23409c9749ba395f2207b1c42f77a205_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

23409c9749ba395f2207b1c42f77a205_JaffaCakes118
Size

936KB
MD5

23409c9749ba395f2207b1c42f77a205
SHA1

751cf2906c33e66cdef13eb546e7e7f5bb7bb0f6
SHA256

13b01dfe788827f1fff3cc2f0ce82b68cc97d795bdc7efbe634115760bda8237
SHA512

ac8a47aaefa3668ba962cdb9e3e76731a907a2391feba125c61f5a4d11ef93c097abd911d679e3982e6204ad1d210c6cb356ee241b47c65db1d49853a5dcdd06
SSDEEP

24576:KfNA4s1vWKbf0lS/CyBLLH+KsrdWh4Bqnf:K64yhYE/rBeKKK4BG

Score

3^/10

Malware Config

Signatures

Unsigned PE 13 IoCs

Checks for missing Authenticode signature.

resource
23409c9749ba395f2207b1c42f77a205_JaffaCakes118
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/KillProcDLL.dll
unpack001/$PLUGINSDIR/LangDLL.dll
unpack001/$PLUGINSDIR/NSUtils.dll
unpack001/MessengerSkinnerDll_new.dll
unpack001/MessengerSkinner_new.exe
unpack001/uninst.exe
unpack003/$PLUGINSDIR/InstallOptions.dll
unpack003/$PLUGINSDIR/KillProcDLL.dll
unpack003/$PLUGINSDIR/LangDLL.dll
unpack003/$PLUGINSDIR/NSUtils.dll
unpack003/$PLUGINSDIR/UserInfo.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
static1/unpack001/uninst.exe	nsis_installer_1

Files

23409c9749ba395f2207b1c42f77a205_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c523d8653da5455667e3f82274f2f88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
lstrcmpiA
CopyFileA
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetCurrentProcess

user32

ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
TrackPopupMenu
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

57354bdeea3dfae6e948101add87501a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
GetPrivateProfileIntA
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
MultiByteToWideChar
GlobalAlloc

user32

GetDlgCtrlID
GetClientRect
SetWindowRgn
MapWindowPoints
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
PtInRect
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
LoadIconA

gdi32

SetTextColor
GetObjectA
SelectObject
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
CreateCompatibleDC

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KillProcDLL.dll
.dll windows:4 windows x86 arch:x86

815c88741b87a0210c457b00b57bf9c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
CloseHandle
OpenProcess
FreeLibrary
LoadLibraryA
GetProcAddress
GetVersionExA
GlobalFree
lstrcpyA
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
RtlUnwind
GetCPInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP

Exports

Exports

KillProc

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

2db813254ea8b4d2a92d703ecb659f39

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrcpynA
lstrcmpA
lstrlenA
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc

user32

SetWindowTextA
SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
LoadIconA
SendMessageA
ShowWindow
GetDC

gdi32

CreateFontIndirectA
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 681B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 254B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/NSUtils.dll
.dll windows:4 windows x86 arch:x86

b050ca7b3845234a3a82765799d885cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GlobalAlloc
TerminateProcess
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
GetVersionExA
GetLastError
GetCurrentProcess
GetProcAddress
lstrlenA
GetExitCodeThread
WaitForSingleObject
CreateThread
lstrcpynA
GlobalAddAtomA
WriteFile
Sleep
DeleteFileA
GlobalDeleteAtom
GlobalFindAtomA
CreateProcessA
ReleaseMutex
CreateMutexA
FindClose
FindFirstFileA
SetLastError
GetModuleHandleA
WideCharToMultiByte
LocalSize
LocalAlloc
LocalReAlloc
LocalFree
lstrcpyA
CreateFileA
GetFileSize
ReadFile
LoadLibraryA
CloseHandle

user32

wsprintfA

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA

shell32

ShellExecuteA

ole32

CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoUninitialize

oleaut32

VariantClear

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA
DeleteUrlCacheEntry

msvcrt

??1type_info@@UAE@XZ
_stricmp
_onexit
__dllonexit
_adjust_fdiv
_initterm
_CxxThrowException
wcslen
_except_handler3
strcmp
strncmp
strchr
malloc
realloc
strncat
free
time
sprintf
strncpy
strrchr
__CxxFrameHandler
strcpy
strcat
??3@YAXPAX@Z
atol
strlen
strstr
memset
??2@YAPAXI@Z

tapi32

lineGetCallInfoA
lineShutdown
lineInitialize
lineOpenA
lineGetNewCalls
lineNegotiateAPIVersion

iphlpapi

GetAdaptersInfo
GetIfEntry

shlwapi

StrTrimA

Exports

Exports

ClearTest
Log1
Log2
OpenFeedback
Test

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
MessengerSkinnerDll_new.dll
.dll windows:4 windows x86 arch:x86

