15450c8b27cd209bc640d1e07af825d5

Sharing

Copy URL

Twitter E-mail

General

Target

15450c8b27cd209bc640d1e07af825d5
Size

409KB
MD5

15450c8b27cd209bc640d1e07af825d5
SHA1

922dffcaf02e4d1727e6f055641d85280402e5ab
SHA256

4b7abdcb2c958a551b20d87025adb7bcb12ab3fe5f063c5b10461c775e7aab8b
SHA512

071891c8af8acb20734a8a7fb326242fcd0c8d899729870aeebb1053cba85e6c8cd98fa70b2ce580244f20a80996c1da491c3d15c06b1c8e3e3ac3b58457e327
SSDEEP

6144:pHY6W+k+wd9gttz1Ia6wnBTulAhgDgFkrUrCmVzGGokgXHmDG/Xlixrh2CVGrlOl:JWz+wdStCwFulBTrUDMJkgXHiL9VRSg

Score

3^/10

Malware Config

Signatures

Unsigned PE 10 IoCs

Checks for missing Authenticode signature.

resource
15450c8b27cd209bc640d1e07af825d5
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/Cli_AP.dll
unpack001/Samples/Delphi/Cli_AP.dll
unpack001/Samples/Delphi/Project2.exe
unpack001/Samples/VB/Cli_AP.dll
unpack001/Samples/VB/Project1.exe
unpack001/Samples/VC/Cli_AP.dll
unpack001/Samples/VC/TestApp.exe
unpack001/uninst.exe

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
static1/unpack001/uninst.exe	nsis_installer_1

Files

15450c8b27cd209bc640d1e07af825d5
.exe windows:4 windows x86 arch:x86

dae718ca7c0da2949ad685c2d593ec7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_AddMasked
ord17
ImageList_Destroy
ImageList_Create

kernel32

FindNextFileA
DeleteFileA
FindFirstFileA
CloseHandle
SetFileTime
GetFileAttributesA
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
lstrcatA
SetCurrentDirectoryA
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
CopyFileA
ExitProcess
lstrcpynA
GetCommandLineA
lstrcmpiA
GetTempPathA
GetUserDefaultLangID
GetDiskFreeSpaceA
GetVersion
GlobalUnlock
GlobalLock
GlobalAlloc
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcpyA
lstrlenA
GetSystemDirectoryA
MulDiv
FindClose
SetFilePointer
ReadFile
WriteFile
GetPrivateProfileStringA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
WritePrivateProfileStringA
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
GetCurrentProcess
GetWindowsDirectoryA

user32

CharNextA
DialogBoxParamA
GetClassInfoA
CreateWindowExA
SystemParametersInfoA
RegisterClassA
EndDialog
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
LoadCursorA
SetCursor
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
PeekMessageA
DispatchMessageA
PostQuitMessage
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ExitWindowsEx

gdi32

GetDeviceCaps
CreateFontIndirectA
DeleteObject
CreateBrushIndirect
CreateFontA
SetBkMode
SetTextColor
SetBkColor
SelectObject

advapi32

RegEnumValueA
RegEnumKeyA
RegQueryValueExA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyA
RegCloseKey

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHFileOperationA

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

3764e6c387ce3c76b39936a24d523dce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileIntA
MultiByteToWideChar
GetPrivateProfileStringA
MulDiv
lstrcmpiA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GetModuleHandleA
GlobalAlloc

user32

PtInRect
MapWindowPoints
GetDlgCtrlID
LoadIconA
LoadImageA
LoadCursorA
CreateWindowExA
GetDC
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
EnableWindow
SendMessageA
SetWindowTextA
GetWindowTextA
wsprintfA
CharNextA
SetWindowLongA

gdi32

SetTextColor
CreateCompatibleDC
SelectObject
GetTextMetricsA
GetTextExtentPoint32A
DeleteDC
DeleteObject

comdlg32

GetOpenFileNameA
CommDlgExtendedError
GetSaveFileNameA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
Cli_AP.def
Cli_AP.dll
.dll windows:4 windows x86 arch:x86

