19639b140a38466c78ecf6493917362e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

19639b140a38466c78ecf6493917362e_JaffaCakes118
Size

864KB
MD5

19639b140a38466c78ecf6493917362e
SHA1

19839ded10820d26986bcf69040f4e3e1eb49570
SHA256

ca1b54d4767dc0ffaf5f3e3f303e33c3032545ad79fc5166367afd1f9437551a
SHA512

544677277b8ab4c345c6697edce582e9870953c1b9544f6f1be6df7be9f850d71d4ff3a56de5f5ba00b4c4f8dd185661f8006fcf0aa07309edc85df3acda2c9b
SSDEEP

12288:x+rXCXDXINWhqg1XTDfhz+oYqccwrCpEd7t3zBOdpygG0iU2N5INBtfQ8tfCPsoc:x+WzwWhqqX8eeJRg/KlWGPsob/8l

Score

3^/10

Malware Config

Signatures

Unsigned PE 13 IoCs

Checks for missing Authenticode signature.

resource
19639b140a38466c78ecf6493917362e_JaffaCakes118
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/KillProcDLL.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/Coopen.exe
unpack001/CoopenActiveControl70.dll
unpack001/CoopenClient.cop
unpack001/CoopenDownloader.cop
unpack001/CoopenPlayer.cop
unpack001/CoopenSimpleMode.cop
unpack001/CoopenStatistics.cop
unpack001/CoopenUI.cop
unpack001/CoopenUpdate.cop

NSIS installer 1 IoCs

installer

resource	yara_rule
sample	nsis_installer_1

Files

19639b140a38466c78ecf6493917362e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b2a0d9368ec1be7deb968a920e5c993e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
SetFileTime
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
ExitProcess

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$APPDATA/Coopen/CoopenRuntime.ini
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KillProcDLL.dll
.dll windows:4 windows x86 arch:x86

815c88741b87a0210c457b00b57bf9c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
CloseHandle
OpenProcess
FreeLibrary
LoadLibraryA
GetProcAddress
GetVersionExA
GlobalFree
lstrcpyA
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
RtlUnwind
GetCPInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP

Exports

Exports

KillProc

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
Coopen.exe
.exe windows:4 windows x86 arch:x86

e924ffa7adac2cb7672dbb3b154863da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
GetTickCount
FreeLibrary
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceW
GetModuleHandleW
ExpandEnvironmentStringsW
GlobalMemoryStatus
GetVersionExW
CreateEventW
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
WaitForSingleObject
GetProcAddress
EnterCriticalSection
SetEvent
Sleep
DeviceIoControl
CreateFileA
SetPriorityClass
GetCurrentProcess
ReleaseMutex
GetLastError
CreateMutexW
GetCurrentProcessId
TerminateProcess
OpenProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
LeaveCriticalSection
GetStartupInfoW
GetPrivateProfileStringW
GetPrivateProfileIntW
WritePrivateProfileStringW
CreateDirectoryW
SetCurrentDirectoryW
GetModuleFileNameW
WriteFile
CreateFileW
CopyFileW
GetFileAttributesW
FindFirstFileW
FindClose
WideCharToMultiByte
MultiByteToWideChar
GetSystemDirectoryW

user32

CloseWindow
MessageBoxW
GetWindow
FindWindowW
SendMessageW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
FindWindowExW
ShowWindow
wsprintfA
IsCharAlphaNumericW

shell32

SHGetSpecialFolderLocation
SHGetMalloc
ShellExecuteW
SHGetSpecialFolderPathW
SHGetPathFromIDListW

ole32

CoCreateInstance
CoInitialize
CoUninitialize
CoCreateGuid

iphlpapi

GetAdaptersInfo

rpcrt4

RpcStringFreeW
UuidToStringW

msvcrt

_ftol
_beginthreadex
wcslen
swscanf
_vsnwprintf
wcsncpy
_wcslwr
_exit
_XcptFilter
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
?terminate@@YAXXZ
_controlfp
wcscpy
__CxxFrameHandler
??2@YAPAXI@Z
_purecall
??3@YAXPAX@Z
wcscmp

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
CoopenActiveControl70.dll
.dll regsvr32 windows:4 windows x86 arch:x86

b3203c8f74bcd43d2db31b3b3b271959

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExpandEnvironmentStringsW
CreateDirectoryW
CreateFileW
CloseHandle
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetCurrentProcess
FlushInstructionCache
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenW
EnterCriticalSection
DisableThreadLibraryCalls
LeaveCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
LocalFree

user32

IsChild
UnionRect
SetFocus
GetKeyState
PtInRect
GetFocus
GetClientRect
FindWindowW
SendMessageW
wsprintfW
CreateWindowExW
CallWindowProcW
GetWindowLongW
SetWindowLongW
BeginPaint
DefWindowProcW
EndPaint
InvalidateRect
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
IsWindow
DestroyWindow
GetParent
ShowWindow

gdi32

GetDeviceCaps
LPtoDP
SetMapMode
SetViewportOrgEx
TextOutW
SetTextAlign
Rectangle
CreateRectRgnIndirect
CloseMetaFile
DeleteMetaFile
RestoreDC
SetWindowExtEx
SetWindowOrgEx
SaveDC
CreateMetaFileW
DeleteDC

advapi32

RegQueryValueExW
RegCloseKey
RegCreateKeyExW

shell32

SHGetSpecialFolderPathW
ShellExecuteW

ole32

OleRegGetMiscStatus
CreateDataAdviseHolder
CoTaskMemFree
CreateOleAdviseHolder
CoTaskMemAlloc
OleRegEnumVerbs
OleRegGetUserType

oleaut32

SysStringByteLen
SysAllocStringByteLen
SysAllocString
VariantClear
SysStringLen
LoadRegTypeLi
SysFreeString
OleCreatePropertyFrame

atl

ord32
ord58
ord30
ord51
ord31
ord57
ord26
ord21
ord50
ord44
ord43
ord18
ord15
ord27
ord45
ord23
ord16

msvcp60

?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@IIABV?$allocator@G@1@@Z
?rfind@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGII@Z
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGII@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
??8std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z

msvcrt

wcslen
wcscpy
fclose
malloc
realloc
memset
memcmp
??2@YAPAXI@Z
memcpy
??1type_info@@UAE@XZ
_adjust_fdiv
_purecall
_initterm
_CxxThrowException
free
wcscat
fgetws
_wfopen
swprintf
fwprintf
_wtoi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CoopenClient.Config
CoopenClient.cop
.dll windows:4 windows x86 arch:x86

72b5beb0aa71e1c849c4e7718ae8bf9c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
CreateDirectoryW
FindFirstFileW
FindClose
GetPrivateProfileStringW
GetPrivateProfileIntW
WritePrivateProfileStringW
CopyFileW
CreateFileW
CloseHandle
DeleteCriticalSection
InitializeCriticalSection
ReadFile
GetLocalTime
lstrlenW
GetModuleFileNameW
DeleteFileW
GetTickCount
MultiByteToWideChar
GetModuleHandleW
ExpandEnvironmentStringsW
GetSystemDirectoryW

user32

SetClassLongW
CloseWindow
EnableWindow
SetWindowTextW
GetDlgItem
SendMessageW
UpdateWindow
BeginPaint
EndPaint
wsprintfW
LoadImageW
GetDoubleClickTime
SetForegroundWindow
GetClientRect
mouse_event
EndDialog
GetDlgItemInt
MoveWindow
SetDlgItemInt
LoadIconW
GetWindowLongW
CreateDialogParamW
SetWindowLongW
PostQuitMessage
SetFocus
KillTimer
GetCursorPos
MessageBoxW
DefWindowProcW
GetWindowRect
SystemParametersInfoW
SetWindowPos
SetTimer
ShowWindow

gdi32

CreateFontIndirectW
SetBkMode
SetTextColor
TextOutW
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
DeleteObject
GetObjectW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

ShellExecuteW
SHGetSpecialFolderPathW
Shell_NotifyIconW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetMalloc

ole32

CoInitialize
CoCreateInstance
CoUninitialize

msvcrt

_ftol
_adjust_fdiv
malloc
_initterm
free
?terminate@@YAXXZ
??2@YAPAXI@Z
__CxxFrameHandler
??3@YAXPAX@Z
wcscpy
wcslen
_except_handler3
_purecall
time
_tzset
rand
wcscmp
swscanf
_vsnwprintf
wcsncpy
_wcslwr
srand
fclose
fread
_wfopen

Exports

Exports

CreatePlugInInstance
DestroyPlugInInstance

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CoopenDownloader.Config
CoopenDownloader.cop
.dll windows:4 windows x86 arch:x86

2c4a7582ae7b6a1a5661c05bb6abec00

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
GetLastError
GetLocalTime
SetFileTime
Sleep
WriteFile
CreateFileW
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileAttributesW
SetEvent
ResetEvent
MultiByteToWideChar
GetTickCount
GetModuleHandleW
EnterCriticalSection
CloseHandle
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
SetStdHandle
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateEventW
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
VirtualAlloc
GetModuleHandleA
GetProcAddress
RaiseException
LCMapStringW
LCMapStringA
VirtualFree
HeapCreate
ExitProcess
GetModuleFileNameW
WideCharToMultiByte
GetFileAttributesW
DeleteFileW
ReadFile
FlushFileBuffers
SetFilePointer
GetFileSize
SetEndOfFile
ExpandEnvironmentStringsW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
CreateDirectoryW
GetCurrentProcess
CreateThread
GetCurrentThreadId
TlsSetValue
ExitThread
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetCommandLineA
GetVersion
InterlockedDecrement
InterlockedIncrement
HeapAlloc
HeapFree
TlsAlloc
TlsFree
SetLastError
TlsGetValue
TerminateProcess
UnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy

user32

SetWindowTextW
wsprintfW
MessageBoxW
CloseWindow
GetWindowLongW
GetWindowTextW
SetFocus
EndDialog
SystemParametersInfoW
GetWindowRect
MoveWindow
LoadIconW
SetClassLongW
SendMessageW
GetDlgItem
EnableWindow
CreateDialogParamW
SetWindowLongW
ShowWindow
SetForegroundWindow

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

wininet

InternetOpenUrlW
InternetGetConnectedState
InternetGetLastResponseInfoW
InternetReadFile
HttpQueryInfoW
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetSetOptionW

shlwapi

StrToIntW

Exports

Exports

CreatePlugInInstance
DestroyPlugInInstance

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CoopenPlayer.Config
CoopenPlayer.cop
.dll windows:4 windows x86 arch:x86

8d7d113dcbfd9533303927b8f2466385

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileStringW
GetPrivateProfileIntW
WritePrivateProfileStringW
ExpandEnvironmentStringsW
CopyFileW
SetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
GetFileAttributesW
CreateDirectoryW
GetModuleFileNameW
LocalFree
lstrlenA
MultiByteToWideChar
GetLastError
FreeResource
LoadLibraryW
GetProcAddress
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
Sleep
GlobalAlloc
GlobalLock
CreateFileW
GlobalUnlock
GlobalFree
CloseHandle
WriteFile
InterlockedDecrement
GetModuleHandleW
FindResourceW
SizeofResource
LoadResource
LockResource
DeleteFileW

user32

ShowWindow
GetSystemMetrics
SystemParametersInfoW
PostQuitMessage
DefWindowProcW
MoveWindow
UpdateWindow
LoadIconW
RegisterClassExW
CreateWindowExW
GetCursorPos
LoadCursorW
SetCursor
PtInRect
BeginPaint
DrawTextW
EndPaint
InvalidateRect
FindWindowW
SetParent
ReleaseDC
SetWindowLongW
DestroyWindow
GetWindowLongW
SetWindowPos
GetForegroundWindow
GetWindowTextW
GetAncestor
GetWindowRect
WindowFromPoint
GetClassNameW
wsprintfW
DrawTextExW
FillRect
GetDC
CloseWindow

gdi32

SetStretchBltMode
StretchBlt
CreateDCW
GetDeviceCaps
GetObjectW
SetTextColor
SelectPalette
SetBkMode
GetDIBits
CreateSolidBrush
DeleteDC
DeleteObject
CreateCompatibleBitmap
SelectObject
RealizePalette
SetBkColor
CreateFontW
GetStockObject
CreateCompatibleDC

advapi32

RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegCloseKey
RegEnumValueW

shell32

ShellExecuteW
SHGetSpecialFolderPathW

ole32

OleRun
CoInitialize
CoCreateInstance

oleaut32

GetErrorInfo
OleLoadPicturePath
VariantChangeType
VariantInit
SysStringLen
SysFreeString
SysAllocString
VariantClear

comctl32

_TrackMouseEvent

shlwapi

StrToIntW

msvcrt

??1type_info@@UAE@XZ
_onexit
__dllonexit
fread
_adjust_fdiv
malloc
_initterm
?terminate@@YAXXZ
fclose
_wcslwr
wcsncpy
_vsnwprintf
swscanf
_CxxThrowException
_ftol
_wtoi
_except_handler3
free
??2@YAPAXI@Z
__CxxFrameHandler
_purecall
wcscpy
wcslen
wcscmp
_wfopen

Exports

Exports

CreatePlugInInstance
DestroyPlugInInstance

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CoopenSimpleMode.Config
CoopenSimpleMode.cop
.dll windows:4 windows x86 arch:x86

c7e0a31416cfbc85612ea7161e4b99cf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
RaiseException
HeapSize
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
SetStdHandle
ExpandEnvironmentStringsW
HeapFree
TerminateProcess
ExitProcess
GetCommandLineA
RtlUnwind
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
GetProcessVersion
SetLastError
InterlockedIncrement
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GlobalFlags
lstrcmpiW
MulDiv
lstrcpynW
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
InterlockedDecrement
GetModuleHandleA
LoadLibraryA
MultiByteToWideChar
GetVersion
lstrcatW
GlobalAddAtomW
GlobalFindAtomW
lstrcpyW
LockResource
lstrlenA
CloseHandle
GetModuleFileNameW
lstrcmpW
GlobalDeleteAtom
lstrlenW
WideCharToMultiByte
GetCurrentThread
GetCurrentThreadId
FindResourceW
SizeofResource
LoadResource
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetModuleHandleW
GetLastError
FreeLibrary
LoadLibraryW
LCMapStringW
GetProcAddress

user32

MapWindowPoints
SendDlgItemMessageA
SendDlgItemMessageW
IsDialogMessageW
SetWindowTextW
WindowFromPoint
UnregisterClassW
GetClassNameW
TabbedTextOutW
DrawTextW
GrayStringW
GetSysColorBrush
LoadStringW
GetSysColor
SetFocus
AdjustWindowRectEx
CopyRect
GetTopWindow
GetCapture
WinHelpW
wsprintfW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetMenuItemID
GetWindowTextW
GetDlgCtrlID
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
GetMessagePos
GetForegroundWindow
GetWindow
RegisterWindowMessageW
IsIconic
GetWindowPlacement
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamW
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
PeekMessageW
SetWindowsHookExW
GetParent
GetLastActivePopup
IsWindowEnabled
PostMessageW
TrackPopupMenu
SetCursor
SetForegroundWindow
GetCursorPos
ClientToScreen
MoveWindow
UpdateWindow
MessageBoxW
ShowWindow
SendMessageW
GetSystemMetrics
CreateWindowExW
DestroyWindow
PostQuitMessage
IsWindowVisible
SetTimer
KillTimer
DefWindowProcW
GetDC
GetWindowLongW
ReleaseDC
InvalidateRect
LoadCursorW
RegisterClassExW
SetWindowLongW
LoadMenuW
GetSubMenu
DestroyMenu
EnableWindow
PtInRect
SystemParametersInfoW
SetWindowPos
GetWindowRect
ScreenToClient
LoadIconW
GetClientRect
GetMessageTime

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
CreateCompatibleDC
OffsetViewportOrgEx
GetDeviceCaps
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
SetMapMode
GetStockObject
RestoreDC
CreateDIBSection
SelectObject
DeleteObject
SaveDC
GetObjectW
SetBkColor
SetTextColor
GetClipBox
DeleteDC
CreateBitmap

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW

comctl32

ord17
_TrackMouseEvent

ole32

CreateStreamOnHGlobal
CoUninitialize
CoInitialize

gdiplus

GdipLoadImageFromStreamICM
GdipAlloc
GdipFree
GdipDisposeImage
GdipCloneImage
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteGraphics
GdipReleaseDC
GdipDrawImagePointsI
GdipCreateFromHDC
GdipDeleteBrush
GdiplusStartup
GdipLoadImageFromStream
GdipDeleteStringFormat
GdipDrawString
GdipMeasureString
GdipSetTextRenderingHint
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipCreateStringFormat
GdipCreateFont
GdipCreateFontFamilyFromName
GdipCreateSolidFill
GdipCloneBrush
GdipFillRectanglesI
GdipDrawImageRect
GdipDeleteFont
GdiplusShutdown
GdipDeleteFontFamily

Exports

Exports

CreatePlugInInstance
DestroyPlugInInstance

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CoopenStatistics.Config
CoopenStatistics.cop
.dll windows:4 windows x86 arch:x86

d8a80fa81158d2d4390b88febdf46b27

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindFirstFileW
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
RaiseException
HeapSize
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
FindClose
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
ExpandEnvironmentStringsW
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
GetProcessVersion
LoadLibraryA
FreeLibrary
GlobalAddAtomW
GlobalFindAtomW
GetModuleHandleW
GetModuleHandleA
GetProcAddress
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GlobalFlags
lstrcmpiW
GetLastError
SetLastError
GetVersion
lstrcpynW
lstrcpyW
lstrcatW
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
CloseHandle
GetModuleFileNameW
GlobalLock
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
lstrlenW
InterlockedDecrement
InterlockedIncrement
DeleteFileW
GetEnvironmentStringsW
GetTickCount

user32

GetPropW
SetPropW
CreateWindowExW
DestroyWindow
DefWindowProcW
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassW
GetClassInfoW
WinHelpW
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconW
LoadCursorW
GetSysColorBrush
DestroyMenu
CallWindowProcW
RemovePropW
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageW
SystemParametersInfoW
GetWindowPlacement
SetFocus
ShowWindow
SetWindowPos
SetWindowLongW
GetDlgItem
GrayStringW
DrawTextW
TabbedTextOutW
ReleaseDC
GetDC
GetMenuItemCount
SetWindowTextW
ClientToScreen
GetWindow
GetDlgCtrlID
PtInRect
GetClassNameW
UnregisterClassW
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
PeekMessageW
GetCursorPos
GetSystemMetrics
EnumWindows
GetWindowRect
GetWindowTextW
GetDesktopWindow
IsIconic
SetWindowsHookExW
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongW
MessageBoxW
EnableWindow
SetCursor
SendMessageW
PostMessageW
PostQuitMessage
wsprintfW
IsWindowVisible
LoadStringW

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SetMapMode
SaveDC
GetDeviceCaps
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
GetObjectW
SetTextColor
SetBkColor
GetStockObject
SelectObject
DeleteDC
DeleteObject
CreateBitmap
RestoreDC

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW

comctl32

ord17

ole32

CoUninitialize
CoInitialize

Exports

Exports

CreatePlugInInstance
DestroyPlugInInstance

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CoopenUI.Config
CoopenUI.cop
.dll windows:4 windows x86 arch:x86

3608e6f0863abfc4241d95421052bb61

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
CloseHandle
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryW
GetTickCount
FreeLibrary
GetProcAddress
GetModuleHandleW

user32

DestroyWindow
SetWindowLongW
CreateWindowExW
RegisterClassExW
LoadCursorW
LoadIconW
DefWindowProcW
GetWindowLongW
UpdateWindow
EndPaint
BeginPaint
SetForegroundWindow
SetWindowPos
ShowWindow
DrawIconEx
DrawTextW
FillRect
MoveWindow
GetWindowRect
GetDC
ReleaseDC
SystemParametersInfoW
InflateRect
GetSysColor
SetWindowRgn
GetClientRect
SetParent
SetCapture
ReleaseCapture
SetCursor
LoadImageW
SendMessageW
PtInRect
GetCursorPos
GetFocus
SetTimer
KillTimer
InvalidateRect
CloseWindow
GetSystemMetrics

gdi32

GetObjectW
CreatePolygonRgn
CreateRectRgn
CombineRgn
FrameRgn
GetStockObject
CreateRoundRectRgn
CreateCompatibleDC
StretchBlt
DeleteDC
CreateFontW
GetTextExtentPointW
SetBkMode
SelectObject
MoveToEx
LineTo
SetTextColor
SetPolyFillMode
Polygon
ExtCreatePen
CreateSolidBrush
DeleteObject
CreateFontIndirectW

shell32

ShellExecuteW
SHGetSpecialFolderPathW

comctl32

_TrackMouseEvent

msvcrt

free
_vsnwprintf
wcscmp
wcslen
_ftol
_purecall
wcscpy
__CxxFrameHandler
??3@YAXPAX@Z
??2@YAPAXI@Z
_initterm
_adjust_fdiv
malloc

Exports

Exports

CreatePlugInInstance
DestroyPlugInInstance

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CoopenUpdate.cop
.dll windows:4 windows x86 arch:x86

5655ecfd2d467828c1f0696e3e8897ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
ExitProcess
TerminateProcess
HeapFree
HeapAlloc
RaiseException
HeapSize
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetStdHandle
CopyFileW
CreateDirectoryW
ExpandEnvironmentStringsW
SetFileAttributesW
GetFileAttributesW
FindClose
DeleteFileW
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
GetCurrentProcess
GetProcessVersion
GetLastError
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GlobalFlags
lstrcmpiW
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
LocalFree
lstrcpynW
InterlockedDecrement
InterlockedIncrement
MulDiv
SetLastError
GetModuleHandleA
LoadLibraryA
lstrlenA
MultiByteToWideChar
GetVersion
GlobalAddAtomW
GlobalFindAtomW
GetModuleHandleW
GetProcAddress
GlobalUnlock
GlobalFree
LockResource
FindResourceW
LoadResource
CloseHandle
GetModuleFileNameW
GlobalLock
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceExW
lstrcatW
lstrlenW
WinExec
WideCharToMultiByte
lstrcpyW
GetWindowsDirectoryW
LoadLibraryW
FreeLibrary

user32

LoadIconW
SetDlgItemTextW
IsDialogMessageW
SetWindowTextW
MoveWindow
ShowWindow
ClientToScreen
TabbedTextOutW
DrawTextW
GrayStringW
WindowFromPoint
UnregisterClassW
GetClassNameW
GetSysColorBrush
LoadStringW
DestroyMenu
CopyRect
GetTopWindow
GetCapture
WinHelpW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthW
GetWindowTextW
GetDlgCtrlID
UpdateWindow
CreateWindowExW
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
GetMessageTime
GetForegroundWindow
SetForegroundWindow
GetWindow
RegisterWindowMessageW
SystemParametersInfoW
IsIconic
GetWindowPlacement
EndDialog
SetActiveWindow
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageW
GetCursorPos
SetWindowsHookExW
GetLastActivePopup
IsWindowEnabled
MessageBoxW
PostMessageW
PostQuitMessage
wsprintfW
GetSystemMetrics
GetWindowRect
KillTimer
SendMessageW
IsWindow
GetWindowLongW
SetWindowPos
EnableWindow
LoadCursorW
CopyIcon
GetParent
GetDC
ReleaseDC
InflateRect
GetSysColor
SetCursor
SendDlgItemMessageW
SendDlgItemMessageA
MapWindowPoints
SetFocus
DefWindowProcW
AdjustWindowRectEx
GetMessagePos
ScreenToClient
GetClientRect
PtInRect
InvalidateRect
SetTimer
MessageBeep
SetWindowLongW
CreateDialogIndirectParamW

gdi32

OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteObject
SetViewportOrgEx
GetDeviceCaps
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetMapMode
SetBkMode
SelectObject
RestoreDC
SaveDC
DeleteDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetTextExtentPoint32W
GetStockObject
CreateFontIndirectW
GetObjectW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegQueryValueW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey

shell32

SHGetSpecialFolderPathW
SHFileOperationW
ShellExecuteW

comctl32

ord17
ImageList_Destroy
ImageList_LoadImageW

ole32

CoInitialize
CoUninitialize

Exports

Exports

CreatePlugInInstance
DestroyPlugInInstance

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Templete/ModeB.tpl
Templete/ModeB_logo.jpg
.jpg
Templete/ModeC.tpl
conf/ChannelListAll.txt
conf/ChannelListReal.txt
conf/DailyMessage.txt
conf/ModeAChannelList.txt
conf/ModeAChannelListReal.txt
conf/ModeAChannelSetup.txt
conf/ModeASelectChannel.txt
conf/PluginConfig.ini
conf/SelectChannel.txt
licence.txt

Sharing

General

Malware Config

Signatures

Files

b2a0d9368ec1be7deb968a920e5c993e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 40KB

.rsrc Size: 6KB - Virtual size: 5KB

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 1012B

815c88741b87a0210c457b00b57bf9c6

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 2KB

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 1024B - Virtual size: 784B

.data Size: 512B - Virtual size: 92B

.reloc Size: 512B - Virtual size: 496B

e924ffa7adac2cb7672dbb3b154863da

Headers

File Characteristics

Imports

kernel32

user32

shell32

ole32

iphlpapi

rpcrt4

msvcrt

Sections

.text Size: 52KB - Virtual size: 49KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 40KB

.rsrc
Size: 6KB - Virtual size: 5KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 1012B

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 2KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 92B

.reloc
Size: 512B - Virtual size: 496B

.text
Size: 52KB - Virtual size: 49KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 5KB

.text
Size: 28KB - Virtual size: 24KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 2KB

.text
Size: 64KB - Virtual size: 61KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 8KB - Virtual size: 4KB

.text
Size: 88KB - Virtual size: 85KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 7KB