8e51a6e88ce8f0053968e3e8b9fbc322_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8e51a6e88ce8f0053968e3e8b9fbc322_JaffaCakes118
Size

1018KB
MD5

8e51a6e88ce8f0053968e3e8b9fbc322
SHA1

f62b68a715e9dbafe50ed64b122b0231afbdfaba
SHA256

59e28c0e3a6cd03bac47c2e1740260b3a46fdac5e637b325b4c447a2f01a6871
SHA512

a2c0d09079aadfad79ed398cf78012fbbd773ded960a2c7a1fe5de760ecd6af00dadf581b73b300ebc6c24771ab1ed7bc37ef558416c2548fb379a7dcd2e28c4
SSDEEP

24576:ZPxkK3//fsS9Fv5TZTxsX7+cQZarQX4cnKw7X:ZaK3nd9FvQwZarQX397X

Score

3^/10

Malware Config

Signatures

Unsigned PE 19 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/KillProcDLL.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/inetc.dll
unpack001/Coopen.scr
unpack001/CoopenActiveControl93.dll
unpack001/CoopenClient.cop
unpack001/CoopenDeskIcon.cop
unpack001/CoopenDownloader.cop
unpack001/CoopenModeA.cop
unpack001/CoopenModeB.cop
unpack001/CoopenModeC.cop
unpack001/CoopenModeD.cop
unpack001/CoopenPlayer.cop
unpack001/CoopenUI.cop
unpack001/CoopenUpdate.cop
unpack001/uninst.exe
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$PLUGINSDIR/KillProcDLL.dll

NSIS installer 4 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/uninst.exe	nsis_installer_1
static1/unpack001/uninst.exe	nsis_installer_2

Files

8e51a6e88ce8f0053968e3e8b9fbc322_JaffaCakes118
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:de:ec:c1:f1:8e:28:7a:52:4e:5a:6b:c8:8f:83:47
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

06/08/2008, 00:00

Not After

11/09/2009, 23:59

Subject

CN=Beijing Capital Online Network Technology CO.\, LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Technology,O=Beijing Capital Online Network Technology CO.\, LTD,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallFinishDlg.ini
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KillProcDLL.dll
.dll windows:4 windows x86 arch:x86

153027ec3b10bcea606b777657dd3402

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExA
TerminateProcess
OpenProcess
LoadLibraryA
CloseHandle
GetProcAddress
FreeLibrary
GlobalFree
lstrcpyA
DisableThreadLibraryCalls

msvcrt

strcmp
_strupr
toupper
strlen
free
_initterm
malloc
_adjust_fdiv
strcpy
_itoa

Exports

Exports

KillProc

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/PartnerDlg.ini
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/inetc.dll
.dll windows:4 windows x86 arch:x86

3f1149a3053980fe6b461521d2b55a2c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_mbschr
_adjust_fdiv
malloc
_initterm
free
_mbsrchr
strtoul
memset
_mbsstr
strtol

kernel32

CloseHandle
CreateThread
WaitForSingleObject
TerminateThread
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc
LoadLibraryA
GetProcAddress
lstrlenA
WriteFile
ReadFile
lstrcmpA
lstrcpynA
GetLastError
GlobalFree
lstrcmpiA
DeleteFileA
SleepEx
SetFilePointer
GetTickCount
lstrcatA
GetFileSize
CreateFileA

user32

MessageBoxA
GetParent
ShowWindow
PostMessageA
SetWindowTextA
GetWindowTextA
IsWindow
GetDlgItem
SetDlgItemTextA
SendDlgItemMessageA
SetWindowPos
SystemParametersInfoA
GetClientRect
GetWindowRect
SetTimer
LoadIconA
SetWindowLongA
GetWindowLongA
UpdateWindow
DestroyWindow
KillTimer
RedrawWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
IsWindowVisible
EnableWindow
CreateDialogParamA
FindWindowExA
wsprintfA
SendMessageA

wininet

HttpSendRequestA
HttpSendRequestExA
HttpQueryInfoA
FtpCreateDirectoryA
FtpOpenFileA
InternetGetLastResponseInfoA
InternetSetFilePointer
InternetSetOptionA
InternetQueryOptionA
InternetCloseHandle
InternetErrorDlg
HttpOpenRequestA
HttpAddRequestHeadersA
HttpEndRequestA
InternetConnectA
InternetCrackUrlA
InternetOpenA
InternetReadFile
InternetWriteFile

comctl32

ord17

Exports

Exports

get
head
post
put

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
Coopen.exe
.exe windows:4 windows x86 arch:x86

71bea63192d6547ada1020f64a3eaabe

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:de:ec:c1:f1:8e:28:7a:52:4e:5a:6b:c8:8f:83:47
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

06/08/2008, 00:00

Not After

11/09/2009, 23:59

Subject

CN=Beijing Capital Online Network Technology CO.\, LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Technology,O=Beijing Capital Online Network Technology CO.\, LTD,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
GetTickCount
FreeLibrary
SetFileAttributesW
GetFileAttributesW
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceW
GetModuleHandleW
ExpandEnvironmentStringsW
Sleep
GlobalMemoryStatus
GetVersionExW
GetModuleFileNameW
CreateEventW
InitializeCriticalSection
GetProcAddress
CloseHandle
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
SetEvent
DeviceIoControl
CreateFileA
SetPriorityClass
GetCurrentProcess
ReleaseMutex
GetLastError
CreateMutexW
GetCurrentProcessId
TerminateProcess
OpenProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
DeleteCriticalSection
GetStartupInfoW
GetPrivateProfileStringW
GetPrivateProfileIntW
WritePrivateProfileStringW
CreateDirectoryW
SetCurrentDirectoryW
WriteFile
CreateFileW
CopyFileW
FindFirstFileW
FindClose
WideCharToMultiByte
MultiByteToWideChar
GetSystemDirectoryW

user32

CloseWindow
MessageBoxW
GetWindow
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
FindWindowExW
ShowWindow
wsprintfA
IsCharAlphaNumericW
SendMessageW
FindWindowW

