c132171d3c5307cdfcbb463db9e5bb55_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c132171d3c5307cdfcbb463db9e5bb55_JaffaCakes118
Size

2.2MB
MD5

c132171d3c5307cdfcbb463db9e5bb55
SHA1

398067bcb4da5e46585c650a863f26979b72e743
SHA256

39d62c26e9d37dc97348a35534ac9da922bb6cb853a3c53ab0772047a6c55ea5
SHA512

97605b325a2c48824f41828e9fb8491994dcf43cd4d438b9ddbf4f9d6eedf4d6db63f154b9ba43b92976b2730e9475cf5fbfc8fb50ebdfebda847de1aea09911
SSDEEP

49152:75uUvuY309Z0iVsb7t5XDhAvOesw9gMb2sEcR3MiUfwGBJwJESuEGYzK5e:7/T+2vAsw9L2Da1kwGBWtu8zKo

Score

3^/10

Malware Config

Signatures

Unsigned PE 12 IoCs

Checks for missing Authenticode signature.

resource
unpack001/程序/bin/App_Code.dll
unpack001/程序/bin/App_WebReferences.dll
unpack001/程序/bin/App_Web_fc-a2i71.dll
unpack001/程序/bin/App_Web_gbwk-1do.dll
unpack001/程序/bin/App_Web_gdhwqnt1.dll
unpack001/程序/bin/App_Web_tqu3m3cf.dll
unpack001/程序/bin/App_Web_uo_6kx1m.dll
unpack001/程序/bin/App_Web_uslk8gos.dll
unpack001/程序/bin/App_Web_yloprjvm.dll
unpack001/程序/bin/App_Web_zozjfr5w.dll
unpack001/程序/bin/Intelligencia.UrlRewriter.dll
unpack001/程序/bin/qicms.dll

Files

c132171d3c5307cdfcbb463db9e5bb55_JaffaCakes118
.rar
v2.0sql版升级到v2.5sql版.txt
升级报告.txt
安装说明.txt
程序/PrecompiledApp.config
程序/Web.Config
.xml
程序/adddianpu.aspx
.js
程序/admin/AddLinkAge.aspx
.js
程序/admin/Viewstore.aspx
.asp .js polyglot
程序/admin/addadmin.aspx
.js
程序/admin/addstore.aspx
.asp .js polyglot
程序/admin/addzheq.aspx
.js
程序/admin/bots.aspx
程序/admin/bots_view.aspx
.js
程序/admin/comment.aspx
程序/admin/config.aspx
程序/admin/css/ka.js
.js
程序/admin/css/style.css
程序/admin/custom.aspx
程序/admin/dq.aspx
程序/admin/excel.aspx
程序/admin/huiyuan.aspx
程序/admin/image/add_01.jpg
.jpg
程序/admin/image/button.gif
.gif
程序/admin/image/dian.gif
.gif
程序/admin/image/dixian.jpg
.jpg
程序/admin/image/dixian2.jpg
.jpg
程序/admin/image/l_now.gif
.gif
程序/admin/image/l_topbg.gif
.gif
程序/admin/image/left_bg.gif
.gif
程序/admin/image/line.gif
.gif
程序/admin/image/menu_bgs.gif
.gif
程序/admin/image/now.gif
.gif
程序/admin/image/sanjiao.gif
.gif
程序/admin/image/top_bg.gif
.gif
程序/admin/image/top_imgbg.gif
.gif
程序/admin/imagelist.aspx
程序/admin/images/fox.css
程序/admin/images/icon-demo.gif
.gif
程序/admin/images/icon-login-seaver.gif
.gif
程序/admin/images/login-buttom-bg.gif
.gif
程序/admin/images/login-content-bg.gif
.gif
程序/admin/images/login-top-bg.gif
.gif
程序/admin/images/login-wel.gif
.gif
程序/admin/images/login_bg.jpg
.jpg
程序/admin/images/logo.png
.png
程序/admin/images/luck.gif
.gif
程序/admin/images/skin.css
程序/admin/index.aspx
.asp
程序/admin/ka.aspx
程序/admin/kindeditor/index.css
程序/admin/kindeditor/kindeditor.js
.js
程序/admin/kindeditor/plugins/about.htm
程序/admin/kindeditor/plugins/emoticons/etc_01.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_02.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_03.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_04.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_05.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_06.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_07.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_08.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_09.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_10.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_11.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_12.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_13.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_14.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_15.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_16.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_17.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_18.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_19.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_20.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_21.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_22.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_23.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_24.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_25.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_26.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_27.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_28.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_29.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_30.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_31.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_32.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_33.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_34.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_35.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_36.gif
.gif
程序/admin/kindeditor/plugins/flash.htm
程序/admin/kindeditor/plugins/image.htm
程序/admin/kindeditor/plugins/link.htm
程序/admin/kindeditor/plugins/media.htm
程序/admin/kindeditor/plugins/plainpaste.htm
程序/admin/kindeditor/plugins/remote_image.htm
程序/admin/kindeditor/plugins/upload.aspx
程序/admin/kindeditor/plugins/wordpaste.htm
.js
程序/admin/kindeditor/skins/default.css
程序/admin/kindeditor/skins/default.gif
.gif
程序/admin/kindeditor/skins/div.gif
.gif
程序/admin/kindeditor/skins/dl.gif
.gif
程序/admin/kindeditor/skins/editor.css
程序/admin/kindeditor/skins/ol.gif
.gif
程序/admin/kindeditor/skins/p.gif
.gif
程序/admin/kindeditor/skins/tinymce.css
程序/admin/kindeditor/skins/tinymce.gif
.gif
程序/admin/kindeditor/skins/ul.gif
.gif
程序/admin/lb.aspx
.asp
程序/admin/left.aspx
程序/admin/login.aspx
.js
程序/admin/moban.aspx
.js
程序/admin/music.aspx
.js
程序/admin/news/CheckList.js
.js
程序/admin/news/article.aspx
.js
程序/admin/news/class.aspx
程序/admin/news/edit.aspx
.js
程序/admin/news/index.aspx
程序/admin/news/s.aspx
程序/admin/news/upimg.aspx
程序/admin/right.aspx
程序/admin/s.aspx
程序/admin/top.aspx
程序/admin/tousu.aspx
程序/admin/upload.aspx
.js
程序/bin/App_Code.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
程序/bin/App_WebReferences.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
程序/bin/App_Web_fc-a2i71.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
程序/bin/App_Web_gbwk-1do.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
程序/bin/App_Web_gdhwqnt1.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
程序/bin/App_Web_tqu3m3cf.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
程序/bin/App_Web_uo_6kx1m.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
程序/bin/App_Web_uslk8gos.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
程序/bin/App_Web_yloprjvm.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
程序/bin/App_Web_zozjfr5w.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
程序/bin/Intelligencia.UrlRewriter.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
程序/bin/qicms.dll
.dll windows:4 windows x86 arch:x86

5946102212fc38379f0a7686424bedc7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy
LocalAlloc

version

VerQueryValueA

psapi

GetModuleInformation

iphlpapi

GetAdaptersInfo

user32

DestroyMenu

gdi32

ScaleViewportExtEx

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA

advapi32

RegEnumKeyA

comctl32

ord17

shlwapi

PathFindExtensionA

oleaut32

VariantChangeType

Exports

Exports

A6F86D2D67D9403eA725820C4EF210A2
A6F92A92B69B4082AB0F9C7A9C1FF10C
CheckRuntime
EC1DB9C1620C48588C4701045B242FA9
GetCpuID
GetCpuIDW
GetDiskID
GetDiskIDW
GetMacID
GetMacIDW
GetModuleBase
MainDLL
_CorExeMain

