202090b12c74d8ed6a32e3dfbbea87790ac1244aafc2bf5d4aa007cf30af449d

Sharing

Copy URL Twitter E-mail

General

Target

202090b12c74d8ed6a32e3dfbbea87790ac1244aafc2bf5d4aa007cf30af449d
Size

2.1MB
MD5

bf97750bedf222022a27f40c44bb279f
SHA1

f40e79ffba5684795a68a682af83feee26edb7eb
SHA256

202090b12c74d8ed6a32e3dfbbea87790ac1244aafc2bf5d4aa007cf30af449d
SHA512

48f8c4a5f18a4ca59f893c7542f6d6b20977860e5f1e35aa1cd65700cdeaee5ef3517c76b11ba359205fdd7390ca5e832fc68296138531f5a80a8accdff74dde
SSDEEP

24576:1H+feKHx59wJkEVCelM0yUOp9FGVc1qy10yUOCVc1UDKMURvnJ85SWoz16sJnhW0:1HIv5uvK0IDFGfIap9MKUWa7w5l5MV

Score

8^/10

macro

Malware Config

Signatures

Suspicious Office macro 1 IoCs

Office document equipped with macros.

macro

resource
static1/unpack001/Modscan32/Book1.xls

Unsigned PE 12 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Modscan32/ModScan32.exe
unpack001/Modscan32/Modsim32/ModSim32.exe
unpack001/Modscan32/Modsim32/Modbusl.dll
unpack001/Modscan32/Modsim32/Ӣİļ/ModSim32.exe
unpack001/Modscan32/Modsim32/Ӣİļ/Modbusl.dll
unpack001/Modscan32/Modsim32/ļ/ModSim32.exe
unpack001/Modscan32/Modsim32/ļ/Modbusl.dll
unpack001/Modscan32/modbusm.dll
unpack001/Modscan32/Ӣİļ/ModScan32.exe
unpack001/Modscan32/Ӣİļ/modbusm.dll
unpack001/Modscan32/ļ/ModScan32.exe
unpack001/Modscan32/ļ/modbusm.dll

Files

202090b12c74d8ed6a32e3dfbbea87790ac1244aafc2bf5d4aa007cf30af449d
.zip
Modscan32/Book1.xls
.xls windows office2003

ThisWorkbook

Sheet1

Sheet2

Sheet3

Module1
Modscan32/Custom1
Modscan32/Custom2
Modscan32/MSSCCPRJ.SCC
Modscan32/ModScan32.chm
.chm
Modscan32/ModScan32.cnt
Modscan32/ModScan32.exe
.exe windows:5 windows x86

a80eba97c84c67d5647e6da0cafcc1b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

modbusm

_AbortTheCall@4
_DialCall@8
_HookRspNotification@16
_CloseConnection@4
_ConnectRTU@12
_NumberOfLineDevices@0
_ConnectTelNet@12
_ConnectTCP2@12
_ConnectTCP@8
_ConnectASCII@12
_ConnectDanielsRTU@12
_ConnectDanielsASCII@12
_MODBUSResponse@16
_ReadTransparentResponse@16
_ReadDebugData@16
_WriteTransparentString@12
_PollMODBUS@8
_GetLineDeviceName@12
_SetPollDelay@4
_GetCallState@8
_GetPollDelay@0
_WriteMODBUS@12

wsock32

gethostbyname
WSACleanup
WSAStartup
ioctlsocket

kernel32

GetPrivateProfileStringA
GetCurrentDirectoryA
RtlUnwind
SetEnvironmentVariableA
SetCurrentDirectoryA
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
GetCommandLineA
GetStartupInfoA
RaiseException
VirtualProtect
VirtualAlloc
WritePrivateProfileStringA
VirtualQuery
HeapReAlloc
Sleep
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
VirtualFree
HeapCreate
GetStdHandle
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
GetPrivateProfileIntA
GetFileSizeEx
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SetErrorMode
SystemTimeToFileTime
FileTimeToSystemTime
GetModuleHandleW
GetOEMCP
GetCPInfo
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetDiskFreeSpaceA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetTickCount
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
InterlockedIncrement
CreateFileA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
CloseHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
GetThreadLocale
GetStringTypeExA
DeleteFileA
MoveFileA
lstrcmpA
GetCurrentProcessId
GetModuleFileNameA
InterlockedDecrement
GetModuleFileNameW
FormatMessageA
LocalFree
MulDiv
lstrlenA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
CompareStringA
LoadLibraryA
GetLastError
SetLastError
MultiByteToWideChar
lstrcmpW
GetVersionExA
FreeResource
GetModuleHandleA
GetProcAddress
GetCurrentProcess
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetSystemInfo

user32

DeleteMenu
GetSystemMenu
WindowFromPoint
TranslateMessage
GetMessageA
WaitMessage
PostQuitMessage
ValidateRect
ShowOwnedPopups
RegisterClipboardFormatA
GetMenuItemInfoA
GetSysColorBrush
UnregisterClassA
DrawIcon
SetWindowRgn
GetDCEx
LockWindowUpdate
DestroyIcon
PostThreadMessageA
CopyAcceleratorTableA
CreateMenu
GetTabbedTextExtentA
DestroyMenu
SetCursor
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
RedrawWindow
TranslateAcceleratorA
TranslateMDISysAccel
BringWindowToTop
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
IsRectEmpty
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
GetScrollRange
GetScrollPos
SetForegroundWindow
ShowScrollBar
PostMessageA
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetSystemMetrics
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
ClientToScreen
IsZoomed
IsIconic
UpdateWindow
GetWindowRect
LoadBitmapA
ReleaseCapture
SetCapture
IsWindowVisible
InvalidateRect
KillTimer
SetTimer
SetParent
CharUpperA
SetRect
GetCursorPos
LoadCursorA
DestroyCursor
SetCursorPos
InflateRect
UnpackDDElParam
ReuseDDElParam
CallNextHookEx
LoadMenuA
SetScrollRange
SetScrollPos
GetClientRect
LoadImageA
ReleaseDC
GetDC
SendMessageA
EnableWindow
UnhookWindowsHookEx

gdi32

CreateDCA
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
DeleteObject
DeleteDC
CreateBitmap
GetStockObject
GetClipBox
CreateCompatibleBitmap
PatBlt
DPtoLP
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetCharWidthA
CreateFontA
StretchDIBits
GetBkColor
GetViewportOrgEx
CreateRectRgnIndirect
SetRectRgn
CombineRgn
CreateEllipticRgn
LPtoDP
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetTextAlign
GetTextFaceA
GetTextExtentPointA
GetWindowOrgEx
SetBkColor
CreatePatternBrush
SetTextColor
BitBlt
GetTextExtentPoint32A
StretchBlt
Ellipse
CreateCompatibleDC
GetObjectA
CreateHatchBrush
CreatePen
GetTextMetricsA
Rectangle
GetDeviceCaps
CreateSolidBrush
CreateFontIndirectA
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SelectClipRgn

comdlg32

ChooseFontA
GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
GetJobA
DocumentPropertiesA

advapi32

RegCreateKeyA
GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegSetValueA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegDeleteValueA

shell32

DragFinish
SHGetFileInfoA
ExtractIconA
DragQueryFileA

shlwapi

PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA
PathFindFileNameA

oledlg

ord8

ole32

CoTaskMemFree
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoDisconnectObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoRevokeClassObject
CoRegisterClassObject
CoInitializeEx
CoCreateInstance
CoUninitialize
CoTaskMemAlloc
StringFromCLSID

oleaut32

VariantClear
LoadTypeLi
SysAllocString
VariantCopy
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType

Sections

.text
Size: 515KB - Virtual size: 515KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Modscan32/ModScan32.tlb
Modscan32/ModScan32Ex.vbp
Modscan32/ModScan32Ex.vbw
Modscan32/ModScanİ.lpu
Modscan32/Modsim32/MODSIM32.GID
Modscan32/Modsim32/MODSIM32.HLP
Modscan32/Modsim32/ModSim32.cnt
Modscan32/Modsim32/ModSim32.exe
.exe windows:4 windows x86

64204a71c1a1016ac34a385cafe33584

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

modbusl

_CloseConnection@4
_DefineDataBlock@20
_RemoveDataBlock@4
_ActivateSlaveId@8
_ReadDebugData@16
_OpenConnection@20
_SetProtocolOptions@8
_SlaveStatus@16
_SetTCPServicePort@4
_OpenTCPConnection@8
_EnableBufferCallback@4

wsock32

WSACleanup
WSAStartup

kernel32

GetCurrentDirectoryA
WritePrivateProfileStringA
RtlUnwind
GetPrivateProfileStringA
SetCurrentDirectoryA
GetCommandLineA
SetEnvironmentVariableA
RaiseException
HeapAlloc
HeapFree
GetStartupInfoA
GetTimeZoneInformation
ExitProcess
GetLocalTime
GetACP
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetSystemTime
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
SystemTimeToFileTime
SetErrorMode
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
lstrcatA
lstrcpynA
GlobalGetAtomNameA
GlobalAddAtomA
GetVersion
lstrcpyA
lstrlenA
GetPrivateProfileIntA
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
GetProfileStringA
SizeofResource
LocalFileTimeToFileTime
GetFileSize
TlsGetValue
GetOEMCP
GetCPInfo
EnterCriticalSection
LocalReAlloc
TlsSetValue
TlsFree
GlobalReAlloc
LeaveCriticalSection
TlsAlloc
GlobalHandle
DeleteCriticalSection
GlobalFlags
InitializeCriticalSection
LocalAlloc
FileTimeToSystemTime
GetProcessVersion
FileTimeToLocalFileTime
GetFileTime
lstrlenW
GetDiskFreeSpaceA
GetFileAttributesA
SetFileTime
GetTempFileNameA
MulDiv
GetTickCount
GetCurrentThread
SetLastError
lstrcmpA
InterlockedIncrement
LocalFree
WideCharToMultiByte
GetThreadLocale
GetModuleFileNameA
GetShortPathNameA
GetVolumeInformationA
GetStringTypeExA
GetFullPathNameA
MultiByteToWideChar
FindFirstFileA
FindClose
SetEndOfFile
DeleteFileA
MoveFileA
CloseHandle
UnlockFile
LockFile
WriteFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
ReadFile
CreateFileA
InterlockedDecrement
DuplicateHandle
GetLastError
FindResourceA
LoadLibraryA
FreeLibrary
GetCurrentThreadId
LoadResource
LockResource
VirtualFree
lstrcmpiA
SetUnhandledExceptionFilter
HeapSize
SetHandleCount

user32

GrayStringA
SetRect
GetSysColorBrush
GetClassNameA
LoadStringA
DrawTextA
InsertMenuA
DeleteMenu
GetMenuStringA
DestroyIcon
PostThreadMessageA
InflateRect
GetDCEx
LockWindowUpdate
SetParent
MapWindowPoints
GetSysColor
DispatchMessageA
ScreenToClient
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
SetScrollRange
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
RegisterClassA
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
DestroyWindow
SetWindowsHookExA
CallNextHookEx
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
BeginPaint
GetWindowThreadProcessId
WindowFromPoint
GetWindowPlacement
GetSystemMetrics
EndPaint
TabbedTextOutA
IsIconic
GetFocus
EqualRect
CopyRect
GetDlgItem
GetKeyState
GetDlgCtrlID
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
LoadIconA
GetClassInfoA
LoadMenuA
DestroyMenu
SetFocus
ShowWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
SetRectEmpty
RegisterWindowMessageA
GetActiveWindow
wsprintfA
GetParent
GetMenuItemID
AdjustWindowRectEx
RedrawWindow
SetWindowPos
GetClientRect
GetWindowLongA
SetWindowLongA
IsWindow
DefMDIChildProcA
DrawMenuBar
TranslateAcceleratorA
TranslateMDISysAccel
ValidateRect
ShowOwnedPopups
PostQuitMessage
CharUpperA
IsZoomed
PtInRect
GetMessageA
TranslateMessage
ClientToScreen
DefFrameProcA
CreateWindowExA
BringWindowToTop
GetMenu
GetMenuItemCount
GetSubMenu
KillTimer
ReleaseDC
GetDC
UpdateWindow
GetWindowRect
LoadBitmapA
InvalidateRect
PostMessageA
SetTimer
GetWindowDC
RegisterClipboardFormatA
GetLastActivePopup
IsWindowVisible
OffsetRect
GetCursorPos
SendMessageA
EnableWindow
WaitMessage
SetCapture
LoadCursorA
wvsprintfA
EndDialog
CreateDialogIndirectParamA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
IntersectRect
SystemParametersInfoA
GetClassLongA
SendDlgItemMessageA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
CharNextA
IsWindowUnicode

gdi32

CreateDIBitmap
CreateBitmap
GetObjectA
SetBkColor
GetTextExtentPointA
SetTextColor
BitBlt
GetTextMetricsA
GetTextExtentPoint32A
Rectangle
GetDeviceCaps
GetClipBox
StretchDIBits
DeleteObject
CreateCompatibleBitmap
StartDocA
SaveDC
GetStockObject
RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
DeleteDC
SetViewportExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SelectClipRgn
SetWindowExtEx
IntersectClipRect
ExcludeClipRect
LineTo
MoveToEx
CreateRectRgn
CreateSolidBrush
PtVisible
CreatePatternBrush
TextOutA
ExtTextOutA
RectVisible
AbortDoc
EndDoc
Escape
StartPage
DPtoLP
EndPage
CreateDCA
CreateFontIndirectA
SetAbortProc
PatBlt
SetRectRgn
CreateRectRgnIndirect
CombineRgn
SelectObject
CreateCompatibleDC

comdlg32

GetOpenFileNameA
GetSaveFileNameA
PrintDlgA
CommDlgExtendedError
GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegCreateKeyExA
RegCreateKeyA
RegSetValueA
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
RegOpenKeyA
GetFileSecurityA
SetFileSecurityA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegQueryValueExA

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
ExtractIconA

comctl32

ord17

oledlg

ord8

ole32

StringFromCLSID
CoTaskMemFree
CoDisconnectObject
CoRegisterMessageFilter
CoRegisterClassObject
CoTaskMemAlloc
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleUninitialize
CoFreeUnusedLibraries
OleInitialize

oleaut32

SysStringByteLen
SysFreeString
VariantCopy
VariantClear
VariantChangeType
SysAllocStringLen
SysAllocString
SysStringLen
SysAllocStringByteLen
LoadTypeLi

Sections

.text
Size: 244KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Modscan32/Modsim32/ModSim32.ini
Modscan32/Modsim32/ModSim32.tlb
Modscan32/Modsim32/ModSimEx.frm
.vbs
Modscan32/Modsim32/ModSimEx.vbp
Modscan32/Modsim32/ModSimEx.vbw
Modscan32/Modsim32/Modbusl.dll
.dll windows:4 windows x86

417ae692bd5b9d78145c55b54a6f517c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GlobalAlloc
CreateThread
GlobalFree
GlobalUnlock
GetTickCount
CloseHandle
SetCommState
GetCommState
PurgeComm
ClearCommError
GetOverlappedResult
GetLastError
WriteFile
Sleep
EscapeCommFunction
SetCommTimeouts
CreateEventA
SetupComm
CreateFileA
SetCommMask
ReadFile
WaitCommEvent
GetModuleFileNameA
FreeEnvironmentStringsA
SetHandleCount
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
RtlUnwind
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GlobalLock
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetOEMCP
GetVersionExA
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapCreate
VirtualFree
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
EnterCriticalSection
HeapDestroy
LeaveCriticalSection
HeapFree
InitializeCriticalSection
GetCPInfo
HeapAlloc
GetACP

user32

DispatchMessageA
UnregisterClassA
KillTimer
wsprintfA
DestroyWindow
DefWindowProcA
SetTimer
RegisterClassA
CreateWindowExA
UpdateWindow
GetMessageA
TranslateMessage
PostMessageA

wsock32

accept
WSACleanup
WSAStartup
recv
ntohs
send
socket
htons
bind
closesocket
listen
WSAAsyncSelect

Exports

Exports

_ActivateSlaveId@8
_CloseConnection@4
_DLL_Revision@0
_DefineDataBlock@20
_EnableBufferCallback@4
_EnableCallback@4
_EnableDoWriteNotification@16
_InitializeWSock@0
_MBAPWndProc@16
_OpenConnection@20
_OpenTCPConnection@8
_ReadDebugData@16
_RemoveDataBlock@4
_SetProtocolOptions@8
_SetTCPServicePort@4
_SlaveStatus@16
_UnInitializeWSock@0

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Modscan32/Modsim32/Modsim.lpu
Modscan32/Modsim32/WS_FTP.LOG
Modscan32/Modsim32/modsim32.cfg
Modscan32/Modsim32/ms32comm.cfg
Modscan32/Modsim32/Ӣİļ/ModSim32.exe
.exe windows:4 windows x86

64204a71c1a1016ac34a385cafe33584

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

modbusl

_CloseConnection@4
_DefineDataBlock@20
_RemoveDataBlock@4
_ActivateSlaveId@8
_ReadDebugData@16
_OpenConnection@20
_SetProtocolOptions@8
_SlaveStatus@16
_SetTCPServicePort@4
_OpenTCPConnection@8
_EnableBufferCallback@4

wsock32

WSACleanup
WSAStartup

kernel32

GetCurrentDirectoryA
WritePrivateProfileStringA
RtlUnwind
GetPrivateProfileStringA
SetCurrentDirectoryA
GetCommandLineA
SetEnvironmentVariableA
RaiseException
HeapAlloc
HeapFree
GetStartupInfoA
GetTimeZoneInformation
ExitProcess
GetLocalTime
GetACP
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetSystemTime
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
SystemTimeToFileTime
SetErrorMode
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
lstrcatA
lstrcpynA
GlobalGetAtomNameA
GlobalAddAtomA
GetVersion
lstrcpyA
lstrlenA
GetPrivateProfileIntA
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
GetProfileStringA
SizeofResource
LocalFileTimeToFileTime
GetFileSize
TlsGetValue
GetOEMCP
GetCPInfo
EnterCriticalSection
LocalReAlloc
TlsSetValue
TlsFree
GlobalReAlloc
LeaveCriticalSection
TlsAlloc
GlobalHandle
DeleteCriticalSection
GlobalFlags
InitializeCriticalSection
LocalAlloc
FileTimeToSystemTime
GetProcessVersion
FileTimeToLocalFileTime
GetFileTime
lstrlenW
GetDiskFreeSpaceA
GetFileAttributesA
SetFileTime
GetTempFileNameA
MulDiv
GetTickCount
GetCurrentThread
SetLastError
lstrcmpA
InterlockedIncrement
LocalFree
WideCharToMultiByte
GetThreadLocale
GetModuleFileNameA
GetShortPathNameA
GetVolumeInformationA
GetStringTypeExA
GetFullPathNameA
MultiByteToWideChar
FindFirstFileA
FindClose
SetEndOfFile
DeleteFileA
MoveFileA
CloseHandle
UnlockFile
LockFile
WriteFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
ReadFile
CreateFileA
InterlockedDecrement
DuplicateHandle
GetLastError
FindResourceA
LoadLibraryA
FreeLibrary
GetCurrentThreadId
LoadResource
LockResource
VirtualFree
lstrcmpiA
SetUnhandledExceptionFilter
HeapSize
SetHandleCount

user32

GrayStringA
SetRect
GetSysColorBrush
GetClassNameA
LoadStringA
DrawTextA
InsertMenuA
DeleteMenu
GetMenuStringA
DestroyIcon
PostThreadMessageA
InflateRect
GetDCEx
LockWindowUpdate
SetParent
MapWindowPoints
GetSysColor
DispatchMessageA
ScreenToClient
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
SetScrollRange
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
RegisterClassA
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
DestroyWindow
SetWindowsHookExA
CallNextHookEx
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
BeginPaint
GetWindowThreadProcessId
WindowFromPoint
GetWindowPlacement
GetSystemMetrics
EndPaint
TabbedTextOutA
IsIconic
GetFocus
EqualRect
CopyRect
GetDlgItem
GetKeyState
GetDlgCtrlID
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
LoadIconA
GetClassInfoA
LoadMenuA
DestroyMenu
SetFocus
ShowWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
SetRectEmpty
RegisterWindowMessageA
GetActiveWindow
wsprintfA
GetParent
GetMenuItemID
AdjustWindowRectEx
RedrawWindow
SetWindowPos
GetClientRect
GetWindowLongA
SetWindowLongA
IsWindow
DefMDIChildProcA
DrawMenuBar
TranslateAcceleratorA
TranslateMDISysAccel
ValidateRect
ShowOwnedPopups
PostQuitMessage
CharUpperA
IsZoomed
PtInRect
GetMessageA
TranslateMessage
ClientToScreen
DefFrameProcA
CreateWindowExA
BringWindowToTop
GetMenu
GetMenuItemCount
GetSubMenu
KillTimer
ReleaseDC
GetDC
UpdateWindow
GetWindowRect
LoadBitmapA
InvalidateRect
PostMessageA
SetTimer
GetWindowDC
RegisterClipboardFormatA
GetLastActivePopup
IsWindowVisible
OffsetRect
GetCursorPos
SendMessageA
EnableWindow
WaitMessage
SetCapture
LoadCursorA
wvsprintfA
EndDialog
CreateDialogIndirectParamA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
IntersectRect
SystemParametersInfoA
GetClassLongA
SendDlgItemMessageA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
CharNextA
IsWindowUnicode

gdi32

CreateDIBitmap
CreateBitmap
GetObjectA
SetBkColor
GetTextExtentPointA
SetTextColor
BitBlt
GetTextMetricsA
GetTextExtentPoint32A
Rectangle
GetDeviceCaps
GetClipBox
StretchDIBits
DeleteObject
CreateCompatibleBitmap
StartDocA
SaveDC
GetStockObject
RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
DeleteDC
SetViewportExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SelectClipRgn
SetWindowExtEx
IntersectClipRect
ExcludeClipRect
LineTo
MoveToEx
CreateRectRgn
CreateSolidBrush
PtVisible
CreatePatternBrush
TextOutA
ExtTextOutA
RectVisible
AbortDoc
EndDoc
Escape
StartPage
DPtoLP
EndPage
CreateDCA
CreateFontIndirectA
SetAbortProc
PatBlt
SetRectRgn
CreateRectRgnIndirect
CombineRgn
SelectObject
CreateCompatibleDC

comdlg32

GetOpenFileNameA
GetSaveFileNameA
PrintDlgA
CommDlgExtendedError
GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegCreateKeyExA
RegCreateKeyA
RegSetValueA
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
RegOpenKeyA
GetFileSecurityA
SetFileSecurityA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegQueryValueExA

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
ExtractIconA

comctl32

ord17

oledlg

ord8

ole32

StringFromCLSID
CoTaskMemFree
CoDisconnectObject
CoRegisterMessageFilter
CoRegisterClassObject
CoTaskMemAlloc
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleUninitialize
CoFreeUnusedLibraries
OleInitialize

oleaut32

SysStringByteLen
SysFreeString
VariantCopy
VariantClear
VariantChangeType
SysAllocStringLen
SysAllocString
SysStringLen
SysAllocStringByteLen
LoadTypeLi

Sections

.text
Size: 244KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Modscan32/Modsim32/Ӣİļ/ModSimEx.frm
.vbs
Modscan32/Modsim32/Ӣİļ/Modbusl.dll
.dll windows:4 windows x86

417ae692bd5b9d78145c55b54a6f517c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GlobalAlloc
CreateThread
GlobalFree
GlobalUnlock
GetTickCount
CloseHandle
SetCommState
GetCommState
PurgeComm
ClearCommError
GetOverlappedResult
GetLastError
WriteFile
Sleep
EscapeCommFunction
SetCommTimeouts
CreateEventA
SetupComm
CreateFileA
SetCommMask
ReadFile
WaitCommEvent
GetModuleFileNameA
FreeEnvironmentStringsA
SetHandleCount
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
RtlUnwind
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GlobalLock
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetOEMCP
GetVersionExA
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapCreate
VirtualFree
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
EnterCriticalSection
HeapDestroy
LeaveCriticalSection
HeapFree
InitializeCriticalSection
GetCPInfo
HeapAlloc
GetACP

user32

DispatchMessageA
UnregisterClassA
KillTimer
wsprintfA
DestroyWindow
DefWindowProcA
SetTimer
RegisterClassA
CreateWindowExA
UpdateWindow
GetMessageA
TranslateMessage
PostMessageA

wsock32

accept
WSACleanup
WSAStartup
recv
ntohs
send
socket
htons
bind
closesocket
listen
WSAAsyncSelect

Exports

Exports

_ActivateSlaveId@8
_CloseConnection@4
_DLL_Revision@0
_DefineDataBlock@20
_EnableBufferCallback@4
_EnableCallback@4
_EnableDoWriteNotification@16
_InitializeWSock@0
_MBAPWndProc@16
_OpenConnection@20
_OpenTCPConnection@8
_ReadDebugData@16
_RemoveDataBlock@4
_SetProtocolOptions@8
_SetTCPServicePort@4
_SlaveStatus@16
_UnInitializeWSock@0

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Modscan32/Modsim32/ע.TXT
Modscan32/Modsim32/ļ/ModSim32.exe
.exe windows:4 windows x86

64204a71c1a1016ac34a385cafe33584

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

modbusl

_CloseConnection@4
_DefineDataBlock@20
_RemoveDataBlock@4
_ActivateSlaveId@8
_ReadDebugData@16
_OpenConnection@20
_SetProtocolOptions@8
_SlaveStatus@16
_SetTCPServicePort@4
_OpenTCPConnection@8
_EnableBufferCallback@4

wsock32

WSACleanup
WSAStartup

kernel32

GetCurrentDirectoryA
WritePrivateProfileStringA
RtlUnwind
GetPrivateProfileStringA
SetCurrentDirectoryA
GetCommandLineA
SetEnvironmentVariableA
RaiseException
HeapAlloc
HeapFree
GetStartupInfoA
GetTimeZoneInformation
ExitProcess
GetLocalTime
GetACP
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetSystemTime
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
SystemTimeToFileTime
SetErrorMode
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
lstrcatA
lstrcpynA
GlobalGetAtomNameA
GlobalAddAtomA
GetVersion
lstrcpyA
lstrlenA
GetPrivateProfileIntA
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
GetProfileStringA
SizeofResource
LocalFileTimeToFileTime
GetFileSize
TlsGetValue
GetOEMCP
GetCPInfo
EnterCriticalSection
LocalReAlloc
TlsSetValue
TlsFree
GlobalReAlloc
LeaveCriticalSection
TlsAlloc
GlobalHandle
DeleteCriticalSection
GlobalFlags
InitializeCriticalSection
LocalAlloc
FileTimeToSystemTime
GetProcessVersion
FileTimeToLocalFileTime
GetFileTime
lstrlenW
GetDiskFreeSpaceA
GetFileAttributesA
SetFileTime
GetTempFileNameA
MulDiv
GetTickCount
GetCurrentThread
SetLastError
lstrcmpA
InterlockedIncrement
LocalFree
WideCharToMultiByte
GetThreadLocale
GetModuleFileNameA
GetShortPathNameA
GetVolumeInformationA
GetStringTypeExA
GetFullPathNameA
MultiByteToWideChar
FindFirstFileA
FindClose
SetEndOfFile
DeleteFileA
MoveFileA
CloseHandle
UnlockFile
LockFile
WriteFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
ReadFile
CreateFileA
InterlockedDecrement
DuplicateHandle
GetLastError
FindResourceA
LoadLibraryA
FreeLibrary
GetCurrentThreadId
LoadResource
LockResource
VirtualFree
lstrcmpiA
SetUnhandledExceptionFilter
HeapSize
SetHandleCount

