26Ksitems@TKsViewOrientation
@$xp$26Kslistboxs@TKsListBoxStyle
@$xp$26Ksmenus@TKsCustomPopupMenu
@$xp$26Ksscrollbars@TScrollBarInc
@$xp$26Ksskindbgrids@TColumnClass
@$xp$26Ksskindbgrids@TColumnTitle
@$xp$26Ksskindbgrids@TColumnValue
@$xp$26Ksskinengine@TSeSkinEngine
@$xp$26Ksskinmenus@TSeSkinMenuBar
@$xp$26Ksskinobjects@TSeTextAlign
@$xp$26Ksskinobjects@TscTileStyle
@$xp$26Ksskinsource@TSeSkinFilter
@$xp$26Ksskinsource@TSeSkinSource
@$xp$26Ksspinbuttons@TKsSpinAlign
@$xp$26Kstabs@TKsCustomTabControl
@$xp$26Zkslib@inflate_codes_state
@$xp$27Kscompress@EKsCompressError
@$xp$27Kscontrols@TKsCustomControl
@$xp$27Ksgrids@TKsCustomStringGrid
@$xp$27Ksitems@TKsGetItemClassProc
@$xp$27Kslistboxs@TKsCheckBoxState
@$xp$27Kslistboxs@TKsCustomListBox
@$xp$27Ksmessages@TKsCustomMessage
@$xp$27Kspanels@TKsPanelButtonKind
@$xp$27Ksscrollbars@TScrollBarKind
@$xp$27Ksskinbuttons@TSeSkinButton
@$xp$27Ksskindbgrids@TBookmarkList
@$xp$27Ksskindbgrids@TColumnValues
@$xp$27Ksskindbgrids@TGridDataLink
@$xp$27Ksskindbgrids@TSeSkinDBGrid
@$xp$27Ksskingrids@TSeSkinDrawGrid
@$xp$27Ksskinobjects2@TscTileStyle
@$xp$27Ksskinobjects@TSeSkinObject
@$xp$27Ksskinobjects@TSeTextEffect
@$xp$27Ksskinobjects@TSeTextObject
@$xp$27Kstoolbars@TKsCustomToolBar
@$xp$27Zkslib@inflate_blocks_state
@$xp$27Zkslib@pInflate_codes_state
@$xp$27Zksstream@ECompressionError
@$xp$27Zksstream@TCompressionLevel
@$xp$27Zksstream@TCustomZlibStream
@$xp$28Kscontrolbars@TBandDragEvent
@$xp$28Kscontrolbars@TBandInfoEvent
@$xp$28Kscontrolbars@TBandMoveEvent
@$xp$28Kscontrols@TKsBarOrientation
@$xp$28Kscontrols@TKsGraphicControl
@$xp$28Ksgrids@TGridScrollDirection
@$xp$28Kslistboxs@TMeasureItemEvent
@$xp$28Ksmenuform@TKsPopupFormClass
@$xp$28Ksskinmenus@TSeSkinPopupMenu
@$xp$28Ksskinobjects@TSeButtonState
@$xp$28Ksskintabs@TSeSkinTabControl
@$xp$28Ksskinversion@TSeSkinVersion
@$xp$28Ksspeedbuttons@TKsChevronPos
@$xp$28Zkslib@pInflate_blocks_state
@$xp$28Zksstream@TCompressionStream
@$xp$29Kscheckboxs@TKsCustomCheckBox
@$xp$29Kscomboboxs@TKsCustomComboBox
@$xp$29Kscontrolbars@TBandPaintEvent
@$xp$29Ksgrids@EInvalidGridOperation
@$xp$29Ksgroupboxs@TKsCustomGroupBox
@$xp$29Ksskindbgrids@TSeCustomDBGrid
@$xp$29Ksskingrids@TSeSkinStringGrid
@$xp$29Ksskinlistboxs@TSeSkinListBox
@$xp$29Ksskinmessages@TSeSkinMessage
@$xp$29Ksskinobjects@TSeActiveBitmap
@$xp$29Ksskinobjects@TSeActiveObject
@$xp$29Ksskinobjects@TSeBitmapObject
@$xp$29Ksskinobjects@TSeButtonObject
@$xp$29Ksskinobjects@TSeSystemButton
