f26488b821bcde09abdacbd3d3483542_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f26488b821bcde09abdacbd3d3483542_JaffaCakes118
Size

1.9MB
MD5

f26488b821bcde09abdacbd3d3483542
SHA1

565e7afe03c1f2d0a162b67371a528cdc23ae9fa
SHA256

72faf008cadb20630b864316a5e6ed8b5828840cc9ed56f9b42773d24e38e209
SHA512

89ba17ac2a46a380996d8eede9e9b8e9eada0d830e7f9f38884ed1ec9d624af4327782a8a579664cfc633329085945948e4122beec239797a3e2bce0ba87a4b8
SSDEEP

49152:gSxGbEOwFnkWT+7zCUG5lqZTPjGcdi+T0Df/AYHKMVdDTnGwf4GZl9wi5:gSMTSR+7zCUpT7Gc4+T0Df/tHXVd3nZ5

Score

3^/10

Malware Config

Signatures

Unsigned PE 8 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SunLightFace/KEYLIB32.dll
unpack001/SunLightFace/SDK_30天试用版/C_SHARP_sample/FaceTest.exe
unpack001/SunLightFace/SDK_30天试用版/SunLightData.dll
unpack001/SunLightFace/SDK_30天试用版/SunLightFace.dll
unpack001/SunLightFace/SDK_30天试用版/VB_sample/FACE_VB1.exe
unpack001/SunLightFace/SDK_30天试用版/VC_sample/SunlightFace.exe
unpack001/SunLightFace/SunLightFace.dll
unpack001/SunLightFace/SunlightFace.exe

Files

f26488b821bcde09abdacbd3d3483542_JaffaCakes118
.rar
SunLightFace/FunctionSay.txt
SunLightFace/KEYLIB32.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

_pp_eztrial1ex@20
_test@0
pp_adddays
pp_bitclear
pp_bitset
pp_bittest
pp_cenum
pp_checksum
pp_chkvarchar
pp_chkvardate
pp_chkvarnum
pp_compno
pp_compno32drivers
pp_convertv3
pp_copyadd
pp_copycheck
pp_copycheckth
pp_copydelete
pp_copyget
pp_countdec
pp_countinc
pp_daysleft
pp_decrypt
pp_encrypt
pp_errorstr
pp_expired
pp_exportactfile
pp_eztrial1
pp_eztrial1test
pp_eztrial2
pp_eztrig1
pp_eztrig1dlg
pp_eztrig1ex
pp_filedelete
pp_get4108mac
pp_getcode
pp_getdate
pp_gettime
pp_getvarchar
pp_getvardate
pp_getvarnum
pp_gotourl
pp_hdserial
pp_importactfile
pp_lanactive
pp_lancheck
pp_lastday
pp_lfalias
pp_lfclose
pp_lfcopy
pp_lfcreate
pp_lfdelete
pp_lflock
pp_lfopen
pp_lfunlock
pp_libtest
pp_libversion
pp_ndecrypt
pp_ndecryptx
pp_nencrypt
pp_nencryptx
pp_netclose
pp_netopen
pp_nettest
pp_npdate
pp_password
pp_redir
pp_semclose
pp_semcount
pp_semopen
pp_semtest
pp_semused
pp_setvarchar
pp_setvardate
pp_setvarnum
pp_sysinfo
pp_tcode
pp_timercheck
pp_timerstart
pp_transfer
pp_upddate
pp_valdate
sample_of_custom_function

Sections

Size: 74KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 5KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 62KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SunLightFace/SDK_30天试用版/C_SHARP_sample/App.ico
SunLightFace/SDK_30天试用版/C_SHARP_sample/AssemblyInfo.cs
SunLightFace/SDK_30天试用版/C_SHARP_sample/Backup/App.ico
SunLightFace/SDK_30天试用版/C_SHARP_sample/Backup/AssemblyInfo.cs
SunLightFace/SDK_30天试用版/C_SHARP_sample/Backup/Csharp_TEST.sln
SunLightFace/SDK_30天试用版/C_SHARP_sample/Backup/Csharp_TEST.suo
SunLightFace/SDK_30天试用版/C_SHARP_sample/Backup/Form1.cs
SunLightFace/SDK_30天试用版/C_SHARP_sample/Backup/Form1.resx
.xml .vbs polyglot
SunLightFace/SDK_30天试用版/C_SHARP_sample/Backup/WindowsApplication5.csproj
SunLightFace/SDK_30天试用版/C_SHARP_sample/Backup/WindowsApplication5.csproj.user
SunLightFace/SDK_30天试用版/C_SHARP_sample/Csharp_TEST.sln
SunLightFace/SDK_30天试用版/C_SHARP_sample/Csharp_TEST.suo
SunLightFace/SDK_30天试用版/C_SHARP_sample/FaceTest.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\face_release_18\SDK_30天试用版\C_SHARP_sample\obj\Debug\FaceTest.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SunLightFace/SDK_30天试用版/C_SHARP_sample/FaceTest.pdb
SunLightFace/SDK_30天试用版/C_SHARP_sample/Form1.cs
SunLightFace/SDK_30天试用版/C_SHARP_sample/Form1.resx
.xml .vbs polyglot
SunLightFace/SDK_30天试用版/C_SHARP_sample/UpgradeLog.XML
.xml
SunLightFace/SDK_30天试用版/C_SHARP_sample/WindowsApplication5.csproj
SunLightFace/SDK_30天试用版/C_SHARP_sample/WindowsApplication5.csproj.user
SunLightFace/SDK_30天试用版/C_SHARP_sample/_UpgradeReport_Files/UpgradeReport.css
SunLightFace/SDK_30天试用版/C_SHARP_sample/_UpgradeReport_Files/UpgradeReport.xslt
.xml .js polyglot
SunLightFace/SDK_30天试用版/C_SHARP_sample/_UpgradeReport_Files/UpgradeReport_Minus.gif
.gif
SunLightFace/SDK_30天试用版/C_SHARP_sample/_UpgradeReport_Files/UpgradeReport_Plus.gif
.gif
SunLightFace/SDK_30天试用版/C_SHARP_sample/obj/WindowsApplication5.csproj.FileList.txt
SunLightFace/SDK_30天试用版/SunLightData.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

LoadBaseData

Sections

Size: 60KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 6KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 486KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 451KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SunLightFace/SDK_30天试用版/SunLightFace.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

FaceCalcData
UsbVideo_CapOneBmp
UsbVideo_EndAll
UsbVideo_Init
zAddFaceTemplate
zCountMemoryTidTotaleNums
zCountTemplateTotaleNums
zCreateOneThreadObject
zDelAllTemplate
zDelTemplateA
zDelTemplateB
zDeleteOneThreadObject
zDrawOneTemplatePhoto
zFaceLocate
zFaceLocate_BmpData
zFaceLocate_FreeMemory
zFlagFace
zFrameCheck
zGetA
zGetLastError
zInitCheck
zInitialize
zRecog1C1
zRecog1C1_Fast
zRecog1CN
zSetA
zSetB
zUnInitialize
zUpdateMemory

Sections

Size: 247KB - Virtual size: 512KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 17KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 22.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 156KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SunLightFace/SDK_30天试用版/SunLightFace.h
SunLightFace/SDK_30天试用版/SunLightFace.lib
SunLightFace/SDK_30天试用版/VB_sample/FACE_VB1.exe
.exe windows:4 windows x86 arch:x86

c0f3fb6207a03be0300b5bd7587eacf5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarSub
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaFreeVar
__vbaStrVarMove
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaLsetFixstr
__vbaSetSystemError
__vbaHresultCheckObj
__vbaLenVar
_adj_fdiv_m32
__vbaVarTstLe
__vbaVarForInit
__vbaObjSet
ord595
__vbaOnError
_adj_fdiv_m16i
_adj_fdivr_m16i
ord520
__vbaStrFixstr
_CIsin
ord632
__vbaChkstk
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
ord529
__vbaVarTstEq
__vbaAryConstruct2
DllFunctionCall
__vbaStrR4
_adj_fpatan
__vbaFixstrConstruct
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaVarMul
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord608
__vbaFPException
__vbaStrVarVal
__vbaVarCat
__vbaLsetFixstrFree
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaI4Var
__vbaVarAdd
__vbaVarDup
__vbaStrToAnsi
ord612
ord613
__vbaVarTstGe
_CIatan
__vbaStrMove
_allmul
_CItan
__vbaVarForNext
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SunLightFace/SDK_30天试用版/VB_sample/Form1.frm
.vbs
SunLightFace/SDK_30天试用版/VB_sample/Module1.bas
SunLightFace/SDK_30天试用版/VB_sample/工程1.vbp
SunLightFace/SDK_30天试用版/VB_sample/工程1.vbw
SunLightFace/SDK_30天试用版/VC_sample/P1.cpp
SunLightFace/SDK_30天试用版/VC_sample/P1.h
SunLightFace/SDK_30天试用版/VC_sample/P2.cpp
SunLightFace/SDK_30天试用版/VC_sample/P2.h
SunLightFace/SDK_30天试用版/VC_sample/P3.cpp
SunLightFace/SDK_30天试用版/VC_sample/P3.h
SunLightFace/SDK_30天试用版/VC_sample/P4.cpp
SunLightFace/SDK_30天试用版/VC_sample/P4.h
SunLightFace/SDK_30天试用版/VC_sample/P5.cpp
SunLightFace/SDK_30天试用版/VC_sample/P5.h
SunLightFace/SDK_30天试用版/VC_sample/P6.cpp
SunLightFace/SDK_30天试用版/VC_sample/P6.h
SunLightFace/SDK_30天试用版/VC_sample/P7.cpp
SunLightFace/SDK_30天试用版/VC_sample/P7.h
SunLightFace/SDK_30天试用版/VC_sample/ReadMe.txt
SunLightFace/SDK_30天试用版/VC_sample/Resource.h
SunLightFace/SDK_30天试用版/VC_sample/SunLightFace.h
SunLightFace/SDK_30天试用版/VC_sample/SunLightFace.lib
SunLightFace/SDK_30天试用版/VC_sample/SunlightFace.exe
.exe windows:4 windows x86 arch:x86

31ee83bb0b1f447fbe5c889c6aaaa616

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\face_release_18\Sdk_30天试用版\VC_sample\Release\VC_TEST.pdb

Imports

sunlightface

zInitialize
zCreateOneThreadObject
UsbVideo_Init
zDeleteOneThreadObject
zUnInitialize
UsbVideo_EndAll
zRecog1CN
zDelAllTemplate
zInitCheck
zFrameCheck
zRecog1C1_Fast
zRecog1C1
zGetA
zAddFaceTemplate
zUpdateMemory
zCountMemoryTidTotaleNums
zCountTemplateTotaleNums
zDrawOneTemplatePhoto
UsbVideo_CapOneBmp
zSetA
zFaceLocate
zGetLastError
zFlagFace
zFaceLocate_FreeMemory

kernel32

GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
SetErrorMode
GetTickCount
HeapAlloc
HeapFree
LocalAlloc
VirtualQuery
RtlUnwind
ExitProcess
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
GetStartupInfoA
GetCommandLineA
HeapReAlloc
TerminateProcess
SetStdHandle
GetFileType
HeapSize
HeapDestroy
HeapCreate
IsBadWritePtr
QueryPerformanceCounter
GetCurrentProcessId
GetTimeZoneInformation
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GlobalFlags
FindResourceExA
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
InterlockedDecrement
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
SetLastError
MulDiv
FormatMessageA
LocalFree
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
FreeResource
GlobalFree
VirtualProtect
FindFirstFileA
FindNextFileA
VirtualAlloc
VirtualFree
GetModuleFileNameA
GetCurrentDirectoryA
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentProcess
LoadLibraryA
GetProcAddress
CreateFileA
CloseHandle
CompareStringW
CompareStringA
lstrcmpiA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
RaiseException
WideCharToMultiByte
Beep
DeleteFileA
Sleep
lstrlenA
EnterCriticalSection
LeaveCriticalSection
FindResourceA
LoadResource
LockResource
SizeofResource
GetLastError
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetSystemInfo

user32

PostThreadMessageA
RegisterClipboardFormatA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
SetRect
IsRectEmpty
CharNextA
SetCapture
LoadCursorA
GetSysColorBrush
wsprintfA
UnpackDDElParam
ReuseDDElParam
ReleaseCapture
LoadAcceleratorsA
InvalidateRect
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorA
DestroyMenu
GetMenuItemInfoA
InflateRect
SetWindowContextHelpId
ShowOwnedPopups
SetCursor
PostQuitMessage
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
IsChild
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MessageBoxA
TrackPopupMenu
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CopyRect
PtInRect
GetWindow
GetDesktopWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetNextDlgTabItem
EndDialog
MapDialogRect
ShowWindow
GetCapture
GetActiveWindow
SetActiveWindow
GetAsyncKeyState
GetFocus
SetFocus
PostMessageA
GetWindowLongA
GetParent
IsWindowEnabled
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
SetDlgItemTextA
SetWindowPos
GetDC
GetWindowRect
LoadMenuA
GetSystemMetrics
LoadIconA
GetClientRect
IsIconic
GetSystemMenu
SetMenu
SendMessageA
AppendMenuA
DrawIcon
UnregisterClassA
CharUpperA
GetSysColor
SetParent
EnableWindow
KillTimer
SetTimer
RedrawWindow
MapWindowPoints

gdi32

GetTextColor
GetRgnBox
CreateRectRgnIndirect
CreateSolidBrush
GetBkColor
GetStockObject
CreatePatternBrush
ExtSelectClipRgn
GetMapMode
EnumFontFamiliesExA
CreateCompatibleBitmap
GetTextExtentPoint32A
CreateFontIndirectA
SetBkMode
RestoreDC
SaveDC
GetDeviceCaps
CreateBitmap
SetBkColor
SetTextColor
ScaleWindowExtEx
GetClipBox
GetTextExtentPointA
CreateFontA
Rectangle
SetStretchBltMode
CreateDIBSection
StretchBlt
DeleteObject
GetObjectA
SetDIBColorTable
SelectObject
DeleteDC
CreatePen
CreateCompatibleDC
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
SetMapMode

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegOpenKeyA
RegEnumKeyA
RegCloseKey
RegQueryValueA

shell32

DragFinish
DragQueryFileA

comctl32

ord17
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_Destroy
ImageList_Draw
ImageList_GetImageInfo

shlwapi

PathFindExtensionW
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA

oledlg

ord8

ole32

StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
OleInitialize
CoFreeUnusedLibraries
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CoGetClassObject
CLSIDFromString
CoRevokeClassObject
OleUninitialize

oleaut32

OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
SafeArrayDestroy
VariantCopy
SysFreeString

gdiplus

GdipAlloc
GdipDrawImageI
GdipGetImageGraphicsContext
GdipFree
GdiplusShutdown
GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipSaveImageToFile
GdipDisposeImage
GdipDeleteGraphics
GdipCloneImage

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SunLightFace/SDK_30天试用版/VC_sample/VC_TEST.sln
SunLightFace/SDK_30天试用版/VC_sample/VC_TEST.suo
SunLightFace/SDK_30天试用版/VC_sample/res/TRFFC02.ICO
SunLightFace/SDK_30天试用版/VC_sample/res/tab_sheet_pro.ico
SunLightFace/SDK_30天试用版/VC_sample/res/tab_sheet_pro.manifest
.xml
SunLightFace/SDK_30天试用版/VC_sample/res/tab_sheet_pro.rc2
SunLightFace/SDK_30天试用版/VC_sample/res/table1.bmp
SunLightFace/SDK_30天试用版/VC_sample/stdafx.cpp
SunLightFace/SDK_30天试用版/VC_sample/stdafx.h
SunLightFace/SDK_30天试用版/VC_sample/tab_sheet_pro.aps
SunLightFace/SDK_30天试用版/VC_sample/tab_sheet_pro.cpp
SunLightFace/SDK_30天试用版/VC_sample/tab_sheet_pro.h
SunLightFace/SDK_30天试用版/VC_sample/tab_sheet_pro.rc
SunLightFace/SDK_30天试用版/VC_sample/tab_sheet_pro.sln.old
SunLightFace/SDK_30天试用版/VC_sample/tab_sheet_pro.vcproj
.xml
SunLightFace/SDK_30天试用版/VC_sample/tab_sheet_pro.vcproj.old
.xml
SunLightFace/SDK_30天试用版/VC_sample/tab_sheet_proDlg.cpp
SunLightFace/SDK_30天试用版/VC_sample/tab_sheet_proDlg.h
SunLightFace/SDK_30天试用版/VC_sample/zhardware.cpp
SunLightFace/SDK_30天试用版/VC_sample/zhardware.h
SunLightFace/SDK_30天试用版/VC_sample/zstring.cpp
.js
SunLightFace/SDK_30天试用版/VC_sample/zstring.h
SunLightFace/SDK_30天试用版/VC_sample/zstringEx.cpp
SunLightFace/SDK_30天试用版/VC_sample/zstringEx.h
SunLightFace/SDK_30天试用版/zData/NULL_TempLate.dat
SunLightFace/SDK_30天试用版/zData/Stand_template_big_face.DAT
SunLightFace/SDK_30天试用版/zData/Stand_template_face.DAT
SunLightFace/SDK_30天试用版/zData/TempLate.dat
SunLightFace/SDK_30天试用版/zLicense.dat
SunLightFace/SDK_30天试用版/读我.txt
SunLightFace/Stand_template_big_face.DAT
SunLightFace/Stand_template_face.DAT
SunLightFace/SunLightFace.dat
SunLightFace/SunLightFace.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

FaceCalcData
UsbVideo_CapOneBmp
UsbVideo_EndAll
UsbVideo_Init
zAddFaceTemplate
zCountMemoryTidTotaleNums
zCountTemplateTotaleNums
zCreateOneThreadObject
zDelAllTemplate
zDelTemplateA
zDelTemplateB
zDeleteOneThreadObject
zDrawOneTemplatePhoto
zFaceLocate
zFaceLocate_BmpData
zFaceLocate_FreeMemory
zFlagFace
zFrameCheck
zGetA
zGetLastError
zInitCheck
zInitialize
zRecog1C1
zRecog1C1_Fast
zRecog1CN
zSetA
zSetB
zUpdateMemory

Sections

Size: 71KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 6KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 60.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 487KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 453KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SunLightFace/SunlightFace.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 413KB - Virtual size: 836KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 38KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 191.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 777KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 365KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SunLightFace/TempLate.dat
SunLightFace/USB_DEVICE_ID.txt
SunLightFace/新云软件.url
.url
SunLightFace/阳光人脸识别二次开发包说明书.doc
.doc windows office2003

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

Size: 74KB - Virtual size: 142KB

Size: 1024B - Virtual size: 8KB

Size: 5KB - Virtual size: 28KB

.rsrc Size: 512B - Virtual size: 2KB

Size: - Virtual size: 7KB

Size: 62KB - Virtual size:

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 16KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 12B

Headers

File Characteristics

Exports

Exports

Sections

Size: 60KB - Virtual size: 97KB

Size: 6KB - Virtual size: 24KB

Size: 2KB - Virtual size: 20KB

.rsrc Size: 2KB - Virtual size: 486KB

Size: - Virtual size: 30KB

Size: 451KB - Virtual size:

Headers

File Characteristics

Exports

Exports

Sections

Size: 247KB - Virtual size: 512KB

Size: 17KB - Virtual size: 54KB

Size: 3KB - Virtual size: 22.0MB

.rsrc Size: 2KB - Virtual size: 15KB

Size: - Virtual size: 98KB

Size: 156KB - Virtual size:

c0f3fb6207a03be0300b5bd7587eacf5

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 28KB - Virtual size: 26KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 2KB

31ee83bb0b1f447fbe5c889c6aaaa616

Headers

File Characteristics

PDB Paths

Imports

sunlightface

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

Sections

.text Size: 208KB - Virtual size: 207KB

.rdata Size: 60KB - Virtual size: 56KB

.rsrc
Size: 512B - Virtual size: 2KB

.text
Size: 16KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 12B

.rsrc
Size: 2KB - Virtual size: 486KB

.rsrc
Size: 2KB - Virtual size: 15KB

.text
Size: 28KB - Virtual size: 26KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 2KB

.text
Size: 208KB - Virtual size: 207KB

.rdata
Size: 60KB - Virtual size: 56KB

.data
Size: 12KB - Virtual size: 3.8MB

.rsrc
Size: 204KB - Virtual size: 200KB

.rsrc
Size: 2KB - Virtual size: 487KB

.rsrc
Size: 4KB - Virtual size: 777KB