0807466b0ac619ae1af93e81e17cb517_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0807466b0ac619ae1af93e81e17cb517_JaffaCakes118
Size

2.3MB
MD5

0807466b0ac619ae1af93e81e17cb517
SHA1

d08402247d0356d1a20a35ad01c042c96b2d84ed
SHA256

b9d5084b836c1c9484cff7ccaca7e08f2c2cd0df0db4612788dd350fd8ba4cfe
SHA512

505924c490079a68ee49ab9b47954bff2f7547e4452a3586f1473ec0b60d6ed0534d5fc92d55b3b9a6080e7af2f4e7760991457b6839379e5f924b0ffc97083c
SSDEEP

49152:JTTValmTx7m6sm1uytD4O7MJn3FfhbM7KaexYZrqJqBDRA:tJOoKmlt4ZbMPoMqJqg

Score

3^/10

Malware Config

Signatures

Unsigned PE 7 IoCs

Checks for missing Authenticode signature.

resource
unpack001/超级硬盘安装器3.0/eShell1.fne
unpack001/超级硬盘安装器3.0/iext.fnr
unpack001/超级硬盘安装器3.0/iext2.fne
unpack001/超级硬盘安装器3.0/iext6.fne
unpack001/超级硬盘安装器3.0/krnln.fnr
unpack001/超级硬盘安装器3.0/xplib.fne
unpack001/超级硬盘安装器3.0/超级硬盘安装器3.0.exe

Files

0807466b0ac619ae1af93e81e17cb517_JaffaCakes118
.rar
超级硬盘安装器3.0/eShell1.fne
.dll windows:4 windows x86 arch:x86

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

FreeLibrary
lstrcatA
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetProcAddress
lstrlenA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Exports

Exports

GetNewInf

Sections

.text
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.ecode
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
超级硬盘安装器3.0/iext.fnr
.dll windows:4 windows x86 arch:x86

f86e54dbf86fab2a0484cdc838c093a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RaiseException
HeapSize
GetACP
GetTimeZoneInformation
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
TerminateProcess
ExitProcess
GetCommandLineA
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileTime
GetFileSize
GetFileAttributesA
GetOEMCP
GetCPInfo
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
GlobalFree
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
HeapAlloc
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetLastError
SetLastError
lstrcpynA
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
GetModuleHandleA
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
CloseHandle
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GlobalUnlock
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
VirtualAlloc

user32

SetFocus
MapWindowPoints
LoadIconA
SetWindowTextA
ShowWindow
CharUpperA
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
UnregisterClassA
GetClassNameA
PtInRect
GetSysColorBrush
LoadStringA
DestroyMenu
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
AdjustWindowRectEx
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetDC
ReleaseDC
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
PostMessageA
PostQuitMessage
SendMessageA
GetFocus
IsWindow
DestroyIcon
LoadCursorA
GetParent
GetWindowLongA
SetWindowLongA
GetSysColor
EnableWindow
OffsetRect
GetClientRect
UpdateWindow
GetTopWindow
GetWindow
ScreenToClient
GetDlgCtrlID
IsWindowVisible
GetWindowRect
IntersectRect
IsRectEmpty
RedrawWindow
ClientToScreen
FillRect
InvalidateRect
CopyRect

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteObject
OffsetViewportOrgEx
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
SetMapMode
SetBkMode
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
CreateFontIndirectA
GetCurrentObject
GetStockObject

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

comctl32

ImageList_Destroy
ImageList_SetBkColor
ImageList_GetIcon
ImageList_Read
ord17
ImageList_GetImageCount
ImageList_Duplicate

Exports

Exports

GetNewInf

Sections

.text
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
超级硬盘安装器3.0/iext2.fne
.dll windows:4 windows x86 arch:x86

e5a2027315b2096abd6d8673dbb3f488

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvfw32

DrawDibOpen
DrawDibDraw
DrawDibClose

avifil32

AVIStreamGetFrameClose
AVIFileExit
AVIStreamInfoA
AVIStreamSampleToTime
AVIStreamStart
AVIStreamLength
AVIStreamGetFrameOpen
AVIStreamOpenFromFileA
AVIStreamRelease
AVIStreamGetFrame
AVIFileInit

kernel32

GetStringTypeW
FreeEnvironmentStringsA
GetStringTypeA
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
GetACP
HeapSize
GetTimeZoneInformation
ExitThread
TerminateProcess
ExitProcess
RaiseException
GetCommandLineA
RtlUnwind
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetFileTime
GetFileSize
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
SuspendThread
SetThreadPriority
ResumeThread
WaitForSingleObject
lstrcmpA
GetCurrentThread
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
lstrcpynA
GetLastError
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
SetLastError
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GlobalReAlloc
CreateEventA
GetProcAddress
ResetEvent
SetEvent
FreeLibrary
LoadLibraryA
lstrlenA
GlobalAlloc
lstrcpyA
GlobalUnlock
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GlobalSize
GlobalLock
GlobalFree
FindResourceA
LoadResource
LockResource
GetTickCount
Sleep
CreateThread
CloseHandle
MulDiv
GetModuleFileNameA
OpenFile
FreeEnvironmentStringsW

user32

LoadStringA
DestroyMenu
GetSysColorBrush
GetClassNameA
UnregisterClassA
TranslateMessage
ValidateRect
PostQuitMessage
CharUpperA
EndDialog
CreateDialogIndirectParamA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
LoadIconA
PostMessageA
SendDlgItemMessageA
MapWindowPoints
GetFocus
SetActiveWindow
SetFocus
AdjustWindowRectEx
IsWindowVisible
GetTopWindow
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
SetWindowLongA
EnumDisplaySettingsA
EqualRect
PtInRect
IntersectRect
SetCursor
GetCapture
SetCapture
GetCursorPos
GetMessageA
DispatchMessageA
ScreenToClient
ReleaseCapture
LoadCursorA
OemToCharA
CharToOemA
MsgWaitForMultipleObjects
PeekMessageA
DrawStateA
CopyRect
FrameRect
InflateRect
GetSysColor
DrawFocusRect
ClientToScreen
WindowFromPoint
GetActiveWindow
GetNextDlgTabItem
GetWindowLongA
GetKeyState
InvertRect
UnionRect
IsRectEmpty
wsprintfA
DestroyIcon
SendMessageA
SetRect
UpdateWindow
GetDC
ReleaseDC
EnableWindow
FillRect
KillTimer
InvalidateRect
SetTimer
IsWindow
GetClientRect
GetWindowRect
GetParent
OffsetRect
MessageBoxA

gdi32

GetDeviceCaps
PtVisible
RectVisible
ExtTextOutA
Escape
SetDIBitsToDevice
StretchDIBits
CreateDIBSection
CreateSolidBrush
SetBkMode
TextOutA
GetDIBits
CreatePen
GetObjectA
SetTextColor
GetStockObject
SetPixelV
Ellipse
LineTo
MoveToEx
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
GetClipBox
CreateFontIndirectA
CreateBrushIndirect
CreateHatchBrush
CreateBitmap
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
Rectangle
GetCurrentObject
RoundRect
Pie
Chord
Arc
Polygon
GetTextExtentPoint32A
GetPixel
CreateDIBitmap
PatBlt
SetBkColor
SelectObject
SetStretchBltMode
StretchBlt
DeleteDC
DeleteObject
CreatePatternBrush

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegEnumKeyA
RegOpenKeyA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA

shell32

ExtractIconA

comctl32

ImageList_SetBkColor
ImageList_Draw
ImageList_Remove
ImageList_GetImageInfo
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_AddMasked
_TrackMouseEvent
ImageList_Write
ImageList_Destroy
ImageList_Create
ImageList_Read
ImageList_GetImageCount
ord17
ImageList_Duplicate

ole32

OleUninitialize
OleInitialize

winmm

PlaySoundA

Exports

Exports

GetNewInf

Sections

.text
Size: 288KB - Virtual size: 287KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
超级硬盘安装器3.0/iext6.fne
.dll windows:4 windows x86 arch:x86

c5686fc51963c20b905863834edcd7e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
LCMapStringA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetTimeZoneInformation
GetACP
HeapSize
TerminateProcess
ExitProcess
RaiseException
GetCommandLineA
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
GetFileTime
GetFileSize
GetFileAttributesA
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetCurrentThread
LocalFree
FreeLibrary
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
HeapAlloc
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetModuleHandleA
GlobalFree
GlobalAlloc
GlobalLock
GetModuleFileNameA
lstrcmpiA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
SetEndOfFile
UnlockFile
LockFile
CloseHandle
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetLastError
SetLastError
lstrcpynA
lstrlenA
lstrcmpA
GlobalUnlock
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
LCMapStringW

user32

DispatchMessageA
PeekMessageA
MapWindowPoints
PostMessageA
LoadIconA
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
PostQuitMessage
SetCursor
ValidateRect
GetActiveWindow
TranslateMessage
GetMessageA
UnregisterClassA
LoadStringA
GetClassNameA
PtInRect
GetSysColorBrush
DestroyMenu
GetTopWindow
MessageBoxA
WinHelpA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetFocus
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
ClientToScreen
CopyRect
ReleaseDC
GetParent
SetFocus
IsWindowEnabled
ShowWindow
SetWindowPos
GetDlgCtrlID
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
GetDlgItem
GetSystemMetrics
CharUpperA
GetSysColor
SetWindowLongA
GetWindowLongA
InvalidateRect
wsprintfA
GetCursorPos
GetCapture
ReleaseCapture
KillTimer
SetCapture
SetTimer
EnableWindow
GetClassInfoA
GetPropA
AdjustWindowRectEx
DefWindowProcA
LoadCursorA
IsWindowVisible
GetDC
SetWindowRgn
GetWindowRect
IsWindow
LoadBitmapA
GetClientRect
SendMessageA
DrawTextA

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
DeleteDC
SetPixelV
CreateRectRgnIndirect
CreateRectRgn
GetPixel
CombineRgn
DeleteObject
SelectObject
StretchBlt
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetStockObject
GetObjectA
CreateFontIndirectA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

comctl32

ImageList_Draw
ImageList_Destroy
ImageList_GetImageInfo
ImageList_AddMasked
_TrackMouseEvent
ImageList_Create
ImageList_Read
ImageList_Write
ImageList_Duplicate
ImageList_GetImageCount
ord17

Exports

Exports

GetNewInf

Sections

.text
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
超级硬盘安装器3.0/krnln.fnr
.dll windows:4 windows x86 arch:x86

621f4d9cc50fa45ddba4ea92078b7eac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

PlaySoundA
midiStreamRestart
midiStreamClose
midiOutReset
midiStreamStop
midiStreamOut
midiOutPrepareHeader
midiStreamProperty
midiStreamOpen
midiOutUnprepareHeader

kernel32

CreateMutexA
ReleaseMutex
GlobalFlags
SetErrorMode
GetProcessVersion
GetCPInfo
GetOEMCP
RtlUnwind
RaiseException
GetTimeZoneInformation
GetSystemTime
GetLocalTime
TerminateProcess
ExitThread
HeapSize
GetACP
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetEnvironmentVariableW
SetEnvironmentVariableA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetStdHandle
SuspendThread
SetThreadPriority
ResumeThread
GetCurrentThread
lstrcmpA
FormatMessageA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileTime
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetVersion
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpynA
SetLastError
SetCommTimeouts
SetCommMask
GetCommState
SetCommState
WriteFile
ReadFile
PurgeComm
WaitCommEvent
ClearCommError
GetLastError
WaitForMultipleObjects
GetOverlappedResult
GetCommModemStatus
SetEvent
GetProfileStringA
GetPrivateProfileSectionNamesA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetComputerNameA
EscapeCommFunction
CreateEventA
ResetEvent
OutputDebugStringA
ExpandEnvironmentStringsA
GlobalAlloc
GetTempPathA
SetFileAttributesA
GetFileAttributesA
MoveFileA
CopyFileA
CreateDirectoryA
SetVolumeLabelA
GetDiskFreeSpaceA
SetLocalTime
GetCommandLineA
CreateProcessA
SetCurrentDirectoryA
GetCurrentThreadId
GetModuleHandleA
GlobalSize
GlobalLock
GlobalFree
lstrcatA
WinExec
lstrcpyA
GetCurrentDirectoryA
GetLogicalDriveStringsA
GetDriveTypeA
GetVolumeInformationA
GlobalUnlock
GlobalReAlloc
HeapFree
HeapReAlloc
ExitProcess
HeapAlloc
WaitForSingleObject
GetProcessHeap
FindResourceA
LoadResource
LockResource
CreateThread
DeleteFileA
RemoveDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetModuleFileNameA
Sleep
MulDiv
OpenFile
LoadLibraryA
GetProcAddress
FreeLibrary
CreateFileA
CloseHandle
DeviceIoControl
GetVersionExA
GetFullPathNameA
lstrlenW
lstrlenA
GetUserDefaultLCID
GetTickCount
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
HeapDestroy

user32

LoadStringA
UnregisterClassA
GetDesktopWindow
GetClassNameA
CharUpperA
EndDialog
CreateDialogIndirectParamA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
GetNextDlgTabItem
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
GetScrollPos
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
RegisterWindowMessageA
GetWindowPlacement
ShowWindow
IsWindowEnabled
TranslateAcceleratorA
CopyAcceleratorTableA
PostQuitMessage
GetSystemMenu
DeleteMenu
WindowFromPoint
LoadIconA
CreateIconFromResourceEx
CreateIconFromResource
DrawIconEx
GetMessageA
SetRectEmpty
RegisterClipboardFormatA
CreatePopupMenu
AppendMenuA
ModifyMenuA
CreateMenu
CreateAcceleratorTableA
SetCursor
InvertRect
TrackPopupMenu
SetForegroundWindow
ValidateRect
LockWindowUpdate
MessageBeep
IsClipboardFormatAvailable
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
WaitForInputIdle
SetCursorPos
SetMenu
SetFocus
PeekMessageA
IsIconic
SetActiveWindow
DestroyMenu
SetWindowPos
GetActiveWindow
GetTopWindow
GetWindow
DestroyAcceleratorTable
DestroyCursor
SetWindowRgn
ScreenToClient
ChildWindowFromPointEx
PostMessageA
WinHelpA
KillTimer
SetTimer
GetScrollRange
SetScrollRange
SetScrollPos
SetParent
IsWindowVisible
GetWindowLongA
SetWindowLongA
TranslateMessage
DispatchMessageA
UpdateWindow
GetDC
ReleaseDC
EnumDisplaySettingsA
LoadImageA
MessageBoxA
LoadBitmapA
GetKeyState
DestroyIcon
IsChild
IsRectEmpty
GetFocus
IntersectRect
EqualRect
GetMenu
GetSubMenu
EnableMenuItem
IsZoomed
GetSysColorBrush
AdjustWindowRect
LoadCursorA
GetCapture
ClientToScreen
wsprintfA
GetDlgCtrlID
InvalidateRect
ReleaseCapture
GetMessagePos
PtInRect
GetClientRect
GetCursorPos
SetCapture
SystemParametersInfoA
EnableWindow
SetRect
IsWindow
RedrawWindow
CopyRect
FillRect
GetSystemMetrics
DrawFrameControl
DrawEdge
InflateRect
OffsetRect
DrawFocusRect
GetWindowRect
GetParent
SendMessageA
GetSysColor
ScrollDC

