f30239f852e1ecb3eff0e3c9a8649f3ce074c052c187fda610e469be17eb7f82

Sharing

Copy URL Twitter E-mail

General

Target

f30239f852e1ecb3eff0e3c9a8649f3ce074c052c187fda610e469be17eb7f82
Size

7.1MB
MD5

66a7642aae5d831a9feda58f5aadb130
SHA1

9a3102b321fff184c78c587f318135c57a6ed1fd
SHA256

f30239f852e1ecb3eff0e3c9a8649f3ce074c052c187fda610e469be17eb7f82
SHA512

a9585a08f517942f0268006063845526e6986ae404124d4c8b77e3e8c47ecba313afae0a8740b0530f7cb7fb3cc96b3565c182e98999792d0b0f2a133ef826d5
SSDEEP

196608:IIfYGUfHYKi7V9pTSxGji3nkdY3buY3TeHnR:ISQYKi7V9pTSxGjiXZbTDER

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/dm7.2107/7.2107/dm.dll	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/dm7.2107/7.2107/dm.dll	upx

Unsigned PE 10 IoCs

Checks for missing Authenticode signature.

resource
unpack001/dm7.2107/7.2107/RegDll.dll
unpack001/dm7.2107/7.2107/dm.dll
unpack001/dm7.2107/7.2107/xx.dat
unpack001/dm7.2107/7.2107//Get_Question.exe
unpack001/dm7.2107/7.2107//Put_Question.exe
unpack001/dm7.2107/7.2107//Į.exe
unpack001/dm7.2107/7.2107/Į̨ϵͳ.exe
unpack001/dm7.2107/7.2107/ĮۺϹ.exe
unpack001/dm7.2107/7.2107/ĮۺϹ_·.exe
unpack001/dm7.2107/7.2107/ȡ.exe

Files

f30239f852e1ecb3eff0e3c9a8649f3ce074c052c187fda610e469be17eb7f82
.zip
dm7.2107/7.2107/Output/C#/obj.cs
dm7.2107/7.2107/Output/C#/.txt
dm7.2107/7.2107/Output/C#/߳ģ.rar
.rar
example/FormMain.Designer.cs
example/FormMain.cs
example/FormMain.resx
.xml .vbs
example/Program.cs
.js
example/Properties/AssemblyInfo.cs
example/Properties/Resources.Designer.cs
.vbs
example/Properties/Resources.resx
.vbs
example/Properties/Settings.Designer.cs
example/Properties/Settings.settings
example/example.csproj
example/example.csproj.user
example/example.sln
example/example.suo
example/log.cs
example/multi_thread.cs
.js
example/obj.cs
example/script.cs
dm7.2107/7.2107/Output/Delphi/obj.pas
dm7.2107/7.2107/Output/Delphi/.txt
dm7.2107/7.2107/Output/E/obj.txt
dm7.2107/7.2107/Output/E/.txt
dm7.2107/7.2107/Output/E/߳ģ.rar
.rar
多线程模板.e
dm7.2107/7.2107/Output/VB6/obj.cls
.vbs
dm7.2107/7.2107/Output/VB6/.txt
.vbs
dm7.2107/7.2107/Output/VBNet/obj.vb
.vbs
dm7.2107/7.2107/Output/VBNet/.txt
dm7.2107/7.2107/Output/VC++/example(console).rar
.rar
example/ReadMe.txt
example/Resource.h
example/example.cpp
example/example.h
example/example.rc
example/example.sln
example/example.suo
example/example.vcproj
.xml
example/obj.cpp
example/obj.h
example/stdafx.cpp
example/stdafx.h
dm7.2107/7.2107/Output/VC++/example(ui).rar
.rar
example/ReadMe.txt
example/example.cpp
example/example.h
example/example.rc
example/example.sln
example/example.suo
example/example.vcproj
.xml
example/exampleDlg.cpp
example/exampleDlg.h
example/obj.cpp
example/obj.h
example/res/example.ico
example/res/example.rc2
example/resource.h
example/stdafx.cpp
example/stdafx.h
dm7.2107/7.2107/Output/VC++/example(߳ģ).rar
.rar
example/ReadMe.txt
example/example.cpp
example/example.h
example/example.rc
example/example.sln
example/example.suo
example/example.vcproj
.xml
example/exampleDlg.cpp
example/exampleDlg.h
example/log.cpp
example/log.h
example/obj.cpp
example/obj.h
example/res/example.ico
example/res/example.rc2
example/resource.h
example/script.cpp
example/script.h
example/stdafx.cpp
example/stdafx.h
example/thread_control.cpp
example/thread_control.h
dm7.2107/7.2107/Output/VC++/obj.cpp
dm7.2107/7.2107/Output/VC++/obj.h
dm7.2107/7.2107/Output/VC++/.txt
dm7.2107/7.2107/Output//obj.vbs
.vbs
dm7.2107/7.2107/Output//.txt
.vbs
dm7.2107/7.2107/RegDll.dll
.dll regsvr32 windows:4 windows x86

f076a1e4fbab4d2c4bccbdc4ea8a1b72

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord3831
ord3825
ord3079
ord4080
ord4424
ord614
ord1206
ord2623
ord290
ord825
ord1223
ord4622
ord4226
ord2486
ord4003
ord446
ord743
ord1569
ord1196
ord1168
ord6467
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord3830
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3262
ord3081
ord3738
ord561
ord815
ord5500
ord1132
ord1131
ord6354
ord1176
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord2976
ord2985
ord3136
ord4465
ord3147
ord3259
ord2982
ord1799
ord1089
ord823
ord1578
ord600
ord826
ord269
ord1116

msvcrt

__CxxFrameHandler
wcstombs
__dllonexit
_onexit
free
??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm

kernel32

LocalFree
LoadLibraryA
FreeLibrary
GetProcAddress
LocalAlloc

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA

ole32

OleInitialize
CoTaskMemFree
StringFromCLSID
OleUninitialize

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 722B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dm7.2107/7.2107/cfg.ini
dm7.2107/7.2107/dm.dll
.dll regsvr32 windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

UPX0
Size: - Virtual size: 2.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
dm7.2107/7.2107/xx.dat
.exe windows:4 windows x86

625034b53fad30f514fe83fbae8da710

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4486
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord1134
ord1576
ord6375
ord4465
ord4274
ord1168

msvcrt

_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_XcptFilter
_exit
_onexit
_setmbcp
__dllonexit
exit

kernel32

GetModuleHandleA
GetStartupInfoA

Sections

.text
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
dm7.2107/7.2107/עĮϵͳ.bat
.bat .vbs
dm7.2107/7.2107/ϵͳжشĮ.bat
.bat .vbs
dm7.2107/7.2107//Get_Question.exe
.exe windows:4 windows x86

84869660815e0a5935787df2212cfa75

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
GetCurrentProcessId
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
HeapAlloc
GetLastError
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
FlushFileBuffers
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
dm7.2107/7.2107//Get_Question/Get_Question.cpp
dm7.2107/7.2107//Get_Question/Get_Question.dsp
dm7.2107/7.2107//Get_Question/Get_Question.dsw
dm7.2107/7.2107//Get_Question/ReadMe.txt
dm7.2107/7.2107//Get_Question/StdAfx.cpp
dm7.2107/7.2107//Get_Question/StdAfx.h
dm7.2107/7.2107//Put_Question.exe
.exe windows:4 windows x86

bd9adee5135d77822915f71c4ed9aeb3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnmapViewOfFile
MapViewOfFile
CloseHandle
OpenFileMappingA
GetCurrentProcessId
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
HeapAlloc
GetLastError
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
FlushFileBuffers
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
dm7.2107/7.2107//Put_Question/Put_Question.cpp
dm7.2107/7.2107//Put_Question/Put_Question.dsp
dm7.2107/7.2107//Put_Question/Put_Question.dsw
dm7.2107/7.2107//Put_Question/ReadMe.txt
dm7.2107/7.2107//Put_Question/StdAfx.cpp
dm7.2107/7.2107//Put_Question/StdAfx.h
dm7.2107/7.2107//alarm.mp3
dm7.2107/7.2107//ʹ˵.txt
dm7.2107/7.2107//Į.exe
.exe windows:4 windows x86

6cd9616ea5a83b196d28c5f7de43ae42

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryW
MoveFileW
DeleteFileW
GetStringTypeExW
lstrcmpiW
ReadFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileW
GetVolumeInformationW
GetShortPathNameW
FindNextFileW
LocalFileTimeToFileTime
SetFileAttributesW
SetErrorMode
GetVersionExW
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
RtlUnwind
UnhandledExceptionFilter
IsDebuggerPresent
RaiseException
HeapReAlloc
ExitThread
ExitProcess
HeapSize
SetStdHandle
GetFileType
VirtualProtect
GetStdHandle
SystemTimeToFileTime
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
QueryPerformanceCounter
GetSystemTimeAsFileTime
FatalAppExitA
SetConsoleCtrlHandler
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetCurrentDirectoryA
GetDriveTypeA
GetFullPathNameA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetEnvironmentVariableA
GetThreadLocale
lstrlenA
GetAtomNameW
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GlobalGetAtomNameW
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
SetFileTime
GetFileAttributesW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
SuspendThread
SetThreadPriority
GetCurrentProcessId
GetModuleHandleA
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryW
FreeLibrary
CompareStringW
LoadLibraryA
lstrcmpW
GetProcAddress
GetVersionExA
SetLastError
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
LocalFree
lstrlenW
MulDiv
OpenEventW
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
VirtualFree
GetSystemInfo
GetQueuedCompletionStatus
InterlockedDecrement
SetEvent
CreateEventW
InterlockedIncrement
InterlockedExchange
PostQueuedCompletionStatus
CreateIoCompletionPort
DeleteCriticalSection
InitializeCriticalSection
CreateFileA
GetLastError
SetCurrentDirectoryA
CreateDirectoryA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleFileNameA
WritePrivateProfileStringA
CreateFileW
SetFilePointer
IsBadWritePtr
WriteFile
VirtualQuery
FormatMessageW
SetUnhandledExceptionFilter
CreateDirectoryW
GetLocalTime
GetTickCount
CreateProcessW
CreateFileMappingA
TerminateProcess
MapViewOfFile
UnmapViewOfFile
ResumeThread
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleW
CreateThread
CloseHandle
GetModuleFileNameW
Beep
Sleep
WideCharToMultiByte
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
FreeEnvironmentStringsA
SizeofResource

user32

SetCapture
GetNextDlgGroupItem
MessageBeep
GetSystemMenu
SetParent
UnionRect
UnregisterClassW
RegisterClipboardFormatW
WindowFromPoint
GetDCEx
LockWindowUpdate
PostThreadMessageW
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
IsWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
InvalidateRgn
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
SendMessageW
GetParent
EnableWindow
GetKeyNameTextW
PostMessageW
UnregisterClassA
GetSubMenu
RemoveMenu
MessageBoxW
wvsprintfW
GetWindowLongW
AdjustWindowRectEx
ScreenToClient
GetWindowRect
UpdateWindow
MapVirtualKeyW
InvalidateRect
GetClientRect
DrawTextW
KillTimer
SetTimer
SetRect
IsRectEmpty
CopyAcceleratorTableW
CharNextW
CharUpperW
DestroyIcon
DeleteMenu
GetDialogBaseUnits
SystemParametersInfoW
GetMenuItemInfoW
GetSysColorBrush
LoadCursorW
GetIconInfo
UnpackDDElParam
ReuseDDElParam
LoadMenuW
DestroyMenu
ReleaseCapture
LoadAcceleratorsW
InsertMenuItemW
CreatePopupMenu
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorW
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
SetCursor
PostQuitMessage
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
ShowWindow
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
TabbedTextOutW
FillRect
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
ScrollWindowEx
ScrollWindow
IsWindowEnabled
InflateRect

gdi32

SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
SelectClipRgn
GetClipRgn
CreateRectRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocW
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
CreateBitmap
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateDIBPatternBrushPt
CreatePatternBrush
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectW
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetTextExtentPoint32W
GetTextMetricsW
GetBkColor
GetTextColor
GetRgnBox
GetCharWidthW
CreateFontW
StretchDIBits
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateDCW
CopyMetaFileW
GetDeviceCaps
SelectObject
DeleteDC
GetObjectW
DeleteObject
BitBlt
CreateCompatibleDC
ScaleViewportExtEx
StretchBlt
SetBrushOrgEx
CreateDIBSection
GetDIBits
RealizePalette
SetDIBitsToDevice
CreateCompatibleBitmap

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

GetFileSecurityW
SetFileSecurityW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyW
RegSetValueW
RegCloseKey
RegCreateKeyW

shell32

DragFinish
ExtractIconW
SHGetFileInfoW
DragQueryFileW

shlwapi

PathFindFileNameW
UrlUnescapeW
PathStripToRootW
PathFindExtensionW
PathRemoveExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
CreateBindCtx
ReleaseStgMedium
CoTaskMemAlloc
StringFromCLSID
CoTreatAsClass
OleDuplicateData
CLSIDFromProgID
CoTaskMemFree
CoDisconnectObject
CoCreateInstance
StringFromGUID2
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleRun
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
CLSIDFromString
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CreateStreamOnHGlobal
CoGetClassObject

oleaut32

SysFreeString
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
VarDateFromStr
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
LoadTypeLi
SysStringLen

winmm

mciSendCommandW

ws2_32

WSASend
WSAIoctl
listen
bind
htons
inet_addr
inet_ntoa
getsockopt
send
WSACleanup
WSAStartup
gethostname
gethostbyname
ntohs
WSARecv
setsockopt
socket
WSAGetLastError
recv
closesocket

wininet

FtpRenameFileW
FtpDeleteFileW
InternetQueryDataAvailable
InternetGetCookieW
HttpOpenRequestW
InternetOpenUrlW
GopherOpenFileW
InternetConnectW
FtpFindFirstFileW
GopherCreateLocatorW
FtpCommandW
FtpOpenFileW
GopherGetAttributeW
HttpSendRequestExW
HttpEndRequestW
HttpSendRequestW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
GopherFindFirstFileW
InternetCloseHandle
InternetFindNextFileW
HttpQueryInfoW
HttpAddRequestHeadersW
InternetErrorDlg
FtpGetFileW
FtpPutFileW
FtpGetCurrentDirectoryW
FtpSetCurrentDirectoryW
FtpRemoveDirectoryW
InternetSetCookieW
InternetSetOptionExW
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetCrackUrlW
FtpCreateDirectoryW

Sections

.text
Size: 952KB - Virtual size: 948KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 220KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
dm7.2107/7.2107/Įӿ˵.chm
.chm
dm7.2107/7.2107/Į̨ϵͳ.exe
.exe windows:4 windows x86

c29bff2b7edd6bf2ca73e13686acf566

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord2721
ord4269
ord6371
ord4480
ord2546
ord2504
ord5727
ord3917
ord1089
ord5193
ord2388
ord3341
ord5296
ord5298
ord2717
ord4074
ord4692
ord5303
ord5285
ord5710
ord2977
ord3142
ord3254
ord4459
ord3131
ord3257
ord2980
ord3076
ord2971
ord3825
ord3826
ord3820
ord3074
ord4075
ord4616
ord4418
ord3733
ord561
ord825
ord815
ord4041
ord2137
ord2136
ord6221
ord5227
ord5243
ord2124
ord4595
ord6211
ord617
ord5297
ord5208
ord296
ord986
ord520
ord4154
ord6113
ord2613
ord1131
ord823
ord824
ord5431
ord1676
ord1666
ord2620
ord5976
ord2633
ord4117
ord6210
ord6192
ord4293
ord5944
ord3083
ord3866
ord3869
ord3868
ord6194
ord4281
ord4278
ord3132
ord3791
ord5715
ord6088
ord3519
ord4027
ord6091
ord4030
ord2541
ord2425
ord3348
ord3574
ord426
ord726
ord826
ord5261
ord4370
ord4847
ord4992
ord4704
ord2506
ord6048
ord4073
ord1767
ord4401
ord5237
ord2377
ord5157
ord6370
ord4347
ord5276
ord3793
ord4831
ord4435
ord2640
ord2047
ord6372
ord3744
ord5059
ord1720
ord5257
ord2438
ord2116
ord5273
ord4621
ord4419
ord2722
ord324
ord641
ord4229
ord1817
ord4233
ord4690
ord3053
ord3060
ord6332
ord2502
ord2534
ord5239
ord5736
ord1739
ord5573
ord3167
ord5649
ord4414
ord4947
ord4852
ord2391
ord4381
ord3449
ord3193
ord6076
ord6171
ord4617
ord4420
ord338
ord652
ord4817
ord6589
ord6791
ord6642
ord6583
ord6798
ord6848
ord6814
ord6846
ord6823
ord6850
ord6858
ord6838
ord6805
ord6830
ord6837
ord6849
ord6807
ord6806
ord6803
ord6836
ord6847
ord4583
ord4582
ord4893
ord4364
ord4886
ord5070
ord4334
ord4341
ord4714
ord4883
ord4525
ord4539
ord4537
ord4520
ord4523
ord4518
ord4957
ord4954
ord4103
ord6050
ord1768
ord5236
ord5277
ord3743
ord1718
ord6683
ord4426
ord6475
ord6510
ord5256
ord800
ord6796
ord537
ord3000
ord2127
ord4219
ord6799
ord538
ord1594
ord6691
ord6653
ord1834
ord4237
ord2715
ord2382
ord3054
ord5094
ord5097
ord4461
ord4298
ord3345
ord5006
ord975
ord5468
ord3398
ord2874
ord2873
ord4146
ord6051
ord4072
ord5233
ord5278
ord2641
ord1658
ord4430
ord4421
ord366
ord674
ord4451
ord942
ord861
ord5248
ord1569
ord6466
ord2719
ord3592
ord6445
ord1165

msvcrt

wcsstr
free
_exit
_XcptFilter
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_controlfp
wcscpy
wcscat
_ftol
localtime
__CxxFrameHandler
malloc

kernel32

GetLocalTime
GetStartupInfoW
GetModuleHandleW

user32

wsprintfW
PostMessageW
GetClientRect
EnableWindow
UpdateWindow
MessageBoxW

oleaut32

SysAllocString
VariantInit
SysFreeString

ws2_32

WSAStartup
gethostbyname
ntohl
recvfrom
closesocket
sendto
setsockopt
htonl
htons
inet_addr
socket
inet_ntoa
WSACleanup

Exports

Exports

?interfaceMap@CCustomControlSite@@1UAFX_INTERFACEMAP@@B

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
dm7.2107/7.2107/ĮۺϹ.exe
.exe windows:4 windows x86

f2c42794e5f6fcd5b9c09073b0c7bdfc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
CopyFileW
GetLastError
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetProfileIntW
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
LocalFree
FormatMessageA
SetLastError
IsBadReadPtr
GlobalFree
CreateFileA
InterlockedExchange
GetStartupInfoW
LoadLibraryExW
GetModuleHandleA
WriteFile
IsBadWritePtr
VirtualQuery
FormatMessageW
CreateFileW
SetFilePointer
CloseHandle
SetUnhandledExceptionFilter
GetModuleFileNameW
lstrcatW
lstrlenW
WinExec
lstrcpyW
FindResourceW
SizeofResource
LoadResource
LockResource
GetTickCount
GetModuleHandleW
GetProcAddress
lstrcpynW
lstrcmpW
GlobalAlloc
GlobalLock
GlobalUnlock
MultiByteToWideChar
WideCharToMultiByte
MulDiv
GetVersionExW
GetModuleFileNameA

user32

ShowCursor
KillTimer
GetCursorPos
SetCursorPos
RedrawWindow
IsRectEmpty
SetCursor
IsWindow
ScreenToClient
GetAsyncKeyState
InvalidateRect
GetWindowRect
ClientToScreen
PtInRect
IsIconic
GetClientRect
DrawIcon
GetDesktopWindow
GetWindowDC
ReleaseDC
SendMessageW
SetForegroundWindow
EnableWindow
SetRectEmpty
LoadCursorW
GetSystemMetrics
GetDC
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
PostMessageW
GetParent
SetWindowPos
LoadStringW
GetDlgCtrlID
CreateWindowExW
RegisterClassExW
DefWindowProcW
IsWindowVisible
SetTimer
EndPaint
BeginPaint
DrawTextW
GetSysColor
MessageBeep
SetCapture
ReleaseCapture
SetWindowLongW
InflateRect
HideCaret
wvsprintfW
DrawFocusRect
DrawFrameControl
GetFocus
FillRect
OffsetRect
IsChild
GetSubMenu
LoadMenuW
GetClassNameW
GetWindow
WindowFromPoint
EqualRect
GetForegroundWindow
LoadImageW
ShowWindow
GetWindowLongW
RegisterHotKey
UnregisterHotKey
GetNextDlgGroupItem
DispatchMessageW
GetMessageW
GetDCEx
UpdateWindow
GetCapture
GetWindowTextW
GetIconInfo
GetKeyState
MessageBoxW
SetScrollRange
SetScrollPos
PostQuitMessage
LoadIconW
GetScrollPos
SetRect

gdi32

GetObjectW
DeleteDC
SelectObject
CreateCompatibleBitmap
GetDIBits
SetDIBits
LineDDA
SetPixelV
CreatePen
Rectangle
EnumFontFamiliesExW
CreateFontIndirectW
GetStockObject
CreateCompatibleDC
SetTextColor
SetBkMode
DeleteObject
CreateSolidBrush
GetBkColor
SetROP2
CreatePatternBrush
CreateBitmap
PatBlt
UnrealizeObject
RealizePalette
SelectPalette
BitBlt
GetPixel
GetTextExtentPoint32W
GetDeviceCaps

advapi32

RegQueryValueW
RegCloseKey
RegOpenKeyExW

shell32

DragFinish
ShellExecuteW
SHBrowseForFolderW
SHGetPathFromIDListW
DragQueryFileW

mfc42u

ord3389
ord4400
ord2579
ord3634
ord4395
ord2573
ord4214
ord2016
ord2405
ord6362
ord1764
ord2717
ord5296
ord1131
ord1202
ord804
ord692
ord790
ord815
ord561
ord3733
ord4616
ord5710
ord5285
ord5303
ord4692
ord4074
ord5298
ord3341
ord2388
ord5193
ord1089
ord3917
ord5727
ord2504
ord2546
ord4480
ord6371
ord4269
ord472
ord2372
ord4282
ord3084
ord609
ord3569
ord4390
ord2567
ord2745
ord2235
ord4474
ord927
ord1197
ord3724
ord3711
ord6777
ord4215
ord2576
ord3649
ord2430
ord6266
ord2858
ord1637
ord925
ord6770
ord2755
ord6868
ord3785
ord5706
ord5436
ord6379
ord5446
ord6390
ord1263
ord1562
ord1193
ord6115
ord4312
ord6190
ord1563
ord1194
ord1808
ord5857
ord4124
ord6874
ord6139
ord6107
ord3871
ord795
ord3716
ord5261
ord4992
ord2506
ord6048
ord4073
ord1767
ord4401
ord5237
ord2377
ord5157
ord6370
ord4347
ord3793
ord4831
ord4435
ord2640
ord2047
ord6372
ord3744
ord5059
ord1720
ord5257
ord2438
ord2116
ord5273
ord2977
ord3142
ord3254
ord4459
ord3131
ord3257
ord2980
ord3076
ord2971
ord3825
ord3826
ord3820
ord3074
ord4075
ord4621
ord4419
ord3592
ord641
ord1143
ord1165
ord324
ord825
ord2855
ord2406
ord2294
ord4229
ord535
ord800
ord940
ord537
ord860
ord540
ord4294
ord4279
ord6193
ord6376
ord4704
ord2371
ord755
ord470
ord4370
ord613
ord2637
ord289
ord6597
ord4470
ord640
ord2397
ord5781
ord1633
ord323
ord5276
ord6051
ord1768
ord4418
ord3605
ord567
ord656
ord4270
ord6195
ord5286
ord4847
ord861
ord2362
ord538
ord6237
ord3397
ord3706
ord783
ord807
ord6871
ord3087
ord6211
ord2078
ord4219
ord5977
ord3566
ord3621
ord3658
ord2746
ord1634
ord2634
ord4688
ord3747
ord5142
ord2810
ord6330
ord823
ord2854
ord3688
ord4128
ord4292
ord5784
ord942
ord2281
ord2293
ord858
ord5568
ord2910
ord801
ord541
ord4273
ord6654
ord6279
ord6278
ord2756
ord6865
ord4197
ord2350
ord2290
ord3870
ord6451
ord3447
ord2507
ord355
ord3798
ord668
ord1972
ord3173
ord3176
ord4053
ord2773
ord2762
ord356
ord2859
ord554
ord5880
ord2004
ord5651
ord4158
ord6617
ord956
ord3559
ord2916
ord3284
ord2286
ord2354
ord1172
ord941
ord5871
ord6168
ord5783
ord283
ord2403
ord2015
ord4213
ord2570
ord4392
ord3577
ord616
ord3614
ord5785
ord3494
ord1569

msvcrt

_strupr
swprintf
_controlfp
_onexit
__dllonexit
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
exit
_XcptFilter
_exit
memmove
_mbsstr
time
vsprintf
fopen
_itoa
strrchr
_wtoi
floor
atof
fprintf
strncpy
atol
fseek
ftell
fread
wcscat
strncmp
sscanf
_wsplitpath
_except_handler3
_wcsdup
wcsrchr
wcsstr
fwrite
_wfopen
wcscpy
wcslen
fclose
srand
rand
sprintf
wcscmp
_ftol
swscanf
malloc
free
strstr
__CxxFrameHandler

msvcp60

?_Xran@std@@YAXXZ
?_Xlen@std@@YAXXZ

Sections

G@fttN7c
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

n8AX*9@?
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

YctJE<X*
Size: 4KB - Virtual size: 122.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_KgDmvNj
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

=k1aUEVS
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
dm7.2107/7.2107/ĮۺϹ_·.exe
.exe windows:4 windows x86

ac3a7f0947de9d626d72dafbe0fe45c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
VirtualQueryEx
ReadProcessMemory
GetThreadContext
CreateProcessA
TerminateProcess
CloseHandle
ResumeThread
SetThreadContext
WriteProcessMemory
VirtualProtectEx
VirtualFree
GetModuleHandleA
ReadFile
GetFileSize
SetFilePointer
CreateFileA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
HeapFree
GetCurrentProcess
GetLastError
GetFileAttributesA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
RtlUnwind
WriteFile
HeapReAlloc
GetExitCodeProcess
WaitForSingleObject
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
CompareStringA
CompareStringW
SetEnvironmentVariableA
FlushFileBuffers
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
dm7.2107/7.2107/ڷϵͳβ鿴Įӿĵ.txt
dm7.2107/7.2107/ȡ.exe
.exe windows:4 windows x86

56d2210ed2fc585a2d595e35d7c5eaf6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord3131
ord3257
ord2980
ord3076
ord2971
ord3825
ord3826
ord3820
ord3074
ord4075
ord4616
ord4418
ord3733
ord561
ord815
ord641
ord2506
ord2613
ord1131
ord5261
ord4370
ord4847
ord4992
ord6048
ord4073
ord1767
ord4401
ord5237
ord2377
ord5157
ord4459
ord4347
ord5276
ord3793
ord4831
ord4435
ord2640
ord2047
ord6372
ord3744
ord5059
ord1720
ord5257
ord2438
ord2116
ord5273
ord4621
ord4419
ord3592
ord1143
ord1165
ord324
ord4229
ord3087
ord6195
ord2810
ord4704
ord2371
ord755
ord470
ord3254
ord3142
ord1569
ord2977
ord5710
ord5285
ord5303
ord4692
ord4074
ord2717
ord5298
ord5296
ord3341
ord2388
ord5193
ord1089
ord3917
ord5727
ord2504
ord2546
ord4480
ord6371
ord4269
ord4667
ord4199
ord4273
ord942
ord823
ord861
ord825
ord535
ord538
ord800
ord540
ord6370

msvcrt

_onexit
__CxxFrameHandler
_wcsicmp
wcscpy
wcscat
fclose
fread
fseek
_wfopen
memmove
_exit
_XcptFilter
exit
_wcmdln
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__wgetmainargs
_initterm
__setusermatherr
sprintf
free
strchr
fopen
ftell
wcslen
_controlfp
__dllonexit
malloc

kernel32

GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
GetCurrentThread
InitializeCriticalSection
GetModuleHandleA
GetModuleHandleW
LoadLibraryW
GetProcAddress
FreeLibrary
GlobalAlloc
WideCharToMultiByte
GetStartupInfoW
MultiByteToWideChar
CloseHandle
GetVersion
GetFileAttributesW
GetCurrentProcess
GlobalLock
VirtualQuery
InterlockedCompareExchange
GetCurrentThreadId
ResumeThread
FlushInstructionCache
GetThreadContext
SetThreadContext
GetLastError
SuspendThread
VirtualAlloc
SetLastError
GetSystemDirectoryA
VirtualFree
WriteFile
CreateFileA
GlobalUnlock

user32

LoadIconW
MessageBoxW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
SendMessageW
EnableWindow
DrawIcon
IsIconic
GetSystemMetrics
GetClientRect

advapi32

GetTokenInformation
RegOpenKeyA
RegQueryValueExA
RegCloseKey
OpenProcessToken

ole32

CoCreateInstance
CoUninitialize
CoInitialize
CLSIDFromProgID

oleaut32

VariantClear

msvcp60

?_Xlen@std@@YAXXZ
?_Xran@std@@YAXXZ

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
dm7.2107/7.2107/޸ļ¼.txt
dm7.2107/ں.url
dm7.2107/5.9ƽ.url
.url
dm7.2107/ǧѧϰȺ.url
.url
dm7.2107/ȫ׽̳.url
.url

Sharing

General

Malware Config

Signatures

Files

f076a1e4fbab4d2c4bccbdc4ea8a1b72

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

advapi32

ole32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 722B

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 2.4MB

UPX1 Size: 2.8MB - Virtual size: 2.8MB

.rsrc Size: 50KB - Virtual size: 52KB

625034b53fad30f514fe83fbae8da710

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

Sections

.text Size: 4KB - Virtual size: 1024B

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 284B

84869660815e0a5935787df2212cfa75

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 20KB - Virtual size: 18KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 15KB

bd9adee5135d77822915f71c4ed9aeb3

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 20KB - Virtual size: 18KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 15KB

6cd9616ea5a83b196d28c5f7de43ae42

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

winmm

ws2_32

wininet

Sections

.text Size: 952KB - Virtual size: 948KB

.rdata Size: 220KB - Virtual size: 216KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 722B

UPX0
Size: - Virtual size: 2.4MB

UPX1
Size: 2.8MB - Virtual size: 2.8MB

.rsrc
Size: 50KB - Virtual size: 52KB

.text
Size: 4KB - Virtual size: 1024B

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 284B

.text
Size: 20KB - Virtual size: 18KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 15KB

.text
Size: 20KB - Virtual size: 18KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 15KB

.text
Size: 952KB - Virtual size: 948KB

.rdata
Size: 220KB - Virtual size: 216KB

.data
Size: 16KB - Virtual size: 34KB

.rsrc
Size: 20KB - Virtual size: 18KB

.text
Size: 12KB - Virtual size: 8KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 8KB - Virtual size: 4KB

G@fttN7c
Size: 260KB - Virtual size: 257KB

n8AX*9@?
Size: 52KB - Virtual size: 49KB

YctJE<X*
Size: 4KB - Virtual size: 122.6MB

_KgDmvNj
Size: 1.3MB - Virtual size: 1.3MB

=k1aUEVS
Size: 100KB - Virtual size: 99KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 15KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 2KB