bc57891b8249f2bd406e2562ce75e1cc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bc57891b8249f2bd406e2562ce75e1cc_JaffaCakes118
Size

727KB
MD5

bc57891b8249f2bd406e2562ce75e1cc
SHA1

1b6ca0f6acef2216cc4208acb7cd5c2d5a2841ec
SHA256

57fa1d7c65ee6d274d7b91d07613ddd949f05333ca22662a96207d05688ffd1e
SHA512

979fd1dbeb93d998145bddcb73223da9b6b6bf365d82091bae630646599b386aed7b14e635fc6191a7900078f45b411bb27bd1a0a8cd754db4fdbaf13ebe580f
SSDEEP

12288:6t0LO3PwABt4c/uERQ0PF+4CZR9AYDqHpNJKABZBCnbs3dJQdRJ4x/1gkxq:6tSO3PEIuERdMlZR9FDqJNJJBsJdRJKi

Score

3^/10

Malware Config

Signatures

Unsigned PE 18 IoCs

Checks for missing Authenticode signature.

resource
bc57891b8249f2bd406e2562ce75e1cc_JaffaCakes118
unpack001/$PLUGINSDIR/Banner.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/inetc.dll
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/$TEMP/minibar.exe
unpack002/$PLUGINSDIR/nsExec.dll
unpack002/$PLUGINSDIR/nsProcess.dll
unpack002/$PLUGINSDIR/nsUnzip.dll
unpack002/$PROGRAMFILES/Minibar/Froggy.dll
unpack002/$PROGRAMFILES/Minibar/Kango.dll
unpack002/$PROGRAMFILES/Minibar/MinibarButton.dll
unpack002/Uninstall.exe
unpack003/$PLUGINSDIR/System.dll
unpack003/$PLUGINSDIR/nsExec.dll
unpack002/sqlite3.exe
unpack001/UninstallMinibar.exe
unpack006/$PLUGINSDIR/inetc.dll

NSIS installer 8 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/$TEMP/minibar.exe	nsis_installer_1
static1/unpack001/$TEMP/minibar.exe	nsis_installer_2
static1/unpack002/Uninstall.exe	nsis_installer_1
static1/unpack002/Uninstall.exe	nsis_installer_2
static1/unpack001/UninstallMinibar.exe	nsis_installer_1
static1/unpack001/UninstallMinibar.exe	nsis_installer_2

Files

bc57891b8249f2bd406e2562ce75e1cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/Banner.dll
.dll windows:4 windows x86 arch:x86

7a3709b093081d5614be1eaa2fe7fe76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
CloseHandle
Sleep
CreateThread
GetCurrentThreadId
GlobalFree
lstrcpyA
lstrcpynA
GlobalAlloc

user32

DestroyWindow
SetWindowLongA
GetWindowLongA
SetWindowTextA
SetDlgItemTextA
DispatchMessageA
PeekMessageA
WaitMessage
IsWindow
CreateDialogParamA
ShowWindow
AttachThreadInput
IsWindowVisible
wsprintfA
PostMessageA

Exports

Exports

destroy
getWindow
show

Sections

.text
Size: 1024B - Virtual size: 862B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/inetc.dll
.dll windows:4 windows x86 arch:x86

5bdcdde5acd7b395f3f3d19ebbb8c6cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_mbschr
_adjust_fdiv
malloc
_initterm
free
strlen
strchr
strrchr
_mbsrchr
strtoul
memset
_mbsstr
strtol

kernel32

GlobalFree
CreateThread
WaitForSingleObject
TerminateThread
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc
LoadLibraryA
GetProcAddress
lstrcmpiA
CreateFileA
GetFileSize
lstrlenA
WriteFile
ReadFile
lstrcmpA
lstrcpynA
lstrcatA
GetLastError
DeleteFileA
CloseHandle
SleepEx
SetFilePointer
GetTickCount

user32

MessageBoxA
GetParent
ShowWindow
SetWindowLongA
IsWindow
SetWindowTextA
SendDlgItemMessageA
GetDlgItem
PostMessageA
GetWindowTextA
SendMessageA
SetDlgItemTextA
SetWindowPos
SystemParametersInfoA
GetClientRect
GetWindowRect
SetTimer
LoadIconA
UpdateWindow
DestroyWindow
KillTimer
RedrawWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
IsWindowVisible
EnableWindow
CreateDialogParamA
FindWindowExA
wsprintfA
GetWindowLongA

wininet

HttpSendRequestA
HttpSendRequestExA
HttpQueryInfoA
FtpCreateDirectoryA
FtpOpenFileA
InternetGetLastResponseInfoA
InternetSetFilePointer
InternetSetOptionA
InternetQueryOptionA
InternetCloseHandle
InternetErrorDlg
HttpOpenRequestA
HttpAddRequestHeadersA
HttpEndRequestA
InternetConnectA
InternetCrackUrlA
InternetOpenA
InternetReadFile
InternetWriteFile

comctl32

ord17

Exports

Exports

get
head
post
put

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/license.rtf
.rtf
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

