ccccc[.]7z | Triage

Resubmissions

16/07/2024, 01:35

240716-bzp8ga1hne 3

16/07/2024, 01:28

240716-bv39ja1frb 3

16/07/2024, 01:24

240716-bss1sa1eqf 3

Sharing

Copy URL Twitter E-mail

General

Target

ccccc.7z
Size

527KB
MD5

7167e275637579f28661a24d98153bb2
SHA1

265b4286f0ac19c55a02b9deb6024e53707f2ccb
SHA256

aa9faa6d997a45b6af6498dab0310c207ccf7c824c616c497d9ee6f5f7828820
SHA512

604289f04047656511852f3441809d2838b947b43541c1f906b32b659a3ffb633a7bffea87d472bbc8d9f54a47a99a447a140cb8fd8710795460b42832dd994e
SSDEEP

12288:hM83ZNGI1aIz92U8wefbnAjBnsfKtp9sjInJOxWc1lGk:u8JNGI1iU8XLfK2jInJOxtLR

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ccccc/DDVCtrlLib.dll
unpack001/ccccc/DDVEC.dll
unpack001/ccccc/Mshype.dll

Files

ccccc.7z
.7z
ccccc/Config.dat
ccccc/DDVCtrlLib.dll
.dll windows:4 windows x86 arch:x86

9193e923374d6485fe44601e06383b01

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord6215
ord2086
ord2614
ord860
ord2645
ord5981
ord2642
ord816
ord1768
ord3920
ord562
ord4376
ord4853
ord3619
ord324
ord4234
ord3706
ord6453
ord3874
ord5261
ord2078
ord4710
ord6055
ord1776
ord5290
ord4424
ord3742
ord2753
ord2566
ord2393
ord665
ord1979
ord1567
ord5442
ord268
ord3318
ord5186
ord354
ord818
ord567
ord4275
ord2152
ord1233
ord858
ord924
ord2864
ord2754
ord3402
ord3721
ord809
ord795
ord556
ord1088
ord2122
ord3797
ord4465
ord535
ord2859
ord6880
ord941
ord5572
ord2915
ord1200
ord926
ord1146
ord4129
ord6380
ord5873
ord4277
ord2763
ord939
ord940
ord1997
ord5465
ord798
ord5194
ord533
ord925
ord1862
ord4220
ord2584
ord3654
ord2438
ord2450
ord2971
ord4133
ord4297
ord5788
ord472
ord4083
ord2863
ord5787
ord283
ord812
ord5862
ord559
ord5710
ord5651
ord3616
ord3127
ord350
ord6385
ord4396
ord3574
ord2575
ord609
ord4284
ord3573
ord3693
ord2380
ord6197
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord6199
ord470
ord323
ord1640
ord1641
ord5785
ord6172
ord5875
ord2860
ord5789
ord2405
ord640
ord755
ord3571
ord2379
ord2302
ord3597
ord4425
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord5683
ord3136
ord4078
ord6052
ord2514
ord4998
ord5265
ord2414
ord641
ord3626
ord1182
ord342
ord1253
ord1168
ord537
ord823
ord540
ord2818
ord800
ord825
ord6358
ord3663

msvcrt

_adjust_fdiv
_initterm
_onexit
__dllonexit
__CxxFrameHandler
_CxxThrowException
wcslen
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler3
toupper
malloc
free
_stat
fopen
fwrite
fclose
_mbsnbcpy
sprintf
strstr
_mbsstr
_mbsinc
_mbclen
_ftol
atoi

kernel32

GetPrivateProfileIntA
GetProcAddress
CreateFileA
WriteFile
CloseHandle
lstrcatA
WinExec
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
SizeofResource
LockResource
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
GlobalFree
lstrlenA
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
InterlockedIncrement
OutputDebugStringA
GetLastError
InterlockedDecrement
LocalFree
GetLocalTime

user32

IsWindow
InvalidateRect
SetTimer
GetClientRect
SendMessageA
PostMessageA
CopyRect
ScreenToClient
EqualRect
GetWindowLongA
ReleaseDC
GetDC
KillTimer
GetParent
GetSysColor
MessageBeep
SetWindowRgn
DrawFocusRect
FillRect
GetWindowTextA
DrawStateA
MessageBoxExA
OffsetRect
DestroyIcon
ClientToScreen
EnableWindow
AppendMenuA
GetMenuItemID
DrawIconEx
GetMenuItemCount
RedrawWindow
ReleaseCapture
PtInRect
SetCursor
SetWindowLongA
InflateRect
CopyIcon
LoadIconA
GetWindowRect
GetMenuItemInfoA
GetSubMenu
SetRect
DrawEdge
GetSystemMetrics
SystemParametersInfoA
LoadImageA
LoadBitmapA
LoadCursorA
SetCapture

gdi32

GetPixel
CreateRectRgn
GetStockObject
GetTextExtentPoint32A
DeleteObject
DeleteDC
SetTextColor
SetBkColor
SelectObject
CreateBitmap
CreateRectRgnIndirect
GetDIBits
CombineRgn
SelectPalette
CreateDCA
GetDIBColorTable
GetBitmapBits
Rectangle
GetTextColor
CreateFontA
PatBlt
CreateDIBitmap
CreateSolidBrush
CreatePen
RoundRect
StretchBlt
GetDeviceCaps
GetObjectA
CreateFontIndirectA
CreateRoundRectRgn
CreateCompatibleDC
RealizePalette
BitBlt
CreateCompatibleBitmap

advapi32

RegQueryValueA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA

comctl32

ImageList_Draw
ImageList_GetImageInfo
_TrackMouseEvent

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CreateStreamOnHGlobal
CoInitialize
CoCreateInstance
OleRun

olepro32

ord251

oleaut32

VariantClear
SysAllocStringByteLen
SysStringByteLen
VariantCopy
VariantInit
SysAllocStringLen
SysStringLen
SysAllocString
GetErrorInfo
SysFreeString

winmm

sndPlaySoundA

Exports

Exports

??0CCressXML@@QAE@XZ
??0CDlgMessage@@QAE@PAVCWnd@@@Z
??0CDlgResize@@QAE@IPAVCWnd@@@Z
??0CGifBrowser@@QAE@XZ
??0CGifCore@@QAE@XZ
??0CGifPlayer@@QAE@XZ
??0CGifWnd@@QAE@XZ
??0CHash@@QAE@ABV0@@Z
??0CHash@@QAE@K@Z
??0CHash@@QAE@XZ
??0CHyperLink@@QAE@XZ
??0CLibFunc@@QAE@ABV0@@Z
??0CLibFunc@@QAE@XZ
??0CLog@@QAE@ABV0@@Z
??0CLog@@QAE@XZ
??0CMenuXP@@QAE@XZ
??0CPicture2@@QAE@ABV0@@Z
??0CPicture2@@QAE@XZ
??0CResizeBtnEx@@QAE@XZ
??0CResizeButton@@QAE@XZ
??0CXPButton@@QAE@XZ
??0CXPMenu@@QAE@XZ
??1CCressXML@@UAE@XZ
??1CDlgMessage@@UAE@XZ
??1CDlgResize@@UAE@XZ
??1CGifBrowser@@UAE@XZ
??1CGifCore@@UAE@XZ
??1CGifPlayer@@UAE@XZ
??1CGifWnd@@UAE@XZ
??1CHash@@UAE@XZ
??1CHyperLink@@UAE@XZ
??1CLibFunc@@UAE@XZ
??1CLog@@QAE@XZ
??1CMenuXP@@UAE@XZ
??1CPicture2@@UAE@XZ
??1CResizeBtnEx@@UAE@XZ
??1CResizeButton@@UAE@XZ
??1CXPButton@@UAE@XZ
??1CXPMenu@@UAE@XZ
??4CHash@@QAEAAV0@ABV0@@Z
??4CLibFunc@@QAEAAV0@ABV0@@Z
??4CLog@@QAEAAV0@ABV0@@Z
??4CPicture2@@QAEAAV0@ABV0@@Z
??_7CCressXML@@6B@
??_7CDlgMessage@@6B@
??_7CDlgResize@@6B@
??_7CGifBrowser@@6B@
??_7CGifCore@@6B@
??_7CGifPlayer@@6B@
??_7CGifWnd@@6B@
??_7CHash@@6B@
??_7CHyperLink@@6B@
??_7CLibFunc@@6B@
??_7CMenuXP@@6B@
??_7CPicture2@@6B@
??_7CResizeBtnEx@@6B@
??_7CResizeButton@@6B@
??_7CXPButton@@6B@
??_7CXPMenu@@6B@
??_FCDlgMessage@@QAEXXZ
?ADD_Log@CLog@@QAEXABVCString@@H@Z
?ADD_Log@CLog@@QAEXPBDHH@Z
?AddChild@CCressXML@@QAEXPBD0AAVCString@@1@Z
?AddChilds@CCressXML@@QAEXPBD0PAVCString@@1H@Z
?AddSideBar@CMenuXP@@QAEHPAVCMenuXPSideBar@@@Z
?AddSideBarEx@CMenuXP@@QAEHPAVCMenuXPSideBar@@HH@Z
?AppendGiftData@CGifPlayer@@QAEPAU_GIFTANIMATEDATA@@XZ
?AppendODMenu@CMenuXP@@QAEHIPAVCMenuXPItem@@PAUtagACCEL@@@Z
?AppendODPopup@CMenuXP@@QAEHIPAVCMenu@@PAVCMenuXPItem@@@Z
?AppendSeparator@CMenuXP@@QAEHXZ
?Break@CMenuXP@@QAEXXZ
?BreakBar@CMenuXP@@QAEXXZ
?CalcWndRect@CDlgMessage@@MAEXXZ
?Char2IntEx@CLibFunc@@SAHPBDPAHAAH@Z
?Char2Point@CLibFunc@@SAHPAUtagPOINT@@PBD@Z
?Char2Rect@CLibFunc@@SAHPAUtagRECT@@PBD@Z
?Char2Size@CLibFunc@@SAHPAUtagSIZE@@PBD@Z
?CharToColor@CLibFunc@@SAKPBDH@Z
?CharToInt_16@CLibFunc@@SAJPBDH@Z
?Clear@CMenuXP@@IAEXXZ
?CopyRectFromRgn@CLibFunc@@SAXAAVCRgn@@QAUtagRECT@@@Z
?Create@CGifPlayer@@QAEHPAVCWnd@@K@Z
?Create@CGifWnd@@QAEHABUtagRECT@@PAVCWnd@@IK@Z
?CreateFontA@CLibFunc@@SAHAAVCFont@@HHPBD@Z
?CreateGradientBMP@CMenuXP@@IAEPAUHBITMAP__@@PAUHDC__@@KKHHHH@Z
?CtlColor@CHyperLink@@IAEPAUHBRUSH__@@PAVCDC@@I@Z
?CutString@CLibFunc@@SAHAAVCString@@HHH@Z
?CutString@CLibFunc@@SAHPADHHH@Z
?DefaultFont@CLibFunc@@SAPAVCFont@@XZ
?DeleteAllNode@CCressXML@@QAEXPBD0@Z
?DeleteItem@CHash@@QAEPAXJ@Z
?DeleteItem@CHash@@QAEPAXPBD@Z
?DeleteNode@CCressXML@@QAEXABVCString@@@Z
?Destroy@CHash@@QAEXXZ
?DestroyWindow@CGifPlayer@@UAEHXZ
?DoDataExchange@CDlgMessage@@MAEXPAVCDataExchange@@@Z
?DoDataExchange@CDlgResize@@MAEXPAVCDataExchange@@@Z
?DoGradientFill@CXPButton@@UAEXPAVCDC@@PAVCRect@@@Z
?Draw@CGifCore@@QAEHPAVCDC@@PBUtagRECT@@@Z
?Draw@CGifCore@@QAEHPAVCDC@@UtagPOINT@@@Z
?DrawBack@CDlgResize@@UAEXPAVCDC@@PBUtagRECT@@@Z
?DrawBackGround@CMenuXP@@MAEXPAVCDC@@VCRect@@HH@Z
?DrawBgClr@CXPMenu@@QAEXPAVCDC@@VCRect@@H@Z
?DrawBitmap@CMenuXP@@MAEXPAVCDC@@VCRect@@PAUHBITMAP__@@HHH@Z
?DrawBorder@CLibFunc@@SAXPAVCDC@@AAVCBitmap@@UtagPOINT@@UtagSIZE@@3HK@Z
?DrawBorderSpecial@CLibFunc@@SAXPAVCDC@@AAVCBitmap@@UtagPOINT@@UtagSIZE@@3HHK@Z
?DrawBtnFace@CResizeBtnEx@@UAEXPAVCDC@@UtagPOINT@@I@Z
?DrawBtnFace@CResizeButton@@UAEXPAVCDC@@UtagPOINT@@I@Z
?DrawBtnFaceEx@CResizeButton@@QAEXPAVCDC@@UtagPOINT@@1I@Z
?DrawButton@CMenuXP@@MAEXPAVCDC@@VCRect@@HHH@Z
?DrawCaption@CLibFunc@@SAXPAVCDC@@0UtagPOINT@@1HHUtagSIZE@@H@Z
?DrawCaption@CLibFunc@@SAXPAVCDC@@AAVCBitmap@@UtagPOINT@@2HHUtagSIZE@@H@Z
?DrawCheckMark@CMenuXP@@MAEXPAVCDC@@VCRect@@H@Z
?DrawColor2GrayScale@CLibFunc@@SAXPAVCDC@@PAVCBitmap@@HH@Z
?DrawEmbossed@CMenuXP@@IAEXPAVCDC@@PAUHICON__@@VCRect@@HH@Z
?DrawFrame@CGifCore@@QAEXPAVCDC@@H@Z
?DrawHollowRect@CLibFunc@@SAXPAVCDC@@0PBUtagRECT@@1@Z
?DrawHollowRect@CLibFunc@@SAXPAVCDC@@PAVCBitmap@@PBUtagRECT@@2@Z
?DrawIcon@CMenuXP@@MAEXPAVCDC@@VCRect@@PAUHICON__@@HHH@Z
?DrawIcon@CXPMenu@@QAEXPAVCDC@@VCRect@@IIH@Z
?DrawIconArea@CMenuXP@@MAEXPAVCDC@@VCRect@@HHH@Z
?DrawImage@CXPMenu@@QAEXPAVCDC@@AAVCRect@@PAVCImageList@@HH@Z
?DrawImageList@CMenuXP@@MAEXPAVCDC@@VCRect@@PAVCImageList@@HHHH@Z
?DrawInsideBorder@CXPButton@@UAEXPAVCDC@@PAVCRect@@@Z
?DrawItem@CMenuXP@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CResizeButton@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CXPButton@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CXPMenu@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItemImage@CMenuXP@@MAEXPAVCDC@@VCRect@@PAVCMenuXPItem@@HHH@Z
?DrawMenuText@CMenuXP@@MAEXAAVCDC@@VCRect@@VCString@@K@Z
?DrawNumberEx@CLibFunc@@SAXPAVCDC@@PAVCBitmap@@HHHHHHHKH@Z
?DrawPicture2@CMenuXP@@MAEXPAVCDC@@VCRect@@PAVCPicture2@@HHH@Z
?DrawSeparator@CXPMenu@@QAEXPAVCDC@@VCRect@@@Z
?DrawSideBar@CMenuXP@@MAEXPAVCDC@@VCRect@@PAVCMenuXPItem@@@Z
?DrawTextA@CLibFunc@@SAHPAVCDC@@PBDHVCRect@@IH@Z
?DrawTextA@CMenuXP@@MAEXPAVCDC@@VCRect@@VCString@@HHH@Z
?DrawTextA@CXPMenu@@QAEXPAVCDC@@VCRect@@ABVCString@@HH@Z
?DrawTitle@CDlgResize@@MAEXPAVCDC@@@Z
?DrawTitle@CLibFunc@@SAXPAVCDC@@HHHHPAVCBitmap@@HHH@Z
?EndDialog@CDlgMessage@@IAEXH@Z
?FillRect@CMenuXP@@IAEXPAVCDC@@ABVCRect@@K@Z
?FindFirst@CHash@@QAEXH@Z
?FindGiftData@CGifPlayer@@QBEPAU_GIFTANIMATEDATA@@H@Z
?FindNext@CHash@@QAEPAXPAPAD@Z
?FindNext@CHash@@QAEPAXXZ
?FindSubMenuFromID@CMenuXP@@QAEPAV1@K@Z
?FinishedSence@CGifPlayer@@IAEXXZ
?FirstLetter@CLibFunc@@SAXHAAVCString@@@Z
?FreePictureData@CPicture2@@QAEXXZ
?GetAttrValueByName@CCressXML@@QAE?AVCString@@PBD@Z
?GetAutoSize@CHyperLink@@QBEHXZ
?GetBkColor@CGifCore@@QBEKXZ
?GetBtnsID@CDlgMessage@@IBEXPAHH@Z
?GetCurGifCore@CGifPlayer@@QBEPAVCGifCore@@XZ
?GetCurRgn@CGifCore@@QBEHAAVCRgn@@@Z
?GetCurTime@CLog@@QAEXAAVCString@@@Z
?GetCurrentPos@CHash@@QAEHXZ
?GetDelay@CGifCore@@QBEHXZ
?GetFirst@CHash@@QAEPAXH@Z
?GetFirst@CHash@@QAEPAXHAAHH@Z
?GetFirstLetter@CLibFunc@@SAXPBDAAVCString@@@Z
?GetFrameCount@CGifCore@@QBEHXZ
?GetFullXMLToString@CCressXML@@QAE?AVCString@@XZ
?GetHashArrayNum@CHash@@QAEKXZ
?GetHashItemNum@CHash@@QAEHXZ
?GetHeight@CResizeButton@@QBEHXZ
?GetHoverColour@CHyperLink@@QBEKXZ
?GetLinkColour@CHyperLink@@QBEKXZ
?GetLinkCursor@CHyperLink@@QBEPAUHICON__@@XZ
?GetLoadError@CCressXML@@QAEHXZ
?GetMessageMap@CDlgMessage@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CDlgResize@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CGifBrowser@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CGifPlayer@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CGifWnd@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CHyperLink@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CResizeButton@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CXPButton@@MBEPBUAFX_MSGMAP@@XZ
?GetMilliseconds@CLibFunc@@SAJABU_SYSTEMTIME@@0@Z
?GetNexNode@CCressXML@@QAE?AV?$_com_ptr_t@V?$_com_IIID@UIXMLDOMNode@MSXML2@@$1?_GUID_2933bf80_7b36_11d2_b20e_00c04f983e60@@3U__s_GUID@@A@@@@V2@@Z
?GetNext@CHash@@QAEPAXPAPAXAAHH@Z
?GetNextBlock@CGifCore@@IBE?AW4GIFBlockTypes@1@XZ
?GetNextBlockLen@CGifCore@@IBEHXZ
?GetNextGraphicBlock@CGifCore@@IAEPAXPAI0PAUtagSIZE@@10@Z
?GetNodeNum@CCressXML@@QAEHPBD@Z
?GetNodeText@CCressXML@@QAE?AVCString@@XZ
?GetRegKey@CHyperLink@@KAJPAUHKEY__@@PBDPAD@Z
?GetRgnFromDC@CLibFunc@@SAXPAVCDC@@AAVCRgn@@HHHHK@Z
?GetRgnFromImage@CLibFunc@@SAXPAVCDC@@AAVCRgn@@PAVCBitmap@@K@Z
?GetRuntimeClass@CMenuXP@@UBEPAUCRuntimeClass@@XZ
?GetSize@CGifCore@@QBE?AUtagSIZE@@XZ
?GetSize@CPicture2@@QBE?AVCSize@@XZ
?GetSize@CResizeButton@@QBE?AUtagSIZE@@XZ
?GetSubBlocksLen@CGifCore@@IBEII@Z
?GetURL@CHyperLink@@QBE?AVCString@@XZ
?GetUnderline@CHyperLink@@QBEHXZ
?GetUpperDirectory@CLibFunc@@SAHPBDAAVCString@@H@Z
?GetValueByIndex@CCressXML@@QAE?AVCString@@H@Z
?GetValueByName@CCressXML@@QAE?AVCString@@PBD@Z
?GetVisibleBtnCnt@CDlgMessage@@QBEHXZ
?GetVisited@CHyperLink@@QBEHXZ
?GetVisitedColour@CHyperLink@@QBEKXZ
?GetWidth@CResizeButton@@QBEHXZ
?GetXMLByName@CCressXML@@QAE?AVCString@@PBD@Z
?GetXMLToString@CCressXML@@QAE?AVCString@@XZ
?GotoURL@CHyperLink@@SAPAUHINSTANCE__@@PBDH@Z
?HashFun@CHash@@IAEKJAAK@Z
?HashFun@CHash@@IAEKPBDAAK@Z
?InitCtrlSkin@CDlgMessage@@MAEXXZ
?InitCtrlSkin@CDlgResize@@MAEXXZ
?InitItem@CDlgMessage@@IAEXXZ
?InitParam@CHash@@QAEHXZ
?InitToolTip@CResizeButton@@IAEXI@Z
?InsertItem@CHash@@QAEHJPAX@Z
?InsertItem@CHash@@QAEHPBDPAX@Z
?IsAnimatedGIF@CGifCore@@QBEHXZ
?IsGIF@CGifCore@@QBEHXZ
?IsInQueque@CGifPlayer@@IBEHHJ@Z
?IsLoadPicture@CPicture2@@QBEHXZ
?IsPlaying@CGifCore@@QBEHXZ
?IsPlaying@CGifPlayer@@QBEHXZ
?IsSubtract@CLibFunc@@SAHUtagPOINT@@UtagSIZE@@00@Z
?Load@CGifCore@@QAEHPAXK@Z
?Load@CGifCore@@QAEHPBD0@Z
?Load@CGifCore@@QAEHPBD@Z
?Load@CPicture2@@QAEHIPBD@Z
?Load@CPicture2@@QAEHVCString@@@Z
?LoadBitmapA@CResizeButton@@QAEHPBDHHH@Z
?LoadFile@CCressXML@@QAEHPBD@Z
?LoadGif@CGifWnd@@QAEHPBD@Z
?LoadGifEx@CGifBrowser@@QAEHPBDH@Z
?LoadGiftData@CGifPlayer@@QAEHPAU_GIFTANIMATEDATA@@HPBDH@Z
?LoadPictureData@CPicture2@@QAEHPBEH@Z
?LoadStringsFromFile@CLibFunc@@SAXPBDPAVCString@@H@Z
?LoadXML@CCressXML@@QAEHPBD@Z
?MeasureItem@CMenuXP@@UAEXPAUtagMEASUREITEMSTRUCT@@@Z
?MeasureItem@CXPMenu@@UAEXPAUtagMEASUREITEMSTRUCT@@@Z
?OnBtnDlgClose@CDlgResize@@IAEXXZ
?OnBtnDlgMin@CDlgResize@@IAEXXZ
?OnBtnDlgNormal@CDlgResize@@IAEXXZ
?OnCancel@CDlgMessage@@MAEXXZ
?OnClicked@CHyperLink@@IAEXXZ
?OnCloseResize@CDlgMessage@@MAEXH@Z
?OnCloseResize@CDlgResize@@MAEXH@Z
?OnCreate@CGifPlayer@@IAEHPAUtagCREATESTRUCTA@@@Z
?OnDestroy@CDlgResize@@IAEXXZ
?OnDestroy@CGifWnd@@IAEXXZ
?OnEraseBkgnd@CDlgResize@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CGifPlayer@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CGifWnd@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CResizeButton@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CXPButton@@IAEHPAVCDC@@@Z
?OnInitDialog@CDlgMessage@@MAEHXZ
?OnInitDialog@CDlgResize@@MAEHXZ
?OnLButtonDown@CDlgMessage@@IAEXIVCPoint@@@Z
?OnMenuChar@CMenuXP@@SAJIIPAVCMenu@@@Z
?OnMouseHover@CXPButton@@IAEJIJ@Z
?OnMouseLeave@CResizeButton@@IAEJIJ@Z
?OnMouseLeave@CXPButton@@IAEJIJ@Z
?OnMouseMove@CHyperLink@@IAEXIVCPoint@@@Z
?OnMouseMove@CResizeButton@@IAEXIVCPoint@@@Z
?OnMouseMove@CXPButton@@IAEXIVCPoint@@@Z
?OnNcHitTest@CDlgResize@@IAEIVCPoint@@@Z
?OnNo@CDlgMessage@@MAEXXZ
?OnOK@CDlgMessage@@MAEXXZ
?OnPaint@CDlgMessage@@IAEXXZ
?OnPaint@CDlgResize@@IAEXXZ
?OnPaint@CGifBrowser@@IAEXXZ
?OnPaint@CGifPlayer@@IAEXXZ
?OnPaint@CGifWnd@@IAEXXZ
?OnSetCursor@CHyperLink@@IAEHPAVCWnd@@II@Z
?OnSetFocus@CGifPlayer@@IAEXPAVCWnd@@@Z
?OnSize@CDlgResize@@IAEXIHH@Z
?OnSizing@CDlgResize@@IAEXIPAUtagRECT@@@Z
?OnTimer@CDlgMessage@@IAEXI@Z
?OnTimer@CGifPlayer@@IAEXI@Z
?OnTimer@CGifWnd@@IAEXI@Z
?OnYes@CDlgMessage@@MAEXXZ
?OrientationItem@CDlgMessage@@MAEXHH@Z
?OrientationItem@CDlgResize@@MAEXHH@Z
?PaintToDC@@YAXPAVCDC@@HHHHPAVCBitmap@@HH@Z
?PaintToDC@@YAXPAVCDC@@PBUtagRECT@@PAVCBitmap@@HH@Z
?PositionWindow@CHyperLink@@IAEXXZ
?PreCreateWindow@CDlgResize@@MAEHAAUtagCREATESTRUCTA@@@Z
?PreSubclassWindow@CHyperLink@@MAEXXZ
?PreSubclassWindow@CResizeButton@@MAEXXZ
?PreSubclassWindow@CXPButton@@MAEXXZ
?PreTranslateMessage@CHyperLink@@UAEHPAUtagMSG@@@Z
?PreTranslateMessage@CResizeButton@@MAEHPAUtagMSG@@@Z
?PrepareDC@CGifCore@@IAEHHH@Z
?QueryItem@CHash@@QAEPAXJ@Z
?QueryItem@CHash@@QAEPAXPBD@Z
?QueryNode@CCressXML@@QAE?AV?$_com_ptr_t@V?$_com_IIID@UIXMLDOMNode@MSXML2@@$1?_GUID_2933bf80_7b36_11d2_b20e_00c04f983e60@@3U__s_GUID@@A@@@@H@Z
?RemoveRectFromRgn@CLibFunc@@SAXAAVCRgn@@QAUtagRECT@@@Z
?ReplaceBtnFace@CResizeButton@@QAEHPAVCBitmap@@@Z
?ReportError@CHyperLink@@IAEXH@Z
?ResetDataPointer@CGifCore@@IAEXXZ
?ResetIconIndex@CResizeButton@@QAEXH@Z
?ResetSrcOffset@CResizeBtnEx@@QAEXUtagPOINT@@@Z
?SaveAsBitmap@CPicture2@@QAEHVCString@@@Z
?SaveBitmap2File@CLibFunc@@SAHPBDPAUHBITMAP__@@@Z
?SaveCurrentFace@@YAXPAVCDC@@AAPAVCBitmap@@HH@Z
?SaveCurrentFace@@YAXPAVCDC@@AAVCBitmap@@HH@Z
?SaveFile@CCressXML@@QAEHPBD@Z
?SelectNodeToList@CCressXML@@QAEHPBD@Z
?SelectNodeToList@CCressXML@@QAEHV?$_com_ptr_t@V?$_com_IIID@UIXMLDOMNode@MSXML2@@$1?_GUID_2933bf80_7b36_11d2_b20e_00c04f983e60@@3U__s_GUID@@A@@@@PBD@Z
?SetAttrValue@CCressXML@@QAEXPBD0@Z
?SetAutoSize@CHyperLink@@QAEXH@Z
?SetBackBitmap@CMenuXP@@QAEXPAUHBITMAP__@@@Z
?SetBackColor@CMenuXP@@QAEXK@Z
?SetBackData@CDlgResize@@QAEXPAVCBitmap@@UtagSIZE@@HK@Z
?SetBkColor@CGifBrowser@@QAEXK@Z
?SetBkColor@CGifCore@@QAEXK@Z
?SetBkColor@CGifWnd@@QAEXK@Z
?SetBkGroundColor@CXPMenu@@QAEXK@Z
?SetBoldTitle@CDlgResize@@QAEXH@Z
?SetBoldTitle@CResizeButton@@QAEXH@Z
?SetBtnStateInx@CResizeBtnEx@@QAEXH@Z
?SetBtnText@CDlgMessage@@QAEXPBD00@Z
?SetBtnsText@CDlgMessage@@QAEXPBD00@Z
?SetButtonRes@CDlgMessage@@QAEXPAVCBitmap@@HHH@Z
?SetCenterPoint@CGifPlayer@@IAEXUtagPOINT@@PAVCGifCore@@@Z
?SetColours@CHyperLink@@QAEXKKK@Z
?SetCurFace@CResizeButton@@QAEXPAVCBitmap@@HHH@Z
?SetCurFaceEx@CResizeBtnEx@@QAEHPAVCBitmap@@UtagPOINT@@HHHHH@Z
?SetCurFont@CDlgResize@@QAEXPAVCFont@@@Z
?SetDefaultCursor@CHyperLink@@IAEXXZ
?SetDisabledTextColor@CMenuXP@@QAEXK@Z
?SetDrawTitle@CResizeButton@@QAEXH@Z
?SetFunc_DrawMenuPic@CMenuXP@@QAEXP6AXPAVCDC@@VCRect@@PAXK@Z2K@Z
?SetGifNumberRes@CGifWnd@@QAEHPAVCBitmap@@HK@Z
?SetIconAreaColor@CMenuXP@@QAEXK@Z
?SetIconAreaColor@CXPMenu@@QAEXK@Z
?SetIconAreaWidth@CMenuXP@@QAEXH@Z
?SetIconAreaWidth@CXPMenu@@QAEXH@Z
?SetIconBitmap@CResizeButton@@QAEXPAVCBitmap@@HHHH@Z
?SetIconBmp@CDlgResize@@QAEXPAVCBitmap@@HH@Z
?SetLinkCursor@CHyperLink@@QAEXPAUHICON__@@@Z
?SetLogPath@CLog@@QAEXPBD0@Z
?SetMenuFont@CMenuXP@@QAEHUtagLOGFONTA@@@Z
?SetMenuItemSize@CXPMenu@@QAEXHH@Z
?SetMenuItemSize@CXPMenu@@QAEXUtagSIZE@@@Z
?SetMenuStyle@CMenuXP@@QAEXW4MENUSTYLE@1@@Z
?SetModelType@CDlgMessage@@QAEXHHHH@Z
?SetMsgColor@CDlgMessage@@QAEXK@Z
?SetMsgTextIntervalBorder@CDlgMessage@@QAEXEEEE@Z
?SetNumber@CGifWnd@@QAEXH@Z
?SetPicStyle@CMenuXP@@QAEXW4PICSTYLE@1@@Z
?SetPicture@CMenuXP@@QAEXPBD@Z
?SetPictureData@CMenuXP@@QAEXPAEH@Z
?SetPlayEffect@CGifPlayer@@QAEXH@Z
?SetPlaySound@CGifPlayer@@QAEXH@Z
?SetResPath@CGifPlayer@@QAEXPBD@Z
?SetResize@CDlgResize@@QAEXH@Z
?SetRoundRect@CDlgResize@@QAEXH@Z
?SetSelectedBarColor@CMenuXP@@QAEXK@Z
?SetSelectedBarColor@CXPMenu@@QAEXK@Z
?SetSelectedTextColor@CMenuXP@@QAEXK@Z
?SetSelectedTextColor@CXPMenu@@QAEXK@Z
?SetSideBarColor@CMenuXP@@QAEXKK@Z
?SetSideBarEndColor@CMenuXP@@QAEXK@Z
?SetSideBarStartColor@CMenuXP@@QAEXK@Z
?SetTextColor@CMenuXP@@QAEXK@Z
?SetTextColor@CXPMenu@@QAEXK@Z
?SetTitleColor@CDlgResize@@QAEXK@Z
?SetTitleColor@CResizeButton@@QAEXK@Z
?SetTitlePoint@CDlgResize@@QAEXHH@Z
?SetToolTipText@CResizeButton@@QAEXPBDHI@Z
?SetTransparent@CResizeButton@@QAEXH@Z
?SetTransparentAlpha@CLibFunc@@SAXPAVCWnd@@EK@Z
?SetURL@CHyperLink@@QAEXVCString@@@Z
?SetUnderline@CHyperLink@@QAEXH@Z
?SetVisited@CHyperLink@@QAEXH@Z
?SetWndMinSize@CDlgResize@@QAEXUtagSIZE@@@Z
?SetXMLTitle@CCressXML@@QAEXPBD@Z
?Show@CPicture2@@QAEHPAVCDC@@HHHH@Z
?Show@CPicture2@@QAEHPAVCDC@@VCPoint@@1HH@Z
?Show@CPicture2@@QAEHPAVCDC@@VCRect@@@Z
?ShowBitmapResource@CPicture2@@QAEHPAVCDC@@HVCPoint@@@Z
?ShowMessage@CDlgMessage@@QAEHPBD0HH@Z
?ShowPart@CPicture2@@QAEHPAVCDC@@HHHHHHHH@Z
?Size2Content@CResizeButton@@QAEXXZ
?Size2Gif@CGifPlayer@@QAEXPAVCGifCore@@@Z
?SkipNextBlock@CGifCore@@IAEHXZ
?SkipNextGraphicBlock@CGifCore@@IAEHXZ
?StartPlay1@CGifPlayer@@QAEHUtagPOINT@@0HPBDHH@Z
?StartPlay3@CGifPlayer@@QAEHUtagPOINT@@0HPBDJPBJ@Z
?StartPlayEx@CGifPlayer@@QAEHUtagPOINT@@0HPBDHHHJPBJ@Z
?StepFrame@CGifCore@@QAEHXZ
?Stop@CGifCore@@QAEXXZ
?ToggleSence@CGifPlayer@@IAEXH@Z
?TransInt2Char_Comma@CLibFunc@@SAXJAAVCString@@@Z
?TransVersionA2I@CLibFunc@@SAKPBD@Z
?TransVersionI2A@CLibFunc@@SA?AVCString@@K@Z
?TransparentBMP@CLibFunc@@SAXPAVCDC@@AAVCBitmap@@1HHHHH@Z
?TransparentBMP@CLibFunc@@SAXPAVCDC@@AAVCBitmap@@HHHHHH@Z
?TransparentBlt2@@YAXPAUHDC__@@HHHH0HHHHI@Z
?TransparentToDC@@YAXPAVCDC@@HHHHPAVCBitmap@@HHHHK@Z
?TransparentToDC@@YAXPAVCDC@@HHPAVCBitmap@@K@Z
?TransparentToDC@@YAXPAVCDC@@UtagRECT@@PAVCBitmap@@1K@Z
?UnLoad@CGifCore@@QAEXXZ
?UpdateSizeOnDC@CPicture2@@QAEHPAVCDC@@@Z
?Visite@CHyperLink@@QAEXVCString@@@Z
?_GetBaseClass@CMenuXP@@KGPAUCRuntimeClass@@XZ
?_GetBaseMessageMap@CDlgMessage@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CDlgResize@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CGifBrowser@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CGifPlayer@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CGifWnd@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CHyperLink@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CResizeButton@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CXPButton@@KGPBUAFX_MSGMAP@@XZ
?_messageEntries@CDlgMessage@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CDlgResize@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CGifBrowser@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CGifPlayer@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CGifWnd@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CHyperLink@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CResizeButton@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CXPButton@@0QBUAFX_MSGMAP_ENTRY@@B
?classCMenuXP@CMenuXP@@2UCRuntimeClass@@B
?g_Log@@3VCLog@@A
?loadbmpS@@YAHPBDAAVCBitmap@@@Z
?loadbmpS@@YAXABVCString@@AAVCBitmap@@PAH2@Z
?loadbmpS@@YAXIAAVCBitmap@@PAH1@Z
?messageMap@CDlgMessage@@1UAFX_MSGMAP@@B
?messageMap@CDlgResize@@1UAFX_MSGMAP@@B
?messageMap@CGifBrowser@@1UAFX_MSGMAP@@B
?messageMap@CGifPlayer@@1UAFX_MSGMAP@@B
?messageMap@CGifWnd@@1UAFX_MSGMAP@@B
?messageMap@CHyperLink@@1UAFX_MSGMAP@@B
?messageMap@CResizeButton@@1UAFX_MSGMAP@@B
?messageMap@CXPButton@@1UAFX_MSGMAP@@B

Sections

.text
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ccccc/DDVEC.dll
.dll windows:4 windows x86 arch:x86

ca5fb99e980e62a1857a755349a73a5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord4486
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord800
ord860
ord540
ord354
ord823
ord2915
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6375
ord3831
ord4274
ord269
ord826
ord600
ord1578
ord6467
ord1116

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
__CxxFrameHandler

kernel32

LocalFree
LocalAlloc

Exports

Exports

??0DE_DLL@@QAE@ABV0@@Z
??0DE_DLL@@QAE@XZ
??1DE_DLL@@UAE@XZ
??4DE_DLL@@QAEAAV0@ABV0@@Z
??_7DE_DLL@@6B@
?DC_File@DE_DLL@@QAEHPBD0@Z
?EC_File@DE_DLL@@QAEHPBD0@Z

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ccccc/Mshype.dll
.dll windows:5 windows x64 arch:x64

aa67991f78156e50acf280b67d6435d5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

e:\ProgramData\Program Files (x86)\最新\NewSetup\PassUAC64\Bin\PassUAC64.pdb

Imports

kernel32

DisableThreadLibraryCalls
ExpandEnvironmentStringsW
VirtualFree
VirtualAlloc
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
GetCurrentProcessId

user32

wsprintfW

msvcr90

_initterm_e
_encoded_null
_decode_pointer
_amsg_exit
_initterm
__CppXcptFilter
__crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_malloc_crt
_encode_pointer
fclose
fseek
ftell
fread
_wfopen
malloc
free
__C_specific_handler
memset

Exports

Exports

Process32First

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 98B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ccccc/Mshype.ini
ccccc/bhlog.dat
ccccc/jaing.bat
ccccc/t1.dat
ccccc/wuauclt.exe
.exe windows:4 windows x86 arch:x86

aa186e13bd427e7e88c66dbf4108f213

Code Sign

3c:91:31:cb:1f:f6:d0:1b:0e:9a:b8:d0:44:bf:12:be
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

29/01/1996, 00:00

Not After

02/08/2028, 23:59

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1f:cd:2b:e9:a7:d4:48:84:39:c3:df:8b:4d:d2:e8:ef
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

13/08/2009, 00:00

Not After

12/08/2012, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2a:10:ba:93:08:4d:2a:14:21:ca:6f:81:83:f8:fe:b0:48:92:88:69
Signer

Actual PE Digest

2a:10:ba:93:08:4d:2a:14:21:ca:6f:81:83:f8:fe:b0:48:92:88:69

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord4376
ord4853
ord4998
ord4710
ord6052
ord1775
ord5280
ord4425
ord3597
ord324
ord641
ord4234
ord3571
ord3584
ord3402
ord3711
ord783
ord800
ord860
ord4224
ord1146
ord1168
ord543
ord540
ord2135
ord6650
ord6591
ord6807
ord6857
ord6823
ord6855
ord6832
ord6859
ord6867
ord6847
ord6814
ord6839
ord6846
ord6858
ord6816
ord6815
ord6812
ord6845
ord6856
ord4589
ord4588
ord4899
ord4370
ord4892
ord6817
ord5076
ord4340
ord4347
ord4720
ord4889
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4963
ord4960
ord4108
ord6054
ord5281
ord3748
ord1725
ord5260
ord6614
ord6691
ord4432
ord6514
ord818
ord2841
ord803
ord2302
ord4299
ord2112
ord6199
ord6215
ord2614
ord2107
ord535
ord2864
ord4277
ord2763
ord537
ord858
ord3663
ord5683
ord5572
ord2919
ord4160
ord2863
ord2915
ord2393
ord941
ord5356
ord5808
ord1075
ord5204
ord6059
ord3229
ord389
ord823
ord755
ord5265
ord2818
ord3706
ord924
ord6197
ord2764
ord2566
ord4133
ord4297
ord5788
ord472
ord2753
ord922
ord5148
ord3752
ord3089
ord6128
ord3874
ord939
ord6803
ord2642
ord640
ord2405
ord5789
ord6172
ord5785
ord1640
ord323
ord5450
ord5440
ord6383
ord6394
ord6877
ord6930
ord4278
ord3790
ord5651
ord3616
ord665
ord3127
ord1979
ord6010
ord5186
ord350
ord354
ord6385
ord5645
ord5583
ord6597
ord6800
ord6478
ord6880
ord6453
ord6699
ord6835
ord1228
ord6663
ord809
ord556
ord1088
ord2122
ord3797
ord2859
ord1200
ord926
ord1949
ord4034
ord2820
ord3811
ord3626
ord825
ord567
ord1641
ord795
ord3721
ord4424
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord5163
ord1134
ord2621
ord2514
ord815
ord561
ord3738
ord4622
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4673
ord5277
ord2379
ord2385
ord6374
ord5875
ord2860
ord3619
ord4275
ord470
ord2414
ord5241
ord4407
ord1776
ord4078
ord6055
ord4129
ord1576

msvcrt

_XcptFilter
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
_mbsrchr
_mbsstr
strstr
_ltoa
_mbsnbicmp
vsprintf
_mbsicmp
fopen
fread
fclose
_purecall
_ftol
sprintf
_mbscmp
atol
atoi
__CxxFrameHandler
_setmbcp
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_exit

kernel32

IsBadWritePtr
VirtualQuery
GetModuleHandleA
FormatMessageA
SetUnhandledExceptionFilter
lstrcatA
lstrlenA
WinExec
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
CreateFileA
SetFilePointer
WriteFile
FlushFileBuffers
OutputDebugStringA
SetEvent
WaitForMultipleObjects
GetLastError
CloseHandle
WaitForSingleObject
Sleep
CreateEventA
CreateThread
LeaveCriticalSection
EnterCriticalSection
CopyFileA
DeleteFileA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetModuleFileNameA
DeleteCriticalSection
InitializeCriticalSection
GetStartupInfoA

user32

wvsprintfA
CopyIcon
FindWindowA
ReleaseDC
SetTimer
LoadIconA
LoadCursorA
SendMessageA
InflateRect
SetWindowLongA
AppendMenuA
ReleaseCapture
SetCursor
GetDC
RedrawWindow
SetCapture
MessageBeep
GetSysColor
GetParent
GetWindowRect
LoadImageA
IsWindowVisible
IsWindow
SetRect
OffsetRect
PtInRect
InvalidateRect
ShowScrollBar
SetWindowRgn
MessageBoxA
PostMessageA
KillTimer
SetWindowPos
DestroyIcon
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
EnableWindow

gdi32

GetTextExtentPoint32A
GetStockObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
CreateRoundRectRgn
CreateFontA
GetObjectA
CreateFontIndirectA

advapi32

RegOpenKeyExA
RegQueryValueA
RegCloseKey

shell32

ShellExecuteA
ShellExecuteExA
Shell_NotifyIconA

comctl32

_TrackMouseEvent

urlmon

URLDownloadToFileA

shlwapi

PathFileExistsA

ws2_32

setsockopt
recv
htons
connect
closesocket
socket
WSAGetLastError
gethostbyname
inet_addr
inet_ntoa
WSACleanup
WSAStartup
send

ddvec

?EC_File@DE_DLL@@QAEHPBD0@Z
??0DE_DLL@@QAE@XZ
??1DE_DLL@@UAE@XZ
?DC_File@DE_DLL@@QAEHPBD0@Z

ddvctrllib

??0CCressXML@@QAE@XZ
?LoadFile@CCressXML@@QAEHPBD@Z
?PaintToDC@@YAXPAVCDC@@HHHHPAVCBitmap@@HH@Z
?SelectNodeToList@CCressXML@@QAEHPBD@Z
?QueryNode@CCressXML@@QAE?AV?$_com_ptr_t@V?$_com_IIID@UIXMLDOMNode@MSXML2@@$1?_GUID_2933bf80_7b36_11d2_b20e_00c04f983e60@@3U__s_GUID@@A@@@@H@Z
?DrawBorder@CLibFunc@@SAXPAVCDC@@AAVCBitmap@@UtagPOINT@@UtagSIZE@@3HK@Z
?ADD_Log@CLog@@QAEXABVCString@@H@Z
?ADD_Log@CLog@@QAEXPBDHH@Z
?TransparentToDC@@YAXPAVCDC@@HHHHPAVCBitmap@@HHHHK@Z
??1CCressXML@@UAE@XZ
?loadbmpS@@YAHPBDAAVCBitmap@@@Z
?SetCurFace@CResizeButton@@QAEXPAVCBitmap@@HHH@Z
?LoadBitmapA@CResizeButton@@QAEHPBDHHH@Z
?Char2IntEx@CLibFunc@@SAHPBDPAHAAH@Z
?CharToColor@CLibFunc@@SAKPBDH@Z
??1CResizeButton@@UAE@XZ
??0CResizeButton@@QAE@XZ
?SetLogPath@CLog@@QAEXPBD0@Z
?g_Log@@3VCLog@@A
?GetAttrValueByName@CCressXML@@QAE?AVCString@@PBD@Z

wininet

InternetGetConnectedState

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

9193e923374d6485fe44601e06383b01

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

shell32

comctl32

ole32

olepro32

oleaut32

winmm

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 89KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 7KB

ca5fb99e980e62a1857a755349a73a5c

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 824B

.reloc Size: 4KB - Virtual size: 552B

aa67991f78156e50acf280b67d6435d5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

msvcr90

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 13KB - Virtual size: 14KB

.pdata Size: 512B - Virtual size: 468B

.rsrc Size: 1024B - Virtual size: 688B

.reloc Size: 512B - Virtual size: 98B

aa186e13bd427e7e88c66dbf4108f213

Code Sign

3c:91:31:cb:1f:f6:d0:1b:0e:9a:b8:d0:44:bf:12:beCertificate

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0dCertificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

1f:cd:2b:e9:a7:d4:48:84:39:c3:df:8b:4d:d2:e8:efCertificate

Extended Key Usages

Key Usages

2a:10:ba:93:08:4d:2a:14:21:ca:6f:81:83:f8:fe:b0:48:92:88:69Signer

Headers

File Characteristics

Imports

mfc42

.text
Size: 92KB - Virtual size: 89KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 824B

.reloc
Size: 4KB - Virtual size: 552B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 13KB - Virtual size: 14KB

.pdata
Size: 512B - Virtual size: 468B

.rsrc
Size: 1024B - Virtual size: 688B

.reloc
Size: 512B - Virtual size: 98B

3c:91:31:cb:1f:f6:d0:1b:0e:9a:b8:d0:44:bf:12:be
Certificate

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

1f:cd:2b:e9:a7:d4:48:84:39:c3:df:8b:4d:d2:e8:ef
Certificate

2a:10:ba:93:08:4d:2a:14:21:ca:6f:81:83:f8:fe:b0:48:92:88:69
Signer

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 16KB - Virtual size: 12KB