a8f46ecb460b062279d638d8a665327a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a8f46ecb460b062279d638d8a665327a_JaffaCakes118
Size

1.8MB
MD5

a8f46ecb460b062279d638d8a665327a
SHA1

3c8854f0135a80b63e4af75f3709231d949b3400
SHA256

2a25a21f0e2f2241f849709e47e4bd8b41915e22920a99bcecb19d4acd4005cc
SHA512

6bad9416ce5052abb5960fb48505ca6980defe400f10569a939ab73d94a5c0f4ea6209b3e6cb9bde3f3b4ca4d82882353c052161baabf47a57c1080c39bf22be
SSDEEP

49152:jNCHS9tVeEDP2x2JCXp9++75otKyKYAEL4K9qyejKzt:jIHS9pDP2xAC2+7wS5EL4WqFQ

Score

7^/10

aspackv2 upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 2 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/FreshView/freshmp3.dll	acprotect
static1/unpack001/FreshView/qtmlclient.dll	acprotect

ASPack v2.12-2.42 2 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/FreshView/freshmod.dll	aspack_v212_v242
static1/unpack001/FreshView/freshogg.dll	aspack_v212_v242

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/FreshView/freshmp3.dll	upx
static1/unpack001/FreshView/freshogg.dll	upx
static1/unpack001/FreshView/qtmlclient.dll	upx

Unsigned PE 10 IoCs

Checks for missing Authenticode signature.

resource
unpack001/FreshView/freshico.dll
unpack001/FreshView/freshmod.dll
unpack001/FreshView/freshmp3.dll
unpack002/out.upx
unpack001/FreshView/freshogg.dll
unpack001/FreshView/fview.exe
unpack001/FreshView/fviewctx.dll
unpack001/FreshView/plugins/simg.dll
unpack001/FreshView/qtmlclient.dll
unpack004/out.upx

Files

a8f46ecb460b062279d638d8a665327a_JaffaCakes118
.rar
FreshView/Backgrounds/back1.bmp
FreshView/Backgrounds/back2.bmp
FreshView/Backgrounds/back3.bmp
FreshView/Backgrounds/back4.bmp
FreshView/Backgrounds/back5.bmp
FreshView/Backgrounds/back6.bmp
FreshView/Backgrounds/back7.bmp
FreshView/Backgrounds/back8.bmp
FreshView/Backgrounds/back9.bmp
FreshView/Templates/standard-index.html
.html
FreshView/Templates/standard-page.html
.html
FreshView/Templates/standard.fat
FreshView/freshico.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
FreshView/freshmod.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

Mod_Free
Mod_GetModuleNumPos
Mod_GetModulePos
Mod_Init
Mod_Load
Mod_Pause
Mod_Paused
Mod_Play
Mod_Playing
Mod_SetPosition
Mod_Stop
Mod_Update

Sections

.text
Size: 66KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ncom
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
FreshView/freshmp3.dll
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

@__lockDebuggerData$qv
@__unlockDebuggerData$qv
Close
GetBitrate
GetCurrentPos
GetFrequency
GetLayer
GetLength
GetPlayerMode
GetStereoMode
LastError
Open
Pause
Play
ResetPlayerMode
Restart
Seek
Seekable
SetOutputDevice
SetPriority
SetSndDevice
Stop
UseScaleFactor
__DebuggerHookData
deinit
init

Sections

UPX0
Size: - Virtual size: 128KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 57KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 95KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
FreshView/freshogg.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

