38599ded5baeba9c851a3b9d0677f7ec_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

38599ded5baeba9c851a3b9d0677f7ec_JaffaCakes118
Size

2.0MB
MD5

38599ded5baeba9c851a3b9d0677f7ec
SHA1

bc189005dbdf5fce01271d502d49d961b5ad116a
SHA256

5aee96af3b37d6736e0a08dbe3f0cb46300b8097045d5e0e49a1af3eec451ffd
SHA512

6d3da481b03bfaf74544d48bff76b9a4a433120e30471fb3fe23b3191ebce3206da72d5873028c0d2aaf20e6058266156b46f67d3feb553523fbc3a2d541bf7e
SSDEEP

49152:SDz7zvbCnhWH4WlYIb2kzGv/PrVAdobk8btcTsHxY1hFyo/ZkAdC:SDzW4WIbzGv/PxooI8pkCYH/ZkoC

Score

3^/10

Malware Config

Signatures

Unsigned PE 14 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CyberPC 2010/Cliente/CompressZItLib6.dll
unpack001/CyberPC 2010/Cliente/PC_CLIENT.exe
unpack001/CyberPC 2010/Cliente/Updater.dll
unpack001/CyberPC 2010/Cliente/VNCHooks.dll
unpack001/CyberPC 2010/Cliente/WinVNC.exe
unpack001/CyberPC 2010/Cliente/ijl11.dll
unpack001/CyberPC 2010/Cliente/zip32.dll
unpack001/CyberPC 2010/Cliente/zlib.dll
unpack001/CyberPC 2010/Servidor/CompressZItLib6.dll
unpack001/CyberPC 2010/Servidor/CyberPC.exe
unpack001/CyberPC 2010/Servidor/Unzip32.dll
unpack001/CyberPC 2010/Servidor/cpcnotify.dll
unpack001/CyberPC 2010/Servidor/vncviewer.exe
unpack001/CyberPC 2010/Servidor/zlib.dll

Files

38599ded5baeba9c851a3b9d0677f7ec_JaffaCakes118
.zip
CyberPC 2010/Cliente/CompressZItLib6.dll
.dll regsvr32 windows:4 windows x86 arch:x86

6470db107e1e4c53a1df3c4d3ce24abf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

MethCallEngine
ord595
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ord685
ord101
ord102
ord103
ord104
ord105
ord616

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 654B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CyberPC 2010/Cliente/CompressZItLib6.exp
CyberPC 2010/Cliente/CompressZItLib6.lib
CyberPC 2010/Cliente/Leng/en/Dialogs.txt
CyberPC 2010/Cliente/Leng/en/Leng.txt
CyberPC 2010/Cliente/Leng/en/PWait.bmp
CyberPC 2010/Cliente/Leng/en/Pocot.jpg
.jpg
CyberPC 2010/Cliente/Leng/en/Pocotmini.JPG
.jpg
CyberPC 2010/Cliente/Leng/en/Thumbs.db
CyberPC 2010/Cliente/Leng/en/USER.gif
.gif
CyberPC 2010/Cliente/Leng/en/loginuser.JPG
.jpg
CyberPC 2010/Cliente/Leng/en/noconec.bmp
CyberPC 2010/Cliente/Leng/en/noconect.JPG
.jpg
CyberPC 2010/Cliente/Leng/en/noconect.bmp
CyberPC 2010/Cliente/Leng/es/2noconect.JPG
.jpg
CyberPC 2010/Cliente/Leng/es/Dialogs.txt
CyberPC 2010/Cliente/Leng/es/Leng.txt
CyberPC 2010/Cliente/Leng/es/Leng_2.txt
CyberPC 2010/Cliente/Leng/es/PWait.bmp
CyberPC 2010/Cliente/Leng/es/Pocot.jpg
.jpg
CyberPC 2010/Cliente/Leng/es/Pocotmini.JPG
.jpg
CyberPC 2010/Cliente/Leng/es/Thumbs.db
CyberPC 2010/Cliente/Leng/es/USER.gif
.gif
CyberPC 2010/Cliente/Leng/es/fakeDialogs.txt
CyberPC 2010/Cliente/Leng/es/loginuser.JPG
.jpg
CyberPC 2010/Cliente/Leng/es/noconec.bmp
CyberPC 2010/Cliente/PC_CLIENT.exe
.exe windows:4 windows x86 arch:x86

633882223229fe3d2b854cb9d3abecf6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaStrI2
ord690
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaVarVargNofree
__vbaAryMove
__vbaFreeVar
__vbaLineInputStr
ord588
__vbaLateIdCall
__vbaStrVarMove
__vbaLenBstr
__vbaPut3
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
__vbaRaiseEvent
__vbaNextEachVar
__vbaFreeObjList
__vbaGetFxStr3
ord516
__vbaStrErrVarCopy
_adj_fprem1
__vbaRecAnsiToUni
ord518
ord519
__vbaCopyBytes
__vbaStrCat
__vbaVarCmpNe
__vbaLsetFixstr
__vbaRecDestruct
__vbaSetSystemError
__vbaHresultCheckObj
__vbaLenVar
_adj_fdiv_m32
ord666
__vbaAryVar
__vbaAryDestruct
ord593
__vbaStrBool
__vbaBoolStr
__vbaExitProc
ord300
__vbaI4Abs
ord594
ord301
__vbaObjSet
__vbaOnError
ord595
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
ord306
__vbaBoolVar
__vbaStrFixstr
__vbaForEachCollVar
ord307
__vbaFpR8
__vbaBoolVarNull
__vbaVarTstLt
_CIsin
ord631
__vbaErase
ord525
ord632
__vbaVarZero
__vbaVargVarMove
__vbaChkstk
ord526
__vbaFileClose
EVENT_SINK_AddRef
ord527
__vbaGenerateBoundsError
ord528
__vbaGet3
__vbaStrCmp
ord529
__vbaVarTstEq
__vbaAryConstruct2
__vbaNextEachCollVar
__vbaI2I4
DllFunctionCall
__vbaVarLateMemSt
__vbaFpUI1
__vbaCastObjVar
__vbaLbound
__vbaRedimPreserve
_adj_fpatan
__vbaFixstrConstruct
__vbaLateIdCallLd
__vbaStrR8
__vbaRedim
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
ord600
__vbaUI1I2
_CIsqrt
__vbaObjIs
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaStrUI1
__vbaUI1I4
__vbaExceptHandler
ord711
__vbaPrintFile
ord712
__vbaStrToUnicode
ord605
ord606
_adj_fprem
_adj_fdivr_m64
__vbaI2Str
ord607
ord608
ord716
__vbaFPException
ord717
__vbaUbound
__vbaGetOwner3
__vbaStrVarVal
__vbaVarCat
ord535
__vbaI2Var
__vbaStopExe
ord644
ord537
ord645
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaVar2Vec
__vbaInStr
__vbaNew2
ord648
ord570
__vbaR8Str
ord571
_adj_fdiv_m32i
ord572
_adj_fdivr_m32i
ord573
__vbaStrCopy
__vbaI4Str
__vbaFreeStrList
ord576
_adj_fdivr_m32
__vbaPowerR8
_adj_fdiv_r
ord685
ord578
ord100
__vbaVarTstNe
__vbaVarSetVar
__vbaI4Var
ord689
__vbaAryLock
__vbaVarAdd
__vbaVarDup
__vbaStrToAnsi
__vbaFpI2
__vbaVarCopy
ord616
__vbaVarLateMemCallLd
__vbaFpI4
__vbaRecDestructAnsi
ord617
_CIatan
ord618
__vbaStrMove
__vbaCastObj
__vbaAryCopy
__vbaUI1Str
__vbaR8IntI4
__vbaForEachVar
ord619
ord542
ord650
ord543
_allmul
ord544
__vbaLateIdSt
_CItan
ord546
ord547
__vbaAryUnlock
_CIexp
__vbaFreeObj
__vbaFreeStr
__vbaI4ErrVar
ord581

Sections

.text
Size: 968KB - Virtual size: 966KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
CyberPC 2010/Cliente/Pocotmini.JPG
.jpg
CyberPC 2010/Cliente/Updater.dll
.exe windows:4 windows x86 arch:x86

7416d6697fe089606b214e430337b5fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaFreeVar
__vbaLineInputStr
__vbaLenBstr
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryVar
ord666
__vbaAryDestruct
__vbaExitProc
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
_adj_fdivr_m16i
ord598
_CIsin
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
ord529
__vbaI2I4
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
ord600
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaI2Str
__vbaFPException
__vbaUbound
__vbaStrVarVal
__vbaVarCat
ord645
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaNew2
ord648
ord571
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
ord689
__vbaStrToAnsi
__vbaVarDup
_CIatan
__vbaStrMove
__vbaAryCopy
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
CyberPC 2010/Cliente/VNCHooks.dll
.dll windows:4 windows x86 arch:x86

6e20f0a555bfbc5a1321c57520d8674b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
GetLocaleInfoA
CloseHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
FlushFileBuffers
GlobalDeleteAtom
GlobalAddAtomA
GetModuleHandleA
GetModuleFileNameA
GetLastError
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RaiseException
InitializeCriticalSection
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
HeapSize
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar

user32

RegisterWindowMessageA
EnumWindows
MessageBoxA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
GetUpdateRgn
GetPropA
SetPropA
GetCursor
GetWindowRect
IsWindowVisible
PostMessageA
GetClientRect
ClientToScreen
RemovePropA

gdi32

GetRegionData
DeleteObject
CreateRectRgn

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA

Exports

Exports

SetHook
SetKeyboardFilterHook
SetKeyboardPriorityHook
SetKeyboardPriorityLLHook
SetMouseFilterHook
SetMousePriorityHook
SetMousePriorityLLHook
UnSetHook

