8c385667af93b26496fc05318171c857_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8c385667af93b26496fc05318171c857_JaffaCakes118
Size

6.7MB
MD5

8c385667af93b26496fc05318171c857
SHA1

f4aa747a5ed46412a73781627dcf502ee37483b5
SHA256

cf24b4539495dee965f9bc34e3e30189eec898259afd9041af46fe2b51dc2e69
SHA512

ab47f0d166b6e0282e4408227c19c6dd8448f01e6148a83a57c987932cf4c32c72cc0647c9d73cf4cc5f18782588c8914a7a2f2792c06a36340c68931e55a573
SSDEEP

196608:NyyYvnEIyHp8clKeTFnHarUA2jfFc34zGE7Cn7n4po:NyyYPx9cjVHaWRcIS+CsO

Score

3^/10

Malware Config

Signatures

Unsigned PE 7 IoCs

Checks for missing Authenticode signature.

resource
unpack001/明灯QQ空间日志精准采集专业版_Jisuxz.com/1-明灯QQ日志评论2013先知版/(加强版)明灯QQ日志评论2013先知版_se.exe
unpack001/明灯QQ空间日志精准采集专业版_Jisuxz.com/1-明灯QQ日志评论2013先知版/UUWiseHelper.dll
unpack001/明灯QQ空间日志精准采集专业版_Jisuxz.com/4-明灯QQ空间日志精准采集专业版/QQ空间日志精准采集专业版_se.exe
unpack001/明灯QQ空间日志精准采集专业版_Jisuxz.com/8-明灯QQ空间留言群发2013先知版/明灯QQ空间留言群发2013先知版_se.exe
unpack001/明灯QQ空间日志精准采集专业版_Jisuxz.com/BySxani.exe
unpack001/明灯QQ空间日志精准采集专业版_Jisuxz.com/TestPatch.ex~
unpack001/明灯QQ空间日志精准采集专业版_Jisuxz.com/明灯陌生人QQ采集专家/明灯陌生人QQ采集专家_se.exe

Files

8c385667af93b26496fc05318171c857_JaffaCakes118
.rar
使用说明.url
明灯QQ空间日志精准采集专业版_Jisuxz.com/1-明灯QQ日志评论2013先知版/(加强版)明灯QQ日志评论2013先知版_se.exe
.exe windows:5 windows x86 arch:x86

d467480bb96d4147b1b69ff3b766905b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

winmm

waveOutUnprepareHeader
waveOutPrepareHeader
waveOutWrite
waveOutPause
waveOutReset
waveOutClose
waveOutGetNumDevs
waveOutOpen
midiOutUnprepareHeader
midiStreamOpen
midiStreamProperty
midiOutPrepareHeader
midiStreamOut
midiStreamStop
midiOutReset
midiStreamClose
midiStreamRestart
waveOutGetDevCapsA

ws2_32

recv
closesocket
send
select
inet_addr
inet_ntoa
gethostbyname
WSAStartup
ioctlsocket
recvfrom
WSACleanup
accept
getpeername
WSAAsyncSelect

rasapi32

RasDialA
RasHangUpA
RasGetConnectStatusA
RasEnumConnectionsA
RasEnumEntriesA
RasGetEntryDialParamsA

kernel32

MultiByteToWideChar
SetLastError
QueryPerformanceFrequency
QueryPerformanceCounter
GetTimeZoneInformation
GetVersion
FileTimeToSystemTime
WideCharToMultiByte
GetSystemInfo
VirtualQuery
VirtualProtect
InterlockedExchange
IsBadCodePtr
IsBadReadPtr
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
LCMapStringW
LCMapStringA
SetEnvironmentVariableA
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
SetStdHandle
GetACP
HeapSize
GetLocalTime
GetSystemTime
RaiseException
RtlUnwind
GetStartupInfoA
GetOEMCP
GetCPInfo
GetProcessVersion
SetErrorMode
GlobalFlags
GetCurrentThread
GetFileTime
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
lstrcmpA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpiA
GetStringTypeExA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
lstrcpynA
FileTimeToLocalFileTime
LocalFree
CloseHandle
WaitForSingleObject
GetTickCount
GetCommandLineA
MulDiv
GetProcAddress
GetModuleHandleA
GetVolumeInformationA
SetCurrentDirectoryA
GetCurrentDirectoryA
DeleteFileA
GetFileAttributesA
FindClose
FindFirstFileA
GlobalUnlock
GlobalLock
GlobalAlloc
InterlockedCompareExchange
Sleep
CreateEventA
CreateThread
GetPrivateProfileStringA
WritePrivateProfileStringA
GetVersionExA
lstrlenW
lstrlenA
LoadLibraryA
TerminateProcess
GetCurrentProcess
SetFilePointer
GetFileSize
InterlockedIncrement
InterlockedDecrement
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
ReadFile
GetLastError
WaitForMultipleObjects
CreateFileA
DeviceIoControl
SetEvent
FindResourceA
LoadResource
LockResource
GetModuleFileNameA
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
WinExec
lstrcpyA
FindNextFileA
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetUserDefaultLCID
GetFullPathNameA
FreeLibrary

user32

EnableMenuItem
GetSubMenu
GetDlgCtrlID
CreateAcceleratorTableA
CreateMenu
ModifyMenuA
AppendMenuA
CreatePopupMenu
DrawIconEx
CreateIconFromResource
EnumDisplaySettingsA
ClientToScreen
SetRectEmpty
DispatchMessageA
GetMessageA
WindowFromPoint
DrawFocusRect
DrawEdge
DrawFrameControl
LoadIconA
TranslateMessage
SystemParametersInfoA
GetSysColorBrush
UnregisterClassA
RegisterClipboardFormatA
LoadImageA
GetDesktopWindow
GetClassNameA
GetDlgItem
FindWindowExA
GetWindowTextA
SetWindowTextA
GetForegroundWindow
CreateIconFromResourceEx
ShowWindow
IsWindowEnabled
TranslateAcceleratorA
LoadStringA
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
MoveWindow
IsDialogMessageA
ScrollWindowEx
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
GetScrollPos
RegisterClassA
GetMenuItemCount
GetMenuItemID
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetKeyState
CopyAcceleratorTableA
PostQuitMessage
IsZoomed
GetSystemMenu
DeleteMenu
GetClassInfoA
DefWindowProcA
GetMenu
SetMenu
PeekMessageA
IsIconic
SetFocus
GetActiveWindow
GetWindow
DestroyAcceleratorTable
SetWindowRgn
GetMessagePos
ScreenToClient
ChildWindowFromPointEx
CopyRect
LoadBitmapA
WinHelpA
KillTimer
SetTimer
ReleaseCapture
GetCapture
SetCapture
GetScrollRange
SetScrollRange
SetScrollPos
InflateRect
SetRect
IntersectRect
DestroyIcon
PtInRect
OffsetRect
IsWindowVisible
EnableWindow
RedrawWindow
GetWindowLongA
SetWindowLongA
GetSysColor
SetActiveWindow
SetCursorPos
LoadCursorA
SetCursor
GetDC
FillRect
InvertRect
IsRectEmpty
ScrollDC
ReleaseDC
IsChild
TrackPopupMenu
DestroyMenu
SetForegroundWindow
GetWindowRect
EqualRect
UpdateWindow
ValidateRect
InvalidateRect
GetClientRect
GetFocus
GetParent
GetTopWindow
PostMessageA
IsWindow
SetParent
DestroyCursor
SendMessageA
SetWindowPos
MessageBoxA
GetCursorPos
GetSystemMetrics
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
wsprintfA
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
RegisterWindowMessageA
GetLastActivePopup
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA

gdi32

GetViewportExtEx
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
PtVisible
SetTextColor
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextMetricsA
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
ExcludeClipRect
MoveToEx
LineTo
ExtSelectClipRgn
GetWindowOrgEx
SetBkColor
CreateRectRgnIndirect
SetStretchBltMode
GetClipRgn
CreatePolygonRgn
SelectClipRgn
DeleteObject
CreateDIBitmap
GetSystemPaletteEntries
CreatePalette
StretchBlt
SelectPalette
RealizePalette
GetDIBits
GetWindowExtEx
GetViewportOrgEx
BeginPath
EndPath
PathToRegion
CreateEllipticRgn
CreateRoundRectRgn
GetTextColor
GetBkMode
GetBkColor
GetROP2
GetStretchBltMode
GetPolyFillMode
CreateCompatibleBitmap
CreateDCA
CreateBrushIndirect
CreateHatchBrush
CreateBitmap
CreatePatternBrush
SelectObject
CreatePen
PatBlt
FillRgn
CreateRectRgn
CombineRgn
CreateSolidBrush
CreateFontIndirectA
GetStockObject
GetObjectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
CreateCompatibleDC
SetPixelV
Ellipse
Rectangle
LPtoDP
DPtoLP
GetCurrentObject
RoundRect
Pie
Chord
Arc
Polygon
GetTextExtentPoint32A
GetDeviceCaps

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegQueryValueA
RegCreateKeyExA

shell32

Shell_NotifyIconA
ShellExecuteA

ole32

CLSIDFromProgID
OleRun
CoCreateInstance
CLSIDFromString
OleUninitialize
OleInitialize

oleaut32

SafeArrayCreateVector
SysAllocStringByteLen
GetErrorInfo
SysStringLen
SysFreeString
UnRegisterTypeLi
LoadTypeLi
LHashValOfNameSys
RegisterTypeLi
SafeArrayPutElement
SafeArrayCreate
SafeArrayDestroy
SysAllocString
VariantInit
VariantCopyInd
SafeArrayGetElement
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
VariantChangeType
VariantClear
VariantCopy

comctl32

ImageList_GetIcon
ImageList_GetImageCount
ImageList_SetBkColor
ord17
ImageList_Destroy
ImageList_Duplicate
ImageList_Read

wininet

InternetCloseHandle

comdlg32

ChooseFontA
GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA
ChooseColorA

msvcrt

strncpy

psapi

GetMappedFileNameW

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
明灯QQ空间日志精准采集专业版_Jisuxz.com/1-明灯QQ日志评论2013先知版/Text.dat
明灯QQ空间日志精准采集专业版_Jisuxz.com/1-明灯QQ日志评论2013先知版/TextTY.dat
明灯QQ空间日志精准采集专业版_Jisuxz.com/1-明灯QQ日志评论2013先知版/UUWiseHelper.dll
.dll windows:5 windows x86 arch:x86

6365176b95d0f97c658083b9efe6b818

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\Visual Studio 2010\Projects\UUWiseHelper\uutest_cpp\Release\UUWiseHelper.pdb

Imports

kernel32

GlobalAlloc
WideCharToMultiByte
Sleep
MultiByteToWideChar
GlobalUnlock
GlobalFree
DeleteFileA
HeapFree
GetProcessHeap
GetLastError
GetTickCount
GetFileSize
SetFilePointer
WriteFile
ReadFile
CreateFileW
IsDBCSLeadByteEx
CloseHandle
HeapAlloc
SetLastError
LoadLibraryW
FlushFileBuffers
GlobalLock
GlobalSize
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateFileA
InitializeCriticalSection
SetStdHandle
WriteConsoleW
HeapReAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStartupInfoW
GetFileType
SetHandleCount
GetStringTypeW
InitializeCriticalSectionAndSpinCount
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
HeapSize
GetModuleFileNameW
GetStdHandle
ExitProcess
SetEndOfFile
GetModuleHandleW
GetProcAddress
GetConsoleMode
GetConsoleCP
HeapDestroy
HeapCreate
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCPInfo
LCMapStringW
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
GetCurrentThreadId
GetCommandLineA
RaiseException
RtlUnwind

user32

GetWindowDC
GetDesktopWindow

gdi32

GetDeviceCaps
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt

ole32

CreateStreamOnHGlobal
CoTaskMemFree
CoCreateGuid

gdiplus

GdipGetImageEncodersSize
GdipAlloc
GdipDrawImageI
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipFree
GdipSaveImageToStream
GdiplusShutdown
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdipGetImageEncoders
GdipSaveImageToFile
GdipCloneImage
GdiplusStartup

shlwapi

PathFileExistsA

wininet

InternetWriteFile
InternetSetOptionA
InternetConnectA
HttpSendRequestExA
HttpOpenRequestA
HttpEndRequestA
HttpAddRequestHeadersA
HttpSendRequestA
InternetOpenA
InternetCloseHandle
InternetReadFile

urlmon

FindMimeFromData

Exports

Exports

ScreenCaptureJPGFile
ScreenCaptureJPGStream
getResult
getScore
login
pay
recognizeByByte
recognizeByCodeTypeAndBytes
recognizeByCodeTypeAndPath
recognizeByPath
recognizeByStream
recognizeImgFile
recognizeImgStream
recognizeWithIdByByte
recognizeWithIdByPath
recognizeWithIdByStream
regUser
reportError
setSoftInfo
setTimeOut
uploadByPicChars
uploadByPicPath

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
明灯QQ空间日志精准采集专业版_Jisuxz.com/1-明灯QQ日志评论2013先知版/教程.txt
明灯QQ空间日志精准采集专业版_Jisuxz.com/4-明灯QQ空间日志精准采集专业版/QQ空间日志精准采集专业版_se.exe
.exe windows:5 windows x86 arch:x86

7d0ea04c4d5bbfd59aed480262055bdc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasHangUpA
RasGetConnectStatusA

iphlpapi

GetAdaptersInfo

winmm

midiStreamOut
midiOutPrepareHeader
midiStreamProperty
midiStreamOpen
midiOutUnprepareHeader
waveOutOpen
waveOutGetDevCapsA
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutWrite
waveOutPause
waveOutReset
waveOutClose
waveOutGetNumDevs
midiStreamRestart
midiStreamStop
midiOutReset
midiStreamClose

ws2_32

WSAAsyncSelect
closesocket
send
select
WSACleanup
WSAStartup
gethostbyname
inet_ntoa
inet_addr
getpeername
recv
ioctlsocket
recvfrom
accept

kernel32

TerminateProcess
MultiByteToWideChar
QueryPerformanceFrequency
QueryPerformanceCounter
GetCurrentProcess
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
LCMapStringW
LCMapStringA
SetEnvironmentVariableA
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
SetStdHandle
GetACP
HeapSize
RaiseException
GetLocalTime
GetSystemTime
RtlUnwind
GetStartupInfoA
GetOEMCP
GetCPInfo
GetProcessVersion
SetErrorMode
GlobalFlags
GetCurrentThread
GetFileTime
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
lstrcmpA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpiA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
lstrcpynA
FileTimeToLocalFileTime
LocalFree
WideCharToMultiByte
SetFilePointer
SetLastError
GetTimeZoneInformation
FileTimeToSystemTime
GetFileSize
InterlockedIncrement
InterlockedDecrement
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
ReadFile
GetLastError
WaitForMultipleObjects
CreateFileA
DeviceIoControl
SetEvent
FindResourceA
LoadResource
LockResource
GetModuleFileNameA
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
WinExec
lstrcpyA
FindNextFileA
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetUserDefaultLCID
GetFullPathNameA
FreeLibrary
LoadLibraryA
lstrlenA
lstrlenW
GetVersionExA
WritePrivateProfileStringA
CreateThread
CreateEventA
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
FindFirstFileA
FindClose
GetFileAttributesA
SetCurrentDirectoryA
GetVolumeInformationA
GetModuleHandleA
GetProcAddress
MulDiv
GetCommandLineA
GetTickCount
WaitForSingleObject
CloseHandle
IsBadReadPtr
IsBadCodePtr
GetVersion
InterlockedExchange

