fdc22ff6e395975b997bd698d73e7e7a60c9db4466519430c74fc7ebd9a16a86

Sharing

Copy URL Twitter E-mail

General

Target

fdc22ff6e395975b997bd698d73e7e7a60c9db4466519430c74fc7ebd9a16a86
Size

2.0MB
MD5

9bfb88e298dd8f9fb99bc652d7eed6cf
SHA1

4c87722add2952b1bef6977688c9b71869906f7f
SHA256

fdc22ff6e395975b997bd698d73e7e7a60c9db4466519430c74fc7ebd9a16a86
SHA512

c2b5b49d83684d15a0100baf03e711cfd01f28f1b865e86b282b7b6fee1af89ef2068e3d45d5febaba139105e52bf776225bb21b373dfe9db28ddaf37453c0f9
SSDEEP

49152:tBiErPm9LPg4ET2hknaPGufFBWnpW9LkfbqA6UChy:tsEr+9LY3IknOFB6pWZkDq18

Score

3^/10

Malware Config

Signatures

Unsigned PE 10 IoCs

Checks for missing Authenticode signature.

resource
unpack002/zview3.1/Ftengine.exe
unpack002/zview3.1/InstDll.dll
unpack002/zview3.1/Kechk32b.dll
unpack002/zview3.1/KeyInstall.exe
unpack002/zview3.1/Renew32.exe
unpack002/zview3.1/UNWISE.EXE
unpack002/zview3.1/ZView3.exe
unpack002/zview3.1/ib10e32.dll
unpack002/zview3.1/ib97e32.dll
unpack002/zview3.1/ibfs32.dll

Files

fdc22ff6e395975b997bd698d73e7e7a60c9db4466519430c74fc7ebd9a16a86
.zip
Zview3.1 安装/Zview3.1软件打开方法.jpg
.jpg
Zview3.1 安装/Zview打开数据出现demo提示的解决方法.txt
Zview3.1 安装/zview3.1.zip
.zip
zview3.1/Ftengine.exe
.exe windows:4 windows x86

7abfb47628bc58d292771d2c0c497006

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateCaret
GetWindowLongA
PtInRect
WaitMessage
DispatchMessageA
GetUpdateRect
IntersectRect
IsRectEmpty
CreateDialogIndirectParamA
IsDialogMessageA
GetFocus
EnableWindow
DestroyWindow
GetClipboardData
IsWindowVisible
LoadIconA
RegisterClassA
OemToCharA
CreateMenu
GetWindow
AttachThreadInput
ReleaseCapture
PeekMessageA
SetCapture
SetScrollRange
GetScrollPos
IsClipboardFormatAvailable
ModifyMenuA
SetCursor
GetMenu
MessageBeep
DestroyCaret
SetFocus
CheckMenuItem
OpenClipboard
CloseClipboard
EmptyClipboard
SetClipboardData
ScrollWindow
SetScrollPos
SetWindowLongA
DefMDIChildProcA
DefWindowProcA
WinHelpA
GetClientRect
SetCaretPos
GetMenuState
AppendMenuA
SetWindowTextA
wsprintfA
LoadCursorA
GetSystemMenu
DeleteMenu
EnumChildWindows
GetMenuItemCount
GetSubMenu
DestroyMenu
PostQuitMessage
GetKeyState
IsWindow
BeginPaint
EndPaint
GetDC
ReleaseDC
CreateWindowExA
DefFrameProcA
UpdateWindow
InvalidateRect
ScrollDC
InvalidateRgn
HideCaret
ShowCaret
ShowWindow
IsZoomed
GetWindowRect
GetSystemMetrics
SetWindowPos
MoveWindow
SetMenu
MessageBoxA
PostMessageA
SendMessageA
EnableMenuItem
DrawMenuBar
GetMessageA
TranslateMDISysAccel
TranslateMessage

gdi32

AbortDoc
GetDIBits
GetSystemPaletteEntries
MoveToEx
LineTo
SetBkMode
GetMapMode
DPtoLP
StretchDIBits
SetAbortProc
StartDocA
StartPage
EndPage
EndDoc
TextOutA
GetNearestColor
CreateCompatibleBitmap
SetPixelV
SetPixel
SetROP2
SelectClipRgn
SetWindowExtEx
SetViewportExtEx
GetPaletteEntries
CreatePalette
GetStockObject
SetMapMode
CreateBitmapIndirect
SelectPalette
RealizePalette
BitBlt
SetStretchBltMode
GetDeviceCaps
CreateCompatibleDC
GetObjectA
StretchBlt
DeleteDC
CreateDIBitmap
SetTextColor
SetBkColor
GetTextMetricsA
ExtTextOutA
CreatePen
Rectangle
CreateRectRgn
GdiFlush
CreateSolidBrush
DeleteObject
EnumFontFamiliesA
CreateFontIndirectA
SelectObject

