daea0bd234ee65047d0210e0450b1bbe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

daea0bd234ee65047d0210e0450b1bbe_JaffaCakes118
Size

1.8MB
MD5

daea0bd234ee65047d0210e0450b1bbe
SHA1

97aa29b7d086c4e197ae58f9dc223d762e62445f
SHA256

a8111f1a9eb79cc82e0a2d00fb041cf37528cc3f1a89a085fa7efb6fd22fccf0
SHA512

c03121862370ea068782e5ac37daa661a6540a4028690202eee3b39e17437b280976895de8609659a242e211ef31ca18273e57219f23c4aa27fe9a0bd94c801d
SSDEEP

49152:zywO6ynyyF+JzU3RokOhlBEyvqko69/TwHOiiF1Q4KUs:rOiyFAgut9TxiibQms

Score

3^/10

Malware Config

Signatures

Unsigned PE 9 IoCs

Checks for missing Authenticode signature.

resource
unpack001/程序/bin/App_Code.dll
unpack001/程序/bin/App_WebReferences.dll
unpack001/程序/bin/App_Web_7buwklbw.dll
unpack001/程序/bin/App_Web_dhaukcul.dll
unpack001/程序/bin/App_Web_izuvqlrv.dll
unpack001/程序/bin/App_Web_j8wx_o2r.dll
unpack001/程序/bin/App_Web_l0tuyowm.dll
unpack001/程序/bin/Intelligencia.UrlRewriter.dll
unpack001/程序/bin/qicms.dll

Files

daea0bd234ee65047d0210e0450b1bbe_JaffaCakes118
.rar
v1.0sql版升级到v2.0sql版.txt
初始安装说明.doc
.doc windows office2003
升级报告.txt
程序/PrecompiledApp.config
程序/Web.Config
程序/adddianpu.aspx
.js
程序/admin/Viewstore.aspx
.js
程序/admin/addadmin.aspx
.js
程序/admin/addstore.aspx
.js
程序/admin/addzheq.aspx
.js
程序/admin/comment.aspx
程序/admin/css/style.css
程序/admin/dq.aspx
程序/admin/excel.aspx
程序/admin/huiyuan.aspx
程序/admin/image/add_01.jpg
.jpg
程序/admin/image/button.gif
.gif
程序/admin/image/dian.gif
.gif
程序/admin/image/dixian.jpg
.jpg
程序/admin/image/dixian2.jpg
.jpg
程序/admin/image/l_now.gif
.gif
程序/admin/image/l_topbg.gif
.gif
程序/admin/image/left_bg.gif
.gif
程序/admin/image/line.gif
.gif
程序/admin/image/menu_bgs.gif
.gif
程序/admin/image/now.gif
.gif
程序/admin/image/sanjiao.gif
.gif
程序/admin/image/top_bg.gif
.gif
程序/admin/image/top_imgbg.gif
.gif
程序/admin/imagelist.aspx
程序/admin/images/fox.css
程序/admin/images/icon-demo.gif
.gif
程序/admin/images/icon-login-seaver.gif
.gif
程序/admin/images/login-buttom-bg.gif
.gif
程序/admin/images/login-content-bg.gif
.gif
程序/admin/images/login-top-bg.gif
.gif
程序/admin/images/login-wel.gif
.gif
程序/admin/images/login_bg.jpg
.jpg
程序/admin/images/logo.png
.png
程序/admin/images/luck.gif
.gif
程序/admin/images/skin.css
程序/admin/index.aspx
.asp
程序/admin/ka.aspx
程序/admin/kindeditor/index.css
程序/admin/kindeditor/kindeditor.js
.js
程序/admin/kindeditor/plugins/about.htm
程序/admin/kindeditor/plugins/emoticons/etc_01.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_02.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_03.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_04.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_05.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_06.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_07.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_08.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_09.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_10.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_11.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_12.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_13.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_14.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_15.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_16.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_17.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_18.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_19.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_20.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_21.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_22.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_23.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_24.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_25.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_26.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_27.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_28.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_29.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_30.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_31.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_32.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_33.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_34.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_35.gif
.gif
程序/admin/kindeditor/plugins/emoticons/etc_36.gif
.gif
程序/admin/kindeditor/plugins/flash.htm
程序/admin/kindeditor/plugins/image.htm
程序/admin/kindeditor/plugins/link.htm
程序/admin/kindeditor/plugins/media.htm
程序/admin/kindeditor/plugins/plainpaste.htm
程序/admin/kindeditor/plugins/remote_image.htm
程序/admin/kindeditor/plugins/upload.aspx
程序/admin/kindeditor/plugins/wordpaste.htm
.js
程序/admin/kindeditor/skins/default.css
程序/admin/kindeditor/skins/default.gif
.gif
程序/admin/kindeditor/skins/div.gif
.gif
程序/admin/kindeditor/skins/dl.gif
.gif
程序/admin/kindeditor/skins/editor.css
程序/admin/kindeditor/skins/ol.gif
.gif
程序/admin/kindeditor/skins/p.gif
.gif
程序/admin/kindeditor/skins/tinymce.css
程序/admin/kindeditor/skins/tinymce.gif
.gif
程序/admin/kindeditor/skins/ul.gif
.gif
程序/admin/lb.aspx
.asp
程序/admin/left.aspx
程序/admin/login.aspx
.js
程序/admin/moban.aspx
.js
程序/admin/music.aspx
.js
程序/admin/right.aspx
程序/admin/s.aspx
程序/admin/top.aspx
程序/admin/tousu.aspx
程序/admin/upload.aspx
.js
程序/bin/App_Code.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
程序/bin/App_WebReferences.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
程序/bin/App_Web_7buwklbw.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
程序/bin/App_Web_dhaukcul.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
程序/bin/App_Web_izuvqlrv.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
程序/bin/App_Web_j8wx_o2r.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
程序/bin/App_Web_l0tuyowm.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
程序/bin/Intelligencia.UrlRewriter.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
程序/bin/qicms.dll
.dll windows:4 windows x86 arch:x86

