e9c3fa351ce26b8a3f6a912ee0f079eb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e9c3fa351ce26b8a3f6a912ee0f079eb_JaffaCakes118
Size

6.3MB
MD5

e9c3fa351ce26b8a3f6a912ee0f079eb
SHA1

4ebeeb7629b0dea52130d4f9e61fdf8194a23699
SHA256

3c709a16c3d7384b13692e05435aacd6fd042f7718803edefdf80f1da1d56a93
SHA512

6b1459197f795c716ec4842e7425ce29fb9fd821aed1f0c4f89afa76065143c9f884c685bfcf6c0b96257c1ae461929bc2b3892252948098ccee816876112f71
SSDEEP

196608:T1UakimqTSOf8z4ar7ldCvzmRfkOfzEUEdg/jmBp8o:TS7im4JaXCvzmRfk7uiBp3

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack002/LiveUpdate.exe
unpack002/Lottery.exe
unpack002/libmySQL.dll
unpack001/setup.exe

Files

e9c3fa351ce26b8a3f6a912ee0f079eb_JaffaCakes118
.rar
Autorun.inf
Data1.cab
.cab
Bonus.data
LiveUpdate.exe
.exe windows:4 windows x86 arch:x86

60c369dcdb2235c412b36b0091de2e7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

libmysql

mysql_init
mysql_real_connect
mysql_select_db
mysql_close
mysql_query
mysql_store_result
mysql_num_rows
mysql_fetch_row
mysql_free_result

kernel32

FormatMessageA
WinExec
lstrlenA
lstrcatA
GetComputerNameA
DeleteFileA
FreeResource
WriteFile
SizeofResource
LockResource
LoadResource
FindResourceA
SetFileAttributesA
CreateProcessA
GetStartupInfoA
GetTempFileNameA
GetTempPathA
MoveFileA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
CompareFileTime
FileTimeToLocalFileTime
GetModuleFileNameA
OpenFile
TlsAlloc
FlushFileBuffers
SetStdHandle
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
LCMapStringW
LCMapStringA
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
WaitForSingleObject
GetLastError
CreateFileA
GetFileSize
ReadFile
lstrcpyA
GetTickCount
Sleep
CreateThread
CloseHandle
GetFileTime
TlsSetValue
SetLastError
TlsGetValue
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
SetFilePointer
GetCurrentThreadId
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
InterlockedIncrement
InterlockedDecrement
DeviceIoControl
GetVersionExA
GetCurrentDirectoryA
SetPriorityClass
GetCurrentProcess
CopyFileA
GetSystemDirectoryA
RtlUnwind
GetModuleHandleA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
LeaveCriticalSection

user32

GetDC
DialogBoxParamA
MessageBoxA
LoadStringA
DrawTextA
SetWindowTextA
ShowWindow
EndDialog
ReleaseDC
LoadCursorA
ScreenToClient
GetWindowRect
GetDlgItem
SetClassLongA
LoadIconA
AppendMenuA
GetSystemMenu
DispatchMessageA
SetCursor
SendDlgItemMessageA
SendMessageA
EnableWindow
MsgWaitForMultipleObjectsEx
GetMessageA

gdi32

SetBkMode
CreateDIBitmap
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
SelectObject
BitBlt
CreateBitmap
SetBkColor
DeleteDC
SetTextColor

advapi32

RegQueryValueA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey

shell32

ShellExecuteA

ole32

CoInitialize
CoUninitialize

comctl32

InitCommonControlsEx

wininet

HttpQueryInfoA
HttpSendRequestA
HttpAddRequestHeadersA
InternetReadFile
InternetCloseHandle
InternetConnectA
InternetOpenA
InternetGetConnectedState
InternetOpenUrlA
HttpOpenRequestA

imagehlp

MapFileAndCheckSumA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Lottery.chm
.chm
Lottery.dll
Lottery.exe
.exe windows:4 windows x86 arch:x86

a91a589f8f8a59520ecb84873e0fd9d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

libmysql

mysql_free_result
mysql_fetch_row
mysql_num_rows
mysql_store_result
mysql_query
mysql_error
mysql_init
mysql_real_connect
mysql_close
mysql_select_db