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetMalloc
SHGetSpecialFolderPathW
ShellExecuteW

ole32

CoCreateInstance
CoInitialize
CoUninitialize
CoCreateGuid

iphlpapi

GetAdaptersInfo

rpcrt4

RpcStringFreeW
UuidToStringW

msvcrt

__CxxFrameHandler
wcscpy
??2@YAPAXI@Z
_ftol
_beginthreadex
wcscmp
swscanf
_vsnwprintf
wcsncpy
_wcslwr
_exit
_XcptFilter
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
?terminate@@YAXXZ
_controlfp
_purecall
??3@YAXPAX@Z
wcslen

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Coopen.scr
.exe windows:4 windows x86 arch:x86

e72250ea56186d802eb3d9c07e245036

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
FreeLibrary
GetProcAddress
LoadLibraryA
GetVersionExA
SetThreadPriority
GetModuleFileNameA
WritePrivateProfileStringA
GetStartupInfoA
GetModuleHandleA
GetCommandLineA
GetFileSize
ReadFile
GlobalAlloc
GlobalLock
GlobalUnlock
MultiByteToWideChar
GlobalFree
GetTickCount
Sleep
CreateThread
SetEvent
WideCharToMultiByte
OutputDebugStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
CreateFileA
WaitForSingleObject
CloseHandle
CreateEventA
GetSystemDirectoryA
ExpandEnvironmentStringsA

user32

wsprintfA
GetClientRect
FillRect
BeginPaint
GetWindowRect
ReleaseDC
GetDC
DispatchMessageA
TranslateMessage
GetMessageA
UpdateWindow
ShowWindow
MessageBoxA
RegisterClassA
LoadIconA
LoadCursorA
SystemParametersInfoA
PostQuitMessage
PostMessageA
GetSystemMetrics
CreateWindowExA
AdjustWindowRect
SetTimer
KillTimer
SetCursor
DefWindowProcA
EndPaint

gdi32

GetDeviceCaps
CreateDCA
StretchBlt
SetStretchBltMode
GetStockObject
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
SelectPalette
RealizePalette
GetDIBits
DeleteObject
SelectObject
DeleteDC
TextOutA

advapi32

RegQueryValueExA
RegOpenKeyA
RegQueryValueA
RegCloseKey
RegCreateKeyExA

ole32

StringFromGUID2
CoCreateInstance
CreateStreamOnHGlobal
CoUninitialize
CoInitialize

oleaut32

OleLoadPicture

msvcp60

?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

msvcrt

__getmainargs
_acmdln
exit
_XcptFilter
_exit
free
atoi
isdigit
atol
_initterm
_except_handler3
time
srand
rand
_mbscmp
??2@YAPAXI@Z
__CxxFrameHandler
strstr
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
memmove

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
CoopenActiveControl93.dll
.dll regsvr32 windows:4 windows x86 arch:x86

21ff833d60b457bc81311d440ac0daa9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GetModuleFileNameW
ExpandEnvironmentStringsW
CreateDirectoryW
CreateFileW
CloseHandle
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetCurrentProcess
FlushInstructionCache
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenW
DisableThreadLibraryCalls
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
LocalFree

user32

PtInRect
UnionRect
SetFocus
GetKeyState
GetFocus
IsChild
GetClientRect
FindWindowW
SendMessageW
wsprintfW
CreateWindowExW
CallWindowProcW
GetWindowLongW
SetWindowLongW
BeginPaint
DefWindowProcW
EndPaint
InvalidateRect
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
IsWindow
DestroyWindow
GetParent
ShowWindow

gdi32

GetDeviceCaps
LPtoDP
SetMapMode
SetViewportOrgEx
TextOutW
SetTextAlign
Rectangle
CreateRectRgnIndirect
CloseMetaFile
DeleteMetaFile
RestoreDC
SetWindowExtEx
SetWindowOrgEx
SaveDC
CreateMetaFileW
DeleteDC

advapi32

RegQueryValueExW
RegCloseKey
RegCreateKeyExW

shell32

SHGetSpecialFolderPathW
ShellExecuteW

ole32

OleRegGetMiscStatus
CreateDataAdviseHolder
CoTaskMemFree
CreateOleAdviseHolder
CoTaskMemAlloc
OleRegGetUserType
OleRegEnumVerbs

oleaut32

SysStringByteLen
SysAllocStringByteLen
SysAllocString
VariantClear
SysStringLen
LoadRegTypeLi
SysFreeString
OleCreatePropertyFrame

atl

ord30
ord45
ord31
ord27
ord26
ord58
ord50
ord44
ord43
ord16
ord21
ord32
ord57
ord15
ord51
ord23
ord18

msvcp60

?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@IIABV?$allocator@G@1@@Z
?rfind@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGII@Z
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGII@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
??8std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z

msvcrt

wcslen
wcscpy
fclose
malloc
realloc
memset
memcmp
??2@YAPAXI@Z
memcpy
??1type_info@@UAE@XZ
_adjust_fdiv
_purecall
_initterm
_CxxThrowException
free
wcscat
fgetws
_wfopen
swprintf
fwprintf
_wtoi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CoopenAir.exe
.exe windows:4 windows x86 arch:x86

9b2e242fc401bacddbbc32c869ae5e7f

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:de:ec:c1:f1:8e:28:7a:52:4e:5a:6b:c8:8f:83:47
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

