eaed204228e9755e7bf9347e837f0193e1858a7256ea0379d166b7b7580056da

Sharing

Copy URL Twitter E-mail

General

Target

eaed204228e9755e7bf9347e837f0193e1858a7256ea0379d166b7b7580056da
Size

14.6MB
MD5

32dd3b3ede65cd0592a7b028df77f2ec
SHA1

014e154a968e17a36f379526c7732f05c363e57a
SHA256

eaed204228e9755e7bf9347e837f0193e1858a7256ea0379d166b7b7580056da
SHA512

e47594a1d3c420445268a6f69de541dd883e8a3999013acc2775d185b99601e06c8ed470de9ab5cdf2e8264d2e970c56f8b3623b29565c7099c6ccac8ce7fc97
SSDEEP

393216:PI0T7ltwwNAFy7FPsSo+Ry1ZI0B+3KTexd3JePFUstsdV8:A6ltwwyyxZXRyrI0N6nYte2

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ɼ1.21ʵʱע޸/HPSocket4C_.dll
unpack001/ɼ1.21ʵʱע޸/Сʵʱע.exe
unpack001/ɼ1.21ʵʱע޸/ɼ.exe

Files

eaed204228e9755e7bf9347e837f0193e1858a7256ea0379d166b7b7580056da
.zip
ɼ1.21ʵʱע޸/HPSocket4C_.dll
.dll windows:5 windows x86 arch:x86

b9e0a4d4ab733f3a99273f6ef9363116

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\MyWork\Linux\MyWork\HP-Socket\Windows\Lib\HPSocket4C\x86\HPSocket4C.pdb

Imports

kernel32

LockResource
LoadResource
FindResourceW
FindResourceExW
CreateTimerQueue
DeleteTimerQueueEx
CreateWaitableTimerA
GetSystemInfo
GetExitCodeThread
TerminateThread
ResetEvent
InterlockedExchange
PostQueuedCompletionStatus
RaiseException
SetEvent
GetQueuedCompletionStatus
CreateIoCompletionPort
UnmapViewOfFile
lstrlenA
lstrcmpiA
CreateFileA
GetProcAddress
GetModuleHandleA
GetFileSize
CreateFileMappingA
MapViewOfFileEx
MultiByteToWideChar
WaitForMultipleObjects
InterlockedExchangeAdd
SetWaitableTimer
CancelWaitableTimer
TryEnterCriticalSection
CreateTimerQueueTimer
DeleteTimerQueueTimer
SystemTimeToFileTime
GetSystemTime
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
DeleteFiber
SwitchToFiber
CreateFiber
FindNextFileW
FindFirstFileW
FindClose
GetModuleHandleW
GetVersion
WriteFile
GetFileType
GetStdHandle
ConvertFiberToThread
ConvertThreadToFiber
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetConsoleMode
SetConsoleMode
ReadConsoleA
SizeofResource
GetEnvironmentVariableW
SetEnvironmentVariableA
CompareStringW
WriteConsoleW
SetEndOfFile
GetDriveTypeW
WideCharToMultiByte
Sleep
CreateEventA
GetNativeSystemInfo
SwitchToThread
ReleaseSemaphore
WaitForSingleObject
CloseHandle
CreateSemaphoreA
GetCurrentProcessId
GetCurrentThreadId
SetLastError
GetLastError
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
SetFilePointer
SetStdHandle
FlushFileBuffers
CreateFileW
GetConsoleCP
ReadFile
GetCurrentDirectoryW
PeekNamedPipe
GetFileInformationByHandle
GetFullPathNameA
GetTickCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
IsProcessorFeaturePresent
RtlUnwind
GetTimeZoneInformation
GetStringTypeW
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LoadLibraryW
GetStartupInfoW
SetHandleCount
GetModuleFileNameW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
SetConsoleCtrlHandler
FindFirstFileExA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCommandLineA
CreateThread
ExitThread
EncodePointer
DecodePointer
ExitProcess
GetProcessHeap
HeapSize
HeapReAlloc
InterlockedCompareExchange
HeapFree
HeapAlloc
HeapDestroy
HeapCreate
DeleteCriticalSection
ReadConsoleW
InitializeCriticalSectionAndSpinCount

user32

GetProcessWindowStation
GetUserObjectInformationW
MsgWaitForMultipleObjects
DispatchMessageA
TranslateMessage
MessageBoxW
PeekMessageA

advapi32

CryptSignHashW
ReportEventW
RegisterEventSourceW
CryptEnumProvidersW
CryptReleaseContext
CryptDestroyKey
CryptGetProvParam
CryptGenRandom
CryptDecrypt
CryptCreateHash
CryptSetHashParam
DeregisterEventSource
CryptDestroyHash
CryptExportKey
CryptGetUserKey
CryptAcquireContextW

shlwapi

StrChrA
StrPBrkA
PathIsDirectoryA
PathFileExistsA

winmm

timeGetTime
timeBeginPeriod
timeEndPeriod
timeGetDevCaps

ws2_32

WSARecv
WSASend
closesocket
shutdown
sendto
send
ioctlsocket
setsockopt
htonl
ntohl
WSASendTo
getsockname
WSAAddressToStringA
freeaddrinfo
getaddrinfo
WSAStringToAddressA
getsockopt
WSAIoctl
WSASetLastError
htons
WSAGetLastError
ntohs
WSARecvFrom
WSAStartup
WSACleanup
bind
socket
WSAGetOverlappedResult
connect
WSACreateEvent
WSAEventSelect
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
WSAResetEvent
recv
WSACloseEvent
listen
recvfrom
getpeername

crypt32

CertDuplicateCertificateContext
CertFreeCertificateContext
CertGetCertificateContextProperty
CertOpenStore
CertFindCertificateInStore
CertCloseStore
CertEnumCertificatesInStore

Exports

Exports

Create_HP_BrotliCompressor
Create_HP_BrotliCompressorEx
Create_HP_BrotliDecompressor
Create_HP_GZipCompressor
Create_HP_GZipCompressorEx
Create_HP_GZipDecompressor
Create_HP_HttpAgent
Create_HP_HttpAgentListener
Create_HP_HttpClient
Create_HP_HttpClientListener
Create_HP_HttpServer
Create_HP_HttpServerListener
Create_HP_HttpSyncClient
Create_HP_HttpsAgent
Create_HP_HttpsClient
Create_HP_HttpsServer
Create_HP_HttpsSyncClient
Create_HP_SSLAgent
Create_HP_SSLClient
Create_HP_SSLPackAgent
Create_HP_SSLPackClient
Create_HP_SSLPackServer
Create_HP_SSLPullAgent
Create_HP_SSLPullClient
Create_HP_SSLPullServer
Create_HP_SSLServer
Create_HP_SocketTaskObj
Create_HP_TcpAgent
Create_HP_TcpAgentListener
Create_HP_TcpClient
Create_HP_TcpClientListener
Create_HP_TcpPackAgent
Create_HP_TcpPackAgentListener
Create_HP_TcpPackClient
Create_HP_TcpPackClientListener
Create_HP_TcpPackServer
Create_HP_TcpPackServerListener
Create_HP_TcpPullAgent
Create_HP_TcpPullAgentListener
Create_HP_TcpPullClient
Create_HP_TcpPullClientListener
Create_HP_TcpPullServer
Create_HP_TcpPullServerListener
Create_HP_TcpServer
Create_HP_TcpServerListener
Create_HP_ThreadPool
Create_HP_ThreadPoolListener
Create_HP_UdpArqClient
Create_HP_UdpArqClientListener
Create_HP_UdpArqServer
Create_HP_UdpArqServerListener
Create_HP_UdpCast
Create_HP_UdpCastListener
Create_HP_UdpClient
Create_HP_UdpClientListener
Create_HP_UdpNode
Create_HP_UdpNodeListener
Create_HP_UdpServer
Create_HP_UdpServerListener
Create_HP_ZLibCompressor
Create_HP_ZLibCompressorEx
Create_HP_ZLibDecompressor
Create_HP_ZLibDecompressorEx
Destroy_HP_Compressor
Destroy_HP_Decompressor
Destroy_HP_HttpAgent
Destroy_HP_HttpAgentListener
Destroy_HP_HttpClient
Destroy_HP_HttpClientListener
Destroy_HP_HttpServer
Destroy_HP_HttpServerListener
Destroy_HP_HttpSyncClient
Destroy_HP_HttpsAgent
Destroy_HP_HttpsClient
Destroy_HP_HttpsServer
Destroy_HP_HttpsSyncClient
Destroy_HP_SSLAgent
Destroy_HP_SSLClient
Destroy_HP_SSLPackAgent
Destroy_HP_SSLPackClient
Destroy_HP_SSLPackServer
Destroy_HP_SSLPullAgent
Destroy_HP_SSLPullClient
Destroy_HP_SSLPullServer
Destroy_HP_SSLServer
Destroy_HP_SocketTaskObj
Destroy_HP_TcpAgent
Destroy_HP_TcpAgentListener
Destroy_HP_TcpClient
Destroy_HP_TcpClientListener
Destroy_HP_TcpPackAgent
Destroy_HP_TcpPackAgentListener
Destroy_HP_TcpPackClient
Destroy_HP_TcpPackClientListener
Destroy_HP_TcpPackServer
Destroy_HP_TcpPackServerListener
Destroy_HP_TcpPullAgent
Destroy_HP_TcpPullAgentListener
Destroy_HP_TcpPullClient
Destroy_HP_TcpPullClientListener
Destroy_HP_TcpPullServer
Destroy_HP_TcpPullServerListener
Destroy_HP_TcpServer
Destroy_HP_TcpServerListener
Destroy_HP_ThreadPool
Destroy_HP_ThreadPoolListener
Destroy_HP_UdpArqClient
Destroy_HP_UdpArqClientListener
Destroy_HP_UdpArqServer
Destroy_HP_UdpArqServerListener
Destroy_HP_UdpCast
Destroy_HP_UdpCastListener
Destroy_HP_UdpClient
Destroy_HP_UdpClientListener
Destroy_HP_UdpNode
Destroy_HP_UdpNodeListener
Destroy_HP_UdpServer
Destroy_HP_UdpServerListener
HP_Agent_Connect
HP_Agent_ConnectWithExtra
HP_Agent_ConnectWithExtraAndLocalAddressPort
HP_Agent_ConnectWithExtraAndLocalPort
HP_Agent_ConnectWithLocalAddress
HP_Agent_ConnectWithLocalPort
HP_Agent_Disconnect
HP_Agent_DisconnectLongConnections
HP_Agent_DisconnectSilenceConnections
HP_Agent_GetAllConnectionIDs
HP_Agent_GetConnectPeriod
HP_Agent_GetConnectionCount
HP_Agent_GetConnectionExtra
HP_Agent_GetFreeBufferObjHold
HP_Agent_GetFreeBufferObjPool
HP_Agent_GetFreeSocketObjHold
HP_Agent_GetFreeSocketObjLockTime
HP_Agent_GetFreeSocketObjPool
HP_Agent_GetLastError
HP_Agent_GetLastErrorDesc
HP_Agent_GetLocalAddress
HP_Agent_GetMaxConnectionCount
HP_Agent_GetOnSendSyncPolicy
HP_Agent_GetPendingDataLength
HP_Agent_GetRemoteAddress
HP_Agent_GetRemoteHost
HP_Agent_GetReuseAddressPolicy
HP_Agent_GetSendPolicy
HP_Agent_GetSilencePeriod
HP_Agent_GetState
HP_Agent_GetWorkerThreadCount
HP_Agent_HasStarted
HP_Agent_IsConnected
HP_Agent_IsMarkSilence
HP_Agent_IsPauseReceive
HP_Agent_IsSecure
HP_Agent_PauseReceive
HP_Agent_Send
HP_Agent_SendPackets
HP_Agent_SendPart
HP_Agent_SetConnectionExtra
HP_Agent_SetFreeBufferObjHold
HP_Agent_SetFreeBufferObjPool
HP_Agent_SetFreeSocketObjHold
HP_Agent_SetFreeSocketObjLockTime
HP_Agent_SetFreeSocketObjPool
HP_Agent_SetMarkSilence
HP_Agent_SetMaxConnectionCount
HP_Agent_SetOnSendSyncPolicy
HP_Agent_SetReuseAddressPolicy
HP_Agent_SetSendPolicy
HP_Agent_SetWorkerThreadCount
HP_Agent_Start
HP_Agent_Stop
HP_Agent_Wait
HP_Client_GetConnectionID
HP_Client_GetExtra
HP_Client_GetFreeBufferPoolHold
HP_Client_GetFreeBufferPoolSize
HP_Client_GetLastError
HP_Client_GetLastErrorDesc
HP_Client_GetLocalAddress
HP_Client_GetPendingDataLength
HP_Client_GetRemoteHost
HP_Client_GetReuseAddressPolicy
HP_Client_GetState
HP_Client_HasStarted
HP_Client_IsConnected
HP_Client_IsPauseReceive
HP_Client_IsSecure
HP_Client_PauseReceive
HP_Client_Send
HP_Client_SendPackets
HP_Client_SendPart
HP_Client_SetExtra
HP_Client_SetFreeBufferPoolHold
HP_Client_SetFreeBufferPoolSize
HP_Client_SetReuseAddressPolicy
HP_Client_Start
HP_Client_StartWithBindAddress
HP_Client_StartWithBindAddressAndLocalPort
HP_Client_Stop
HP_Client_Wait
HP_Compressor_IsValid
HP_Compressor_Process
HP_Compressor_Reset
HP_Decompressor_IsValid
HP_Decompressor_Process
HP_Decompressor_Reset
HP_GetHPSocketVersion
HP_GetSocketErrorDesc
HP_HttpAgent_GetAllCookies
HP_HttpAgent_GetAllHeaderNames
HP_HttpAgent_GetAllHeaders
HP_HttpAgent_GetContentEncoding
HP_HttpAgent_GetContentLength
HP_HttpAgent_GetContentType
HP_HttpAgent_GetCookie
HP_HttpAgent_GetHeader
HP_HttpAgent_GetHeaders
HP_HttpAgent_GetLocalVersion
HP_HttpAgent_GetParseErrorCode
HP_HttpAgent_GetStatusCode
HP_HttpAgent_GetTransferEncoding
HP_HttpAgent_GetUpgradeType
HP_HttpAgent_GetVersion
HP_HttpAgent_GetWSMessageState
HP_HttpAgent_IsHttpAutoStart
HP_HttpAgent_IsKeepAlive
HP_HttpAgent_IsUpgrade
HP_HttpAgent_IsUseCookie
HP_HttpAgent_SendChunkData
HP_HttpAgent_SendConnect
HP_HttpAgent_SendDelete
HP_HttpAgent_SendGet
HP_HttpAgent_SendHead
HP_HttpAgent_SendLocalFile
HP_HttpAgent_SendOptions
HP_HttpAgent_SendPatch
HP_HttpAgent_SendPost
HP_HttpAgent_SendPut
HP_HttpAgent_SendRequest
HP_HttpAgent_SendTrace
HP_HttpAgent_SendWSMessage
HP_HttpAgent_SetHttpAutoStart
HP_HttpAgent_SetLocalVersion
HP_HttpAgent_SetUseCookie
HP_HttpAgent_StartHttp
HP_HttpClient_GetAllCookies
HP_HttpClient_GetAllHeaderNames
HP_HttpClient_GetAllHeaders
HP_HttpClient_GetContentEncoding
HP_HttpClient_GetContentLength
HP_HttpClient_GetContentType
HP_HttpClient_GetCookie
HP_HttpClient_GetHeader
HP_HttpClient_GetHeaders
HP_HttpClient_GetLocalVersion
HP_HttpClient_GetParseErrorCode
HP_HttpClient_GetStatusCode
HP_HttpClient_GetTransferEncoding
HP_HttpClient_GetUpgradeType
HP_HttpClient_GetVersion
HP_HttpClient_GetWSMessageState
HP_HttpClient_IsHttpAutoStart
HP_HttpClient_IsKeepAlive
HP_HttpClient_IsUpgrade
HP_HttpClient_IsUseCookie
HP_HttpClient_SendChunkData
HP_HttpClient_SendConnect
HP_HttpClient_SendDelete
HP_HttpClient_SendGet
HP_HttpClient_SendHead
HP_HttpClient_SendLocalFile
HP_HttpClient_SendOptions
HP_HttpClient_SendPatch
HP_HttpClient_SendPost
HP_HttpClient_SendPut
HP_HttpClient_SendRequest
HP_HttpClient_SendTrace
HP_HttpClient_SendWSMessage
HP_HttpClient_SetHttpAutoStart
HP_HttpClient_SetLocalVersion
HP_HttpClient_SetUseCookie
HP_HttpClient_StartHttp
HP_HttpCookie_HLP_CurrentUTCTime
HP_HttpCookie_HLP_ExpiresToMaxAge
HP_HttpCookie_HLP_MakeExpiresStr
HP_HttpCookie_HLP_MaxAgeToExpires
HP_HttpCookie_HLP_ParseExpires
HP_HttpCookie_HLP_ToString
HP_HttpCookie_MGR_ClearCookies
HP_HttpCookie_MGR_DeleteCookie
HP_HttpCookie_MGR_IsEnableThirdPartyCookie
HP_HttpCookie_MGR_LoadFromFile
HP_HttpCookie_MGR_RemoveExpiredCookies
HP_HttpCookie_MGR_SaveToFile
HP_HttpCookie_MGR_SetCookie
HP_HttpCookie_MGR_SetEnableThirdPartyCookie
HP_HttpServer_GetAllCookies
HP_HttpServer_GetAllHeaderNames
HP_HttpServer_GetAllHeaders
HP_HttpServer_GetContentEncoding
HP_HttpServer_GetContentLength
HP_HttpServer_GetContentType
HP_HttpServer_GetCookie
HP_HttpServer_GetHeader
HP_HttpServer_GetHeaders
HP_HttpServer_GetHost
HP_HttpServer_GetLocalVersion
HP_HttpServer_GetMethod
HP_HttpServer_GetParseErrorCode
HP_HttpServer_GetReleaseDelay
HP_HttpServer_GetTransferEncoding
HP_HttpServer_GetUpgradeType
HP_HttpServer_GetUrlField
HP_HttpServer_GetUrlFieldSet
HP_HttpServer_GetVersion
HP_HttpServer_GetWSMessageState
HP_HttpServer_IsHttpAutoStart
HP_HttpServer_IsKeepAlive
HP_HttpServer_IsUpgrade
HP_HttpServer_Release
HP_HttpServer_SendChunkData
HP_HttpServer_SendLocalFile
HP_HttpServer_SendResponse
HP_HttpServer_SendWSMessage
HP_HttpServer_SetHttpAutoStart
HP_HttpServer_SetLocalVersion
HP_HttpServer_SetReleaseDelay
HP_HttpServer_StartHttp
HP_HttpSyncClient_CleanupRequestResult
HP_HttpSyncClient_GetConnectTimeout
HP_HttpSyncClient_GetRequestTimeout
HP_HttpSyncClient_GetResponseBody
HP_HttpSyncClient_OpenUrl
HP_HttpSyncClient_SetConnectTimeout
HP_HttpSyncClient_SetRequestTimeout
HP_SSLAgent_CleanupSSLContext
HP_SSLAgent_GetSSLCipherList
HP_SSLAgent_GetSSLSessionInfo
HP_SSLAgent_IsSSLAutoHandShake
HP_SSLAgent_SetSSLAutoHandShake
HP_SSLAgent_SetSSLCipherList
HP_SSLAgent_SetupSSLContext
HP_SSLAgent_SetupSSLContextByMemory
HP_SSLAgent_StartSSLHandShake
HP_SSLClient_CleanupSSLContext
HP_SSLClient_GetSSLCipherList
HP_SSLClient_GetSSLSessionInfo
HP_SSLClient_IsSSLAutoHandShake
HP_SSLClient_SetSSLAutoHandShake
HP_SSLClient_SetSSLCipherList
HP_SSLClient_SetupSSLContext
HP_SSLClient_SetupSSLContextByMemory
HP_SSLClient_StartSSLHandShake
HP_SSLServer_AddSSLContext
HP_SSLServer_AddSSLContextByMemory
HP_SSLServer_BindSSLServerName
HP_SSLServer_CleanupSSLContext
HP_SSLServer_GetSSLCipherList
HP_SSLServer_GetSSLSessionInfo
HP_SSLServer_IsSSLAutoHandShake
HP_SSLServer_SetSSLAutoHandShake
HP_SSLServer_SetSSLCipherList
HP_SSLServer_SetupSSLContext
HP_SSLServer_SetupSSLContextByMemory
HP_SSLServer_StartSSLHandShake
HP_SSL_DefaultServerNameCallback
HP_SSL_RemoveThreadLocalState
HP_Server_Disconnect
HP_Server_DisconnectLongConnections
HP_Server_DisconnectSilenceConnections
HP_Server_GetAllConnectionIDs
HP_Server_GetConnectPeriod
HP_Server_GetConnectionCount
HP_Server_GetConnectionExtra
HP_Server_GetFreeBufferObjHold
HP_Server_GetFreeBufferObjPool
HP_Server_GetFreeSocketObjHold
HP_Server_GetFreeSocketObjLockTime
HP_Server_GetFreeSocketObjPool
HP_Server_GetLastError
HP_Server_GetLastErrorDesc
HP_Server_GetListenAddress
HP_Server_GetLocalAddress
HP_Server_GetMaxConnectionCount
HP_Server_GetOnSendSyncPolicy
HP_Server_GetPendingDataLength
HP_Server_GetRemoteAddress
HP_Server_GetReuseAddressPolicy
HP_Server_GetSendPolicy
HP_Server_GetSilencePeriod
HP_Server_GetState
HP_Server_GetWorkerThreadCount
HP_Server_HasStarted
HP_Server_IsConnected
HP_Server_IsMarkSilence
HP_Server_IsPauseReceive
HP_Server_IsSecure
HP_Server_PauseReceive
HP_Server_Send
HP_Server_SendPackets
HP_Server_SendPart
HP_Server_SetConnectionExtra
HP_Server_SetFreeBufferObjHold
HP_Server_SetFreeBufferObjPool
HP_Server_SetFreeSocketObjHold
HP_Server_SetFreeSocketObjLockTime
HP_Server_SetFreeSocketObjPool
HP_Server_SetMarkSilence
HP_Server_SetMaxConnectionCount
HP_Server_SetOnSendSyncPolicy
HP_Server_SetReuseAddressPolicy
HP_Server_SetSendPolicy
HP_Server_SetWorkerThreadCount
HP_Server_Start
HP_Server_Stop
HP_Server_Wait
HP_Set_FN_Agent_OnClose
HP_Set_FN_Agent_OnConnect
HP_Set_FN_Agent_OnHandShake
HP_Set_FN_Agent_OnPrepareConnect
HP_Set_FN_Agent_OnPullReceive
HP_Set_FN_Agent_OnReceive
HP_Set_FN_Agent_OnSend
HP_Set_FN_Agent_OnShutdown
HP_Set_FN_Client_OnClose
HP_Set_FN_Client_OnConnect
HP_Set_FN_Client_OnHandShake
HP_Set_FN_Client_OnPrepareConnect
HP_Set_FN_Client_OnPullReceive
HP_Set_FN_Client_OnReceive
HP_Set_FN_Client_OnSend
HP_Set_FN_HttpAgent_OnBody
HP_Set_FN_HttpAgent_OnChunkComplete
HP_Set_FN_HttpAgent_OnChunkHeader
HP_Set_FN_HttpAgent_OnClose
HP_Set_FN_HttpAgent_OnConnect
HP_Set_FN_HttpAgent_OnHandShake
HP_Set_FN_HttpAgent_OnHeader
HP_Set_FN_HttpAgent_OnHeadersComplete
HP_Set_FN_HttpAgent_OnMessageBegin
HP_Set_FN_HttpAgent_OnMessageComplete
HP_Set_FN_HttpAgent_OnParseError
HP_Set_FN_HttpAgent_OnPrepareConnect
HP_Set_FN_HttpAgent_OnReceive
HP_Set_FN_HttpAgent_OnSend
HP_Set_FN_HttpAgent_OnShutdown
HP_Set_FN_HttpAgent_OnStatusLine
HP_Set_FN_HttpAgent_OnUpgrade
HP_Set_FN_HttpAgent_OnWSMessageBody
HP_Set_FN_HttpAgent_OnWSMessageComplete
HP_Set_FN_HttpAgent_OnWSMessageHeader
HP_Set_FN_HttpClient_OnBody
HP_Set_FN_HttpClient_OnChunkComplete
HP_Set_FN_HttpClient_OnChunkHeader
HP_Set_FN_HttpClient_OnClose
HP_Set_FN_HttpClient_OnConnect
HP_Set_FN_HttpClient_OnHandShake
HP_Set_FN_HttpClient_OnHeader
HP_Set_FN_HttpClient_OnHeadersComplete
HP_Set_FN_HttpClient_OnMessageBegin
HP_Set_FN_HttpClient_OnMessageComplete
HP_Set_FN_HttpClient_OnParseError
HP_Set_FN_HttpClient_OnPrepareConnect
HP_Set_FN_HttpClient_OnReceive
HP_Set_FN_HttpClient_OnSend
HP_Set_FN_HttpClient_OnStatusLine
HP_Set_FN_HttpClient_OnUpgrade
HP_Set_FN_HttpClient_OnWSMessageBody
HP_Set_FN_HttpClient_OnWSMessageComplete
HP_Set_FN_HttpClient_OnWSMessageHeader
HP_Set_FN_HttpServer_OnAccept
HP_Set_FN_HttpServer_OnBody
HP_Set_FN_HttpServer_OnChunkComplete
HP_Set_FN_HttpServer_OnChunkHeader
HP_Set_FN_HttpServer_OnClose
HP_Set_FN_HttpServer_OnHandShake
HP_Set_FN_HttpServer_OnHeader
HP_Set_FN_HttpServer_OnHeadersComplete
HP_Set_FN_HttpServer_OnMessageBegin
HP_Set_FN_HttpServer_OnMessageComplete
HP_Set_FN_HttpServer_OnParseError
HP_Set_FN_HttpServer_OnPrepareListen
HP_Set_FN_HttpServer_OnReceive
HP_Set_FN_HttpServer_OnRequestLine
HP_Set_FN_HttpServer_OnSend
HP_Set_FN_HttpServer_OnShutdown
HP_Set_FN_HttpServer_OnUpgrade
HP_Set_FN_HttpServer_OnWSMessageBody
HP_Set_FN_HttpServer_OnWSMessageComplete
HP_Set_FN_HttpServer_OnWSMessageHeader
HP_Set_FN_Server_OnAccept
HP_Set_FN_Server_OnClose
HP_Set_FN_Server_OnHandShake
HP_Set_FN_Server_OnPrepareListen
HP_Set_FN_Server_OnPullReceive
HP_Set_FN_Server_OnReceive
HP_Set_FN_Server_OnSend
HP_Set_FN_Server_OnShutdown
HP_Set_FN_ThreadPool_OnShutdown

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 991KB - Virtual size: 991KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ɼ1.21ʵʱע޸/Сʵʱע.exe
.exe windows:4 windows x86 arch:x86

e4609750de70b50f0239756a9b0074f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasHangUpA

winmm

waveOutClose

ws2_32

closesocket

kernel32

IsBadReadPtr

user32

GetDlgItem

gdi32

LineTo

msimg32

GradientFill

winspool.drv

ClosePrinter

advapi32

RegQueryValueExA

shell32

DragQueryFileA

ole32

CoGetClassObject

oleaut32

SafeArrayAccessData

comctl32

ImageList_GetIcon

oledlg

ord8

wldap32

ord29

wininet

InternetCanonicalizeUrlA

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Exports

Exports

e2ee_CacheClear
e2ee_CacheDecr
e2ee_CacheDelete
e2ee_CacheExists
e2ee_CacheGet
e2ee_CacheGetMulti
e2ee_CacheGetMultiText
e2ee_CacheGetText
e2ee_CacheIncr
e2ee_CacheSet
e2ee_CacheSetExpire
e2ee_CacheSetText

Sections

.text
Size: 5.8MB - Virtual size: 7.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ɼ1.21ʵʱע޸/ɼ.exe
.exe windows:4 windows x86 arch:x86

b4354109c1dd8dd511b6de27b2641f38

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamStop

ws2_32

ioctlsocket

rasapi32

RasHangUpA

kernel32

GetCurrentProcess

user32

GetKeyState

gdi32

LineTo

msimg32

GradientFill

winspool.drv

ClosePrinter

advapi32

RegQueryValueExA

shell32

ShellExecuteA

ole32

CoGetClassObject

oleaut32

SysAllocStringLen

comctl32

ImageList_GetIcon

oledlg

ord8

wininet

InternetCanonicalizeUrlA

wldap32

ord29

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Exports

Exports

e2ee_CacheClear
e2ee_CacheDecr
e2ee_CacheDelete
e2ee_CacheExists
e2ee_CacheGet
e2ee_CacheGetMulti
e2ee_CacheGetMultiText
e2ee_CacheGetText
e2ee_CacheIncr
e2ee_CacheSet
e2ee_CacheSetExpire
e2ee_CacheSetText

Sections

.text
Size: 5.8MB - Virtual size: 7.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9e0a4d4ab733f3a99273f6ef9363116

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shlwapi

winmm

ws2_32

crypt32

Exports

Exports

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 991KB - Virtual size: 991KB

.data Size: 33KB - Virtual size: 51KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 110KB - Virtual size: 109KB

e4609750de70b50f0239756a9b0074f6

Headers

File Characteristics

Imports

rasapi32

winmm

ws2_32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

oledlg

wldap32

wininet

comdlg32

msvcrt

iphlpapi

psapi

Exports

Exports

Sections

.text Size: 5.8MB - Virtual size: 7.4MB

.sedata Size: 1.1MB - Virtual size: 1.1MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 8KB

.sedata Size: 4KB - Virtual size: 4KB

b4354109c1dd8dd511b6de27b2641f38

Headers

File Characteristics

Imports

winmm

ws2_32

rasapi32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

oledlg

wininet

wldap32

comdlg32

msvcrt

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 991KB - Virtual size: 991KB

.data
Size: 33KB - Virtual size: 51KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 110KB - Virtual size: 109KB

.text
Size: 5.8MB - Virtual size: 7.4MB

.sedata
Size: 1.1MB - Virtual size: 1.1MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 8KB

.sedata
Size: 4KB - Virtual size: 4KB

.text
Size: 5.8MB - Virtual size: 7.5MB

.sedata
Size: 1.1MB - Virtual size: 1.1MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 8KB

.sedata
Size: 4KB - Virtual size: 4KB