c45e7a896783d1c8a8be18bf90becdaa

Sharing

Copy URL Twitter E-mail

General

Target

c45e7a896783d1c8a8be18bf90becdaa
Size

1.5MB
MD5

c45e7a896783d1c8a8be18bf90becdaa
SHA1

0a982c9929f22b74f686851e9ef0bb27542756b7
SHA256

9212c17f2db04836ae13ef6b23b4f5472127983b22987dd1c8973c703339a7b7
SHA512

9c98fed3b9cb174aeef1afd2afb8f32554f69c67a39c98d1412b9d7d94fc356ae494ee308f5ed0b481c4285e42e0c9614fa0955d982b1d098be7c5be1f2fb87c
SSDEEP

24576:f8TuaaI16B12gCVLJfNSo3oEc5OgJAz7+1HC4oUODJib0E76XWXhm5:f8TXZ16SgCzfNSD5Oaz1HCBViQE76XW6

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
c45e7a896783d1c8a8be18bf90becdaa
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/sbrowser.exe

NSIS installer 1 IoCs

installer

resource	yara_rule
sample	nsis_installer_1

Files

c45e7a896783d1c8a8be18bf90becdaa
.exe windows:4 windows x86 arch:x86

dae718ca7c0da2949ad685c2d593ec7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_AddMasked
ord17
ImageList_Destroy
ImageList_Create

kernel32

FindNextFileA
DeleteFileA
FindFirstFileA
CloseHandle
SetFileTime
GetFileAttributesA
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
lstrcatA
SetCurrentDirectoryA
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
CopyFileA
ExitProcess
lstrcpynA
GetCommandLineA
lstrcmpiA
GetTempPathA
GetUserDefaultLangID
GetDiskFreeSpaceA
GetVersion
GlobalUnlock
GlobalLock
GlobalAlloc
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcpyA
lstrlenA
GetSystemDirectoryA
MulDiv
FindClose
SetFilePointer
ReadFile
WriteFile
GetPrivateProfileStringA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
WritePrivateProfileStringA
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
GetCurrentProcess
GetWindowsDirectoryA

user32

CharNextA
DialogBoxParamA
GetClassInfoA
CreateWindowExA
SystemParametersInfoA
RegisterClassA
EndDialog
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
LoadCursorA
SetCursor
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
PeekMessageA
DispatchMessageA
PostQuitMessage
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ExitWindowsEx

gdi32

GetDeviceCaps
CreateFontIndirectA
DeleteObject
CreateBrushIndirect
CreateFontA
SetBkMode
SetTextColor
SetBkColor
SelectObject

advapi32

RegEnumValueA
RegEnumKeyA
RegQueryValueExA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyA
RegCloseKey

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHFileOperationA

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

3764e6c387ce3c76b39936a24d523dce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileIntA
MultiByteToWideChar
GetPrivateProfileStringA
MulDiv
lstrcmpiA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GetModuleHandleA
GlobalAlloc

user32

PtInRect
MapWindowPoints
GetDlgCtrlID
LoadIconA
LoadImageA
LoadCursorA
CreateWindowExA
GetDC
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
EnableWindow
SendMessageA
SetWindowTextA
GetWindowTextA
wsprintfA
CharNextA
SetWindowLongA

gdi32

SetTextColor
CreateCompatibleDC
SelectObject
GetTextMetricsA
GetTextExtentPoint32A
DeleteDC
DeleteObject

comdlg32

GetOpenFileNameA
CommDlgExtendedError
GetSaveFileNameA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
Afrikaans.ini
Arabic.ini
Bahasa Melayu.ini
Bosnian.ini
Brasileiro.ini
Bulgarian.ini
Catalan.ini
Chinese Simplified.ini
Chinese Traditional.ini
Czech.ini
Danish.ini
Donation_Off.gif
.gif
Donation_On.gif
.gif
Dutch.ini
English.ini
Estonian.ini
Farsi.ini
Finnish.ini
French.ini
Galego.ini
German.ini
Greek.ini
Hebrew.ini
Hungarian.ini
Indonesian.ini
Italian.ini
Japanese.ini
Korean.ini
Lithuanian.ini
Macedonian.ini
Norwegian Bokmaal.ini
Norwegian Nynorsk.ini
Polish.ini
Portuguese Brazilian.ini
Portuguese Padrao.ini
Portuguese.ini
Romanian.ini
Russian.ini
Serbian.ini
Slovak.ini
Slovenian.ini
Spanish.ini
Swedish.ini
Turkish.ini
Ukrainian.ini
WebPage.ico
atlg.ico
barback.bmp
beep_popup.wav
blocked.gif
.gif
bottom.bmp
bottomleft.bmp
bottomright.bmp
close.bmp
custom.ini
default/AOL.qseg
default/Acronym Finder.qseg
default/All The Web.qseg
default/Altavista.qseg
default/Ask Jeeves.qseg
default/Clusty.qseg
default/[email protected]
default/Download.com.qseg
default/Enable Ad Filter.mnit
default/Example Group.sgp
default/Excite.qseg
default/Filter Current Page Now.mnit
default/Find.mnit
default/Google Directories.qseg
default/Google Groups.qseg
default/Google Images.qseg
default/Google Search Current Site.qseg
default/Google.qseg
default/HotBot.qseg
default/Kingsoft Dictionary.qseg
default/Lycos.qseg
default/MSN.qseg
default/Mamma.qseg
default/MenuOrder.ini
default/MenuOrder_QuickSearch.ini
default/Netscape.qseg
default/Print Preview.mnit
default/RSS News Example.sgp
default/Send Shortcut To Desktop.mnit
default/Show Pictures.mnit
default/Simtel.qseg
default/[email protected]
default/Translate Into English.mnit
default/Tucows.qseg
default/Weather.qseg
default/Webster Dictionary.qseg
default/Webster Thesaurus.qseg
default/Yahoo.qseg
default/alias.ini
default/ufblack.ini
default/ufwhite.ini
default/whatUseek.qseg
default/[email protected]
dictionary.ini
donatedlg.htm
.html
framefill.bmp
left.bmp
leftbottom.bmp
lefttop.bmp
logo.avi
max.bmp
min.bmp
mnit.ico
nav_first.gif
.gif
qseg.ico
qstb.bmp
qstb_h.bmp
readme.txt
right.bmp
rightbottom.bmp
righttop.bmp
sbrowser.chm
.chm
sbrowser.exe
.exe windows:4 windows x86 arch:x86

faf79d75329e64ad2410556b696e8814

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteKeyA
StrToIntA
SHGetValueA
PathCompactPathA

winmm

PlaySoundA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsBadCodePtr
CompareStringW
SetEnvironmentVariableA
GetProfileStringA
GlobalUnlock
GlobalLock
GlobalAlloc
InterlockedDecrement
LocalAlloc
lstrlenA
SetHandleCount
FormatMessageA
InterlockedIncrement
GetVersionExA
GetVersion
lstrlenW
GetCPInfo
LockResource
LoadResource
FindResourceA
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
MoveFileA
CloseHandle
WriteFile
CreateFileA
GetModuleFileNameA
OpenFile
SizeofResource
GetLastError
GetModuleHandleA
WideCharToMultiByte
CreateEventA
SetEvent
MultiByteToWideChar
CompareStringA
ExpandEnvironmentStringsA
GetProcAddress
LoadLibraryA
CreateProcessA
Sleep
GetStringTypeW
GetStringTypeA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
HeapReAlloc
SetStdHandle
HeapSize
TerminateProcess
GetACP
ExitThread
CreateThread
GetStartupInfoA
GetSystemTimeAsFileTime
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapAlloc
HeapFree
RaiseException
RtlUnwind
SetErrorMode
LocalFileTimeToFileTime
GetFileSize
GetStringTypeExA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GlobalSize
GetOEMCP
GetProcessVersion
GlobalFlags
GetDiskFreeSpaceA
GetFullPathNameA
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
GetCurrentThread
LeaveCriticalSection
EnterCriticalSection
GetThreadLocale
SuspendThread
SetThreadPriority
ResumeThread
GetProfileIntA
GlobalGetAtomNameA
GlobalFindAtomA
SetFileAttributesA
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetTimeFormatA
GetDateFormatA
SetCurrentDirectoryA
CreateMutexA
ReleaseMutex
SetFileTime
DosDateTimeToFileTime
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
DuplicateHandle
GetFileType
SetFilePointer
LoadLibraryExA
GetTempFileNameA
ExitProcess
GetTempPathA
GlobalReAlloc
GlobalFree
GetCurrentProcess
LocalLock
LocalUnlock
SetLastError
IsBadReadPtr
lstrcatA
GetShortPathNameA
InitializeCriticalSection
GetCommandLineA
DeleteCriticalSection
HeapDestroy
GetFileAttributesA
lstrcpyA
MulDiv
WritePrivateProfileStringA
LocalFree
GetVolumeInformationA
lstrcmpiA
GetCurrentThreadId
FindNextChangeNotification
WaitForSingleObject
GlobalMemoryStatus
FreeLibrary
FindFirstChangeNotificationA
CreateDirectoryA
lstrcpynA
CopyFileA
GetSystemDirectoryA
GetWindowsDirectoryA
GetPrivateProfileIntA
GetTickCount
FindCloseChangeNotification
GetCurrentProcessId
GlobalAddAtomA
GlobalDeleteAtom
GetPrivateProfileStringA
lstrcmpA
GetSystemDefaultLangID

user32

PostThreadMessageA
CopyAcceleratorTableA
SetWindowContextHelpId
ShowOwnedPopups
InvertRect
MapDialogRect
SetParent
GetNextDlgGroupItem
LoadAcceleratorsA
DefMDIChildProcA
TranslateAcceleratorA
TranslateMDISysAccel
DefFrameProcA
BringWindowToTop
GetMessageA
ValidateRect
GetWindowDC
WindowFromPoint
SetRectEmpty
wvsprintfA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
MoveWindow
MapWindowPoints
DeferWindowPos
ShowScrollBar
GetScrollRange
GetScrollPos
SetScrollPos
GetClassInfoA
SetWindowPlacement
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
IntersectRect
GetWindowPlacement
GetNextDlgTabItem
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
IsDialogMessageA
CreateDialogParamA
ShowWindow
HideCaret
GetScrollInfo
SetScrollInfo
CreateCaret
SetCaretPos
IsWindowEnabled
ShowCaret
GetUpdateRect
ScrollWindow
DestroyCursor
GetWindowTextLengthA
IsDlgButtonChecked
SendDlgItemMessageA
GetDlgItemInt
SetDlgItemInt
SetDlgItemTextA
DialogBoxParamA
SetWindowTextA
VkKeyScanA
GetKeyboardState
ToAscii
DestroyCaret
CreateWindowExA
RegisterClassA
GetWindowTextA
RegisterClipboardFormatA
CharLowerA
CharUpperA
MsgWaitForMultipleObjects
UnionRect
EmptyClipboard
SetClipboardData
OpenClipboard
CloseClipboard
GetClipboardData
DispatchMessageA
PeekMessageA
TranslateMessage
AdjustWindowRectEx
DialogBoxIndirectParamA
GetDialogBaseUnits
EndDialog
WinHelpA
CheckDlgButton
BeginPaint
DrawIcon
EndPaint
EnumWindows
WindowFromDC
PostQuitMessage
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
EnableWindow
IsWindowVisible
SendMessageA
IsWindow
LoadBitmapA
GetAsyncKeyState
wsprintfA
AppendMenuA
CreatePopupMenu
GetSysColor
CharNextA
UnregisterClassA
FindWindowA
SetMenu
GetDCEx
GetClassLongA
BeginDeferWindowPos
EndDeferWindowPos
IsRectEmpty
LoadStringW
SetMenuItemInfoA
MenuItemFromPoint
IsChild
OffsetRect
GetPropA
CallWindowProcA
DefWindowProcA
SetPropA
RemovePropA
SetWindowsHookExA
TrackPopupMenu
UnhookWindowsHookEx
CallNextHookEx
IsClipboardFormatAvailable
SetFocus
SendMessageTimeoutA
DestroyMenu
GetDlgCtrlID
SetWindowPos
LockWindowUpdate
GetKeyState
DrawTextW
GetSystemMenu
EnableMenuItem
TrackPopupMenuEx
SetCursor
LoadCursorA
SetWindowRgn
GetWindowLongA
SetWindowLongA
InflateRect
EqualRect
IsIconic
KillTimer
UnpackDDElParam
ReuseDDElParam
GetWindowThreadProcessId
CheckMenuItem
LoadMenuA
GetMenu
IsMenu
DrawMenuBar
GetDlgItem
UpdateWindow
GetFocus
DrawFocusRect
MessageBeep
RegisterWindowMessageA
MessageBoxA
SetForegroundWindow
GetClassNameA
GetTopWindow
DestroyWindow
GetDesktopWindow
RedrawWindow
LoadStringA
GetWindow
SetTimer
ClientToScreen
LoadIconA
PostMessageA
IsZoomed
LoadImageA
GetWindowRect
GetParent
SetCapture
GetMenuItemInfoA
SetRect
SystemParametersInfoA
DrawEdge
FillRect
CopyRect
DestroyIcon
DrawIconEx
ReleaseDC
DrawTextA
GetDC
GetSystemMetrics
InsertMenuA
GetMenuItemCount
ModifyMenuA
GetMenuState
GetMenuItemID
CreateMenu
GetMenuStringA
GetSysColorBrush
RemoveMenu
DeleteMenu
GetSubMenu
TabbedTextOutA
GrayStringA
GetClientRect
GetCapture
PtInRect
ScreenToClient
GetCursorPos
InvalidateRect
ReleaseCapture
SetScrollRange

gdi32

IntersectClipRect
SetTextAlign
GetViewportExtEx
GetWindowExtEx
ExcludeClipRect
SetRectRgn
DPtoLP
LPtoDP
CopyMetaFileA
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetCharWidthA
StretchDIBits
CreateBitmap
GetTextFaceA
StartPage
EndPage
SetAbortProc
StartDocA
EndDoc
GetTextExtentExPointA
SetBkMode
RoundRect
SetTextColor
SaveDC
MoveToEx
LineTo
CreateBrushIndirect
CreatePatternBrush
Escape
ExtTextOutA
TextOutA
Rectangle
RectVisible
PtVisible
PatBlt
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
SetBkColor
RestoreDC
GetClipBox
GetTextMetricsA
ExtCreateRegion
CreateDCA
GetStockObject
GetBkColor
GetTextCharset
GetTextColor
CreateFontA
FillRgn
StretchBlt
CreateRoundRectRgn
CreateRectRgn
CombineRgn
CreateCompatibleDC
OffsetRgn
GetTextExtentPointA
CreateDIBitmap
GetObjectA
CreateRectRgnIndirect
GetDeviceCaps
GetBkMode
CreateFontIndirectA
CreatePen
GetMapMode
CreateSolidBrush
CreateCompatibleBitmap
BitBlt
Polygon

comdlg32

GetFileTitleA
PrintDlgA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCreateKeyA
RegOpenKeyA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyA
RegEnumValueA
RegQueryInfoKeyA
RegDeleteValueA
RegEnumKeyExA
CryptDestroyKey
CryptDecrypt
CryptDestroyHash
CryptDeriveKey
CryptHashData
CryptCreateHash
CryptEncrypt
CryptAcquireContextA
CryptReleaseContext
RegDeleteKeyA
GetUserNameA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA
RegQueryValueExA
RegSetValueA

shell32

SHGetPathFromIDListA
SHGetDesktopFolder
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteExA
Shell_NotifyIconA
SHChangeNotify
ShellExecuteA
SHBrowseForFolderA
SHAppBarMessage
DragFinish
DragQueryFileA
ExtractIconA
SHGetFileInfoA
SHFileOperationA

comctl32

ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_Draw
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_SetBkColor
ImageList_DragEnter
ImageList_BeginDrag
ImageList_DragMove
ImageList_EndDrag
ImageList_DragLeave
ImageList_GetImageInfo
ImageList_Destroy
ord17
ord8
ImageList_Create
ImageList_DrawIndirect
ImageList_Duplicate

wininet

HttpSendRequestA
InternetGetLastResponseInfoA
HttpOpenRequestA
HttpQueryInfoA
GetUrlCacheEntryInfoExA
InternetSetOptionA
FindCloseUrlCache
DeleteUrlCacheEntry
FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA
InternetGetConnectedState
InternetCanonicalizeUrlA
GetUrlCacheEntryInfoA
InternetCrackUrlA
InternetQueryOptionA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable
InternetConnectA
FtpOpenFileA

oledlg

ord8

ole32

OleUninitialize
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
CoLockObjectExternal
DoDragDrop
ReleaseStgMedium
RegisterDragDrop
CoFreeUnusedLibraries
OleInitialize
CoRegisterClassObject
CoGetClassObject
CoRevokeClassObject
CoTaskMemAlloc
CLSIDFromProgID
CoUninitialize
CoInitialize
StringFromCLSID
CoTaskMemFree
CLSIDFromString
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
OleDuplicateData
CoRegisterMessageFilter
RevokeDragDrop
CoCreateInstance
OleRun

olepro32

ord253

oleaut32

SysFreeString
VariantInit
VariantClear
VariantCopy
SafeArrayCreate
SysAllocString
SysAllocStringLen
SysStringLen
LoadTypeLi
RegisterTypeLi
VariantChangeType
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SysAllocStringByteLen
VarDateFromStr
VariantTimeToSystemTime
SafeArrayCreateVector
GetErrorInfo

urlmon

CoInternetGetSession
URLDownloadToFileA
CreateURLMoniker

Exports

Exports

?interfaceMap@CCustomControlSite@@1UAFX_INTERFACEMAP@@B

Sections

.text
Size: 1008KB - Virtual size: 1004KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sharedse
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
sbrowser.ico
sgp.ico
skin.ini
splash.bmp
syntax/DEFAULT.BCP
syntax/HTML.BCP
syntax/JSCRIPT.BCP
syntax/VBSCRIPT.BCP
.vbs
template.ini
toolbar.bmp
toolbar_g.bmp
toolbar_h.bmp
toolbar_s.bmp
toolbar_s_g.bmp
toolbar_s_h.bmp
top.bmp
topleft.bmp
topright.bmp
translate/babelfish.htm
.html
translate/google.htm
.html
wizard.gif
.gif

Sharing

General

Malware Config

Signatures

Files

dae718ca7c0da2949ad685c2d593ec7a

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 151KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 19KB - Virtual size: 20KB

3764e6c387ce3c76b39936a24d523dce

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 924B

faf79d75329e64ad2410556b696e8814

Headers

File Characteristics

Imports

shlwapi

winmm

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

wininet

oledlg

ole32

olepro32

oleaut32

urlmon

Exports

Exports

Sections

.text Size: 1008KB - Virtual size: 1004KB

.rdata Size: 216KB - Virtual size: 215KB

.data Size: 60KB - Virtual size: 88KB

sharedse Size: 4KB - Virtual size: 8B

.rsrc Size: 164KB - Virtual size: 160KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 151KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 19KB - Virtual size: 20KB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 924B

.text
Size: 1008KB - Virtual size: 1004KB

.rdata
Size: 216KB - Virtual size: 215KB

.data
Size: 60KB - Virtual size: 88KB

sharedse
Size: 4KB - Virtual size: 8B

.rsrc
Size: 164KB - Virtual size: 160KB