bff66105e00223ff1e140110dd25088d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bff66105e00223ff1e140110dd25088d_JaffaCakes118
Size

679KB
MD5

bff66105e00223ff1e140110dd25088d
SHA1

5519e2ba5b40c3e8bdc36736422cf54bf166df44
SHA256

ef476e5876afd640f3f782f057575589b1977f588c938a9ac1aa6e2bc006f506
SHA512

26d477a2acaa978f80b0112fd8c9f345d148975e2dd5bb6fd8f0764efeccccdf73a69eb15afbee56bb61724a43b8ebdb22ab970a0ee34c9783bf941fe47a40de
SSDEEP

12288:iXGBGLUsb7zlJFT9k/Y2VMhIAdYCfNvrihFghm3o+4gP3hQ91u+lc/3lsZVkW/U:iXGULJbdm2hoANvuhOEr4Yv+lcI9/

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
bff66105e00223ff1e140110dd25088d_JaffaCakes118
unpack001/out.upx

Files

bff66105e00223ff1e140110dd25088d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 668KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 650KB - Virtual size: 652KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Exports

Exports

@$xp$21Abfclasses@TabfThread
@$xp$21Abfcomponents@TabfWav
@$xp$22Abfclasses@EabfChannel
@$xp$22Abfclasses@TabfChannel
@$xp$22Abfconsts@abfConsts__1
@$xp$22Abfsysutils@TabfStrRec
@$xp$23Abfclasses@TabfCallBack
@$xp$23Abfsysutils@TabfCharSet
@$xp$24Abfclasses@TabfDelphiVer
@$xp$24Abfclasses@TabfDirection
@$xp$24Abfclasses@TabfHorzAlign
@$xp$24Abfclasses@TabfVertAlign
@$xp$25Abfclasses@TabfDelphiVers
@$xp$25Abfclasses@TabfStringList
@$xp$25Abfclasses@abfClasses__41
@$xp$25Abfcomponents@TabfAutoRun
@$xp$26Abfclasses@TabfEventThread
@$xp$26Abfclasses@TabfTimerThread
@$xp$26Abfcomponents@EabfTrayIcon
@$xp$26Abfcomponents@TabfShutdown
@$xp$26Abfcomponents@TabfTrayIcon
@$xp$26Abfsysutils@TabfRegRootKey
@$xp$27Abfclasses@TabfMessageEvent
@$xp$27Abfclasses@TabfRunTimeState
@$xp$27Abfcomponents@TabfComponent
@$xp$28Abfclasses@TabfCallbackThunk
@$xp$28Abfclasses@TabfRunTimeStates
@$xp$28Abfsysutils@TabfAutoExecKind
@$xp$28Abfsysutils@_REG_CHANGE_DATA
@$xp$29Abfclasses@TabfFreeNotifyProc
@$xp$29Abfclasses@TabfObjectCallBack
@$xp$29Abfcomponents@EabfFileStorage
@$xp$29Abfcomponents@TabfColorPicker
@$xp$29Abfcomponents@TabfCustomTimer
@$xp$29Abfcomponents@TabfFileStorage
@$xp$29Abfcomponents@TabfOneInstance
@$xp$29Abfcomponents@TabfThreadTimer
@$xp$29Abfcomponents@TabfWavPlayFrom
@$xp$29Abfcomponents@TabfWndProcHook
@$xp$29Abfsysutils@LPREG_CHANGE_DATA
@$xp$29Abfsysutils@TabfNtProductType
@$xp$30Abfclasses@EabfFileVersionInfo
@$xp$30Abfclasses@TabfFileVersionFlag
@$xp$30Abfclasses@TabfFileVersionInfo
@$xp$30Abfclasses@TabfLinkedComponent
@$xp$30Abfclasses@TabfLocalCopyThread
@$xp$30Abfsysutils@TabfWindowsVersion
@$xp$31Abfclasses@TabfCustomCopyThread
@$xp$31Abfclasses@TabfFileVersionFlags
@$xp$31Abfcomponents@TabfFileOperation
@$xp$31Abfcomponents@TabfFolderMonitor
@$xp$32Abfcomponents@TabfThreadMethodEx
@$xp$33Abfcomponents@TabfFileAssociation
@$xp$33Abfcomponents@TabfRegistryMonitor
@$xp$33Abfcomponents@TabfThreadComponent
@$xp$34Abfclasses@TabfFolderMonitorThread
@$xp$34Abfcomponents@TFolderMonitorFilter
@$xp$34Abfcomponents@TabfTrayIconInfoType
@$xp$35Abfclasses@TabfCopyThreadErrorEvent
@$xp$35Abfcomponents@TFolderMonitorFilters
@$xp$35Abfcomponents@TabfCustomFileStorage
@$xp$35Abfcomponents@TabfCustomThreadTimer
@$xp$35Abfcomponents@TabfCustomWndProcHook
@$xp$35Abfcomponents@TabfFileOperationFlag
@$xp$35Abfcomponents@TabfFileOperationType
@$xp$36Abfclasses@TabfRegistryMonitorThread
@$xp$36Abfcomponents@TabfFileOperationEvent
@$xp$36Abfcomponents@TabfFileOperationFlags