user32

GetClassNameA
GetDesktopWindow
SetWindowTextA
SystemParametersInfoA
TranslateMessage
LoadIconA
DrawFrameControl
DrawEdge
DrawFocusRect
WindowFromPoint
GetMessageA
DispatchMessageA
SetRectEmpty
RegisterClipboardFormatA
CreateIconFromResourceEx
CreateIconFromResource
DrawIconEx
CreatePopupMenu
AppendMenuA
ModifyMenuA
CreateMenu
CreateAcceleratorTableA
GetDlgCtrlID
GetSubMenu
EnableMenuItem
ClientToScreen
EnumDisplaySettingsA
LoadImageA
ShowWindow
IsWindowEnabled
TranslateAcceleratorA
GetKeyState
CopyAcceleratorTableA
PostQuitMessage
IsZoomed
GetSystemMenu
DeleteMenu
GetClassInfoA
DefWindowProcA
GetMenu
SetMenu
PeekMessageA
GetSysColorBrush
LoadStringA
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
MoveWindow
IsDialogMessageA
ScrollWindowEx
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
GetDlgItem
GetScrollPos
RegisterClassA
GetMenuItemCount
GetMenuItemID
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
IsIconic
SetFocus
GetActiveWindow
GetWindow
DestroyAcceleratorTable
SetWindowRgn
GetMessagePos
ScreenToClient
ChildWindowFromPointEx
CopyRect
LoadBitmapA
WinHelpA
KillTimer
SetTimer
ReleaseCapture
GetCapture
SetCapture
GetScrollRange
SetScrollRange
SetScrollPos
InflateRect
SetRect
IntersectRect
DestroyIcon
PtInRect
OffsetRect
IsWindowVisible
EnableWindow
RedrawWindow
GetWindowLongA
SetWindowLongA
GetSysColor
SetActiveWindow
SetCursorPos
LoadCursorA
SetCursor
GetDC
FillRect
InvertRect
IsRectEmpty
ScrollDC
ReleaseDC
IsChild
DestroyMenu
SetForegroundWindow
GetWindowRect
EqualRect
UpdateWindow
ValidateRect
InvalidateRect
GetClientRect
GetFocus
GetParent
GetTopWindow
PostMessageA
IsWindow
SetParent
DestroyCursor
SendMessageA
SetWindowPos
MessageBoxA
GetCursorPos
GetSystemMetrics
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
wsprintfA
FindWindowExA
GetWindowTextA
UnregisterClassA
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
RegisterWindowMessageA
GetForegroundWindow
GetLastActivePopup
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA

gdi32

GetTextMetricsA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetViewportExtEx
ExtSelectClipRgn
GetBkMode
GetBkColor
GetROP2
GetStretchBltMode
GetPolyFillMode
CreateCompatibleBitmap
CreateDCA
CreateBrushIndirect
CreateHatchBrush
CreateBitmap
CreatePatternBrush
CreatePen
PatBlt
FillRgn
CreateRectRgn
CombineRgn
CreateSolidBrush
CreateFontIndirectA
GetStockObject
GetObjectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
CreateCompatibleDC
SetPixelV
Ellipse
Rectangle
LPtoDP
DPtoLP
GetCurrentObject
RoundRect
Pie
Chord
Arc
Polygon
GetTextExtentPoint32A
GetDeviceCaps
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
GetSystemPaletteEntries
CreateDIBitmap
DeleteObject
SelectClipRgn
CreatePolygonRgn
GetClipRgn
SetStretchBltMode
CreateRectRgnIndirect
SetBkColor
ScaleViewportExtEx
LineTo
MoveToEx
ExcludeClipRect
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
GetTextColor
CreateRoundRectRgn
SetWindowOrgEx
CreateEllipticRgn
PathToRegion
EndPath
BeginPath
GetWindowOrgEx
GetViewportOrgEx
GetWindowExtEx
GetDIBits
RealizePalette
SelectPalette
StretchBlt
SelectObject
SetBkMode
RestoreDC
SaveDC
CreatePalette

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegQueryValueA

shell32

ShellExecuteA
Shell_NotifyIconA

ole32

OleRun
CoCreateInstance
CLSIDFromString
OleUninitialize
OleInitialize
CLSIDFromProgID

oleaut32

SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElement
VariantCopyInd
VariantInit
SysAllocString
SafeArrayDestroy
SafeArrayCreate
SafeArrayPutElement
RegisterTypeLi
LHashValOfNameSys
LoadTypeLi
UnRegisterTypeLi
SysFreeString
SysStringLen
SysAllocStringByteLen
SafeArrayCreateVector
SafeArrayGetDim
GetErrorInfo
SafeArrayGetLBound
SafeArrayGetUBound
VariantChangeType
VariantClear
VariantCopy

comctl32

ord17
ImageList_Destroy
ImageList_Read
ImageList_Duplicate
ImageList_SetBkColor
ImageList_GetImageCount

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
InternetConnectA
InternetSetOptionA
InternetCloseHandle
InternetOpenA

comdlg32

ChooseFontA
GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA
ChooseColorA

msvcrt

strncpy

psapi

GetMappedFileNameW

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
明灯QQ空间日志精准采集专业版_Jisuxz.com/8-明灯QQ空间留言群发2013先知版/明灯QQ空间留言群发2013先知版_se.exe
.exe windows:5 windows x86 arch:x86

f695aaa211baa23f4bf6ddfa313f7669

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

winmm

waveOutUnprepareHeader
waveOutPrepareHeader
waveOutWrite
waveOutPause
waveOutReset
waveOutClose
waveOutGetNumDevs
waveOutOpen
midiOutUnprepareHeader
midiStreamOpen
midiStreamProperty
midiOutPrepareHeader
midiStreamOut
midiStreamStop
midiOutReset
midiStreamClose
midiStreamRestart
waveOutGetDevCapsA

ws2_32

recv
closesocket
send
select
inet_addr
inet_ntoa
gethostbyname
WSAStartup
ioctlsocket
recvfrom
WSACleanup
accept
getpeername
WSAAsyncSelect

rasapi32

RasGetConnectStatusA
RasEnumConnectionsA
RasDialA
RasGetEntryDialParamsA
RasEnumEntriesA
RasHangUpA

kernel32

MultiByteToWideChar
SetLastError
QueryPerformanceFrequency
QueryPerformanceCounter
GetTimeZoneInformation
GetVersion
FileTimeToSystemTime
WaitForSingleObject
GetTickCount
GetCommandLineA
MulDiv
InterlockedCompareExchange
GetSystemInfo
VirtualQuery
VirtualProtect
InterlockedExchange
IsBadCodePtr
IsBadReadPtr
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
LCMapStringW
LCMapStringA
SetEnvironmentVariableA
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
SetStdHandle
GetACP
HeapSize
GetLocalTime
GetSystemTime
RaiseException
RtlUnwind
GetStartupInfoA
GetOEMCP
GetCPInfo
GetProcessVersion
SetErrorMode
GlobalFlags
GetCurrentThread
GetFileTime
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
lstrcmpA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpiA
GetStringTypeExA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
lstrcpynA
FileTimeToLocalFileTime
LocalFree
WideCharToMultiByte
GetProcAddress
GetModuleHandleA
GetVolumeInformationA
SetCurrentDirectoryA
GetFileAttributesA
CloseHandle
FindClose
FindFirstFileA
GlobalUnlock
GlobalLock
GlobalAlloc
Sleep
CreateEventA
CreateThread
GetPrivateProfileStringA
WritePrivateProfileStringA
GetVersionExA
TerminateProcess
GetCurrentProcess
SetFilePointer
GetFileSize
InterlockedIncrement
InterlockedDecrement
TerminateThread
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
ReadFile
GetLastError
WaitForMultipleObjects
CreateFileA
DeviceIoControl
SetEvent
FindResourceA
LoadResource
LockResource
GetModuleFileNameA
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
WinExec
lstrcpyA
FindNextFileA
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetUserDefaultLCID
GetFullPathNameA
FreeLibrary
LoadLibraryA
lstrlenA
lstrlenW

user32

wsprintfA
CloseClipboard
OpenClipboard
SetClipboardData
EmptyClipboard
GetSystemMetrics
GetCursorPos
GetSysColorBrush
SetWindowTextA
GetWindowTextA
FindWindowExA
GetDlgItem
GetClassNameA
GetClipboardData
GetDesktopWindow
SystemParametersInfoA
TranslateMessage
LoadIconA
DrawFrameControl
DrawEdge
DrawFocusRect
WindowFromPoint
GetMessageA
DispatchMessageA
SetRectEmpty
RegisterClipboardFormatA
CreateIconFromResourceEx
CreateIconFromResource
DrawIconEx
CreatePopupMenu
AppendMenuA
ModifyMenuA
LoadStringA
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
MoveWindow
IsDialogMessageA
ScrollWindowEx
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
GetScrollPos
RegisterClassA
GetMenuItemCount
GetMenuItemID
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
CreateMenu
CreateAcceleratorTableA
GetDlgCtrlID
GetSubMenu
EnableMenuItem
ClientToScreen
EnumDisplaySettingsA
LoadImageA
ShowWindow
IsWindowEnabled
TranslateAcceleratorA
GetKeyState
CopyAcceleratorTableA
PostQuitMessage
IsZoomed
GetSystemMenu
DeleteMenu
GetClassInfoA
DefWindowProcA
GetMenu
SetMenu
PeekMessageA
IsIconic
SetFocus
GetActiveWindow
GetWindow
DestroyAcceleratorTable
SetWindowRgn
GetMessagePos
ScreenToClient
ChildWindowFromPointEx
CopyRect
LoadBitmapA
WinHelpA
KillTimer
SetTimer
ReleaseCapture
GetCapture
SetCapture
GetScrollRange
SetScrollRange
SetScrollPos
InflateRect
SetRect
IntersectRect
DestroyIcon
PtInRect
OffsetRect
IsWindowVisible
EnableWindow
RedrawWindow
GetWindowLongA
SetWindowLongA
GetSysColor
SetActiveWindow
SetCursorPos
LoadCursorA
SetCursor
GetDC
FillRect
InvertRect
IsRectEmpty
ScrollDC
ReleaseDC
IsChild
TrackPopupMenu
DestroyMenu
SetForegroundWindow
GetWindowRect
EqualRect
UpdateWindow
ValidateRect
InvalidateRect
GetClientRect
GetFocus
GetParent
GetTopWindow
PostMessageA
IsWindow
SetParent
DestroyCursor
SendMessageA
SetWindowPos
MessageBoxA
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
RegisterWindowMessageA
GetForegroundWindow
GetLastActivePopup
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnregisterClassA

gdi32

PtVisible
GetViewportExtEx
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
SetMapMode
SetViewportOrgEx
RectVisible
OffsetViewportOrgEx
TextOutA
ExtTextOutA
Escape
GetTextMetricsA
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
ExcludeClipRect
MoveToEx
LineTo
ExtSelectClipRgn
GetWindowOrgEx
SetBkColor
CreateRectRgnIndirect
SetStretchBltMode
GetClipRgn
CreatePolygonRgn
SelectClipRgn
DeleteObject
CreateDIBitmap
GetSystemPaletteEntries
CreatePalette
StretchBlt
SelectPalette
RealizePalette
GetDIBits
GetWindowExtEx
GetViewportOrgEx
BeginPath
EndPath
PathToRegion
CreateEllipticRgn
CreateRoundRectRgn
GetTextColor
GetBkMode
GetBkColor
GetROP2
GetStretchBltMode
GetPolyFillMode
CreateCompatibleBitmap
CreateDCA
CreateBrushIndirect
CreateHatchBrush
CreateBitmap
CreatePatternBrush
SelectObject
CreatePen
PatBlt
FillRgn
CreateRectRgn
CombineRgn
CreateSolidBrush
CreateFontIndirectA
GetStockObject
GetObjectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
CreateCompatibleDC
SetPixelV
Ellipse
Rectangle
LPtoDP
DPtoLP
GetCurrentObject
RoundRect
Pie
Chord
Arc
Polygon
GetTextExtentPoint32A
GetDeviceCaps

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegQueryValueA
RegCreateKeyExA

shell32

Shell_NotifyIconA
ShellExecuteA

ole32

CLSIDFromProgID
OleRun
CoCreateInstance
CLSIDFromString
OleUninitialize
OleInitialize

oleaut32

UnRegisterTypeLi
SysFreeString
SysStringLen
SysAllocStringByteLen
SafeArrayCreateVector
SafeArrayPutElement
SafeArrayCreate
SafeArrayDestroy
SysAllocString
VariantInit
VariantCopyInd
SafeArrayGetElement
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetDim
SafeArrayGetUBound
GetErrorInfo
LoadTypeLi
LHashValOfNameSys
SafeArrayGetLBound
RegisterTypeLi
VariantChangeType
VariantClear
VariantCopy

comctl32

ImageList_GetIcon
ImageList_GetImageCount
ImageList_SetBkColor
ord17
ImageList_Destroy
ImageList_Duplicate
ImageList_Read

wininet

InternetCloseHandle

comdlg32

ChooseColorA
ChooseFontA
GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

msvcrt

strncpy

psapi

GetMappedFileNameW

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
明灯QQ空间日志精准采集专业版_Jisuxz.com/BySxani.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

CODE
Size: - Virtual size: 960KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 725KB - Virtual size: 728KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
明灯QQ空间日志精准采集专业版_Jisuxz.com/TestPatch.ex~
.exe windows:4 windows x86 arch:x86

4785c141b0043d43bca986750db51098

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
SetLastError
lstrcpynA
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
SetStdHandle
CompareStringW
CompareStringA
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
SetEnvironmentVariableA
IsBadWritePtr
VirtualAlloc
LCMapStringW
LCMapStringA
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetACP
HeapSize
WritePrivateProfileStringA
GetFileAttributesA
GetCommandLineA
SetCurrentDirectoryA
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
CreateEventA
GetFullPathNameA
FindResourceA
LoadResource
LockResource
CreateThread
GetModuleFileNameA
Sleep
GetProfileStringA
CreateFileA
WriteFile
ReadFile
GetLastError
WaitForMultipleObjects
SetEvent
GlobalAlloc
WaitForSingleObject
CloseHandle
MulDiv
GetCurrentThreadId
ExitProcess
GetModuleHandleA
GetProcAddress
LoadLibraryA
FreeLibrary
GlobalSize
GlobalLock
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RaiseException
TerminateProcess
RtlUnwind
GetStartupInfoA
SetErrorMode
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GetFileTime
GetFileSize
GlobalFlags
GetVersionExA
lstrcatA
lstrlenA
WinExec
lstrcpyA
FindFirstFileA
FindNextFileA
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalFree
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetVolumeInformationA
GetTickCount
GlobalUnlock
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetCurrentThread

user32

GetWindowRect
GetSystemMetrics
RedrawWindow
InvalidateRect
EnableWindow
wsprintfA
IsWindowVisible
FillRect
OffsetRect
GetClientRect
PtInRect
SetParent
SendMessageA
LoadCursorA
IsRectEmpty
IsWindow
DestroyIcon
IntersectRect
SetRect
InflateRect
SetScrollPos
SetScrollRange
GetWindowLongA
SetWindowLongA
GetScrollRange
PostMessageA
SetCapture
GetSysColor
GetParent
GetCapture
ReleaseCapture
SetTimer
KillTimer
WinHelpA
LoadBitmapA
CopyRect
GetFocus
ChildWindowFromPointEx
ScreenToClient
GetMessagePos
UpdateWindow
SetWindowRgn
DestroyCursor
DestroyAcceleratorTable
IsChild
GetWindow
GetTopWindow
GetActiveWindow
SetWindowPos
SetFocus
DestroyMenu
SetActiveWindow
IsIconic
PeekMessageA
SetMenu
GetMenu
SetCursorPos
GetCursorPos
SetForegroundWindow
ValidateRect
SystemParametersInfoA
TranslateMessage
LoadIconA
CreatePopupMenu
AppendMenuA
ModifyMenuA
CreateMenu
CreateAcceleratorTableA
EqualRect
GetSubMenu
EnableMenuItem
GetDC
ReleaseDC
GetDlgCtrlID
EnumDisplaySettingsA
LoadImageA
MessageBoxA
CreateIconFromResourceEx
CreateIconFromResource
DrawIconEx
DrawFrameControl
DrawEdge
DrawFocusRect
GetClipboardData
GetWindowPlacement
RegisterWindowMessageA
GetForegroundWindow
GetLastActivePopup
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
DestroyWindow
GetWindowTextA
GetWindowTextLengthA
GetDlgItem
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetScrollPos
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
CharUpperA
UnregisterClassA
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetNextDlgTabItem
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
CreateDialogIndirectParamA
EndDialog
GetClassNameA
GetDesktopWindow
GetSysColorBrush
LoadStringA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetMessageA
DispatchMessageA
SetRectEmpty
RegisterClipboardFormatA
ClientToScreen
WindowFromPoint
ShowWindow
SetCursor
IsWindowEnabled
TranslateAcceleratorA
GetKeyState
CopyAcceleratorTableA
PostQuitMessage
IsZoomed
GetSystemMenu
DeleteMenu
GetClassInfoA
DefWindowProcA

gdi32

StartDocA
GetSystemPaletteEntries
CreatePalette
SelectPalette
RealizePalette
GetDIBits
SetBkColor
CreatePolygonRgn
GetWindowExtEx
GetViewportOrgEx
GetWindowOrgEx
SetStretchBltMode
StretchBlt
CreateDIBitmap
GetClipRgn
SelectClipRgn
DeleteObject
LPtoDP
CreateRectRgnIndirect
DeleteDC
BeginPath
EndPath
PathToRegion
CreateEllipticRgn
CreateRoundRectRgn
EndDoc
GetTextColor
GetBkMode
GetBkColor
GetROP2
GetPolyFillMode
StartPage
EndPage
CreateCompatibleBitmap
CreateDCA
GetDeviceCaps
DPtoLP
CreateBitmap
CreateCompatibleDC
SelectObject
BitBlt
GetObjectA
CreatePen
PatBlt
Rectangle
Ellipse
RoundRect
FillRgn
GetCurrentObject
CreateRectRgn
CombineRgn
GetTextExtentPoint32A
CreateSolidBrush
GetStockObject
CreateFontIndirectA
GetTextMetricsA
GetClipBox
SetTextColor
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExcludeClipRect
MoveToEx
LineTo
GetStretchBltMode
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetViewportExtEx
ExtSelectClipRgn

winmm

midiStreamRestart
midiStreamClose
midiOutReset
midiStreamStop
midiStreamOut
midiOutPrepareHeader
midiStreamProperty
midiStreamOpen
midiOutUnprepareHeader
waveOutOpen
waveOutGetNumDevs
waveOutClose
waveOutReset
waveOutPause
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCreateKeyExA
RegCloseKey
RegQueryValueA
RegOpenKeyExA
RegSetValueExA

shell32

ShellExecuteA
Shell_NotifyIconA

ole32

OleUninitialize
CLSIDFromString
OleInitialize

oleaut32

LoadTypeLi
RegisterTypeLi
UnRegisterTypeLi

comctl32

ord17
ImageList_Destroy

ws2_32

getpeername
accept
recv
ioctlsocket
recvfrom
inet_ntoa
WSAAsyncSelect
closesocket
WSACleanup

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA

Sections

.text
Size: 408KB - Virtual size: 405KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
明灯QQ空间日志精准采集专业版_Jisuxz.com/明灯陌生人QQ采集专家/明灯陌生人QQ采集专家_se.exe
.exe windows:5 windows x86 arch:x86

d009d0a8dbc99571432d19b369b2e883

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

winmm

midiStreamOut
midiOutPrepareHeader
waveOutOpen
midiOutUnprepareHeader
midiStreamOpen
midiStreamProperty
waveOutReset
waveOutPause
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutGetDevCapsA
midiStreamStop
midiOutReset
midiStreamClose
midiStreamRestart
waveOutGetNumDevs
waveOutClose

ws2_32

WSAAsyncSelect
closesocket
WSACleanup
recvfrom
ioctlsocket
gethostbyname
inet_ntoa
inet_addr
recv
WSAStartup
accept
getpeername

kernel32

QueryPerformanceCounter
GetTimeZoneInformation
GetVersion
HeapSize
RaiseException
GetLocalTime
GetSystemTime
RtlUnwind
GetStartupInfoA
GetOEMCP
QueryPerformanceFrequency
GetProcessVersion
SetErrorMode
GlobalFlags
GetCurrentThread
GetFileTime
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
lstrcmpA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpiA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
lstrcpynA
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalFree
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
SetLastError
MultiByteToWideChar
TerminateProcess
GetCurrentProcess
GetFileSize
SetFilePointer
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
ReadFile
GetLastError
WaitForMultipleObjects
CreateFileA
DeviceIoControl
SetEvent
FindResourceA
LoadResource
LockResource
GetModuleFileNameA
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
WinExec
lstrcpyA
FindNextFileA
InterlockedExchange
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetUserDefaultLCID
GetFullPathNameA
FreeLibrary
LoadLibraryA
lstrlenA
lstrlenW
GetVersionExA
WritePrivateProfileStringA
CreateThread
CreateEventA
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
FindFirstFileA
FindClose
GetFileAttributesA
SetCurrentDirectoryA
GetVolumeInformationA
GetModuleHandleA
GetProcAddress
MulDiv
GetCommandLineA
GetTickCount
WaitForSingleObject
CloseHandle
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
SetEnvironmentVariableA
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetCPInfo

user32

PeekMessageA
SetMenu
GetMenu
DefWindowProcA
GetClassInfoA
DeleteMenu
GetSystemMenu
IsZoomed
PostQuitMessage
CopyAcceleratorTableA
GetKeyState
TranslateAcceleratorA
IsWindowEnabled
ShowWindow
LoadImageA
EnumDisplaySettingsA
ClientToScreen
EnableMenuItem
GetSubMenu
GetDlgCtrlID
CreateAcceleratorTableA
CreateMenu
IsIconic
SetFocus
GetActiveWindow
GetWindow
DestroyAcceleratorTable
SetWindowRgn
GetMessagePos
ScreenToClient
ChildWindowFromPointEx
CopyRect
LoadBitmapA
ModifyMenuA
KillTimer
SetTimer
ReleaseCapture
GetCapture
SetCapture
GetScrollRange
SetScrollRange
SetScrollPos
InflateRect
SetRect
IntersectRect
GetSysColorBrush
DestroyIcon
PtInRect
OffsetRect
IsWindowVisible
EnableWindow
RedrawWindow
GetWindowLongA
SetWindowLongA
GetSysColor
SetActiveWindow
SetCursorPos
LoadCursorA
SetCursor
GetDC
FillRect
InvertRect
IsRectEmpty
ScrollDC
ReleaseDC
IsChild
DestroyMenu
SetForegroundWindow
GetWindowRect
EqualRect
UpdateWindow
ValidateRect
InvalidateRect
GetClientRect
GetFocus
GetParent
GetTopWindow
PostMessageA
IsWindow
SetParent
DestroyCursor
SendMessageA
SetWindowPos
MessageBoxA
GetCursorPos
GetSystemMetrics
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
wsprintfA
AppendMenuA
CreatePopupMenu
DrawIconEx
CreateIconFromResource
CreateIconFromResourceEx
RegisterClipboardFormatA
SetRectEmpty
DispatchMessageA
GetMessageA
DrawFocusRect
DrawEdge
DrawFrameControl
LoadIconA
TranslateMessage
SystemParametersInfoA
GetKeyboardLayout
VkKeyScanExA
GetDesktopWindow
GetClassNameA
keybd_event
GetDlgItem
FindWindowExA
GetWindowTextA
WinHelpA
UnregisterClassA
WindowFromPoint
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
RegisterWindowMessageA
GetForegroundWindow
GetLastActivePopup
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetScrollPos
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
LoadStringA

gdi32

ExtTextOutA
TextOutA
RectVisible
PtVisible
GetViewportExtEx
ExtSelectClipRgn
PatBlt
FillRgn
CreateRectRgn
CombineRgn
CreateSolidBrush
CreateFontIndirectA
GetStockObject
GetObjectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
CreateCompatibleDC
SetPixelV
Escape
Rectangle
LPtoDP
DPtoLP
GetCurrentObject
RoundRect
Pie
Chord
Arc
Polygon
GetTextExtentPoint32A
GetDeviceCaps
LineTo
MoveToEx
ExcludeClipRect
GetClipBox
ScaleWindowExtEx
GetTextMetricsA
CreatePen
SelectObject
CreatePatternBrush
CreateBitmap
CreateHatchBrush
CreateBrushIndirect
CreateDCA
CreateCompatibleBitmap
GetPolyFillMode
GetStretchBltMode
GetROP2
GetBkColor
GetBkMode
GetTextColor
CreateRoundRectRgn
CreateEllipticRgn
PathToRegion
EndPath
BeginPath
GetWindowOrgEx
GetViewportOrgEx
GetWindowExtEx
GetDIBits
RealizePalette
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SelectPalette
StretchBlt
CreatePalette
GetSystemPaletteEntries
CreateDIBitmap
DeleteObject
SelectClipRgn
CreatePolygonRgn
GetClipRgn
SetStretchBltMode
CreateRectRgnIndirect
SetBkColor
Ellipse
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegSetValueExA
RegQueryValueA
RegCreateKeyExA
RegCloseKey

shell32

Shell_NotifyIconA
ShellExecuteA

ole32

CLSIDFromProgID
OleRun
CoCreateInstance
CLSIDFromString
OleUninitialize
OleInitialize

oleaut32

VariantChangeType
VariantClear
VariantCopy
SafeArrayGetUBound
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetLBound
UnRegisterTypeLi
LoadTypeLi
LHashValOfNameSys
RegisterTypeLi
SafeArrayPutElement
SafeArrayCreate
SafeArrayDestroy
SysAllocString
VariantInit
VariantCopyInd
SafeArrayGetElement
SafeArrayGetDim

comctl32

ImageList_GetImageCount
ImageList_SetBkColor
ord17
ImageList_Destroy
ImageList_Read
ImageList_Duplicate

comdlg32

ChooseColorA
ChooseFontA
GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

msvcrt

strncpy

psapi

GetMappedFileNameW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
极速软件下载.url

Sharing

General

Malware Config

Signatures

Files

d467480bb96d4147b1b69ff3b766905b

Headers

File Characteristics

Imports

iphlpapi

winmm

ws2_32

rasapi32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

wininet

comdlg32

msvcrt

psapi

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.sedata Size: 1.2MB - Virtual size: 1.2MB

.idata Size: 12KB - Virtual size: 12KB

.rsrc Size: 12KB - Virtual size: 12KB

.sedata Size: 4KB - Virtual size: 4KB

6365176b95d0f97c658083b9efe6b818

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

ole32

gdiplus

shlwapi

wininet

urlmon

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 6KB - Virtual size: 14KB

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 12KB - Virtual size: 11KB

7d0ea04c4d5bbfd59aed480262055bdc

Headers

File Characteristics

Imports

rasapi32

iphlpapi

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

wininet

comdlg32

msvcrt

psapi

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.sedata Size: 1.1MB - Virtual size: 1.1MB

.idata Size: 12KB - Virtual size: 12KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.sedata
Size: 1.2MB - Virtual size: 1.2MB

.idata
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 12KB - Virtual size: 12KB

.sedata
Size: 4KB - Virtual size: 4KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 6KB - Virtual size: 14KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 12KB - Virtual size: 11KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.sedata
Size: 1.1MB - Virtual size: 1.1MB

.idata
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 12KB - Virtual size: 12KB

.sedata
Size: 4KB - Virtual size: 4KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.sedata
Size: 1.2MB - Virtual size: 1.2MB

.idata
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 12KB - Virtual size: 12KB

.sedata
Size: 4KB - Virtual size: 4KB

CODE
Size: - Virtual size: 960KB

DATA
Size: 725KB - Virtual size: 728KB

.rsrc
Size: 8KB - Virtual size: 8KB

.text
Size: 408KB - Virtual size: 405KB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 60KB - Virtual size: 133KB

.rsrc
Size: 24KB - Virtual size: 21KB