eecee9c3e0acc41cb614b37b5a196a22_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eecee9c3e0acc41cb614b37b5a196a22_JaffaCakes118
Size

686KB
MD5

eecee9c3e0acc41cb614b37b5a196a22
SHA1

32dae8756cda23b88ad535bd52f096a02dbfe211
SHA256

6202ae81126efa08d736ac9fbbd7582a4036bc1039ce334b36e03b3f10ced570
SHA512

a407b637924de14723e3aa2733728b997910c7133c0f7786be2f5bdc302a60e9fa39ec27592900153c59bab56ff4296ac4c19511f43bf46ab59d3b661d83117b
SSDEEP

12288:ZNcJ1oEJseeRGFya5e5esq0ulVTN/ZLngeGntRXHvN3oTz6lYe3dey5D/iuM:vcfoEJsrcw0sPunhRLpMRXF3ezyYmde3

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/外挂破解版/更新程序.exe	upx

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/外挂破解版/UNWISE.EXE
unpack001/外挂破解版/V2AudioCodec.dll
unpack001/外挂破解版/V2Communicator.exe
unpack001/外挂破解版/plugins/v2smsg.dll
unpack001/外挂破解版/更新程序.exe
unpack002/out.upx

Files

eecee9c3e0acc41cb614b37b5a196a22_JaffaCakes118
.rar
外挂破解版/AutoReply.vmd
外挂破解版/CallBack.wav
外挂破解版/INSTALL.LOG
外挂破解版/Ring.wav
外挂破解版/UNWISE.EXE
.exe windows:4 windows x86 arch:x86

3d63d7d1531d0edfa02fa4fcef7eaac1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
FindFirstFileA
FindNextFileA
MoveFileExA
GetVersionExA
RemoveDirectoryA
GetPrivateProfileStringA
GetLocalTime
CreateDirectoryA
LoadResource
LockResource
GetFileAttributesA
LoadLibraryA
GlobalLock
DeleteFileA
FreeResource
SetErrorMode
lstrcatA
GetWindowsDirectoryA
FreeLibrary
GlobalUnlock
GlobalFree
SizeofResource
_lcreat
_lwrite
_lclose
WinExec
CreateProcessA
WaitForSingleObject
WritePrivateProfileStringA
GetProcAddress
lstrcpynA
FileTimeToLocalFileTime
MultiByteToWideChar
GetFileTime
_lread
FileTimeToDosDateTime
_llseek
_lopen
GetDriveTypeA
GetSystemDirectoryA
MulDiv
lstrcmpA
lstrcmpiA
lstrcpyA
GetModuleFileNameA
lstrlenA
CopyFileA
GetTempPathA
GetTempFileNameA
GetPrivateProfileIntA
FindResourceA
GlobalAlloc
FindClose
FreeEnvironmentStringsA
HeapReAlloc
VirtualAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsW
VirtualFree
HeapCreate
OpenFile
ReadFile
SetFilePointer
WriteFile
GetStdHandle
SetHandleCount
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WideCharToMultiByte
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapFree
HeapAlloc
MoveFileA
CreateFileA
GetFileType
SetEndOfFile
CloseHandle
GetFullPathNameA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
GetLastError
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
GetCPInfo
GetOEMCP
HeapDestroy
GetACP

user32

RegisterClassA
LoadIconA
UpdateWindow
ShowWindow
LoadBitmapA
PeekMessageA
SetTimer
TranslateMessage
CreateWindowExA
GetSystemMetrics
SetWindowTextA
GetMessageA
GetSysColor
LoadCursorA
SetCursor
EnableWindow
IsWindowVisible
CreateDialogParamA
IsDialogMessageA
PostMessageA
MessageBoxA
wsprintfA
ExitWindowsEx
EndPaint
PostQuitMessage
GetClientRect
BeginPaint
ReleaseDC
InvalidateRect
GetDC
DefWindowProcA
MoveWindow
GetWindowRect
SetDlgItemTextA
EndDialog
GetDlgItemTextA
SetRect
ScreenToClient
GetDlgItem
GetWindowTextA
SendDlgItemMessageA
SetFocus
OemToCharA
CharNextA
GetDialogBaseUnits
FillRect
DrawIcon
LoadStringA
GetParent
EnumChildWindows
FindWindowA
SendMessageA
DdeCreateDataHandle
DdeInitializeA
DdeConnect
DestroyWindow
DdeClientTransaction
DdeDisconnect
DdeUninitialize
DialogBoxParamA
DispatchMessageA
KillTimer
DdeFreeDataHandle
DdeGetData
DdeCreateStringHandleA

gdi32

DeleteObject
GetTextExtentPointA
TextOutA
GetObjectA
SetBkMode
CreateFontA
SetTextColor
DeleteDC
BitBlt
GetDeviceCaps
PatBlt
CreateSolidBrush
CreateCompatibleDC
RealizePalette
SelectPalette
SelectObject
SetBkColor
MoveToEx
ExtTextOutA
LineTo
CreateFontIndirectA
CreatePen
CreateCompatibleBitmap
CreateDIBitmap
StretchBlt
GetStockObject
CreatePalette

comdlg32

GetOpenFileNameA

advapi32

RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
CloseServiceHandle
OpenSCManagerA
RegSetValueA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA
RegEnumValueA
RegDeleteValueA
RegEnumKeyA
RegOpenKeyA
DeleteService
ControlService
OpenServiceA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

Exports

Exports

_ItemDlg@16
_MainWndProc@16
_PromptDlg@16
_SharedDlg@16

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
外挂破解版/V2AudioCodec.dll
.dll windows:4 windows x86 arch:x86

0b34e5ee59e99efd7db10aabfd7df94f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

waveOutPrepareHeader
waveOutWrite
waveOutClose
waveOutReset
waveInClose
waveInUnprepareHeader
waveInAddBuffer
waveOutUnprepareHeader
waveInPrepareHeader
waveInStop
waveInStart
waveInOpen
waveOutOpen
waveInReset

kernel32

GetProcessVersion
GetCPInfo
WideCharToMultiByte
GetCurrentProcess
MultiByteToWideChar
GetOEMCP
WriteFile
FlushFileBuffers
SetFilePointer
RtlUnwind
HeapFree
GetCommandLineA
HeapAlloc
ExitProcess
TerminateProcess
CreateThread
ExitThread
InterlockedIncrement
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
WritePrivateProfileStringA
GlobalFlags
GetLastError
SetLastError
SetErrorMode
InterlockedDecrement
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
LoadLibraryA
FreeLibrary
GlobalFindAtomA
GetModuleHandleA
GetProcAddress
lstrcatA
lstrcpyA
lstrlenA
lstrcpynA
GlobalGetAtomNameA
GlobalAddAtomA
GetVersion
SuspendThread
ResumeThread
GetModuleFileNameA
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
ReleaseMutex
CreateMutexA
GlobalHandle
GlobalUnlock
GlobalFree
WaitForSingleObject
SetThreadPriority
CloseHandle
CreateEventA
ResetEvent
GlobalAlloc
GlobalLock
SetEvent
HeapSize
RaiseException
GetACP

user32

GetWindowPlacement
SystemParametersInfoA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
DefWindowProcA
GetWindowTextA
RegisterClassA
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
GetClientRect
DeferWindowPos
ScreenToClient
AdjustWindowRectEx
GetSysColor
MapWindowPoints
SetWindowTextA
UnregisterClassA
ClientToScreen
GetDC
ReleaseDC
TabbedTextOutA
DrawTextA
GrayStringA
GetClassNameA
PtInRect
GetWindowRect
LoadCursorA
GetSysColorBrush
LoadStringA
GetSystemMetrics
BringWindowToTop
IsIconic
EqualRect
CopyRect
GetDlgItem
InvalidateRect
SetWindowLongA
wsprintfA
SetWindowPos
GetDlgCtrlID
UpdateWindow
GetMenuItemCount
GetSubMenu
GetMenuItemID
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
GetMenu
LoadIconA
GetClassInfoA
LoadMenuA
DestroyMenu
SetFocus
ShowWindow
IsWindow
GetDesktopWindow
GetWindow
GetCapture
ReleaseCapture
LoadAcceleratorsA
SetRectEmpty
RegisterWindowMessageA
GetMenuCheckMarkDimensions
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SetCursor
ShowOwnedPopups
SendMessageA
PostMessageA
PostQuitMessage
GetMenuState
LoadBitmapA
GetFocus
TranslateAcceleratorA

gdi32

Escape
ExtTextOutA
GetObjectA
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SetBkColor
SetTextColor
GetClipBox
DeleteObject
GetDeviceCaps
PtVisible
RectVisible
CreateBitmap
TextOutA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

shell32

DragQueryFileA
DragFinish

comctl32

ord17

Exports

Exports

??0CV2Audio@@QAE@ABV0@@Z
??0CV2Audio@@QAE@XZ
??1CV2Audio@@UAE@XZ
??4CV2Audio@@QAEAAV0@ABV0@@Z
??_7CV2Audio@@6B@
?AddRecvList@CV2Audio@@QAEXPAX@Z
?FreeResource@CV2Audio@@QAEXXZ
?Init@CV2Audio@@QAEHIIII@Z
?Playdone@CV2Audio@@UAEXH@Z
?RecordDone@CV2Audio@@UAEXH@Z
?Send@CV2Audio@@UAEXPAUSOUND@@@Z

Sections

.text
Size: 136KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
外挂破解版/V2Communicator.exe
.exe windows:4 windows x86 arch:x86

c8139b6d47fd2edaf55a277d4454c8ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mixerGetLineControlsA
sndPlaySoundA
mixerOpen
mixerClose
mixerGetControlDetailsA
mixerSetControlDetails
mixerGetDevCapsA
mixerGetLineInfoA
mixerGetNumDevs

v2audiocodec

??0CV2Audio@@QAE@XZ
?FreeResource@CV2Audio@@QAEXXZ
??1CV2Audio@@UAE@XZ
?AddRecvList@CV2Audio@@QAEXPAX@Z
?Init@CV2Audio@@QAEHIIII@Z
?Send@CV2Audio@@UAEXPAUSOUND@@@Z
?RecordDone@CV2Audio@@UAEXH@Z
?Playdone@CV2Audio@@UAEXH@Z

kernel32

HeapFree
HeapAlloc
RtlUnwind
GetLocalTime
CreateDirectoryA
SetEnvironmentVariableA
SetCurrentDirectoryA
GetDriveTypeA
GetStartupInfoA
ExitProcess
GetTimeZoneInformation
HeapReAlloc
RaiseException
TerminateProcess
GetACP
HeapSize
ExitThread
GetFileType
HeapDestroy
HeapCreate
GetCurrentDirectoryA
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStdHandle
CompareStringA
SetStdHandle
SetHandleCount
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetCPInfo
VirtualFree
SetErrorMode
GlobalGetAtomNameA
GlobalDeleteAtom
GetCommandLineA
GlobalAddAtomA
CreateMutexA
lstrlenA
GlobalHandle
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
LoadLibraryA
GetProcAddress
FreeLibrary
GetLastError
Sleep
GetSystemDirectoryA
GetSystemTime
WritePrivateProfileSectionA
WritePrivateProfileStringA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
InterlockedIncrement
GetTempPathA
GetTempFileNameA
SetEvent
ResetEvent
DeleteFileA
WaitForSingleObject
TerminateThread
CloseHandle
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateEventA
GetProfileStringA
GetOEMCP
TlsGetValue
GlobalFlags
GetProcessVersion
GlobalReAlloc
LocalReAlloc
TlsSetValue
FileTimeToLocalFileTime
TlsFree
TlsAlloc
lstrcmpA
FileTimeToSystemTime
GetCurrentThread
GetFileSize
GetFileTime
GetThreadLocale
GetFileAttributesA
GetVolumeInformationA
GetFullPathNameA
LockFile
SetEndOfFile
UnlockFile
WriteFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
ReadFile
CreateFileA
VirtualProtect
DuplicateHandle
MulDiv
LocalFree
SetLastError
FormatMessageA
LocalAlloc
lstrcpynA
lstrcmpiA
GetVersion
lstrcatA
SuspendThread
GlobalFindAtomA
GetModuleHandleA
MultiByteToWideChar
GetCurrentThreadId
ResumeThread
GetModuleFileNameA
WideCharToMultiByte
InterlockedDecrement
LoadResource
CopyFileA
FindResourceA
MoveFileA
SizeofResource
LockResource
FindClose
FindFirstFileA
FindNextFileA
SetThreadPriority
WinExec
GetTickCount
IsBadReadPtr
lstrcpyA
IsBadCodePtr
CreateThread
CompareStringW

