d1d768d579a494980aa8b84398f4a62f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d1d768d579a494980aa8b84398f4a62f_JaffaCakes118
Size

634KB
MD5

d1d768d579a494980aa8b84398f4a62f
SHA1

8a1f655de356bb97b5820952695c312a972cde37
SHA256

02c27dae52ad83627e8b90d878cb51a921e72d1b8de8879380ded0768e603c1d
SHA512

47a695b1a7ff323c7dc8b59b4cb2cb0bb81628299059dc67825d3f8f2753ca89ad131a81ab3c348a9c341a8698a6064c38eec41350e0aea7cf1a2366117c52bc
SSDEEP

12288:oS+qjwncqmOMwrTcEtwTiFQZ2zAEJx1CUVeeqveoUlaNkNe5:oSVjwlAwrjwTiFQ+jCUgeqveoU0R

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ASIdle.dll
unpack001/AutoShutdown.exe
unpack001/TEMP/W32INST_PATH_
unpack001/UNINSTALL_PATH

Files

d1d768d579a494980aa8b84398f4a62f_JaffaCakes118
.rar
ASIdle.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

?IdleTime_GetLastInputTime@@YAKXZ
?IdleTime_GetLastInputType@@YAKXZ
?IdleTime_Init@@YAHXZ
?IdleTime_Reset@@YAXXZ
?IdleTime_SetKeyboardTrack@@YAXH@Z
?IdleTime_SetMouseTrack@@YAXH@Z
?IdleTime_Term@@YAXXZ

Sections

.text
Size: 35KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ASIdle
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
AutoShutdown.exe
.exe windows:4 windows x86 arch:x86

81552d2c90c63102060e67fe9ce6cbca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

asidle

?IdleTime_Term@@YAXXZ
?IdleTime_SetKeyboardTrack@@YAXH@Z
?IdleTime_SetMouseTrack@@YAXH@Z
?IdleTime_Init@@YAHXZ
?IdleTime_GetLastInputTime@@YAKXZ
?IdleTime_Reset@@YAXXZ

kernel32

SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
IsBadReadPtr
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
SetEnvironmentVariableA
HeapSize
InterlockedExchange
GetACP
GetFileType
GetLocaleInfoA
GetThreadLocale
GetVersionExA
SizeofResource
LockResource
LoadResource
FindResourceA
WideCharToMultiByte
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
GetDriveTypeA
CopyFileA
DeleteFileA
CloseHandle
ReleaseMutex
GetLastError
CreateMutexA
GetVersion
MultiByteToWideChar
lstrcmpiA
lstrlenA
GetCPInfo
lstrlenW
WaitForSingleObject
GetTickCount
SetLastError
CreateRemoteThread
GetExitCodeProcess
DuplicateHandle
GetCurrentProcess
GetModuleHandleA
GetCurrentProcessId
OpenProcess
SetStdHandle
HeapReAlloc
GetCommandLineA
GetStartupInfoA
VirtualQuery
GetSystemInfo
VirtualAlloc
GetSystemTimeAsFileTime
ExitProcess
RtlUnwind
SetErrorMode
FindResourceExA
GetOEMCP
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
InterlockedIncrement
GlobalFlags
LeaveCriticalSection
EnterCriticalSection
LocalAlloc
FindNextFileA
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetPrivateProfileIntA
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
GetComputerNameA
GetLocalTime
lstrcpyA
VirtualProtect
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
InterlockedDecrement
MulDiv
GlobalFree
FreeResource
GetCurrentThreadId
GlobalAlloc
CancelWaitableTimer
SystemTimeToFileTime
LocalFileTimeToFileTime
CreateWaitableTimerA
SetWaitableTimer
GetComputerNameExA
CompareStringW
CompareStringA
GetTimeZoneInformation
TerminateProcess
HeapFree
HeapAlloc
GetSystemPowerStatus
FormatMessageA
LocalFree
SetSystemPowerState
lstrcpynA
GlobalLock
GlobalSize
GlobalUnlock
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentDirectoryA
SetCurrentDirectoryA
CreateDirectoryA
GetTempPathA
Sleep
GetFileAttributesA
GetModuleFileNameA
GetDateFormatA
GetTimeFormatA

