79790ced945e19fdcbf550e69fe48f03_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

79790ced945e19fdcbf550e69fe48f03_JaffaCakes118
Size

6.1MB
MD5

79790ced945e19fdcbf550e69fe48f03
SHA1

adbdf7741f85834fb102deb5156bd2c0946518bf
SHA256

70cfaa55a423f2e124af81f0f28479349b48d1a73974aaab6480c81c82b5b4a9
SHA512

6ff596497239ecd86cedcf48eb6b95caf578c51e703231f09706cc83b6f5be6767f0d9c2f1ea154d41e59b5f789969552fd0000c2af325ebcac6038ec5a86b25
SSDEEP

98304:Nm0t4TvG12CRGwhhA0tJqEcm0tYSO0KVe0XSPgRy1SPx/rj36jtwMeu5hgZlsbCk:NIO1j4wnkzKRVe0XSPgREs7egKU2D

Score

1^/10

Malware Config

Signatures

Files

79790ced945e19fdcbf550e69fe48f03_JaffaCakes118
.zip
Analysis.swf
BlogSnapper.swf
Config/slide.jpg
.jpg
CreationNotifier.swf
FilepickerIOPhotoLoader.html
.html .js polyglot
FlvPlayerBase.swf
PhotoNotifier.swf
PreloadAnimation.swf
Preview.swf
PrintWizardLoader.html
.html .js polyglot
Smilebox.swf
SmileboxBrowserEngine.dll.new
.dll windows:4 windows x86 arch:x86

7d505e5b81874118b8934c0f846e6b6f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:a1:1f:cd:9e:9a:75:74:1f:96:f4:04:ca:3c:93:a8
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

16-01-2017 00:00

Not After

17-01-2019 23:59

Subject

CN=Smilebox\,Inc.,OU=partnership,O=Smilebox\,Inc.,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:a1:d8:3f:98:52:79:69:8a:42:23:69:34:84:b2:f2:bf:4e:60:5c
Signer

Actual PE Digest

11:a1:d8:3f:98:52:79:69:8a:42:23:69:34:84:b2:f2:bf:4e:60:5c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcess
FlushInstructionCache
lstrcmpW
GlobalUnlock
GlobalLock
SetLastError
GlobalAlloc
GetVersionExA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
GetProcAddress
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
HeapReAlloc
GetCommandLineA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
HeapSize
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
MulDiv
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
GetCPInfo
GetOEMCP
IsValidCodePage
SetFilePointer
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CloseHandle
FlushFileBuffers
EnterCriticalSection
GetModuleFileNameW
GetLastError
GetCurrentThreadId
LoadLibraryExW
RaiseException
FindResourceW
GetModuleHandleW
LoadResource
FreeLibrary
SizeofResource
InitializeCriticalSection
LeaveCriticalSection
lstrlenW
MultiByteToWideChar
DeleteCriticalSection
InterlockedDecrement
InterlockedIncrement
Sleep
lstrcmpiW

user32

SetWindowLongW
LoadCursorW
RegisterWindowMessageW
GetClassNameW
GetWindowLongW
MoveWindow
DefWindowProcW
ScreenToClient
GetDesktopWindow
ClientToScreen
UnregisterClassA
GetWindow
GetWindowTextW
SetWindowTextW
GetWindowTextLengthW
SetWindowPos
InvalidateRect
GetWindowInfo
RedrawWindow
SendMessageW
CallWindowProcW
CreateAcceleratorTableW
EndPaint
IsWindow
InvalidateRgn
GetDlgItem
GetDC
GetParent
ReleaseDC
CharNextW
DestroyWindow
GetClassInfoExW
GetSysColor
BeginPaint
SetCapture
IsChild
ReleaseCapture
GetClientRect
GetFocus
RegisterClassExW
DestroyAcceleratorTable
SetFocus
FillRect
CreateWindowExW

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
CreateSolidBrush
BitBlt
SelectObject
DeleteDC
DeleteObject
GetDeviceCaps
GetObjectW
GetStockObject

advapi32

RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW

ole32

StringFromGUID2
OleLockRunning
OleInitialize
CoInitialize
CLSIDFromString
CLSIDFromProgID
CoUninitialize
CoGetClassObject
OleUninitialize
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CreateStreamOnHGlobal

oleaut32

SysAllocStringLen
LoadRegTypeLi
LoadTypeLi
DispCallFunc
SysFreeString
SysStringLen
SysAllocString
VariantClear
VariantInit
SysStringByteLen
OleCreateFontIndirect
VarUI4FromStr