gdi32

GetSystemPaletteEntries
CreateRoundRectRgn
CreateEllipticRgn
PathToRegion
EndPath
BeginPath
GetClipBox
SetTextColor
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExcludeClipRect
MoveToEx
LineTo
GetBkColor
SelectPalette
ExtSelectClipRgn
GetViewportExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextMetricsA
GetROP2
GetStretchBltMode
GetPolyFillMode
StartPage
EndPage
CreateDCA
DPtoLP
CreateBrushIndirect
CreateHatchBrush
CreatePatternBrush
Ellipse
RoundRect
FillRgn
GetCurrentObject
CombineRgn
CreateRectRgn
GetClipRgn
CreatePolygonRgn
GetDIBits
CreateDIBSection
SetPixel
ExtCreateRegion
CreateRectRgnIndirect
StartDocA
GetPixel
SetPixelV
LPtoDP
Pie
GetObjectA
GetDeviceCaps
RealizePalette
CreatePen
GetTextExtentPoint32A
CreateFontIndirectA
CreatePalette
Chord
Arc
Polygon
EndDoc
GetTextColor
Rectangle
SelectClipRgn
CreateDIBitmap
CreateCompatibleBitmap
CreateBitmap
SetBkColor
SelectObject
SetStretchBltMode
StretchBlt
DeleteDC
DeleteObject
GetWindowExtEx
GetViewportOrgEx
GetWindowOrgEx
PatBlt
CreateCompatibleDC
BitBlt
CreateSolidBrush
GetStockObject
GetBkMode

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
ChooseFontA
PrintDlgA
CommDlgExtendedError
ChooseColorA

winspool.drv

SetFormA
AddFormA
ClosePrinter
DocumentPropertiesA
OpenPrinterA
EnumFormsA
GetFormA
DeleteFormA

advapi32

RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey

shell32

Shell_NotifyIconA
ShellExecuteA

comctl32

ord17
ImageList_Destroy
ImageList_LoadImageA

ole32

OleRun
CoCreateInstance
CreateStreamOnHGlobal
CLSIDFromString
OleUninitialize
OleInitialize
CLSIDFromProgID

olepro32

ord252
ord253

oleaut32

VarDateFromStr
SafeArrayPutElement
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetElement
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
VariantCopy
UnRegisterTypeLi
SysAllocString
VariantCopyInd
VariantInit
VariantChangeType
VariantClear
GetActiveObject
LoadTypeLi
LHashValOfNameSys
RegisterTypeLi

ws2_32

closesocket
WSAAsyncSelect
htons
bind
htonl
socket
setsockopt
sendto
recvfrom
select
gethostbyname
inet_ntoa
inet_addr
gethostbyaddr
gethostname
WSACleanup
WSAStartup
send
ioctlsocket
connect
recv
listen
getpeername
accept

Exports

Exports

GetNewInf
GetNewSock

Sections

.text
Size: 772KB - Virtual size: 769KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
超级硬盘安装器3.0/myrcfile.RES
超级硬盘安装器3.0/xplib.fne
.dll windows:4 windows x86 arch:x86

841978641e663bac1de7bcb70c413300

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
MultiByteToWideChar
FreeLibrary
SetUnhandledExceptionFilter
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
GetVersion
HeapFree
GetProcessHeap
HeapAlloc
IsBadCodePtr
lstrcmpiA
HeapReAlloc
VirtualAlloc
IsBadReadPtr
GetCurrentThreadId
RtlUnwind
GetCommandLineA
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile

user32

GetSystemMetrics
FillRect
DrawFocusRect
GetWindowTextA
OffsetRect
CopyRect
GetSysColor
FrameRect
InflateRect
GetSysColorBrush
GetWindowRect
GetWindowDC
GetClientRect
CallWindowProcA
ReleaseDC
DefWindowProcA
CallNextHookEx
EnumChildWindows
GetFocus
SetWindowLongA
SendMessageA
RedrawWindow
GetClassNameA
GetWindowLongA
GetWindowTextLengthA
GetParent
EnumThreadWindows
UnhookWindowsHookEx
SetWindowsHookExA
DrawTextA
GetDC

gdi32

GetTextMetricsA
Ellipse
Arc
CreateEllipticRgnIndirect
SelectClipRgn
SetTextColor
MoveToEx
LineTo
GetStockObject
CreatePen
SetPixel
CreateSolidBrush
DeleteObject
DeleteDC
CreateCompatibleDC
SetBkMode
SelectObject
CreateCompatibleBitmap
BitBlt
GetObjectA
GetTextExtentPoint32A
GetPixel

msimg32

GradientFill

comctl32

_TrackMouseEvent

Exports

Exports

GetNewInf

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
超级硬盘安装器3.0/使用★说明.txt
超级硬盘安装器3.0/小林子绿色软件站.url
.url
超级硬盘安装器3.0/注册说明.htm
.html .js polyglot
超级硬盘安装器3.0/超级硬盘安装器3.0.exe
.exe windows:4 windows x86 arch:x86

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

FreeLibrary
lstrcatA
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetProcAddress
lstrlenA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

Imports

user32

kernel32

advapi32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 844B

.rdata Size: 512B - Virtual size: 404B

.data Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 120B

.ecode Size: 52KB - Virtual size: 52KB

.edata Size: 512B - Virtual size: 72B

f86e54dbf86fab2a0484cdc838c093a0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 118KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 20KB - Virtual size: 74KB

.rsrc Size: 20KB - Virtual size: 16KB

.reloc Size: 20KB - Virtual size: 17KB

e5a2027315b2096abd6d8673dbb3f488

Headers

File Characteristics

Imports

msvfw32

avifil32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

winmm

Exports

Exports

Sections

.text Size: 288KB - Virtual size: 287KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 84KB - Virtual size: 144KB

.rsrc Size: 20KB - Virtual size: 19KB

.reloc Size: 32KB - Virtual size: 31KB

c5686fc51963c20b905863834edcd7e5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 104KB

.rdata Size: 24KB - Virtual size: 22KB

.text
Size: 1024B - Virtual size: 844B

.rdata
Size: 512B - Virtual size: 404B

.data
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 120B

.ecode
Size: 52KB - Virtual size: 52KB

.edata
Size: 512B - Virtual size: 72B

.text
Size: 120KB - Virtual size: 118KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 20KB - Virtual size: 74KB

.rsrc
Size: 20KB - Virtual size: 16KB

.reloc
Size: 20KB - Virtual size: 17KB

.text
Size: 288KB - Virtual size: 287KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 84KB - Virtual size: 144KB

.rsrc
Size: 20KB - Virtual size: 19KB

.reloc
Size: 32KB - Virtual size: 31KB

.text
Size: 108KB - Virtual size: 104KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 24KB - Virtual size: 83KB

.rsrc
Size: 56KB - Virtual size: 54KB

.reloc
Size: 16KB - Virtual size: 15KB

.text
Size: 772KB - Virtual size: 769KB

.rdata
Size: 108KB - Virtual size: 106KB

.data
Size: 68KB - Virtual size: 130KB

.rsrc
Size: 60KB - Virtual size: 57KB

.reloc
Size: 68KB - Virtual size: 66KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 14KB

.reloc
Size: 8KB - Virtual size: 4KB

.text
Size: 1024B - Virtual size: 556B

.rdata
Size: 512B - Virtual size: 404B

.data
Size: 2.0MB - Virtual size: 2.0MB

.rsrc
Size: 10KB - Virtual size: 10KB