f9727d769403d617683795118adaaacc

Sharing

Copy URL

Twitter E-mail

General

Target

f9727d769403d617683795118adaaacc
Size

1.0MB
MD5

f9727d769403d617683795118adaaacc
SHA1

dd13d18b7e29847dc6b82aac427b2f1f4a24c08a
SHA256

03f9122f1dd1afd16bce9f9c1337860545f3ef88709b65c129840e1c5a1221ac
SHA512

d8592e405cf98c19a7642f3310e2cae40a2590bf61763a6dca4214a4417d2f0d239af16037a57febc40c83c624900f0bc5e7ade1886689c2f772eda4881f92df
SSDEEP

24576:LDF/idhSufAMcGWR8fJxAUzSUjUGnOKHGwfXmFtE2o8h7S0gcNmJlP1:L4dhjALZR8fnzWUoGnzGImFtu8AcAb1

Score

7^/10

aspackv2 upx

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/nfs9V1.2_1.3.Trn/英文版修改器/NFS9英文v1.2版无限金钱修改器.exe	aspack_v212_v242

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/nfs9V1.2_1.3.Trn/英文版修改器/NFS9英文版无限金钱修改器.exe	upx

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/nfs9V1.2_1.3.Trn/NFSMW-U套件及标志存档修改器(中英文不限).exe
unpack001/nfs9V1.2_1.3.Trn/中文版修改器/NFSMW-中文版修改器V2.45版.exe
unpack001/nfs9V1.2_1.3.Trn/英文版修改器/NFS9英文v1.2版无限金钱修改器.exe
unpack001/nfs9V1.2_1.3.Trn/英文版修改器/NFS9英文版3项属性修改器.exe
unpack001/nfs9V1.2_1.3.Trn/英文版修改器/NFS9英文版无限金钱修改器.exe
unpack001/nfs9V1.2_1.3.Trn/英文版修改器/NFS9黑名单版修改器.exe

Files

f9727d769403d617683795118adaaacc
.rar
nfs9V1.2_1.3.Trn/NFSMW-U套件及标志存档修改器(中英文不限).exe
.exe windows:4 windows x86 arch:x86

347b8df121d9946d415490c2764c1bf5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
HeapReAlloc
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
VirtualProtect
GetSystemInfo
VirtualQuery
SetStdHandle
SetEnvironmentVariableA
TerminateProcess
GetCommandLineA
GetStartupInfoA
HeapFree
HeapAlloc
ExitProcess
RtlUnwind
GetTickCount
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
FileTimeToSystemTime
GetOEMCP
GetCPInfo
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
InterlockedIncrement
WritePrivateProfileStringA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
InterlockedDecrement
GetLastError
SetLastError
MulDiv
FormatMessageA
LocalFree
lstrcpynA
GlobalGetAtomNameA
GlobalFindAtomA
lstrcatA
lstrcmpW
GlobalUnlock
GlobalFree
FreeResource
CloseHandle
GlobalAddAtomA
GetCurrentThread
GetCurrentThreadId
GlobalLock
GlobalAlloc
FreeLibrary
GlobalDeleteAtom
lstrcmpA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
LoadLibraryA
lstrlenA
lstrcmpiA
CompareStringW
CompareStringA
GetVersion
MultiByteToWideChar
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
SetUnhandledExceptionFilter
InterlockedExchange

user32

PostThreadMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
EqualRect
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
ReleaseDC
GetDC
CopyRect
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetFocus
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DrawIcon
AppendMenuA
SendMessageA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
CopyAcceleratorTableA
SetRect
IsRectEmpty
CharNextA
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
MessageBoxA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
SetCursor
PostQuitMessage
RegisterClipboardFormatA
wsprintfA
PostMessageA
CharUpperA
GetSystemMetrics
LoadIconA
EnableWindow
GetClientRect
IsIconic
GetSystemMenu
PtInRect
GetSysColorBrush
ReleaseCapture
LoadCursorA
SetCapture
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyMenu
ShowWindow
MoveWindow
SetWindowTextA
SetWindowLongA
IsDialogMessageA

gdi32

DeleteObject
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
SetMapMode
RestoreDC
SaveDC
ExtTextOutA
GetDeviceCaps
GetObjectA
SetBkColor
SetTextColor
ExtSelectClipRgn
CreateBitmap
CreateRectRgnIndirect
GetClipBox

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard

oleaut32

SysFreeString
VariantClear
VariantChangeType
VariantInit
SysStringLen
SysAllocStringByteLen
OleCreateFontIndirect
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
SysAllocString
SysAllocStringLen