@$xp$36Abfcomponents@TabfNotifyIconDataVer4
@$xp$36Abfcomponents@TabfNotifyIconDataVer5
@$xp$36Abfcomponents@TabfQueryShutdownEvent
@$xp$36Abfcomponents@TabfShutdownActionType
@$xp$37Abfcomponents@TabfCustomFolderMonitor
@$xp$38Abfclasses@TabfCopyThreadProgressEvent
@$xp$39Abfcomponents@TabfCustomRegistryMonitor
@$xp$39Abfcomponents@TabfCustomThreadComponent
@$xp$39Abfcomponents@TabfRegistryMonitorFilter
@$xp$39Abfcomponents@TabfStartButtonProperties
@$xp$40Abfcomponents@TabfOneInstanceShowMessage
@$xp$40Abfcomponents@TabfRegistryMonitorFilters
@$xp$44Abfcomponents@TabfFileStorageOnFileOperation
@$xp$46Abfcomponents@TabfFileStorageOnConfirmOverride
@@Unit1@Finalize
@@Unit1@Initialize
@Abfclasses@CabfCallbackThunk
@Abfclasses@CabfDelphiRegPaths
@Abfclasses@EabfChannel@
@Abfclasses@EabfFileVersionInfo@
@Abfclasses@Finalization$qqrv
@Abfclasses@TabfChannel@
@Abfclasses@TabfChannel@$bctr$qqrx17System@AnsiStringpvi
@Abfclasses@TabfChannel@$bdtr$qqrv
@Abfclasses@TabfChannel@Clean$qqrv
@Abfclasses@TabfChannel@Close$qqrv
@Abfclasses@TabfCustomCopyThread@
@Abfclasses@TabfCustomCopyThread@$bctr$qqrx17System@AnsiStringt1ooynpqqrp14System@TObjectuix17System@AnsiString$vynpqqrp14System@TObjectuiuiro$vynpqqrp14System@TObject$vpxv
@Abfclasses@TabfCustomCopyThread@CalcTotalSize$qqrv
@Abfclasses@TabfCustomCopyThread@Cancel$qqrv
@Abfclasses@TabfCustomCopyThread@Copy$qqrv
@Abfclasses@TabfCustomCopyThread@DoError$qqruix17System@AnsiString
@Abfclasses@TabfCustomCopyThread@DoProgress$qqruiui
@Abfclasses@TabfCustomCopyThread@Execute$qqrv
@Abfclasses@TabfCustomCopyThread@FireErrorEvent$qqrv
@Abfclasses@TabfCustomCopyThread@FireProgressEvent$qqrv
@Abfclasses@TabfCustomCopyThread@GetErrorMessage$qqrv
@Abfclasses@TabfCustomCopyThread@SetDstName$qqrx17System@AnsiString
@Abfclasses@TabfCustomCopyThread@SetErrorCode$qqrui
@Abfclasses@TabfCustomCopyThread@SetSrcName$qqrx17System@AnsiString
@Abfclasses@TabfEventThread@
@Abfclasses@TabfEventThread@DoExecute$qqrv
@Abfclasses@TabfEventThread@Execute$qqrv
@Abfclasses@TabfFileVersionInfo@
@Abfclasses@TabfFileVersionInfo@$bctr$qqrx17System@AnsiString
@Abfclasses@TabfFileVersionInfo@$bctr$qqrx17System@AnsiStringi
@Abfclasses@TabfFileVersionInfo@$bdtr$qqrv
@Abfclasses@TabfFileVersionInfo@ExtractLanguageIds$qqrv
@Abfclasses@TabfFileVersionInfo@GetBinFileVersion$qqrv
@Abfclasses@TabfFileVersionInfo@GetBinProductVersion$qqrv
@Abfclasses@TabfFileVersionInfo@GetFileOS$qqrv
@Abfclasses@TabfFileVersionInfo@GetFileSubType$qqrv
@Abfclasses@TabfFileVersionInfo@GetFileType$qqrv
@Abfclasses@TabfFileVersionInfo@GetLanguageCount$qqrv
@Abfclasses@TabfFileVersionInfo@GetLanguageIds$qqri
@Abfclasses@TabfFileVersionInfo@GetLanguageNames$qqri
@Abfclasses@TabfFileVersionInfo@GetUserKey$qqrx17System@AnsiString
@Abfclasses@TabfFileVersionInfo@GetVersionInfo$qqrv
@Abfclasses@TabfFileVersionInfo@GetVersionKeyValue$qqri
@Abfclasses@TabfFileVersionInfo@InitFileFlags$qqrv
@Abfclasses@TabfFileVersionInfo@SetLanguageIndex$qqri
@Abfclasses@TabfFolderMonitorThread@
@Abfclasses@TabfFolderMonitorThread@$bctr$qqrynpqqrv$v
@Abfclasses@TabfFolderMonitorThread@$bdtr$qqrv
@Abfclasses@TabfFolderMonitorThread@Execute$qqrv
@Abfclasses@TabfFolderMonitorThread@SetDirectoryOptions$qqr17System@AnsiStringoui
@Abfclasses@TabfLinkedComponent@
@Abfclasses@TabfLinkedComponent@$bctr$qqrp18Classes@TComponentynpqqrp18Classes@TComponent$v
