2369a696144ee8ca7610d80c74ebf0a0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2369a696144ee8ca7610d80c74ebf0a0_JaffaCakes118
Size

1.0MB
MD5

2369a696144ee8ca7610d80c74ebf0a0
SHA1

80a1952a7c78eedd09b20d6983f4a5a3f39635fa
SHA256

18fd86498247b16d4f32770670545498c9018240c8f04675863066c2979ffa0e
SHA512

bbdc4cf6d50ff145fc399de3971ab8e62141b650441e992b0095dec46e35df8a96f5dbe5909be3bfe0fcc242f3f53c48b96e4af8613c5ba7316e69c85809ce24
SSDEEP

24576:I3jMgfSWBVNAATiMnvoAqatxhciFq5PaJNRx3l/:qMgfrVyATtQAqOxhckai3RVl/

Score

3^/10

Malware Config

Signatures

Unsigned PE 14 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Tradememo/Tradememo_0_93/Tradememo.exe
unpack001/Tradememo/Tradememo_0_93/ext/ana_data.exe
unpack001/Tradememo/Tradememo_0_93/ext/auto_login.exe
unpack001/Tradememo/Tradememo_0_93/ext/auto_valid.exe
unpack001/Tradememo/Tradememo_0_93/ext/check_login.exe
unpack001/Tradememo/Tradememo_0_93/ext/data_list.exe
unpack001/Tradememo/Tradememo_0_93/ext/file_exists.exe
unpack001/Tradememo/Tradememo_0_93/ext/file_size.exe
unpack001/Tradememo/Tradememo_0_93/ext/get_file_contents.exe
unpack001/Tradememo/Tradememo_0_93/ext/get_user.exe
unpack001/Tradememo/Tradememo_0_93/ext/html_filter.exe
unpack001/Tradememo/Tradememo_0_93/ext/put_file_contents.exe
unpack001/Tradememo/Tradememo_0_93/ext/set_user.exe
unpack001/Tradememo/Tradememo_0_93/ext/unlink.exe

Files

2369a696144ee8ca7610d80c74ebf0a0_JaffaCakes118
.rar
Tradememo/Tradememo_0_93/Tradememo.exe
.exe windows:5 windows x86 arch:x86

602243954c2ac991ec8655aa3b4e58b8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetCurrentDirectoryA
WideCharToMultiByte
lstrlenW
GetCurrentThreadId
CreateThread
SetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetProcAddress
GetModuleHandleA
InterlockedDecrement
GetLocalTime
lstrlenA
lstrcmpiA
InterlockedIncrement
GetModuleFileNameA
GetModuleHandleW
IsDBCSLeadByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
DeleteFileA
GetCommandLineA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
CreateFileW
CreateFileA
SetStdHandle
WriteConsoleW
LoadLibraryW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetLocaleInfoW
GetModuleFileNameW
IsValidCodePage
GetOEMCP
GetACP
SetFilePointer
ReadFile
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WriteFile
ExitProcess
CreateProcessA
WaitForSingleObject
CloseHandle
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
GetLastError
SetEndOfFile
RaiseException
GetFileType
GetStdHandle
SetHandleCount
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
HeapSize
HeapReAlloc
HeapCreate
GetCPInfo
LCMapStringW
GetStartupInfoW
HeapSetInformation
VirtualQuery
GetSystemInfo
VirtualProtect
RtlUnwind
DecodePointer
EncodePointer
InitializeCriticalSection
InterlockedCompareExchange
InterlockedPushEntrySList
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InterlockedPopEntrySList
LocalFree
Sleep
IsDebuggerPresent

user32

SetCursor
GetWindowLongA
GetClientRect
UnregisterClassA
ShowWindow
MessageBoxA
SendMessageA
SetWindowPos
MapWindowPoints
GetMonitorInfoA
LoadAcceleratorsA
TranslateAcceleratorA
GetMessageA
CallWindowProcA
PostThreadMessageA
CharNextW
CharNextA
SystemParametersInfoA
LoadIconA
CreateWindowExA
RegisterClassExA
DefWindowProcA
MonitorFromWindow
PeekMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
DestroyWindow
LoadCursorA
GetClassInfoExA
GetParent
GetWindow
GetWindowRect
SetWindowLongA

advapi32

RegEnumKeyExA
RegQueryInfoKeyW
RegSetValueExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryInfoKeyA

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
CoSuspendClassObjects
StringFromGUID2
CoUninitialize
CoInitialize

oleaut32

LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysStringLen
SysAllocStringLen
VariantClear
VariantInit
SysFreeString
SysAllocString
VarBstrCmp

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Tradememo/Tradememo_0_93/doc/FusionCharts/FCF_Bar2D.swf
Tradememo/Tradememo_0_93/doc/FusionCharts/FCF_MSColumn2DLineDY.swf
Tradememo/Tradememo_0_93/doc/FusionCharts/FusionCharts.js
.js
Tradememo/Tradememo_0_93/doc/about.jpg
.jpg
Tradememo/Tradememo_0_93/doc/css/inner_table.css
Tradememo/Tradememo_0_93/doc/css/jmodal.css
Tradememo/Tradememo_0_93/doc/css/page_style.css
Tradememo/Tradememo_0_93/doc/css/simpledatepicker.css
Tradememo/Tradememo_0_93/doc/css/theme/images/ui-bg_flat_0_aaaaaa_40x100.png
.png
Tradememo/Tradememo_0_93/doc/css/theme/images/ui-bg_flat_55_fbec88_40x100.png
.png
Tradememo/Tradememo_0_93/doc/css/theme/images/ui-bg_glass_75_d0e5f5_1x400.png
.png
Tradememo/Tradememo_0_93/doc/css/theme/images/ui-bg_glass_95_fef1ec_1x400.png
.png
Tradememo/Tradememo_0_93/doc/css/theme/images/ui-bg_gloss-wave_55_5c9ccc_500x100.png
.png
Tradememo/Tradememo_0_93/doc/css/theme/images/ui-bg_gloss-wave_75_d0e5f5_500x100.png
.png
Tradememo/Tradememo_0_93/doc/css/theme/images/ui-bg_inset-hard_100_fcfdfd_1x100.png
.png
Tradememo/Tradememo_0_93/doc/css/theme/images/ui-bg_inset-hard_55_5c9ccc_1x100.png
.png
Tradememo/Tradememo_0_93/doc/css/theme/images/ui-icons_217bc0_256x240.png
.png
Tradememo/Tradememo_0_93/doc/css/theme/images/ui-icons_2e83ff_256x240.png
.png
Tradememo/Tradememo_0_93/doc/css/theme/images/ui-icons_469bdd_256x240.png
.png
Tradememo/Tradememo_0_93/doc/css/theme/images/ui-icons_cd0a0a_256x240.png
.png
Tradememo/Tradememo_0_93/doc/css/theme/images/ui-icons_d8e7f3_256x240.png
.png
Tradememo/Tradememo_0_93/doc/css/theme/jquery-ui-1.8.1.custom.css
Tradememo/Tradememo_0_93/doc/css/theme/jquery.ui.accordion.css
Tradememo/Tradememo_0_93/doc/css/theme/jquery.ui.all.css
Tradememo/Tradememo_0_93/doc/css/theme/jquery.ui.autocomplete.css
Tradememo/Tradememo_0_93/doc/css/theme/jquery.ui.base.css
Tradememo/Tradememo_0_93/doc/css/theme/jquery.ui.button.css
Tradememo/Tradememo_0_93/doc/css/theme/jquery.ui.core.css
Tradememo/Tradememo_0_93/doc/css/theme/jquery.ui.datepicker.css
Tradememo/Tradememo_0_93/doc/css/theme/jquery.ui.dialog.css
Tradememo/Tradememo_0_93/doc/css/theme/jquery.ui.progressbar.css
Tradememo/Tradememo_0_93/doc/css/theme/jquery.ui.resizable.css
Tradememo/Tradememo_0_93/doc/css/theme/jquery.ui.slider.css
Tradememo/Tradememo_0_93/doc/css/theme/jquery.ui.tabs.css
Tradememo/Tradememo_0_93/doc/css/theme/jquery.ui.theme.css
Tradememo/Tradememo_0_93/doc/help/初始设置.PNG
.png
Tradememo/Tradememo_0_93/doc/help/基本情况.PNG
.png
Tradememo/Tradememo_0_93/doc/help/平仓盈亏-品种.PNG
.png
Tradememo/Tradememo_0_93/doc/help/平仓盈亏-时间.PNG
.png
Tradememo/Tradememo_0_93/doc/help/数据统计.PNG
.png
Tradememo/Tradememo_0_93/doc/help/界面预览.png
.png
Tradememo/Tradememo_0_93/doc/help/菜单修订.png
.png
Tradememo/Tradememo_0_93/doc/help/账单下载.PNG
.png
Tradememo/Tradememo_0_93/doc/lib/jquery-1.4.2.min.js
.js
Tradememo/Tradememo_0_93/doc/lib/jquery-ui-1.8.custom.min.js
.js
Tradememo/Tradememo_0_93/doc/lib/jquery.jmodal.js
.js
Tradememo/Tradememo_0_93/ext/ana_data.exe
.exe windows:5 windows x86 arch:x86