5946102212fc38379f0a7686424bedc7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy
LocalAlloc

version

VerQueryValueA

psapi

GetModuleInformation

iphlpapi

GetAdaptersInfo

user32

DestroyMenu

gdi32

ScaleViewportExtEx

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA

advapi32

RegEnumKeyA

comctl32

ord17

shlwapi

PathFindExtensionA

oleaut32

VariantChangeType

Exports

Exports

A6F86D2D67D9403eA725820C4EF210A2
A6F92A92B69B4082AB0F9C7A9C1FF10C
CheckRuntime
EC1DB9C1620C48588C4701045B242FA9
GetCpuID
GetCpuIDW
GetDiskID
GetDiskIDW
GetMacID
GetMacIDW
GetModuleBase
MainDLL
_CorExeMain

Sections

.text
Size: 104KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 656KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 476KB - Virtual size: 476KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
程序/bottom.ascx
程序/data/shop.mdb
程序/dazheka.aspx
.js
程序/huiyuan/addshop.css
程序/huiyuan/image/Thumbs.db
程序/huiyuan/image/dashanghu.gif
.gif
程序/huiyuan/image/daxiahu.gif
.gif
程序/huiyuan/image/lvshanghu.gif
.gif
程序/huiyuan/image/lvxiahu.gif
.gif
程序/huiyuan/image/shanghu.gif
.gif
程序/huiyuan/image/xiahu.gif
.gif
程序/huiyuan/index.aspx
程序/huiyuan/login.aspx
程序/huiyuan/reg.aspx
.js
程序/images/8_online.gif
.gif
程序/images/ajax.gif
.gif
程序/images/datetime.gif
.gif
程序/images/dayintubiao.jpg
.jpg
程序/images/dazheka.jpg
.jpg
程序/images/detail_10-r.gif
.gif
程序/images/detail_12.gif
.gif
程序/images/detail_13-r.gif
.gif
程序/images/detail_17.gif
.gif
程序/images/detail_18-r.gif
.gif
程序/images/dianpu_index_dengji.jpg
.jpg
程序/images/fenhong_pingpu.jpg
.jpg
程序/images/fenhong_xiao.jpg
.jpg
程序/images/fenhong_xiao2.jpg
.jpg
程序/images/fenhong_youhu.jpg
.jpg
程序/images/fenhong_zuohu.jpg
.jpg
程序/images/guestbook.gif
.gif
程序/images/h_dash1.gif
.gif
程序/images/ing.gif
.gif
程序/images/logo.gif
.gif
程序/images/lvse_pingpu.jpg
.jpg
程序/images/lvse_youhu.jpg
.jpg
程序/images/lvse_zuohu.jpg
.jpg
程序/images/menu_bg.gif
.gif
程序/images/menu_bg_l.gif
.gif
程序/images/menu_bg_r.gif
.gif
程序/images/menu_pp.jpg
.jpg
程序/images/middle_one_zuiyou_pingpu.jpg
.jpg
程序/images/middle_one_zuiyou_pingpu2.jpg
.jpg
程序/images/pic_bg.jpg
.jpg
程序/images/prints.jpg
.jpg
程序/images/repeat_y.jpg
.jpg
程序/images/shop_topb-r.gif
.gif
程序/images/shop_topbg-r.gif
.gif
程序/images/shuiyin.png
.png
程序/images/tanhao.jpg
.jpg
程序/images/top_01.gif
.gif
程序/images/top_02.gif
.gif
程序/images/top_end_bg.gif
.gif
程序/images/top_end_bg21.jpg
.jpg
程序/images/top_end_bg22.jpg
.jpg
程序/images/top_end_bg31.jpg
.jpg
程序/images/top_end_bg32.jpg
.jpg
程序/images/top_end_bg33.gif
.gif
程序/images/topnav_link.gif
.gif
程序/images/topnav_up.gif
.gif
程序/images/user.jpg
.jpg
程序/images/user_index_top.jpg
.jpg
程序/images/user_menu_pingpu.jpg
.jpg
程序/images/woyaodianping.jpg
.jpg
程序/images/xiangxi_menu_pingpu1pu.jpg
.jpg
程序/images/xiangxi_menu_pingpu2.jpg
.jpg
程序/images/xiaodian.jpg
.jpg
程序/images/xiaosanjiao.jpg
.jpg
程序/images/xiesanjiao.jpg
.jpg
程序/images/yn_icon_mapbluebg_2x29.gif
.gif
程序/images/yn_icon_mapblueleft_22x29.gif
.gif
程序/images/yn_icon_mapblueright_10x29.gif
.gif
程序/images/youhuiquan.gif
.gif
程序/images/zhuyishixiang_pingpu.jpg
.jpg
程序/images/娱乐券.jpg
.jpg
程序/images/生活券.jpg
.jpg
程序/images/美食券.jpg
.jpg
程序/images/购物券.jpg
.jpg
程序/inc/RandomImage.aspx
程序/inc/ajax.aspx
.asp
程序/inc/ajax.js
.js
程序/inc/css.css
程序/inc/lightbox.js
.js
程序/inc/lightbox/images/blank.gif
.gif
程序/inc/lightbox/images/closelabel.gif
.gif
程序/inc/lightbox/images/loading.gif
.gif
程序/inc/lightbox/images/nextlabel.gif
.gif
程序/inc/lightbox/images/prevlabel.gif
.gif
程序/inc/lightbox/images/printlabel.gif
.gif
程序/inc/lightbox/js.js
.js
程序/inc/lightbox/style.css
程序/inc/loading.js
.js
程序/inc/rq.js
.js
程序/inc/scrollhuiyuan.js
.js
程序/inc/scrollpic.js
.js
程序/inc/shenqing.css
程序/inc/star.js
.js
程序/inc/szr.js
.js
程序/inc/tb.js
.js
程序/inc/xiangxi.css
程序/inc/zhe.css
程序/index.aspx
程序/pinglun.aspx
程序/print.aspx
程序/search.aspx
程序/sitemap.aspx
程序/tishi.aspx
程序/toleave.aspx
.js
程序/top.ascx
程序/xiangxi.aspx
.js
程序/youhuiquan.aspx
程序/新云软件.url
.url
进入QICMS官方网站.url
进入QICMS官方论坛.url

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 32KB - Virtual size: 31KB

.rsrc Size: 4KB - Virtual size: 680B

.reloc Size: 28KB - Virtual size: 24KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 5KB - Virtual size: 5KB

.rsrc Size: 1024B - Virtual size: 712B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 44KB - Virtual size: 44KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 24KB - Virtual size: 24KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 28KB - Virtual size: 28KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 20KB - Virtual size: 20KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 24KB - Virtual size: 23KB

.rsrc Size: 4KB - Virtual size: 712B

.reloc Size: 20KB - Virtual size: 16KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 24KB - Virtual size: 23KB

.rsrc Size: 4KB - Virtual size: 712B

.reloc Size: 20KB - Virtual size: 16KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 92KB - Virtual size: 92KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 48KB - Virtual size: 48KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

.text
Size: 32KB - Virtual size: 31KB

.rsrc
Size: 4KB - Virtual size: 680B

.reloc
Size: 28KB - Virtual size: 24KB

.text
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1024B - Virtual size: 712B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 44KB - Virtual size: 44KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 24KB - Virtual size: 24KB

.text
Size: 28KB - Virtual size: 28KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 20KB - Virtual size: 20KB

.text
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 4KB - Virtual size: 712B

.reloc
Size: 20KB - Virtual size: 16KB

.text
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 4KB - Virtual size: 712B

.reloc
Size: 20KB - Virtual size: 16KB

.text
Size: 92KB - Virtual size: 92KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 48KB - Virtual size: 48KB

.text
Size: 44KB - Virtual size: 41KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 104KB - Virtual size: 236KB

.rsrc
Size: 20KB - Virtual size: 17KB

.idata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 656KB

.data
Size: 476KB - Virtual size: 476KB

.data
Size: 4KB - Virtual size: 4KB