1e2884056e655f2b7bc5a904e352fc80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetFileAttributesA
lstrcmpiA
MulDiv
lstrlenA
HeapFree
GetCurrentDirectoryA
HeapAlloc
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
GetProcessHeap
SetCurrentDirectoryA

user32

GetPropA
DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
RemovePropA
CharPrevA
GetWindowLongA
DrawTextA
GetWindowTextA
GetDlgItem
SetWindowLongA
SetWindowPos
CreateDialogParamA
MapWindowPoints
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
MapDialogRect
GetClientRect
CharNextA
SendMessageA
DrawFocusRect

gdi32

SetTextColor

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/minibar.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsExec.dll
.dll windows:4 windows x86 arch:x86

d83f71e61ee459ee63ca3e829966a9dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetExitCodeProcess
WaitForSingleObject
Sleep
TerminateProcess
lstrcpyA
lstrcpynA
GlobalReAlloc
GlobalUnlock
GlobalSize
ReadFile
PeekNamedPipe
GetTickCount
CreateProcessA
GetStartupInfoA
CreatePipe
GetVersionExA
GetModuleHandleA
DeleteFileA
lstrcmpiA
lstrlenA
lstrcatA
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA
CopyFileA
GetTempFileNameA
GlobalFree
GlobalAlloc
GetModuleFileNameA
ExitProcess
GetCommandLineA
GetProcAddress
GlobalLock
GetCurrentProcess

user32

SendMessageA
OemToCharBuffA
CharNextA
wsprintfA
CharPrevA
FindWindowExA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 410B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsProcess.dll
.dll windows:4 windows x86 arch:x86

c9fc7f6df8fedf8f8f1f9f820c072664

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
CloseHandle
TerminateProcess
OpenProcess
lstrcmpiA
WideCharToMultiByte
FreeLibrary
LocalFree
LocalAlloc
GetProcAddress
LoadLibraryA
GetVersionExA
GlobalFree
lstrcpynA
GlobalAlloc

Exports

Exports

_FindProcess
_KillProcess
_Unload

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 646B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 146B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsUnzip.dll
.dll windows:4 windows x86 arch:x86

f61b492d16b51856da71c9a124fee190

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcess
InitializeCriticalSection
ReleaseMutex
WaitForSingleObject
InterlockedExchange
CreateMutexA
GetDriveTypeA
GetVolumeInformationA
LeaveCriticalSection
EnterCriticalSection
lstrlenA
FindFirstFileA
FindNextFileA
FindClose
GetVersion
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
FileTimeToSystemTime
FileTimeToLocalFileTime
SetEndOfFile
SetFilePointer
CreateFileA
GetFullPathNameA
GetLocaleInfoA
DosDateTimeToFileTime
SetFileAttributesA
GetFileAttributesA
GetFileTime
SetVolumeLabelA
GetCurrentDirectoryA
DeleteFileA
CreateDirectoryA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
HeapSize
LoadLibraryA
ReadFile
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetLastError
GetProcessHeap
HeapAlloc
HeapFree
CloseHandle
GlobalUnlock
GlobalLock
lstrcpyA
lstrcmpA
lstrcmpiA
GlobalFree
GlobalAlloc
lstrcpynA
SetFileTime
GetSystemTimeAsFileTime
SetStdHandle
GetFileType
HeapReAlloc
MultiByteToWideChar
GetCurrentThreadId
GetCommandLineA
GetVersionExA
RtlUnwind
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCPInfo
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
LCMapStringA
WideCharToMultiByte
LCMapStringW
GetTimeZoneInformation
GetACP
GetOEMCP
WriteFile
FlushFileBuffers
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
VirtualProtect
GetSystemInfo
VirtualQuery
SetEnvironmentVariableW

user32

OemToCharA
CharToOemA
wsprintfA
DialogBoxParamA
GetDlgItem
SetWindowTextA
SetDlgItemTextA
SendMessageA
EnableWindow
GetWindowTextLengthA
GetWindowTextA
EndDialog
CharUpperA

advapi32

GetSecurityDescriptorControl
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetKernelObjectSecurity
SetKernelObjectSecurity
IsValidSecurityDescriptor
GetSecurityDescriptorDacl
IsValidAcl
GetSecurityDescriptorSacl
GetSecurityDescriptorOwner
IsValidSid
GetSecurityDescriptorGroup

Exports

Exports

Extract
GetPassword

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES/Minibar/Froggy.dll
.dll regsvr32 windows:5 windows x86 arch:x86

4c7a3f95276f50a76e1adfbc00c7c8b8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Work2\Somoto\src_old\Froggy\Release\Froggy.pdb