0a0ea3cbc143de0110c98bd034e64db8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetErrorMode
lstrcatA
GetVersion
GlobalFlags
TlsGetValue
WritePrivateProfileStringA
GetModuleHandleA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
TlsSetValue
LocalReAlloc
GlobalReAlloc
GetCPInfo
GetOEMCP
RtlUnwind
GetFileType
GetCommandLineA
HeapFree
HeapAlloc
HeapReAlloc
ExitProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
TlsFree
SetHandleCount
GetProcessVersion
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
InitializeCriticalSection
CreateThread
GetVolumeInformationA
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
ReleaseSemaphore
ExitThread
Sleep
GetCurrentProcessId
GetCurrentProcess
TerminateProcess
GlobalHandle
TlsAlloc
LocalAlloc
GlobalUnlock
SetLastError
FreeLibrary
GetFileTime
FileTimeToSystemTime
GetFileSize
FileTimeToLocalFileTime
GetModuleFileNameA
GetFullPathNameA
FindClose
lstrcpynA
FindFirstFileA
GetProcAddress
lstrcpyA
LoadLibraryA
SetEndOfFile
FlushFileBuffers
UnlockFile
LockFile
ReadFile
SetFilePointer
WriteFile
MultiByteToWideChar
CreateFileA
DuplicateHandle
InterlockedIncrement
WideCharToMultiByte
InterlockedDecrement
GlobalDeleteAtom
CloseHandle
GlobalLock
GetCurrentThread
lstrcmpA
lstrcmpiA
LocalFree
GetCurrentThreadId
FormatMessageA
GlobalFree
GetLastError
GlobalAlloc
ResumeThread
lstrlenA
GetFileAttributesA
OpenSemaphoreA
QueryPerformanceCounter
QueryPerformanceFrequency
GetStdHandle
CreateSemaphoreA
GetStartupInfoA
RaiseException
HeapSize
SetStdHandle
DeleteCriticalSection

user32

CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
DestroyMenu
LoadStringA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
ClientToScreen
GetWindow
GetWindowRect
PtInRect
GetClassNameA
UnregisterClassA
UnhookWindowsHookEx
SetFocus
ShowWindow
SetWindowPos
SetWindowLongA
GetDlgCtrlID
GrayStringA
RegisterClassA
GetDlgItem
GetWindowTextA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
EnableWindow
SetCursor
GetSystemMetrics
CharUpperA
wsprintfA
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
PostQuitMessage
RedrawWindow
PeekMessageA
PostMessageA
GetParent
IsWindow
SetForegroundWindow
MessageBoxA
SendMessageA
SetWindowTextA
GetMenu
EnumWindows
GetWindowThreadProcessId
GetSubMenu
GetMenuItemID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
DrawTextA

gdi32

SelectObject
GetStockObject
RestoreDC
SetBkColor
SetMapMode
SetViewportOrgEx
SetTextColor
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
GetClipBox
ScaleWindowExtEx
DeleteObject
GetDeviceCaps
PtVisible
RectVisible
ExtTextOutA
Escape
TextOutA
GetObjectA
CreateBitmap
DeleteDC
SaveDC

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA

comctl32

ord17

wininet

InternetReadFile
InternetGetLastResponseInfoA
HttpQueryInfoA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetCrackUrlA
InternetSetOptionExA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetQueryDataAvailable

Exports

Exports

?pDebugMessages@@3PAUHWND__@@A
GetModeAP
GetStateAP
QueryServer
SetAppNameAP
SetModeAP
SetServerNameAP
SingleQueryServer

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cli_AP.lib
License.rtf
.rtf
Samples/Delphi/Cli_AP.def
Samples/Delphi/Cli_AP.dll
.dll windows:4 windows x86 arch:x86

0a0ea3cbc143de0110c98bd034e64db8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetErrorMode
lstrcatA
GetVersion
GlobalFlags
TlsGetValue
WritePrivateProfileStringA
GetModuleHandleA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
TlsSetValue
LocalReAlloc
GlobalReAlloc
GetCPInfo
GetOEMCP
RtlUnwind
GetFileType
GetCommandLineA
HeapFree
HeapAlloc
HeapReAlloc
ExitProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
TlsFree
SetHandleCount
GetProcessVersion
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
InitializeCriticalSection
CreateThread
GetVolumeInformationA
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
ReleaseSemaphore
ExitThread
Sleep
GetCurrentProcessId
GetCurrentProcess
TerminateProcess
GlobalHandle
TlsAlloc
LocalAlloc
GlobalUnlock
SetLastError
FreeLibrary
GetFileTime
FileTimeToSystemTime
GetFileSize
FileTimeToLocalFileTime
GetModuleFileNameA
GetFullPathNameA
FindClose
lstrcpynA
FindFirstFileA
GetProcAddress
lstrcpyA
LoadLibraryA
SetEndOfFile
FlushFileBuffers
UnlockFile
LockFile
ReadFile
SetFilePointer
WriteFile
MultiByteToWideChar
CreateFileA
DuplicateHandle
InterlockedIncrement
WideCharToMultiByte
InterlockedDecrement
GlobalDeleteAtom
CloseHandle
GlobalLock
GetCurrentThread
lstrcmpA
lstrcmpiA
LocalFree
GetCurrentThreadId
FormatMessageA
GlobalFree
GetLastError
GlobalAlloc
ResumeThread
lstrlenA
GetFileAttributesA
OpenSemaphoreA
QueryPerformanceCounter
QueryPerformanceFrequency
GetStdHandle
CreateSemaphoreA
GetStartupInfoA
RaiseException
HeapSize
SetStdHandle
DeleteCriticalSection

user32

CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
DestroyMenu
LoadStringA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
ClientToScreen
GetWindow
GetWindowRect
PtInRect
GetClassNameA
UnregisterClassA
UnhookWindowsHookEx
SetFocus
ShowWindow
SetWindowPos
SetWindowLongA
GetDlgCtrlID
GrayStringA
RegisterClassA
GetDlgItem
GetWindowTextA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
EnableWindow
SetCursor
GetSystemMetrics
CharUpperA
wsprintfA
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
PostQuitMessage
RedrawWindow
PeekMessageA
PostMessageA
GetParent
IsWindow
SetForegroundWindow
MessageBoxA
SendMessageA
SetWindowTextA
GetMenu
EnumWindows
GetWindowThreadProcessId
GetSubMenu
GetMenuItemID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
DrawTextA

gdi32

SelectObject
GetStockObject
RestoreDC
SetBkColor
SetMapMode
SetViewportOrgEx
SetTextColor
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
GetClipBox
ScaleWindowExtEx
DeleteObject
GetDeviceCaps
PtVisible
RectVisible
ExtTextOutA
Escape
TextOutA
GetObjectA
CreateBitmap
DeleteDC
SaveDC

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA

comctl32

ord17

wininet

InternetReadFile
InternetGetLastResponseInfoA
HttpQueryInfoA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetCrackUrlA
InternetSetOptionExA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetQueryDataAvailable

Exports

Exports

?pDebugMessages@@3PAUHWND__@@A
GetModeAP
GetStateAP
QueryServer
SetAppNameAP
SetModeAP
SetServerNameAP
SingleQueryServer

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Samples/Delphi/Project2.cfg
Samples/Delphi/Project2.dof
Samples/Delphi/Project2.dpr
Samples/Delphi/Project2.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 321KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Samples/Delphi/Project2.opt
Samples/Delphi/Project2.res
Samples/Delphi/Unit1.dcu
Samples/Delphi/Unit1.ddp
Samples/Delphi/Unit1.dfm
Samples/Delphi/Unit1.pas
Samples/VB/Cli_AP.def
Samples/VB/Cli_AP.dll
.dll windows:4 windows x86 arch:x86

0a0ea3cbc143de0110c98bd034e64db8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetErrorMode
lstrcatA
GetVersion
GlobalFlags
TlsGetValue
WritePrivateProfileStringA
GetModuleHandleA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
TlsSetValue
LocalReAlloc
GlobalReAlloc
GetCPInfo
GetOEMCP
RtlUnwind
GetFileType
GetCommandLineA
HeapFree
HeapAlloc
HeapReAlloc
ExitProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
TlsFree
SetHandleCount
GetProcessVersion
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
InitializeCriticalSection
CreateThread
GetVolumeInformationA
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
ReleaseSemaphore
ExitThread
Sleep
GetCurrentProcessId
GetCurrentProcess
TerminateProcess
GlobalHandle
TlsAlloc
LocalAlloc
GlobalUnlock
SetLastError
FreeLibrary
GetFileTime
FileTimeToSystemTime
GetFileSize
FileTimeToLocalFileTime
GetModuleFileNameA
GetFullPathNameA
FindClose
lstrcpynA
FindFirstFileA
GetProcAddress
lstrcpyA
LoadLibraryA
SetEndOfFile
FlushFileBuffers
UnlockFile
LockFile
ReadFile
SetFilePointer
WriteFile
MultiByteToWideChar
CreateFileA
DuplicateHandle
InterlockedIncrement
WideCharToMultiByte
InterlockedDecrement
GlobalDeleteAtom
CloseHandle
GlobalLock
GetCurrentThread
lstrcmpA
lstrcmpiA
LocalFree
GetCurrentThreadId
FormatMessageA
GlobalFree
GetLastError
GlobalAlloc
ResumeThread
lstrlenA
GetFileAttributesA
OpenSemaphoreA
QueryPerformanceCounter
QueryPerformanceFrequency
GetStdHandle
CreateSemaphoreA
GetStartupInfoA
RaiseException
HeapSize
SetStdHandle
DeleteCriticalSection

user32

CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
DestroyMenu
LoadStringA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
ClientToScreen
GetWindow
GetWindowRect
PtInRect
GetClassNameA
UnregisterClassA
UnhookWindowsHookEx
SetFocus
ShowWindow
SetWindowPos
SetWindowLongA
GetDlgCtrlID
GrayStringA
RegisterClassA
GetDlgItem
GetWindowTextA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
EnableWindow
SetCursor
GetSystemMetrics
CharUpperA
wsprintfA
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
PostQuitMessage
RedrawWindow
PeekMessageA
PostMessageA
GetParent
IsWindow
SetForegroundWindow
MessageBoxA
SendMessageA
SetWindowTextA
GetMenu
EnumWindows
GetWindowThreadProcessId
GetSubMenu
GetMenuItemID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
DrawTextA

gdi32

SelectObject
GetStockObject
RestoreDC
SetBkColor
SetMapMode
SetViewportOrgEx
SetTextColor
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
GetClipBox
ScaleWindowExtEx
DeleteObject
GetDeviceCaps
PtVisible
RectVisible
ExtTextOutA
Escape
TextOutA
GetObjectA
CreateBitmap
DeleteDC
SaveDC

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA

comctl32

ord17

wininet

InternetReadFile
InternetGetLastResponseInfoA
HttpQueryInfoA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetCrackUrlA
InternetSetOptionExA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetQueryDataAvailable

Exports

Exports

?pDebugMessages@@3PAUHWND__@@A
GetModeAP
GetStateAP
QueryServer
SetAppNameAP
SetModeAP
SetServerNameAP
SingleQueryServer

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Samples/VB/Cli_AP.lib
Samples/VB/Form1.frm
Samples/VB/Form1.frx
Samples/VB/MSSCCPRJ.SCC
Samples/VB/Project1.exe
.exe windows:4 windows x86 arch:x86

63f7a235445e8f4daca6bdfea29e6a09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaI2I4
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaStrToAnsi
_CIatan
_allmul
_CItan
_CIexp
__vbaFreeObj

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Samples/VB/Project1.vbp
Samples/VB/Project1.vbw
Samples/VC/Cli_AP.dll
.dll windows:4 windows x86 arch:x86

0a0ea3cbc143de0110c98bd034e64db8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetErrorMode
lstrcatA
GetVersion
GlobalFlags
TlsGetValue
WritePrivateProfileStringA
GetModuleHandleA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
TlsSetValue
LocalReAlloc
GlobalReAlloc
GetCPInfo
GetOEMCP
RtlUnwind
GetFileType
GetCommandLineA
HeapFree
HeapAlloc
HeapReAlloc
ExitProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
TlsFree
SetHandleCount
GetProcessVersion
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
InitializeCriticalSection
CreateThread
GetVolumeInformationA
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
ReleaseSemaphore
ExitThread
Sleep
GetCurrentProcessId
GetCurrentProcess
TerminateProcess
GlobalHandle
TlsAlloc
LocalAlloc
GlobalUnlock
SetLastError
FreeLibrary
GetFileTime
FileTimeToSystemTime
GetFileSize
FileTimeToLocalFileTime
GetModuleFileNameA
GetFullPathNameA
FindClose
lstrcpynA
FindFirstFileA
GetProcAddress
lstrcpyA
LoadLibraryA
SetEndOfFile
FlushFileBuffers
UnlockFile
LockFile
ReadFile
SetFilePointer
WriteFile
MultiByteToWideChar
CreateFileA
DuplicateHandle
InterlockedIncrement
WideCharToMultiByte
InterlockedDecrement
GlobalDeleteAtom
CloseHandle
GlobalLock
GetCurrentThread
lstrcmpA
lstrcmpiA
LocalFree
GetCurrentThreadId
FormatMessageA
GlobalFree
GetLastError
GlobalAlloc
ResumeThread
lstrlenA
GetFileAttributesA
OpenSemaphoreA
QueryPerformanceCounter
QueryPerformanceFrequency
GetStdHandle
CreateSemaphoreA
GetStartupInfoA
RaiseException
HeapSize
SetStdHandle
DeleteCriticalSection