@Abfclasses@TabfLinkedComponent@Notification$qqrp18Classes@TComponent18Classes@TOperation
@Abfclasses@TabfLocalCopyThread@
@Abfclasses@TabfLocalCopyThread@CalcTotalSize$qqrv
@Abfclasses@TabfLocalCopyThread@Copy$qqrv
@Abfclasses@TabfRegistryMonitorThread@
@Abfclasses@TabfRegistryMonitorThread@$bctr$qqrynpqqrv$v
@Abfclasses@TabfRegistryMonitorThread@$bdtr$qqrv
@Abfclasses@TabfRegistryMonitorThread@Execute$qqrv
@Abfclasses@TabfRegistryMonitorThread@SetRegistryKeyOptions$qqrui17System@AnsiStringoui
@Abfclasses@TabfStringList@
@Abfclasses@TabfStringList@CreateItem$qqrp17System@TMetaClassx17System@AnsiStringt2t2
@Abfclasses@TabfStringList@ExtractName$qqrx17System@AnsiString
@Abfclasses@TabfStringList@ExtractParameter$qqrx17System@AnsiString
@Abfclasses@TabfStringList@ExtractValue$qqrx17System@AnsiString
@Abfclasses@TabfStringList@GetName$qqri
@Abfclasses@TabfStringList@GetParameter$qqrx17System@AnsiString
@Abfclasses@TabfStringList@GetValue$qqrx17System@AnsiString
@Abfclasses@TabfStringList@ParseItem$qqrp17System@TMetaClassx17System@AnsiStringr17System@AnsiStringt3t3
@Abfclasses@TabfStringList@SetName$qqrix17System@AnsiString
@Abfclasses@TabfStringList@SetParameter$qqrx17System@AnsiStringt1
@Abfclasses@TabfStringList@SetValue$qqrx17System@AnsiStringt1
@Abfclasses@TabfThread@
@Abfclasses@TabfThread@DoFinish$qqrv
@Abfclasses@TabfThread@Execute$qqrv
@Abfclasses@TabfThread@Finish$qqrv
@Abfclasses@TabfTimerThread@
@Abfclasses@TabfTimerThread@$bctr$qqro
@Abfclasses@TabfTimerThread@$bdtr$qqrv
@Abfclasses@TabfTimerThread@Execute$qqrv
@Abfclasses@TabfTimerThread@SetInterval$qqrui
@Abfclasses@TabfTimerThread@Stop$qqrv
@Abfclasses@initialization$qqrv
@Abfcomponents@EabfFileStorage@
@Abfcomponents@EabfTrayIcon@
@Abfcomponents@Finalization$qqrv
@Abfcomponents@TabfAutoRun@
@Abfcomponents@TabfAutoRun@$bctr$qqrp18Classes@TComponent
@Abfcomponents@TabfAutoRun@Loaded$qqrv
@Abfcomponents@TabfAutoRun@Register$qqrv
@Abfcomponents@TabfAutoRun@SetAutoRun$qqro
@Abfcomponents@TabfAutoRun@SetFileName$qqrx17System@AnsiString
@Abfcomponents@TabfAutoRun@SetKind$qqr28Abfsysutils@TabfAutoExecKind
@Abfcomponents@TabfAutoRun@UnRegister$qqrv
@Abfcomponents@TabfColorPicker@
@Abfcomponents@TabfColorPicker@$bctr$qqrp18Classes@TComponent
@Abfcomponents@TabfColorPicker@GetColor$qqrv
@Abfcomponents@TabfColorPicker@SetCursor$qqr16Controls@TCursor
@Abfcomponents@TabfColorPicker@Timer$qqrv
@Abfcomponents@TabfColorPicker@UpdateCursor$qqrv
@Abfcomponents@TabfComponent@
@Abfcomponents@TabfCustomFileStorage@
@Abfcomponents@TabfCustomFileStorage@$bctr$qqrp18Classes@TComponent
@Abfcomponents@TabfCustomFileStorage@$bdtr$qqrv
@Abfcomponents@TabfCustomFileStorage@Clear$qqrv
@Abfcomponents@TabfCustomFileStorage@DefineProperties$qqrp14Classes@TFiler
@Abfcomponents@TabfCustomFileStorage@GetDataSize$qqrv
@Abfcomponents@TabfCustomFileStorage@Load$qqrv
@Abfcomponents@TabfCustomFileStorage@LoadFrom$qqrx17System@AnsiString
@Abfcomponents@TabfCustomFileStorage@Loaded$qqrv
@Abfcomponents@TabfCustomFileStorage@ReadFileData$qqrp15Classes@TStream
@Abfcomponents@TabfCustomFileStorage@Save$qqrv
@Abfcomponents@TabfCustomFileStorage@SaveTo$qqrx17System@AnsiString
@Abfcomponents@TabfCustomFileStorage@SetAutoSave$qqro
@Abfcomponents@TabfCustomFileStorage@SetDataSize$qqrui
@Abfcomponents@TabfCustomFileStorage@SetFileName$qqrx17System@AnsiString
@Abfcomponents@TabfCustomFileStorage@SetSaveName$qqrx17System@AnsiString