user32

GrayStringA
SetRect
GetSysColorBrush
GetClassNameA
LoadStringA
DrawTextA
InsertMenuA
DeleteMenu
GetMenuStringA
DestroyIcon
PostThreadMessageA
InflateRect
GetDCEx
LockWindowUpdate
SetParent
MapWindowPoints
GetSysColor
DispatchMessageA
ScreenToClient
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
SetScrollRange
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
RegisterClassA
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
DestroyWindow
SetWindowsHookExA
CallNextHookEx
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
BeginPaint
GetWindowThreadProcessId
WindowFromPoint
GetWindowPlacement
GetSystemMetrics
EndPaint
TabbedTextOutA
IsIconic
GetFocus
EqualRect
CopyRect
GetDlgItem
GetKeyState
GetDlgCtrlID
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
LoadIconA
GetClassInfoA
LoadMenuA
DestroyMenu
SetFocus
ShowWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
SetRectEmpty
RegisterWindowMessageA
GetActiveWindow
wsprintfA
GetParent
GetMenuItemID
AdjustWindowRectEx
RedrawWindow
SetWindowPos
GetClientRect
GetWindowLongA
SetWindowLongA
IsWindow
DefMDIChildProcA
DrawMenuBar
TranslateAcceleratorA
TranslateMDISysAccel
ValidateRect
ShowOwnedPopups
PostQuitMessage
CharUpperA
IsZoomed
PtInRect
GetMessageA
TranslateMessage
ClientToScreen
DefFrameProcA
CreateWindowExA
BringWindowToTop
GetMenu
GetMenuItemCount
GetSubMenu
KillTimer
ReleaseDC
GetDC
UpdateWindow
GetWindowRect
LoadBitmapA
InvalidateRect
PostMessageA
SetTimer
GetWindowDC
RegisterClipboardFormatA
GetLastActivePopup
IsWindowVisible
OffsetRect
GetCursorPos
SendMessageA
EnableWindow
WaitMessage
SetCapture
LoadCursorA
wvsprintfA
EndDialog
CreateDialogIndirectParamA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
IntersectRect
SystemParametersInfoA
GetClassLongA
SendDlgItemMessageA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
CharNextA
IsWindowUnicode

gdi32

CreateDIBitmap
CreateBitmap
GetObjectA
SetBkColor
GetTextExtentPointA
SetTextColor
BitBlt
GetTextMetricsA
GetTextExtentPoint32A
Rectangle
GetDeviceCaps
GetClipBox
StretchDIBits
DeleteObject
CreateCompatibleBitmap
StartDocA
SaveDC
GetStockObject
RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
DeleteDC
SetViewportExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SelectClipRgn
SetWindowExtEx
IntersectClipRect
ExcludeClipRect
LineTo
MoveToEx
CreateRectRgn
CreateSolidBrush
PtVisible
CreatePatternBrush
TextOutA
ExtTextOutA
RectVisible
AbortDoc
EndDoc
Escape
StartPage
DPtoLP
EndPage
CreateDCA
CreateFontIndirectA
SetAbortProc
PatBlt
SetRectRgn
CreateRectRgnIndirect
CombineRgn
SelectObject
CreateCompatibleDC

comdlg32

GetOpenFileNameA
GetSaveFileNameA
PrintDlgA
CommDlgExtendedError
GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegCreateKeyExA
RegCreateKeyA
RegSetValueA
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
RegOpenKeyA
GetFileSecurityA
SetFileSecurityA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegQueryValueExA

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
ExtractIconA

comctl32

ord17

oledlg

ord8

ole32

StringFromCLSID
CoTaskMemFree
CoDisconnectObject
CoRegisterMessageFilter
CoRegisterClassObject
CoTaskMemAlloc
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleUninitialize
CoFreeUnusedLibraries
OleInitialize

oleaut32

SysStringByteLen
SysFreeString
VariantCopy
VariantClear
VariantChangeType
SysAllocStringLen
SysAllocString
SysStringLen
SysAllocStringByteLen
LoadTypeLi

Sections

.text
Size: 244KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Modscan32/Modsim32/ļ/ModSimEx.frm
.vbs
Modscan32/Modsim32/ļ/Modbusl.dll
.dll windows:4 windows x86

417ae692bd5b9d78145c55b54a6f517c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GlobalAlloc
CreateThread
GlobalFree
GlobalUnlock
GetTickCount
CloseHandle
SetCommState
GetCommState
PurgeComm
ClearCommError
GetOverlappedResult
GetLastError
WriteFile
Sleep
EscapeCommFunction
SetCommTimeouts
CreateEventA
SetupComm
CreateFileA
SetCommMask
ReadFile
WaitCommEvent
GetModuleFileNameA
FreeEnvironmentStringsA
SetHandleCount
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
RtlUnwind
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GlobalLock
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetOEMCP
GetVersionExA
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapCreate
VirtualFree
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
EnterCriticalSection
HeapDestroy
LeaveCriticalSection
HeapFree
InitializeCriticalSection
GetCPInfo
HeapAlloc
GetACP

user32

DispatchMessageA
UnregisterClassA
KillTimer
wsprintfA
DestroyWindow
DefWindowProcA
SetTimer
RegisterClassA
CreateWindowExA
UpdateWindow
GetMessageA
TranslateMessage
PostMessageA

wsock32

accept
WSACleanup
WSAStartup
recv
ntohs
send
socket
htons
bind
closesocket
listen
WSAAsyncSelect

Exports

Exports

_ActivateSlaveId@8
_CloseConnection@4
_DLL_Revision@0
_DefineDataBlock@20
_EnableBufferCallback@4
_EnableCallback@4
_EnableDoWriteNotification@16
_InitializeWSock@0
_MBAPWndProc@16
_OpenConnection@20
_OpenTCPConnection@8
_ReadDebugData@16
_RemoveDataBlock@4
_SetProtocolOptions@8
_SetTCPServicePort@4
_SlaveStatus@16
_UnInitializeWSock@0

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Modscan32/ScanGuide.txt
.vbs
Modscan32/ex1.frm
.vbs
Modscan32/example1.csv
Modscan32/modbus1.mdb
Modscan32/modbusm.dll
.dll windows:5 windows x86

b98dd2ec75bc75f8a721777b9461d4ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

tapi32

lineOpen
lineMakeCall
lineGetCallStatus
lineDrop
lineDeallocateCall
lineClose
lineGetAddressCaps
lineNegotiateAPIVersion
lineGetDevCaps
lineShutdown
lineGetID
lineInitialize

wsock32

WSACleanup
WSAStartup
socket
setsockopt
bind
WSAAsyncSelect
connect
htons
recv
WSAGetLastError
ntohs
send
closesocket

kernel32

GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
InterlockedDecrement
SetLastError
InterlockedIncrement
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
ReleaseMutex
TlsSetValue
CloseHandle
GetCurrentThreadId
WaitForSingleObject
TlsGetValue
SetEvent
LeaveCriticalSection
CreateThread
CreateEventA
EnterCriticalSection
SetCommState
GetCommState
Sleep
PurgeComm
SetCommMask
ResetEvent
GetOverlappedResult
GetLastError
ReadFile
SetCommTimeouts
WaitCommEvent
WriteFile
EscapeCommFunction
DeleteCriticalSection
TlsFree
TlsAlloc
CreateMutexA
InitializeCriticalSection
SetupComm
CreateFileA
LocalAlloc
LocalFree
LocalSize
OutputDebugStringA
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LoadLibraryA
RtlUnwind
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
HeapFree
HeapAlloc
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
GetModuleHandleW
GetProcAddress
ExitProcess
GetStdHandle
GetModuleFileNameA
QueryPerformanceCounter

user32

PeekMessageA
wsprintfA
RegisterClassA
CreateWindowExA
UpdateWindow
GetMessageA
DispatchMessageA
DestroyWindow
UnregisterClassA
DefWindowProcA
SetTimer
KillTimer
PostMessageA
TranslateMessage

Exports

Exports

_AbortTheCall@4
_CloseConnection@4
_ConnectASCII@12
_ConnectDanielsASCII@12
_ConnectDanielsRTU@12
_ConnectRTU@12
_ConnectTCP2@12
_ConnectTCP@8
_ConnectTelNet@12
_DialCall@8
_EnableConnectionCallback@4
_EnableModbusCallback@8
_GetCallState@8
_GetLineDeviceName@12
_GetPollDelay@0
_Get_Modbus_DLL_Revision@0
_HookRspNotification@16
_InitializeWinSock@0
_MBAPWndProc@16
_MODBUSResponse@16
_NumberOfLineDevices@0
_PollMODBUS@8
_ReadDebugData@16
_ReadTransparentResponse@16
_SetPollDelay@4
_UnInitializeWinSock@0
_WriteMODBUS@12
_WriteTransparentString@12

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Modscan32/ms32frm.cfg
Modscan32/oilp.bmp
Modscan32/otemp.bmp
Modscan32/speedo.bmp
Modscan32/tach.bmp
Modscan32/temp.bmp
Modscan32/volt.bmp
Modscan32/Ӣİļ/ModScan32.exe
.exe windows:5 windows x86

a80eba97c84c67d5647e6da0cafcc1b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

modbusm

_AbortTheCall@4
_DialCall@8
_HookRspNotification@16
_CloseConnection@4
_ConnectRTU@12
_NumberOfLineDevices@0
_ConnectTelNet@12
_ConnectTCP2@12
_ConnectTCP@8
_ConnectASCII@12
_ConnectDanielsRTU@12
_ConnectDanielsASCII@12
_MODBUSResponse@16
_ReadTransparentResponse@16
_ReadDebugData@16
_WriteTransparentString@12
_PollMODBUS@8
_GetLineDeviceName@12
_SetPollDelay@4
_GetCallState@8
_GetPollDelay@0
_WriteMODBUS@12

wsock32

gethostbyname
WSACleanup
WSAStartup
ioctlsocket

kernel32

GetPrivateProfileStringA
GetCurrentDirectoryA
RtlUnwind
SetEnvironmentVariableA
SetCurrentDirectoryA
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
GetCommandLineA
GetStartupInfoA
RaiseException
VirtualProtect
VirtualAlloc
WritePrivateProfileStringA
VirtualQuery
HeapReAlloc
Sleep
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
VirtualFree
HeapCreate
GetStdHandle
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
GetPrivateProfileIntA
GetFileSizeEx
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SetErrorMode
SystemTimeToFileTime
FileTimeToSystemTime
GetModuleHandleW
GetOEMCP
GetCPInfo
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetDiskFreeSpaceA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetTickCount
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
InterlockedIncrement
CreateFileA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
CloseHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
GetThreadLocale
GetStringTypeExA
DeleteFileA
MoveFileA
lstrcmpA
GetCurrentProcessId
GetModuleFileNameA
InterlockedDecrement
GetModuleFileNameW
FormatMessageA
LocalFree
MulDiv
lstrlenA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
CompareStringA
LoadLibraryA
GetLastError
SetLastError
MultiByteToWideChar
lstrcmpW
GetVersionExA
FreeResource
GetModuleHandleA
GetProcAddress
GetCurrentProcess
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetSystemInfo

user32

DeleteMenu
GetSystemMenu
WindowFromPoint
TranslateMessage
GetMessageA
WaitMessage
PostQuitMessage
ValidateRect
ShowOwnedPopups
RegisterClipboardFormatA
GetMenuItemInfoA
GetSysColorBrush
UnregisterClassA
DrawIcon
SetWindowRgn
GetDCEx
LockWindowUpdate
DestroyIcon
PostThreadMessageA
CopyAcceleratorTableA
CreateMenu
GetTabbedTextExtentA
DestroyMenu
SetCursor
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
RedrawWindow
TranslateAcceleratorA
TranslateMDISysAccel
BringWindowToTop
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
IsRectEmpty
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
GetScrollRange
GetScrollPos
SetForegroundWindow
ShowScrollBar
PostMessageA
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetSystemMetrics
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
ClientToScreen
IsZoomed
IsIconic
UpdateWindow
GetWindowRect
LoadBitmapA
ReleaseCapture
SetCapture
IsWindowVisible
InvalidateRect
KillTimer
SetTimer
SetParent
CharUpperA
SetRect
GetCursorPos
LoadCursorA
DestroyCursor
SetCursorPos
InflateRect
UnpackDDElParam
ReuseDDElParam
CallNextHookEx
LoadMenuA
SetScrollRange
SetScrollPos
GetClientRect
LoadImageA
ReleaseDC
GetDC
SendMessageA
EnableWindow
UnhookWindowsHookEx

gdi32

CreateDCA
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
DeleteObject
DeleteDC
CreateBitmap
GetStockObject
GetClipBox
CreateCompatibleBitmap
PatBlt
DPtoLP
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetCharWidthA
CreateFontA
StretchDIBits
GetBkColor
GetViewportOrgEx
CreateRectRgnIndirect
SetRectRgn
CombineRgn
CreateEllipticRgn
LPtoDP
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetTextAlign
GetTextFaceA
GetTextExtentPointA
GetWindowOrgEx
SetBkColor
CreatePatternBrush
SetTextColor
BitBlt
GetTextExtentPoint32A
StretchBlt
Ellipse
CreateCompatibleDC
GetObjectA
CreateHatchBrush
CreatePen
GetTextMetricsA
Rectangle
GetDeviceCaps
CreateSolidBrush
CreateFontIndirectA
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SelectClipRgn

comdlg32

ChooseFontA
GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
GetJobA
DocumentPropertiesA

advapi32

RegCreateKeyA
GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegSetValueA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegDeleteValueA

shell32

DragFinish
SHGetFileInfoA
ExtractIconA
DragQueryFileA

shlwapi

PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA
PathFindFileNameA

oledlg

ord8

ole32

CoTaskMemFree
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoDisconnectObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoRevokeClassObject
CoRegisterClassObject
CoInitializeEx
CoCreateInstance
CoUninitialize
CoTaskMemAlloc
StringFromCLSID

oleaut32

VariantClear
LoadTypeLi
SysAllocString
VariantCopy
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType

Sections

.text
Size: 515KB - Virtual size: 515KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Modscan32/Ӣİļ/ex1.frm
.vbs
Modscan32/Ӣİļ/modbusm.dll
.dll windows:5 windows x86

b98dd2ec75bc75f8a721777b9461d4ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

tapi32

lineOpen
lineMakeCall
lineGetCallStatus
lineDrop
lineDeallocateCall
lineClose
lineGetAddressCaps
lineNegotiateAPIVersion
lineGetDevCaps
lineShutdown
lineGetID
lineInitialize

wsock32

WSACleanup
WSAStartup
socket
setsockopt
bind
WSAAsyncSelect
connect
htons
recv
WSAGetLastError
ntohs
send
closesocket

kernel32

GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
InterlockedDecrement
SetLastError
InterlockedIncrement
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
ReleaseMutex
TlsSetValue
CloseHandle
GetCurrentThreadId
WaitForSingleObject
TlsGetValue
SetEvent
LeaveCriticalSection
CreateThread
CreateEventA
EnterCriticalSection
SetCommState
GetCommState
Sleep
PurgeComm
SetCommMask
ResetEvent
GetOverlappedResult
GetLastError
ReadFile
SetCommTimeouts
WaitCommEvent
WriteFile
EscapeCommFunction
DeleteCriticalSection
TlsFree
TlsAlloc
CreateMutexA
InitializeCriticalSection
SetupComm
CreateFileA
LocalAlloc
LocalFree
LocalSize
OutputDebugStringA
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LoadLibraryA
RtlUnwind
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
HeapFree
HeapAlloc
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
GetModuleHandleW
GetProcAddress
ExitProcess
GetStdHandle
GetModuleFileNameA
QueryPerformanceCounter

user32

PeekMessageA
wsprintfA
RegisterClassA
CreateWindowExA
UpdateWindow
GetMessageA
DispatchMessageA
DestroyWindow
UnregisterClassA
DefWindowProcA
SetTimer
KillTimer
PostMessageA
TranslateMessage

Exports

Exports

_AbortTheCall@4
_CloseConnection@4
_ConnectASCII@12
_ConnectDanielsASCII@12
_ConnectDanielsRTU@12
_ConnectRTU@12
_ConnectTCP2@12
_ConnectTCP@8
_ConnectTelNet@12
_DialCall@8
_EnableConnectionCallback@4
_EnableModbusCallback@8
_GetCallState@8
_GetLineDeviceName@12
_GetPollDelay@0
_Get_Modbus_DLL_Revision@0
_HookRspNotification@16
_InitializeWinSock@0
_MBAPWndProc@16
_MODBUSResponse@16
_NumberOfLineDevices@0
_PollMODBUS@8
_ReadDebugData@16
_ReadTransparentResponse@16
_SetPollDelay@4
_UnInitializeWinSock@0
_WriteMODBUS@12
_WriteTransparentString@12

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Modscan32/ע.TXT
Modscan32/ļ/ModScan32.exe
.exe windows:5 windows x86

a80eba97c84c67d5647e6da0cafcc1b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

modbusm

_AbortTheCall@4
_DialCall@8
_HookRspNotification@16
_CloseConnection@4
_ConnectRTU@12
_NumberOfLineDevices@0
_ConnectTelNet@12
_ConnectTCP2@12
_ConnectTCP@8
_ConnectASCII@12
_ConnectDanielsRTU@12
_ConnectDanielsASCII@12
_MODBUSResponse@16
_ReadTransparentResponse@16
_ReadDebugData@16
_WriteTransparentString@12
_PollMODBUS@8
_GetLineDeviceName@12
_SetPollDelay@4
_GetCallState@8
_GetPollDelay@0
_WriteMODBUS@12

wsock32

gethostbyname
WSACleanup
WSAStartup
ioctlsocket

kernel32

GetPrivateProfileStringA
GetCurrentDirectoryA
RtlUnwind
SetEnvironmentVariableA
SetCurrentDirectoryA
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
GetCommandLineA
GetStartupInfoA
RaiseException
VirtualProtect
VirtualAlloc
WritePrivateProfileStringA
VirtualQuery
HeapReAlloc
Sleep
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
VirtualFree
HeapCreate
GetStdHandle
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
GetPrivateProfileIntA
GetFileSizeEx
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SetErrorMode
SystemTimeToFileTime
FileTimeToSystemTime
GetModuleHandleW
GetOEMCP
GetCPInfo
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetDiskFreeSpaceA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetTickCount
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
InterlockedIncrement
CreateFileA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
CloseHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
GetThreadLocale
GetStringTypeExA
DeleteFileA
MoveFileA
lstrcmpA
GetCurrentProcessId
GetModuleFileNameA
InterlockedDecrement
GetModuleFileNameW
FormatMessageA
LocalFree
MulDiv
lstrlenA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
CompareStringA
LoadLibraryA
GetLastError
SetLastError
MultiByteToWideChar
lstrcmpW
GetVersionExA
FreeResource
GetModuleHandleA
GetProcAddress
GetCurrentProcess
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetSystemInfo

user32

DeleteMenu
GetSystemMenu
WindowFromPoint
TranslateMessage
GetMessageA
WaitMessage
PostQuitMessage
ValidateRect
ShowOwnedPopups
RegisterClipboardFormatA
GetMenuItemInfoA
GetSysColorBrush
UnregisterClassA
DrawIcon
SetWindowRgn
GetDCEx
LockWindowUpdate
DestroyIcon
PostThreadMessageA
CopyAcceleratorTableA
CreateMenu
GetTabbedTextExtentA
DestroyMenu
SetCursor
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
RedrawWindow
TranslateAcceleratorA
TranslateMDISysAccel
BringWindowToTop
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
IsRectEmpty
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
GetScrollRange
GetScrollPos
SetForegroundWindow
ShowScrollBar
PostMessageA
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetSystemMetrics
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
ClientToScreen
IsZoomed
IsIconic
UpdateWindow
GetWindowRect
LoadBitmapA
ReleaseCapture
SetCapture
IsWindowVisible
InvalidateRect
KillTimer
SetTimer
SetParent
CharUpperA
SetRect
GetCursorPos
LoadCursorA
DestroyCursor
SetCursorPos
InflateRect
UnpackDDElParam
ReuseDDElParam
CallNextHookEx
LoadMenuA
SetScrollRange
SetScrollPos
GetClientRect
LoadImageA
ReleaseDC
GetDC
SendMessageA
EnableWindow
UnhookWindowsHookEx

gdi32

CreateDCA
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
DeleteObject
DeleteDC
CreateBitmap
GetStockObject
GetClipBox
CreateCompatibleBitmap
PatBlt
DPtoLP
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetCharWidthA
CreateFontA
StretchDIBits
GetBkColor
GetViewportOrgEx
CreateRectRgnIndirect
SetRectRgn
CombineRgn
CreateEllipticRgn
LPtoDP
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetTextAlign
GetTextFaceA
GetTextExtentPointA
GetWindowOrgEx
SetBkColor
CreatePatternBrush
SetTextColor
BitBlt
GetTextExtentPoint32A
StretchBlt
Ellipse
CreateCompatibleDC
GetObjectA
CreateHatchBrush
CreatePen
GetTextMetricsA
Rectangle
GetDeviceCaps
CreateSolidBrush
CreateFontIndirectA
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SelectClipRgn

comdlg32

ChooseFontA
GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
GetJobA
DocumentPropertiesA

advapi32

RegCreateKeyA
GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegSetValueA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegDeleteValueA

shell32

DragFinish
SHGetFileInfoA
ExtractIconA
DragQueryFileA

shlwapi

PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA
PathFindFileNameA

oledlg

ord8

ole32

CoTaskMemFree
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoDisconnectObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoRevokeClassObject
CoRegisterClassObject
CoInitializeEx
CoCreateInstance
CoUninitialize
CoTaskMemAlloc
StringFromCLSID

oleaut32

VariantClear
LoadTypeLi
SysAllocString
VariantCopy
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType

Sections

.text
Size: 515KB - Virtual size: 515KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Modscan32/ļ/ex1.frm
.vbs
Modscan32/ļ/modbusm.dll
.dll windows:5 windows x86

b98dd2ec75bc75f8a721777b9461d4ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

tapi32

lineOpen
lineMakeCall
lineGetCallStatus
lineDrop
lineDeallocateCall
lineClose
lineGetAddressCaps
lineNegotiateAPIVersion
lineGetDevCaps
lineShutdown
lineGetID
lineInitialize

wsock32

WSACleanup
WSAStartup
socket
setsockopt
bind
WSAAsyncSelect
connect
htons
recv
WSAGetLastError
ntohs
send
closesocket

kernel32

GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
InterlockedDecrement
SetLastError
InterlockedIncrement
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
ReleaseMutex
TlsSetValue
CloseHandle
GetCurrentThreadId
WaitForSingleObject
TlsGetValue
SetEvent
LeaveCriticalSection
CreateThread
CreateEventA
EnterCriticalSection
SetCommState
GetCommState
Sleep
PurgeComm
SetCommMask
ResetEvent
GetOverlappedResult
GetLastError
ReadFile
SetCommTimeouts
WaitCommEvent
WriteFile
EscapeCommFunction
DeleteCriticalSection
TlsFree
TlsAlloc
CreateMutexA
InitializeCriticalSection
SetupComm
CreateFileA
LocalAlloc
LocalFree
LocalSize
OutputDebugStringA
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LoadLibraryA
RtlUnwind
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
HeapFree
HeapAlloc
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
GetModuleHandleW
GetProcAddress
ExitProcess
GetStdHandle
GetModuleFileNameA
QueryPerformanceCounter

user32

PeekMessageA
wsprintfA
RegisterClassA
CreateWindowExA
UpdateWindow
GetMessageA
DispatchMessageA
DestroyWindow
UnregisterClassA
DefWindowProcA
SetTimer
KillTimer
PostMessageA
TranslateMessage

Exports

Exports

_AbortTheCall@4
_CloseConnection@4
_ConnectASCII@12
_ConnectDanielsASCII@12
_ConnectDanielsRTU@12
_ConnectRTU@12
_ConnectTCP2@12
_ConnectTCP@8
_ConnectTelNet@12
_DialCall@8
_EnableConnectionCallback@4
_EnableModbusCallback@8
_GetCallState@8
_GetLineDeviceName@12
_GetPollDelay@0
_Get_Modbus_DLL_Revision@0
_HookRspNotification@16
_InitializeWinSock@0
_MBAPWndProc@16
_MODBUSResponse@16
_NumberOfLineDevices@0
_PollMODBUS@8
_ReadDebugData@16
_ReadTransparentResponse@16
_SetPollDelay@4
_UnInitializeWinSock@0
_WriteMODBUS@12
_WriteTransparentString@12

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ThisWorkbook

Sheet1

Sheet2

Sheet3

Module1

a80eba97c84c67d5647e6da0cafcc1b7

Headers

DLL Characteristics

File Characteristics

Imports

modbusm

wsock32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 515KB - Virtual size: 515KB

.rdata Size: 129KB - Virtual size: 129KB

.data Size: 13KB - Virtual size: 29KB

.rsrc Size: 66KB - Virtual size: 66KB

64204a71c1a1016ac34a385cafe33584

Headers

File Characteristics

Imports

modbusl

wsock32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

Sections

.text Size: 244KB - Virtual size: 240KB

.rdata Size: 56KB - Virtual size: 54KB

.data Size: 20KB - Virtual size: 34KB

.rsrc Size: 36KB - Virtual size: 32KB

417ae692bd5b9d78145c55b54a6f517c

Headers

File Characteristics

Imports

kernel32

user32

wsock32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 141KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 4KB

64204a71c1a1016ac34a385cafe33584

Headers

File Characteristics

Imports

modbusl

wsock32

kernel32

user32

gdi32

comdlg32

.text
Size: 515KB - Virtual size: 515KB

.rdata
Size: 129KB - Virtual size: 129KB

.data
Size: 13KB - Virtual size: 29KB

.rsrc
Size: 66KB - Virtual size: 66KB

.text
Size: 244KB - Virtual size: 240KB

.rdata
Size: 56KB - Virtual size: 54KB

.data
Size: 20KB - Virtual size: 34KB

.rsrc
Size: 36KB - Virtual size: 32KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 141KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 4KB

.text
Size: 244KB - Virtual size: 240KB

.rdata
Size: 56KB - Virtual size: 54KB

.data
Size: 20KB - Virtual size: 34KB

.rsrc
Size: 44KB - Virtual size: 40KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 141KB

.rsrc
Size: 4KB - Virtual size: 952B

.reloc
Size: 8KB - Virtual size: 4KB

.text
Size: 244KB - Virtual size: 240KB

.rdata
Size: 56KB - Virtual size: 54KB

.data
Size: 20KB - Virtual size: 34KB

.rsrc
Size: 36KB - Virtual size: 32KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 141KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 4KB