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SharedD
Size: 4KB - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CyberPC 2010/Cliente/WinVNC.exe
.exe windows:4 windows x86 arch:x86

b3f50ff36ed8b11c6ce1af10b6725501

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostname
inet_addr
WSAStartup
WSACleanup
htonl
bind
socket
__WSAFDIsSet
recv
send
WSAGetLastError
getsockname
getpeername
select
accept
setsockopt
closesocket
listen
ioctlsocket
htons
connect
inet_ntoa
shutdown
gethostbyname

comctl32

ord17

kernel32

GlobalLock
GlobalAlloc
GetSystemTime
GlobalDeleteAtom
GlobalAddAtomA
SystemTimeToFileTime
LockResource
LoadResource
SizeofResource
FindResourceA
CreateMutexA
OpenProcess
CreateProcessA
GetModuleFileNameA
Sleep
SetProcessShutdownParameters
SetLastError
InterlockedIncrement
TlsFree
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
CreateThread
ExitThread
GetStartupInfoA
GetProcessHeap
GetCommandLineA
ExitProcess
GetModuleHandleA
RaiseException
GlobalUnlock
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
ResumeThread
TlsAlloc
GetCurrentProcess
GetCurrentThread
DuplicateHandle
TlsSetValue
SetThreadPriority
TlsGetValue
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
SetHandleCount
GetFileType
GetVersionExA
GetComputerNameA
FindFirstFileA
SetErrorMode
GetLogicalDriveStringsA
FindNextFileA
FindClose
SetFileTime
CreateDirectoryA
ReadFile
GetCurrentThreadId
UnmapViewOfFile
GetCurrentProcessId
AllocConsole
DeleteFileA
MoveFileA
CreateFileA
SetFilePointer
SetEndOfFile
OutputDebugStringA
GetStdHandle
WriteConsoleA
WriteFile
CloseHandle
FreeLibrary
LoadLibraryA
GetLastError
GetProcAddress
InterlockedDecrement
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetStdHandle
GetConsoleOutputCP
IsDebuggerPresent
WriteConsoleW

user32

UpdateWindow
SetWindowPos
GetWindowPlacement
ClipCursor
EndPaint
FillRect
BeginPaint
GetCapture
EndDialog
DialogBoxParamA
FlashWindow
SetActiveWindow
GetWindowThreadProcessId
MapWindowPoints
CreateDialogParamA
PtInRect
InvalidateRgn
ShowWindow
GetDlgItemInt
GetFocus
SetFocus
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
SetRect
GetMessageA
TranslateMessage
GetProcessWindowStation
PostThreadMessageA
GetWindow
IsIconic
GetUserObjectInformationA
MessageBeep
SetWindowRgn
DestroyMenu
LoadIconA
LoadMenuA
GetMenuState
CheckMenuItem
GetSubMenu
SetMenuDefaultItem
TrackPopupMenu
GetMenuItemID
EnableMenuItem
VkKeyScanA
GetAsyncKeyState
MapVirtualKeyA
RegisterWindowMessageA
PeekMessageA
WaitMessage
DispatchMessageA
GetForegroundWindow
RegisterClassExA
CreateWindowExA
SetClipboardViewer
GetClipboardOwner
GetClipboardData
PostQuitMessage
EnumWindows
GetPropA
IsWindowVisible
SetPropA
RemovePropA
ChangeClipboardChain
DestroyWindow
KillTimer
SetTimer
OpenClipboard
EmptyClipboard
ExitWindowsEx
InflateRect
SetClipboardData
CloseClipboard
DrawIconEx
GetIconInfo
ChangeDisplaySettingsA
OpenDesktopA
EnumDesktopWindows
SystemParametersInfoA
FindWindowA
PostMessageA
GetCursorPos
mouse_event
IntersectRect
GetKeyboardState
keybd_event
EnumDisplaySettingsA
GetThreadDesktop
OpenInputDesktop
SetThreadDesktop
CloseDesktop
GetDC
SetWindowLongA
GetWindowLongA
SetCapture
LoadImageA
SetCursor
DestroyCursor
CallWindowProcA
DefWindowProcA
ReleaseCapture
LoadCursorA
GetParent
ClientToScreen
WindowFromPoint
IsChild
LoadBitmapA
SendMessageA
GetWindowTextA
GetClassNameA
GetWindowDC
GetWindowRgn
OffsetRect
ReleaseDC
MessageBoxA
GetSystemMetrics
GetDesktopWindow
GetWindowRect
EqualRect
IsRectEmpty
SetWindowTextA
SendDlgItemMessageA
GetDlgItem
EnableWindow
SetForegroundWindow

gdi32

GetObjectA
GetBitmapBits
GetRegionData
CreateRectRgnIndirect
CombineRgn
GetStockObject
GdiFlush
BitBlt
CreateDIBSection
SelectObject
CreatePalette
SelectPalette
RealizePalette
CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
GetDIBits
CreateDCA
ExtEscape
DeleteDC
GetSystemPaletteEntries
CreateSolidBrush
CreateRectRgn
SetROP2
CreateHatchBrush
DeleteObject
FrameRgn

advapi32

StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
GetUserNameA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegOpenKeyA
OpenServiceA
ControlService
QueryServiceStatus
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RevertToSelf
OpenProcessToken
ImpersonateLoggedOnUser
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegSetValueExA
RegCreateKeyA
RegCloseKey
RegCreateKeyExA

shell32

Shell_NotifyIconA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

vnchooks

SetHook
SetKeyboardPriorityHook
SetMousePriorityHook
SetKeyboardPriorityLLHook
SetMousePriorityLLHook
SetKeyboardFilterHook
SetMouseFilterHook
UnSetHook

