scriptox_v8[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

scriptox_v8.zip
Size

505KB
MD5

fe270038e9c632311dbb0c76a30fb745
SHA1

b40b9c912ae5789a82d440a41197190fe05b58da
SHA256

4abad92129964ec8495f08e3268510083a1357659102668169cf684046a2a8a1
SHA512

608de85134ec385adeb3abdf1aa47da1cf0fc90fbdc1aae3b64f0c94c983b8bab1923e4fa54d3102e32e811fb280bccb08603ab3398395f28331e3169ae55c3d
SSDEEP

12288:x+UPe6md4OaAjx0Php7PAoq8g+7s3U7Il:UUPHmdtae0Phfjsk7Il

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Scriptox V8.exe
unpack001/comdlg32.dll

Files

scriptox_v8.zip
.zip

Password: Ledgend
MSWINSCK.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

Password: Ledgend

cb0275eec9ac31b6d4d44320e576fadb

Code Sign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

wsock32

accept
listen
inet_ntoa
recv
WSAGetLastError
WSASetLastError
select
__WSAFDIsSet
shutdown
ntohs
sendto
recvfrom
connect
getsockopt
setsockopt
getsockname
getpeername
closesocket
WSACancelAsyncRequest
gethostbyaddr
bind
WSAAsyncSelect
socket
WSAStartup
WSACleanup
inet_addr
WSAAsyncGetHostByName
WSAAsyncGetHostByAddr
gethostbyname
htons
gethostname
ioctlsocket
send

kernel32

lstrlenW
GetFileAttributesA
GetModuleFileNameA
InitializeCriticalSection
HeapFree
HeapAlloc
GetProcessHeap
lstrcpynA
lstrcpyA
lstrlenA
lstrcatA
IsBadWritePtr
WideCharToMultiByte
GetVersion
LeaveCriticalSection
GetCurrentThreadId
EnterCriticalSection
LocalFree
FormatMessageA
GetTickCount
MultiByteToWideChar
SetLastError
GetProcAddress
GetLocaleInfoA
DeleteCriticalSection
FreeLibrary
DisableThreadLibraryCalls
lstrcmpA
InterlockedDecrement
GetWindowsDirectoryA
LoadLibraryA
HeapReAlloc
InterlockedIncrement
lstrcmpiA
GetLastError
LockResource
LoadResource
FindResourceA

user32

EndDialog
DialogBoxParamA
GetActiveWindow
MessageBoxA
DrawEdge
GetDC
CharNextA
LoadCursorA
wsprintfA
GetWindowRect
SetWindowPos
ShowWindow
IsDialogMessageA
GetWindow
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
IsChild
GetKeyState
SetParent
WinHelpA
IsWindowVisible
EndPaint
GetClientRect
BeginPaint
SendDlgItemMessageA
LoadStringA
ClientToScreen
OffsetRect
EqualRect
IntersectRect
SetWindowRgn
PtInRect
MessageBeep
LoadBitmapA
GetSystemMetrics
GetParent
CreateDialogIndirectParamA
GetDlgItemTextA
SetDlgItemInt
SendMessageA
DefWindowProcA
GetWindowLongA
DestroyWindow
KillTimer
SetTimer
UnregisterClassA
RegisterClassA
PeekMessageA
PostMessageA
SetDlgItemTextA
SetFocus
GetDlgItemInt
MoveWindow
SetWindowLongA
CreateWindowExA
ReleaseDC

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CreateOleAdviseHolder

advapi32

RegDeleteValueA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

SysAllocString
VariantChangeType
SysAllocStringLen
SysStringLen
SafeArrayRedim
RegisterTypeLi
LoadTypeLi
UnRegisterTypeLi
LoadTypeLibEx
OleCreatePropertyFrame
LoadRegTypeLi
SafeArrayDestroy
SafeArrayUnaccessData
SetErrorInfo
CreateErrorInfo
GetErrorInfo
SysFreeString
SysAllocStringByteLen
SafeArrayCreate
VariantClear
SafeArrayGetUBound
SafeArrayGetLBound
SysStringByteLen
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayGetDim
VariantInit

gdi32

GetDeviceCaps
CreateCompatibleDC
CreateRectRgnIndirect
GetWindowExtEx
GetViewportExtEx
DeleteDC
DeleteObject
GetObjectA
LPtoDP
SetMapMode
SetViewportExtEx
SetWindowExtEx
SetViewportOrgEx
SetWindowOrgEx
CreateDCA
BitBlt
SelectObject

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RICHTX32.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

Password: Ledgend

f879ec87b93340bacfa917edf4e1aee5

Code Sign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

shell32

DragAcceptFiles
DragFinish
DragQueryFileA

oledlg

ord1

kernel32

GlobalSize
GlobalUnlock
lstrcmpA
GetVersionExA
GlobalLock
FindResourceA
GlobalAlloc
GlobalFree
GetProcAddress
LoadResource
LockResource
HeapReAlloc
GetLocaleInfoA
GetWindowsDirectoryA
lstrcpynA
GetModuleFileNameA
lstrcatA
DisableThreadLibraryCalls
GetFileAttributesA
GetVersion
GetAtomNameA
FindAtomA
AddAtomA
IsBadWritePtr
DeleteAtom
InterlockedIncrement
FreeLibrary
LoadLibraryA
InterlockedDecrement
GetProcessHeap
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
WriteFile
GetLastError
ReadFile
LeaveCriticalSection
CreateFileA
lstrcpyA
HeapAlloc
lstrlenA
HeapFree
WideCharToMultiByte
lstrlenW
SetFilePointer
MultiByteToWideChar
IsDBCSLeadByte
CloseHandle
lstrcmpiA

user32

GetClipboardFormatNameA
PeekMessageW
ScreenToClient
PostMessageW
PeekMessageA
RegisterWindowMessageA
IsDlgButtonChecked
SetDlgItemInt
SetDlgItemTextA
CheckDlgButton
ReleaseCapture
LoadCursorA
SetCursor
SetFocus
CreateDialogIndirectParamA
SetCursorPos
MapWindowPoints
FillRect
PostMessageA
InvalidateRect
ValidateRect
SetRect
GetSysColor
InflateRect
GetClassInfoA
EnableMenuItem
TrackPopupMenu
GetWindow
GetWindowTextA
CharNextA
MessageBoxA
SendDlgItemMessageA
GetDlgItem
DispatchMessageA
TranslateMessage
WindowFromDC
IsChild
IsWindowEnabled
GetNextDlgTabItem
IsDialogMessageA
WinHelpA
MoveWindow
SetParent
BeginPaint
EndPaint
GetMenuItemCount
IsWindowVisible
DeleteMenu
IntersectRect
ShowWindow
SetWindowRgn
GetDlgItemTextA
EqualRect
GetDlgItemInt
SetWindowPos
GetWindowRect
SetWindowLongA
DestroyWindow
GetActiveWindow
UnregisterClassA
RemoveMenu
LoadMenuA
GetSubMenu
GetParent
DestroyMenu
GetFocus
IsWindow
DefWindowProcA
GetClientRect
RegisterClassA
LoadStringA
RegisterClipboardFormatA
GetCapture
GetCursorPos
EnableWindow
EndDialog
wsprintfA
GetKeyState
MessageBeep
CallWindowProcA
GetDC
GetSystemMetrics
ReleaseDC
UpdateWindow
SendMessageA
DialogBoxParamA
GetWindowLongA
CreateWindowExA
ClientToScreen
OffsetRect
PtInRect

ole32

DoDragDrop
RegisterDragDrop
CreateOleAdviseHolder
OleCreateFromFile
CLSIDFromProgID
OleCreate
OleSetContainedObject
StringFromCLSID
OleGetIconOfClass
CoGetMalloc
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleSaveToStream
OleLoadFromStream
RevokeDragDrop
CoTaskMemRealloc
ReleaseStgMedium
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

advapi32

RegEnumKeyExA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegCloseKey
RegOpenKeyExA

oleaut32

SafeArrayCopy
SafeArrayDestroy
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetUBound
VariantCopy
CreateErrorInfo
VariantCopyInd
OleCreatePropertyFrame
LoadTypeLibEx
SetErrorInfo
LoadTypeLi
RegisterTypeLi
UnRegisterTypeLi
SafeArrayPutElement
GetErrorInfo
SafeArrayCreate
LoadRegTypeLi
OleLoadPicture
OleCreatePictureIndirect
SysAllocStringLen
SysFreeString
OleCreateFontIndirect
SysStringLen
SysAllocString
VariantInit
VariantChangeType
VariantClear
OleTranslateColor
SafeArrayRedim

comdlg32

GetOpenFileNameA
CommDlgExtendedError

gdi32

GetNearestColor
CreateSolidBrush
DeleteObject
EnumFontFamiliesExA
StretchBlt
PatBlt
GetObjectType
GetBitmapBits
CreateDIBitmap
CreatePalette
SelectPalette
RealizePalette
GetObjectA
GetPaletteEntries
GetStockObject
GetDIBits
CopyEnhMetaFileA
CopyMetaFileA
CreateBitmap
LPtoDP
GetWindowExtEx
CreateDCA
CreateRectRgnIndirect
SetBkColor
GetViewportExtEx
GetClipBox
SetWindowExtEx
IntersectClipRect
SelectObject
CreateCompatibleBitmap
SetViewportExtEx
EndDoc
EndPage
DeleteDC
StartDocA
DPtoLP
StartPage
SetViewportOrgEx
SetMapMode
SetWindowOrgEx
GetMapMode
GetDeviceCaps
CreateICA
CreateCompatibleDC

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Scriptox V8.exe
.exe windows:4 windows x86 arch:x86

Password: Ledgend

7fd1aec7af1b9ee70de8a2f5771462ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaLateIdCall
__vbaLenBstr
__vbaStrVarMove
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
__vbaLenVar
_adj_fdiv_m32
__vbaVarIndexLoadRefLock
__vbaVarForInit
ord300
__vbaOnError
__vbaObjSet
ord595
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
__vbaVarIndexLoad
ord599
ord306
__vbaBoolVar
__vbaRefVarAry
__vbaBoolVarNull
_CIsin
ord632
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
ord529
__vbaStrCmp
__vbaVarTstEq
__vbaR4Str
__vbaObjVar
__vbaI2I4
DllFunctionCall
__vbaVarOr
__vbaVarLateMemSt
__vbaCastObjVar
_adj_fpatan
__vbaLateIdCallLd
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
__vbaPrintFile
ord712
_adj_fprem
_adj_fdivr_m64
__vbaI2Str
ord608
__vbaFPException
__vbaInStrVar
__vbaUbound
__vbaStrVarVal
__vbaVarCat
__vbaI2Var
_CIlog
__vbaErrorOverflow
__vbaFileOpen
ord648
__vbaR8Str
__vbaInStr
__vbaVarLateMemCallLdRf
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaI4Str
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaI4Var
__vbaVarCmpEq
__vbaLateMemCall
__vbaVarDup
__vbaFpI4
__vbaVarCopy
__vbaVarLateMemCallLd
ord617
_CIatan
__vbaStrMove
ord619
_allmul
__vbaLateIdSt
_CItan
ord546
__vbaAryUnlock
__vbaVarForNext
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 6.6MB - Virtual size: 6.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
comdlg32.dll
.dll windows:5 windows x86 arch:x86

Password: Ledgend

8771dfd9219c3aa3500334cc9093521c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

ord476
ord437
StrChrW
ord80
StrCmpW
ord16
ord355
PathFindExtensionW
ord197
PathFileExistsW
ord204
StrDupW
ord317
ord172
PathIsUNCW
UrlIsW
StrStrW
PathCombineW
PathMatchSpecW
PathGetDriveNumberW
SHOpenRegStream2W
ord219
ord346
StrCmpIW
ord461
StrRetToBufW
ord175
PathFindFileNameW
ord266
SHRegGetBoolUSValueW
wnsprintfW
wvnsprintfW
StrCatBuffW
PathRemoveBlanksW
PathIsRootW
StrRChrW
StrCpyNW
ord217
ord215
PathSkipRootW
PathAddBackslashW

kernel32

SetCurrentDirectoryW
lstrcpynW
lstrcpyA
FindResourceA
GetACP
GetProcAddress
GetModuleHandleW
MulDiv
lstrcmpW
GlobalFree
GlobalAlloc
DeleteCriticalSection
TlsFree
TlsAlloc
InitializeCriticalSection
DisableThreadLibraryCalls
DeleteFileW
GetTempFileNameW
GetProfileStringW
GetLocaleInfoW
GlobalUnlock
GlobalLock
GlobalReAlloc
FreeLibrary
InterlockedCompareExchange
LoadLibraryA
InterlockedDecrement
GetCurrentThreadId
InterlockedIncrement
GetSystemDefaultUILanguage
FindResourceExW
ExpandEnvironmentStringsW
FreeResource
CreateEventW
GetModuleFileNameW
LoadLibraryW
CreateThread
GetFullPathNameW
CreateFileW
GetFileAttributesW
FindNextFileW
LocalSize
WideCharToMultiByte
CloseHandle
WaitForSingleObject
ResetEvent
FreeLibraryAndExitThread
LocalReAlloc
SetEvent
GetDriveTypeW
lstrcatW
GetVersionExA
GetCurrentProcess
InterlockedExchange
GetModuleHandleA
DelayLoadFailureHook
GetVolumeInformationW
FindFirstFileW
FindClose
GetUserDefaultLCID
FormatMessageW
lstrcmpiW
GetCurrentDirectoryW
GetShortPathNameW
GetLastError
EnterCriticalSection
LeaveCriticalSection
GetProcessVersion
lstrlenW
lstrcpyW
SizeofResource
TlsGetValue
SetLastError
LocalAlloc
lstrlenA
MultiByteToWideChar
LocalFree
TlsSetValue
FindResourceW
LockResource
LoadResource
SetErrorMode

user32

DialogBoxIndirectParamW
CharPrevW
KillTimer
GetWindowTextLengthW
CreateDialogIndirectParamA
SetTimer
IsWindowVisible
MsgWaitForMultipleObjects
TranslateMessage
DispatchMessageW
CreatePopupMenu
DestroyMenu
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
PeekMessageW
EnumChildWindows
GetDlgCtrlID
wvsprintfW
SetWindowsHookExW
LoadAcceleratorsW
UnhookWindowsHookEx
CreateDialogIndirectParamW
GetSystemMenu
DeleteMenu
SetParent
CallNextHookEx
LockWindowUpdate
GetWindow
GetLastActivePopup
FindWindowExW
RedrawWindow
DrawTextW
DrawIcon
GetWindowPlacement
SetWindowPlacement
GetKeyState
LoadIconW
LoadImageW
RegisterClipboardFormatW
GetKeyboardLayout
DestroyWindow
GetDlgItemTextA
SetDlgItemTextA
CheckRadioButton
IsWindow
RegisterWindowMessageA
RegisterWindowMessageW
MessageBeep
IsDlgButtonChecked
CheckDlgButton
SetWindowTextW
DlgDirListW
SetDlgItemTextW
CharNextW
DefWindowProcW
GrayStringW
wsprintfW
GetWindowTextW
MessageBoxW
PostMessageW
CharLowerW
GetDialogBaseUnits
ScreenToClient
CreateWindowExW
GetWindowLongA
LoadStringW
GetSystemMetrics
ShowCursor
LoadCursorW
SetCursor
IntersectRect
EqualRect
GetSysColorBrush
InvalidateRect
IsWindowEnabled
WinHelpW
BeginPaint
EndPaint
SetPropW
PtInRect
SetCapture
ClipCursor
ValidateRect
ChildWindowFromPoint
SetFocus
GetDlgItemInt
SetDlgItemInt
RemovePropW
DialogBoxIndirectParamAorW
CreateDialogIndirectParamAorW
CharNextA
GetWindowLongW
FrameRect
GetSysColor
CopyRect
ReleaseDC
DrawFocusRect
InflateRect
GetDC
GetFocus
MapWindowPoints
GetClientRect
GetDlgItem
EndDialog
UpdateWindow
GetDlgItemTextW
SendDlgItemMessageW
SetWindowPos
EnableWindow
ShowWindow
MoveWindow
SetWindowLongW
GetWindowRect
DrawEdge
FillRect
GetParent
SendMessageW
GetPropW
CallWindowProcW
TranslateAcceleratorW

gdi32

CreateICW
CreateDCW
TranslateCharsetInfo
GetMapMode
DeleteObject
CreateSolidBrush
Rectangle
SelectObject
GetStockObject
CreatePen
GetNearestColor
DeleteDC
CreateCompatibleDC
RealizePalette
SelectPalette
PatBlt
BitBlt
LineTo
MoveToEx
CreateCompatibleBitmap
CreateDIBitmap
CreateDiscardableBitmap
GetObjectW
GetTextMetricsW
ExtTextOutW
SetBkMode
SetTextColor
SetBkColor
GetTextExtentPointW
EnumFontFamiliesExW
GetDeviceCaps
GetTextCharset
TextOutW
GetTextCharsetInfo
SetViewportExtEx
SetWindowExtEx
SetMapMode
ExcludeClipRect
CreateFontW
CreateRectRgnIndirect
SelectClipRgn
GetWindowExtEx
CreateFontIndirectW
GetCharWidth32W
GetViewportExtEx

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegQueryValueW
RegOpenKeyW

comctl32

ord16
ord412
ord413
ord410
PropertySheetW
CreatePropertySheetPageW
ord341
CreateToolbarEx
ImageList_Draw
ord328
ord329
ord334
ImageList_Destroy
ord338
ImageList_GetIconSize
InitCommonControlsEx
ord400
ord403
ord152
ord335
ord339
ord386
ord401
ord167
ord156
ord169

shell32

ord102
ord644
ord645
ord100
ord2
ord21
ord71
ord16
ord89
ord4
ord195
SHGetDesktopFolder
SHGetMalloc
SheChangeDirExW
SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
SHGetFileInfoW
SHGetPathFromIDListW
ord18
ord155
ord28
SHBindToParent
ord25
ord17
SHAddToRecentDocs
ord152
SHCreateShellItem
ord148
ord68
ord77
ord19
ord153
ord24
SHGetFolderLocation
ord190
ord173
ord42
ord654
ord714
ord96
ord755
ord95

ntdll

RtlUnwind
memmove
_wcsicmp
wcslen
wcsncpy
RtlUnicodeStringToAnsiString
RtlAnsiStringToUnicodeString
_chkstk
RtlUnicodeToMultiByteSize
RtlInitUnicodeString
RtlIsNameLegalDOS8Dot3

Exports

Exports

ChooseColorA
ChooseColorW
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
FindTextW
GetFileTitleA
GetFileTitleW
GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA
GetSaveFileNameW
LoadAlterBitmap
PageSetupDlgA
PageSetupDlgW
PrintDlgA
PrintDlgExA
PrintDlgExW
PrintDlgW
ReplaceTextA
ReplaceTextW
Ssync_ANSI_UNICODE_Struct_For_WOW
WantArrows
dwLBSubclass
dwOKSubclass

Sections

.text
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
readme.txt

Sharing

General

Malware Config

Signatures

Files

Password: Ledgend

Password: Ledgend

cb0275eec9ac31b6d4d44320e576fadb

Code Sign

Signer

Headers

File Characteristics

Imports

wsock32

kernel32

user32

ole32

advapi32

oleaut32

gdi32

Exports

Exports

Sections

.text Size: 66KB - Virtual size: 65KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 26KB - Virtual size: 25KB

.reloc Size: 5KB - Virtual size: 4KB

Password: Ledgend

f879ec87b93340bacfa917edf4e1aee5

Code Sign

Signer

Headers

File Characteristics

Imports

shell32

oledlg

kernel32

user32

ole32

advapi32

oleaut32

comdlg32

gdi32

Exports

Exports

Sections

.text Size: 114KB - Virtual size: 113KB

.data Size: 3KB - Virtual size: 2KB

.rsrc Size: 67KB - Virtual size: 67KB

.reloc Size: 7KB - Virtual size: 7KB

Password: Ledgend

7fd1aec7af1b9ee70de8a2f5771462ac

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 6.6MB - Virtual size: 6.6MB

.data Size: 4KB - Virtual size: 62KB

.rsrc Size: 4KB - Virtual size: 2KB

Password: Ledgend

8771dfd9219c3aa3500334cc9093521c

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

advapi32

comctl32

shell32

ntdll

Exports

Exports

Sections

.text Size: 173KB - Virtual size: 173KB

.data Size: 4KB - Virtual size: 13KB

.rsrc Size: 64KB - Virtual size: 64KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 66KB - Virtual size: 65KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 26KB - Virtual size: 25KB

.reloc
Size: 5KB - Virtual size: 4KB

.text
Size: 114KB - Virtual size: 113KB

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 67KB - Virtual size: 67KB

.reloc
Size: 7KB - Virtual size: 7KB

.text
Size: 6.6MB - Virtual size: 6.6MB

.data
Size: 4KB - Virtual size: 62KB

.rsrc
Size: 4KB - Virtual size: 2KB

.text
Size: 173KB - Virtual size: 173KB

.data
Size: 4KB - Virtual size: 13KB

.rsrc
Size: 64KB - Virtual size: 64KB

.reloc
Size: 9KB - Virtual size: 8KB