kernel32

GetVersion
lstrcpynA
WinExec
lstrlenA
lstrcatA
GetComputerNameA
FormatMessageA
TerminateThread
GetExitCodeThread
SetFileTime
GetFileTime
GetTempFileNameA
GetTempPathA
CreateProcessA
GetStartupInfoA
IsBadReadPtr
FlushFileBuffers
SetStdHandle
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
SetFileAttributesA
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
SetFilePointer
InterlockedIncrement
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
HeapSize
HeapReAlloc
TerminateProcess
ExitProcess
GetCommandLineA
GetModuleHandleA
GetSystemTime
GetTimeZoneInformation
HeapAlloc
HeapFree
RtlUnwind
RaiseException
GetProcAddress
GetSystemDirectoryA
CopyFileA
GetCurrentProcess
SetPriorityClass
GetCurrentDirectoryA
GetVersionExA
DeviceIoControl
CompareFileTime
FileTimeToSystemTime
GetPrivateProfileStringA
OpenFile
FindResourceA
LoadResource
LockResource
SizeofResource
WriteFile
FreeResource
WritePrivateProfileStringA
GetLocalTime
SetEnvironmentVariableA
SystemTimeToFileTime
CreateSemaphoreA
GetLastError
GetModuleFileNameA
WaitForSingleObject
DeleteFileA
MoveFileA
LoadLibraryA
GetPrivateProfileIntA
FreeLibrary
CreateFileA
GetFileSize
ReadFile
lstrcpyA
GetTickCount
Sleep
CreateThread
CloseHandle
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
SetEndOfFile
CompareStringA
CompareStringW
GetEnvironmentVariableA

user32

SetPropA
DeleteMenu
ReleaseDC
GetDC
DialogBoxParamA
MessageBoxA
LoadStringA
SetWindowTextA
GetDlgItemTextA
SendMessageA
GetDlgItem
CheckMenuItem
SetTimer
SetForegroundWindow
KillTimer
RemovePropA
GetMenuState
LoadIconA
SetClassLongA
PostMessageA
CopyRect
DrawFocusRect
DrawTextA
InflateRect
IsWindowEnabled
MsgWaitForMultipleObjects
GetWindowTextLengthA
ScreenToClient
SetDlgItemInt
GetDlgItemInt
SetFocus
CreateDialogParamA
ShowWindow
UpdateWindow
IsDialogMessageA
DestroyWindow
MsgWaitForMultipleObjectsEx
GetMessageA
FillRect
SetDlgItemTextA
GetWindowTextA
LoadCursorA
SetCursor
CheckRadioButton
GetSystemMenu
LoadBitmapA
GetSystemMetrics
SetWindowPos
GetWindowDC
PeekMessageA
DispatchMessageA
TranslateMessage
GetMenu
EnableMenuItem
BeginPaint
InvalidateRect
EndPaint
EnableWindow
CheckDlgButton
GetClientRect
GetWindowRect
MoveWindow
SendDlgItemMessageA
IsDlgButtonChecked
EndDialog

gdi32

CreateSolidBrush
StartPage
EndPage
EndDoc
CreatePen
MoveToEx
StartDocA
GetObjectA
SetBkMode
SetTextColor
CreateFontIndirectA
TextOutA
CreateDIBitmap
CreateCompatibleDC
DeleteObject
SelectObject
BitBlt
CreateBitmap
SetBkColor
DeleteDC
GetDeviceCaps
CreateDCA
SetAbortProc
GetStockObject
Ellipse
LineTo
CreateCompatibleBitmap

winspool.drv

EnumPrintersA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegQueryValueA
RegDeleteValueA

shell32

ShellExecuteA

ole32

CoInitialize
OleInitialize
CoUninitialize
OleUninitialize

comctl32

ord6
CreateToolbarEx
InitCommonControlsEx

imagehlp

MapFileAndCheckSumA

ws2_32

inet_ntoa
gethostbyname
gethostname

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 444KB - Virtual size: 441KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 452KB - Virtual size: 450KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Mini.DLL
News.data
.data .rtf
Odds.data
OddsRes.data
cash.data
libmySQL.dll
.dll windows:4 windows x86 arch:x86

4e5652504f832690a192841c4601cef5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

shutdown
closesocket
setsockopt
send
recv
WSAStartup
WSACleanup
gethostbyname
socket
WSAGetLastError
ioctlsocket
htons
getservbyname
ntohs
connect

kernel32

GetLocaleInfoW
SetEndOfFile
LCMapStringW
LCMapStringA
LoadLibraryA
RaiseException
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
CompareStringW
CompareStringA
HeapSize
GetOEMCP
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetWindowsDirectoryA
GetCurrentThreadId
SetNamedPipeHandleState
WaitNamedPipeA
CreateFileA
GetLastError
InterlockedIncrement
DeleteCriticalSection
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateSemaphoreA
ReadFile
WriteFile
CloseHandle
HeapAlloc
HeapFree
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetFileAttributesA
WideCharToMultiByte
GetTimeZoneInformation
MultiByteToWideChar
HeapReAlloc
GetFullPathNameA
GetSystemTimeAsFileTime
GetCommandLineA
GetVersionExA
SetLastError
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
FlushFileBuffers
SetStdHandle
GetFileType
SetHandleCount
GetStdHandle
GetStartupInfoA
VirtualProtect
GetSystemInfo
VirtualQuery
SetFilePointer
SetEnvironmentVariableA
SetEnvironmentVariableW
GetCPInfo
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
RtlUnwind
GetDriveTypeA
GetCurrentDirectoryA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetACP

advapi32

RegEnumValueA
RegCloseKey
RegOpenKeyExA

Exports

Exports

_dig_vec
bmove_upp
delete_dynamic
free_defaults
getopt_compare_strings
getopt_ull_limit_value
handle_options
init_dynamic_array
insert_dynamic
int2str
is_prefix
list_add
list_delete
load_defaults
max_allowed_packet
my_casecmp
my_end
my_getopt_print_errors
my_init
my_malloc
my_memdup
my_no_flags_free
my_path
my_print_help
my_print_variables
my_realloc
my_strdup
my_thread_end
my_thread_init
myodbc_remove_escape
mysql_add_slave
mysql_affected_rows
mysql_change_user
mysql_character_set_name
mysql_close
mysql_data_seek
mysql_debug
mysql_disable_reads_from_master
mysql_disable_rpl_parse
mysql_dump_debug_info
mysql_enable_reads_from_master
mysql_enable_rpl_parse
mysql_eof
mysql_errno
mysql_error
mysql_escape_string
mysql_fetch_field
mysql_fetch_field_direct
mysql_fetch_fields
mysql_fetch_lengths
mysql_fetch_row
mysql_field_count
mysql_field_seek
mysql_field_tell
mysql_free_result
mysql_get_client_info
mysql_get_host_info
mysql_get_proto_info
mysql_get_server_info
mysql_info
mysql_init
mysql_insert_id
mysql_kill
mysql_list_dbs
mysql_list_fields
mysql_list_processes
mysql_list_tables
mysql_master_query
mysql_master_send_query
mysql_num_fields
mysql_num_rows
mysql_odbc_escape_string
mysql_options
mysql_ping
mysql_query
mysql_read_query_result
mysql_reads_from_master_enabled
mysql_real_connect
mysql_real_escape_string
mysql_real_query
mysql_refresh
mysql_row_seek
mysql_row_tell
mysql_rpl_parse_enabled
mysql_rpl_probe
mysql_rpl_query_type
mysql_select_db
mysql_send_query
mysql_set_master
mysql_shutdown
mysql_slave_query
mysql_slave_send_query
mysql_ssl_set
mysql_stat
mysql_store_result
mysql_thread_id
mysql_thread_safe
mysql_use_result
net_buffer_length
set_dynamic
strcend
strdup_root
strfill
strinstr
strmake
strmov
strxmov

Sections

.text
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
match.data
smartvsd.vxd
Setup.bmp
setup.exe
.exe windows:4 windows x86 arch:x86

3df1cad47b0f4f27a8eb25481d61d147

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerLanguageNameA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA

comctl32

ord17

kernel32

QueryPerformanceFrequency
InterlockedDecrement
InterlockedIncrement
lstrcatA
WriteFile
CreateEventA
CompareStringW
GetVersionExA
Sleep
CompareStringA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFilePointer
GetProcAddress
LoadLibraryA
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
LockResource
SetFileAttributesA
FreeLibrary
FindResourceA
CreateProcessA
GetModuleFileNameA
lstrcmpA
GetSystemDefaultLCID
GlobalHandle
SetLastError
SetCurrentDirectoryA
DeleteFileA
lstrlenW
WaitForSingleObject
GetSystemInfo
IsValidCodePage
FlushFileBuffers
LocalFree
FormatMessageA
GetDiskFreeSpaceA
_lclose
OpenFile
GetDriveTypeA
CreateDirectoryA
GetFileAttributesA
RemoveDirectoryA
GetExitCodeProcess
GetCurrentProcess
GetCurrentThread
GetLocaleInfoA
lstrcpyA
GetPrivateProfileStringA
lstrlenA
CreateFileA
GetFileSize
GlobalAlloc
CloseHandle
GlobalLock
ReadFile
GlobalUnlock
GlobalFree
GetLastError
WideCharToMultiByte
CopyFileA
MultiByteToWideChar
CreateThread
GetExitCodeThread
GetTickCount
lstrcmpiA
ExpandEnvironmentStringsA
GetPrivateProfileIntA
GetTempPathA
SetErrorMode
GetWindowsDirectoryA
GetTempFileNameA
WritePrivateProfileStringA
GetPrivateProfileSectionA
MoveFileA
LoadResource
SizeofResource
SetHandleCount
RaiseException
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetEnvironmentStringsW
GetStdHandle
GetACP
GetCPInfo
SetUnhandledExceptionFilter
DeleteCriticalSection
InitializeCriticalSection
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
HeapSize
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
TerminateProcess
ExitProcess
SetStdHandle
HeapAlloc
HeapFree
RtlUnwind
SystemTimeToFileTime
QueryPerformanceCounter
ResetEvent
SetEvent
lstrcpynA
SearchPathA
FindFirstFileA
VirtualProtect
VirtualQuery
FindClose
IsBadReadPtr
GetStringTypeA
GetStringTypeW
LCMapStringW
LCMapStringA
IsBadCodePtr
GetFileType

