c051b214f194f2033d266808aa57252f

Sharing

Copy URL Twitter E-mail

General

Target

c051b214f194f2033d266808aa57252f
Size

13.8MB
MD5

c051b214f194f2033d266808aa57252f
SHA1

b4582d62241b754025f92bf480162c522e48024b
SHA256

9b6b065c51582937da1816e812faf250645ca1dee0a4076ac92b0952e4092a4a
SHA512

2335e01f4d238f1b3afc74fe087c0a97d29984ef47df6f3751f541b9c56a675621b1a16546df6baa215e6ea0670e3f2cad6fa2b48dcd10b57b6fc50a064c5d3d
SSDEEP

393216:hC4vPj2z/rqAQgamAbgM7EP4XbcrK18yAGIxhJQJrx:vpAmgMYP4XbQKK9Gr

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/汪来加法城/WinCtrls.u32	aspack_v212_v242

Unsigned PE 15 IoCs

Checks for missing Authenticode signature.

resource
unpack001/汪来加法城/Budapi.u32
unpack001/汪来加法城/WinCtrls.u32
unpack001/汪来加法城/XTRAS/AWMP3.X32
unpack001/汪来加法城/XTRAS/BMPVIEW.X32
unpack001/汪来加法城/XTRAS/DMPACK1.X32
unpack001/汪来加法城/XTRAS/JPEGIMP.X32
unpack001/汪来加法城/XTRAS/MIX32.X32
unpack001/汪来加法城/XTRAS/MIXVIEW.X32
unpack001/汪来加法城/XTRAS/SWADCMPR.X32
unpack001/汪来加法城/XTRAS/VIEWSVC.X32
unpack001/汪来加法城/XTRAS/WMFVIEW.X32
unpack001/汪来加法城/altools.u32
unpack001/汪来加法城/tMscontrols.u32
unpack001/汪来加法城/你的车库.exe
unpack001/汪来加法城/汪来加法城.exe

Files

c051b214f194f2033d266808aa57252f
.rar
下载说明.htm
.html .js polyglot
汪来加法城/Budapi.u32
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DdeCallback
KeysMsgProc
MouseMsgProc
PlayProc
SysKeyMsgProc
baAbout
baActivateWindow
baActiveWindow
baAddSysItems
baAw2Window
baCloseApp
baCloseWindow
baCommandArgs
baCopyFile
baCopyText
baCopyXFiles
baCreateFolder
baCreatePMGroup
baCreatePMIcon
baDecryptText
baDeleteFile
baDeleteFolder
baDeletePMGroup
baDeletePMIcon
baDeleteReg
baDeleteXFiles
baDisableDiskErrors
baDisableKeys
baDisableMouse
baDisableScreenSaver
baDisableSwitching
baDiskInfo
baEncryptFile
baEncryptText
baExitWindows
baFileAge
baFileAttributes
baFileDate
baFileExists
baFileList
baFileSize
baFileVersion
baFindApp
baFindClose
baFindDrive
baFindFirstFile
baFindNextFile
baFindWindow
baFolderExists
baFolderList
baFontInstalled
baFreeCursor
baGetVolume
baGetWindow
baHideTaskBar
baInstallFont
baKeyBeenPressed
baKeyIsDown
baMakeShortcut
baMemoryInfo
baMoveWindow
baMsgBox
baNextActiveWindow
baOpenFile
baOpenURL
baPMGroupList
baPMIconList
baPMSubGroupList
baPasteText
baPlaceCursor
baPrevious
baPrintFile
baReadIni
baReadRegNumber
baReadRegString
baRecycleFile
baRemoveSysItems
baRenameFile
baRestrictCursor
baRunProgram
baScreenInfo
baScreenSaverTime
baSendKeys
baSendMsg
baSetCurrentDir
baSetDisplay
baSetFileAttributes
baSetPattern
baSetScreenSaver
baSetVolume
baSetWallpaper
baSetWindowDepth
baSetWindowState
baSetWindowTitle
baShortFileName
baSoundCard
baSysFolder
baTempFileName
baVersion
baWaitForWindow
baWaitTillActive
baWinHandle
baWinHelp
baWindowDepth
baWindowExists
baWindowInfo
baWindowList
baWindowToBack
baWindowToFront
baWriteIni
baWriteRegNumber
baWriteRegString
baXCopy
baXDelete
cbSetWinDepthProc
cbWinDepthProc
cbWinListProc

Sections

CODE
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
汪来加法城/WinCtrls.u32
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DispBmpResProc
wcColorToRGB
wcDisplayControl
wcEraseControl
wcGetControlBitmap
wcGetControlDesc
wcGetControlList
wcGetControlsByProperty
wcGetFocusedControl
wcGetPropertiesByControl
wcGetPropertyDefault
wcGetPropertyDesc
wcGetPropertyList
wcGetPropertyType
wcGetPropertyValue
wcNotifications
wcPreventAutomaticErase
wcRGBToColor
wcSetPropertyValue

Sections

CODE
Size: 195KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
汪来加法城/XTRAS/AWMP3.X32
.dll windows:4 windows x86 arch:x86

5fd669ea643adccdc0dbe0f34b1f487e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapDestroy
GetVersionExA
RtlUnwind
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetProcAddress
GetModuleHandleA
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapCreate
VirtualFree
HeapFree
WriteFile
HeapAlloc
InterlockedDecrement
InterlockedIncrement
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

DllCanUnloadNow
DllGetClassForm
DllGetClassInfo
DllGetClassObject
DllGetInterface

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
汪来加法城/XTRAS/BMPVIEW.X32
.dll windows:4 windows x86 arch:x86

2fdd25610daa7981c6253ae5474bf538

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetHandleCount
VirtualFree
SetFilePointer
RtlUnwind
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
HeapAlloc
HeapFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
CloseHandle
SetStdHandle
GetFileType
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
WriteFile
VirtualAlloc
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
LoadLibraryA
FlushFileBuffers
HeapReAlloc
HeapSize

Exports

Exports

DllCanUnloadNow
DllGetClassForm
DllGetClassInfo
DllGetClassObject
DllGetInterface

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
汪来加法城/XTRAS/DMPACK1.X32
.dll windows:4 windows x86 arch:x86

80626e7c8f961407b2d794b2fbad65b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindResourceA
SizeofResource
LoadResource
LockResource
GetModuleHandleA
GetStartupInfoA
HeapDestroy
FlushFileBuffers
SetStdHandle
CloseHandle
SetFilePointer
GetLastError
LoadLibraryA
GetStringTypeA
VirtualAlloc
GetStringTypeW
GetCommandLineA
GetProcAddress
FreeResource
GetVersion
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetOEMCP
FreeEnvironmentStringsA
HeapCreate
VirtualFree
GetModuleFileNameA
GetCPInfo
GetACP
WideCharToMultiByte
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile

user32

CheckRadioButton
MoveWindow
IsDlgButtonChecked
GetParent
GetWindowRect
EndDialog
LoadBitmapA
ShowWindow
GetDlgItem

gdi32

DeleteDC
CreateCompatibleBitmap
StretchBlt
GetObjectA
DeleteObject
BitBlt
SelectObject
CreateCompatibleDC
CreateDIBSection
GetStockObject

Exports

Exports

DllCanUnloadNow
DllGetClassForm
DllGetClassInfo
DllGetClassObject
DllGetInterface

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
汪来加法城/XTRAS/JPEGIMP.X32
.dll windows:4 windows x86 arch:x86

3416d78532757e3047fe9b8c19675b74

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStdHandle
GetFileType
LCMapStringW
HeapFree
HeapAlloc
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
RtlUnwind
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStringTypeW
LCMapStringA
GetStartupInfoA
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
WriteFile
LoadLibraryA
GetStringTypeA

Exports

Exports

DllCanUnloadNow
DllGetClassForm
DllGetClassInfo
DllGetClassObject
DllGetInterface

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
汪来加法城/XTRAS/MIX32.X32
.dll windows:1 windows x86 arch:x86

516d96cfdc44d9e18781bf957dcfee80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTempPathA
CloseHandle
GetCurrentDirectoryA
MultiByteToWideChar
CreateFileA
SetEndOfFile
SetFilePointer
OpenFile
_lclose
CreateDirectoryA
FindFirstFileA
RemoveDirectoryA
MoveFileA
GlobalFree
GetTickCount
CreateProcessA
GetCurrentThreadId
GetModuleHandleA
WideCharToMultiByte
GetModuleFileNameA
DeleteFileA
GetFileAttributesA
GetLastError
GlobalSize
GlobalAlloc
FindNextFileA
FindClose
_hwrite
GetUserDefaultLangID
_hread
_llseek
GlobalUnlock
GetStdHandle
TlsAlloc
GetFileType
GetLogicalDrives
GetFullPathNameA
GetCPInfo
GetOEMCP
GetACP
GetProcAddress
ExitProcess
LeaveCriticalSection
GlobalLock
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetVersion
GetCommandLineA
FileTimeToLocalFileTime
SetEnvironmentVariableA
FlushFileBuffers
SetStdHandle
GetTimeZoneInformation
WriteFile
GetStartupInfoA
TlsSetValue
GetEnvironmentStrings
TlsGetValue
TlsFree
GetDriveTypeA
VirtualAlloc
VirtualFree
FileTimeToSystemTime

user32

GetDesktopWindow
GetActiveWindow
ReleaseDC
wsprintfA
GetClipboardFormatNameA
SetForegroundWindow
GetWindowThreadProcessId
EnumWindows
RegisterClipboardFormatA
CharLowerA
IsWindowVisible
GetParent
EnumThreadWindows

gdi32

SelectPalette
RealizePalette
GetStockObject
CreateCompatibleDC
GetDIBits
GetObjectA

advapi32

RegCloseKey
RegEnumKeyA
RegQueryValueA
RegSetValueA
RegCreateKeyA

shell32

FindExecutableA
DragQueryFileA

ole32

OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
StringFromGUID2
ReleaseStgMedium
CoGetMalloc
OleGetClipboard
DoDragDrop
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoCreateInstance

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Exports

Exports

DllCanUnloadNow
DllGetClassForm
DllGetClassInfo
DllGetClassObject
DllGetInterface

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
汪来加法城/XTRAS/MIXVIEW.X32
.dll windows:4 windows x86 arch:x86

8053b170264ea63c73bea4ae025ac8a2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStdHandle
GetFileType
SetFilePointer
RtlUnwind
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
CloseHandle
SetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
WriteFile
HeapFree
HeapAlloc
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
VirtualAlloc
LoadLibraryA
FlushFileBuffers
HeapReAlloc
HeapSize

Exports

Exports

DllCanUnloadNow
DllGetClassForm
DllGetClassInfo
DllGetClassObject
DllGetInterface

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
汪来加法城/XTRAS/SWADCMPR.X32
.dll windows:4 windows x86 arch:x86

778d301d8ddd609a223726b8e3db30f0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetOEMCP
GetCPInfo
GetACP
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetStringTypeW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
WriteFile
HeapFree
HeapAlloc
VirtualAlloc
LoadLibraryA
GetStringTypeA
LCMapStringA
LCMapStringW
RaiseException
FlushFileBuffers
CloseHandle
SetStdHandle
SetFilePointer
GetLocaleInfoA
GetLocaleInfoW

Exports

Exports

DllCanUnloadNow
DllGetClassForm
DllGetClassInfo
DllGetClassObject
DllGetInterface

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
汪来加法城/XTRAS/VIEWSVC.X32
.dll windows:4 windows x86 arch:x86

314d2eacc5d3a48f48d46ce982a61ce0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
LoadLibraryA
GetProcAddress
GlobalAlloc
lstrcpynA
lstrlenA
GlobalLock
GlobalSize
GlobalReAlloc
GetLastError
GlobalUnlock
SetLastError
LeaveCriticalSection
GetACP
GetOEMCP
GetLocaleInfoW
RtlUnwind
GetCommandLineA
GetModuleHandleA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
GlobalFree
ExitProcess
HeapFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
HeapAlloc
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetCPInfo
GetLocaleInfoA
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
WriteFile
VirtualAlloc
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
FlushFileBuffers
HeapReAlloc
HeapSize
CloseHandle
SetStdHandle
SetFilePointer

user32

CharNextA
IntersectRect

gdi32

DeleteObject
CreateFontIndirectA
SelectObject
SetTextColor
SetTextAlign
GetTextMetricsA
GetTextExtentPoint32A
RectVisible
GetCharABCWidthsA
StretchBlt
SetBkColor
ExtTextOutA
GetPixel
SetStretchBltMode
GetClipBox
GetBitmapBits
GetTextFaceA
StretchDIBits
DeleteDC
GetTextColor
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetDIBits
GetObjectA
CreateBitmap

Exports

Exports

DllCanUnloadNow
DllGetClassForm
DllGetClassInfo
DllGetClassObject
DllGetInterface

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
汪来加法城/XTRAS/WMFVIEW.X32
.dll windows:4 windows x86 arch:x86

feea7adb85e6d7e6ac76fe0ae17c4ab7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalLock
GlobalUnlock
EnterCriticalSection
HeapDestroy
HeapCreate
SetStdHandle
CloseHandle
SetFilePointer
LoadLibraryA
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
GlobalFree
LeaveCriticalSection
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
VirtualAlloc
FlushFileBuffers
VirtualFree
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
WriteFile
HeapFree
HeapAlloc

user32

ReleaseDC
GetDC

gdi32

SelectObject
DeleteMetaFile
OffsetWindowOrgEx
OffsetViewportOrgEx
ScaleViewportExtEx
CreateCompatibleBitmap
CreateCompatibleDC
PatBlt
IntersectClipRect
GetObjectType
DeleteDC
DeleteObject
SetViewportExtEx
SetWindowExtEx
SetMetaFileBitsEx
RestoreDC
LPtoDP
SetMapMode
SaveDC
PlayMetaFile
SetViewportOrgEx
SetWindowOrgEx

Exports

Exports

DllCanUnloadNow
DllGetClassForm
DllGetClassInfo
DllGetClassObject
DllGetInterface

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
汪来加法城/altools.u32
.dll windows:4 windows x86 arch:x86

759a803fc5765c19365fdd8f688cd6d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
SetLastError
FindNextFileA
GetFileInformationByHandle
lstrlenA
FindFirstFileA
ReadFile
SetFilePointer
LoadLibraryA
GetWindowsDirectoryA
GetSystemDirectoryA
GetVolumeInformationA
GetVersionExA
lstrcmpiA
GlobalFree
lstrcpyA
lstrcatA
GlobalReAlloc
GetLogicalDrives
GetDriveTypeA
GetComputerNameA
GetProfileStringA
GlobalAlloc
GlobalLock
GetProcAddress
FreeLibrary
TlsGetValue
GetCurrentProcess
LCMapStringA
GetCommandLineA
HeapReAlloc
MultiByteToWideChar
GetOEMCP
GetACP
VirtualAlloc
HeapAlloc
GetCPInfo
TerminateProcess
HeapFree
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
GlobalUnlock
GetStringTypeA
LCMapStringW
GetModuleHandleW
GetModuleFileNameA
LocalFree
LocalUnlock
LocalLock
LocalAlloc
MoveFileExA
RtlUnwind
ExitProcess
HeapCreate
LeaveCriticalSection
WriteFile
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
VirtualFree
GetLastError
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
FreeEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
HeapDestroy

user32

ChangeDisplaySettingsA
SetWindowTextA
MessageBoxA
SetWindowPos
EnumDisplaySettingsA
wsprintfA
GetWindowTextLengthA
FindWindowA
GetWindowTextA
GetActiveWindow
GetParent
GetWindow

gdi32

CreateDCA
DeleteDC
EndDoc
EndPage
TextOutA
StartPage
StartDocA
GetDeviceCaps
GetTextMetricsA

advapi32

GetUserNameA

netapi32

Netbios

ws2_32

inet_addr
gethostbyaddr
WSAStartup
gethostbyname
inet_ntoa
WSACleanup

winmm

midiOutGetDevCapsA
midiOutGetNumDevs
midiInGetNumDevs
midiInGetDevCapsA

iphlpapi

GetNetworkParams

Exports

Exports

alAbout
alAddDSN
alChangeRes
alGetActiveProcess
alGetCDRomDrive
alGetComputerName
alGetCurrentDispSet
alGetDispSet
alGetHostName
alGetIPAddr
alGetInstalledODBCDrivers
alGetMidiInDevName
alGetMidiOutDevName
alGetNetworkDrive
alGetSerialNumber
alGetSysPath
alGetUserName
alGetWinPath
alHideTaskBar
alInternetDial
alInternetHangup
alLockWorkStation
alPrintTxtFile
alRemoveDSN
alSetWindowTitle
alShowMAC
alShowNetConfig
alShowOS
alShowTaskBar

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
汪来加法城/system/1.jpg
.jpg
汪来加法城/system/10.jpg
.jpg
汪来加法城/system/11.jpg
.jpg
汪来加法城/system/12.jpg
.jpg
汪来加法城/system/13.jpg
.jpg
汪来加法城/system/14.jpg
.jpg
汪来加法城/system/15.jpg
.jpg
汪来加法城/system/2.jpg
.jpg
汪来加法城/system/3.jpg
.jpg
汪来加法城/system/4.JPG
.jpg
汪来加法城/system/5.jpg
.jpg
汪来加法城/system/6.jpg
.jpg
汪来加法城/system/7.jpg
.jpg
汪来加法城/system/8.jpg
.jpg
汪来加法城/system/9.jpg
.jpg
汪来加法城/system/Thumbs.db
汪来加法城/system/jtmp.dll
汪来加法城/tMscontrols.u32
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

msgHndlr
tMsAddItem
tMsBrowseFolder
tMsCreateDropList
tMsCreateFontList
tMsCreatePopupList
tMsDeleteItem
tMsDestroyControl
tMsDisplayControl
tMsEraseControl
tMsGetItem
tMsInitControls
tMsOpenImageFile
tMsSaveImageFile
tMsSelectItem

Sections

CODE
Size: 352KB - Virtual size: 351KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 438B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
汪来加法城/下载说明.htm
.html .js polyglot
汪来加法城/你的车库.exe
.exe windows:4 windows x86 arch:x86