Sections

.text
Size: 272KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 224KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
CyberPC 2010/Cliente/ijl11.dll
.dll windows:4 windows x86 arch:x86

eb6df2cdc437fbaf0d983ed099e6f072

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OutputDebugStringA
CloseHandle
WriteFile
LocalFree
LocalAlloc
SetFilePointer
ReadFile
GetCurrentThreadId
GetModuleFileNameA
GetLastError
FreeEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsA
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
GetProcAddress
GetModuleHandleA
HeapAlloc
HeapFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
CreateFileA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetACP
FlushFileBuffers
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
InterlockedDecrement
InterlockedIncrement
VirtualAlloc
HeapReAlloc
GetCPInfo
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle

user32

PostQuitMessage
wsprintfA
MessageBoxA
PeekMessageA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Exports

Exports

ijlErrorStr
ijlFree
ijlGetLibVersion
ijlInit
ijlRead
ijlWrite

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CyberPC 2010/Cliente/lock-icon.bmp
CyberPC 2010/Cliente/vista-wallpaper-new-aurora.jpg
.jpg
CyberPC 2010/Cliente/zip32.dll
.dll windows:4 windows x86 arch:x86

00a4a2fc8c7dbf3b1dd6087ef98f034b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetDriveTypeA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ReleaseMutex
WaitForSingleObject
CloseHandle
InterlockedExchange
CreateMutexA
HeapFree
HeapAlloc
GetProcessHeap
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
GetFileAttributesA
FindClose
FindFirstFileA
GetVersion
GetFileType
FindNextFileA
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
lstrcpynA
lstrcpyA
lstrcatA
CreateFileA
GetLastError
HeapCreate
FlushFileBuffers
SetEndOfFile
GetTimeZoneInformation
GetSystemTime
GetLocalTime
MoveFileA
SetStdHandle
HeapReAlloc
GetCommandLineA
GetProcAddress
GetModuleHandleA
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
ExitProcess
TerminateProcess
HeapDestroy
lstrlenA
VirtualFree
VirtualAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
WriteFile
ReadFile
WideCharToMultiByte
GetStringTypeA
GetStringTypeW
MultiByteToWideChar
RtlUnwind
SetFilePointer
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
InterlockedDecrement
InterlockedIncrement
CompareStringA
CompareStringW
SetEnvironmentVariableA
LoadLibraryA
PeekNamedPipe
RemoveDirectoryA
GetLocaleInfoA
GetLocaleInfoW
LCMapStringA
LCMapStringW
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFullPathNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
DeleteFileA
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetFileInformationByHandle

user32

wvsprintfA

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
GetSecurityDescriptorLength
GetKernelObjectSecurity
OpenProcessToken

Exports

Exports

ZpArchive
ZpGetOptions
ZpInit
ZpSetOptions
ZpVersion

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 764B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CyberPC 2010/Cliente/zlib.dll
.dll windows:4 windows x86 arch:x86

d864ee5b5be09704bef5ffbefb087055

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

crtdll

fflush
fprintf
_fdopen
fopen
_errno
malloc
sprintf
fwrite
fread
fclose
free
vsprintf
ftell
fseek
rewind
fputc
calloc
_initterm

kernel32

GlobalAlloc
GetVersion
GlobalFree

Exports

Exports

adler32
compress
compress2
crc32
deflate
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflateReset
deflateSetDictionary
get_crc_table
gzclose
gzdopen
gzeof
gzerror
gzflush
gzgetc
gzgets
gzopen
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzsetparams
gztell
gzwrite
inflate
inflateEnd
inflateInit2_
inflateInit_
inflateReset
inflateSetDictionary
inflateSync
inflateSyncPoint
uncompress
unzClose
unzCloseCurrentFile
unzGetCurrentFileInfo
unzGetGlobalComment
unzGetGlobalInfo
unzGetLocalExtrafield
unzGoToFirstFile
unzGoToNextFile
unzLocateFile
unzOpen
unzOpenCurrentFile
unzReadCurrentFile
unzStringFileNameCompare
unzeof
unztell
zError
zipClose
zipCloseFileInZip
zipOpen
zipOpenNewFileInZip
zipWriteInFileInZip
zlibVersion

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 686B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CyberPC 2010/Como Usar.txt
CyberPC 2010/Servidor/CompressZItLib6.dll
.dll regsvr32 windows:4 windows x86 arch:x86

6470db107e1e4c53a1df3c4d3ce24abf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

MethCallEngine
ord595
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ord685
ord101
ord102
ord103
ord104
ord105
ord616

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 654B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CyberPC 2010/Servidor/CompressZItLib6.exp
CyberPC 2010/Servidor/CompressZItLib6.lib
CyberPC 2010/Servidor/CyberPC.exe
.exe windows:4 windows x86 arch:x86

8acb8fefdcd119afa8443c7a32dceb0f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

EVENT_SINK_GetIDsOfNames
__vbaVarTstGt
__vbaVarSub
ord690
__vbaStrI2
ord691
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaVarVargNofree
__vbaAryMove
__vbaFreeVar
__vbaStrVarMove
__vbaLateIdCall
__vbaLenBstr
__vbaLineInputStr
ord588
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
EVENT_SINK_Invoke
__vbaNextEachVar
__vbaFreeObjList
__vbaStrErrVarCopy
_adj_fprem1
__vbaRecAnsiToUni
ord518
ord519
__vbaStrCat
__vbaVarCmpNe
__vbaLsetFixstr
ord660
ord553
__vbaSetSystemError
__vbaRecDestruct
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryVar
Zombie_GetTypeInfo
__vbaAryDestruct
__vbaVarCmpGe
__vbaLateMemSt
ord593
__vbaVarForInit
__vbaStrBool
__vbaExitProc
__vbaBoolStr
__vbaForEachCollObj
ord300
ord594
ord301
__vbaObjSet
ord595
__vbaOnError
__vbaCyAdd
_adj_fdiv_m16i
ord702
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
ord703
__vbaVarIndexLoad
ord599
__vbaFpR4
__vbaCyStr
ord306
__vbaForEachCollVar
__vbaBoolVar
ord705
ord520
ord307
__vbaFPFix
__vbaFpR8
__vbaBoolVarNull
__vbaVarTstLt
_CIsin
ord631
ord525
__vbaVarZero
__vbaVarCmpGt
ord632
__vbaNextEachCollObj
__vbaChkstk
__vbaCyVar
__vbaFileClose
EVENT_SINK_AddRef
__vbaGenerateBoundsError
ord528
__vbaStrCmp
ord529
__vbaCyI2
__vbaVarTstEq
__vbaAryConstruct2
__vbaPutOwner3
__vbaR4Str
ord560
__vbaObjVar
__vbaNextEachCollVar
ord561
__vbaI2I4
__vbaPrintObj
ord562
DllFunctionCall
__vbaVarLateMemSt
ord563
__vbaVarOr
__vbaFpUI1
__vbaCySub
__vbaCastObjVar
__vbaRedimPreserve
__vbaStrR4
_adj_fpatan
__vbaR4Var
__vbaFixstrConstruct
__vbaR4Cy
__vbaLateIdCallLd
Zombie_GetTypeInfoCount
__vbaR8Cy
__vbaStrR8
__vbaRedim
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
ord600
__vbaUI1I2
_CIsqrt
__vbaObjIs
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaFpCmpCy
__vbaUI1I4
__vbaVarMul
__vbaExceptHandler
ord711
ord712
ord605
__vbaStrToUnicode
__vbaPrintFile
ord606
_adj_fprem
_adj_fdivr_m64
__vbaVarDiv
__vbaLateIdStAd
__vbaI2Str
ord608
ord531
__vbaFPException
__vbaInStrVar
__vbaStrVarVal
__vbaUbound
__vbaVarCat
ord534
__vbaI2Var
ord537
ord645
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaVar2Vec
__vbaInStr
__vbaVarLateMemCallLdRf
__vbaNew2
__vbaR8Str
ord648
ord571
_adj_fdiv_m32i
ord572
_adj_fdivr_m32i
__vbaVarSetObj
__vbaStrCopy
__vbaI4Str
__vbaFreeStrList
__vbaVarCmpLt
ord576
_adj_fdivr_m32
__vbaPowerR8
_adj_fdiv_r
ord685
ord100
__vbaVarTstNe
__vbaI4Var
ord689
__vbaVarCmpEq
ord610
__vbaFpCy
__vbaAryLock
__vbaLateMemCall
__vbaVarAdd
__vbaVarDup
__vbaStrToAnsi
__vbaVerifyVarObj
__vbaOnGoCheck
__vbaFpI2
__vbaCheckTypeVar
ord616
__vbaFpI4
__vbaVarLateMemCallLd
__vbaVarCopy
__vbaVarTstGe
ord617
__vbaR8IntI2
__vbaLateMemCallLd
__vbaRecDestructAnsi
_CIatan
ord618
__vbaStrMove
__vbaCastObj
__vbaI2ErrVar
__vbaAryCopy
ord540
__vbaForEachVar
ord541
ord542
ord543
_allmul
__vbaLateIdSt
ord544
ord545
_CItan
ord546
ord547
__vbaAryUnlock
__vbaFPInt
__vbaVarForNext
_CIexp
__vbaMidStmtBstr
__vbaStrCy
__vbaI4ErrVar
__vbaR8FixI2
__vbaFreeStr
__vbaFreeObj
ord581

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
CyberPC 2010/Servidor/CyberPC.exe.manifest
.xml
CyberPC 2010/Servidor/Leng/en/Dialogs.txt
CyberPC 2010/Servidor/Leng/en/Leng.txt
CyberPC 2010/Servidor/Leng/en/PWait.bmp
CyberPC 2010/Servidor/Leng/en/noconec.bmp
CyberPC 2010/Servidor/Leng/en/noconect.JPG
.jpg
CyberPC 2010/Servidor/Leng/en/noconect.bmp
CyberPC 2010/Servidor/Leng/es/2noconect.JPG
.jpg
CyberPC 2010/Servidor/Leng/es/Dialogs.txt
CyberPC 2010/Servidor/Leng/es/Leng.txt
CyberPC 2010/Servidor/Leng/es/Leng_2.txt
CyberPC 2010/Servidor/Leng/es/PWait.bmp
CyberPC 2010/Servidor/Leng/es/fakeDialogs.txt
CyberPC 2010/Servidor/Leng/es/noconec.bmp
CyberPC 2010/Servidor/Unzip32.dll
.dll windows:4 windows x86 arch:x86

d7fb4de41cd6c7ef515f3cb090e706e1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedExchange
HeapAlloc
GetLastError
CreateFileA
GetCurrentProcess
GetVersion
SetFileTime
SetFileAttributesA
FileTimeToLocalFileTime
GetFullPathNameA
CloseHandle
CreateMutexA
FindClose
SetVolumeLabelA
GetFileAttributesA
GetFileTime
FileTimeToDosDateTime
lstrcpyA
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
InitializeCriticalSection
WaitForSingleObject
ReleaseMutex
GetVolumeInformationA
lstrlenA
lstrcmpiA
EnterCriticalSection
GetDriveTypeA
lstrcpynA
LeaveCriticalSection
GetProcessHeap
HeapFree
FindFirstFileA
FindNextFileA
HeapDestroy
TlsFree
SetLastError
GetCurrentDirectoryA
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetTimeZoneInformation
HeapCreate
VirtualFree
DeleteCriticalSection
ExitProcess
VirtualAlloc
RtlUnwind
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TerminateProcess
FlushFileBuffers
WriteFile
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCurrentThreadId
TlsSetValue
TlsAlloc
FileTimeToSystemTime
TlsGetValue
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetFilePointer
ReadFile
SetStdHandle
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
DeleteFileA
CreateDirectoryA

user32

CharToOemA
OemToCharA

advapi32

GetSecurityDescriptorControl
GetKernelObjectSecurity
AdjustTokenPrivileges
IsValidSecurityDescriptor
GetSecurityDescriptorDacl
SetKernelObjectSecurity
GetSecurityDescriptorSacl
GetSecurityDescriptorOwner
IsValidAcl
GetSecurityDescriptorGroup
GetSecurityDescriptorLength
IsValidSid
OpenProcessToken
LookupPrivilegeValueA

Exports

Exports

UzpFreeMemBuffer
UzpVersion
UzpVersion2
Wiz_Grep
Wiz_Init
Wiz_NoPrinting
Wiz_SetOpts
Wiz_SingleEntryUnzip
Wiz_Unzip
Wiz_UnzipToMemory
Wiz_Validate

Sections

.text
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CyberPC 2010/Servidor/backser.jpx
.jpg
CyberPC 2010/Servidor/comdlg32.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

988f29c1eb8054253091352741683c76

Code Sign

03:c7:8f:37:db:92:28:df:3c:bb:1a:ad:82:fa:67:10
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

09/04/1996, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

fc:a4:a5:9f:2c:0f:c0:b9:03:98:33:1b:7b:54:54:1d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

16/11/1999, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service CA SW1,OU=VeriSign Trust Network+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

75:f2:8e:f8:a8:fb:ea:6d:11:52:97:14:95:4b:65:5c
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

04/04/2000, 00:00

Not After

17/04/2001, 23:59

Subject

CN=Microsoft Corporation,OU=VeriSign Commercial Software Publishers CA+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98+OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Microsoft Corporation,O=VeriSign\, Inc.,L=Internet+L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

HeapReAlloc
GetLastError
LockResource
GetWindowsDirectoryA
InterlockedDecrement
InterlockedIncrement
IsDBCSLeadByte
CompareStringA
CompareStringW
lstrcmpA
GetLocaleInfoA
GetVersion
GetModuleFileNameA
GetFileAttributesA
IsBadWritePtr
DisableThreadLibraryCalls
GlobalAlloc
lstrcmpiA
LoadLibraryA
GetProcAddress
lstrcatA
lstrlenA
lstrcpyA
WriteProfileStringA
GlobalLock
GlobalUnlock
LoadResource
FindResourceA
lstrcpynA
LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
HeapAlloc
GetProfileStringA
EnterCriticalSection
GetProcessHeap
GetCurrentThreadId
MultiByteToWideChar
InitializeCriticalSection
GlobalFree

user32

SetWindowRgn
IntersectRect
EqualRect
PtInRect
IsDialogMessageA
IsChild
GetKeyState
CreateDialogIndirectParamA
MessageBeep
PostMessageA
ClientToScreen
wsprintfA
SendMessageTimeoutA
CharNextA
GetActiveWindow
GetWindowThreadProcessId
LoadCursorA
MessageBoxA
GetWindowLongA
GetWindowRect
CreateWindowExA
SetWindowLongA
ShowWindow
DialogBoxParamA
EnableWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
OffsetRect
GetParent
GetDlgItem
SendMessageA
SetFocus
SetParent
SetDlgItemInt
EndPaint
SetActiveWindow
IsWindowVisible
WinHelpA
GetDlgItemInt
EndDialog
GetDlgItemTextA
DestroyWindow
SetDlgItemTextA
GetWindowTextA
GetNextDlgTabItem
SendDlgItemMessageA
RegisterClassA
GetDC
ReleaseDC
LoadIconA
DrawIcon
DestroyIcon
GetSystemMetrics
RegisterWindowMessageA
LoadStringA
DefWindowProcA
UnregisterClassA
GetClientRect
BeginPaint
RegisterClipboardFormatA
SetWindowPos
MoveWindow

ole32

CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
ReleaseStgMedium

advapi32

RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

LoadRegTypeLi
OleCreatePropertyFrame
SetErrorInfo
UnRegisterTypeLi
LoadTypeLi
LoadTypeLibEx
OleLoadPicture
VariantChangeType
RegisterTypeLi
VariantInit
GetErrorInfo
VariantClear
SysStringLen
SysAllocStringLen
OleTranslateColor
SysFreeString
SysAllocString
CreateErrorInfo

comdlg32

CommDlgExtendedError
PrintDlgA
ChooseFontA
ChooseColorA
GetOpenFileNameA
GetSaveFileNameA

gdi32

GetDIBits
CreateCompatibleDC
CreateBitmap
GetSystemPaletteEntries
StretchDIBits
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetMapMode
LPtoDP
SetViewportExtEx
GetViewportExtEx
CreateRectRgnIndirect
GetWindowExtEx
CreateDCA
GetObjectA
EnumFontFamiliesA
DeleteDC
DeleteObject
GetDeviceCaps
SelectObject

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CyberPC 2010/Servidor/cpcnotify.dll
.exe windows:4 windows x86 arch:x86

129778cf2c13d7803c949b94911973c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaStrI4
__vbaFreeVar
__vbaLateIdCall
__vbaStrVarMove
__vbaLenBstr
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord669
ord593
ord594
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
__vbaForEachCollVar
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
__vbaNextEachCollVar
DllFunctionCall
__vbaVarLateMemSt
_adj_fpatan
__vbaLateIdCallLd
EVENT_SINK_Release
__vbaNew
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord607
__vbaFPException
ord537
_CIlog
__vbaVarLateMemCallLdRf
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaI4Str
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaI4Var
ord689
__vbaStrToAnsi
__vbaFpI4
_CIatan
__vbaCastObj
__vbaStrMove
_allmul
__vbaLateIdSt
_CItan
_CIexp
__vbaI4ErrVar
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
CyberPC 2010/Servidor/noconect.jpg
CyberPC 2010/Servidor/vncviewer.exe
.exe windows:4 windows x86 arch:x86

c75cf6c0a8738f35342d9268f19bdfea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

wsock32

connect
htons
WSAStartup
WSACleanup
bind
listen
accept
WSAAsyncSelect
inet_ntoa
WSAGetLastError
getpeername
send
recv
shutdown
closesocket
setsockopt
socket
ioctlsocket
gethostbyname

comctl32

CreateToolbarEx
ord17

kernel32

GetPrivateProfileStringA
DeleteFileA
CloseHandle
FindNextFileA
FindClose
FindFirstFileA
SetErrorMode
GetLogicalDriveStringsA
ReadFile
CreateFileA
WriteFile
SetFileTime
WriteConsoleA
GetStdHandle
OutputDebugStringA
AllocConsole
SetEndOfFile
SetFilePointer
GetModuleFileNameA
GetProcAddress
LoadLibraryA
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetDriveTypeA
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
VirtualAlloc
GetPrivateProfileIntA
HeapCreate
HeapDestroy
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
CreateThread
ExitThread
GetStartupInfoA
GetProcessHeap
GetVersionExA
GetCommandLineA
GetFullPathNameA
GetFileAttributesA
ExitProcess
GetModuleHandleA
HeapAlloc
HeapFree
RtlUnwind
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
ResumeThread
TlsAlloc
GetCurrentProcess
GetCurrentThread
DuplicateHandle
GetCurrentThreadId
TlsSetValue
SetThreadPriority
TlsGetValue
WaitForSingleObject
CreateSemaphoreA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WritePrivateProfileStringA
GlobalAlloc
GlobalLock
GlobalUnlock
Beep
FormatMessageA
LocalFree
Sleep
GetLastError
GetTickCount
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetCurrentProcessId
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetCurrentDirectoryA
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetStdHandle
GetConsoleOutputCP
WriteConsoleW
VirtualFree

user32

IsDialogMessageA
GetMessageA
MapWindowPoints
SetClassLongA
GetDlgCtrlID
GetDlgItemInt
SetDlgItemInt
FindWindowA
GetDlgItemTextA
GetKeyboardState
ToAscii
GetKeyState
DestroyAcceleratorTable
TranslateAcceleratorA
CreateAcceleratorTableA
CreateDialogParamA
LoadKeyboardLayoutA
DestroyIcon
GetWindowTextA
EnableWindow
GetDlgItem
PeekMessageA
TranslateMessage
DispatchMessageA
RegisterClassExA
DestroyMenu
GetSubMenu
GetMenuItemID
SetMenuDefaultItem
TrackPopupMenu
GetCursorPos
SetCursorPos
GetSystemMetrics
EmptyClipboard
LoadImageA
SetClipboardData
GetClipboardOwner
OpenClipboard
GetClipboardData
CloseClipboard
LoadIconA
GetSysColorBrush
RegisterClassA
CreateWindowExA
SetWindowLongA
AppendMenuA
DrawMenuBar
GetForegroundWindow
GetWindow
GetFocus
LoadCursorA
SetCursor
WindowFromPoint
ScreenToClient
SetTimer
SetFocus
ChangeClipboardChain
KillTimer
PostQuitMessage
PostMessageA
SystemParametersInfoA
AdjustWindowRectEx
GetWindowPlacement
SetWindowPlacement
SetForegroundWindow
CheckMenuItem
GetWindowLongA
DestroyWindow
GetClientRect
GetMenuState
GetWindowRect
SetWindowPos
ShowWindow
ShowScrollBar
IsIconic
ScrollWindowEx
UpdateWindow
GetKeyboardLayoutNameA
MessageBoxA
SetScrollInfo
BeginPaint
EndPaint
DefWindowProcA
SetRect
DrawTextA
InvalidateRect
SetClipboardViewer
GetSystemMenu
EnableMenuItem
SendMessageA
ReleaseDC
GetDC
LoadStringA
SetDlgItemTextA
SetWindowTextA
DialogBoxParamA
EndDialog
LoadMenuA

gdi32

CreateCompatibleDC
DeleteDC
SetPixelV
GetDeviceCaps
SetStretchBltMode
SetBrushOrgEx
StretchBlt
UpdateColors
CreatePalette
BitBlt
DeleteObject
CreateCompatibleBitmap
SetTextColor
SelectPalette
RealizePalette
SelectObject
GetStockObject
ExtTextOutA
SetBkColor

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

advapi32

RegEnumValueA
RegDeleteValueA
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyA
RegSetValueA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

shell32

Shell_NotifyIconA

Sections

.text
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
CyberPC 2010/Servidor/zlib.dll
.dll windows:4 windows x86 arch:x86

d864ee5b5be09704bef5ffbefb087055

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

crtdll

fflush
fprintf
_fdopen
fopen
_errno
malloc
sprintf
fwrite
fread
fclose
free
vsprintf
ftell
fseek
rewind
fputc
calloc
_initterm

kernel32

GlobalAlloc
GetVersion
GlobalFree

Exports

Exports

adler32
compress
compress2
crc32
deflate
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflateReset
deflateSetDictionary
get_crc_table
gzclose
gzdopen
gzeof
gzerror
gzflush
gzgetc
gzgets
gzopen
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzsetparams
gztell
gzwrite
inflate
inflateEnd
inflateInit2_
inflateInit_
inflateReset
inflateSetDictionary
inflateSync
inflateSyncPoint
uncompress
unzClose
unzCloseCurrentFile
unzGetCurrentFileInfo
unzGetGlobalComment
unzGetGlobalInfo
unzGetLocalExtrafield
unzGoToFirstFile
unzGoToNextFile
unzLocateFile
unzOpen
unzOpenCurrentFile
unzReadCurrentFile
unzStringFileNameCompare
unzeof
unztell
zError
zipClose
zipCloseFileInZip
zipOpen
zipOpenNewFileInZip
zipWriteInFileInZip
zlibVersion

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 686B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6470db107e1e4c53a1df3c4d3ce24abf

Headers

File Characteristics

Imports

msvbvm60

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.data Size: - Virtual size: 1004B

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 654B

633882223229fe3d2b854cb9d3abecf6

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 968KB - Virtual size: 966KB

.data Size: 4KB - Virtual size: 20KB

.rsrc Size: 116KB - Virtual size: 114KB

7416d6697fe089606b214e430337b5fb

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 2KB

6e20f0a555bfbc5a1321c57520d8674b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 11KB

.SharedD Size: 4KB - Virtual size: 68B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 5KB

b3f50ff36ed8b11c6ce1af10b6725501

Headers

File Characteristics

Imports

wsock32

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

vnchooks

Sections

.text Size: 272KB - Virtual size: 270KB

.rdata Size: 64KB - Virtual size: 60KB

.data Size: 12KB - Virtual size: 20KB

.rsrc Size: 224KB - Virtual size: 221KB

eb6df2cdc437fbaf0d983ed099e6f072

Headers

File Characteristics

Imports

kernel32

user32

version

advapi32

Exports

Exports

.text
Size: 8KB - Virtual size: 7KB

.data
Size: - Virtual size: 1004B

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 654B

.text
Size: 968KB - Virtual size: 966KB

.data
Size: 4KB - Virtual size: 20KB

.rsrc
Size: 116KB - Virtual size: 114KB

.text
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 2KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 11KB

.SharedD
Size: 4KB - Virtual size: 68B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 5KB

.text
Size: 272KB - Virtual size: 270KB

.rdata
Size: 64KB - Virtual size: 60KB

.data
Size: 12KB - Virtual size: 20KB

.rsrc
Size: 224KB - Virtual size: 221KB

.text
Size: 144KB - Virtual size: 143KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 5KB

.text
Size: 93KB - Virtual size: 92KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 19KB - Virtual size: 327KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 764B

.reloc
Size: 8KB - Virtual size: 8KB

.text
Size: 38KB - Virtual size: 37KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 5KB - Virtual size: 6KB

.rsrc
Size: 1024B - Virtual size: 872B

.reloc
Size: 1024B - Virtual size: 686B

.text
Size: 8KB - Virtual size: 7KB

.data
Size: - Virtual size: 1004B

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 654B

.text
Size: 1.7MB - Virtual size: 1.7MB

.data
Size: 4KB - Virtual size: 49KB

.rsrc
Size: 80KB - Virtual size: 78KB

.text
Size: 96KB - Virtual size: 92KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 12KB