user32

SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
GetKeyState
EqualRect
DeferWindowPos
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
IntersectRect
IsIconic
GetWindowPlacement
EndPaint
BeginPaint
GetWindowDC
UnhookWindowsHookEx
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
EndDialog
EmptyClipboard
SetClipboardData
SetCursorPos
AdjustWindowRectEx
CharUpperA
keybd_event
GetCapture
OpenDesktopA
EnumDesktopWindows
AdjustWindowRect
GetWindow
SetMenu
GetMenu
DrawIcon
IsRectEmpty
wsprintfA
MoveWindow
CheckMenuRadioItem
GetMenuStringA
ScreenToClient
MessageBoxIndirectA
RegisterWindowMessageA
GetAsyncKeyState
UnregisterHotKey
RegisterHotKey
SetForegroundWindow
SetActiveWindow
BringWindowToTop
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
EnumWindowStationsA
SendMessageA
LoadStringA
ShowWindow
GetMenuCheckMarkDimensions
GetWindowRect
GetClientRect
GetDC
ReleaseDC
GetDesktopWindow
EnableWindow
LoadImageA
GetSysColor
UpdateWindow
GetUserObjectInformationA
OpenInputDesktop
CloseDesktop
OpenWindowStationA
EnumDesktopsA
CloseWindowStation
PostQuitMessage
LoadIconA
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
UnregisterClassA
OpenClipboard
KillTimer
ReleaseCapture
GetCursorPos
SetCapture
LoadCursorA
IsWindowEnabled
MessageBeep
IsWindowVisible
GetFocus
PtInRect
SetTimer
EnumWindows
SendMessageTimeoutA
GetWindowThreadProcessId
GetClassNameA
MsgWaitForMultipleObjects
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
SetMenuItemBitmaps
SetParent
LockWindowUpdate
GetDCEx
TrackPopupMenuEx
SetCursor
DestroyCursor
DestroyMenu
GetWindowLongA
WindowFromPoint
GetNextDlgTabItem
GetActiveWindow
ClientToScreen
DrawFocusRect
FrameRect
InflateRect
DrawStateA
GetMenuItemInfoA
GetSystemMetrics
SystemParametersInfoA
DrawIconEx
DestroyIcon
GrayStringA
SetRectEmpty
ValidateRect
MapDialogRect
ExitWindowsEx
InvalidateRect
RedrawWindow
IsWindow
PostMessageA
GetParent
MessageBoxA
WinHelpA
FindWindowA
SetRect
CopyRect
OffsetRect
FillRect
GetSysColorBrush
LoadBitmapA
WindowFromDC
DrawEdge
CreateMenu
CreatePopupMenu
DeleteMenu
AppendMenuA
DrawTextExA
DrawTextA
TabbedTextOutA
ModifyMenuA
GetSubMenu
GetMenuState
GetMenuItemID
GetMenuItemCount
IsChild

gdi32

SelectClipRgn
CreateRectRgn
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
StretchDIBits
GetCharWidthA
CreateFontA
GetBkColor
SetRectRgn
CombineRgn
DPtoLP
EnumFontFamiliesExA
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetBkMode
RestoreDC
SaveDC
Polygon
UnrealizeObject
CreatePatternBrush
SetBrushOrgEx
SetStretchBltMode
StretchBlt
CreateBitmap
SetBkColor
SetTextColor
GetStockObject
GetTextExtentPoint32W
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetTextExtentPoint32A
SetPixel
GetPixel
PatBlt
Rectangle
Ellipse
GetBkMode
GetDeviceCaps
CreateCompatibleBitmap
CreateFontIndirectA
CreatePen
CreateCompatibleDC
CreateDIBSection
SelectObject
BitBlt
CreateSolidBrush
DeleteDC
GetObjectA
DeleteObject
GetTextCharsetInfo

msimg32

GradientFill

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

AllocateAndInitializeSid
GetUserNameA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
DeregisterEventSource
ReportEventA
RegisterEventSourceA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
InitiateSystemShutdownA
RegFlushKey
FreeSid
RegQueryValueA
RegEnumKeyA
RegOpenKeyA