06/08/2008, 00:00

Not After

11/09/2009, 23:59

Subject

CN=Beijing Capital Online Network Technology CO.\, LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Technology,O=Beijing Capital Online Network Technology CO.\, LTD,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoW
ExitProcess
RtlUnwind
TerminateProcess
HeapFree
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
GetACP
GetOEMCP
SetEnvironmentVariableA
FormatMessageW
FindResourceA
GlobalAddAtomA
GetProfileStringA
GetFileTime
GetFileSize
GetFileAttributesW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
GetCurrentProcess
DuplicateHandle
SetErrorMode
FileTimeToLocalFileTime
FileTimeToSystemTime
GetTickCount
SizeofResource
GetProcessVersion
WritePrivateProfileStringW
GlobalFlags
lstrcmpiW
GetThreadLocale
MulDiv
SetLastError
lstrcpynW
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
InterlockedDecrement
GlobalUnlock
GetModuleHandleA
LoadLibraryA
FreeLibrary
lstrlenA
MultiByteToWideChar
GetVersion
lstrcatW
GlobalAddAtomW
GlobalFindAtomW
lstrcpyW
GetModuleHandleW
GetProcAddress
FindResourceW
LoadResource
LockResource
GlobalFree
GetModuleFileNameW
GlobalLock
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
lstrlenW
WideCharToMultiByte
GetCurrentThread
GetCurrentThreadId
CompareStringW
InterlockedIncrement
ReleaseMutex
CloseHandle
CreateMutexW
GetLastError
CreateEventW
HeapCreate
ResetEvent

user32

InflateRect
RegisterClipboardFormatW
InvalidateRect
CharUpperW
PostThreadMessageW
SetFocus
AdjustWindowRectEx
ScreenToClient
GetCapture
WinHelpW
wsprintfW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextW
GetDlgCtrlID
DefWindowProcW
DestroyWindow
CreateWindowExW
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
GetMessageTime
GetMessagePos
GetForegroundWindow
SetWindowLongW
GetSysColorBrush
OffsetRect
IntersectRect
SystemParametersInfoW
GetWindowPlacement
GetWindowRect
MapDialogRect
SetWindowPos
SetWindowContextHelpId
IsDialogMessageW
MessageBeep
GetNextDlgGroupItem
GetWindow
GetTopWindow
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageW
GetCursorPos
SetWindowsHookExW
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongW
PostMessageW
GetDesktopWindow
FindWindowW
PostQuitMessage
UnregisterClassW
GetWindowTextLengthA
HideCaret
ShowCaret
MessageBoxW
SetCursor
SetForegroundWindow
CopyRect
EnableWindow
KillTimer
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuW
PtInRect
RegisterWindowMessageW
GetClassNameW
SendMessageW
RegisterHotKey
ExcludeUpdateRgn
GetWindowTextA
DrawTextA
DrawFocusRect
GetClassInfoA
DefDlgProcA
DefWindowProcA
CharNextA
CallWindowProcA
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA
GetPropA
IsWindow
LoadIconW
SetTimer
LoadCursorW
CharNextW
GrayStringW
DrawTextW
TabbedTextOutW
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
DestroyMenu
LoadStringW
ModifyMenuW
ShowWindow
MoveWindow
SetWindowTextW
SetActiveWindow
ReleaseDC
SetRect
CopyAcceleratorTableW
EndDialog
CreateDialogIndirectParamW
UpdateWindow
SendDlgItemMessageW
SendDlgItemMessageA
MapWindowPoints
IsChild
GetSysColor
GetDC

gdi32

SetBkMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
GetStockObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
GetTextColor
GetBkColor
GetMapMode
PatBlt
SelectObject
RestoreDC
SaveDC
DeleteDC
SetMapMode
LPtoDP
DPtoLP
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateDIBitmap
ExtTextOutA
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateBitmap

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW

comctl32

ord17

oledlg

OleUIBusyW

ole32

CoFreeUnusedLibraries
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

VariantCopy
VariantChangeType
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString
SysAllocString
VariantInit
SysStringLen

wininet

InternetGetConnectedState
InternetCheckConnectionW

winmm

timeGetTime

Exports

Exports

?interfaceMap@CCustomControlSite@@1UAFX_INTERFACEMAP@@B

Sections

.text
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
CoopenClient.Config
CoopenClient.cop
.dll windows:4 windows x86 arch:x86

ef6eb1d469e3cce28ec031b22c28267e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
CreateDirectoryW
FindFirstFileW
FindClose
GetPrivateProfileStringW
GetPrivateProfileIntW
WritePrivateProfileStringW
ExpandEnvironmentStringsW
CopyFileW
CreateFileW
CloseHandle
DeleteCriticalSection
InitializeCriticalSection
GetSystemDirectoryW
ReadFile
GetLocalTime
lstrlenW
GetModuleFileNameW
DeleteFileW
MultiByteToWideChar
GetCurrentDirectoryW
GetModuleHandleW

user32

CloseWindow
EnableWindow
GetDlgItem
SendMessageW
UpdateWindow
BeginPaint
EndPaint
SetActiveWindow
wsprintfW
LoadImageW
GetDoubleClickTime
GetClientRect
mouse_event
SetForegroundWindow
EndDialog
GetDlgItemInt
GetWindowLongW
MoveWindow
SetDlgItemInt
LoadIconW
SetClassLongW
CreateDialogParamW
SetWindowLongW
PostQuitMessage
SetFocus
KillTimer
GetCursorPos
MessageBoxW
DefWindowProcW
GetWindowRect
SystemParametersInfoW
GetSystemMetrics
SetWindowPos
SetTimer
ShowWindow
SetWindowTextW

gdi32

CreateFontIndirectW
SetBkMode
SetTextColor
TextOutW
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
DeleteObject
GetObjectW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetSpecialFolderPathW
ShellExecuteW
Shell_NotifyIconW

ole32

CoInitialize
CoCreateInstance
CoUninitialize

msvcrt

__CxxFrameHandler
_initterm
free
_wfopen
fread
fclose
??2@YAPAXI@Z
_adjust_fdiv
??3@YAXPAX@Z
wcscpy
_wtoi
wcscat
wcslen
_ftol
_purecall
time
_tzset
rand
wcscmp
swscanf
_vsnwprintf
wcsncpy
_wcslwr
malloc

Exports

Exports

CreatePlugInInstance
DestroyPlugInInstance

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CoopenDeskIcon.Config
CoopenDeskIcon.cop
.dll windows:4 windows x86 arch:x86

1aa97bacd0fb53c089a2765813d70373

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

FindWindowW
FindWindowExW
SystemParametersInfoW
CloseWindow
WindowFromPoint
ShowWindow

kernel32

EnterCriticalSection
LeaveCriticalSection
ExitProcess
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
GetModuleFileNameW
WriteFile
MultiByteToWideChar
WideCharToMultiByte
RtlUnwind
GetCommandLineA
GetVersion
InterlockedDecrement
InterlockedIncrement
HeapAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
HeapFree
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
GetProcAddress
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
SetFilePointer
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers

Exports

Exports

CreatePlugInInstance
DestroyPlugInInstance

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CoopenDownloader.Config
CoopenDownloader.cop
.dll windows:4 windows x86 arch:x86

aacd4b2c5f08262eb8ea6b9f503173d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
GetLastError
GetLocalTime
SetFileTime
Sleep
WriteFile
CreateFileW
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileAttributesW
SetEvent
ResetEvent
MultiByteToWideChar
GetTickCount
GetModuleHandleW
EnterCriticalSection
CloseHandle
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
SetStdHandle
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateEventW
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
VirtualAlloc
GetProcAddress
RaiseException
LCMapStringW
LCMapStringA
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
ExitProcess
GetModuleFileNameW
WideCharToMultiByte
GetFileAttributesW
DeleteFileW
ReadFile
FlushFileBuffers
SetFilePointer
GetFileSize
SetEndOfFile
ExpandEnvironmentStringsW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
CreateDirectoryW
GetCurrentProcess
RtlUnwind
CreateThread
GetCurrentThreadId
TlsSetValue
ExitThread
GetTimeZoneInformation
GetSystemTime
GetCommandLineA
GetVersion
InterlockedDecrement
InterlockedIncrement
HeapAlloc
HeapFree
TlsAlloc
TlsFree
SetLastError
TlsGetValue
TerminateProcess
UnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA

user32

SetWindowTextW
wsprintfW
MessageBoxW
CloseWindow
GetWindowLongW
GetWindowTextW
SetFocus
DestroyWindow
SystemParametersInfoW
GetWindowRect
MoveWindow
LoadIconW
SetClassLongW
SendMessageW
GetDlgItem
EnableWindow
CreateDialogParamW
SetWindowLongW
ShowWindow
SetForegroundWindow

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

wininet

InternetOpenUrlW
InternetGetConnectedState
InternetGetLastResponseInfoW
InternetReadFile
HttpQueryInfoW
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetSetOptionW

shlwapi

StrToIntW

Exports

Exports

CreatePlugInInstance
DestroyPlugInInstance

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CoopenModeA.Config
CoopenModeA.cop
.dll windows:4 windows x86 arch:x86

952c1029f0bb5c79ccb866b39c233f17

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
HeapSize
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
SetStdHandle
CreateDirectoryW
ExpandEnvironmentStringsW
RaiseException
HeapAlloc
HeapFree
TerminateProcess
ExitProcess
GetCommandLineA
RtlUnwind
SetFileAttributesW
GetFileSize
GetFileAttributesW
FindFirstFileW
FindClose
DeleteFileW
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
GetCurrentProcess
GetProcessVersion
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GlobalFlags
lstrcmpiW
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
FindNextFileW
lstrcpynW
MulDiv
SetLastError
GetModuleHandleA
LoadLibraryA
FreeLibrary
GetVersion
lstrcatW
GlobalAddAtomW
GlobalFindAtomW
lstrcpyW
GetModuleHandleW
GetProcAddress
InterlockedDecrement
InterlockedIncrement
LocalFree
lstrlenA
MultiByteToWideChar
GlobalUnlock
GlobalFree
LockResource
FindResourceW
LoadResource
CloseHandle
GetModuleFileNameW
GlobalLock
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
lstrlenW
WideCharToMultiByte
GetCurrentThread
GetCurrentThreadId
GetCurrentDirectoryW
GetLastError
GetTickCount
GetLocalTime
SetUnhandledExceptionFilter
CopyFileW

user32

TabbedTextOutW
DrawTextW
GrayStringW
UnregisterClassW
GetClassNameW
PtInRect
LoadCursorW
GetSysColorBrush
LoadStringW
DestroyMenu
CopyRect
GetTopWindow
GetCapture
WinHelpW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
DefWindowProcW
CreateWindowExW
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SystemParametersInfoW
IsIconic
GetWindowPlacement
SetFocus
ShowWindow
SetWindowPos
MoveWindow
SetWindowLongW
GetWindowTextW
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
GetSystemMetrics
GetWindowRect
MessageBoxW
GetCursorPos
RemovePropW
wsprintfW
WindowFromDC
GetDC
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageW
SetWindowsHookExW
GetLastActivePopup
IsWindowEnabled
GetWindowLongW
ClientToScreen
ReleaseDC
LoadIconW
SendDlgItemMessageA
MapWindowPoints
GetSysColor
RegisterWindowMessageW
AdjustWindowRectEx
SetCursor
PostMessageW
PostQuitMessage
ReleaseCapture
GetParent
UpdateWindow
ClipCursor
SetCapture
GetClientRect
IntersectRect
EnableWindow
SendMessageW
keybd_event
GetDlgCtrlID

gdi32

ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
DeleteObject
SetViewportExtEx
GetDeviceCaps
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
CreateEllipticRgn

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW

shell32

SHGetSpecialFolderPathW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteW
SHFileOperationW

comctl32

ImageList_DragLeave
ImageList_EndDrag
ImageList_DragMove
ord17
ImageList_DragEnter
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Destroy
ImageList_Create
ImageList_DragShowNolock

ole32

CoUninitialize
CoInitialize

shlwapi

StrToIntW

Exports

Exports

CreatePlugInInstance
DestroyPlugInInstance

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CoopenModeB.Config
CoopenModeB.cop
.dll windows:4 windows x86 arch:x86

8890de11eeebd01ff3063d17312e4007

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
HeapReAlloc
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
SetStdHandle
CreateDirectoryW
ExpandEnvironmentStringsW
HeapSize
RaiseException
HeapAlloc
HeapFree
TerminateProcess
ExitProcess
GetCommandLineA
RtlUnwind
GetFileSize
GetFileAttributesW
FindFirstFileW
FindClose
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
GetCurrentProcess
GetProcessVersion
GetLastError
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GlobalFlags
lstrcmpiW
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
FindNextFileW
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
lstrcpynW
MulDiv
SetLastError
LocalFree
InterlockedDecrement
InterlockedIncrement
GetModuleHandleA
LoadLibraryA
FreeLibrary
lstrlenA
MultiByteToWideChar
GetVersion
lstrcatW
GlobalAddAtomW
GlobalFindAtomW
lstrcpyW
GetModuleHandleW
GetProcAddress
GlobalUnlock
GlobalFree
LockResource
FindResourceW
LoadResource
CloseHandle
GetModuleFileNameW
GlobalLock
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
lstrlenW
WideCharToMultiByte
GetCurrentThread
GetCurrentThreadId
GetCurrentDirectoryW
CopyFileW

user32

TabbedTextOutW
DrawTextW
GrayStringW
UnregisterClassW
GetClassNameW
PtInRect
LoadCursorW
GetSysColorBrush
LoadStringW
DestroyMenu
MapWindowPoints
GetSysColor
AdjustWindowRectEx
CopyRect
GetTopWindow
GetCapture
WinHelpW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
DefWindowProcW
CreateWindowExW
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
GetMessageTime
GetMessagePos
GetForegroundWindow
GetWindow
RegisterWindowMessageW
SystemParametersInfoW
IsIconic
GetWindowPlacement
SetFocus
ShowWindow
SetWindowPos
MoveWindow
GetDlgCtrlID
GetWindowTextW
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageW
GetSystemMetrics
GetWindowRect
SendMessageW
wsprintfW
EnableWindow
IntersectRect
GetClientRect
SetCapture
ClipCursor
TranslateMessage
DispatchMessageW
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageW
GetCursorPos
ClientToScreen
GetDC
ReleaseDC
LoadIconW
SetForegroundWindow
SendDlgItemMessageA
SetWindowsHookExW
GetLastActivePopup
IsWindowEnabled
GetWindowLongW
MessageBoxW
SetCursor
PostMessageW
PostQuitMessage
ReleaseCapture
GetParent
UpdateWindow
SetWindowLongW

gdi32

ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
DeleteObject
SetViewportExtEx
GetDeviceCaps
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
CreateEllipticRgn

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW

shell32

SHGetSpecialFolderPathW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteW

comctl32

ImageList_DragLeave
ImageList_EndDrag
ImageList_DragMove
ord17
ImageList_DragEnter
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Destroy
ImageList_Create
ImageList_DragShowNolock

ole32

CoUninitialize
CoInitialize

Exports

Exports

CreatePlugInInstance
DestroyPlugInInstance

Sections

.text
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CoopenModeC.Config
CoopenModeC.cop
.dll windows:4 windows x86 arch:x86

31ae49cb543ad1e0a80cd8b5410371cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLocalTime
GetLastError
GetModuleHandleW
CopyFileW
GetTickCount
FindNextFileW
FindFirstFileW
FindClose
SetEndOfFile
GetFileSize
SetFilePointer
FlushFileBuffers
ReadFile
DeleteFileW
SetFileAttributesW
GetPrivateProfileStringW
GetPrivateProfileIntW
WritePrivateProfileStringW
ExpandEnvironmentStringsW
GetFileAttributesW
CreateDirectoryW
WriteFile
CreateFileW
CloseHandle
GetModuleFileNameW
DeleteCriticalSection
InitializeCriticalSection

user32

wsprintfW
GetDC
WindowFromDC
keybd_event
GetWindowLongW
KillTimer
SetWindowTextW
SetWindowLongW
GetWindowRect
SetDlgItemTextW
MoveWindow
LoadIconW
SetClassLongW
SetTimer
DestroyWindow
ShowWindow
MessageBoxW
CreateDialogParamW
GetCursorPos
CloseWindow
IsWindow

comdlg32

GetSaveFileNameW

shell32

SHFileOperationW

shlwapi

StrToIntW

msvcrt

fclose
fread
_wfopen
_except_handler3
?terminate@@YAXXZ
__dllonexit
_onexit
free
_initterm
malloc
_adjust_fdiv
_wcslwr
wcsncpy
_vsnwprintf
wcscmp
wcscpy
swscanf
wcslen
_purecall
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler

Exports

Exports

CreatePlugInInstance
DestroyPlugInInstance

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CoopenModeD.Config
CoopenModeD.cop
.dll windows:4 windows x86 arch:x86