57bc51db4053803328e9623bbe8ea4c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
GetOEMCP
LCMapStringA
LCMapStringW
HeapReAlloc
HeapSize
RtlUnwind
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
RaiseException
ExitProcess
GetFileType
HeapFree
TerminateProcess
GlobalHandle
VirtualFree
VirtualAlloc
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
WideCharToMultiByte
lstrcpyA
MultiByteToWideChar
LockResource
FreeResource
lstrlenA
GetTickCount
GetStartupInfoA
HeapAlloc
GetCommandLineA
GetTimeZoneInformation
GetLocalTime
GetSystemTime
SetEnvironmentVariableA
GetFullPathNameA
GetCurrentDirectoryA
GetVersionExA
SetupComm
_llseek
_lopen
_lcreat
DebugBreak
_lwrite
_lclose
Beep
GetACP
GetCPInfo
GlobalMemoryStatus
GlobalSize
GlobalFlags
WinExec
GlobalGetAtomNameA
GetModuleHandleA
GetWindowsDirectoryA
GetProfileIntA
GetProfileStringA
GetPrivateProfileStringA
WritePrivateProfileStringA
Sleep
_hwrite
_hread
GetDiskFreeSpaceA
GetVolumeInformationA
GetSystemDirectoryA
GetDriveTypeA
GetTempPathA
GetModuleFileNameA
SetFileTime
GetFileTime
SetCurrentDirectoryA
GlobalAddAtomA
GlobalDeleteAtom
DeleteFileA
CreateDirectoryA
FindNextFileA
FlushFileBuffers
RemoveDirectoryA
MoveFileA
SetEndOfFile
WriteFile
ReadFile
FindClose
SetFilePointer
FindFirstFileA
GetTempFileNameA
GetFileAttributesA
CreateFileA
SetLastError
CloseHandle
GetFileSize
GetStdHandle
GetCurrentProcess
lstrcatA
lstrcmpA
OpenFile
SetErrorMode
GetLastError
GetSystemInfo
GlobalReAlloc
GlobalAlloc
GlobalFree
GetCurrentProcessId
FindResourceA
LoadResource
GetVersion
lstrcmpiA
lstrcpynA
LoadLibraryA
GlobalUnlock
GetProcAddress
GlobalLock
FreeLibrary
IsBadStringPtrA
IsBadReadPtr
HeapDestroy
HeapCreate
GetEnvironmentStringsW
SetHandleCount
OutputDebugStringA

user32

SetForegroundWindow
TranslateMessage
GetAsyncKeyState
ToAscii
GetMessageA
IsDialogMessageA
PostQuitMessage
DispatchMessageA
IsIconic
SetActiveWindow
GetLastActivePopup
DeleteMenu
GetSystemMenu
GetDialogBaseUnits
BringWindowToTop
AppendMenuA
GetMenuStringA
GetMenuItemID
GetMenuItemCount
CreatePopupMenu
DestroyMenu
DrawMenuBar
RemoveMenu
GetMenu
ModifyMenuA
EnableMenuItem
IsZoomed
DdeUninitialize
DdeFreeStringHandle
DdeDisconnect
DdeFreeDataHandle
DdeClientTransaction
DdeCreateStringHandleA
DdeConnect
DdeInitializeA
GetMenuState
GetSubMenu
SetMenu
CreateMenu
LoadAcceleratorsA
TranslateAcceleratorA
SetMessageQueue
GetUpdateRect
MessageBoxA
MessageBeep
ScrollDC
LoadStringA
SendMessageTimeoutA
SetPropA
RemovePropA
GetPropA
GetWindowDC
AdjustWindowRect
GetTopWindow
CreateWindowExA
IsCharLowerA
GetKeyState
SetWindowTextA
wsprintfA
EqualRect
ValidateRect
ExitWindowsEx
CharLowerA
HideCaret
InvertRect
DestroyCaret
CharPrevA
CreateDialogParamA
SystemParametersInfoA
SendDlgItemMessageA
ReleaseCapture
SetCapture
GetDlgItem
SetFocus
ShowWindow
DrawFocusRect
DrawIcon
LoadBitmapA
LoadIconA
CreateCursor
SetCursor
DestroyCursor
ClientToScreen
SetCursorPos
SetSysColors
GetFocus
GetWindowThreadProcessId
GetClipboardData
SetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
GetDlgItemTextA
SetDlgItemTextA
CreateCaret
SetCaretPos
ShowCaret
UnionRect
CharNextA
InflateRect
GetClassLongA
SetWindowLongA
SetWindowPos
GetWindowLongA
OffsetRect
GetWindowTextA
GetSysColor
FrameRect
IsWindowEnabled
DestroyWindow
GetNextDlgGroupItem
SendMessageA
GetWindowWord
GetDlgCtrlID
PostMessageA
GetCapture
SetWindowWord
InvalidateRect
UpdateWindow
DefWindowProcA
PeekMessageA
PtInRect
CharUpperA
DefDlgProcA
GetDC
ReleaseDC
GetSystemMetrics
MoveWindow
SetTimer
KillTimer
BeginPaint
SetRect
DrawTextA
EndPaint
GetClientRect
FillRect
EndDialog
GetClassInfoA
LoadCursorA
RegisterClassA
DialogBoxParamA
GetClassNameA
EnumWindows
GetParent
GetWindowRect
GetWindow
ScreenToClient
EnumChildWindows
IntersectRect
IsWindow
IsWindowVisible
GetWindowPlacement
EnableWindow
GetActiveWindow
GetCursorPos

gdi32

TextOutA
SetTextAlign
CreatePen
SetBkMode
DeleteObject
SelectPalette
StretchDIBits
RealizePalette
LPtoDP
SetViewportExtEx
SetWindowExtEx
SetMapMode
DeleteDC
SelectObject
BitBlt
CreateCompatibleDC
StretchBlt
UnrealizeObject
CreatePatternBrush
CreateBitmap
CreateSolidBrush
LineTo
MoveToEx
GetSystemPaletteUse
GetTextColor
GetBkColor
RestoreDC
SetBkColor
SaveDC
Rectangle
SetROP2
GetBitmapBits
GetSystemPaletteEntries
GetObjectA
SetSystemPaletteUse
CreatePalette
GetDeviceCaps
GetNearestPaletteIndex
GetDIBits
GetPaletteEntries
CreateCompatibleBitmap
GetPixel
RectVisible
ExtFloodFill
GetNearestColor
SetPixel
CreateDIBitmap
SelectClipRgn
SetStretchBltMode
CreateFontIndirectA
PatBlt
ExcludeClipRect
CreateRectRgn
GetClipBox
ExtTextOutA
SetTextCharacterExtra
Ellipse
IntersectClipRect
SetViewportOrgEx
GetViewportOrgEx
Pie
SetDIBits
GetTextMetricsA
GetRgnBox
CreateICA
GetOutlineTextMetricsA
EnumFontsA
RoundRect
Arc
GetTextExtentPoint32A
Polyline
SetWindowOrgEx
Polygon
OffsetWindowOrgEx
GetViewportExtEx
GetWindowOrgEx
CloseMetaFile
DeleteMetaFile
CreateMetaFileA
CreateDiscardableBitmap
StartPage
StartDocA
Escape
AbortDoc
SetAbortProc
EndPage
CreateDCA
EndDoc
SetRectRgn
CreateRectRgnIndirect
CombineRgn
GetDCOrgEx
OffsetRgn
GetStockObject
SetTextColor

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

shell32

SHAppBarMessage
ShellExecuteA

winspool.drv

ClosePrinter
OpenPrinterA
GetPrinterA
DocumentPropertiesA

winmm

waveOutGetNumDevs

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
OpenProcessToken
RegQueryValueExA
RegQueryValueA
RegOpenKeyExA

mpr

WNetCloseEnum
WNetOpenEnumA
WNetEnumResourceA

ole32

CreateBindCtx
OleLoad
CoCreateInstance
OleInitialize
CreateGenericComposite
CreateItemMoniker
CreateFileMoniker
MkParseDisplayName
OleSetMenuDescriptor
CLSIDFromString
OleUninitialize
OleSetContainedObject
GetHGlobalFromILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleSave
OleCreateStaticFromData
OleDraw
StgCreateDocfileOnILockBytes
CoUninitialize
CoInitialize

Sections

.text
Size: 1013KB - Virtual size: 1013KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 614KB - Virtual size: 613KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
汪来加法城/汪来加法城.exe
.exe windows:4 windows x86 arch:x86

57bc51db4053803328e9623bbe8ea4c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
GetOEMCP
LCMapStringA
LCMapStringW
HeapReAlloc
HeapSize
RtlUnwind
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
RaiseException
ExitProcess
GetFileType
HeapFree
TerminateProcess
GlobalHandle
VirtualFree
VirtualAlloc
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
WideCharToMultiByte
lstrcpyA
MultiByteToWideChar
LockResource
FreeResource
lstrlenA
GetTickCount
GetStartupInfoA
HeapAlloc
GetCommandLineA
GetTimeZoneInformation
GetLocalTime
GetSystemTime
SetEnvironmentVariableA
GetFullPathNameA
GetCurrentDirectoryA
GetVersionExA
SetupComm
_llseek
_lopen
_lcreat
DebugBreak
_lwrite
_lclose
Beep
GetACP
GetCPInfo
GlobalMemoryStatus
GlobalSize
GlobalFlags
WinExec
GlobalGetAtomNameA
GetModuleHandleA
GetWindowsDirectoryA
GetProfileIntA
GetProfileStringA
GetPrivateProfileStringA
WritePrivateProfileStringA
Sleep
_hwrite
_hread
GetDiskFreeSpaceA
GetVolumeInformationA
GetSystemDirectoryA
GetDriveTypeA
GetTempPathA
GetModuleFileNameA
SetFileTime
GetFileTime
SetCurrentDirectoryA
GlobalAddAtomA
GlobalDeleteAtom
DeleteFileA
CreateDirectoryA
FindNextFileA
FlushFileBuffers
RemoveDirectoryA
MoveFileA
SetEndOfFile
WriteFile
ReadFile
FindClose
SetFilePointer
FindFirstFileA
GetTempFileNameA
GetFileAttributesA
CreateFileA
SetLastError
CloseHandle
GetFileSize
GetStdHandle
GetCurrentProcess
lstrcatA
lstrcmpA
OpenFile
SetErrorMode
GetLastError
GetSystemInfo
GlobalReAlloc
GlobalAlloc
GlobalFree
GetCurrentProcessId
FindResourceA
LoadResource
GetVersion
lstrcmpiA
lstrcpynA
LoadLibraryA
GlobalUnlock
GetProcAddress
GlobalLock
FreeLibrary
IsBadStringPtrA
IsBadReadPtr
HeapDestroy
HeapCreate
GetEnvironmentStringsW
SetHandleCount
OutputDebugStringA

user32

SetForegroundWindow
TranslateMessage
GetAsyncKeyState
ToAscii
GetMessageA
IsDialogMessageA
PostQuitMessage
DispatchMessageA
IsIconic
SetActiveWindow
GetLastActivePopup
DeleteMenu
GetSystemMenu
GetDialogBaseUnits
BringWindowToTop
AppendMenuA
GetMenuStringA
GetMenuItemID
GetMenuItemCount
CreatePopupMenu
DestroyMenu
DrawMenuBar
RemoveMenu
GetMenu
ModifyMenuA
EnableMenuItem
IsZoomed
DdeUninitialize
DdeFreeStringHandle
DdeDisconnect
DdeFreeDataHandle
DdeClientTransaction
DdeCreateStringHandleA
DdeConnect
DdeInitializeA
GetMenuState
GetSubMenu
SetMenu
CreateMenu
LoadAcceleratorsA
TranslateAcceleratorA
SetMessageQueue
GetUpdateRect
MessageBoxA
MessageBeep
ScrollDC
LoadStringA
SendMessageTimeoutA
SetPropA
RemovePropA
GetPropA
GetWindowDC
AdjustWindowRect
GetTopWindow
CreateWindowExA
IsCharLowerA
GetKeyState
SetWindowTextA
wsprintfA
EqualRect
ValidateRect
ExitWindowsEx
CharLowerA
HideCaret
InvertRect
DestroyCaret
CharPrevA
CreateDialogParamA
SystemParametersInfoA
SendDlgItemMessageA
ReleaseCapture
SetCapture
GetDlgItem
SetFocus
ShowWindow
DrawFocusRect
DrawIcon
LoadBitmapA
LoadIconA
CreateCursor
SetCursor
DestroyCursor
ClientToScreen
SetCursorPos
SetSysColors
GetFocus
GetWindowThreadProcessId
GetClipboardData
SetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
GetDlgItemTextA
SetDlgItemTextA
CreateCaret
SetCaretPos
ShowCaret
UnionRect
CharNextA
InflateRect
GetClassLongA
SetWindowLongA
SetWindowPos
GetWindowLongA
OffsetRect
GetWindowTextA
GetSysColor
FrameRect
IsWindowEnabled
DestroyWindow
GetNextDlgGroupItem
SendMessageA
GetWindowWord
GetDlgCtrlID
PostMessageA
GetCapture
SetWindowWord
InvalidateRect
UpdateWindow
DefWindowProcA
PeekMessageA
PtInRect
CharUpperA
DefDlgProcA
GetDC
ReleaseDC
GetSystemMetrics
MoveWindow
SetTimer
KillTimer
BeginPaint
SetRect
DrawTextA
EndPaint
GetClientRect
FillRect
EndDialog
GetClassInfoA
LoadCursorA
RegisterClassA
DialogBoxParamA
GetClassNameA
EnumWindows
GetParent
GetWindowRect
GetWindow
ScreenToClient
EnumChildWindows
IntersectRect
IsWindow
IsWindowVisible
GetWindowPlacement
EnableWindow
GetActiveWindow
GetCursorPos

gdi32

TextOutA
SetTextAlign
CreatePen
SetBkMode
DeleteObject
SelectPalette
StretchDIBits
RealizePalette
LPtoDP
SetViewportExtEx
SetWindowExtEx
SetMapMode
DeleteDC
SelectObject
BitBlt
CreateCompatibleDC
StretchBlt
UnrealizeObject
CreatePatternBrush
CreateBitmap
CreateSolidBrush
LineTo
MoveToEx
GetSystemPaletteUse
GetTextColor
GetBkColor
RestoreDC
SetBkColor
SaveDC
Rectangle
SetROP2
GetBitmapBits
GetSystemPaletteEntries
GetObjectA
SetSystemPaletteUse
CreatePalette
GetDeviceCaps
GetNearestPaletteIndex
GetDIBits
GetPaletteEntries
CreateCompatibleBitmap
GetPixel
RectVisible
ExtFloodFill
GetNearestColor
SetPixel
CreateDIBitmap
SelectClipRgn
SetStretchBltMode
CreateFontIndirectA
PatBlt
ExcludeClipRect
CreateRectRgn
GetClipBox
ExtTextOutA
SetTextCharacterExtra
Ellipse
IntersectClipRect
SetViewportOrgEx
GetViewportOrgEx
Pie
SetDIBits
GetTextMetricsA
GetRgnBox
CreateICA
GetOutlineTextMetricsA
EnumFontsA
RoundRect
Arc
GetTextExtentPoint32A
Polyline
SetWindowOrgEx
Polygon
OffsetWindowOrgEx
GetViewportExtEx
GetWindowOrgEx
CloseMetaFile
DeleteMetaFile
CreateMetaFileA
CreateDiscardableBitmap
StartPage
StartDocA
Escape
AbortDoc
SetAbortProc
EndPage
CreateDCA
EndDoc
SetRectRgn
CreateRectRgnIndirect
CombineRgn
GetDCOrgEx
OffsetRgn
GetStockObject
SetTextColor

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

shell32

SHAppBarMessage
ShellExecuteA

winspool.drv

ClosePrinter
OpenPrinterA
GetPrinterA
DocumentPropertiesA

winmm

waveOutGetNumDevs

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
OpenProcessToken
RegQueryValueExA
RegQueryValueA
RegOpenKeyExA

mpr

WNetCloseEnum
WNetOpenEnumA
WNetEnumResourceA

ole32

CreateBindCtx
OleLoad
CoCreateInstance
OleInitialize
CreateGenericComposite
CreateItemMoniker
CreateFileMoniker
MkParseDisplayName
OleSetMenuDescriptor
CLSIDFromString
OleUninitialize
OleSetContainedObject
GetHGlobalFromILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleSave
OleCreateStaticFromData
OleDraw
StgCreateDocfileOnILockBytes
CoUninitialize
CoInitialize

Sections

.text
Size: 1013KB - Virtual size: 1013KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 614KB - Virtual size: 613KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
汪来加法城/简历.txt
汪来加法城/说明.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 80KB - Virtual size: 79KB

DATA Size: 1024B - Virtual size: 876B

BSS Size: - Virtual size: 3KB

.idata Size: 5KB - Virtual size: 4KB

.edata Size: 3KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 4KB

.rsrc Size: 41KB - Virtual size: 41KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 195KB - Virtual size: 524KB

DATA Size: 2KB - Virtual size: 8KB

BSS Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 12KB

.edata Size: 1024B - Virtual size: 4KB

.reloc Size: 20KB - Virtual size: 36KB

.rsrc Size: 19KB - Virtual size: 128KB

.aspack Size: 6KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

5fd669ea643adccdc0dbe0f34b1f487e

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

2fdd25610daa7981c6253ae5474bf538

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 30KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 5KB - Virtual size: 9KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

80626e7c8f961407b2d794b2fbad65b5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 35KB - Virtual size: 34KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 11KB - Virtual size: 15KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 15KB - Virtual size: 14KB

.reloc Size: 2KB - Virtual size: 2KB

3416d78532757e3047fe9b8c19675b74

Headers

File Characteristics

Imports

kernel32

Exports

Exports

CODE
Size: 80KB - Virtual size: 79KB

DATA
Size: 1024B - Virtual size: 876B

BSS
Size: - Virtual size: 3KB

.idata
Size: 5KB - Virtual size: 4KB

.edata
Size: 3KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 41KB - Virtual size: 41KB

CODE
Size: 195KB - Virtual size: 524KB

DATA
Size: 2KB - Virtual size: 8KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 12KB

.edata
Size: 1024B - Virtual size: 4KB

.reloc
Size: 20KB - Virtual size: 36KB

.rsrc
Size: 19KB - Virtual size: 128KB

.aspack
Size: 6KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 5KB - Virtual size: 9KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 11KB - Virtual size: 15KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 15KB - Virtual size: 14KB

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 72KB - Virtual size: 72KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 9KB - Virtual size: 9KB

.idata
Size: 1024B - Virtual size: 956B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 93KB - Virtual size: 92KB

.bss
Size: - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 9KB - Virtual size: 9KB

.idata
Size: 3KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 182B

.rsrc
Size: 1024B - Virtual size: 864B

.reloc
Size: 4KB - Virtual size: 4KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 5KB - Virtual size: 9KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 58KB - Virtual size: 57KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 22KB - Virtual size: 69KB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 5KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 6KB - Virtual size: 5KB