@$xp$29Ksskintoolbars@TSeSkinToolBar
@$xp$29Ksspeedbuttons@TKsButtonState
@$xp$29Zksstream@EDecompressionError
@$xp$30Kscontrolbars@TBandPaintOption
@$xp$30Ksmenuform@TKsPopupWindowClass
@$xp$30Ksskindbgrids@KsSkinDBGrids__5
@$xp$30Ksskinforms@TCustomActionEvent
@$xp$30Ksspeedbuttons@TKsSpeedDivider
@$xp$30Ksspinbuttons@TKsChangingEvent
@$xp$30Zksstream@TDecompressionStream
@$xp$31Kscomboboxs@TKsComboButtonAlign
@$xp$31Kscompress@TKsCompressionStream
@$xp$31Kscontrolbars@TBandPaintOptions
@$xp$31Ksitems@TKsCustomItemActionLink
@$xp$31Ksscrollbars@TKsCustomScrollBar
@$xp$31Ksskincheckboxs@TSeSkinCheckBox
@$xp$31Ksskincomboboxs@TSeSkinComboBox
@$xp$31Ksskingroupboxs@TSeSkinGroupBox
@$xp$31Ksskinmenuform@TSeSkinPopupForm
@$xp$31Ksskinsource@TSeSkinFilterClass
@$xp$31Ksstatusbars@TKsCustomStatusBar
@$xp$32Kscheckboxs@TKsCustomRadioButton
@$xp$32Ksskindbgrids@TColumnButtonStyle
@$xp$32Ksskindbgrids@TDrawDataCellEvent
@$xp$32Ksskinobjects2@TSeLinkSkinObject
@$xp$32Ksskinobjects@TSeSkinObjectClass
@$xp$32Ksspeedbuttons@TKsSpeedContainer
@$xp$33Kscompress@TKsDecompressionStream
@$xp$33Kscontrolbars@TKsCustomControlBar
@$xp$33Ksskindbgrids@TSeSkinDBGridOption
@$xp$33Ksskingroupboxs@TSeSkinRadioGroup
@$xp$33Ksskinmenuform@TSeSkinPopupWindow
@$xp$33Ksskinobjects2@TSeBitmapBoxObject
@$xp$33Ksskinobjects2@TSeRollPanelObject
@$xp$33Ksskinscrollbars@TSeSkinScrollBar
@$xp$33Ksspinbuttons@TKsCustomSpinButton
@$xp$34Ksgrids@TKsCustomStringGridStrings
@$xp$34Ksskincheckboxs@TSeSkinRadioButton
@$xp$34Ksskindbgrids@TDrawColumnCellEvent
@$xp$34Ksskindbgrids@TSeSkinDBGridColumns
@$xp$34Ksskindbgrids@TSeSkinDBGridOptions
@$xp$34Ksskinobjects2@TSeActiveSkinObject
@$xp$34Ksskinobjects2@TSeBitmapSkinObject
@$xp$35Ksskincontrolbars@TSeSkinControlBar
@$xp$35Ksskinobjects2@TSeColorButtonObject
@$xp$35Ksskinspinbuttons@TSeSkinSpinButton
@$xp$35Ksspeedbuttons@TKsCustomSpeedButton
@$xp$36Ksitems@TKsCustomItemActionLinkClass
@$xp$36Ksskinsource@TSeSkinFilterCompressed
@$xp$37Ksskindbgrids@TSeSkinDBGridClickEvent
@$xp$37Ksskinobjects2@TSeSysButtonSkinObject
@$xp$37Ksskinspeedbuttons@TSeSkinSpeedButton
@$xp$38Ksskinobjects2@TSeFormBitmapSkinObject
@$xp$38Ksskinsource@TSeSkinFilterUncompressed
@$xp$39Ksskindbgrids@TSeSkinDBGridColumnsState
@$xp$39Ksskinobjects2@TSeActiveBitmapBoxObject
@$xp$39Ksskinobjects2@TSeButtonBitmapBoxObject
@$xp$41Ksskinsource@TSeSkinFilterUltraCompressed
@$xp$41Shockwaveflashobjects_tlb@TShockwaveFlash
@$xp$41Shockwaveflashobjects_tlb@TShockwaveFlash