7e2cb4e824c0b8ec559d9842a9eb2b60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
GetLocalTime
CopyFileW
FindNextFileW
FindFirstFileW
FindClose
SetEndOfFile
GetFileSize
SetFilePointer
FlushFileBuffers
ReadFile
DeleteFileW
SetFileAttributesW
GetPrivateProfileStringW
GetPrivateProfileIntW
WritePrivateProfileStringW
ExpandEnvironmentStringsW
GetFileAttributesW
CreateDirectoryW
WriteFile
GetModuleFileNameW
CreateFileW
CloseHandle
DeleteCriticalSection
InitializeCriticalSection
GetTickCount

user32

GetDC
WindowFromDC
MessageBoxW
wsprintfW
CloseWindow

comdlg32

GetSaveFileNameW

shell32

ShellExecuteW
SHFileOperationW
SHGetSpecialFolderPathW

shlwapi

StrToIntW

msvcrt

_adjust_fdiv
malloc
_initterm
free
?terminate@@YAXXZ
_except_handler3
_wfopen
fread
fclose
_wcslwr
wcsncpy
_vsnwprintf
wcscmp
wcscpy
wcslen
_purecall
__CxxFrameHandler
??3@YAXPAX@Z
??2@YAPAXI@Z

Exports

Exports

CreatePlugInInstance
DestroyPlugInInstance

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CoopenPlayer.Config
CoopenPlayer.cop
.dll windows:4 windows x86 arch:x86

02455ec5c7bdabf7ec2cf20d6f6e19c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileStringW
GetPrivateProfileIntW
WritePrivateProfileStringW
ExpandEnvironmentStringsW
GetLastError
FindNextFileW
FindFirstFileW
FindClose
GetFileAttributesW
CreateDirectoryW
GetModuleFileNameW
LocalFree
lstrlenA
MultiByteToWideChar
GetProcAddress
DeleteCriticalSection
WaitForSingleObject
OpenProcess
Sleep
CopyFileW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
CreateFileW
ReadFile
WriteFile
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetModuleHandleW
FindResourceW
SizeofResource
LoadResource
LockResource
FreeResource
DeleteFileW
OpenEventW
CloseHandle
InterlockedDecrement
FreeLibrary
LoadLibraryW
SetFileAttributesW

user32

SetCursor
LoadCursorW
KillTimer
PostMessageW
GetDesktopWindow
MessageBoxW
FillRect
DestroyWindow
PtInRect
GetClientRect
ShowWindow
wsprintfW
WindowFromPoint
SetParent
GetWindowRect
GetWindowThreadProcessId
GetDC
ReleaseDC
SystemParametersInfoW
DrawTextExW
FindWindowW
GetWindowTextW
GetAncestor
MoveWindow
GetWindowLongW
SetWindowLongW
CloseWindow
GetSystemMetrics
InvalidateRect
GetClassNameW
UpdateWindow
GetForegroundWindow
SendMessageW
SetWindowPos
EndPaint
BeginPaint
DrawTextW
IsWindowVisible
GetCursorPos
CreateWindowExW
RegisterClassExW
LoadIconW
DefWindowProcW
SetTimer

gdi32

CreateCompatibleDC
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
GetTextMetricsW
SetBkMode
SetBkColor
SetTextColor
GetObjectA
CreateCompatibleBitmap
CreateSolidBrush
GetDIBits
RealizePalette
SelectPalette
GetStockObject
GetObjectW
CreateDCW
GetDeviceCaps
CreateFontW

advapi32

RegEnumValueW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegCloseKey

shell32

ShellExecuteW
SHGetSpecialFolderPathW

ole32

OleRun
CoInitialize
CoCreateInstance
CreateStreamOnHGlobal

oleaut32

OleLoadPicturePath
VariantChangeType
VariantInit
SysStringLen
SysAllocString
VariantClear
GetErrorInfo
SysFreeString

psapi

EnumProcessModules
GetModuleBaseNameW

comctl32

_TrackMouseEvent

shlwapi

StrToIntW

gdiplus

GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipSetCompositingMode
GdipLoadImageFromStreamICM
GdipCloneImage
GdipCreateBitmapFromHBITMAP
GdipSetInterpolationMode
GdipDrawImagePointsRectI
GdipDisposeImage
GdipDrawImageRectI
GdipCreateStringFormat
GdipMeasureString
GdipDrawString
GdipDeleteStringFormat
GdipDrawImagePointsI
GdipGetImageHeight
GdipGetImageWidth
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdipDeleteFontFamily
GdipGetLogFontW
GdipDeleteFont
GdipFree
GdipCloneBrush
GdipAlloc
GdipSetSmoothingMode
GdipSetTextRenderingHint
GdipCreateSolidFill
GdipFillRegion
GdipCreatePen1
GdipDrawPolygon
GdipDeleteBrush
GdipDeletePen
GdipCreatePath
GdipAddPathPolygon
GdipCreateRegionPath
GdipCreateFromHDC
GdipGetRegionHRgn
GdipReleaseDC
GdipDeleteGraphics
GdipDeleteRegion
GdipDeletePath
GdiplusShutdown
GdiplusStartup
GdipLoadImageFromStream

msvcrt

swscanf
_CxxThrowException
_CIpow
wcscmp
_wcsnicmp
exit
wcsstr
wcslen
wcscpy
_ftol
_purecall
__CxxFrameHandler
??3@YAXPAX@Z
??2@YAPAXI@Z
_vsnwprintf
??1type_info@@UAE@XZ
_onexit
wcsncpy
_wcslwr
__dllonexit
_adjust_fdiv
malloc
_initterm
free
?terminate@@YAXXZ
_except_handler3
fclose
fread
_wfopen

Exports

Exports

CreatePlugInInstance
DestroyPlugInInstance

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CoopenUI.Config
CoopenUI.cop
.dll windows:4 windows x86 arch:x86

3608e6f0863abfc4241d95421052bb61

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
CloseHandle
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryW
GetTickCount
FreeLibrary
GetProcAddress
GetModuleHandleW

user32

DestroyWindow
SetWindowLongW
CreateWindowExW
RegisterClassExW
LoadCursorW
LoadIconW
DefWindowProcW
GetWindowLongW
UpdateWindow
EndPaint
BeginPaint
SetForegroundWindow
SetWindowPos
ShowWindow
DrawIconEx
DrawTextW
FillRect
MoveWindow
GetWindowRect
GetDC
ReleaseDC
SystemParametersInfoW
InflateRect
GetSysColor
SetWindowRgn
GetClientRect
SetParent
SetCapture
ReleaseCapture
SetCursor
LoadImageW
SendMessageW
PtInRect
GetCursorPos
GetFocus
SetTimer
KillTimer
InvalidateRect
CloseWindow
GetSystemMetrics

gdi32

GetObjectW
CreatePolygonRgn
CreateRectRgn
CombineRgn
FrameRgn
GetStockObject
CreateRoundRectRgn
CreateCompatibleDC
StretchBlt
DeleteDC
CreateFontW
GetTextExtentPointW
SetBkMode
SelectObject
MoveToEx
LineTo
SetTextColor
SetPolyFillMode
Polygon
ExtCreatePen
CreateSolidBrush
DeleteObject
CreateFontIndirectW

shell32

ShellExecuteW
SHGetSpecialFolderPathW

comctl32

_TrackMouseEvent

msvcrt

free
_vsnwprintf
wcscmp
wcslen
_ftol
_purecall
wcscpy
__CxxFrameHandler
??3@YAXPAX@Z
??2@YAPAXI@Z
_initterm
_adjust_fdiv
malloc

Exports

Exports

CreatePlugInInstance
DestroyPlugInInstance

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CoopenUpdate.cop
.dll windows:4 windows x86 arch:x86

2d7cc29de0c2e0f87fdf136e8ba2191d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetCommandLineA
ExitProcess
TerminateProcess
RaiseException
HeapSize
HeapReAlloc
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapFree
LCMapStringA
LCMapStringW
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetStdHandle
CopyFileW
CreateDirectoryW
ExpandEnvironmentStringsW
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
SetFileAttributesW
GetFileSize
GetFileTime
GetFileAttributesW
GetProcessVersion
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GlobalFlags
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
lstrcmpiW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DeleteFileW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
GetCurrentProcess
DuplicateHandle
GetLastError
lstrcpynW
LocalFree
InterlockedDecrement
InterlockedIncrement
SetLastError
GetModuleHandleA
LoadLibraryA
lstrlenA
MultiByteToWideChar
GetVersion
GlobalAddAtomW
GlobalFindAtomW
GetModuleHandleW
GetProcAddress
CloseHandle
GetModuleFileNameW
lstrcmpW
GlobalDeleteAtom
lstrcmpA
GetCurrentThread
GetCurrentThreadId
LockResource
MulDiv
GetDiskFreeSpaceExW
lstrcatW
lstrlenW
WideCharToMultiByte
WinExec
lstrcpyW
GetWindowsDirectoryW
LoadLibraryW
FreeLibrary
FindResourceW
SizeofResource
LoadResource
GlobalAlloc
GlobalLock
GlobalUnlock
SetUnhandledExceptionFilter
GlobalFree

user32

IsDialogMessageW
SetWindowTextW
MoveWindow
ClientToScreen
BeginPaint
EndPaint
CreateDialogIndirectParamW
EndDialog
WindowFromPoint
DestroyMenu
CharUpperW
UnregisterClassW
GetClassNameW
GetSysColorBrush
LoadStringW
SendDlgItemMessageA
MapWindowPoints
SetActiveWindow
SetFocus
AdjustWindowRectEx
GetTopWindow
IsChild
GetCapture
WinHelpW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthW
GetDlgCtrlID
DefWindowProcW
DestroyWindow
CreateWindowExW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
GetMessageTime
GetForegroundWindow
SetForegroundWindow
GetWindow
RegisterWindowMessageW
IsIconic
GetWindowPlacement
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
PeekMessageW
GetCursorPos
SetWindowsHookExW
GetLastActivePopup
IsWindowEnabled
MessageBoxW
PostQuitMessage
wsprintfW
SetWindowPos
CopyIcon
GetDC
ReleaseDC
InflateRect
GetMessagePos
ScreenToClient
MessageBeep
GetSysColor
SendMessageW
GetClientRect
EnableWindow
SetDlgItemTextW
SetWindowLongW
GetWindowLongW
IsWindow
SystemParametersInfoW
SetWindowRgn
GetSystemMetrics
ShowWindow
KillTimer
LoadCursorW
SetCursor
SetTimer
PostMessageW
LoadIconW
UpdateWindow
GetWindowTextW
SendDlgItemMessageW
GrayStringW
DrawTextW
TabbedTextOutW
InvalidateRect
GetWindowRect
GetParent
IsWindowVisible
PtInRect
LoadBitmapW
CopyRect
FillRect
SetPropW

gdi32

SaveDC
RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
MoveToEx
LineTo
DeleteDC
CreateSolidBrush
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
CreateBitmap
GetStockObject
CreateRoundRectRgn
Rectangle
SelectObject
DeleteObject
CreatePen
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetObjectW
GetTextExtentPoint32W
CreateFontIndirectW

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegQueryValueW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey

shell32

SHGetSpecialFolderPathW
SHFileOperationW
ShellExecuteW

comctl32

_TrackMouseEvent
ord17
ImageList_Destroy
ImageList_LoadImageW

ole32

CreateStreamOnHGlobal
CoUninitialize
CoInitialize

olepro32

ord251

gdiplus

GdiplusStartup
GdiplusShutdown
GdipDeleteGraphics
GdipReleaseDC
GdipDrawImageRectI
GdipGetImageWidth
GdipGetImageHeight
GdipCreateFromHDC
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipAlloc
GdipFree
GdipDisposeImage
GdipCloneImage

Exports

Exports

CreatePlugInInstance
DestroyPlugInInstance

Sections

.text
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HttpDownloader.exe
.exe windows:4 windows x86 arch:x86

4095847f15924fd0fef7c9ebf1826f51

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:de:ec:c1:f1:8e:28:7a:52:4e:5a:6b:c8:8f:83:47
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

06/08/2008, 00:00

Not After

11/09/2009, 23:59

Subject

CN=Beijing Capital Online Network Technology CO.\, LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Technology,O=Beijing Capital Online Network Technology CO.\, LTD,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5186
ord858
ord924
ord800
ord5710
ord5683
ord860
ord540
ord350
ord354
ord825
ord1105
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord641
ord609
ord795
ord765
ord2514
ord2621
ord1134
ord665
ord4376
ord4853
ord4998
ord4710
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord4234
ord2575
ord4396
ord3574
ord3721
ord6055
ord1776
ord5290
ord3402
ord3698
ord823
ord1146
ord1168
ord567
ord2302
ord537
ord4160
ord2863
ord2379
ord755
ord470
ord2642
ord3092
ord5953
ord2645
ord4224
ord3810
ord920
ord6385
ord1979
ord3663
ord3616
ord3127
ord5265
ord5651
ord1576

msvcrt

exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_exit
_onexit
__dllonexit
sprintf
_mbscmp
vsprintf
_ftol
__CxxFrameHandler
atol
_XcptFilter
_setmbcp

kernel32

GetTempFileNameA
WideCharToMultiByte
GetCommandLineW
WaitForSingleObject
CreateProcessA
GetModuleHandleA
GetStartupInfoA
GetLastError

user32

AppendMenuA
GetSystemMenu
DrawIcon
GetClientRect
LoadIconA
IsIconic
ShowWindow
EnableWindow
GetSystemMetrics
SendMessageA
SetDlgItemTextA
PostMessageA

shell32

CommandLineToArgvW

wininet

InternetCloseHandle
InternetOpenUrlA
InternetReadFile
InternetOpenA
HttpQueryInfoA

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Resource/SkinNormal/Background.bmp
Resource/SkinNormal/Button_Close.bmp
Resource/SkinNormal/Button_IconHide.bmp
Resource/SkinNormal/Button_IconShow.bmp
Resource/SkinNormal/Button_ModeMenu.bmp
Resource/SkinNormal/Button_ModeSel.bmp
Resource/SkinNormal/Button_Pause.bmp
Resource/SkinNormal/Button_Play.bmp
Resource/SkinNormal/Button_Prev.bmp
Resource/SkinNormal/Button_ScreenSaver.bmp
Resource/SkinNormal/Button_Setting.bmp
Resource/SkinNormal/Button_Weblogo.bmp
Resource/SkinNormal/Button_next.bmp
Resource/SkinNormal/Notify_BG.bmp
Resource/SkinNormal/Notify_Close.bmp
Resource/SkinNormal/Progress_download.bmp
Resource/SkinNormal/Progress_download1.bmp
Resource/SkinNormal/Separator.bmp
Resource/SkinNormal/SkinNormal.ini
Resource/res/BMP/MyShare.bmp
Resource/res/BMP/MyWallpaper.bmp
Resource/res/BMP/Myphoto.bmp
Resource/res/BMP/cancel.bmp
Resource/res/BMP/close.bmp
Resource/res/BMP/play.bmp
Templete/CoopenPhoto.jpg
.jpg
Templete/DefaultCoopenWallpaper.jpg
.jpg
Templete/ModeB.tpl
Templete/ModeB_logo.jpg
.jpg
Templete/ModeC.tpl
conf/ChannelListReal.txt
conf/ModeAChannelList.txt
conf/ModeAChannelListReal.txt
conf/ModeAChannelSetup.txt
conf/ModeASelectChannel.txt
conf/PluginConfig.ini
image/Illustrated/coopen illustrated/image_109675/DefaultCoopenWallpaper.jpg
.jpg
image/Photo/local Photo/B_0.jpg
.jpg
image/Photo/local Photo/B_1.jpg
.jpg
image/Share/coopen share/image_100/B_0.jpg
.jpg
image/Share/coopen share/image_100/B_1.jpg
.jpg
image/Wallpaper/coopen wallpaper/DefaultCoopenWallpaper.jpg
.jpg
image/Wallpaper/local wallpaper/DefaultCoopenWallpaper.jpg
.jpg
licence.txt
uninst.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KillProcDLL.dll
.dll windows:4 windows x86 arch:x86

153027ec3b10bcea606b777657dd3402

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExA
TerminateProcess
OpenProcess
LoadLibraryA
CloseHandle
GetProcAddress
FreeLibrary
GlobalFree
lstrcpyA
DisableThreadLibraryCalls

msvcrt

strcmp
_strupr
toupper
strlen
free
_initterm
malloc
_adjust_fdiv
strcpy
_itoa

Exports

Exports

KillProc

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
uninst.exe.nsis

Sharing

General

Malware Config

Signatures

Files

099c0646ea7282d232219f8807883be0

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

67:de:ec:c1:f1:8e:28:7a:52:4e:5a:6b:c8:8f:83:47Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 40KB

.rsrc Size: 16KB - Virtual size: 16KB

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 1012B

153027ec3b10bcea606b777657dd3402

Headers

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 172B

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 1024B - Virtual size: 784B

.data Size: 512B - Virtual size: 92B

.reloc Size: 512B - Virtual size: 496B

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

67:de:ec:c1:f1:8e:28:7a:52:4e:5a:6b:c8:8f:83:47
Certificate

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 40KB

.rsrc
Size: 16KB - Virtual size: 16KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 1012B

.text
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 172B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 92B

.reloc
Size: 512B - Virtual size: 496B

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

67:de:ec:c1:f1:8e:28:7a:52:4e:5a:6b:c8:8f:83:47
Certificate

.text
Size: 52KB - Virtual size: 49KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 6KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 8KB - Virtual size: 4KB