c5d765f0e717e746c91a52caa84ef6fb5da2c0d2323076337d59b7689b527f31

Sharing

Copy URL Twitter E-mail

General

Target

c5d765f0e717e746c91a52caa84ef6fb5da2c0d2323076337d59b7689b527f31
Size

1.8MB
MD5

b6d8dced6e55e68f0e7261efa5cb078e
SHA1

f2d3e9cf4806057222f0f462e2e9583665a3b925
SHA256

c5d765f0e717e746c91a52caa84ef6fb5da2c0d2323076337d59b7689b527f31
SHA512

51274ee9875e72d21ae2ae4d80906d215d22737199b525a952939e8b86083e354d852ac645de827ec660a03ec95ed0c77888f8a22fa9f5d59cb279b481bac414
SSDEEP

49152:0H+buNxOsgyjUoi/y5wXk2lzBRl/WnlvdJCACvXVUe+nZxiIX:0H+hsg3oi6+XkS1RVWF7a/Ce+nZxiIX

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ProcEdit.exe
unpack001/SciLexer.dll
unpack001/SuperViewer.exe
unpack001/old-SuperViewer.exe

Files

c5d765f0e717e746c91a52caa84ef6fb5da2c0d2323076337d59b7689b527f31
.zip
CustomImage.bmp
HexTool.bookmark
HexTool.config
HexTool.history
HexTool.icons
NodeImage.bmp
ProcEdit.exe
.exe windows:6 windows x64 arch:x64

78de7086a1f2ff67b8a3025da445800a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\MyFiles\SV\bin\HexEditXP\ProcEdit.pdb

Imports

kernel32

GetCommandLineW
MapViewOfFile
K32GetModuleBaseNameW
SetEvent
VirtualQueryEx
K32EnumProcessModules
K32GetModuleFileNameExW
OpenProcess
ReadProcessMemory
K32GetModuleInformation
GetLastError
WaitForMultipleObjects
CloseHandle
WriteProcessMemory
WriteConsoleW
SetFilePointerEx
HeapFree
HeapAlloc
GetCommandLineA
IsDebuggerPresent
IsProcessorFeaturePresent
EncodePointer
DecodePointer
GetProcessHeap
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetStdHandle
WriteFile
GetModuleFileNameW
SetLastError
GetCurrentThreadId
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
RtlUnwindEx
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
LoadLibraryExW
OutputDebugStringW
HeapReAlloc
HeapSize
LCMapStringW
ReadFile
GetConsoleMode
ReadConsoleW
FlushFileBuffers
GetConsoleCP
SetStdHandle
CreateFileW

user32

MessageBoxW

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SciLexer.dll
.dll windows:6 windows x86 arch:x86

4be3d39d77938dbe7bfe6b103fe21f26

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Oliver\sv\scintilla322\bin\SciLexer.pdb

Imports

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
FindNextFileA
FindFirstFileExA
FindClose
GetFileType
GetStdHandle
HeapAlloc
HeapFree
GetModuleFileNameA
GetModuleHandleExW
ExitProcess
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
SetLastError
GetLastError
InterlockedFlushSList
RaiseException
RtlUnwind
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetProcessHeap
SetStdHandle
GetStringTypeW
HeapSize
HeapReAlloc
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointerEx
DecodePointer
CloseHandle
CreateFileW
EnterCriticalSection
GlobalUnlock
GetTickCount
WideCharToMultiByte
LCMapStringW
GlobalLock
LoadLibraryW
GlobalFree
GlobalAlloc
GlobalSize
IsValidCodePage
GetLocaleInfoA
GetModuleHandleA
GetCPInfo
MulDiv
QueryPerformanceCounter
FreeLibrary
DeleteCriticalSection
GetProcAddress
QueryPerformanceFrequency
GetVersionExA
LoadLibraryA
MultiByteToWideChar
GetACP
InitializeCriticalSection
LeaveCriticalSection
IsDBCSLeadByteEx
LoadLibraryExW
WriteConsoleW

user32

GetUpdateRgn
HideCaret
PostMessageA
SetScrollInfo
GetScrollInfo
MsgWaitForMultipleObjects
RegisterClassExW
SetCaretPos
ScreenToClient
EndPaint
BeginPaint
GetCursorPos
ReleaseDC
InvalidateRect
OpenClipboard
SetTimer
GetDlgCtrlID
CloseClipboard
EmptyClipboard
IsChild
CreateCaret
GetKeyboardLayout
GetMessageTime
SetFocus
GetClipboardData
DestroyCaret
SetClipboardData
AppendMenuA
IsClipboardFormatAvailable
GetCaretBlinkTime
ShowCaret
KillTimer
IsWindowUnicode
RegisterClipboardFormatA
AdjustWindowRectEx
GetKeyState
GetWindowRect
LoadCursorA
DestroyWindow
InflateRect
GetDC
SetWindowPos
FillRect
GetIconInfo
GetSystemMetrics
CreatePopupMenu
DestroyCursor
TrackPopupMenu
ShowWindow
DrawTextA
SetWindowLongA
CreateIconIndirect
ClientToScreen
CallWindowProcA
MapWindowPoints
GetWindowLongA
GetDoubleClickTime
FrameRect
DrawFocusRect
GetSysColor
DefWindowProcA
DestroyMenu
CreateWindowExA
SendMessageA
SetCapture
SetCursor
SystemParametersInfoA
GetClientRect
DrawTextW
UnregisterClassA
GetParent
RegisterClassExA
ReleaseCapture

gdi32

DeleteObject
TranslateCharsetInfo
GetNearestColor
BitBlt
CreateCompatibleBitmap
ExtTextOutA
SelectObject
CreateDIBSection
GetTextExtentPoint32A
CreateCompatibleDC
GetTextExtentExPointW
StretchBlt
GetStockObject
GetTextExtentExPointA
GetDeviceCaps
CreatePatternBrush
DeleteDC
GetTextExtentPoint32W
SetTextColor
SetBkMode
LineTo
CreatePen
Rectangle
GetObjectW
Polygon
CreateFontIndirectA
MoveToEx
SetBkColor
Ellipse
CreateSolidBrush
GetTextMetricsA
CreateFontIndirectW
SetTextAlign
RoundRect
ExtTextOutW
GetObjectA
IntersectClipRect
CreateBitmap
CreateRectRgn
CombineRgn

imm32

ImmNotifyIME
ImmGetCompositionStringW
ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext
ImmSetCompositionFontA

ole32

RegisterDragDrop
OleInitialize
DoDragDrop
OleUninitialize
RevokeDragDrop

Exports

Exports

Scintilla_DirectFunction

Sections

.text
Size: 455KB - Virtual size: 455KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SuperViewer.bookmark
SuperViewer.config
SuperViewer.exe
.exe windows:6 windows x86 arch:x86

c6a6bd2abef510252024d93449a42772

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryW
LocalFree
FormatMessageW
VerifyVersionInfoW
GetDriveTypeW
GetLogicalDrives
GetVolumeInformationW
SetLastError
GetSystemTime
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
WriteConsoleW
HeapReAlloc
HeapSize
FlushFileBuffers
GetProcessHeap
GetStringTypeW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
LCMapStringW
GetCurrentThreadId
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
GetFileType
HeapAlloc
HeapFree
ExitProcess
GetStdHandle
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
EncodePointer
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
VirtualQuery
RtlUnwind
RaiseException
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
CreateMutexW
QueryPerformanceFrequency
QueryPerformanceCounter
OutputDebugStringW
GetFullPathNameW
VerSetConditionMask
MulDiv
WriteProcessMemory
ReadProcessMemory
VirtualQueryEx
OpenProcess
CreateProcessW
GetCurrentProcessId
GetCurrentProcess
GetCPInfo
GetThreadLocale
CompareStringW
lstrcmpiW
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
lstrcmpW
GlobalMemoryStatusEx
SystemTimeToFileTime
GetModuleHandleW
GetModuleFileNameW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
WaitForSingleObject
GetTickCount
CloseHandle
GetTempFileNameA
GetTimeFormatW
GetDateFormatW
FileTimeToSystemTime
GetLocalTime
GetFileTime
GetFileInformationByHandle
CompareFileTime
VirtualFree
VirtualAlloc
GetSystemInfo
CreateEventW
ResetEvent
SetEvent
FindNextFileW
FindFirstFileW
FindClose
WideCharToMultiByte
MoveFileExW
DeviceIoControl
GetLastError
WriteFile
DecodePointer
SetFilePointer
SetEndOfFile
ReadFile
GetFileSizeEx
GetFileAttributesW
GetDiskFreeSpaceExW
DeleteFileW
CreateFileW
LoadLibraryW
GetProcAddress
FreeLibrary
MultiByteToWideChar
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetTempFileNameW
CreateDirectoryW
SetFilePointerEx
lstrlenW

user32

TranslateAcceleratorW
DestroyAcceleratorTable
CreateAcceleratorTableW
ReleaseCapture
SetCapture
GetKeyNameTextW
GetKeyState
SetClipboardViewer
IsDlgButtonChecked
CheckDlgButton
DialogBoxIndirectParamW
CreateDialogIndirectParamW
RegisterClassExW
UnregisterClassW
PostQuitMessage
DrawFrameControl
DrawEdge
MessageBoxW
SendDlgItemMessageW
InflateRect
GetCapture
SetActiveWindow
IsWindowEnabled
DeferWindowPos
TrackPopupMenuEx
GetMenuItemCount
GetMenuItemID
EnableMenuItem
GetSystemMenu
GetMenuState
MapVirtualKeyW
keybd_event
BringWindowToTop
GetDoubleClickTime
PostMessageW
CheckMenuItem
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
RedrawWindow
GetWindowDC
IsWindow
PeekMessageW
DispatchMessageW
CreatePopupMenu
LoadIconW
SetMenuInfo
InsertMenuItemW
SetMenuItemInfoW
DrawTextW
BeginPaint
EndPaint
GetWindowTextLengthW
MessageBeep
GetCursor
GetCaretPos
GetWindowThreadProcessId
GetSysColorBrush
WindowFromPoint
GetMessageW
IsDialogMessageW
MsgWaitForMultipleObjectsEx
GetScrollInfo
CreateIconIndirect
GetSysColor
OpenClipboard
CloseClipboard
EmptyClipboard
CreateWindowExW
ShowWindow
GetWindowPlacement
IsZoomed
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
RegisterWindowMessageW
SetCaretPos
ShowCaret
HideCaret
DestroyCaret
GetCaretBlinkTime
CreateCaret
GetCursorPos
GetWindowTextW
GetIconInfo
LoadImageW
DestroyIcon
EndDialog
GetComboBoxInfo
TranslateMessage
DestroyMenu
DrawIconEx
LoadCursorW
GetDesktopWindow
FillRect
SystemParametersInfoW
ValidateRect
GetFocus
SetWindowPos
MoveWindow
CallWindowProcW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetClassNameW
SetParent
MapWindowPoints
SetWindowTextW
SetForegroundWindow
EnableWindow
SetFocus
IsWindowVisible
EndDeferWindowPos
BeginDeferWindowPos
IsChild
EnableScrollBar
ScrollWindowEx
SetScrollInfo
ShowScrollBar
GetSystemMetrics
ScreenToClient
GetParent
SetWindowLongW
GetWindowLongW
PtInRect
OffsetRect
ClientToScreen
SetCursor
GetWindowRect
InvalidateRect
ReleaseDC
GetDC
KillTimer
SetTimer
GetDlgItem
DestroyWindow
DefWindowProcW
SendMessageW
GetPriorityClipboardFormat
IsClipboardFormatAvailable
RegisterClipboardFormatW
GetClipboardData
SetClipboardData
GetClientRect
UpdateWindow
ChangeClipboardChain

gdi32

SetViewportOrgEx
SetWindowExtEx
CreateBitmap
CreateFontIndirectW
SetViewportExtEx
RestoreDC
SetPixel
GetTextMetricsW
GetObjectW
EndPage
StartPage
EndDoc
StartDocW
SetMapMode
CreateDIBSection
GetDeviceCaps
GetDIBits
DeleteDC
SetWindowOrgEx
MoveToEx
LineTo
GetTextExtentPoint32W
GetCharABCWidthsW
GetCharWidth32W
CreatePen
TextOutW
SetBkMode
GetBkColor
RectVisible
IntersectClipRect
ExtTextOutW
SetTextColor
SetBkColor
StretchBlt
ExcludeClipRect
GetPixel
BitBlt
SelectObject
SaveDC
DeleteObject
CreatePatternBrush
CreateCompatibleBitmap
CreateCompatibleDC

comdlg32

GetSaveFileNameW
GetOpenFileNameW
PageSetupDlgW
PrintDlgW
ChooseColorW
ChooseFontW

advapi32

OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
GetTokenInformation

shell32

SHGetFolderPathW
ShellExecuteW
CommandLineToArgvW
SHBrowseForFolderW
SHGetDesktopFolder
SHGetSpecialFolderLocation
DragQueryFileW
DragAcceptFiles
SHGetPathFromIDListW
ord190
ord23
ord21
ord17
ord24
ord25
SHGetFileInfoW
ord152
ord18

ole32

ReleaseStgMedium
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid
OleInitialize
OleUninitialize

comctl32

ImageList_Destroy
ImageList_Create
ord14
ord13
ImageList_Replace
ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_DrawEx
InitCommonControlsEx
ImageList_SetImageCount
ImageList_Copy
ImageList_Read
ImageList_WriteEx
ImageList_GetIcon
ImageList_GetIconSize
ImageList_Add
_TrackMouseEvent

shlwapi

StrRetToBufW

psapi

GetModuleFileNameExW
GetModuleBaseNameW
EnumProcessModules
GetModuleInformation

Exports

Exports

extern_can_paste
text_custom_parser

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 287KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SuperViewer.exp
SuperViewer.history
SuperViewer.icons
SuperViewer.lib
_file_table.ds
.js
common/dex.ds
.js
common/disk.ds
common/elf.ds
.js
common/flatbuf.ds
.js
common/java_class.ds
.js
common/java_hprof.ds
.js
common/jks.ds
.js
common/nodeinfo.ds
.js
common/pe.ds
.js
common/process.ds
.js
common/protobuf.ds
.js
common/sqlite3.ds
.js
file_parser.ds
.js
fix_amnt.ds
.js
gen_guid.ds
.js
old-SuperViewer.exe
.exe windows:6 windows x86 arch:x86

4101ab38a858c71d3b57a3bec6c76c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryW
LocalFree
FormatMessageW
VerifyVersionInfoW
GetDriveTypeW
GetLogicalDrives
GetVolumeInformationW
SetLastError
GetSystemTime
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
WriteConsoleW
HeapReAlloc
HeapSize
FlushFileBuffers
GetProcessHeap
GetStringTypeW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
LCMapStringW
GetCurrentThreadId
SetFilePointerEx
GetConsoleCP
ReadConsoleW
GetConsoleMode
GetFileType
HeapAlloc
HeapFree
GetACP
ExitProcess
GetStdHandle
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
VirtualQuery
RtlUnwind
RaiseException
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
CreateMutexW
QueryPerformanceFrequency
QueryPerformanceCounter
OutputDebugStringW
GetFullPathNameW
VerSetConditionMask
MulDiv
WriteProcessMemory
ReadProcessMemory
VirtualQueryEx
OpenProcess
CreateProcessW
GetCurrentProcessId
GetCurrentProcess
GetCPInfo
GetThreadLocale
CompareStringW
lstrcmpiW
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
lstrcmpW
GlobalMemoryStatusEx
SystemTimeToFileTime
GetModuleHandleW
GetModuleFileNameW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
WaitForSingleObject
GetTickCount
CloseHandle
GetTempFileNameA
GetTimeFormatW
GetDateFormatW
FileTimeToSystemTime
GetLocalTime
GetFileTime
GetFileInformationByHandle
CompareFileTime
VirtualFree
VirtualAlloc
GetSystemInfo
CreateEventW
ResetEvent
SetEvent
FindNextFileW
FindFirstFileW
FindClose
WideCharToMultiByte
MoveFileExW
DeviceIoControl
DecodePointer
GetLastError
WriteFile
SetFilePointer
SetEndOfFile
ReadFile
GetFileSizeEx
GetFileAttributesW
GetDiskFreeSpaceExW
DeleteFileW
CreateFileW
LoadLibraryW
GetProcAddress
FreeLibrary
MultiByteToWideChar
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetTempFileNameW
CreateDirectoryW
lstrlenW

user32

TranslateAcceleratorW
DestroyAcceleratorTable
CreateAcceleratorTableW
ReleaseCapture
SetCapture
GetKeyState
ChangeClipboardChain
SetClipboardViewer
IsDlgButtonChecked
CheckDlgButton
DialogBoxIndirectParamW
CreateDialogIndirectParamW
RegisterClassExW
UnregisterClassW
PostQuitMessage
DrawFrameControl
DrawEdge
MessageBoxW
SendDlgItemMessageW
InflateRect
GetCapture
SetActiveWindow
IsWindowEnabled
DeferWindowPos
TrackPopupMenuEx
GetMenuItemCount
GetMenuItemID
EnableMenuItem
GetSystemMenu
GetMenuState
MapVirtualKeyW
keybd_event
IsDialogMessageW
CreatePopupMenu
PostMessageW
SystemParametersInfoW
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
RedrawWindow
GetWindowDC
IsWindow
DestroyMenu
CheckMenuItem
SetMenuInfo
InsertMenuItemW
SetMenuItemInfoW
DrawTextW
BeginPaint
EndPaint
GetWindowTextLengthW
MessageBeep
GetCursor
GetCaretPos
GetSysColor
FillRect
GetDesktopWindow
LoadCursorW
GetMessageW
GetWindowThreadProcessId
GetSysColorBrush
OpenClipboard
CloseClipboard
EmptyClipboard
GetKeyNameTextW
CreateWindowExW
ShowWindow
GetWindowPlacement
PeekMessageW
DispatchMessageW
TranslateMessage
LoadIconW
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
RegisterWindowMessageW
SetCaretPos
ShowCaret
HideCaret
DestroyCaret
GetCaretBlinkTime
CreateCaret
GetCursorPos
GetWindowTextW
GetIconInfo
GetDoubleClickTime
WindowFromPoint
MsgWaitForMultipleObjectsEx
GetScrollInfo
CreateIconIndirect
BringWindowToTop
DrawIconEx
LoadImageW
DestroyIcon
EndDialog
GetComboBoxInfo
ValidateRect
GetFocus
SetWindowPos
MoveWindow
CallWindowProcW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetClassNameW
SetParent
MapWindowPoints
SetWindowTextW
SetForegroundWindow
EnableWindow
SetFocus
IsWindowVisible
EndDeferWindowPos
BeginDeferWindowPos
IsChild
EnableScrollBar
ScrollWindowEx
SetScrollInfo
ShowScrollBar
GetSystemMetrics
ScreenToClient
GetParent
SetWindowLongW
GetWindowLongW
PtInRect
OffsetRect
ClientToScreen
SetCursor
GetWindowRect
InvalidateRect
ReleaseDC
GetDC
KillTimer
SetTimer
GetDlgItem
DestroyWindow
DefWindowProcW
SendMessageW
GetPriorityClipboardFormat
IsClipboardFormatAvailable
RegisterClipboardFormatW
GetClipboardData
SetClipboardData
GetClientRect
UpdateWindow
IsZoomed

gdi32

SetViewportOrgEx
SetWindowExtEx
CreateBitmap
CreateFontIndirectW
SetViewportExtEx
RestoreDC
SetPixel
GetTextMetricsW
GetObjectW
EndPage
StartPage
EndDoc
StartDocW
SetMapMode
CreateDIBSection
GetDeviceCaps
GetDIBits
DeleteDC
SetWindowOrgEx
MoveToEx
LineTo
GetTextExtentPoint32W
GetCharABCWidthsW
GetCharWidth32W
CreatePen
TextOutW
SetBkMode
GetBkColor
RectVisible
IntersectClipRect
ExtTextOutW
SetTextColor
SetBkColor
StretchBlt
ExcludeClipRect
GetPixel
BitBlt
SelectObject
SaveDC
DeleteObject
CreatePatternBrush
CreateCompatibleBitmap
CreateCompatibleDC

comdlg32

GetSaveFileNameW
GetOpenFileNameW
PageSetupDlgW
PrintDlgW
ChooseColorW
ChooseFontW

advapi32

OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
GetTokenInformation

shell32

SHGetPathFromIDListW
ord152
SHGetFolderPathW
DragAcceptFiles
DragQueryFileW
CommandLineToArgvW
ShellExecuteW
SHBrowseForFolderW
SHGetDesktopFolder
SHGetSpecialFolderLocation
ord18
ord190
ord23
ord21
ord17
ord24
ord25
SHGetFileInfoW

ole32

OleInitialize
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid
OleUninitialize
ReleaseStgMedium

comctl32

ImageList_Destroy
ImageList_Create
ord14
ord13
ImageList_Replace
ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_DrawEx
InitCommonControlsEx
ImageList_SetImageCount
ImageList_Copy
ImageList_Read
ImageList_WriteEx
ImageList_GetIcon
ImageList_GetIconSize
ImageList_Add
_TrackMouseEvent

shlwapi

StrRetToBufW

psapi

GetModuleBaseNameW
EnumProcessModules
GetModuleFileNameExW
GetModuleInformation

Exports

Exports

extern_can_paste
text_custom_parser

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 287KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
strings.csv
text_table.ds

Sharing

General

Malware Config

Signatures

Files

78de7086a1f2ff67b8a3025da445800a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Sections

.text Size: 55KB - Virtual size: 55KB

.rdata Size: 26KB - Virtual size: 25KB

.data Size: 6KB - Virtual size: 16KB

.pdata Size: 3KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1KB - Virtual size: 1KB

4be3d39d77938dbe7bfe6b103fe21f26

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

imm32

ole32

Exports

Exports

Sections

.text Size: 455KB - Virtual size: 455KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 6KB - Virtual size: 9KB

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 18KB - Virtual size: 17KB

c6a6bd2abef510252024d93449a42772

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

comctl32

shlwapi

psapi

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 133KB - Virtual size: 133KB

.data Size: 57KB - Virtual size: 139KB

.rsrc Size: 287KB - Virtual size: 287KB

.reloc Size: 67KB - Virtual size: 67KB

4101ab38a858c71d3b57a3bec6c76c5b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

comctl32

shlwapi

psapi

Exports

Exports

Sections

.text
Size: 55KB - Virtual size: 55KB

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 6KB - Virtual size: 16KB

.pdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 455KB - Virtual size: 455KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 6KB - Virtual size: 9KB

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 18KB - Virtual size: 17KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 133KB - Virtual size: 133KB

.data
Size: 57KB - Virtual size: 139KB

.rsrc
Size: 287KB - Virtual size: 287KB

.reloc
Size: 67KB - Virtual size: 67KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 128KB - Virtual size: 127KB

.data
Size: 58KB - Virtual size: 139KB

.rsrc
Size: 287KB - Virtual size: 287KB

.reloc
Size: 67KB - Virtual size: 67KB