@Abfcomponents@TabfCustomFileStorage@WriteFileData$qqrp15Classes@TStream
@Abfcomponents@TabfCustomFolderMonitor@
@Abfcomponents@TabfCustomFolderMonitor@$bctr$qqrp18Classes@TComponent
@Abfcomponents@TabfCustomFolderMonitor@$bdtr$qqrv
@Abfcomponents@TabfCustomFolderMonitor@Change$qqrv
@Abfcomponents@TabfCustomFolderMonitor@GetNotifyOptionFlags$qqrv
@Abfcomponents@TabfCustomFolderMonitor@Loaded$qqrv
@Abfcomponents@TabfCustomFolderMonitor@SetActive$qqro
@Abfcomponents@TabfCustomFolderMonitor@SetFilters$qqr62System@%Set$t34Abfcomponents@TFolderMonitorFilter$iuc$0$iuc$5%
@Abfcomponents@TabfCustomFolderMonitor@SetFolder$qqrx17System@AnsiString
@Abfcomponents@TabfCustomFolderMonitor@SetOnChange$qqrynpqqrv$v
@Abfcomponents@TabfCustomFolderMonitor@SetWatchSubTree$qqro
@Abfcomponents@TabfCustomFolderMonitor@Start$qqrv
@Abfcomponents@TabfCustomFolderMonitor@Stop$qqrv
@Abfcomponents@TabfCustomRegistryMonitor@
@Abfcomponents@TabfCustomRegistryMonitor@$bctr$qqrp18Classes@TComponent
@Abfcomponents@TabfCustomRegistryMonitor@$bdtr$qqrv
@Abfcomponents@TabfCustomRegistryMonitor@Change$qqrv
@Abfcomponents@TabfCustomRegistryMonitor@GetNotifyOptionFlags$qqrv
@Abfcomponents@TabfCustomRegistryMonitor@GetRootKey$qqrv
@Abfcomponents@TabfCustomRegistryMonitor@Loaded$qqrv
@Abfcomponents@TabfCustomRegistryMonitor@SetActive$qqro
@Abfcomponents@TabfCustomRegistryMonitor@SetFilters$qqr67System@%Set$t39Abfcomponents@TabfRegistryMonitorFilter$iuc$0$iuc$3%
@Abfcomponents@TabfCustomRegistryMonitor@SetOnChange$qqrynpqqrv$v
@Abfcomponents@TabfCustomRegistryMonitor@SetRegistryKey$qqrx17System@AnsiString
@Abfcomponents@TabfCustomRegistryMonitor@SetRootKey$qqr26Abfsysutils@TabfRegRootKey
@Abfcomponents@TabfCustomRegistryMonitor@SetWatchSubTree$qqro
@Abfcomponents@TabfCustomRegistryMonitor@Start$qqrv
@Abfcomponents@TabfCustomRegistryMonitor@Stop$qqrv
@Abfcomponents@TabfCustomThreadComponent@
@Abfcomponents@TabfCustomThreadComponent@$bctr$qqrp18Classes@TComponent
@Abfcomponents@TabfCustomThreadComponent@$bdtr$qqrv
@Abfcomponents@TabfCustomThreadComponent@CreateThread$qqrv
@Abfcomponents@TabfCustomThreadComponent@DoException$qqrpv
@Abfcomponents@TabfCustomThreadComponent@DoExecute$qqrp14System@TObject
@Abfcomponents@TabfCustomThreadComponent@Execute$qqrv
@Abfcomponents@TabfCustomThreadComponent@GetHandle$qqrv
@Abfcomponents@TabfCustomThreadComponent@GetOnFinish$qqrv
@Abfcomponents@TabfCustomThreadComponent@GetOnTerminate$qqrv
@Abfcomponents@TabfCustomThreadComponent@GetPriority$qqrv
@Abfcomponents@TabfCustomThreadComponent@GetReturnValue$qqrv
@Abfcomponents@TabfCustomThreadComponent@GetSuspended$qqrv
@Abfcomponents@TabfCustomThreadComponent@GetSynchronized$qqrv
@Abfcomponents@TabfCustomThreadComponent@GetTerminated$qqrv
@Abfcomponents@TabfCustomThreadComponent@GetThreadID$qqrv
@Abfcomponents@TabfCustomThreadComponent@InternalSynchronizeEx$qqrv
@Abfcomponents@TabfCustomThreadComponent@Loaded$qqrv
@Abfcomponents@TabfCustomThreadComponent@Resume$qqrv
@Abfcomponents@TabfCustomThreadComponent@SetOnFinish$qqrxynpqqrp14System@TObject$v
@Abfcomponents@TabfCustomThreadComponent@SetOnTerminate$qqrynpqqrp14System@TObject$v
@Abfcomponents@TabfCustomThreadComponent@SetPriority$qqr23Classes@TThreadPriority
@Abfcomponents@TabfCustomThreadComponent@SetReturnValue$qqri
@Abfcomponents@TabfCustomThreadComponent@SetSuspended$qqro
@Abfcomponents@TabfCustomThreadComponent@SetSynchronized$qqro
@Abfcomponents@TabfCustomThreadComponent@Suspend$qqrv
