c95d0646a1e6940b6cf17d3646a6d9c1435832b54f8e507b135531b9f49441f2

Sharing

Copy URL Twitter E-mail

General

Target

c95d0646a1e6940b6cf17d3646a6d9c1435832b54f8e507b135531b9f49441f2
Size

6.3MB
MD5

94f462893dcab455cdcedbbe9e659ccd
SHA1

b1bd6c86dd8612f59725222298f7385f120c1cc3
SHA256

c95d0646a1e6940b6cf17d3646a6d9c1435832b54f8e507b135531b9f49441f2
SHA512

2ff6672206f1e1fa535d2ebb5c6d36bb5e11d470348a4e4a4ed530233f7027584aa883798f4d119dfe89c8ea1effc12f4ce924cae5665f1e154d9aa401b6a96f
SSDEEP

196608:P5jPmJkHFPxJjWqC0MuH9tVlK59ptDil5KPat6on:P5DmalJJqX0Htrepm5KPaA0

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Scripts/AkelEdit_x64/AkelEdit.dll
unpack001/Scripts/AkelEdit_x86/AkelEdit.dll
unpack001/Scripts/BBCode/Hh.exe
unpack001/Scripts/libiconv2.dll
unpack001/Scripts/pdftk.exe

Files

c95d0646a1e6940b6cf17d3646a6d9c1435832b54f8e507b135531b9f49441f2
.zip
Scripts/AESCrypt.js
.js
Scripts/ActiveColumnSwitch.js
.js
Scripts/AddSelectToClip.vbs
.vbs
Scripts/AkelEdit_x64/AkelEdit.dll
.dll windows:4 windows x64 arch:x64

0cd824434f6ff0ed0a051be1766ccb8e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThread
CreateEventA
WaitForSingleObject
IsBadWritePtr
SetEvent
CloseHandle
GetTickCount
FreeLibrary
GetModuleHandleA
LoadLibraryA
GetProcAddress
GlobalSize
GlobalLock
GlobalUnlock
HeapAlloc
HeapDestroy
HeapCreate
MulDiv
IsBadCodePtr
HeapFree
GetProcessHeap
GetVersionExA
WideCharToMultiByte
GetCPInfo
MultiByteToWideChar
GlobalFree
GlobalAlloc

user32

GetClientRect
UpdateWindow
GetClipboardData
IsWindowUnicode
GetWindowLongA
KillTimer
SendMessageW
IntersectRect
GetDoubleClickTime
GetMessageTime
SetTimer
SystemParametersInfoA
GetKeyboardLayout
GetSystemMetrics
DefWindowProcW
DefWindowProcA
GetUpdateRect
RegisterClassA
RegisterClassW
GetFocus
ShowScrollBar
BeginPaint
EndPaint
SetScrollInfo
GetScrollInfo
ScrollWindow
GetKeyState
GetCursorPos
SetCursor
PtInRect
UnregisterClassW
UnregisterClassA
DestroyCaret
CreateCaret
GetSysColor
GetSysColorBrush
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetCaretPos
SendMessageA
IsClipboardFormatAvailable
MessageBeep
GetWindowRect
GetParent
ScreenToClient
GetDC
ReleaseDC
FillRect
CharUpperA
LoadImageA
LoadCursorA
RegisterClipboardFormatA
InvalidateRect
SetCapture
ReleaseCapture
ShowCaret
HideCaret
SetFocus

gdi32

DeleteObject
DeleteDC
SelectObject
CreateDIBSection
GetDeviceCaps
BitBlt
CreateCompatibleDC
LineTo
MoveToEx
SetROP2
GetTextExtentPoint32W
GetBkMode
ExtTextOutA
ExtTextOutW
TextOutA
TextOutW
SetBkMode
CreateSolidBrush
SetBkColor
SetTextColor
CreateFontIndirectA
CreateFontIndirectW
GetObjectA
CreatePen
GetTextMetricsA
GetStockObject
GetTextMetricsW
GetObjectW
CreateCompatibleBitmap
CreateRectRgn

ole32

OleUninitialize
DoDragDrop
ReleaseStgMedium
RevokeDragDrop
RegisterDragDrop
OleInitialize

imm32

ImmEscapeW
ImmNotifyIME
ImmSetCandidateWindow
ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext
ImmSetCompositionFontA
ImmGetCompositionStringW
ImmSetCompositionFontW

Sections

.text
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Scripts/AkelEdit_x86/AkelEdit.dll
.dll windows:4 windows x86 arch:x86

be0bea2605232d9fe00da05ec74bbbb6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThread
CreateEventA
WaitForSingleObject
IsBadWritePtr
SetEvent
CloseHandle
GetTickCount
FreeLibrary
GetModuleHandleA
LoadLibraryA
GetProcAddress
GlobalSize
GlobalLock
GlobalUnlock
HeapAlloc
HeapDestroy
HeapCreate
MulDiv
IsBadCodePtr
HeapFree
GetProcessHeap
GetVersionExA
WideCharToMultiByte
GetCPInfo
MultiByteToWideChar
GlobalFree
GlobalAlloc

user32

GetClientRect
UpdateWindow
GetClipboardData
IsWindowUnicode
GetWindowLongA
KillTimer
SendMessageW
IntersectRect
GetDoubleClickTime
GetMessageTime
SetTimer
SystemParametersInfoA
GetKeyboardLayout
GetSystemMetrics
DefWindowProcW
DefWindowProcA
GetUpdateRect
RegisterClassA
RegisterClassW
GetFocus
ShowScrollBar
BeginPaint
EndPaint
SetScrollInfo
GetScrollInfo
ScrollWindow
GetKeyState
GetCursorPos
SetCursor
PtInRect
UnregisterClassW
UnregisterClassA
DestroyCaret
CreateCaret
GetSysColor
GetSysColorBrush
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetCaretPos
SendMessageA
IsClipboardFormatAvailable
MessageBeep
GetWindowRect
GetParent
ScreenToClient
GetDC
ReleaseDC
FillRect
CharUpperA
LoadImageA
LoadCursorA
RegisterClipboardFormatA
InvalidateRect
SetCapture
ReleaseCapture
ShowCaret
HideCaret
SetFocus

gdi32

DeleteObject
DeleteDC
SelectObject
CreateDIBSection
GetDeviceCaps
BitBlt
CreateCompatibleDC
LineTo
MoveToEx
SetROP2
GetTextExtentPoint32W
GetBkMode
ExtTextOutA
ExtTextOutW
TextOutA
TextOutW
CreateSolidBrush
SetBkMode
SetBkColor
SetTextColor
CreateFontIndirectA
CreateFontIndirectW
GetObjectA
CreatePen
GetTextMetricsA
GetStockObject
GetTextMetricsW
GetObjectW
CreateCompatibleBitmap
CreateRectRgn

ole32

OleUninitialize
DoDragDrop
ReleaseStgMedium
RevokeDragDrop
RegisterDragDrop
OleInitialize

imm32

ImmEscapeW
ImmNotifyIME
ImmSetCandidateWindow
ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext
ImmSetCompositionFontA
ImmGetCompositionStringW
ImmSetCompositionFontW

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Scripts/AkelPadDocsView.ini
Scripts/AkelPadDocsView.js
.js
Scripts/AkelPadImage.vbs
Scripts/AkelPadManualSettings.ini
Scripts/AkelPadManualSettings.js
.js
Scripts/AkelPadRestart.js
.js
Scripts/AkelPadTitle.js
.js
Scripts/AlignJustify.js
.js
Scripts/AnagramWord.vbs
.vbs
Scripts/Attributes.vbs
.vbs
Scripts/AutoScript-DetectEx.js
.js
Scripts/BBCode/BBCode.html
.js
Scripts/BBCode/ExampleBB.txt
Scripts/BBCode/Hh.exe
.exe windows:5 windows x86 arch:x86

9ed54609127a70e312733e0fe986dabe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetStartupInfoA
GetTickCount
QueryPerformanceCounter
LoadLibraryA
GetProcAddress
FreeLibrary
lstrcpyA
GetCurrentThreadId

user32

wsprintfA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Scripts/BBCode/Html.html
.js
Scripts/BBCode/Name.html
.html .js polyglot
Scripts/BBCode/Template.html
.js
Scripts/BBCode/color.js
Scripts/BBCode/ff.gif
.gif
Scripts/BBCode/forum.css
Scripts/BBCode/ft.gif
.gif
Scripts/BBCode/hh.gif
.gif
Scripts/BBCode/ii.gif
.gif
Scripts/BBCode/jquery.js
.js
Scripts/BBCode/pl.gif
.gif
Scripts/BBCode/ps.gif
.gif
Scripts/BBCode/qq.gif
.gif
Scripts/BBCode/s/angel.gif
.gif
Scripts/BBCode/s/angel2.gif
.gif
Scripts/BBCode/s/angry.gif
.gif
Scripts/BBCode/s/applause.gif
.gif
Scripts/BBCode/s/barbarian.gif
.gif
Scripts/BBCode/s/bash.gif
.gif
Scripts/BBCode/s/beer.gif
.gif
Scripts/BBCode/s/biggrin.gif
.gif
Scripts/BBCode/s/bismiles.gif
.gif
Scripts/BBCode/s/blow.gif
.gif
Scripts/BBCode/s/book.gif
.gif
Scripts/BBCode/s/bouquet3.gif
.gif
Scripts/BBCode/s/bow.gif
.gif
Scripts/BBCode/s/car.gif
.gif
Scripts/BBCode/s/car2.gif
.gif
Scripts/BBCode/s/cheers.gif
.gif
Scripts/BBCode/s/cool.gif
.gif
Scripts/BBCode/s/cool1.gif
.gif
Scripts/BBCode/s/cranky.gif
.gif
Scripts/BBCode/s/crazy.gif
.gif
Scripts/BBCode/s/draka.gif
.gif
Scripts/BBCode/s/elvis.gif
.gif
Scripts/BBCode/s/flower2.gif
.gif
Scripts/BBCode/s/flute.gif
.gif
Scripts/BBCode/s/footbl.gif
.gif
Scripts/BBCode/s/give_heart.gif
.gif
Scripts/BBCode/s/good.gif
.gif
Scripts/BBCode/s/guitar.gif
.gif
Scripts/BBCode/s/guitar1.gif
.gif
Scripts/BBCode/s/happy.gif
.gif
Scripts/BBCode/s/kiss.gif
.gif
Scripts/BBCode/s/laugh.gif
.gif
Scripts/BBCode/s/laughter.gif
.gif
Scripts/BBCode/s/letter.gif
.gif
Scripts/BBCode/s/love.gif
.gif
Scripts/BBCode/s/love2.gif
.gif
Scripts/BBCode/s/love3.gif
.gif
Scripts/BBCode/s/love_letter.gif
.gif
Scripts/BBCode/s/movie.gif
.gif
Scripts/BBCode/s/mummy.gif
.gif
Scripts/BBCode/s/ninja.gif
.gif
Scripts/BBCode/s/ninja2.gif
.gif
Scripts/BBCode/s/sad.gif
.gif
Scripts/BBCode/s/smile.gif
.gif
Scripts/BBCode/s/smile2.gif
.gif
Scripts/BBCode/s/smile2_01.gif
.gif
Scripts/BBCode/s/smsm.gif
.gif
Scripts/BBCode/s/stomp.gif
.gif
Scripts/BBCode/s/super.gif
.gif
Scripts/BBCode/s/surprised.gif
.gif
Scripts/BBCode/s/tidy.gif
.gif
Scripts/BBCode/s/tidy1.gif
.gif
Scripts/BBCode/s/tongue.gif
.gif
Scripts/BBCode/s/typing.gif
.gif
Scripts/BBCode/s/upup.gif
.gif
Scripts/BBCode/s/wacko.gif
.gif
Scripts/BBCode/s/wink.gif
.gif
Scripts/BBCode/s/wrap.gif
.gif
Scripts/BBCode/s/xaxa.gif
.gif
Scripts/BBCode/ss.gif
.gif
Scripts/BBCode/texture.gif
.gif
Scripts/BBCode/wave_green.gif
.gif
Scripts/BBCode/wave_red.gif
.gif
Scripts/Base64.js
.js
Scripts/BlockDeclose.js
.js
Scripts/BlockSelect.js
.js
Scripts/BookmarksPlus.vbs
.vbs
Scripts/BracketsGoTo.js
.js
Scripts/BufferOrInsert.vbs
Scripts/CConverter.js
.js
Scripts/CSVToColumnText.ini
Scripts/CSVToColumnText.js
.js
Scripts/Calculator.js
.js
Scripts/CalculatorBin.ini
Scripts/CalculatorBin.js
.js
Scripts/CalculatorJS.ini
Scripts/CalculatorJS.js
.js
Scripts/CaretOptionsSwitch.js
.js
Scripts/ChooseColor.js
.js
Scripts/ClearBBCode.vbs
.vbs
Scripts/ClearRecentFiles.js
.js
Scripts/ClipboardPlus.vbs
.vbs
Scripts/CloseUnnamedAll.js
.js
Scripts/CloseUnnamedAll_1.js
.js
Scripts/CodeHTML.vbs
.vbs
Scripts/CodePoster.js
.js
Scripts/CodePosterInFileOrBuffer.js
.js
Scripts/ColorMarker.vbs
.vbs
Scripts/ColumnCounter.js
.js
Scripts/ColumnsDuplicateSelect.js
.js
Scripts/ColumnsReplace.js
.js
Scripts/ColumnsSum.ini
Scripts/ColumnsSum.js
.js
Scripts/ConsoleExec.js
.js
Scripts/CopyTextToClip.vbs
Scripts/CopyToClipDeformationPath.vbs
.vbs
Scripts/CountPhrasesInText.vbs
.vbs
Scripts/CreateFile.vbs
.vbs
Scripts/CreateSubParagraph.js
.js
Scripts/CreateSubParagraph.vbs
.vbs
Scripts/CreateTab&Arhive.vbs
Scripts/CreateTableSChar.vbs
.vbs
Scripts/DateInsert.js
Scripts/DelSymLine.vbs
.vbs
Scripts/DelTrailSpacesAll.js
.js
Scripts/DeleteLastChar.js
.js
Scripts/DeleteMarker.vbs
Scripts/DeleteNoMarker.vbs
.vbs
Scripts/DeletePlus.vbs
.vbs
Scripts/DeleteZebraLines.vbs
.vbs
Scripts/Descript.vbs
.vbs
Scripts/Desktop.ini
Scripts/DownloadMaster.js
.js
Scripts/DrawLine.js
.js
Scripts/DublicateFile.vbs
.vbs
Scripts/DuplicateLines.js
.js
Scripts/EditSession.vbs
.vbs
Scripts/EncodeAllFiles.vbs
.vbs
Scripts/EvalCmd.js
.js
Scripts/EvalCmd.vbs
.vbs
Scripts/ExecConsole.js
.js
Scripts/Export4Format.vbs
.vbs
Scripts/ExportAllFiles.vbs
.vbs
Scripts/Favourites.js
.js
Scripts/Favourites.js.134415832.tmp
.js
Scripts/FileAndStream.ini
Scripts/FileAndStream.js
.js
Scripts/FileAndStream_1033.lng
Scripts/FileAndStream_1045.lng
Scripts/FileAndStream_1049.lng
Scripts/FileAndStream_2052.lng
Scripts/FileInfo.ini
Scripts/FileInfo.js
.js
Scripts/FindFiles.ini
Scripts/FindFiles.js
.js
Scripts/FindFiles_1033.lng
Scripts/FindFiles_1049.lng
Scripts/FindReplaceEx.ini
Scripts/FindReplaceEx.js
.js
Scripts/FindReplaceEx_1033.lng
Scripts/FindReplaceEx_1045.lng
Scripts/FindReplaceEx_1049.lng
Scripts/FindReplaceEx_2052.lng
Scripts/FindReplaceEx_templates.tsv
Scripts/FindReplaceFiles.ini
Scripts/FindReplaceFiles.js
.js
Scripts/FindReplaceFiles_1033.lng
Scripts/FindReplaceFiles_1034.lng
Scripts/FindReplaceFiles_1045.lng
Scripts/FindReplaceFiles_1049.lng
Scripts/FindReplaceFiles_2052.lng
Scripts/FontCycleSwitch.ini
Scripts/FontCycleSwitch.js
.js
Scripts/FontDialogMonospace.js
.js
Scripts/FontIniRestore.js
.js
Scripts/FontIniRestore.vbs
.vbs
Scripts/FontSwitch.js
.js
Scripts/ForceNewInstance.js
.js
Scripts/FormatLinesLenght.vbs
.vbs
Scripts/FullScreenEx.js
.js
Scripts/GetExtHTML.vbs
.vbs
Scripts/GetNumberMembers.js
.js
Scripts/Glasnye.vbs
.vbs
Scripts/GotoMarkOrOpenUrl.vbs
.vbs
Scripts/HTMLDelAllTags.js
Scripts/HTMLDelUselessTags.js
Scripts/HTMLTidy.js
.js
Scripts/HTMLlinefeed.js
.js
Scripts/HTMLul.vbs
Scripts/HexSelAs.ini
Scripts/HexSelAs.js
.js
Scripts/HtmlView.js
.js
Scripts/IconsOnTabs.ini
Scripts/IconsOnTabs.js
.js
Scripts/Include/BrowseForFolder_function.js
.js
Scripts/Include/ChooseFont_function.js
.js
Scripts/Include/CommonFunctions.js
.js
Scripts/Include/CreateDialog_functions.js
.js
Scripts/Include/DateFormat.js
.js
Scripts/Include/Desktop.ini
Scripts/Include/EnumerateWindows_functions.js
.js
Scripts/Include/FileAndStream_functions.js
.js
Scripts/Include/FunctionsDialog.ini
Scripts/Include/FunctionsDialog.vbs
.vbs
Scripts/Include/FunctionsINI.vbs
.vbs
Scripts/Include/FunctionsINIRW.vbs
.vbs
Scripts/Include/FunctionsINITextRWS.vbs
.vbs
Scripts/Include/FunctionsSave.js
.js
Scripts/Include/FunctionsSave.vbs
.vbs
Scripts/Include/INI.js
.js
Scripts/Include/InputBox_function.js
.js
Scripts/Include/LinkAction.vbs
.vbs
Scripts/Include/MarkerDublWords.vbs
.vbs
Scripts/Include/Name.ico
Scripts/Include/ShowMenu.js
.js
Scripts/Include/ShowMenuEx.js
.js
Scripts/Include/TextReplace_function.js
.js
Scripts/Include/cnRegExp.js
.js
Scripts/Include/descript.ion
Scripts/Include/functions -Test.vbs
.vbs
Scripts/Include/functions.vbs
.vbs
Scripts/Include/jsBeautifier_tests.js
.js
Scripts/Include/selCompleteLine.js
.js
Scripts/Include/sr_function.js
.js
Scripts/Include/timer.js
.js
Scripts/InfoFile.vbs
.vbs
Scripts/InfoLine.vbs
.vbs
Scripts/Insert.js
.js
Scripts/InsertBBCodeList.vbs
.vbs
Scripts/InsertDate.js
.js
Scripts/InsertDateFromCalendar.ini
Scripts/InsertDateFromCalendar.js
.js
Scripts/InsertFile.js
.js
Scripts/InsertNLine.vbs
.vbs
Scripts/InsertNum.ini
Scripts/InsertNum.js
.js
Scripts/InsertParagraph.vbs
.vbs
Scripts/InsertPlus.vbs
.vbs
Scripts/InsertText.js
.js
Scripts/InsertTextLN.ini
Scripts/InsertTextLN.js
.js
Scripts/InsertUnicodeChar.js
.js
Scripts/InsertUnicodeChar_templates.csv
Scripts/Invert_Revers.vbs
.vbs
Scripts/JoinLinesTogether.js
.js
Scripts/Keyboard.js
.js
Scripts/LineBoardBookmarks.js
.js
Scripts/LineBoardRClickPanel.js
.js
Scripts/LineBoardRulerOnOff.js
.js
Scripts/LinesFilter.ini
Scripts/LinesFilter.js
.js
Scripts/LinesFilter_mod2.js
.js
Scripts/LinesFilter_mod3.ini
Scripts/LinesFilter_mod3.js
.js
Scripts/LinesHideShow.ini
Scripts/LinesHideShow.js
.js
Scripts/LinesUnwrap.js
.js
Scripts/LinesWrap.js
.js
Scripts/LinkAction.vbs
.vbs
Scripts/Macro2SendKeys.vbs
.vbs
Scripts/Macro2SendKeys_1.vbs
.vbs
Scripts/MarginsChange.js
.js
Scripts/MarkdownPreview.js
.js
Scripts/MarkerWordsPlus.vbs
.vbs
Scripts/MenuBarTextInFile.vbs
Scripts/MergeDocuments.js
.js
Scripts/MoveFile.js
.js
Scripts/MoveFileChoiceFolder.js
.js
Scripts/MoveFile_1.js
.js
Scripts/MoveLinesLeftRight.vbs
Scripts/MoveLinesUpDown.js
.js
Scripts/MoveLinesUpDown_alt.js
.js
Scripts/MultiClipboard.js
.js
Scripts/Multi_SR.js
.js
Scripts/Multiple clipboard.js
.js
Scripts/MySaveSession.js
.js
Scripts/Name.ico
Scripts/NeO.Sort.js
.js
Scripts/NetEdit.vbs
.vbs
Scripts/NsisCall.js
.js
Scripts/NumberCount.ini
Scripts/NumberCount.js
.js
Scripts/NumbersNewLine.vbs
.vbs
Scripts/OpenInAkelPad.vbs
.vbs
Scripts/OpenInNewTab.vbs
.vbs
Scripts/OpenSaveMask.js
.js
Scripts/OpenSessionsDir.js
.js
Scripts/PDFtk-G.ini
Scripts/PDFtk-G.ini._137131176.tmp
Scripts/PDFtk-G.js
.js
Scripts/Params/Astyle.param
Scripts/Params/CSSTidy.param
Scripts/Params/ConsoleExec.ini
Scripts/Params/ConsoleExec.param
Scripts/Params/ConsoleRun.param
Scripts/Params/FileDialogExtentions.param
Scripts/Params/LS.param
Scripts/Params/SearchReplace_Multi.ini
Scripts/Params/SearchReplace_Multi.param
Scripts/Params/SearchReplace_Multi/GB2312_detail.txt
Scripts/Params/SearchReplace_Multi/GBK.txt
Scripts/Params/SearchReplace_Multi/ȫת.txt
Scripts/Params/SearchReplace_Multi/ѹjscript.txt
Scripts/Params/SearchReplace_Multi/תĴд.txt
Scripts/Params/SearchReplace_Multi/תСд.txt
Scripts/Params/SearchReplace_Multi/תȫ.txt
Scripts/Params/SearchReplace_Multi/ʿ.txt
.js
Scripts/Params/SearchReplace_Multi/ת.txt
Scripts/Params/SearchReplace_Multi/ʿȥ.txt
Scripts/Params/SearchReplace_Multi/ʿȥŻ.txt
Scripts/Params/SearchReplace_Multi/ʿȥŻ1.txt
Scripts/Params/SearchReplace_Multi/ʿŻ.txt
.js
Scripts/Params/SearchReplace_Multi/ʿŻ1.txt
Scripts/Params/SearchReplace_Multi/ת.txt
Scripts/Params/SearchReplace_Multi/.txt
.js
Scripts/Params/SearchReplace_Multi/Ĵдת.txt
.js
Scripts/Params/SearchReplace_Multi/Сдת.txt
.js
Scripts/Params/ShowMenuAlt/Default.js
.js
Scripts/Params/ShowMenuAlt/TestButton.js
.js
Scripts/Params/XMLGetAttrValues.param
Scripts/PlugContextMenuAkelFont.js
.js
Scripts/PlugTextReadFromIni.js
.js
Scripts/PlugTextToAkelPad.js
.js
Scripts/PlugToolBarAkelFont.js
.js
Scripts/PluginText.ini
Scripts/PluginText.js
.js
Scripts/PrintAll.js
.js
Scripts/RandomMixesLines.js
.js
Scripts/ReFormatTextByLine.vbs
.vbs
Scripts/RegExpTestJS.ini
Scripts/RegExpTestJS.js
.js
Scripts/RegExpTestJS_1033.lng
Scripts/RegExpTestJS_1045.lng
Scripts/RegExpTestJS_1049.lng
Scripts/RegExpTestJS_2052.lng
Scripts/RegJump.js
.js
Scripts/RenameFile.js
.js
Scripts/RenameOfSelectOrClip.vbs
.vbs
Scripts/ReplaceCoding.vbs
.vbs
Scripts/ReplaceOnCounter.vbs
.vbs
Scripts/ReturnsTabs.vbs
.vbs
Scripts/RunCommand.ini
Scripts/RunCommand.js
.js
Scripts/RunMe.ini
Scripts/RunMe.js
.js
Scripts/RunMultiScripts.vbs
Scripts/RunScript.vbs
.vbs
Scripts/RunScriptA.vbs
.vbs
Scripts/SE.js
.js
Scripts/SaveAllAnonym.vbs
.vbs
Scripts/SaveFileNameData.vbs
Scripts/SaveFileNameFirstLine.vbs
.vbs
Scripts/SaveSession.js
.js
Scripts/ScreenView.ini
Scripts/ScreenView.js
.js
Scripts/ScriptCopyToBlock.js
.js
Scripts/SearchReplace.ini
Scripts/SearchReplace.js
.js
Scripts/SearchReplace_Multi.js
.js
Scripts/SearhInFiles.vbs
.vbs
Scripts/SearhWithConditions.vbs
.vbs
Scripts/SelectRange.js
.js
Scripts/SelectRangeText.ini
Scripts/SelectRangeText.js
.js
Scripts/SelectText.vbs
.vbs
Scripts/SelectionSwitch.js
Scripts/SelectionSwitchCaretMove.js
.js
Scripts/SendData.ini
Scripts/SendData.js
.js
Scripts/SendData_help_1049.lng
Scripts/SessionMenu.js
.js
Scripts/SessionsOpenMenu.js
.js
Scripts/SetBackgroundForTheme.vbs
.vbs
Scripts/SetToolbarIconsSize.vbs
.vbs
Scripts/SettingContextMenuFont.vbs
Scripts/ShiftAltLines.js
.js
Scripts/ShiftMarker.js
.js
Scripts/ShiftTabSize.js
.js
Scripts/ShiftVerticaly.js
.js
Scripts/ShowScrollBar.js
.js
Scripts/ShowTabMenu.js
.js
Scripts/SmartPaste.js
.js
Scripts/SortInColumns.ini
Scripts/SortInColumns.js
.js
Scripts/SortLines - .js
.js
Scripts/SortLines.ini
Scripts/SortLines.js
.js
Scripts/SortLinesByLength.js
.js
Scripts/SortLinesUpperLetters.js
.js
Scripts/SortLinesWithIntegers.js
.js
Scripts/SortList.ini
Scripts/SortList.js
.js
Scripts/SortWords - .js
.js
Scripts/SortWords.ini
Scripts/SortWords.js
.js
Scripts/SpacesToTabs(new).js
.js
Scripts/SpacesToTabs.js
.js
Scripts/SpecFolders.vbs
.vbs
Scripts/SpecialCharSwitcher.js
.js
Scripts/SpellCheck.js
.js
Scripts/SpellCheckAddToWhiteList.js
.js
Scripts/SpellCheckMSWord.js
.js
Scripts/Start.vbs
.vbs
Scripts/StartCodeFold.vbs
.vbs
Scripts/StartCommand&Save.vbs
.vbs
Scripts/SumNumbers.js
.js
Scripts/SuperMultiMarker.ini
Scripts/SwapText.ini
Scripts/SwapText.js
.js
Scripts/SwitchSplittedWindow.ini
Scripts/SwitchSplittedWindow.vbs
.vbs
Scripts/SwitchingRuler.vbs
Scripts/TCIMG.vbs
.vbs
Scripts/TabCloseLR.vbs
.vbs
Scripts/TabCloseN.vbs
.vbs
Scripts/TabFont.ini
Scripts/TabFont.js
.js
Scripts/TabSwitch.js
.js
Scripts/TabsToSpaces.js
.js
Scripts/Test.js
.js
Scripts/Test.vbs
Scripts/TextFormat.vbs
.vbs
Scripts/TextMarker.ini
Scripts/TextMarker.js
.js
Scripts/TextMove.js
.js
Scripts/TextReplace.ini
Scripts/TextReplace.js
.js
Scripts/TextReplace1.ini
Scripts/TextReplace1.js
.js
Scripts/TextReplace_batch.tsv
Scripts/TextReplace_templ.tsv
Scripts/TranslateWithGoogleAPI.js
.js
Scripts/Translator.js
.js
Scripts/Translator_Chinese-Simplified.lng
Scripts/Translator_English.lng
Scripts/Translator_Polish.lng
Scripts/Translator_Russian.lng
Scripts/Translator_Ukrainian.lng
Scripts/URLOpen.js
.js
Scripts/URLOpen.vbs
.vbs
Scripts/UncheckMarker.vbs
.vbs
Scripts/UndoAllNoScroll.js
.js
Scripts/UndoPos.js
.js
Scripts/VersionIncrement.js
.js
Scripts/ViewerBBCode.vbs
.vbs
Scripts/WindowsList.ini
Scripts/WindowsList.js
.js
Scripts/WordsMoveSelect.js
.js
Scripts/Wrap.vbs
Scripts/WriteInWhiteSpellCheckList.vbs
.vbs
Scripts/WriteTab.vbs
Scripts/ZebraOnOff.vbs
Scripts/ZipArhive.vbs
.vbs
Scripts/ZipArhiveAkelPad.vbs
.vbs
Scripts/alignWithSpaces.ini
Scripts/alignWithSpaces.js
.js
Scripts/autoSaveSession.js
.js
Scripts/colorsConverter.js
.js
Scripts/convertHTML.js
.js
Scripts/converter.ini
Scripts/converter.js
.js
Scripts/cpBarSwitch.js
.js
Scripts/cpFontSwitch.js
.js
Scripts/createtable.vbs
.vbs
Scripts/deletephrasesintext.vbs
.vbs
Scripts/downloadlistindm.vbs
.vbs
Scripts/dublicatelinesplus.vbs
.vbs
Scripts/encodeHTML.js
.js
Scripts/executeScript-exec.ini
Scripts/executeScript.js
.js
Scripts/fullWindow.js
.js
Scripts/fullWindowRes.js
.js
Scripts/getHash.ini
Scripts/getHash.js
.js
Scripts/getLenLines.vbs
.vbs
Scripts/getLineBetweenQuotes.vbs
.vbs
Scripts/getLinks.js
.js
Scripts/getMail.vbs
.vbs
Scripts/getPath dui.vbs
.vbs
Scripts/getPath.ini
Scripts/getPath_1.vbs
.vbs
Scripts/getSpellCheck.vbs
.vbs
Scripts/getWords.vbs
.vbs
Scripts/getpath.vbs
.vbs
Scripts/goToLongestLine.ini
Scripts/goToLongestLine.js
.js
Scripts/highlighter.js
.js
Scripts/htmlview.ini
Scripts/insertEval.js
.js
Scripts/insertStructure.js
.js
Scripts/insertindialoguesearch.vbs
.vbs
Scripts/jsBeautifier.js
.js
Scripts/libiconv2.dll
.dll .ps1 windows:4 windows x86 arch:x86 polyglot

5e63e66630a8ecd829ce2cfdcfa121ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
FindAtomA
GetACP
GetAtomNameA
GetModuleFileNameA
GetSystemInfo

msvcrt

_strdup
__dllonexit
_errno
abort
fflush
free
malloc
memcpy
sprintf
strchr
strcmp
strcpy
strlen
strncmp

Exports

Exports

DllGetVersion
_libiconv_version
aliases2_lookup
aliases_lookup
libiconv
libiconv_close
libiconv_open
libiconv_relocate
libiconv_set_relocation_prefix
libiconvctl
libiconvlist
locale_charset

Sections

.text
Size: 945KB - Virtual size: 944KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 656B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 364B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Scripts/markerdublwords.vbs
.vbs
Scripts/markerlist.vbs
.vbs
Scripts/markerplus.vbs
.vbs
Scripts/markerplus1.vbs
.vbs
Scripts/measuresConverter.ini
Scripts/measuresConverter.js
.js
Scripts/numericselecttext.vbs
.vbs
Scripts/pdftk.exe
.exe windows:4 windows x86 arch:x86

ad1d463fa2edbe73741c6a31a725ff1d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetUserNameA

libiconv2

libiconv
libiconv_close
libiconv_open

kernel32

AddAtomA
CloseHandle
CreateDirectoryA
CreateEventA
CreateFileA
CreateMutexA
CreatePipe
CreateProcessA
CreateSemaphoreA
CreateThread
DebugBreak
DeleteCriticalSection
DeleteFileA
DuplicateHandle
EnterCriticalSection
ExitProcess
FindAtomA
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FormatMessageA
FreeLibrary
GetACP
GetAtomNameA
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileSize
GetFullPathNameA
GetHandleInformation
GetLastError
GetLogicalDrives
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStdHandle
GetSystemInfo
GetTempPathA
GetThreadContext
GetTickCount
GetVersion
GetVersionExA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LocalFree
MoveFileA
MultiByteToWideChar
ReadFile
ReleaseMutex
ReleaseSemaphore
RemoveDirectoryA
ResetEvent
ResumeThread
SetEndOfFile
SetEvent
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleInformation
SetLastError
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualAlloc
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile

msvcrt

_access
_fdopen
_ftime
_getcwd
_read
_strdup
_timezone
_write
__getmainargs
__lc_codepage
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_ctype
_errno
_filelengthi64
_findclose
_findfirst
_findnext
_fstati64
_fullpath
_iob
_isctype
_lseeki64
_onexit
_pctype
_pipe
_putenv
_setmode
abort
atexit
atoi
atol
calloc
exit
fclose
fflush
fgetpos
fgets
fopen
fprintf
fputc
fread
free
fsetpos
fwrite
getc
getenv
localeconv
localtime
malloc
memchr
memcpy
memmove
memset
mktime
putc
realloc
setlocale
setvbuf
signal
sprintf
strcat
strchr
strcmp
strcoll
strcpy
strerror
strftime
strlen
strncat
strncmp
strncpy
strrchr
strtod
strtoul
strxfrm
time
ungetc
vfprintf
wcslen

user32

MessageBoxA

ws2_32

WSACloseEvent
WSACreateEvent
WSAEventSelect
WSAGetLastError
WSASetLastError
WSAStartup
WSAWaitForMultipleEvents
accept
bind
closesocket
connect
gethostbyaddr
gethostbyname
gethostname
getsockname
getsockopt
htonl
htons
inet_addr
inet_ntoa
ioctlsocket
listen
ntohs
recv
recvfrom
send
sendto
setsockopt
shutdown
socket

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 817KB - Virtual size: 816KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 147KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.stab
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_MEM_DISCARDABLE

.stabstr
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Scripts/pdftk_help.txt
Scripts/quoted-printable.js
.js
Scripts/runScript.ini
Scripts/runScript.js
.js
Scripts/saveStoreTime.js
.js
Scripts/scriptToBookmarklet.js
.js
Scripts/splittext.vbs
Scripts/supermultimarker.vbs
.vbs
Scripts/tabcloseexts.vbs
.vbs
Scripts/textStatistics.js
.js
Scripts/tileTabs.js
.js
Scripts/toggleComments.ini
Scripts/toggleComments.js
.js
Scripts/transparency.js
.js
Scripts/undoRedoAll.js
.js
Scripts/winMergeTabs.js
.js

Sharing

General

Malware Config

Signatures

Files

0cd824434f6ff0ed0a051be1766ccb8e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

imm32

Sections

.text Size: 183KB - Virtual size: 183KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 512B - Virtual size: 384B

.pdata Size: 4KB - Virtual size: 3KB

.rsrc Size: 8KB - Virtual size: 7KB

be0bea2605232d9fe00da05ec74bbbb6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

ole32

imm32

Sections

.text Size: 140KB - Virtual size: 140KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 208B

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 3KB - Virtual size: 2KB

9ed54609127a70e312733e0fe986dabe

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

user32

Sections

.text Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 844B

.rsrc Size: 6KB - Virtual size: 5KB

5e63e66630a8ecd829ce2cfdcfa121ae

Headers

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 945KB - Virtual size: 944KB

.data Size: 512B - Virtual size: 64B

.bss Size: - Virtual size: 656B

.edata Size: 512B - Virtual size: 364B

.idata Size: 1024B - Virtual size: 664B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 3KB - Virtual size: 3KB

ad1d463fa2edbe73741c6a31a725ff1d

Headers

File Characteristics

Imports

advapi32

libiconv2

kernel32

msvcrt

user32

ws2_32

Sections

.text Size: 3.5MB - Virtual size: 3.5MB

.data Size: 817KB - Virtual size: 816KB

.rdata Size: 1.4MB - Virtual size: 1.4MB

.bss Size: - Virtual size: 147KB

.text
Size: 183KB - Virtual size: 183KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 512B - Virtual size: 384B

.pdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 8KB - Virtual size: 7KB

.text
Size: 140KB - Virtual size: 140KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 208B

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 3KB - Virtual size: 2KB

.text
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 844B

.rsrc
Size: 6KB - Virtual size: 5KB

.text
Size: 945KB - Virtual size: 944KB

.data
Size: 512B - Virtual size: 64B

.bss
Size: - Virtual size: 656B

.edata
Size: 512B - Virtual size: 364B

.idata
Size: 1024B - Virtual size: 664B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 3KB - Virtual size: 3KB

.text
Size: 3.5MB - Virtual size: 3.5MB

.data
Size: 817KB - Virtual size: 816KB

.rdata
Size: 1.4MB - Virtual size: 1.4MB

.bss
Size: - Virtual size: 147KB

.idata
Size: 6KB - Virtual size: 5KB

.stab
Size: 8KB - Virtual size: 8KB

.stabstr
Size: 4KB - Virtual size: 4KB