@$xp$41Shockwaveflashobjects_tlb@TShockwaveFlash
@$xp$41Shockwaveflashobjects_tlb@TShockwaveFlash
@@Caddresscon@Finalize
@@Caddresscon@Initialize
@@Cbug@Finalize
@@Cbug@Initialize
@@Cmobilesearch@Finalize
@@Cmobilesearch@Initialize
@@Shockwaveflashobjects_ocx@Finalize
@@Shockwaveflashobjects_ocx@Initialize
@Ksbitmap@AlphaBlend
@Ksbitmap@ChangeBrightness$qqruii
@Ksbitmap@ChangeHue$qqruii
@Ksbitmap@Finalization$qqrv
@Ksbitmap@HSLtoRGB$qqrfff
@Ksbitmap@KColor$qqr15Graphics@TColoruc
@Ksbitmap@KColor$qqr19Ksbitmap@TKColorRec
@Ksbitmap@KColor$qqrsssuc
@Ksbitmap@KColorToColor$qqrui
@Ksbitmap@RGBtoHSL$qqruirft2t2
@Ksbitmap@RaisedColor$qqruiuc
@Ksbitmap@RaisedColor$qqruiucucucuc
@Ksbitmap@SunkenColor$qqruiuc
@Ksbitmap@SunkenColor$qqruiucucucuc
@Ksbitmap@TKsBitmap@
@Ksbitmap@TKsBitmap@$bctr$qqrv
@Ksbitmap@TKsBitmap@$bdtr$qqrv
@Ksbitmap@TKsBitmap@Assign$qqrp19Classes@TPersistent
@Ksbitmap@TKsBitmap@AssignTo$qqrp19Classes@TPersistent
@Ksbitmap@TKsBitmap@ChangeBrightness$qqri
@Ksbitmap@TKsBitmap@ChangeHue$qqri
@Ksbitmap@TKsBitmap@Changed$qqrv
@Ksbitmap@TKsBitmap@Clear$qqrui
@Ksbitmap@TKsBitmap@Draw$qqrp16Graphics@TCanvasii
@Ksbitmap@TKsBitmap@Draw$qqrp16Graphics@TCanvasiirx13Windows@TRect
@Ksbitmap@TKsBitmap@Draw$qqrp16Graphics@TCanvasrx13Windows@TRectt2
@Ksbitmap@TKsBitmap@Draw$qqrp18Ksbitmap@TKsBitmapii
@Ksbitmap@TKsBitmap@Draw$qqrp18Ksbitmap@TKsBitmapiirx13Windows@TRect
@Ksbitmap@TKsBitmap@Draw$qqrp18Ksbitmap@TKsBitmaprx13Windows@TRectt2
@Ksbitmap@TKsBitmap@Draw$qqruiii
@Ksbitmap@TKsBitmap@Draw$qqruiiirx13Windows@TRect
@Ksbitmap@TKsBitmap@Draw$qqruirx13Windows@TRectt2
@Ksbitmap@TKsBitmap@DrawBevel$qqrrx13Windows@TRectuiio
@Ksbitmap@TKsBitmap@DrawEdge$qqrrx13Windows@TRectuiui
@Ksbitmap@TKsBitmap@DrawEllipse$qqrrx13Windows@TRectui
@Ksbitmap@TKsBitmap@DrawFocusRect$qqrrx13Windows@TRectui
@Ksbitmap@TKsBitmap@DrawLine$qqrrx13Windows@TRectui
@Ksbitmap@TKsBitmap@DrawMargin$qqrp18Ksbitmap@TKsBitmaprx13Windows@TRectt2iiiio
@Ksbitmap@TKsBitmap@DrawMarginRect$qqrp18Ksbitmap@TKsBitmaprx13Windows@TRectt2o
@Ksbitmap@TKsBitmap@DrawPolygon$qqrpx14Windows@TPointxi15Graphics@TColor
@Ksbitmap@TKsBitmap@DrawRect$qqrrx13Windows@TRectui
@Ksbitmap@TKsBitmap@DrawRoundRect$qqrrx13Windows@TRectiui
@Ksbitmap@TKsBitmap@DrawStretch$qqrp18Ksbitmap@TKsBitmaprx13Windows@TRectt2
@Ksbitmap@TKsBitmap@DrawText$qqr17System@AnsiStringii
@Ksbitmap@TKsBitmap@DrawText$qqr17System@AnsiStringr13Windows@TRectui
@Ksbitmap@TKsBitmap@DrawTile$qqrp18Ksbitmap@TKsBitmaprx13Windows@TRectt2