_floor_P
_mapping_P
_residue_P
ogg_packet_clear
ogg_page_bos
ogg_page_continued
ogg_page_eos
ogg_page_granulepos
ogg_page_packets
ogg_page_pageno
ogg_page_serialno
ogg_page_version
ogg_stream_clear
ogg_stream_destroy
ogg_stream_eos
ogg_stream_flush
ogg_stream_init
ogg_stream_packetin
ogg_stream_packetout
ogg_stream_packetpeek
ogg_stream_pagein
ogg_stream_pageout
ogg_stream_reset
ogg_stream_reset_serialno
ogg_sync_buffer
ogg_sync_clear
ogg_sync_destroy
ogg_sync_init
ogg_sync_pageout
ogg_sync_pageseek
ogg_sync_reset
ogg_sync_wrote
oggpack_adv
oggpack_adv1
oggpack_bits
oggpack_bytes
oggpack_get_buffer
oggpack_look
oggpack_look1
oggpack_read
oggpack_read1
oggpack_readinit
oggpack_reset
oggpack_write
oggpack_writealign
oggpack_writeclear
oggpack_writeinit
ov_bitrate
ov_bitrate_instant
ov_clear
ov_comment
ov_info
ov_open
ov_open_callbacks
ov_pcm_seek
ov_pcm_seek_page
ov_pcm_tell
ov_pcm_total
ov_raw_seek
ov_raw_tell
ov_raw_total
ov_read
ov_seekable
ov_serialnumber
ov_streams
ov_test
ov_test_callbacks
ov_test_open
ov_time_seek
ov_time_seek_page
ov_time_tell
ov_time_total
vorbis_analysis
vorbis_analysis_blockout
vorbis_analysis_buffer
vorbis_analysis_headerout
vorbis_analysis_init
vorbis_analysis_wrote
vorbis_bitrate_addblock
vorbis_bitrate_flushpacket
vorbis_block_clear
vorbis_block_init
vorbis_comment_add
vorbis_comment_add_tag
vorbis_comment_clear
vorbis_comment_init
vorbis_comment_query
vorbis_comment_query_count
vorbis_commentheader_out
vorbis_dsp_clear
vorbis_encode_setup_init
vorbis_encode_setup_managed
vorbis_encode_setup_vbr
vorbis_info_blocksize
vorbis_info_clear
vorbis_info_init
vorbis_packet_blocksize
vorbis_synthesis
vorbis_synthesis_blockin
vorbis_synthesis_headerin
vorbis_synthesis_init
vorbis_synthesis_pcmout
vorbis_synthesis_read
vorbis_synthesis_trackonly

Sections

UPX0
Size: - Virtual size: 892KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 142KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ncom
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
FreshView/fview.chm
.chm
FreshView/fview.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 42KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 48B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 821KB - Virtual size: 821KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
FreshView/fviewctx.dll
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 583KB - Virtual size: 583KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 7KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 165B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
FreshView/license.txt
FreshView/plugins/simg.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

FViewExec
GetName
Init

Sections

CODE
Size: 471KB - Virtual size: 470KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 102B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
FreshView/qtmlclient.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

AbortPrePrerollMovie
ActivatePalette
AddCallBackToTimeBase
AddComp
AddEmptyTrackToMovie
AddFilePreview
AddImageDescriptionExtension
AddMediaDataRef
AddMediaSample
AddMediaSampleReference
AddMediaSampleReferences
AddMediaSampleReferences64
AddMovieExecuteWiredActionsProc
AddMovieResource
AddMovieSelection
AddPt
AddResource
AddSearch
AddSoundDescriptionExtension
AddTime
AddTrackReference
AddUserData
AddUserDataText
Alert
AlignScreenRect
AlignWindow
AllowPurgePixels
AngleFromSlope
AppendDITL
AppendResMenu
ApplicationZone
AudioGetBass
AudioGetInfo
AudioGetMute
AudioGetOutputDevice
AudioGetTreble
AudioGetVolume
AudioMuteOnEvent
AudioSetBass
AudioSetMute
AudioSetToDefaults
AudioSetTreble
AudioSetVolume
BackColor
BackPat
BackPixPat
BeginFullScreen
BeginMediaEdits
BeginUpdate
BitAnd
BitClr
BitMapToRegion
BitNot
BitOr
BitSet
BitShift
BitTst
BitXor
BlockMove
BlockMoveData
BogusDispatcher
BringToFront
Button
CDSequenceBusy
CDSequenceChangedSourceData
CDSequenceDisposeDataSource
CDSequenceDisposeMemory
CDSequenceEnd
CDSequenceEquivalentImageDescription
CDSequenceFlush
CDSequenceGetDataSource
CDSequenceInvalidate
CDSequenceNewDataSource
CDSequenceNewMemory
CDSequenceSetSourceData
CDSequenceSetSourceDataQueue
CDSequenceSetTimeBase
CTab2Palette
CTabChanged
CalcCMask
CalcMask
CalcMenuSize
CallComponent
CallComponentCanDo
CallComponentClose
CallComponentExecuteWiredAction
CallComponentFunctionWithStorage
CallComponentGetMPWorkFunction
CallComponentGetPublicResource
CallComponentOpen
CallComponentRegister
CallComponentTarget
CallComponentUnregister
CallComponentVersion
CallMeWhen
CancelCallBack
CaptureComponent
CautionAlert
ChangedResource
CharByte
CharType
CharWidth
CharacterByteType
CharacterType
CheckItem
CheckQuickTimeRegistration
ClearMenuBar
ClearMovieChanged
ClearMovieSelection
ClearMoviesStickyError
ClipRect
ClockCallMeWhen
ClockCancelCallBack
ClockDisposeCallBack
ClockGetRate
ClockGetTime
ClockNewCallBack
ClockRateChanged
ClockSetTimeBase
ClockStartStopChanged
ClockTimeChanged
CloneRgn
CloseCPort
CloseComponent
CloseComponentResFile
CloseDialog
CloseMixerSoundComponent
CloseMovieFile
ClosePicture
ClosePoly
ClosePort
CloseResFile
CloseRgn
CodecManagerVersion
Color2Index
ColorBit
Comp3to1
Comp6to1
CompAdd
CompCompare
CompDiv
CompFixMul
CompMul
CompMulDiv
CompMulDivTrunc
CompNeg
CompShift
CompSquareRoot
CompSub
CompactMem
CompactMemSys
ComponentFunctionImplemented
ComponentSetTarget
CompressImage
CompressPicture
CompressPictureFile
CompressSequenceBegin
CompressSequenceFrame
ConcatMatrix
ConvertFileToMovieFile
ConvertImage
ConvertMovieToFile
ConvertTime
ConvertTimeScale
CopyBits
CopyBitsGDI
CopyDeepMask
CopyMask
CopyMatrix
CopyMovieSelection
CopyMovieSettings
CopyPalette
CopyPixMap
CopyPixPat
CopyTrackSettings
Count1Resources
Count1Types
CountComponentInstances
CountComponents
CountDITL
CountImageDescriptionExtensionType
CountMItems
CountResources
CountTypes
CountUserDataType
CreateMovieFile
CreatePortAssociation
CreateShortcutMovieFile
CurResFile
CurveAddAtomToVectorStream
CurveAddPathAtomToVectorStream
CurveAddZeroAtomToVectorStream
CurveCountPointsInPath
CurveCreateVectorStream
CurveGetAtomDataFromVectorStream
CurveGetLength
CurveGetNearestPathPoint
CurveGetPathPoint
CurveInsertPointIntoPath
CurveLengthToPoint
CurveNewPath
CurvePathPointToLength
CurveSetPathPoint
CustomGetFile
CustomGetFilePreview
CustomPutFile
CutMovieSelection
DTInstall
DataCodecBeginInterruptSafe
DataCodecCompress
DataCodecCompressPartial
DataCodecDecompress
DataCodecDecompressPartial
DataCodecEndInterruptSafe
DataCodecGetCompressBufferSize
DataHAddMovie
DataHAppend64
DataHCanUseDataRef
DataHCloseForRead
DataHCloseForWrite
DataHCompareDataRef
DataHCreateFile
DataHDoesBuffer
DataHFinishData
DataHFlushCache
DataHFlushData
DataHGetAvailableFileSize
DataHGetCacheSizeLimit
DataHGetData
DataHGetDataAvailability
DataHGetDataInBuffer
DataHGetDataRef
DataHGetDataRefAsType
DataHGetDataRefExtension
DataHGetDataRefWithAnchor
DataHGetDeviceIndex
DataHGetFileName
DataHGetFileSize
DataHGetFileSize64
DataHGetFileSizeAsync
DataHGetFreeSpace
DataHGetFreeSpace64
DataHGetInfoFlags
DataHGetMIMEType
DataHGetMacOSFileType
DataHGetMovie
DataHGetMovieWithFlags
DataHGetPreferredBlockSize
DataHGetScheduleAheadTime
DataHGetVolumeList
DataHIsStreamingDataHandler
DataHOpenForRead
DataHOpenForWrite
DataHPlaybackHints
DataHPlaybackHints64
DataHPollRead
DataHPreextend
DataHPreextend64
DataHPutData
DataHReadAsync
DataHResolveDataRef
DataHScheduleData
DataHScheduleData64
DataHSetCacheSizeLimit
DataHSetDataRef
DataHSetDataRefExtension
DataHSetDataRefWithAnchor
DataHSetFileSize
DataHSetFileSize64
DataHSetMacOSFileType
DataHSetTimeBase
DataHTask
DataHUpdateMovie
DataHWrite
DataHWrite64
DateToSeconds
DebugStr
Debugger
DecompressImage
DecompressSequenceBegin
DecompressSequenceBeginS
DecompressSequenceFrame
DecompressSequenceFrameS
DecompressSequenceFrameWhen
DelComp
DelSearch
Delay
DelegateComponentCall
DeleteGestaltValue
DeleteMenuItem
DeleteMovieFile
DeleteMovieSegment
DeleteTrackReference
DeleteTrackSegment
Dequeue
DestroyComponent
DestroyPortAssociation
DetachResource
DeviceLoop
DialogSelect
DiffRgn
DisableItem
DisposeAllSprites
DisposeCCursor
DisposeCIcon
DisposeCTable
DisposeCallBack
DisposeCodecNameList
DisposeControl
DisposeDialog
DisposeGDevice
DisposeGWorld
DisposeHandle
DisposeMatte
DisposeMenu
DisposeMovie
DisposeMovieController
DisposeMovieEditState
DisposeMovieTrack
DisposePalette
DisposePixMap
DisposePixPat
DisposePtr
DisposeRgn
DisposeScreenBuffer
DisposeSprite
DisposeSpriteWorld
DisposeTimeBase
DisposeTrackEditState
DisposeTrackMedia
DisposeUserData
DisposeWindow
DragAlignedGrayRgn
DragAlignedWindow
Draw1Control
DrawChar
DrawControls
DrawDialog
DrawPicture
DrawPictureFile
DrawString
DrawTrimmedPicture
DrawTrimmedPictureFile
EmptyHandle
EmptyRect
EmptyRgn
EnableItem
EndFullScreen
EndMediaEdits
EndUpdate
Endian64_Swap
Enqueue
EnterMovies
Entry2Index
EqualMatrix
EqualPt
EqualString
EraseArc
EraseOval
ErasePoly
EraseRect
EraseRgn
EraseRoundRect
EventAvail
ExecuteCallBack
ExitMovies
ExitToShell
Exp1to3
Exp1to6
ExtendedToString
FCompressImage
FCompressPicture
FCompressPictureFile
FDecompressImage
FSClose
FSDelete
FSMakeFSSpec
FSRead
FSSpecToNativePathName
FSWrite
FSpCreate
FSpCreateResFile
FSpDelete
FSpGetFInfo
FSpOpenDF
FSpOpenRF
FSpOpenResFile
FSpRename
FillArc
FillCArc
FillCOval
FillCPoly
FillCRect
FillCRgn
FillCRoundRect
FillOval
FillPoly
FillRoundRect
FindCodec
FindControl
FindDialogItem
FindFolderEx
FindNextComponent
FindWordBreaks
Fix2Frac
Fix2Long
Fix2X
FixATan2
FixDiv
FixExp2
FixLog2
FixMul
FixMulDiv
FixPow
FixRatio
FixRound
FlashMediaFrameLabelToMovieTime
FlashMediaFrameNumberToMovieTime
FlashMediaGetDisplayedFrameNumber
FlashMediaGetRefConBounds
FlashMediaGetRefConID
FlashMediaIDToRefCon
FlashMediaSetPan
FlashMediaSetZoom
FlashMediaSetZoomRect
FlashMenuBar
FlattenMovie
FlattenMovieData
FlushEvents
FlushVol
FontScript
FontToScript
ForeColor
Frac2Fix
Frac2X
FracCos
FracDiv
FracMul
FracSin
FracSinCos
FracSqrt
FrameArc
FrameOval
FramePoly
FrameRoundRect
FreeMem
FreeMemSys
FrontWindow
GDGetScale
GDHasScale
GDSetScale
GDeviceChanged
Gestalt
Get1IndResource
Get1IndType
Get1NamedResource
Get1Resource
GetAliasInfo
GetBackColor
GetBestDeviceRect
GetCCursor
GetCIcon
GetCPixel
GetCSequenceDataRateParams
GetCSequenceFrameNumber
GetCSequenceKeyFrameRate
GetCSequenceMaxCompressionSize
GetCSequencePrevBuffer
GetCTSeed
GetCTable
GetCWMgrPort
GetCallBackTimeBase
GetCallBackType
GetCaretTime
GetClip
GetCodecInfo
GetCodecNameList
GetColor
GetComponentIconSuite
GetComponentIndString
GetComponentInfo
GetComponentInstanceA5
GetComponentInstanceError
GetComponentInstanceStorage
GetComponentListModSeed
GetComponentPublicIndString
GetComponentPublicResource
GetComponentPublicResourceList
GetComponentRefcon
GetComponentResource
GetComponentTypeModSeed
GetComponentVersion
GetCompressedImageSize
GetCompressedPixMapInfo
GetCompressionInfo
GetCompressionName
GetCompressionTime
GetControlAction
GetControlComponentInstance
GetControlHandleFromCookie

Sections

UPX0
Size: - Virtual size: 200KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 71KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FreshView/readme.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 9KB - Virtual size: 9KB

DATA Size: 512B - Virtual size: 176B

BSS Size: - Virtual size: 1KB

.idata Size: 1024B - Virtual size: 848B

.reloc Size: 1024B - Virtual size: 760B

.rsrc Size: 26KB - Virtual size: 26KB

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 66KB - Virtual size: 140KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 6KB - Virtual size: 24KB

.reloc Size: 10KB - Virtual size: 16KB

.ncom Size: 4KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 128KB

UPX1 Size: 57KB - Virtual size: 60KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 95KB - Virtual size: 96KB

.data Size: 39KB - Virtual size: 56KB

.tls Size: 512B - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 4KB

.edata Size: 1024B - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 6KB - Virtual size: 8KB

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 892KB

UPX1 Size: 142KB - Virtual size: 148KB

UPX2 Size: 3KB - Virtual size: 4KB

.ncom Size: 4KB - Virtual size: 4KB

.adata Size: - Virtual size: 4KB

Headers

File Characteristics

Sections

CODE Size: 2.0MB - Virtual size: 2.0MB

DATA Size: 57KB - Virtual size: 57KB

BSS Size: - Virtual size: 42KB

.idata Size: 16KB - Virtual size: 15KB

.tls Size: - Virtual size: 48B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 130KB - Virtual size: 130KB

.rsrc Size: 821KB - Virtual size: 821KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 583KB - Virtual size: 583KB

DATA Size: 10KB - Virtual size: 10KB

BSS Size: - Virtual size: 7KB

.idata Size: 9KB - Virtual size: 9KB

.edata Size: 512B - Virtual size: 165B

.reloc Size: 33KB - Virtual size: 33KB

.rsrc Size: 23KB - Virtual size: 23KB

Headers

File Characteristics

Exports

Exports

CODE
Size: 9KB - Virtual size: 9KB

DATA
Size: 512B - Virtual size: 176B

BSS
Size: - Virtual size: 1KB

.idata
Size: 1024B - Virtual size: 848B

.reloc
Size: 1024B - Virtual size: 760B

.rsrc
Size: 26KB - Virtual size: 26KB

.text
Size: 66KB - Virtual size: 140KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 6KB - Virtual size: 24KB

.reloc
Size: 10KB - Virtual size: 16KB

.ncom
Size: 4KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

UPX0
Size: - Virtual size: 128KB

UPX1
Size: 57KB - Virtual size: 60KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 95KB - Virtual size: 96KB

.data
Size: 39KB - Virtual size: 56KB

.tls
Size: 512B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.edata
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 6KB - Virtual size: 8KB

UPX0
Size: - Virtual size: 892KB

UPX1
Size: 142KB - Virtual size: 148KB

UPX2
Size: 3KB - Virtual size: 4KB

.ncom
Size: 4KB - Virtual size: 4KB

.adata
Size: - Virtual size: 4KB

CODE
Size: 2.0MB - Virtual size: 2.0MB

DATA
Size: 57KB - Virtual size: 57KB

BSS
Size: - Virtual size: 42KB

.idata
Size: 16KB - Virtual size: 15KB

.tls
Size: - Virtual size: 48B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 130KB - Virtual size: 130KB

.rsrc
Size: 821KB - Virtual size: 821KB

CODE
Size: 583KB - Virtual size: 583KB

DATA
Size: 10KB - Virtual size: 10KB

BSS
Size: - Virtual size: 7KB

.idata
Size: 9KB - Virtual size: 9KB

.edata
Size: 512B - Virtual size: 165B

.reloc
Size: 33KB - Virtual size: 33KB

.rsrc
Size: 23KB - Virtual size: 23KB

CODE
Size: 471KB - Virtual size: 470KB

DATA
Size: 6KB - Virtual size: 5KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 9KB - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 102B

.reloc
Size: 33KB - Virtual size: 33KB

.rsrc
Size: 27KB - Virtual size: 27KB

UPX0
Size: - Virtual size: 200KB

UPX1
Size: 23KB - Virtual size: 24KB

UPX2
Size: 71KB - Virtual size: 72KB

.text
Size: 112KB - Virtual size: 108KB

.rdata
Size: 76KB - Virtual size: 73KB

.data
Size: 4KB - Virtual size: 5KB

.reloc
Size: 16KB - Virtual size: 12KB