?n_CustomData_size@@3HA
xd_task_start
xd_task_stop
xd_uninit
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
Sample1.exe
Resource
win7-20230831-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
Sample1.exe
Resource
win10v2004-20230915-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral3
Sample
Sample2.exe
Resource
win7-20230831-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral4
Sample
Sample2.exe
Resource
win10v2004-20230915-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral5
Sample
Sample3.exe
Resource
win7-20230831-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral6
Sample
Sample3.exe
Resource
win10v2004-20230915-en
windows10-2004-x64
5 signatures
150 seconds
Behavioral task
behavioral7
Sample
Sample4.exe
Resource
win7-20230831-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral8
Sample
Sample4.exe
Resource
win10v2004-20230915-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
tokomi.7z
-
Size
11.2MB
-
MD5
33d6758dfc4b796afae9beee4a8da398
-
SHA1
cdac76e130924f26bbc7931913fa6ce8dd24ae39
-
SHA256
e434227f2b37460b3b178225bea2bd57e805a66553a6235235bf57655ae2b0e5
-
SHA512
4507e9ba190ff79e5fc25d4792c70216ab6b2239b844d6adbadeebd544d0caf0bca787e4ab9b20ad741229708c71c7ed052dac2bf6a7733e8387276211efa695
-
SSDEEP
196608:VRE3cAOe79P7gAzCnWvb39pvvMXchP8P52jBD/EiKTL7r8rpv2dLfNATPMbtVk5k:ScAtP7HmnWBJvMXQ8QjRXw7w4LfiMBao
Score
3/10
Malware Config
Signatures
-
Unsigned PE 3 IoCs
Checks for missing Authenticode signature.
resource unpack001/Sample1.exe unpack001/Sample2.exe unpack001/Sample4.exe
Files
-
tokomi.7z.7z
Password: infected
-
Sample1.exe.exe windows:6 windows x86
7ae85b946eb748ffa5d016bf59e64bb7
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
AcquireSRWLockExclusive
AreFileApisANSI
CloseHandle
CompareStringW
CopyFileW
CreateDirectoryW
CreateEventW
CreateFileA
CreateFileW
CreateHardLinkW
CreateSymbolicLinkW
CreateThread
DecodePointer
DeleteCriticalSection
DeleteFileW
DeviceIoControl
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExitThread
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindFirstFileW
FindNextFileW
FindResourceExW
FindResourceW
FlushFileBuffers
FormatMessageA
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileInformationByHandleEx
GetFileSize
GetFileSizeEx
GetFileTime
GetFileType
GetFullPathNameW
GetLastError
GetLocaleInfoEx
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetPrivateProfileIntW
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetProfileIntW
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDefaultUILanguage
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameW
GetTempPathW
GetThreadLocale
GetTickCount64
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultUILanguage
GetVersionExW
GetVolumeInformationW
GetWindowsDirectoryW
GlobalAddAtomW
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomW
GlobalFlags
GlobalFree
GlobalGetAtomNameW
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalSize
GlobalUnlock
HeapAlloc
HeapDestroy
HeapFree
HeapQueryInformation
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringEx
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LocalReAlloc
LockFile
LockResource
MoveFileExA
MulDiv
MultiByteToWideChar
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
ResetEvent
ResumeThread
RtlUnwind
SearchPathW
SetEndOfFile
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFileInformationByHandle
SetFilePointer
SetFilePointerEx
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SleepEx
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnlockFile
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleW
WriteFile
WritePrivateProfileStringW
lstrcmpA
lstrcmpW
lstrcmpiW
lstrcpyW
user32
AdjustWindowRectEx
AppendMenuW
BeginDeferWindowPos
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcW
CharUpperBuffW
CharUpperW
CheckDlgButton
CheckMenuItem
ClientToScreen
CloseClipboard
CopyAcceleratorTableW
CopyIcon
CopyImage
CopyRect
CreateAcceleratorTableW
CreateDialogIndirectParamW
CreateMenu
CreatePopupMenu
CreateWindowExW
DefFrameProcW
DefMDIChildProcW
DefWindowProcW
DeferWindowPos
DeleteMenu
DestroyAcceleratorTable
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageW
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIcon
DrawIconEx
DrawMenuBar
DrawStateW
DrawTextExW
DrawTextW
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
EndDeferWindowPos
EndDialog
EndPaint
EnumDisplayMonitors
EqualRect
FillRect
FrameRect
GetActiveWindow
GetAsyncKeyState
GetCapture
GetClassInfoExW
GetClassInfoW
GetClassLongW
GetClassNameW
GetClientRect
GetComboBoxInfo
GetCursorPos
GetDC
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyNameTextW
GetKeyState
GetKeyboardLayout
GetKeyboardState
GetLastActivePopup
GetMenu
GetMenuCheckMarkDimensions
GetMenuDefaultItem
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMenuState
GetMenuStringW
GetMessagePos
GetMessageTime
GetMessageW
GetMonitorInfoW
GetNextDlgGroupItem
GetNextDlgTabItem
GetParent
GetPropW
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetTopWindow
GetUpdateRect
GetWindow
GetWindowDC
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowRgn
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
GrayStringW
HideCaret
InflateRect
InsertMenuItemW
InsertMenuW
IntersectRect
InvalidateRect
InvertRect
IsCharLowerW
IsChild
IsClipboardFormatAvailable
IsDialogMessageW
IsIconic
IsMenu
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsW
LoadBitmapW
LoadCursorW
LoadIconW
LoadImageW
LoadMenuW
LockWindowUpdate
MapDialogRect
MapVirtualKeyExW
MapVirtualKeyW
MapWindowPoints
MessageBeep
MessageBoxW
ModifyMenuW
MonitorFromPoint
MonitorFromWindow
MoveWindow
NotifyWinEvent
OffsetRect
OpenClipboard
PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RealChildWindowFromPoint
RedrawWindow
RegisterClassW
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropW
ReuseDDElParam
ScreenToClient
ScrollWindow
SendDlgItemMessageA
SendMessageW
SetActiveWindow
SetCapture
SetClassLongW
SetClipboardData
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetLayeredWindowAttributes
SetMenu
SetMenuDefaultItem
SetMenuItemBitmaps
SetMenuItemInfoW
SetParent
SetPropW
SetRect
SetRectEmpty
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
ShowOwnedPopups
ShowScrollBar
ShowWindow
SubtractRect
SystemParametersInfoW
TabbedTextOutW
ToUnicodeEx
TrackMouseEvent
TrackPopupMenu
TranslateAcceleratorW
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnpackDDElParam
UnregisterClassW
UpdateLayeredWindow
UpdateWindow
ValidateRect
WaitMessage
WinHelpW
WindowFromPoint
gdi32
BitBlt
CombineRgn
CopyMetaFileW
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreateDIBitmap
CreateEllipticRgn
CreateFontIndirectW
CreateHatchBrush
CreatePalette
CreatePatternBrush
CreatePen
CreatePolygonRgn
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
DPtoLP
DeleteDC
DeleteObject
Ellipse
EnumFontFamiliesExW
EnumFontFamiliesW
Escape
ExcludeClipRect
ExtFloodFill
ExtSelectClipRgn
ExtTextOutW
FillRgn
FrameRgn
GetBkColor
GetBoundsRect
GetClipBox
GetDeviceCaps
GetLayout
GetNearestPaletteIndex
GetObjectType
GetObjectW
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextCharsetInfo
GetTextColor
GetTextExtentPoint32W
GetTextFaceW
GetTextMetricsW
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
IntersectClipRect
LPtoDP
LineTo
MoveToEx
OffsetRgn
OffsetViewportOrgEx
OffsetWindowOrgEx
PatBlt
Polygon
Polyline
PtInRegion
PtVisible
RealizePalette
RectVisible
Rectangle
RestoreDC
RoundRect
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
SelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetDIBColorTable
SetLayout
SetMapMode
SetPaletteEntries
SetPixel
SetPixelV
SetPolyFillMode
SetROP2
SetRectRgn
SetTextAlign
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
StretchBlt
TextOutW
uxtheme
CloseThemeData
DrawThemeBackground
DrawThemeParentBackground
DrawThemeText
GetCurrentThemeName
GetThemeColor
GetThemePartSize
GetThemeSysColor
GetWindowTheme
IsAppThemed
IsThemeBackgroundPartiallyTransparent
OpenThemeData
advapi32
CryptAcquireContextA
CryptCreateHash
CryptDestroyHash
CryptDestroyKey
CryptEncrypt
CryptGetHashParam
CryptHashData
CryptImportKey
CryptReleaseContext
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
RegQueryValueW
RegSetValueExW
ole32
CoCreateGuid
CoCreateInstance
CoDisconnectObject
CoInitialize
CoInitializeEx
CoLockObjectExternal
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CreateStreamOnHGlobal
DoDragDrop
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleDuplicateData
OleGetClipboard
OleLockRunning
OleTranslateAccelerator
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop
oleaut32
LoadTypeLi
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
SystemTimeToVariantTime
VarBstrFromDate
VariantChangeType
VariantClear
VariantCopy
VariantInit
VariantTimeToSystemTime
shlwapi
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathRemoveFileSpecW
PathStripToRootW
StrFormatKBSizeW
winspool.drv
ClosePrinter
DocumentPropertiesW
OpenPrinterW
gdiplus
GdipAlloc
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCloneImage
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipCreateFromHDC
GdipDeleteGraphics
GdipDisposeImage
GdipDrawImageI
GdipDrawImageRectI
GdipFree
GdipGetImageGraphicsContext
GdipGetImageHeight
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageWidth
GdipSetInterpolationMode
GdiplusShutdown
GdiplusStartup
oleacc
AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject
ws2_32
WSACleanup
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAGetLastError
WSAIoctl
WSAResetEvent
WSASetLastError
WSAStartup
WSAWaitForMultipleEvents
__WSAFDIsSet
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostname
getpeername
getsockname
getsockopt
htonl
htons
ioctlsocket
listen
ntohs
recv
recvfrom
select
send
sendto
setsockopt
socket
msimg32
AlphaBlend
TransparentBlt
shell32
DragFinish
DragQueryFileW
SHAppBarMessage
SHBrowseForFolderW
SHGetDesktopFolder
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteW
winmm
PlaySoundW
crypt32
CertAddCertificateContextToStore
CertCloseStore
CertCreateCertificateChainEngine
CertEnumCertificatesInStore
CertFindCertificateInStore
CertFindExtension
CertFreeCertificateChain
CertFreeCertificateChainEngine
CertFreeCertificateContext
CertGetCertificateChain
CertGetNameStringA
CertOpenStore
CryptDecodeObjectEx
CryptQueryObject
CryptStringToBinaryA
PFXImportCertStore
wldap32
ord301
ord45
ord22
ord32
ord26
ord30
ord35
ord143
ord200
ord41
ord33
ord27
ord50
ord211
ord60
ord217
ord46
ord79
normaliz
IdnToAscii
imm32
ImmGetContext
ImmGetOpenStatus
ImmReleaseContext
bcrypt
BCryptGenRandom
Exports
Exports
Sections
.text Size: 1.9MB - Virtual size: 1.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 452KB - Virtual size: 451KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 57KB - Virtual size: 78KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.00cfg Size: 512B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data1 Size: 512B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.trace Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 353KB - Virtual size: 353KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 155KB - Virtual size: 155KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Sample2.exe.exe windows:4 windows x86
d362ebf3bc606eec4ddada3e63ecf5e8
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
HeapAlloc
HeapFree
GetACP
TerminateProcess
HeapReAlloc
HeapSize
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetEnvironmentVariableA
RaiseException
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
RtlUnwind
GetProfileStringA
SetErrorMode
GetFileTime
GetFileSize
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
SizeofResource
GlobalFlags
MulDiv
SetLastError
GetThreadLocale
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetModuleFileNameA
GlobalAlloc
lstrcmpA
GetCurrentThread
FileTimeToLocalFileTime
FileTimeToSystemTime
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
FreeLibrary
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
LoadResource
GetCurrentProcessId
GetModuleHandleA
OpenProcess
GetLastError
ExitProcess
ReleaseMutex
CreateDirectoryA
lstrlenA
lstrcpyA
FindFirstFileA
lstrcmpiA
FindClose
GetStdHandle
WaitForSingleObject
GetFileAttributesA
GetTickCount
Sleep
LoadLibraryA
GetProcAddress
LockResource
GetVersionExA
CloseHandle
user32
InvalidateRect
RegisterClipboardFormatA
PostThreadMessageA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
SetWindowTextA
IsDialogMessageA
PostMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
IsWindowVisible
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
MessageBeep
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
GetWindowTextLengthA
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
SendMessageA
EnableWindow
GetClientRect
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
GetWindowLongA
GetDlgItem
IsWindowEnabled
KillTimer
SetTimer
IsIconic
GetSystemMetrics
DrawIcon
GetSystemMenu
AppendMenuA
wsprintfA
GetDlgCtrlID
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
GetMenu
GetWindow
ShowWindow
FindWindowExA
MoveWindow
LoadIconA
GetWindowRect
PtInRect
LoadMenuA
GetSubMenu
GetParent
DefDlgProcA
IsWindowUnicode
GetFocus
InflateRect
GetSysColorBrush
LoadCursorA
GetDesktopWindow
GetClassNameA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
CharUpperA
MapDialogRect
SetWindowContextHelpId
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
SetCursor
PostQuitMessage
DestroyMenu
LoadStringA
GetDC
ReleaseDC
ModifyMenuA
SetForegroundWindow
GetMenuCheckMarkDimensions
LoadBitmapA
GetWindowTextA
GetMenuState
gdi32
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
SetViewportExtEx
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetMapMode
DPtoLP
GetTextColor
GetBkColor
LPtoDP
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
PatBlt
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC
comdlg32
GetFileTitleA
winspool.drv
ClosePrinter
DocumentPropertiesA
OpenPrinterA
advapi32
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
comctl32
ord17
ImageList_Destroy
oledlg
ord8
ole32
CoTaskMemAlloc
CoTaskMemFree
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
olepro32
ord253
oleaut32
SysAllocStringLen
SysFreeString
VariantClear
VariantCopy
SysAllocString
SysAllocStringByteLen
VariantChangeType
VariantTimeToSystemTime
SysStringLen
ws2_32
send
connect
htons
WSAStartup
socket
closesocket
WSACleanup
inet_addr
recv
psapi
GetProcessImageFileNameA
Sections
.text Size: 200KB - Virtual size: 197KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.SMC Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 56KB - Virtual size: 53KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 24KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
Sample3.exe.exe windows:5 windows x64
6bf781da6df663278b0bac9d575eb5ce
Code Sign
d2:91:c4:93:42:ce:2d:4b:83:f2:55:44:cd:1b:8c:49Certificate
IssuerCN=COMODO RSA Extended Validation Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBNot Before12/10/2020, 00:00Not After12/10/2023, 23:59SubjectSERIALNUMBER=1988665,CN=Antibody Software Limited,O=Antibody Software Limited,POSTALCODE=3118,STREET=144 Doncaster Drive\, Papamoa Beach,L=Tauranga,ST=Bay of Plenty,C=NZ,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024e5aExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
6d:d4:72:eb:02:ae:04:06:e3:dd:84:3f:5f:e1:45:e1Certificate
IssuerCN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBNot Before03/12/2014, 00:00Not After02/12/2029, 23:59SubjectCN=COMODO RSA Extended Validation Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate
IssuerCN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=USNot Before02/05/2019, 00:00Not After18/01/2038, 23:59SubjectCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate
IssuerCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBNot Before03/05/2023, 00:00Not After02/08/2034, 23:59SubjectCN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
ba:8d:b8:82:2d:b9:03:04:46:d1:f1:65:02:04:eb:39:50:11:61:8aSigner
Actual PE Digestba:8d:b8:82:2d:b9:03:04:46:d1:f1:65:02:04:eb:39:50:11:61:8aDigest Algorithmsha1PE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
mpr
WNetGetConnectionW
winmm
timeGetTime
oleacc
LresultFromObject
winspool.drv
DocumentPropertiesW
ClosePrinter
OpenPrinterW
GetDefaultPrinterW
EnumPrintersW
comdlg32
FindTextW
GetSaveFileNameW
GetOpenFileNameW
comctl32
ImageList_GetImageInfo
FlatSB_SetScrollInfo
InitCommonControls
ImageList_DragMove
ImageList_Destroy
_TrackMouseEvent
ImageList_DragShowNolock
ImageList_Add
FlatSB_SetScrollProp
ImageList_GetDragImage
ImageList_Create
ImageList_EndDrag
ImageList_DrawEx
ImageList_SetImageCount
FlatSB_GetScrollPos
FlatSB_SetScrollPos
InitializeFlatSB
ImageList_Copy
FlatSB_GetScrollInfo
ImageList_Write
ImageList_DrawIndirect
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_BeginDrag
ImageList_GetIcon
ImageList_Replace
ImageList_SetDragCursorImage
ImageList_GetImageCount
ImageList_DragEnter
ImageList_GetIconSize
ImageList_SetIconSize
ImageList_Read
ImageList_DragLeave
ImageList_LoadImageW
ImageList_Draw
ImageList_Remove
ImageList_ReplaceIcon
ImageList_SetOverlayImage
shell32
SHBrowseForFolderW
DragQueryFileW
SHGetSpecialFolderLocation
Shell_NotifyIconW
SHGetSpecialFolderPathW
SHGetDataFromIDListW
SHGetDataFromIDListA
SHGetPathFromIDListW
ShellExecuteExA
ShellExecuteExW
DragFinish
ord18
SHGetMalloc
SHGetFileInfoA
SHGetFileInfoW
SHGetDesktopFolder
SHFileOperationA
SHFileOperationW
ShellExecuteW
user32
CopyImage
MoveWindow
SetMenuItemInfoW
GetMenuItemInfoW
DefFrameProcW
CharToOemBuffW
GetDlgCtrlID
FrameRect
RegisterWindowMessageW
GetMenuStringW
FillRect
ClipCursor
SendMessageA
IsClipboardFormatAvailable
EnumWindows
ShowOwnedPopups
GetClassInfoExW
GetClassInfoW
GetScrollRange
SetActiveWindow
GetActiveWindow
DrawEdge
GetKeyboardLayoutList
LoadBitmapW
EnumChildWindows
GetScrollBarInfo
UnhookWindowsHookEx
SetCapture
GetCapture
CreatePopupMenu
LoadMenuW
ShowCaret
GetMenuItemID
DestroyCaret
CharLowerBuffW
PostMessageW
IsZoomed
SetParent
DrawMenuBar
InvalidateRgn
GetClientRect
IsChild
IsIconic
CallNextHookEx
ShowWindow
SetForegroundWindow
GetWindowTextW
IsDialogMessageW
DestroyWindow
RegisterClassW
EndMenu
CharNextW
GetFocus
GetDC
SetFocus
ReleaseDC
SetScrollRange
DrawTextW
PeekMessageA
MessageBeep
LockWindowUpdate
RemovePropW
AttachThreadInput
GetSubMenu
DestroyIcon
IsWindowVisible
PtInRect
DispatchMessageA
UnregisterClassW
GetTopWindow
SendMessageW
GetMessageTime
NotifyWinEvent
GetComboBoxInfo
GetWindowLongPtrW
SetWindowLongPtrW
CreateMenu
LoadStringW
CharLowerW
SetWindowRgn
SetWindowPos
GetMenuItemCount
GetSysColorBrush
GetWindowDC
DrawTextExW
CharLowerBuffA
EnumClipboardFormats
ScrollDC
GetScrollInfo
SetWindowTextW
GetMessageExtraInfo
GetSysColor
EnableScrollBar
TrackPopupMenu
DrawIconEx
GetClassNameW
GetMessagePos
GetIconInfo
SetScrollInfo
GetKeyNameTextW
GetDesktopWindow
SetCursorPos
GetCursorPos
SetMenu
GetMenuState
GetMenu
SetRect
GetKeyState
IsRectEmpty
ValidateRect
IsCharAlphaW
GetCursor
KillTimer
BeginDeferWindowPos
WaitMessage
TranslateMDISysAccel
GetWindowPlacement
GetClipboardFormatNameW
CreateIconIndirect
GetMenuItemRect
CreateWindowExW
GetDCEx
InsertMenuItemA
PeekMessageW
MonitorFromWindow
RegisterDeviceNotificationW
GetUpdateRect
MessageBoxA
SetTimer
AllowSetForegroundWindow
WindowFromPoint
BeginPaint
RegisterClipboardFormatW
MapVirtualKeyW
OffsetRect
IsWindowUnicode
DispatchMessageW
TrackPopupMenuEx
CreateAcceleratorTableW
DefMDIChildProcW
GetSystemMenu
SetScrollPos
GetScrollPos
InflateRect
DrawFocusRect
ReleaseCapture
LoadCursorW
ScrollWindow
GetLastActivePopup
GetCursorInfo
GetSystemMetrics
CharUpperBuffW
SetClassLongPtrW
GetClassLongPtrW
ClientToScreen
SetClipboardData
GetClipboardData
SetWindowPlacement
GetMonitorInfoW
CheckMenuItem
CharUpperW
DefWindowProcW
GetForegroundWindow
ToAscii
EnableWindow
GetWindowThreadProcessId
RedrawWindow
EndPaint
MsgWaitForMultipleObjectsEx
LoadKeyboardLayoutW
GetMenuItemInfoA
ActivateKeyboardLayout
GetParent
CreateCaret
MonitorFromRect
InsertMenuItemW
GetPropW
MessageBoxW
SetPropW
UpdateWindow
MsgWaitForMultipleObjects
DestroyMenu
SetWindowsHookExW
EmptyClipboard
GetDlgItem
AdjustWindowRectEx
IsWindow
DrawIcon
EnumThreadWindows
InvalidateRect
SetKeyboardState
GetKeyboardState
ScreenToClient
DrawFrameControl
IsCharAlphaNumericW
BringWindowToTop
SetCursor
CreateIcon
RemoveMenu
SubtractRect
GetKeyboardLayoutNameW
OpenClipboard
TranslateMessage
MapWindowPoints
EnumDisplayMonitors
CallWindowProcW
CountClipboardFormats
CloseClipboard
DestroyCursor
CharUpperBuffA
CopyIcon
PostQuitMessage
ShowScrollBar
EnableMenuItem
DeferWindowPos
HideCaret
EndDeferWindowPos
FindWindowExW
MonitorFromPoint
LoadIconW
SystemParametersInfoW
GetWindow
GetWindowRect
InsertMenuW
IsWindowEnabled
IsDialogMessageA
GetMenuDefaultItem
FindWindowW
DeleteMenu
GetKeyboardLayout
version
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
oleaut32
SafeArrayPutElement
GetErrorInfo
VariantInit
VariantClear
SysFreeString
SafeArrayAccessData
SysReAllocStringLen
SafeArrayCreate
SafeArrayGetElement
GetActiveObject
SysAllocStringLen
SafeArrayUnaccessData
SafeArrayPtrOfIndex
VariantCopy
SafeArrayGetUBound
SafeArrayGetLBound
VariantCopyInd
VariantChangeType
msvcrt
memcpy
memset
advapi32
RegSetValueExA
RegSetValueExW
RegConnectRegistryW
RegEnumKeyExW
RegEnumKeyW
RegLoadKeyW
RegCreateKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegOpenKeyExA
RegUnLoadKeyW
RegSaveKeyW
RegDeleteValueW
RegOpenKeyW
RegReplaceKeyW
RegFlushKey
RegEnumValueW
RegQueryValueExW
RegQueryValueExA
RegCloseKey
RegCreateKeyExW
RegRestoreKeyW
netapi32
NetWkstaGetInfo
NetApiBufferFree
winhttp
WinHttpGetIEProxyConfigForCurrentUser
WinHttpSetTimeouts
WinHttpSetStatusCallback
WinHttpConnect
WinHttpReceiveResponse
WinHttpQueryAuthSchemes
WinHttpGetProxyForUrl
WinHttpReadData
WinHttpCloseHandle
WinHttpQueryHeaders
WinHttpOpenRequest
WinHttpAddRequestHeaders
WinHttpOpen
WinHttpWriteData
WinHttpSetCredentials
WinHttpQueryDataAvailable
WinHttpSetOption
WinHttpSendRequest
WinHttpQueryOption
kernel32
GetFileType
RtlUnwindEx
QueryDosDeviceW
GetACP
GetStringTypeExW
CloseHandle
LocalFree
GetCurrentProcessId
SizeofResource
VirtualProtect
ReadProcessMemory
TerminateThread
QueryPerformanceFrequency
IsDebuggerPresent
FindNextFileW
GetFullPathNameW
VirtualFree
HeapAlloc
ExitProcess
GetCPInfoExW
GlobalSize
WriteProcessMemory
RtlUnwind
GetCPInfo
EnumSystemLocalesW
GetStdHandle
GetTimeZoneInformation
FileTimeToLocalFileTime
SystemTimeToTzSpecificLocalTime
GetModuleHandleW
FreeLibrary
TryEnterCriticalSection
HeapDestroy
FileTimeToDosDateTime
ReadFile
GetUserDefaultLCID
GetDiskFreeSpaceA
FindFirstFileA
GetLastError
GetModuleFileNameW
SetLastError
GlobalAlloc
GlobalUnlock
FindResourceW
lstrlenA
OpenMutexW
CreateThread
CompareStringW
CopyFileW
lstrcpyA
MapViewOfFile
CreateMutexW
LoadLibraryA
GetVolumeInformationW
ResetEvent
MulDiv
CreateFileA
FreeResource
GetDriveTypeW
GetVersion
RaiseException
GlobalAddAtomW
FormatMessageW
OpenProcess
SwitchToThread
GetExitCodeThread
ReadDirectoryChangesW
OutputDebugStringW
GetCurrentThread
GetFileAttributesExW
IsBadReadPtr
LockResource
LoadLibraryExW
FileTimeToSystemTime
GetCurrentThreadId
MoveFileExW
UnhandledExceptionFilter
GlobalFindAtomW
VirtualQuery
GlobalFree
VirtualQueryEx
Sleep
EnterCriticalSection
SetFilePointer
ReleaseMutex
GetStringTypeExA
LoadResource
SuspendThread
GetTickCount
WritePrivateProfileStringW
lstrcmpiA
FindNextFileA
GetFileSize
GlobalDeleteAtom
GetStartupInfoW
GetFileAttributesW
InitializeCriticalSection
VerLanguageNameW
GetThreadPriority
GetCurrentProcess
GlobalLock
SetThreadPriority
VirtualAlloc
GetTempPathW
GetCommandLineW
GetSystemInfo
LeaveCriticalSection
GetProcAddress
ResumeThread
SearchPathW
GetLogicalDriveStringsW
GetVersionExW
GetModuleHandleA
VerifyVersionInfoW
HeapCreate
GetWindowsDirectoryW
DeviceIoControl
LCMapStringW
SignalObjectAndWait
GetDiskFreeSpaceW
VerSetConditionMask
FindFirstFileW
GetUserDefaultUILanguage
GetConsoleOutputCP
UnmapViewOfFile
GetConsoleCP
lstrlenW
CompareStringA
SetEndOfFile
QueryPerformanceCounter
WaitForSingleObjectEx
HeapFree
WideCharToMultiByte
FindClose
MultiByteToWideChar
LoadLibraryW
SetEvent
GetLocaleInfoW
CreateFileW
EnumResourceNamesW
GetSystemDirectoryW
GetDriveTypeA
DeleteFileW
IsDBCSLeadByteEx
GetEnvironmentVariableW
GetLocalTime
WaitForSingleObject
WriteFile
CreateFileMappingW
ExitThread
DeleteCriticalSection
GetDateFormatW
TlsGetValue
SetErrorMode
GetComputerNameW
IsValidLocale
TlsSetValue
CreateDirectoryW
GetSystemDefaultUILanguage
EnumCalendarInfoW
LocalAlloc
RemoveDirectoryW
CreateEventW
GetPrivateProfileStringW
WaitForMultipleObjectsEx
GetThreadLocale
SetThreadLocale
shfolder
SHGetFolderPathW
ole32
CreateDataAdviseHolder
StgCreateDocfileOnILockBytes
OleRegEnumVerbs
CoCreateInstance
OleGetClipboard
OleSetClipboard
IsEqualGUID
OleFlushClipboard
CreateStreamOnHGlobal
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
CoGetClassObject
CoInitialize
OleDraw
CoTaskMemAlloc
DoDragDrop
StringFromCLSID
CoMarshalInterThreadInterfaceInStream
RevokeDragDrop
IsAccelerator
CoGetInterfaceAndReleaseStream
CoUninitialize
ReleaseStgMedium
RegisterDragDrop
OleInitialize
ProgIDFromCLSID
OleUninitialize
CoDisconnectObject
CoTaskMemFree
OleSetMenuDescriptor
gdi32
Pie
SetPaletteEntries
SetBkMode
GetRandomRgn
CreateCompatibleBitmap
GetEnhMetaFileHeader
CloseEnhMetaFile
RectVisible
AngleArc
ResizePalette
SetAbortProc
SetTextColor
GetTextColor
StretchBlt
RoundRect
SelectClipRgn
RestoreDC
SetRectRgn
GetTextMetricsW
GetWindowOrgEx
SetPixelV
CreatePalette
CreateDCW
CreateICW
PolyBezierTo
GetStockObject
CreateSolidBrush
GetBkMode
Polygon
MoveToEx
PlayEnhMetaFile
Ellipse
StartPage
GetBitmapBits
StartDocW
AbortDoc
GetSystemPaletteEntries
GetEnhMetaFileBits
CreatePenIndirect
GetEnhMetaFilePaletteEntries
SetMapMode
GetMapMode
CreateFontIndirectW
PolyBezier
LPtoDP
EndDoc
GetObjectW
GetCurrentObject
GetWinMetaFileBits
SetROP2
GetEnhMetaFileDescriptionW
ArcTo
CreateEnhMetaFileW
Arc
CreateRectRgnIndirect
SelectPalette
SetGraphicsMode
ExcludeClipRect
MaskBlt
SetWindowOrgEx
CreatePatternBrush
EndPage
DeleteEnhMetaFile
Chord
SetDIBits
SetViewportOrgEx
GetViewportOrgEx
CreateRectRgn
RealizePalette
SetDIBColorTable
GetDIBColorTable
CreateBrushIndirect
PatBlt
SetEnhMetaFileBits
Rectangle
SaveDC
DeleteDC
BitBlt
SetWorldTransform
FrameRgn
GetDeviceCaps
GetTextExtentPoint32W
GetClipBox
Polyline
IntersectClipRect
CreateBitmap
CombineRgn
SetWinMetaFileBits
CreateDIBitmap
GetStretchBltMode
CreateDIBSection
SetStretchBltMode
GetDIBits
ExtCreateRegion
LineTo
GetRgnBox
EnumFontsW
CreateHalftonePalette
SelectObject
DeleteObject
ExtFloodFill
UnrealizeObject
CopyEnhMetaFileW
OffsetRgn
GetMetaFileBitsEx
SetBkColor
GetBkColor
CreateCompatibleDC
GetBrushOrgEx
GetCurrentPositionEx
SetDCPenColor
GetNearestPaletteIndex
CreateRoundRectRgn
GetTextExtentPointW
ExtTextOutW
SetBrushOrgEx
GetPixel
GdiFlush
SetPixel
EnumFontFamiliesExW
StretchDIBits
GetPaletteEntries
Exports
Exports
TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
Sections
.text Size: 7.1MB - Virtual size: 7.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 602KB - Virtual size: 601KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: - Virtual size: 960KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.didata Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 512B - Virtual size: 156B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: - Virtual size: 664B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 109B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 325KB - Virtual size: 324KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.pdata Size: 368KB - Virtual size: 367KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1017KB - Virtual size: 1017KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
Sample4.exe.exe windows:5 windows x86
d18a8824e0dcb66eb7bcc9ec3163d557
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
QueryPerformanceCounter
LCMapStringW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetStringTypeW
CompareStringW
GetTimeZoneInformation
GetConsoleMode
EnumSystemLocalesA
IsValidLocale
SetEnvironmentVariableA
GetDriveTypeW
GetProcessHeap
CreateFileW
GetConsoleCP
GetLocaleInfoW
SetConsoleCtrlHandler
FatalAppExitA
IsValidCodePage
HeapDestroy
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
SetStdHandle
HeapSize
HeapQueryInformation
VirtualQuery
VirtualAlloc
RaiseException
WideCharToMultiByte
RtlUnwind
FindFirstFileExA
GetDriveTypeA
GetFileInformationByHandle
CreateThread
ExitThread
GetSystemTimeAsFileTime
HeapReAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
ExitProcess
DecodePointer
EncodePointer
HeapAlloc
HeapFree
SetHandleCount
LocalUnlock
FindResourceExW
GetDiskFreeSpaceA
ReplaceFileA
GetUserDefaultLCID
VirtualProtect
SearchPathA
GetProfileIntA
InitializeCriticalSectionAndSpinCount
GetTempPathA
GetTempFileNameA
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
SetFileAttributesA
GetFileAttributesExA
SetErrorMode
GetNumberFormatA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
MoveFileA
lstrcmpiA
GetStringTypeExA
GetOEMCP
GetCPInfo
FileTimeToSystemTime
GetThreadLocale
GetAtomNameA
GetACP
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedIncrement
InterlockedDecrement
GetEnvironmentStringsW
IsProcessorFeaturePresent
FreeEnvironmentStringsW
LocalLock
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GetPrivateProfileStringA
GetPrivateProfileIntA
CreateEventA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GetModuleHandleW
GetCurrentProcessId
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
CompareStringA
LoadLibraryW
ActivateActCtx
DeactivateActCtx
lstrcmpW
FindResourceA
FreeResource
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
LocalFree
lstrlenW
MultiByteToWideChar
MulDiv
ExpandEnvironmentStringsA
GetStdHandle
GetFileType
WaitForMultipleObjects
PeekNamedPipe
FormatMessageA
WaitForSingleObject
GetModuleHandleA
GetSystemDirectoryA
VerSetConditionMask
VerifyVersionInfoA
SleepEx
GetTickCount
SetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetProcAddress
WinExec
FreeLibrary
LoadLibraryA
GetWindowsDirectoryA
WritePrivateProfileStringA
GetModuleFileNameA
Process32Next
Process32First
CreateToolhelp32Snapshot
SetFileTime
WriteFile
CreateDirectoryA
GetFileAttributesA
LocalFileTimeToFileTime
lstrcatA
lstrlenA
lstrcpyA
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
SetFilePointer
DeleteFileA
FlushViewOfFile
FindClose
FindFirstFileA
GetSystemInfo
GlobalMemoryStatusEx
UnmapViewOfFile
MapViewOfFile
CloseHandle
CreateFileMappingA
GetLastError
CreateFileA
Sleep
FindResourceW
LoadResource
LockResource
SizeofResource
WriteConsoleW
user32
DefFrameProcA
PostThreadMessageA
IsMenu
MonitorFromPoint
UpdateLayeredWindow
UnionRect
MapVirtualKeyExA
IsCharLowerA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetKeyNameTextA
LockWindowUpdate
SetCursorPos
SetRect
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CopyAcceleratorTableA
DrawFrameControl
DrawEdge
DrawStateA
LoadMenuW
SetClassLongA
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
UnpackDDElParam
ReuseDDElParam
LoadMenuA
GetMenuBarInfo
LoadAcceleratorsA
InsertMenuItemA
BringWindowToTop
TranslateAcceleratorA
DrawIconEx
GetNextDlgGroupItem
LoadImageA
CopyImage
GetIconInfo
OffsetRect
NotifyWinEvent
EnableScrollBar
HideCaret
DrawFocusRect
InvertRect
GetAsyncKeyState
MapVirtualKeyA
IsRectEmpty
CreatePopupMenu
GetMenuDefaultItem
UnregisterClassA
CharUpperA
DestroyIcon
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
DeleteMenu
WaitMessage
ReleaseCapture
LoadCursorW
SetCapture
GetDialogBaseUnits
RealChildWindowFromPoint
IntersectRect
WindowFromPoint
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
ShowOwnedPopups
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
DefMDIChildProcA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
ScrollWindowEx
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
LoadIconW
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
PostMessageA
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
DrawMenuBar
TranslateMDISysAccel
InSendMessage
CreateMenu
SetMenuDefaultItem
IsClipboardFormatAvailable
SendNotifyMessageA
FrameRect
GetUpdateRect
RegisterClipboardFormatA
CharUpperBuffA
GetDoubleClickTime
SubtractRect
EnumChildWindows
CallWindowProcA
GetMenu
SetWindowPos
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
GetWindow
SetFocus
GetDesktopWindow
GetDCEx
MapDialogRect
WindowFromDC
GetTabbedTextExtentA
GetTabbedTextExtentW
GrayStringA
GetWindowRgn
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
CopyIcon
LoadCursorA
InflateRect
ReleaseDC
GetDC
GetParent
GetWindowRect
RedrawWindow
IsWindow
SetCursor
PtInRect
ScreenToClient
GetMessagePos
SetTimer
MessageBeep
SetWindowLongA
KillTimer
DestroyCursor
RegisterWindowMessageA
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
AppendMenuA
GetSystemMenu
InvalidateRect
SendMessageA
GetSysColor
wsprintfA
EnableWindow
GetSysColorBrush
gdi32
GetCharWidthA
CreateFontA
StretchDIBits
GetBkColor
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
GetCurrentObject
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
GetDIBits
StretchBlt
SetPixel
Rectangle
OffsetRgn
GetRgnBox
EnumFontFamiliesExA
RoundRect
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
GetTextCharsetInfo
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetTextExtentPointA
GetTextExtentPoint32W
CreateMetaFileA
CloseMetaFile
DeleteMetaFile
TextOutA
RectVisible
PtVisible
ExtTextOutA
EnumFontFamiliesA
StartDocA
CreateCompatibleBitmap
CreateDIBitmap
GetTextMetricsA
DPtoLP
PatBlt
GetMapMode
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateHatchBrush
ExtCreatePen
CreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
CreateCompatibleDC
CreatePatternBrush
CreateDIBPatternBrushPt
DeleteDC
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
GetPixel
BitBlt
GetWindowExtEx
PtInRegion
CreateSolidBrush
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
DeleteObject
SetColorAdjustment
SetArcDirection
SetLayout
GetLayout
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
CreateDCA
CopyMetaFileA
GetDeviceCaps
GetTextExtentPoint32A
CreateFontIndirectA
GetObjectA
GetStockObject
Escape
msimg32
AlphaBlend
TransparentBlt
comdlg32
GetFileTitleA
winspool.drv
DocumentPropertiesA
OpenPrinterA
GetJobA
ClosePrinter
advapi32
RegDeleteValueA
RegQueryValueA
RegCloseKey
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptGetHashParam
CryptDestroyKey
GetFileSecurityA
SetFileSecurityA
RegEnumKeyExA
RegOpenKeyExW
RegEnumValueA
RegEnumKeyA
RegDeleteKeyA
CryptEncrypt
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueA
CryptImportKey
RegOpenKeyExA
shell32
SHBrowseForFolderA
SHAddToRecentDocs
ExtractIconA
SHGetFileInfoA
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteExA
SHAppBarMessage
ShellExecuteA
SHGetMalloc
DragQueryFileA
DragFinish
comctl32
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Create
ImageList_GetImageCount
ImageList_Destroy
ImageList_AddMasked
ImageList_Remove
ImageList_DrawEx
shlwapi
PathFindExtensionA
PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathStripPathA
PathRemoveFileSpecW
ole32
GetRunningObjectTable
OleIsRunning
OleQueryLinkFromData
OleQueryCreateFromData
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleRun
CoGetMalloc
OleRegEnumVerbs
CreateGenericComposite
OleInitialize
CreateOleAdviseHolder
CreateDataAdviseHolder
OleUninitialize
CoFreeUnusedLibraries
OleSetContainedObject
GetHGlobalFromILockBytes
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
CreateBindCtx
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoCreateGuid
StringFromGUID2
CoDisconnectObject
CoCreateInstance
CLSIDFromString
CoUninitialize
CoInitialize
CoInitializeEx
CreateStreamOnHGlobal
StgCreateDocfile
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CreateFileMoniker
StgOpenStorage
StgIsStorageFile
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CreateItemMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleSetMenuDescriptor
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
PropVariantCopy
StgCreateDocfileOnILockBytes
OleSave
WriteClassStm
OleSaveToStream
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreate
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
CoRegisterClassObject
CoGetClassObject
OleRegGetMiscStatus
OleGetIconOfClass
OleCreateLinkToFile
OleCreateFromFile
OleLoad
oleaut32
SysFreeString
SysAllocString
VarBstrFromDate
VarCyFromStr
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
VarDateFromStr
SysReAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysStringByteLen
SysAllocStringByteLen
SafeArrayRedim
oledlg
ord8
wldap32
ord22
ord211
ord143
ord60
ord50
ord26
ord30
ord200
ord32
ord35
ord79
ord33
ord301
ord27
ord41
ord46
ws2_32
WSACleanup
WSASetLastError
__WSAFDIsSet
WSAGetLastError
select
recv
send
WSAIoctl
setsockopt
getsockname
ntohs
bind
htons
getsockopt
getpeername
closesocket
socket
connect
freeaddrinfo
getaddrinfo
sendto
recvfrom
accept
listen
ioctlsocket
gethostname
ntohl
htonl
WSAStartup
crypt32
CertFreeCertificateContext
oleacc
LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject
gdiplus
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipFree
imm32
ImmGetOpenStatus
ImmGetContext
ImmReleaseContext
winmm
PlaySoundA
Sections
.text Size: 2.1MB - Virtual size: 2.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 466KB - Virtual size: 466KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 32KB - Virtual size: 62KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8.2MB - Virtual size: 8.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 196KB - Virtual size: 195KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