@Ksbitmap@TKsBitmap@DrawVerticalText$qqr17System@AnsiStringrx13Windows@TRectuio
@Ksbitmap@TKsBitmap@Empty$qqrv
@Ksbitmap@TKsBitmap@FillEllipse$qqrrx13Windows@TRectui
@Ksbitmap@TKsBitmap@FillGradientRect$qqrrx13Windows@TRectuiuio
@Ksbitmap@TKsBitmap@FillHalftonePolygon$qqrpx14Windows@TPointxiuiui
@Ksbitmap@TKsBitmap@FillHalftoneRect$qqrrx13Windows@TRectuiui
@Ksbitmap@TKsBitmap@FillPolygon$qqrpx14Windows@TPointxi15Graphics@TColor
@Ksbitmap@TKsBitmap@FillRadialGradientRect$qqrrx13Windows@TRectuiuirx14Windows@TPoint
@Ksbitmap@TKsBitmap@FillRect$qqrrx13Windows@TRectui
@Ksbitmap@TKsBitmap@FillRoundRect$qqrrx13Windows@TRectiui
@Ksbitmap@TKsBitmap@GetBitmapLink$qqr17System@AnsiString
@Ksbitmap@TKsBitmap@GetBitmapLink$qqrrx13Windows@TRect
@Ksbitmap@TKsBitmap@GetPixel$qqrii
@Ksbitmap@TKsBitmap@LineTo$qqriiui
@Ksbitmap@TKsBitmap@LoadFromBmpFile$qqrx17System@AnsiString
@Ksbitmap@TKsBitmap@LoadFromBmpStream$qqrp15Classes@TStream
@Ksbitmap@TKsBitmap@LoadFromFile$qqrx17System@AnsiString
@Ksbitmap@TKsBitmap@LoadFromStream$qqrp15Classes@TStream
@Ksbitmap@TKsBitmap@MergeDraw$qqrp18Ksbitmap@TKsBitmapiirx13Windows@TRect
@Ksbitmap@TKsBitmap@MoveTo$qqrii
@Ksbitmap@TKsBitmap@PerformTransparent$qqrui
@Ksbitmap@TKsBitmap@SaveToBmpFile$qqrx17System@AnsiString
@Ksbitmap@TKsBitmap@SaveToFile$qqrx17System@AnsiString
@Ksbitmap@TKsBitmap@SaveToStream$qqrp15Classes@TStream
@Ksbitmap@TKsBitmap@SetAlpha$qqruc
@Ksbitmap@TKsBitmap@SetAlpha$qqrucrx13Windows@TRect
@Ksbitmap@TKsBitmap@SetFont$qqrpx14Graphics@TFont
@Ksbitmap@TKsBitmap@SetHeight$qqrxi
@Ksbitmap@TKsBitmap@SetPixel$qqriiui
@Ksbitmap@TKsBitmap@SetSize$qqrii
@Ksbitmap@TKsBitmap@SetWidth$qqrxi
@Ksbitmap@TKsBitmap@TextHeight$qqr17System@AnsiString
@Ksbitmap@TKsBitmap@TextWidth$qqr17System@AnsiStringi
@Ksbitmap@TKsBitmapLink@
@Ksbitmap@TKsBitmapLink@$bctr$qqrv
@Ksbitmap@TKsBitmapLink@$bdtr$qqrv
@Ksbitmap@TKsBitmapLink@Assign$qqrp19Classes@TPersistent
@Ksbitmap@TKsBitmapLink@Draw$qqrp16Graphics@TCanvasii
@Ksbitmap@TKsBitmapLink@Draw$qqrp18Ksbitmap@TKsBitmapii
@Ksbitmap@TKsBitmapLink@GetAssigned$qqrv
@Ksbitmap@TKsBitmapLink@GetBottom$qqrv
@Ksbitmap@TKsBitmapLink@GetLeft$qqrv
@Ksbitmap@TKsBitmapLink@GetRight$qqrv
@Ksbitmap@TKsBitmapLink@GetTop$qqrv
@Ksbitmap@TKsBitmapLink@SetBottom$qqrxi
@Ksbitmap@TKsBitmapLink@SetLeft$qqrxi
@Ksbitmap@TKsBitmapLink@SetRight$qqrxi
@Ksbitmap@TKsBitmapLink@SetTop$qqrxi
@Ksbitmap@TKsBitmapList@
@Ksbitmap@TKsBitmapList@$bctr$qqrv
@Ksbitmap@TKsBitmapList@$bdtr$qqrv
@Ksbitmap@TKsBitmapList@Clear$qqrv