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
nfs9V1.2_1.3.Trn/中文版修改器/NFSMW-中文版修改器V2.45版.exe
.exe windows:4 windows x86 arch:x86

e7723e98ca82315b69a445ad0512fec6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaStrI4
__vbaVarVargNofree
__vbaFpCDblR4
__vbaFreeVar
__vbaStrVarMove
__vbaLenBstr
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
__vbaFpCDblR8
__vbaNextEachVar
__vbaFreeObjList
_adj_fprem1
ord626
__vbaCopyBytes
__vbaResume
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaLateMemSt
__vbaExitProc
__vbaOnError
__vbaObjSet
ord595
_adj_fdiv_m16i
ord303
__vbaObjSetAddref
_adj_fdivr_m16i
ord309
_CIsin
ord632
__vbaChkstk
EVENT_SINK_AddRef
ord528
__vbaGenerateBoundsError
__vbaStrCmp
__vbaVarTstEq
__vbaAryConstruct2
ord560
__vbaObjVar
__vbaI2I4
DllFunctionCall
_adj_fpatan
__vbaStrR8
EVENT_SINK_Release
__vbaUI1I2
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord716
__vbaFPException
__vbaVarCat
ord645
_CIlog
__vbaErrorOverflow
__vbaVarLateMemCallLdRf
__vbaNew2
__vbaR8Str
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
__vbaVarSetVar
__vbaI4Var
__vbaLateMemCall
__vbaVarAdd
__vbaStrToAnsi
__vbaVarDup
__vbaVarLateMemCallLd
__vbaFpI4
__vbaLateMemCallLd
__vbaVarSetObjAddref
_CIatan
__vbaStrMove
__vbaForEachVar
_allmul
_CItan
__vbaAryUnlock
_CIexp
__vbaFreeStr
__vbaFreeObj
ord581

Sections

.text
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
nfs9V1.2_1.3.Trn/英文版修改器/NFS9英文v1.2版无限金钱修改器.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 183KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
nfs9V1.2_1.3.Trn/英文版修改器/NFS9英文版3项属性修改器.exe
.exe windows:4 windows x86 arch:x86

bc6c2c3962750c42dd77be1ef752babc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleHandleA
OpenProcess
ReadProcessMemory
VirtualProtectEx
WriteProcessMemory
CloseHandle

user32

DestroyIcon
DialogBoxParamA
EndDialog
FindWindowA
GetWindowThreadProcessId
LoadIconA
MessageBoxA
RegisterHotKey
SendMessageA
UnregisterHotKey

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 380B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
nfs9V1.2_1.3.Trn/英文版修改器/NFS9英文版无限金钱修改器.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 120KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 363KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
nfs9V1.2_1.3.Trn/英文版修改器/NFS9黑名单版修改器.exe
.exe windows:4 windows x86 arch:x86

e8d1afc7a80a63d3b1411c2cc5e88246

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

sndPlaySoundA
timeSetEvent
timeKillEvent

msvfw32

DrawDibOpen
DrawDibClose
DrawDibDraw

avifil32

AVIStreamGetFrame
AVIStreamRelease
AVIStreamGetFrameClose
AVIStreamOpenFromFileA
AVIStreamGetFrameOpen
AVIFileInit
AVIFileExit
AVIStreamInfoA
AVIStreamSampleToTime
AVIStreamStart
AVIStreamLength

kernel32

SetErrorMode
FileTimeToSystemTime
FileTimeToLocalFileTime
HeapFree
HeapAlloc
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
ExitProcess
RtlUnwind
RaiseException
CreateThread
ExitThread
TerminateProcess
HeapSize
GetACP
GetEnvironmentVariableA
HeapDestroy
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFileTime
GetFileSize
GetFileAttributesA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
DeleteFileA
WinExec
lstrlenA
lstrcatA
lstrcpyA
CloseHandle
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
lstrcmpA
GetCurrentThread
SuspendThread
ResumeThread
ReadProcessMemory
lstrcpynA
MulDiv
SetLastError
LocalFree
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
FindResourceA
LoadResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
GetCurrentProcess
GetLastError
WideCharToMultiByte
GetModuleHandleA
SetEvent
GetProcAddress
FreeLibrary
LoadLibraryA
WaitForSingleObject
CreateEventA
GetTempPathA
GetTickCount
Sleep
GetModuleFileNameA
GetSystemDirectoryA
SetFileAttributesA
LockResource
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalReAlloc
GlobalFree
OpenProcess
WriteProcessMemory
HeapCreate

