eaa55c790170c7257a1fe6e274afd458_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eaa55c790170c7257a1fe6e274afd458_JaffaCakes118
Size

373KB
MD5

eaa55c790170c7257a1fe6e274afd458
SHA1

e58f943bca9a3c56ea6ffe450b72da147ac99ddb
SHA256

21aa2474082dbfe47ae40bb120b4c2907f4448315cdda020bc9f2f6d9a783645
SHA512

c2848f231e27f063673c011c9e099329e657bee7143708f7e0af43e6eb8292c54fae23739e473aeba403e6fd459cd864a44056b07427fc1024023bfd4b63ad5b
SSDEEP

6144:CR33KccO2LEhn+YIEDZv6Zof4nWsl8y/tgwPzj7l8A2O70uR6+0bnUoMW7pZfumt:yKPOaEhn+YfZ6sgWseOtnj2E/i37phug

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/out.upx

Files

eaa55c790170c7257a1fe6e274afd458_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Code Sign

2b:28:5e:33:de:99:de
Certificate

Issuer

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

22/05/2014, 17:38

Not After

22/05/2015, 17:38

Subject

CN=Unilogic Informatica Ltda ME,O=Unilogic Informatica Ltda ME,L=São Bernardo do Campo,ST=São Paulo,C=BR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

4c:95:f7:15:4b:8a:fe:85:66:00:77:2f:a0:c2:c5:3c:08:2a:29:ef
Signer

Actual PE Digest

4c:95:f7:15:4b:8a:fe:85:66:00:77:2f:a0:c2:c5:3c:08:2a:29:ef

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 712KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 351KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Exports

Exports

@$xp$26Shdocvw_tlb@TCppWebBrowser
@$xp$26Shdocvw_tlb@TCppWebBrowser
@$xp$26Shdocvw_tlb@TCppWebBrowser
@$xp$26Shdocvw_tlb@TCppWebBrowser
@$xp$26Shdocvw_tlb@TCppWebBrowser
@$xp$26Shdocvw_tlb@TCppWebBrowser
@$xp$28Shdocvw_tlb@TCppShellWindows
@$xp$28Shdocvw_tlb@TCppShellWindows
@$xp$28Shdocvw_tlb@TCppShellWindows
@$xp$28Shdocvw_tlb@TCppShellWindows
@$xp$28Shdocvw_tlb@TCppShellWindows
@$xp$28Shdocvw_tlb@TCppShellWindows
@$xp$29Shdocvw_tlb@TCppShellUIHelper
@$xp$29Shdocvw_tlb@TCppShellUIHelper
@$xp$29Shdocvw_tlb@TCppShellUIHelper
@$xp$29Shdocvw_tlb@TCppShellUIHelper
@$xp$29Shdocvw_tlb@TCppShellUIHelper
@$xp$29Shdocvw_tlb@TCppShellUIHelper
@$xp$29Shdocvw_tlb@TCppWebBrowser_V1
@$xp$29Shdocvw_tlb@TCppWebBrowser_V1
@$xp$29Shdocvw_tlb@TCppWebBrowser_V1
@$xp$29Shdocvw_tlb@TCppWebBrowser_V1
@$xp$29Shdocvw_tlb@TCppWebBrowser_V1
@$xp$29Shdocvw_tlb@TCppWebBrowser_V1
@$xp$32Shdocvw_tlb@TCppCScriptErrorList
@$xp$32Shdocvw_tlb@TCppCScriptErrorList
@$xp$32Shdocvw_tlb@TCppCScriptErrorList
@$xp$32Shdocvw_tlb@TCppCScriptErrorList
@$xp$32Shdocvw_tlb@TCppCScriptErrorList
@$xp$32Shdocvw_tlb@TCppCScriptErrorList
@$xp$32Shdocvw_tlb@TCppInternetExplorer
@$xp$32Shdocvw_tlb@TCppInternetExplorer
@$xp$32Shdocvw_tlb@TCppInternetExplorer
@$xp$32Shdocvw_tlb@TCppInternetExplorer
@$xp$32Shdocvw_tlb@TCppInternetExplorer
@$xp$32Shdocvw_tlb@TCppInternetExplorer
@$xp$33Shdocvw_tlb@TCppSearchAssistantOC
@$xp$33Shdocvw_tlb@TCppSearchAssistantOC
@$xp$33Shdocvw_tlb@TCppSearchAssistantOC
@$xp$33Shdocvw_tlb@TCppSearchAssistantOC
@$xp$33Shdocvw_tlb@TCppSearchAssistantOC
@$xp$33Shdocvw_tlb@TCppSearchAssistantOC
@$xp$34Shdocvw_tlb@TCppShellBrowserWindow
@$xp$34Shdocvw_tlb@TCppShellBrowserWindow
@$xp$34Shdocvw_tlb@TCppShellBrowserWindow
@$xp$34Shdocvw_tlb@TCppShellBrowserWindow
@$xp$34Shdocvw_tlb@TCppShellBrowserWindow
@$xp$34Shdocvw_tlb@TCppShellBrowserWindow
@$xp$36Shdocvw_tlb@TShellFavoritesNameSpace
@$xp$36Shdocvw_tlb@TShellFavoritesNameSpace
@$xp$36Shdocvw_tlb@TShellFavoritesNameSpace
@$xp$36Shdocvw_tlb@TShellFavoritesNameSpace
@$xp$36Shdocvw_tlb@TShellFavoritesNameSpace
@$xp$36Shdocvw_tlb@TShellFavoritesNameSpace
@@Shdocvw_ocx@Finalize
@@Shdocvw_ocx@Initialize
@@Unit1@Finalize
@@Unit1@Initialize
@@Unit2@Finalize
@@Unit2@Initialize
@@Unit3@Finalize
@@Unit3@Initialize
@@Unit5@Finalize
@@Unit5@Initialize
@Shdocvw_ocx@Register$qqrv
@Shdocvw_tlb@TCppCScriptErrorList@
@Shdocvw_tlb@TCppCScriptErrorList@
@Shdocvw_tlb@TCppCScriptErrorList@
@Shdocvw_tlb@TCppCScriptErrorList@
@Shdocvw_tlb@TCppCScriptErrorList@
@Shdocvw_tlb@TCppCScriptErrorList@
@Shdocvw_tlb@TCppCScriptErrorList@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppCScriptErrorList@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppCScriptErrorList@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppCScriptErrorList@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppCScriptErrorList@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppCScriptErrorList@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppCScriptErrorList@BeforeDestruction$qqrv
@Shdocvw_tlb@TCppCScriptErrorList@Connect$qqrv
@Shdocvw_tlb@TCppCScriptErrorList@ConnectTo$qqr91%TComInterface$28Shdocvw_tlb@IScriptErrorListpx5_GUID$e&@Shdocvw_tlb@IID_IScriptErrorList$%
@Shdocvw_tlb@TCppCScriptErrorList@Disconnect$qqrv
@Shdocvw_tlb@TCppCScriptErrorList@GetDefaultInterface$qv
@Shdocvw_tlb@TCppCScriptErrorList@GetDunk$qqrv
@Shdocvw_tlb@TCppCScriptErrorList@InitServerData$qqrv
@Shdocvw_tlb@TCppInternetExplorer@
@Shdocvw_tlb@TCppInternetExplorer@
@Shdocvw_tlb@TCppInternetExplorer@
@Shdocvw_tlb@TCppInternetExplorer@
@Shdocvw_tlb@TCppInternetExplorer@
@Shdocvw_tlb@TCppInternetExplorer@
@Shdocvw_tlb@TCppInternetExplorer@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppInternetExplorer@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppInternetExplorer@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppInternetExplorer@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppInternetExplorer@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppInternetExplorer@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppInternetExplorer@BeforeDestruction$qqrv
@Shdocvw_tlb@TCppInternetExplorer@Connect$qqrv
@Shdocvw_tlb@TCppInternetExplorer@ConnectTo$qqr83%TComInterface$24Shdocvw_tlb@IWebBrowser2px5_GUID$e&@Shdocvw_tlb@IID_IWebBrowser2$%
@Shdocvw_tlb@TCppInternetExplorer@Disconnect$qqrv
@Shdocvw_tlb@TCppInternetExplorer@GetDefaultInterface$qv
@Shdocvw_tlb@TCppInternetExplorer@GetDunk$qqrv
@Shdocvw_tlb@TCppInternetExplorer@InitServerData$qqrv
@Shdocvw_tlb@TCppInternetExplorer@InvokeEvent$qqrir42System@%DynamicArray$t17System@OleVariant%
@Shdocvw_tlb@TCppSearchAssistantOC@
@Shdocvw_tlb@TCppSearchAssistantOC@
@Shdocvw_tlb@TCppSearchAssistantOC@
@Shdocvw_tlb@TCppSearchAssistantOC@
@Shdocvw_tlb@TCppSearchAssistantOC@
@Shdocvw_tlb@TCppSearchAssistantOC@
@Shdocvw_tlb@TCppSearchAssistantOC@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppSearchAssistantOC@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppSearchAssistantOC@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppSearchAssistantOC@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppSearchAssistantOC@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppSearchAssistantOC@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppSearchAssistantOC@BeforeDestruction$qqrv
@Shdocvw_tlb@TCppSearchAssistantOC@Connect$qqrv
@Shdocvw_tlb@TCppSearchAssistantOC@ConnectTo$qqr97%TComInterface$31Shdocvw_tlb@ISearchAssistantOC3px5_GUID$e&@Shdocvw_tlb@IID_ISearchAssistantOC3$%
@Shdocvw_tlb@TCppSearchAssistantOC@Disconnect$qqrv
@Shdocvw_tlb@TCppSearchAssistantOC@GetDefaultInterface$qv
@Shdocvw_tlb@TCppSearchAssistantOC@GetDunk$qqrv
@Shdocvw_tlb@TCppSearchAssistantOC@InitServerData$qqrv
@Shdocvw_tlb@TCppSearchAssistantOC@InvokeEvent$qqrir42System@%DynamicArray$t17System@OleVariant%
@Shdocvw_tlb@TCppShellBrowserWindow@
@Shdocvw_tlb@TCppShellBrowserWindow@
@Shdocvw_tlb@TCppShellBrowserWindow@
@Shdocvw_tlb@TCppShellBrowserWindow@
@Shdocvw_tlb@TCppShellBrowserWindow@
@Shdocvw_tlb@TCppShellBrowserWindow@
@Shdocvw_tlb@TCppShellBrowserWindow@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellBrowserWindow@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellBrowserWindow@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellBrowserWindow@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellBrowserWindow@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellBrowserWindow@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellBrowserWindow@BeforeDestruction$qqrv
@Shdocvw_tlb@TCppShellBrowserWindow@Connect$qqrv
@Shdocvw_tlb@TCppShellBrowserWindow@ConnectTo$qqr83%TComInterface$24Shdocvw_tlb@IWebBrowser2px5_GUID$e&@Shdocvw_tlb@IID_IWebBrowser2$%
@Shdocvw_tlb@TCppShellBrowserWindow@Disconnect$qqrv
@Shdocvw_tlb@TCppShellBrowserWindow@GetDefaultInterface$qv
@Shdocvw_tlb@TCppShellBrowserWindow@GetDunk$qqrv
@Shdocvw_tlb@TCppShellBrowserWindow@InitServerData$qqrv
@Shdocvw_tlb@TCppShellBrowserWindow@InvokeEvent$qqrir42System@%DynamicArray$t17System@OleVariant%
@Shdocvw_tlb@TCppShellUIHelper@
@Shdocvw_tlb@TCppShellUIHelper@
@Shdocvw_tlb@TCppShellUIHelper@
@Shdocvw_tlb@TCppShellUIHelper@
@Shdocvw_tlb@TCppShellUIHelper@
@Shdocvw_tlb@TCppShellUIHelper@
@Shdocvw_tlb@TCppShellUIHelper@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellUIHelper@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellUIHelper@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellUIHelper@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellUIHelper@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellUIHelper@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellUIHelper@BeforeDestruction$qqrv
@Shdocvw_tlb@TCppShellUIHelper@Connect$qqrv
@Shdocvw_tlb@TCppShellUIHelper@ConnectTo$qqr87%TComInterface$26Shdocvw_tlb@IShellUIHelperpx5_GUID$e&@Shdocvw_tlb@IID_IShellUIHelper$%
@Shdocvw_tlb@TCppShellUIHelper@Disconnect$qqrv
@Shdocvw_tlb@TCppShellUIHelper@GetDefaultInterface$qv
@Shdocvw_tlb@TCppShellUIHelper@GetDunk$qqrv
@Shdocvw_tlb@TCppShellUIHelper@InitServerData$qqrv
@Shdocvw_tlb@TCppShellWindows@
@Shdocvw_tlb@TCppShellWindows@
@Shdocvw_tlb@TCppShellWindows@
@Shdocvw_tlb@TCppShellWindows@
@Shdocvw_tlb@TCppShellWindows@
@Shdocvw_tlb@TCppShellWindows@
@Shdocvw_tlb@TCppShellWindows@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellWindows@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellWindows@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellWindows@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellWindows@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellWindows@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellWindows@BeforeDestruction$qqrv
@Shdocvw_tlb@TCppShellWindows@Connect$qqrv
@Shdocvw_tlb@TCppShellWindows@ConnectTo$qqr85%TComInterface$25Shdocvw_tlb@IShellWindowspx5_GUID$e&@Shdocvw_tlb@IID_IShellWindows$%
@Shdocvw_tlb@TCppShellWindows@Disconnect$qqrv
@Shdocvw_tlb@TCppShellWindows@GetDefaultInterface$qv
@Shdocvw_tlb@TCppShellWindows@GetDunk$qqrv
@Shdocvw_tlb@TCppShellWindows@InitServerData$qqrv
@Shdocvw_tlb@TCppShellWindows@InvokeEvent$qqrir42System@%DynamicArray$t17System@OleVariant%
@Shdocvw_tlb@TCppWebBrowser@
@Shdocvw_tlb@TCppWebBrowser@
@Shdocvw_tlb@TCppWebBrowser@
@Shdocvw_tlb@TCppWebBrowser@
@Shdocvw_tlb@TCppWebBrowser@
@Shdocvw_tlb@TCppWebBrowser@
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrp6HWND__
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrpv
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrpv
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrpv
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrpv
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrpv
@Shdocvw_tlb@TCppWebBrowser@CControlData
@Shdocvw_tlb@TCppWebBrowser@ClientToWindow$qqrpit1
@Shdocvw_tlb@TCppWebBrowser@CreateControl$qqrv
@Shdocvw_tlb@TCppWebBrowser@DEF_CTL_INTF
@Shdocvw_tlb@TCppWebBrowser@EventDispIDs
@Shdocvw_tlb@TCppWebBrowser@ExecWB$qqr20Shdocvw_tlb@OLECMDID25Shdocvw_tlb@OLECMDEXECOPTp10tagVARIANTt3
@Shdocvw_tlb@TCppWebBrowser@GetDefaultInterface$qqrv
@Shdocvw_tlb@TCppWebBrowser@GetProperty$qqrpb
@Shdocvw_tlb@TCppWebBrowser@GetWordBoolProp$qqri
@Shdocvw_tlb@TCppWebBrowser@GetWordBoolProp$qqri
@Shdocvw_tlb@TCppWebBrowser@GetWordBoolProp$qqri
@Shdocvw_tlb@TCppWebBrowser@GetWordBoolProp$qqri
@Shdocvw_tlb@TCppWebBrowser@GetWordBoolProp$qqri
@Shdocvw_tlb@TCppWebBrowser@GetWordBoolProp$qqri
@Shdocvw_tlb@TCppWebBrowser@GoBack$qqrv
@Shdocvw_tlb@TCppWebBrowser@GoForward$qqrv
@Shdocvw_tlb@TCppWebBrowser@GoHome$qqrv
@Shdocvw_tlb@TCppWebBrowser@GoSearch$qqrv
@Shdocvw_tlb@TCppWebBrowser@InitControlData$qqrv
@Shdocvw_tlb@TCppWebBrowser@Navigate$qqrpbp10tagVARIANTt2t2t2
@Shdocvw_tlb@TCppWebBrowser@Navigate2$qqrp10tagVARIANTt1t1t1t1
@Shdocvw_tlb@TCppWebBrowser@OptParam
@Shdocvw_tlb@TCppWebBrowser@PutProperty$qqrpb10tagVARIANT
@Shdocvw_tlb@TCppWebBrowser@QueryStatusWB$qqr20Shdocvw_tlb@OLECMDID
@Shdocvw_tlb@TCppWebBrowser@Quit$qqrv
@Shdocvw_tlb@TCppWebBrowser@Refresh$qqrv
@Shdocvw_tlb@TCppWebBrowser@Refresh2$qqrp10tagVARIANT
@Shdocvw_tlb@TCppWebBrowser@SetWordBoolProp$qqrio
@Shdocvw_tlb@TCppWebBrowser@SetWordBoolProp$qqrio
@Shdocvw_tlb@TCppWebBrowser@SetWordBoolProp$qqrio
@Shdocvw_tlb@TCppWebBrowser@SetWordBoolProp$qqrio
@Shdocvw_tlb@TCppWebBrowser@SetWordBoolProp$qqrio
@Shdocvw_tlb@TCppWebBrowser@SetWordBoolProp$qqrio
@Shdocvw_tlb@TCppWebBrowser@ShowBrowserBar$qqrp10tagVARIANTt1t1
@Shdocvw_tlb@TCppWebBrowser@Stop$qqrv
@Shdocvw_tlb@TCppWebBrowser@get_Application$qqrv
@Shdocvw_tlb@TCppWebBrowser@get_Container$qqrv
@Shdocvw_tlb@TCppWebBrowser@get_Document$qqrv
@Shdocvw_tlb@TCppWebBrowser@get_Parent$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@
@Shdocvw_tlb@TCppWebBrowser_V1@
@Shdocvw_tlb@TCppWebBrowser_V1@
@Shdocvw_tlb@TCppWebBrowser_V1@
@Shdocvw_tlb@TCppWebBrowser_V1@
@Shdocvw_tlb@TCppWebBrowser_V1@
@Shdocvw_tlb@TCppWebBrowser_V1@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser_V1@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser_V1@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser_V1@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser_V1@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser_V1@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser_V1@$bctr$qqrp6HWND__
@Shdocvw_tlb@TCppWebBrowser_V1@$bctr$qqrpv
@Shdocvw_tlb@TCppWebBrowser_V1@$bctr$qqrpv
@Shdocvw_tlb@TCppWebBrowser_V1@$bctr$qqrpv
@Shdocvw_tlb@TCppWebBrowser_V1@$bctr$qqrpv
@Shdocvw_tlb@TCppWebBrowser_V1@$bctr$qqrpv
@Shdocvw_tlb@TCppWebBrowser_V1@CControlData
@Shdocvw_tlb@TCppWebBrowser_V1@CreateControl$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@DEF_CTL_INTF
@Shdocvw_tlb@TCppWebBrowser_V1@EventDispIDs
@Shdocvw_tlb@TCppWebBrowser_V1@GetDefaultInterface$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@GoBack$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@GoForward$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@GoHome$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@GoSearch$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@InitControlData$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@Navigate$qqrpbp10tagVARIANTt2t2t2
@Shdocvw_tlb@TCppWebBrowser_V1@OptParam
@Shdocvw_tlb@TCppWebBrowser_V1@Refresh$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@Refresh2$qqrp10tagVARIANT
@Shdocvw_tlb@TCppWebBrowser_V1@Stop$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@get_Application$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@get_Container$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@get_Document$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@get_Parent$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@
@Shdocvw_tlb@TShellFavoritesNameSpace@
@Shdocvw_tlb@TShellFavoritesNameSpace@
@Shdocvw_tlb@TShellFavoritesNameSpace@
@Shdocvw_tlb@TShellFavoritesNameSpace@
@Shdocvw_tlb@TShellFavoritesNameSpace@
@Shdocvw_tlb@TShellFavoritesNameSpace@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TShellFavoritesNameSpace@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TShellFavoritesNameSpace@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TShellFavoritesNameSpace@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TShellFavoritesNameSpace@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TShellFavoritesNameSpace@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TShellFavoritesNameSpace@BeforeDestruction$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@Connect$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@ConnectTo$qqr89%TComInterface$27Shdocvw_tlb@IShellNameSpacepx5_GUID$e&@Shdocvw_tlb@IID_IShellNameSpace$%
@Shdocvw_tlb@TShellFavoritesNameSpace@Disconnect$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@GetDefaultInterface$qv
@Shdocvw_tlb@TShellFavoritesNameSpace@GetDunk$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@InitServerData$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@InvokeEvent$qqrir42System@%DynamicArray$t17System@OleVariant%
_Form1
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 673KB - Virtual size: 676KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 233KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

2b:28:5e:33:de:99:deCertificate

Extended Key Usages

Key Usages

4c:95:f7:15:4b:8a:fe:85:66:00:77:2f:a0:c2:c5:3c:08:2a:29:efSigner

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 712KB

UPX1 Size: 351KB - Virtual size: 352KB

.rsrc Size: 19KB - Virtual size: 20KB

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 673KB - Virtual size: 676KB

.data Size: 233KB - Virtual size: 252KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 11KB - Virtual size: 12KB

.edata Size: 17KB - Virtual size: 20KB

.rsrc Size: 33KB - Virtual size: 36KB

.reloc Size: 45KB - Virtual size: 48KB

2b:28:5e:33:de:99:de
Certificate

4c:95:f7:15:4b:8a:fe:85:66:00:77:2f:a0:c2:c5:3c:08:2a:29:ef
Signer

UPX0
Size: - Virtual size: 712KB

UPX1
Size: 351KB - Virtual size: 352KB

.rsrc
Size: 19KB - Virtual size: 20KB

.text
Size: 673KB - Virtual size: 676KB

.data
Size: 233KB - Virtual size: 252KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 11KB - Virtual size: 12KB

.edata
Size: 17KB - Virtual size: 20KB

.rsrc
Size: 33KB - Virtual size: 36KB

.reloc
Size: 45KB - Virtual size: 48KB