user32

MessageBoxA
ReleaseDC
GetDC
DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExA
RegisterClassA
LoadCursorA
LoadIconA
SetTimer
PostQuitMessage
KillTimer
PostMessageA
DefWindowProcA
PeekMessageA
MsgWaitForMultipleObjects
wsprintfA
GetDesktopWindow
DialogBoxParamA
ShowWindow
GetDlgItem
EndDialog
GetWindowDC
SetWindowPos
ClientToScreen
GetClientRect
SetWindowLongA
EndPaint
BeginPaint
GetWindowLongA
WaitForInputIdle
CreateDialogParamA
CharNextA
SendDlgItemMessageA
ExitWindowsEx
CharPrevA
LoadStringA
wvsprintfA
GetClassInfoA
UpdateWindow
SetCursor
GetDlgItemTextA
EnableWindow
GetParent
GetWindowTextLengthA
GetWindowTextA
MoveWindow
GetWindowPlacement
DrawIcon
GetDlgCtrlID
SetWindowTextA
FillRect
GetSysColor
GetSysColorBrush
IsDialogMessageA
SendMessageA
GetWindowRect
FindWindowA
IntersectRect
SubtractRect
IsWindow
DestroyWindow
SetRect
GetSystemMetrics
DestroyIcon
CharLowerBuffA

gdi32

RealizePalette
GetDeviceCaps
CreatePalette
GetSystemPaletteEntries
GetStockObject
DeleteObject
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
CreateSolidBrush
CreateFontIndirectA
GetObjectA
SetTextColor
SetBkMode
GetTextExtentPointA
TranslateCharsetInfo
CreateDIBitmap
SelectPalette

advapi32

EqualSid
RegQueryValueA
RegOpenKeyA
RegCloseKey
RegQueryValueExA
OpenThreadToken
GetTokenInformation
AllocateAndInitializeSid
RegCreateKeyExA
FreeSid
RegOpenKeyExA
RegDeleteValueA
RegSetValueExA
RegEnumValueA
RegDeleteKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

ole32

CreateItemMoniker
CoCreateGuid
StringFromCLSID
StgIsStorageFile
StgOpenStorage
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize
GetRunningObjectTable

oleaut32

SysReAllocStringLen
SysFreeString
SysAllocString
SysAllocStringLen
SysStringLen
VariantClear
VariantChangeType

Sections

.text
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
下载说明.htm
.html .js polyglot
彩神168胜负彩投注助手.msi
.msi

Sharing

General

Malware Config

Signatures

Files

60c369dcdb2235c412b36b0091de2e7f

Headers

File Characteristics

Imports

libmysql

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

wininet

imagehlp

version

Sections

.text Size: 52KB - Virtual size: 52KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 52KB - Virtual size: 59KB

.rsrc Size: 64KB - Virtual size: 61KB

a91a589f8f8a59520ecb84873e0fd9d6

Headers

File Characteristics

Imports

libmysql

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

comctl32

imagehlp

ws2_32

version

Sections

.text Size: 444KB - Virtual size: 441KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 68KB - Virtual size: 76KB

.rsrc Size: 452KB - Virtual size: 450KB

4e5652504f832690a192841c4601cef5

Headers

File Characteristics

Imports

wsock32

kernel32

advapi32

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 121KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 72KB - Virtual size: 112KB

.reloc Size: 12KB - Virtual size: 8KB

3df1cad47b0f4f27a8eb25481d61d147

Headers

File Characteristics

Imports

version

shell32

comctl32

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 124KB - Virtual size: 121KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 20KB - Virtual size: 34KB

.rsrc Size: 48KB - Virtual size: 46KB

.text
Size: 52KB - Virtual size: 52KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 52KB - Virtual size: 59KB

.rsrc
Size: 64KB - Virtual size: 61KB

.text
Size: 444KB - Virtual size: 441KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 68KB - Virtual size: 76KB

.rsrc
Size: 452KB - Virtual size: 450KB

.text
Size: 124KB - Virtual size: 121KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 72KB - Virtual size: 112KB

.reloc
Size: 12KB - Virtual size: 8KB

.text
Size: 124KB - Virtual size: 121KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 20KB - Virtual size: 34KB

.rsrc
Size: 48KB - Virtual size: 46KB