5006feaf4266103a4a03fb88e852cf78

Sharing

Copy URL Twitter E-mail

General

Target

5006feaf4266103a4a03fb88e852cf78
Size

3.2MB
MD5

5006feaf4266103a4a03fb88e852cf78
SHA1

a24431312d36ca1d24a16a24fa8cdca16ac8471e
SHA256

e97a9f71c5c125c295befd9071e6b3bc4b8dd54f628f32958c444c6495201a6c
SHA512

473386e05fa42163d98bf2f40c12ed426e4b477ab51d899b70629f601007ffd5234f2980160d1b64e0835cd46dc29bb722874cf392190ed7f4d87a703bd41c9c
SSDEEP

98304:OcWwxZf6TWA5kkvrEtRGyxGS/R3tR4KreTSS8:OYa9vrEt4yxd97Z6TSv

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/xpstopdf_sdk_trial/bin/xpstopdf.dll	aspack_v212_v242

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/xpstopdf_sdk_trial/bin/oakimage.dll
unpack001/xpstopdf_sdk_trial/bin/pdfencrypt.dll
unpack001/xpstopdf_sdk_trial/bin/vb.exe
unpack001/xpstopdf_sdk_trial/bin/vc.exe
unpack001/xpstopdf_sdk_trial/bin/xpstopdf.dll
unpack001/xpstopdf_sdk_trial/examples/sdk_example_for_vb.net2005/VB.NET2005/bin/Release/VB.NET2005.exe

Files

5006feaf4266103a4a03fb88e852cf78
.zip
xpstopdf_sdk_trial/bin/oakimage.dll
.dll windows:4 windows x86 arch:x86

0fc86f7217d619be9e9757a36dcd4ccc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GlobalAlloc

user32

DrawTextA
GetDC
ReleaseDC
GetSysColor

gdi32

CreateCompatibleDC
SetEnhMetaFileBits
GetEnhMetaFileHeader
SetWinMetaFileBits
ExtTextOutA
GetEnhMetaFilePaletteEntries
CreatePalette
SelectPalette
PlayEnhMetaFile
CreateFontIndirectA
GetStockObject
SetTextColor
SetBkMode
DeleteEnhMetaFile
CloseEnhMetaFile
DeleteObject
Rectangle
CreateSolidBrush
SelectObject
CreatePen
CreateEnhMetaFileA
GetDeviceCaps
DeleteMetaFile
CloseMetaFile
CreateMetaFileA
DeleteDC
CreateDIBSection
GetDIBits
RealizePalette
GetObjectA
SetStretchBltMode
SetBkColor
CreateCompatibleBitmap
StretchDIBits

msvcrt

_lseek
_write
_read
_setmode
_unlink
_close
free
malloc
_ftol
??2@YAPAXI@Z
??3@YAXPAX@Z
floor
_CxxThrowException
__CxxFrameHandler
calloc
_mbslen
sprintf
strncpy
_CIpow
fopen
fclose
_purecall
fread
fwrite
fseek
ftell
fflush
fputc
getc
div
_CIacos
realloc
longjmp
_setjmp3
__CxxLongjmpUnwind
strncmp
printf
isprint
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
__dllonexit
_onexit
tmpnam
vsprintf
abort
_pctype
_isctype
__mb_cur_max
fprintf
memmove
ceil
_iob
atoi
atof
strchr
qsort
vfprintf
strtok
strtod
exit
sscanf
getenv
strcpy
strlen
memcpy
memset
pow
exp
rand
log
sqrt
fabs
atan2
strstr
_open
_strdup

Exports

Exports

Bmp2MutilTiff
BmptoImage
CloseMutilTiff
CreateMutilTiff
_convert@16

Sections

.text
Size: 476KB - Virtual size: 473KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
xpstopdf_sdk_trial/bin/pdfencrypt.dll
.dll windows:4 windows x86 arch:x86

25276fbbbd7b03c3ad0ca9b50d418705

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileA
CloseHandle
GetSystemTime
GetLastError
MoveFileA
HeapFree
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
GetTimeZoneInformation
GetLocalTime
CreateDirectoryA
GetCommandLineA
GetVersion
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
WideCharToMultiByte
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetProcAddress
GetStringTypeA
GetStringTypeW
WriteFile
SetFilePointer
ReadFile
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetCPInfo
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CreateFileA
SetStdHandle
LoadLibraryA
SetEndOfFile

Sections

.text
Size: 192KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
xpstopdf_sdk_trial/bin/vb.exe
.exe windows:4 windows x86 arch:x86

208dcb26465d254b03b959f58c215063

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
_adj_fdiv_m64
_adj_fprem1
__vbaSetSystemError
_adj_fdiv_m32
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaI2Var
_CIlog
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaStrToAnsi
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeStr

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
xpstopdf_sdk_trial/bin/vc.exe
.exe windows:4 windows x86 arch:x86

1b3491f317bc2ad1c6462ac8774e733b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
TerminateProcess
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
ExitProcess
GetCommandLineA
GetStartupInfoA
GetProfileStringA
RtlUnwind
FormatMessageA
GetFileTime
GetFileSize
GetFileAttributesA
GetTickCount
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
SetErrorMode
GetOEMCP
GetCPInfo
GetThreadLocale
SizeofResource
GetProcessVersion
GetLastError
WritePrivateProfileStringA
GlobalFlags
lstrcpynA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
MulDiv
SetLastError
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedIncrement
InterlockedDecrement
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
GetModuleHandleA
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
CloseHandle
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
FreeLibrary
LoadLibraryA
VirtualFree
GetProcAddress

user32

GetNextDlgGroupItem
MessageBeep
InvalidateRect
CharUpperA
InflateRect
RegisterClipboardFormatA
PostThreadMessageA
GetSysColor
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
SetRect
GetMessagePos
PtInRect
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
IsWindow
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
LoadIconA
SendMessageA
AppendMenuA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
SetCursor
PostQuitMessage
PostMessageA
EnableWindow
IsIconic
GetSystemMetrics
CopyAcceleratorTableA
CharNextA
GetSysColorBrush
GetMessageTime
GetClientRect
DrawIcon
DefDlgProcA
IsWindowUnicode
GetSystemMenu
GetClassNameA
GetDesktopWindow
LoadCursorA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
DestroyMenu
LoadStringA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
MapWindowPoints
CreateDialogIndirectParamA
UpdateWindow
GetForegroundWindow
SendDlgItemMessageA

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA

comctl32

ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
OleUninitialize

olepro32

ord253

oleaut32

VariantTimeToSystemTime
SysAllocStringLen
SysFreeString
VariantCopy
VariantChangeType
SysAllocString
SysAllocStringByteLen
SysStringLen
VariantClear

Sections

.text
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
xpstopdf_sdk_trial/bin/xps_files/test1.xps
.zip
Documents/1/FixedDocument.fdoc
Documents/1/Metadata/Page1_Thumbnail.JPG
.jpg
Documents/1/Pages/1.fpage
Documents/1/Pages/2.fpage
Documents/1/Pages/_rels/1.fpage.rels
Documents/1/Pages/_rels/2.fpage.rels
Documents/1/Resources/Fonts/29C21EED-54FD-4520-887E-4F43E4BD5349.odttf
Documents/1/Resources/Fonts/4C12AADF-B05E-4BAA-A9D4-7FF8085994A9.odttf
Documents/1/Resources/Fonts/5BF7F2FC-0648-4A03-B0FD-51B3D1640433.odttf
Documents/1/Resources/Fonts/61B251AB-3A33-4C06-9218-6648D40BFC2D.odttf
Documents/1/Resources/Fonts/9465F268-EC33-4E2F-84FC-270F147A5E1B.odttf
Documents/1/Resources/Images/1.PNG
.png
Documents/1/Resources/Images/10.PNG
.png
Documents/1/Resources/Images/11.PNG
.png
Documents/1/Resources/Images/12.JPG
.jpg
Documents/1/Resources/Images/13.JPG
.jpg
Documents/1/Resources/Images/14.JPG
.jpg
Documents/1/Resources/Images/15.PNG
.png
Documents/1/Resources/Images/16.TIF
Documents/1/Resources/Images/17.PNG
.png
Documents/1/Resources/Images/18.PNG
.png
Documents/1/Resources/Images/19.PNG
.png
Documents/1/Resources/Images/2.PNG
.png
Documents/1/Resources/Images/20.PNG
.png
Documents/1/Resources/Images/21.TIF
Documents/1/Resources/Images/22.PNG
.png
Documents/1/Resources/Images/23.PNG
.png
Documents/1/Resources/Images/24.JPG
.jpg
Documents/1/Resources/Images/25.PNG
.png
Documents/1/Resources/Images/3.PNG
.png
Documents/1/Resources/Images/4.PNG
.png
Documents/1/Resources/Images/5.PNG
.png
Documents/1/Resources/Images/6.JPG
.jpg
Documents/1/Resources/Images/7.JPG
.jpg
Documents/1/Resources/Images/8.TIF
Documents/1/Resources/Images/9.PNG
.png
Documents/1/_rels/FixedDocument.fdoc.rels
FixedDocumentSequence.fdseq
Metadata/Job_PT.xml
.xml
Metadata/MXDC_Empty_PT.xml
.xml
[Content_Types].xml
_rels/.rels
_rels/FixedDocumentSequence.fdseq.rels
xpstopdf_sdk_trial/bin/xps_files/test2.xps
.zip
Documents/1/FixedDocument.fdoc
Documents/1/Metadata/Page1_Thumbnail.JPG
.jpg
Documents/1/Pages/1.fpage
Documents/1/Pages/2.fpage
Documents/1/Pages/_rels/1.fpage.rels
Documents/1/Pages/_rels/2.fpage.rels
Documents/1/Resources/Fonts/2A5648B1-AE5B-43CC-B04B-8F3116F4E76D.odttf
Documents/1/Resources/Fonts/38231514-10C4-46B3-B664-8720ABCFBBD9.odttf
Documents/1/Resources/Fonts/3E5C14AF-6C86-4A78-8D8A-48EA89424BD0.odttf
Documents/1/Resources/Fonts/7B7357BC-A596-4E31-B2C2-A43AA5D1FFA3.odttf
Documents/1/Resources/Fonts/9A8965E3-4577-4C84-8D57-DB195B168CA1.odttf
Documents/1/Resources/Fonts/B8E746C4-F7BC-4F77-8157-59B855FBD739.odttf
Documents/1/Resources/Images/1.PNG
.png
Documents/1/Resources/Images/10.PNG
.png
Documents/1/Resources/Images/11.JPG
.jpg
Documents/1/Resources/Images/12.PNG
.png
Documents/1/Resources/Images/13.JPG
.jpg
Documents/1/Resources/Images/14.JPG
.jpg
Documents/1/Resources/Images/15.JPG
.jpg
Documents/1/Resources/Images/16.PNG
.png
Documents/1/Resources/Images/17.TIF
Documents/1/Resources/Images/18.PNG
.png
Documents/1/Resources/Images/19.PNG
.png
Documents/1/Resources/Images/2.PNG
.png
Documents/1/Resources/Images/20.PNG
.png
Documents/1/Resources/Images/21.PNG
.png
Documents/1/Resources/Images/22.JPG
.jpg
Documents/1/Resources/Images/23.JPG
.jpg
Documents/1/Resources/Images/24.JPG
.jpg
Documents/1/Resources/Images/25.PNG
.png
Documents/1/Resources/Images/26.TIF
Documents/1/Resources/Images/27.PNG
.png
Documents/1/Resources/Images/28.PNG
.png
Documents/1/Resources/Images/29.PNG
.png
Documents/1/Resources/Images/3.PNG
.png
Documents/1/Resources/Images/30.PNG
.png
Documents/1/Resources/Images/31.PNG
.png
Documents/1/Resources/Images/32.JPG
.jpg
Documents/1/Resources/Images/33.PNG
.png
Documents/1/Resources/Images/4.PNG
.png
Documents/1/Resources/Images/5.PNG
.png
Documents/1/Resources/Images/6.JPG
.jpg
Documents/1/Resources/Images/7.JPG
.jpg
Documents/1/Resources/Images/8.TIF
Documents/1/Resources/Images/9.PNG
.png
Documents/1/_rels/FixedDocument.fdoc.rels
FixedDocumentSequence.fdseq
Metadata/Job_PT.xml
.xml
Metadata/MXDC_Empty_PT.xml
.xml
[Content_Types].xml
_rels/.rels
_rels/FixedDocumentSequence.fdseq.rels
xpstopdf_sdk_trial/bin/xps_files/test3.xps
.zip
Documents/1/FixedDocument.fdoc
Documents/1/Metadata/Page1_Thumbnail.JPG
.jpg
Documents/1/Pages/1.fpage
Documents/1/Pages/2.fpage
Documents/1/Pages/3.fpage
Documents/1/Pages/4.fpage
Documents/1/Pages/_rels/1.fpage.rels
Documents/1/Pages/_rels/2.fpage.rels
Documents/1/Pages/_rels/3.fpage.rels
Documents/1/Pages/_rels/4.fpage.rels
Documents/1/Resources/Fonts/20A4C92E-5A35-459C-AC07-3C566E22D6DC.odttf
Documents/1/Resources/Fonts/3EA65046-CE8C-49E2-87B4-5C46C749BEA1.odttf
Documents/1/Resources/Fonts/EF2FD646-B711-4862-AB8F-A4DB93CB1FB6.odttf
Documents/1/_rels/FixedDocument.fdoc.rels
FixedDocumentSequence.fdseq
Metadata/Job_PT.xml
.xml
Metadata/MXDC_Empty_PT.xml
.xml
[Content_Types].xml
_rels/.rels
_rels/FixedDocumentSequence.fdseq.rels
xpstopdf_sdk_trial/bin/xpstopdf.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

_oakBegin@0
_oakEnd@4
_oakExport@4
_oakGetOption@24
_oakSetOption@24

Sections

Size: 1.4MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 114KB - Virtual size: 832KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 93KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 112KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 102KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
xpstopdf_sdk_trial/examples/sdk_example_for_c#.net2005/CShare.NET2005.sln
xpstopdf_sdk_trial/examples/sdk_example_for_c#.net2005/CShare.NET2005.suo
xpstopdf_sdk_trial/examples/sdk_example_for_c#.net2005/CShare.NET2005/CShare.NET2005.csproj
xpstopdf_sdk_trial/examples/sdk_example_for_c#.net2005/CShare.NET2005/CShare.NET2005.csproj.user
xpstopdf_sdk_trial/examples/sdk_example_for_c#.net2005/CShare.NET2005/Form1.Designer.cs
xpstopdf_sdk_trial/examples/sdk_example_for_c#.net2005/CShare.NET2005/Form1.cs
xpstopdf_sdk_trial/examples/sdk_example_for_c#.net2005/CShare.NET2005/Form1.resx
.xml .vbs polyglot
xpstopdf_sdk_trial/examples/sdk_example_for_c#.net2005/CShare.NET2005/Program.cs
xpstopdf_sdk_trial/examples/sdk_example_for_c#.net2005/CShare.NET2005/Properties/AssemblyInfo.cs
xpstopdf_sdk_trial/examples/sdk_example_for_c#.net2005/CShare.NET2005/Properties/Resources.Designer.cs
.vbs
xpstopdf_sdk_trial/examples/sdk_example_for_c#.net2005/CShare.NET2005/Properties/Resources.resx
.vbs
xpstopdf_sdk_trial/examples/sdk_example_for_c#.net2005/CShare.NET2005/Properties/Settings.Designer.cs
xpstopdf_sdk_trial/examples/sdk_example_for_c#.net2005/CShare.NET2005/Properties/Settings.settings
xpstopdf_sdk_trial/examples/sdk_example_for_cb6/Unit1.cpp
xpstopdf_sdk_trial/examples/sdk_example_for_cb6/Unit1.ddp
xpstopdf_sdk_trial/examples/sdk_example_for_cb6/Unit1.dfm
xpstopdf_sdk_trial/examples/sdk_example_for_cb6/Unit1.h
xpstopdf_sdk_trial/examples/sdk_example_for_cb6/Unit1.~cpp
xpstopdf_sdk_trial/examples/sdk_example_for_cb6/Unit1.~ddp
xpstopdf_sdk_trial/examples/sdk_example_for_cb6/Unit1.~dfm
xpstopdf_sdk_trial/examples/sdk_example_for_cb6/Unit1.~h
xpstopdf_sdk_trial/examples/sdk_example_for_cb6/demo_cb.bpr
.xml
xpstopdf_sdk_trial/examples/sdk_example_for_cb6/demo_cb.cpp
.js
xpstopdf_sdk_trial/examples/sdk_example_for_cb6/demo_cb.res
xpstopdf_sdk_trial/examples/sdk_example_for_cb6/demo_cb.~bpr
.xml
xpstopdf_sdk_trial/examples/sdk_example_for_delphi7/Unit1.dcu
xpstopdf_sdk_trial/examples/sdk_example_for_delphi7/Unit1.ddp
xpstopdf_sdk_trial/examples/sdk_example_for_delphi7/Unit1.dfm
xpstopdf_sdk_trial/examples/sdk_example_for_delphi7/Unit1.pas
.js
xpstopdf_sdk_trial/examples/sdk_example_for_delphi7/Unit1.~ddp
xpstopdf_sdk_trial/examples/sdk_example_for_delphi7/Unit1.~dfm
xpstopdf_sdk_trial/examples/sdk_example_for_delphi7/Unit1.~pas
.js
xpstopdf_sdk_trial/examples/sdk_example_for_delphi7/demo_delphi.cfg
xpstopdf_sdk_trial/examples/sdk_example_for_delphi7/demo_delphi.dof
xpstopdf_sdk_trial/examples/sdk_example_for_delphi7/demo_delphi.dpr
xpstopdf_sdk_trial/examples/sdk_example_for_delphi7/demo_delphi.res
xpstopdf_sdk_trial/examples/sdk_example_for_vb.net2005/VB.NET2005.sln
xpstopdf_sdk_trial/examples/sdk_example_for_vb.net2005/VB.NET2005.suo
xpstopdf_sdk_trial/examples/sdk_example_for_vb.net2005/VB.NET2005/Form1.Designer.vb
xpstopdf_sdk_trial/examples/sdk_example_for_vb.net2005/VB.NET2005/Form1.resx
.xml .vbs polyglot
xpstopdf_sdk_trial/examples/sdk_example_for_vb.net2005/VB.NET2005/Form1.vb
xpstopdf_sdk_trial/examples/sdk_example_for_vb.net2005/VB.NET2005/My Project/Application.Designer.vb
xpstopdf_sdk_trial/examples/sdk_example_for_vb.net2005/VB.NET2005/My Project/Application.myapp
xpstopdf_sdk_trial/examples/sdk_example_for_vb.net2005/VB.NET2005/My Project/AssemblyInfo.vb
xpstopdf_sdk_trial/examples/sdk_example_for_vb.net2005/VB.NET2005/My Project/Resources.Designer.vb
.vbs
xpstopdf_sdk_trial/examples/sdk_example_for_vb.net2005/VB.NET2005/My Project/Resources.resx
.vbs
xpstopdf_sdk_trial/examples/sdk_example_for_vb.net2005/VB.NET2005/My Project/Settings.Designer.vb
.vbs
xpstopdf_sdk_trial/examples/sdk_example_for_vb.net2005/VB.NET2005/My Project/Settings.settings
xpstopdf_sdk_trial/examples/sdk_example_for_vb.net2005/VB.NET2005/VB.NET2005.vbproj
xpstopdf_sdk_trial/examples/sdk_example_for_vb.net2005/VB.NET2005/VB.NET2005.vbproj.user
xpstopdf_sdk_trial/examples/sdk_example_for_vb.net2005/VB.NET2005/bin/Release/VB.NET2005.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 4KB - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
xpstopdf_sdk_trial/examples/sdk_example_for_vb.net2005/VB.NET2005/bin/Release/VB.NET2005.pdb
xpstopdf_sdk_trial/examples/sdk_example_for_vb.net2005/VB.NET2005/bin/Release/VB.NET2005.xml
xpstopdf_sdk_trial/examples/sdk_example_for_vb/Form1.frm
xpstopdf_sdk_trial/examples/sdk_example_for_vb/MSSCCPRJ.SCC
xpstopdf_sdk_trial/examples/sdk_example_for_vb/Project1.vbp
xpstopdf_sdk_trial/examples/sdk_example_for_vb/Project1.vbw
xpstopdf_sdk_trial/examples/sdk_example_for_vc/StdAfx.cpp
xpstopdf_sdk_trial/examples/sdk_example_for_vc/StdAfx.h
xpstopdf_sdk_trial/examples/sdk_example_for_vc/demo_vc.clw
xpstopdf_sdk_trial/examples/sdk_example_for_vc/demo_vc.cpp
xpstopdf_sdk_trial/examples/sdk_example_for_vc/demo_vc.dsp
xpstopdf_sdk_trial/examples/sdk_example_for_vc/demo_vc.dsw
xpstopdf_sdk_trial/examples/sdk_example_for_vc/demo_vc.h
xpstopdf_sdk_trial/examples/sdk_example_for_vc/demo_vc.ncb
xpstopdf_sdk_trial/examples/sdk_example_for_vc/demo_vc.opt
xpstopdf_sdk_trial/examples/sdk_example_for_vc/demo_vc.plg
.html
xpstopdf_sdk_trial/examples/sdk_example_for_vc/demo_vc.rc
xpstopdf_sdk_trial/examples/sdk_example_for_vc/demo_vcDlg.cpp
xpstopdf_sdk_trial/examples/sdk_example_for_vc/demo_vcDlg.h
xpstopdf_sdk_trial/examples/sdk_example_for_vc/res/demo_vc.ico
xpstopdf_sdk_trial/examples/sdk_example_for_vc/res/demo_vc.rc2
xpstopdf_sdk_trial/examples/sdk_example_for_vc/resource.h
xpstopdf_sdk_trial/help/css/style.css
xpstopdf_sdk_trial/help/index.html
.html
xpstopdf_sdk_trial/help/introduction.html
.html
xpstopdf_sdk_trial/help/left.html
.html
xpstopdf_sdk_trial/help/registration.html
.html
xpstopdf_sdk_trial/help/requirements.html
.html
xpstopdf_sdk_trial/help/sdk.html
.html
xpstopdf_sdk_trial/help/using.html
.html

Sharing

General

Malware Config

Signatures

Files

0fc86f7217d619be9e9757a36dcd4ccc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

Exports

Exports

Sections

.text Size: 476KB - Virtual size: 473KB

.rdata Size: 128KB - Virtual size: 125KB

.data Size: 44KB - Virtual size: 68KB

.reloc Size: 16KB - Virtual size: 14KB

25276fbbbd7b03c3ad0ca9b50d418705

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 192KB - Virtual size: 189KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 36KB - Virtual size: 39KB

.reloc Size: 12KB - Virtual size: 11KB

208dcb26465d254b03b959f58c215063

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 2KB

1b3491f317bc2ad1c6462ac8774e733b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 136KB - Virtual size: 132KB

.rdata Size: 36KB - Virtual size: 33KB

.data Size: 20KB - Virtual size: 33KB

.rsrc Size: 12KB - Virtual size: 8KB

Headers

File Characteristics

Exports

Exports

Sections

Size: 1.4MB - Virtual size: 3.3MB

Size: 114KB - Virtual size: 832KB

Size: 93KB - Virtual size: 596KB

Size: 112KB - Virtual size: 320KB

Size: 4KB - Virtual size: 4KB

.data Size: 102KB - Virtual size: 104KB

.adata Size: - Virtual size: 4KB

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 16KB - Virtual size: 12KB

.sdata Size: 4KB - Virtual size: 182B

.text
Size: 476KB - Virtual size: 473KB

.rdata
Size: 128KB - Virtual size: 125KB

.data
Size: 44KB - Virtual size: 68KB

.reloc
Size: 16KB - Virtual size: 14KB

.text
Size: 192KB - Virtual size: 189KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 36KB - Virtual size: 39KB

.reloc
Size: 12KB - Virtual size: 11KB

.text
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 2KB

.text
Size: 136KB - Virtual size: 132KB

.rdata
Size: 36KB - Virtual size: 33KB

.data
Size: 20KB - Virtual size: 33KB

.rsrc
Size: 12KB - Virtual size: 8KB

.data
Size: 102KB - Virtual size: 104KB

.adata
Size: - Virtual size: 4KB

.text
Size: 16KB - Virtual size: 12KB

.sdata
Size: 4KB - Virtual size: 182B

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 12B