user32

EndPaint
CharUpperA
BeginPaint
DestroyMenu
WindowFromPoint
PostQuitMessage
ShowOwnedPopups
SetWindowContextHelpId
InvertRect
SetRectEmpty
ReuseDDElParam
UnpackDDElParam
GetSysColorBrush
GetClassNameA
MessageBeep
CharNextA
CopyAcceleratorTableA
GetNextDlgGroupItem
RegisterClipboardFormatA
PostThreadMessageA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
MapWindowPoints
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
IsChild
WinHelpA
GetClassInfoA
RegisterClassA
GetMenuItemID
TrackPopupMenu
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
GetForegroundWindow
SetWindowPos
GetWindowPlacement
GetNextDlgTabItem
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
TranslateMessage
GetKeyState
CallNextHookEx
ValidateRect
PeekMessageA
GetAsyncKeyState
MapDialogRect
IsWindowEnabled
CallWindowProcA
SetForegroundWindow
GetLastActivePopup
IsRectEmpty
RegisterWindowMessageA
SetCursorPos
SetWindowLongA
SetWindowRgn
LoadBitmapA
SetDlgItemInt
GetMenuState
DrawIconEx
DrawEdge
GetWindowRgn
GetCaretPos
GetIconInfo
BringWindowToTop
IsCharAlphaA
SetParent
SendDlgItemMessageA
SetFocus
SystemParametersInfoA
CheckMenuItem
DeleteMenu
ModifyMenuA
GetMessageA
DispatchMessageA
IsMenu
LoadAcceleratorsA
TranslateAcceleratorA
IntersectRect
KillTimer
RemovePropA
GetFocus
GetCursorPos
IsIconic
GetSystemMetrics
DrawIcon
IsWindow
GetSystemMenu
SetPropA
LoadIconA
GetDesktopWindow
GetWindow
GetPropA
IsWindowVisible
ShowWindow
GetDC
SetRect
UpdateWindow
LoadCursorA
MessageBoxA
GetDlgItem
GetWindowRect
MoveWindow
ScreenToClient
GetWindowDC
ReleaseDC
wsprintfA
CreatePopupMenu
InsertMenuA
AppendMenuA
GetMenu
EnableMenuItem
GetSubMenu
LoadMenuA
SetMenu
SetTimer
ClientToScreen
LockWindowUpdate
GrayStringA
DrawTextA
TabbedTextOutA
LoadStringA
wvsprintfA
SetWindowTextA
IsDialogMessageA
SetWindowsHookExA
GetTabbedTextExtentA
SetCursor
GetWindowLongA
CopyRect
FrameRect
InflateRect
FillRect
GetSysColor
OffsetRect
DrawStateA
DrawFocusRect
GetActiveWindow
GetCapture
SetCapture
GetClientRect
PtInRect
ReleaseCapture
InvalidateRect
LoadImageA
RedrawWindow
DestroyIcon
DestroyCursor
GetParent
PostMessageA
EnableWindow
SendMessageA
GetMenuItemCount
CreateIconIndirect
SetDlgItemTextA
IsWindowUnicode
DefDlgProcA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn

gdi32

BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBitmap
PtVisible
RectVisible
Escape
TextOutA
ExtTextOutA
EnumFontFamiliesExA
GetBkColor
CreateSolidBrush
GetBitmapDimensionEx
DeleteObject
GetCurrentObject
GetObjectA
StretchBlt
GetTextExtentPoint32A
GetTextExtentPointA
CreateFontIndirectA
GetStockObject
RestoreDC
SetViewportOrgEx
OffsetViewportOrgEx
SetMapMode
ScaleViewportExtEx
SetWindowOrgEx
SetViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
SaveDC
GetDeviceCaps
GetViewportExtEx
CreatePen
GetWindowExtEx
GetTextMetricsA
GetMapMode
CreateDCA
DPtoLP
LPtoDP
DeleteDC
PatBlt
GetClipBox
SetTextColor
CreateRoundRectRgn
SetBkColor
FrameRgn
CreateRectRgnIndirect
GetTextColor
SetBkMode
GetRgnBox
CreateBitmap
CreateRectRgn
SetBitmapDimensionEx

comdlg32

PrintDlgA
GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA

shell32

DragQueryFileA
DragFinish
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
Shell_NotifyIconA
ShellExecuteA

comctl32

ImageList_ReplaceIcon
DestroyPropertySheetPage
PropertySheetA
CreatePropertySheetPageA
ImageList_Create
ImageList_Destroy
ImageList_LoadImageA
ord17
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_DragShowNolock
ImageList_BeginDrag
ImageList_SetImageCount
ImageList_EndDrag
_TrackMouseEvent

oledlg

ord8

ole32

CreateStreamOnHGlobal
CLSIDFromProgID
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CLSIDFromString
StgOpenStorageOnILockBytes
CoGetClassObject
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes

olepro32

ord253
ord251

oleaut32

SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString
SysAllocStringByteLen
SysStringLen

wsock32

getsockname
gethostname
listen
ntohs
shutdown
accept
WSACleanup
WSAStartup
WSASetLastError
WSAGetLastError
htons
ntohl
gethostbyname
bind
closesocket
recv
send
WSAAsyncSelect
inet_ntoa
socket
recvfrom
sendto
connect
inet_addr
htonl
getpeername
ioctlsocket

wininet

InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetCloseHandle
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenUrlA
InternetGetLastResponseInfoA
InternetOpenA

Exports

Exports

??0CV2Audio@@QAE@ABV0@@Z
??4CV2Audio@@QAEAAV0@ABV0@@Z
??_7CV2Audio@@6B@

Sections

.text
Size: 428KB - Virtual size: 425KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
外挂破解版/buddycome.wav
外挂破解版/iphone.cfg
外挂破解版/plugins/v2smsg.dll
.dll windows:4 windows x86 arch:x86

18f82f7d3642b0498e40de724365afdb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RtlUnwind
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
ExitProcess
TerminateProcess
HeapSize
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
RaiseException
HeapFree
GetACP
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
LockResource
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
WriteFile
GetCurrentProcess
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
GetLastError
lstrcpynA
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
GetModuleHandleA
GlobalDeleteAtom
GetStartupInfoA
GetProcAddress
GetModuleFileNameA
CloseHandle
GetCurrentThread
GlobalAlloc
lstrcmpA
GlobalFree
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
GlobalUnlock
InterlockedIncrement
GlobalLock
InterlockedDecrement
MulDiv
SetLastError
FindResourceA
LoadLibraryA
FreeLibrary
FreeEnvironmentStringsA
LoadResource
FreeEnvironmentStringsW
GetStdHandle
GetFileType
lstrcpyA

