darktrack | DarkTrack+Alien+4[.]1 Legit Copy[.]rar

Sharing

Copy URL

Twitter E-mail

General

Target

DarkTrack+Alien+4.1 Legit Copy.rar
Size

15.0MB
MD5

c78d6a161e2a466504e41fd9fa1e74d9
SHA1

a2af9b7f5475778db98137fa321ac9f7aee20006
SHA256

d2f024ad19b8ada353f6459d3ac54529b045d4fadab880fcaa0813f4bfd617bc
SHA512

7fd3406cecfde7c9c5ab923b6fd160d13090e9daaa3bad1f81511b8a7c55645ed9d321de46b270eb3fb400680540175f71a53e722896d7bdf3493bf2ffe6ebb5
SSDEEP

196608:nt/c82nIXAVWh2dRGHFvYB40OQOqOiVvCl1Deq14Gqb/A4/QDp8ixMjPgOnkKH1i:nTKIc2hlvE4wuiVvCDeq9P4ILler0

Score

10^/10

upx aspackv2 darktrack

Malware Config

Signatures

DarkTrack payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/DarkTrack+Alien+4.1/DarkTrack Alien 4.1/stub/stub.exe	family_darktrack

Darktrack family
darktrack

ACProtect 1.3x - 1.4x DLL software 2 IoCs

Detects file using ACProtect software.

Processes:

resource	yara_rule
static1/unpack001/DarkTrack+Alien+4.1/DarkTrack Alien 4.1/Plugins/sqlite3.dll	acprotect
static1/unpack001/DarkTrack+Alien+4.1/DarkTrack Alien 4.1/sqlite3Reader.dll	acprotect

ASPack v2.12-2.42 2 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

Processes:

resource	yara_rule
static1/unpack001/DarkTrack+Alien+4.1/DarkTrack Alien 4.1/Darktrack 4.1 Beta.exe	aspack_v212_v242
static1/unpack001/DarkTrack+Alien+4.1/DarkTrack Alien 4.1/Mescaline File Binder/Mescaline Multi File Binder.exe	aspack_v212_v242

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

Processes:

resource	yara_rule
static1/unpack001/DarkTrack+Alien+4.1/DarkTrack Alien 4.1/Compressors/upx.exe	upx
static1/unpack001/DarkTrack+Alien+4.1/DarkTrack Alien 4.1/Plugins/sqlite3.dll	upx
static1/unpack001/DarkTrack+Alien+4.1/DarkTrack Alien 4.1/sqlite3Reader.dll	upx

Files

DarkTrack+Alien+4.1 Legit Copy.rar
.rar

Password: darktrack
DarkTrack+Alien+4.1/DarkTrack Alien 4.1/Compressors/upx.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 281KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
DarkTrack+Alien+4.1/DarkTrack Alien 4.1/Darktrack 4.1 Beta.exe
.exe windows x86

Password: darktrack

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 1.1MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 9.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
DarkTrack+Alien+4.1/DarkTrack Alien 4.1/Data/DataBase.db
DarkTrack+Alien+4.1/DarkTrack Alien 4.1/Mescaline File Binder/Mescaline Multi File Binder.exe
.exe windows x86

Password: darktrack

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 457KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 500KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 367KB - Virtual size: 368KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
DarkTrack+Alien+4.1/DarkTrack Alien 4.1/Modules/ffmpeg.exe
.exe windows x86

Password: darktrack

a05575a4ef06bc557b834a488509da27

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
DeregisterEventSource
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegisterEventSourceA
ReportEventA

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

crypt32

CertCloseStore
CertEnumCertificatesInStore
CertOpenSystemStoreA

gdi32

BitBlt
ChoosePixelFormat
CombineRgn
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
CreateDIBSection
CreatePalette
CreateRectRgn
DeleteDC
DeleteObject
DescribePixelFormat
GetBitmapBits
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetDeviceGammaRamp
GetObjectA
GetStockObject
GetSystemPaletteEntries
GetSystemPaletteUse
RealizePalette
SelectObject
SelectPalette
SetDIBColorTable
SetDeviceGammaRamp
SetPaletteEntries
SetPixelFormat
SetSystemPaletteUse
SwapBuffers
UnrealizeObject

kernel32

AllocConsole
CloseHandle
CreateConsoleScreenBuffer
CreateEventA
CreateFileA
CreateFileMappingA
CreateFileW
CreateMutexA
CreateSemaphoreA
CreateSemaphoreW
CreateThread
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
FindClose
FindFirstFileA
FindNextFileA
FormatMessageA
FormatMessageW
FreeLibrary
GetACP
GetCommandLineW
GetConsoleCursorInfo
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDriveTypeA
GetEnvironmentVariableA
GetFileAttributesA
GetFileAttributesExA
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetLongPathNameA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleW
GetNumberOfConsoleInputEvents
GetProcAddress
GetProcessAffinityMask
GetProcessTimes
GetStartupInfoA
GetStdHandle
GetSystemDirectoryA
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathA
GetThreadContext
GetThreadPriority
GetTickCount
GetTimeZoneInformation
GetVersion
GetVersionExA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalUnlock
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryW
LocalFree
MapViewOfFile
MoveFileExA
MoveFileExW
MultiByteToWideChar
OpenProcess
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
ReadConsoleInputA
ReadFile
ReleaseMutex
ReleaseSemaphore
ResetEvent
ResumeThread
SetConsoleActiveScreenBuffer
SetConsoleCursorInfo
SetConsoleMode
SetConsoleScreenBufferSize
SetConsoleTextAttribute
SetConsoleTitleA
SetConsoleWindowInfo
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFilePointer
SetLastError
SetProcessAffinityMask
SetThreadAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitNamedPipeW
WideCharToMultiByte
WriteConsoleOutputW
WriteConsoleW
WriteFile
lstrcpyA
lstrcpynA

msvcrt

__dllonexit
__doserrno
__getmainargs
__initenv
__lconv_init
__mb_cur_max
__pioinfo
__set_app_type
__setusermatherr
_acmdln
_aligned_free
_aligned_malloc
_aligned_realloc
_amsg_exit
_beginthreadex
_cexit
_close
_endthreadex
_errno
_exit
_filelengthi64
_fileno
_findclose
_findnext
_fmode
_fstati64
_ftime
_ftime64
_fullpath
_get_osfhandle
_getch
_initterm
_iob
_lock
_lseeki64
_mbsrchr
_mkdir
_mktemp
_onexit
_open
_rmdir
_setjmp3
_setmode
_snprintf
_snwprintf
_sopen
_stat
_stati64
_vsnprintf
time
mktime
localtime
gmtime
calloc
clock
cosh
div
exit
fclose
feof
ferror
fflush
fgetc
fgetpos
fgets
fopen
fprintf
fputc
fputs
fread
free
frexp
fscanf
fseek
fsetpos
ftell
fwprintf
fwrite
getc
getchar
getenv
gmtime
isalnum
isalpha
islower
isprint
isspace
isupper
isxdigit
localeconv
localtime
log10
malloc
memchr
memcmp
memcpy
memmove
memset
perror
printf
putc
putchar
puts
qsort
raise
rand
realloc
rename
rewind
setlocale
setvbuf
signal
sinh
sprintf
srand
sscanf
strcat
strchr
strcmp
strcpy
strcspn
strerror
strftime
strlen
strncat
strncmp
strncpy
strpbrk
strrchr
strspn
strstr
strtok
strtol
strtoul
_strdup
_stricmp
_strnicmp
_unlink
_unlock
_wfopen
_wmkdir
_wrename
_write
_wrmdir
_wsopen
_wstati64
_wunlink
abort
acos
asin
atan
atan2
atof
atoi
atol
tan
tanh
time
tolower
toupper
ungetc
vfprintf
vsprintf
wcscmp
wcscpy
wcslen
wcsstr
bsearch
_wfindnext
_wfindfirst
_findfirst
longjmp
_hypot
_write
_wcsdup
_unlink
_tempnam
_strdup
_setmode
_rmdir
_read
_putenv
_open
_kbhit
_isatty
_getpid
_getch
_fileno
_fdopen
_close
_chmod
_access

ole32

CoCreateInstance
CoGetMalloc
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CreateBindCtx

oleaut32

OleCreatePropertyFrame
SysFreeString

psapi

GetProcessMemoryInfo

shell32

CommandLineToArgvW

user32

AdjustWindowRect
AdjustWindowRectEx
BeginPaint
CallWindowProcA
ChangeDisplaySettingsA
ClientToScreen
ClipCursor
CopyIcon
CreateCursor
CreateIconFromResourceEx
CreateWindowExA
DefWindowProcA
DestroyCursor
DestroyIcon
DestroyWindow
DispatchMessageA
DrawIcon
EndPaint
EnumDisplaySettingsA
FindWindowA
FrameRect
GetClassInfoA
GetClientRect
GetCursor
GetCursorInfo
GetCursorPos
GetDC
GetDesktopWindow
GetForegroundWindow
GetIconInfo
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutNameA
GetKeyboardState
GetMenu
GetMessageA
GetParent
GetProcessWindowStation
GetShellWindow
GetSystemMetrics
GetUserObjectInformationW
GetWindowLongA
GetWindowRect
InvalidateRect
IsZoomed
KillTimer
LoadCursorA
LoadImageA
LoadKeyboardLayoutA
MapVirtualKeyA
MapVirtualKeyExA
MapWindowPoints
MessageBoxA
MessageBoxW
MsgWaitForMultipleObjects
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RegisterClassA
ReleaseCapture
ReleaseDC
ScreenToClient
SendMessageA
SetCapture
SetClassLongA
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetTimer
SetWindowLongA
SetWindowPos
SetWindowRgn
SetWindowTextA
ShowWindow
ToAsciiEx
ToUnicode
TranslateMessage
UnregisterClassA
WindowFromPoint
wsprintfA

winmm

joyGetDevCapsA
joyGetNumDevs
joyGetPosEx
mciGetErrorStringA
mciSendCommandA
timeBeginPeriod
timeEndPeriod
timeGetTime
timeKillEvent
timeSetEvent
waveOutClose
waveOutGetErrorTextA
waveOutOpen
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite

ws2_32

WSACleanup
WSAEnumNetworkEvents
WSAGetLastError
WSASetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostbyname
gethostname
getnameinfo
getpeername
getsockname
getsockopt
htonl
htons
inet_addr
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket

Sections

.text
Size: 22.0MB - Virtual size: 22.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rotext
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 302KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6.9MB - Virtual size: 6.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 8.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
DarkTrack+Alien+4.1/DarkTrack Alien 4.1/Plugins/sqlite3.dll
.dll windows x86

Password: darktrack

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

sqlite3_aggregate_context
sqlite3_aggregate_count
sqlite3_auto_extension
sqlite3_bind_blob
sqlite3_bind_double
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_null
sqlite3_bind_parameter_count
sqlite3_bind_parameter_index
sqlite3_bind_parameter_name
sqlite3_bind_text
sqlite3_bind_text16
sqlite3_bind_value
sqlite3_bind_zeroblob
sqlite3_blob_bytes
sqlite3_blob_close
sqlite3_blob_open
sqlite3_blob_read
sqlite3_blob_write
sqlite3_busy_handler
sqlite3_busy_timeout
sqlite3_changes
sqlite3_clear_bindings
sqlite3_close
sqlite3_collation_needed
sqlite3_collation_needed16
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_bytes16
sqlite3_column_count
sqlite3_column_decltype
sqlite3_column_decltype16
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_name
sqlite3_column_name16
sqlite3_column_text
sqlite3_column_text16
sqlite3_column_type
sqlite3_column_value
sqlite3_commit_hook
sqlite3_complete
sqlite3_complete16
sqlite3_context_db_handle
sqlite3_create_collation
sqlite3_create_collation16
sqlite3_create_collation_v2
sqlite3_create_function
sqlite3_create_function16
sqlite3_create_module
sqlite3_create_module_v2
sqlite3_data_count
sqlite3_db_handle
sqlite3_declare_vtab
sqlite3_enable_load_extension
sqlite3_enable_shared_cache
sqlite3_errcode
sqlite3_errmsg
sqlite3_errmsg16
sqlite3_exec
sqlite3_expired
sqlite3_extended_result_codes
sqlite3_file_control
sqlite3_finalize
sqlite3_free
sqlite3_free_table
sqlite3_get_autocommit
sqlite3_get_auxdata
sqlite3_get_table
sqlite3_global_recover
sqlite3_interrupt
sqlite3_last_insert_rowid
sqlite3_libversion
sqlite3_libversion_number
sqlite3_limit
sqlite3_load_extension
sqlite3_malloc
sqlite3_memory_alarm
sqlite3_memory_highwater
sqlite3_memory_used
sqlite3_mprintf
sqlite3_mutex_alloc
sqlite3_mutex_enter
sqlite3_mutex_free
sqlite3_mutex_held
sqlite3_mutex_leave
sqlite3_mutex_notheld
sqlite3_mutex_try
sqlite3_open
sqlite3_open16
sqlite3_open_v2
sqlite3_overload_function
sqlite3_prepare
sqlite3_prepare16
sqlite3_prepare16_v2
sqlite3_prepare_v2
sqlite3_profile
sqlite3_progress_handler
sqlite3_randomness
sqlite3_realloc
sqlite3_release_memory
sqlite3_reset
sqlite3_reset_auto_extension
sqlite3_result_blob
sqlite3_result_double
sqlite3_result_error
sqlite3_result_error16
sqlite3_result_error_code
sqlite3_result_error_nomem
sqlite3_result_error_toobig
sqlite3_result_int
sqlite3_result_int64
sqlite3_result_null
sqlite3_result_text
sqlite3_result_text16
sqlite3_result_text16be
sqlite3_result_text16le
sqlite3_result_value
sqlite3_result_zeroblob
sqlite3_rollback_hook
sqlite3_set_authorizer
sqlite3_set_auxdata
sqlite3_sleep
sqlite3_snprintf
sqlite3_soft_heap_limit
sqlite3_sql
sqlite3_step
sqlite3_test_control
sqlite3_thread_cleanup
sqlite3_threadsafe
sqlite3_total_changes
sqlite3_trace
sqlite3_transfer_bindings
sqlite3_update_hook
sqlite3_user_data
sqlite3_value_blob
sqlite3_value_bytes
sqlite3_value_bytes16
sqlite3_value_double
sqlite3_value_int
sqlite3_value_int64
sqlite3_value_numeric_type
sqlite3_value_text
sqlite3_value_text16
sqlite3_value_text16be
sqlite3_value_text16le
sqlite3_value_type
sqlite3_version
sqlite3_vfs_find
sqlite3_vfs_register
sqlite3_vfs_unregister
sqlite3_vmprintf

Sections

UPX0
Size: - Virtual size: 180KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 165KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DarkTrack+Alien+4.1/DarkTrack Alien 4.1/settings.ini
DarkTrack+Alien+4.1/DarkTrack Alien 4.1/sqlite3.dll
.dll windows x86

Password: darktrack

40512658f087f2990d621c454c392124

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
EnterCriticalSection
FlushFileBuffers
GetFileAttributesA
GetFileAttributesW
GetFileSize
GetFullPathNameA
GetFullPathNameW
GetLastError
GetSystemTime
GetSystemTimeAsFileTime
GetTempPathA
GetTempPathW
GetVersionExA
InitializeCriticalSection
InterlockedIncrement
LeaveCriticalSection
LockFile
LockFileEx
MultiByteToWideChar
ReadFile
SetEndOfFile
SetFilePointer
Sleep
UnlockFile
WideCharToMultiByte
WriteFile

msvcrt

_iob
atoi
free
isalnum
isdigit
isspace
isxdigit
localtime
malloc
memcpy
memset
realloc
sprintf
strcat
strcmp
strcpy
strncmp
strncpy
tolower
toupper

Exports

Exports

sqlite3_aggregate_context
sqlite3_aggregate_count
sqlite3_bind_blob
sqlite3_bind_double
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_null
sqlite3_bind_parameter_count
sqlite3_bind_parameter_index
sqlite3_bind_parameter_name
sqlite3_bind_text
sqlite3_bind_text16
sqlite3_busy_handler
sqlite3_busy_timeout
sqlite3_changes
sqlite3_close
sqlite3_collation_needed
sqlite3_collation_needed16
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_bytes16
sqlite3_column_count
sqlite3_column_decltype
sqlite3_column_decltype16
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_name
sqlite3_column_name16
sqlite3_column_text
sqlite3_column_text16
sqlite3_column_type
sqlite3_commit_hook
sqlite3_complete
sqlite3_complete16
sqlite3_create_collation
sqlite3_create_collation16
sqlite3_create_function
sqlite3_create_function16
sqlite3_data_count
sqlite3_db_handle
sqlite3_errcode
sqlite3_errmsg
sqlite3_errmsg16
sqlite3_exec
sqlite3_expired
sqlite3_finalize
sqlite3_free
sqlite3_free_table
sqlite3_get_autocommit
sqlite3_get_auxdata
sqlite3_get_table
sqlite3_global_recover
sqlite3_interrupt
sqlite3_last_insert_rowid
sqlite3_libversion
sqlite3_libversion_number
sqlite3_mprintf
sqlite3_open
sqlite3_open16
sqlite3_prepare
sqlite3_prepare16
sqlite3_progress_handler
sqlite3_reset
sqlite3_result_blob
sqlite3_result_double
sqlite3_result_error
sqlite3_result_error16
sqlite3_result_int
sqlite3_result_int64
sqlite3_result_null
sqlite3_result_text
sqlite3_result_text16
sqlite3_result_text16be
sqlite3_result_text16le
sqlite3_result_value
sqlite3_set_authorizer
sqlite3_set_auxdata
sqlite3_snprintf
sqlite3_step
sqlite3_total_changes
sqlite3_trace
sqlite3_transfer_bindings
sqlite3_user_data
sqlite3_value_blob
sqlite3_value_bytes
sqlite3_value_bytes16
sqlite3_value_double
sqlite3_value_int
sqlite3_value_int64
sqlite3_value_text
sqlite3_value_text16
sqlite3_value_text16be
sqlite3_value_text16le
sqlite3_value_type
sqlite3_vmprintf

Sections

.text
Size: 233KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 416B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
DarkTrack+Alien+4.1/DarkTrack Alien 4.1/sqlite3Reader.dll
.dll windows x86

Password: darktrack

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

sqlite3_aggregate_context
sqlite3_aggregate_count
sqlite3_auto_extension
sqlite3_bind_blob
sqlite3_bind_double
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_null
sqlite3_bind_parameter_count
sqlite3_bind_parameter_index
sqlite3_bind_parameter_name
sqlite3_bind_text
sqlite3_bind_text16
sqlite3_bind_value
sqlite3_bind_zeroblob
sqlite3_blob_bytes
sqlite3_blob_close
sqlite3_blob_open
sqlite3_blob_read
sqlite3_blob_write
sqlite3_busy_handler
sqlite3_busy_timeout
sqlite3_changes
sqlite3_clear_bindings
sqlite3_close
sqlite3_collation_needed
sqlite3_collation_needed16
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_bytes16
sqlite3_column_count
sqlite3_column_decltype
sqlite3_column_decltype16
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_name
sqlite3_column_name16
sqlite3_column_text
sqlite3_column_text16
sqlite3_column_type
sqlite3_column_value
sqlite3_commit_hook
sqlite3_complete
sqlite3_complete16
sqlite3_context_db_handle
sqlite3_create_collation
sqlite3_create_collation16
sqlite3_create_collation_v2
sqlite3_create_function
sqlite3_create_function16
sqlite3_create_module
sqlite3_create_module_v2
sqlite3_data_count
sqlite3_db_handle
sqlite3_declare_vtab
sqlite3_enable_load_extension
sqlite3_enable_shared_cache
sqlite3_errcode
sqlite3_errmsg
sqlite3_errmsg16
sqlite3_exec
sqlite3_expired
sqlite3_extended_result_codes
sqlite3_file_control
sqlite3_finalize
sqlite3_free
sqlite3_free_table
sqlite3_get_autocommit
sqlite3_get_auxdata
sqlite3_get_table
sqlite3_global_recover
sqlite3_interrupt
sqlite3_last_insert_rowid
sqlite3_libversion
sqlite3_libversion_number
sqlite3_limit
sqlite3_load_extension
sqlite3_malloc
sqlite3_memory_alarm
sqlite3_memory_highwater
sqlite3_memory_used
sqlite3_mprintf
sqlite3_mutex_alloc
sqlite3_mutex_enter
sqlite3_mutex_free
sqlite3_mutex_held
sqlite3_mutex_leave
sqlite3_mutex_notheld
sqlite3_mutex_try
sqlite3_open
sqlite3_open16
sqlite3_open_v2
sqlite3_overload_function
sqlite3_prepare
sqlite3_prepare16
sqlite3_prepare16_v2
sqlite3_prepare_v2
sqlite3_profile
sqlite3_progress_handler
sqlite3_randomness
sqlite3_realloc
sqlite3_release_memory
sqlite3_reset
sqlite3_reset_auto_extension
sqlite3_result_blob
sqlite3_result_double
sqlite3_result_error
sqlite3_result_error16
sqlite3_result_error_code
sqlite3_result_error_nomem
sqlite3_result_error_toobig
sqlite3_result_int
sqlite3_result_int64
sqlite3_result_null
sqlite3_result_text
sqlite3_result_text16
sqlite3_result_text16be
sqlite3_result_text16le
sqlite3_result_value
sqlite3_result_zeroblob
sqlite3_rollback_hook
sqlite3_set_authorizer
sqlite3_set_auxdata
sqlite3_sleep
sqlite3_snprintf
sqlite3_soft_heap_limit
sqlite3_sql
sqlite3_step
sqlite3_test_control
sqlite3_thread_cleanup
sqlite3_threadsafe
sqlite3_total_changes
sqlite3_trace
sqlite3_transfer_bindings
sqlite3_update_hook
sqlite3_user_data
sqlite3_value_blob
sqlite3_value_bytes
sqlite3_value_bytes16
sqlite3_value_double
sqlite3_value_int
sqlite3_value_int64
sqlite3_value_numeric_type
sqlite3_value_text
sqlite3_value_text16
sqlite3_value_text16be
sqlite3_value_text16le
sqlite3_value_type
sqlite3_version
sqlite3_vfs_find
sqlite3_vfs_register
sqlite3_vfs_unregister
sqlite3_vmprintf

Sections

UPX0
Size: - Virtual size: 180KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 165KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DarkTrack+Alien+4.1/DarkTrack Alien 4.1/stub/stub.exe
.exe windows x86

Password: darktrack

ee46edf42cfbc2785a30bfb17f6da9c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
GetErrorInfo
SysFreeString
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExW
RegOpenKeyExA
RegOpenKeyW
RegOpenKeyA
RegFlushKey
RegEnumValueA
RegEnumKeyExW
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCreateKeyA
RegCloseKey
OpenThreadToken
OpenProcessToken
LookupPrivilegeValueA
LookupPrivilegeNameA
LookupPrivilegeDisplayNameA
GetUserNameA
GetTokenInformation
FreeSid
EqualSid
AllocateAndInitializeSid
AdjustTokenPrivileges
StartServiceA
QueryServiceStatus
QueryServiceConfigA
OpenServiceA
OpenSCManagerA
GetServiceDisplayNameA
EnumServicesStatusA
ControlService
CloseServiceHandle

user32

GetKeyboardType
DestroyWindow
LoadStringA
MessageBoxA
CharNextA
CreateWindowExA
mouse_event
keybd_event
VkKeyScanA
UnregisterClassA
TranslateMessage
ToUnicodeEx
SystemParametersInfoA
ShowWindow
SetWindowTextA
SetWindowLongA
SetKeyboardState
SetForegroundWindow
SetFocus
SetCursorPos
SetClipboardData
SendMessageA
ReleaseDC
RegisterClassA
PostQuitMessage
PostMessageA
PeekMessageA
OpenClipboard
MsgWaitForMultipleObjectsEx
MsgWaitForMultipleObjects
MessageBoxA
MapVirtualKeyExA
MapVirtualKeyA
LoadStringA
LoadIconA
LoadCursorA
IsWindowVisible
IsWindow
GetWindowThreadProcessId
GetWindowTextA
GetWindowRect
GetWindowPlacement
GetWindowLongA
GetSystemMetrics
GetSysColor
GetMessageA
GetKeyboardState
GetKeyboardLayout
GetKeyState
GetKeyNameTextA
GetIconInfo
GetForegroundWindow
GetDesktopWindow
GetDC
GetClipboardData
GetClientRect
GetClassInfoA
GetAsyncKeyState
FindWindowExA
FindWindowA
FillRect
ExitWindowsEx
EnumWindows
EnableWindow
EmptyClipboard
DrawIconEx
DispatchMessageA
DestroyWindow
DestroyIcon
DefWindowProcA
CreateIcon
CloseClipboard
CharNextA
CharLowerBuffA
CharUpperBuffA
CharUpperA
CharToOemA
PrintWindow
BlockInput
LockWorkStation

kernel32

GetACP
Sleep
VirtualFree
VirtualAlloc
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
ExitThread
CreateThread
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetFileType
CreateFileA
CloseHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
lstrlenA
lstrcpyA
lstrcmpA
lstrcatA
WriteProcessMemory
WriteFile
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjectsEx
VirtualQuery
VirtualProtect
VirtualFree
VirtualAllocEx
VirtualAlloc
TerminateThread
TerminateProcess
SystemTimeToFileTime
SuspendThread
Sleep
SetThreadPriority
SetThreadLocale
SetPriorityClass
SetNamedPipeHandleState
SetFilePointer
SetEvent
SetEndOfFile
ResumeThread
ResetEvent
ReadProcessMemory
ReadFile
OpenProcess
MultiByteToWideChar
MulDiv
MoveFileA
LockResource
LocalFree
LoadResource
LoadLibraryA
LeaveCriticalSection
IsBadReadPtr
InitializeCriticalSection
HeapFree
HeapAlloc
GlobalUnlock
GlobalReAlloc
GlobalMemoryStatus
GlobalHandle
GlobalLock
GlobalFree
GlobalAlloc
GetVersionExA
GetUserDefaultLangID
GetTickCount
GetThreadLocale
GetTempPathA
GetSystemDirectoryA
GetStdHandle
GetStartupInfoA
GetShortPathNameA
GetProcessTimes
GetProcessHeap
GetProcAddress
GetPrivateProfileStringA
GetPriorityClass
GetModuleHandleA
GetModuleFileNameA
GetLogicalDriveStringsA
GetLocaleInfoA
GetLocalTime
GetLastError
GetFullPathNameA
GetFileSize
GetFileAttributesA
GetExitCodeThread
GetExitCodeProcess
GetEnvironmentVariableA
GetDriveTypeA
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcess
GetComputerNameA
GetCPInfo
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
FreeLibrary
FormatMessageA
FindResourceExA
FindNextFileA
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExitProcess
EnumCalendarInfoA
EnterCriticalSection
DeleteFileA
DeleteCriticalSection
CreateThread
CreateRemoteThread
CreateProcessA
CreatePipe
CreateMutexA
CreateFileA
CreateEventA
CreateDirectoryA
CopyFileA
CompareStringA
CloseHandle
Sleep
OpenThread
GetVersionExW

gdi32

UnrealizeObject
StretchBlt
SetWinMetaFileBits
SetTextColor
SetStretchBltMode
SetROP2
SetEnhMetaFileBits
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SelectPalette
SelectObject
RealizePalette
PlayEnhMetaFile
PatBlt
MoveToEx
MaskBlt
GetWindowOrgEx
GetWinMetaFileBits
GetTextMetricsA
GetTextExtentPoint32A
GetSystemPaletteEntries
GetStockObject
GetPixel
GetPaletteEntries
GetObjectA
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileBits
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetCurrentPositionEx
GetBrushOrgEx
GetBitmapBits
GdiFlush
ExtTextOutA
DeleteObject
DeleteEnhMetaFile
DeleteDC
CreatePenIndirect
CreatePalette
CreateHalftonePalette
CreateFontIndirectA
CreateDIBitmap
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileA
BitBlt

mpr

WNetOpenEnumA
WNetEnumResourceA
WNetCloseEnum

ole32

CLSIDFromProgID
CoCreateInstance
CoUninitialize
CoInitialize
CoInitializeEx

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

shell32

ShellExecuteA
SHGetFileInfoA
SHFileOperationA
DragQueryFileW
SHGetSpecialFolderPathA
ShellExecuteA

wsock32

WSACleanup
WSAStartup
WSAGetLastError
gethostbyname
gethostbyaddr
socket
shutdown
sendto
send
recv
ioctlsocket
inet_ntoa
inet_addr
htons
connect
closesocket
bind

netapi32

NetApiBufferFree
NetShareEnum

crypt32

CryptUnprotectData
CryptUnprotectData

winmm

waveInUnprepareHeader
waveInStart
waveInReset
waveInPrepareHeader
waveInOpen
waveInClose
waveInAddBuffer
mciSendStringA

ntdll

RtlSetProcessIsCritical

powrprof

IsPwrShutdownAllowed

msvcrt

_gcvt

msacm32

acmStreamUnprepareHeader
acmStreamPrepareHeader
acmStreamConvert
acmStreamReset
acmStreamSize
acmStreamClose
acmStreamOpen

iphlpapi

GetAdaptersInfo

shfolder

SHGetFolderPathA

Sections

.text
Size: 391KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 23KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: darktrack

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.2MB

UPX1 Size: 281KB - Virtual size: 284KB

.rsrc Size: 1KB - Virtual size: 4KB

Password: darktrack

Headers

File Characteristics

Sections

.text Size: 1.1MB - Virtual size: 3.4MB

.itext Size: 5KB - Virtual size: 12KB

.data Size: 20KB - Virtual size: 40KB

.bss Size: - Virtual size: 156KB

.idata Size: 6KB - Virtual size: 20KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 192KB

.rsrc Size: 1.6MB - Virtual size: 9.4MB

.aspack Size: 73KB - Virtual size: 76KB

.adata Size: - Virtual size: 4KB

Password: darktrack

Headers

File Characteristics

Sections

.text Size: 457KB - Virtual size: 1.3MB

.itext Size: 2KB - Virtual size: 4KB

.data Size: 6KB - Virtual size: 16KB

.bss Size: - Virtual size: 24KB

.idata Size: 4KB - Virtual size: 16KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 68KB

.rsrc Size: 40KB - Virtual size: 500KB

.aspack Size: 367KB - Virtual size: 368KB

.adata Size: - Virtual size: 4KB

Password: darktrack

a05575a4ef06bc557b834a488509da27

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

avicap32

crypt32

gdi32

kernel32

msvcrt

ole32

oleaut32

psapi

shell32

user32

winmm

ws2_32

Sections

.text Size: 22.0MB - Virtual size: 22.0MB

.rotext Size: 109KB - Virtual size: 109KB

.data Size: 302KB - Virtual size: 301KB

.rdata Size: 6.9MB - Virtual size: 6.9MB

.rodata Size: 69KB - Virtual size: 69KB

.bss Size: - Virtual size: 8.2MB

.idata Size: 14KB - Virtual size: 13KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 32B

Password: darktrack

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 180KB

UPX1 Size: 165KB - Virtual size: 168KB

UPX2 Size: 5KB - Virtual size: 8KB

UPX0
Size: - Virtual size: 1.2MB

UPX1
Size: 281KB - Virtual size: 284KB

.rsrc
Size: 1KB - Virtual size: 4KB

.text
Size: 1.1MB - Virtual size: 3.4MB

.itext
Size: 5KB - Virtual size: 12KB

.data
Size: 20KB - Virtual size: 40KB

.bss
Size: - Virtual size: 156KB

.idata
Size: 6KB - Virtual size: 20KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 192KB

.rsrc
Size: 1.6MB - Virtual size: 9.4MB

.aspack
Size: 73KB - Virtual size: 76KB

.adata
Size: - Virtual size: 4KB

.text
Size: 457KB - Virtual size: 1.3MB

.itext
Size: 2KB - Virtual size: 4KB

.data
Size: 6KB - Virtual size: 16KB

.bss
Size: - Virtual size: 24KB

.idata
Size: 4KB - Virtual size: 16KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 68KB

.rsrc
Size: 40KB - Virtual size: 500KB

.aspack
Size: 367KB - Virtual size: 368KB

.adata
Size: - Virtual size: 4KB

.text
Size: 22.0MB - Virtual size: 22.0MB

.rotext
Size: 109KB - Virtual size: 109KB

.data
Size: 302KB - Virtual size: 301KB

.rdata
Size: 6.9MB - Virtual size: 6.9MB

.rodata
Size: 69KB - Virtual size: 69KB

.bss
Size: - Virtual size: 8.2MB

.idata
Size: 14KB - Virtual size: 13KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 32B

UPX0
Size: - Virtual size: 180KB

UPX1
Size: 165KB - Virtual size: 168KB

UPX2
Size: 5KB - Virtual size: 8KB

.text
Size: 268KB - Virtual size: 267KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 28KB - Virtual size: 28KB

.reloc
Size: 12KB - Virtual size: 8KB

.text
Size: 233KB - Virtual size: 232KB

.data
Size: 512B - Virtual size: 252B

.bss
Size: - Virtual size: 416B

.edata
Size: 3KB - Virtual size: 2KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 5KB

UPX0
Size: - Virtual size: 180KB

UPX1
Size: 165KB - Virtual size: 168KB

UPX2
Size: 5KB - Virtual size: 8KB

.text
Size: 268KB - Virtual size: 267KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 28KB - Virtual size: 28KB

.reloc
Size: 12KB - Virtual size: 8KB