b83c644addf3c72ad24027fd9abd405e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b83c644addf3c72ad24027fd9abd405e_JaffaCakes118
Size

599KB
MD5

b83c644addf3c72ad24027fd9abd405e
SHA1

cc05fcfa9b7cbb15288841212b67eb0d1ddd5ce0
SHA256

cfd1049b7ba687e301c38c408682cc73d4975d48ecccf455b92f11cf268fd8dc
SHA512

c98988d8efab75b2dd8a100e1823c4153db47e0ee0d09153252bc7fcda1493e07988154888140f841a3d3fbd8497c2068d289d929ae9d5c5a77e1ea5724a8975
SSDEEP

12288:1vpfeY80p6K0AJ2lUe27RADtqmynItCTbnbnMCJBaspzX6:7frfPYx27RADtUnIAT/MC76

Score

3^/10

Malware Config

Signatures

Unsigned PE 9 IoCs

Checks for missing Authenticode signature.

resource
unpack001/STBUPG_20140213/7za.exe
unpack001/STBUPG_20140213/FunComSvc.dll
unpack001/STBUPG_20140213/FunIni.dll
unpack001/STBUPG_20140213/FunLog.dll
unpack001/STBUPG_20140213/FunSerial.dll
unpack001/STBUPG_20140213/FunThread.dll
unpack001/STBUPG_20140213/FunTip.dll
unpack001/STBUPG_20140213/UIFlashWR.dll
unpack001/STBUPG_20140213/stbupg.exe

Files

b83c644addf3c72ad24027fd9abd405e_JaffaCakes118
.rar
STBUPG_20140213/7za.exe
.exe windows:4 windows x86 arch:x86

15847eb10d7d06dcd5980e8a9b786fd6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysAllocString
SysAllocStringByteLen
VariantClear
VariantCopy
SysFreeString

user32

CharLowerA
CharUpperA
CharLowerW
CharPrevExA
CharNextA
CharUpperW

kernel32

SetEndOfFile
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
SetConsoleCtrlHandler
FileTimeToLocalFileTime
GetCommandLineW
SetFileApisToOEM
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetConsoleMode
SetConsoleMode
GetStdHandle
MultiByteToWideChar
WideCharToMultiByte
GetLastError
FreeLibrary
LoadLibraryA
AreFileApisANSI
GetModuleFileNameA
LocalFree
FormatMessageA
FormatMessageW
GetWindowsDirectoryA
GetWindowsDirectoryW
CloseHandle
SetFileTime
CreateFileW
SetLastError
SetFileAttributesA
RemoveDirectoryA
MoveFileA
SetFileAttributesW
RemoveDirectoryW
MoveFileW
CreateDirectoryA
CreateDirectoryW
DeleteFileA
DeleteFileW
lstrlenA
GetFullPathNameA
GetFullPathNameW
GetCurrentDirectoryA
SetCurrentDirectoryA
SetCurrentDirectoryW
GetCurrentDirectoryW
SearchPathA
SearchPathW
GetTempPathA
GetTempPathW
GetTempFileNameA
GetTempFileNameW
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
CreateFileA
GetFileSize
SetFilePointer
DeviceIoControl
ReadFile
WriteFile
GetCurrentProcess
GetProcAddress
CompareFileTime
FileTimeToSystemTime
GetSystemInfo
GlobalMemoryStatus
GetModuleHandleA
DosDateTimeToFileTime
FileTimeToDosDateTime
SystemTimeToFileTime
GetSystemTime
WaitForMultipleObjects
OpenEventA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
GetTickCount
GetProcessTimes
LocalFileTimeToFileTime
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
VirtualAlloc
VirtualFree
WaitForSingleObject
CreateEventA
SetEvent
ResetEvent
CreateSemaphoreA
ReleaseSemaphore
InitializeCriticalSection
RtlUnwind
RaiseException
HeapAlloc
HeapFree
HeapReAlloc
CreateThread
TlsSetValue
TlsGetValue
ExitThread
GetCommandLineA
GetVersion
ExitProcess
TlsAlloc
SetUnhandledExceptionFilter
TerminateProcess
HeapSize
GetEnvironmentVariableA
HeapDestroy
HeapCreate
IsBadWritePtr
SetHandleCount
GetFileType
GetStartupInfoA
FlushFileBuffers
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
InterlockedDecrement
InterlockedIncrement
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetCPInfo
GetACP
GetOEMCP

Sections

.text
Size: 483KB - Virtual size: 483KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
STBUPG_20140213/FunComSvc.dll
.dll windows:5 windows x86 arch:x86

efd6c5e99a644ee60ad4631c6624dabf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

funthread

?Stop@CFunWorkThread@@QAEXH@Z
?Start@CFunWorkThread@@QAEHH@Z
?Resume@CFunWorkThread@@QAEXXZ
??1CFunWorkThread@@QAE@XZ
?Detach@CFunWorkThread@@QAEXXZ
?Attach@CFunWorkThread@@QAEXP6GKPAX@Z0@Z
??0CFunWorkThread@@QAE@XZ

