4896c4f33dca7e2d0f77f6ae2113d4ea7734c5e34b33d7ee33fa4c10884afa9c

Sharing

Copy URL

Twitter E-mail

General

Target

4896c4f33dca7e2d0f77f6ae2113d4ea7734c5e34b33d7ee33fa4c10884afa9c
Size

2.5MB
MD5

baddf3fd883fdac5ad194261ffcae7e2
SHA1

deaa999c9c8b6a9e50d39d6d2f41b69e8070f15c
SHA256

4896c4f33dca7e2d0f77f6ae2113d4ea7734c5e34b33d7ee33fa4c10884afa9c
SHA512

8138b4b02b321d61b7ca60fe2098ce76ef54c40c9d53fe478372bbb94ff4592b69056520986f381302262d7cfac622d331fb04bb5c5e1d1b314c2e1ee8f0ec5e
SSDEEP

49152:uLagGPqQ+6cvo/qPOmVWE6SpOWeYh9oCMKP+FqYZ2bJwSlZ9:CagQqR6cQ0DvhMKiN22e9

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Զ/HPSocket4C.dll
unpack001/Զ/Ʊⲿݴȫ2.1.8.exe

Files

4896c4f33dca7e2d0f77f6ae2113d4ea7734c5e34b33d7ee33fa4c10884afa9c
.zip
股票公式股票软件下载.url
自定义数据神器/股票公式股票软件下载.url
Զ/1ض˵.txt
Զ/HPSocket4C.dll
.dll windows x86

ac8aedab7154ec2b8b0f0e762f1f40c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LockResource
LoadResource
FindResourceW
FindResourceExW
CreateTimerQueue
DeleteTimerQueueEx
CreateWaitableTimerA
GetSystemInfo
GetExitCodeThread
TerminateThread
ResetEvent
InterlockedExchange
PostQueuedCompletionStatus
RaiseException
SetEvent
GetQueuedCompletionStatus
CreateIoCompletionPort
UnmapViewOfFile
lstrlenA
CreateFileA
GetProcAddress
GetModuleHandleA
GetFileSize
CreateFileMappingA
MapViewOfFileEx
MultiByteToWideChar
WaitForMultipleObjects
InterlockedExchangeAdd
SetWaitableTimer
CancelWaitableTimer
TryEnterCriticalSection
CreateTimerQueueTimer
DeleteTimerQueueTimer
SystemTimeToFileTime
GetSystemTime
GetModuleHandleExW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
DeleteFiber
SwitchToFiber
CreateFiber
FindNextFileW
FindFirstFileW
FindClose
GetModuleHandleW
GetVersion
WriteFile
GetFileType
GetStdHandle
ConvertFiberToThread
ConvertThreadToFiber
GetSystemTimeAsFileTime
QueryPerformanceCounter
FreeLibrary
LoadLibraryA
LoadLibraryW
GetConsoleMode
SizeofResource
ReadConsoleA
ReadConsoleW
GetEnvironmentVariableW
CompareStringW
GetDriveTypeW
WriteConsoleW
FlushFileBuffers
WideCharToMultiByte
Sleep
CreateEventA
GetNativeSystemInfo
SwitchToThread
ReleaseSemaphore
WaitForSingleObject
CloseHandle
CreateSemaphoreA
GetCurrentProcessId
GetCurrentThreadId
SetLastError
GetLastError
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
SetEnvironmentVariableA
GetCurrentDirectoryW
PeekNamedPipe
GetFileInformationByHandle
GetFullPathNameA
GetTickCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
IsProcessorFeaturePresent
RtlUnwind
GetTimeZoneInformation
GetStringTypeW
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
ReadFile
SetEndOfFile
GetConsoleCP
SetStdHandle
GetStartupInfoW
SetHandleCount
GetModuleFileNameW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
SetConsoleCtrlHandler
FindFirstFileExA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCommandLineA
CreateThread
ExitThread
CreateFileW
SetFilePointer
EncodePointer
DecodePointer
ExitProcess
GetProcessHeap
HeapSize
HeapReAlloc
InterlockedCompareExchange
HeapFree
HeapAlloc
HeapDestroy
HeapCreate
DeleteCriticalSection
SetConsoleMode
InitializeCriticalSectionAndSpinCount

user32

GetProcessWindowStation
GetUserObjectInformationW
MsgWaitForMultipleObjects
DispatchMessageA
TranslateMessage
MessageBoxW
PeekMessageA

advapi32

CryptSignHashW
ReportEventW
RegisterEventSourceW
CryptEnumProvidersW
CryptReleaseContext
CryptDestroyKey
CryptGetProvParam
CryptGenRandom
CryptDecrypt
CryptCreateHash
CryptSetHashParam
DeregisterEventSource
CryptDestroyHash
CryptExportKey
CryptGetUserKey
CryptAcquireContextW

shlwapi

StrPBrkA
StrChrA
PathFileExistsA
PathIsDirectoryA

winmm

timeGetTime
timeBeginPeriod
timeEndPeriod
timeGetDevCaps

ws2_32

WSARecv
WSASend
closesocket
shutdown
sendto
send
ioctlsocket
setsockopt
htonl
ntohl
WSASendTo
getsockname
WSAAddressToStringA
freeaddrinfo
getaddrinfo
WSAStringToAddressA
getsockopt
WSAIoctl
WSASetLastError
htons
WSAGetLastError
ntohs
WSARecvFrom
WSAStartup
WSACleanup
bind
socket
WSAGetOverlappedResult
connect
WSACreateEvent
WSAEventSelect
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
WSAResetEvent
recv
WSACloseEvent
listen
recvfrom
getpeername

crypt32

CertDuplicateCertificateContext
CertCloseStore
CertEnumCertificatesInStore
CertFreeCertificateContext
CertGetCertificateContextProperty
CertFindCertificateInStore
CertOpenStore

Exports

Exports

Create_HP_HttpAgent
Create_HP_HttpAgentListener
Create_HP_HttpClient
Create_HP_HttpClientListener
Create_HP_HttpServer
Create_HP_HttpServerListener
Create_HP_HttpSyncClient
Create_HP_HttpsAgent
Create_HP_HttpsClient
Create_HP_HttpsServer
Create_HP_HttpsSyncClient
Create_HP_SSLAgent
Create_HP_SSLClient
Create_HP_SSLPackAgent
Create_HP_SSLPackClient
Create_HP_SSLPackServer
Create_HP_SSLPullAgent
Create_HP_SSLPullClient
Create_HP_SSLPullServer
Create_HP_SSLServer
Create_HP_SocketTaskObj
Create_HP_TcpAgent
Create_HP_TcpAgentListener
Create_HP_TcpClient
Create_HP_TcpClientListener
Create_HP_TcpPackAgent
Create_HP_TcpPackAgentListener
Create_HP_TcpPackClient
Create_HP_TcpPackClientListener
Create_HP_TcpPackServer
Create_HP_TcpPackServerListener
Create_HP_TcpPullAgent
Create_HP_TcpPullAgentListener
Create_HP_TcpPullClient
Create_HP_TcpPullClientListener
Create_HP_TcpPullServer
Create_HP_TcpPullServerListener
Create_HP_TcpServer
Create_HP_TcpServerListener
Create_HP_ThreadPool
Create_HP_UdpArqClient
Create_HP_UdpArqClientListener
Create_HP_UdpArqServer
Create_HP_UdpArqServerListener
Create_HP_UdpCast
Create_HP_UdpCastListener
Create_HP_UdpClient
Create_HP_UdpClientListener
Create_HP_UdpNode
Create_HP_UdpNodeListener
Create_HP_UdpServer
Create_HP_UdpServerListener
Destroy_HP_HttpAgent
Destroy_HP_HttpAgentListener
Destroy_HP_HttpClient
Destroy_HP_HttpClientListener
Destroy_HP_HttpServer
Destroy_HP_HttpServerListener
Destroy_HP_HttpSyncClient
Destroy_HP_HttpsAgent
Destroy_HP_HttpsClient
Destroy_HP_HttpsServer
Destroy_HP_HttpsSyncClient
Destroy_HP_SSLAgent
Destroy_HP_SSLClient
Destroy_HP_SSLPackAgent
Destroy_HP_SSLPackClient
Destroy_HP_SSLPackServer
Destroy_HP_SSLPullAgent
Destroy_HP_SSLPullClient
Destroy_HP_SSLPullServer
Destroy_HP_SSLServer
Destroy_HP_SocketTaskObj
Destroy_HP_TcpAgent
Destroy_HP_TcpAgentListener
Destroy_HP_TcpClient
Destroy_HP_TcpClientListener
Destroy_HP_TcpPackAgent
Destroy_HP_TcpPackAgentListener
Destroy_HP_TcpPackClient
Destroy_HP_TcpPackClientListener
Destroy_HP_TcpPackServer
Destroy_HP_TcpPackServerListener
Destroy_HP_TcpPullAgent
Destroy_HP_TcpPullAgentListener
Destroy_HP_TcpPullClient
Destroy_HP_TcpPullClientListener
Destroy_HP_TcpPullServer
Destroy_HP_TcpPullServerListener
Destroy_HP_TcpServer
Destroy_HP_TcpServerListener
Destroy_HP_ThreadPool
Destroy_HP_UdpArqClient
Destroy_HP_UdpArqClientListener
Destroy_HP_UdpArqServer
Destroy_HP_UdpArqServerListener
Destroy_HP_UdpCast
Destroy_HP_UdpCastListener
Destroy_HP_UdpClient
Destroy_HP_UdpClientListener
Destroy_HP_UdpNode
Destroy_HP_UdpNodeListener
Destroy_HP_UdpServer
Destroy_HP_UdpServerListener
HP_Agent_Connect
HP_Agent_ConnectWithExtra
HP_Agent_ConnectWithExtraAndLocalAddressPort
HP_Agent_ConnectWithExtraAndLocalPort
HP_Agent_ConnectWithLocalAddress
HP_Agent_ConnectWithLocalPort
HP_Agent_Disconnect
HP_Agent_DisconnectLongConnections
HP_Agent_DisconnectSilenceConnections
HP_Agent_GetAllConnectionIDs
HP_Agent_GetConnectPeriod
HP_Agent_GetConnectionCount
HP_Agent_GetConnectionExtra
HP_Agent_GetFreeBufferObjHold
HP_Agent_GetFreeBufferObjPool
HP_Agent_GetFreeSocketObjHold
HP_Agent_GetFreeSocketObjLockTime
HP_Agent_GetFreeSocketObjPool
HP_Agent_GetLastError
HP_Agent_GetLastErrorDesc
HP_Agent_GetLocalAddress
HP_Agent_GetMaxConnectionCount
HP_Agent_GetOnSendSyncPolicy
HP_Agent_GetPendingDataLength
HP_Agent_GetRemoteAddress
HP_Agent_GetRemoteHost
HP_Agent_GetReuseAddressPolicy
HP_Agent_GetSendPolicy
HP_Agent_GetSilencePeriod
HP_Agent_GetState
HP_Agent_GetWorkerThreadCount
HP_Agent_HasStarted
HP_Agent_IsConnected
HP_Agent_IsMarkSilence
HP_Agent_IsPauseReceive
HP_Agent_IsSecure
HP_Agent_PauseReceive
HP_Agent_Send
HP_Agent_SendPackets
HP_Agent_SendPart
HP_Agent_SetConnectionExtra
HP_Agent_SetFreeBufferObjHold
HP_Agent_SetFreeBufferObjPool
HP_Agent_SetFreeSocketObjHold
HP_Agent_SetFreeSocketObjLockTime
HP_Agent_SetFreeSocketObjPool
HP_Agent_SetMarkSilence
HP_Agent_SetMaxConnectionCount
HP_Agent_SetOnSendSyncPolicy
HP_Agent_SetReuseAddressPolicy
HP_Agent_SetSendPolicy
HP_Agent_SetWorkerThreadCount
HP_Agent_Start
HP_Agent_Stop
HP_Agent_Wait
HP_Client_GetConnectionID
HP_Client_GetExtra
HP_Client_GetFreeBufferPoolHold
HP_Client_GetFreeBufferPoolSize
HP_Client_GetLastError
HP_Client_GetLastErrorDesc
HP_Client_GetLocalAddress
HP_Client_GetPendingDataLength
HP_Client_GetRemoteHost
HP_Client_GetReuseAddressPolicy
HP_Client_GetState
HP_Client_HasStarted
HP_Client_IsConnected
HP_Client_IsPauseReceive
HP_Client_IsSecure
HP_Client_PauseReceive
HP_Client_Send
HP_Client_SendPackets
HP_Client_SendPart
HP_Client_SetExtra
HP_Client_SetFreeBufferPoolHold
HP_Client_SetFreeBufferPoolSize
HP_Client_SetReuseAddressPolicy
HP_Client_Start
HP_Client_StartWithBindAddress
HP_Client_StartWithBindAddressAndLocalPort
HP_Client_Stop
HP_Client_Wait
HP_GetHPSocketVersion
HP_GetSocketErrorDesc
HP_HttpAgent_GetAllCookies
HP_HttpAgent_GetAllHeaderNames
HP_HttpAgent_GetAllHeaders
HP_HttpAgent_GetContentEncoding
HP_HttpAgent_GetContentLength
HP_HttpAgent_GetContentType
HP_HttpAgent_GetCookie
HP_HttpAgent_GetHeader
HP_HttpAgent_GetHeaders
HP_HttpAgent_GetLocalVersion
HP_HttpAgent_GetParseErrorCode
HP_HttpAgent_GetStatusCode
HP_HttpAgent_GetTransferEncoding
HP_HttpAgent_GetUpgradeType
HP_HttpAgent_GetVersion
HP_HttpAgent_GetWSMessageState
HP_HttpAgent_IsHttpAutoStart
HP_HttpAgent_IsKeepAlive
HP_HttpAgent_IsUpgrade
HP_HttpAgent_IsUseCookie
HP_HttpAgent_SendChunkData
HP_HttpAgent_SendConnect
HP_HttpAgent_SendDelete
HP_HttpAgent_SendGet
HP_HttpAgent_SendHead
HP_HttpAgent_SendLocalFile
HP_HttpAgent_SendOptions
HP_HttpAgent_SendPatch
HP_HttpAgent_SendPost
HP_HttpAgent_SendPut
HP_HttpAgent_SendRequest
HP_HttpAgent_SendTrace
HP_HttpAgent_SendWSMessage
HP_HttpAgent_SetHttpAutoStart
HP_HttpAgent_SetLocalVersion
HP_HttpAgent_SetUseCookie
HP_HttpAgent_StartHttp
HP_HttpClient_GetAllCookies
HP_HttpClient_GetAllHeaderNames
HP_HttpClient_GetAllHeaders
HP_HttpClient_GetContentEncoding
HP_HttpClient_GetContentLength
HP_HttpClient_GetContentType
HP_HttpClient_GetCookie
HP_HttpClient_GetHeader
HP_HttpClient_GetHeaders
HP_HttpClient_GetLocalVersion
HP_HttpClient_GetParseErrorCode
HP_HttpClient_GetStatusCode
HP_HttpClient_GetTransferEncoding
HP_HttpClient_GetUpgradeType
HP_HttpClient_GetVersion
HP_HttpClient_GetWSMessageState
HP_HttpClient_IsHttpAutoStart
HP_HttpClient_IsKeepAlive
HP_HttpClient_IsUpgrade
HP_HttpClient_IsUseCookie
HP_HttpClient_SendChunkData
HP_HttpClient_SendConnect
HP_HttpClient_SendDelete
HP_HttpClient_SendGet
HP_HttpClient_SendHead
HP_HttpClient_SendLocalFile
HP_HttpClient_SendOptions
HP_HttpClient_SendPatch
HP_HttpClient_SendPost
HP_HttpClient_SendPut
HP_HttpClient_SendRequest
HP_HttpClient_SendTrace
HP_HttpClient_SendWSMessage
HP_HttpClient_SetHttpAutoStart
HP_HttpClient_SetLocalVersion
HP_HttpClient_SetUseCookie
HP_HttpClient_StartHttp
HP_HttpCookie_HLP_CurrentUTCTime
HP_HttpCookie_HLP_ExpiresToMaxAge
HP_HttpCookie_HLP_MakeExpiresStr
HP_HttpCookie_HLP_MaxAgeToExpires
HP_HttpCookie_HLP_ParseExpires
HP_HttpCookie_HLP_ToString
HP_HttpCookie_MGR_ClearCookies
HP_HttpCookie_MGR_DeleteCookie
HP_HttpCookie_MGR_IsEnableThirdPartyCookie
HP_HttpCookie_MGR_LoadFromFile
HP_HttpCookie_MGR_RemoveExpiredCookies
HP_HttpCookie_MGR_SaveToFile
HP_HttpCookie_MGR_SetCookie
HP_HttpCookie_MGR_SetEnableThirdPartyCookie
HP_HttpServer_GetAllCookies
HP_HttpServer_GetAllHeaderNames
HP_HttpServer_GetAllHeaders
HP_HttpServer_GetContentEncoding
HP_HttpServer_GetContentLength
HP_HttpServer_GetContentType
HP_HttpServer_GetCookie
HP_HttpServer_GetHeader
HP_HttpServer_GetHeaders
HP_HttpServer_GetHost
HP_HttpServer_GetLocalVersion
HP_HttpServer_GetMethod
HP_HttpServer_GetParseErrorCode
HP_HttpServer_GetReleaseDelay
HP_HttpServer_GetTransferEncoding
HP_HttpServer_GetUpgradeType
HP_HttpServer_GetUrlField
HP_HttpServer_GetUrlFieldSet
HP_HttpServer_GetVersion
HP_HttpServer_GetWSMessageState
HP_HttpServer_IsHttpAutoStart
HP_HttpServer_IsKeepAlive
HP_HttpServer_IsUpgrade
HP_HttpServer_Release
HP_HttpServer_SendChunkData
HP_HttpServer_SendLocalFile
HP_HttpServer_SendResponse
HP_HttpServer_SendWSMessage
HP_HttpServer_SetHttpAutoStart
HP_HttpServer_SetLocalVersion
HP_HttpServer_SetReleaseDelay
HP_HttpServer_StartHttp
HP_HttpSyncClient_CleanupRequestResult
HP_HttpSyncClient_GetConnectTimeout
HP_HttpSyncClient_GetRequestTimeout
HP_HttpSyncClient_GetResponseBody
HP_HttpSyncClient_OpenUrl
HP_HttpSyncClient_SetConnectTimeout
HP_HttpSyncClient_SetRequestTimeout
HP_SSLAgent_CleanupSSLContext
HP_SSLAgent_GetSSLCipherList
HP_SSLAgent_GetSSLSessionInfo
HP_SSLAgent_IsSSLAutoHandShake
HP_SSLAgent_SetSSLAutoHandShake
HP_SSLAgent_SetSSLCipherList
HP_SSLAgent_SetupSSLContext
HP_SSLAgent_SetupSSLContextByMemory
HP_SSLAgent_StartSSLHandShake
HP_SSLClient_CleanupSSLContext
HP_SSLClient_GetSSLCipherList
HP_SSLClient_GetSSLSessionInfo
HP_SSLClient_IsSSLAutoHandShake
HP_SSLClient_SetSSLAutoHandShake
HP_SSLClient_SetSSLCipherList
HP_SSLClient_SetupSSLContext
HP_SSLClient_SetupSSLContextByMemory
HP_SSLClient_StartSSLHandShake
HP_SSLServer_AddSSLContext
HP_SSLServer_AddSSLContextByMemory
HP_SSLServer_BindSSLServerName
HP_SSLServer_CleanupSSLContext
HP_SSLServer_GetSSLCipherList
HP_SSLServer_GetSSLSessionInfo
HP_SSLServer_IsSSLAutoHandShake
HP_SSLServer_SetSSLAutoHandShake
HP_SSLServer_SetSSLCipherList
HP_SSLServer_SetupSSLContext
HP_SSLServer_SetupSSLContextByMemory
HP_SSLServer_StartSSLHandShake
HP_SSL_DefaultServerNameCallback
HP_SSL_RemoveThreadLocalState
HP_Server_Disconnect
HP_Server_DisconnectLongConnections
HP_Server_DisconnectSilenceConnections
HP_Server_GetAllConnectionIDs
HP_Server_GetConnectPeriod
HP_Server_GetConnectionCount
HP_Server_GetConnectionExtra
HP_Server_GetFreeBufferObjHold
HP_Server_GetFreeBufferObjPool
HP_Server_GetFreeSocketObjHold
HP_Server_GetFreeSocketObjLockTime
HP_Server_GetFreeSocketObjPool
HP_Server_GetLastError
HP_Server_GetLastErrorDesc
HP_Server_GetListenAddress
HP_Server_GetLocalAddress
HP_Server_GetMaxConnectionCount
HP_Server_GetOnSendSyncPolicy
HP_Server_GetPendingDataLength
HP_Server_GetRemoteAddress
HP_Server_GetReuseAddressPolicy
HP_Server_GetSendPolicy
HP_Server_GetSilencePeriod
HP_Server_GetState
HP_Server_GetWorkerThreadCount
HP_Server_HasStarted
HP_Server_IsConnected
HP_Server_IsMarkSilence
HP_Server_IsPauseReceive
HP_Server_IsSecure
HP_Server_PauseReceive
HP_Server_Send
HP_Server_SendPackets
HP_Server_SendPart
HP_Server_SetConnectionExtra
HP_Server_SetFreeBufferObjHold
HP_Server_SetFreeBufferObjPool
HP_Server_SetFreeSocketObjHold
HP_Server_SetFreeSocketObjLockTime
HP_Server_SetFreeSocketObjPool
HP_Server_SetMarkSilence
HP_Server_SetMaxConnectionCount
HP_Server_SetOnSendSyncPolicy
HP_Server_SetReuseAddressPolicy
HP_Server_SetSendPolicy
HP_Server_SetWorkerThreadCount
HP_Server_Start
HP_Server_Stop
HP_Server_Wait
HP_Set_FN_Agent_OnClose
HP_Set_FN_Agent_OnConnect
HP_Set_FN_Agent_OnHandShake
HP_Set_FN_Agent_OnPrepareConnect
HP_Set_FN_Agent_OnPullReceive
HP_Set_FN_Agent_OnReceive
HP_Set_FN_Agent_OnSend
HP_Set_FN_Agent_OnShutdown
HP_Set_FN_Client_OnClose
HP_Set_FN_Client_OnConnect
HP_Set_FN_Client_OnHandShake
HP_Set_FN_Client_OnPrepareConnect
HP_Set_FN_Client_OnPullReceive
HP_Set_FN_Client_OnReceive
HP_Set_FN_Client_OnSend
HP_Set_FN_HttpAgent_OnBody
HP_Set_FN_HttpAgent_OnChunkComplete
HP_Set_FN_HttpAgent_OnChunkHeader
HP_Set_FN_HttpAgent_OnClose
HP_Set_FN_HttpAgent_OnConnect
HP_Set_FN_HttpAgent_OnHandShake
HP_Set_FN_HttpAgent_OnHeader
HP_Set_FN_HttpAgent_OnHeadersComplete
HP_Set_FN_HttpAgent_OnMessageBegin
HP_Set_FN_HttpAgent_OnMessageComplete
HP_Set_FN_HttpAgent_OnParseError
HP_Set_FN_HttpAgent_OnPrepareConnect
HP_Set_FN_HttpAgent_OnReceive
HP_Set_FN_HttpAgent_OnSend
HP_Set_FN_HttpAgent_OnShutdown
HP_Set_FN_HttpAgent_OnStatusLine
HP_Set_FN_HttpAgent_OnUpgrade
HP_Set_FN_HttpAgent_OnWSMessageBody
HP_Set_FN_HttpAgent_OnWSMessageComplete
HP_Set_FN_HttpAgent_OnWSMessageHeader
HP_Set_FN_HttpClient_OnBody
HP_Set_FN_HttpClient_OnChunkComplete
HP_Set_FN_HttpClient_OnChunkHeader
HP_Set_FN_HttpClient_OnClose
HP_Set_FN_HttpClient_OnConnect
HP_Set_FN_HttpClient_OnHandShake
HP_Set_FN_HttpClient_OnHeader
HP_Set_FN_HttpClient_OnHeadersComplete
HP_Set_FN_HttpClient_OnMessageBegin
HP_Set_FN_HttpClient_OnMessageComplete
HP_Set_FN_HttpClient_OnParseError
HP_Set_FN_HttpClient_OnPrepareConnect
HP_Set_FN_HttpClient_OnReceive
HP_Set_FN_HttpClient_OnSend
HP_Set_FN_HttpClient_OnStatusLine
HP_Set_FN_HttpClient_OnUpgrade
HP_Set_FN_HttpClient_OnWSMessageBody
HP_Set_FN_HttpClient_OnWSMessageComplete
HP_Set_FN_HttpClient_OnWSMessageHeader
HP_Set_FN_HttpServer_OnAccept
HP_Set_FN_HttpServer_OnBody
HP_Set_FN_HttpServer_OnChunkComplete
HP_Set_FN_HttpServer_OnChunkHeader
HP_Set_FN_HttpServer_OnClose
HP_Set_FN_HttpServer_OnHandShake
HP_Set_FN_HttpServer_OnHeader
HP_Set_FN_HttpServer_OnHeadersComplete
HP_Set_FN_HttpServer_OnMessageBegin
HP_Set_FN_HttpServer_OnMessageComplete
HP_Set_FN_HttpServer_OnParseError
HP_Set_FN_HttpServer_OnPrepareListen
HP_Set_FN_HttpServer_OnReceive
HP_Set_FN_HttpServer_OnRequestLine
HP_Set_FN_HttpServer_OnSend
HP_Set_FN_HttpServer_OnShutdown
HP_Set_FN_HttpServer_OnUpgrade
HP_Set_FN_HttpServer_OnWSMessageBody
HP_Set_FN_HttpServer_OnWSMessageComplete
HP_Set_FN_HttpServer_OnWSMessageHeader
HP_Set_FN_Server_OnAccept
HP_Set_FN_Server_OnClose
HP_Set_FN_Server_OnHandShake
HP_Set_FN_Server_OnPrepareListen
HP_Set_FN_Server_OnPullReceive
HP_Set_FN_Server_OnReceive
HP_Set_FN_Server_OnSend
HP_Set_FN_Server_OnShutdown
HP_Set_FN_UdpNode_OnError
HP_Set_FN_UdpNode_OnPrepareListen
HP_Set_FN_UdpNode_OnReceive
HP_Set_FN_UdpNode_OnSend
HP_Set_FN_UdpNode_OnShutdown
HP_TcpAgent_GetKeepAliveInterval
HP_TcpAgent_GetKeepAliveTime
HP_TcpAgent_GetSocketBufferSize
HP_TcpAgent_SendSmallFile
HP_TcpAgent_SetKeepAliveInterval
HP_TcpAgent_SetKeepAliveTime
HP_TcpAgent_SetSocketBufferSize
HP_TcpClient_GetKeepAliveInterval
HP_TcpClient_GetKeepAliveTime
HP_TcpClient_GetSocketBufferSize
HP_TcpClient_SendSmallFile
HP_TcpClient_SetKeepAliveInterval
HP_TcpClient_SetKeepAliveTime
HP_TcpClient_SetSocketBufferSize
HP_TcpPackAgent_GetMaxPackSize
HP_TcpPackAgent_GetPackHeaderFlag

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 548KB - Virtual size: 547KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Զ/clog.ini
Զ/configwie.ini
Զ/Ʊⲿݴȫ2.1.8.exe
.exe windows x86

f39668af7f0c0acd528ca9dd220b98ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasHangUpA

winmm

midiOutPrepareHeader

ws2_32

closesocket

kernel32

GetVersion

user32

AdjustWindowRectEx

gdi32

CombineRgn

msimg32

GradientFill

winspool.drv

DocumentPropertiesA

comdlg32

PrintDlgA

advapi32

RegCreateKeyExA

shell32

ShellExecuteA

ole32

CoTaskMemAlloc

oleaut32

SafeArrayCreate

comctl32

ImageList_Create

oledlg

ord8

wininet

InternetCloseHandle

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 748KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Զ/ݴȫTDXʽ.tn6

Sharing

General

Malware Config

Signatures

Files

ac8aedab7154ec2b8b0f0e762f1f40c5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

winmm

ws2_32

crypt32

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 548KB - Virtual size: 547KB

.data Size: 29KB - Virtual size: 47KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 102KB - Virtual size: 102KB

f39668af7f0c0acd528ca9dd220b98ca

Headers

File Characteristics

Imports

rasapi32

winmm

ws2_32

kernel32

user32

gdi32

msimg32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

oledlg

wininet

msvcrt

iphlpapi

psapi

Sections

.text Size: 748KB - Virtual size: 1.9MB

.sedata Size: 1.0MB - Virtual size: 1.0MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 8KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 548KB - Virtual size: 547KB

.data
Size: 29KB - Virtual size: 47KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 102KB - Virtual size: 102KB

.text
Size: 748KB - Virtual size: 1.9MB

.sedata
Size: 1.0MB - Virtual size: 1.0MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 8KB

.sedata
Size: 4KB - Virtual size: 4KB