4484720cb3dbc6bb3d679a6ddc3c8ea7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4484720cb3dbc6bb3d679a6ddc3c8ea7_JaffaCakes118
Size

1.7MB
MD5

4484720cb3dbc6bb3d679a6ddc3c8ea7
SHA1

4cba300821727242e5bd3a15ef3235e12d483f2b
SHA256

2409595d6d01952852220b6471de257ab50efedbf22f0d03c02e417c0f01eeb7
SHA512

8470d24ba65bce32686bd8519b4490d7e688b925434e517e7d5a21b158369c23cf753938a42971b01b7ffa7b49cf3115a7275446507538bcdb58c87898919235
SSDEEP

49152:Cb7XXx6Ry19h4GvxbyhYNC2vOjNJ1Fuz5oLv:Cb7R6A9haYYDhnywv

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MsWin.exe
unpack001/file.exe

Files

4484720cb3dbc6bb3d679a6ddc3c8ea7_JaffaCakes118
.cab
MsWin.exe
.exe windows:4 windows x86 arch:x86

b6c757e41a8bff27cb873dfb5122dee3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msfl10

ord213
ord2
ord13
ord35
ord14
ord7
ord48
ord54
ord59
ord60
ord51
ord50
ord47
ord56
ord53
ord63
ord62
ord15
ord210
ord44
ord34
ord49
ord61
ord5
ord45
ord217
ord1
ord22
ord18
ord24
ord25
ord52
ord30
ord12
ord26
ord41
ord57
ord215
ord216
ord28
ord43
ord23
ord32
ord11
ord208
ord37
ord27
ord211
ord3
ord21
ord202

olvi10

?Close@COLVInterface@@QAEHXZ
??1COLVInterface@@UAE@XZ
?Open@COLVInterface@@QAE?AW4OnlineStatCode_enum@@PA_N@Z
?QuerySupportedPeriodicities@COLVInterface@@QAEKXZ
?GetSymbolProperties@COLVInterface@@QAEHVCString@@PAVCSymbolInfoEx@@@Z
?GetAllSymbolProperties@COLVInterface@@QAEHP6AXAAVCSymbolInfoExArray@@W4OlSymPropsListStateEnum@@PAX@Z2@Z
??0COLVInterface@@QAE@W4AvailableOLVendors_enum@@PBDKPBXKP6AXVCOnlineVendorNotification@@@ZPAVCOnlineIsAbortedFunction@@@Z
?GetRuntimeClass@COLVInterface@@UBEPAUCRuntimeClass@@XZ
?IsConnected@COLVInterface@@UAEHXZ
?GetBytesProcessedCnt@COLVInterface@@UAEKXZ
?GetPriceData@COLVInterface@@QAE?AW4OnlineStatCode_enum@@PAVCQuoteArray@@VCString@@DAAVCEqTime@@2HPAVCOnlineIsAbortedFunction@@PAVCEqStartEndTradeTimeArray@@@Z
?QuerySupportedServices@COLVInterface@@QAEKXZ
?GetPriceData@COLVInterface@@QAE?AW4OnlineStatCode_enum@@PAVCQuoteArray@@VCString@@DKAAVCEqTime@@HPAVCOnlineIsAbortedFunction@@PAVCEqStartEndTradeTimeArray@@@Z
?GetPriceData@COLVInterface@@QAE?AW4OnlineStatCode_enum@@PAVCQuoteArray@@VCString@@DAAVCEqTime@@KHPAVCOnlineIsAbortedFunction@@PAVCEqStartEndTradeTimeArray@@@Z

mpr

WNetAddConnectionA
WNetCancelConnectionA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

wsock32

WSAAsyncSelect
WSAStartup
WSACleanup
gethostbyname
inet_addr
WSAGetLastError
getsockopt
inet_ntoa
gethostbyaddr
recv
recvfrom
setsockopt
sendto
send
WSAAsyncGetHostByName
WSAAsyncGetHostByAddr
shutdown
accept
listen
htonl
htons
bind
getsockname
gethostname
select
socket
closesocket
connect
ioctlsocket