comdlg32

GetSaveFileNameA
CommDlgExtendedError
PrintDlgA
GetOpenFileNameA

kernel32

RtlUnwind
LeaveCriticalSection
EnterCriticalSection
HeapFree
HeapReAlloc
HeapAlloc
InterlockedIncrement
InterlockedDecrement
TerminateProcess
ExitProcess
GetVersion
GetStartupInfoA
FlushFileBuffers
CreateProcessA
SetThreadPriority
DeleteFileA
WriteFile
GetFileInformationByHandle
GetFullPathNameA
GetTempPathA
GetTempFileNameA
SetFilePointer
SetEndOfFile
ReadFile
GetCurrentThreadId
CreateMutexA
WaitForSingleObject
ReleaseMutex
GetModuleHandleA
CreateFileA
MultiByteToWideChar
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
DeleteCriticalSection
TlsFree
HeapDestroy
HeapCreate
InitializeCriticalSection
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetFileAttributesA
GetCPInfo
GetOEMCP
SetEnvironmentVariableA
CompareStringA
CompareStringW
GetExitCodeProcess
SetStdHandle
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcpyA
lstrlenA
IsDBCSLeadByteEx
CreateEventA
ResumeThread
ExitThread
GetCurrentProcessId
SearchPathA
SetEvent
DuplicateHandle
SuspendThread
GetProfileIntA
GlobalSize
CreateThread
CreateFileMappingA
MapViewOfFile
VirtualQuery
GetModuleFileNameA
LoadLibraryA
GetACP
SetErrorMode
SetConsoleCtrlHandler
SetLastError
GetCommandLineA
InterlockedExchange
RaiseException
CloseHandle
TlsSetValue
TlsGetValue
TlsAlloc
Sleep
GetFileType
GetStdHandle
GetLastError
VirtualAlloc
VirtualFree
GetVersionExA
FormatMessageA
DebugBreak
FreeLibrary
GetCurrentThread
GetCurrentProcess
GetProcAddress

Sections

.text
Size: 456KB - Virtual size: 452KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
zview3.1/INSTALL-ZV.LOG
zview3.1/InstDll.dll
.dll windows:4 windows x86

8a6283336311c56e2e35a93b82280c45

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExA
LockResource
LoadResource
SizeofResource
FindResourceA
GetVersion
GetModuleHandleA
GetSystemDefaultLCID
GetPrivateProfileStringA
DeviceIoControl
GetCurrentProcess
LoadLibraryA
GetProcAddress
FreeLibrary
GetSystemDirectoryA
CopyFileA
SetFileAttributesA
GetFileSize
ReadFile
SetFilePointer
WriteFile
Sleep
GetWindowsDirectoryA
DeleteFileA
CreateFileA
CloseHandle
lstrcatA
IsBadCodePtr
lstrlenA
lstrcpynA
CreateDirectoryA
GetLastError
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
IsBadWritePtr
IsBadReadPtr
HeapValidate
DebugBreak
GetStdHandle
OutputDebugStringA
GetModuleFileNameA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
HeapFree
VirtualFree
RtlUnwind
HeapAlloc
HeapReAlloc
VirtualAlloc

user32

LoadStringA
MessageBoxA
ExitWindowsEx

advapi32

RegSaveKeyA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetKeySecurity
RegEnumKeyExA
RegQueryValueExA
RegCreateKeyExA
OpenSCManagerA
OpenServiceA
ControlService
DeleteService
CloseServiceHandle
CreateServiceA
StartServiceA
RegCreateKeyA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyA
RegCloseKey
RegOpenKeyExA
RegRestoreKeyA

shlwapi

PathFileExistsA
SHDeleteKeyA

setupapi

SetupCopyOEMInfA
SetupDiCreateDeviceInfoList

Exports

Exports

Foo
InstRockey
Is64Process
IsNeedRestart
ReBoot
Rk4GetVersion
Rk4IsHaveInstall
Rk4ParseCmdLine
Rk4Setup
WinGetVersion

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 296KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zview3.1/Kechk32b.dll
.dll windows:4 windows x86

bbe93bd473bd0b26e5d2ae23e8904b88

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

OpenServiceA
RegCloseKey
RegQueryValueExA
CloseServiceHandle
StartServiceA
RegOpenKeyExA
CreateServiceA
DeleteService
ControlService
OpenSCManagerA

kernel32

GetVersion
GetSystemDirectoryA
GetFileAttributesA
GetCurrentDirectoryA
CopyFileA
Sleep
CreateFileA
GetLastError
GetSystemTimeAsFileTime
DeleteFileA
DeviceIoControl
GetTickCount
FileTimeToDosDateTime
FileTimeToLocalFileTime
FreeEnvironmentStringsW
WideCharToMultiByte
GetCommandLineA
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
HeapAlloc
VirtualAlloc
HeapReAlloc
GetStringTypeW
RtlUnwind
GetOEMCP
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA

ibfs32

TMSetup
TMEndSession
Get_Version
TMTouchByte
TMRom
TMStrongAccess
TMGetTypeVersion
TMExtendedStartSession
TMFirst
TMNext

Exports

Exports

KECHK32

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zview3.1/KeyInstall.exe
.exe windows:4 windows x86

006c77cfc4370c1677fd7ccd17c223ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegFlushKey
RegCloseKey

user32

GetKeyboardType
DestroyWindow
LoadStringA
MessageBoxA
CharNextA
CreateWindowExA
WindowFromPoint
WaitMessage
UpdateWindow
UnregisterClassA
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenu
SystemParametersInfoA
ShowWindow
ShowScrollBar
ShowOwnedPopups
SetWindowsHookExA
SetWindowTextA
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetWindowLongA
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetRect
SetPropA
SetParent
SetMenuItemInfoA
SetMenu
SetForegroundWindow
SetFocus
SetCursor
SetClassLongA
SetCapture
SetActiveWindow
SendMessageW
SendMessageA
ScrollWindow
ScreenToClient
RemovePropA
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageA
RegisterClipboardFormatA
RegisterClassA
RedrawWindow
PtInRect
PostQuitMessage
PostMessageA
PeekMessageW
PeekMessageA
OffsetRect
OemToCharA
MessageBoxA
MapWindowPoints
MapVirtualKeyA
LoadStringA
LoadKeyboardLayoutA
LoadIconA
LoadCursorA
LoadBitmapA
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDialogMessageW
IsDialogMessageA
IsChild
InvalidateRect
IntersectRect
InsertMenuItemA
InsertMenuA
InflateRect
GetWindowThreadProcessId
GetWindowTextA
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowLongA
GetWindowDC
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropA
GetParent
GetWindow
GetMessagePos
GetMenuStringA
GetMenuState
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutNameA
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextA
GetIconInfo
GetForegroundWindow
GetFocus
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClientRect
GetClassLongA
GetClassInfoA
GetCapture
GetActiveWindow
FrameRect
FindWindowA
FillRect
EqualRect
EnumWindows
EnumThreadWindows
EnumChildWindows
EndPaint
EnableWindow
EnableScrollBar
EnableMenuItem
DrawTextA
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawEdge
DispatchMessageW
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcA
DefMDIChildProcA
DefFrameProcA
CreatePopupMenu
CreateMenu
CreateIcon
ClientToScreen
CheckMenuItem
CallWindowProcA
CallNextHookEx
BeginPaint
CharNextA
CharLowerA
CharToOemA
AdjustWindowRectEx
ActivateKeyboardLayout

kernel32

GetACP
Sleep
VirtualFree
VirtualAlloc
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
CompareStringA
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
lstrcpyA
WriteFile
WaitForSingleObject
VirtualQuery
VirtualAlloc
SizeofResource
SetThreadLocale
SetFilePointer
SetEvent
SetErrorMode
SetEndOfFile
ResetEvent
ReadFile
MulDiv
LockResource
LoadResource
LoadLibraryA
LeaveCriticalSection
InitializeCriticalSection
GlobalFindAtomA
GlobalDeleteAtom
GlobalAddAtomA
GetVersionExA
GetVersion
GetTickCount
GetThreadLocale
GetSystemDirectoryA
GetStdHandle
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLocalTime
GetLastError
GetFullPathNameA
GetFileAttributesA
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentThreadId
GetCurrentProcessId
GetCPInfo
FreeResource
InterlockedExchange
FreeLibrary
FormatMessageA
FindResourceA
EnumCalendarInfoA
EnterCriticalSection
DeleteCriticalSection
CreateThread
CreateFileA
CreateEventA
CompareStringA
CloseHandle
Sleep

gdi32

UnrealizeObject
StretchBlt
SetWindowOrgEx
SetViewportOrgEx
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SelectPalette
SelectObject
SaveDC
RestoreDC
RectVisible
RealizePalette
PatBlt
MoveToEx
MaskBlt
LineTo
IntersectClipRect
GetWindowOrgEx
GetTextMetricsA
GetTextExtentPoint32A
GetSystemPaletteEntries
GetStockObject
GetRgnBox
GetPixel
GetPaletteEntries
GetObjectA
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetDCOrgEx
GetCurrentPositionEx
GetClipBox
GetBrushOrgEx
GetBitmapBits
ExcludeClipRect
DeleteObject
DeleteDC
CreateSolidBrush
CreatePenIndirect
CreatePalette
CreateHalftonePalette
CreateFontIndirectA
CreateDIBitmap
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
BitBlt