user32

IsWindowEnabled
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
BeginPaint
EndPaint
TabbedTextOutA
GrayStringA
CreateDialogIndirectParamA
GetActiveWindow
EndDialog
WindowFromPoint
LoadStringA
DestroyMenu
ValidateRect
TranslateMessage
GetMessageA
PostQuitMessage
CharUpperA
GetClassNameA
GetSysColorBrush
ShowWindow
MoveWindow
IsDialogMessageA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
SetActiveWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
GetTopWindow
GetCapture
WinHelpA
wsprintfA
RegisterClassA
GetMenu
GetWindowTextLengthA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
CallNextHookEx
GetClassLongA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindowLongA
SystemParametersInfoA
GetWindowPlacement
CreateIconFromResourceEx
CreateIconFromResource
GetIconInfo
CreateIconIndirect
MessageBoxA
GetWindow
IsWindowVisible
GetWindowTextA
GetWindowThreadProcessId
FindWindowA
UnregisterClassA
GetClassInfoA
UnhookWindowsHookEx
SetWindowsHookExA
GetMenuItemCount
RemoveMenu
AppendMenuA
ReleaseDC
SetWindowRgn
GetDlgItem
SetWindowTextA
IsIconic
DrawIcon
SetScrollRange
EnableScrollBar
GetScrollPos
GetScrollRange
SetScrollPos
GetDC
LoadMenuA
GetCursorPos
SetForegroundWindow
TrackPopupMenu
PostMessageA
GetMenuItemID
LoadIconA
GetSubMenu
SetMenuDefaultItem
RegisterWindowMessageA
UpdateWindow
RemovePropA
SetPropA
SetWindowLongA
GetPropA
CallWindowProcA
GetFocus
GetAsyncKeyState
ScrollDC
DrawTextA
FillRect
InflateRect
CopyRect
DrawFocusRect
SetRect
SetCapture
ReleaseCapture
ClientToScreen
PtInRect
RedrawWindow
SetTimer
KillTimer
LoadCursorA
SetCursor
GetSystemMetrics
InvalidateRect
IsWindow
GetClientRect
GetWindowRect
GetParent
OffsetRect
GetSysColor
EnableWindow
SendMessageA
SetWindowPos
EnumWindows

gdi32

SetROP2
OffsetRgn
CreateRectRgn
CreateDIBitmap
RealizePalette
CreatePalette
GetClipBox
SetTextColor
SetBkColor
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
CreateBitmap
MoveToEx
LineTo
SetTextAlign
FrameRgn
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetPixel
GetStockObject
CreateFontIndirectA
GetDIBits
CreateFontA
GetTextExtentPoint32A
GetBkColor
CreatePen
CreateSolidBrush
CreateDIBSection
SelectObject
ExtCreateRegion
BitBlt
CombineRgn
DeleteObject
CreateCompatibleDC
DeleteDC
GetObjectA
CreateCompatibleBitmap

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegCloseKey

shell32

ShellExecuteA
Shell_NotifyIconA

comctl32

ord17

Sections

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

347b8df121d9946d415490c2764c1bf5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

oleacc

Sections

.text Size: 152KB - Virtual size: 151KB

.rdata Size: 44KB - Virtual size: 40KB

.data Size: 12KB - Virtual size: 22KB

.rsrc Size: 28KB - Virtual size: 26KB

e7723e98ca82315b69a445ad0512fec6

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 188KB - Virtual size: 187KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

Headers

File Characteristics

Sections

CODE Size: 183KB - Virtual size: 424KB

DATA Size: 3KB - Virtual size: 8KB

BSS Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 28KB

.rsrc Size: 70KB - Virtual size: 100KB

.aspack Size: 5KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

bc6c2c3962750c42dd77be1ef752babc

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 528B

.data Size: 512B - Virtual size: 380B

.rsrc Size: 3KB - Virtual size: 2KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 120KB

UPX1 Size: 363KB - Virtual size: 364KB

.rsrc Size: 3KB - Virtual size: 4KB

e8d1afc7a80a63d3b1411c2cc5e88246

Headers

File Characteristics

Imports

winmm

msvfw32

avifil32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

.text
Size: 152KB - Virtual size: 151KB

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 12KB - Virtual size: 22KB

.rsrc
Size: 28KB - Virtual size: 26KB

.text
Size: 188KB - Virtual size: 187KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB

CODE
Size: 183KB - Virtual size: 424KB

DATA
Size: 3KB - Virtual size: 8KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 28KB

.rsrc
Size: 70KB - Virtual size: 100KB

.aspack
Size: 5KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 528B

.data
Size: 512B - Virtual size: 380B

.rsrc
Size: 3KB - Virtual size: 2KB

UPX0
Size: - Virtual size: 120KB

UPX1
Size: 363KB - Virtual size: 364KB

.rsrc
Size: 3KB - Virtual size: 4KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 157KB - Virtual size: 282KB

.rsrc
Size: 4KB - Virtual size: 3KB