Sections

.text
Size: 104KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 656KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 476KB - Virtual size: 476KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
程序/bottom.ascx
程序/dazheka.aspx
.js
程序/huiyuan/addshop.css
程序/huiyuan/dianpu.aspx
程序/huiyuan/image/dashanghu.gif
.gif
程序/huiyuan/image/daxiahu.gif
.gif
程序/huiyuan/image/lvshanghu.gif
.gif
程序/huiyuan/image/lvxiahu.gif
.gif
程序/huiyuan/image/shanghu.gif
.gif
程序/huiyuan/image/xiahu.gif
.gif
程序/huiyuan/index.aspx
.js
程序/huiyuan/login.aspx
程序/huiyuan/reg.aspx
.js
程序/images/8_online.gif
.gif
程序/images/ajax.gif
.gif
程序/images/datetime.gif
.gif
程序/images/dayintubiao.jpg
.jpg
程序/images/dazheka.jpg
.jpg
程序/images/detail_10-r.gif
.gif
程序/images/detail_12.gif
.gif
程序/images/detail_13-r.gif
.gif
程序/images/detail_17.gif
.gif
程序/images/detail_18-r.gif
.gif
程序/images/dianpu_index_dengji.jpg
.jpg
程序/images/fenhong_xiao2.jpg
.jpg
程序/images/guestbook.gif
.gif
程序/images/h_dash1.gif
.gif
程序/images/ing.gif
.gif
程序/images/logo.gif
.gif
程序/images/lvse_pingpu.jpg
.jpg
程序/images/lvse_youhu.jpg
.jpg
程序/images/lvse_zuohu.jpg
.jpg
程序/images/menu_bg.gif
.gif
程序/images/menu_bg_l.gif
.gif
程序/images/menu_bg_r.gif
.gif
程序/images/menu_pp.jpg
.jpg
程序/images/middle_one_zuiyou_pingpu.jpg
.jpg
程序/images/middle_one_zuiyou_pingpu2.jpg
.jpg
程序/images/pic_bg.jpg
.jpg
程序/images/prints.jpg
.jpg
程序/images/repeat_y.jpg
.jpg
程序/images/shop_topb-r.gif
.gif
程序/images/shop_topbg-r.gif
.gif
程序/images/shuiyin.png
.png
程序/images/tanhao.jpg
.jpg
程序/images/top_01.gif
.gif
程序/images/top_02.gif
.gif
程序/images/top_end_bg.gif
.gif
程序/images/top_end_bg21.jpg
.jpg
程序/images/top_end_bg22.jpg
.jpg
程序/images/top_end_bg31.jpg
.jpg
程序/images/top_end_bg32.jpg
.jpg
程序/images/top_end_bg33.gif
.gif
程序/images/topnav_link.gif
.gif
程序/images/topnav_up.gif
.gif
程序/images/user.jpg
.jpg
程序/images/user_index_top.jpg
.jpg
程序/images/user_menu_pingpu.jpg
.jpg
程序/images/woyaodianping.jpg
.jpg
程序/images/xiangxi_menu_pingpu2.jpg
.jpg
程序/images/xiaodian.jpg
.jpg
程序/images/xiaosanjiao.jpg
.jpg
程序/images/xiesanjiao.jpg
.jpg
程序/images/yn_icon_mapbluebg_2x29.gif
.gif
程序/images/yn_icon_mapblueleft_22x29.gif
.gif
程序/images/yn_icon_mapblueright_10x29.gif
.gif
程序/images/youhuiquan.gif
.gif
程序/images/zhuyishixiang_pingpu.jpg
.jpg
程序/images/娱乐券.jpg
.jpg
程序/images/生活券.jpg
.jpg
程序/images/美食券.jpg
.jpg
程序/images/购物券.jpg
.jpg
程序/inc/RandomImage.aspx
程序/inc/ajax.aspx
.asp
程序/inc/ajax.js
.js
程序/inc/css.css
程序/inc/houtaicss.css
程序/inc/lightbox.js
.js
程序/inc/lightbox/images/blank.gif
.gif
程序/inc/lightbox/images/closelabel.gif
.gif
程序/inc/lightbox/images/loading.gif
.gif
程序/inc/lightbox/images/nextlabel.gif
.gif
程序/inc/lightbox/images/prevlabel.gif
.gif
程序/inc/lightbox/images/printlabel.gif
.gif
程序/inc/lightbox/js.js
.js
程序/inc/lightbox/style.css
程序/inc/loading.js
.js
程序/inc/rq.js
.js
程序/inc/scrollhuiyuan.js
.js
程序/inc/scrollpic.js
.js
程序/inc/shenqing.css
程序/inc/star.js
.js
程序/inc/szr.js
.js
程序/inc/tb.js
.js
程序/inc/xiangxi.css
程序/inc/zhe.css
程序/index.aspx
程序/install/alert.gif
.gif
程序/install/error.gif
.gif
程序/install/index.aspx
.asp .js polyglot
程序/install/install.css
程序/install/ok.gif
.gif
程序/install/qicms.gif
.gif
程序/install/sql.sql
程序/install/sql2.sql
.vbs
程序/install/sql3.sql
程序/js.aspx
程序/news/css/news.css
程序/news/css/official.css
程序/news/images/002a.jpg
.jpg
程序/news/images/banner.jpg
.jpg
程序/news/images/banner2.jpg
.jpg
程序/news/images/banner3.jpg
.jpg
程序/news/images/banner_plugin.jpg
.jpg
程序/news/images/clo_nav_top_bg.jpg
.jpg
程序/news/images/col_case.jpg
.jpg
程序/news/images/col_market.jpg
.jpg
程序/news/images/col_nav_a_bg.jpg
.jpg
程序/news/images/col_nav_bot_bg.jpg
.jpg
程序/news/images/col_nav_li_bg.jpg
.jpg
程序/news/images/col_templaet.jpg
.jpg
程序/news/images/col_templaet2.jpg
.jpg
程序/news/images/dian.gif
.gif
程序/news/images/enjoy.jpg
.jpg
程序/news/images/foot_bg.gif
.gif
程序/news/images/hongxin.gif
.gif
程序/news/images/index_x.jpg
.jpg
程序/news/images/into_30.gif
.gif
程序/news/images/main_bg.jpg
.jpg
程序/news/images/menu_hover.gif
.gif
程序/news/images/pingpu.gif
.gif
程序/news/images/wo_12.gif
.gif
程序/news/index.aspx
.asp
程序/news/xiangxi.aspx
程序/pinglun.aspx
程序/print.aspx
程序/search.aspx
程序/sitemap.aspx
程序/tishi.aspx
程序/toleave.aspx
.js
程序/top.ascx
程序/xiangxi.aspx
.js
程序/youhuiquan.aspx
程序/新云软件.url
.url
进入QICMS官方网站.url
进入QICMS官方论坛.url

