f6b26d7e979020c813fe6cd76f91a58258382db1a9b4427519af469c72db8451

Sharing

Copy URL Twitter E-mail

General

Target

f6b26d7e979020c813fe6cd76f91a58258382db1a9b4427519af469c72db8451
Size

3.9MB
MD5

862ea3e06ba4249631e00781a6b53dc7
SHA1

bad0a8a44b97585e5787fa40277ea6aeb99ca885
SHA256

f6b26d7e979020c813fe6cd76f91a58258382db1a9b4427519af469c72db8451
SHA512

6d13a511d7306b89dbd210c82ecb2b78f4508dd5408aa568329c27cc34a1e85ea26ece03d93903b6f630d0bc41dee0c7c9686f613fd287162877d9e602bc42bd
SSDEEP

98304:BI+jT/Nx5MA6iXbE8L1qkWVIUU6hpqrI5GV25hXTjqC9uot:GW7N4/itcL+UxHkI5GVE5lAo

Score

9^/10

upx aspackv2

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 2 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/ssqdanma/HardwareID.dll	acprotect
static1/unpack001/ssqdanma/SkinH_VB6.dll	acprotect

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/ssqdanma/update.EXE	aspack_v212_v242

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/ssqdanma/HardwareID.dll	upx
static1/unpack001/ssqdanma/SkinH_VB6.dll	upx

Files

f6b26d7e979020c813fe6cd76f91a58258382db1a9b4427519af469c72db8451
.rar
ssqdanma/COMDLG32.OCX
.dll regsvr32 windows x86

988f29c1eb8054253091352741683c76

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:0e:7d:a7:00:00:00:00:00:48
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/10/2003, 05:59

Not After

25/01/2005, 06:09

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:04:be:c7:7e:04:0a:8e:9c:44:86:a8:95:a7:50:5e:ca:0f:22:ec
Signer

Actual PE Digest

30:04:be:c7:7e:04:0a:8e:9c:44:86:a8:95:a7:50:5e:ca:0f:22:ec

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

24/11/2022, 14:54
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

HeapReAlloc
GetLastError
LockResource
GetWindowsDirectoryA
InterlockedDecrement
InterlockedIncrement
IsDBCSLeadByte
CompareStringA
CompareStringW
lstrcmpA
GetLocaleInfoA
GetVersion
GetModuleFileNameA
GetFileAttributesA
IsBadWritePtr
DisableThreadLibraryCalls
GlobalAlloc
lstrcmpiA
LoadLibraryA
GetProcAddress
lstrcatA
lstrlenA
lstrcpyA
WriteProfileStringA
GlobalLock
GlobalUnlock
LoadResource
FindResourceA
lstrcpynA
LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
HeapAlloc
GetProfileStringA
EnterCriticalSection
GetProcessHeap
GetCurrentThreadId
MultiByteToWideChar
InitializeCriticalSection
GlobalFree

user32

SetWindowRgn
IntersectRect
EqualRect
PtInRect
IsDialogMessageA
IsChild
GetKeyState
CreateDialogIndirectParamA
MessageBeep
PostMessageA
ClientToScreen
wsprintfA
SendMessageTimeoutA
CharNextA
GetActiveWindow
GetWindowThreadProcessId
LoadCursorA
MessageBoxA
GetWindowLongA
GetWindowRect
CreateWindowExA
SetWindowLongA
ShowWindow
DialogBoxParamA
EnableWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
OffsetRect
GetParent
GetDlgItem
SendMessageA
SetFocus
SetParent
SetDlgItemInt
EndPaint
SetActiveWindow
IsWindowVisible
WinHelpA
GetDlgItemInt
EndDialog
GetDlgItemTextA
DestroyWindow
SetDlgItemTextA
GetWindowTextA
GetNextDlgTabItem
SendDlgItemMessageA
RegisterClassA
GetDC
ReleaseDC
LoadIconA
DrawIcon
DestroyIcon
GetSystemMetrics
RegisterWindowMessageA
LoadStringA
DefWindowProcA
UnregisterClassA
GetClientRect
BeginPaint
RegisterClipboardFormatA
SetWindowPos
MoveWindow

ole32

CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
ReleaseStgMedium

advapi32

RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

LoadRegTypeLi
OleCreatePropertyFrame
SetErrorInfo
UnRegisterTypeLi
LoadTypeLi
LoadTypeLibEx
OleLoadPicture
VariantChangeType
RegisterTypeLi
VariantInit
GetErrorInfo
VariantClear
SysStringLen
SysAllocStringLen
OleTranslateColor
SysFreeString
SysAllocString
CreateErrorInfo

comdlg32

CommDlgExtendedError
PrintDlgA
ChooseFontA
ChooseColorA
GetOpenFileNameA
GetSaveFileNameA

gdi32

GetDIBits
CreateCompatibleDC
CreateBitmap
GetSystemPaletteEntries
StretchDIBits
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetMapMode
LPtoDP
SetViewportExtEx
GetViewportExtEx
CreateRectRgnIndirect
GetWindowExtEx
CreateDCA
GetObjectA
EnumFontFamiliesA
DeleteDC
DeleteObject
GetDeviceCaps
SelectObject

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ssqdanma/DATA/ssq.mdb
ssqdanma/HardwareID.dll
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

GetDllVer
GetHardwareID
GetHardwareIDWithAppID
GetHardwareIDWithAppID_vba
GetHardwareID_vba

Sections

UPX0
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ssqdanma/MSCHRT20.OCX
.dll regsvr32 windows x86

a0a3b80e18d8fb6ca27a1f8612e03304

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:0e:7d:a7:00:00:00:00:00:48
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/10/2003, 05:59