user32

CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
DestroyMenu
LoadStringA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
ClientToScreen
GetWindow
GetWindowRect
PtInRect
GetClassNameA
UnregisterClassA
UnhookWindowsHookEx
SetFocus
ShowWindow
SetWindowPos
SetWindowLongA
GetDlgCtrlID
GrayStringA
RegisterClassA
GetDlgItem
GetWindowTextA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
EnableWindow
SetCursor
GetSystemMetrics
CharUpperA
wsprintfA
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
PostQuitMessage
RedrawWindow
PeekMessageA
PostMessageA
GetParent
IsWindow
SetForegroundWindow
MessageBoxA
SendMessageA
SetWindowTextA
GetMenu
EnumWindows
GetWindowThreadProcessId
GetSubMenu
GetMenuItemID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
DrawTextA

gdi32

SelectObject
GetStockObject
RestoreDC
SetBkColor
SetMapMode
SetViewportOrgEx
SetTextColor
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
GetClipBox
ScaleWindowExtEx
DeleteObject
GetDeviceCaps
PtVisible
RectVisible
ExtTextOutA
Escape
TextOutA
GetObjectA
CreateBitmap
DeleteDC
SaveDC

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA

comctl32

ord17

wininet

InternetReadFile
InternetGetLastResponseInfoA
HttpQueryInfoA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetCrackUrlA
InternetSetOptionExA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetQueryDataAvailable

Exports

Exports

?pDebugMessages@@3PAUHWND__@@A
GetModeAP
GetStateAP
QueryServer
SetAppNameAP
SetModeAP
SetServerNameAP
SingleQueryServer

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Samples/VC/MainFrm.cpp
Samples/VC/MainFrm.h
Samples/VC/ReadMe.txt
Samples/VC/StdAfx.cpp
Samples/VC/StdAfx.h
Samples/VC/TestApp.clw
Samples/VC/TestApp.cpp
Samples/VC/TestApp.dsp
Samples/VC/TestApp.dsw
Samples/VC/TestApp.exe
.exe windows:4 windows x86 arch:x86

1381dbe44e2bee117582c24b054289bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cli_ap

GetModeAP
?pDebugMessages@@3PAUHWND__@@A
SetAppNameAP
SetServerNameAP
SetModeAP
QueryServer

mfc42

ord1665
ord2390
ord3059
ord5100
ord5103
ord4467
ord4303
ord3350
ord5012
ord975
ord5472
ord3403
ord2879
ord2878
ord4151
ord6055
ord4077
ord1776
ord4407
ord5237
ord2385
ord5163
ord6374
ord4353
ord5282
ord4242
ord2723
ord3798
ord4837
ord4436
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord2649
ord4080
ord4427
ord796
ord674
ord554
ord529
ord366
ord825
ord807
ord2494
ord2627
ord2626
ord6000
ord2117
ord4163
ord6625
ord4457
ord5252
ord4615
ord4612
ord4610
ord815
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord4424
ord3738
ord561
ord6215
ord617
ord5301
ord5214
ord296
ord986
ord520
ord4159
ord6117
ord4627
ord1134
ord2725
ord5265
ord1842
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord5241
ord823
ord4441
ord5261
ord4425
ord3597
ord324
ord641
ord4234
ord1825
ord4238
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord338
ord652
ord4823
ord4614
ord4613
ord4508
ord540
ord800
ord1841
ord4241
ord4589
ord4588
ord4899
ord4370
ord4892
ord4533
ord5076
ord4340
ord4347
ord4889
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4963
ord4960
ord4108
ord6054
ord5240
ord5281
ord3748
ord1725
ord2091
ord4432
ord1771
ord6366
ord2413
ord2024
ord4219
ord2581
ord4401
ord3639
ord2575
ord4396
ord5290
ord3402
ord3574
ord609
ord692
ord860
ord567
ord364
ord784
ord2289
ord2370
ord2302
ord5260
ord6334
ord2642
ord5677
ord3495
ord4720
ord1200
ord922
ord924
ord926
ord4376
ord2621
ord5280
ord1576
ord1168

msvcrt

_acmdln
exit
_initterm
__setusermatherr
_adjust_fdiv
_XcptFilter
__getmainargs
__p__commode
__set_app_type
_except_handler3
_exit
_controlfp
_onexit
__dllonexit
__CxxFrameHandler
__p__fmode
_setmbcp

kernel32

GetModuleHandleA
GetStartupInfoA

user32

EnableWindow
UpdateWindow
SendMessageA

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Samples/VC/TestApp.h
Samples/VC/TestApp.ico
Samples/VC/TestApp.ncb
Samples/VC/TestApp.opt
Samples/VC/TestApp.plg
.html
Samples/VC/TestApp.rc
Samples/VC/TestApp.rc2
Samples/VC/TestAppDoc.cpp
Samples/VC/TestAppDoc.h
Samples/VC/TestAppDoc.ico
Samples/VC/TestAppView.cpp
Samples/VC/TestAppView.h
Samples/VC/Toolbar.bmp
Samples/VC/resource.h
uninst.exe
.exe windows:4 windows x86 arch:x86

dae718ca7c0da2949ad685c2d593ec7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_AddMasked
ord17
ImageList_Destroy
ImageList_Create

kernel32

FindNextFileA
DeleteFileA
FindFirstFileA
CloseHandle
SetFileTime
GetFileAttributesA
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
lstrcatA
SetCurrentDirectoryA
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
CopyFileA
ExitProcess
lstrcpynA
GetCommandLineA
lstrcmpiA
GetTempPathA
GetUserDefaultLangID
GetDiskFreeSpaceA
GetVersion
GlobalUnlock
GlobalLock
GlobalAlloc
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcpyA
lstrlenA
GetSystemDirectoryA
MulDiv
FindClose
SetFilePointer
ReadFile
WriteFile
GetPrivateProfileStringA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
WritePrivateProfileStringA
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
GetCurrentProcess
GetWindowsDirectoryA

user32

CharNextA
DialogBoxParamA
GetClassInfoA
CreateWindowExA
SystemParametersInfoA
RegisterClassA
EndDialog
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
LoadCursorA
SetCursor
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
PeekMessageA
DispatchMessageA
PostQuitMessage
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ExitWindowsEx

gdi32

GetDeviceCaps
CreateFontIndirectA
DeleteObject
CreateBrushIndirect
CreateFontA
SetBkMode
SetTextColor
SetBkColor
SelectObject

advapi32

RegEnumValueA
RegEnumKeyA
RegQueryValueExA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyA
RegCloseKey

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHFileOperationA

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dae718ca7c0da2949ad685c2d593ec7a

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 151KB

.ndata Size: - Virtual size: 32KB

.rsrc Size: 16KB - Virtual size: 20KB

3764e6c387ce3c76b39936a24d523dce

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 924B

0a0ea3cbc143de0110c98bd034e64db8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

wininet

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 112KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 20KB - Virtual size: 32KB

.rsrc Size: 12KB - Virtual size: 10KB

.reloc Size: 20KB - Virtual size: 17KB

0a0ea3cbc143de0110c98bd034e64db8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

wininet

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 112KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 20KB - Virtual size: 32KB

.rsrc Size: 12KB - Virtual size: 10KB

.reloc Size: 20KB - Virtual size: 17KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 151KB

.ndata
Size: - Virtual size: 32KB

.rsrc
Size: 16KB - Virtual size: 20KB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 924B

.text
Size: 116KB - Virtual size: 112KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 20KB - Virtual size: 32KB

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 20KB - Virtual size: 17KB

.text
Size: 116KB - Virtual size: 112KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 20KB - Virtual size: 32KB

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 20KB - Virtual size: 17KB

CODE
Size: 321KB - Virtual size: 320KB

DATA
Size: 4KB - Virtual size: 3KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 8KB - Virtual size: 7KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 22KB - Virtual size: 22KB

.rsrc
Size: 14KB - Virtual size: 14KB

.text
Size: 116KB - Virtual size: 112KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 20KB - Virtual size: 32KB

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 20KB - Virtual size: 17KB

.text
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 2KB

.text
Size: 116KB - Virtual size: 112KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 20KB - Virtual size: 32KB

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 20KB - Virtual size: 17KB