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 52KB - Virtual size: 52KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 28KB - Virtual size: 28KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 5KB - Virtual size: 5KB

.rsrc Size: 1024B - Virtual size: 712B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 48KB - Virtual size: 48KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 24KB - Virtual size: 24KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 44KB - Virtual size: 44KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 24KB - Virtual size: 24KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 36KB - Virtual size: 35KB

.rsrc Size: 4KB - Virtual size: 712B

.reloc Size: 28KB - Virtual size: 24KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 108KB - Virtual size: 108KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 56KB - Virtual size: 56KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 32KB - Virtual size: 32KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 20KB - Virtual size: 20KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

.text
Size: 52KB - Virtual size: 52KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 28KB - Virtual size: 28KB

.text
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1024B - Virtual size: 712B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 48KB - Virtual size: 48KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 24KB - Virtual size: 24KB

.text
Size: 44KB - Virtual size: 44KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 24KB - Virtual size: 24KB

.text
Size: 36KB - Virtual size: 35KB

.rsrc
Size: 4KB - Virtual size: 712B

.reloc
Size: 28KB - Virtual size: 24KB

.text
Size: 108KB - Virtual size: 108KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 56KB - Virtual size: 56KB

.text
Size: 32KB - Virtual size: 32KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 20KB - Virtual size: 20KB

.text
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 712B

.reloc
Size: 16KB - Virtual size: 12KB

.text
Size: 28KB - Virtual size: 28KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 20KB - Virtual size: 20KB

.text
Size: 32KB - Virtual size: 32KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 20KB - Virtual size: 20KB

.text
Size: 44KB - Virtual size: 41KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 104KB - Virtual size: 236KB

.rsrc
Size: 20KB - Virtual size: 17KB

.idata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 656KB

.data
Size: 476KB - Virtual size: 476KB

.data
Size: 4KB - Virtual size: 4KB