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

comctl32

_TrackMouseEvent
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Remove
ImageList_DrawEx
ImageList_Draw
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_Add
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create

instdll

Rk4GetVersion
Rk4IsHaveInstall
IsNeedRestart
InstRockey

Sections

.text
Size: 354KB - Virtual size: 354KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 19KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 52B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
zview3.1/KeyInstall.exe.manifest
.xml
zview3.1/Loadz.bas
zview3.1/Loadz.frm
zview3.1/Renew32.exe
.exe windows:4 windows x86

3ad3d6d4cb75e498fbc73594743dcf9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegQueryValueExA
CloseServiceHandle
StartServiceA
OpenServiceA
CreateServiceA
DeleteService
ControlService
OpenSCManagerA
RegOpenKeyExA

kernel32

GetVersion
GetSystemDirectoryA
GetFileAttributesA
GetCurrentDirectoryA
CopyFileA
Sleep
CreateFileA
DeleteFileA
DeviceIoControl
GetTickCount
lstrcatA
HeapCreate
GetModuleHandleA
CreateMutexA
SetEndOfFile
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
SetFilePointer
ReadFile
LCMapStringW
LCMapStringA
WriteFile
RtlUnwind
GetFileType
FileTimeToDosDateTime
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
GetTempPathA
lstrcpyA
GetModuleFileNameA
lstrlenA
FreeEnvironmentStringsA
GetLastError
CloseHandle
lstrcmpiA
GetVersionExA
lstrcpynA
FindFirstFileA
GetLocaleInfoA
GetLocalTime
GetDateFormatA
HeapFree
HeapAlloc
WideCharToMultiByte
GetStartupInfoA
GetCommandLineA
ExitProcess
GetEnvironmentVariableA
HeapDestroy
FreeEnvironmentStringsW
VirtualFree
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter

user32

MessageBoxA
CharLowerA
DialogBoxParamA
EndDialog
SendDlgItemMessageA
GetWindowRect
SetFocus
PostMessageA
CharUpperA
SetWindowPos
GetDlgItem
SetWindowTextA
wsprintfA
SetClassLongA
LoadIconA
SetDlgItemTextA
GetWindowTextA
LoadStringA
SendMessageA
GetDlgItemTextA
EnableWindow
GetDesktopWindow
GetParent
DlgDirListA
DlgDirSelectExA
GetWindowLongA
ReleaseDC
GetDC
CharUpperBuffA

ibfs32

TMEndSession
TMExtendedStartSession
Get_Version
TMFirst
TMNext
TMStrongAccess
TMGetTypeVersion
TMRom
TMTouchByte
TMSetup

gdi32

SetMapMode
GetTextExtentPoint32A
CreateCompatibleDC
SelectObject
GetMapMode
GetObjectA
DPtoLP
BitBlt
DeleteDC

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

winmm

PlaySoundA

winspool.drv

EnumPortsA

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
zview3.1/UNWISE.EXE
.exe windows:4 windows x86

a4144e266740a198b8470603875ce786

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempFileNameA
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileTime
DeleteFileA
WritePrivateProfileStringA
CopyFileA
WinExec
ExitProcess
OpenFile
SetErrorMode
GetModuleFileNameA
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetOEMCP
GetACP
GetCPInfo
GetLocaleInfoA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
ReadFile
SetFilePointer
WriteFile
_lclose
SetHandleCount
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualProtect
GetCurrentProcess
MultiByteToWideChar
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
WideCharToMultiByte
LCMapStringA
GetStringTypeW
GetStringTypeA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
CreateFileA
GetFileType
SetEndOfFile
CloseHandle
MoveFileA
SetCurrentDirectoryA
SetEnvironmentVariableA
GetFullPathNameA
GetCurrentDirectoryA
HeapFree
HeapAlloc
_lcreat
MoveFileExA
GetTempPathA
GetLocalTime
GetFileAttributesA
HeapSize
FindClose
FindNextFileA
FindFirstFileA
SetFileAttributesA
GetVersionExA
LoadLibraryA
GetProcAddress
lstrcatA
GetDriveTypeA
GetSystemDirectoryA
CreateDirectoryA
FreeLibrary
GetPrivateProfileIntA
GetPrivateProfileStringA
MulDiv
RemoveDirectoryA
lstrcmpA
FindResourceA
SizeofResource
LoadResource
LockResource
FreeResource
GetLastError
FormatMessageA
LocalFree
CreateProcessA
WaitForSingleObject
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
lstrcmpiA
GetWindowsDirectoryA
_lopen
_llseek
TerminateProcess
_lwrite
lstrcpyA
lstrcpynA
lstrlenA
GetStdHandle
_lread

user32

LoadBitmapA
GetMessageA
ExitWindowsEx
SetCursor
IsWindowVisible
SendDlgItemMessageA
PostMessageA
DdeUninitialize
GetWindowTextA
SetRect
LoadIconA
LoadCursorA
IsDialogMessageA
DdeInitializeA
ShowWindow
EnableWindow
GetDlgItem
KillTimer
RegisterClassA
FindWindowA
DialogBoxParamA
SetFocus
EndDialog
DefWindowProcA
GetClientRect
PostQuitMessage
CreateDialogParamA
CreateWindowExA
UpdateWindow
BeginPaint
DrawEdge
EndPaint
LoadStringA
EnumChildWindows
DdeDisconnect
DdeCreateStringHandleA
DdeConnect
DdeGetData
DdeFreeDataHandle
GetDlgItemTextA
SetDlgItemTextA
InvalidateRect
OemToCharA
MessageBoxA
SetWindowTextA
CharNextA
DestroyWindow
GetSysColor
GetDialogBaseUnits
FillRect
DrawIcon
wsprintfA
GetParent
ScreenToClient
MoveWindow
GetWindowRect
SendMessageA
GetDC
ReleaseDC
DdeCreateDataHandle
DdeClientTransaction
SetTimer
PeekMessageA
TranslateMessage
DispatchMessageA

gdi32

PatBlt
BitBlt
CreateFontA
SetBkMode
TextOutA
SetBkColor
SetTextColor
ExtTextOutA
GetStockObject
SelectPalette
RealizePalette
GetObjectA
GetDeviceCaps
CreateFontIndirectA
CreatePen
MoveToEx
LineTo
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
StretchBlt
DeleteObject
DeleteDC
SelectObject
GetTextExtentPointA
CreateBrushIndirect

comdlg32

GetOpenFileNameA

advapi32

RegSetValueExA
RegSetValueA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegEnumKeyExA
DeleteService
ControlService
CloseServiceHandle
OpenServiceA
OpenSCManagerA
RegQueryValueExA
RegDeleteValueA
RegEnumValueA
RegCloseKey

shell32

ShellExecuteA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

Exports

Exports

_ItemDlg@16
_MainWndProc@16
_ProgressDlg@16
_PromptDlg@16
_SharedDlg@16

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
zview3.1/ZView2.chm
.chm
zview3.1/ZView3.exe
.exe windows:4 windows x86

24b431cc0a7248633ef5a50886a51256

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit
GetErrorInfo
SysFreeString

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegFlushKey
RegCreateKeyExA
RegCloseKey

user32

GetKeyboardType
DestroyWindow
LoadStringA
MessageBoxA
CharNextA
CreateWindowExA
WindowFromPoint
WaitMessage
ValidateRect
UpdateWindow
UnregisterClassA
UnionRect
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenu
SystemParametersInfoA
ShowWindow
ShowScrollBar
ShowOwnedPopups
SetWindowsHookExA
SetWindowTextA
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetWindowLongA
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetRect
SetPropA
SetParent
SetMenuItemInfoA
SetMenu
SetKeyboardState
SetForegroundWindow
SetFocus
SetCursor
SetClipboardData
SetClassLongA
SetCaretPos
SetCapture
SetActiveWindow
SendMessageW
SendMessageA
SendDlgItemMessageA
ScrollWindowEx
ScrollWindow
ScreenToClient
RemovePropA
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageA
RegisterClipboardFormatA
RegisterClassA
RedrawWindow
PtInRect
PostQuitMessage
PostMessageA
PeekMessageW
PeekMessageA
OpenClipboard
OffsetRect
OemToCharBuffA
OemToCharA
MsgWaitForMultipleObjects
MessageBoxA
MessageBeep
MapWindowPoints
MapVirtualKeyA
LockWindowUpdate
LoadStringA
LoadKeyboardLayoutA
LoadImageA
LoadIconA
LoadCursorA
LoadBitmapA
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDialogMessageW
IsDialogMessageA
IsChild
IsCharAlphaNumericA
IsCharAlphaA
InvalidateRect
IntersectRect
InsertMenuItemA
InsertMenuA
InflateRect
GetWindowThreadProcessId
GetWindowTextA
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowLongA
GetWindowDC
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropA
GetParent
GetWindow
GetMessageTime
GetMessagePos
GetMenuStringA
GetMenuState
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutNameA
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextA
GetIconInfo
GetForegroundWindow
GetFocus
GetDoubleClickTime
GetDlgItem
GetDialogBaseUnits
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClipboardData
GetClientRect
GetClassNameA
GetClassLongA
GetClassInfoA
GetCaretPos
GetCapture
GetActiveWindow
FrameRect
FindWindowA
FillRect
EqualRect
EnumWindows
EnumThreadWindows
EnumClipboardFormats
EnumChildWindows
EndPaint
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextA
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageW
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DestroyCaret
DeleteMenu
DefWindowProcA
DefMDIChildProcA
DefFrameProcA
CreatePopupMenu
CreateMenu
CreateIcon
CreateCaret
CloseClipboard
ClientToScreen
ChildWindowFromPoint
CheckMenuItem
CallWindowProcA
CallNextHookEx
BeginPaint
AppendMenuA
CharNextA
CharLowerBuffA
CharLowerA
CharUpperBuffA
CharToOemBuffA
CharToOemA
AdjustWindowRectEx
ActivateKeyboardLayout

kernel32

GetACP
Sleep
VirtualFree
VirtualAlloc
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
SetCurrentDirectoryA
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCurrentDirectoryA
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
ExitThread
CreateThread
CompareStringA
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetFileType
CreateFileA
CloseHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
lstrcpyA
lstrcmpA
WritePrivateProfileStringA
WriteFile
WaitForSingleObject
WaitForMultipleObjects
VirtualQuery
VirtualFree
VirtualAlloc
UnmapViewOfFile
Sleep
SizeofResource
SetVolumeLabelA
SetThreadPriority
SetThreadLocale
SetFilePointer
SetEvent
SetErrorMode
SetEndOfFile
SetCurrentDirectoryA
ResumeThread
ResetEvent
ReleaseMutex
ReadFile
QueryPerformanceFrequency
QueryPerformanceCounter
MultiByteToWideChar
MulDiv
MoveFileA
MapViewOfFile
LockResource
LoadResource
LoadLibraryA
LeaveCriticalSection
IsDBCSLeadByte
InitializeCriticalSection
GlobalUnlock
GlobalSize
GlobalMemoryStatus
GlobalLock
GlobalFree
GlobalFindAtomA
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomA
GetVersionExA
GetVersion
GetUserDefaultLCID
GetTickCount
GetThreadLocale
GetTempPathA
GetTempFileNameA
GetStdHandle
GetProfileStringA
GetProcAddress
GetPrivateProfileStringA
GetModuleHandleA
GetModuleFileNameA
GetLogicalDrives
GetLocaleInfoA
GetLocalTime
GetLastError
GetFullPathNameA
GetFileAttributesA
GetExitCodeThread
GetDriveTypeA
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentThreadId
GetCurrentProcessId
GetCPInfo
FreeResource
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
FreeLibrary
FormatMessageA
FlushFileBuffers
FindResourceA
FindNextFileA
FindNextChangeNotification
FindFirstFileA
FindCloseChangeNotification
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
EnumCalendarInfoA
EnterCriticalSection
DeleteFileA
DeleteCriticalSection
CreateThread
CreateProcessA
CreateMutexA
CreateFileMappingA
CreateFileA
CreateEventA
CompareStringA
CloseHandle
Sleep
MulDiv
FindFirstChangeNotificationA

gdi32

UnrealizeObject
StretchBlt
StartPage
StartDocA
SetWindowOrgEx
SetWindowExtEx
SetWinMetaFileBits
SetViewportOrgEx
SetViewportExtEx
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
SetMapMode
SetEnhMetaFileBits
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SetAbortProc
SelectPalette
SelectObject
SelectClipRgn
SaveDC
RestoreDC
Rectangle
RectVisible
RealizePalette
Polyline
Polygon
PolyPolyline
PlayEnhMetaFile
PatBlt
MoveToEx
MaskBlt
LineTo
IntersectClipRect
GetWindowOrgEx
GetWinMetaFileBits
GetTextMetricsA
GetTextExtentPointA
GetTextExtentPoint32A
GetTextColor
GetSystemPaletteEntries
GetStockObject
GetRgnBox
GetPixel
GetPaletteEntries
GetObjectA
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileDescriptionA
GetEnhMetaFileBits
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetDCOrgEx
GetCurrentPositionEx
GetCurrentObject
GetClipRgn
GetClipBox
GetCharWidthA
GetCharABCWidthsA
GetBrushOrgEx
GetBkColor
GetBitmapBits
ExtTextOutA
ExtCreatePen
ExcludeClipRect
EndPage
EndDoc
Ellipse
DeleteObject
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePenIndirect
CreatePalette
CreateICA
CreateHalftonePalette
CreateFontIndirectA
CreateEnhMetaFileA
CreateDIBitmap
CreateDIBSection
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileA
CloseEnhMetaFile
BitBlt

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

ole32

CLSIDFromString
ReleaseStgMedium
RevokeDragDrop
OleUninitialize
OleInitialize
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoInitialize
IsEqualGUID
CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemFree
DoDragDrop
RegisterDragDrop

comctl32

_TrackMouseEvent
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Remove
ImageList_DrawEx
ImageList_Replace
ImageList_Draw
ImageList_SetOverlayImage
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Add
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
InitCommonControls

winspool.drv

OpenPrinterA
EnumPrintersA
DocumentPropertiesA
ClosePrinter

shell32

ShellExecuteA
SHGetFileInfoA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
SHGetDesktopFolder
SHGetInstanceExplorer

comdlg32

PrintDlgA
ChooseFontA
GetSaveFileNameA
GetOpenFileNameA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 29KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 56B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 486KB - Virtual size: 486KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
zview3.1/ib10e32.dll
.dll windows:4 windows x86

1bb63a7f28a6e991d7662f94944c7af3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
GetCurrentProcessId
GetVersion
GetLastError
OpenSemaphoreA
GetCurrentThread
CreateFileA
CreateSemaphoreA
FreeLibrary
WaitForSingleObject
SetThreadPriority
SleepEx
ReleaseMutex
GetThreadPriority
OpenMutexA
CreateMutexA
LoadLibraryA
GetProcAddress
ReadFile
DeviceIoControl
WriteFile
GetTickCount
QueryPerformanceFrequency
QueryPerformanceCounter
LocalAlloc
ReleaseSemaphore
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
InitializeCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
Sleep
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
HeapFree
FlushFileBuffers
WideCharToMultiByte
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
SetFilePointer
InterlockedDecrement
InterlockedIncrement
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
SetStdHandle
GetCPInfo
GetACP
GetOEMCP
SetEndOfFile
RtlUnwind
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
SetEnvironmentVariableA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl
OpenSCManagerA
OpenServiceA
CloseServiceHandle
CreateServiceA
RegOpenKeyExA
StartServiceA
RegCloseKey
RegQueryValueExA

Exports

Exports

TMBlockStream
TMClose
TMEndSession
TMExtendedStartSession
TMGetAdapterSpec
TMGetVersion
TMOneWireCom
TMOneWireLevel
TMPortSetup
TMSetup
TMTouchBit
TMTouchByte
TMTouchReset
TMValidSession

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SHAREDAT
Size: 4KB - Virtual size: 338B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zview3.1/ib97e32.dll
.dll windows:4 windows x86

4f831390ddb60eaf908103bcc4e2ba63

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCommMask
SetCommState
GetCommState
GetLastError
GetOverlappedResult
WaitForSingleObject
WriteFile
ResetEvent
ClearCommError
ReadFile
ClearCommBreak
Sleep
SetCommBreak
CreateFileA
CreateEventA
OpenProcess
QueryPerformanceCounter
GetTickCount
QueryPerformanceFrequency
GetVersionExA
ReleaseMutex
SetThreadPriority
GetThreadPriority
GetCurrentThread
OpenMutexA
CreateMutexA
LocalAlloc
SetupComm
PurgeComm
SetCommTimeouts
DuplicateHandle
GetCurrentProcessId
GetStartupInfoA
GetEnvironmentStringsW
GetEnvironmentStrings
EnterCriticalSection
LeaveCriticalSection
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
InitializeCriticalSection
SetHandleCount
GetStdHandle
GetFileType
CloseHandle
DeleteCriticalSection
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
HeapFree
FlushFileBuffers
WideCharToMultiByte
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
SetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
SetFilePointer
InterlockedDecrement
InterlockedIncrement
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
SetStdHandle
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile
RtlUnwind
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW

user32

wsprintfA

advapi32

SetSecurityDescriptorDacl
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
InitializeSecurityDescriptor

Exports

Exports

BreakCOM
CloseCOM
DSRHigh
FlushCOM
FreeCOM
OpenCOM
PowerCOM
RTSCOM
ReadCOM
SetupCOM
TMBlockStream
TMClose
TMEndSession
TMExtendedStartSession
TMGetAdapterSpec
TMGetVersion
TMLine
TMOneWireCom
TMOneWireLevel
TMPortSetup
TMProgramPulse
TMSetup
TMTouchBit
TMTouchByte
TMTouchReset
TMValidSession
WriteCOM

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SHAREDAT
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zview3.1/ibfs32.dll
.dll windows:4 windows x86

4bad15bd39073f7ed6fe543292a6bb4b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
FreeLibrary
Sleep
GetProcAddress
LoadLibraryA
GetStringTypeA
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
InitializeCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
HeapFree
GetLastError
CloseHandle
FlushFileBuffers
WriteFile
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetTickCount
GetStringTypeW
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
CreateFileA
SetFilePointer
VirtualAlloc
HeapReAlloc
SetStdHandle
GetCPInfo
RtlUnwind
GetACP
GetOEMCP
SetEndOfFile
ReadFile
CompareStringA
CompareStringW
SetEnvironmentVariableA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

Exports

Exports

Get_Version
TMAccess
TMAttribute
TMAutoOverDrive
TMBlockIO
TMBlockStream
TMCRC
TMChangeDirectory
TMClose
TMCloseFile
TMCreateFile
TMCreateProgramJob
TMDeleteFile
TMDirectoryMR
TMDoProgramJob
TMEndSession
TMExtendedReadPage
TMExtendedStartSession
TMFamilySearchSetup
TMFirst
TMFirstAlarm
TMFirstFile
TMFormat
TMGetAdapterSpec
TMGetFamilySpec
TMGetTypeVersion
TMLine
TMNext
TMNextAlarm
TMNextFile
TMOneWireCom
TMOneWireLevel
TMOpenFile
TMOverAccess
TMPortSetup
TMProgramBlock
TMProgramByte
TMProgramPulse
TMReNameFile
TMReadDefaultPort
TMReadFile
TMReadPacket
TMRom
TMSearch
TMSearchState
TMSetup
TMSkipFamily
TMStartSession
TMStrongAccess
TMStrongAlarmAccess
TMTerminateAddFile
TMTouchBit
TMTouchByte
TMTouchReset
TMValidSession
TMWriteAddFile
TMWriteFile
TMWritePacket
_GetFamilySpec@12

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zview3.1/zview2.ini

Sharing

General

Malware Config

Signatures

Files

7abfb47628bc58d292771d2c0c497006

Headers

File Characteristics

Imports

user32

gdi32

comdlg32

kernel32

Sections

.text Size: 456KB - Virtual size: 452KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 56KB - Virtual size: 1.2MB

.tls Size: 4KB - Virtual size: 72B

8a6283336311c56e2e35a93b82280c45

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

setupapi

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 78KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 16KB - Virtual size: 21KB

.rsrc Size: 296KB - Virtual size: 292KB

.reloc Size: 8KB - Virtual size: 7KB

bbe93bd473bd0b26e5d2ae23e8904b88

Headers

File Characteristics

Imports

advapi32

kernel32

ibfs32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 20KB - Virtual size: 18KB

.rsrc Size: 4KB - Virtual size: 904B

.reloc Size: 4KB - Virtual size: 2KB

006c77cfc4370c1677fd7ccd17c223ae

Headers

File Characteristics

Imports

oleaut32

advapi32

user32

kernel32

gdi32

version

comctl32

instdll

Sections

.text Size: 354KB - Virtual size: 354KB

.itext Size: 2KB - Virtual size: 1KB

.data Size: 7KB - Virtual size: 6KB

.bss Size: - Virtual size: 19KB

.idata Size: 9KB - Virtual size: 9KB

.tls Size: - Virtual size: 52B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 24KB - Virtual size: 24KB

.rsrc Size: 15KB - Virtual size: 15KB

3ad3d6d4cb75e498fbc73594743dcf9b

Headers

File Characteristics

Imports

advapi32

kernel32

user32

ibfs32

.text
Size: 456KB - Virtual size: 452KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 56KB - Virtual size: 1.2MB

.tls
Size: 4KB - Virtual size: 72B

.text
Size: 80KB - Virtual size: 78KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 296KB - Virtual size: 292KB

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 20KB - Virtual size: 18KB

.rsrc
Size: 4KB - Virtual size: 904B

.reloc
Size: 4KB - Virtual size: 2KB

.text
Size: 354KB - Virtual size: 354KB

.itext
Size: 2KB - Virtual size: 1KB

.data
Size: 7KB - Virtual size: 6KB

.bss
Size: - Virtual size: 19KB

.idata
Size: 9KB - Virtual size: 9KB

.tls
Size: - Virtual size: 52B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 24KB - Virtual size: 24KB

.rsrc
Size: 15KB - Virtual size: 15KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 24KB - Virtual size: 28KB

.rsrc
Size: 8KB - Virtual size: 7KB

.text
Size: 71KB - Virtual size: 70KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 62KB - Virtual size: 61KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.itext
Size: 4KB - Virtual size: 3KB

.data
Size: 28KB - Virtual size: 28KB

.bss
Size: - Virtual size: 29KB

.idata
Size: 14KB - Virtual size: 14KB

.tls
Size: - Virtual size: 56B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 78KB - Virtual size: 78KB

.rsrc
Size: 486KB - Virtual size: 486KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 19KB

SHAREDAT
Size: 4KB - Virtual size: 338B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 4KB