0f6dc4f8c8c570b01f8e141a236bcf43

Sharing

Copy URL Twitter E-mail

General

Target

0f6dc4f8c8c570b01f8e141a236bcf43
Size

4.9MB
MD5

0f6dc4f8c8c570b01f8e141a236bcf43
SHA1

43b867e6e51ffea8133efdcf66322e2d9725743f
SHA256

6bdfcd2228efc241d5687d89d9f701ddc8f48a0a3b214bbde944688c7c513c01
SHA512

57cf8e329b72b8eb37c1d154f211d23c7d55bda26299e3b6f216a289c3fc1f9563e6139c8b68eba616fa2bf47b7abd856ff5fd57e18fc11fd7bf97c08058cafe
SSDEEP

98304:dtshsWuEOtI/OuOnDHPbC/uD0UTR8d+lhiXBkqoQ5U68e9k0alSk:Ts5aAOTrjCmDJTe8biXBkqws/k

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/赛酷小说转换器/SAQEngine.dll
unpack001/赛酷小说转换器/SAQ_JPOCR.exe
unpack001/赛酷小说转换器/Update.exe

Files

0f6dc4f8c8c570b01f8e141a236bcf43
.rar
赛酷小说转换器/Resource/Resource.dat
赛酷小说转换器/SAQEngine.dll
.dll windows:4 windows x86 arch:x86

db91a564e19a9d37ca998a55760e8fa5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapFree
HeapAlloc
GetCommandLineA
GetVersion
GetProcAddress
GetModuleHandleA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetLastError
CloseHandle
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
WriteFile
ReadFile
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
DisableThreadLibraryCalls
SetStdHandle
FlushFileBuffers
CreateFileA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
LCMapStringA
LCMapStringW
SetEndOfFile
RtlUnwind

Sections

.text
Size: 592KB - Virtual size: 589KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
赛酷小说转换器/SAQ_JPOCR.exe
.exe windows:4 windows x86 arch:x86

