0494a197fb7ae0b1fd5d318cff78eee1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0494a197fb7ae0b1fd5d318cff78eee1_JaffaCakes118
Size

427KB
MD5

0494a197fb7ae0b1fd5d318cff78eee1
SHA1

be0f135a378f2e13f28e0188dbae772e3a2213d4
SHA256

a8546b010534de1b6a929e5c888223b238476a151c8bba0a3a0fee38eef824b9
SHA512

5fe697390cd5dce1afdeb3c90fa6c4e67451855814d38f2a755514e5f6ac72151bb5e238841cb129e302cc6942d43239734e42ef2a62aa572f9c0971858c13f2
SSDEEP

12288:AbTQss/5Y4b8ag5M+iz844yHcZ96zeVImz38MAnLkGWC7Dt:gTHlY8TlVIO8J

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/埃文手机电子书制作器 V2.0 特别版IBookMaker2.0/IvanBook.exe
unpack001/埃文手机电子书制作器 V2.0 特别版IBookMaker2.0/Start.exe
unpack001/埃文手机电子书制作器 V2.0 特别版IBookMaker2.0/key_anBookMaker 2.0.exe
unpack001/埃文手机电子书制作器 V2.0 特别版IBookMaker2.0/unrar.dll

Files

0494a197fb7ae0b1fd5d318cff78eee1_JaffaCakes118
.rar
埃文手机电子书制作器 V2.0 特别版IBookMaker2.0/Dat/EBook.jar
.zip
FormBook.class
Java.png
.png
a.class
b.class
c.class
d.class
e.class
f.class
g.class
埃文手机电子书制作器 V2.0 特别版IBookMaker2.0/Dat/Er.dat
埃文手机电子书制作器 V2.0 特别版IBookMaker2.0/FVersion.ini
埃文手机电子书制作器 V2.0 特别版IBookMaker2.0/IvanBook.exe
.exe windows:4 windows x86 arch:x86

fb382b0204ebd38e91cadddcdde4f30f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Dgs\Jz\Net\EBook2\Release\EBook.pdb

Imports

kernel32

GetTickCount
ExitProcess
RtlUnwind
HeapFree
HeapAlloc
GetTimeFormatA
GetDateFormatA
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
SetEnvironmentVariableA
TerminateProcess
HeapSize
SetStdHandle
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetStringTypeA
SetErrorMode
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetHandleCount
GetStdHandle
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
InterlockedIncrement
GlobalFlags
GetFileTime
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFullPathNameA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
LeaveCriticalSection
EnterCriticalSection
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
WritePrivateProfileStringA
WaitForSingleObject
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
GetProfileIntA
InterlockedDecrement
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetModuleHandleA
SetLastError
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetTempPathA
GetTempFileNameA
GetCurrentDirectoryA
SetVolumeLabelA
GetDiskFreeSpaceA
GetDriveTypeA
GetFileAttributesA
SetFileAttributesA
FormatMessageA
LocalFree
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
CompareStringW
CompareStringA
lstrcmpiA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrcpynA
GetWindowsDirectoryA
lstrcatA
lstrlenA
WinExec
lstrcpyA
CopyFileA
DeleteFileA
MoveFileA
GetModuleFileNameA
SetCurrentDirectoryA
CreateDirectoryA
GetPrivateProfileStringA
GetVolumeInformationA
GetLocalTime
CreateFileA
GetFileSize
CloseHandle
MultiByteToWideChar
GetLastError
LoadLibraryA
GetProcAddress
FreeLibrary
MulDiv
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetStringTypeW
InterlockedExchange

user32

RegisterClipboardFormatA
PostThreadMessageA
GetSysColorBrush
WindowFromPoint
DestroyMenu
SetWindowContextHelpId
MapDialogRect
TranslateMessage
ValidateRect
PostQuitMessage
GetMessageA
GetCursorPos
GetDCEx
SetRectEmpty
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
RegisterWindowMessageA
WinHelpA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageA
MapWindowPoints
MessageBoxA
GetKeyState
SetForegroundWindow
IsWindowVisible
GetMenu
AdjustWindowRectEx
ScreenToClient
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
CharToOemBuffA
OemToCharBuffA
UnregisterClassA
CharUpperA
GetCapture
EqualRect
wsprintfA
SetWindowLongA
LoadCursorA
CopyIcon
MessageBeep
IsWindow
ReleaseCapture
SetCapture
RedrawWindow
ReleaseDC
GetDC
PtInRect
SetCursor
SetRect
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
IsRectEmpty
CharNextA
GetSystemMetrics
LoadIconA
GetFocus
IsIconic
GetSystemMenu
PostMessageA
AppendMenuA
DrawIcon
GetSysColor
LoadImageA
SetActiveWindow
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetParent
InvalidateRect
UpdateWindow
GetClientRect
GetWindowRect
OffsetRect
DrawFocusRect
InflateRect
FillRect
CopyRect
SendMessageA
EnableWindow
GetMessagePos

gdi32

ExtSelectClipRgn
CreatePatternBrush
SetRectRgn
CombineRgn
GetTextColor
GetRgnBox
SetMapMode
SetBkMode
RestoreDC
SaveDC
PatBlt
CreateRectRgnIndirect
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
MoveToEx
LineTo
CreatePen
GetTextExtentPoint32A
SelectObject
DeleteObject
GetStockObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetTextMetricsA
StretchBlt
BitBlt
LPtoDP
DPtoLP
GetMapMode
GetBkColor
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
CreateFontIndirectA
GetDeviceCaps
DeleteDC
CreateSolidBrush

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegQueryValueA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegCreateKeyExA
RegCloseKey

shell32

DragFinish
DragQueryFileA
ShellExecuteA
DragAcceptFiles

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoRevokeClassObject
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard

oleaut32

OleCreateFontIndirect
SysAllocString
SafeArrayDestroy
VariantCopy
SysAllocStringByteLen
SysStringLen
VariantInit
VariantChangeType
VariantClear
VarUdateFromDate
SystemTimeToVariantTime
SysAllocStringLen
SysFreeString

ws2_32

connect
WSAStartup
socket
htons
gethostbyname
send
closesocket
recv

wininet

InternetConnectA
FtpOpenFileA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
InternetQueryDataAvailable

Sections

.text
Size: 292KB - Virtual size: 290KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
埃文手机电子书制作器 V2.0 特别版IBookMaker2.0/IvanBook.ini
埃文手机电子书制作器 V2.0 特别版IBookMaker2.0/OUpdate.ini
埃文手机电子书制作器 V2.0 特别版IBookMaker2.0/Start.exe
.exe windows:4 windows x86 arch:x86

fb07789b26d5326b81af0e0fb0568bfe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

unrar

RAROpenArchiveEx
RARSetCallback
RARReadHeader
RARProcessFile
RARCloseArchive

kernel32

TerminateProcess
SetStdHandle
GetFileType
HeapSize
HeapReAlloc
GetACP
GetTimeZoneInformation
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
HeapFree
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProcAddress
LoadLibraryA
FreeLibrary
MulDiv
GetPrivateProfileIntA
GetPrivateProfileStringA
GetModuleFileNameA
GetTempPathA
DeleteFileA
CopyFileA
CreateDirectoryA
WritePrivateProfileStringA
GetModuleHandleA
lstrcpyA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
lstrcmpiA
GlobalGetAtomNameA
GetCurrentThreadId
lstrcatA
GetVersion
LockResource
LoadResource
FindResourceA
SetLastError
GlobalUnlock
GlobalLock
InterlockedIncrement
HeapAlloc
RaiseException
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
GetTickCount
SetErrorMode
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileTime
GetFileSize
GetFileAttributesA
GetThreadLocale
GetFullPathNameA
InterlockedDecrement
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
GetProfileStringA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
FindFirstFileA
FindClose
SizeofResource
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
lstrcpynA
TlsAlloc
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
GetLastError
GlobalFree
WaitForSingleObject
CloseHandle
GlobalAlloc
lstrcmpA
GetCurrentThread
GetProfileIntA
FormatMessageA
LocalFree

user32

MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
LoadStringA
DestroyMenu
GetSysColorBrush
GetClassNameA
MapDialogRect
SetWindowContextHelpId
GetDesktopWindow
EndDialog
CreateDialogIndirectParamA
GetActiveWindow
ValidateRect
PostQuitMessage
SetCapture
GetDCEx
GetMessageA
ReleaseCapture
GetCursorPos
PtInRect
SetCursor
LoadCursorA
SetRectEmpty
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
ShowWindow
MoveWindow
GetNextDlgGroupItem
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
MapWindowPoints
GetFocus
IsWindow
AdjustWindowRectEx
ScreenToClient
EqualRect
IsWindowVisible
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
DrawFocusRect
DefDlgProcA
IsWindowUnicode
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
CopyAcceleratorTableA
CharNextA
CharUpperA
SetWindowTextA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
IsIconic
GetSystemMetrics
DrawIcon
PeekMessageA
TranslateMessage
DispatchMessageA
PostMessageA
LoadIconA
SetRect
EnableWindow
GrayStringA
DrawTextA
TabbedTextOutA
SetActiveWindow
OffsetRect
CopyRect
FillRect
GetClientRect
GetParent
UpdateWindow
LoadImageA
GetWindowRect
InflateRect
SendMessageA
InvalidateRect
GetSysColor
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
SetFocus