ltkrn61n

ord146
ord113

ltfil61n

ord103

mfc42

ord1756
ord4220
ord2584
ord3654
ord2438
ord6270
ord1644
ord3813
ord3571
ord640
ord6194
ord5785
ord1640
ord323
ord2971
ord4464
ord5101
ord2101
ord2723
ord2390
ord3059
ord5100
ord5104
ord4467
ord4303
ord3351
ord5012
ord976
ord5472
ord3403
ord2879
ord2878
ord4152
ord4077
ord5237
ord2382
ord5283
ord2649
ord1665
ord4436
ord5254
ord2445
ord4427
ord3650
ord5484
ord4245
ord401
ord674
ord4133
ord4297
ord1871
ord2233
ord5781
ord4083
ord2089
ord6329
ord5816
ord3608
ord6140
ord341
ord654
ord5440
ord6383
ord5450
ord6394
ord1133
ord1842
ord4123
ord816
ord1099
ord3874
ord562
ord3797
ord6172
ord5875
ord616
ord2411
ord2023
ord4218
ord2578
ord4398
ord3402
ord3582
ord2302
ord926
ord5856
ord4204
ord4278
ord3317
ord1863
ord6170
ord4023
ord4317
ord2860
ord5788
ord2557
ord1938
ord3711
ord3295
ord6154
ord2530
ord4366
ord4056
ord5471
ord4121
ord2389
ord1710
ord1715
ord5234
ord6369
ord5279
ord5064
ord5248
ord2444
ord807
ord554
ord783
ord6625
ord4268
ord1195
ord4755
ord6197
ord5882
ord2112
ord6146
ord5883
ord4147
ord4454
ord4800
ord5086
ord5884
ord2921
ord1175
ord6209
ord2639
ord3752
ord4772
ord5572
ord2915
ord2652
ord1669
ord5054
ord4724
ord4794
ord5155
ord4701
ord4115
ord4809
ord955
ord613
ord5789
ord289
ord2393
ord1949
ord2567
ord2754
ord4284
ord1567
ord268
ord6379
ord6453
ord5821
ord3662
ord414
ord713
ord5859
ord3984
ord4349
ord6141
ord941
ord859
ord3920
ord2714
ord4216
ord3790
ord2763
ord5863
ord5681
ord771
ord2528
ord1008
ord6605
ord2012
ord819
ord568
ord3517
ord2537
ord2884
ord3361
ord2450
ord3074
ord2086
ord326
ord3506
ord3111
ord2074
ord3870
ord6195
ord6128
ord6021
ord705
ord406
ord763
ord483
ord4273
ord4287
ord3499
ord2515
ord355
ord3495
ord5852
ord2087
ord327
ord1916
ord6327
ord2863
ord539
ord1771
ord6366
ord2413
ord2024
ord4219
ord2581
ord4401
ord3639
ord802
ord692
ord1086
ord542
ord4299
ord1690
ord4439
ord2054
ord4431
ord5850
ord5849
ord4715
ord5638
ord786
ord2461
ord603
ord5460
ord273
ord5989
ord519
ord1989
ord6400
ord1876
ord6571
ord2014
ord6395
ord5455
ord3298
ord4483
ord1781
ord2793
ord2955
ord2858
ord5652
ord5019
ord5106
ord4921
ord5003
ord4730
ord4669
ord4490
ord4345
ord4338
ord4647
ord5022
ord4492
ord4512
ord4962
ord971
ord2058
ord4645
ord2548
ord5508
ord5956
ord4037
ord3268
ord3353
ord4622
ord720
ord420
ord5510
ord3174
ord4042
ord1655
ord429
ord6340
ord4382
ord4388
ord2371
ord4493
ord2394
ord5824
ord1729
ord5871
ord3520
ord6401
ord3573
ord3693
ord2380
ord1194
ord1803
ord4364
ord620
ord298
ord6064
ord4230
ord4076
ord3021
ord6134
ord3763
ord4003
ord2727
ord2730
ord2729
ord5981
ord2864
ord2645
ord2784
ord5710
ord6223
ord2919
ord6119
ord5604
ord415
ord879
ord882
ord5637
ord2882
ord3475
ord6883
ord925
ord801
ord541
ord6143
ord5873
ord6335
ord1709
ord5768
ord3610
ord2575
ord4396
ord3574
ord3719
ord656
ord793
ord609
ord2295
ord2364
ord6265
ord332
ord646
ord2572
ord6237
ord1708
ord3955
ord2651
ord1229
ord1741
ord4290
ord4733
ord1750
ord2647
ord3102
ord2531
ord4057
ord5083
ord3600
ord331
ord645
ord4236
ord1234
ord3100
ord1711
ord1716
ord3986
ord5154
ord4796
ord4759
ord1864
ord2102
ord5103
ord3350
ord975
ord5473
ord4151
ord5282
ord1724
ord5256
ord407
ord706
ord4247
ord4815
ord4810
ord1867
ord4695
ord5939
ord2003
ord5730
ord3948
ord2185
ord2184
ord4214
ord3107
ord5616
ord988
ord3444
ord3193
ord6451
ord411
ord709
ord5197
ord2455
ord4162
ord1821
ord4611
ord4609
ord4485
ord2539
ord3471
ord2002
ord5729
ord5502
ord3446
ord3195
ord985
ord334
ord648
ord4367
ord3882
ord3273
ord3579
ord438
ord5344
ord614
ord1265
ord1945
ord5823
ord3664
ord1081
ord715
ord2614
ord5787
ord3220
ord3564
ord2366
ord6028
ord2516
ord361
ord5815
ord3601
ord333
ord647
ord5606
ord2997
ord4262
ord4899
ord5076
ord4963
ord4960
ord1725
ord784
ord517
ord6130
ord6131
ord6216
ord479
ord5037
ord3816
ord4889
ord1965
ord6179
ord5292
ord6125
ord3075
ord4692
ord5146
ord1767
ord6129
ord1140
ord1920
ord4365
ord5085
ord1714
ord4404
ord5258
ord3722
ord796
ord529
ord5605
ord2761
ord2585
ord2011
ord3294
ord4265
ord5015

msvcrt

_splitpath
fgets
ftell
strrchr
fclose
fopen
_fstat
ctime
fseek
isdigit
calloc
_CIfmod
tolower
strtod
_mbsinc
ceil
frexp
floor
_strdup
isalpha
_beginthreadex
strtoul
_chdir
strncat
isspace
strtok
atof
sprintf
_ismbcspace
_mbsnbcpy
_mbschr
??0exception@@QAE@XZ
_isnan
_controlfp
_mbsrchr
ldiv
atoi
atol
sscanf
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
strcmp
qsort
_findnext
memset
strcpy
strstr
mbstowcs
memcmp
pow
fabs
_mbsnbicmp
strpbrk
_strupr
_except_handler3
_memccpy
fread
fwrite
_vsnprintf
_fullpath
difftime
_ltoa
_getpid
_mbspbrk
_HUGE
modf
isupper
_snprintf
_gcvt
_mbstok
_mbsstr
_ecvt
_ismbcdigit
isalnum
_control87
_clearfp
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
__dllonexit
_onexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
__p__commode
__p__fmode
__set_app_type
vsprintf
strlen
memcpy
_chdrive
strcat
toupper
_getcwd
_findfirst
bsearch
srand
_adjust_fdiv
rand
time
memchr
wcslen
_strnicmp
_access
_strrev
_mkdir
_strlwr
_setmbcp
_stricmp
strchr
_CIpow
_itoa
__CxxFrameHandler
_mbscmp
_getdrive
_purecall
_ftol
memmove
strncmp
??0exception@@QAE@ABV0@@Z
?what@exception@@UBEPBDXZ
strncpy
_CxxThrowException
free
_mbsicmp
_fpreset
malloc
isprint

kernel32

RaiseException
WideCharToMultiByte
GlobalAlloc
GlobalUnlock
GlobalSize
GlobalLock
GetVersionExA
GetProfileStringA
GetCurrentThreadId
InterlockedExchange
InterlockedIncrement
lstrcpynA
InterlockedDecrement
Sleep
MulDiv
GetLogicalDrives
LocalFree
GetPrivateProfileStringA
GetVolumeInformationA
GetTickCount
WinExec
lstrlenA
WaitForSingleObject
GlobalMemoryStatus
GetFileAttributesA
SearchPathA
GetSystemTime
GetLocalTime
GetModuleFileNameA
GetTempFileNameA
CreateDirectoryA
DeleteFileA
CloseHandle
UnmapViewOfFile
CreateProcessA
OpenFileMappingA
lstrcatA
MapViewOfFile
FreeLibrary
GetProcAddress
ExitProcess
GetSystemInfo
InitializeCriticalSection
LoadLibraryA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetVersion
CreateMutexA
SetUnhandledExceptionFilter
lstrlenW
GetTempPathA
ReleaseMutex
FindFirstFileA
GetModuleHandleA
FindClose
GetUserDefaultLangID
GetLastError
FormatMessageA
GetFullPathNameA
lstrcmpA
FindNextFileA
CreateFileA
CreateFileMappingA
FindResourceA
LoadResource
GlobalFree
LockResource
GlobalHandle
LocalAlloc
GlobalReAlloc
SizeofResource
GetUserDefaultLCID
OutputDebugStringA
WriteFile
GetLocaleInfoA
OpenEventA
ResetEvent
SetEvent
MoveFileA
CreateEventA
WaitForMultipleObjects
GetProfileIntA
GetWindowsDirectoryA
GetDiskFreeSpaceA
SetFilePointer
ReadFile
GetTimeZoneInformation
GetCurrentDirectoryA
MultiByteToWideChar
SetCurrentDirectoryA
EnumDateFormatsA
GetDateFormatA
OutputDebugStringW
VirtualQuery
GetCurrentThread
GetCurrentProcess
MoveFileExA
GetExitCodeThread
IsBadStringPtrA
SuspendThread
GetThreadPriority
ResumeThread
GetDiskFreeSpaceExA
SetThreadPriority
SetLastError
SetPriorityClass
GetPriorityClass
RemoveDirectoryA
OpenProcess
PulseEvent
GetExitCodeProcess
DuplicateHandle
GetTimeFormatA
TerminateThread
GetLogicalDriveStringsA
GetSystemDirectoryA
QueryPerformanceCounter
CopyFileA
GetStartupInfoA
SetFileAttributesA
lstrcpyA

