iDeaS_1[.]0[.]4[.]0-1081[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

iDeaS_1.0.4.0-1081.zip
Size

712KB
MD5

262282d7fa4fedf6a91f97fe6b1c76eb
SHA1

a3bf46122641d5d256835ac70d35b11c05898175
SHA256

91031136c2e6eefae4ba908c3b5274b33c57af1ad8799d9c377143852df5da50
SHA512

3ad62f8051e5c2fc548d203d52269f8eab4b3018879800fa44276fa1d57aa5122469fb233f704581b7a52b0555e373787a4c6152e38ced4dad1b0f2b8c1571c5
SSDEEP

12288:J54DiB4QMp+x6a2nj3MZL/fJiTqmiBSqOSqO8XTEYlhgNo/QMNZjRf/Nj:Y3+x6a2Qp/fJiGmigqOFTEchgtmPf1j

Score

3^/10

Malware Config

Signatures

Unsigned PE 9 IoCs

Checks for missing Authenticode signature.

resource
unpack001/iDeaS 1.0.4.0/Plugin/AceKard.dll
unpack001/iDeaS 1.0.4.0/Plugin/DInput.dll
unpack001/iDeaS 1.0.4.0/Plugin/DsPad.dll
unpack001/iDeaS 1.0.4.0/Plugin/SDL.dll
unpack001/iDeaS 1.0.4.0/Plugin/aud.dll
unpack001/iDeaS 1.0.4.0/Plugin/avicapture.dll
unpack001/iDeaS 1.0.4.0/Plugin/mic.dll
unpack001/iDeaS 1.0.4.0/Plugin/wifi.dll
unpack001/iDeaS 1.0.4.0/ideas.exe

Files

iDeaS_1.0.4.0-1081.zip
.zip

Password: ideas
iDeaS 1.0.4.0/Plugin/AceKard.dll
.dll windows:4 windows x86 arch:x86

Password: ideas

42a1e0ce64e232252b51b532db126979

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
FindAtomA
GetAtomNameA
lstrcpynA

msvcrt

__dllonexit
_assert
_errno
abort
fflush
free
malloc
memset

Exports

Exports

DeleteFunc
GetInfoFunc
ResetFunc
RunFunc
SetInfoFunc

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 344B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 155B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 568B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
iDeaS 1.0.4.0/Plugin/DInput.dll
.dll windows:4 windows x86 arch:x86

Password: ideas

0aa23b6768d50d6502d3057ac2c04b10

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

comctl32

CreatePropertySheetPageA

dinput8

DirectInput8Create

gdi32

CreatePen
DeleteObject
GetStockObject
LineTo
MoveToEx
PolylineTo
SelectObject
SetPixel

kernel32

AddAtomA
FindAtomA
GetAtomNameA
GetModuleFileNameA
GetPrivateProfileIntA
GetPrivateProfileStringA
MultiByteToWideChar
WritePrivateProfileStringA
lstrcatA
lstrcpynA

msvcrt

__dllonexit
_errno
_iob
abort
fflush
fprintf
free
malloc
memcpy

ole32

CLSIDFromString
StringFromGUID2

shlwapi

PathRemoveFileSpecA

user32

BeginPaint
DestroyWindow
EnableWindow
EndPaint
FrameRect
GetClientRect
GetDC
GetDlgItem
GetParent
InvalidateRect
KillTimer
MessageBoxA
ReleaseDC
SendMessageA
SetDlgItemTextA
SetTimer
SetWindowLongA
SetWindowTextA
SystemParametersInfoA
wsprintfA

Exports

Exports

DeleteFunc
DeleteFunc@0
GetInfoFunc
GetInfoFunc@4
ResetFunc
ResetFunc@0
RunFunc
RunFunc@4
SetInfoFunc
SetInfoFunc@4
SetPropertyFunc
SetPropertyFunc@4

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 624B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 321B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
iDeaS 1.0.4.0/Plugin/DsPad.dll
.dll windows:4 windows x86 arch:x86

Password: ideas

72f7d8118f28b0fadaed8da7b3a85339

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RtlUnwind
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
ReadFile
SetEndOfFile
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapAlloc
HeapSize
EnterCriticalSection
LeaveCriticalSection
HeapFree
GetLastError
CloseHandle
InitializeCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
SetFilePointer
InterlockedDecrement
InterlockedIncrement
SetStdHandle
FlushFileBuffers
CreateFileA
MultiByteToWideChar

user32

GetDC
FrameRect
FillRect
ReleaseDC
GetDlgItem
EnableWindow
SetTimer
SendMessageA
SetWindowTextA
MessageBoxA

gdi32

DeleteObject
CreateSolidBrush

sdl

SDL_JoystickUpdate
SDL_JoystickGetHat
SDL_JoystickGetAxis
SDL_JoystickNumButtons
SDL_JoystickGetButton
SDL_JoystickClose
SDL_Quit
SDL_Init
SDL_JoystickOpen
SDL_JoystickOpened
SDL_GetError

comctl32

CreatePropertySheetPageA

Exports

Exports

DeleteFunc
GetInfoFunc
RunFunc
SetInfoFunc
SetPropertyFunc

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
iDeaS 1.0.4.0/Plugin/SDL.dll
.dll windows:4 windows x86 arch:x86

Password: ideas

3cac573b810d2b09cc2fdfb3b0f3e2c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

gdi32

BitBlt
ChoosePixelFormat
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreatePalette
DeleteDC
DeleteObject
DescribePixelFormat
GetDIBits
GetDeviceCaps
GetDeviceGammaRamp
GetSystemPaletteEntries
GetSystemPaletteUse
RealizePalette
SelectObject
SelectPalette
SetDIBColorTable
SetDeviceGammaRamp
SetPaletteEntries
SetPixelFormat
SetSystemPaletteUse
SwapBuffers
UnrealizeObject

kernel32

AddAtomA
CloseHandle
CreateEventA
CreateFileA
CreateMutexA
CreateSemaphoreA
FindAtomA
FormatMessageA
FreeLibrary
GetACP
GetAtomNameA
GetCurrentThread
GetCurrentThreadId
GetDriveTypeA
GetEnvironmentVariableA
GetLastError
GetLocaleInfoA
GetModuleHandleA
GetProcAddress
GetVersionExA
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
MultiByteToWideChar
QueryPerformanceCounter
ReadFile
ReleaseMutex
ReleaseSemaphore
SetEnvironmentVariableA
SetErrorMode
SetFilePointer
SetThreadPriority
Sleep
TerminateThread
WaitForSingleObject
WideCharToMultiByte
WriteFile

msvcrt

_strdup
__dllonexit
__mb_cur_max
_assert
_beginthreadex
_endthreadex
_errno
_iob
_isctype
_pctype
_stricmp
_vsnprintf
abort
atof
atoi
fclose
fflush
fprintf
fread
free
fseek
ftell
fwrite
log
malloc
memcpy
memset
pow
qsort
raise
realloc
signal
sscanf
strchr
strlen
strstr

user32

AdjustWindowRect
AdjustWindowRectEx
BeginPaint
CallWindowProcA
ChangeDisplaySettingsA
ClientToScreen
ClipCursor
CreateCursor
CreateIconFromResourceEx
CreateWindowExA
DefWindowProcA
DestroyCursor
DestroyIcon
DestroyWindow
DispatchMessageA
EndPaint
EnumDisplaySettingsA
GetClassInfoA
GetClientRect
GetCursor
GetCursorPos
GetDC
GetDesktopWindow
GetForegroundWindow
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutNameA
GetKeyboardState
GetMenu
GetMessageA
GetParent
GetSystemMetrics
GetWindowLongA
GetWindowRect
InvalidateRect
IsZoomed
KillTimer
LoadImageA
LoadKeyboardLayoutA
MapVirtualKeyA
MapVirtualKeyExA
MapWindowPoints
MsgWaitForMultipleObjects
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RegisterClassA
ReleaseCapture
ReleaseDC
ScreenToClient
SetCapture
SetClassLongA
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
ToAsciiEx
ToUnicode
TranslateMessage
UnregisterClassA
WindowFromPoint

winmm

joyGetDevCapsA
joyGetNumDevs
joyGetPosEx
mciGetErrorStringA
mciSendCommandA
timeBeginPeriod
timeEndPeriod
timeGetTime
timeKillEvent
timeSetEvent
waveOutClose
waveOutGetErrorTextA
waveOutOpen
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite

Exports

Exports

SDL_AddTimer
SDL_AllocRW
SDL_AudioDriverName
SDL_AudioInit
SDL_AudioQuit
SDL_BuildAudioCVT
SDL_CDClose
SDL_CDEject
SDL_CDName
SDL_CDNumDrives
SDL_CDOpen
SDL_CDPause
SDL_CDPlay
SDL_CDPlayTracks
SDL_CDResume
SDL_CDStatus
SDL_CDStop
SDL_ClearError
SDL_CloseAudio
SDL_CondBroadcast
SDL_CondSignal
SDL_CondWait
SDL_CondWaitTimeout
SDL_ConvertAudio
SDL_ConvertSurface
SDL_CreateCond
SDL_CreateCursor
SDL_CreateMutex
SDL_CreateRGBSurface
SDL_CreateRGBSurfaceFrom
SDL_CreateSemaphore
SDL_CreateThread
SDL_CreateYUVOverlay
SDL_Delay
SDL_DestroyCond
SDL_DestroyMutex
SDL_DestroySemaphore
SDL_DisplayFormat
SDL_DisplayFormatAlpha
SDL_DisplayYUVOverlay
SDL_EnableKeyRepeat
SDL_EnableUNICODE
SDL_Error
SDL_EventState
SDL_FillRect
SDL_Flip
SDL_FreeCursor
SDL_FreeRW
SDL_FreeSurface
SDL_FreeWAV
SDL_FreeYUVOverlay
SDL_GL_GetAttribute
SDL_GL_GetProcAddress
SDL_GL_LoadLibrary
SDL_GL_Lock
SDL_GL_SetAttribute
SDL_GL_SwapBuffers
SDL_GL_Unlock
SDL_GL_UpdateRects
SDL_GetAppState
SDL_GetAudioStatus
SDL_GetClipRect
SDL_GetCursor
SDL_GetError
SDL_GetEventFilter
SDL_GetGammaRamp
SDL_GetKeyName
SDL_GetKeyRepeat
SDL_GetKeyState
SDL_GetModState
SDL_GetMouseState
SDL_GetRGB
SDL_GetRGBA
SDL_GetRelativeMouseState
SDL_GetThreadID
SDL_GetTicks
SDL_GetVideoInfo
SDL_GetVideoSurface
SDL_GetWMInfo
SDL_Has3DNow
SDL_Has3DNowExt
SDL_HasAltiVec
SDL_HasMMX
SDL_HasMMXExt
SDL_HasRDTSC
SDL_HasSSE
SDL_HasSSE2
SDL_Init
SDL_InitSubSystem
SDL_JoystickClose
SDL_JoystickEventState
SDL_JoystickGetAxis
SDL_JoystickGetBall
SDL_JoystickGetButton
SDL_JoystickGetHat
SDL_JoystickIndex
SDL_JoystickName
SDL_JoystickNumAxes
SDL_JoystickNumBalls
SDL_JoystickNumButtons
SDL_JoystickNumHats
SDL_JoystickOpen
SDL_JoystickOpened
SDL_JoystickUpdate
SDL_KillThread
SDL_Linked_Version
SDL_ListModes
SDL_LoadBMP_RW
SDL_LoadFunction
SDL_LoadObject
SDL_LoadWAV_RW
SDL_LockAudio
SDL_LockSurface
SDL_LockYUVOverlay
SDL_LowerBlit
SDL_MapRGB
SDL_MapRGBA
SDL_MixAudio
SDL_NumJoysticks
SDL_OpenAudio
SDL_PauseAudio
SDL_PeepEvents
SDL_PollEvent
SDL_PumpEvents
SDL_PushEvent
SDL_Quit
SDL_QuitSubSystem
SDL_RWFromConstMem
SDL_RWFromFP
SDL_RWFromFile
SDL_RWFromMem
SDL_ReadBE16
SDL_ReadBE32
SDL_ReadBE64
SDL_ReadLE16
SDL_ReadLE32
SDL_ReadLE64
SDL_RegisterApp
SDL_RemoveTimer
SDL_SaveBMP_RW
SDL_SemPost
SDL_SemTryWait
SDL_SemValue
SDL_SemWait
SDL_SemWaitTimeout
SDL_SetAlpha
SDL_SetClipRect
SDL_SetColorKey
SDL_SetColors
SDL_SetCursor
SDL_SetError
SDL_SetEventFilter
SDL_SetGamma
SDL_SetGammaRamp
SDL_SetModState
SDL_SetModuleHandle
SDL_SetPalette
SDL_SetTimer
SDL_SetVideoMode
SDL_ShowCursor
SDL_SoftStretch
SDL_ThreadID
SDL_UnloadObject
SDL_UnlockAudio
SDL_UnlockSurface
SDL_UnlockYUVOverlay
SDL_UnregisterApp
SDL_UpdateRect
SDL_UpdateRects
SDL_UpperBlit
SDL_VideoDriverName
SDL_VideoInit
SDL_VideoModeOK
SDL_VideoQuit
SDL_WM_GetCaption
SDL_WM_GrabInput
SDL_WM_IconifyWindow
SDL_WM_SetCaption
SDL_WM_SetIcon
SDL_WM_ToggleFullScreen
SDL_WaitEvent
SDL_WaitThread
SDL_WarpMouse
SDL_WasInit
SDL_WriteBE16
SDL_WriteBE32
SDL_WriteBE64
SDL_WriteLE16
SDL_WriteLE32
SDL_WriteLE64
SDL_getenv
SDL_iconv
SDL_iconv_close
SDL_iconv_open
SDL_iconv_string
SDL_memcmp
SDL_mutexP
SDL_mutexV
SDL_putenv
SDL_strlcat
SDL_strlcpy
SDL_strtod

Sections

.text
Size: 253KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 35KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
iDeaS 1.0.4.0/Plugin/aud.dll
.dll windows:4 windows x86 arch:x86

Password: ideas

2eb560305b49066883b59a0e57ee0f8f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

comctl32

CreatePropertySheetPageA
ImageList_AddMasked
ImageList_Create
ImageList_Destroy

gdi32

DeleteObject
SetTextColor

kernel32

AddAtomA
CloseHandle
CreateFileA
CreateSemaphoreA
FindAtomA
FlushFileBuffers
GetAtomNameA
GetFileSize
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetTickCount
GlobalAlloc
GlobalFree
InterlockedDecrement
InterlockedIncrement
LocalAlloc
LocalFree
ReadFile
ReleaseSemaphore
SetEndOfFile
SetFilePointer
SetLastError
Sleep
SleepEx
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForSingleObject
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA

msvcrt

_write
__dllonexit
__mb_cur_max
_assert
_errno
_isctype
_pctype
abort
atoi
ceil
fflush
free
malloc
memcpy
memset
sprintf
sscanf
strchr
strcmp
strlen
strrchr
tolower

ole32

CoCreateInstance

user32

CharLowerBuffA
CharUpperBuffA
CheckMenuItem
DestroyMenu
DispatchMessageA
EnableWindow
GetActiveWindow
GetDlgCtrlID
GetDlgItem
GetSubMenu
GetSysColor
GetSysColorBrush
LoadBitmapA
LoadMenuA
LoadStringA
MapWindowPoints
MessageBoxA
PeekMessageA
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetFocus
TrackPopupMenu
wsprintfA
wvsprintfA

Exports

Exports

DeleteFunc
GetInfoFunc
LoadStateFunc
ResetFunc
RunFunc
SaveStateFunc
SetInfoFunc
SetPropertyFunc

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 225B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
iDeaS 1.0.4.0/Plugin/avicapture.dll
.dll windows:4 windows x86 arch:x86

Password: ideas

036b83f4a22bbd17b22ef84178822aa9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

comctl32

CreatePropertySheetPageA

comdlg32

GetSaveFileNameA

kernel32

AddAtomA
FindAtomA
GetAtomNameA
GetStdHandle
GlobalAlloc
GlobalFree
WriteConsoleA
lstrcpynA
lstrlenA

msvcrt

__dllonexit
_errno
_iob
abort
fflush
fprintf
free
malloc
memcpy
memset

user32

GetDlgItem
GetWindowTextA
SendMessageA
SetWindowTextA
wsprintfA

avifil32

AVIFileCreateStreamA
AVIFileExit
AVIFileInit
AVIFileOpenA
AVIFileRelease
AVIMakeCompressedStream
AVISaveOptions
AVISaveOptionsFree
AVIStreamRelease
AVIStreamSetFormat
AVIStreamWrite

Exports

Exports

DeleteFunc
DeleteFunc@0
GetInfoFunc
GetInfoFunc@4
ResetFunc
ResetFunc@0
RunFunc
RunFunc@4
SetInfoFunc
SetInfoFunc@4
SetPropertyFunc
SetPropertyFunc@4

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 592B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 325B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
iDeaS 1.0.4.0/Plugin/mic.dll
.dll windows:4 windows x86 arch:x86

Password: ideas

1643cab873be7aa775b257946e7b24a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
FindAtomA
GetAtomNameA
lstrcpynA

msvcrt

__dllonexit
_assert
_errno
abort
fflush
free
malloc
memset

ole32

CoCreateInstance

Exports

Exports

DeleteFunc
GetInfoFunc
LoadStateFunc
ResetFunc
RunFunc
SaveStateFunc
SetInfoFunc
SetPropertyFunc

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 336B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 225B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 476B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
iDeaS 1.0.4.0/Plugin/wifi.dll
.dll windows:4 windows x86 arch:x86

Password: ideas

2f58e0b864d1eba075c6e6456c827487

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

comctl32

CreatePropertySheetPageA

iphlpapi

GetAdaptersInfo
GetNetworkParams

kernel32

AddAtomA
CreateSemaphoreA
CreateThread
FindAtomA
GetAtomNameA
GetLastError
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
LocalAlloc
LocalFree
ReleaseSemaphore
ResumeThread
SetLastError
Sleep
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForSingleObject
lstrcpynA

msvcrt

__dllonexit
_assert
_errno
abort
fflush
free
malloc
memcpy
memset
strcmp

user32

SendDlgItemMessageA
SendMessageA
wsprintfA

ws2_32

WSACloseEvent
WSACreateEvent
WSAEventSelect
WSAResetEvent
WSASetEvent
WSAWaitForMultipleEvents

wsock32

WSACleanup
WSAGetLastError
WSAStartup
closesocket
connect
htonl
htons
inet_addr
ioctlsocket
ntohl
ntohs
recv
send
shutdown
socket

Exports

Exports

DeleteFunc
GetInfoFunc
LoadStateFunc
ResetFunc
RunFunc
SaveStateFunc
SetInfoFunc
SetPropertyFunc

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 226B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
iDeaS 1.0.4.0/Saves/Contra 4.sav
iDeaS 1.0.4.0/Saves/Dragon Quest IX.sav
iDeaS 1.0.4.0/Saves/Duke Nukem - Critical Mass.sav
iDeaS 1.0.4.0/Saves/Kim Possible - Kimmunicator.sav
iDeaS 1.0.4.0/Saves/Ragnarok DS.sav
iDeaS 1.0.4.0/Saves/Ridge Racer DS.sav
iDeaS 1.0.4.0/Saves/Tales Of Innocence.sav
iDeaS 1.0.4.0/Saves/Theresia - Dear Emile.sav
iDeaS 1.0.4.0/Saves/Xenosaga I-II.sav
iDeaS 1.0.4.0/Screenshots/Thumbs.db
iDeaS 1.0.4.0/Software.ini
iDeaS 1.0.4.0/ideas.exe
.exe windows:4 windows x86 arch:x86

1939edf46b3ff97c92c123ccd3b9ef31

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateDirectoryA
CreateEventA
CreateFileA
CreateMutexA
CreateThread
DeleteFileA
DosDateTimeToFileTime
EnterCriticalSection
EnumResourceLanguagesA
ExitProcess
FileTimeToDosDateTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCurrentDirectoryA
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStrings
GetFileAttributesA
GetFileSize
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetSystemDefaultLCID
GetSystemInfo
GetTempFileNameA
GetTempPathA
GetTickCount
GetTimeFormatA
GetVersion
GetVersionExA
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalUnlock
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LocalAlloc
LocalFree
LocalSize
MultiByteToWideChar
RaiseException
ReadFile
ReleaseMutex
ResumeThread
RtlUnwind
SetConsoleCtrlHandler
SetCurrentDirectoryA
SetEndOfFile
SetEvent
SetFilePointer
SetHandleCount
SetThreadIdealProcessor
SetThreadLocale
Sleep
SleepEx
SystemTimeToFileTime
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

comctl32

CreatePropertySheetPageA
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_Draw
ImageList_EndDrag
ImageList_LoadImageA
ImageList_ReplaceIcon
InitCommonControlsEx
PropertySheetA
ImageList_DrawEx

comdlg32

GetOpenFileNameA
GetSaveFileNameA

gdi32

BitBlt
ChoosePixelFormat
CreateBitmap
CreateCompatibleDC
CreateDIBSection
CreateSolidBrush
DeleteDC
DeleteObject
ExtTextOutA
GetDIBits
GetDeviceCaps
GetObjectA
GetStockObject
GetTextExtentPoint32A
SelectObject
SetBkColor
SetBkMode
SetPixelFormat
SetTextAlign
SetTextColor
SetWindowOrgEx
StretchDIBits
TextOutA

opengl32

glAlphaFunc
glBegin
glBindTexture
glBlendFunc
glCallList
glClear
glClearColor
glClearDepth
glColor4fv
glColorMask
glCullFace
glDeleteLists
glDeleteTextures
glDepthFunc
glDepthMask
glDepthRange
glDisable
glDrawPixels
glEnable
glEnd
glEndList
glFinish
glFlush
glFogf
glFogfv
glFogi
glGenLists
glGenTextures
glGetError
glGetIntegerv
glGetString
glIsList
glLightfv
glLoadIdentity
glMaterialfv
glMatrixMode
glNewList
glNormal3fv
glPolygonMode
glPopAttrib
glPushAttrib
glReadBuffer
glReadPixels
glStencilFunc
glStencilOp
glTexCoord2f
glTexCoord2fv
glTexEnvf
glTexEnvfv
glTexEnvi
glTexImage1D
glTexImage2D
glTexParameteri
glVertex4fv
glViewport
wglCreateContext
wglDeleteContext
wglGetCurrentDC
wglGetProcAddress
wglMakeCurrent

shell32

DragFinish
DragQueryFileA
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA

user32

AdjustWindowRect
AppendMenuA
BeginDeferWindowPos
BeginPaint
BringWindowToTop
CallWindowProcA
CharLowerBuffA
CharUpperBuffA
CheckMenuItem
CheckMenuRadioItem
ClientToScreen
CloseClipboard
CopyAcceleratorTableA
CopyRect
CreateAcceleratorTableA
CreateCaret
CreateDialogParamA
CreatePopupMenu
CreateWindowExA
DefWindowProcA
DeferWindowPos
DeleteMenu
DestroyAcceleratorTable
DestroyCaret
DestroyMenu
DestroyWindow
DialogBoxParamA
DispatchMessageA
DrawEdge
DrawFocusRect
DrawIconEx
DrawMenuBar
DrawTextA
EmptyClipboard
EnableMenuItem
EnableWindow
EndDeferWindowPos
EndDialog
EndPaint
EnumThreadWindows
FillRect
GetAsyncKeyState
GetClientRect
GetCursorPos
GetDC
GetDialogBaseUnits
GetDlgCtrlID
GetDlgItem
GetDlgItemTextA
GetKeyNameTextA
GetMenu
GetMenuItemCount
GetMenuItemInfoA
GetMessageA
GetNextDlgTabItem
GetParent
GetScrollInfo
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMetrics
GetWindowLongA
GetWindowRect
GetWindowTextA
HideCaret
InflateRect
InsertMenuItemA
InvalidateRect
IsDialogMessageA
IsRectEmpty
IsWindow
IsWindowEnabled
KillTimer
LoadAcceleratorsA
LoadBitmapA
LoadCursorA
LoadIconA
LoadMenuA
MapVirtualKeyA
MapWindowPoints
MessageBeep
MessageBoxA
MessageBoxIndirectA
MoveWindow
OffsetRect
OpenClipboard
PeekMessageA
PostMessageA
PtInRect
RedrawWindow
RegisterClassA
ReleaseCapture
ReleaseDC
ScreenToClient
SendDlgItemMessageA
SendMessageA
SetActiveWindow
SetCapture
SetCaretPos
SetClassLongA
SetClipboardData
SetDlgItemTextA
SetFocus
SetForegroundWindow
SetMenuItemInfoA
SetParent
SetRect
SetScrollInfo
SetScrollPos
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowCaret
ShowWindow
TrackPopupMenu
TranslateAcceleratorA
TranslateMessage
UnregisterClassA
UpdateWindow
WaitMessage
wsprintfA
wvsprintfA