@Ksbitmap@TKsBitmapList@GetBitmap$qqri
@Ksbitmap@TKsBitmapList@GetBitmapByName$qqr17System@AnsiString
@Ksbitmap@TKsBitmapList@GetBitmapLink$qqr17System@AnsiStringrx13Windows@TRect
@Ksbitmap@TKsBitmapList@GetBitmapLink$qqr17System@AnsiStringt1
@Ksbitmap@TKsBitmapList@GetBitmapLink$qqrp18Ksbitmap@TKsBitmaprx13Windows@TRect
@Ksbitmap@TransparentBlt
@Ksbitmap@ckAqua
@Ksbitmap@ckBlack
@Ksbitmap@ckBlue
@Ksbitmap@ckBorder
@Ksbitmap@ckBtnFace
@Ksbitmap@ckBtnShadow
@Ksbitmap@ckFuchsia
@Ksbitmap@ckGray
@Ksbitmap@ckGreen
@Ksbitmap@ckHighlight
@Ksbitmap@ckHintBack
@Ksbitmap@ckHotHighlight
@Ksbitmap@ckLime
@Ksbitmap@ckMaroon
@Ksbitmap@ckMenu
@Ksbitmap@ckNavy
@Ksbitmap@ckOlive
@Ksbitmap@ckPurple
@Ksbitmap@ckRed
@Ksbitmap@ckTeal
@Ksbitmap@ckTransparent
@Ksbitmap@ckWhite
@Ksbitmap@ckWindow
@Ksbitmap@ckYellow
@Ksbitmap@initialization$qqrv
@Ksbuttons@Finalization$qqrv
@Ksbuttons@TKsCustomButton@
@Ksbuttons@TKsCustomButton@$bctr$qqrp18Classes@TComponent
@Ksbuttons@TKsCustomButton@$bdtr$qqrv
@Ksbuttons@TKsCustomButton@ActionChange$qqrp14System@TObjecto
@Ksbuttons@TKsCustomButton@CMDialogChar$qqrr15Messages@TWMKey
@Ksbuttons@TKsCustomButton@CMDialogKey$qqrr15Messages@TWMKey
@Ksbuttons@TKsCustomButton@CMEnabledChanged$qqrr17Messages@TMessage
@Ksbuttons@TKsCustomButton@CMFocusChanged$qqrr24Controls@TCMFocusChanged
@Ksbuttons@TKsCustomButton@CMTextChanged$qqrr17Messages@TMessage
@Ksbuttons@TKsCustomButton@Click$qqrv
@Ksbuttons@TKsCustomButton@GetCaptionRect$qqrv
@Ksbuttons@TKsCustomButton@GetGlyphRect$qqrv
@Ksbuttons@TKsCustomButton@GetGlyphSize$qqrv
@Ksbuttons@TKsCustomButton@GetLayoutRect$qqrv
@Ksbuttons@TKsCustomButton@GlyphChangedHandler$qqrp14System@TObject
@Ksbuttons@TKsCustomButton@HasFocus$qqrv
@Ksbuttons@TKsCustomButton@KeyDown$qqrrus46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%
@Ksbuttons@TKsCustomButton@KeyUp$qqrrus46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%
@Ksbuttons@TKsCustomButton@KillFocus$qqrv
@Ksbuttons@TKsCustomButton@Loaded$qqrv
@Ksbuttons@TKsCustomButton@MouseDown$qqr21Controls@TMouseButton46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%ii
@Ksbuttons@TKsCustomButton@MouseEnter$qqrv
@Ksbuttons@TKsCustomButton@MouseLeave$qqrv
@Ksbuttons@TKsCustomButton@MouseMove$qqr46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%ii
@Ksbuttons@TKsCustomButton@MouseUp$qqr21Controls@TMouseButton46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%ii
@Ksbuttons@TKsCustomButton@PaintBuffer$qqrv
@Ksbuttons@TKsCustomButton@PaintFace$qqrv
@Ksbuttons@TKsCustomButton@PaintGlyph$qqrv
@Ksbuttons@TKsCustomButton@PaintText$qqrv
@Ksbuttons@TKsCustomButton@SetBlackAndWhiteGlyph$qqrxo
@Ksbuttons@TKsCustomButton@SetCancel$qqrxo
@Ksbuttons@TKsCustomButton@SetDefault$qqrxo
@Ksbuttons@TKsCustomButton@SetGlyph$qqrpx16Graphics@TBitmap
@Ksbuttons@TKsCustomButton@SetKind$qqrx19Buttons@TBitBtnKind
@Ksbuttons@TKsCustomButton@SetLayout$qqrx21Buttons@TButtonLayout
@Ksbuttons@TKsCustomButton@SetNumGlyphs$qqrxzc
@Ksbuttons@TKsCustomButton@SetSpacing$qqrxi
@Ksbuttons@initialization$qqrv
@Kscheckboxs@Finalization$qqrv
@Kscheckboxs@TKsCustomCheckBox@
@Kscheckboxs@TKsCustomCheckBox@$bctr$qqrp18Classes@TComponent
@Kscheckboxs@TKsCustomCheckBox@$bdtr$qqrv
@Kscheckboxs@TKsCustomCheckBox@CMDialogChar$qqrr15Messages@TWMKey
@Kscheckboxs@TKsCustomCheckBox@CMEnabledChanged$qqrr17Messages@TMessage
@Kscheckboxs@TKsCustomCheckBox@CMTextChanged$qqrr17Messages@TMessage
@Kscheckboxs@TKsCustomCheckBox@Click$qqrv
@Kscheckboxs@TKsCustomCheckBox@DoClick$qqrv
@Kscheckboxs@TKsCustomCheckBox@GetBoxSize$qqrv
@Kscheckboxs@TKsCustomCheckBox@GetChecked$qqrv
@Kscheckboxs@TKsCustomCheckBox@KeyDown$qqrrus46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%
@Kscheckboxs@TKsCustomCheckBox@KeyUp$qqrrus46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%
@Kscheckboxs@TKsCustomCheckBox@Loaded$qqrv
@Kscheckboxs@TKsCustomCheckBox@MouseDown$qqr21Controls@TMouseButton46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%ii
@Kscheckboxs@TKsCustomCheckBox@MouseEnter$qqrv
@Kscheckboxs@TKsCustomCheckBox@MouseLeave$qqrv
@Kscheckboxs@TKsCustomCheckBox@MouseMove$qqr46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%ii
@Kscheckboxs@TKsCustomCheckBox@MouseUp$qqr21Controls@TMouseButton46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%ii
@Kscheckboxs@TKsCustomCheckBox@PaintBox$qqrv
@Kscheckboxs@TKsCustomCheckBox@PaintBuffer$qqrv
@Kscheckboxs@TKsCustomCheckBox@PaintText$qqrv
@Kscheckboxs@TKsCustomCheckBox@SetAlignment$qqr18Classes@TAlignment
@Kscheckboxs@TKsCustomCheckBox@SetAllowGrayed$qqrxo
@Kscheckboxs@TKsCustomCheckBox@SetChecked$qqro
@Kscheckboxs@TKsCustomCheckBox@SetPressed$qqrxo
@Kscheckboxs@TKsCustomCheckBox@SetSpacing$qqrxi
@Kscheckboxs@TKsCustomCheckBox@SetState$qqr23Stdctrls@TCheckBoxState
@Kscheckboxs@TKsCustomCheckBox@Toggle$qqrv
@Kscheckboxs@TKsCustomCheckBox@WMSysColorChange$qqrr17Messages@TMessage
@Kscheckboxs@TKsCustomRadioButton@
@Kscheckboxs@TKsCustomRadioButton@$bctr$qqrp18Classes@TComponent