user32

GetWindowContextHelpId
SetMenuDefaultItem
GetLastActivePopup
GetMenuState
GetDlgItem
GetMenuItemInfoA
GetClassNameA
SendMessageTimeoutA
GetTopWindow
MoveWindow
SetActiveWindow
HideCaret
MsgWaitForMultipleObjects
DestroyWindow
FrameRect
GetMessagePos
CreateWindowExA
IsWindowEnabled
EnumWindows
MessageBoxIndirectA
EnumChildWindows
DrawTextA
SetFocus
ModifyMenuA
GetSystemMenu
SetParent
FindWindowExA
DrawStateA
GetNextDlgGroupItem
CharUpperA
TranslateAcceleratorA
LoadAcceleratorsA
MapDialogRect
EnumClipboardFormats
SetPropA
InsertMenuItemA
GetPropA
GetWindowRgn
AdjustWindowRectEx
IsMenu
GetClipCursor
InvertRect
DestroyMenu
GetNextDlgTabItem
TrackPopupMenuEx
GetForegroundWindow
TabbedTextOutA
GetTabbedTextExtentA
CreateCursor
ShowScrollBar
MapWindowPoints
ClipCursor
DestroyCursor
DeferWindowPos
RemoveMenu
IsChild
BeginDeferWindowPos
EndDeferWindowPos
GetMessageA
CheckMenuRadioItem
RemovePropA
DrawEdge
GetClipboardData
IsClipboardFormatAvailable
GetFocus
VkKeyScanA
GetKeyState
EqualRect
UnregisterClassA
DestroyIcon
MessageBoxA
IntersectRect
GetDC
GetDialogBaseUnits
WindowFromDC
EmptyClipboard
SetClipboardData
CloseClipboard
GetWindow
wsprintfA
SetCursorPos
GetWindowLongA
SetWindowLongA
GetCursor
GetIconInfo
GetSysColorBrush
FillRect
KillTimer
SetTimer
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetDlgCtrlID
SetWindowPos
GetCaretPos
PostThreadMessageA
TranslateMessage
WaitMessage
FindWindowA
ShowWindow
SetMenu
IsWindow
WindowFromPoint
DeleteMenu
SetWindowContextHelpId
LoadMenuA
DefWindowProcA
GetClassInfoA
RegisterClassA
CallWindowProcA
GetWindowTextA
SetWindowTextA
GetDoubleClickTime
ChildWindowFromPoint
GetWindowDC
GetMenuItemCount
GetMenuItemID
GetSubMenu
LoadImageA
InsertMenuA
IsWindowVisible
IsZoomed
GetActiveWindow
RedrawWindow
EnableScrollBar
SetScrollRange
InvalidateRect
UpdateWindow
AppendMenuA
RegisterWindowMessageA
IsRectEmpty
GetSysColor
SystemParametersInfoA
SetRectEmpty
EnableMenuItem
CheckMenuItem
GetMenu
GetMenuStringA
CreateIconIndirect
IsIconic
GetCursorPos
PtInRect
MessageBeep
LoadCursorA
PeekMessageA
GetCapture
DispatchMessageA
ReleaseCapture
SetCursor
PostQuitMessage
SetCapture
ScreenToClient
GetSystemMetrics
DrawMenuBar
LoadIconA
DrawFocusRect
BringWindowToTop
DrawIconEx
SetForegroundWindow
ReleaseDC
GetAsyncKeyState
OpenClipboard
SetScrollPos
GetWindowThreadProcessId
UnionRect
InflateRect
OffsetRect
SetRect
PostMessageA
CreatePopupMenu
ClientToScreen
GetParent
CopyRect
BeginPaint
GetClientRect
EndPaint
SetWindowRgn
GetDesktopWindow
EnableWindow
LoadBitmapA
GetWindowRect
SendMessageA
RegisterClipboardFormatA
DrawFrameControl
SetMenuItemInfoA

gdi32

Polygon
CreateBitmap
GetBitmapBits
GetBoundsRect
GetViewportExtEx
StretchDIBits
SetDIBits
CreateBrushIndirect
FillRgn
OffsetRgn
CreateHatchBrush
EnumFontFamiliesA
TextOutA
EnumFontFamiliesExA
SetMapMode
LPtoDP
SetPolyFillMode
GetDIBits
CreateHalftonePalette
GetDIBColorTable
GetMapMode
Arc
SelectPalette
RealizePalette
CreateDIBitmap
DeleteObject
StretchBlt
RemoveFontResourceA
CreateScalableFontResourceA
AddFontResourceA
GetClipBox
CreateICA
SetTextAlign
Polyline
CreateBitmapIndirect
UnrealizeObject
CreateSolidBrush
CreatePalette
SetPixel
GetPixel
GetNearestPaletteIndex
GetPaletteEntries
GetObjectA
DeleteDC
GetViewportOrgEx
CreateRectRgn
CreateFontA
CreatePen
CreatePatternBrush
SetBkColor
CreateEnhMetaFileA
CloseEnhMetaFile
PatBlt
PlayEnhMetaFile
DeleteEnhMetaFile
SetAbortProc
StartDocA
DPtoLP
StartPage
EndPage
EndDoc
AbortDoc
CreateDCA
GetTextColor
RoundRect
SetBkMode
SetTextColor
ExtTextOutA
GetStockObject
CreateEllipticRgn
Ellipse
SelectObject
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CombineRgn
SetRectRgn
CreateRectRgnIndirect
Rectangle
GetTextExtentPoint32A
CreateFontIndirectA
GetDeviceCaps
GetTextAlign
GetTextMetricsA