funserial

?SP_Init@CBasicSerialPort@@QAEHXZ
??0CBasicSerialPort@@QAE@XZ
??1CBasicSerialPort@@QAE@XZ
?SP_Receive@CBasicSerialPort@@QAEHPAEKPAKKK@Z
?SP_CancelPendingIO@CBasicSerialPort@@QAEHXZ
?SP_SearchAllSerialPorts@CBasicSerialPort@@QAEHPAKPAPAUserialport_info_tag@@@Z
?SP_OpenPort@CBasicSerialPort@@QAEHPAUserialport_config_tag@@@Z
?SP_ClosePort@CBasicSerialPort@@QAEHK@Z
?SP_ChangeBaudrate@CBasicSerialPort@@QAEHPAUserialport_config_tag@@@Z
?SP_Send@CBasicSerialPort@@QAEHPAEKPAKKK@Z
?SP_Deinit@CBasicSerialPort@@QAEXXZ

funlog

?WriteConsleData@@YAXPAEK@Z
?LogStoreFileLine@@YAXPA_WH@Z

funini

?GetValue@CFunBasicCfgIni@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PB_W0@Z
?SetFileName@CFunBasicCfgIni@@QAEHPB_W@Z
??1CFunBasicCfgIni@@QAE@XZ
??0CFunBasicCfgIni@@QAE@XZ

mfc90u

ord2537
ord811
ord814
ord296
ord5867
ord600
ord266
ord265
ord1271
ord794
ord589
ord799
ord801
ord605
ord1274
ord321
ord1241
ord1239
ord1264
ord1180
ord1233
ord2084
ord391
ord1152
ord1273
ord1145
ord1076
ord1137
ord322
ord802
ord1088

msvcr90

__CxxFrameHandler3
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
malloc
sprintf
wcstombs
free
atoi
memcpy

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
LocalAlloc
LocalFree
WaitForSingleObject
SetEvent
Sleep
GetTickCount
CloseHandle
CreateEventW
ResetEvent

Exports

Exports

??0CSerialMonitorSerivce@@QAE@XZ
??1CSerialMonitorSerivce@@QAE@XZ
??4CSerialMonitorSerivce@@QAEAAV0@ABV0@@Z
?CompareWithLabels@CSerialMonitorSerivce@@QAEGPAEKPAIPAJ@Z
?ReadWatchLabels@CSerialMonitorSerivce@@QAEXXZ
?SMS_AbortPendingRequest@CSerialMonitorSerivce@@QAEXXZ
?SMS_AcquireControl@CSerialMonitorSerivce@@QAEHPAUHWND__@@@Z
?SMS_ChangeBaudrate@CSerialMonitorSerivce@@QAEHPAUserialport_config_tag@@@Z
?SMS_ClosePort@CSerialMonitorSerivce@@QAEHK@Z
?SMS_Deinit@CSerialMonitorSerivce@@QAEXXZ
?SMS_GetCurSvcParam@CSerialMonitorSerivce@@QAEXPAKPAPAUserialport_info_tag@@PAUserialport_config_tag@@@Z
?SMS_Init@CSerialMonitorSerivce@@QAEHXZ
?SMS_IsPortOpen@CSerialMonitorSerivce@@QAEPAHXZ
?SMS_MonitorProc@CSerialMonitorSerivce@@QAEXXZ
?SMS_NumComPortOpen@CSerialMonitorSerivce@@QAEKXZ
?SMS_OpenPort@CSerialMonitorSerivce@@QAEHPAUserialport_config_tag@@@Z
?SMS_Receive@CSerialMonitorSerivce@@QAEHPAEKPAKKK@Z
?SMS_ReleaseControl@CSerialMonitorSerivce@@QAEHPAUHWND__@@@Z
?SMS_SearchAllSerialPorts@CSerialMonitorSerivce@@QAEHPAKPAPAUserialport_info_tag@@@Z
?SMS_Send@CSerialMonitorSerivce@@QAEHPAEKPAKKK@Z
?SMS_StartSvc@CSerialMonitorSerivce@@QAEHXZ
?SMS_StopSvc@CSerialMonitorSerivce@@QAEXXZ
?set_blockupg@CSerialMonitorSerivce@@QAEXH@Z
?set_bootroom@CSerialMonitorSerivce@@QAEXH@Z
?set_calibrate@CSerialMonitorSerivce@@QAEXH@Z
?set_dumping@CSerialMonitorSerivce@@QAEXH@Z
?set_upg@CSerialMonitorSerivce@@QAEXH@Z
?svc_broadcast@CSerialMonitorSerivce@@IAEXXZ
?svc_routine@CSerialMonitorSerivce@@KGKPAX@Z

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
STBUPG_20140213/FunIni.dll
.dll windows:5 windows x86 arch:x86

5584e30b80ddacbe14df95e6c51e60ab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc90u

ord4518
ord4405
ord782
ord580
ord6170
ord6171
ord6514
ord1248
ord2479
ord813
ord3729
ord663
ord404
ord296
ord811
ord600
ord280
ord286
ord605
ord1274
ord321
ord1241
ord1239
ord1264
ord1180
ord1233
ord2084
ord391
ord1152
ord1273
ord1271
ord1145
ord1076
ord1137
ord322
ord802
ord1088
ord801

msvcr90

__CxxFrameHandler3
_encode_pointer
_malloc_crt
free
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_except_handler4_common
memset
??2@YAPAXI@Z

kernel32

GetLastError
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
LocalAlloc
LocalFree
GetModuleFileNameW
GetPrivateProfileSectionW
GetPrivateProfileSectionNamesW
GetPrivateProfileStringW
WritePrivateProfileStringW

Exports

Exports

??0CFunBasicCfgIni@@QAE@ABV0@@Z
??0CFunBasicCfgIni@@QAE@XZ
??1CFunBasicCfgIni@@QAE@XZ
??4CFunBasicCfgIni@@QAEAAV0@ABV0@@Z
?DelAllSections@CFunBasicCfgIni@@QAEHXZ
?DelKey@CFunBasicCfgIni@@QAEHPB_W0@Z
?DelSection@CFunBasicCfgIni@@QAEHPB_W@Z
?GetFileName@CFunBasicCfgIni@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?GetKeyValues@CFunBasicCfgIni@@QAEHAAVCStringArray@@0PB_W@Z
?GetSections@CFunBasicCfgIni@@QAEHAAVCStringArray@@@Z
?GetValue@CFunBasicCfgIni@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PB_W0@Z
?SetFileName@CFunBasicCfgIni@@QAEHPB_W@Z
?SetValue@CFunBasicCfgIni@@QAEHPB_W00_N@Z
?crc_fast_calculate@CFunBasicCfgIni@@QAEKPAKKPAEH@Z
?crc_fast_calculate_ccitt@CFunBasicCfgIni@@QAEKKPAEH@Z
?crc_fast_calculate_ota@CFunBasicCfgIni@@QAEKPAKKPAEH@Z
?crc_setup_fast_lut@CFunBasicCfgIni@@QAEXPAK@Z
?crc_setup_fast_lut_ota@CFunBasicCfgIni@@QAEXPAK@Z
?get_cur_root_directory@CFunBasicCfgIni@@QAEXPA_W@Z

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 942B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
STBUPG_20140213/FunLog.dll
.dll windows:5 windows x86 arch:x86

29da67a1bb1ad27f327cef8058ed74b8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc90u

ord794
ord1271
ord265
ord605
ord1274
ord321
ord1241
ord1239
ord1264
ord1180
ord1233
ord2084
ord391
ord1152
ord1273
ord1145
ord1076
ord1137
ord322
ord802
ord1088
ord589
ord801

msvcr90

_amsg_exit
_adjust_fdiv
_initterm_e
?terminate@@YAXXZ
_crt_debugger_hook
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_initterm
_encoded_null
free
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
memset
_unlock
??2@YAPAXI@Z
__CxxFrameHandler3
vsprintf
wcscpy_s
memcpy
__CppXcptFilter

kernel32

Sleep
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
LocalAlloc
LocalFree
GetLocalTime
CallNamedPipeW
WaitNamedPipeW
GetSystemTime
GetTickCount

user32

wsprintfW

Exports

Exports

??0SS_Log@@QAE@XZ
??1SS_Log@@QAE@XZ
??4SS_Log@@QAEAAV0@ABV0@@Z
?ClearConsle@@YAXXZ
?ConsleClear@SS_Log@@QAEXPA_WH@Z
?ConslePrintData@SS_Log@@QAEXPA_WHPAEK@Z
?ConslePrintStr@SS_Log@@QAEXPA_WHPB_WK@Z
?InitObject@SS_Log@@IAEXXZ
?LogStoreFileLine@@YAXPA_WH@Z
?WriteConsleData@@YAXPAEK@Z
?WriteConsleStr@@YAXPB_W@Z
?WriteLog@@YAXKPADZZ
?WriteLog@SS_Log@@QAEXPA_WHKPADPAPAD@Z
?fun_console_printf@@YAXPBDZZ

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
STBUPG_20140213/FunSerial.dll
.dll windows:5 windows x86 arch:x86

e407f923fc86bcbde25dcdd8e30a3af2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList

mfc90u

ord265
ord801
ord266
ord1183
ord286
ord600
ord589
ord794
ord605
ord1274
ord321
ord1271
ord1239
ord1264
ord1180
ord1233
ord2084
ord391
ord1152
ord1273
ord1145
ord1076
ord1137
ord322
ord802
ord1088
ord1241

msvcr90

_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_crt_debugger_hook
?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
_decode_pointer
memcpy
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
??2@YAPAXI@Z
__CxxFrameHandler3
wcscat_s
wcscpy_s
wcsstr
memset
_amsg_exit

kernel32

InterlockedCompareExchange
GetLastError
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
Sleep
InterlockedExchange
LocalAlloc
LocalFree
SetEvent
ReadFile
CancelIo
GetOverlappedResult
WaitForMultipleObjects
WriteFile
ResetEvent
SetCommMask
SetupComm
SetCommTimeouts
SetCommState
TerminateProcess
GetCommState
CreateFileW
CloseHandle
CreateEventW

advapi32

RegEnumValueW
RegCloseKey
RegOpenKeyExW

Exports

Exports

??0CBasicSerialPort@@QAE@XZ
??1CBasicSerialPort@@QAE@XZ
??4CBasicSerialPort@@QAEAAV0@ABV0@@Z
?SP_CancelPendingIO@CBasicSerialPort@@QAEHXZ
?SP_ChangeBaudrate@CBasicSerialPort@@QAEHPAUserialport_config_tag@@@Z
?SP_ClosePort@CBasicSerialPort@@QAEHK@Z
?SP_Deinit@CBasicSerialPort@@QAEXXZ
?SP_Init@CBasicSerialPort@@QAEHXZ
?SP_OpenPort@CBasicSerialPort@@QAEHPAUserialport_config_tag@@@Z
?SP_Receive@CBasicSerialPort@@QAEHPAEKPAKKK@Z
?SP_SearchAllSerialPorts@CBasicSerialPort@@QAEHPAKPAPAUserialport_info_tag@@@Z
?SP_Send@CBasicSerialPort@@QAEHPAEKPAKKK@Z
?_EnumSerialPortsInfo@CBasicSerialPort@@AAEHXZ
?_ExpandSerialPortArray@CBasicSerialPort@@AAEHK@Z
?_FreeSerialPortArray@CBasicSerialPort@@AAEXXZ

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 994B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
STBUPG_20140213/FunThread.dll
.dll windows:5 windows x86 arch:x86

c0e6c5feeeed9d99d664baa481750220

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc90u

ord1064
ord1271
ord794
ord589
ord1100
ord801
ord605
ord1274
ord321
ord1241
ord1239
ord1264
ord1180
ord1233
ord2084
ord391
ord1152
ord1273
ord1145
ord1076
ord1137
ord322
ord802
ord1088

msvcr90

_crt_debugger_hook
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
??2@YAPAXI@Z
__CxxFrameHandler3
?terminate@@YAXXZ

kernel32

LocalFree
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
LocalAlloc
IsDebuggerPresent
ResumeThread
SuspendThread
WaitForSingleObject
SetEvent
ResetEvent
CloseHandle
CreateEventW
SetUnhandledExceptionFilter

Exports

Exports

??0CFunWorkThread@@QAE@XZ
??1CFunWorkThread@@QAE@XZ
??4CFunWorkThread@@QAEAAV0@ABV0@@Z
?Attach@CFunWorkThread@@QAEXP6GKPAX@Z0@Z
?Deinit@CFunWorkThread@@QAEXXZ
?Detach@CFunWorkThread@@QAEXXZ
?EntryPoint@CFunWorkThread@@KAIPAX@Z
?Init@CFunWorkThread@@QAEHXZ
?Resume@CFunWorkThread@@QAEXXZ
?RunTask@CFunWorkThread@@QAEXXZ
?Start@CFunWorkThread@@QAEHH@Z
?Stop@CFunWorkThread@@QAEXH@Z
?Suspend@CFunWorkThread@@QAEXXZ

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
STBUPG_20140213/FunTip.dll
.dll windows:5 windows x86 arch:x86

a89b9dfd27fce0d9f2489959fea6aeb7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc90u

ord1727
ord1791
ord5625
ord1442
ord3226
ord6376
ord5404
ord3682
ord6804
ord4174
ord6802
ord1641
ord2368
ord2375
ord2630
ord2612
ord2610
ord2628
ord2640
ord2617
ord2633
ord2638
ord2621
ord2623
ord2625
ord2619
ord2635
ord2615
ord971
ord967
ord969
ord6168
ord960
ord5683
ord5685
ord6466
ord1728
ord4702
ord5154
ord3743
ord5664
ord4603
ord6800
ord5512
ord2074
ord5602
ord4664
ord1493
ord4345
ord1751
ord5650
ord6411
ord3355
ord3220
ord285
ord1607
ord4519
ord4518
ord2479
ord2478
ord6729
ord4457
ord6065
ord1533
ord799
ord1792
ord1222
ord5342
ord4774
ord5322
ord4442
ord286
ord6187
ord6101
ord6096
ord6547
ord6094
ord1354
ord3488
ord744
ord524
ord4044
ord2069
ord2139
ord1248
ord6512
ord711
ord463
ord3543
ord2106
ord2537
ord1183
ord3537
ord797
ord595
ord3741
ord1137
ord266
ord2771
ord2983
ord3112
ord4728
ord2966
ord3140
ord2774
ord2893
ord2764
ord4080
ord4081
ord4071
ord2891
ord4348
ord4910
ord4681
ord3674
ord3589
ord6577
ord795
ord590
ord280
ord2597
ord6604
ord1754
ord5891
ord600
ord296
ord811
ord813
ord2326
ord965
ord801
ord605
ord1274
ord321
ord1241
ord1239
ord1264
ord1180
ord1233
ord2084
ord391
ord1152
ord1273
ord1271
ord1145
ord1076
ord322
ord802
ord1088

msvcr90

__CxxFrameHandler3
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
_onexit
_lock
__dllonexit
_unlock
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
?terminate@@YAXXZ

kernel32

LocalAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
LocalFree

user32

ChildWindowFromPointEx
WindowFromPoint
ClientToScreen
GetSystemMetrics
OffsetRect
InvalidateRect
SystemParametersInfoW
LoadStringW
SendMessageW
GetDlgCtrlID
PtInRect
IsChild
LoadCursorW
SetFocus
GetWindowRect
ScreenToClient
SetTimer
GetCursorPos
KillTimer
FillRect
GetSysColor
GetClientRect
IsWindow
CopyRect
EnableWindow

gdi32

Polygon
CreateFontIndirectW
GetObjectW
CreateSolidBrush
GetTextExtentPoint32W
GetTextMetricsW
Rectangle

Exports

Exports

??0COXToolTipCtrl@@QAE@XZ
??0COXToolTipInfo@@QAE@XZ
??1COXToolTipCtrl@@UAE@XZ
??1COXToolTipInfo@@UAE@XZ
??4COXToolTipInfo@@QAEXAAUOXTOOLINFO@@@Z
??4COXToolTipInfo@@QAEXAAV0@@Z
??_7COXToolTipCtrl@@6B@
??_7COXToolTipInfo@@6B@
?Activate@COXToolTipCtrl@@QAEXH@Z
?AddTool@COXToolTipCtrl@@QAEHPAVCWnd@@IPBUtagRECT@@I@Z
?AddTool@COXToolTipCtrl@@QAEHPAVCWnd@@PB_WPBUtagRECT@@I@Z
?CalculateInfoBoxRect@COXToolTipCtrl@@MBE?AVCRect@@AAVCPoint@@PAVCOXToolTipInfo@@AAV2@@Z
?Create@COXToolTipCtrl@@QAEHPAVCWnd@@@Z
?DelTool@COXToolTipCtrl@@QAEXPAVCWnd@@I@Z
?DisplayToolTip@COXToolTipCtrl@@IAEXAAVCPoint@@H@Z
?FindToolFromPoint@COXToolTipCtrl@@IAEPAVCOXToolTipInfo@@AAUtagPOINT@@@Z
?GetBoundsRect@COXToolTipCtrl@@MBE?AVCRect@@V?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@H@Z
?GetChildWindowFromPoint@COXToolTipCtrl@@IBEPAVCWnd@@AAUtagPOINT@@@Z
?GetDelayTime@COXToolTipCtrl@@QBEHK@Z
?GetFieldFromString@COXToolTipCtrl@@IBE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@V23@H_W@Z
?GetMargin@COXToolTipCtrl@@QBEXPAUtagRECT@@@Z
?GetMaxTipWidth@COXToolTipCtrl@@QBEHXZ
?GetMessageMap@COXToolTipCtrl@@MBEPBUAFX_MSGMAP@@XZ
?GetSystemToolTipFont@COXToolTipCtrl@@IBEPAUtagLOGFONTW@@XZ
?GetText@COXToolTipCtrl@@QAEXAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PAVCWnd@@I@Z
?GetThisMessageMap@COXToolTipCtrl@@KGPBUAFX_MSGMAP@@XZ
?GetTipBkColor@COXToolTipCtrl@@QBEKXZ
?GetTipTextColor@COXToolTipCtrl@@QBEKXZ
?GetToolCount@COXToolTipCtrl@@QBEHXZ
?GetToolInfo@COXToolTipCtrl@@QAEHAAUOXTOOLINFO@@PAVCWnd@@I@Z
?GetToolInfoPtr@COXToolTipCtrl@@IAEPAVCOXToolTipInfo@@PAVCWnd@@I@Z
?GetTooltipText@COXToolTipCtrl@@IAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PAVCOXToolTipInfo@@@Z
?HitTest@COXToolTipCtrl@@QBEHPAVCWnd@@UtagPOINT@@PAUOXTOOLINFO@@@Z
?IsCursorInTool@COXToolTipCtrl@@IBEHPAVCOXToolTipInfo@@@Z
?IsCursorInToolTip@COXToolTipCtrl@@IBEHXZ
?IsVisible@COXToolTipCtrl@@IBEHXZ
?OnDestroy@COXToolTipCtrl@@IAEXXZ
?OnGetFont@COXToolTipCtrl@@IAEJIJ@Z
?OnLButtonDown@COXToolTipCtrl@@IAEXIVCPoint@@@Z
?OnMouseActivate@COXToolTipCtrl@@IAEHPAVCWnd@@II@Z
?OnPaint@COXToolTipCtrl@@IAEXXZ
?OnSetFocus@COXToolTipCtrl@@IAEXPAVCWnd@@@Z
?OnSetFont@COXToolTipCtrl@@IAEJIJ@Z
?OnSettingChange@COXToolTipCtrl@@IAEXIPB_W@Z
?OnTimer@COXToolTipCtrl@@IAEXI@Z
?Pop@COXToolTipCtrl@@QAEXXZ
?RelayEvent@COXToolTipCtrl@@QAEXPAUtagMSG@@@Z
?SetDelayTime@COXToolTipCtrl@@QAEXI@Z
?SetDelayTime@COXToolTipCtrl@@QAEXKH@Z
?SetLogFont@COXToolTipCtrl@@IAEHPAUtagLOGFONTW@@H@Z
?SetMargin@COXToolTipCtrl@@QAEXPAUtagRECT@@@Z
?SetMaxTipWidth@COXToolTipCtrl@@QAEHH@Z
?SetTipBkColor@COXToolTipCtrl@@QAEXK@Z
?SetTipTextColor@COXToolTipCtrl@@QAEXK@Z
?SetToolInfo@COXToolTipCtrl@@QAEXPAUOXTOOLINFO@@@Z
?StartNewTool@COXToolTipCtrl@@IAEXPAVCOXToolTipInfo@@@Z
?m_szArrowSpace@COXToolTipCtrl@@1PB_WB

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
STBUPG_20140213/STBTool.ini
STBUPG_20140213/STBUPG的使用说明.doc
.doc windows office2003
STBUPG_20140213/UIFlashWR.dll
.dll windows:5 windows x86 arch:x86

00246d48d75563845a208de127a55e0a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

funthread

?Suspend@CFunWorkThread@@QAEXXZ
?Start@CFunWorkThread@@QAEHH@Z
?Attach@CFunWorkThread@@QAEXP6GKPAX@Z0@Z
??0CFunWorkThread@@QAE@XZ
??1CFunWorkThread@@QAE@XZ
?Detach@CFunWorkThread@@QAEXXZ
?Resume@CFunWorkThread@@QAEXXZ

funcomsvc

?set_upg@CSerialMonitorSerivce@@QAEXH@Z
?SMS_ClosePort@CSerialMonitorSerivce@@QAEHK@Z
?SMS_OpenPort@CSerialMonitorSerivce@@QAEHPAUserialport_config_tag@@@Z
?set_dumping@CSerialMonitorSerivce@@QAEXH@Z
?SMS_Send@CSerialMonitorSerivce@@QAEHPAEKPAKKK@Z
?SMS_Receive@CSerialMonitorSerivce@@QAEHPAEKPAKKK@Z
?SMS_GetCurSvcParam@CSerialMonitorSerivce@@QAEXPAKPAPAUserialport_info_tag@@PAUserialport_config_tag@@@Z
?SMS_IsPortOpen@CSerialMonitorSerivce@@QAEPAHXZ
?SMS_SearchAllSerialPorts@CSerialMonitorSerivce@@QAEHPAKPAPAUserialport_info_tag@@@Z

funlog

?WriteConsleData@@YAXPAEK@Z
?fun_console_printf@@YAXPBDZZ
?LogStoreFileLine@@YAXPA_WH@Z
?WriteLog@@YAXKPADZZ
?ClearConsle@@YAXXZ

funini

??0CFunBasicCfgIni@@QAE@XZ
??1CFunBasicCfgIni@@QAE@XZ
?SetFileName@CFunBasicCfgIni@@QAEHPB_W@Z
?GetValue@CFunBasicCfgIni@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PB_W0@Z

funtip

??1COXToolTipCtrl@@UAE@XZ
?SetMaxTipWidth@COXToolTipCtrl@@QAEHH@Z
?SetTipBkColor@COXToolTipCtrl@@QAEXK@Z
?AddTool@COXToolTipCtrl@@QAEHPAVCWnd@@PB_WPBUtagRECT@@I@Z
?RelayEvent@COXToolTipCtrl@@QAEXPAUtagMSG@@@Z
??0COXToolTipCtrl@@QAE@XZ
?Create@COXToolTipCtrl@@QAEHPAVCWnd@@@Z

mfc90u

ord3140
ord2966
ord4728
ord3112
ord2983
ord2771
ord5650
ord1791
ord1792
ord2139
ord5624
ord1440
ord3226
ord6376
ord5404
ord3681
ord6804
ord4174
ord6802
ord1641
ord2368
ord2375
ord2630
ord2646
ord4910
ord2647
ord2640
ord2617
ord2633
ord2638
ord2621
ord2623
ord2625
ord2619
ord2635
ord2615
ord971
ord2644
ord969
ord2643
ord960
ord5683
ord5685
ord6466
ord1728
ord4702
ord5154
ord3743
ord4603
ord6800
ord5512
ord2074
ord5601
ord4664
ord1493
ord4345
ord1751
ord1754
ord6410
ord3354
ord4378
ord5293
ord5296
ord4800
ord4805
ord4802
ord4820
ord2774
ord4807
ord5209
ord4596
ord4589
ord5418
ord4809
ord5214
ord4622
ord5224
ord4865
ord4866
ord4109
ord5867
ord939
ord2695
ord391
ord1152
ord1239
ord4693
ord1599
ord1680
ord6604
ord5869
ord2537
ord6813
ord1183
ord4516
ord280
ord4131
ord265
ord1552
ord5770
ord3187
ord5535
ord6760
ord3399
ord2209
ord664
ord405
ord5654
ord6579
ord814
ord2360
ord2904
ord2356
ord5016
ord4006
ord2057
ord1934
ord286
ord600
ord296
ord663
ord404
ord669
ord413
ord3818
ord799
ord1137
ord811
ord2893
ord2764
ord4080
ord4081
ord2891
ord4071
ord4823
ord4348
ord813
ord801
ord2645

msvcr90

__CxxFrameHandler3
memcpy
__clean_type_info_names_internal
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
wcscat_s
wcscpy_s
wcstombs
strncmp
sprintf
malloc
free
memset

kernel32

InterlockedCompareExchange
CloseHandle
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
CreateEventW
InterlockedExchange
Sleep
ResetEvent
GetTickCount
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
GetModuleFileNameW
GetModuleHandleW
SetEvent

user32

wsprintfW
SendMessageW
EnableWindow

Exports

Exports

MultiViewDll

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
STBUPG_20140213/shell.img
STBUPG_20140213/stbclient.bin
STBUPG_20140213/stbupg.exe
.exe windows:5 windows x86 arch:x86

419b84dfd79e193b07cdbdc2d547c867

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

funthread

?Stop@CFunWorkThread@@QAEXH@Z
??0CFunWorkThread@@QAE@XZ
?Start@CFunWorkThread@@QAEHH@Z
??1CFunWorkThread@@QAE@XZ
?Detach@CFunWorkThread@@QAEXXZ
?Attach@CFunWorkThread@@QAEXP6GKPAX@Z0@Z

funcomsvc

?SMS_Deinit@CSerialMonitorSerivce@@QAEXXZ
?SMS_Send@CSerialMonitorSerivce@@QAEHPAEKPAKKK@Z
??0CSerialMonitorSerivce@@QAE@XZ
??1CSerialMonitorSerivce@@QAE@XZ
?SMS_Init@CSerialMonitorSerivce@@QAEHXZ

funini

?GetValue@CFunBasicCfgIni@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PB_W0@Z
??0CFunBasicCfgIni@@QAE@XZ
??1CFunBasicCfgIni@@QAE@XZ
?SetFileName@CFunBasicCfgIni@@QAEHPB_W@Z

mfc90u

ord6013
ord5979
ord3841
ord4345
ord5602
ord2074
ord5664
ord4702
ord6376
ord3226
ord5625
ord2139
ord4681
ord797
ord595
ord654
ord296
ord2069
ord4044
ord935
ord814
ord4128
ord265
ord933
ord266
ord1137
ord939
ord2676
ord1488
ord6791
ord2105
ord1602
ord4511
ord2279
ord1695
ord4657
ord692
ord4512
ord2282
ord3577
ord2130
ord1108
ord1357
ord2596
ord4351
ord1144
ord9360
ord6942
ord6761
ord6311
ord7600
ord9518
ord6865
ord7160
ord6932
ord7205
ord7047
ord7263
ord7043
ord7259
ord7065
ord7274
ord8812
ord10509
ord12799
ord8346
ord8190
ord8431
ord12242
ord2537
ord4442
ord1248
ord13255
ord13149
ord12055
ord8366
ord1383
ord1183
ord2372
ord12789
ord9475
ord9478
ord9981
ord9480
ord9476
ord9479
ord13009
ord9477
ord13297
ord9923
ord9648
ord11943
ord9992
ord7818
ord12420
ord9776
ord7068
ord7275
ord980
ord3396
ord10438
ord2536
ord6579
ord10459
ord13285
ord9729
ord10471
ord12275
ord2071
ord2652
ord12361
ord6382
ord6380
ord11883
ord3232
ord10224
ord10546
ord12116
ord2080
ord1733
ord9664
ord7548
ord11569
ord11926
ord7851
ord13207
ord11876
ord7426
ord10454
ord10810
ord11936
ord7541
ord9935
ord12582
ord7961
ord8004
ord8811
ord5867
ord6852
ord7147
ord3537
ord2106
ord3543
ord7044
ord7260
ord9511
ord10506
ord7929
ord1678
ord2326
ord11959
ord6577
ord9352
ord10436
ord10580
ord9119
ord12658
ord8600
ord8581
ord8578
ord8598
ord8610
ord8587
ord8601
ord8607
ord8592
ord8594
ord8596
ord8590
ord8604
ord8584
ord7384
ord7380
ord7376
ord12272
ord13279
ord8697
ord9824
ord9893
ord9853
ord9904
ord7742
ord9839
ord7740
ord8719
ord8649
ord8714
ord7731
ord8383
ord8195
ord8559
ord8211
ord12375
ord7958
ord10312
ord10280
ord13118
ord9050
ord5447
ord12596
ord10220
ord13080
ord7901
ord13229
ord12097
ord11715
ord7969
ord13324
ord7692
ord8237
ord7543
ord8622
ord8627
ord7903
ord9038
ord12693
ord12256
ord8183
ord10213
ord13198
ord8206
ord9812
ord12804
ord11746
ord10318
ord10298
ord7932
ord7977
ord7682
ord7587
ord13212
ord11735
ord7853
ord11922
ord10762
ord10315
ord10295
ord12446
ord12809
ord8180
ord8441
ord11786
ord13182
ord7908
ord7907
ord7970
ord9706
ord7727
ord4405
ord8716
ord7662
ord8133
ord2079
ord8197
ord13232
ord12716
ord10013
ord7902
ord13189
ord8261
ord7574
ord12089
ord13172
ord12747
ord7754
ord7762
ord12002
ord937
ord2695
ord462
ord710
ord571
ord6727
ord938
ord1364
ord6604
ord2154
ord4890
ord4893
ord4043
ord7138
ord7332
ord581
ord783
ord4211
ord1186
ord1182
ord1098
ord6482
ord4441
ord9747
ord9761
ord9769
ord13051
ord9636
ord9474
ord7766
ord341
ord617
ord5567
ord5675
ord4543
ord374
ord639
ord4000
ord2208
ord5008
ord7456
ord8686
ord1607
ord3220
ord285
ord1043
ord457
ord996
ord1599
ord8452
ord9272
ord4905
ord3115
ord6018
ord5663
ord5680
ord4996
ord4347
ord5676
ord5674
ord3217
ord2087
ord4213
ord5830
ord6741
ord5548
ord1048
ord4179
ord6035
ord2206
ord2251
ord4747
ord6803
ord4173
ord6801
ord4423
ord4448
ord9965
ord12617
ord12165
ord13136
ord10304
ord10457
ord9972
ord13194
ord12404
ord3515
ord4682
ord5653
ord1492
ord6408
ord3353
ord1675
ord1809
ord1810
ord5324
ord5167
ord4631
ord5632
ord2479
ord3803
ord4004
ord388
ord650
ord5137
ord4684
ord4906
ord6553
ord6439
ord3035
ord3340
ord4641
ord2090
ord5171
ord5285
ord4677
ord5945
ord3009
ord5861
ord1462
ord6044
ord5606
ord2239
ord2204
ord6762
ord2867
ord2859
ord4994
ord12118
ord4730
ord4553
ord3233
ord11882
ord3229
ord6379
ord3230
ord6381
ord7388
ord3287
ord2651
ord2650
ord4430
ord1681
ord3355
ord6411
ord1754
ord1751
ord4344
ord1493
ord4664
ord5598
ord2070
ord5512
ord6800
ord4603
ord12274
ord2369
ord1380
ord3743
ord5154
ord4697
ord1728
ord6466
ord5685
ord5683
ord960
ord965
ord969
ord967
ord971
ord2615
ord2635
ord2619
ord2625
ord2623
ord2621
ord2638
ord2633
ord2617
ord2640
ord2628
ord2610
ord2612
ord2630
ord2375
ord2368
ord1641
ord6802
ord4174
ord6804
ord3682
ord5404
ord6375
ord3225
ord1442
ord2138
ord1792
ord1791
ord1727
ord5650
ord2771
ord2983
ord3112
ord4728
ord2966
ord3140
ord2774
ord2893
ord2764
ord4080
ord4081
ord4071
ord2891
ord811
ord813
ord286
ord600
ord280
ord8721
ord8765
ord8766
ord11568
ord5448
ord1697
ord4985
ord5354
ord13157
ord2445
ord4348
ord4910
ord4685
ord12360
ord7547

msvcr90

memset
__CxxFrameHandler3
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_controlfp_s
_invoke_watson
_except_handler4_common
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
??0exception@std@@QAE@ABV01@@Z
_findclose
_wfindnext64
_wfindfirst64
mbstowcs
sprintf
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
wcscat_s
free
wcstombs_s
malloc
_invalid_parameter_noinfo
wprintf
wcscpy_s
_CxxThrowException

kernel32

SetEvent
ReadFile
GetProcAddress
LoadLibraryW
WaitForMultipleObjects
MultiByteToWideChar
ResetEvent
ConnectNamedPipe
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCommandLineW
OpenFileMappingW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
FlushFileBuffers
SetFilePointer
CreateFileW
GetModuleFileNameW
GetModuleHandleW
GetLocalTime
CloseHandle
CreateNamedPipeW
CreateEventW
DisconnectNamedPipe
WriteFile
FreeLibrary

user32

UpdateWindow
SetForegroundWindow
IsIconic
GetLastActivePopup
wsprintfW
SetRectEmpty
RedrawWindow
GetSystemMetrics
LoadImageW
GetSubMenu
LoadMenuW
InvalidateRect
MessageBeep
SendMessageW
EnableWindow
GetParent

gdi32

GetStockObject

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor

comctl32

InitCommonControlsEx

msvcp90

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 233KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15847eb10d7d06dcd5980e8a9b786fd6

Headers

File Characteristics

Imports

oleaut32

user32

kernel32

Sections

.text Size: 483KB - Virtual size: 483KB

.rdata Size: 61KB - Virtual size: 60KB

.data Size: 27KB - Virtual size: 53KB

.sxdata Size: 512B - Virtual size: 4B

.rsrc Size: 1024B - Virtual size: 808B

efd6c5e99a644ee60ad4631c6624dabf

Headers

DLL Characteristics

File Characteristics

Imports

funthread

funserial

funlog

funini

mfc90u

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

5584e30b80ddacbe14df95e6c51e60ab

Headers

DLL Characteristics

File Characteristics

Imports

mfc90u

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 942B

29da67a1bb1ad27f327cef8058ed74b8

Headers

DLL Characteristics

File Characteristics

Imports

mfc90u

msvcr90

kernel32

user32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 924B

e407f923fc86bcbde25dcdd8e30a3af2

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

mfc90u

msvcr90

kernel32

.text
Size: 483KB - Virtual size: 483KB

.rdata
Size: 61KB - Virtual size: 60KB

.data
Size: 27KB - Virtual size: 53KB

.sxdata
Size: 512B - Virtual size: 4B

.rsrc
Size: 1024B - Virtual size: 808B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 942B

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 924B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 994B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 836B

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 4KB