ole32

OleInitialize
OleUninitialize

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 480KB - Virtual size: 484KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
iDeaS 1.0.4.0/readme.txt
iDeaS 1.0.4.0/.doc
.doc windows office2003

Sharing

General

Malware Config

Signatures

Files

Password: ideas

Password: ideas

42a1e0ce64e232252b51b532db126979

Headers

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 48B

.rdata Size: 1024B - Virtual size: 836B

.bss Size: - Virtual size: 344B

.edata Size: 512B - Virtual size: 155B

.idata Size: 512B - Virtual size: 396B

.reloc Size: 1024B - Virtual size: 568B

Password: ideas

0aa23b6768d50d6502d3057ac2c04b10

Headers

File Characteristics

Imports

comctl32

dinput8

gdi32

kernel32

msvcrt

ole32

shlwapi

user32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 480B

.rdata Size: 10KB - Virtual size: 9KB

.bss Size: - Virtual size: 624B

.edata Size: 512B - Virtual size: 321B

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 648B

Password: ideas

72f7d8118f28b0fadaed8da7b3a85339

Headers

File Characteristics

Imports

kernel32

user32

gdi32

sdl

comctl32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 4KB - Virtual size: 576B

.reloc Size: 4KB - Virtual size: 3KB

Password: ideas

3cac573b810d2b09cc2fdfb3b0f3e2c9

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

msvcrt

user32

winmm

Exports

Exports

Sections

.text Size: 253KB - Virtual size: 252KB

.text
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 48B

.rdata
Size: 1024B - Virtual size: 836B

.bss
Size: - Virtual size: 344B

.edata
Size: 512B - Virtual size: 155B

.idata
Size: 512B - Virtual size: 396B

.reloc
Size: 1024B - Virtual size: 568B

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 480B

.rdata
Size: 10KB - Virtual size: 9KB

.bss
Size: - Virtual size: 624B

.edata
Size: 512B - Virtual size: 321B

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 648B

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 4KB - Virtual size: 576B

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 253KB - Virtual size: 252KB

.data
Size: 6KB - Virtual size: 6KB

.rdata
Size: 32KB - Virtual size: 32KB

.bss
Size: - Virtual size: 35KB

.edata
Size: 5KB - Virtual size: 5KB

.idata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 1024B - Virtual size: 784B

.reloc
Size: 8KB - Virtual size: 8KB

.text
Size: 48KB - Virtual size: 47KB

.data
Size: 512B - Virtual size: 320B

.rdata
Size: 11KB - Virtual size: 10KB

.bss
Size: - Virtual size: 18KB

.edata
Size: 512B - Virtual size: 225B

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 320B

.rdata
Size: 1024B - Virtual size: 592B

.bss
Size: - Virtual size: 592B

.edata
Size: 512B - Virtual size: 325B

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 608B

.text
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 48B

.rdata
Size: 9KB - Virtual size: 9KB

.bss
Size: - Virtual size: 336B

.edata
Size: 512B - Virtual size: 225B

.idata
Size: 512B - Virtual size: 476B

.reloc
Size: 512B - Virtual size: 228B