comdlg32

PrintDlgA
GetFileTitleA

winspool.drv

DeviceCapabilitiesA

advapi32

RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegEnumValueA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyExA
RegQueryInfoKeyA
RegQueryValueW
RegEnumKeyW
RegEnumKeyA
RegDeleteValueA

shell32

ShellExecuteExA
SHBrowseForFolderA
ShellExecuteA
FindExecutableA
SHGetFileInfoA
SHGetMalloc
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetSpecialFolderLocation

comctl32

ImageList_LoadImageA
ImageList_Draw
ImageList_AddMasked
ImageList_Destroy
ImageList_SetImageCount
ImageList_Create
ImageList_DrawEx
ImageList_GetImageInfo
ImageList_Add
ImageList_GetIconSize
_TrackMouseEvent
ImageList_GetImageCount
ImageList_GetIcon
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Remove

oledlg

ord1
ord5

ole32

CreateFileMoniker
StgCreateDocfile
StgOpenStorage
CoTaskMemFree
CreateBindCtx
OleCreateLinkFromData
OleGetClipboard
StringFromGUID2
CoUninitialize
CoGetMalloc
OleCreateStaticFromData
OleCreateFromData
CLSIDFromString
ReleaseStgMedium
IIDFromString
StgIsStorageFile
CLSIDFromProgID
GetRunningObjectTable
CoInitialize
CoCreateInstance
OleRun

oleaut32

SysFreeString
GetErrorInfo
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysStringLen
VariantInit
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringLen
VariantClear
VariantChangeType
VariantCopy

msvcp60

?assign@?$char_traits@D@std@@SAXAADABD@Z
?length@?$char_traits@D@std@@SAIPBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?compare@?$char_traits@D@std@@SAHPBD0I@Z

winmm

PlaySoundA

msvfw32

MCIWndCreateA

Sections

.text
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 744KB - Virtual size: 743KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
file.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

fdbvbv

Sections

CODE
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6c757e41a8bff27cb873dfb5122dee3

Headers

File Characteristics

Imports

msfl10

olvi10

mpr

version

wsock32

ltkrn61n

ltfil61n

mfc42

msvcrt

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

msvcp60

winmm

msvfw32

Sections

.text Size: 4.2MB - Virtual size: 4.2MB

.rdata Size: 744KB - Virtual size: 743KB

.data Size: 124KB - Virtual size: 191KB

.tls Size: 4KB - Virtual size: 1020B

.rsrc Size: 1.2MB - Virtual size: 1.2MB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 17KB - Virtual size: 17KB

DATA Size: 512B - Virtual size: 284B

BSS Size: - Virtual size: 1KB

.idata Size: 1KB - Virtual size: 1KB

.edata Size: 512B - Virtual size: 69B

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 1KB - Virtual size: 1KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 4.2MB - Virtual size: 4.2MB

.rdata
Size: 744KB - Virtual size: 743KB

.data
Size: 124KB - Virtual size: 191KB

.tls
Size: 4KB - Virtual size: 1020B

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

CODE
Size: 17KB - Virtual size: 17KB

DATA
Size: 512B - Virtual size: 284B

BSS
Size: - Virtual size: 1KB

.idata
Size: 1KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 69B

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 13KB - Virtual size: 13KB