b60520a60e6c557c85ec3ef4d979d405

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

saqengine

ord4
ord2
ord1
ord3
ord7
ord17
ord12
ord6
ord18
ord9

shlwapi

PathRemoveFileSpecA
PathAddBackslashA

mfc42

ord2642
ord4123
ord5953
ord6379
ord6128
ord4694
ord2575
ord6055
ord1776
ord4396
ord5290
ord3402
ord4424
ord3574
ord567
ord1816
ord4375
ord4852
ord4229
ord5232
ord5268
ord1099
ord3721
ord809
ord795
ord2614
ord556
ord4275
ord2864
ord1088
ord2122
ord3797
ord6358
ord858
ord941
ord5572
ord1200
ord926
ord1842
ord4242
ord2723
ord2390
ord3059
ord5100
ord5103
ord4303
ord3350
ord5012
ord975
ord5472
ord3403
ord2879
ord2878
ord4151
ord4077
ord5237
ord2649
ord1665
ord4436
ord5252
ord4427
ord807
ord674
ord554
ord366
ord2438
ord2863
ord6000
ord2117
ord4457
ord2029
ord2077
ord3481
ord686
ord6146
ord2012
ord4160
ord5882
ord2921
ord3289
ord5883
ord2453
ord2862
ord2096
ord4163
ord6625
ord384
ord4224
ord2652
ord1768
ord1105
ord1669
ord5282
ord3175
ord3499
ord2515
ord355
ord2884
ord668
ord665
ord922
ord2820
ord3811
ord3318
ord1979
ord5186
ord354
ord5583
ord2770
ord924
ord356
ord6663
ord4499
ord6129
ord6069
ord3072
ord1949
ord818
ord6442
ord1232
ord1153
ord6453
ord2567
ord3754
ord5768
ord3752
ord5148
ord6605
ord2301
ord6241
ord3610
ord656
ord3571
ord3698
ord765
ord2754
ord6734
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord459
ord743
ord617
ord5301
ord5214
ord296
ord6352
ord5500
ord2036
ord986
ord520
ord4159
ord6117
ord2621
ord1205
ord1134
ord1247
ord2725
ord1825
ord4238
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord802
ord652
ord542
ord338
ord4823
ord6329
ord4202
ord4278
ord4129
ord5710
ord2393
ord2777
ord6569
ord6567
ord3452
ord5601
ord538
ord1746
ord6877
ord4614
ord4613
ord3693
ord5787
ord5788
ord6119
ord1945
ord4273
ord4589
ord4899
ord4341
ord4349
ord4890
ord4531
ord4545
ord2915
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord5240
ord3748
ord1726
ord4432
ord813
ord560
ord5260
ord2535
ord4133
ord4297
ord6270
ord4723
ord2411
ord2023
ord4218
ord2578
ord4398
ord2358
ord3582
ord2298
ord1908
ord4259
ord3953
ord3401
ord815
ord561
ord3742
ord2152
ord1233
ord1920
ord4588
ord4370
ord4892
ord4889
ord4963
ord4960
ord1725
ord784
ord517
ord4262
ord6131
ord6216
ord6454
ord3755
ord4476
ord2593
ord3223
ord3221
ord4386
ord1093
ord2042
ord777
ord6232
ord6230
ord6148
ord2568
ord6268
ord6271
ord3225
ord3257
ord3912
ord2544
ord2543
ord2511
ord978
ord1731
ord5851
ord2883
ord2398
ord2418
ord6224
ord6226
ord2429
ord2250
ord4732
ord4541
ord5477
ord2259
ord4836
ord4440
ord3720
ord794
ord527
ord2252
ord4264
ord4763
ord4789
ord4985
ord5852
ord3495
ord4083
ord6120
ord3522
ord1574
ord772
ord3701
ord500
ord1862
ord4220
ord2584
ord3654
ord6142
ord5606
ord2405
ord2763
ord4277
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord5873
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord1576
ord2408
ord5860
ord3295
ord6154
ord2530
ord4366
ord4056
ord5471
ord4121
ord2389
ord5086
ord1710
ord1715
ord5234
ord6369
ord5279
ord5064
ord5248
ord2444
ord3395
ord3730
ord2920
ord2120
ord1644
ord940
ord1621
ord2764
ord5856
ord536
ord2452
ord2753
ord1195
ord1073
ord4284
ord5053
ord4774
ord5981
ord283
ord5651
ord3127
ord3616
ord5442
ord350
ord4269
ord1938
ord4268
ord5885
ord5990
ord5063
ord2450
ord6157
ord1795
ord5781
ord3089
ord2455
ord1176
ord3643
ord394
ord696
ord909
ord5628
ord4185
ord5308
ord4779
ord5811
ord5482
ord2032
ord4411
ord4447
ord4335
ord4863
ord4975
ord5797
ord5479
ord1995
ord967
ord3717
ord523
ord791
ord4919
ord1930
ord4265
ord2585
ord4365
ord5085
ord1709
ord1714
ord4404
ord5258
ord796
ord529
ord2108
ord4454
ord3294
ord5039
ord4759
ord3484
ord2370
ord6394
ord6383
ord5440
ord5450
ord2107
ord6334
ord535
ord5683
ord3874
ord2086
ord3092
ord6880
ord616
ord609
ord2841
ord823
ord472
ord6172
ord2243
ord5789
ord5875
ord3619
ord289
ord540
ord2818
ord939
ord6199
ord613
ord2859
ord5926
ord323
ord1640
ord5785
ord640
ord1175

msvcrt

_itoa
_unlink
_setmode
_write
_lseek
_strdup
_setmbcp
__mb_cur_max
_iob
atof
vfprintf
_except_handler3
?terminate@@YAXXZ
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
__CxxFrameHandler
rand
_purecall
fclose
fopen
fread
fwrite
fseek
ftell
fflush
fputc
getc
exit
strncpy
_ftol
strstr
_mbsstr
_ltoa
_mbsicmp
sprintf
atoi
strtok
_close
_read
_fstat
_open
_mbscmp
_splitpath
sscanf
free
malloc
wcscpy
wcslen
memmove
_mbsnbcpy
strchr
realloc
div
floor
_CxxThrowException
calloc
_CIpow
qsort
ceil
_CIfmod
longjmp
_setjmp3
__CxxLongjmpUnwind
strncmp
printf
isprint
getenv
abort
fprintf
strtod
tmpnam
vsprintf
_pctype
_isctype

kernel32

GetStartupInfoA
GlobalSize
GetCurrentThreadId
lstrcmpiA
GetCPInfo
lstrlenW
GetVersion
GetVersionExA
CreateMutexA
GetLastError
ReleaseMutex
GetModuleHandleA
CloseHandle
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
MulDiv
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcpyA
lstrlenA
GetWindowsDirectoryA
WinExec
lstrcatA
GetTickCount
WaitForSingleObject
Sleep
SetCurrentDirectoryA
GetCurrentDirectoryA
CopyFileA
GetModuleFileNameA
LockResource
LoadResource
FindResourceA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA

user32

WindowFromPoint
GetActiveWindow
GetNextDlgTabItem
IsMenu
DestroyCursor
GetSubMenu
GrayStringA
TabbedTextOutA
GetSysColorBrush
GetMenuStringA
CreateMenu
CreatePopupMenu
GetMenuItemID
GetMenuState
ModifyMenuA
GetMenuItemCount
AppendMenuA
GetDesktopWindow
DrawTextA
DrawFocusRect
SystemParametersInfoA
FillRect
DrawEdge
GetMenuItemInfoA
FindWindowExA
IsWindowVisible
ShowWindow
BringWindowToTop
SetForegroundWindow
DestroyIcon
ClientToScreen
ShowScrollBar
EqualRect
GetClipboardData
LoadBitmapA
HideCaret
PostMessageA
DestroyMenu
FrameRect
DrawStateA
DrawIconEx
CreateIconIndirect
GetIconInfo
LoadImageA
CallNextHookEx
UnhookWindowsHookEx
TrackPopupMenuEx
SetWindowsHookExA
IntersectRect
ScreenToClient
GetForegroundWindow
GetFocus
GetWindowRgn
SetWindowRgn
SetWindowPos
CopyImage
GetWindowDC
MoveWindow
GetSystemMenu
GetSystemMetrics
LoadCursorA
CallWindowProcA
SetRect
SendMessageA
GetWindowRect
DrawIcon
GetClientRect
IsIconic
SetCursor
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
IsRectEmpty
PeekMessageA
DispatchMessageA
CopyRect
SetRectEmpty
GetMenu
SetMenu
CopyIcon
GetParent
GetDC
ReleaseDC
InflateRect
IsWindow
PtInRect
ReleaseCapture
RedrawWindow
SetCapture
GetSysColor
MessageBeep
KillTimer
SetTimer
UpdateWindow
OffsetRect
InvalidateRect
GetWindowLongA
SetWindowLongA
LoadIconA
EnableWindow
InvalidateRgn
GetCursorPos

gdi32

GetObjectA
GetEnhMetaFileHeader
SetWinMetaFileBits
DeleteEnhMetaFile
GetEnhMetaFilePaletteEntries
CreatePalette
PlayEnhMetaFile
StretchDIBits
GetClipBox
ExtSelectClipRgn
SetStretchBltMode
SetDIBitsToDevice
PtInRegion
SelectClipRgn
CreateICA
GetDIBits
ExtCreateRegion
StretchBlt
SelectPalette
RealizePalette
CreateBitmap
SetBkColor
PatBlt
Escape
SetPixel
ExtTextOutA
TextOutA
CreateDIBSection
DeleteObject
Ellipse
RectVisible
PtVisible
GetTextExtentPoint32W
CreatePatternBrush
SetBrushOrgEx
GetBkMode
FloodFill
CreatePen
CreateMetaFileA
CloseMetaFile
GetMetaFileBitsEx
CreateRectRgn
BitBlt
CreateCompatibleDC
SetEnhMetaFileBits
DeleteDC
SelectObject
CreateCompatibleBitmap
CreateDCA
GetPixel
Rectangle
GetStockObject
GetDeviceCaps
GetTextExtentPoint32A
GetTextMetricsA
CombineRgn
CreateRectRgnIndirect
CreateFontA
CreateFontIndirectA
CreateSolidBrush
SetWindowOrgEx
DeleteMetaFile

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegQueryValueA

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteExA
ExtractAssociatedIconA

comctl32

ImageList_AddMasked
ImageList_Draw
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_GetImageCount
ImageList_GetIcon

ole32

CreateStreamOnHGlobal

olepro32

ord251

wsock32

WSAGetLastError

msvcp60

??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ofstream@DU?$char_traits@D@std@@@std@@UAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?_Initcvt@?$basic_filebuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Init@?$basic_filebuf@DU?$char_traits@D@std@@@std@@IAEXPAU_iobuf@@W4_Initfl@12@@Z
?__Fiopen@std@@YAPAU_iobuf@@PBDH@Z
??_7?$basic_ofstream@DU?$char_traits@D@std@@@std@@6B@
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??0ios_base@std@@IAE@XZ
??_8?$basic_ofstream@DU?$char_traits@D@std@@@std@@7B@
??0Init@ios_base@std@@QAE@XZ

Exports

Exports

??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@XZ
??0CxIOFile@@QAE@ABV0@@Z
??0CxIOFile@@QAE@PAU_iobuf@@@Z
??0CxMemFile@@QAE@ABV0@@Z
??1CxFile@@UAE@XZ
??1CxIOFile@@UAE@XZ
??1CxImage@@UAE@XZ
??4CxFile@@QAEAAV0@ABV0@@Z
??4CxIOFile@@QAEAAV0@ABV0@@Z
??4CxMemFile@@QAEAAV0@ABV0@@Z
??_7CxFile@@6B@
??_7CxIOFile@@6B@
??_7CxImage@@6B@
??_7CxMemFile@@6B@
??_FCxIOFile@@QAEXXZ
??_FCxImage@@QAEXXZ
??_FCxMemFile@@QAEXXZ
??_OCxImage@@QAEXABV0@@Z
?Close@CxIOFile@@UAE_NXZ
?Eof@CxIOFile@@UAE_NXZ
?Error@CxIOFile@@UAEJXZ
?Flush@CxIOFile@@UAE_NXZ
?GetC@CxIOFile@@UAEJXZ
?Open@CxIOFile@@QAE_NPBD0@Z
?PutC@CxFile@@UAE_NE@Z
?PutC@CxIOFile@@UAE_NE@Z
?Read@CxIOFile@@UAEIPAXII@Z
?Seek@CxIOFile@@UAE_NJH@Z
?Size@CxIOFile@@UAEJXZ
?Tell@CxIOFile@@UAEJXZ
?Write@CxIOFile@@UAEIPBXII@Z

Sections

.text
Size: 724KB - Virtual size: 721KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 464KB - Virtual size: 460KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
赛酷小说转换器/SAQ_OCR.ico
赛酷小说转换器/Update.exe
.exe windows:4 windows x86 arch:x86

0c191368b304bc32511a2614a5ff592c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
RaiseException
SetStdHandle
GetFileType
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
HeapDestroy
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapFree
ExitProcess
GetCommandLineA
GetProfileStringA
GetStartupInfoA
RtlUnwind
GetTickCount
SetErrorMode
GetOEMCP
GetCPInfo
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileTime
GetFileSize
GetFileAttributesA
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
FindFirstFileA
FindClose
SizeofResource
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
MulDiv
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetModuleHandleA
GetProcAddress
SetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryA
FormatMessageA
LocalFree
LocalAlloc
FreeLibrary
lstrcpyA
lstrcpynA
EnterCriticalSection
GetLastError
lstrlenA
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
WaitForSingleObject
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
OpenProcess
TerminateProcess
DeleteFileA
GetPrivateProfileStringA
GetTempPathA
HeapCreate
GetModuleFileNameA

user32

InvalidateRect
RegisterClipboardFormatA
PostThreadMessageA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
ScreenToClient
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
UnhookWindowsHookEx
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
GetDesktopWindow
CopyRect
GetDC
ReleaseDC
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
LoadIconA
SendMessageA
DrawIcon
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
GetMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
DestroyMenu
MessageBeep
GetNextDlgGroupItem
SetCursor
PostQuitMessage
PostMessageA
EnableWindow
PeekMessageA
TranslateMessage
DispatchMessageA
IsIconic
GetSystemMetrics
DefDlgProcA
IsWindowUnicode
GetClientRect
SetRect
CopyAcceleratorTableA
CharNextA
CharUpperA
InflateRect
LoadStringA
UpdateWindow
PtInRect
GetClassNameA
LoadCursorA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
GetWindowRect
GetSysColorBrush

gdi32

ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
SetViewportExtEx
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetMapMode
DPtoLP
GetTextColor
GetBkColor
LPtoDP
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
PatBlt
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

comctl32

ord17

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
CoRevokeClassObject
CLSIDFromProgID
StgOpenStorageOnILockBytes
CoGetClassObject
OleFlushClipboard
OleIsCurrentClipboard
CLSIDFromString

olepro32

ord253

oleaut32

VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString
SysStringLen
VariantCopy
VariantChangeType
SysAllocString
SysAllocStringByteLen

wsock32

WSAStartup
WSACleanup

wininet

InternetSetFilePointer
InternetSetStatusCallback
InternetGetLastResponseInfoA
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetQueryDataAvailable
InternetReadFile
InternetSetOptionExA
InternetWriteFile
InternetCloseHandle
InternetOpenA
InternetCanonicalizeUrlA
InternetCrackUrlA

Sections

.text
Size: 152KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
赛酷小说转换器/saqocr.chm
.chm
赛酷小说转换器/setting/SAQOCR.cfg
赛酷小说转换器/setting/Welcome.bmp
赛酷小说转换器/theme/Bottom.bmp
赛酷小说转换器/theme/Min.bmp
赛酷小说转换器/theme/Thumbs.db
赛酷小说转换器/theme/close.bmp
赛酷小说转换器/theme/default.ini
赛酷小说转换器/theme/left.bmp
赛酷小说转换器/theme/max.bmp
赛酷小说转换器/theme/restore.bmp
赛酷小说转换器/theme/right.bmp
赛酷小说转换器/theme/tool.ini
赛酷小说转换器/theme/top.bmp
赛酷小说转换器/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

db91a564e19a9d37ca998a55760e8fa5

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 592KB - Virtual size: 589KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 23KB

.reloc Size: 12KB - Virtual size: 8KB

b60520a60e6c557c85ec3ef4d979d405

Headers

File Characteristics

Imports

saqengine

shlwapi

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

shell32

comctl32

ole32

olepro32

wsock32

msvcp60

Exports

Exports

Sections

.text Size: 724KB - Virtual size: 721KB

.rdata Size: 168KB - Virtual size: 167KB

.data Size: 52KB - Virtual size: 87KB

.rsrc Size: 464KB - Virtual size: 460KB

0c191368b304bc32511a2614a5ff592c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

wininet

Sections

.text Size: 152KB - Virtual size: 150KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 172KB - Virtual size: 169KB

.text
Size: 592KB - Virtual size: 589KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 23KB

.reloc
Size: 12KB - Virtual size: 8KB

.text
Size: 724KB - Virtual size: 721KB

.rdata
Size: 168KB - Virtual size: 167KB

.data
Size: 52KB - Virtual size: 87KB

.rsrc
Size: 464KB - Virtual size: 460KB

.text
Size: 152KB - Virtual size: 150KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 172KB - Virtual size: 169KB