shell32

ShellExecuteExA
SHQueryRecycleBinA
SHEmptyRecycleBinA
SHGetMalloc
SHGetDesktopFolder
Shell_NotifyIconA
ExtractIconA
SHGetFileInfoA
SHGetSpecialFolderPathA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA

comctl32

_TrackMouseEvent
ImageList_Destroy
ImageList_Create
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_GetIconSize
ImageList_Draw
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_GetImageCount
ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
UrlUnescapeA
PathFindExtensionA

ole32

CoInitialize
CoUninitialize

oleaut32

SystemTimeToVariantTime
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
VariantTimeToSystemTime

winmm

PlaySoundA

wsock32

WSAStartup
inet_addr
gethostname
gethostbyname

wininet

HttpOpenRequestA
InternetConnectA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
HttpQueryInfoA
HttpAddRequestHeadersA
InternetQueryDataAvailable
InternetCanonicalizeUrlA
InternetCrackUrlA
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
FindCloseUrlCache
DeleteUrlCacheEntry

powrprof

IsPwrSuspendAllowed
IsPwrHibernateAllowed

Sections

.rdata
Size: 141KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 417KB - Virtual size: 440KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 785KB - Virtual size: 788KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
AutoShutdown.hlp
AutoShutdown.log
TEMP/W32INST_PATH_
.dll windows:4 windows x86 arch:x86

26aa670a35af307317f8e1cc200b920a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadFile
CreateFileA
CloseHandle
lstrcatA
GetSystemDirectoryA
GlobalLock
GetLastError
GetVersionExA
lstrcmpA
GlobalAlloc
LocalFree
GlobalFree
DeleteFileA
lstrcpyA
GlobalUnlock
MultiByteToWideChar
lstrlenA
lstrcmpiA
CopyFileA
WriteFile
GetFileAttributesA
FormatMessageA
Sleep
CreateDirectoryA

user32

wsprintfA
MessageBoxA
CharNextA

advapi32

LockServiceDatabase
OpenServiceA
CloseServiceHandle
UnlockServiceDatabase
RegCreateKeyExA
ChangeServiceConfigA
RegCloseKey
RegOpenKeyExA
RegEnumKeyA
OpenSCManagerA
RegSetValueExA
CreateServiceA
RegQueryValueExA

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

ole32

CoInitialize
CoCreateInstance
CoUninitialize

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

DoService
IsAdmin
ShellLink
g

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 498B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UNINSTALL_PATH
.exe windows:4 windows x86 arch:x86

1253fca4d360ee1861d91e5029004cf5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
FindFirstFileA
FindNextFileA
FindClose
WaitForSingleObject
MoveFileExA
GetVersionExA
CreateDirectoryA
LocalFree
FormatMessageA
GetLastError
SizeofResource
CreateProcessA
RemoveDirectoryA
GetFileAttributesA
GetPrivateProfileIntA
SetErrorMode
GlobalAlloc
GlobalLock
DeleteFileA
FreeResource
WinExec
lstrcatA
LoadLibraryA
GetProcAddress
FreeLibrary
GetWindowsDirectoryA
GlobalUnlock
GlobalFree
OpenFile
lstrcpynA
WritePrivateProfileStringA
MultiByteToWideChar
_lcreat
_lwrite
FileTimeToDosDateTime
GetFileTime
FileTimeToLocalFileTime
GetSystemDirectoryA
_lread
GetDriveTypeA
lstrcmpA
_lopen
_llseek
MulDiv
lstrcmpiA
_lclose
lstrcpyA
GetModuleFileNameA
lstrlenA
CopyFileA
GetTempPathA
GetTempFileNameA
LoadResource
FindResourceA
LockResource
GetPrivateProfileStringA
GetLocalTime
FreeEnvironmentStringsA
HeapReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsW
VirtualFree
ExitProcess
HeapCreate
HeapDestroy
GetEnvironmentVariableA
ReadFile
SetFilePointer
WriteFile
GetStdHandle
SetHandleCount
SetStdHandle
LCMapStringW
LCMapStringA
WideCharToMultiByte
GetStringTypeW
GetStringTypeA
GetCurrentProcess
TerminateProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapFree
HeapAlloc
MoveFileA
CreateFileA
GetFileType
SetEndOfFile
CloseHandle
GetFullPathNameA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
GetCPInfo
VirtualAlloc
GetACP
GetOEMCP

user32

LoadBitmapA
UpdateWindow
RegisterClassA
SetWindowTextA
wsprintfA
MessageBoxA
GetSysColor
CreateWindowExA
DispatchMessageA
ShowWindow
LoadIconA
KillTimer
DestroyWindow
GetMessageA
ExitWindowsEx
LoadCursorA
SetCursor
EnableWindow
IsWindowVisible
CreateDialogParamA
IsDialogMessageA
PostMessageA
EndPaint
PostQuitMessage
GetClientRect
BeginPaint
ReleaseDC
InvalidateRect
GetDC
DefWindowProcA
MoveWindow
GetWindowRect
SetDlgItemTextA
EndDialog
GetDlgItemTextA
SetRect
ScreenToClient
GetWindowTextA
SendMessageA
SendDlgItemMessageA
GetDlgItem
SetFocus
OemToCharA
DialogBoxParamA
DrawEdge
CharNextA
GetDialogBaseUnits
FillRect
DrawIcon
LoadStringA
GetParent
EnumChildWindows
FindWindowA
DdeCreateDataHandle
DdeInitializeA
DdeCreateStringHandleA
DdeClientTransaction
DdeGetData
TranslateMessage
SetTimer
DdeUninitialize
PeekMessageA
DdeDisconnect
DdeFreeDataHandle
DdeConnect

gdi32

CreateBrushIndirect
TextOutA
SetTextColor
GetTextExtentPointA
CreateFontA
GetDeviceCaps
SetBkMode
BitBlt
GetObjectA
DeleteDC
PatBlt
CreateSolidBrush
CreateCompatibleDC
RealizePalette
SelectPalette
SelectObject
MoveToEx
CreatePen
LineTo
SetBkColor
StretchBlt
ExtTextOutA
CreateCompatibleBitmap
CreateFontIndirectA
GetStockObject
DeleteObject

comdlg32

GetOpenFileNameA

advapi32

RegSetValueExA
RegCloseKey
RegDeleteValueA
RegQueryValueExA
RegEnumValueA
RegOpenKeyExA
CloseServiceHandle
OpenSCManagerA
RegSetValueA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegEnumKeyA
RegOpenKeyA
DeleteService
ControlService
OpenServiceA

shell32

ShellExecuteA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

Exports

Exports

_ItemDlg@16
_MainWndProc@16
_ProgressDlg@16
_PromptDlg@16
_SharedDlg@16

Sections

.text
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
license.txt
note.txt
order.txt
readme.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 35KB - Virtual size: 116KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 1024B - Virtual size: 16KB

.idata Size: 1KB - Virtual size: 4KB

.ASIdle Size: 4KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 4KB

.reloc Size: 5KB - Virtual size: 8KB

.aspack Size: 5KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

81552d2c90c63102060e67fe9ce6cbca

Headers

File Characteristics

Imports

asidle

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

winmm

wsock32

wininet

powrprof

Sections

.rdata Size: 141KB - Virtual size: 144KB

.data Size: 417KB - Virtual size: 440KB

.rsrc Size: 785KB - Virtual size: 788KB

26aa670a35af307317f8e1cc200b920a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

version

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 712B

.reloc Size: 512B - Virtual size: 498B

1253fca4d360ee1861d91e5029004cf5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Exports

Exports

Sections

.text Size: 65KB - Virtual size: 64KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 13KB - Virtual size: 16KB

.rsrc Size: 62KB - Virtual size: 61KB

.text
Size: 35KB - Virtual size: 116KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 1024B - Virtual size: 16KB

.idata
Size: 1KB - Virtual size: 4KB

.ASIdle
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 4KB

.reloc
Size: 5KB - Virtual size: 8KB

.aspack
Size: 5KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

.rdata
Size: 141KB - Virtual size: 144KB

.data
Size: 417KB - Virtual size: 440KB

.rsrc
Size: 785KB - Virtual size: 788KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 712B

.reloc
Size: 512B - Virtual size: 498B

.text
Size: 65KB - Virtual size: 64KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 13KB - Virtual size: 16KB

.rsrc
Size: 62KB - Virtual size: 61KB