Static task
static1
Behavioral task
behavioral1
Sample
VPNMaster.exe
Resource
win7-20240419-en
windows7-x64
Behavioral task
behavioral2
Sample
VPNMaster.exe
Resource
win10v2004-20240419-en
windows10-2004-x64
Target
VPNMaster.exe
Size
8.8MB
MD5
7053384e5eba4abcbbef63c7f1716915
SHA1
708b17c3992f1e7be085d4ab1862d9648c3ac557
SHA256
ec9d02843caa60eacb6fbad7182a712eaec932283c911fdb266f773fed096e19
SHA512
e1e4d4aea9ab24775835289ed949aadda69679446287793da585765230cc963028c3bea14d1640ceb54f7dcd3705f658e2da76e8f5cebfd7f3dcc1c97b2a0045
SSDEEP
196608:dv9y84HIBLgHkC+1sz1xiNXqkd4UFRU3Zj/ZRmu9Inl1/U8qs7kcZAz:dQ8QYLekoz1xi63ZjxNalk
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
F:\360Work\vpn_master\win_master\Release\VPNMaster.pdb
CertGetCertificateChain
CertFreeCertificateChainEngine
CertCreateCertificateChainEngine
CertGetNameStringA
CertAddCertificateContextToStore
CryptStringToBinaryA
CertFreeCertificateContext
CertFreeCertificateChain
CertOpenStore
CertGetNameStringW
CertFindExtension
CertFindCertificateInStore
CryptMsgGetParam
CertCloseStore
CryptQueryObject
PFXImportCertStore
CryptDecodeObjectEx
CertEnumCertificatesInStore
CertCreateCertificateContext
CryptMsgClose
WSASetLastError
getsockopt
getsockname
getpeername
connect
WSAIoctl
send
recv
inet_pton
ntohl
inet_ntop
WSASocketW
accept
listen
freeaddrinfo
getaddrinfo
bind
setsockopt
WSAGetLastError
__WSAFDIsSet
closesocket
select
getprotobyname
socket
recvfrom
WSAWaitForMultipleEvents
WSASetEvent
WSAResetEvent
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
htonl
htons
sendto
ioctlsocket
WSACleanup
gethostbyname
WSAStartup
inet_addr
ntohs
inet_ntoa
PathAppendW
PathFileExistsW
PathRemoveFileSpecW
SHDeleteValueW
SHSetValueW
SHGetValueW
SHGetValueA
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
OpenServiceW
StartServiceW
ControlService
OpenSCManagerW
CloseServiceHandle
QueryServiceStatus
CryptAcquireContextA
CryptReleaseContext
CryptGetHashParam
CryptGenRandom
CryptCreateHash
CryptHashData
CryptDestroyHash
RegSetValueExW
RegQueryValueExW
RegDeleteValueW
RegCreateKeyExW
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
StringFromGUID2
CoCreateGuid
CoCreateInstance
CoInitialize
CoUninitialize
CoTaskMemFree
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
DeleteCriticalSection
FreeLibrary
InitializeCriticalSectionAndSpinCount
lstrcmpA
lstrcmpiA
CreateDirectoryW
SetLastError
GetCommandLineW
FindNextFileW
GetCurrentProcess
ExpandEnvironmentStringsW
TerminateProcess
GetTempPathW
FindClose
GetSystemDirectoryW
GetLocaleInfoA
OpenProcess
CreateToolhelp32Snapshot
Process32NextW
GlobalAlloc
DeleteFileW
Process32FirstW
GlobalFree
GlobalLock
MoveFileExW
GetTickCount
GlobalUnlock
CreatePipe
GetCurrentProcessId
CreateProcessW
VirtualFree
VirtualAlloc
SetFilePointer
GetFileSize
HeapSize
HeapReAlloc
MulDiv
OutputDebugStringA
CompareFileTime
K32GetProcessImageFileNameW
QueryFullProcessImageNameW
GetProcessTimes
WaitForSingleObject
LoadLibraryExW
FormatMessageW
OutputDebugStringW
LocalFree
GetWindowsDirectoryW
WinExec
Sleep
GetExitCodeProcess
VerSetConditionMask
VerifyVersionInfoW
SizeofResource
FreeResource
LockResource
LoadResource
FindResourceW
GetSystemDefaultLCID
SystemTimeToFileTime
LCMapStringW
GetModuleFileNameA
CreateEventW
SetEvent
CreateThread
EnterCriticalSection
LeaveCriticalSection
SleepEx
GetSystemDirectoryA
LoadLibraryA
VerifyVersionInfoA
WaitForSingleObjectEx
ExpandEnvironmentStringsA
FormatMessageA
GetFileSizeEx
lstrlenW
lstrcpynW
LocalAlloc
lstrcpyW
lstrcmpW
GetTickCount64
LoadLibraryW
GetCurrentDirectoryW
ExitProcess
GetACP
GetFileType
SetFileTime
DuplicateHandle
DosDateTimeToFileTime
TryEnterCriticalSection
ReleaseMutex
CreateMutexW
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesExW
GetFileTime
GetLongPathNameW
GetTempFileNameW
RemoveDirectoryW
CopyFileW
MoveFileW
ReplaceFileW
GetNativeSystemInfo
GetUserDefaultLangID
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
IsDebuggerPresent
SetThreadPriority
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FlushFileBuffers
GetFileInformationByHandle
SetEndOfFile
SetFilePointerEx
GetStdHandle
GetModuleHandleExA
GetModuleHandleExW
UnregisterWaitEx
RegisterWaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
CreateMutexA
GetFullPathNameA
GetEnvironmentVariableA
LCIDToLocaleName
GetThreadLocale
MoveFileExA
SetEnvironmentVariableW
GetStringTypeW
GetLocaleInfoW
UnhandledExceptionFilter
GetStartupInfoW
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
RaiseException
InitializeCriticalSectionEx
CreateFileA
WriteFile
GetModuleHandleA
FlushInstructionCache
LoadLibraryExA
CreateTimerQueue
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
DecodePointer
QueryPerformanceCounter
QueryPerformanceFrequency
DeviceIoControl
CloseHandle
CreateFileW
ReadFile
WideCharToMultiByte
GetModuleHandleW
GetProcessHeap
GetProcAddress
GetLocalTime
HeapAlloc
GetLastError
MultiByteToWideChar
GetVersionExW
GetFileAttributesW
GetModuleFileNameW
HeapFree
SwitchToThread
GetCurrentThread
GetExitCodeThread
EncodePointer
IsProcessorFeaturePresent
QueueUserWorkItem
GetCPInfo
ResetEvent
SignalObjectAndWait
GetThreadPriority
SetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
ReadConsoleW
GetFullPathNameW
CompareStringW
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
UnregisterWait
GetThreadTimes
FreeLibraryAndExitThread
VirtualProtect
InterlockedFlushSList
QueryDepthSList
RtlUnwind
GetTimeZoneInformation
FindFirstFileExW
GetConsoleMode
GetDriveTypeW
PeekNamedPipe
ExitThread
WriteConsoleW
GetConsoleCP
GetCurrentThreadId
GetFocus
GetActiveWindow
CharNextW
DispatchMessageW
TranslateMessage
wvsprintfW
RegisterClassW
SetPropW
GetPropW
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
GetCaretBlinkTime
SetCapture
CallWindowProcW
GetClassInfoExW
PeekMessageW
IsWindowVisible
IsWindow
LoadCursorW
SetCursor
PostQuitMessage
PtInRect
ReleaseCapture
IsIconic
GetCursorPos
BeginPaint
EndPaint
MessageBoxW
GetUpdateRect
InvalidateRect
ScreenToClient
UnionRect
IsRectEmpty
GetWindow
GetKeyState
IsZoomed
ReleaseDC
GetDC
UnregisterClassW
SetClipboardData
FindWindowW
EmptyClipboard
CloseClipboard
OpenClipboard
SendMessageW
SetCursorPos
GetDesktopWindow
mouse_event
SetWindowPos
GetWindowRect
CharPrevW
DrawTextW
FillRect
SetRect
CreateCaret
HideCaret
ShowCaret
SetCaretPos
ClientToScreen
GetSysColor
CreateAcceleratorTableW
GetCaretPos
MsgWaitForMultipleObjectsEx
GetQueueStatus
MonitorFromPoint
RegisterClassExW
CreateWindowExW
CallMsgFilterW
WaitMessage
GetGUIThreadInfo
InvalidateRgn
DefWindowProcW
OffsetRect
ShowWindow
EnableWindow
GetParent
SetFocus
LoadImageW
GetSystemMetrics
RegisterWindowMessageW
PostMessageW
SetForegroundWindow
KillTimer
GetMonitorInfoW
SetTimer
MonitorFromWindow
DestroyWindow
GetClientRect
SetWindowLongW
IntersectRect
MoveWindow
MapWindowPoints
GetWindowLongW
GetForegroundWindow
AttachThreadInput
GetWindowThreadProcessId
SetWindowRgn
ExtTextOutW
TextOutW
MoveToEx
StretchBlt
SetBkColor
ExtSelectClipRgn
SelectClipRgn
RoundRect
LineTo
GetTextExtentPoint32W
GetClipBox
GetCharABCWidthsW
CreateRectRgnIndirect
CreatePenIndirect
CombineRgn
SetTextColor
CreateSolidBrush
CreatePatternBrush
GetObjectA
CreateRoundRectRgn
SetWindowOrgEx
GetTextMetricsW
SaveDC
RestoreDC
Rectangle
GetStockObject
CreatePen
CreateFontIndirectW
CreateCompatibleBitmap
BitBlt
CreateDCW
GetDIBits
SelectObject
CreateDIBSection
CreateCompatibleDC
DeleteDC
SetBkMode
GetObjectW
DeleteObject
GdiFlush
SetStretchBltMode
GetDeviceCaps
SHGetFolderPathW
CommandLineToArgvW
SHFileOperationW
Shell_NotifyIconW
ShellExecuteA
SHCreateItemFromParsingName
SHGetSpecialFolderPathW
ShellExecuteW
SHGetKnownFolderPath
VariantInit
SysStringLen
VariantChangeType
SysFreeString
VariantClear
SysAllocString
GetOpenFileNameW
CreateBrowser
WebNaviage
WebExecuteScript
WebReload
WebNaviageAndExecuteScript
ConstructionEnv
WebStop
GdipDrawImageRectRect
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipRotateWorldTransform
GdipGetImageWidth
GdipTranslateWorldTransform
GdipDeleteBrush
GdipSetSmoothingMode
GdipCreateSolidFill
GdiplusShutdown
GdipCreatePen2
GdipDrawArc
GdipDeletePen
GdipReleaseDC
GdipCloneImage
GdipSetStringFormatTrimming
GdipDrawLineI
GdiplusStartup
GdipAlloc
GdipGetDC
GdipDisposeImage
GdipSetClipRectI
GdipFree
GdipCreateFromHDC
GdipCreateLineBrushI
GdipSetCompositingQuality
GdipSetPixelOffsetMode
GdipSetTextRenderingHint
GdipSetInterpolationMode
GdipSetStringFormatFlags
GdipDrawImage
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipDrawImageRectI
GdipGetImageHeight
GdipDeleteFontFamily
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipGetFamily
GdipDrawString
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipCreateBitmapFromScan0
GdipDrawImageI
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipCreatePen1
GdipDrawRectangleI
GdipDrawImageRectRectI
GdipCloneBrush
GdipMeasureString
GdipStringFormatGetGenericTypographic
GdipCloneStringFormat
GdipGraphicsClear
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
InternetSetOptionW
InternetQueryOptionW
GetIpForwardTable2
NotifyIpInterfaceChange
SetIpInterfaceEntry
GetIpInterfaceEntry
GetAdaptersAddresses
CancelMibChangeNotify2
InitializeIpInterfaceEntry
NotifyRouteChange2
GetUnicastIpAddressTable
InitializeIpForwardEntry
NotifyUnicastIpAddressChange
GetInterfaceInfo
GetAdaptersInfo
GetBestInterface
GetIfTable
IpReleaseAddress
IpRenewAddress
CreateIpForwardEntry
DeleteIpForwardEntry
SetIpForwardEntry
DeleteIpForwardEntry2
CreateIpForwardEntry2
ConvertInterfaceLuidToNameA
FreeMibTable
GetIpInterfaceTable
GetTcpTable
Netbios
timeGetTime
timeBeginPeriod
timeSetEvent
timeKillEvent
timeEndPeriod
UuidToStringA
RpcStringFreeA
UuidCreate
FwpmFilterDeleteById0
FwpmFilterEnum0
FwpmEngineClose0
FwpmFilterAdd0
FwpmProviderContextAdd1
FwpmCalloutAdd0
FwpmCalloutDestroyEnumHandle0
FwpmTransactionAbort0
FwpmProviderContextEnum1
FwpmFilterCreateEnumHandle0
FwpmCalloutDeleteByKey0
FwpmFilterDeleteByKey0
FwpmTransactionBegin0
FwpmProviderDeleteByKey0
FwpmCalloutEnum0
FwpmProviderContextDestroyEnumHandle0
FwpmEngineOpen0
FwpmFilterDestroyEnumHandle0
FwpmSubLayerDeleteByKey0
FwpmProviderContextCreateEnumHandle0
FwpmGetAppIdFromFileName0
FwpmProviderAdd0
FwpmProviderGetByKey0
FwpmTransactionCommit0
FwpmCalloutCreateEnumHandle0
FwpmProviderContextDeleteByKey0
FwpmSubLayerAdd0
FwpmSubLayerGetByKey0
FwpmFreeMemory0
win_sparkle_init
win_sparkle_set_did_find_update_callback
win_sparkle_set_automatic_check_for_updates
win_sparkle_set_http_header
win_sparkle_set_langid
win_sparkle_cleanup
win_sparkle_set_appcast_url
win_sparkle_check_update_with_ui
?size@Animation@rlottie@@QBEXAAI0@Z
??0Surface@rlottie@@QAE@PAIIII@Z
?loadFromData@Animation@rlottie@@SA?AV?$unique_ptr@VAnimation@rlottie@@U?$default_delete@VAnimation@rlottie@@@std@@@std@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@ABV54@1_N@Z
?totalFrame@Animation@rlottie@@QBEIXZ
lottie_animation_stop
?duration@Animation@rlottie@@QBENXZ
?renderSync@Animation@rlottie@@QAEXIVSurface@2@_N@Z
??1Animation@rlottie@@QAE@XZ
MprConfigServerConnect
MprConfigGetFriendlyName
SetupDiEnumDeviceInfo
CM_Get_DevNode_Status
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
RasHangUpW
RasSetEntryPropertiesW
RasEnumConnectionsW
RasDeleteEntryW
RasGetErrorStringW
RasGetEntryPropertiesW
RasValidateEntryNameW
RasDialW
ord17
_TrackMouseEvent
ImmSetCompositionFontW
ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