Exports

Exports

??0?$CAxWindowT@VCWindow@ATL@@@ATL@@QAE@PAUHWND__@@@Z
??0?$CWindowImpl@VCSmileboxBrowserView@@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@QAE@ABV01@@Z
??0?$CWindowImpl@VCSmileboxBrowserView@@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@QAE@XZ
??0?$CWindowImplBaseT@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@QAE@ABV01@@Z
??0?$CWindowImplBaseT@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@QAE@XZ
??0?$CWindowImplRoot@V?$CAxWindowT@VCWindow@ATL@@@ATL@@@ATL@@QAE@ABV01@@Z
??0?$CWindowImplRoot@V?$CAxWindowT@VCWindow@ATL@@@ATL@@@ATL@@QAE@XZ
??0?$IDispEventSimpleImpl@$0EF@VCSmileboxBrowserView@@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@QAE@ABV01@@Z
??0?$IDispEventSimpleImpl@$0EF@VCSmileboxBrowserView@@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@QAE@XZ
??0?$_IDispEventLocator@$0EF@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@QAE@ABV01@@Z
??0?$_IDispEventLocator@$0EF@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@QAE@XZ
??0CSmileboxBrowserView@@QAE@ABV0@@Z
??0CSmileboxBrowserView@@QAE@XZ
??1?$CWindowImpl@VCSmileboxBrowserView@@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@UAE@XZ
??1?$CWindowImplBaseT@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@UAE@XZ
??1?$CWindowImplRoot@V?$CAxWindowT@VCWindow@ATL@@@ATL@@@ATL@@UAE@XZ
??1CSmileboxBrowserView@@UAE@XZ
??4?$CAxWindowT@VCWindow@ATL@@@ATL@@QAEAAV01@ABV01@@Z
??4?$CAxWindowT@VCWindow@ATL@@@ATL@@QAEAAV01@PAUHWND__@@@Z
??4?$CWindowImpl@VCSmileboxBrowserView@@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@QAEAAV01@ABV01@@Z
??4?$CWindowImplBaseT@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@QAEAAV01@ABV01@@Z
??4?$CWindowImplRoot@V?$CAxWindowT@VCWindow@ATL@@@ATL@@@ATL@@QAEAAV01@ABV01@@Z
??4?$IDispEventSimpleImpl@$0EF@VCSmileboxBrowserView@@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@QAEAAV01@ABV01@@Z
??4?$_IDispEventLocator@$0EF@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@QAEAAV01@ABV01@@Z
??4CSmileboxBrowserView@@QAEAAV0@ABV0@@Z
??_7CSmileboxBrowserView@@6B?$CWindowImpl@VCSmileboxBrowserView@@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@@
??_7CSmileboxBrowserView@@6B?$IDispEventSimpleImpl@$0EF@VCSmileboxBrowserView@@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@@
??_B?1??GetWndClassInfo@CSmileboxBrowserView@@SAAAU_ATL_WNDCLASSINFOW@ATL@@XZ@51
??_B?1??_GetSinkMap@CSmileboxBrowserView@@SAPBU?$_ATL_EVENT_ENTRY@VCSmileboxBrowserView@@@ATL@@XZ@51
??_F?$CAxWindowT@VCWindow@ATL@@@ATL@@QAEXXZ
?AddRef@?$IDispEventSimpleImpl@$0EF@VCSmileboxBrowserView@@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@UAGKXZ
?AttachControl@?$CAxWindowT@VCWindow@ATL@@@ATL@@QAEJPAUIUnknown@@PAPAU3@@Z
?Create@?$CAxWindowT@VCWindow@ATL@@@ATL@@QAEPAUHWND__@@PAU3@V_U_RECT@2@PB_WKKV_U_MENUorID@2@PAX@Z
?Create@?$CWindowImpl@VCSmileboxBrowserView@@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@QAEPAUHWND__@@PAU3@V_U_RECT@2@PB_WKKV_U_MENUorID@2@PAX@Z
?Create@?$CWindowImplBaseT@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@QAEPAUHWND__@@PAU3@V_U_RECT@2@PB_WKKV_U_MENUorID@2@GPAX@Z
?CreateControl@?$CAxWindowT@VCWindow@ATL@@@ATL@@QAEJKPAUIStream@@PAPAUIUnknown@@@Z
?CreateControl@?$CAxWindowT@VCWindow@ATL@@@ATL@@QAEJPB_WPAUIStream@@PAPAUIUnknown@@@Z
?CreateControlEx@?$CAxWindowT@VCWindow@ATL@@@ATL@@QAEJKPAUIStream@@PAPAUIUnknown@@1ABU_GUID@@PAU4@@Z
?CreateControlEx@?$CAxWindowT@VCWindow@ATL@@@ATL@@QAEJPB_WPAUIStream@@PAPAUIUnknown@@2ABU_GUID@@PAU4@@Z
?DefWindowProcW@?$CWindowImplBaseT@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@QAEJIIJ@Z
?DefWindowProcW@?$CWindowImplBaseT@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@QAEJXZ
?DefaultReflectionHandler@?$CWindowImplRoot@V?$CAxWindowT@VCWindow@ATL@@@ATL@@@ATL@@SAHPAUHWND__@@IIJAAJ@Z
?DestroyWindow@?$CWindowImplBaseT@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@QAEHXZ
?DispEventAdvise@?$IDispEventSimpleImpl@$0EF@VCSmileboxBrowserView@@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@QAEJPAUIUnknown@@@Z
?DispEventAdvise@?$IDispEventSimpleImpl@$0EF@VCSmileboxBrowserView@@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@QAEJPAUIUnknown@@PBU_GUID@@@Z
?DispEventUnadvise@?$IDispEventSimpleImpl@$0EF@VCSmileboxBrowserView@@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@QAEJPAUIUnknown@@@Z
?DispEventUnadvise@?$IDispEventSimpleImpl@$0EF@VCSmileboxBrowserView@@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@QAEJPAUIUnknown@@PBU_GUID@@@Z
?ForwardNotifications@?$CWindowImplRoot@V?$CAxWindowT@VCWindow@ATL@@@ATL@@@ATL@@QAEJIIJAAH@Z
?GetCurrentMessage@?$CWindowImplRoot@V?$CAxWindowT@VCWindow@ATL@@@ATL@@@ATL@@QBEPBU_ATL_MSG@2@XZ
?GetFuncInfoFromId@?$IDispEventSimpleImpl@$0EF@VCSmileboxBrowserView@@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@UAEJABU_GUID@@JKAAU_ATL_FUNC_INFO@2@@Z
?GetIDsOfNames@?$IDispEventSimpleImpl@$0EF@VCSmileboxBrowserView@@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@UAGJABU_GUID@@PAPA_WIKPAJ@Z
?GetTypeInfo@?$IDispEventSimpleImpl@$0EF@VCSmileboxBrowserView@@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@UAGJIKPAPAUITypeInfo@@@Z
?GetTypeInfoCount@?$IDispEventSimpleImpl@$0EF@VCSmileboxBrowserView@@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@UAGJPAI@Z
?GetWindowProc@?$CWindowImplBaseT@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@UAEP6GJPAUHWND__@@IIJ@ZXZ
?GetWndCaption@?$CWindowImpl@VCSmileboxBrowserView@@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@SAPB_WXZ
?GetWndClassInfo@?$CWindowImpl@VCSmileboxBrowserView@@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@SAAAU_ATL_WNDCLASSINFOW@2@XZ
?GetWndClassInfo@CSmileboxBrowserView@@SAAAU_ATL_WNDCLASSINFOW@ATL@@XZ
?GetWndClassName@?$CAxWindowT@VCWindow@ATL@@@ATL@@SAPB_WXZ
?GetWndExStyle@?$CWindowImplBaseT@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@SAKK@Z
?GetWndStyle@?$CWindowImplBaseT@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@SAKK@Z
?Invoke@?$IDispEventSimpleImpl@$0EF@VCSmileboxBrowserView@@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@UAGJJABU_GUID@@KGPAUtagDISPPARAMS@@PAUtagVARIANT@@PAUtagEXCEPINFO@@PAI@Z
?InvokeFromFuncInfo@?$IDispEventSimpleImpl@$0EF@VCSmileboxBrowserView@@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@QAEJP8CSmileboxBrowserView@@AGXXZAAU_ATL_FUNC_INFO@2@PAUtagDISPPARAMS@@PAUtagVARIANT@@@Z
?IsMsgHandled@?$CWindowImplRoot@V?$CAxWindowT@VCWindow@ATL@@@ATL@@@ATL@@QBEHXZ
?OnCreate@CSmileboxBrowserView@@QAEJIIJAAH@Z
?OnDestroy@CSmileboxBrowserView@@QAEJIIJAAH@Z
?OnDocumentComplete@CSmileboxBrowserView@@UAGXPAUIDispatch@@PAUtagVARIANT@@@Z
?OnFinalMessage@?$CWindowImplBaseT@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@UAEXPAUHWND__@@@Z
?OnSize@CSmileboxBrowserView@@QAEJIIJAAH@Z
?PreTranslateMessage@CSmileboxBrowserView@@QAEHPAUtagMSG@@@Z
?ProcessWindowMessage@CSmileboxBrowserView@@UAEHPAUHWND__@@IIJAAJK@Z
?QueryControl@?$CAxWindowT@VCWindow@ATL@@@ATL@@QAEJABU_GUID@@PAPAX@Z
?QueryHost@?$CAxWindowT@VCWindow@ATL@@@ATL@@QAEJABU_GUID@@PAPAX@Z
?ReflectNotifications@?$CWindowImplRoot@V?$CAxWindowT@VCWindow@ATL@@@ATL@@@ATL@@QAEJIIJAAH@Z
?Release@?$IDispEventSimpleImpl@$0EF@VCSmileboxBrowserView@@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@UAGKXZ
?SetExternalDispatch@?$CAxWindowT@VCWindow@ATL@@@ATL@@QAEJPAUIDispatch@@@Z
?SetExternalUIHandler@?$CAxWindowT@VCWindow@ATL@@@ATL@@QAEJPAUIDocHostUIHandlerDispatch@@@Z
?SetMsgHandled@?$CWindowImplRoot@V?$CAxWindowT@VCWindow@ATL@@@ATL@@@ATL@@QAEXH@Z
?StartWindowProc@?$CWindowImplBaseT@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@SGJPAUHWND__@@IIJ@Z
?SubclassWindow@?$CWindowImplBaseT@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@QAEHPAUHWND__@@@Z
?UnsubclassWindow@?$CWindowImplBaseT@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@QAEPAUHWND__@@H@Z
?WindowProc@?$CWindowImplBaseT@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@SGJPAUHWND__@@IIJ@Z
?_GetSinkMap@CSmileboxBrowserView@@SAPBU?$_ATL_EVENT_ENTRY@VCSmileboxBrowserView@@@ATL@@XZ
?_LocDEQueryInterface@?$IDispEventSimpleImpl@$0EF@VCSmileboxBrowserView@@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@UAGJABU_GUID@@PAPAX@Z
?createBrowser@CSmileboxBrowserView@@AAEJXZ
?killBrowser@CSmileboxBrowserView@@AAEXXZ
?map@?1??_GetSinkMap@CSmileboxBrowserView@@SAPBU?$_ATL_EVENT_ENTRY@VCSmileboxBrowserView@@@ATL@@XZ@4QBU34@B
?setBrowserListener@CSmileboxBrowserView@@QAEXPAVISmileboxBrowserViewListener@@@Z
?setDimension@CSmileboxBrowserView@@QAEXHH@Z
?stealthilyNavToUrl@CSmileboxBrowserView@@QAEXABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?wc@?1??GetWndClassInfo@?$CWindowImpl@VCSmileboxBrowserView@@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@SAAAU_ATL_WNDCLASSINFOW@3@XZ@4U43@A
?wc@?1??GetWndClassInfo@CSmileboxBrowserView@@SAAAU_ATL_WNDCLASSINFOW@ATL@@XZ@4U34@A

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SmileboxClient.exe
.exe windows:4 windows x86 arch:x86

e09793704c362b215f4309d1b474c753

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:a1:1f:cd:9e:9a:75:74:1f:96:f4:04:ca:3c:93:a8
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

16-01-2017 00:00

Not After

17-01-2019 23:59

Subject

CN=Smilebox\,Inc.,OU=partnership,O=Smilebox\,Inc.,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

42:99:6c:7b:90:f7:98:a3:35:4f:18:71:60:3a:aa:90:2c:6e:f2:31
Signer

Actual PE Digest

42:99:6c:7b:90:f7:98:a3:35:4f:18:71:60:3a:aa:90:2c:6e:f2:31

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

gethostname
send
recv
socket
inet_addr
gethostbyaddr
closesocket
htons
connect
gethostbyname
inet_ntoa
WSAStartup
WSACleanup

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

gdiplus

GdipGetImageEncodersSize
GdipAlloc
GdipDisposeImage
GdipCreateBitmapFromGdiDib
GdipCloneImage
GdipDeleteGraphics
GdipCloneBrush
GdipFillRectangleI
GdipCreateFromHDC
GdipCreateSolidFill
GdipSetSolidFillColor
GdipDeleteBrush
GdiplusStartup
GdiplusShutdown
GdipGetImageThumbnail
GdipDrawImageRectI
GdipSetSmoothingMode
GdipGetImageGraphicsContext
GdipGetImageEncoders
GdipLoadImageFromFileICM
GdipCreateBitmapFromScan0
GdipGetImageBounds
GdipSaveImageToFile
GdipFree

wininet

InternetGetConnectedState
InternetQueryDataAvailable
InternetWriteFile
HttpEndRequestW
InternetCrackUrlW
HttpAddRequestHeadersW
InternetSetStatusCallbackW
InternetConnectW
HttpOpenRequestW
InternetReadFile
InternetOpenUrlW
HttpSendRequestExW
InternetOpenW
InternetCanonicalizeUrlW
InternetCloseHandle
HttpQueryInfoW
HttpSendRequestW
InternetSetOptionW

psapi

GetModuleBaseNameW
EnumProcesses

kernel32

DeleteFileA
MoveFileA
GetStartupInfoW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
VirtualAlloc
VirtualFree
GetFileAttributesA
GetSystemTimeAsFileTime
GetTimeZoneInformation
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
RaiseException
CompareFileTime
MultiByteToWideChar
DeleteFileW
FindNextFileW
FindClose
FindFirstFileW
GetFileAttributesExW
Sleep
CreateDirectoryW
MoveFileW
EnterCriticalSection
LeaveCriticalSection
GetLastError
FlushInstructionCache
GetCurrentProcess
GlobalAlloc
MulDiv
SetLastError
GetCurrentThreadId
GlobalUnlock
GlobalLock
GlobalFree
GlobalHandle
lstrlenW
InitializeCriticalSection
DeleteCriticalSection
lstrcmpW
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
GetModuleHandleW
CloseHandle
WaitForSingleObject
CreateThread
CreateSemaphoreW
ReleaseSemaphore
GetCurrentProcessId
CopyFileW
GetTickCount
ResumeThread
LocalFree
FormatMessageW
GetVersionExW
WideCharToMultiByte
LCMapStringA
CreateFileW
lstrcmpiW
FreeLibrary
LoadLibraryExW
lstrlenA
GetTempPathW
SetCurrentDirectoryW
GetVolumeInformationW
GetDriveTypeW
GetLogicalDriveStringsW
TerminateThread
SetEndOfFile
SetFilePointer
CreateFileA
GetModuleFileNameA
GetProcAddress
ReleaseMutex
CreateMutexA
GetSystemDirectoryA
GetModuleHandleA
LoadLibraryA
RemoveDirectoryW
SetFileAttributesW
GetTimeFormatW
GetDateFormatW
GetLocalTime
GetSystemTime
GetFileSize
WriteFile
GetFileAttributesW
GetFileTime
GetFullPathNameW
GetTempFileNameW
CreateProcessW
FlushFileBuffers
CreateMutexW
TerminateProcess
OpenProcess
SystemTimeToFileTime
FileTimeToSystemTime
GetFileInformationByHandle
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
LocalFileTimeToFileTime
GetCurrentDirectoryW
SetFileTime
LCMapStringW
GetCPInfo
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapCreate
GetStdHandle
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetVersionExA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
InterlockedCompareExchange
IsProcessorFeaturePresent
QueryPerformanceCounter
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
ReadFile

user32

SetCursor
DialogBoxIndirectParamW
SetRect
EnumDisplaySettingsW
EnableWindow
GetWindowPlacement
SetWindowPlacement
wsprintfA
FindWindowW
ShowScrollBar
EnumChildWindows
LoadMenuW
LoadAcceleratorsW
GetMessageW
SetForegroundWindow
LoadImageW
PtInRect
MessageBeep
TrackPopupMenuEx
GetMenuItemInfoW
GetMenuItemCount
AppendMenuW
DestroyMenu
LoadStringA
PostQuitMessage
LoadStringW
MonitorFromPoint
GetMonitorInfoW
RemoveMenu
CreatePopupMenu
MessageBoxW
BringWindowToTop
IsIconic
TranslateAcceleratorW
GetActiveWindow
DialogBoxParamW
PrintWindow
PeekMessageW
TranslateMessage
DispatchMessageW
LoadIconW
GetSystemMetrics
UnregisterClassA
IsDialogMessageW
KillTimer
SetTimer
CreateAcceleratorTableW
SetFocus
GetFocus
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
CallWindowProcW
FillRect
ReleaseCapture
GetClassNameW
GetParent
IsChild
SetCapture
InvalidateRgn
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
GetClientRect
MoveWindow
CharNextW
GetSysColor
CreateDialogIndirectParamW
RegisterWindowMessageW
GetClassInfoExW
LoadCursorW
RegisterClassExW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
DefWindowProcW
MapWindowPoints
IsWindow
SetWindowContextHelpId
GetDlgItem
GetWindow
IsWindowVisible
ShowWindow
InvalidateRect
GetWindowRect
SetWindowPos
CreateWindowExW
GetWindowLongW
SetWindowLongW
MapDialogRect
DestroyWindow
SendMessageW
PostMessageW
EndDialog
RedrawWindow
SystemParametersInfoW

gdi32

CreateDCW
CreateDIBSection
GetStockObject
GetObjectW
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
DeleteDC
SelectObject

comdlg32

GetOpenFileNameW

advapi32

OpenProcessToken
SetTokenInformation
GetLengthSid
CreateProcessAsUserW
FreeSid
AllocateAndInitializeSid
SetEntriesInAclW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
DuplicateTokenEx
ConvertStringSidToSidW
RegQueryValueExW
RegQueryValueExA
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegOpenKeyExA
RegDeleteKeyW
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext

shell32

SHCreateDirectoryExW
SHGetFolderPathW
DragQueryFileW
SHGetDesktopFolder
ShellExecuteW
DragAcceptFiles
SHGetSpecialFolderLocation
DragQueryPoint

ole32

OleLockRunning
StringFromGUID2
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoGetClassObject
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoUninitialize
CoInitialize

oleaut32

VarBstrCat
GetErrorInfo
VarUI4FromStr
VariantCopy
SysAllocStringByteLen
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SysStringByteLen
SysAllocStringLen
SysStringLen
SysAllocString
SysFreeString
VariantInit
VariantClear
DispCallFunc

shlwapi

StrRetToBufW
PathFileExistsW

comctl32

InitCommonControlsEx

Sections

.text
Size: 804KB - Virtual size: 800KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SmileboxDvd.new
.exe windows:4 windows x86 arch:x86

2f50fba5f41e60b1dff57fc2b7d8f33a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:a1:1f:cd:9e:9a:75:74:1f:96:f4:04:ca:3c:93:a8
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

16-01-2017 00:00

Not After

17-01-2019 23:59

Subject

CN=Smilebox\,Inc.,OU=partnership,O=Smilebox\,Inc.,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

b2:d1:76:eb:e9:b0:fb:e2:bd:4a:70:4e:71:81:fe:a4:e9:7e:13:51
Signer

Actual PE Digest

b2:d1:76:eb:e9:b0:fb:e2:bd:4a:70:4e:71:81:fe:a4:e9:7e:13:51

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCanonicalizeUrlW
InternetReadFile
InternetOpenUrlW
InternetSetOptionW
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
InternetOpenW
HttpQueryInfoW
InternetCloseHandle

gdiplus

GdipDisposeImage
GdipCreateHBITMAPFromBitmap
GdipGetImageGraphicsContext
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFile
GdipDrawImageRectI
GdiplusShutdown
GdiplusStartup

winmm

timeKillEvent
timeGetTime
waveOutOpen
waveOutClose
waveOutWrite

avifil32

AVIMakeCompressedStream
AVIFileInit
AVIFileOpenW
AVIFileRelease
AVIFileExit
AVIStreamRelease
AVIStreamSetFormat
AVIFileCreateStreamW
AVIStreamWrite

dbghelp

ImageNtHeader
ImageDirectoryEntryToData

shlwapi

PathFileExistsW

portaudio_x86

ord15
ord14
ord21
ord18
ord5
ord19
ord22
ord25
ord4

kernel32

TlsAlloc
TlsGetValue
GetModuleHandleA
IsValidCodePage
GetOEMCP
GetCPInfo
RaiseException
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
VirtualQuery
IsBadReadPtr
GetProcAddress
GetSystemInfo
VirtualProtect
GetModuleHandleW
MultiByteToWideChar
LoadLibraryA
LoadLibraryW
LoadLibraryExA
LoadLibraryExW
GetCurrentProcessId
GetModuleFileNameW
DeleteFileW
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GetCurrentProcess
GetCurrentThreadId
SetLastError
CreateDirectoryW
GetTempPathW
GlobalUnlock
GlobalLock
GlobalAlloc
lstrlenW
InitializeCriticalSection
DeleteCriticalSection
GetLastError
lstrcmpW
MulDiv
InterlockedIncrement
InterlockedDecrement
OutputDebugStringW
GetVersionExW
WideCharToMultiByte
ReadFile
CloseHandle
CreateFileW
FreeLibrary
OpenProcess
TlsSetValue
FindClose
FindNextFileW
FindFirstFileW
GetTickCount
Sleep
CreateThread
ReleaseMutex
WaitForSingleObject
CreateMutexW
DeleteTimerQueue
CreateTimerQueueTimer
CreateTimerQueue
ResumeThread
GetTimeFormatW
GetDateFormatW
GetLocalTime
lstrcmpiW
RemoveDirectoryW
GlobalFree
GlobalHandle
GetFileSize
WriteFile
SetFilePointer
SetFileAttributesW
GetTempFileNameW
LocalFree
FormatMessageW
FlushFileBuffers
CreateProcessW
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedCompareExchange
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
TlsFree
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapCreate
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
GetStartupInfoW
GetTimeZoneInformation
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
QueryPerformanceCounter
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA

user32

LoadStringW
PostQuitMessage
LoadStringA
TrackPopupMenuEx
PtInRect
GetWindowInfo
GetTitleBarInfo
GetWindowPlacement
GetMessageW
LoadImageW
LoadAcceleratorsW
LoadMenuW
CreateDialogIndirectParamW
SetTimer
KillTimer
UnregisterClassA
ShowWindow
CreateAcceleratorTableW
CreateWindowExW
IsWindow
GetFocus
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
FillRect
ReleaseCapture
GetClassNameW
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
SetMenuDefaultItem
CharNextW
GetSysColor
DestroyWindow
GetClassInfoExW
LoadCursorW
RegisterClassExW
CallWindowProcW
SetWindowTextW
DefWindowProcW
SendMessageW
GetWindowTextLengthW
GetWindowTextW
EmptyClipboard
SetClipboardData
CloseClipboard
MessageBeep
SetFocus
GetWindow
SetMenuItemInfoW
MonitorFromPoint
GetMonitorInfoW
GetMenuItemInfoW
RemoveMenu
GetMenuItemCount
AppendMenuW
DestroyMenu
CreatePopupMenu
TranslateAcceleratorW
GetWindowRect
SystemParametersInfoW
GetClientRect
MapWindowPoints
SetWindowPos
OpenClipboard
GetDlgItem
GetParent
SetDlgItemTextW
GetWindowLongW
EndDialog
PeekMessageW
TranslateMessage
DispatchMessageW
MessageBoxW
PostMessageW
UnregisterDeviceNotification
RegisterDeviceNotificationW
DialogBoxParamW
SetWindowLongW
RegisterWindowMessageW
SetWindowContextHelpId
MoveWindow
MapDialogRect
SetRect

gdi32

SetBkMode
GetStockObject
CreateSolidBrush
GetDeviceCaps
BitBlt
GetDIBits
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
GetObjectW

advapi32

RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegQueryValueExW
ConvertStringSidToSidW
DuplicateTokenEx
OpenProcessToken
SetTokenInformation
GetLengthSid
CreateProcessAsUserW
FreeSid
AllocateAndInitializeSid
SetEntriesInAclW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor

shell32

SHGetFolderPathW
SHGetSpecialFolderLocation
ShellExecuteW
ord4
ord2

ole32

CLSIDFromProgID
OleLockRunning
StringFromGUID2
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoInitializeEx
CoInitialize
CoUninitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CLSIDFromString
CoGetClassObject
CoCreateInstance

oleaut32

VarBstrCat
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
SysFreeString
SysAllocString
SysStringLen
SysAllocStringLen
OleCreateFontIndirect
VariantInit
VariantClear
DispCallFunc
SysStringByteLen

comctl32

InitCommonControlsEx

Sections

.text
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SmileboxPhoto.new
.exe windows:4 windows x86 arch:x86

939bb577c107ace534d61c0f8835846a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:a1:1f:cd:9e:9a:75:74:1f:96:f4:04:ca:3c:93:a8
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

16-01-2017 00:00

Not After

17-01-2019 23:59

Subject

CN=Smilebox\,Inc.,OU=partnership,O=Smilebox\,Inc.,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

a6:45:92:db:a0:f4:f4:d0:9f:05:60:15:92:8f:9a:11:1a:45:e5:a6
Signer

Actual PE Digest

a6:45:92:db:a0:f4:f4:d0:9f:05:60:15:92:8f:9a:11:1a:45:e5:a6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipSaveImageToFile
GdipDisposeImage
GdipLoadImageFromFileICM
GdipDeleteGraphics
GdipFree
GdipGetImageBounds
GdipCreateBitmapFromScan0
GdiplusStartup
GdiplusShutdown
GdipBitmapUnlockBits
GdipAlloc
GdipBitmapLockBits
GdipCreateBitmapFromFile
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageThumbnail
GdipCloneImage
GdipDrawImageRectI
GdipSetSmoothingMode
GdipGetImageGraphicsContext
GdipGetImageEncoders
GdipGetImageEncodersSize

wininet

InternetCanonicalizeUrlW
InternetReadFile
InternetOpenUrlW
InternetSetOptionW
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
InternetOpenW
HttpQueryInfoW
InternetCloseHandle

kernel32

FlushInstructionCache
GetCurrentProcess
ResumeThread
CreateThread
GetCurrentThreadId
SetLastError
CreateDirectoryW
MultiByteToWideChar
LocalFree
FormatMessageW
GetVersionExW
lstrlenW
WideCharToMultiByte
ReadFile
CreateFileW
GetLastError
GetTickCount
LoadLibraryW
InitializeCriticalSection
DeleteCriticalSection
Sleep
GetModuleHandleW
InterlockedIncrement
InterlockedDecrement
SetEvent
GetCommandLineW
lstrcmpW
MulDiv
GetModuleFileNameW
SetStdHandle
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
WriteConsoleA
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
LeaveCriticalSection
GetOEMCP
GetCPInfo
ExitProcess
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
GetModuleFileNameA
GetStdHandle
GetTimeZoneInformation
GetSystemTimeAsFileTime
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
GetThreadLocale
GetLocaleInfoA
GetACP
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
LoadLibraryA
InterlockedExchange
FreeLibrary
GetProcAddress
LocalAlloc
WaitForSingleObject
CreateProcessW
FlushFileBuffers
ReleaseMutex
CreateMutexW
GetTempFileNameW
GetFileTime
SetFilePointer
EnterCriticalSection
CloseHandle
GlobalAlloc
GlobalLock
GlobalUnlock
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
IsValidCodePage
RaiseException
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
WriteFile
GetFileSize
GetTempPathW
GetEnvironmentStringsW

user32

GetParent
GetDlgItem
SetWindowPos
MapWindowPoints
GetClientRect
SystemParametersInfoW
GetWindowRect
SetFocus
MessageBeep
GetWindowTextW
GetWindowTextLengthW
SetWindowLongW
SendMessageW
SetWindowTextW
DialogBoxParamW
GetActiveWindow
TranslateAcceleratorW
DestroyWindow
InvalidateRect
GetWindowLongW
EndDialog
GetWindow
AppendMenuW
GetSystemMetrics
SetWindowPlacement
GetWindowPlacement
PostMessageW
LoadIconW
RegisterWindowMessageW
CreateAcceleratorTableW
GetFocus
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
FillRect
ReleaseCapture
GetClassNameW
IsChild
SetCapture
RedrawWindow
InvalidateRgn
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
MoveWindow
CharNextW
GetSysColor
LoadMenuW
LoadAcceleratorsW
PostThreadMessageW
LoadImageW
GetMessageW
TranslateMessage
DispatchMessageW
CreateWindowExW
RegisterClassExW
PeekMessageW
PtInRect
IsWindow
TrackPopupMenuEx
GetMenuItemCount
CallWindowProcW
DestroyMenu
LoadStringA
PostQuitMessage
LoadStringW
SetMenuDefaultItem
GetMenuItemInfoW
SetMenuItemInfoW
MonitorFromPoint
GetMonitorInfoW
RemoveMenu
CreatePopupMenu
DefWindowProcW
LoadCursorW
GetClassInfoExW
ShowWindow
BringWindowToTop
UnregisterClassA

gdi32

GetStockObject
GetObjectW
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject

advapi32

CryptGetHashParam
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetEntriesInAclW
AllocateAndInitializeSid
FreeSid
CreateProcessAsUserW
GetLengthSid
SetTokenInformation
OpenProcessToken
DuplicateTokenEx
ConvertStringSidToSidW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
CryptAcquireContextW
CryptCreateHash
CryptReleaseContext
CryptHashData
CryptDestroyHash

shell32

SHGetFolderPathW

ole32

CoCreateInstance
OleInitialize
OleUninitialize
CoRevokeClassObject
StringFromGUID2
OleLockRunning
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CoTaskMemAlloc
CoUninitialize
CoInitialize
CreateStreamOnHGlobal

oleaut32

VarBstrCat
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SysAllocStringLen
SysStringLen
DispCallFunc
SysStringByteLen
SysFreeString
VariantClear
VariantInit
VariantCopy
SysAllocString
SysAllocStringByteLen

shlwapi

PathFileExistsW

comctl32

InitCommonControlsEx

Sections

.text
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SmileboxPhoto.swf
SmileboxPhotoLoader.html
.html .js polyglot
SmileboxStarter.new
.exe windows:4 windows x86 arch:x86

04b3cbd69fff0158879003d09310e2f4

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:a1:1f:cd:9e:9a:75:74:1f:96:f4:04:ca:3c:93:a8
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

16-01-2017 00:00

Not After

17-01-2019 23:59

Subject

CN=Smilebox\,Inc.,OU=partnership,O=Smilebox\,Inc.,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ad:d0:b6:9e:65:74:6c:e7:4b:c3:43:11:fc:49:ce:b1:b8:6b:61:e1
Signer

Actual PE Digest

ad:d0:b6:9e:65:74:6c:e7:4b:c3:43:11:fc:49:ce:b1:b8:6b:61:e1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetSetCookieW
InternetGetCookieExW
InternetCloseHandle
HttpQueryInfoW
InternetOpenW
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetSetOptionW
InternetOpenUrlW
InternetReadFile
InternetGetConnectedState
InternetQueryDataAvailable
InternetWriteFile
HttpEndRequestW
HttpSendRequestExW
HttpAddRequestHeadersW
InternetSetStatusCallbackW
InternetAttemptConnect

gdiplus

GdipGetImageGraphicsContext
GdiplusStartup
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipCreateHBITMAPFromBitmap
GdipSetSmoothingMode
GdipDrawImageRectI
GdiplusShutdown

rpcrt4

RpcStringFreeW
UuidToStringW
UuidCreate

kernel32

DeleteCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetCurrentThreadId
lstrlenW
GetLastError
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
FlushInstructionCache
GetCurrentProcess
lstrcmpW
MulDiv
GetModuleFileNameW
SetLastError
FreeLibrary
LoadLibraryExW
GetModuleHandleW
GetTickCount
CopyFileW
GetCurrentDirectoryW
DeleteFileW
CloseHandle
ResumeThread
CreateThread
FormatMessageW
LocalFree
GetTempPathW
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
InitializeCriticalSection
GetStringTypeA
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
CreateDirectoryW
GetOEMCP
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
GetCPInfo
LCMapStringW
LCMapStringA
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetStartupInfoW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ExitProcess
GetModuleHandleA
RtlUnwind
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
LeaveCriticalSection
EnterCriticalSection
RaiseException
GlobalAlloc
GlobalLock
GlobalUnlock
FindResourceExW
FindResourceW
LoadResource
LockResource
GetStringTypeW
SizeofResource
FindFirstFileW
RemoveDirectoryW
FindClose
FindNextFileW
GetFileInformationByHandle
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
LocalFileTimeToFileTime
GetFileSize
CreateFileW
WriteFile
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
ReleaseSemaphore
CreateSemaphoreW
FileTimeToSystemTime
SystemTimeToFileTime
OpenProcess
TerminateProcess
SetFilePointer
GetVersionExW
Sleep
CompareFileTime
GetFileAttributesW
GetFileTime
GetFullPathNameW
GetTempFileNameW
ReadFile
Process32NextW
Process32FirstW
OutputDebugStringW
CreateToolhelp32Snapshot
CreateProcessW
WaitForSingleObject
FlushFileBuffers
CreateMutexW
ReleaseMutex
GetLocalTime
IsValidCodePage
SetFileTime
SetFileAttributesW

user32

BeginPaint
MessageBoxW
DefWindowProcW
CharNextW
DestroyWindow
GetSysColor
MoveWindow
ClientToScreen
ScreenToClient
GetDC
ReleaseDC
InvalidateRect
InvalidateRgn
RedrawWindow
SetCapture
IsChild
GetClassNameW
ReleaseCapture
FillRect
CallWindowProcW
EndDialog
SetWindowPos
GetClientRect
UnregisterClassA
PostMessageW
SetTimer
KillTimer
GetSystemMetrics
SetWindowLongW
GetWindowLongW
SetDlgItemTextW
GetParent
GetDlgItem
OpenClipboard
MapWindowPoints
SystemParametersInfoW
GetWindowRect
GetWindow
SetFocus
MessageBeep
CloseClipboard
SetClipboardData
EmptyClipboard
GetWindowTextW
GetWindowPlacement
GetActiveWindow
IsCharAlphaNumericW
DialogBoxParamW
FindWindowW
EnumWindows
SetForegroundWindow
ShowWindow
RegisterWindowMessageW
SetWindowTextW
CreateAcceleratorTableW
CreateWindowExW
RegisterClassExW
LoadCursorW
GetClassInfoExW
IsWindow
SendMessageW
GetFocus
DestroyAcceleratorTable
GetDesktopWindow
EndPaint
GetWindowTextLengthW

gdi32

GetStockObject
GetObjectW
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject
SetBkMode

advapi32

SetSecurityDescriptorDacl
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
InitializeSecurityDescriptor
DuplicateTokenEx
SetEntriesInAclW
AllocateAndInitializeSid
FreeSid
CreateProcessAsUserW
GetLengthSid
SetTokenInformation
OpenProcessToken
ConvertStringSidToSidW
RegQueryValueExW

shell32

ShellExecuteExW
ShellExecuteW
SHCreateDirectoryExW
SHGetFolderPathW

ole32

CoInitialize
OleLockRunning
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoUninitialize
StringFromGUID2
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

VarBstrCat
SysFreeString
SysStringLen
SysAllocStringLen
SysAllocString
VarUI4FromStr
SysStringByteLen
VariantInit
VariantClear
OleCreateFontIndirect
LoadTypeLi
LoadRegTypeLi

smileboxbrowserengine

??1CSmileboxBrowserView@@UAE@XZ
?OnDocumentComplete@CSmileboxBrowserView@@UAGXPAUIDispatch@@PAUtagVARIANT@@@Z
?OnFinalMessage@?$CWindowImplBaseT@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@UAEXPAUHWND__@@@Z
?GetWindowProc@?$CWindowImplBaseT@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@UAEP6GJPAUHWND__@@IIJ@ZXZ
?ProcessWindowMessage@CSmileboxBrowserView@@UAEHPAUHWND__@@IIJAAJK@Z
??0CSmileboxBrowserView@@QAE@XZ
?Create@?$CWindowImpl@VCSmileboxBrowserView@@V?$CAxWindowT@VCWindow@ATL@@@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@QAEPAUHWND__@@PAU3@V_U_RECT@2@PB_WKKV_U_MENUorID@2@PAX@Z
?setBrowserListener@CSmileboxBrowserView@@QAEXPAVISmileboxBrowserViewListener@@@Z
?stealthilyNavToUrl@CSmileboxBrowserView@@QAEXABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z

shlwapi

PathFileExistsW

comctl32

InitCommonControlsEx

ws2_32

send
recv
socket
inet_addr
gethostbyname
gethostbyaddr
closesocket
htons
connect
WSAStartup
WSACleanup

psapi

EnumProcesses
GetModuleBaseNameW

Sections

.text
Size: 360KB - Virtual size: 359KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 328KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SmileboxTray.new
.exe windows:4 windows x86 arch:x86

b81e2a30bb1b020077e9ccb536e7aa22

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:a1:1f:cd:9e:9a:75:74:1f:96:f4:04:ca:3c:93:a8
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

16-01-2017 00:00

Not After

17-01-2019 23:59

Subject

CN=Smilebox\,Inc.,OU=partnership,O=Smilebox\,Inc.,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

b5:65:21:69:12:a6:18:8d:0c:1e:35:4f:17:fe:9b:21:a5:99:73:09
Signer

Actual PE Digest

b5:65:21:69:12:a6:18:8d:0c:1e:35:4f:17:fe:9b:21:a5:99:73:09

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetGetConnectedState
InternetReadFile
InternetOpenUrlW
InternetSetOptionW
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
InternetOpenW
HttpQueryInfoW
InternetCloseHandle
InternetCanonicalizeUrlW

gdiplus

GdipDeleteGraphics
GdipLoadImageFromFileICM
GdipDisposeImage
GdipSaveImageToFile
GdipFree
GdipAlloc
GdipGetImageBounds
GdipCreateBitmapFromScan0
GdiplusStartup
GdiplusShutdown
GdipGetImageThumbnail
GdipCloneImage
GdipDrawImageRectI
GdipSetSmoothingMode
GdipGetImageEncodersSize
GdipGetImageGraphicsContext
GdipGetImageEncoders

kernel32

GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
SetLastError
GetModuleHandleW
CreateDirectoryW
LocalFree
FormatMessageW
WideCharToMultiByte
CloseHandle
CreateMutexW
GetVersionExW
DeleteFileW
GlobalFree
GlobalHandle
ReadFile
CreateFileW
SleepEx
FindClose
FindNextFileW
FindFirstFileW
CancelIo
ReadDirectoryChangesW
GetOverlappedResult
lstrcmpiW
FreeLibrary
LoadLibraryExW
SetStdHandle
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetDateFormatA
GetTimeFormatA
LCMapStringW
LCMapStringA
IsValidCodePage
FindResourceExW
GetCPInfo
ExitProcess
TlsFree
TlsSetValue
MulDiv
TlsGetValue
GetModuleHandleA
GetModuleFileNameA
GetStdHandle
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetTimeZoneInformation
GetStartupInfoW
GetSystemTimeAsFileTime
RtlUnwind
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
ReleaseMutex
GetTempFileNameW
GetFullPathNameW
GetFileTime
GetFileAttributesW
CreateProcessW
SetFilePointer
GetFileSize
SystemTimeToFileTime
CompareFileTime
WriteFile
FlushFileBuffers
Sleep
GetSystemTime
GetDateFormatW
GetTimeFormatW
GetTempPathW
lstrcmpW
GetCurrentProcess
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
RaiseException
SizeofResource
FlushInstructionCache
GetLastError
DeleteCriticalSection
InitializeCriticalSection
lstrlenW
GlobalAlloc
GlobalLock
GlobalUnlock
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
FileTimeToSystemTime
TlsAlloc
GetTickCount
FindResourceW
LockResource
LoadResource
GetOEMCP

user32

GetClientRect
SystemParametersInfoW
GetWindowRect
GetParent
SetWindowTextW
SendMessageW
GetWindowLongW
EndDialog
MapWindowPoints
MonitorFromWindow
LoadAcceleratorsW
GetMessageW
TranslateMessage
DispatchMessageW
AnimateWindow
SetRect
SetWindowRgn
SetWindowPos
UnregisterClassA
GetDlgItem
BringWindowToTop
CreateDialogIndirectParamW
GetWindow
LoadImageW
DestroyWindow
SetWindowLongW
CreateWindowExW
SetTimer
KillTimer
IsChild
IsDialogMessageW
IsWindow
GetSystemMetrics
GetFocus
DefWindowProcW
GetWindowTextW
GetWindowTextLengthW
RegisterClassExW
LoadCursorW
GetClassInfoExW
RegisterWindowMessageW
GetSysColor
InsertMenuItemW
GetActiveWindow
SetForegroundWindow
GetCursorPos
TrackPopupMenuEx
GetSubMenu
LoadMenuW
TrackPopupMenu
PeekMessageW
PtInRect
MessageBeep
LoadStringA
PostQuitMessage
LoadStringW
GetMenuItemInfoW
RemoveMenu
AppendMenuW
MonitorFromPoint
GetMonitorInfoW
CreatePopupMenu
SetMenuDefaultItem
GetMenuItemID
DialogBoxParamW
MessageBoxW
DestroyMenu
SetMenuItemInfoW
GetMenuItemCount
CheckMenuItem
TranslateAcceleratorW
GetLastInputInfo
UnregisterDeviceNotification
RegisterDeviceNotificationW
PostMessageW
CreateAcceleratorTableW
LoadIconW
SetWindowContextHelpId
IsWindowVisible
ShowWindow
MapDialogRect
SetFocus
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
CallWindowProcW
FillRect
ReleaseCapture
GetClassNameW
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
MoveWindow
CharNextW

gdi32

PatBlt
GetStockObject
GetObjectW
CreateSolidBrush
GetDeviceCaps
GetClipBox
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject
BitBlt
CreateRoundRectRgn

advapi32

CryptGetHashParam
RegEnumKeyExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetEntriesInAclW
AllocateAndInitializeSid
FreeSid
RegQueryValueExW
CreateProcessAsUserW
GetLengthSid
SetTokenInformation
OpenProcessToken
DuplicateTokenEx
ConvertStringSidToSidW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
CryptAcquireContextW
CryptCreateHash
CryptReleaseContext
CryptHashData
CryptDestroyHash

shell32

SHAppBarMessage
ShellExecuteExW
ord2
SHGetSpecialFolderLocation
ord4
Shell_NotifyIconW
SHGetFolderPathW

ole32

StringFromGUID2
OleLockRunning
CoGetClassObject
CLSIDFromString
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoUninitialize
CoInitialize
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CLSIDFromProgID

oleaut32

SysStringByteLen
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
DispCallFunc
VariantCopy
SysAllocStringByteLen
VarUI4FromStr
VarBstrCat
SysAllocString
SysAllocStringLen
VariantClear
VariantInit
SysFreeString
SysStringLen

shlwapi

PathFileExistsW

comctl32

InitCommonControlsEx

ws2_32

recv
socket
inet_addr
gethostbyname
gethostbyaddr
closesocket
htons
connect
send

Sections

.text
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SmileboxUpdater.exe
.exe windows:4 windows x86 arch:x86

69d0191a74422962a6f08a7b476df2d5

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:a1:1f:cd:9e:9a:75:74:1f:96:f4:04:ca:3c:93:a8
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

16-01-2017 00:00

Not After

17-01-2019 23:59

Subject

CN=Smilebox\,Inc.,OU=partnership,O=Smilebox\,Inc.,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

36:f8:d5:cf:06:3a:47:ab:dc:db:50:e1:09:bf:56:1a:53:24:dc:b0
Signer

Actual PE Digest

36:f8:d5:cf:06:3a:47:ab:dc:db:50:e1:09:bf:56:1a:53:24:dc:b0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleBaseNameW
EnumProcesses

wininet

InternetReadFile
InternetSetOptionW
InternetOpenW
InternetOpenUrlW
HttpQueryInfoW
InternetCloseHandle

kernel32

FindResourceExW
Sleep
CloseHandle
WaitForSingleObject
CreateMutexW
MultiByteToWideChar
ReadFile
GetFileSize
CreateFileW
MoveFileExW
GetModuleFileNameW
GetModuleHandleW
GetCommandLineW
GetTickCount
TerminateProcess
GetLastError
OpenProcess
GetCurrentProcess
LocalFree
CreateProcessW
SetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
FindResourceW
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
CreateDirectoryW
FormatMessageW
GetVersionExW
CompareFileTime
GetFileTime
GetFullPathNameW
WideCharToMultiByte
lstrlenW
LCMapStringA
IsValidCodePage
GetOEMCP
LoadResource
LockResource
SizeofResource
RaiseException
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
LCMapStringW
WriteFile
GetCPInfo
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoA
GetFileType
WriteConsoleA
SetHandleCount
SetStdHandle
GetLocaleInfoW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
ExitProcess
VirtualAlloc
VirtualFree
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
LoadLibraryA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RtlUnwind
GetStartupInfoW
GetTimeZoneInformation
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
HeapCreate

user32

FindWindowW
UnregisterClassA
PostMessageW

advapi32

RegDeleteValueW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCloseKey
CreateProcessAsUserW
GetLengthSid
SetTokenInformation
OpenProcessToken
DuplicateTokenEx
ConvertStringSidToSidW

shell32

SHGetFolderPathW

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

VariantInit
VariantClear
SysAllocString
SysFreeString

shlwapi

PathFileExistsW

Sections

.text
Size: 144KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Snapper.swf
VideoWizard.swf
VideoWizardCapture.swf
WebSmileboxPhotoLoader.html
.html .js polyglot
club_smilebox.swf
swfmacmousewheel2.js
.js
swfobject.js
.js
swfobject2_2.js
.js
update.xml

Sharing

General

Malware Config

Signatures

Files

7d505e5b81874118b8934c0f846e6b6f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

67:a1:1f:cd:9e:9a:75:74:1f:96:f4:04:ca:3c:93:a8Certificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

11:a1:d8:3f:98:52:79:69:8a:42:23:69:34:84:b2:f2:bf:4e:60:5cSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 88KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 176B

.reloc Size: 12KB - Virtual size: 10KB

e09793704c362b215f4309d1b474c753

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

67:a1:1f:cd:9e:9a:75:74:1f:96:f4:04:ca:3c:93:a8Certificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

42:99:6c:7b:90:f7:98:a3:35:4f:18:71:60:3a:aa:90:2c:6e:f2:31Signer

Headers

File Characteristics

Imports

ws2_32

version

gdiplus

wininet

psapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

Sections

.text Size: 804KB - Virtual size: 800KB

.rdata Size: 204KB - Virtual size: 200KB

.data Size: 44KB - Virtual size: 55KB

.rsrc Size: 20KB - Virtual size: 16KB

2f50fba5f41e60b1dff57fc2b7d8f33a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

67:a1:1f:cd:9e:9a:75:74:1f:96:f4:04:ca:3c:93:a8
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

11:a1:d8:3f:98:52:79:69:8a:42:23:69:34:84:b2:f2:bf:4e:60:5c
Signer

.text
Size: 92KB - Virtual size: 88KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 12KB - Virtual size: 10KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

67:a1:1f:cd:9e:9a:75:74:1f:96:f4:04:ca:3c:93:a8
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

42:99:6c:7b:90:f7:98:a3:35:4f:18:71:60:3a:aa:90:2c:6e:f2:31
Signer

.text
Size: 804KB - Virtual size: 800KB

.rdata
Size: 204KB - Virtual size: 200KB

.data
Size: 44KB - Virtual size: 55KB

.rsrc
Size: 20KB - Virtual size: 16KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

67:a1:1f:cd:9e:9a:75:74:1f:96:f4:04:ca:3c:93:a8
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

b2:d1:76:eb:e9:b0:fb:e2:bd:4a:70:4e:71:81:fe:a4:e9:7e:13:51
Signer

.text
Size: 244KB - Virtual size: 241KB

.rdata
Size: 68KB - Virtual size: 65KB

.data
Size: 16KB - Virtual size: 22KB

.rsrc
Size: 12KB - Virtual size: 11KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

67:a1:1f:cd:9e:9a:75:74:1f:96:f4:04:ca:3c:93:a8
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

a6:45:92:db:a0:f4:f4:d0:9f:05:60:15:92:8f:9a:11:1a:45:e5:a6
Signer

.text
Size: 168KB - Virtual size: 165KB

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 12KB - Virtual size: 19KB

.rsrc
Size: 16KB - Virtual size: 12KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate