53e8aef7fecc2ce5921a730c58941532_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

53e8aef7fecc2ce5921a730c58941532_JaffaCakes118
Size

5.8MB
MD5

53e8aef7fecc2ce5921a730c58941532
SHA1

1c3bab5f783f897c4297ea55be97b583dd86878f
SHA256

4f5c33b54a841bae7acb0e8216de5120a5b068ac60cfd158eca260d1f83cf067
SHA512

51ada2e1c38412874e6a283db36a74f25bab08f007996d4c290aeeb41397bb67ab8c21d1c519dcd7f3942fae2f31e996069f24a8e2f13eba2c1661f3fbfe74b4
SSDEEP

98304:mcWduY6v2hONLQc4+8o7O+JPu0jMH6pLTYsfR9F/gwOh40wLZAQlaUCEIIGS:mcWdL6vWORQcp81+Rv7BTnNo8FLSQlU+

Score

3^/10

Malware Config

Signatures

Unsigned PE 11 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/1408_cn_V8.3.0.0/1408_cn_8.3.0.0/DVP/Net Player.exe
unpack001/1408_cn_V8.3.0.0/1408_cn_8.3.0.0/DVR Player.exe
unpack001/1408_cn_V8.3.0.0/1408_cn_8.3.0.0/DVR/DVR.exe
unpack001/1408_cn_V8.3.0.0/1408_cn_8.3.0.0/DVR/encode.exe
unpack001/1408_cn_V8.3.0.0/1408_cn_8.3.0.0/DVR/webview.dll
unpack001/1408_cn_V8.3.0.0/1408_cn_8.3.0.0/DVR/webview.exe
unpack001/1408_cn_V8.3.0.0/1408_cn_8.3.0.0/InstallDrivers.exe
unpack001/1408_cn_V8.3.0.0/1408_cn_8.3.0.0/Setup.exe
unpack001/1408_cn_V8.3.0.0/1408_cn_8.3.0.0/driver/cx25820.sys
unpack001/1408_cn_V8.3.0.0/1408_cn_8.3.0.0/foo.exe
unpack001/1408_cn_V8.3.0.0/1408_cn_8.3.0.0/merger.exe

Files

53e8aef7fecc2ce5921a730c58941532_JaffaCakes118
.rar
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/AUTORUN.INF
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/DVP/Net Player.exe
.exe windows:4 windows x86 arch:x86

23042d7c6ee4120f4b97a572e4863a2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

d3d9

Direct3DCreate9

winmm

waveOutClose
waveOutReset
waveOutPause
waveOutSetVolume
waveOutWrite
waveOutUnprepareHeader
waveOutOpen
waveOutPrepareHeader

ws2_32

socket
inet_addr
gethostbyname
connect
recv
closesocket
WSACleanup
WSAStartup
htons
send

comctl32

ImageList_Create
ImageList_Add
InitCommonControlsEx

kernel32

GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetSystemTime
GetDriveTypeA
GetDiskFreeSpaceExA
ReadFile
CreateFileA
ResetEvent
WaitForSingleObject
LocalFree
LocalAlloc
lstrlenA
CreateDirectoryA
FindClose
FindFirstFileA
SwitchToThread
InterlockedIncrement
SetEvent
OutputDebugStringA
InterlockedDecrement
GetLocalTime
VirtualFree
VirtualAlloc
WideCharToMultiByte
GetVersionExA
LoadLibraryA
GetProcAddress
GetModuleHandleA
GetSystemInfo
IsProcessorFeaturePresent
GetLastError
CreateEventA
HeapAlloc
HeapFree
RaiseException
IsBadWritePtr
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
HeapSize
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetCurrentProcess
TerminateProcess
HeapReAlloc
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
RtlUnwind
CreateThread
InitializeCriticalSection
SetFilePointer
WriteFile
GetCPInfo
DeleteCriticalSection
EnterCriticalSection
TerminateThread
LeaveCriticalSection
CloseHandle
Sleep
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
SetStdHandle
FlushFileBuffers

user32

DrawTextW
GetSystemMetrics
CreateDialogParamA
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
EnumDisplaySettingsA
LoadImageA
LoadMenuA
SetWindowTextA
GetScrollRange
SetScrollPos
CheckMenuRadioItem
PostQuitMessage
DialogBoxParamA
GetWindowRect
wsprintfA
GetCursorPos
CreatePopupMenu
TrackPopupMenu
EnableMenuItem
TrackPopupMenuEx
GetSubMenu
DefWindowProcA
EndDialog
KillTimer
DestroyMenu
ReleaseCapture
ReleaseDC
SetCapture
GetDlgItem
InsertMenuItemA
DeleteMenu
CheckMenuItem
LoadStringA
MessageBoxA
LoadBitmapA
GetMenuState
SendMessageA
InvalidateRect
BeginPaint
EndPaint
DrawTextA
FillRect
GetDC
GetClientRect
ShowScrollBar
GetScrollInfo
SetScrollInfo
LoadCursorA
RegisterClassExA
CreateWindowExA
SetWindowPos
ShowWindow
UpdateWindow
DestroyWindow
SetTimer
EnableWindow

gdi32

CreateCompatibleDC
Polyline
CreateFontA
Ellipse
SetTextColor
DeleteDC
CreatePen
GetObjectA
CreatePatternBrush
SetROP2
EndPage
StretchDIBits
SetStretchBltMode
StartPage
CreateSolidBrush
GetStockObject
StretchBlt
DeleteObject
StartDocA
CreateBitmap
SetBkMode
CreateFontIndirectA
CreateDIBSection
LineTo
MoveToEx
EndDoc
SelectObject
SetBkColor

comdlg32

GetOpenFileNameA
PrintDlgA
GetSaveFileNameA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyA

Sections

.text
Size: 396KB - Virtual size: 395KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 44KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rrodata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/DVP/dvrnet.ini
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/DVR Player.exe
.exe windows:4 windows x86 arch:x86

9a63fc3c3ac5c152db685ead58774550

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

d3d9

Direct3DCreate9

winmm

waveOutUnprepareHeader
waveOutClose
waveOutReset
waveOutPrepareHeader
waveOutOpen
waveOutWrite

comctl32

InitCommonControlsEx
ord6
CreateToolbarEx

kernel32

CreateThread
ReadFile
CreateFileA
CloseHandle
DeleteCriticalSection
LocalFree
LocalAlloc
SetFilePointer
WriteFile
GetPrivateProfileStringA
WinExec
InterlockedDecrement
InterlockedIncrement
RtlUnwind
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetSystemTime
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
EnterCriticalSection
GetProcAddress
WideCharToMultiByte
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
LeaveCriticalSection
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
InitializeCriticalSection
Sleep
lstrlenA
GetModuleFileNameA
GetLastError
MultiByteToWideChar

user32

EnableMenuItem
PostQuitMessage
DialogBoxParamA
SetCursor
LoadCursorA
GetDlgItem
SendMessageA
LoadBitmapA
GetDC
SetWindowPos
CreateWindowExA
SetClassLongA
wsprintfA
RegisterClassExA
GetClientRect
SetMenu
LoadMenuA
MoveWindow
GetWindowRect
SetTimer
KillTimer
CheckMenuRadioItem
CheckMenuItem
SetScrollPos
GetScrollRange
EndDialog
DefWindowProcA
EnumDisplaySettingsA
MessageBoxA
CreateDialogParamA
ShowWindow
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
DestroyWindow
LoadStringA

gdi32

StartDocA
StretchBlt
DeleteObject
CreateCompatibleDC
CreateSolidBrush
EndPage
StretchDIBits
SetStretchBltMode
StartPage
DeleteDC
EndDoc

comdlg32

GetSaveFileNameA
PrintDlgA
GetOpenFileNameA

advapi32

RegSetValueA
RegQueryValueA

shell32

DragFinish
DragQueryFileA
ExtractIconA

Sections

.text
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 396KB - Virtual size: 395KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rrodata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/DVR.ico
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/DVR/DVR.exe
.exe windows:4 windows x86 arch:x86

a482ec6e6d3de6c8178f77f11bfe8267

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
CloseHandle
GetLastError
CreateProcessA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rrdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/DVR/Logo.bmp
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/DVR/Warning.wav
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/DVR/default.htm
.html
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/DVR/dvr.ini
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/DVR/dvr_caption.ini
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/DVR/encode.exe
.exe windows:4 windows x86 arch:x86

dcf0a08907902a786e91059de62f1214

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsDirectoryA

d3d9

Direct3DCreate9

winmm

waveOutClose
timeGetTime
timeBeginPeriod
waveOutWrite
waveOutReset
timeEndPeriod
PlaySoundA

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList

ws2_32

listen
accept
bind
htons
htonl
gethostname
recv
WSAGetLastError
send
closesocket
socket
connect
inet_addr
WSACleanup
WSAStartup

comctl32

InitCommonControlsEx
PropertySheetA

kernel32

GetPrivateProfileIntA
GetLocalTime
WritePrivateProfileStringA
MultiByteToWideChar
DeleteFileA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcess
SetCommMask
CreateEventA
Sleep
SetFileAttributesA
GetOverlappedResult
WriteFile
ClearCommError
SetCommState
GetCommState
SetupComm
GetCommProperties
CreateDirectoryA
GetDiskFreeSpaceExA
GetDriveTypeA
FindClose
FindFirstFileA
TerminateProcess
TerminateThread
GetExitCodeThread
Beep
SetFilePointer
VirtualAlloc
VirtualFree
LocalFree
LocalAlloc
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
CreateProcessA
WaitForSingleObject
DeviceIoControl
InterlockedExchange
InterlockedDecrement
CreateThread
LoadLibraryA
RemoveDirectoryA
FindNextFileA
FormatMessageA
WaitCommEvent
OutputDebugStringA
InterlockedIncrement
WaitForMultipleObjects
CompareStringA
GetTickCount
CreateMutexA
WideCharToMultiByte
GetVersionExA
GetModuleHandleA
GetSystemInfo
IsProcessorFeaturePresent
HeapAlloc
HeapFree
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapReAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
IsBadWritePtr
FlushFileBuffers
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RaiseException
GetCPInfo
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetExitCodeProcess
SetStdHandle
GetACP
GetOEMCP
SetEndOfFile
CompareStringW
SetEnvironmentVariableA
ReadFile
CloseHandle
CreateFileA
GetFileSize
GetFullPathNameA
GetFileAttributesA
GetPrivateProfileStringA
GetProcAddress
GetEnvironmentStrings

user32

CheckMenuItem
EndDialog
SetTimer
LoadImageA
DestroyMenu
KillTimer
InsertMenuItemA
DeleteMenu
GetSubMenu
LoadMenuA
TrackPopupMenu
GetWindowRect
InvalidateRect
DialogBoxParamA
DrawTextA
SetWindowLongA
GetWindowLongA
EndPaint
BeginPaint
DefWindowProcA
ScrollWindowEx
SetCapture
ReleaseCapture
SetCursor
LoadCursorA
CreatePopupMenu
SetWindowsHookExA
RegisterHotKey
PostQuitMessage
CallNextHookEx
PostMessageA
GetAsyncKeyState
UnhookWindowsHookEx
RegisterClassExA
DispatchMessageA
TranslateMessage
GetMessageA
CreateDialogParamA
GetSystemMetrics
DrawTextW
ReleaseDC
SetWindowPos
ShowScrollBar
GetScrollInfo
SetScrollInfo
UpdateWindow
GetParent
ExitWindowsEx
GetWindowTextA
LoadBitmapA
DestroyWindow
MessageBoxA
GetDlgItem
SetWindowTextA
SendMessageA
EnableWindow
GetClientRect
FillRect
CreateWindowExA
ShowWindow
GetDC

gdi32

LineTo
MoveToEx
SelectObject
SetROP2
GetBitmapBits
CreateSolidBrush
SetTextColor
SetBkColor
GetStockObject
CreateDIBSection
CreateFontIndirectA
Polyline
SetBkMode
TextOutA
CreateBrushIndirect
Rectangle
Ellipse
CreateFontA
CreateCompatibleDC
GetObjectA
DeleteObject
CreatePatternBrush
EndDoc
EndPage
StretchDIBits
SetStretchBltMode
StartPage
StartDocA
StretchBlt
CreatePen
DeleteDC

comdlg32

GetSaveFileNameA
PrintDlgA

advapi32

RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegOpenKeyA
RegCreateKeyExA
RegSetValueExA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc
ShellExecuteExA

ole32

CoInitialize
CoCreateInstance

Sections

.text
Size: 492KB - Virtual size: 488KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/DVR/logo70.bmp
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/DVR/logo71.bmp
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/DVR/novideo.bmp
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/DVR/unvisible.bmp
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/DVR/wait.bmp
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/DVR/webview.dll
.dll regsvr32 windows:4 windows x86 arch:x86

8f981dcd1366e7806b812822b1ab0d16

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

d3d9

Direct3DCreate9

winmm

waveOutPause
waveOutClose
waveOutReset
waveOutWrite
waveOutOpen
waveOutPrepareHeader
waveOutUnprepareHeader

comctl32

ImageList_Add
ImageList_Create

ws2_32

recv
closesocket
send
connect
htons
WSAStartup
socket
gethostbyname
inet_addr

kernel32

GetModuleHandleA
GetSystemInfo
IsProcessorFeaturePresent
GetLastError
HeapAlloc
HeapFree
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
GetProcAddress
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
TerminateProcess
ExitProcess
RtlUnwind
HeapReAlloc
GetVersion
GetCommandLineA
LoadLibraryA
GetVersionExA
WideCharToMultiByte
VirtualAlloc
VirtualFree
CreateEventA
GetDiskFreeSpaceExA
GetDriveTypeA
WritePrivateProfileStringA
GetPrivateProfileIntA
CreateThread
ReadFile
GetLocalTime
LocalAlloc
LocalFree
FindFirstFileA
FindClose
CreateDirectoryA
HeapDestroy
HeapCreate
GetEnvironmentStringsW
IsBadWritePtr
RaiseException
GetCPInfo
CreateFileA
SetFilePointer
WriteFile
TerminateThread
MultiByteToWideChar
CloseHandle
Sleep
GetPrivateProfileStringA
GetCurrentProcess
FlushInstructionCache
lstrlenA
lstrcpyA
lstrcatA
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DisableThreadLibraryCalls
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FlushFileBuffers
GetFileType

user32

ReleaseDC
FindWindowA
FindWindowExA
LoadImageA
LoadMenuA
GetSubMenu
SetClassLongA
PostMessageA
EnumDisplaySettingsA
EnableWindow
CheckMenuRadioItem
KillTimer
SetTimer
EnableMenuItem
TrackPopupMenuEx
GetCursorPos
EndDialog
GetActiveWindow
GetSystemMetrics
wsprintfA
DrawTextA
DrawTextW
LoadCursorA
DialogBoxParamA
FillRect
GetDC
CheckMenuItem
LoadBitmapA
GetDlgItem
InsertMenuItemA
DeleteMenu
SendMessageA
LoadStringA
MessageBoxA
CallWindowProcA
GetWindowLongA
SetWindowLongA
GetClassInfoExA
RegisterClassExA
CreateWindowExA
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
UnionRect
PtInRect
GetKeyState
GetParent
IsWindow
DestroyWindow
BeginPaint
GetClientRect
EndPaint
InvalidateRect
CreateDialogParamA
SetWindowPos
GetWindowRect
ShowWindow
GetFocus
IsChild
SetFocus
DefWindowProcA
TrackPopupMenu

gdi32

DeleteMetaFile
CreateRectRgnIndirect
GetDeviceCaps
LPtoDP
SaveDC
SetMapMode
SetTextColor
SetViewportOrgEx
DeleteDC
RestoreDC
MoveToEx
Polyline
CloseMetaFile
CreateFontIndirectA
SetBkColor
CreateDIBSection
SetBkMode
DeleteObject
StretchBlt
SetStretchBltMode
SelectObject
CreateBitmap
TextOutA
CreateSolidBrush
SetWindowExtEx
CreatePen
CreateMetaFileA
CreateCompatibleDC
GetStockObject
EndDoc
EndPage
StretchDIBits
StartPage
StartDocA
CreatePatternBrush
GetObjectA
SetWindowOrgEx
LineTo
SetROP2

comdlg32

PrintDlgA
GetOpenFileNameA
GetSaveFileNameA

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA

ole32

CoCreateFreeThreadedMarshaler
CoTaskMemFree
OleRegEnumVerbs
OleRegGetUserType
CreateOleAdviseHolder
OleRegGetMiscStatus
CreateDataAdviseHolder
CoTaskMemAlloc

oleaut32

VariantClear
SysStringLen
LoadRegTypeLi
SysFreeString
OleCreatePropertyFrame

atl

ord46
ord58
ord43
ord30
ord27
ord26
ord51
ord57
ord18
ord15
ord16
ord21
ord23
ord31
ord50
ord32
ord44

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 336KB - Virtual size: 333KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 228KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/DVR/webview.exe
.exe windows:4 windows x86 arch:x86

bc5ce990cf54f8d435a68eb97512f73e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
SetFileSecurityA
SetFileSecurityW

kernel32

CloseHandle
CompareStringA
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
DosDateTimeToFileTime
ExitProcess
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceA
FreeLibrary
GetCPInfo
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetDateFormatA
GetFileAttributesA
GetFileAttributesW
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetNumberFormatA
GetProcAddress
GetProcessHeap
GetStdHandle
GetTempPathA
GetTickCount
GetTimeFormatA
GetVersionExA
GlobalAlloc
HeapAlloc
HeapFree
HeapReAlloc
IsDBCSLeadByte
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
MoveFileExA
MultiByteToWideChar
ReadFile
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetLastError
Sleep
SystemTimeToFileTime
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpiA
lstrlenA

comctl32

ord17

comdlg32

CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA

gdi32

DeleteObject

shell32

SHBrowseForFolderA
SHChangeNotify
SHFileOperationA
SHGetFileInfoA
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA

user32

CharToOemA
CharToOemBuffA
CharUpperA
CopyRect
CreateWindowExA
DefWindowProcA
DestroyIcon
DestroyWindow
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
FindWindowExA
GetClassNameA
GetClientRect
GetDlgItem
GetDlgItemTextA
GetMessageA
GetParent
GetSysColor
GetSystemMetrics
GetWindow
GetWindowLongA
GetWindowRect
GetWindowTextA
IsWindow
IsWindowVisible
LoadBitmapA
LoadCursorA
LoadIconA
LoadStringA
MapWindowPoints
MessageBoxA
OemToCharA
OemToCharBuffA
PeekMessageA
PostMessageA
RegisterClassExA
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetFocus
SetMenu
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
TranslateMessage
UpdateWindow
WaitForInputIdle
wsprintfA
wvsprintfA

ole32

CLSIDFromString
CoCreateInstance
CreateStreamOnHGlobal
OleInitialize
OleUninitialize

Sections

.text
Size: 78KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/InstallDrivers.exe
.exe windows:4 windows x86 arch:x86

9a1bd1f4309351ac80c53eed29d25d36

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
LocalFree
FormatMessageA
GetLastError
lstrlenA
LocalAlloc
FindFirstFileA
GetModuleFileNameA
WideCharToMultiByte
FreeEnvironmentStringsW
CloseHandle
SetStdHandle
FlushFileBuffers
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
SetFilePointer
GetStringTypeW
GetStringTypeA
LCMapStringW
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCPInfo
GetACP
GetOEMCP
SetLastError
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
LCMapStringA
HeapCreate
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
VirtualFree
HeapFree
RtlUnwind
WriteFile
HeapAlloc
MultiByteToWideChar

user32

MessageBoxA

newdev

UpdateDriverForPlugAndPlayDevicesA

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetINFClassA
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoA
SetupDiSetDeviceRegistryPropertyA
SetupDiCallClassInstaller
SetupDiDestroyDeviceInfoList

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.srdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/Setup.exe
.exe windows:4 windows x86 arch:x86

8cb1edf12688652e8cf5f0c2c0eb778e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

d3d9

Direct3DCreate9

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerLanguageNameA

ddraw

DirectDrawCreateEx

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

newdev

UpdateDriverForPlugAndPlayDevicesA

kernel32

TlsFree
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
SetErrorMode
FileTimeToLocalFileTime
GetTickCount
RtlUnwind
RaiseException
GlobalHandle
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
TlsAlloc
GlobalFlags
GlobalAlloc
lstrcmpA
GetCurrentThread
GetThreadLocale
lstrcpynA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
DuplicateHandle
InterlockedIncrement
MulDiv
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GlobalLock
GlobalUnlock
GlobalFree
HeapFree
HeapAlloc
GetFullPathNameA
FindResourceA
SizeofResource
LoadResource
LockResource
GetFileSize
GetProfileStringA
WriteFile
IsProcessorFeaturePresent
GetSystemInfo
GetModuleHandleA
WideCharToMultiByte
VirtualAlloc
VirtualFree
FileTimeToSystemTime
GetSystemTime
SystemTimeToFileTime
CreateFileA
GetFileTime
SetFileTime
GetFileAttributesA
GetCurrentProcess
CloseHandle
CopyFileA
GetVersion
LoadLibraryA
GetProcAddress
FreeLibrary
GetVersionExA
lstrcmpiA
CreateProcessA
MultiByteToWideChar
FindClose
CreateDirectoryA
SetFileAttributesA
GetWindowsDirectoryA
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameA
FindFirstFileA
LocalAlloc
lstrlenA
GetLastError
FormatMessageA
LocalFree
SetLastError
WritePrivateProfileStringA
GetLogicalDrives
GetDiskFreeSpaceExA
GetSystemDirectoryA
Sleep

user32

PostThreadMessageA
PtInRect
DestroyMenu
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
InflateRect
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
CharUpperA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
MoveWindow
SetWindowTextA
IsDialogMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
RegisterClipboardFormatA
GetTopWindow
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
SetWindowPlacement
GetWindowTextLengthA
CopyAcceleratorTableA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
IsWindowEnabled
DrawTextW
ShowWindow
EnumDisplaySettingsA
GetWindowRect
IsIconic
GetSystemMetrics
DrawIcon
GetSystemMenu
MessageBeep
GetNextDlgGroupItem
SetRect
AppendMenuA
LoadCursorA
SetCursor
LoadIconA
ChangeDisplaySettingsA
GrayStringA
DrawTextA
TabbedTextOutA
RedrawWindow
IsWindow
GetSysColor
SetWindowLongA
ClientToScreen
MessageBoxA
GetDlgItem
LoadImageA
GetDesktopWindow
PostMessageA
LoadBitmapA
SendMessageA
LoadStringA
KillTimer
SetTimer
EnableWindow
IsChild
InvalidateRect
GetClassNameA
GetClientRect
ShowCaret
HideCaret
CharNextA
GetSysColorBrush
GetWindowTextA
UnregisterClassA
RegisterClassA

gdi32

ScaleViewportExtEx
GetViewportExtEx
GetWindowExtEx
PatBlt
DPtoLP
GetTextColor
GetBkColor
LPtoDP
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateCompatibleBitmap
CreateCompatibleDC
CreateRectRgn
BitBlt
CreateSolidBrush
GetPixel
SetPixel
CreatePalette
SetDIBitsToDevice
GetMapMode
IntersectClipRect
StretchDIBits
GetTextExtentPointA
CreateDIBitmap
GetObjectA
GetDIBits
RealizePalette
GetDeviceCaps
GetStockObject
SetMapMode
SetStretchBltMode
SelectPalette
RestoreDC
SaveDC
CreateBitmap
GetClipBox
CreateDIBSection
SetBkMode
SetBkColor
SetTextColor
SelectObject
DeleteDC
CreateFontIndirectA
DeleteObject
SetWindowOrgEx

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyA
RegOpenKeyExA

shell32

ShellExecuteA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA

comctl32

ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoTaskMemAlloc
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromProgID
CoInitialize
CoCreateInstance
CoRegisterMessageFilter
CoRevokeClassObject
CLSIDFromString
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemFree

olepro32

ord253

oleaut32

SysAllocStringByteLen
VariantChangeType
VariantCopy
VariantTimeToSystemTime
SysAllocStringLen
SysAllocString
SysFreeString
VariantClear
SysStringLen

Sections

.text
Size: 324KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.prdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/driver/cx25820.inf
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/driver/cx25820.sys
.sys windows:4 windows x86 arch:x86

d974a91a13df15604b99134a1a75ac39

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ExAllocatePoolWithTag
ExFreePool
IoDeleteDevice
IoRegisterDeviceInterface
IoAttachDeviceToDeviceStack
MmGetPhysicalAddress
KeInitializeDpc
IoCreateDevice
PoCallDriver
PoStartNextPowerIrp
IofCallDriver
IofCompleteRequest
KeQueryInterruptTime
InterlockedExchange
KeSetEvent
IoSetDeviceInterfaceState
IoConnectInterrupt
READ_REGISTER_ULONG
MmMapIoSpace
WRITE_REGISTER_ULONG
KeWaitForSingleObject
KeInitializeEvent
IoDisconnectInterrupt
MmUnmapIoSpace
RtlFreeUnicodeString
IoDetachDevice
IoStartNextPacket
IoStartPacket
InterlockedIncrement
MmMapLockedPages
KeInsertQueueDpc
InterlockedDecrement
KeDelayExecutionThread

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1024B - Virtual size: 890B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 378B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/foo.exe
.exe windows:4 windows x86 arch:x86

72d9fda7cc5f00aed1aa0508313dff66

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

d3d9

Direct3DCreate9

winmm

waveOutUnprepareHeader
waveOutWrite
waveOutPause
waveOutPrepareHeader
waveOutOpen
waveOutReset
waveOutClose

comctl32

ord6
InitCommonControlsEx
CreateToolbarEx

kernel32

CloseHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
CreateThread
LocalFree
LocalAlloc
WriteFile
CreateFileA
GetPrivateProfileStringA
WinExec
InterlockedDecrement
InterlockedIncrement
RtlUnwind
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetSystemTime
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
InitializeCriticalSection
GetProcAddress
WideCharToMultiByte
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
Sleep
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrlenA
GetLastError
SetFilePointer

user32

TranslateMessage
IsDialogMessageA
GetMessageA
SendMessageA
ShowWindow
CreateDialogParamA
MessageBoxA
EnumDisplaySettingsA
SetWindowTextA
PostQuitMessage
DialogBoxParamA
SetCursor
LoadCursorA
GetDlgItem
LoadBitmapA
GetDC
GetWindowRect
SetClassLongA
wsprintfA
MoveWindow
CreateWindowExA
GetClientRect
SetWindowPos
RegisterClassExA
SetTimer
KillTimer
SetScrollPos
GetScrollRange
EndDialog
DefWindowProcA
DestroyWindow
LoadStringA
DispatchMessageA

gdi32

StretchDIBits
EndPage
SetStretchBltMode
SelectObject
StretchBlt
DeleteDC
StartPage
StartDocA
EndDoc
CreateCompatibleDC
DeleteObject
CreateSolidBrush

comdlg32

GetSaveFileNameA
PrintDlgA

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orodata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/help.chm
.chm
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/merger.exe
.exe windows:4 windows x86 arch:x86

fa8871a4510113324ddf83b32ec9e95b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
ReadFile
GetFileSize
CreateFileA
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
GetStringTypeW

user32

FindWindowA
SendMessageA
MessageBoxA

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rrdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
1408_cn_V8.3.0.0/1408_cn_8.3.0.0/常见问题解决方法.doc
.doc windows office2003

Sharing

General

Malware Config

Signatures

Files

23042d7c6ee4120f4b97a572e4863a2d

Headers

File Characteristics

Imports

d3d9

winmm

ws2_32

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

Sections

.text Size: 396KB - Virtual size: 395KB

.rodata Size: 8KB - Virtual size: 5KB

.rdata Size: 76KB - Virtual size: 72KB

.data Size: 44KB - Virtual size: 2.0MB

.rsrc Size: 1.9MB - Virtual size: 1.9MB

.rrodata Size: 68KB - Virtual size: 68KB

9a63fc3c3ac5c152db685ead58774550

Headers

File Characteristics

Imports

d3d9

winmm

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 136KB - Virtual size: 133KB

.rodata Size: 8KB - Virtual size: 5KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 8KB - Virtual size: 218KB

.rsrc Size: 396KB - Virtual size: 395KB

.rrodata Size: 80KB - Virtual size: 80KB

a482ec6e6d3de6c8178f77f11bfe8267

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 12KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 3KB

.rrdata Size: 68KB - Virtual size: 68KB

dcf0a08907902a786e91059de62f1214

Headers

File Characteristics

Imports

shlwapi

d3d9

winmm

setupapi

ws2_32

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 492KB - Virtual size: 488KB

.rodata Size: 8KB - Virtual size: 5KB

.rdata Size: 76KB - Virtual size: 73KB

.data Size: 60KB - Virtual size: 331KB

.rsrc Size: 3.4MB - Virtual size: 3.4MB

8f981dcd1366e7806b812822b1ab0d16

.text
Size: 396KB - Virtual size: 395KB

.rodata
Size: 8KB - Virtual size: 5KB

.rdata
Size: 76KB - Virtual size: 72KB

.data
Size: 44KB - Virtual size: 2.0MB

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

.rrodata
Size: 68KB - Virtual size: 68KB

.text
Size: 136KB - Virtual size: 133KB

.rodata
Size: 8KB - Virtual size: 5KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 8KB - Virtual size: 218KB

.rsrc
Size: 396KB - Virtual size: 395KB

.rrodata
Size: 80KB - Virtual size: 80KB

.text
Size: 12KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 3KB

.rrdata
Size: 68KB - Virtual size: 68KB

.text
Size: 492KB - Virtual size: 488KB

.rodata
Size: 8KB - Virtual size: 5KB

.rdata
Size: 76KB - Virtual size: 73KB

.data
Size: 60KB - Virtual size: 331KB

.rsrc
Size: 3.4MB - Virtual size: 3.4MB

.text
Size: 336KB - Virtual size: 333KB

.rodata
Size: 8KB - Virtual size: 5KB

.rdata
Size: 80KB - Virtual size: 76KB

.data
Size: 48KB - Virtual size: 267KB

.rsrc
Size: 228KB - Virtual size: 226KB

.reloc
Size: 32KB - Virtual size: 28KB

.text
Size: 78KB - Virtual size: 80KB

.data
Size: 2KB - Virtual size: 28KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 15KB - Virtual size: 16KB

.wdata
Size: 72KB - Virtual size: 72KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 7KB

.srdata
Size: 80KB - Virtual size: 80KB