15236dd1462363db06e6e17e9e608529_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

15236dd1462363db06e6e17e9e608529_JaffaCakes118
Size

2.1MB
MD5

15236dd1462363db06e6e17e9e608529
SHA1

07a7063bd18e9e0b2da3ba783dc4cb567347961d
SHA256

cc50dc616da8aaf0295263a533078b5d4bb78208fccce3e5e4cc8f455a5a5b2d
SHA512

ca5b154f1400825506f3a0e363b8815144e8248493a41fcd0a5d401650c3570bf794333840e189da7f5eeac7ce7048e0a2706aa51ade28d7aac625316d04d6c7
SSDEEP

49152:wKz9s+S8NPxbT+qTj+OSC5SQC9SMjJTHO7pvbidq0JufQ:wK5s+XnvT3SxXq0wfQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/fldrvw71.ocx
unpack001/shlobj71.ocx
unpack001/srck.exe
unpack001/srieh.exe

Files

15236dd1462363db06e6e17e9e608529_JaffaCakes118
.zip
fldrvw71.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

fa348d423e3784d355fd54087c8cd402

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
LCMapStringA
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
IsBadWritePtr
VirtualAlloc
VirtualFree
Sleep
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
HeapReAlloc
HeapSize
TerminateProcess
ExitProcess
GetACP
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RaiseException
GetCommandLineA
HeapAlloc
HeapFree
RtlUnwind
WritePrivateProfileStringA
FindResourceExA
GetFileTime
GetFileSize
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
CloseHandle
GetCurrentThread
CopyFileA
GetUserDefaultLCID
FileTimeToLocalFileTime
FileTimeToSystemTime
GetModuleFileNameA
GlobalReAlloc
FormatMessageA
LocalFree
GetProfileIntA
lstrcpynA
lstrlenW
IsDBCSLeadByte
lstrcmpA
SetLastError
lstrlenA
InterlockedDecrement
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
InterlockedIncrement
FindResourceA
SizeofResource
LoadResource
LockResource
GetTickCount
FindAtomA
AddAtomA
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
lstrcpyA
WideCharToMultiByte
GlobalAlloc
GlobalSize
MulDiv
CreateDirectoryA
GetFileAttributesA
GetLastError
GlobalLock
GlobalUnlock
GlobalFree

user32

GetDialogBaseUnits
UnregisterClassA
GetMessageA
TranslateMessage
PostQuitMessage
IsClipboardFormatAvailable
LockWindowUpdate
EnumChildWindows
SetRectEmpty
CreateMenu
GetDesktopWindow
ValidateRect
DrawEdge
SetRect
IsRectEmpty
SetCapture
ReleaseCapture
InflateRect
PtInRect
GetClassNameA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
wvsprintfA
LoadStringA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
PostMessageA
UpdateWindow
GetSysColorBrush
MapWindowPoints
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
EqualRect
IsWindowVisible
GetScrollPos
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CharUpperA
GetTabbedTextExtentA
GetDCEx
SendDlgItemMessageA
GetNextDlgTabItem
EndDialog
SetActiveWindow
IsWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetDlgItem
IsWindowEnabled
InsertMenuItemA
SetMenuDefaultItem
GetMenuItemInfoA
SetMenuItemInfoA
InsertMenuA
GetSubMenu
RemoveMenu
LoadCursorA
SetCursor
GetMenuDefaultItem
GetMenuItemID
CopyRect
SetWindowPos
LoadImageA
GetDC
ReleaseDC
FillRect
CreateWindowExA
SetParent
GetActiveWindow
GetWindowLongA
SetWindowLongA
LoadIconA
CopyImage
GetSysColor
LoadBitmapA
DestroyIcon
SetTimer
KillTimer
GetClientRect
GetCursorPos
ScreenToClient
ClientToScreen
GetAsyncKeyState
CreatePopupMenu
GetMenuItemCount
AppendMenuA
TrackPopupMenu
GetMenuStringA
DestroyMenu
GetKeyState
RegisterClipboardFormatA
InvalidateRect
SendMessageA
EnableWindow
PeekMessageA

gdi32

CopyMetaFileA
CreateDCA
GetTextExtentPoint32A
GetTextMetricsA
GetTextAlign
EnumFontFamiliesExA
UnrealizeObject
Rectangle
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
CreateMetaFileA
CloseMetaFile
DeleteMetaFile
LPtoDP
CombineRgn
SetRectRgn
Escape
ExtTextOutA
MoveToEx
TextOutA
RectVisible
PtVisible
CreatePatternBrush
CreatePen
CreateRectRgn
GetCurrentPositionEx
CreateBitmap
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetMapMode
SetROP2
SetBkMode
SelectPalette
RestoreDC
SaveDC
CreateRectRgnIndirect
PatBlt
SetBkColor
SetTextColor
GetClipBox
CreateFontIndirectA
GetStockObject
SelectObject
SetViewportOrgEx
CreateSolidBrush
DeleteDC
DeleteObject
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetObjectA
RealizePalette
GetDeviceCaps

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegCreateKeyA
RegSetValueExA
CryptAcquireContextA
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptReleaseContext
CryptDestroyKey
CryptVerifySignatureA
CryptImportKey
RegOpenKeyExA
RegEnumKeyA
RegOpenKeyA
RegSetValueA
RegDeleteKeyA
RegQueryValueA
RegCreateKeyExA
RegCloseKey

shell32

ExtractIconA
DragQueryFileA
ShellExecuteA
SHChangeNotify
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetMalloc
SHGetDesktopFolder
SHGetFileInfoA

comctl32

ImageList_Create
ImageList_GetIconSize
ImageList_Duplicate
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_AddMasked
ImageList_SetOverlayImage
ImageList_SetImageCount
InitializeFlatSB
ImageList_SetBkColor
ImageList_GetBkColor
ord17
ImageList_Destroy

ole32

ReadFmtUserTypeStg
OleDuplicateData
ReadClassStm
CreateOleAdviseHolder
CreateDataAdviseHolder
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoRevokeClassObject
CoRegisterClassObject
CreateDataCache
StringFromCLSID
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoTaskMemAlloc
CoTaskMemFree
OleSaveToStream
CoDisconnectObject
StringFromGUID2
ReleaseStgMedium
CoCreateInstance
OleGetClipboard
OleLoadFromStream
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
DoDragDrop
CreateStreamOnHGlobal

olepro32

ord252
ord251
ord253
ord250
ord254

oleaut32

SysStringByteLen
SysAllocStringByteLen
SysStringLen
RegisterTypeLi
LoadTypeLi
SafeArrayGetLBound
SysAllocStringLen
SysAllocString
VariantChangeType
VariantClear
VariantCopy
SafeArrayGetDim
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayCreate
SafeArrayPutElement
LoadRegTypeLi
SysFreeString
VariantInit

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
shlobj71.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

2a3635438005b443f8b86eb59ec56b48

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msimg32

GradientFill

kernel32

HeapSize
HeapReAlloc
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
TerminateProcess
ExitProcess
GetProcAddress
GetACP
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RaiseException
GetCommandLineA
HeapAlloc
HeapFree
RtlUnwind
GetProfileIntA
GetFileTime
GetFileSize
GetFileAttributesA
WritePrivateProfileStringA
CopyFileA
GlobalSize
GetOEMCP
GetCPInfo
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GlobalFlags
GetProcessVersion
GetLastError
FindResourceExA
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
CloseHandle
GetUserDefaultLCID
IsDBCSLeadByte
lstrcmpA
FileTimeToLocalFileTime
FileTimeToSystemTime
FormatMessageA
LocalFree
MulDiv
SetLastError
GlobalAlloc
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GlobalLock
GlobalUnlock
InterlockedDecrement
GetModuleFileNameA
lstrcpyA
lstrlenA
lstrlenW
WideCharToMultiByte
GlobalFree
lstrcmpiA
InterlockedIncrement
Sleep
GetCurrentThread
GetThreadPriority
SetThreadPriority
GetCurrentThreadId
FindResourceA
SizeofResource
LoadResource
LockResource
GetTickCount
FindAtomA
AddAtomA
lstrcpynA
MultiByteToWideChar
FreeLibrary
GetModuleHandleA
LoadLibraryA
GetEnvironmentStrings

user32

GetDCEx
RegisterClipboardFormatA
CreateMenu
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ValidateRect
DrawEdge
wvsprintfA
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
SetFocus
AdjustWindowRectEx
EqualRect
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
IsIconic
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
GetTabbedTextExtentA
IsWindowEnabled
wsprintfA
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
GetTopWindow
LockWindowUpdate
IsWindowVisible
GetDlgCtrlID
MessageBoxA
GetParent
GetFocus
IsChild
GrayStringA
TabbedTextOutA
ClientToScreen
ScreenToClient
GetClientRect
LoadIconA
TrackPopupMenu
PostMessageA
FindWindowA
EnumChildWindows
GetClassNameA
RedrawWindow
SetActiveWindow
SetForegroundWindow
GetWindowPlacement
DrawAnimatedRects
DefWindowProcA
CreatePopupMenu
InsertMenuItemA
SetMenuDefaultItem
GetMenuItemInfoA
SetMenuItemInfoA
GetMenuStringA
InsertMenuA
AppendMenuA
GetSubMenu
RemoveMenu
DestroyMenu
GetMenuItemCount
UpdateWindow
GetMonitorInfoA
GetForegroundWindow
PtInRect
GetWindow
KillTimer
MonitorFromWindow
SetWindowPos
GetCapture
SetCapture
GetCursorPos
SetRect
OffsetRect
ReleaseCapture
CallWindowProcA
CopyRect
SetTimer
CharUpperA
GetSysColorBrush
GetDialogBaseUnits
UnregisterClassA
GetMessageA
TranslateMessage
PostQuitMessage
GetDlgItem
LoadStringA
IsWindow
SetParent
MoveWindow
GetWindowRect
ShowWindow
RegisterWindowMessageA
MonitorFromPoint
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindowLongA
DestroyWindow
CreateWindowExA
SetWindowLongA
FrameRect
DrawIconEx
DestroyIcon
SendMessageA
LoadCursorA
SetCursor
LoadBitmapA
GetKeyState
SystemParametersInfoA
GetSystemMetrics
SetRectEmpty
InflateRect
IsRectEmpty
LoadImageA
CopyImage
CreateIconIndirect
FillRect
DrawTextA
IntersectRect
GetDesktopWindow
InvalidateRect
EnableWindow
GetSysColor
ModifyMenuA

gdi32

CreateSolidBrush
SetRectRgn
CreateRectRgnIndirect
DPtoLP
GetTextExtentPoint32A
GetTextMetricsA
EnumFontFamiliesExA
CopyMetaFileA
CreateDCA
GetTextAlign
UnrealizeObject
Rectangle
SetROP2
RestoreDC
SaveDC
CreateMetaFileA
CloseMetaFile
DeleteMetaFile
SetMapMode
GetCurrentPositionEx
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
LPtoDP
GetDeviceCaps
GetClipBox
Escape
TextOutA
RectVisible
PtVisible
PatBlt
CreateFontIndirectA
GetStockObject
CreateBitmap
CreateCompatibleBitmap
SetStretchBltMode
DeleteDC
CreatePen
SelectObject
CreatePatternBrush
MoveToEx
LineTo
CreateHatchBrush
SetBkColor
ExtTextOutA
CreateRectRgn
CombineRgn
DeleteObject
BitBlt
StretchBlt
SetBkMode
SetTextColor
GetObjectA
CreateCompatibleDC
SetViewportOrgEx

comdlg32

GetFileTitleA
ChooseColorA
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

CryptImportKey
RegQueryValueExA
RegCreateKeyExA
RegQueryValueA
RegDeleteKeyA
RegSetValueA
RegOpenKeyA
RegEnumKeyA
RegOpenKeyExA
RegCloseKey
CryptVerifySignatureA
CryptDestroyKey
CryptReleaseContext
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptAcquireContextA
RegSetValueExA
RegCreateKeyA

shell32

ExtractIconA
Shell_NotifyIconA
SHGetPathFromIDListA
SHGetMalloc
SHGetDesktopFolder
SHAppBarMessage
ShellExecuteA

comctl32

_TrackMouseEvent
ord17

ole32

OleDuplicateData
ReadFmtUserTypeStg
StringFromCLSID
CoDisconnectObject
CreateOleAdviseHolder
CoTaskMemFree
ReleaseStgMedium
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleSaveToStream
ReadClassStm
CoTaskMemAlloc
CreateDataCache
CoRevokeClassObject
CoRegisterClassObject
PropVariantClear
StringFromGUID2
CoCreateInstance
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleLoadFromStream
CreateDataAdviseHolder

olepro32

ord254
ord251
ord252
ord250
ord253

oleaut32

VariantInit
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
SysAllocString
VariantChangeType
LoadTypeLi
RegisterTypeLi
SysStringByteLen
SysFreeString
VariantClear
VariantCopy
LoadRegTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 248KB - Virtual size: 245KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
srck.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 899KB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 96KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
srieh.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 646KB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 97KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fa348d423e3784d355fd54087c8cd402

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

olepro32

oleaut32

Exports

Exports

Sections

.text Size: 232KB - Virtual size: 231KB

.rdata Size: 64KB - Virtual size: 62KB

.data Size: 24KB - Virtual size: 36KB

.rsrc Size: 60KB - Virtual size: 56KB

.reloc Size: 36KB - Virtual size: 32KB

2a3635438005b443f8b86eb59ec56b48

Headers

File Characteristics

Imports

msimg32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

olepro32

oleaut32

Exports

Exports

Sections

.text Size: 248KB - Virtual size: 245KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 24KB - Virtual size: 38KB

.rsrc Size: 84KB - Virtual size: 81KB

.reloc Size: 36KB - Virtual size: 33KB

Headers

File Characteristics

Sections

Size: 899KB - Virtual size: 4.5MB

Size: - Virtual size: 59KB

.rsrc Size: 28KB - Virtual size: 28KB

.data Size: 96KB - Virtual size: 100KB

.adata Size: - Virtual size: 4KB

Headers

File Characteristics

Sections

Size: 646KB - Virtual size: 2.9MB

Size: - Virtual size: 45KB

.rsrc Size: 28KB - Virtual size: 28KB

.data Size: 97KB - Virtual size: 100KB

.adata Size: - Virtual size: 4KB

.text
Size: 232KB - Virtual size: 231KB

.rdata
Size: 64KB - Virtual size: 62KB

.data
Size: 24KB - Virtual size: 36KB

.rsrc
Size: 60KB - Virtual size: 56KB

.reloc
Size: 36KB - Virtual size: 32KB

.text
Size: 248KB - Virtual size: 245KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 24KB - Virtual size: 38KB

.rsrc
Size: 84KB - Virtual size: 81KB

.reloc
Size: 36KB - Virtual size: 33KB

.rsrc
Size: 28KB - Virtual size: 28KB

.data
Size: 96KB - Virtual size: 100KB

.adata
Size: - Virtual size: 4KB

.rsrc
Size: 28KB - Virtual size: 28KB

.data
Size: 97KB - Virtual size: 100KB

.adata
Size: - Virtual size: 4KB