89e0113da9bd79c68368d46962490da7

Sharing

Copy URL Twitter E-mail

General

Target

89e0113da9bd79c68368d46962490da7
Size

3.2MB
MD5

89e0113da9bd79c68368d46962490da7
SHA1

066572ccafcef419c0957b0bff2f428ccda3878e
SHA256

557ecdf4454216f945420023d2dd274e84095f8eb54ad7517e0242db1003ca95
SHA512

be68f2e7a943e8064225af2864b895eabe92a752dcd83e705e78707e1aee24cc6c927767778d472c962bd59b80d44f5a33181fd6b3b037f1bc41998b4e7cb9bf
SSDEEP

98304:pTwp7yMfFe64oY8fehG7MJ6cAHT7wGViXr:5AywMGp5X+Xr

Score

3^/10

Malware Config

Signatures

Unsigned PE 17 IoCs

Checks for missing Authenticode signature.

resource
unpack001/BNUpdate.exe
unpack001/BWAC.dll
unpack001/BWController.dll
unpack001/BWLauncher.exe
unpack001/BWStats.dll
unpack001/BWTVObserver.dll
unpack001/BWTVPlayer.dll
unpack001/BWW.dll
unpack001/BWaddin.dll
unpack001/LARS.dll
unpack001/battle.snp
unpack001/standard.snp
unpack001/starcraft.exe
unpack001/starcraft109.exe
unpack001/starcraft110.exe
unpack001/starcraft111.exe
unpack001/storm.dll

Files

89e0113da9bd79c68368d46962490da7
.rar
BNUpdate.exe
.exe windows:4 windows x86 arch:x86

15fe9c45b6616bd12c02523213d45f5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
strcspn
_purecall
free
malloc
fclose
fopen
qsort
isprint
strrchr
strncpy
strchr
isdigit
_snprintf
_fullpath
strstr
_vsnprintf
vsprintf
toupper
_strnicmp
strncmp
sprintf
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
strpbrk
strspn
tolower
__CxxFrameHandler
isspace
memmove
_splitpath
strtoul

kernel32

GetCurrentDirectoryA
VirtualLock
GetLastError
GetFileAttributesA
DeleteFileA
CloseHandle
ReadFile
GetFileSize
CreateFileA
FreeLibrary
GetProcAddress
LoadLibraryA
GetDiskFreeSpaceA
CreateDirectoryA
GetModuleHandleA
MoveFileA
CopyFileA
GetTempFileNameA
GetWindowsDirectoryA
SetFileTime
WriteFile
GetTickCount
SetErrorMode
Sleep
GetLocalTime
GetSystemDefaultLangID
GetTimeZoneInformation
GetDriveTypeA
GetLogicalDriveStringsA
SetLastError
SetFilePointer
SetEndOfFile
GetStartupInfoA
LeaveCriticalSection
EnterCriticalSection
ExitProcess
VirtualAlloc
VirtualFree
GetSystemInfo
DeleteCriticalSection
OutputDebugStringA
InitializeCriticalSection
IsBadReadPtr
IsBadWritePtr
GetProcessHeap
HeapFree
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
TerminateProcess
GetExitCodeProcess
GetCurrentProcess
GetVersion
FindClose
FindFirstFileA
GetModuleFileNameA
FormatMessageA
HeapAlloc
SetThreadPriority
CreateThread
CreateEventA
WaitForSingleObject
SetEvent
UnmapViewOfFile
FreeResource
SizeofResource
LockResource
LoadResource
FindResourceA
MapViewOfFile
CreateFileMappingA
GetVolumeInformationA
FlushFileBuffers
GetCurrentThread
GetComputerNameA
VirtualQuery
lstrcpynA
GetCurrentProcessId
CreateFileW
VirtualUnlock
GetSystemTimeAsFileTime

user32

LoadStringA
IsWindow
MessageBoxA
wsprintfA
SetClassLongA
CheckDlgButton
MoveWindow
SetFocus
IsDlgButtonChecked
SendDlgItemMessageA
GetWindowRect
GetDC
ReleaseDC
GetClassInfoExA
CreateDialogParamA
UpdateWindow
DestroyWindow
DefWindowProcA
SetWindowPos
PostQuitMessage
LoadIconA
LoadCursorA
LoadImageA
RegisterClassExA
GetSystemMetrics
CreateWindowExA
SetWindowTextA
IsWindowVisible
EnableWindow
SetTimer
GetDlgItemTextA
GetDlgItem
ShowWindow
SetDlgItemTextA
EndDialog
DialogBoxParamA
SetForegroundWindow
GetTopWindow
GetLastActivePopup
FindWindowA

gdi32

GetDeviceCaps
GetStockObject

comctl32

ord17

advapi32

RegOpenKeyExW
RegQueryValueExW
RegOpenKeyExA
RegDeleteKeyA
RegCloseKey
GetUserNameA
RegCreateKeyExA
RegCreateKeyExW
RegQueryValueExA
RegFlushKey
RegSetValueExW
RegSetValueExA

shell32

ShellExecuteA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
BWAC.dll
.dll windows:4 windows x86 arch:x86

c20102fef7c819630067e0336b023349

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
MapViewOfFile
CreateFileMappingA
GetLastError
OpenFileMappingA
_lclose
UnmapViewOfFile
SizeofResource
lstrlenA
_hwrite
_lopen
DeleteFileA
_hread
_llseek
GetModuleFileNameA
lstrcatA
GetTickCount
FindResourceA
LoadResource
LockResource
WriteProcessMemory
lstrcpyA
HeapAlloc
SetHandleCount
LeaveCriticalSection
InitializeCriticalSection
LCMapStringW
ReadFile
SetEndOfFile
LCMapStringA
LoadLibraryA
GetACP
GetProcAddress
GetOEMCP
CreateFileA
FlushFileBuffers
SetStdHandle
GetStringTypeW
InterlockedIncrement
RtlUnwind
GetCommandLineA
GetVersion
HeapFree
ReadProcessMemory
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
EnterCriticalSection
GetCPInfo
HeapDestroy
GetStringTypeA
GetModuleHandleA
MultiByteToWideChar
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
IsBadWritePtr
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetFilePointer
InterlockedDecrement

user32

EndDialog
FindWindowA
SetCursorPos
GetCursorPos
InvalidateRect
wsprintfA
MessageBeep
PostMessageA
IsDlgButtonChecked
CreateDialogParamA
GetDlgItem
CheckDlgButton
MessageBoxA
DialogBoxParamA
SetDlgItemTextA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegQueryValueExA
RegSetValueExA
RegCreateKeyA
RegOpenKeyA

shell32

ShellExecuteA

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

Exports

Exports

CheckForUpdate
CloseConfigDialog
GetCrackDLL
GetDescription
GetName
GetPluginVersion
IsBWPlugin
OpenConfigDialog
ReciveMethods
SendFeedBack
StarcraftTick
StartCrackLoad
Tick

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BWController.dll
.dll windows:4 windows x86 arch:x86

a0535ce3b1f9621e35259fb8d0d26efe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LockResource
FindResourceA
lstrlenA
CloseHandle
LoadResource
MapViewOfFile
CreateFileMappingA
GetLastError
OpenFileMappingA
lstrcpyA
UnmapViewOfFile
GetModuleFileNameA
SizeofResource
HeapFree
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetFilePointer
InterlockedIncrement
InterlockedDecrement
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
HeapAlloc
LCMapStringW
LCMapStringA
SetStdHandle
FlushFileBuffers
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
GetCommandLineA
GetVersion
ReadProcessMemory
HeapCreate
HeapSize
InitializeCriticalSection
TlsAlloc
TlsFree
SetLastError
TlsGetValue
EnterCriticalSection
LeaveCriticalSection
ExitProcess
WriteFile
VirtualFree
HeapReAlloc
DeleteCriticalSection
GetProcAddress
GetModuleHandleA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy

user32

ReleaseDC
GetDC
CreateDialogParamA
MessageBoxA
DialogBoxParamA
GetDlgItem
ShowWindow
EndDialog
SetDlgItemTextA

gdi32

TextOutA

shell32

ShellExecuteA

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

Exports

Exports

CheckForUpdate
GetCrackDLL
GetDescription
GetName
GetPluginVersion
IsBWPlugin
OpenConfigDialog
ReciveMethods
StarcraftTick
StartCrackLoad
_StarcraftWndProc@20

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BWLauncher.exe
.exe windows:4 windows x86 arch:x86

0f06f75741ae56bf4ba81ef2b3c9f018

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32First
CreateToolhelp32Snapshot
GetModuleFileNameA
lstrcmpA
GetCurrentDirectoryA
SizeofResource
LockResource
LoadResource
FindResourceA
ExitThread
GetModuleHandleA
WinExec
_hwrite
DeleteFileA
TerminateProcess
GetTickCount
CreateThread
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
UnmapViewOfFile
ReadFile
Process32Next
SetEndOfFile
GetOEMCP
OpenProcess
GetCPInfo
CreateFileA
FlushFileBuffers
CloseHandle
GetStringTypeW
GetExitCodeProcess
lstrcpyA
LCMapStringA
MultiByteToWideChar
SetFilePointer
GetStdHandle
SetUnhandledExceptionFilter
VirtualAlloc
HeapReAlloc
HeapAlloc
VirtualFree
HeapFree
HeapCreate
HeapDestroy
GetFileType
GetACP
SetHandleCount
GetEnvironmentStringsW
GetLastError
ResumeThread
Sleep
SuspendThread
_lopen
_lclose
_llseek
lstrlenA
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
InterlockedIncrement
LoadLibraryA
GetProcAddress
OutputDebugStringA
InterlockedDecrement
WriteFile
CreateProcessA
WriteProcessMemory
GetStringTypeA
ReadProcessMemory
LCMapStringW
SetStdHandle
IsBadCodePtr
SetCurrentDirectoryA
RtlUnwind
ExitProcess
GetCurrentProcess
GetFullPathNameA
GetDriveTypeA
SetEnvironmentVariableA
GetStartupInfoA
GetCommandLineA
GetVersion
IsBadWritePtr
IsBadReadPtr
HeapValidate
DebugBreak

user32

DispatchMessageA
RegisterClassA
CreateDialogParamA
ShowWindow
EndDialog
SetCursor
MessageBoxA
CharUpperA
FindWindowA
SendDlgItemMessageA
CheckDlgButton
GetDlgItem
SetDlgItemTextA
SetWindowTextA
LoadCursorA
GetMessageA
TranslateMessage
IsDlgButtonChecked
KillTimer
PostQuitMessage
DialogBoxParamA
LoadBitmapA
SetTimer

gdi32

DeleteObject

comdlg32

GetOpenFileNameA

advapi32

RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA

shell32

ShellExecuteA

ws2_32

WSAStartup
WSACleanup
WSAGetLastError
gethostbyname

wininet

InternetOpenA
InternetCloseHandle
InternetReadFile
InternetOpenUrlA

bwaddin

Tick
?GetLibrary@@YA_NJPAUS_lib@@@Z
?EnableDLLToLoad@@YAXPBD_N@Z
?GetLibrarySize@@YAJXZ
?ApplyCrack@@YAXPAX@Z
?OnBWStart@@YAXXZ
CheckForUpdate

Exports

Exports

?destinations@@3VC_conststring@@A
?udpate_block1103@@3PAEA
?udpate_block1104@@3PAEA
?udpate_block1105@@3PAEA
?udpate_block1106@@3PAEA
?udpate_block1113@@3PAEA
?udpate_block1114@@3PAEA
?udpate_block1115@@3PAEA
?udpate_block1116@@3PAEA
?update_block109@@3PAEA
?update_block1102@@3PAEA
?update_block110@@3PAEA
?update_block1112@@3PAEA
?update_block111@@3PAEA
?update_block111b2@@3PAEA
?update_block111b@@3PAEA
?updates@@3VC_conststring@@A
RunLoader

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
BWStats.dll
.dll windows:4 windows x86 arch:x86

887dc0d76373af66ab5a31dfd37b475a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
Process32Next
lstrcmpA
Process32First
CreateToolhelp32Snapshot
CloseHandle
OpenProcess
MapViewOfFile
CreateFileMappingA
GetLastError
OpenFileMappingA
lstrcpyA
UnmapViewOfFile
GetModuleFileNameA
SizeofResource
GetTickCount
FindResourceA
LoadResource
LockResource
WriteProcessMemory
SetCurrentDirectoryA
GetFileType
GetStartupInfoA
SetHandleCount
GetStdHandle
SetStdHandle
RaiseException
LoadLibraryA
GetStringTypeW
GetStringTypeA
SetFilePointer
LCMapStringW
FlushFileBuffers
RtlUnwind
SetEnvironmentVariableA
GetCurrentDirectoryA
ReadProcessMemory
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetProcAddress
GetModuleHandleA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
MultiByteToWideChar
LCMapStringA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
IsBadCodePtr
IsBadReadPtr
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetACP
GetOEMCP
InterlockedDecrement
InterlockedIncrement
GetCPInfo

user32

wsprintfA
CreateWindowExA
FindWindowA
CharUpperA
SetTimer
CreateDialogParamA
DialogBoxParamA
MessageBoxA
EndDialog
SetDlgItemTextA
GetForegroundWindow
GetWindowRect
GetSystemMetrics

gdi32

TextOutA

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

Exports

Exports

CheckForUpdate
GetCrackDLL
GetDescription
GetName
GetPluginVersion
IsBWPlugin
OnBWLaunch
OpenConfigDialog
ReciveMethods
StarcraftTick
StartCrackLoad
Tick

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 33.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BWTVObserver.dll
.dll windows:4 windows x86 arch:x86

0e386f8738d9bfa4874b4f7c1a0d2ce4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalUnlock
Sleep
GlobalLock
LocalFree
LocalAlloc
GlobalReAlloc
GlobalAlloc
GetLastError
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
UnmapViewOfFile
SizeofResource
GetTickCount
_lopen
_llseek
_lclose
Process32Next
CreateToolhelp32Snapshot
Process32First
FindResourceA
OpenProcess
CloseHandle
WriteProcessMemory
LoadResource
LockResource
lstrcpyA
ReadProcessMemory
lstrcmpA
CreateDirectoryA
GetModuleFileNameA
lstrlenA
OpenFile
_hwrite
_lread
DeleteFileA
SetCurrentDirectoryA
RtlUnwind
GetOEMCP
GetCPInfo
GetACP
CreateFileA
SetStdHandle
GetEnvironmentStrings
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsA
HeapSize
FreeEnvironmentStringsW
InterlockedDecrement
GetModuleHandleA
InterlockedIncrement
FlushFileBuffers
ReadFile
GetProcAddress
IsBadWritePtr
HeapReAlloc
WriteFile
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
HeapAlloc
SetLastError
_hread
TlsGetValue
RaiseException
SetEndOfFile
LoadLibraryA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
MultiByteToWideChar
TlsFree
GetCommandLineA
HeapFree
ExitProcess
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
SetEnvironmentVariableA
GetCurrentDirectoryA
GetStartupInfoA
GetFileType
TlsAlloc
GetVersion
SetHandleCount
GetStdHandle
TlsSetValue
DeleteCriticalSection
SetFilePointer
InitializeCriticalSection
GetCurrentThreadId

user32

GetCursorPos
DispatchMessageA
CreateDialogParamA
wsprintfA
SetCursorPos
FindWindowA
InvalidateRect
ReleaseDC
GetDC
MessageBoxA
CharUpperA
DrawTextA
GetSystemMetrics
SetTimer
CreateWindowExA
SetDlgItemTextA
GetWindowRect
GetForegroundWindow
GetDlgItem
EndDialog
SendDlgItemMessageA
DialogBoxParamA
CheckDlgButton
CheckRadioButton
IsDlgButtonChecked
ShowWindow
PostMessageA
TranslateMessage
PeekMessageA
GetDlgItemTextA

gdi32

SetTextAlign
SetBkMode
TextOutA
CreateFontIndirectA
SetBkColor
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
SetTextColor
DeleteDC
BitBlt
GetDeviceCaps
GetStockObject
CreatePalette
GetBitmapBits
RealizePalette
SelectPalette
SetDIBitsToDevice
DeleteObject

comdlg32

GetOpenFileNameA

advapi32

RegCreateKeyA
RegQueryValueExA
RegOpenKeyA
RegSetValueExA

ws2_32

WSAStartup
closesocket
select
recv
send
inet_ntoa
inet_addr
socket
htons
connect
WSAGetLastError

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

Exports

Exports

?update_block110@@3PAEA
CheckForUpdate
GetCrackDLL
GetDescription
GetName
GetPluginVersion
IsBWPlugin
OnBWLaunch
OpenConfigDialog
ReciveMethods
StarcraftTick
StartCrackLoad
Tick
_StarcraftWndProc@20

Sections

.text
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 102.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BWTVPlayer.dll
.dll windows:4 windows x86 arch:x86

777f3b558e982a7a4159976f58c4a9b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
ReadProcessMemory
WriteProcessMemory
LockResource
lstrlenA
LoadResource
FindResourceA
CloseHandle
OpenProcess
Process32Next
lstrcmpA
Process32First
Sleep
TerminateThread
TerminateProcess
CreateDirectoryA
ResumeThread
CreateProcessA
MapViewOfFile
CreateFileMappingA
GetLastError
OpenFileMappingA
lstrcpyA
UnmapViewOfFile
SizeofResource
_hwrite
GetTickCount
_lopen
_llseek
_lclose
_hread
CreateToolhelp32Snapshot
DeleteFileA
GetFileType
GetCurrentProcess
GetACP
EnterCriticalSection
CreateFileA
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentStrings
SetStdHandle
FreeEnvironmentStringsW
FreeEnvironmentStringsA
WideCharToMultiByte
InterlockedDecrement
HeapSize
InterlockedIncrement
ReadFile
WriteFile
FlushFileBuffers
IsBadWritePtr
SetEndOfFile
LoadLibraryA
GetProcAddress
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetOEMCP
HeapAlloc
HeapFree
ExitProcess
VirtualAlloc
SetFilePointer
LeaveCriticalSection
RtlUnwind
GetCommandLineA
GetVersion
SetHandleCount
GetStdHandle
HeapReAlloc
GetStartupInfoA
DeleteCriticalSection
SetLastError
InitializeCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree

user32

GetCursorPos
EndDialog
FindWindowA
CharUpperA
CreateDialogParamA
wsprintfA
MessageBoxA
GetDlgItem
ShowWindow
GetDlgItemTextA
DialogBoxParamA
PostMessageA
SetDlgItemTextA

advapi32

RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA
RegCreateKeyA

shell32

ShellExecuteA

ws2_32

closesocket
select
recv
send
inet_ntoa
inet_addr
socket
htons
connect
WSAStartup
gethostbyname
WSAGetLastError
WSACleanup

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

Exports

Exports

CheckForUpdate
GetCrackDLL
GetDescription
GetName
GetPluginVersion
IsBWPlugin
OnBWLaunch
OpenConfigDialog
ReciveMethods
SendFeedBack
StarcraftTick
StartCrackLoad
Tick
_BWTVPlayer_SaveEndLREMan@4
_StarcraftWndProc@20

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 44.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BWW.dll
.dll windows:4 windows x86 arch:x86

93022a03fd162684c9b1232418aa2a12

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadResource
FindResourceA
WriteProcessMemory
lstrlenA
CloseHandle
OpenProcess
Process32Next
LockResource
lstrcmpA
CreateToolhelp32Snapshot
MapViewOfFile
CreateFileMappingA
GetLastError
OpenFileMappingA
lstrcpyA
UnmapViewOfFile
SizeofResource
Process32First
ExitProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW
DeleteCriticalSection
GetModuleFileNameA
FlushFileBuffers
LCMapStringW
LCMapStringA
SetStdHandle
LoadLibraryA
GetProcAddress
RtlUnwind
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetOEMCP
VirtualAlloc
GetACP
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
SetFilePointer
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetStringTypeA
GetStringTypeW

user32

CreateDialogParamA
DialogBoxParamA
MessageBoxA
EndDialog
SetDlgItemTextA
GetForegroundWindow
GetWindowRect
GetSystemMetrics
CreateWindowExA
SetTimer
CharUpperA

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

Exports

Exports

CheckForUpdate
CloseConfigDialog
GetDescription
GetName
GetPluginVersion
IsBWPlugin
OpenConfigDialog
ReciveMethods
_StarcraftWndProc@20

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BWaddin.dll
.dll windows:4 windows x86 arch:x86

6adf5fd4e3e53633bc9af529f0dc463e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
CreateFileMappingA
GetLastError
OpenFileMappingA
lstrcpyA
CloseHandle
UnmapViewOfFile
lstrcmpA
lstrlenA
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
GetProcAddress
FreeLibrary
LoadLibraryA
WriteProcessMemory
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetModuleFileNameA
DeleteCriticalSection
FreeEnvironmentStringsA
SetLastError
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
RtlUnwind
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
MapViewOfFile
TlsSetValue
TlsAlloc
TlsFree
InitializeCriticalSection
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
IsBadWritePtr
InterlockedDecrement
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
IsBadCodePtr
VirtualAlloc
SetFilePointer
InterlockedIncrement
SetUnhandledExceptionFilter
IsBadReadPtr
GetCPInfo
GetACP
GetOEMCP
FlushFileBuffers

user32

wsprintfA
CharUpperA
MessageBoxA

Exports

Exports

?A0StarcraftAddinDistributor@@YGXKPAX@Z
?A0StarcraftTickDistributor@@YAXXZ
?A0StarcraftWindowsCallBackProcedure@@YGJPAUHWND__@@IIJ@Z
?ApplyCrack@@YAXPAX@Z
?EnableDLLToLoad@@YAXPBD_N@Z
?GetLibrary@@YA_NJPAUS_lib@@@Z
?GetLibrarySize@@YAJXZ
?OnBWStart@@YAXXZ
CheckForUpdate
SendFeedBack
Tick

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
LARS.dll
.dll windows:4 windows x86 arch:x86

f4a1266d75a3b72ed66473da02671293

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OpenProcess
Process32Next
CloseHandle
lstrcmpA
Process32First
CreateToolhelp32Snapshot
MapViewOfFile
lstrcpyA
OpenFileMappingA
lstrlenA
UnmapViewOfFile
SizeofResource
_lclose
_lopen
CreateDirectoryA
FindResourceA
LoadResource
LockResource
WriteProcessMemory
CreateFileMappingA
GetLastError
TlsAlloc
GetModuleFileNameA
FreeEnvironmentStringsA
GetStartupInfoA
DeleteCriticalSection
FlushFileBuffers
LCMapStringW
LCMapStringA
SetStdHandle
GetFileType
LoadLibraryA
GetCPInfo
GetStringTypeW
RtlUnwind
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
GetCurrentThreadId
TlsSetValue
ReadProcessMemory
TlsFree
SetLastError
TlsGetValue
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
SetHandleCount
GetStdHandle
GetStringTypeA
EnterCriticalSection
GetProcAddress
GetOEMCP
GetACP
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
IsBadReadPtr
LeaveCriticalSection
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadCodePtr
SetFilePointer
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar

user32

SetDlgItemTextA
CheckDlgButton
CharUpperA
CreateDialogParamA
IsDlgButtonChecked
DialogBoxParamA
MessageBoxA
EndDialog

advapi32

RegSetValueExA
RegCreateKeyA
RegOpenKeyA
RegQueryValueExA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

Exports

Exports

CheckForUpdate
CloseConfigDialog
GetCrackDLL
GetDescription
GetName
GetPluginVersion
IsBWPlugin
OpenConfigDialog
ReciveMethods
SendFeedBack
StarcraftTick
StartCrackLoad
Tick
_LARS_SaveReplayMan@4

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 18.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
LowRide.bmp
Patch_rt.mpq
battle.snp
.dll windows:4 windows x86 arch:x86

f761d679dc814d28b8501d0916a564a8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

storm

ord205
ord203
ord217
ord343
ord357
ord912
ord902
ord294
ord915
ord268
ord265
ord269
ord253
ord266
ord251
ord302
ord252
ord208
ord510
ord491
ord550
ord315
ord427
ord425
ord118
ord463
ord433
ord434
ord431
ord210
ord342
ord571
ord509
ord507
ord422
ord503
ord204
ord424
ord428
ord506
ord494
ord548
ord541
ord542
ord423
ord426
ord215
ord457
ord213
ord458
ord612
ord624
ord609
ord638
ord603
ord606
ord601
ord636
ord622
ord628
ord321
ord202
ord313
ord455
ord219
ord403
ord346
ord216
ord401
ord465
ord211
ord206
ord501
ord421

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

gdi32

CreateBitmap
CreatePatternBrush
CreateSolidBrush
ExtTextOutA
SetBkColor
MoveToEx
SetTextAlign
SetBkMode
GetObjectA
CreateFontIndirectA
DeleteObject
SelectObject
GetTextExtentExPointA
SetTextColor
GetStockObject
DeleteDC
GetTextMetricsA
CreateCompatibleDC
CreateRectRgn
TextOutA
GetPaletteEntries

shell32

ShellExecuteA
FindExecutableA

user32

EndPaint
PostMessageA
GetParent
GetWindowLongA
SendDlgItemMessageA
SetFocus
SetPropA
SetWindowLongA
SetWindowPos
EnableWindow
GetDlgItem
SendMessageA
CallWindowProcA
GetPropA
SetRect
InvalidateRect
GetClientRect
SetForegroundWindow
GetDesktopWindow
PeekMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
CharLowerBuffA
MsgWaitForMultipleObjects
OffsetRect
GetCursorPos
ShowCursor
LoadStringA
GetDlgItemTextA
SetDlgItemTextA
IsWindowEnabled
MessageBoxA
UnregisterClassA
GetKeyState
GetDCEx
FrameRect
CreateWindowExA
GetWindowRect
ScreenToClient
RemovePropA
GetNextDlgTabItem
DefWindowProcA
BeginPaint
wsprintfA
SetCapture
GetCapture
ReleaseCapture
PtInRect
LoadCursorA
RegisterClassA
GetClassInfoA
SetSysColors
GetWindowTextA
MessageBeep
GetSysColor
GetDC
ReleaseDC
SetActiveWindow
ShowWindow
SetWindowTextA
GetFocus
GetLastActivePopup
FindWindowA
UpdateWindow
IsWindow
GetActiveWindow
DestroyWindow
SetCursor
DestroyCursor

wsock32

WSACleanup
closesocket
sendto
socket
getsockname
bind
htons
WSAGetLastError
WSAStartup
recvfrom
connect
gethostbyname
ioctlsocket
inet_addr
send
getpeername
recv
setsockopt

kernel32

GetProcAddress
FreeLibrary
LoadLibraryA
Sleep
WaitForSingleObject
SetThreadPriority
GetVersion
IsBadWritePtr
SetEvent
InterlockedIncrement
TerminateThread
CreateEventA
InterlockedDecrement
DuplicateHandle
GetCurrentThread
GetCurrentProcess
GetUserDefaultLangID
GetUserDefaultLCID
FindResourceExA
IsBadReadPtr
SetFileTime
GetFileTime
GetLastError
CreateThread
GetCurrentThreadId
TlsSetValue
ExitThread
GetCommandLineA
ExitProcess
GetCPInfo
GetACP
GetOEMCP
HeapFree
TerminateProcess
HeapReAlloc
HeapAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDateFormatA
MulDiv
GetSystemTime
GetTickCount
SystemTimeToFileTime
CompareFileTime
WriteFile
GetModuleFileNameA
CreateFileA
GetFileSize
ReadFile
GetModuleHandleA
SizeofResource
LockResource
LoadResource
DeleteFileA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetTimeZoneInformation
FindResourceA
GetLocaleInfoA
CloseHandle
GetLocalTime
HeapSize
WideCharToMultiByte
MultiByteToWideChar
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
FlushFileBuffers
SetStdHandle
VirtualAlloc
GetStringTypeW
GetStringTypeA
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
RtlUnwind
UnhandledExceptionFilter
TlsGetValue
SetLastError
TlsFree
TlsAlloc
LCMapStringW
LCMapStringA
SetFilePointer

Exports

Exports

SnpBind
SnpQuery

Sections

.text
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 192KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bwtvobsdef.cfg
rightride.bmp
script.php
standard.snp
.dll windows:4 windows x86 arch:x86

70628d5012f09a8e129f93f2e63bd079

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

storm

ord403
ord401
ord501
ord208
ord346
ord206
ord211
ord118
ord216
ord222
ord357
ord423
ord465
ord494

tapi32

lineShutdown
lineMakeCall
lineOpen
lineGetID
lineGetCallStatus
lineDrop
lineDeallocateCall
lineClose
lineAnswer
lineInitialize
lineTranslateAddress
lineGetDevCaps
lineNegotiateAPIVersion

user32

EnableWindow
SendMessageA
InvalidateRect
KillTimer
GetDlgItemTextA
SetTimer
PostMessageA
SendDlgItemMessageA
GetClientRect
GetDlgItem
SetDlgItemTextA
LoadStringA
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageA
GetCursorPos
wsprintfA

kernel32

GetLastError
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
SetFilePointer
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetCPInfo
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
RtlUnwind
UnhandledExceptionFilter
TlsGetValue
TlsFree
TlsAlloc
HeapFree
InterlockedDecrement
GetModuleHandleA
InitializeCriticalSection
DeleteCriticalSection
SetLastError
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
Sleep
CloseHandle
WaitForSingleObject
GetTickCount
GetVersion
SetThreadPriority
GetProcAddress
LoadLibraryA
IsBadWritePtr
SetEvent
LockResource
LoadResource
FindResourceExA
WaitForMultipleObjects
ReadFile
ResetEvent
GetOverlappedResult
WriteFile
CreateEventA
LocalFree
LocalAlloc
QueryPerformanceCounter
SetCommState
GetCommState
SetCommTimeouts
InterlockedIncrement
CreateFileA
CreateThread
GetCurrentThreadId
TlsSetValue
ExitThread
GetCommandLineA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapAlloc
HeapSize

Exports

Exports

SnpBind
SnpQuery

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
starcraft.exe
.exe windows:4 windows x86 arch:x86

c13fb0e9353aa18f7d02cf147a5bd5c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

storm

ord426
ord313
ord260
ord453
ord256
ord451
ord137
ord140
ord139
ord106
ord119
ord109
ord130
ord115
ord138
ord101
ord117
ord120
ord123
ord102
ord122
ord121
ord128
ord127
ord501
ord462
ord491
ord134
ord261
ord257
ord264
ord275
ord571
ord255
ord258
ord423
ord272
ord266
ord252
ord502
ord508
ord118
ord133
ord103
ord116
ord321
ord105
ord112
ord457
ord454
ord458
ord386
ord389
ord393
ord390
ord385
ord383
ord314
ord216
ord425
ord206
ord211
ord422
ord431
ord221
ord434
ord445
ord125
ord113
ord222
ord357
ord346
ord208
ord114
ord572
ord323
ord325
ord269
ord265
ord276
ord253
ord267
ord268
ord463
ord274
ord342
ord442
ord465
ord509
ord503
ord279
ord421
ord424
ord428
ord506
ord494
ord350
ord356
ord401
ord403
ord107
ord440
ord436
ord443
ord438
ord432
ord354
ord437
ord468
ord351
ord523
ord524
ord529
ord525
ord452
ord334
ord331
ord332

shell32

FindExecutableA
ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

kernel32

InterlockedDecrement
GetLocalTime
InterlockedIncrement
CreateThread
TlsSetValue
ExitThread
SetConsoleCtrlHandler
GetStartupInfoA
GetVersion
ExitProcess
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
TlsAlloc
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
GetSystemTime
HeapAlloc
HeapSize
HeapFree
UnhandledExceptionFilter
RtlUnwind
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
GetCPInfo
GetStringTypeA
GetStringTypeW
VirtualAlloc
SetStdHandle
FlushFileBuffers
CreateFileA
GetACP
GetOEMCP
SetFilePointer
SetEndOfFile
ReadFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
FreeLibrary
SetFileAttributesA
GetFileSize
GetComputerNameA
CreateDirectoryA
HeapReAlloc
LoadLibraryA
GetProcAddress
GetCurrentThreadId
CompareFileTime
ResetEvent
SetEvent
FindResourceA
SizeofResource
LoadResource
LockResource
GetSystemInfo
GetDiskFreeSpaceA
GlobalMemoryStatus
GetCommandLineA
GetLogicalDriveStringsA
GetTimeZoneInformation
GetModuleFileNameA
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTickCount
Sleep
IsBadReadPtr
GetModuleHandleA
VirtualQuery
lstrcpynA
IsBadWritePtr
FormatMessageA
SetUnhandledExceptionFilter
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
CloseHandle
WaitForMultipleObjects
MulDiv
GetTimeFormatA
GetDateFormatA
FileTimeToSystemTime
FileTimeToLocalFileTime
CreateProcessA
GetFileAttributesA
WaitForSingleObject
CreateEventA
GetDriveTypeA
RaiseException

user32

InvalidateRect
PtInRect
ClipCursor
LoadIconA
RegisterClassA
GetSystemMetrics
CreateWindowExA
GetLastActivePopup
GetTopWindow
EndDialog
SetWindowPos
SetDlgItemTextA
DialogBoxParamA
SetTimer
KillTimer
WaitForInputIdle
GetWindowThreadProcessId
EnumWindows
SetForegroundWindow
SetActiveWindow
SetWindowTextA
MessageBoxA
SetWindowLongA
DrawTextA
GetClientRect
ScreenToClient
GetSysColor
UpdateWindow
EnableWindow
ShowWindow
SendDlgItemMessageA
GetWindowLongA
GetDlgItem
GetWindowRect
OffsetRect
SetCursor
GetFocus
GetParent
SendMessageA
GetDC
ReleaseDC
GetActiveWindow
SetRect
GetDesktopWindow
GetForegroundWindow
GetWindow
GetClassNameA
GetMessageA
PeekMessageA
DispatchMessageA
TranslateAcceleratorA
TranslateMessage
LoadCursorA
GetCursorPos
SetCursorPos
ShowCursor
FindWindowA
SetFocus
BeginPaint
EndPaint
DefWindowProcA
GetKeyState
PostMessageA
SetCapture
ReleaseCapture
DestroyAcceleratorTable
IsIconic
LoadAcceleratorsA
LoadStringA

gdi32

GetTextExtentExPointA
GetStockObject
DeleteDC
GetDeviceCaps
CreateFontA
MoveToEx
TextOutA
SetTextAlign
SetBkColor
SetTextColor
GetPaletteEntries
ExtTextOutA
GetTextMetricsA
DeleteObject
GetObjectA
CreateFontIndirectA
CreateCompatibleDC
SelectObject
GetTextExtentPoint32A

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

advapi32

RegOpenKeyExA
RegDeleteValueA
GetUserNameA

Sections

.text
Size: 900KB - Virtual size: 899KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
starcraft109.exe
.exe windows:4 windows x86 arch:x86

0a2d96bb7241807220f8eb62f276b869

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

storm

ord114
ord426
ord313
ord260
ord453
ord256
ord451
ord137
ord140
ord139
ord106
ord119
ord109
ord130
ord115
ord138
ord101
ord117
ord120
ord123
ord102
ord122
ord121
ord128
ord501
ord127
ord462
ord491
ord134
ord261
ord257
ord264
ord275
ord571
ord255
ord258
ord423
ord272
ord266
ord252
ord502
ord508
ord118
ord133
ord103
ord116
ord321
ord105
ord112
ord107
ord457
ord454
ord458
ord386
ord389
ord393
ord390
ord385
ord383
ord314
ord216
ord425
ord206
ord211
ord422
ord431
ord221
ord434
ord445
ord125
ord113
ord222
ord357
ord346
ord208
ord572
ord269
ord265
ord276
ord253
ord267
ord268
ord463
ord274
ord342
ord442
ord465
ord509
ord503
ord279
ord421
ord424
ord428
ord506
ord494
ord323
ord350
ord325
ord437
ord356
ord401
ord403
ord440
ord436
ord443
ord438
ord432
ord354
ord332
ord468
ord351
ord523
ord524
ord529
ord525
ord452
ord334
ord331

shell32

FindExecutableA
ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

kernel32

SetFileAttributesA
FileTimeToLocalFileTime
CreateProcessA
CreateDirectoryA
DeleteCriticalSection
LeaveCriticalSection
GetComputerNameA
GetSystemTime
GetLocalTime
InterlockedDecrement
InterlockedIncrement
CreateThread
TlsSetValue
ExitThread
SetConsoleCtrlHandler
GetStartupInfoA
GetVersion
ExitProcess
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
LCMapStringW
TlsAlloc
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapAlloc
HeapSize
HeapFree
UnhandledExceptionFilter
RtlUnwind
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
WriteFile
SetEnvironmentVariableA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
VirtualAlloc
SetStdHandle
GetFileSize
FreeLibrary
FlushFileBuffers
CreateFileA
SetFilePointer
SetEndOfFile
ReadFile
GetLocaleInfoW
CompareStringA
CompareStringW
LoadLibraryA
GetProcAddress
GetCurrentThreadId
CompareFileTime
ResetEvent
SetEvent
FindResourceA
SizeofResource
LoadResource
GetSystemInfo
GetDiskFreeSpaceA
GlobalMemoryStatus
GetTimeZoneInformation
GetModuleFileNameA
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTickCount
Sleep
IsBadReadPtr
GetModuleHandleA
VirtualQuery
lstrcpynA
IsBadWritePtr
FormatMessageA
SetUnhandledExceptionFilter
InitializeCriticalSection
FileTimeToSystemTime
GetDateFormatA
EnterCriticalSection
GetLastError
CloseHandle
WaitForMultipleObjects
MulDiv
GetTimeFormatA
GetLogicalDriveStringsA
GetCommandLineA
RaiseException
LockResource
GetFileAttributesA
WaitForSingleObject
CreateEventA
GetDriveTypeA

user32

GetClientRect
LoadIconA
RegisterClassA
GetSystemMetrics
CreateWindowExA
GetLastActivePopup
GetTopWindow
EndDialog
SetWindowPos
SetDlgItemTextA
DialogBoxParamA
SetTimer
KillTimer
WaitForInputIdle
GetWindowThreadProcessId
EnumWindows
SetForegroundWindow
SetActiveWindow
SetWindowTextA
MessageBoxA
SetWindowLongA
ScreenToClient
GetSysColor
DrawTextA
UpdateWindow
EnableWindow
ShowWindow
SendDlgItemMessageA
GetWindowLongA
GetDlgItem
GetWindowRect
OffsetRect
InvalidateRect
GetFocus
GetParent
SendMessageA
GetDC
ReleaseDC
GetActiveWindow
SetRect
GetDesktopWindow
GetForegroundWindow
GetClassNameA
GetWindow
GetMessageA
PeekMessageA
DispatchMessageA
TranslateMessage
DefWindowProcA
EndPaint
LoadCursorA
SetCursor
GetCursorPos
FindWindowA
SetFocus
GetKeyState
PostMessageA
SetCapture
ReleaseCapture
DestroyAcceleratorTable
PtInRect
TranslateAcceleratorA
ShowCursor
SetCursorPos
BeginPaint
LoadStringA
IsIconic
LoadAcceleratorsA
ClipCursor

gdi32

SetTextColor
GetDeviceCaps
CreateFontA
MoveToEx
TextOutA
SetTextAlign
SetBkColor
GetPaletteEntries
GetTextExtentExPointA
ExtTextOutA
GetTextMetricsA
DeleteObject
GetObjectA
CreateFontIndirectA
CreateCompatibleDC
SelectObject
GetTextExtentPoint32A
DeleteDC
GetStockObject

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

advapi32

RegOpenKeyExA
RegDeleteValueA
GetUserNameA

Sections

.text
Size: 944KB - Virtual size: 943KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
starcraft110.exe
.exe windows:4 windows x86 arch:x86

d95ddfedfbe283022b831f3a64def613

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

storm

ord426
ord313
ord260
ord453
ord256
ord451
ord137
ord140
ord139
ord106
ord119
ord109
ord130
ord115
ord138
ord101
ord117
ord120
ord123
ord102
ord122
ord121
ord128
ord127
ord501
ord462
ord491
ord134
ord261
ord257
ord264
ord275
ord571
ord255
ord258
ord423
ord272
ord266
ord252
ord502
ord508
ord118
ord133
ord103
ord116
ord321
ord105
ord112
ord457
ord454
ord458
ord386
ord389
ord393
ord390
ord385
ord383
ord314
ord216
ord425
ord206
ord211
ord422
ord431
ord221
ord434
ord445
ord125
ord113
ord222
ord357
ord346
ord208
ord114
ord572
ord323
ord325
ord269
ord265
ord276
ord253
ord267
ord268
ord463
ord274
ord342
ord442
ord465
ord509
ord503
ord279
ord421
ord424
ord428
ord506
ord494
ord350
ord356
ord401
ord403
ord107
ord437
ord440
ord436
ord443
ord438
ord432
ord354
ord468
ord351
ord523
ord524
ord529
ord525
ord452
ord334
ord331
ord332

shell32

FindExecutableA
ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

kernel32

InterlockedDecrement
GetLocalTime
InterlockedIncrement
CreateThread
TlsSetValue
ExitThread
SetConsoleCtrlHandler
GetStartupInfoA
GetVersion
ExitProcess
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
TlsAlloc
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
GetSystemTime
HeapAlloc
HeapSize
HeapFree
UnhandledExceptionFilter
RtlUnwind
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
GetCPInfo
GetStringTypeA
GetStringTypeW
VirtualAlloc
SetStdHandle
FlushFileBuffers
CreateFileA
GetACP
GetOEMCP
SetFilePointer
SetEndOfFile
ReadFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
FreeLibrary
SetFileAttributesA
GetFileSize
GetComputerNameA
CreateDirectoryA
HeapReAlloc
LoadLibraryA
GetProcAddress
GetCurrentThreadId
CompareFileTime
ResetEvent
SetEvent
FindResourceA
SizeofResource
LoadResource
LockResource
GetSystemInfo
GetDiskFreeSpaceA
GlobalMemoryStatus
GetCommandLineA
GetLogicalDriveStringsA
GetTimeZoneInformation
GetModuleFileNameA
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTickCount
Sleep
IsBadReadPtr
GetModuleHandleA
VirtualQuery
lstrcpynA
IsBadWritePtr
FormatMessageA
SetUnhandledExceptionFilter
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
CloseHandle
WaitForMultipleObjects
MulDiv
GetTimeFormatA
GetDateFormatA
FileTimeToSystemTime
FileTimeToLocalFileTime
CreateProcessA
GetFileAttributesA
WaitForSingleObject
CreateEventA
GetDriveTypeA
RaiseException

user32

InvalidateRect
PtInRect
ClipCursor
LoadIconA
RegisterClassA
GetSystemMetrics
CreateWindowExA
GetLastActivePopup
GetTopWindow
EndDialog
SetWindowPos
SetDlgItemTextA
DialogBoxParamA
SetTimer
KillTimer
WaitForInputIdle
GetWindowThreadProcessId
EnumWindows
SetForegroundWindow
SetActiveWindow
SetWindowTextA
MessageBoxA
SetWindowLongA
GetClientRect
ScreenToClient
GetSysColor
DrawTextA
UpdateWindow
EnableWindow
ShowWindow
SendDlgItemMessageA
GetWindowLongA
GetDlgItem
GetWindowRect
OffsetRect
SetCursor
GetFocus
GetParent
SendMessageA
GetDC
ReleaseDC
GetActiveWindow
SetRect
GetDesktopWindow
GetForegroundWindow
GetWindow
GetClassNameA
GetMessageA
PeekMessageA
DispatchMessageA
TranslateAcceleratorA
TranslateMessage
LoadCursorA
GetCursorPos
SetCursorPos
ShowCursor
FindWindowA
SetFocus
BeginPaint
EndPaint
DefWindowProcA
GetKeyState
PostMessageA
SetCapture
ReleaseCapture
DestroyAcceleratorTable
IsIconic
LoadAcceleratorsA
LoadStringA

gdi32

GetTextExtentExPointA
GetStockObject
DeleteDC
GetDeviceCaps
CreateFontA
MoveToEx
TextOutA
SetTextAlign
SetBkColor
SetTextColor
GetPaletteEntries
ExtTextOutA
GetTextMetricsA
DeleteObject
GetObjectA
CreateFontIndirectA
CreateCompatibleDC
SelectObject
GetTextExtentPoint32A

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

advapi32

RegOpenKeyExA
RegDeleteValueA
GetUserNameA

Sections

.text
Size: 916KB - Virtual size: 912KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
starcraft111.exe
.exe windows:4 windows x86 arch:x86

c13fb0e9353aa18f7d02cf147a5bd5c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

storm

ord426
ord313
ord260
ord453
ord256
ord451
ord137
ord140
ord139
ord106
ord119
ord109
ord130
ord115
ord138
ord101
ord117
ord120
ord123
ord102
ord122
ord121
ord128
ord127
ord501
ord462
ord491
ord134
ord261
ord257
ord264
ord275
ord571
ord255
ord258
ord423
ord272
ord266
ord252
ord502
ord508
ord118
ord133
ord103
ord116
ord321
ord105
ord112
ord457
ord454
ord458
ord386
ord389
ord393
ord390
ord385
ord383
ord314
ord216
ord425
ord206
ord211
ord422
ord431
ord221
ord434
ord445
ord125
ord113
ord222
ord357
ord346
ord208
ord114
ord572
ord323
ord325
ord269
ord265
ord276
ord253
ord267
ord268
ord463
ord274
ord342
ord442
ord465
ord509
ord503
ord279
ord421
ord424
ord428
ord506
ord494
ord350
ord356
ord401
ord403
ord107
ord440
ord436
ord443
ord438
ord432
ord354
ord437
ord468
ord351
ord523
ord524
ord529
ord525
ord452
ord334
ord331
ord332

shell32

FindExecutableA
ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

kernel32

InterlockedDecrement
GetLocalTime
InterlockedIncrement
CreateThread
TlsSetValue
ExitThread
SetConsoleCtrlHandler
GetStartupInfoA
GetVersion
ExitProcess
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
TlsAlloc
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
GetSystemTime
HeapAlloc
HeapSize
HeapFree
UnhandledExceptionFilter
RtlUnwind
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
GetCPInfo
GetStringTypeA
GetStringTypeW
VirtualAlloc
SetStdHandle
FlushFileBuffers
CreateFileA
GetACP
GetOEMCP
SetFilePointer
SetEndOfFile
ReadFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
FreeLibrary
SetFileAttributesA
GetFileSize
GetComputerNameA
CreateDirectoryA
HeapReAlloc
LoadLibraryA
GetProcAddress
GetCurrentThreadId
CompareFileTime
ResetEvent
SetEvent
FindResourceA
SizeofResource
LoadResource
LockResource
GetSystemInfo
GetDiskFreeSpaceA
GlobalMemoryStatus
GetCommandLineA
GetLogicalDriveStringsA
GetTimeZoneInformation
GetModuleFileNameA
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTickCount
Sleep
IsBadReadPtr
GetModuleHandleA
VirtualQuery
lstrcpynA
IsBadWritePtr
FormatMessageA
SetUnhandledExceptionFilter
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
CloseHandle
WaitForMultipleObjects
MulDiv
GetTimeFormatA
GetDateFormatA
FileTimeToSystemTime
FileTimeToLocalFileTime
CreateProcessA
GetFileAttributesA
WaitForSingleObject
CreateEventA
GetDriveTypeA
RaiseException

user32

InvalidateRect
PtInRect
ClipCursor
LoadIconA
RegisterClassA
GetSystemMetrics
CreateWindowExA
GetLastActivePopup
GetTopWindow
EndDialog
SetWindowPos
SetDlgItemTextA
DialogBoxParamA
SetTimer
KillTimer
WaitForInputIdle
GetWindowThreadProcessId
EnumWindows
SetForegroundWindow
SetActiveWindow
SetWindowTextA
MessageBoxA
SetWindowLongA
DrawTextA
GetClientRect
ScreenToClient
GetSysColor
UpdateWindow
EnableWindow
ShowWindow
SendDlgItemMessageA
GetWindowLongA
GetDlgItem
GetWindowRect
OffsetRect
SetCursor
GetFocus
GetParent
SendMessageA
GetDC
ReleaseDC
GetActiveWindow
SetRect
GetDesktopWindow
GetForegroundWindow
GetWindow
GetClassNameA
GetMessageA
PeekMessageA
DispatchMessageA
TranslateAcceleratorA
TranslateMessage
LoadCursorA
GetCursorPos
SetCursorPos
ShowCursor
FindWindowA
SetFocus
BeginPaint
EndPaint
DefWindowProcA
GetKeyState
PostMessageA
SetCapture
ReleaseCapture
DestroyAcceleratorTable
IsIconic
LoadAcceleratorsA
LoadStringA

gdi32

GetTextExtentExPointA
GetStockObject
DeleteDC
GetDeviceCaps
CreateFontA
MoveToEx
TextOutA
SetTextAlign
SetBkColor
SetTextColor
GetPaletteEntries
ExtTextOutA
GetTextMetricsA
DeleteObject
GetObjectA
CreateFontIndirectA
CreateCompatibleDC
SelectObject
GetTextExtentPoint32A

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

advapi32

RegOpenKeyExA
RegDeleteValueA
GetUserNameA

Sections

.text
Size: 900KB - Virtual size: 899KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
storm.dll
.dll windows:4 windows x86 arch:x86

4c5de46144b7a7771d49d0db72fc902c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

crtdll

_strupr
wcstombs
wcslen
setlocale
_vsnprintf
strpbrk
toupper
_fullpath
_purecall
vsprintf
memmove
qsort
_CIpow
_strlwr
_global_unwind2
_local_unwind2
strncmp
_strnicmp
strtol
strtoul
strstr
_stricmp
strrchr
isprint
strncpy
sprintf
_ftol

advapi32

RegCreateKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegSetValueExA
RegFlushKey
RegQueryValueExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
GetUserNameA

comdlg32

GetSaveFileNameA

gdi32

DeleteDC
CreateDIBitmap
DeleteObject
CreateRectRgn
CombineRgn
GdiFlush
GetRegionData
RectInRegion
GetStockObject
SetTextColor
GetCharABCWidthsA
SetBkMode
SelectObject
GetTextExtentPoint32A
SetTextAlign
GetCurrentObject
GetTextMetricsA
CreateCompatibleDC
CreateFontA
SetBkColor
SelectPalette
CreatePalette
GetSystemPaletteEntries
RealizePalette
SetPaletteEntries
GetDeviceCaps
GetDIBits
ExtTextOutA
Rectangle

kernel32

GetTempPathA
FreeLibrary
GetProcAddress
LoadLibraryA
InterlockedDecrement
GetComputerNameA
GetLocalTime
GetModuleFileNameA
InterlockedIncrement
IsBadWritePtr
GetCurrentThread
GetLastError
GetCurrentProcess
IsBadReadPtr
GetModuleHandleA
VirtualQuery
lstrcpynA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
CloseHandle
WriteFile
CreateFileA
ReadFile
GetFileSize
GetCommandLineA
GetTickCount
MulDiv
GetCurrentProcessId
LockResource
LoadResource
FindResourceA
FreeResource
SizeofResource
ExitProcess
HeapFree
GetProcessHeap
GetCurrentThreadId
TerminateProcess
GetExitCodeProcess
GetVersion
GetFileAttributesA
CreateDirectoryA
OutputDebugStringA
FindClose
FindFirstFileA
FormatMessageA
HeapAlloc
SetLastError
SetUnhandledExceptionFilter
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetEvent
WaitForSingleObject
SetFilePointer
GetDiskFreeSpaceA
GetVolumeInformationA
GetDriveTypeA
SetThreadPriority
CreateThread
CreateEventA
VirtualFree
FlushFileBuffers
VirtualAlloc
GetSystemInfo
VirtualUnlock
FindNextFileA
SystemTimeToFileTime
GetSystemTime
VirtualLock
Sleep
CreateProcessA
DeleteFileA
GetACP
GetTempFileNameA

user32

DefDlgProcA
SendDlgItemMessageA
wsprintfA
LoadStringA
BeginPaint
SetClassLongA
GetClassLongA
GetUpdateRgn
GetWindowLongA
IsWindow
GetPropA
GetClassNameA
GetParent
GetClientRect
IsIconic
IsWindowVisible
GetDesktopWindow
GetWindow
IntersectRect
ClientToScreen
ShowCursor
GetCursorPos
GetTopWindow
ScreenToClient
GetWindowRect
PostMessageA
GetClassInfoA
RegisterClassA
LoadCursorA
DefWindowProcA
InvalidateRect
SetPropA
EndPaint
DrawTextA
GetWindowTextA
GetWindowTextLengthA
SendMessageA
GetDlgCtrlID
RemovePropA
SetWindowLongA
SetDlgItemTextA
CallWindowProcA
SetActiveWindow
GetActiveWindow
EnableWindow
IsWindowEnabled
ReleaseDC
GetDC
SetCursor
DrawFocusRect
DrawEdge
CreateWindowExA
SetFocus
DispatchMessageA
TranslateMessage
PostQuitMessage
PeekMessageA
ShowWindow
AdjustWindowRectEx
GetWindowThreadProcessId
GetFocus
EndDialog
DestroyWindow
IsDialogMessageA
GetDlgItem
FindWindowExA
LoadIconA
CreateCursor
GetSystemMetrics
MessageBoxA
GetForegroundWindow
DestroyCursor
GetMessageA
GetDlgItemTextA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 220KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
下载说明.htm
.html .js polyglot
使用方法.txt

Sharing

General

Malware Config

Signatures

Files

15fe9c45b6616bd12c02523213d45f5d

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

comctl32

advapi32

shell32

version

Sections

.text Size: 184KB - Virtual size: 183KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 20KB - Virtual size: 73KB

.rsrc Size: 44KB - Virtual size: 41KB

c20102fef7c819630067e0336b023349

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

wininet

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 12KB - Virtual size: 9.2MB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 32KB - Virtual size: 29KB

a0535ce3b1f9621e35259fb8d0d26efe

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

wininet

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 12KB - Virtual size: 9.2MB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 32KB - Virtual size: 28KB

0f06f75741ae56bf4ba81ef2b3c9f018

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ws2_32

wininet

bwaddin

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 82KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 8KB - Virtual size: 138KB

.rsrc Size: 96KB - Virtual size: 96KB

887dc0d76373af66ab5a31dfd37b475a

Headers

File Characteristics

.text
Size: 184KB - Virtual size: 183KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 20KB - Virtual size: 73KB

.rsrc
Size: 44KB - Virtual size: 41KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 12KB - Virtual size: 9.2MB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 32KB - Virtual size: 29KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 12KB - Virtual size: 9.2MB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 32KB - Virtual size: 28KB

.text
Size: 84KB - Virtual size: 82KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 8KB - Virtual size: 138KB

.rsrc
Size: 96KB - Virtual size: 96KB

.text
Size: 68KB - Virtual size: 64KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 12KB - Virtual size: 33.2MB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 44KB - Virtual size: 42KB

.text
Size: 140KB - Virtual size: 137KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 20KB - Virtual size: 102.4MB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 84KB - Virtual size: 80KB

.text
Size: 64KB - Virtual size: 61KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 16KB - Virtual size: 44.7MB

.rsrc
Size: 8KB - Virtual size: 5KB

.reloc
Size: 44KB - Virtual size: 43KB

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 8KB - Virtual size: 15.0MB

.rsrc
Size: 4KB - Virtual size: 776B

.reloc
Size: 32KB - Virtual size: 31KB