94c966fa2c75963dabdd5ab5b323bf72_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

94c966fa2c75963dabdd5ab5b323bf72_JaffaCakes118
Size

2.1MB
MD5

94c966fa2c75963dabdd5ab5b323bf72
SHA1

6b21f730b59351a10c8872b27714a2bcb2e4fd46
SHA256

a12b59d94c47bce0217f022d08390200389e3fe2f5b735fd1a0c00af79bffa83
SHA512

98d7cf7fabce81aef9c72f31e501b926a5a63619ff7c3d1585307153a53a1600e89fa0e57595ff000d24bb296aa764c68eb4e341fc6bb1dc497f41191bb63d15
SSDEEP

49152:OFSXtmHoTALmSad8AAtrB3XQ0ytWdMkUxVYtgMbiAx+Iw:OktmHOAL/a+JjQ0yUmVYtgeihIw

Score

3^/10

Malware Config

Signatures

Unsigned PE 12 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cvery.compb234352/spjxc/spjxc/BIN/Md5.dll
unpack001/cvery.compb234352/spjxc/spjxc/BIN/spjxc.dll
unpack001/cvery.compb234352/spjxc/spjxc/BIN/spjxc.exe
unpack001/cvery.compb234352/spjxc/spjxc/BIN/spjxc_com.dll
unpack001/cvery.compb234352/spjxc/spjxc/BIN/spjxc_menu.dll
unpack001/cvery.compb234352/spjxc/spjxc/BIN/spjxc_rk.dll
unpack001/cvery.compb234352/spjxc/spjxc/BIN/spjxc_sys.dll
unpack001/cvery.compb234352/spjxc/spjxc/BIN/spjxc_xs.dll
unpack001/cvery.compb234352/spjxc/spjxc/BIN/spjxc_zlcx.dll
unpack001/cvery.compb234352/spjxc/spjxc/Md5.dll
unpack001/cvery.compb234352/spjxc/spjxc/Md5/Debug/Md5.dll
unpack001/cvery.compb234352/spjxc/spjxc/Md5/Release/Md5.dll

Files

94c966fa2c75963dabdd5ab5b323bf72_JaffaCakes118
.rar
cvery.compb234352/spjxc/spjxc.dmp
cvery.compb234352/spjxc/spjxc/BIN/Md5.dll
.dll windows:4 windows x86 arch:x86

9e7a1d90cfa93e6f1642653b92db15aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord6375
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord4274
ord4486
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord823
ord3738
ord561
ord825
ord815
ord2982
ord3147
ord4424
ord1578
ord600
ord1116
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord269
ord826
ord1570
ord1197
ord6467
ord1255
ord1253

msvcrt

sprintf
__CxxFrameHandler
_EH_prolog
??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit

kernel32

LocalAlloc
LocalFree

Exports

Exports

MD5Final
MD5Init
MD5Update
MDString

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 442B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cvery.compb234352/spjxc/spjxc/BIN/arj.exe
cvery.compb234352/spjxc/spjxc/BIN/spjxc.dll
.dll windows:1 windows x86 arch:x86

3c6ec78f03e9b42d824669712b011e6a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CharUpperBuffA
MessageBoxA

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
ExitThread
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
GetCurrentThread
GetEnvironmentStrings
GetFileType
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStdHandle
GetVersion
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
SetConsoleCtrlHandler
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEvent
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile

pbvm80

ord5237
ord2541
ord2441
ord2611
ord2521
ord2519
ord2529
ord2532
ord2650
ord2081
ord2536
ord2520
ord2531
ord2506
ord2640
ord2498
ord2579
ord2407
ord2540
ord2469
ord2493
ord2606
ord2057
ord2497
ord2473
ord2495
ord2474
ord2496
ord2634
ord2426
ord2632
ord2456
ord2537
ord2488
ord2295
ord2480
ord2050
ord2486
ord2624
ord2490
ord2279
ord2653
ord2599
ord2416
ord2582
ord2546
ord2451
ord5236
ord2384
ord2405
ord2646
ord5245
ord2644
ord2645
ord2484
ord2492
ord2458
ord2578
ord2539
ord2639
ord2638
ord2479
ord2455
ord2412
ord2461
ord2462
ord2404
ord2453
ord2454
ord5151
ord2012
ord2468
ord2448
ord2459
ord2183
ord2515
ord2865
ord2043
ord2864

Exports

Exports

_DllMain@12
__fn_1_32770_0@8
__fn_1_32770_1@8
__fn_1_32770_21@8
__fn_1_32770_27@8
__fn_1_32770_28@8
__fn_2_32770_0@8
__fn_2_32770_1@8
__fn_4_32770_0@8
__fn_4_32770_121@8
__fn_4_32770_122@8
__fn_4_32770_123@8
__fn_4_32770_1@8
__fn_4_32770_38@8
__fn_4_32770_49@8
__fn_4_32801_34@8
__fn_4_32802_34@8
__fn_4_32804_42@8
__fn_4_32806_42@8
__fn_5_32770_0@8
__fn_5_32770_1@8
__fn_5_32770_23@8
__fn_5_32770_38@8
__fn_5_32770_46@8
__fn_5_32770_49@8
__fn_6_32770_0@8
__fn_6_32770_119@8
__fn_6_32770_120@8
__fn_6_32770_1@8
__fn_6_32770_23@8
__fn_6_32770_24@8
__fn_6_32787_36@8
__fn_6_32787_41@8
__fn_6_32787_45@8
__fn_6_32787_46@8
__fn_6_32787_56@8
__fn_6_32795_36@8
__fn_6_32795_40@8
__fn_6_32795_43@8
__fn_6_32795_44@8
__fn_6_32795_54@8
__fn_6_32795_55@8
__fn_6_32797_35@8
__fn_6_32801_23@8
__fn_6_32803_23@8
__fn_6_32804_23@8
__fn_8_32770_0@8
__fn_8_32770_1@8
__fn_8_32770_38@8
__fn_8_32796_34@8
__fn_8_32797_34@8
__fn_8_32799_42@8
__fn_8_32801_42@8
__fn_8_32801_44@8
__fn_8_32802_42@8
__fn_8_32802_44@8
_getVtableInfo_spjxc@12
_getVtableInfo_w_login@12
_getVtableInfo_w_main@12
_getVtableInfo_w_mainframe@12
_getVtableInfo_w_pop_win@12
_getVtableInfo_w_xgmm@12

Sections

AUTO
Size: 147KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 19KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
cvery.compb234352/spjxc/spjxc/BIN/spjxc.dmp
cvery.compb234352/spjxc/spjxc/BIN/spjxc.exe
.exe windows:1 windows x86 arch:x86

c781fbc21f0deec4cce073cc3b8ca9e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharUpperBuffA

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
ExitThread
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
GetCurrentThread
GetEnvironmentStrings
GetFileType
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStdHandle
GetVersion
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
SetConsoleCtrlHandler
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEvent
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile

pbvm80

ord137

Sections

AUTO
Size: 16KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 3KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
cvery.compb234352/spjxc/spjxc/BIN/spjxc_com.dll
.dll windows:1 windows x86 arch:x86

a6dfa40222c540c37591d0b066793a3d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CharUpperBuffA
MessageBoxA

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
ExitThread
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
GetCurrentThread
GetEnvironmentStrings
GetFileType
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStdHandle
GetVersion
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
SetConsoleCtrlHandler
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEvent
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile

pbvm80

ord5237
ord2634
ord2408
ord2418
ord2505
ord2407
ord2406
ord2452
ord2515
ord5164
ord5123
ord2451
ord2653
ord2599
ord2546
ord2611
ord2455
ord2624
ord2412
ord2448
ord2386
ord2461
ord2469
ord2057
ord2497
ord2473
ord2495
ord2474
ord2496
ord2582
ord2468
ord2426
ord2632
ord2295
ord2493
ord2606
ord2498
ord2274
ord2604
ord2609
ord2050
ord2646
ord5245
ord2644
ord2645
ord2462
ord2454
ord2416
ord2405
ord2456
ord2459
ord2484
ord5236
ord2384
ord5151
ord2639
ord2638
ord2479
ord2488
ord2012
ord2458
ord2578
ord2183
ord2486
ord2865
ord2043
ord2864

Exports

Exports

_DllMain@12
__fn_17_32770_0@8
__fn_17_32770_119@8
__fn_17_32770_1@8
__fn_17_32770_38@8
__fn_17_32770_46@8
__fn_17_32787_34@8
__fn_17_32791_34@8
__fn_17_32792_34@8
__fn_17_32793_34@8
__fn_17_32795_45@8
__fn_17_32801_34@8
__fn_17_32802_34@8
__fn_17_32805_44@8
__fn_17_32809_34@8
__fn_17_32813_34@8
__fn_17_32814_34@8
__fn_17_32815_34@8
__fn_17_32816_34@8
__fn_17_32817_34@8
__fn_17_32819_63@8
__fn_18_32770_0@8
__fn_18_32770_1@8
__fn_18_32770_38@8
__fn_18_32779_34@8
__fn_18_32792_34@8
__fn_18_32794_43@8
__fn_18_32805_44@8
__fn_18_32807_34@8
__fn_18_32808_34@8
__fn_18_32809_34@8
__fn_19_32770_0@8
__fn_19_32770_19@8
__fn_19_32770_1@8
__fn_19_32770_21@8
__fn_19_32770_22@8
__fn_19_32770_23@8
__fn_19_32770_24@8
__fn_19_32770_25@8
__fn_19_32770_26@8
__fn_19_32770_27@8
__fn_19_32770_28@8
__fn_19_32770_29@8
__fn_19_32770_30@8
__fn_19_32770_31@8
__fn_19_32770_32@8
__fn_19_32770_33@8
__fn_19_32770_34@8
__fn_19_32770_35@8
__fn_19_32770_36@8
__fn_19_32770_37@8
__fn_19_32770_38@8
__fn_19_32770_39@8
__fn_20_32770_34@8
__fn_20_32770_49@8
__fn_3_32770_0@8
__fn_3_32770_120@8
__fn_3_32770_1@8
__fn_3_32770_23@8
__fn_3_32770_38@8
__fn_7_32770_0@8
__fn_7_32770_1@8
__fn_7_32770_49@8
__fn_7_32770_50@8
__fn_7_32770_51@8
__fn_7_32770_52@8
__fn_7_32770_53@8
__fn_7_32770_54@8
__fn_7_32770_55@8
__fn_7_32770_56@8
__fn_7_32770_57@8
__fn_7_32770_58@8
__fn_7_32770_59@8
__fn_7_32770_60@8
__fn_7_32770_61@8
__fn_7_32770_62@8
__fn_7_32770_63@8
__fn_7_32770_64@8
__fn_7_32770_65@8
__fn_7_32770_66@8
__fn_7_32770_67@8
__fn_7_32770_68@8
__fn_7_32770_69@8
__fn_7_32770_70@8
__fn_7_32770_71@8
_getVtableInfo_nvo_comctl_datetime@12
_getVtableInfo_uo_comctl_datetime@12
_getVtableInfo_uo_statusbar@12
_getVtableInfo_w_ancestor@12
_getVtableInfo_w_print_preview@12
_getVtableInfo_w_print_setup@12

Sections

AUTO
Size: 189KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 26KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
cvery.compb234352/spjxc/spjxc/BIN/spjxc_menu.dll
.dll windows:1 windows x86 arch:x86

4b6f6f8c47c3e874d5491950f1ebe54a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CharUpperBuffA
MessageBoxA

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
ExitThread
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
GetCurrentThread
GetEnvironmentStrings
GetFileType
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStdHandle
GetVersion
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
SetConsoleCtrlHandler
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEvent
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile

pbvm80

ord5237
ord2412
ord5236
ord2384
ord2646
ord5245
ord2644
ord2645
ord2492
ord2479
ord2455
ord2405
ord2468
ord2448
ord2461
ord2462
ord2653
ord2599
ord2458
ord2578
ord5151
ord2012
ord2416
ord2582
ord2459
ord2183
ord2639
ord2638
ord2546
ord2404
ord2456
ord2865
ord2043
ord2864

Exports

Exports

_DllMain@12
__fn_10_32770_0@8
__fn_10_32770_1@8
__fn_10_32784_0@8
__fn_10_32784_1@8
__fn_10_32785_0@8
__fn_10_32785_1@8
__fn_10_32785_21@8
__fn_10_32786_0@8
__fn_10_32786_1@8
__fn_10_32786_21@8
__fn_10_32787_0@8
__fn_10_32787_1@8
__fn_10_32787_21@8
__fn_10_32788_0@8
__fn_10_32788_1@8
__fn_10_32788_21@8
__fn_10_32789_0@8
__fn_10_32789_1@8
__fn_10_32789_21@8
__fn_10_32790_0@8
__fn_10_32790_1@8
__fn_10_32791_0@8
__fn_10_32791_1@8
__fn_10_32791_21@8
__fn_11_32770_0@8
__fn_11_32770_1@8
__fn_11_32784_0@8
__fn_11_32784_1@8
__fn_11_32785_0@8
__fn_11_32785_1@8
__fn_11_32785_21@8
__fn_11_32786_0@8
__fn_11_32786_1@8
__fn_11_32786_21@8
__fn_11_32787_0@8
__fn_11_32787_1@8
__fn_11_32787_21@8
__fn_11_32788_0@8
__fn_11_32788_1@8
__fn_11_32788_21@8
__fn_11_32789_0@8
__fn_11_32789_1@8
__fn_11_32789_21@8
__fn_11_32790_0@8
__fn_11_32790_1@8
__fn_11_32791_0@8
__fn_11_32791_1@8
__fn_11_32791_21@8
__fn_12_32770_0@8
__fn_12_32770_1@8
__fn_12_32784_0@8
__fn_12_32784_1@8
__fn_12_32785_0@8
__fn_12_32785_1@8
__fn_12_32785_21@8
__fn_12_32786_0@8
__fn_12_32786_1@8
__fn_12_32787_0@8
__fn_12_32787_1@8
__fn_12_32787_21@8
__fn_12_32788_0@8
__fn_12_32788_1@8
__fn_12_32789_0@8
__fn_12_32789_1@8
__fn_12_32789_21@8
__fn_12_32790_0@8
__fn_12_32790_1@8
__fn_12_32790_21@8
__fn_12_32791_0@8
__fn_12_32791_1@8
__fn_12_32792_0@8
__fn_12_32792_1@8
__fn_12_32792_21@8
__fn_13_32770_0@8
__fn_13_32770_1@8
__fn_13_32784_0@8
__fn_13_32784_1@8
__fn_13_32785_0@8
__fn_13_32785_1@8
__fn_13_32785_21@8
__fn_13_32786_0@8
__fn_13_32786_1@8
__fn_13_32786_21@8
__fn_13_32787_0@8
__fn_13_32787_1@8
__fn_13_32787_21@8
__fn_13_32788_0@8
__fn_13_32788_1@8
__fn_13_32788_21@8
__fn_13_32789_0@8
__fn_13_32789_1@8
__fn_13_32789_21@8
__fn_13_32790_0@8
__fn_13_32790_1@8
__fn_13_32791_0@8
__fn_13_32791_1@8
__fn_13_32791_21@8
__fn_14_32770_0@8
__fn_14_32770_1@8
__fn_14_32770_21@8
__fn_14_32784_0@8
__fn_14_32784_1@8
__fn_14_32785_0@8
__fn_14_32785_1@8
__fn_14_32785_21@8
__fn_14_32786_0@8
__fn_14_32786_1@8
__fn_14_32786_21@8
__fn_14_32787_0@8
__fn_14_32787_1@8
__fn_14_32788_0@8
__fn_14_32788_1@8
__fn_14_32788_21@8
__fn_14_32789_0@8
__fn_14_32789_1@8
__fn_14_32789_21@8
__fn_14_32790_0@8
__fn_14_32790_1@8
__fn_14_32791_0@8
__fn_14_32791_1@8
__fn_14_32791_21@8
__fn_15_32770_0@8
__fn_15_32770_1@8
__fn_15_32770_21@8
__fn_15_32784_0@8
__fn_15_32784_1@8
__fn_15_32785_0@8
__fn_15_32785_1@8
__fn_15_32785_21@8
__fn_16_32770_0@8
__fn_16_32770_1@8
__fn_16_32784_0@8
__fn_16_32784_1@8
__fn_16_32785_0@8
__fn_16_32785_1@8
__fn_16_32785_21@8
__fn_16_32786_0@8
__fn_16_32786_1@8
__fn_16_32786_21@8
__fn_16_32787_0@8
__fn_16_32787_1@8
__fn_16_32787_21@8
__fn_16_32788_0@8
__fn_16_32788_1@8
__fn_16_32788_21@8
__fn_16_32789_0@8
__fn_16_32789_1@8
__fn_16_32789_21@8
__fn_16_32790_0@8
__fn_16_32790_1@8
__fn_16_32791_0@8
__fn_16_32791_1@8
__fn_16_32791_21@8
__fn_9_32770_0@8
__fn_9_32770_1@8
__fn_9_32784_0@8
__fn_9_32784_1@8
__fn_9_32785_0@8
__fn_9_32785_1@8
__fn_9_32785_21@8
__fn_9_32786_0@8
__fn_9_32786_1@8
__fn_9_32786_21@8
__fn_9_32787_0@8
__fn_9_32787_1@8
__fn_9_32787_21@8
_getVtableInfo_m_cbc_gl@12
_getVtableInfo_m_djll_m@12
_getVtableInfo_m_djxg@12
_getVtableInfo_m_gys_gl@12
_getVtableInfo_m_main@12
_getVtableInfo_m_spda_gl@12
_getVtableInfo_m_spxs@12
_getVtableInfo_m_spzlcx@12

Sections

AUTO
Size: 169KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 20KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
cvery.compb234352/spjxc/spjxc/BIN/spjxc_rk.dll
.dll windows:1 windows x86 arch:x86

6be9ffe6f70673a7092d630a7be8b2de

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CharUpperBuffA
MessageBoxA

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
ExitThread
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
GetCurrentThread
GetEnvironmentStrings
GetFileType
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStdHandle
GetVersion
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
SetConsoleCtrlHandler
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEvent
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile

pbvm80

ord5237
ord2452
ord2531
ord2536
ord2541
ord2405
ord2490
ord2279
ord2520
ord2537
ord2412
ord2498
ord2455
ord2646
ord5245
ord2644
ord2645
ord2450
ord5532
ord2441
ord2640
ord2463
ord2634
ord2514
ord5123
ord2426
ord2632
ord2295
ord5164
ord2624
ord2404
ord2453
ord2407
ord2639
ord2638
ord2479
ord2611
ord2468
ord2448
ord2454
ord2488
ord2461
ord2469
ord5151
ord2416
ord2582
ord2459
ord2462
ord5540
ord5555
ord2401
ord2151
ord2607
ord2484
ord2050
ord2057
ord2497
ord2473
ord2495
ord2474
ord2496
ord5236
ord2384
ord2012
ord2458
ord2578
ord2183
ord2486
ord2865
ord2043
ord2864

Exports

Exports

_DllMain@12
__fn_21_32770_0@8
__fn_21_32770_119@8
__fn_21_32770_1@8
__fn_21_32770_38@8
__fn_21_32787_35@8
__fn_21_32795_34@8
__fn_21_32796_34@8
__fn_21_32798_42@8
__fn_21_32798_44@8
__fn_21_32798_59@8
__fn_21_32802_414@8
__fn_21_32802_415@8
__fn_21_32802_47@8
__fn_21_32802_48@8
__fn_21_32802_59@8
__fn_21_32802_60@8
__fn_21_32804_35@8
__fn_21_32805_35@8
__fn_21_32807_23@8
__fn_21_32810_23@8
__fn_21_32811_23@8
__fn_23_32770_0@8
__fn_23_32770_119@8
__fn_23_32770_120@8
__fn_23_32770_121@8
__fn_23_32770_122@8
__fn_23_32770_123@8
__fn_23_32770_1@8
__fn_23_32770_24@8
__fn_23_32770_38@8
__fn_23_32787_36@8
__fn_23_32787_37@8
__fn_23_32787_414@8
__fn_23_32787_47@8
__fn_23_32790_37@8
__fn_23_32790_414@8
__fn_23_32790_47@8
__fn_23_32790_60@8
__fn_23_32792_35@8
__fn_23_32798_35@8
__fn_23_32800_23@8
__fn_23_32802_23@8
__fn_23_32803_23@8
__fn_24_32770_0@8
__fn_24_32770_119@8
__fn_24_32770_120@8
__fn_24_32770_121@8
__fn_24_32770_122@8
__fn_24_32770_1@8
__fn_24_32770_23@8
__fn_24_32787_37@8
__fn_24_32787_414@8
__fn_24_32787_47@8
__fn_24_32787_48@8
__fn_24_32790_37@8
__fn_24_32790_60@8
__fn_24_32790_61@8
__fn_24_32794_35@8
__fn_24_32800_35@8
__fn_24_32802_23@8
__fn_24_32804_23@8
__fn_24_32805_23@8
__fn_25_32770_0@8
__fn_25_32770_119@8
__fn_25_32770_120@8
__fn_25_32770_121@8
__fn_25_32770_122@8
__fn_25_32770_123@8
__fn_25_32770_124@8
__fn_25_32770_125@8
__fn_25_32770_126@8
__fn_25_32770_127@8
__fn_25_32770_1@8
__fn_25_32770_24@8
__fn_25_32770_38@8
__fn_25_32787_0@8
__fn_25_32787_1@8
__fn_25_32787_47@8
__fn_25_32787_48@8
__fn_25_32794_0@8
__fn_25_32794_1@8
__fn_25_32798_36@8
__fn_25_32798_414@8
__fn_25_32798_47@8
__fn_25_32802_0@8
__fn_25_32802_1@8
__fn_25_32803_414@8
__fn_25_32803_47@8
__fn_25_32805_0@8
__fn_25_32805_1@8
__fn_25_32806_414@8
__fn_25_32808_0@8
__fn_25_32808_1@8
__fn_25_32809_36@8
__fn_25_32809_414@8
__fn_25_32809_47@8
__fn_25_32811_0@8
__fn_25_32811_1@8
__fn_25_32814_0@8
__fn_25_32814_1@8
__fn_25_32816_34@8
__fn_25_32817_34@8
__fn_25_32818_37@8
__fn_25_32818_414@8
__fn_25_32821_35@8
__fn_25_32823_414@8
__fn_25_32823_60@8
__fn_25_32824_34@8
__fn_25_32826_42@8
__fn_25_32826_44@8
__fn_25_32829_35@8
__fn_25_32830_35@8
__fn_25_32832_23@8
__fn_25_32835_23@8
__fn_26_32770_0@8
__fn_26_32770_119@8
__fn_26_32770_1@8
__fn_26_32787_34@8
__fn_26_32791_34@8
__fn_26_32792_34@8
__fn_26_32794_37@8
__fn_26_32805_35@8
__fn_26_32806_35@8
__fn_26_32808_23@8
__fn_27_32770_0@8
__fn_27_32770_119@8
__fn_27_32770_1@8
__fn_27_32787_34@8
__fn_27_32791_34@8
__fn_27_32792_34@8
__fn_27_32803_37@8
__fn_27_32805_35@8
__fn_27_32806_35@8
__fn_27_32808_23@8
__fn_28_32770_0@8
__fn_28_32770_119@8
__fn_28_32770_1@8
__fn_28_32787_34@8
__fn_28_32791_34@8
__fn_28_32792_34@8
__fn_28_32793_34@8
__fn_28_32794_34@8
__fn_28_32807_35@8
__fn_28_32808_35@8
__fn_28_32809_35@8
__fn_28_32813_23@8
__fn_28_32815_23@8
_getVtableInfo_str_djll@12
_getVtableInfo_w_djll_d@12
_getVtableInfo_w_djll_m@12
_getVtableInfo_w_djtj_report@12
_getVtableInfo_w_djxg@12
_getVtableInfo_w_new_dj_report@12
_getVtableInfo_w_spda_gl@12
_getVtableInfo_w_xp_report@12

Sections

AUTO
Size: 546KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 91KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
cvery.compb234352/spjxc/spjxc/BIN/spjxc_sys.dll
.dll windows:1 windows x86 arch:x86

ae027106b9f286226158c233c371f306

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CharUpperBuffA
MessageBoxA

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
ExitThread
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
GetCurrentThread
GetEnvironmentStrings
GetFileType
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStdHandle
GetVersion
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
SetConsoleCtrlHandler
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEvent
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile

pbvm80

ord5237
ord2480
ord2521
ord2541
ord2653
ord2546
ord2519
ord2529
ord2532
ord2650
ord2081
ord2537
ord2493
ord2606
ord2536
ord2531
ord2441
ord2640
ord2488
ord2599
ord2505
ord2498
ord2405
ord2506
ord2468
ord2646
ord5245
ord2644
ord2645
ord2624
ord2634
ord2407
ord2461
ord2469
ord2057
ord2497
ord2473
ord2495
ord2474
ord2496
ord2582
ord2416
ord2453
ord2611
ord2484
ord2639
ord2638
ord2479
ord2426
ord2632
ord2295
ord2050
ord2486
ord2448
ord2520
ord2462
ord2454
ord5236
ord2384
ord5151
ord2412
ord2459
ord2012
ord2458
ord2578
ord2183
ord2865
ord2043
ord2864

Exports

Exports

_DllMain@12
__fn_30_32770_0@8
__fn_30_32770_119@8
__fn_30_32770_120@8
__fn_30_32770_121@8
__fn_30_32770_122@8
__fn_30_32770_123@8
__fn_30_32770_124@8
__fn_30_32770_1@8
__fn_30_32770_24@8
__fn_30_32770_38@8
__fn_30_32787_35@8
__fn_30_32795_38@8
__fn_30_32795_414@8
__fn_30_32797_40@8
__fn_30_32797_60@8
__fn_30_32798_35@8
__fn_30_32799_35@8
__fn_30_32801_23@8
__fn_30_32803_23@8
__fn_31_32770_0@8
__fn_31_32770_119@8
__fn_31_32770_120@8
__fn_31_32770_121@8
__fn_31_32770_122@8
__fn_31_32770_123@8
__fn_31_32770_124@8
__fn_31_32770_1@8
__fn_31_32770_24@8
__fn_31_32770_38@8
__fn_31_32787_35@8
__fn_31_32795_38@8
__fn_31_32795_414@8
__fn_31_32797_38@8
__fn_31_32797_40@8
__fn_31_32797_60@8
__fn_31_32798_35@8
__fn_31_32799_35@8
__fn_31_32801_23@8
__fn_31_32803_23@8
__fn_32_32770_0@8
__fn_32_32770_121@8
__fn_32_32770_122@8
__fn_32_32770_123@8
__fn_32_32770_124@8
__fn_32_32770_1@8
__fn_32_32770_38@8
__fn_32_32779_34@8
__fn_32_32792_34@8
__fn_32_32793_34@8
__fn_32_32794_34@8
__fn_32_32795_34@8
__fn_32_32816_40@8
__fn_32_32816_60@8
__fn_32_32818_35@8
__fn_32_32819_35@8
__fn_32_32823_23@8
__fn_32_32825_23@8
__fn_33_32770_0@8
__fn_33_32770_1@8
__fn_33_32799_34@8
__fn_33_32800_34@8
__fn_33_32801_34@8
__fn_33_32802_34@8
__fn_33_32803_34@8
__fn_33_32817_48@8
__fn_33_32819_37@8
__fn_33_32819_60@8
__fn_33_32821_35@8
__fn_33_32822_35@8
__fn_33_32824_23@8
__fn_33_32826_23@8
__fn_33_32827_23@8
__fn_34_32770_0@8
__fn_34_32770_1@8
__fn_34_32770_38@8
__fn_34_32779_34@8
__fn_34_32792_34@8
__fn_34_32793_34@8
__fn_34_32794_34@8
__fn_34_32795_34@8
__fn_34_32796_34@8
__fn_34_32797_34@8
__fn_34_32798_34@8
__fn_34_32799_34@8
__fn_34_32800_34@8
__fn_34_32802_414@8
__fn_34_32802_60@8
__fn_34_32805_34@8
__fn_34_32806_34@8
__fn_34_32807_37@8
__fn_34_32810_35@8
__fn_34_32813_35@8
__fn_34_32815_23@8
__fn_34_32817_23@8
__fn_34_32818_23@8
__fn_34_32819_23@8
__fn_35_32770_0@8
__fn_35_32770_1@8
__fn_35_32770_38@8
__fn_35_32779_34@8
__fn_35_32792_34@8
__fn_35_32793_34@8
__fn_35_32794_34@8
__fn_35_32796_37@8
__fn_35_32796_414@8
__fn_35_32800_35@8
__fn_35_32803_35@8
__fn_35_32805_23@8
__fn_35_32807_23@8
_getVtableInfo_w_cbc_gl@12
_getVtableInfo_w_gys_gl@12
_getVtableInfo_w_role_gl@12
_getVtableInfo_w_spfl_gl@12
_getVtableInfo_w_user_gl@12
_getVtableInfo_w_xt_menu@12

Sections

AUTO
Size: 374KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 57KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
cvery.compb234352/spjxc/spjxc/BIN/spjxc_xs.dll
.dll windows:1 windows x86 arch:x86

7c10edf53f58c98bb9f0d86db365dd1a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CharUpperBuffA
MessageBoxA

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
ExitThread
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
GetCurrentThread
GetEnvironmentStrings
GetFileType
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStdHandle
GetVersion
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
SetConsoleCtrlHandler
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEvent
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile

pbvm80

ord5237
ord2519
ord2531
ord2529
ord2532
ord2650
ord2521
ord2081
ord2455
ord2452
ord2646
ord5245
ord2644
ord2645
ord2450
ord5555
ord5549
ord2407
ord5123
ord5164
ord2624
ord2441
ord2634
ord2468
ord2461
ord2469
ord2582
ord2416
ord2453
ord2541
ord2611
ord2149
ord2147
ord2607
ord2295
ord2493
ord2606
ord2426
ord2632
ord2057
ord2497
ord2473
ord2495
ord2474
ord2496
ord2484
ord2520
ord2536
ord2537
ord2488
ord5553
ord2050
ord2486
ord2454
ord5151
ord2412
ord2459
ord2462
ord5236
ord2384
ord2012
ord2458
ord2578
ord2183
ord2639
ord2638
ord2479
ord2448
ord2865
ord2043
ord2864

Exports

Exports

_DllMain@12
__fn_36_32770_0@8
__fn_36_32770_119@8
__fn_36_32770_120@8
__fn_36_32770_121@8
__fn_36_32770_122@8
__fn_36_32770_123@8
__fn_36_32770_124@8
__fn_36_32770_1@8
__fn_36_32770_23@8
__fn_36_32770_24@8
__fn_36_32770_38@8
__fn_36_32787_37@8
__fn_36_32787_414@8
__fn_36_32787_47@8
__fn_36_32787_48@8
__fn_36_32791_34@8
__fn_36_32796_42@8
__fn_36_32796_44@8
__fn_36_32802_414@8
__fn_36_32802_415@8
__fn_36_32802_47@8
__fn_36_32802_48@8
__fn_36_32802_57@8
__fn_36_32802_59@8
__fn_36_32803_35@8
__fn_36_32804_35@8
__fn_36_32806_23@8
__fn_36_32809_23@8
__fn_37_32770_0@8
__fn_37_32770_119@8
__fn_37_32770_1@8
__fn_37_32787_34@8
__fn_37_32791_34@8
__fn_37_32792_34@8
__fn_37_32803_37@8
__fn_37_32805_35@8
__fn_37_32806_35@8
__fn_37_32808_23@8
__fn_37_32810_23@8
_getVtableInfo_w_spxs@12
_getVtableInfo_w_today_xs_report@12

Sections

AUTO
Size: 145KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 19KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
cvery.compb234352/spjxc/spjxc/BIN/spjxc_zlcx.dll
.dll windows:1 windows x86 arch:x86

c85cb575310d5ef0dab84ea9cf6ccc60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CharUpperBuffA
MessageBoxA

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
ExitThread
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
GetCurrentThread
GetEnvironmentStrings
GetFileType
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStdHandle
GetVersion
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
SetConsoleCtrlHandler
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEvent
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile

pbvm80

ord5237
ord2646
ord5245
ord2644
ord2645
ord2407
ord2484
ord5123
ord2639
ord2638
ord2479
ord2386
ord2426
ord2632
ord2295
ord5164
ord2486
ord2448
ord2624
ord2468
ord2454
ord2461
ord2469
ord2057
ord2497
ord2473
ord2495
ord2474
ord2496
ord2582
ord5151
ord2416
ord2453
ord2459
ord2611
ord2050
ord2462
ord5236
ord2384
ord2012
ord2458
ord2578
ord2183
ord2865
ord2043
ord2864

Exports

Exports

_DllMain@12
__fn_29_32770_0@8
__fn_29_32770_119@8
__fn_29_32770_1@8
__fn_29_32770_38@8
__fn_29_32787_0@8
__fn_29_32787_1@8
__fn_29_32787_47@8
__fn_29_32787_48@8
__fn_29_32794_0@8
__fn_29_32794_1@8
__fn_29_32798_37@8
__fn_29_32798_414@8
__fn_29_32800_0@8
__fn_29_32800_1@8
__fn_29_32801_37@8
__fn_29_32801_414@8
__fn_29_32802_0@8
__fn_29_32802_1@8
__fn_29_32803_37@8
__fn_29_32803_414@8
__fn_29_32804_0@8
__fn_29_32804_1@8
__fn_29_32805_37@8
__fn_29_32805_414@8
__fn_29_32806_0@8
__fn_29_32806_1@8
__fn_29_32807_37@8
__fn_29_32808_0@8
__fn_29_32808_1@8
__fn_29_32809_37@8
__fn_29_32809_414@8
__fn_29_32810_0@8
__fn_29_32810_1@8
__fn_29_32811_37@8
__fn_29_32811_414@8
__fn_29_32812_0@8
__fn_29_32812_1@8
__fn_29_32813_37@8
__fn_29_32813_414@8
__fn_29_32816_34@8
__fn_29_32818_42@8
__fn_29_32818_44@8
__fn_29_32823_414@8
__fn_29_32823_60@8
__fn_29_32824_35@8
__fn_29_32825_35@8
__fn_29_32827_23@8
_getVtableInfo_w_spzlcx@12

Sections

AUTO
Size: 107KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 17KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
cvery.compb234352/spjxc/spjxc/Md5.dll
.dll windows:4 windows x86 arch:x86

9e7a1d90cfa93e6f1642653b92db15aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord6375
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord4274
ord4486
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord823
ord3738
ord561
ord825
ord815
ord2982
ord3147
ord4424
ord1578
ord600
ord1116
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord269
ord826
ord1570
ord1197
ord6467
ord1255
ord1253

msvcrt

sprintf
__CxxFrameHandler
_EH_prolog
??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit

kernel32

LocalAlloc
LocalFree

Exports

Exports

MD5Final
MD5Init
MD5Update
MDString

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 442B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cvery.compb234352/spjxc/spjxc/Md5/Debug/Md5.dll
.dll windows:4 windows x86 arch:x86

9f6a247d1317d765aa460b50fb4da77d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42d

ord1880
ord1860
ord4415
ord3702
ord3231
ord1033
ord4130
ord1789
ord2661
ord4227
ord4229
ord2104
ord3366
ord3826
ord4239
ord4215
ord4408
ord3244
ord2340
ord2481
ord3552
ord5077
ord2473
ord2585
ord2341
ord2432
ord2339
ord3143
ord3144
ord3142
ord2431
ord3367
ord3784
ord3657
ord2021
ord1285
ord4492
ord2986
ord714
ord728
ord706
ord3691
ord2584
ord528
ord284
ord1192
ord1050
ord1110
ord1189
ord1191
ord1087
ord1114
ord1041
ord719
ord333
ord1157
ord285
ord726
ord551
ord550
ord1179
ord1101
ord1166
ord1164
ord1186
ord1129

msvcrtd

_chkesp
sprintf
__CxxFrameHandler
??1type_info@@UAE@XZ
??3@YAXPAX@Z
_adjust_fdiv
_malloc_dbg
_initterm
_free_dbg
_onexit
__dllonexit

kernel32

LocalFree
LocalAlloc

Exports

Exports

MD5Final
MD5Init
MD5Update
MDString

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cvery.compb234352/spjxc/spjxc/Md5/Debug/Md5.exp
cvery.compb234352/spjxc/spjxc/Md5/Debug/Md5.ilk
cvery.compb234352/spjxc/spjxc/Md5/Debug/Md5.lib
cvery.compb234352/spjxc/spjxc/Md5/Debug/Md5.obj
cvery.compb234352/spjxc/spjxc/Md5/Debug/Md5.res
cvery.compb234352/spjxc/spjxc/Md5/Debug/StdAfx.obj
cvery.compb234352/spjxc/spjxc/Md5/Debug/vc60.idb
cvery.compb234352/spjxc/spjxc/Md5/Debug/vc60.pdb
cvery.compb234352/spjxc/spjxc/Md5/Md5.clw
cvery.compb234352/spjxc/spjxc/Md5/Md5.cpp
cvery.compb234352/spjxc/spjxc/Md5/Md5.def
cvery.compb234352/spjxc/spjxc/Md5/Md5.dsp
cvery.compb234352/spjxc/spjxc/Md5/Md5.dsw
cvery.compb234352/spjxc/spjxc/Md5/Md5.h
cvery.compb234352/spjxc/spjxc/Md5/Md5.ncb
cvery.compb234352/spjxc/spjxc/Md5/Md5.opt
.js
cvery.compb234352/spjxc/spjxc/Md5/Md5.plg
.html
cvery.compb234352/spjxc/spjxc/Md5/Md5.rc
cvery.compb234352/spjxc/spjxc/Md5/Release/Md5.dll
.dll windows:4 windows x86 arch:x86

9e7a1d90cfa93e6f1642653b92db15aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord6375
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord4274
ord4486
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord823
ord3738
ord561
ord825
ord815
ord2982
ord3147
ord4424
ord1578
ord600
ord1116
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord269
ord826
ord1570
ord1197
ord6467
ord1255
ord1253

msvcrt

sprintf
__CxxFrameHandler
_EH_prolog
??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit

kernel32

LocalAlloc
LocalFree

Exports

Exports

MD5Final
MD5Init
MD5Update
MDString

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 442B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cvery.compb234352/spjxc/spjxc/Md5/Release/Md5.exp
cvery.compb234352/spjxc/spjxc/Md5/Release/Md5.lib
cvery.compb234352/spjxc/spjxc/Md5/Release/Md5.obj
cvery.compb234352/spjxc/spjxc/Md5/Release/Md5.res
cvery.compb234352/spjxc/spjxc/Md5/Release/StdAfx.obj
cvery.compb234352/spjxc/spjxc/Md5/Release/vc60.idb
cvery.compb234352/spjxc/spjxc/Md5/Resource.h
cvery.compb234352/spjxc/spjxc/Md5/StdAfx.cpp
cvery.compb234352/spjxc/spjxc/Md5/StdAfx.h
cvery.compb234352/spjxc/spjxc/Md5/global.h
cvery.compb234352/spjxc/spjxc/Md5/res/Md5.rc2
cvery.compb234352/spjxc/spjxc/rc.pbr
cvery.compb234352/spjxc/spjxc/rc/VARRPUNT.JPG
.jpg
cvery.compb234352/spjxc/spjxc/rc/dial.bmp
cvery.compb234352/spjxc/spjxc/rc/dialing1.BMP
cvery.compb234352/spjxc/spjxc/rc/dialing2.BMP
cvery.compb234352/spjxc/spjxc/rc/dialing3.BMP
cvery.compb234352/spjxc/spjxc/rc/dialing4.BMP
cvery.compb234352/spjxc/spjxc/rc/pic060.jpg
.jpg
cvery.compb234352/spjxc/spjxc/rc/system.ico
cvery.compb234352/spjxc/spjxc/spjxc.dmp
cvery.compb234352/spjxc/spjxc/spjxc.pbl
cvery.compb234352/spjxc/spjxc/spjxc.pbt
cvery.compb234352/spjxc/spjxc/spjxc.pbw
cvery.compb234352/spjxc/spjxc/spjxc_com.pbl
.vbs
cvery.compb234352/spjxc/spjxc/spjxc_menu.pbl
cvery.compb234352/spjxc/spjxc/spjxc_rk.pbl
cvery.compb234352/spjxc/spjxc/spjxc_sys.pbl
.vbs
cvery.compb234352/spjxc/spjxc/spjxc_xs.pbl
cvery.compb234352/spjxc/spjxc/spjxc_zlcx.pbl
.vbs
cvery.compb234352/spjxc/spjxc/商品进销存管理系统数据字典.doc
.doc windows office2003
cvery.compb234352/spjxc/spjxc/系统升级记录.doc
.doc windows office2003
cvery.compb234352/spjxc_installdatabase/商品进销存管理系统数据库安装介绍.doc
.doc windows office2003
cvery.compb234352/下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

9e7a1d90cfa93e6f1642653b92db15aa

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 808B

.reloc Size: 4KB - Virtual size: 442B

3c6ec78f03e9b42d824669712b011e6a

Headers

File Characteristics

Imports

user32

kernel32

pbvm80

Exports

Exports

Sections

AUTO Size: 147KB - Virtual size:

.idata Size: 2KB - Virtual size:

DGROUP Size: 19KB - Virtual size:

.bss Size: 5KB - Virtual size:

.edata Size: 2KB - Virtual size:

.reloc Size: 3KB - Virtual size:

.rsrc Size: 1KB - Virtual size:

c781fbc21f0deec4cce073cc3b8ca9e5

Headers

File Characteristics

Imports

user32

kernel32

pbvm80

Sections

AUTO Size: 16KB - Virtual size:

.idata Size: 1KB - Virtual size:

DGROUP Size: 3KB - Virtual size:

.bss Size: 4KB - Virtual size:

.reloc Size: 1KB - Virtual size:

.rsrc Size: 2KB - Virtual size:

a6dfa40222c540c37591d0b066793a3d

Headers

File Characteristics

Imports

user32

kernel32

pbvm80

Exports

Exports

Sections

AUTO Size: 189KB - Virtual size:

.idata Size: 2KB - Virtual size:

DGROUP Size: 26KB - Virtual size:

.bss Size: 5KB - Virtual size:

.edata Size: 3KB - Virtual size:

.reloc Size: 4KB - Virtual size:

.rsrc Size: 1KB - Virtual size:

4b6f6f8c47c3e874d5491950f1ebe54a

Headers

File Characteristics

Imports

user32

kernel32

pbvm80

Exports

Exports

Sections

AUTO Size: 169KB - Virtual size:

.idata Size: 2KB - Virtual size:

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 808B

.reloc
Size: 4KB - Virtual size: 442B

AUTO
Size: 147KB - Virtual size:

.idata
Size: 2KB - Virtual size:

DGROUP
Size: 19KB - Virtual size:

.bss
Size: 5KB - Virtual size:

.edata
Size: 2KB - Virtual size:

.reloc
Size: 3KB - Virtual size:

.rsrc
Size: 1KB - Virtual size:

AUTO
Size: 16KB - Virtual size:

.idata
Size: 1KB - Virtual size:

DGROUP
Size: 3KB - Virtual size:

.bss
Size: 4KB - Virtual size:

.reloc
Size: 1KB - Virtual size:

.rsrc
Size: 2KB - Virtual size:

AUTO
Size: 189KB - Virtual size:

.idata
Size: 2KB - Virtual size:

DGROUP
Size: 26KB - Virtual size:

.bss
Size: 5KB - Virtual size:

.edata
Size: 3KB - Virtual size:

.reloc
Size: 4KB - Virtual size:

.rsrc
Size: 1KB - Virtual size:

AUTO
Size: 169KB - Virtual size:

.idata
Size: 2KB - Virtual size:

DGROUP
Size: 20KB - Virtual size:

.bss
Size: 5KB - Virtual size:

.edata
Size: 5KB - Virtual size:

.reloc
Size: 4KB - Virtual size:

.rsrc
Size: 1KB - Virtual size:

AUTO
Size: 546KB - Virtual size:

.idata
Size: 2KB - Virtual size:

DGROUP
Size: 91KB - Virtual size:

.bss
Size: 5KB - Virtual size:

.edata
Size: 5KB - Virtual size:

.reloc
Size: 9KB - Virtual size:

.rsrc
Size: 1KB - Virtual size:

AUTO
Size: 374KB - Virtual size:

.idata
Size: 2KB - Virtual size:

DGROUP
Size: 57KB - Virtual size:

.bss
Size: 5KB - Virtual size:

.edata
Size: 3KB - Virtual size:

.reloc
Size: 6KB - Virtual size:

.rsrc
Size: 1KB - Virtual size:

AUTO
Size: 145KB - Virtual size:

.idata
Size: 2KB - Virtual size:

DGROUP
Size: 19KB - Virtual size:

.bss
Size: 5KB - Virtual size:

.edata
Size: 1KB - Virtual size:

.reloc
Size: 3KB - Virtual size:

.rsrc
Size: 1KB - Virtual size:

AUTO
Size: 107KB - Virtual size:

.idata
Size: 2KB - Virtual size:

DGROUP
Size: 17KB - Virtual size:

.bss
Size: 5KB - Virtual size: