7e2dfa620c1d4a199d0033bcb8ed80aa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7e2dfa620c1d4a199d0033bcb8ed80aa_JaffaCakes118
Size

1.9MB
MD5

7e2dfa620c1d4a199d0033bcb8ed80aa
SHA1

91c253fd02c28dc505c5b1968dd87a193d7bff0e
SHA256

90662cba9b81713f989feb950b06cb572d6fb6aa9b7d87a165fe4f6a70b70e6a
SHA512

a27fd906868f6b5d408b8e1bee24d1908aad699a91c98f375ed4797b2c3c072c6f647e0e4d40ecc678881b0e5a782820a86724d19b27909bb2eba553cd894a87
SSDEEP

49152:GQhjfFKV3YM5w7BH54Va/93wHWIKi5l/p0z:GlOdrKowHNB8

Score

3^/10

Malware Config

Signatures

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
7e2dfa620c1d4a199d0033bcb8ed80aa_JaffaCakes118
unpack001/$1
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/Registry.dll
unpack001/360wpapp.exe
unpack001/360wpsrv.exe

NSIS installer 1 IoCs

installer

resource	yara_rule
sample	nsis_installer_1

Files

7e2dfa620c1d4a199d0033bcb8ed80aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$1
.exe windows:5 windows x86 arch:x86

2c76d0f0f4054211cbc3997f0070d1dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\build\360WallPaper_For_C++\src\flashApp_NoID\Release\360wpapp.pdb

Imports

kernel32

FileTimeToSystemTime
GetFileTime
MoveFileExW
FindClose
FindNextFileW
FindFirstFileW
QueryPerformanceCounter
CopyFileA
GetFileAttributesExW
MapViewOfFile
CreateFileMappingW
GetSystemDirectoryW
WaitForMultipleObjects
GetLogicalDriveStringsW
UnmapViewOfFile
InterlockedExchange
ResetEvent
GetTempFileNameW
GetTempPathW
LocalAlloc
ResumeThread
VirtualQuery
InterlockedCompareExchange
GetThreadContext
SetThreadContext
SuspendThread
GetCurrentThread
LoadLibraryA
CreateMutexW
GetUserDefaultLangID
CreateFileA
DeleteFileA
MoveFileA
lstrcmpW
MulDiv
GlobalUnlock
GlobalLock
SystemTimeToFileTime
SetFileTime
GetSystemInfo
lstrcpyW
GetWindowsDirectoryW
GetCommandLineW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetLocaleInfoA
GetConsoleMode
GetConsoleCP
SetStdHandle
GetEnvironmentStringsW
FreeEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
GetStartupInfoA
GetFileType
SetHandleCount
GetStdHandle
IsValidCodePage
GetOEMCP
GetACP
GetModuleHandleA
HeapCreate
GetStringTypeW
GetCPInfo
LCMapStringW
LCMapStringA
GetStartupInfoW
ExitThread
RtlUnwind
IsDebuggerPresent
UnhandledExceptionFilter
TlsFree
TlsAlloc
ReleaseMutex
OpenThread
TlsSetValue
SetEnvironmentVariableW
TlsGetValue
GetEnvironmentVariableW
FormatMessageW
SetFilePointerEx
SetEndOfFile
LocalFileTimeToFileTime
GetSystemTimeAsFileTime
HeapSize
HeapReAlloc
HeapDestroy
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
GetFileSizeEx
WinExec
GetModuleFileNameA
VirtualAlloc
VirtualFree
OutputDebugStringW
lstrcpyA
CreateThread
lstrcpynW
Sleep
RemoveDirectoryW
TryEnterCriticalSection
WideCharToMultiByte
GetSystemTime
lstrlenA
GetVersionExW
GetTickCount
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
OpenProcess
TerminateProcess
CopyFileW
GetFileAttributesW
LoadLibraryExW
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
GlobalReAlloc
GetVersion
DeleteCriticalSection
InitializeCriticalSection
lstrlenW
CreateDirectoryW
GetPrivateProfileStringW
GlobalAlloc
LocalFree
WritePrivateProfileStringW
GetDriveTypeW
GetDiskFreeSpaceExW
lstrcatW
GlobalFree
MultiByteToWideChar
SetUnhandledExceptionFilter
ExitProcess
ExpandEnvironmentStringsW
GetModuleFileNameW
GetModuleHandleW
SetFilePointer
DeviceIoControl
FreeResource
GetCurrentProcessId
IsBadReadPtr
VirtualProtect
GetLocalTime
CreateEventW
WaitForSingleObject
SetLastError
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
LoadLibraryW
GetProcAddress
FreeLibrary
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
EnterCriticalSection
SetEvent
RaiseException
WriteFile
CreateFileW
GetFileSize
ReadFile
CloseHandle
SetFileAttributesW
DeleteFileW
GetLastError

user32

GetActiveWindow
InflateRect
GetFocus
MoveWindow
ClientToScreen
IsZoomed
IsChild
SetWindowRgn
SystemParametersInfoW
FindWindowExW
CallNextHookEx
UnhookWindowsHookEx
SetFocus
EnableWindow
CheckDlgButton
SetDlgItemTextW
SetWindowsHookExW
GetDlgItemTextW
CreateDialogParamW
UnionRect
GetSysColor
InvalidateRgn
RedrawWindow
GetClassNameW
DestroyAcceleratorTable
CreateAcceleratorTableW
ClipCursor
EqualRect
GetWindowTextLengthW
GetWindowTextW
GetCursor
SetCursor
GetForegroundWindow
GetDesktopWindow
RegisterWindowMessageW
UnregisterClassA
SetLayeredWindowAttributes
HideCaret
GetDlgCtrlID
wsprintfW
DrawIconEx
AdjustWindowRectEx
UpdateWindow
ShowWindow
IsWindow
GetClassInfoExW
LoadCursorW
CopyRect
IsRectEmpty
SetRectEmpty
PtInRect
GetCursorPos
RegisterClassExW
CreateWindowExW
SetWindowLongW
GetWindowLongW
GetDlgItem
CallWindowProcW
DefWindowProcW
PostMessageW
DrawTextW
PeekMessageW
DispatchMessageW
TranslateMessage
MsgWaitForMultipleObjects
GetSystemMetrics
MessageBoxW
DestroyWindow
SetWindowTextW
SetWindowPos
MapWindowPoints
GetClientRect
GetMonitorInfoW
MonitorFromWindow
GetWindow
GetParent
EndDialog
ReleaseDC
GetDC
LoadImageW
SendMessageTimeoutW
ScreenToClient
FillRect
GetClassLongW
SetCapture
GetCapture
ReleaseCapture
InvalidateRect
OffsetRect
WindowFromPoint
KillTimer
BeginPaint
EndPaint
SetTimer
UpdateLayeredWindow
GetDoubleClickTime
IsDialogMessageW
FindWindowW
SetForegroundWindow
GetMessageW
CharNextW
CreateDialogIndirectParamW
DialogBoxIndirectParamW
ReplyMessage
InSendMessage
PostQuitMessage
BringWindowToTop
IsWindowVisible
SetRect
GetWindowThreadProcessId
GetClipCursor
IsWindowEnabled
SendMessageW
IntersectRect
GetWindowRect
GetAncestor
GetShellWindow
GetWindowInfo

gdi32

DeleteObject
BitBlt
CreateCompatibleDC
SetBkMode
DeleteDC
CreateDCW
CreateRectRgn
GetClipRgn
GetObjectA
SetDCPenColor
CombineRgn
SetStretchBltMode
SetDIBits
GdiFlush
StretchBlt
CreateEllipticRgn
CreatePolygonRgn
FillRgn
SelectObject
CreateBrushIndirect
PtInRegion
CreateFontW
GetObjectType
CreateCompatibleBitmap
IntersectClipRect
GetDeviceCaps
GetObjectW
OffsetViewportOrgEx
CreatePatternBrush
GetStockObject
CreateFontIndirectW
MoveToEx
LineTo
PatBlt
ExtTextOutW
SetBkColor
CreateRectRgnIndirect
GetRgnBox
GetViewportOrgEx
SelectClipRgn
SetTextColor
CreateDIBSection
GetTextExtentPoint32W
GetClipBox
ExcludeClipRect
CreateSolidBrush
SetViewportOrgEx
Rectangle
CreateRoundRectRgn
EnumFontFamiliesW
CreatePen
TextOutW
GetTextColor

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegQueryValueExA
RegOpenKeyW
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegEnumValueW

shell32

SHCreateDirectoryExA
SHFileOperationW
SHGetFolderPathW
SHBrowseForFolderW
SHGetPathFromIDListW
SHCreateDirectoryExW
ShellExecuteW

ole32

OleInitialize
OleUninitialize
CLSIDFromString
CoGetClassObject
OleLockRunning
StringFromGUID2
CLSIDFromProgID
CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CreateStreamOnHGlobal

oleaut32

SysAllocString
SysAllocStringLen
VariantClear
VariantInit
SysFreeString
VarUI4FromStr
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
VariantCopy
VarBstrCmp
SysAllocStringByteLen
SysStringByteLen
SysStringLen

shlwapi

PathIsURLW
SHGetValueW
StrStrIW
SHSetValueW
SHDeleteValueW
SHDeleteKeyW
StrCmpIW
PathIsDirectoryW
PathStripPathW
PathRemoveFileSpecA
PathCompactPathW
StrToIntA
StrStrIA
PathFindFileNameW
PathFileExistsW
PathRemoveFileSpecW
StrCpyNW
PathAddBackslashW
StrToIntW
UrlIsW
StrToIntExW
PathAppendW

comctl32

ImageList_ReplaceIcon
ImageList_Draw
ImageList_Destroy
_TrackMouseEvent
InitCommonControlsEx
ImageList_Create

msimg32

AlphaBlend

gdiplus

GdipFree
GdipAlloc
GdipBitmapSetPixel
GdipCreateBitmapFromScan0
GdipDrawImageRectRectI
GdipSetInterpolationMode
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipCloneBrush
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDrawString
GdipFillPath
GdipFillRectangles
GdipDrawLineI
GdipSetTextRenderingHint
GdipCreateFromHDC
GdipAddPathArcI
GdipAddPathLineI
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipCreateSolidFill
GdipDeleteFont
GdipDeleteGraphics
GdipDeletePath
GdipCreatePath
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeletePen
GdipCreatePen1
GdipDeleteBrush
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipDisposeImage

wininet

InternetCrackUrlW
InternetQueryOptionW
InternetQueryOptionA

urlmon

URLDownloadToFileW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

psapi

GetModuleFileNameExW

winmm

timeSetEvent
timeEndPeriod
timeKillEvent
timeBeginPeriod

ws2_32

WSAStartup
WSACleanup
WSACloseEvent
closesocket
shutdown
recv
send
ioctlsocket
setsockopt
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
WSAGetLastError
connect
bind
WSAEventSelect
socket
gethostbyname
htons
WSACreateEvent
WSAAsyncSelect
WSAAsyncGetHostByName

secur32

FreeCredentialsHandle
AcquireCredentialsHandleA
InitializeSecurityContextA

Sections

.text
Size: 814KB - Virtual size: 814KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 667KB - Virtual size: 667KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/Registry.dll
.dll windows:4 windows x86 arch:x86

421a02aae559045e04759aae146087eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateProcessA
CreateProcessW
GlobalAlloc
SearchPathA
SearchPathW
GetFileAttributesA
GetFileAttributesW
CreateFileA
CreateFileW
WriteFile
WideCharToMultiByte
GetWindowsDirectoryW
lstrlenA
lstrlenW
MultiByteToWideChar
GlobalFree

user32

FindWindowExA
SetWindowTextA
SetWindowTextW
MessageBoxW
GetDlgItem

advapi32

RegQueryValueExA
RegQueryValueExW
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyExA
RegCreateKeyExW
RegEnumValueA
RegEnumValueW
RegEnumKeyExA
RegEnumKeyExW
RegCloseKey
RegSetValueExA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegDeleteKeyA
RegSetValueExW

Exports

Exports

_Close
_CopyKey
_CopyValue
_CreateKey
_DeleteKey
_DeleteKeyEmpty
_DeleteValue
_Find
_HexToStrA
_HexToStrW
_KeyExists
_MoveKey
_MoveValue
_Open
_Read
_ReadExtra
_RestoreKey
_SaveKey
_StrToHexA
_StrToHexW
_Unload
_Write
_WriteExtra

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
360wpapp.exe
.exe windows:5 windows x86 arch:x86

2c76d0f0f4054211cbc3997f0070d1dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\build\360WallPaper_For_C++\src\flashApp_NoID\Release\360wpapp.pdb

Imports

kernel32

FileTimeToSystemTime
GetFileTime
MoveFileExW
FindClose
FindNextFileW
FindFirstFileW
QueryPerformanceCounter
CopyFileA
GetFileAttributesExW
MapViewOfFile
CreateFileMappingW
GetSystemDirectoryW
WaitForMultipleObjects
GetLogicalDriveStringsW
UnmapViewOfFile
InterlockedExchange
ResetEvent
GetTempFileNameW
GetTempPathW
LocalAlloc
ResumeThread
VirtualQuery
InterlockedCompareExchange
GetThreadContext
SetThreadContext
SuspendThread
GetCurrentThread
LoadLibraryA
CreateMutexW
GetUserDefaultLangID
CreateFileA
DeleteFileA
MoveFileA
lstrcmpW
MulDiv
GlobalUnlock
GlobalLock
SystemTimeToFileTime
SetFileTime
GetSystemInfo
lstrcpyW
GetWindowsDirectoryW
GetCommandLineW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetLocaleInfoA
GetConsoleMode
GetConsoleCP
SetStdHandle
GetEnvironmentStringsW
FreeEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
GetStartupInfoA
GetFileType
SetHandleCount
GetStdHandle
IsValidCodePage
GetOEMCP
GetACP
GetModuleHandleA
HeapCreate
GetStringTypeW
GetCPInfo
LCMapStringW
LCMapStringA
GetStartupInfoW
ExitThread
RtlUnwind
IsDebuggerPresent
UnhandledExceptionFilter
TlsFree
TlsAlloc
ReleaseMutex
OpenThread
TlsSetValue
SetEnvironmentVariableW
TlsGetValue
GetEnvironmentVariableW
FormatMessageW
SetFilePointerEx
SetEndOfFile
LocalFileTimeToFileTime
GetSystemTimeAsFileTime
HeapSize
HeapReAlloc
HeapDestroy
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
GetFileSizeEx
WinExec
GetModuleFileNameA
VirtualAlloc
VirtualFree
OutputDebugStringW
lstrcpyA
CreateThread
lstrcpynW
Sleep
RemoveDirectoryW
TryEnterCriticalSection
WideCharToMultiByte
GetSystemTime
lstrlenA
GetVersionExW
GetTickCount
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
OpenProcess
TerminateProcess
CopyFileW
GetFileAttributesW
LoadLibraryExW
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
GlobalReAlloc
GetVersion
DeleteCriticalSection
InitializeCriticalSection
lstrlenW
CreateDirectoryW
GetPrivateProfileStringW
GlobalAlloc
LocalFree
WritePrivateProfileStringW
GetDriveTypeW
GetDiskFreeSpaceExW
lstrcatW
GlobalFree
MultiByteToWideChar
SetUnhandledExceptionFilter
ExitProcess
ExpandEnvironmentStringsW
GetModuleFileNameW
GetModuleHandleW
SetFilePointer
DeviceIoControl
FreeResource
GetCurrentProcessId
IsBadReadPtr
VirtualProtect
GetLocalTime
CreateEventW
WaitForSingleObject
SetLastError
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
LoadLibraryW
GetProcAddress
FreeLibrary
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
EnterCriticalSection
SetEvent
RaiseException
WriteFile
CreateFileW
GetFileSize
ReadFile
CloseHandle
SetFileAttributesW
DeleteFileW
GetLastError

user32

GetActiveWindow
InflateRect
GetFocus
MoveWindow
ClientToScreen
IsZoomed
IsChild
SetWindowRgn
SystemParametersInfoW
FindWindowExW
CallNextHookEx
UnhookWindowsHookEx
SetFocus
EnableWindow
CheckDlgButton
SetDlgItemTextW
SetWindowsHookExW
GetDlgItemTextW
CreateDialogParamW
UnionRect
GetSysColor
InvalidateRgn
RedrawWindow
GetClassNameW
DestroyAcceleratorTable
CreateAcceleratorTableW
ClipCursor
EqualRect
GetWindowTextLengthW
GetWindowTextW
GetCursor
SetCursor
GetForegroundWindow
GetDesktopWindow
RegisterWindowMessageW
UnregisterClassA
SetLayeredWindowAttributes
HideCaret
GetDlgCtrlID
wsprintfW
DrawIconEx
AdjustWindowRectEx
UpdateWindow
ShowWindow
IsWindow
GetClassInfoExW
LoadCursorW
CopyRect
IsRectEmpty
SetRectEmpty
PtInRect
GetCursorPos
RegisterClassExW
CreateWindowExW
SetWindowLongW
GetWindowLongW
GetDlgItem
CallWindowProcW
DefWindowProcW
PostMessageW
DrawTextW
PeekMessageW
DispatchMessageW
TranslateMessage
MsgWaitForMultipleObjects
GetSystemMetrics
MessageBoxW
DestroyWindow
SetWindowTextW
SetWindowPos
MapWindowPoints
GetClientRect
GetMonitorInfoW
MonitorFromWindow
GetWindow
GetParent
EndDialog
ReleaseDC
GetDC
LoadImageW
SendMessageTimeoutW
ScreenToClient
FillRect
GetClassLongW
SetCapture
GetCapture
ReleaseCapture
InvalidateRect
OffsetRect
WindowFromPoint
KillTimer
BeginPaint
EndPaint
SetTimer
UpdateLayeredWindow
GetDoubleClickTime
IsDialogMessageW
FindWindowW
SetForegroundWindow
GetMessageW
CharNextW
CreateDialogIndirectParamW
DialogBoxIndirectParamW
ReplyMessage
InSendMessage
PostQuitMessage
BringWindowToTop
IsWindowVisible
SetRect
GetWindowThreadProcessId
GetClipCursor
IsWindowEnabled
SendMessageW
IntersectRect
GetWindowRect
GetAncestor
GetShellWindow
GetWindowInfo

gdi32

DeleteObject
BitBlt
CreateCompatibleDC
SetBkMode
DeleteDC
CreateDCW
CreateRectRgn
GetClipRgn
GetObjectA
SetDCPenColor
CombineRgn
SetStretchBltMode
SetDIBits
GdiFlush
StretchBlt
CreateEllipticRgn
CreatePolygonRgn
FillRgn
SelectObject
CreateBrushIndirect
PtInRegion
CreateFontW
GetObjectType
CreateCompatibleBitmap
IntersectClipRect
GetDeviceCaps
GetObjectW
OffsetViewportOrgEx
CreatePatternBrush
GetStockObject
CreateFontIndirectW
MoveToEx
LineTo
PatBlt
ExtTextOutW
SetBkColor
CreateRectRgnIndirect
GetRgnBox
GetViewportOrgEx
SelectClipRgn
SetTextColor
CreateDIBSection
GetTextExtentPoint32W
GetClipBox
ExcludeClipRect
CreateSolidBrush
SetViewportOrgEx
Rectangle
CreateRoundRectRgn
EnumFontFamiliesW
CreatePen
TextOutW
GetTextColor

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegQueryValueExA
RegOpenKeyW
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegEnumValueW

shell32

SHCreateDirectoryExA
SHFileOperationW
SHGetFolderPathW
SHBrowseForFolderW
SHGetPathFromIDListW
SHCreateDirectoryExW
ShellExecuteW

ole32

OleInitialize
OleUninitialize
CLSIDFromString
CoGetClassObject
OleLockRunning
StringFromGUID2
CLSIDFromProgID
CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CreateStreamOnHGlobal

oleaut32

SysAllocString
SysAllocStringLen
VariantClear
VariantInit
SysFreeString
VarUI4FromStr
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
VariantCopy
VarBstrCmp
SysAllocStringByteLen
SysStringByteLen
SysStringLen

shlwapi

PathIsURLW
SHGetValueW
StrStrIW
SHSetValueW
SHDeleteValueW
SHDeleteKeyW
StrCmpIW
PathIsDirectoryW
PathStripPathW
PathRemoveFileSpecA
PathCompactPathW
StrToIntA
StrStrIA
PathFindFileNameW
PathFileExistsW
PathRemoveFileSpecW
StrCpyNW
PathAddBackslashW
StrToIntW
UrlIsW
StrToIntExW
PathAppendW

comctl32

ImageList_ReplaceIcon
ImageList_Draw
ImageList_Destroy
_TrackMouseEvent
InitCommonControlsEx
ImageList_Create

msimg32

AlphaBlend

gdiplus

GdipFree
GdipAlloc
GdipBitmapSetPixel
GdipCreateBitmapFromScan0
GdipDrawImageRectRectI
GdipSetInterpolationMode
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipCloneBrush
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDrawString
GdipFillPath
GdipFillRectangles
GdipDrawLineI
GdipSetTextRenderingHint
GdipCreateFromHDC
GdipAddPathArcI
GdipAddPathLineI
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipCreateSolidFill
GdipDeleteFont
GdipDeleteGraphics
GdipDeletePath
GdipCreatePath
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeletePen
GdipCreatePen1
GdipDeleteBrush
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipDisposeImage

wininet

InternetCrackUrlW
InternetQueryOptionW
InternetQueryOptionA

urlmon

URLDownloadToFileW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

psapi

GetModuleFileNameExW

winmm

timeSetEvent
timeEndPeriod
timeKillEvent
timeBeginPeriod

ws2_32

WSAStartup
WSACleanup
WSACloseEvent
closesocket
shutdown
recv
send
ioctlsocket
setsockopt
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
WSAGetLastError
connect
bind
WSAEventSelect
socket
gethostbyname
htons
WSACreateEvent
WSAAsyncSelect
WSAAsyncGetHostByName

secur32

FreeCredentialsHandle
AcquireCredentialsHandleA
InitializeSecurityContextA

Sections

.text
Size: 814KB - Virtual size: 814KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 667KB - Virtual size: 667KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
360wpsrv.exe
.exe windows:5 windows x86 arch:x86

39aee7b271f1d2feabad5fcf2f019226

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\build\360WallPaper_For_C++\src\360wpsrv\Release\360wpsrv.pdb

Imports

kernel32

FreeResource
ExpandEnvironmentStringsW
ExitProcess
SetUnhandledExceptionFilter
SetEvent
lstrcmpW
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
WideCharToMultiByte
SetFileAttributesW
GetFileSize
WriteFile
GlobalFree
GetVersion
lstrcpyW
GetFileAttributesW
GetTickCount
LocalFree
FormatMessageW
lstrcatW
GetDiskFreeSpaceExW
GetDriveTypeW
GetSystemDirectoryW
GetLogicalDriveStringsW
WaitForMultipleObjects
CreateProcessW
WaitForSingleObject
CreateThread
GetPrivateProfileStringA
GetPrivateProfileIntW
GetTempPathW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetCommandLineW
WritePrivateProfileStringW
GetPrivateProfileStringW
FindClose
FindNextFileW
FindFirstFileW
SystemTimeToFileTime
GetUserDefaultLangID
GetTempFileNameW
CreateFileA
DeleteFileA
MoveFileA
Sleep
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetConsoleMode
GetConsoleCP
IsBadReadPtr
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeA
GetLocaleInfoA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
SetConsoleCtrlHandler
GetStartupInfoA
GetFileType
SetHandleCount
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
GetModuleHandleA
FatalAppExitA
HeapCreate
GetCurrentThread
GetModuleFileNameA
GetStdHandle
GetStringTypeW
GetCPInfo
LCMapStringW
LCMapStringA
GetStartupInfoW
RtlUnwind
IsDebuggerPresent
UnhandledExceptionFilter
TlsFree
TlsAlloc
ReleaseMutex
OpenThread
TlsSetValue
SetEnvironmentVariableW
TlsGetValue
GetEnvironmentVariableW
OutputDebugStringW
GetFileSizeEx
SetFilePointerEx
SetEndOfFile
LocalFileTimeToFileTime
GetSystemTimeAsFileTime
InterlockedExchange
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
VirtualProtect
CreateEventW
CreateMutexW
OpenProcess
TerminateProcess
lstrcpynW
lstrlenA
lstrcpynA
GetVersionExW
GetSystemTime
CopyFileW
DeleteFileW
CreateDirectoryW
GetLocalTime
GetModuleFileNameW
GetModuleHandleW
LoadLibraryExW
SetLastError
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
GetLastError
RaiseException
lstrlenW
GetCurrentThreadId
GetProcAddress
FreeLibrary
ReadFile
SetFilePointer
GetCurrentProcessId
CreateFileW
DeviceIoControl
CloseHandle
LoadLibraryW
GetCurrentProcess
FlushInstructionCache
MultiByteToWideChar
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLocaleInfoW

user32

FillRect
EndPaint
BeginPaint
DestroyAcceleratorTable
GetWindow
GetFocus
CreateAcceleratorTableW
FindWindowW
DestroyWindow
wvsprintfW
SetWindowLongW
SetWindowPos
IsWindow
GetWindowLongW
GetClassInfoExW
LoadCursorW
SetRectEmpty
DefWindowProcW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
GetAncestor
WindowFromPoint
GetShellWindow
FindWindowExW
EnumWindows
DeleteMenu
EnableMenuItem
LoadMenuW
UpdateWindow
CopyRect
GetWindowInfo
GetForegroundWindow
GetDoubleClickTime
GetSubMenu
EndDialog
MonitorFromWindow
DialogBoxParamW
LoadIconW
SetForegroundWindow
DrawTextW
TrackMouseEvent
GetMenuState
GetMenuItemID
GetMenuStringW
GetActiveWindow
CallNextHookEx
IsDialogMessageW
GetClassNameW
GetDlgItem
IsChild
UnhookWindowsHookEx
EnableWindow
CharNextW
CallWindowProcW
GetWindowRect
GetClientRect
ScreenToClient
GetDC
ReleaseDC
ShowWindow
SetTimer
KillTimer
PtInRect
SetCursor
GetCursorPos
UpdateLayeredWindow
SetCapture
RegisterClassExW
LoadImageW
CreateWindowExW
ReleaseCapture
PostMessageW
SendMessageTimeoutW
RegisterWindowMessageW
TranslateAcceleratorW
InvalidateRect
SendMessageW
CreatePopupMenu
AppendMenuW
RemoveMenu
MapWindowPoints
SetMenuItemInfoW
UnregisterClassA
GetMenuItemInfoW
SetMenuDefaultItem
LoadStringW
SetFocus
PostQuitMessage
LoadStringA
GetMenuItemCount
DestroyMenu
GetMonitorInfoW
MonitorFromPoint
TrackPopupMenuEx
MessageBeep
DestroyIcon
GetWindowThreadProcessId
GetDesktopWindow
SystemParametersInfoW
MessageBoxW
IntersectRect
MoveWindow
GetSystemMetrics
CheckDlgButton
SetDlgItemTextW
IsWindowVisible
GetParent
GetSysColor
ClientToScreen
InvalidateRgn
SetWindowsHookExW
GetDlgItemTextW
CreateDialogParamW
RedrawWindow

gdi32

SelectPalette
CreateDCW
SetViewportOrgEx
GetViewportOrgEx
SetDIBits
GetObjectW
RealizePalette
StretchBlt
SetStretchBltMode
EnumFontFamiliesW
GetObjectType
GetStockObject
GetDIBits
GdiFlush
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleBitmap
GetObjectA
CreatePen
LineTo
MoveToEx
CreateCompatibleDC
PatBlt
SelectObject
DeleteDC
CreateDIBSection
CreateFontW
DeleteObject

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegQueryValueExA
RegDeleteValueW
RegCloseKey
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteKeyW

shell32

ShellExecuteExW
SHCreateDirectoryExA
Shell_NotifyIconW
SHCreateDirectoryExW
SHGetFolderPathW
SHFileOperationW
ShellExecuteW

ole32

CoTaskMemAlloc
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc

oleaut32

OleCreateFontIndirect
DispCallFunc
SysAllocString
LoadRegTypeLi
LoadTypeLi
VarUI4FromStr
SysAllocStringLen
VariantClear
VariantInit
SysFreeString
SysStringLen

shlwapi

SHSetValueW
PathFileExistsW
SHGetValueW
StrStrIW
PathRemoveFileSpecW
PathFindFileNameW
StrCmpIW
PathFindExtensionW
PathAddBackslashW
SHDeleteValueA
SHSetValueA
StrStrIA
SHDeleteValueW
StrToIntA
PathCombineW
PathRemoveFileSpecA
PathAppendW

comctl32

_TrackMouseEvent
InitCommonControlsEx

msimg32

AlphaBlend

gdiplus

GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipDrawLine
GdipSetStringFormatHotkeyPrefix
GdipCreateHBITMAPFromBitmap
GdipDeletePen
GdipCreatePen1
GdipCloneImage
GdipDrawImageRectRectI
GdipSetInterpolationMode
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromFileICM
GdipGetImageRawFormat
GdipGetImageWidth
GdipSaveImageToFile
GdipDisposeImage
GdipCloneBrush
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDrawString
GdipFillPath
GdipSetSmoothingMode
GdipSetTextRenderingHint
GdipCreateFromHDC
GdipAddPathArcI
GdipAddPathLineI
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipCreateSolidFill
GdipDeleteFont
GdipDeleteGraphics
GdipDeletePath
GdipCreatePath
GdipDeleteStringFormat
GdipCreateStringFormat
GdipAlloc
GdipFree
GdipDeleteBrush
GdipCreateBitmapFromFile

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

psapi

GetModuleFileNameExW

winmm

timeSetEvent
timeBeginPeriod
timeEndPeriod
timeKillEvent

urlmon

URLDownloadToFileW

ws2_32

WSAAsyncSelect
WSAAsyncGetHostByName
bind
ioctlsocket
setsockopt
send
WSACreateEvent
htons
gethostbyname
socket
WSAEventSelect
WSACloseEvent
WSAStartup
WSACleanup
recv
shutdown
connect
WSAGetLastError
WSAWaitForMultipleEvents
getsockname
WSAEnumNetworkEvents
gethostname
closesocket

wininet

InternetQueryOptionW
InternetQueryOptionA
InternetCrackUrlW

secur32

AcquireCredentialsHandleA
InitializeSecurityContextA
FreeCredentialsHandle

Sections

.text
Size: 585KB - Virtual size: 584KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 225KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

099c0646ea7282d232219f8807883be0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 48KB

.rsrc Size: 82KB - Virtual size: 81KB

2c76d0f0f4054211cbc3997f0070d1dc

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

gdiplus

wininet

urlmon

version

psapi

winmm

ws2_32

secur32

Sections

.text Size: 814KB - Virtual size: 814KB

.rdata Size: 152KB - Virtual size: 152KB

.data Size: 35KB - Virtual size: 80KB

.rsrc Size: 667KB - Virtual size: 667KB

.reloc Size: 56KB - Virtual size: 55KB

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 1012B

421a02aae559045e04759aae146087eb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 48KB

.rsrc
Size: 82KB - Virtual size: 81KB

.text
Size: 814KB - Virtual size: 814KB

.rdata
Size: 152KB - Virtual size: 152KB

.data
Size: 35KB - Virtual size: 80KB

.rsrc
Size: 667KB - Virtual size: 667KB

.reloc
Size: 56KB - Virtual size: 55KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 1012B

.text
Size: 18KB - Virtual size: 17KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 322KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 814KB - Virtual size: 814KB

.rdata
Size: 152KB - Virtual size: 152KB

.data
Size: 35KB - Virtual size: 80KB

.rsrc
Size: 667KB - Virtual size: 667KB

.reloc
Size: 56KB - Virtual size: 55KB

.text
Size: 585KB - Virtual size: 584KB

.rdata
Size: 109KB - Virtual size: 109KB

.data
Size: 20KB - Virtual size: 33KB

.rsrc
Size: 225KB - Virtual size: 225KB