64aa47983c4b894be5fda6063617c255_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

64aa47983c4b894be5fda6063617c255_JaffaCakes118
Size

2.1MB
MD5

64aa47983c4b894be5fda6063617c255
SHA1

1b8e2b25aaccf03f714c6db550d0b48df72ebb4c
SHA256

fe88a0a2ebfd07c8919d097e5867d0c7907ff05403418f48761ffccddf1c3a5c
SHA512

c98cadc339ae0be5f952aa4176b31c1e3162a2e21c6f90c1f4940219f518b98d96ddfe0e827607d382ae991426801c7263611e29d800a4ea699f830c0bd00232
SSDEEP

49152:vLDa63wXZI1XoUpPJEZ8GTcaUUfhfFuM0MZ4tv/lxkuYH+OGY:v6laN5PGTcUxFzHOt3khHNGY

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/一键破解.exe	upx

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/UUWiseHelper.dll
unpack001/Update.exe
unpack001/plug/UnRAR.exe
unpack001/plug/closeConnect.exe
unpack001/一键破解.exe
unpack001/百分百QQ漂流瓶群发软件.exe

Files

64aa47983c4b894be5fda6063617c255_JaffaCakes118
.rar
MSCOMCTL.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

b22bd7d6f2b83c193c4c7e9c0a2de8b2

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:07:11:43:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/05/2002, 00:55

Not After

25/11/2003, 01:05

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
LocalReAlloc
GetProfileIntA
RtlMoveMemory
LocalSize
FreeResource
GetCurrentProcessId
MulDiv
GetTickCount
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
GlobalReAlloc
IsBadReadPtr
Sleep
WaitForSingleObject
GlobalHandle
GetThreadLocale
LocalFree
LocalAlloc
GlobalAddAtomA
SetFilePointer
SetStdHandle
FlushFileBuffers
VirtualAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentProcess
TerminateProcess
ExitProcess
RtlUnwind
GetCommandLineA
CompareStringW
GlobalSize
CreateFileA
GetFileSize
GlobalUnlock
GlobalLock
ReadFile
CloseHandle
GlobalFree
IsDBCSLeadByte
GetModuleHandleA
FindResourceA
LoadResource
LockResource
GetLastError
GetFileAttributesA
GetVersion
DisableThreadLibraryCalls
GetProcAddress
GetLocaleInfoA
LoadLibraryA
GetWindowsDirectoryA
lstrcatA
GetModuleFileNameA
IsBadWritePtr
lstrcmpiA
GetLocalTime
GetTimeFormatA
GetDateFormatA
lstrcmpA
GlobalAlloc
GetVersionExA
GetCurrentThreadId
MultiByteToWideChar
CompareStringA
lstrcpyA
InterlockedExchange
lstrlenA
GetSystemDefaultLCID
lstrcpynA
HeapAlloc
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
InterlockedIncrement
InterlockedDecrement
HeapReAlloc

user32

DrawFocusRect
AdjustWindowRect
DrawFrameControl
TrackPopupMenu
GetMessageA
AdjustWindowRectEx
CopyRect
GetKeyNameTextA
ShowCaret
SetCaretPos
GrayStringA
HideCaret
DestroyCaret
CreateCaret
SetWindowTextA
SetScrollInfo
DrawTextExA
InvertRect
SetRectEmpty
GetShellWindow
SetKeyboardState
GetKeyboardState
GetScrollInfo
GetKeyboardLayout
DestroyCursor
GetUpdateRgn
GetUpdateRect
GetWindowRgn
ValidateRect
CallMsgFilterA
LockWindowUpdate
IsZoomed
GetDesktopWindow
GetIconInfo
GetCursor
GetForegroundWindow
InvalidateRgn
EndDeferWindowPos
EnumChildWindows
GetDoubleClickTime
FindWindowA
GetMessageTime
GetWindowThreadProcessId
RemovePropA
SendNotifyMessageA
SetScrollPos
SetScrollRange
GetWindowTextLengthA
EnableScrollBar
ChildWindowFromPoint
EndDialog
GetWindow
GetPropA
GetCursorPos
WindowFromPoint
GetClassNameA
GetDlgCtrlID
IsWindow
SetPropA
SetTimer
KillTimer
SendDlgItemMessageA
IsWindowVisible
UnregisterClassA
CharNextA
SetActiveWindow
CheckRadioButton
SetFocus
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
CheckDlgButton
GetDlgItem
IsWindowEnabled
GetDCEx
DrawIconEx
CreateIconIndirect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetClipboardFormatNameA
SetCursorPos
RegisterClipboardFormatA
MessageBeep
RegisterWindowMessageA
PeekMessageA
PostMessageW
PeekMessageW
VkKeyScanA
SetParent
CharUpperA
GetDlgItemInt
SetCursor
CreateDialogIndirectParamA
GetNextDlgTabItem
IsDialogMessageA
ScrollWindowEx
GetDlgItemTextA
SetWindowRgn
IntersectRect
EqualRect
MoveWindow
BeginPaint
EndPaint
DeferWindowPos
BeginDeferWindowPos
CharNextExA
DrawIcon
DestroyIcon
MapWindowPoints
CreatePopupMenu
AppendMenuA
TrackPopupMenuEx
DestroyMenu
GetActiveWindow
MessageBoxA
WinHelpA
PtInRect
DefWindowProcA
GetWindowDC
SetRect
LoadCursorA
IsRectEmpty
ClientToScreen
GetWindowRect
MapVirtualKeyA
DestroyWindow
CreateWindowExA
GetSysColorBrush
GetAsyncKeyState
EnableWindow
PostMessageA
TranslateMessage
DispatchMessageA
wsprintfA
DialogBoxParamA
UpdateWindow
GetWindowLongA
SetWindowLongA
GetDC
ReleaseDC
GetParent
OffsetRect
UnionRect
GetFocus
IsChild
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetMessagePos
ScreenToClient
SetWindowPos
SetCapture
GetWindowTextA
WindowFromDC
GetClientRect
CallWindowProcA
DrawEdge
GetSysColor
FrameRect
InflateRect
FillRect
DrawTextA
GetKeyState
GetCapture
ReleaseCapture
GetClassInfoA
RegisterClassA
InvalidateRect
LoadIconA
GetSystemMetrics
CopyImage
SendMessageA
LoadStringA
RedrawWindow
ShowWindow
CreateAcceleratorTableA

ole32

ReleaseStgMedium
DoDragDrop
RegisterDragDrop
RevokeDragDrop
CreateStreamOnHGlobal
OleLoadFromStream
OleSaveToStream
CreateOleAdviseHolder
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

advapi32

RegDeleteKeyA
RegOpenKeyA
RegQueryValueA
RegQueryValueExA
RegEnumKeyExA
RegCreateKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegDeleteValueA

oleaut32

SafeArrayRedim
SafeArrayPutElement
SafeArrayGetElement
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
GetErrorInfo
OleCreateFontIndirect
OleCreatePropertyFrame
LoadTypeLibEx
UnRegisterTypeLi
RegisterTypeLi
CreateErrorInfo
SetErrorInfo
LoadRegTypeLi
LoadTypeLi
VariantChangeTypeEx
SysStringByteLen
SysAllocStringByteLen
OleLoadPicture
SysAllocStringLen
VariantCopy
OleTranslateColor
VariantChangeType
OleCreatePictureIndirect
VariantCopyInd
SysStringLen
SysFreeString
VariantInit
VariantClear
SysAllocString
SafeArrayCopy

comdlg32

GetOpenFileNameA

gdi32

Arc
GetTextExtentPointA
GetCharWidthA
OffsetWindowOrgEx
ExtTextOutW
GetTextExtentPointW
Polyline
GetTextAlign
SetTextAlign
OffsetRgn
GetTextColor
CombineRgn
GetTextMetricsA
MoveToEx
LineTo
Ellipse
DeleteObject
SelectObject
CreateSolidBrush
SetViewportOrgEx
SetWindowOrgEx
SetViewportExtEx
SetWindowExtEx
SetMapMode
GetDeviceCaps
CreateFontIndirectA
GetObjectA
SelectClipRgn
ExcludeClipRect
RectVisible
GetClipBox
IntersectClipRect
GetClipRgn
CreateRectRgnIndirect
RealizePalette
SelectPalette
PatBlt
CreateCompatibleBitmap
CreateBitmap
CreateCompatibleDC
GetTextExtentPoint32A
TextOutA
SetBkColor
SetTextColor
SetBkMode
Rectangle
CreatePen
GetStockObject
GetViewportExtEx
GetWindowExtEx
LPtoDP
DeleteDC
CreateDCA
CreateRectRgn
StretchBlt
CreateICA
CopyMetaFileA
CopyEnhMetaFileA
GetPaletteEntries
GetDIBits
CreateDIBitmap
GetBitmapBits
CreatePalette
GetNearestColor
CreatePatternBrush
CreateDIBSection
CreateHalftonePalette
BitBlt
SetDIBColorTable
GetDIBColorTable
GetPixel
StretchDIBits
SetBrushOrgEx
GetBkColor
ExtTextOutA
RestoreDC
SaveDC
CreateFontA

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 688KB - Virtual size: 687KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
REG.reg
RICHTX32.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

f879ec87b93340bacfa917edf4e1aee5

Code Sign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

shell32

DragAcceptFiles
DragFinish
DragQueryFileA

oledlg

ord1

kernel32

GlobalSize
GlobalUnlock
lstrcmpA
GetVersionExA
GlobalLock
FindResourceA
GlobalAlloc
GlobalFree
GetProcAddress
LoadResource
LockResource
HeapReAlloc
GetLocaleInfoA
GetWindowsDirectoryA
lstrcpynA
GetModuleFileNameA
lstrcatA
DisableThreadLibraryCalls
GetFileAttributesA
GetVersion
GetAtomNameA
FindAtomA
AddAtomA
IsBadWritePtr
DeleteAtom
InterlockedIncrement
FreeLibrary
LoadLibraryA
InterlockedDecrement
GetProcessHeap
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
WriteFile
GetLastError
ReadFile
LeaveCriticalSection
CreateFileA
lstrcpyA
HeapAlloc
lstrlenA
HeapFree
WideCharToMultiByte
lstrlenW
SetFilePointer
MultiByteToWideChar
IsDBCSLeadByte
CloseHandle
lstrcmpiA

user32

GetClipboardFormatNameA
PeekMessageW
ScreenToClient
PostMessageW
PeekMessageA
RegisterWindowMessageA
IsDlgButtonChecked
SetDlgItemInt
SetDlgItemTextA
CheckDlgButton
ReleaseCapture
LoadCursorA
SetCursor
SetFocus
CreateDialogIndirectParamA
SetCursorPos
MapWindowPoints
FillRect
PostMessageA
InvalidateRect
ValidateRect
SetRect
GetSysColor
InflateRect
GetClassInfoA
EnableMenuItem
TrackPopupMenu
GetWindow
GetWindowTextA
CharNextA
MessageBoxA
SendDlgItemMessageA
GetDlgItem
DispatchMessageA
TranslateMessage
WindowFromDC
IsChild
IsWindowEnabled
GetNextDlgTabItem
IsDialogMessageA
WinHelpA
MoveWindow
SetParent
BeginPaint
EndPaint
GetMenuItemCount
IsWindowVisible
DeleteMenu
IntersectRect
ShowWindow
SetWindowRgn
GetDlgItemTextA
EqualRect
GetDlgItemInt
SetWindowPos
GetWindowRect
SetWindowLongA
DestroyWindow
GetActiveWindow
UnregisterClassA
RemoveMenu
LoadMenuA
GetSubMenu
GetParent
DestroyMenu
GetFocus
IsWindow
DefWindowProcA
GetClientRect
RegisterClassA
LoadStringA
RegisterClipboardFormatA
GetCapture
GetCursorPos
EnableWindow
EndDialog
wsprintfA
GetKeyState
MessageBeep
CallWindowProcA
GetDC
GetSystemMetrics
ReleaseDC
UpdateWindow
SendMessageA
DialogBoxParamA
GetWindowLongA
CreateWindowExA
ClientToScreen
OffsetRect
PtInRect

ole32

DoDragDrop
RegisterDragDrop
CreateOleAdviseHolder
OleCreateFromFile
CLSIDFromProgID
OleCreate
OleSetContainedObject
StringFromCLSID
OleGetIconOfClass
CoGetMalloc
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleSaveToStream
OleLoadFromStream
RevokeDragDrop
CoTaskMemRealloc
ReleaseStgMedium
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

advapi32

RegEnumKeyExA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegCloseKey
RegOpenKeyExA

oleaut32

SafeArrayCopy
SafeArrayDestroy
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetUBound
VariantCopy
CreateErrorInfo
VariantCopyInd
OleCreatePropertyFrame
LoadTypeLibEx
SetErrorInfo
LoadTypeLi
RegisterTypeLi
UnRegisterTypeLi
SafeArrayPutElement
GetErrorInfo
SafeArrayCreate
LoadRegTypeLi
OleLoadPicture
OleCreatePictureIndirect
SysAllocStringLen
SysFreeString
OleCreateFontIndirect
SysStringLen
SysAllocString
VariantInit
VariantChangeType
VariantClear
OleTranslateColor
SafeArrayRedim

comdlg32

GetOpenFileNameA
CommDlgExtendedError

gdi32

GetNearestColor
CreateSolidBrush
DeleteObject
EnumFontFamiliesExA
StretchBlt
PatBlt
GetObjectType
GetBitmapBits
CreateDIBitmap
CreatePalette
SelectPalette
RealizePalette
GetObjectA
GetPaletteEntries
GetStockObject
GetDIBits
CopyEnhMetaFileA
CopyMetaFileA
CreateBitmap
LPtoDP
GetWindowExtEx
CreateDCA
CreateRectRgnIndirect
SetBkColor
GetViewportExtEx
GetClipBox
SetWindowExtEx
IntersectClipRect
SelectObject
CreateCompatibleBitmap
SetViewportExtEx
EndDoc
EndPage
DeleteDC
StartDocA
DPtoLP
StartPage
SetViewportOrgEx
SetMapMode
SetWindowOrgEx
GetMapMode
GetDeviceCaps
CreateICA
CreateCompatibleDC

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TABCTL32.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

aa8b0ec5b7d56e08d6614ae243221096

Code Sign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetStringTypeW
GetStringTypeA
VirtualAlloc
LCMapStringW
LCMapStringA
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
TerminateProcess
ExitProcess
RaiseException
GetOEMCP
GetACP
GetCPInfo
GetModuleHandleA
GetCommandLineA
lstrcpynA
GetFileAttributesA
GetVersion
DisableThreadLibraryCalls
FindResourceA
LoadResource
LockResource
GetLastError
InterlockedDecrement
InterlockedIncrement
GetProcAddress
GetLocaleInfoA
LoadLibraryA
GetWindowsDirectoryA
GetModuleFileNameA
MultiByteToWideChar
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
lstrcmpiA
lstrlenA
GlobalSize
IsDBCSLeadByte
LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
HeapAlloc
lstrcpyA
EnterCriticalSection
HeapReAlloc
lstrcmpA
GetProcessHeap
InitializeCriticalSection
lstrcatA

user32

SetFocus
MoveWindow
GetWindow
ShowWindow
IsWindowEnabled
PtInRect
IsWindowVisible
GetParent
SetWindowRgn
GetSysColor
CopyRect
DrawFocusRect
DestroyWindow
GetWindowDC
GetWindowRect
CreateWindowExA
SetWindowLongA
CallWindowProcA
GetWindowLongA
SetRectEmpty
SetWindowPos
OffsetRect
WinHelpA
GetNextDlgTabItem
CharNextA
GetClipboardFormatNameA
ScreenToClient
MapWindowPoints
SetCursorPos
RegisterClipboardFormatA
UnregisterClassA
InvalidateRect
ReleaseCapture
CreateDialogIndirectParamA
IsChild
SetParent
EndPaint
IsDialogMessageA
FillRect
InflateRect
EndDialog
GetActiveWindow
DialogBoxParamA
GetCursorPos
LockWindowUpdate
EqualRect
IsWindow
MessageBeep
MessageBoxA
GetDlgItemInt
GetDlgItemTextA
IsDlgButtonChecked
SendDlgItemMessageA
SetDlgItemTextA
SetDlgItemInt
CheckDlgButton
GetDlgItem
wsprintfA
GetKeyState
DefWindowProcA
SetCursor
PeekMessageA
SendMessageA
GetFocus
GetDC
ReleaseDC
SetRect
IsCharAlphaNumericA
VkKeyScanA
CreateAcceleratorTableA
EnableWindow
LoadCursorA
RegisterClassA
DestroyAcceleratorTable
LoadStringA
GetSystemMetrics
ClientToScreen
GetClientRect
BeginPaint
IntersectRect

ole32

ReleaseStgMedium
DoDragDrop
RegisterDragDrop
RevokeDragDrop
CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
OleSaveToStream
OleLoadFromStream

advapi32

RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

SysAllocStringLen
OleCreatePropertyFrame
LoadTypeLi
SafeArrayCopy
SafeArrayRedim
SafeArrayPutElement
SafeArrayGetElement
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
VariantCopyInd
VariantCopy
LoadTypeLibEx
UnRegisterTypeLi
RegisterTypeLi
CreateErrorInfo
SetErrorInfo
VariantChangeType
VariantInit
SysStringLen
OleTranslateColor
GetErrorInfo
OleLoadPicture
SysAllocStringByteLen
SysStringByteLen
LoadRegTypeLi
OleCreateFontIndirect
VariantClear
OleCreatePictureIndirect
SysAllocString
SysFreeString

gdi32

LPtoDP
GetViewportExtEx
CreateRectRgnIndirect
GetWindowExtEx
SetMapMode
GetNearestColor
CreatePalette
GetBitmapBits
CreateDIBitmap
GetDIBits
CopyEnhMetaFileA
CopyMetaFileA
CreateDCA
SetWindowOrgEx
SetViewportOrgEx
SetWindowExtEx
SetViewportExtEx
GetDeviceCaps
DeleteDC
DeleteObject
StretchBlt
SelectObject
CreateBitmap
CreateCompatibleDC
RealizePalette
SelectPalette
GetOutlineTextMetricsA
BitBlt
CreateCompatibleBitmap
SetTextColor
SetBkColor
CreateRectRgn
CreateFontIndirectA
GetObjectA
SelectClipRgn
CombineRgn
CreatePolygonRgn
SetBkMode
CreatePen
TextOutA
GetTextColor
LineTo
MoveToEx
GetTextExtentPoint32A
GetCharWidthA
GetCurrentPositionEx
SetTextAlign
GetStockObject
CreateSolidBrush
OffsetRgn
SetBrushOrgEx
UnrealizeObject
CreateICA
GetPaletteEntries

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UUWiseHelper.dll
.dll windows:5 windows x86 arch:x86

8993d476b2080c54468f99bd1fb566ab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\开发目录2\优优云\UUWiseHelper\输出目录\C.pdb

Imports

kernel32

GetLastError
CloseHandle
CreateFileW
ReadFile
GetFileSize
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
Sleep
lstrlenW
GlobalUnlock
GlobalLock
GlobalSize
lstrcatW
lstrcpyW
DeleteCriticalSection
InitializeCriticalSection
DisableThreadLibraryCalls
lstrlenA
MultiByteToWideChar
CreateEventW
WaitForSingleObject
CreateThread
GetLocalTime
FreeLibrary
GetProcAddress
LoadLibraryW
lstrcpynW
IsBadWritePtr
SetEvent
IsBadReadPtr
lstrcpyA
lstrcpynA
FlushFileBuffers
FindResourceExW
WriteConsoleW
GetConsoleOutputCP
FindResourceW
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
WriteConsoleA
SetStdHandle
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringA
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
VirtualAlloc
CreateFileA
GetTickCount
RaiseException
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RtlUnwind
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
LCMapStringW
HeapCreate
VirtualFree

user32

GetDC
ReleaseDC
wsprintfA
PeekMessageW
DispatchMessageW
MsgWaitForMultipleObjects

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteDC
DeleteObject

ole32

CreateStreamOnHGlobal
GetHGlobalFromStream
CoUninitialize
CoCreateInstance
CoInitialize
CoCreateGuid
CoTaskMemFree

oleaut32

SafeArrayGetLBound
VariantInit
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SysAllocStringLen
SysFreeString
VariantClear
SysAllocString
SafeArrayCreateVector

shlwapi

StrStrIW

urlmon

FindMimeFromData

gdiplus

GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup
GdipCreateBitmapFromStream
GdipDisposeImage
GdipAlloc
GdipFree
GdipSaveImageToStream

iphlpapi

GetAdaptersInfo

Exports

Exports

uu_AsyncRecognizeByCodeTypeAndPathA
uu_CloseAsyncRecognizeHandle
uu_GetAsyncRecognizeResultA
uu_UploadFileA
uu_UploadFileW
uu_UploadScreen
uu_getResultA
uu_getResultW
uu_getScoreA
uu_getScoreW
uu_loginA
uu_loginW
uu_payA
uu_payW
uu_recognizeByCodeTypeAndBytesA
uu_recognizeByCodeTypeAndBytesW
uu_recognizeByCodeTypeAndPathA
uu_recognizeByCodeTypeAndPathW
uu_recognizeByCodeTypeAndUrlA
uu_recognizeByCodeTypeAndUrlW
uu_recognizeScreenByCodeTypeA
uu_recognizeScreenByCodeTypeW
uu_reguserA
uu_reguserW
uu_reportError
uu_setSoftInfoA
uu_setSoftInfoW
uu_setTimeOut

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Update.exe
.exe windows:4 windows x86 arch:x86

d1597121a9ce48c503eb8bc1dac07789

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaVarMove
__vbaStrI4
__vbaFreeVar
__vbaAryMove
__vbaLateIdCall
__vbaStrVarMove
__vbaLenBstr
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaRaiseEvent
__vbaFreeObjList
__vbaStrErrVarCopy
_adj_fprem1
__vbaStrCat
ord660
__vbaSetSystemError
__vbaHresultCheckObj
__vbaNameFile
_adj_fdiv_m32
__vbaAryVar
__vbaAryDestruct
__vbaExitProc
__vbaObjSet
__vbaOnError
ord595
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
__vbaBoolVar
_CIsin
ord631
ord709
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
ord529
__vbaPutOwner3
__vbaI2I4
DllFunctionCall
ord670
__vbaCastObjVar
_adj_fpatan
__vbaLateIdCallLd
EVENT_SINK_Release
ord600
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaStrVarVal
__vbaVarCat
__vbaI2Var
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaNew2
ord648
__vbaVar2Vec
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
ord681
__vbaFreeStrList
_adj_fdivr_m32
__vbaPowerR8
_adj_fdiv_r
ord685
ord100
__vbaI4Var
__vbaVarCmpEq
__vbaVarDup
__vbaFpI4
_CIatan
ord618
__vbaAryCopy
__vbaStrMove
ord619
ord650
_allmul
__vbaLateIdSt
_CItan
ord546
__vbaFpCSngR8
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
images/1.gif
.gif
images/2.gif
.gif
images/3.gif
.gif
images/4.gif
.gif
images/5.gif
.gif
images/6.gif
.gif
images/7.gif
.gif
images/8.gif
.gif
plug/UnRAR.exe
.exe windows:4 windows x86 arch:x86

cf6ca145896f9d37f7f4799cce56ed2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
SetFileSecurityA
SetFileSecurityW

kernel32

CloseHandle
CompareStringA
CompareStringW
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
DeviceIoControl
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FormatMessageA
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStrings
GetFileAttributesA
GetFileAttributesW
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetSystemTime
GetVersion
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapFree
IsDBCSLeadByte
LCMapStringA
LoadLibraryA
LocalFileTimeToFileTime
LocalFree
MoveFileA
MultiByteToWideChar
RaiseException
ReadConsoleA
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetConsoleMode
SetEndOfFile
SetErrorMode
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetPriorityClass
SetThreadPriority
Sleep
SystemTimeToFileTime
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WideCharToMultiByte
WriteFile

user32

CharLowerA
CharLowerW
CharToOemA
CharToOemBuffA
CharUpperA
CharUpperW
EnumThreadWindows
LoadStringA
MessageBoxA
OemToCharA
OemToCharBuffA
wsprintfA

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 149KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
plug/closeConnect.exe
.exe windows:4 windows x86 arch:x86

3d4353fee0f61316f1e97f02163022d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
_adj_fdiv_m64
_adj_fprem1
__vbaSetSystemError
_adj_fdiv_m32
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaStrToAnsi
_CIatan
_allmul
_CItan
_CIexp

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
plug/ver.ini
save/address.ini
save/file1.ini
save/link.mdb
save/router/ALCATEL SpeedTouch511e.ini
save/router/ALPHA AFW-GR55 mini.ini
save/router/ALPHA K3.ini
save/router/ALPHA V4.ini
save/router/ASUS WL530g.ini
save/router/AboveCable ACRT2010-11.ini
save/router/Alpha GR50.ini
save/router/D-Link DI-504.ini
save/router/D-Link DI-524.ini
save/router/D-Link DI-524M.ini
save/router/D-Link DI-604+.ini
save/router/D-Link DI-604.ini
save/router/D-Link DI-624+A.ini
save/router/D-Link DI-624.ini
save/router/D-Link DI-7001.ini
save/router/D-Link DI-808HV.ini
save/router/D-Link DIR-100.ini
save/router/D-Link DIR-300.ini
save/router/D-Link DIR-600.ini
save/router/FAST FR40.ini
save/router/FAST FR48.ini
save/router/HL-RT700.ini
save/router/Hi-Spider Hotel_V3.ini
save/router/HuaWei 3COM BR104.ini
save/router/HuaWei 3COM BR204+.ini
save/router/HuaWei WBR204G+.ini
save/router/HuaWei WBR204G.ini
save/router/KINGNET KN-S1060.ini
save/router/KINGNET KN-S1060T.ini
save/router/KINGNET KN-WR710H.ini
save/router/LinkSYS BEFSR41.ini
save/router/LinkSYS BEFW11S4.ini
save/router/LinkSYS WRK54G(2).ini
save/router/LinkSYS WRK54G.ini
save/router/LinkSYS WRT54G.ini
save/router/LinkSYS WRT54GC.ini
save/router/Mercury MR808v2.ini
save/router/Mercury MW54R.ini
save/router/Mercury Soho MR804.ini
save/router/NetCore 2105+NR.ini
save/router/NetCore 2505+NR.ini
save/router/NetCore 2805NR.ini
save/router/NetCore 605GR.ini
save/router/NetCore NR+205.ini
save/router/NetCore NW705+.ini
save/router/NetShare R-1200.ini
save/router/NetShare R-1800.ini
save/router/Netgear WGR614.ini
save/router/SMC SMC7004VBR.ini
save/router/TP-Link 402M.ini
save/router/TP-Link TD-8810.ini
save/router/TP-Link TL-MR11U.ini
save/router/TP-Link TL-R402.ini
save/router/TP-Link TL-R402M.ini
save/router/TP-Link TL-R406.ini
save/router/TP-Link TL-R410.ini
save/router/TP-Link TL-R460.ini
save/router/TP-Link TL-WR340G V5.ini
save/router/TP-Link TL-WR340G.ini
save/router/TP-Link TL-WR641G 642G.ini
save/router/TP-Link TL-WR740N.ini
save/router/Tenda NAT Router.ini
save/router/Tenda TEI402.ini
save/router/Tenda TEI402M.ini
save/router/Tenda TEI480T+.ini
save/router/Tenda TEI6606.ini
save/router/Tenda TEI6608.ini
save/router/Tenda TEI6608S 2.ini
save/router/Tenda TEI6608S.ini
save/router/Tenda TEI6611S.ini
save/router/Tenda W541R.ini
save/router/Wealnet R-2804P.ini
save/router/Wealnet R-2808M.ini
一键破解.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
河源下载站-cngr.cn.url
.url
淘宝热卖.url
.url
百分百QQ漂流瓶群发软件.exe
.exe windows:4 windows x86 arch:x86

76043b57c9f8c4ab7647a7a0f32c9340

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarTstGt
__vbaVarSub
ord690
__vbaStrI2
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
ord693
__vbaVarVargNofree
__vbaAryMove
__vbaFreeVar
ord695
__vbaLineInputStr
__vbaStrVarMove
__vbaLateIdCall
__vbaLenBstr
ord696
__vbaVarIdiv
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
__vbaFreeObjList
ord516
__vbaVarIndexLoadRef
_adj_fprem1
ord518
ord629
__vbaVarCmpNe
__vbaStrCat
__vbaLsetFixstr
ord660
__vbaSetSystemError
ord662
__vbaHresultCheckObj
__vbaLenVar
_adj_fdiv_m32
ord666
__vbaAryVar
__vbaAryDestruct
__vbaForEachCollObj
__vbaExitProc
ord593
__vbaVarForInit
__vbaBoolStr
ord594
ord595
__vbaObjSet
__vbaOnError
ord596
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
__vbaStrFixstr
ord520
ord705
__vbaFPFix
__vbaVarTstLt
__vbaBoolVarNull
__vbaFpR8
_CIsin
__vbaErase
ord631
ord709
__vbaNextEachCollObj
ord632
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaGenerateBoundsError
ord529
__vbaStrCmp
__vbaAryConstruct2
__vbaVarTstEq
ord560
__vbaI2I4
__vbaObjVar
DllFunctionCall
__vbaVarLateMemSt
__vbaVarOr
__vbaFpUI1
__vbaCastObjVar
__vbaStrR4
_adj_fpatan
__vbaR4Var
__vbaFixstrConstruct
__vbaLateIdCallLd
__vbaRedim
__vbaStrR8
EVENT_SINK_Release
ord600
__vbaUI1I2
_CIsqrt
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaVarMul
__vbaExceptHandler
ord711
__vbaPrintFile
__vbaInputFile
__vbaStrToUnicode
ord712
ord606
_adj_fprem
_adj_fdivr_m64
__vbaLateIdStAd
__vbaI2Str
ord607
ord608
ord716
__vbaFPException
__vbaInStrVar
ord717
ord319
__vbaUbound
__vbaStrVarVal
ord534
__vbaVarCat
ord535
__vbaI2Var
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaVar2Vec
__vbaVarLateMemCallLdRf
__vbaInStr
__vbaR8Str
__vbaNew2
ord571
_adj_fdiv_m32i
ord572
_adj_fdivr_m32i
ord573
__vbaStrCopy
__vbaI4Str
ord681
__vbaFreeStrList
_adj_fdivr_m32
__vbaR8Var
__vbaPowerR8
_adj_fdiv_r
ord685
ord100
__vbaVarTstNe
__vbaVarSetVar
__vbaI4Var
ord689
__vbaVarCmpEq
ord610
__vbaAryLock
__vbaVarAdd
__vbaLateMemCall
ord320
ord612
__vbaStrToAnsi
__vbaVarDup
ord321
__vbaVerifyVarObj
__vbaVarLateMemCallLd
__vbaVarTstGe
__vbaFpI4
__vbaVarCopy
ord616
ord617
__vbaR8IntI2
__vbaLateMemCallLd
_CIatan
ord618
__vbaCastObj
__vbaAryCopy
__vbaStrMove
__vbaR8IntI4
__vbaStrVarCopy
ord619
ord650
_allmul
__vbaLenVarB
__vbaLateIdSt
__vbaLateMemCallSt
_CItan
ord546
__vbaUI1Var
__vbaAryUnlock
__vbaFPInt
__vbaVarForNext
_CIexp
ord580
__vbaFreeStr
__vbaFreeObj
ord581

Sections

.text
Size: 924KB - Virtual size: 922KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
若软件运行出错请运行此文件.bat

Sharing

General

Malware Config

Signatures

Files

b22bd7d6f2b83c193c4c7e9c0a2de8b2

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9dCertificate

Extended Key Usages

Key Usages

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6Certificate

Extended Key Usages

Key Usages

61:07:11:43:00:00:00:00:00:34Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

oleaut32

comdlg32

gdi32

Exports

Exports

Sections

.text Size: 688KB - Virtual size: 687KB

.data Size: 32KB - Virtual size: 28KB

.rsrc Size: 280KB - Virtual size: 279KB

.reloc Size: 40KB - Virtual size: 38KB

f879ec87b93340bacfa917edf4e1aee5

Code Sign

Signer

Headers

File Characteristics

Imports

shell32

oledlg

kernel32

user32

ole32

advapi32

oleaut32

comdlg32

gdi32

Exports

Exports

Sections

.text Size: 114KB - Virtual size: 113KB

.data Size: 3KB - Virtual size: 2KB

.rsrc Size: 67KB - Virtual size: 67KB

.reloc Size: 7KB - Virtual size: 7KB

aa8b0ec5b7d56e08d6614ae243221096

Code Sign

Signer

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

oleaut32

gdi32

Exports

Exports

Sections

.text Size: 136KB - Virtual size: 135KB

.data Size: 14KB - Virtual size: 13KB

.rsrc Size: 39KB - Virtual size: 39KB

.reloc Size: 8KB - Virtual size: 7KB

8993d476b2080c54468f99bd1fb566ab

Headers

DLL Characteristics

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

61:07:11:43:00:00:00:00:00:34
Certificate

.text
Size: 688KB - Virtual size: 687KB

.data
Size: 32KB - Virtual size: 28KB

.rsrc
Size: 280KB - Virtual size: 279KB

.reloc
Size: 40KB - Virtual size: 38KB

.text
Size: 114KB - Virtual size: 113KB

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 67KB - Virtual size: 67KB

.reloc
Size: 7KB - Virtual size: 7KB

.text
Size: 136KB - Virtual size: 135KB

.data
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 39KB - Virtual size: 39KB

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 85KB - Virtual size: 84KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 60KB - Virtual size: 58KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 20KB - Virtual size: 19KB

.text
Size: 149KB - Virtual size: 152KB

.data
Size: 12KB - Virtual size: 56KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 38KB - Virtual size: 38KB

.text
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 2KB

UPX0
Size: - Virtual size: 56KB

UPX1
Size: 1.1MB - Virtual size: 1.1MB

.rsrc
Size: 5KB - Virtual size: 8KB

.text
Size: 924KB - Virtual size: 922KB

.data
Size: 4KB - Virtual size: 14KB