d54febeeb69a3c3ae486957f3113ca3a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d54febeeb69a3c3ae486957f3113ca3a_JaffaCakes118
Size

390KB
MD5

d54febeeb69a3c3ae486957f3113ca3a
SHA1

545413bcb5a08b12f5c51fbb1934b69ef8543ca6
SHA256

be0ef09be5d1f53d0560ae80833d3ccc7ee5623d7851e11f9f8294847a0ae0cf
SHA512

2cdc6cd622ace0df5c19562fda928405362667463ffb0215c9e906945d27818de246ad0970732af72ca490528379e77501dadf6c596c4a2cfa8d753f4d2bd620
SSDEEP

12288:HfoEoTfmdu11cfa8vYoLBL4K5NIL4NFXGPHdRr:HQEGm02fzwod4KIMuHdV

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Ecl1pse.dll
unpack001/Winsock packet editor.exe
unpack001/tminfo.dat

Files

d54febeeb69a3c3ae486957f3113ca3a_JaffaCakes118
.zip
Ecl1pse.dll
.dll windows:4 windows x86 arch:x86

f895eb84b553f8de5220434165c1affa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileType
ReadProcessMemory
OpenProcess
DeleteCriticalSection
GetModuleFileNameA
GetStartupInfoA
CloseHandle
FlushFileBuffers
LoadLibraryA
SetFilePointer
SetStdHandle
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
WriteProcessMemory
VirtualAlloc
HeapDestroy
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapFree
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc

user32

IsChild
CallNextHookEx
IsWindow
FindWindowA
GetWindowThreadProcessId

wsock32

send

Exports

Exports

ClientCallWndProc
ClientGetMsgProc

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1003B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WINSOCK PACKET EDITOR.HLP
WSKGSPY.VXD
Winsock packet editor.exe
.exe windows:4 windows x86 arch:x86

3e23963b851b37f453518f0c86b027b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
CreateThread
ExitThread
HeapSize
HeapReAlloc
HeapDestroy
GetACP
GetOEMCP
VirtualAlloc
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
HeapCreate
GetEnvironmentStringsW
GetStdHandle
Process32Next
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
CompareStringA
GetLocalTime
GetCPInfo
SetEvent
ReadProcessMemory
Sleep
CloseHandle
GetModuleHandleA
InitializeCriticalSection
EnterCriticalSection
OpenProcess
WriteProcessMemory
LeaveCriticalSection
CreateFileA
DeviceIoControl
WaitForSingleObject
CreateEventA
GetSystemDirectoryA
GetProcAddress
GlobalMemoryStatus
CreateMutexA
GetLastError
ReleaseMutex
lstrcatA
lstrlenA
WinExec
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
CreateToolhelp32Snapshot
Process32First
GetProfileStringA
GetSystemTime
GetTimeZoneInformation
RaiseException
GetCommandLineA
GetStartupInfoA
SetEnvironmentVariableA
GetDriveTypeA
TerminateProcess
ExitProcess
SetCurrentDirectoryA
HeapFree
HeapAlloc
RtlUnwind
GetDiskFreeSpaceA
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesA
GetCurrentDirectoryA
GlobalSize
lstrlenW
CopyFileA
GetModuleFileNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
SizeofResource
GetVersionExA
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
GlobalHandle
DeleteCriticalSection
TlsAlloc
LocalAlloc
WritePrivateProfileStringA
GetPrivateProfileIntA
SuspendThread
SetThreadPriority
ResumeThread
GlobalDeleteAtom
lstrcmpiA
GetCurrentThread
GlobalGetAtomNameA
GlobalAddAtomA
GetTickCount
lstrcmpA
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcpynA
SetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
FormatMessageA
LocalFree
GlobalFree
FindResourceA
LoadResource
LockResource
GetVersion
CompareStringW
GetCurrentThreadId
SetHandleCount
GetFileType
VirtualFree
CreateThread
ExitThread
HeapSize
HeapReAlloc
HeapDestroy
GetACP
GetOEMCP
VirtualAlloc
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
HeapCreate
GetEnvironmentStringsW
GetStdHandle
Process32Next
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
CompareStringA
GetLocalTime
GetCPInfo
SetEvent
ReadProcessMemory
Sleep
CloseHandle
GetModuleHandleA
InitializeCriticalSection
EnterCriticalSection
OpenProcess
WriteProcessMemory
LeaveCriticalSection
CreateFileA
DeviceIoControl
WaitForSingleObject
CreateEventA
GetSystemDirectoryA
GetProcAddress
GlobalMemoryStatus
CreateMutexA
GetLastError
ReleaseMutex
lstrcatA
lstrlenA
WinExec
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
CreateToolhelp32Snapshot
Process32First
GetProfileStringA
GetSystemTime
GetTimeZoneInformation
RaiseException
GetCommandLineA
GetStartupInfoA
SetEnvironmentVariableA
GetDriveTypeA
TerminateProcess
ExitProcess
SetCurrentDirectoryA
HeapFree
HeapAlloc
RtlUnwind
GetDiskFreeSpaceA
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesA
GetCurrentDirectoryA
GlobalSize
lstrlenW
CopyFileA
GetModuleFileNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
SizeofResource
GetVersionExA
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
GlobalHandle
DeleteCriticalSection
TlsAlloc
LocalAlloc
WritePrivateProfileStringA
GetPrivateProfileIntA
SuspendThread
SetThreadPriority
ResumeThread
GlobalDeleteAtom
lstrcmpiA
GetCurrentThread
GlobalGetAtomNameA
GlobalAddAtomA
GetTickCount
lstrcmpA
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcpynA
SetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
FormatMessageA
LocalFree
GlobalFree
FindResourceA
LoadResource
LockResource
GetVersion
CompareStringW
GetCurrentThreadId
SetHandleCount
GetFileType

user32

FindWindowA
CharUpperA
PostThreadMessageA
GetSysColorBrush
GetActiveWindow
CreateDialogIndirectParamA
PeekMessageA
DispatchMessageA
SetActiveWindow
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
ShowScrollBar
SendDlgItemMessageA
MapWindowPoints
IsChild
GetTopWindow
wsprintfA
GetMenuItemCount
GetMenu
GetWindowTextLengthA
DestroyWindow
CreateWindowExA
CallNextHookEx
SetPropA
GetLastActivePopup
GetForegroundWindow
GetPropA
CallWindowProcA
GetMessagePos
GetWindowLongA
SetWindowLongA
SetWindowPos
SetWindowsHookExA
UnhookWindowsHookEx
DrawFocusRect
GetWindowTextA
GetDlgCtrlID
IsIconic
DrawIcon
GetWindow
IsWindowEnabled
WinHelpA
EnumWindows
CopyRect
SetScrollRange
GetMessageA
LoadBitmapA
GetDialogBaseUnits
GetDlgItem
UpdateWindow
UnpackDDElParam
ReuseDDElParam
BringWindowToTop
LoadMenuA
GetSubMenu
GetMenuItemID
SetMenuDefaultItem
SetForegroundWindow
TrackPopupMenu
LoadIconA
RegisterWindowMessageA
GetCaretPos
GetNextDlgTabItem
GetClassNameA
RegisterClassA
GetSystemMetrics
GetWindowRect
MessageBeep
CopyIcon
DestroyCursor
ShowCaret
SetCaretPos
CreateCaret
RedrawWindow
EmptyClipboard
RegisterClipboardFormatA
GetKeyState
SetScrollInfo
EnableScrollBar
DragDetect
SetScrollPos
DestroyCaret
DrawEdge
InflateRect
WindowFromPoint
SetMenu
DestroyMenu
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
MessageBoxA
ShowOwnedPopups
LoadStringA
OffsetRect
GetDesktopWindow
SetCapture
GetCapture
KillTimer
SetTimer
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
PostMessageA
ReleaseCapture
GetFocus
ClipCursor
TranslateMessage
ValidateRect
PostQuitMessage
GetScrollRange
GetScrollPos
IsWindowVisible
GetWindowThreadProcessId
GetWindowDC
InvertRect
PtInRect
LoadCursorA
SetCursor
IntersectRect
IsWindow
GetCursorPos
GetClassInfoA
DefWindowProcA
SystemParametersInfoA
GetParent
SendMessageA
EnableWindow
GetClientRect
GrayStringA
DrawTextA
TabbedTextOutA
FillRect
SetRect
GetSysColor
EndPaint
BeginPaint
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetMenuState
ModifyMenuA
MoveWindow
CheckMenuItem
EnableMenuItem
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
EndDialog
FindWindowExA
ShowWindow
GetMessageTime
RemovePropA
UnregisterClassA
HideCaret
ExcludeUpdateRgn
DefDlgProcA
CharNextA
IsWindowUnicode

gdi32

CreateCompatibleDC
RectVisible
BitBlt
TextOutA
ExtTextOutA
Escape
CreateFontIndirectA
GetObjectA
GetTextExtentPointA
GetTextMetricsA
GetDeviceCaps
StartDocA
StartPage
EndPage
AbortDoc
EndDoc
CreateFontA
GetCurrentObject
SelectObject
GetCharWidthA
SetBoundsRect
GetStockObject
DeleteObject
SetTextColor
SetBkColor
CreateBitmap
PatBlt
DeleteDC
SaveDC
RestoreDC
CreateCompatibleBitmap
CreateSolidBrush
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
CreatePen
CreateHatchBrush
CopyMetaFileA
PtVisible
CreateDIBitmap

comdlg32

GetOpenFileNameA
GetFileTitleA
PrintDlgA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegQueryValueA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA

shell32

DragQueryFileA
DragFinish
Shell_NotifyIconA
ShellExecuteA

comctl32

ImageList_Draw
ImageList_AddMasked
ImageList_GetImageInfo
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_DragLeave
ImageList_ReplaceIcon
ord17
ImageList_Destroy
ImageList_Create

oledlg

ord8

ole32

OleInitialize
OleUninitialize
CreateStreamOnHGlobal
CoFreeUnusedLibraries
ReleaseStgMedium
CoTaskMemFree
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
CoRevokeClassObject
OleDuplicateData
CoTaskMemAlloc

wsock32

inet_ntoa
WSAGetLastError
send
ioctlsocket
htons
gethostbyname
connect
closesocket
WSACleanup
WSAStartup
socket

Sections

.text
Size: 342KB - Virtual size: 341KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
tminfo.dat
.exe windows:4 windows x86 arch:x86

5ed8da255a1633d3458493b97c13d5fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCommandLineA
RaiseException
TerminateProcess
RtlUnwind
ExitProcess
CreateThread
ExitThread
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetCPInfo
GetTimeZoneInformation
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetACP
GetOEMCP
WriteFile
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrcmpA
CloseHandle
ReadProcessMemory
CreateMutexA
GetLastError
ReleaseMutex
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalGetAtomNameA
GlobalAddAtomA
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesA
WritePrivateProfileStringA
SizeofResource
GetVersionExA
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
GlobalHandle
DeleteCriticalSection
TlsAlloc
LocalAlloc
SetLastError
GetModuleFileNameA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
FreeLibrary
DeleteFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
InitializeCriticalSection
DuplicateHandle
GetFileType
GetStdHandle
LocalFree
OpenProcess
EnterCriticalSection
Process32Next
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
GlobalAlloc
GlobalDeleteAtom
lstrcmpiA
GetCurrentThread
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
MulDiv
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
LoadResource
LockResource
GetVersion
lstrcatA
GetCurrentThreadId
Sleep
GetModuleHandleA
HeapDestroy
HeapCreate
SetHandleCount
WriteProcessMemory
GetSystemDirectoryA
Process32First
CreateToolhelp32Snapshot
GetProcAddress
LoadLibraryA
GetProfileStringA
CreateEventA
WaitForSingleObject
DeviceIoControl
CreateFileA
LeaveCriticalSection
GetStartupInfoA
GetCommandLineA
RaiseException
TerminateProcess
RtlUnwind
ExitProcess
CreateThread
ExitThread
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetCPInfo
GetTimeZoneInformation
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetACP
GetOEMCP
WriteFile
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrcmpA
CloseHandle
ReadProcessMemory
CreateMutexA
GetLastError
ReleaseMutex
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalGetAtomNameA
GlobalAddAtomA
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesA
WritePrivateProfileStringA
SizeofResource
GetVersionExA
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
GlobalHandle
DeleteCriticalSection
TlsAlloc
LocalAlloc
SetLastError
GetModuleFileNameA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
FreeLibrary
DeleteFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
InitializeCriticalSection
DuplicateHandle
GetFileType
GetStdHandle
LocalFree
OpenProcess
EnterCriticalSection
Process32Next
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
GlobalAlloc
GlobalDeleteAtom
lstrcmpiA
GetCurrentThread
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
MulDiv
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
LoadResource
LockResource
GetVersion
lstrcatA
GetCurrentThreadId
Sleep
GetModuleHandleA
HeapDestroy
HeapCreate
SetHandleCount
WriteProcessMemory
GetSystemDirectoryA
Process32First
CreateToolhelp32Snapshot
GetProcAddress
LoadLibraryA
GetProfileStringA
CreateEventA
WaitForSingleObject
DeviceIoControl
CreateFileA
LeaveCriticalSection

user32

GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
ReleaseDC
ShowOwnedPopups
SetCursor
MessageBoxA
PostQuitMessage
GetCursorPos
ValidateRect
TranslateMessage
GetMessageA
PtInRect
CharUpperA
GetClassNameA
ClientToScreen
GetDesktopWindow
GetSysColorBrush
DestroyMenu
FindWindowA
OffsetRect
LoadStringA
ReleaseCapture
WindowFromPoint
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
IntersectRect
InflateRect
GetNextDlgTabItem
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
UpdateWindow
SendDlgItemMessageA
SystemParametersInfoA
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
IsWindow
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
GetMenuCheckMarkDimensions
IsWindowVisible
SetScrollInfo
GetMenuState
GetDC
SetScrollRange
GetScrollPos
IsChild
GetParent
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetMenu
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
SetPropA
UnhookWindowsHookEx
GetLastActivePopup
GetForegroundWindow
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
GetWindowThreadProcessId
LoadBitmapA
SetWindowRgn
PostMessageA
IsIconic
GetSystemMetrics
DrawIcon
GetWindowRect
ScreenToClient
RedrawWindow
GetDialogBaseUnits
SendMessageA
GetSysColor
DrawFocusRect
LoadCursorA
LoadIconA
FindWindowExA
ShowWindow
BringWindowToTop
SetMenuItemBitmaps
SetForegroundWindow
GetDlgCtrlID
GetClientRect
FillRect
CheckMenuItem
EnableMenuItem
MoveWindow
SetWindowTextA
IsDialogMessageA
ShowScrollBar
ModifyMenuA
EndDeferWindowPos
ScrollWindow
InvalidateRect
EnableWindow
IsWindowEnabled
GetTopWindow
wsprintfA
SetScrollPos
CharNextA
DefDlgProcA
ShowCaret
UnregisterClassA
IsWindowUnicode
ExcludeUpdateRgn
HideCaret

gdi32

SelectObject
CreateCompatibleDC
BitBlt
CreateSolidBrush
GetObjectA
GetRegionData
ExtCreateRegion
CreateBitmap
RealizePalette
SelectPalette
GetDeviceCaps
CombineRgn
CreateRectRgn
GetPixel
SetTextColor
SetBkColor
DeleteDC
SaveDC
RestoreDC
GetStockObject
SetBkMode
SetMapMode
SetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
CreateCompatibleBitmap
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
IntersectClipRect
DeleteObject
CreateHatchBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextMetricsA
GetTextExtentPointA
PatBlt
OffsetViewportOrgEx
CreateDIBitmap

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey

shell32

DragFinish
DragQueryFileA

comctl32

ImageList_Destroy
ord17

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
tminfo1.dat

Sharing

General

Malware Config

Signatures

Files

f895eb84b553f8de5220434165c1affa

Headers

File Characteristics

Imports

kernel32

user32

wsock32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 1024B - Virtual size: 1003B

.data Size: 10KB - Virtual size: 15KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

3e23963b851b37f453518f0c86b027b7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

wsock32

Sections

.text Size: 342KB - Virtual size: 341KB

.rdata Size: 58KB - Virtual size: 58KB

.data Size: 25KB - Virtual size: 202KB

.idata Size: 11KB - Virtual size: 10KB

.rsrc Size: 124KB - Virtual size: 124KB

5ed8da255a1633d3458493b97c13d5fa

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 139KB - Virtual size: 139KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 80KB - Virtual size: 96KB

.idata Size: 8KB - Virtual size: 8KB

.rsrc Size: 180KB - Virtual size: 180KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 1024B - Virtual size: 1003B

.data
Size: 10KB - Virtual size: 15KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 342KB - Virtual size: 341KB

.rdata
Size: 58KB - Virtual size: 58KB

.data
Size: 25KB - Virtual size: 202KB

.idata
Size: 11KB - Virtual size: 10KB

.rsrc
Size: 124KB - Virtual size: 124KB

.text
Size: 139KB - Virtual size: 139KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 80KB - Virtual size: 96KB

.idata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 180KB - Virtual size: 180KB