4d9828a2b6a8afa82440b613cdad44cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA
HttpSendRequestA
InternetCloseHandle
InternetReadFile
InternetSetOptionA
HttpOpenRequestA
InternetConnectA
InternetSetStatusCallback
InternetOpenA
HttpQueryInfoA
DeleteUrlCacheEntry

kernel32

FileTimeToSystemTime
GetCurrentThread
GetFileTime
TlsAlloc
GlobalHandle
TlsFree
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
GetProcessVersion
GlobalFlags
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
RtlUnwind
RaiseException
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitThread
HeapAlloc
GetFullPathNameA
GetCommandLineA
SetStdHandle
GetFileType
ExitProcess
TerminateProcess
HeapSize
HeapReAlloc
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
lstrcmpA
SuspendThread
SetThreadPriority
GetThreadLocale
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
LocalFree
SetFileAttributesA
lstrcatA
LoadLibraryA
GetProcAddress
FreeLibrary
GetVersion
lstrcmpiA
GetDriveTypeA
lstrcpynA
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToDosDateTime
GetFileAttributesA
SetFilePointer
IsBadWritePtr
WideCharToMultiByte
GetACP
GetLocaleInfoA
lstrcpyA
FindResourceA
LoadResource
LockResource
GetEnvironmentVariableA
CopyFileA
FormatMessageA
LocalAlloc
GetVersionExA
GetCurrentProcess
SetLastError
FindNextFileA
FindFirstFileA
FindClose
GetCurrentDirectoryA
SetCurrentDirectoryA
GetSystemDefaultLangID
GetTempFileNameA
GetTempPathA
SetEvent
ResetEvent
CreateEventA
GetUserDefaultLangID
GetModuleFileNameA
SystemTimeToTzSpecificLocalTime
GetLastError
GetExitCodeThread
GetTickCount
CreateThread
GlobalReAlloc
WriteFile
MulDiv
CreateFileA
GetFileSize
ReadFile
CloseHandle
GlobalFree
GlobalAlloc
GlobalUnlock
GlobalSize
GlobalLock
MultiByteToWideChar
InterlockedIncrement
Sleep
DeleteFileA
WaitForSingleObject
CreateDirectoryA
ResumeThread
lstrlenA
InterlockedDecrement
HeapFree

user32

UnregisterClassA
GetSysColorBrush
PtInRect
DestroyMenu
CopyAcceleratorTableA
GetNextDlgGroupItem
MessageBeep
BeginPaint
GetWindowDC
ClientToScreen
GetMessageA
ValidateRect
GetCursorPos
CharNextA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
IsWindowVisible
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetSubMenu
GetMenuItemID
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
GetClassLongA
LoadStringA
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetWindow
RegisterWindowMessageA
OffsetRect
IsIconic
GetWindowPlacement
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
GetFocus
GetParent
GetNextDlgTabItem
CopyRect
GetSysColor
FillRect
SetRect
MapVirtualKeyA
GetKeyboardState
ToAscii
SetKeyboardState
SetFocus
SetWindowPos
GetForegroundWindow
EnableMenuItem
CreateMenu
AppendMenuA
CallWindowProcW
CallWindowProcA
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
GetMenu
GetMenuItemCount
GetMenuItemInfoA
DeleteMenu
DrawMenuBar
KillTimer
GetClassNameA
IsWindowUnicode
SetWindowLongW
SetWindowLongA
MessageBoxA
FindWindowExA
EnumWindows
SetForegroundWindow
keybd_event
SetTimer
InvalidateRect
SetCursor
SetWindowRgn
LoadCursorA
PostThreadMessageA
GetWindowRect
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
CharUpperA
SetPropA
EndPaint
wsprintfA
SystemParametersInfoA
MsgWaitForMultipleObjects
PeekMessageA
TranslateMessage
DispatchMessageA
IsWindow
PostMessageA
GrayStringA
DrawTextA
TabbedTextOutA
LoadBitmapA
GetDesktopWindow
GetDC
ReleaseDC
EmptyClipboard
RegisterClipboardFormatA
SetClipboardData
OpenClipboard
EnumClipboardFormats
GetClipboardFormatNameA
GetClipboardData
CloseClipboard
SendMessageA
GetSystemMetrics
GetClientRect
EnableWindow
LoadIconA
ModifyMenuA

gdi32

GetViewportExtEx
GetWindowExtEx
DPtoLP
GetMapMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetBitmapDimensionEx
CreateDIBitmap
CreateDIBSection
DeleteDC
GetDeviceCaps
CreateCompatibleDC
BitBlt
LPtoDP
GetObjectA
SetMapMode
RestoreDC
SaveDC
GetBkColor
GetTextColor
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
CreateSolidBrush
CreateCompatibleBitmap
SelectObject
DeleteObject
ExtCreateRegion
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetStockObject

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegQueryValueExA
RegSetValueExA

comctl32

_TrackMouseEvent
ord17

oledlg

ord8

ole32

OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoCreateInstance
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
IIDFromString
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject

olepro32

ord251
ord253

oleaut32

VariantCopy
SysStringLen
SysAllocString
SysAllocStringLen
VariantInit
SysStringByteLen
SysAllocStringByteLen
SysFreeString
VariantClear
GetErrorInfo
VariantTimeToSystemTime
VariantChangeType

urlmon

URLDownloadToFileA

oleacc

AccessibleChildren
AccessibleObjectFromWindow

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

Exports

Exports

InitializeDllFromExe

Sections

.text
Size: 236KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MessengerSkinner_new.exe
.exe windows:4 windows x86 arch:x86

cb3f48cb75fdd6f9a813dbb4a7d49f94

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetVersion
MulDiv
SetErrorMode
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
TlsGetValue
GlobalFlags
WritePrivateProfileStringA
GetProcessVersion
SizeofResource
GetCPInfo
GetOEMCP
RtlUnwind
RaiseException
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapAlloc
HeapReAlloc
HeapFree
GetStartupInfoA
GetCommandLineA
ExitProcess
GetACP
LockResource
SetStdHandle
GetFileType
HeapSize
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
FindResourceA
LoadResource
GlobalLock
GlobalDeleteAtom
GetCurrentThread
GetProfileStringA
GetCurrentThreadId
GetFileAttributesA
FileTimeToLocalFileTime
lstrcmpiA
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
lstrcpynA
WideCharToMultiByte
MoveFileA
GetEnvironmentVariableA
CopyFileA
SetLastError
FindNextFileA
FindFirstFileA
FindClose
GetCurrentDirectoryA
SetCurrentDirectoryA
CreateFileMappingA
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
GetSystemDefaultLangID
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentProcess
lstrcatA
FormatMessageA
MultiByteToWideChar
InterlockedIncrement
TerminateProcess
CreateEventA
GetSystemDirectoryA
CreateDirectoryA
GetWindowsDirectoryA
WriteFile
GetFileSize
DeleteFileA
CreateMutexA
ReleaseMutex
lstrcpyA
CreateProcessA
GetVersionExA
SetFilePointer
ReadFile
GetFileTime
FileTimeToSystemTime
GetDateFormatA
CreateFileA
SetEvent
TerminateThread
GetUserDefaultLangID
GetModuleFileNameA
SystemTimeToTzSpecificLocalTime
GetLastError
GetExitCodeThread
GetTickCount
CreateThread
ResumeThread
WaitForSingleObject
CloseHandle
OutputDebugStringA
lstrcmpA
GlobalAlloc
GlobalFree
GetModuleHandleA
LocalAlloc
LocalReAlloc
LocalFree
lstrlenA
InterlockedDecrement
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
Sleep
EnterCriticalSection

user32

GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
GetSysColorBrush
PtInRect
GetClassNameA
LoadCursorA
LoadStringA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
CopyRect
GetTopWindow
IsChild
GetCapture
WinHelpA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
DestroyMenu
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
MessageBoxA
PostMessageA
IsWindow
DispatchMessageA
TranslateMessage
PeekMessageA
MsgWaitForMultipleObjects
UnregisterClassA
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
IntersectRect
GetWindowPlacement
GetWindowRect
MapDialogRect
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
PostThreadMessageA
RegisterClipboardFormatA
InflateRect
GetFocus
GetNextDlgTabItem
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
InvalidateRect
GetClassInfoA
SystemParametersInfoA
GetSystemMetrics
wsprintfA
ScreenToClient
ClientToScreen
LoadIconA
SetTimer
SetWindowPos
SendMessageA
EnableWindow
DrawIcon
GetClientRect
IsIconic
KillTimer
GetDesktopWindow
GetWindowTextA
MessageBeep
GetMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SetCursor
PostQuitMessage
UnhookWindowsHookEx
CharUpperA

gdi32

ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
TextOutA
GetMapMode
PatBlt
RectVisible
PtVisible
CreateSolidBrush
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
DeleteObject
LPtoDP
CreateBitmap
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateDIBitmap
SetTextColor
GetClipBox

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA

shell32

ShellExecuteA

comctl32

ord17

oledlg

ord8

ole32

CoRevokeClassObject
OleFlushClipboard
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleIsCurrentClipboard

olepro32

ord253

oleaut32

SysFreeString
SysAllocStringByteLen
SysStringByteLen
SysStringLen
SysAllocStringLen
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SysAllocString
GetErrorInfo
VariantClear

urlmon

URLDownloadToFileA

iphlpapi

GetAdaptersInfo
GetIfEntry

wininet

InternetCloseHandle
HttpSendRequestA
InternetReadFile
InternetSetOptionA
HttpOpenRequestA
InternetConnectA
InternetSetStatusCallback
InternetOpenA
HttpQueryInfoA
InternetGetConnectedState
InternetOpenUrlA
InternetCrackUrlA
InternetCanonicalizeUrlA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

ws2_32

WSAStartup
gethostname
WSACleanup
inet_addr
send
select
htons
closesocket
socket
bind
listen
accept
shutdown
recv
gethostbyname

shlwapi

PathFileExistsA

Sections

.text
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

72hovnpo
Size: 106KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pg86ihcl
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
download/defaultPack.cab
.cab
02247.gif
.gif
02331.gif
.gif
02469.gif
.gif
02555.gif
.gif
02559.gif
.gif
02564.gif
.gif
02573.gif
.gif
02632.gif
.gif
02645.gif
.gif
02662.gif
.gif
02668.gif
.gif
02858.gif
.gif
03523.gif
.gif
03874.gif
.gif
03875.gif
.gif
03876.gif
.gif
03877.gif
.gif
03878.gif
.gif
03879.gif
.gif
03880.gif
.gif
03881.gif
.gif
03882.gif
.gif
03883.gif
.gif
03884.gif
.gif
03885.gif
.gif
content.xml
.xml
resources/appconfig.xml
.xml
resources/btn.rgn
resources/btnBnr.rgn
resources/btnIn.rgn
resources/btnInNormal.bmp
resources/btnInOver.bmp
resources/btnNormal.bmp
resources/btnNormal.gif
.gif
resources/btnNormalBnr.bmp
resources/btnNormalBnr.gif
.gif
resources/btnOver.bmp
resources/btnOver.gif
.gif
resources/btnOverBnr.bmp
resources/btnOverBnr.gif
.gif
resources/languages_v2.xml
.xml
uninst.exe
.exe windows:4 windows x86 arch:x86

9c523d8653da5455667e3f82274f2f88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
lstrcmpiA
CopyFileA
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetCurrentProcess

user32

ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
TrackPopupMenu
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

57354bdeea3dfae6e948101add87501a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
GetPrivateProfileIntA
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
MultiByteToWideChar
GlobalAlloc

user32

GetDlgCtrlID
GetClientRect
SetWindowRgn
MapWindowPoints
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
PtInRect
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
LoadIconA

gdi32

SetTextColor
GetObjectA
SelectObject
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
CreateCompatibleDC

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KillProcDLL.dll
.dll windows:4 windows x86 arch:x86

815c88741b87a0210c457b00b57bf9c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
CloseHandle
OpenProcess
FreeLibrary
LoadLibraryA
GetProcAddress
GetVersionExA
GlobalFree
lstrcpyA
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
RtlUnwind
GetCPInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP

Exports

Exports

KillProc

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

2db813254ea8b4d2a92d703ecb659f39

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrcpynA
lstrcmpA
lstrlenA
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc

user32

SetWindowTextA
SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
LoadIconA
SendMessageA
ShowWindow
GetDC

gdi32

CreateFontIndirectA
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 681B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 254B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/NSUtils.dll
.dll windows:4 windows x86 arch:x86

b050ca7b3845234a3a82765799d885cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GlobalAlloc
TerminateProcess
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
GetVersionExA
GetLastError
GetCurrentProcess
GetProcAddress
lstrlenA
GetExitCodeThread
WaitForSingleObject
CreateThread
lstrcpynA
GlobalAddAtomA
WriteFile
Sleep
DeleteFileA
GlobalDeleteAtom
GlobalFindAtomA
CreateProcessA
ReleaseMutex
CreateMutexA
FindClose
FindFirstFileA
SetLastError
GetModuleHandleA
WideCharToMultiByte
LocalSize
LocalAlloc
LocalReAlloc
LocalFree
lstrcpyA
CreateFileA
GetFileSize
ReadFile
LoadLibraryA
CloseHandle

user32

wsprintfA

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA

shell32

ShellExecuteA

ole32

CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoUninitialize

oleaut32

VariantClear

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA
DeleteUrlCacheEntry

msvcrt

??1type_info@@UAE@XZ
_stricmp
_onexit
__dllonexit
_adjust_fdiv
_initterm
_CxxThrowException
wcslen
_except_handler3
strcmp
strncmp
strchr
malloc
realloc
strncat
free
time
sprintf
strncpy
strrchr
__CxxFrameHandler
strcpy
strcat
??3@YAXPAX@Z
atol
strlen
strstr
memset
??2@YAPAXI@Z

tapi32

lineGetCallInfoA
lineShutdown
lineInitialize
lineOpenA
lineGetNewCalls
lineNegotiateAPIVersion

iphlpapi

GetAdaptersInfo
GetIfEntry

shlwapi

StrTrimA

Exports

Exports

ClearTest
Log1
Log2
OpenFeedback
Test

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UserInfo.dll
.dll windows:4 windows x86 arch:x86

48cfa0ea7e353e4a7dd23572da8374ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetCurrentThread
GetCurrentProcess
GetLastError
GlobalFree
CloseHandle
lstrcpynA
GlobalAlloc

advapi32

OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
GetUserNameA
OpenThreadToken

Exports

Exports

GetAccountType
GetName

Sections

.text
Size: 1024B - Virtual size: 573B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 45B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp

Sharing

General

Malware Config

Signatures

Files

9c523d8653da5455667e3f82274f2f88

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 110KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 17KB - Virtual size: 17KB

57354bdeea3dfae6e948101add87501a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 954B

815c88741b87a0210c457b00b57bf9c6

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 2KB

2db813254ea8b4d2a92d703ecb659f39

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 681B

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 352B

.reloc Size: 512B - Virtual size: 254B

b050ca7b3845234a3a82765799d885cd

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

wininet

msvcrt

tapi32

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 110KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 17KB - Virtual size: 17KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 954B

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 2KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 681B

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 352B

.reloc
Size: 512B - Virtual size: 254B

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 236KB - Virtual size: 235KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 24KB - Virtual size: 35KB

Shared
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 32KB - Virtual size: 28KB

.reloc
Size: 32KB - Virtual size: 30KB

.text
Size: 192KB - Virtual size: 192KB

.rdata
Size: 52KB - Virtual size: 52KB

.data
Size: 20KB - Virtual size: 40KB

.rsrc
Size: 28KB - Virtual size: 28KB

72hovnpo
Size: 106KB - Virtual size: 108KB

pg86ihcl
Size: 4KB - Virtual size: 4KB