f61307d4579da6f18105c58684b7a6b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\atlbrowser\ReleaseMinDependency\ext\ana_data.pdb

Imports

kernel32

ExitProcess
SetEndOfFile
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
GetStringTypeW
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
GetCPInfo
GetCommandLineA
HeapSetInformation
RaiseException
RtlUnwind
HeapAlloc
LCMapStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
IsProcessorFeaturePresent
HeapCreate
GetProcAddress
GetModuleHandleW
GetProcessHeap
ReadFile
SetFilePointer
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
CloseHandle
GetLocaleInfoW
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
HeapReAlloc
LoadLibraryW
SetStdHandle
WriteConsoleW
CreateFileA
CreateFileW

Sections

.text
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tradememo/Tradememo_0_93/ext/auto_login.exe
.exe windows:5 windows x86 arch:x86

ecb46af8a0681f5d2963816218e56e6c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
InitializeCriticalSection
DeleteCriticalSection
InterlockedDecrement
GetProcAddress
GetModuleHandleA
lstrlenA
lstrcmpiA
InterlockedIncrement
GetModuleFileNameA
GetModuleHandleW
IsDBCSLeadByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetCommandLineA
CloseHandle
WaitForSingleObject
CreateProcessA
GetStartupInfoA
GetCurrentDirectoryA
TlsGetValue
HeapSize
HeapReAlloc
SetLastError
SetEndOfFile
CreateFileW
CreateFileA
GetLocaleInfoW
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
InitializeCriticalSectionAndSpinCount
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
GetOEMCP
GetACP
lstrlenW
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
GetLastError
RaiseException
ExitProcess
SetFilePointer
ReadFile
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WriteFile
GetFileType
GetStdHandle
SetHandleCount
HeapCreate
GetCPInfo
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
VirtualQuery
GetSystemInfo
VirtualProtect
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
TlsFree
TlsSetValue
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
TlsAlloc

user32

CharNextA
SetWindowLongA
GetWindowLongA
GetClientRect
UnregisterClassA
ShowWindow
MessageBoxA
SetWindowPos
MapWindowPoints
GetMonitorInfoA
CreateDialogParamA
SetWindowTextA
GetDlgItem
UpdateWindow
SendMessageA
DestroyWindow
GetMessageA
TranslateMessage
DispatchMessageA
CallWindowProcA
PostThreadMessageA
MonitorFromWindow
CharNextW
GetDC
InvalidateRect
GetDesktopWindow
CreateWindowExA
RegisterClassExA
PostQuitMessage
DefWindowProcA
LoadCursorA
GetClassInfoExA
GetParent
GetWindow
GetWindowRect

gdi32

GetPixel

advapi32

RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
CoSuspendClassObjects
StringFromGUID2
CoUninitialize
CoInitialize

oleaut32

VarBstrCmp
SysStringByteLen
SysAllocStringByteLen
VarBstrCat
LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SysAllocStringLen
VariantClear
VariantInit
SysFreeString

shlwapi

PathFileExistsA

Sections

.text
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Tradememo/Tradememo_0_93/ext/auto_valid.exe
.exe windows:5 windows x86 arch:x86

deecf672d2768558fcf2234b089759ea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\atlbrowser\ReleaseMinDependency\ext\auto_valid.pdb

Imports

kernel32

DeleteFileA
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
GetCommandLineA
HeapSetInformation
RaiseException
RtlUnwind
HeapAlloc
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
GetCPInfo
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
IsProcessorFeaturePresent
HeapCreate
GetProcAddress
GetModuleHandleW
ExitProcess
ReadFile
SetFilePointer
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CloseHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoW
HeapSize
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
HeapReAlloc
LoadLibraryW
SetStdHandle
WriteConsoleW
CreateFileA
CreateFileW
SetEndOfFile
GetProcessHeap

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tradememo/Tradememo_0_93/ext/check_login.exe
.exe windows:5 windows x86 arch:x86

a414b543e6c5494881f1387155024abc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
InterlockedDecrement
GetProcAddress
GetModuleHandleA
lstrlenA
lstrcmpiA
InterlockedIncrement
GetModuleFileNameA
GetModuleHandleW
IsDBCSLeadByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetCommandLineA
TlsAlloc
TlsGetValue
HeapSize
SetEndOfFile
SetLastError
lstrlenW
CreateFileA
GetLocaleInfoW
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
InitializeCriticalSectionAndSpinCount
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
ExitProcess
IsValidCodePage
GetOEMCP
CreateFileW
GetCurrentThreadId
WideCharToMultiByte
RaiseException
MultiByteToWideChar
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
GetLastError
GetACP
CloseHandle
SetFilePointer
ReadFile
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WriteFile
GetFileType
GetStdHandle
SetHandleCount
HeapReAlloc
HeapCreate
GetCPInfo
LCMapStringW
LCMapStringA
GetStartupInfoA
GetSystemTimeAsFileTime
VirtualQuery
GetSystemInfo
VirtualProtect
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
TlsFree
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
Sleep
RtlUnwind
TlsSetValue

user32

CharNextA
SetWindowLongA
GetWindowLongA
GetClientRect
UnregisterClassA
ShowWindow
MessageBoxA
SetWindowPos
MapWindowPoints
GetMonitorInfoA
CreateDialogParamA
SetWindowTextA
GetDlgItem
UpdateWindow
DestroyWindow
GetMessageA
TranslateMessage
DispatchMessageA
CallWindowProcA
PostThreadMessageA
MonitorFromWindow
CharNextW
GetDC
InvalidateRect
GetDesktopWindow
CreateWindowExA
RegisterClassExA
PostQuitMessage
DefWindowProcA
LoadCursorA
GetClassInfoExA
GetParent
GetWindow
GetWindowRect

gdi32

GetPixel

advapi32

RegDeleteValueA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteKeyA

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
CoSuspendClassObjects
StringFromGUID2
CoUninitialize
CoInitialize

oleaut32

VarBstrCmp
LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SysAllocStringLen
VariantClear
VariantInit
SysFreeString

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Tradememo/Tradememo_0_93/ext/data_list.exe
.exe windows:5 windows x86 arch:x86

ab6caf095cfa4fdf9226c0960fcdd103

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\atlbrowser\ReleaseMinDependency\ext\data_list.pdb

Imports

kernel32

DeleteFileA
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
HeapSetInformation
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
Sleep
GetLastError
HeapFree
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
EncodePointer
GetFileAttributesA
CloseHandle
WriteFile
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapAlloc
HeapReAlloc
LoadLibraryW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
MultiByteToWideChar
ReadFile
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
CreateFileA
SetStdHandle
HeapSize
WriteConsoleW
SetFilePointer
IsProcessorFeaturePresent
CompareStringW
SetEnvironmentVariableA
LCMapStringW
GetStringTypeW
SetEndOfFile
GetProcessHeap
CreateFileW

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tradememo/Tradememo_0_93/ext/file_exists.exe
.exe windows:5 windows x86 arch:x86

eb7ccca504bea2479f1a76c096311367

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\atlbrowser\ReleaseMinDependency\ext\file_exists.pdb

Imports

shlwapi

PathFileExistsA

kernel32

InterlockedDecrement
GetCurrentDirectoryA
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
HeapSetInformation
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
Sleep
GetLastError
HeapFree
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
EncodePointer
WriteFile
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapAlloc
HeapReAlloc
LoadLibraryW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
MultiByteToWideChar
ReadFile
RtlUnwind
CloseHandle
CreateFileA
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
WriteConsoleW
SetStdHandle
IsProcessorFeaturePresent
SetEndOfFile
GetProcessHeap
LCMapStringW
GetStringTypeW
CreateFileW

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tradememo/Tradememo_0_93/ext/file_size.exe
.exe windows:5 windows x86 arch:x86

d2a34cfedd1ea967df4559491fa9ba32

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\atlbrowser\ReleaseMinDependency\ext\file_size.pdb

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
HeapSetInformation
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
Sleep
GetLastError
HeapFree
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
EncodePointer
RtlUnwind
SetFilePointer
CloseHandle
WriteFile
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapAlloc
HeapReAlloc
LoadLibraryW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
MultiByteToWideChar
ReadFile
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
CreateFileA
SetStdHandle
HeapSize
WriteConsoleW
IsProcessorFeaturePresent
LCMapStringW
GetStringTypeW
SetEndOfFile
GetProcessHeap
CreateFileW

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tradememo/Tradememo_0_93/ext/get_file_contents.exe
.exe windows:5 windows x86 arch:x86

70cb42baeacc9c82aa26332687453974

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\atlbrowser\ReleaseMinDependency\ext\get_file_contents.pdb

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
HeapSetInformation
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
Sleep
GetLastError
HeapFree
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
EncodePointer
WriteFile
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapAlloc
HeapReAlloc
LoadLibraryW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
MultiByteToWideChar
ReadFile
RtlUnwind
CloseHandle
CreateFileA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
WriteConsoleW
SetFilePointer
SetStdHandle
IsProcessorFeaturePresent
SetEndOfFile
GetProcessHeap
LCMapStringW
GetStringTypeW
CreateFileW

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tradememo/Tradememo_0_93/ext/get_user.exe
.exe windows:5 windows x86 arch:x86

c467f4e555417557a96b661030a83198

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\atlbrowser\ReleaseMinDependency\ext\get_user.pdb

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
HeapSetInformation
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
Sleep
GetLastError
HeapFree
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
EncodePointer
WriteFile
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapAlloc
HeapReAlloc
LoadLibraryW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
MultiByteToWideChar
ReadFile
RtlUnwind
CloseHandle
CreateFileA
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
WriteConsoleW
SetStdHandle
IsProcessorFeaturePresent
SetEndOfFile
GetProcessHeap
LCMapStringW
GetStringTypeW
CreateFileW

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tradememo/Tradememo_0_93/ext/html_filter.exe
.exe windows:5 windows x86 arch:x86

fd2dcf5099a916eb85161402651003f7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\html_filter\Release\html_filter.pdb

Imports

kernel32

DeleteFileA
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
Sleep
HeapFree
ExitProcess
CloseHandle
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
RtlUnwind
HeapAlloc
HeapReAlloc
VirtualAlloc
LoadLibraryA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CreateFileA
SetStdHandle
HeapSize
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetFilePointer
SetEndOfFile
GetProcessHeap
ReadFile

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tradememo/Tradememo_0_93/ext/put_file_contents.exe
.exe windows:5 windows x86 arch:x86

000b099a55f3b965fd77e368963dcb61

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\atlbrowser\ReleaseMinDependency\ext\put_file_contents.pdb

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
HeapSetInformation
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
Sleep
GetLastError
HeapFree
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
HeapAlloc
HeapReAlloc
LoadLibraryW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CloseHandle
CreateFileA
IsProcessorFeaturePresent
LCMapStringW
GetStringTypeW
ReadFile
HeapSize
WriteConsoleW
SetFilePointer
SetStdHandle
SetEndOfFile
GetProcessHeap
CreateFileW

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tradememo/Tradememo_0_93/ext/set_user.exe
.exe windows:5 windows x86 arch:x86

a6a729a359679ed3d5d9e549c51974a9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\atlbrowser\ReleaseMinDependency\ext\set_user.pdb

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
HeapSetInformation
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
Sleep
GetLastError
HeapFree
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
HeapAlloc
HeapReAlloc
LoadLibraryW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CloseHandle
CreateFileA
SetFilePointer
IsProcessorFeaturePresent
LCMapStringW
GetStringTypeW
ReadFile
HeapSize
WriteConsoleW
SetStdHandle
SetEndOfFile
GetProcessHeap
CreateFileW

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tradememo/Tradememo_0_93/ext/unlink.exe
.exe windows:5 windows x86 arch:x86

b201911639e9e70a9ee2815a6be5be1e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\atlbrowser\ReleaseMinDependency\ext\unlink.pdb

Imports

kernel32

DeleteFileA
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
HeapSetInformation
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
Sleep
GetLastError
HeapFree
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
EncodePointer
WriteFile
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapAlloc
HeapReAlloc
LoadLibraryW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
MultiByteToWideChar
ReadFile
RtlUnwind
CloseHandle
CreateFileA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
WriteConsoleW
SetFilePointer
SetStdHandle
IsProcessorFeaturePresent
SetEndOfFile
GetProcessHeap
LCMapStringW
GetStringTypeW
CreateFileW

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tradememo/支持本站.reg

Sharing

General

Malware Config

Signatures

Files

602243954c2ac991ec8655aa3b4e58b8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 121KB - Virtual size: 121KB

.rdata Size: 110KB - Virtual size: 109KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 30KB - Virtual size: 29KB

f61307d4579da6f18105c58684b7a6b1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Sections

.text Size: 190KB - Virtual size: 190KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 7KB - Virtual size: 23KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 12KB - Virtual size: 12KB

ecb46af8a0681f5d2963816218e56e6c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

shlwapi

Sections

.text Size: 142KB - Virtual size: 142KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 3KB - Virtual size: 3KB

deecf672d2768558fcf2234b089759ea

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Sections

.text Size: 85KB - Virtual size: 84KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 5KB - Virtual size: 12KB

.reloc Size: 7KB - Virtual size: 7KB

a414b543e6c5494881f1387155024abc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 124KB - Virtual size: 123KB

.rdata Size: 33KB - Virtual size: 33KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 3KB - Virtual size: 3KB

ab6caf095cfa4fdf9226c0960fcdd103

Headers

.text
Size: 121KB - Virtual size: 121KB

.rdata
Size: 110KB - Virtual size: 109KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 30KB - Virtual size: 29KB

.text
Size: 190KB - Virtual size: 190KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 7KB - Virtual size: 23KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 12KB - Virtual size: 12KB

.text
Size: 142KB - Virtual size: 142KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 3KB - Virtual size: 3KB

.text
Size: 85KB - Virtual size: 84KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 5KB - Virtual size: 12KB

.reloc
Size: 7KB - Virtual size: 7KB

.text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 33KB - Virtual size: 33KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 3KB - Virtual size: 3KB

.text
Size: 43KB - Virtual size: 42KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 3KB - Virtual size: 3KB

.text
Size: 33KB - Virtual size: 32KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 3KB - Virtual size: 2KB

.text
Size: 37KB - Virtual size: 37KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 3KB - Virtual size: 3KB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 3KB - Virtual size: 2KB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 3KB - Virtual size: 2KB