@Kscheckboxs@TKsCustomRadioButton@$bdtr$qqrv
@Kscheckboxs@TKsCustomRadioButton@CMDialogChar$qqrr15Messages@TWMKey
@Kscheckboxs@TKsCustomRadioButton@CMEnabledChanged$qqrr17Messages@TMessage
@Kscheckboxs@TKsCustomRadioButton@CMTextChanged$qqrr17Messages@TMessage
@Kscheckboxs@TKsCustomRadioButton@GetBoxSize$qqrv
@Kscheckboxs@TKsCustomRadioButton@HasFocus$qqrv
@Kscheckboxs@TKsCustomRadioButton@KeyDown$qqrrus46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%
@Kscheckboxs@TKsCustomRadioButton@KeyUp$qqrrus46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%
@Kscheckboxs@TKsCustomRadioButton@Loaded$qqrv
@Kscheckboxs@TKsCustomRadioButton@MouseDown$qqr21Controls@TMouseButton46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%ii
@Kscheckboxs@TKsCustomRadioButton@MouseEnter$qqrv
@Kscheckboxs@TKsCustomRadioButton@MouseLeave$qqrv
@Kscheckboxs@TKsCustomRadioButton@MouseMove$qqr46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%ii
@Kscheckboxs@TKsCustomRadioButton@MouseUp$qqr21Controls@TMouseButton46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%ii
@Kscheckboxs@TKsCustomRadioButton@PaintBox$qqrv
@Kscheckboxs@TKsCustomRadioButton@PaintBuffer$qqrv
@Kscheckboxs@TKsCustomRadioButton@PaintText$qqrv
@Kscheckboxs@TKsCustomRadioButton@SetChecked$qqro
@Kscheckboxs@TKsCustomRadioButton@SetPressed$qqrxo
@Kscheckboxs@TKsCustomRadioButton@SetSpacing$qqrxi
@Kscheckboxs@TKsCustomRadioButton@TurnSiblingsOff$qqrv
@Kscheckboxs@TKsCustomRadioButton@WMSysColorChange$qqrr17Messages@TMessage
@Kscheckboxs@initialization$qqrv
@Kscomboboxs@Finalization$qqrv
@Kscomboboxs@TKsCustomComboBox@
@Kscomboboxs@TKsCustomComboBox@$bctr$qqrp18Classes@TComponent
@Kscomboboxs@TKsCustomComboBox@$bdtr$qqrv
@Kscomboboxs@TKsCustomComboBox@AfterDropDown$qqrv
@Kscomboboxs@TKsCustomComboBox@BeforeDropDown$qqrv
@Kscomboboxs@TKsCustomComboBox@ButtonClick$qqrv
@Kscomboboxs@TKsCustomComboBox@CMMouseLeave$qqrr17Messages@TMessage
@Kscomboboxs@TKsCustomComboBox@CMMouseWheel$qqrr22Controls@TCMMouseWheel
@Kscomboboxs@TKsCustomComboBox@Change$qqrv
@Kscomboboxs@TKsCustomComboBox@CreateListBox$qqrp18Classes@TComponent
@Kscomboboxs@TKsCustomComboBox@DoListBoxClick$qqrp14System@TObject
@Kscomboboxs@TKsCustomComboBox@DoTimer$qqrp14System@TObject
@Kscomboboxs@TKsCustomComboBox@GetButtonHeight$qqrv
@Kscomboboxs@TKsCustomComboBox@GetButtonRect$qqrv
@Kscomboboxs@TKsCustomComboBox@GetColorValue$qqrv
@Kscomboboxs@TKsCustomComboBox@GetEditRect$qqrv
@Kscomboboxs@TKsCustomComboBox@GetFlat$qqrv

Sections

Size: 414KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 18KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 186KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 226KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
931967/soure/MobileSearchIII/mobileAll.dat
931967/soure/Thumbs.db
931967/soure/address.ldb
931967/soure/address.mdb
931967/soure/bkcolor/Thumbs.db
931967/soure/bkcolor/default.JPG
.jpg
931967/soure/bkcolor/green.JPG
.jpg
931967/soure/bkcolor/greenmax.JPG
.jpg
931967/soure/bkcolor/red.JPG
.jpg
931967/soure/bkcolor/silver.JPG
.jpg
931967/soure/ico.ICO
931967/soure/ling.bmp
931967/soure/start.jpg
.jpg
931967/soure/volume.gif
.gif
931967/下载说明.htm
.html .js polyglot
931967/通讯录.exe
.exe windows:4 windows x86 arch:x86

bc4f40de68e15969e393455ececce36f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaStrI2
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaFreeVar
__vbaStrVarMove
__vbaLenBstr
__vbaLateIdCall
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
__vbaFreeObjList
ord516
_adj_fprem1
__vbaRecAnsiToUni
__vbaStrCat
__vbaLsetFixstr
__vbaWriteFile
ord661
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryVar
__vbaAryDestruct
__vbaExitProc
__vbaObjSet
ord595
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaFpR4
__vbaBoolVar
__vbaFpR8
_CIsin
ord632
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
__vbaVarTstEq
__vbaObjVar
__vbaI2I4
DllFunctionCall
__vbaVarLateMemSt
_adj_fpatan
__vbaLateIdCallLd
__vbaRecUniToAnsi
EVENT_SINK_Release
ord600
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
__vbaStrToUnicode
__vbaInputFile
ord606
_adj_fprem
_adj_fdivr_m64
ord609
__vbaFPException
__vbaStrVarVal
__vbaUbound
__vbaVarCat
__vbaI2Var
ord537
ord645
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaNew2
ord571
_adj_fdiv_m32i
_adj_fdivr_m32i
ord573
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaI4Var
__vbaVarAdd
__vbaLateMemCall
ord612
__vbaStrToAnsi
__vbaVarDup
__vbaFpI2
ord616
__vbaFpI4
__vbaVarLateMemCallLd
ord617
_CIatan
__vbaStrMove
__vbaAryCopy
ord618
ord650
_allmul
__vbaLateIdSt
_CItan
ord546
_CIexp
__vbaFreeStr
__vbaFreeObj
ord581

Sections

.text
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

Size: 414KB - Virtual size: 1.1MB

Size: 18KB - Virtual size: 588KB

Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 4KB

Size: 1024B - Virtual size: 12KB

Size: 186KB - Virtual size: 188KB

.rsrc Size: 226KB - Virtual size: 308KB

Size: - Virtual size: 72KB

.data Size: 75KB - Virtual size: 76KB

.adata Size: - Virtual size: 4KB

bc4f40de68e15969e393455ececce36f

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 256KB - Virtual size: 254KB

.data Size: 4KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 1KB

.rsrc
Size: 226KB - Virtual size: 308KB

.data
Size: 75KB - Virtual size: 76KB

.adata
Size: - Virtual size: 4KB

.text
Size: 256KB - Virtual size: 254KB

.data
Size: 4KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 1KB