Not After

25/01/2005, 06:09

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

68:5c:1d:bd:87:b3:f7:fd:d5:1e:de:8d:6a:79:03:41:d2:07:b1:70
Signer

Actual PE Digest

68:5c:1d:bd:87:b3:f7:fd:d5:1e:de:8d:6a:79:03:41:d2:07:b1:70

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

24/11/2022, 14:54
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateFileA
GetFileSize
ReadFile
MulDiv
GetSystemTime
GetLocalTime
CompareStringW
CompareStringA
GetVersionExA
IsDBCSLeadByte
GlobalSize
GlobalAlloc
lstrcmpA
GetStringTypeW
GetStringTypeA
GetModuleFileNameA
lstrcatA
LCMapStringW
LCMapStringA
VirtualAlloc
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
GetACP
SetEnvironmentVariableA
CloseHandle
FlushFileBuffers
GetLocaleInfoW
GetTimeZoneInformation
SetStdHandle
SetFilePointer
HeapSize
RaiseException
GetUserDefaultLCID
EnumSystemLocalesA
IsValidCodePage
IsValidLocale
GlobalReAlloc
HeapCompact
FreeEnvironmentStringsA
GetOEMCP
GetCPInfo
lstrcpynA
lstrlenA
MultiByteToWideChar
GlobalLock
GlobalUnlock
GlobalFree
lstrlenW
WideCharToMultiByte
FreeLibrary
GetProcessHeap
HeapAlloc
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
TerminateProcess
ExitProcess
GetModuleHandleA
GetCommandLineA
GetFileAttributesA
DisableThreadLibraryCalls
HeapFree
GetVersion
InitializeCriticalSection
LoadResource
DeleteCriticalSection
FindResourceA
lstrcmpiA
LockResource
GetLastError
InterlockedIncrement
HeapReAlloc
InterlockedDecrement
LoadLibraryA
GetProcAddress
GetLocaleInfoA
GetWindowsDirectoryA
EnterCriticalSection
LeaveCriticalSection
lstrcpyA

user32

SetCursorPos
RegisterClipboardFormatA
LoadStringA
RegisterClassA
GetDialogBaseUnits
FillRect
DefWindowProcA
LoadCursorA
RegisterWindowMessageA
PeekMessageA
PostMessageA
PostMessageW
PeekMessageW
GetClipboardFormatNameA
GetSysColor
ScreenToClient
CharLowerBuffA
LoadBitmapA
MessageBoxA
DrawFocusRect
SetClipboardData
DrawTextA
GetWindowTextA
GetWindowTextLengthA
SetWindowTextA
IsWindow
FrameRect
GetDesktopWindow
KillTimer
SetTimer
WindowFromPoint
HideCaret
ChildWindowFromPoint
SetCursor
GetClassInfoA
GetClassNameA
GetCursor
GetUpdateRect
UpdateWindow
GetDoubleClickTime
ClientToScreen
GetWindowRect
ReleaseCapture
PtInRect
SetCapture
SetWindowPos
SetWindowLongA
GetClientRect
OffsetRect
MapWindowPoints
GetCursorPos
GetWindowLongA
EnableWindow
UnregisterClassA
InvalidateRect
GetCapture
GetFocus
CreateDialogIndirectParamA
IsChild
IsWindowEnabled
GetNextDlgTabItem
IsDialogMessageA
WinHelpA
GetKeyState
CallWindowProcA
ShowWindow
SetWindowRgn
IntersectRect
EqualRect
DialogBoxIndirectParamA
EndDialog
CreateWindowExA
GetSystemMetrics
GetActiveWindow
MoveWindow
SendMessageA
SetFocus
BeginPaint
EndPaint
SetParent
IsWindowVisible
wsprintfA
DestroyWindow
CharNextA
GetDC
ReleaseDC
GetDlgItem
GetDlgItemTextA
GetWindow
GetParent
GetDlgCtrlID

ole32

ReleaseStgMedium
CoTaskMemFree
OleGetClipboard
DoDragDrop
OleSetClipboard
OleUninitialize
OleInitialize
OleFlushClipboard
CreateOleAdviseHolder
CoTaskMemAlloc
CoCreateInstance
RevokeDragDrop
RegisterDragDrop

advapi32

RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

LoadRegTypeLi
SafeArrayCopy
SafeArrayRedim
SafeArrayAccessData
SafeArrayUnaccessData
VariantCopyInd
VariantCopy
LoadTypeLibEx
UnRegisterTypeLi
RegisterTypeLi
CreateErrorInfo
SetErrorInfo
LoadTypeLi
OleCreatePropertyFrame
SysAllocStringLen
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElement
VariantChangeType
SafeArrayCreate
SafeArrayPutElement
SafeArrayDestroy
SysStringLen
OleTranslateColor
SysFreeString
OleCreatePictureIndirect
VariantClear
VariantInit
SysAllocString
SafeArrayGetDim
VarR4FromCy

comdlg32

ChooseColorA

gdi32

GetTextExtentPoint32A
GetGlyphOutlineA
GetCharABCWidthsA
Polyline
DeleteMetaFile
Pie
RestoreDC
DeleteDC
DeleteObject
SelectObject
CreateCompatibleBitmap
BitBlt
GetDeviceCaps
CreateSolidBrush
CreateCompatibleDC
CreateRectRgnIndirect
GetViewportExtEx
SaveDC
LPtoDP
SetMapMode
GetWindowExtEx
Polygon
SetWindowExtEx
SetViewportOrgEx
SetWindowOrgEx
CreateDCA
GetStockObject
GetPaletteEntries
GetDIBits
RealizePalette
SelectPalette
GetObjectA
CreateDIBitmap
CreateBitmap
GetBitmapBits
StretchDIBits
CopyEnhMetaFileA
SetMetaFileBitsEx
GetTextMetricsA
GetBkMode
CreatePatternBrush
CreateHatchBrush
CreateBrushIndirect
CreatePenIndirect
CreateFontIndirectA
EnumFontFamiliesA
ExtTextOutA
GetKerningPairsA
SetPolyFillMode
SetROP2
SetBkMode
SetBkColor
SetTextColor
CopyMetaFileA
IntersectClipRect
SetPixel
LineTo
MoveToEx
Rectangle
Ellipse
Chord
Arc
SetViewportExtEx
UpdateColors
CreateMetaFileA
Escape
CloseMetaFile
GetPixel
DPtoLP
CreatePalette
GetNearestColor
GetOutlineTextMetricsA
CreatePen
UnrealizeObject
SetBrushOrgEx
OffsetViewportOrgEx
PlayMetaFile
GetMetaFileBitsEx
StretchBlt
SetTextAlign
TextOutA
PolyPolygon

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 592KB - Virtual size: 592KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 238KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ssqdanma/MSCOMCTL.OCX
.dll regsvr32 windows x86

fe3e00b55ce38538da3f709132445d8e

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:27:81:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/10/2008, 21:24

Not After

22/01/2010, 21:34

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:49:7c:ed:00:00:00:00:00:05
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:55

Not After

16/09/2011, 02:05

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:10D8-5847-CBF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f1:55:9b:a0:85:de:0a:59:61:4f:a9:6c:32:ca:4b:69:69:e9:58:cd
Signer

Actual PE Digest

f1:55:9b:a0:85:de:0a:59:61:4f:a9:6c:32:ca:4b:69:69:e9:58:cd

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

25/09/2009, 18:37
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateThread
MulDiv
GetTickCount
LocalReAlloc
GetProfileIntA
RtlMoveMemory
lstrcatA
LocalSize
Sleep
GetCurrentProcessId
GetSystemDefaultLCID
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
GlobalReAlloc
IsBadReadPtr
WaitForSingleObject
GlobalHandle
GetThreadLocale
LocalFree
LocalAlloc
GlobalAddAtomA
SetFilePointer
SetStdHandle
FlushFileBuffers
VirtualAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentProcess
TerminateProcess
ExitProcess
RtlUnwind
GetCommandLineA
CompareStringW
GlobalSize
CreateFileA
GetFileSize
GlobalUnlock
GlobalLock
ReadFile
CloseHandle
IsDBCSLeadByte
GetModuleHandleA
FindResourceA
LoadResource
LockResource
GetLastError
GetFileAttributesA
GetVersion
DisableThreadLibraryCalls
GetProcAddress
GetLocaleInfoA
LoadLibraryA
GetWindowsDirectoryA
GetModuleFileNameA
IsBadWritePtr
lstrcmpiA
GetLocalTime
GetTimeFormatA
GetDateFormatA
lstrcmpA
lstrcpynA
lstrcpyA
GlobalAlloc
GlobalFree
GetVersionExA
GetCurrentThreadId
MultiByteToWideChar
CompareStringA
InterlockedExchange
lstrlenA
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
lstrlenW
WideCharToMultiByte
HeapFree
FreeLibrary
DeleteCriticalSection
FreeResource
InitializeCriticalSection

user32

GetDesktopWindow
EnumChildWindows
GetDoubleClickTime
CopyRect
DrawFocusRect
AdjustWindowRect
DrawFrameControl
TrackPopupMenu
GetMessageA
SetRectEmpty
AdjustWindowRectEx
GetKeyNameTextA
ShowCaret
SetCaretPos
GrayStringA
HideCaret
DestroyCaret
CreateCaret
SetWindowTextA
SetScrollInfo
DrawTextExA
InvertRect
GetShellWindow
SetKeyboardState
GetKeyboardState
GetScrollInfo
GetKeyboardLayout
DestroyCursor
GetUpdateRgn
GetUpdateRect
GetWindowRgn
ValidateRect
CallMsgFilterA
LockWindowUpdate
IsZoomed
CharNextExA
GetIconInfo
GetCursor
GetForegroundWindow
InvalidateRgn
GetDCEx
DeferWindowPos
BeginDeferWindowPos
FindWindowA
GetMessageTime
GetWindowThreadProcessId
RemovePropA
SendNotifyMessageA
SetScrollPos
SetScrollRange
GetWindowTextLengthA
EnableScrollBar
ChildWindowFromPoint
LoadStringA
SendMessageA
CopyImage
GetSystemMetrics
LoadIconA
InvalidateRect
RegisterClassA
GetClassInfoA
ReleaseCapture
GetCapture
GetKeyState
DrawTextA
SetActiveWindow
CheckRadioButton
SetFocus
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
CheckDlgButton
GetDlgItem
IsWindowEnabled
SendDlgItemMessageA
DrawIconEx
UnregisterClassA
CreateIconIndirect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetClipboardFormatNameA
SetCursorPos
RegisterClipboardFormatA
MessageBeep
RegisterWindowMessageA
PeekMessageA
PostMessageW
PeekMessageW
VkKeyScanA
CreateAcceleratorTableA
CharNextA
RedrawWindow
SetCursor
CreateDialogIndirectParamA
GetNextDlgTabItem
IsDialogMessageA
ScrollWindowEx
ShowWindow
SetWindowRgn
IntersectRect
EqualRect
MoveWindow
BeginPaint
EndPaint
SetParent
IsWindowVisible
EndDeferWindowPos
FillRect
InflateRect
GetDlgItemTextA
GetDlgItemInt
EndDialog
GetWindow
GetPropA
GetCursorPos
WindowFromPoint
GetClassNameA
GetDlgCtrlID
IsWindow
SetPropA
SetTimer
KillTimer
DrawIcon
DestroyIcon
MapWindowPoints
CreatePopupMenu
AppendMenuA
TrackPopupMenuEx
DestroyMenu
GetActiveWindow
MessageBoxA
WinHelpA
PtInRect
DefWindowProcA
GetWindowDC
SetRect
LoadCursorA
IsRectEmpty
ClientToScreen
GetWindowRect
MapVirtualKeyA
DestroyWindow
CreateWindowExA
GetSysColorBrush
GetAsyncKeyState
EnableWindow
PostMessageA
TranslateMessage
DispatchMessageA
wsprintfA
DialogBoxParamA
UpdateWindow
GetWindowLongA
SetWindowLongA
GetDC
ReleaseDC
GetParent
OffsetRect
UnionRect
GetFocus
IsChild
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetMessagePos
ScreenToClient
SetWindowPos
SetCapture
GetWindowTextA
WindowFromDC
GetClientRect
CallWindowProcA
DrawEdge
GetSysColor
FrameRect
CharUpperA

ole32

ReleaseStgMedium
DoDragDrop
RegisterDragDrop
RevokeDragDrop
OleLoadFromStream
OleSaveToStream
CreateOleAdviseHolder
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CreateStreamOnHGlobal

advapi32

RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegQueryValueExA
RegQueryValueA

oleaut32

VariantClear
SafeArrayCopy
SafeArrayRedim
SafeArrayPutElement
SafeArrayGetElement
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
GetErrorInfo
OleCreateFontIndirect
OleCreatePropertyFrame
LoadTypeLibEx
UnRegisterTypeLi
RegisterTypeLi
CreateErrorInfo
SetErrorInfo
LoadRegTypeLi
LoadTypeLi
VariantChangeTypeEx
SysStringByteLen
SysAllocStringByteLen
OleLoadPicture
SysAllocStringLen
VariantCopy
OleTranslateColor
VariantChangeType
OleCreatePictureIndirect
VariantCopyInd
SysStringLen
SysFreeString
VariantInit
SysAllocString

comdlg32

GetOpenFileNameA

gdi32

DeleteObject
SelectObject
CreateSolidBrush
SetViewportOrgEx
SetWindowOrgEx
SetViewportExtEx
SetWindowExtEx
SetMapMode
GetDeviceCaps
CreateFontIndirectA
GetObjectA
SelectClipRgn
ExcludeClipRect
RectVisible
GetClipBox
IntersectClipRect
GetClipRgn
CreateRectRgnIndirect
RealizePalette
SelectPalette
PatBlt
CreateCompatibleBitmap
CreateBitmap
CreateCompatibleDC
GetTextExtentPoint32A
TextOutA
SetBkColor
SetTextColor
SetBkMode
Rectangle
CreatePen
GetStockObject
GetViewportExtEx
GetWindowExtEx
LPtoDP
DeleteDC
CreateDCA
CreateRectRgn
StretchBlt
CreateICA
CopyMetaFileA
CopyEnhMetaFileA
GetPaletteEntries
GetDIBits
CreateDIBitmap
GetBitmapBits
CreatePalette
GetNearestColor
CreatePatternBrush
CreateDIBSection
CreateHalftonePalette
BitBlt
SetDIBColorTable
GetDIBColorTable
GetPixel
StretchDIBits
SetBrushOrgEx
GetBkColor
ExtTextOutA
RestoreDC
SaveDC
CreateFontA
GetCharWidthA
GetTextExtentPointA
Arc
Ellipse
LineTo
MoveToEx
GetTextMetricsA
CombineRgn
GetTextColor
OffsetRgn
SetTextAlign
GetTextAlign
Polyline
GetTextExtentPointW
ExtTextOutW
OffsetWindowOrgEx

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 676KB - Virtual size: 673KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 284KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ssqdanma/RICHTX32.OCX
.dll regsvr32 windows x86

aaca01ab2cd35af160b8025e9dcfad9f

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:0e:7d:a7:00:00:00:00:00:48
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/10/2003, 05:59

Not After

25/01/2005, 06:09

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c6:be:da:cb:6f:7c:07:ce:80:06:10:c2:9a:0c:17:6f:0c:b4:42:44
Signer

Actual PE Digest

c6:be:da:cb:6f:7c:07:ce:80:06:10:c2:9a:0c:17:6f:0c:b4:42:44

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

24/11/2022, 14:54
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

DragAcceptFiles
DragQueryFileA
DragFinish

oledlg

ord1

kernel32

GlobalUnlock
GetVersionExA
GlobalSize
GlobalLock
FindResourceA
GlobalAlloc
GlobalFree
GetLocaleInfoA
LoadResource
LockResource
GetModuleFileNameA
GetWindowsDirectoryA
HeapReAlloc
GetFileAttributesA
lstrcatA
lstrcpynA
DisableThreadLibraryCalls
GetProcAddress
GetVersion
GetAtomNameA
FindAtomA
AddAtomA
IsBadWritePtr
DeleteAtom
InterlockedIncrement
FreeLibrary
LoadLibraryA
InterlockedDecrement
GetProcessHeap
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
WriteFile
GetLastError
ReadFile
LeaveCriticalSection
CreateFileA
lstrcmpA
lstrcpyA
HeapAlloc
lstrlenA
HeapFree
WideCharToMultiByte
lstrlenW
SetFilePointer
MultiByteToWideChar
IsDBCSLeadByte
CloseHandle
lstrcmpiA

user32

SetCursorPos
ScreenToClient
GetClipboardFormatNameA
PeekMessageW
PostMessageW
PeekMessageA
RegisterWindowMessageA
IsDlgButtonChecked
SetDlgItemInt
SetDlgItemTextA
CheckDlgButton
ReleaseCapture
DefWindowProcA
LoadCursorA
SetCursor
CreateDialogIndirectParamA
MapWindowPoints
FillRect
GetDlgItemTextA
GetClientRect
InvalidateRect
ValidateRect
SetRect
GetSysColor
InflateRect
GetClassInfoA
TrackPopupMenu
GetWindow
GetWindowTextA
CharNextA
MessageBoxA
SendDlgItemMessageA
GetDlgItem
PostMessageA
IsChild
TranslateMessage
DispatchMessageA
IsWindowEnabled
GetNextDlgTabItem
IsDialogMessageA
WinHelpA
BeginPaint
MoveWindow
SetFocus
IsWindowVisible
EndPaint
SetParent
ShowWindow
EnableMenuItem
DeleteMenu
EqualRect
SetWindowRgn
IntersectRect
GetWindowRect
OffsetRect
GetDlgItemInt
GetActiveWindow
SetWindowLongA
SetWindowPos
LoadMenuA
UnregisterClassA
DestroyWindow
DestroyMenu
GetSubMenu
RemoveMenu
GetParent
GetMenuItemCount
GetFocus
IsWindow
WindowFromDC
RegisterClassA
LoadStringA
RegisterClipboardFormatA
GetCapture
GetCursorPos
EnableWindow
EndDialog
wsprintfA
GetKeyState
MessageBeep
CallWindowProcA
GetDC
GetSystemMetrics
ReleaseDC
UpdateWindow
SendMessageA
DialogBoxParamA
GetWindowLongA
CreateWindowExA
ClientToScreen
PtInRect

ole32

DoDragDrop
RegisterDragDrop
CreateOleAdviseHolder
OleCreateFromFile
CLSIDFromProgID
OleCreate
OleSetContainedObject
StringFromCLSID
OleGetIconOfClass
CoGetMalloc
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleSaveToStream
OleLoadFromStream
RevokeDragDrop
CoTaskMemRealloc
ReleaseStgMedium
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

advapi32

RegEnumKeyExA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegDeleteKeyA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA

oleaut32

SafeArrayGetElement
SafeArrayDestroy
SafeArrayRedim
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayGetLBound
VariantCopyInd
VariantCopy
SafeArrayUnaccessData
SetErrorInfo
OleCreatePropertyFrame
CreateErrorInfo
UnRegisterTypeLi
LoadTypeLi
LoadTypeLibEx
SafeArrayCreate
SafeArrayPutElement
RegisterTypeLi
OleCreatePictureIndirect
LoadRegTypeLi
GetErrorInfo
OleCreateFontIndirect
SysAllocStringLen
OleLoadPicture
OleTranslateColor
SysStringLen
SysFreeString
VariantChangeType
VariantClear
SysAllocString
VariantInit
SafeArrayCopy

comdlg32

GetOpenFileNameA
CommDlgExtendedError

gdi32

GetNearestColor
CreateSolidBrush
DeleteObject
EnumFontFamiliesExA
CreatePalette
GetBitmapBits
StretchBlt
GetObjectA
SelectPalette
CreateDIBitmap
GetDIBits
GetPaletteEntries
RealizePalette
CreateBitmap
CopyEnhMetaFileA
GetStockObject
CreateDCA
LPtoDP
CopyMetaFileA
GetViewportExtEx
CreateRectRgnIndirect
GetWindowExtEx
GetClipBox
SetWindowExtEx
SetBkColor
SelectObject
CreateCompatibleBitmap
SetViewportExtEx
DeleteDC
EndDoc
PatBlt
StartPage
StartDocA
EndPage
SetWindowOrgEx
SetViewportOrgEx
DPtoLP
CreateCompatibleDC
GetMapMode
CreateICA
GetObjectType
SetMapMode
GetDeviceCaps

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
VBFrameworkMapClassObject

Sections

.text
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ssqdanma/SSQANNs.RES
ssqdanma/SSQANNs.exe
.exe windows x86

0c98a89f1db82f86be5681ef8be9fc69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarTstGt
__vbaVarSub
__vbaStrI2
__vbaNextEachAry
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaVarVargNofree
__vbaAryMove
__vbaFreeVar
__vbaLineInputStr
__vbaStrVarMove
__vbaLateIdCall
ord588
__vbaLenBstr
__vbaEnd
__vbaVarIdiv
__vbaFreeVarList
_adj_fdiv_m64
__vbaVarIndexStore
__vbaNextEachVar
__vbaFreeObjList
ord516
__vbaStrErrVarCopy
__vbaVarIndexLoadRef
_adj_fprem1
__vbaRecAnsiToUni
ord518
ord519
__vbaI2Abs
__vbaVarCmpNe
__vbaStrCat
__vbaError
ord552
ord553
__vbaLsetFixstr
ord660
__vbaRecDestruct
ord661
__vbaStrDate
__vbaSetSystemError
ord662
__vbaHresultCheckObj
ord557
__vbaVargVarCopy
ord558
__vbaLenVar
_adj_fdiv_m32
__vbaAryVar
__vbaVarTstLe
__vbaVarXor
__vbaVarCmpGe
__vbaAryDestruct
__vbaVarIndexLoadRefLock
__vbaLateMemSt
ord592
__vbaForEachCollObj
__vbaVarForInit
__vbaExitProc
__vbaI4Abs
__vbaObjSet
__vbaOnError
ord595
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
__vbaVarIndexLoad
__vbaFpR4
__vbaBoolVar
ord520
__vbaStrFixstr
__vbaFpR8
__vbaVarTstLt
__vbaBoolVarNull
__vbaRefVarAry
__vbaVargVar
_CIsin
__vbaErase
__vbaVarZero
__vbaVargVarMove
ord525
__vbaNextEachCollObj
__vbaVarCmpGt
ord632
__vbaChkstk
ord526
__vbaFileClose
EVENT_SINK_AddRef
ord528
__vbaGenerateBoundsError
__vbaVarAbs
__vbaStrCmp
__vbaAryConstruct2
__vbaVarTstEq
ord560
__vbaDateR8
ord561
__vbaObjVar
__vbaI2I4
ord562
DllFunctionCall
ord563
__vbaVarLateMemSt
__vbaVarOr
__vbaCastObjVar
__vbaLbound
__vbaRedimPreserve
_adj_fpatan
__vbaR4Var
__vbaFixstrConstruct
__vbaLateIdCallLd
__vbaStrR8
__vbaRedim
__vbaUI1ErrVar
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
ord600
__vbaUI1I2
ord601
_CIsqrt
__vbaVarAnd
__vbaLateIdCallSt
EVENT_SINK_QueryInterface
__vbaUI1I4
__vbaVarMul
__vbaExceptHandler
ord711
__vbaStrToUnicode
ord712
ord606
__vbaDateStr
_adj_fprem
_adj_fdivr_m64
__vbaI2Str
__vbaVarDiv
__vbaR8ErrVar
ord714
ord608
__vbaVarCmpLe
ord716
__vbaFPException
ord717
__vbaInStrVar
__vbaStrVarVal
__vbaUbound
__vbaVarCat
ord535
__vbaDateVar
__vbaI2Var
ord644
ord645
ord538
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaVar2Vec
__vbaR8Str
__vbaVarLateMemCallLdRf
__vbaInStr
__vbaNew2
ord571
__vbaVarInt
_adj_fdiv_m32i
_adj_fdivr_m32i
ord573
__vbaVarSetObj
__vbaStrCopy
ord681
__vbaI4Str
__vbaVarCmpLt
__vbaFreeStrList
__vbaVarNot
_adj_fdivr_m32
__vbaR8Var
_adj_fdiv_r
ord685
ord100
__vbaVarTstNe
__vbaVarSetVar
__vbaI4Var
__vbaForEachAry
__vbaVarCmpEq
__vbaAryLock
__vbaLateMemCall
__vbaVarAdd
ord612
__vbaStrToAnsi
__vbaVarDup
__vbaFpI2
__vbaVarMod
__vbaVarTstGe
__vbaFpI4
ord616
__vbaVarLateMemCallLd
__vbaVarCopy
__vbaR8IntI2
__vbaRecDestructAnsi
ord617
__vbaLateMemCallLd
__vbaVarSetObjAddref
_CIatan
__vbaAryCopy
__vbaCastObj
__vbaI2ErrVar
__vbaStrMove
__vbaR8IntI4
__vbaForEachVar
ord619
__vbaStrVarCopy
ord542
_allmul
__vbaLateIdSt
ord545
_CItan
ord546
__vbaFPInt
__vbaAryUnlock
__vbaVarForNext
_CIexp
__vbaFreeObj
__vbaFreeStr
__vbaI4ErrVar
ord581

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ssqdanma/SSQANNs.exe.manifest
.xml
ssqdanma/SkinH_VB6.dll
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

SkinH_AdjustAero
SkinH_AdjustHSV
SkinH_Attach
SkinH_AttachEx
SkinH_AttachExt
SkinH_AttachRes
SkinH_AttachResEx
SkinH_Detach
SkinH_DetachEx
SkinH_GetColor
SkinH_LockUpdate
SkinH_Map
SkinH_NineBlt
SkinH_SetAero
SkinH_SetBackColor
SkinH_SetFont
SkinH_SetFontEx
SkinH_SetForeColor
SkinH_SetMenuAlpha
SkinH_SetTitleMenuBar
SkinH_SetWindowAlpha
SkinH_SetWindowMovable
SkinH_VerifySign

Sections

UPX0
Size: - Virtual size: 156KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 81KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ssqdanma/UpdateLang.ini
ssqdanma/msinet.OCX
.dll regsvr32 windows x86

d940cf5b3d0dfb340396c0608ef1a0c5

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:0e:7d:a7:00:00:00:00:00:48
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/10/2003, 05:59

Not After

25/01/2005, 06:09

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

8a:cb:1c:af:c1:a1:9a:a8:ba:91:ac:e1:6b:ab:e7:b6:18:25:e9:91
Signer

Actual PE Digest

8a:cb:1c:af:c1:a1:9a:a8:ba:91:ac:e1:6b:ab:e7:b6:18:25:e9:91

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

24/11/2022, 14:54
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

wininet

FtpSetCurrentDirectoryA
FtpCreateDirectoryA
InternetCrackUrlA
InternetSetOptionA
InternetCreateUrlA
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
InternetFindNextFileA
FtpDeleteFileA
FtpGetFileA
FtpPutFileA
FtpRenameFileA
InternetReadFile
InternetConnectA
FtpGetCurrentDirectoryA
FtpRemoveDirectoryA
FtpFindFirstFileA
HttpQueryInfoA
HttpOpenRequestA
HttpSendRequestA
InternetOpenUrlA

kernel32

LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
HeapAlloc
InitializeCriticalSection
EnterCriticalSection
GetProcessHeap
CloseHandle
LocalFree
FormatMessageA
SetEvent
CreateEventA
GetLastError
MultiByteToWideChar
lstrcatA
lstrcpyA
lstrlenA
ResetEvent
SetLastError
lstrcpynA
WaitForSingleObject
WaitForMultipleObjects
GetTickCount
IsBadWritePtr
DisableThreadLibraryCalls
GetVersion
GetProcAddress
GetFileAttributesA
GetModuleFileNameA
GetWindowsDirectoryA
LoadLibraryA
GetLocaleInfoA
InterlockedIncrement
InterlockedDecrement
HeapReAlloc
lstrcmpiA
LockResource
LoadResource
FindResourceA
lstrcmpA

user32

SetDlgItemInt
SendDlgItemMessageA
GetMessageA
PostQuitMessage
GetDlgItemInt
GetDlgItemTextA
SendMessageA
ReleaseDC
GetDC
CharNextA
SetDlgItemTextA
SetWindowPos
SetWindowLongA
SetParent
EndPaint
GetClientRect
BeginPaint
GetWindowLongA
SetFocus
GetDlgItem
MoveWindow
GetWindow
GetActiveWindow
IsWindowVisible
TranslateMessage
GetParent
OffsetRect
EqualRect
DispatchMessageA
GetWindowThreadProcessId
ShowWindow
PtInRect
WinHelpA
IsDialogMessageA
GetNextDlgTabItem
IsWindowEnabled
IsChild
GetKeyState
CreateDialogIndirectParamA
MessageBoxA
MessageBeep
SetTimer
PeekMessageA
MsgWaitForMultipleObjects
PostMessageA
ClientToScreen
GetWindowRect
CreateWindowExA
EndDialog
LoadIconA
DrawEdge
DrawIcon
LoadCursorA
RegisterClassA
DestroyIcon
KillTimer
DestroyWindow
GetSystemMetrics
LoadStringA
wsprintfA
DialogBoxParamA
IntersectRect
SetWindowRgn
DefWindowProcA
PostThreadMessageA
UnregisterClassA

ole32

CoUninitialize
CoTaskMemAlloc
CoInitialize
CoTaskMemFree
CoCreateInstance
CreateOleAdviseHolder

advapi32

RegEnumKeyExA
RegQueryValueExA
RegQueryValueA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA

oleaut32

OleCreatePropertyFrame
RegisterTypeLi
LoadTypeLi
UnRegisterTypeLi
LoadTypeLibEx
SafeArrayCreate
SetErrorInfo
CreateErrorInfo
GetErrorInfo
LoadRegTypeLi
SysStringLen
SysAllocStringLen
SysFreeString
VariantInit
VariantClear
VariantChangeType
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetDim
SafeArrayRedim
SafeArrayDestroy
VariantChangeTypeEx
SysAllocString

gdi32

GetWindowExtEx
SetViewportOrgEx
LPtoDP
DeleteDC
SetWindowExtEx
SetMapMode
SetViewportExtEx
GetViewportExtEx
SetWindowOrgEx
CreateDCA
GetDeviceCaps
CreateRectRgnIndirect

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ssqdanma/msscript.ocx
.dll regsvr32 windows x86

0fd48a5f29526d5371d06c4b891c2ba2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

free
_except_handler3
_beginthreadex
wcslen
_purecall
_wcsicmp
malloc
_onexit
__dllonexit
_adjust_fdiv
_initterm

oleaut32

VariantCopyInd
SetErrorInfo
CreateErrorInfo
SysFreeString
SysAllocStringLen
SysStringLen
OleCreatePropertyFrame
LoadRegTypeLi
VariantChangeType
LoadTypeLibEx
UnRegisterTypeLi
LoadTypeLi
RegisterTypeLi
SysAllocString
VariantChangeTypeEx
VariantClear
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayAccessData
SafeArrayUnaccessData
LHashValOfNameSys

ole32

CoCreateInstance
CLSIDFromProgID
CoTaskMemAlloc
CreateOleAdviseHolder
CoTaskMemFree

advapi32

RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegDeleteValueA
RegCloseKey

kernel32

GetWindowsDirectoryA
lstrlenW
HeapFree
lstrcpyA
GetVersion
GetProcessHeap
lstrcatA
lstrlenA
lstrcpynA
OpenFile
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
InterlockedIncrement
ResetEvent
WaitForSingleObject
GetLastError
GetModuleFileNameA
LoadLibraryA
GetLocaleInfoA
HeapReAlloc
WideCharToMultiByte
Sleep
HeapAlloc
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
MultiByteToWideChar
GetTickCount
SetEvent
TlsAlloc
CloseHandle
TlsFree
TlsSetValue
CreateEventA
GetCurrentThreadId
TlsGetValue
InterlockedDecrement

user32

PtInRect
GetKeyState
TranslateMessage
wsprintfA
LoadStringA
IsWindow
EndDialog
DialogBoxParamA
DrawIcon
DrawEdge
LoadIconA
RegisterClassA
LoadCursorA
EnableWindow
GetSystemMetrics
DestroyWindow
SendMessageTimeoutA
EnumThreadWindows
PostThreadMessageA
SetWindowLongA
GetWindowLongA
CreateDialogParamA
KillTimer
DispatchMessageA
IsDialogMessageA
GetMessageA
SetTimer
UnregisterClassA
ReleaseDC
GetDC
CharNextA
SetParent
DefWindowProcA
EndPaint
GetClientRect
BeginPaint
SetFocus
SendMessageA
SetWindowPos
CreateWindowExA
IsWindowVisible
GetWindowRect
ClientToScreen
GetParent
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
ShowWindow
GetActiveWindow

gdi32

SetWindowOrgEx
SetViewportExtEx
CreateRectRgnIndirect
GetDeviceCaps
SetWindowExtEx
SetMapMode
CreateDCA
GetViewportExtEx
GetWindowExtEx
LPtoDP
DeleteDC
SetViewportOrgEx

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ssqdanma/skinh.she
ssqdanma/ssqhelp.chm
.chm
ssqdanma/update.EXE
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 529KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 42KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sblpk
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ssqdanma/update.LOG
ssqdanma/update.URS
ssqdanma/vsflex8l.ocx
.dll regsvr32 windows x86

bfb5dfd2fb405b58b7e662056444fcb2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PrintDlgA

kernel32

GetSystemTime
GetCurrencyFormatA
CompareStringA
GetLocaleInfoA
GetVersion
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
lstrcmpiA
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
DisableThreadLibraryCalls
GetTempPathA
GetTempFileNameA
lstrcatA
MulDiv
GlobalFree
GetVersionExA
Sleep
lstrcpynA
GetTickCount
lstrcpyA
lstrlenA
IsValidLocale
IsDBCSLeadByte
GetTimeZoneInformation
GetCPInfo
SetLastError
TlsFree
TlsGetValue
TlsSetValue
HeapSize
TlsAlloc
IsBadWritePtr
VirtualAlloc
HeapCreate
GetEnvironmentVariableA
VirtualFree
TerminateProcess
ExitProcess
WriteFile
SetEndOfFile
SetStdHandle
ReadFile
GetStdHandle
SetHandleCount
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
SetFilePointer
HeapReAlloc
DeleteFileA
RtlUnwind
HeapFree
HeapAlloc
MoveFileA
GetFileType
PeekNamedPipe
CreateFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileInformationByHandle
IsValidCodePage
GlobalUnlock
CloseHandle
GlobalAlloc
WideCharToMultiByte
GlobalLock
GetStringTypeW
EnumSystemLocalesA
GetUserDefaultLCID
LCMapStringA
LCMapStringW
RaiseException
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
FlushFileBuffers
InterlockedExchange
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
EnterCriticalSection
GetACP
lstrcmpA
GetProfileIntA
GetOEMCP
GetLocaleInfoW
CompareStringW
SetEnvironmentVariableA
LocalAlloc
lstrlenW
GlobalSize
MultiByteToWideChar
InterlockedIncrement
GetProcAddress
LoadLibraryA
InterlockedDecrement
FreeLibrary
LeaveCriticalSection

user32

MessageBeep
GetCursorPos
MoveWindow
IsWindowVisible
PtInRect
GetAsyncKeyState
GetWindowTextLengthA
PostMessageA
SetWindowLongA
GetWindowLongA
SetWindowTextA
ScreenToClient
EnableWindow
HideCaret
DestroyWindow
LoadStringA
MessageBoxA
DrawTextA
InflateRect
GetKeyState
OffsetRect
ScrollWindow
IsWindow
GetScrollInfo
GetSystemMetrics
SetScrollInfo
GetSysColor
GetClientRect
SetRect
GetParent
InvalidateRect
SendMessageA
CharNextA
ReleaseDC
GetDC
wsprintfA
IsWindowEnabled
GetFocus
GetWindowRect
SetFocus
ShowWindow
InvertRect
GetWindowTextA
ReleaseCapture
SetCursor
PeekMessageA
SetCapture
SetTimer
FillRect
UpdateWindow
DrawEdge
KillTimer
GetCapture
IsChild
SystemParametersInfoA
GetScrollRange
FrameRect
DrawIcon
IntersectRect
DefWindowProcA
DrawFocusRect
DrawFrameControl
GetDesktopWindow
GetDlgItem
EnumChildWindows
DialogBoxParamA
EndDialog
WindowFromDC
GetDlgCtrlID
IsCharAlphaA
EndPaint
GetWindow
BeginPaint
GetClassInfoExA
EqualRect
SetWindowRgn
GetClassLongA
RegisterClassExA
UnionRect
LoadIconA
SetClassLongA
LoadCursorA
DestroyCursor
LoadBitmapA
RegisterWindowMessageA
CreateWindowExA
DestroyIcon
SetWindowPos
CallWindowProcA

gdi32

LineTo
GetCurrentPositionEx
SetTextAlign
StartPage
TextOutA
CopyMetaFileA
CopyEnhMetaFileA
CreateDIBitmap
CreateSolidBrush
CreatePen
DeleteObject
SelectObject
GetObjectA
GetDeviceCaps
DeleteMetaFile
CloseMetaFile
RestoreDC
SetWindowExtEx
SetWindowOrgEx
SaveDC
CreateMetaFileA
SetBkColor
SetTextColor
SetBkMode
RealizePalette
SelectPalette
GetStockObject
DeleteDC
CreateBitmap
CreateCompatibleDC
StretchDIBits
GetDIBits
StretchBlt
SetStretchBltMode
ExcludeClipRect
CreateFontA
GetTextExtentPoint32A
BitBlt
SelectClipRgn
GetClipBox
CreateDCA
LPtoDP
SetViewportOrgEx
CreateRectRgnIndirect
CreatePatternBrush
CreateFontIndirectA
ResetDCA
StartDocA
ExtTextOutA
GetTextMetricsA
EndPage
EndDoc
AbortDoc
Rectangle
SetMapMode
DPtoLP
SetViewportExtEx
GetTextColor
CreateEnhMetaFileA
CloseEnhMetaFile
CreateCompatibleBitmap
GetObjectType
RectVisible
MoveToEx

advapi32

RegOpenKeyA
RegEnumValueA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA

shell32

ShellExecuteA
DragQueryFileA

ole32

CoCreateInstance
StgOpenStorage
CreateOleAdviseHolder
StringFromCLSID
OleLoadFromStream
CreateDataAdviseHolder
OleRegGetMiscStatus
OleSaveToStream
WriteClassStm
OleRegGetUserType
StgCreateDocfile
CoTaskMemRealloc
CoTaskMemAlloc
RevokeDragDrop
RegisterDragDrop
DoDragDrop
ProgIDFromCLSID
CoTaskMemFree
ReleaseStgMedium
OleDuplicateData
CreateStreamOnHGlobal
OleRegEnumVerbs
CreateBindCtx

oleaut32

OleLoadPicturePath
VariantCopyInd
OleCreatePropertyFrame
SysAllocStringByteLen
SysStringByteLen
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
UnRegisterTypeLi
CreateErrorInfo
SetErrorInfo
OleCreateFontIndirect
OleTranslateColor
SafeArrayPutElement
SafeArrayGetElement
LoadRegTypeLi
SysAllocString
VariantChangeType
OleLoadPicture
OleCreatePictureIndirect
SafeArrayCreate
SysFreeString
SysStringLen
VariantCopy
VariantClear
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringLen

comctl32

ImageList_Draw
ImageList_GetIconSize
ImageList_GetImageCount
ord17

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 304KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ssqdanma/河源下载站-cngr.cn.url
.url
ssqdanma/淘宝热卖.url
.url
ssqdanma/破解补丁SSQANNs.rar
.rar

Sharing

General

Malware Config

Signatures

Files

988f29c1eb8054253091352741683c76

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88Certificate

Extended Key Usages

Key Usages

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6Certificate

Extended Key Usages

Key Usages

61:0e:7d:a7:00:00:00:00:00:48Certificate

Extended Key Usages

Key Usages

30:04:be:c7:7e:04:0a:8e:9c:44:86:a8:95:a7:50:5e:ca:0f:22:ecSigner

Signature Validations

Verification

24/11/2022, 14:54 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

oleaut32

comdlg32

gdi32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 69KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 52KB - Virtual size: 51KB

.reloc Size: 8KB - Virtual size: 5KB

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 84KB

UPX1 Size: 46KB - Virtual size: 48KB

.rsrc Size: 3KB - Virtual size: 4KB

a0a3b80e18d8fb6ca27a1f8612e03304

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88Certificate

Extended Key Usages

Key Usages

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6Certificate

Extended Key Usages

Key Usages

61:0e:7d:a7:00:00:00:00:00:48Certificate

Extended Key Usages

Key Usages

68:5c:1d:bd:87:b3:f7:fd:d5:1e:de:8d:6a:79:03:41:d2:07:b1:70Signer

Signature Validations

Verification

24/11/2022, 14:54 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

oleaut32

comdlg32

gdi32

Exports

Exports

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

61:0e:7d:a7:00:00:00:00:00:48
Certificate

30:04:be:c7:7e:04:0a:8e:9c:44:86:a8:95:a7:50:5e:ca:0f:22:ec
Signer

24/11/2022, 14:54
Valid: false

.text
Size: 72KB - Virtual size: 69KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 52KB - Virtual size: 51KB

.reloc
Size: 8KB - Virtual size: 5KB

UPX0
Size: - Virtual size: 84KB

UPX1
Size: 46KB - Virtual size: 48KB

.rsrc
Size: 3KB - Virtual size: 4KB

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

61:0e:7d:a7:00:00:00:00:00:48
Certificate

68:5c:1d:bd:87:b3:f7:fd:d5:1e:de:8d:6a:79:03:41:d2:07:b1:70
Signer

24/11/2022, 14:54
Valid: false

.text
Size: 592KB - Virtual size: 592KB

.rdata
Size: 53KB - Virtual size: 52KB

.data
Size: 43KB - Virtual size: 44KB

.idata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 238KB - Virtual size: 237KB

.reloc
Size: 44KB - Virtual size: 43KB

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

61:06:27:81:00:00:00:00:00:08
Certificate

61:49:7c:ed:00:00:00:00:00:05
Certificate

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

f1:55:9b:a0:85:de:0a:59:61:4f:a9:6c:32:ca:4b:69:69:e9:58:cd
Signer

25/09/2009, 18:37
Valid: false

.text
Size: 676KB - Virtual size: 673KB

.data
Size: 28KB - Virtual size: 30KB

.rsrc
Size: 284KB - Virtual size: 280KB

.reloc
Size: 44KB - Virtual size: 41KB

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

61:0e:7d:a7:00:00:00:00:00:48
Certificate

c6:be:da:cb:6f:7c:07:ce:80:06:10:c2:9a:0c:17:6f:0c:b4:42:44
Signer

24/11/2022, 14:54
Valid: false