@Abfcomponents@TabfCustomThreadComponent@Synchronize$qqrynpqqrv$v
@Abfcomponents@TabfCustomThreadComponent@SynchronizeEx$qqrynpqqrpv$vpv
@Abfcomponents@TabfCustomThreadComponent@Terminate$qqrv
@Abfcomponents@TabfCustomThreadComponent@TerminateHard$qqrv
@Abfcomponents@TabfCustomThreadComponent@TerminateWaitFor$qqrv
@Abfcomponents@TabfCustomThreadComponent@WaitFor$qqrv
@Abfcomponents@TabfCustomThreadTimer@
@Abfcomponents@TabfCustomThreadTimer@$bctr$qqrp18Classes@TComponent
@Abfcomponents@TabfCustomThreadTimer@$bdtr$qqrv
@Abfcomponents@TabfCustomThreadTimer@CreateThread$qqrv
@Abfcomponents@TabfCustomThreadTimer@GetEnabled$qqrv
@Abfcomponents@TabfCustomThreadTimer@GetInterval$qqrv
@Abfcomponents@TabfCustomThreadTimer@GetOnTimer$qqrv
@Abfcomponents@TabfCustomThreadTimer@GetThread$qqrv
@Abfcomponents@TabfCustomThreadTimer@SetEnabled$qqro
@Abfcomponents@TabfCustomThreadTimer@SetInterval$qqrui
@Abfcomponents@TabfCustomThreadTimer@SetOnTimer$qqrynpqqrp14System@TObject$v
@Abfcomponents@TabfCustomTimer@
@Abfcomponents@TabfCustomTimer@$bctr$qqrp18Classes@TComponent
@Abfcomponents@TabfCustomTimer@$bdtr$qqrv
@Abfcomponents@TabfCustomTimer@SetEnabled$qqro
@Abfcomponents@TabfCustomTimer@SetInterval$qqrui
@Abfcomponents@TabfCustomTimer@SetOnTimer$qqrynpqqrp14System@TObject$v
@Abfcomponents@TabfCustomTimer@Timer$qqrv
@Abfcomponents@TabfCustomTimer@UpdateTimer$qqrv
@Abfcomponents@TabfCustomTimer@WndProc$qqrr17Messages@TMessage
@Abfcomponents@TabfCustomWndProcHook@
@Abfcomponents@TabfCustomWndProcHook@$bctr$qqrp18Classes@TComponent
@Abfcomponents@TabfCustomWndProcHook@$bdtr$qqrv
@Abfcomponents@TabfCustomWndProcHook@GetHandle$qqrv
@Abfcomponents@TabfCustomWndProcHook@GetWinControl$qqrv
@Abfcomponents@TabfCustomWndProcHook@Hook$qqrv
@Abfcomponents@TabfCustomWndProcHook@Loaded$qqrv
@Abfcomponents@TabfCustomWndProcHook@Notification$qqrp18Classes@TComponent18Classes@TOperation
@Abfcomponents@TabfCustomWndProcHook@SetActive$qqro
@Abfcomponents@TabfCustomWndProcHook@SetHandle$qqrui
@Abfcomponents@TabfCustomWndProcHook@SetWinControl$qqrpx20Controls@TWinControl
@Abfcomponents@TabfCustomWndProcHook@UnHook$qqrv
@Abfcomponents@TabfCustomWndProcHook@WndProc$qqrr17Messages@TMessage
@Abfcomponents@TabfFileAssociation@
@Abfcomponents@TabfFileAssociation@$bctr$qqrp18Classes@TComponent
@Abfcomponents@TabfFileAssociation@$bdtr$qqrv
@Abfcomponents@TabfFileAssociation@ChangingAllowed$qqrv
@Abfcomponents@TabfFileAssociation@DeleteAssociation$qqrv
@Abfcomponents@TabfFileAssociation@FixExtension$qqrv
@Abfcomponents@TabfFileAssociation@ReadAssociation$qqrv
@Abfcomponents@TabfFileAssociation@SetEditCommand$qqrx17System@AnsiString
@Abfcomponents@TabfFileAssociation@SetEditCommandDescription$qqrx17System@AnsiString
@Abfcomponents@TabfFileAssociation@SetExtDescription$qqrx17System@AnsiString
@Abfcomponents@TabfFileAssociation@SetExtension$qqrx17System@AnsiString
@Abfcomponents@TabfFileAssociation@SetFileDescription$qqrx17System@AnsiString
@Abfcomponents@TabfFileAssociation@SetIcon$qqrpx14Graphics@TIcon
@Abfcomponents@TabfFileAssociation@SetIconFile$qqrx17System@AnsiString
@Abfcomponents@TabfFileAssociation@SetIconIndex$qqrxi
@Abfcomponents@TabfFileAssociation@SetOpenCommand$qqrx17System@AnsiString
@Abfcomponents@TabfFileAssociation@SetOpenCommandDescription$qqrx17System@AnsiString
@Abfcomponents@TabfFileAssociation@SetOpenNewCommand$qqrx17System@AnsiString
@Abfcomponents@TabfFileAssociation@SetOpenNewCommandDescription$qqrx17System@AnsiString
@Abfcomponents@TabfFileAssociation@SetPrintCommand$qqrx17System@AnsiString
@Abfcomponents@TabfFileAssociation@SetPrintCommandDescription$qqrx17System@AnsiString
@Abfcomponents@TabfFileAssociation@SetPrintToCommand$qqrx17System@AnsiString
@Abfcomponents@TabfFileAssociation@SetPrintToCommandDescription$qqrx17System@AnsiString
@Abfcomponents@TabfFileAssociation@UpdateAssociation$qqrv
@Abfcomponents@TabfFileAssociation@WriteAssociation$qqrv
@Abfcomponents@TabfFileOperation@
@Abfcomponents@TabfFileOperation@$bctr$qqrp18Classes@TComponent
@Abfcomponents@TabfFileOperation@$bdtr$qqrv
@Abfcomponents@TabfFileOperation@Copy$qqrv
@Abfcomponents@TabfFileOperation@Delete$qqrv
@Abfcomponents@TabfFileOperation@Error$qqrx17System@AnsiString
@Abfcomponents@TabfFileOperation@Execute$qqrv
@Abfcomponents@TabfFileOperation@ExecuteOperation$qqr35Abfcomponents@TabfFileOperationType
@Abfcomponents@TabfFileOperation@GetSystemError$qqri
@Abfcomponents@TabfFileOperation@Move$qqrv
@Abfcomponents@TabfFileOperation@Rename$qqrv
@Abfcomponents@TabfFileOperation@SetFileList$qqrpx16Classes@TStrings
@Abfcomponents@TabfFileStorage@
@Abfcomponents@TabfFileStorage@Load$qqrv
@Abfcomponents@TabfFileStorage@LoadFrom$qqrx17System@AnsiString
@Abfcomponents@TabfFileStorage@Save$qqrv
@Abfcomponents@TabfFileStorage@SaveTo$qqrx17System@AnsiString
@Abfcomponents@TabfFolderMonitor@
@Abfcomponents@TabfOneInstance@
@Abfcomponents@TabfOneInstance@$bctr$qqrp18Classes@TComponent
@Abfcomponents@TabfOneInstance@AlreadyRun$qqrv
@Abfcomponents@TabfOneInstance@Check$qqrv
@Abfcomponents@TabfOneInstance@DoActivatePrevInstance$qqrv
@Abfcomponents@TabfOneInstance@DoShowMessage$qqrv
@Abfcomponents@TabfOneInstance@Loaded$qqrv
@Abfcomponents@TabfRegistryMonitor@
@Abfcomponents@TabfShutdown@
@Abfcomponents@TabfShutdown@$bctr$qqrp18Classes@TComponent
@Abfcomponents@TabfShutdown@DoQueryShutdown$qqrro
@Abfcomponents@TabfShutdown@Execute$qqrv
@Abfcomponents@TabfStartButtonProperties@
@Abfcomponents@TabfStartButtonProperties@$bctr$qqrp18Classes@TComponent
@Abfcomponents@TabfStartButtonProperties@$bdtr$qqrv
@Abfcomponents@TabfStartButtonProperties@GetBoundsRect$qqrv
@Abfcomponents@TabfStartButtonProperties@GetCaption$qqrv
@Abfcomponents@TabfStartButtonProperties@GetEnabled$qqrv
@Abfcomponents@TabfStartButtonProperties@GetHeight$qqrv
@Abfcomponents@TabfStartButtonProperties@GetLeft$qqrv
@Abfcomponents@TabfStartButtonProperties@GetTop$qqrv
@Abfcomponents@TabfStartButtonProperties@GetVisible$qqrv
@Abfcomponents@TabfStartButtonProperties@GetWidth$qqrv
@Abfcomponents@TabfStartButtonProperties@SetBounds$qqriiii
@Abfcomponents@TabfStartButtonProperties@SetBoundsRect$qqrrx11Types@TRect
@Abfcomponents@TabfStartButtonProperties@SetCaption$qqrx17System@AnsiString
@Abfcomponents@TabfStartButtonProperties@SetEnabled$qqro
@Abfcomponents@TabfStartButtonProperties@SetHeight$qqri
@Abfcomponents@TabfStartButtonProperties@SetLeft$qqri
@Abfcomponents@TabfStartButtonProperties@SetTop$qqri
@Abfcomponents@TabfStartButtonProperties@SetVisible$qqro
@Abfcomponents@TabfStartButtonProperties@SetWidth$qqri
@Abfcomponents@TabfStartButtonProperties@UpdateBounds$qqrv
@Abfcomponents@TabfThreadComponent@
@Abfcomponents@TabfThreadTimer@
@Abfcomponents@TabfTrayIcon@
@Abfcomponents@TabfTrayIcon@$bctr$qqrp18Classes@TComponent
@Abfcomponents@TabfTrayIcon@$bdtr$qqrv
@Abfcomponents@TabfTrayIcon@Click$qqrv
@Abfcomponents@TabfTrayIcon@DblClick$qqrv
@Abfcomponents@TabfTrayIcon@DeleteFromTray$qqrv
@Abfcomponents@TabfTrayIcon@DoMinimize$qqrv
@Abfcomponents@TabfTrayIcon@DummyOnTimer$qqrp14System@TObject
@Abfcomponents@TabfTrayIcon@GetCycleIcons$qqrv
@Abfcomponents@TabfTrayIcon@GetCycleInterval$qqrv
@Abfcomponents@TabfTrayIcon@Hide$qqrv
@Abfcomponents@TabfTrayIcon@HideMainForm$qqrv
@Abfcomponents@TabfTrayIcon@HookApp$qqrv
@Abfcomponents@TabfTrayIcon@HookAppProc$qqrr17Messages@TMessage
@Abfcomponents@TabfTrayIcon@ImageListChange$qqrp14System@TObject
@Abfcomponents@TabfTrayIcon@InsertToTray$qqrv
@Abfcomponents@TabfTrayIcon@IsIconStored$qqrv
@Abfcomponents@TabfTrayIcon@Loaded$qqrv
@Abfcomponents@TabfTrayIcon@MouseDown$qqr21Controls@TMouseButton46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%ii
@Abfcomponents@TabfTrayIcon@MouseMove$qqr46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%ii
@Abfcomponents@TabfTrayIcon@MouseUp$qqr21Controls@TMouseButton46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%ii
@Abfcomponents@TabfTrayIcon@Notification$qqrp18Classes@TComponent18Classes@TOperation
@Abfcomponents@TabfTrayIcon@PrepareNotifyIconData$qqrv
@Abfcomponents@TabfTrayIcon@SetCycleIcons$qqro
@Abfcomponents@TabfTrayIcon@SetCycleInterval$qqrui
@Abfcomponents@TabfTrayIcon@SetEnabled$qqro
@Abfcomponents@TabfTrayIcon@SetHint$qqrx17System@AnsiString
@Abfcomponents@TabfTrayIcon@SetIcon$qqrpx14Graphics@TIcon
@Abfcomponents@TabfTrayIcon@SetIconByImageIndex$qqrv
@Abfcomponents@TabfTrayIcon@SetIconID$qqri
@Abfcomponents@TabfTrayIcon@SetImageIndex$qqri
@Abfcomponents@TabfTrayIcon@SetImageList$qqrpx19Controls@TImageList
@Abfcomponents@TabfTrayIcon@SetInfoText$qqrx17System@AnsiString
@Abfcomponents@TabfTrayIcon@SetInfoTimeOut$qqri
@Abfcomponents@TabfTrayIcon@SetInfoTitle$qqrx17System@AnsiString
@Abfcomponents@TabfTrayIcon@SetInfoType$qqr34Abfcomponents@TabfTrayIconInfoType
@Abfcomponents@TabfTrayIcon@SetPopupMenu$qqrpx16Menus@TPopupMenu
@Abfcomponents@TabfTrayIcon@SetShowHint$qqro
@Abfcomponents@TabfTrayIcon@SetVisible$qqro
@Abfcomponents@TabfTrayIcon@SetVisibleOnDesigning$qqro
@Abfcomponents@TabfTrayIcon@Show$qqrv
@Abfcomponents@TabfTrayIcon@ShowBalloon$qqrv
@Abfcomponents@TabfTrayIcon@ShowCustomInfo$qqr34Abfcomponents@TabfTrayIconInfoTypex17System@AnsiStringt2
@Abfcomponents@TabfTrayIcon@ShowInfo$qqrv
@Abfcomponents@TabfTrayIcon@ShowMainForm$qqrv
@Abfcomponents@TabfTrayIcon@ShowPopup$qqrv
@Abfcomponents@TabfTrayIcon@Timer$qqrv
@Abfcomponents@TabfTrayIcon@UnhookApp$qqrv
@Abfcomponents@TabfTrayIcon@Update$qqrv
@Abfcomponents@TabfTrayIcon@WndProc$qqrr17Messages@TMessage
@Abfcomponents@TabfWav@
@Abfcomponents@TabfWav@$bctr$qqrp18Classes@TComponent
@Abfcomponents@TabfWav@$bdtr$qqrv
@Abfcomponents@TabfWav@IsEventAliasStored$qqrv
@Abfcomponents@TabfWav@IsFileNameStored$qqrv
@Abfcomponents@TabfWav@IsResourceNameStored$qqrv
@Abfcomponents@TabfWav@Play$qqrv
@Abfcomponents@TabfWav@SetAsyncPlay$qqro
@Abfcomponents@TabfWav@SetEventAlias$qqrx17System@AnsiString
@Abfcomponents@TabfWav@SetFileName$qqrx17System@AnsiString
@Abfcomponents@TabfWav@SetLooped$qqro
@Abfcomponents@TabfWav@SetNoWaitIfBusy$qqro
@Abfcomponents@TabfWav@SetPlayFrom$qqr29Abfcomponents@TabfWavPlayFrom
@Abfcomponents@TabfWav@SetResourceName$qqrx17System@AnsiString
@Abfcomponents@TabfWav@Stop$qqrv
@Abfcomponents@TabfWav@UpdateSoundOptions$qqrv
@Abfcomponents@TabfWndProcHook@
@Abfcomponents@initialization$qqrv
@Abfconsts@CabfBooleanValues
@Abfconsts@Finalization$qqrv
@Abfconsts@clABFLink
@Abfconsts@initialization$qqrv
@Abfgraphics@CabfBackgroundColors
@Abfgraphics@CabfColors16
@Abfgraphics@CabfColors2
@Abfgraphics@CabfColors8
@Abfgraphics@CabfTextColors
@Abfgraphics@Finalization$qqrv
@Abfgraphics@abfColorToABGR$qqr15Graphics@TColor
@Abfgraphics@abfColorToARGB$qqr15Graphics@TColor
@Abfgraphics@abfColorToBGRA$qqr15Graphics@TColor
@Abfgraphics@abfColorToIdent$qqrir17System@AnsiString
@Abfgraphics@abfColorToRGBA$qqr15Graphics@TColor
@Abfgraphics@abfColorToString$qqr15Graphics@TColor
@Abfgraphics@abfDialogUnitsToPixelsX$qqrus
@Abfgraphics@abfDialogUnitsToPixelsY$qqrus
@Abfgraphics@abfDrawGradient$qqrpx16Graphics@TCanvasrx11Types@TRect15Graphics@TColort3o
@Abfgraphics@abfDrawText$qqrpx16Graphics@TCanvasx17System@AnsiStringr11Types@TRect15Graphics@TColoroi
@Abfgraphics@abfDrawTextBorder$qqrpx16Graphics@TCanvasx17System@AnsiStringrx11Types@TRect15Graphics@TColort4iii
@Abfgraphics@abfDrawTextShadow$qqrpx16Graphics@TCanvasx17System@AnsiStringr11Types@TRect15Graphics@TColort4iii
@Abfgraphics@abfDrawWideBorder$qqrpx16Graphics@TCanvasrx11Types@TRect15Graphics@TColori
@Abfgraphics@abfFillRect$qqruirx11Types@TRect15Graphics@TColor
@Abfgraphics@abfFrameRect$qqruirx11Types@TRect15Graphics@TColor
@Abfgraphics@abfGetAverageCharSize$qqrp16Graphics@TCanvas
@Abfgraphics@abfGetColorUnderCursor$qqrv
@Abfgraphics@abfGetColorValues$qqrynpqqrx17System@AnsiString$v
@Abfgraphics@abfGetCurrentBPP$qqrv
@Abfgraphics@abfIdentToColor$qqrx17System@AnsiStringri
@Abfgraphics@abfPixelsToDialogUnitsX$qqrus
@Abfgraphics@abfPixelsToDialogUnitsY$qqrus
@Abfgraphics@abfSetLayeredWindowAttributes$qqruiuiucui
@Abfgraphics@abfStringToColor$qqrx17System@AnsiString
@Abfgraphics@initialization$qqrv
@Abfsysutils@Finalization$qqrv
@Abfsysutils@IntPower$qqrgi
@Abfsysutils@IsWin2000
@Abfsysutils@IsWin2000orHigher
@Abfsysutils@IsWin2003
@Abfsysutils@IsWin2K
@Abfsysutils@IsWin95
@Abfsysutils@IsWin95OSR2
@Abfsysutils@IsWin98
@Abfsysutils@IsWin98SE
@Abfsysutils@IsWin98orHigher
@Abfsysutils@IsWin9x
@Abfsysutils@IsWinME
@Abfsysutils@IsWinNT
@Abfsysutils@IsWinNT3
@Abfsysutils@IsWinNT4
@Abfsysutils@IsWinXP
@Abfsysutils@IsWinXPorHigher
@Abfsysutils@Max$qqrii
@Abfsysutils@Min$qqrii
@Abfsysutils@Power$qqrgg
@Abfsysutils@SAppPath
@Abfsysutils@abfAddChar$qqrx17System@AnsiStringc

Sections

.text
Size: 722KB - Virtual size: 724KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 44KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 414KB - Virtual size: 414KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 668KB

UPX1 Size: 650KB - Virtual size: 652KB

.rsrc Size: 28KB - Virtual size: 28KB

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 722KB - Virtual size: 724KB

.data Size: 33KB - Virtual size: 52KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 12KB - Virtual size: 12KB

.edata Size: 44KB - Virtual size: 48KB

.rsrc Size: 414KB - Virtual size: 414KB

.reloc Size: 47KB - Virtual size: 48KB

UPX0
Size: - Virtual size: 668KB

UPX1
Size: 650KB - Virtual size: 652KB

.rsrc
Size: 28KB - Virtual size: 28KB

.text
Size: 722KB - Virtual size: 724KB

.data
Size: 33KB - Virtual size: 52KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 12KB - Virtual size: 12KB

.edata
Size: 44KB - Virtual size: 48KB

.rsrc
Size: 414KB - Virtual size: 414KB

.reloc
Size: 47KB - Virtual size: 48KB