gdi32

Escape
CreateSolidBrush
GetClipBox
SetTextColor
SetBkColor
CreateBitmap
SaveDC
RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
IntersectClipRect
ExtTextOutA
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
CreatePen
CreatePatternBrush
PatBlt
SetRectRgn
CombineRgn
CreateRectRgnIndirect
GetTextColor
TextOutA
RectVisible
PtVisible
CreateCompatibleBitmap
SelectObject
StretchBlt
GetTextExtentPoint32A
GetTextMetricsA
BitBlt
CreateCompatibleDC
LPtoDP
GetMapMode
DPtoLP
GetBkColor
GetDeviceCaps
DeleteDC
GetStockObject
GetObjectA
CreateFontIndirectA
GetTextExtentPointA
CreateDIBitmap
DeleteObject

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

shell32

DragAcceptFiles
ShellExecuteA
DragQueryFileA
DragFinish

comctl32

ord17

oledlg

ord8

ole32

CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoFreeUnusedLibraries

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringByteLen
SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

wininet

InternetGetLastResponseInfoA
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetSetOptionExA
InternetCloseHandle
InternetOpenA
InternetCanonicalizeUrlA
InternetCrackUrlA

Sections

.text
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
埃文手机电子书制作器 V2.0 特别版IBookMaker2.0/key_anBookMaker 2.0.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

code
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

text
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
埃文手机电子书制作器 V2.0 特别版IBookMaker2.0/unrar.dll
.dll windows:4 windows x86 arch:x86

244d2f9772f4886a651db44514a2a29b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
SetFileSecurityA
SetFileSecurityW

kernel32

CloseHandle
CompareStringA
CompareStringW
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
DeviceIoControl
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCPInfo
GetCurrentProcess
GetCurrentThreadId
GetEnvironmentStrings
GetFileAttributesA
GetFileAttributesW
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetVersion
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapFree
IsDBCSLeadByte
LCMapStringA
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
MultiByteToWideChar
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetEndOfFile
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetHandleCount
Sleep
SystemTimeToFileTime
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WideCharToMultiByte
WriteFile

user32

CharLowerA
CharLowerW
CharToOemA
CharToOemBuffA
CharUpperA
CharUpperW
EnumThreadWindows
MessageBoxA
OemToCharA
OemToCharBuffA
wsprintfA

Exports

Exports

RARCloseArchive
RARGetDllVersion
RAROpenArchive
RAROpenArchiveEx
RARProcessFile
RARProcessFileW
RARReadHeader
RARReadHeaderEx
RARSetCallback
RARSetChangeVolProc
RARSetPassword
RARSetProcessDataProc
___CPPdebugHook

Sections

.text
Size: 131KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
埃文手机电子书制作器 V2.0 特别版IBookMaker2.0/中国破解联盟－木蚂蚁社区.url
.url
埃文手机电子书制作器 V2.0 特别版IBookMaker2.0/使用说明.txt
埃文手机电子书制作器 V2.0 特别版IBookMaker2.0/注册说明.htm
.html .js polyglot
埃文手机电子书制作器 V2.0 特别版IBookMaker2.0/绿化说明+简介.txt

Sharing

General

Malware Config

Signatures

Files

fb382b0204ebd38e91cadddcdde4f30f

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

wininet

Sections

.text Size: 292KB - Virtual size: 290KB

.rdata Size: 84KB - Virtual size: 80KB

.data Size: 12KB - Virtual size: 24KB

.rsrc Size: 56KB - Virtual size: 55KB

fb07789b26d5326b81af0e0fb0568bfe

Headers

File Characteristics

Imports

unrar

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

Sections

.text Size: 164KB - Virtual size: 162KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 36KB - Virtual size: 32KB

Headers

File Characteristics

Sections

code Size: - Virtual size: 40KB

text Size: 11KB - Virtual size: 12KB

.rsrc Size: 6KB - Virtual size: 8KB

244d2f9772f4886a651db44514a2a29b

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Exports

Exports

Sections

.text Size: 131KB - Virtual size: 132KB

.data Size: 15KB - Virtual size: 44KB

.tls Size: 512B - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 292KB - Virtual size: 290KB

.rdata
Size: 84KB - Virtual size: 80KB

.data
Size: 12KB - Virtual size: 24KB

.rsrc
Size: 56KB - Virtual size: 55KB

.text
Size: 164KB - Virtual size: 162KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 36KB - Virtual size: 32KB

code
Size: - Virtual size: 40KB

text
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 6KB - Virtual size: 8KB

.text
Size: 131KB - Virtual size: 132KB

.data
Size: 15KB - Virtual size: 44KB

.tls
Size: 512B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB