284b8b21352c247037f0ec2707ea381f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

284b8b21352c247037f0ec2707ea381f_JaffaCakes118
Size

2.5MB
MD5

284b8b21352c247037f0ec2707ea381f
SHA1

508bfa59b23b54e54482695b5199a8eccdfaaa40
SHA256

084d0d31f1c6be065e234e28a7b70928253005c6302d02dceb29ebf38515875d
SHA512

46e4f932ba3c26717532a328b66c1d4ceade2ef06016045a0dfc590b3f1c425f5192780d06cc081ff2e3e8d45505ae595adb2093185211576b8f6af34eb6c1f9
SSDEEP

49152:9EAgZPoXGO0INqXU2DgG0CswwEtJDAZH7QD058Mn8D+sPhDstwKpbP:9EAgJo2O0KqXU2kQswwEDAZbQoz2+spe

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/System.dll
unpack001/602_奇迹归来.exe

Files

284b8b21352c247037f0ec2707ea381f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b729b61eb1515fcf7b3e511e4e66258b

Code Sign

e8:ef:57:43:1b:b3:a5:7a:12:cf:aa:12:02:22:71:b7:fa:86:76:3a
Signer

Actual PE Digest

e8:ef:57:43:1b:b3:a5:7a:12:cf:aa:12:02:22:71:b7:fa:86:76:3a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
CloseHandle
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcpynA

user32

ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 708KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:5 windows x86 arch:x86

039bcbc605477e8e87ec550c2e60e748

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
lstrlenW
lstrcmpiW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
602_奇迹归来.exe
.exe windows:5 windows x86 arch:x86

2adc220eaa8cb33e1f58ceeacb727229

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\program\lijing\Release\MiniClient.pdb

Imports

kernel32

GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
LCMapStringW
GetConsoleMode
ReadConsoleW
GetOEMCP
GetConsoleCP
SetFilePointerEx
OutputDebugStringW
GetDriveTypeW
WriteConsoleW
SetEnvironmentVariableA
lstrlenA
GetACP
IsValidCodePage
TerminateProcess
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
UnhandledExceptionFilter
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
GetProcessHeap
GetStdHandle
GetFileType
SetStdHandle
HeapQueryInformation
HeapSize
GetSystemInfo
HeapReAlloc
RtlUnwind
RaiseException
ExitThread
CreateThread
GetModuleHandleExW
ExitProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetCommandLineW
FindResourceExW
GetWindowsDirectoryW
GetProfileIntW
SearchPathW
GetTempPathW
VerifyVersionInfoW
VerSetConditionMask
GetCurrentDirectoryW
GetTempFileNameW
SetErrorMode
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalFlags
CompareStringA
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
GlobalGetAtomNameW
GetThreadLocale
FindNextFileW
FindFirstFileW
FindClose
FileTimeToSystemTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
lstrcmpA
GlobalFindAtomW
GlobalAddAtomW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
DecodePointer
EncodePointer
SetThreadPriority
GetModuleHandleA
OutputDebugStringA
GetFileAttributesW
CopyFileW
FormatMessageW
LocalFree
GlobalSize
GetCurrentProcessId
MulDiv
SetLastError
SuspendThread
SetThreadContext
GetThreadContext
FlushInstructionCache
ResumeThread
GetCurrentThreadId
InterlockedCompareExchange
VirtualAlloc
VirtualProtect
VirtualQuery
LoadLibraryA
FreeLibrary
Sleep
lstrcatW
InterlockedIncrement
InterlockedDecrement
lstrcpyW
GetCurrentThread
LoadLibraryW
DeleteFileW
GetEnvironmentVariableW
lstrcpyA
ReadFile
GetFileSize
InterlockedExchange
CreateDirectoryW
GlobalFree
WriteFile
CreateFileW
LocalAlloc
GetTickCount
GlobalUnlock
GlobalLock
GlobalAlloc
CloseHandle
CreateProcessW
WideCharToMultiByte
GetCurrentProcess
lstrcmpW
WaitForSingleObject
ExpandEnvironmentStringsW
GetVersion
WaitForMultipleObjects
SetEvent
ResetEvent
CreateEventW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
WritePrivateProfileStringW
GetModuleHandleW
GetProcAddress
GetPrivateProfileStringW
GetPrivateProfileIntW
GetModuleFileNameW
GetLastError
lstrcmpiW
lstrlenW
FreeResource
SizeofResource
LockResource
LoadResource
FindResourceW
GetCPInfo
MultiByteToWideChar
GetVersionExW
GetStringTypeW

user32

OffsetRect
InvalidateRgn
CopyAcceleratorTableW
ReleaseCapture
SetCapture
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
CheckDlgButton
ShowWindow
SetRectEmpty
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
UnhookWindowsHookEx
GetWindow
GetTopWindow
GetClassLongW
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
CallNextHookEx
SetWindowsHookExW
ValidateRect
GetKeyState
GetActiveWindow
PeekMessageW
IsRectEmpty
TranslateMessage
GetMessageW
IntersectRect
InflateRect
DestroyMenu
MapVirtualKeyW
GetMenuStringW
GetLastActivePopup
GetWindowThreadProcessId
IsWindowEnabled
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
AdjustWindowRect
SetWindowLongW
GetWindowLongW
BringWindowToTop
PtInRect
SetForegroundWindow
GetCursorPos
UnregisterHotKey
RegisterHotKey
GetClassInfoW
FindWindowW
MoveWindow
InvalidateRect
MessageBoxW
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
EnumChildWindows
GetClassNameW
SetCursor
IsWindowVisible
GetSystemMenu
GetClientRect
GetWindowRect
IsWindow
LoadMenuW
SendMessageW
LoadIconW
LoadCursorW
IsCharLowerW
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
CopyRect
GetSysColor
FillRect
PostMessageW
GetKeyboardLayout
MapVirtualKeyExW
GetKeyNameTextW
GetParent
EnableWindow
GrayStringW
DrawTextExW
TabbedTextOutW
GetSubMenu
DeleteMenu
RemoveMenu
LoadBitmapW
GetSysColorBrush
CreatePopupMenu
CreateMenu
GetMenuItemID
GetMenuState
ModifyMenuW
InsertMenuW
WaitMessage
SetTimer
KillTimer
DrawIcon
SetWindowRgn
IsIconic
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
LoadImageW
UnpackDDElParam
ReuseDDElParam
CharUpperW
GetMenuItemCount
AppendMenuW
ReleaseDC
GetDC
GetDesktopWindow
GetSystemMetrics
DestroyIcon
DrawIconEx
SystemParametersInfoW
GetWindowRgn
GetComboBoxInfo
DestroyCursor
InvertRect
HideCaret
GetDoubleClickTime
SubtractRect
GetUpdateRect
DrawEdge
SetRect
IsClipboardFormatAvailable
FrameRect
CopyIcon
CharUpperBuffW
PostQuitMessage
GetMenuItemInfoW
DrawTextW
SetCursorPos
EnableScrollBar
UpdateLayeredWindow
SetMenuDefaultItem
GetMenuDefaultItem
GetIconInfo
DrawFocusRect
DrawFrameControl
GetNextDlgGroupItem
SetClassLongW
LockWindowUpdate
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
IsMenu
NotifyWinEvent
GetAsyncKeyState
TrackMouseEvent
EnumDisplayMonitors
SetLayeredWindowAttributes
SetParent
UnionRect
UnregisterClassW
SendDlgItemMessageA
CopyImage
RealChildWindowFromPoint
CharNextW
WindowFromPoint
ShowOwnedPopups
PostThreadMessageW
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
DrawStateW
MonitorFromPoint
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatW
MessageBeep
IsZoomed
DispatchMessageW

gdi32

GetStockObject
CreateBitmap
CreatePatternBrush
CreateRectRgn
ExcludeClipRect
GetClipBox
GetObjectType
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
GetTextExtentPointW
CopyMetaFileW
CreateDCW
CreateRectRgnIndirect
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
GetRgnBox
CreateEllipticRgn
LPtoDP
CreateRoundRectRgn
GetBkColor
GetTextColor
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetTextMetricsW
RealizePalette
StretchBlt
OffsetRgn
CreatePolygonRgn
Polygon
Polyline
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RoundRect
ExtFloodFill
SetPaletteEntries
GetViewportOrgEx
GetWindowOrgEx
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
CreateFontW
SetDIBColorTable
GetDIBits
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
Rectangle
CreateHatchBrush
PatBlt
SetPixel
GetPixel
GetObjectW
DeleteDC
DeleteObject
SelectObject
CreateDIBSection
Ellipse
GetTextExtentPoint32W
CreateFontIndirectW
CreatePen
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleBitmap
ScaleWindowExtEx
CreateCompatibleDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegDeleteValueW
RegQueryValueExW
RegCloseKey
RegOpenKeyW
RegEnumValueW
RegEnumKeyExW
RegQueryValueW
RegEnumKeyW
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW

shell32

ShellExecuteW
Shell_NotifyIconW
DragQueryFileW
DragFinish
SHGetFileInfoW
SHAppBarMessage
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHBrowseForFolderW

comctl32

InitCommonControlsEx
ImageList_Draw
_TrackMouseEvent

shlwapi

PathFileExistsW
PathFindFileNameW
UrlUnescapeW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
StrFormatKBSizeW
PathRemoveFileSpecW

uxtheme

IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetWindowTheme
GetThemeColor
DrawThemeParentBackground
GetCurrentThemeName
GetThemePartSize
IsAppThemed
DrawThemeText
OpenThemeData
CloseThemeData
DrawThemeBackground

ole32

CoRegisterMessageFilter
OleLockRunning
CoInitialize
CoUninitialize
CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemAlloc
CoTaskMemFree
OleDuplicateData
ReleaseStgMedium
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoDisconnectObject
OleDraw
CLSIDFromString
CoCreateGuid
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CLSIDFromProgID
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
OleGetClipboard
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx

oleaut32

SysStringLen
VariantChangeType
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
SafeArrayGetLBound
SysAllocStringLen
VariantInit
SafeArrayUnaccessData
VarBstrFromDate
OleCreateFontIndirect
LoadTypeLi
SysAllocStringByteLen
SysAllocString
VariantClear
SafeArrayAccessData
SysFreeString

oledlg

OleUIBusyW

urlmon

URLDownloadToCacheFileW
URLDownloadToFileW

gdiplus

GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipSetStringFormatFlags
GdipDeleteFont
GdipFree
GdiplusStartup
GdiplusShutdown
GdipLoadImageFromFile
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipDrawImageRectRect
GdipDrawImageRect
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipDrawString
GdipGetDC
GdipReleaseDC
GdipCreatePath
GdipDeletePath
ord1
GdipAddPathLine
GdipCreatePen1
GdipDeletePen
GdipDrawPath
GdipFillPath
GdipDrawRectangleI
GdipGetImageGraphicsContext
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipSetInterpolationMode
GdipDrawImageRectI
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateFont

ws2_32

WSACleanup
WSAStartup
WSASetLastError

iphlpapi

GetAdaptersAddresses

wininet

HttpQueryInfoW
HttpEndRequestW
HttpSendRequestExW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetQueryOptionW
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetCanonicalizeUrlW
InternetCrackUrlW
FindCloseUrlCache
FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW
DeleteUrlCacheEntryW
InternetOpenUrlW

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 376KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 435KB - Virtual size: 434KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
skin/mu.xml
skin/mu/bbs01.png
.png
skin/mu/bbs02.png
.png
skin/mu/bbs03.png
.png
skin/mu/close01.png
.png
skin/mu/close02.png
.png
skin/mu/gameclose01.png
.png
skin/mu/gameclose02.png
.png
skin/mu/gameclose03.png
.png
skin/mu/hide01.png
.png
skin/mu/hide02.png
.png
skin/mu/hide03.png
.png
skin/mu/home01.png
.png
skin/mu/home02.png
.png
skin/mu/home03.png
.png
skin/mu/max01.png
.png
skin/mu/max02.png
.png
skin/mu/max03.png
.png
skin/mu/mini01.png
.png
skin/mu/mini02.png
.png
skin/mu/mini03.png
.png
skin/mu/minimize01.png
.png
skin/mu/minimize02.png
.png
skin/mu/pay01.png
.png
skin/mu/pay02.png
.png
skin/mu/pay03.png
.png
skin/mu/qj.png
.png
skin/mu/refresh01.png
.png
skin/mu/refresh02.png
.png
skin/mu/refresh03.png
.png
skin/mu/restore01.png
.png
skin/mu/restore02.png
.png
skin/mu/restore03.png
.png
skin/mu/skin.xml
skin/mu/top.jpg
.jpg

Sharing

General

Malware Config

Signatures

Files

b729b61eb1515fcf7b3e511e4e66258b

Code Sign

e8:ef:57:43:1b:b3:a5:7a:12:cf:aa:12:02:22:71:b7:fa:86:76:3aSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 409KB

.ndata Size: - Virtual size: 708KB

.rsrc Size: 136KB - Virtual size: 135KB

039bcbc605477e8e87ec550c2e60e748

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 963B

.data Size: 512B - Virtual size: 64B

.reloc Size: 1024B - Virtual size: 588B

2adc220eaa8cb33e1f58ceeacb727229

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

urlmon

gdiplus

ws2_32

iphlpapi

wininet

oleacc

imm32

winmm

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 376KB - Virtual size: 375KB

.data Size: 29KB - Virtual size: 59KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

.reloc Size: 435KB - Virtual size: 434KB

e8:ef:57:43:1b:b3:a5:7a:12:cf:aa:12:02:22:71:b7:fa:86:76:3a
Signer

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 409KB

.ndata
Size: - Virtual size: 708KB

.rsrc
Size: 136KB - Virtual size: 135KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 963B

.data
Size: 512B - Virtual size: 64B

.reloc
Size: 1024B - Virtual size: 588B

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 376KB - Virtual size: 375KB

.data
Size: 29KB - Virtual size: 59KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

.reloc
Size: 435KB - Virtual size: 434KB