user32

IsWindowVisible
ScreenToClient
AdjustWindowRectEx
SetFocus
SetActiveWindow
DispatchMessageA
PeekMessageA
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
PostMessageA
GetDlgItemInt
SetDlgItemInt
SetDlgItemTextA
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
IsWindowEnabled
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
ClientToScreen
GetDC
ReleaseDC
LoadStringA
DestroyMenu
CreateDialogIndirectParamA
EndDialog
wvsprintfA
PostQuitMessage
GetCursorPos
ValidateRect
TranslateMessage
GetMessageA
UnregisterClassA
GetClassNameA
LoadCursorA
GetSysColorBrush
GetTopWindow
RegisterClassA
GetMenu
GetSubMenu
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
TranslateAcceleratorA
LoadAcceleratorsA
SetTimer
GetMenuItemID
SetMenuItemInfoA
GetSystemMetrics
GetWindowRect
GetFocus
GetNextDlgTabItem
IsWindow
BringWindowToTop
GetDesktopWindow
wsprintfA
MessageBoxA
InsertMenuA
CreatePopupMenu
AppendMenuA
LoadIconA
EnableWindow
GrayStringA
DrawTextA
TabbedTextOutA
SetCursor
GetWindowLongA
CopyRect
GetSysColor
SendMessageA
GetActiveWindow
GetParent
GetCapture
SetCapture
GetClientRect
GetClassInfoA
WinHelpA
GetMenuItemCount
PtInRect
ReleaseCapture
InvalidateRect
SetWindowPos
SetWindowLongA
GetLastActivePopup

gdi32

PtVisible
TextOutA
ExtTextOutA
RectVisible
GetClipBox
Escape
SetBkColor
GetObjectA
SetTextColor
DeleteDC
CreateBitmap
RestoreDC
GetStockObject
SaveDC
SetMapMode
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
DeleteObject
SetWindowExtEx
ScaleWindowExtEx
GetDeviceCaps
SelectObject
SetViewportOrgEx

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA

comctl32

ord17

Exports

Exports

InitV2Plugin

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
外挂破解版/refuse.wav
外挂破解版/resolve.wav
外挂破解版/textrcv.wav
外挂破解版/textsend.wav
外挂破解版/users.cfg
外挂破解版/免责声明 .txt
外挂破解版/常见问题.txt
外挂破解版/更新程序.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d63d7d1531d0edfa02fa4fcef7eaac1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

Exports

Exports

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 5KB - Virtual size: 7KB

.rsrc Size: 73KB - Virtual size: 73KB

0b34e5ee59e99efd7db10aabfd7df94f

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

Exports

Exports

Sections

.text Size: 136KB - Virtual size: 134KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 48KB - Virtual size: 63KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 16KB - Virtual size: 12KB

c8139b6d47fd2edaf55a277d4454c8ac

Headers

File Characteristics

Imports

winmm

v2audiocodec

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

wininet

Exports

Exports

Sections

.text Size: 428KB - Virtual size: 425KB

.rdata Size: 112KB - Virtual size: 109KB

.data Size: 20KB - Virtual size: 45KB

.rsrc Size: 264KB - Virtual size: 263KB

18f82f7d3642b0498e40de724365afdb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

Exports

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 5KB - Virtual size: 7KB

.rsrc
Size: 73KB - Virtual size: 73KB

.text
Size: 136KB - Virtual size: 134KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 48KB - Virtual size: 63KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 16KB - Virtual size: 12KB

.text
Size: 428KB - Virtual size: 425KB

.rdata
Size: 112KB - Virtual size: 109KB

.data
Size: 20KB - Virtual size: 45KB

.rsrc
Size: 264KB - Virtual size: 263KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 20KB - Virtual size: 16KB

.reloc
Size: 16KB - Virtual size: 13KB

UPX0
Size: - Virtual size: 48KB

UPX1
Size: 26KB - Virtual size: 28KB

.rsrc
Size: 512B - Virtual size: 4KB

.data
Size: 6KB - Virtual size: 5KB

.CRT
Size: 512B - Virtual size: 4B

.rsrc
Size: 53KB - Virtual size: 53KB