Imports

kernel32

GetModuleHandleW
lstrcmpiW
GetModuleFileNameW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
SetThreadLocale
GetThreadLocale
LockResource
FindResourceExW
WideCharToMultiByte
lstrlenA
FlushInstructionCache
GetProcAddress
GetCurrentThreadId
SetLastError
FlushFileBuffers
CloseHandle
CreateFileW
WriteConsoleW
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStringTypeW
LCMapStringW
LeaveCriticalSection
EnterCriticalSection
lstrlenW
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
GetCurrentProcess
RaiseException
LoadLibraryW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStartupInfoW
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
TlsFree
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedCompareExchange
InterlockedPushEntrySList
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InterlockedPopEntrySList
EncodePointer
DecodePointer
RtlUnwind
GetCommandLineA
Sleep
ExitProcess
WriteFile
GetStdHandle
HeapCreate
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
GetTickCount

user32

GetWindowLongW
CharNextW
SetWindowLongW
SetTimer
KillTimer
IsWindow
CreateWindowExW
RegisterClassExW
CallWindowProcW
UnregisterClassA
DefWindowProcW
DestroyWindow
LoadCursorW
GetClassInfoExW

advapi32

RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance

oleaut32

DispCallFunc
SysStringByteLen
SysAllocStringByteLen
VariantClear
VariantInit
LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES/Minibar/Kango.dll
.dll regsvr32 windows:5 windows x86 arch:x86

da4136ca038f62568c9bfdc1c982f44f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Work2\Kango\src\cpp\ie_bho\Release\Kango.pdb

Imports

gdiplus

GdipCreateFromHDC
GdipDeleteBrush
GdipCloneBrush
GdipFree
GdipAlloc
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipSetCompositingMode
GdipSetCompositingQuality
GdipSetInterpolationMode
GdipSetSmoothingMode
GdipSetPixelOffsetMode
GdipSetPageUnit
GdipGraphicsClear
GdipFillRectangleI
GdiplusShutdown
GdiplusStartup
GdipDrawImageRectRect
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipGetImageHeight
GdipGetImageWidth
GdipCreateSolidFill
GdipCreateBitmapFromResource
GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromScan0
GdipCloneImage
GdipDisposeImage
GdipDrawImageRectRectI
GdipDrawImageRectI

kernel32

SetHandleCount
HeapCreate
ExitProcess
CreateFileW
ReadFile
GetFileSize
WriteFile
CreateDirectoryW
FreeLibrary
GetProcAddress
SetLastError
GetLastError
LoadLibraryW
OutputDebugStringA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetFileAttributesW
GetVersion
DeleteFileW
RemoveDirectoryW
FindClose
FindNextFileW
FindFirstFileW
CloseHandle
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
lstrcmpW
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
RaiseException
InitializeCriticalSectionAndSpinCount
lstrlenW
MultiByteToWideChar
LoadLibraryExW
lstrcmpiW
EnterCriticalSection
GetFileType
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
LoadLibraryA
GetVersionExW
SetThreadLocale
GetThreadLocale
GetTempFileNameW
GetTempPathW
TerminateProcess
OpenProcess
VirtualFree
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
RtlUnwind
DecodePointer
EncodePointer
GetCommandLineA
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
Sleep
GetStartupInfoW
VirtualAlloc
SetFilePointer
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
SetStdHandle
FlushFileBuffers
GetStringTypeW
LCMapStringW
WriteConsoleW
SetEndOfFile
LeaveCriticalSection
InterlockedPopEntrySList

user32

GetDC
ReleaseDC
GetDesktopWindow
GetClassNameW
SetWindowPos
RedrawWindow
BeginPaint
EndPaint
CreateAcceleratorTableW
MoveWindow
IsChild
ClientToScreen
GetFocus
GetWindow
GetSysColor
DestroyAcceleratorTable
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetClassInfoExW
RegisterClassExW
RegisterWindowMessageW
LoadCursorW
SendMessageW
PostMessageW
ScreenToClient
ReleaseCapture
SetCapture
InvalidateRect
InvalidateRgn
GetDlgItem
UpdateLayeredWindow
MapWindowPoints
GetWindowRect
GetWindowDC
CopyRect
GetSystemMetrics
CreatePopupMenu
TrackPopupMenu
UnregisterClassA
DestroyMenu
GetMonitorInfoW
MonitorFromPoint
MessageBoxW
SetTimer
SetFocus
KillTimer
GetWindowLongW
SetWindowLongW
CreateWindowExW
CallWindowProcW
DefWindowProcW
GetParent
DestroyWindow
IsWindow
GetClientRect
CharNextW
FillRect
AppendMenuW

gdi32

SetBkMode
GetTextExtentPoint32W
ExtTextOutW
GetStockObject
GetObjectW
GetDeviceCaps
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
DeleteDC
BitBlt

advapi32

CryptDestroyHash
RegQueryValueExW
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
CryptDestroyKey
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW
CryptHashData

shell32

SHGetFolderPathW

ole32

CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
OleUninitialize
CreateStreamOnHGlobal
OleInitialize
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
StringFromGUID2
OleLockRunning
CoUninitialize
CoInitialize

oleaut32

LoadTypeLi
VariantChangeType
DispCallFunc
VariantInit
UnRegisterTypeLi
RegisterTypeLi
OleCreateFontIndirect
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysFreeString
LoadRegTypeLi
VarUI4FromStr
VariantCopy
SysAllocString
VariantClear

shlwapi

PathStripPathW
PathRemoveFileSpecW
PathAddBackslashW
PathFileExistsW

Exports

Exports

ClearStorage
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 241KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES/Minibar/MinibarButton.dll
.dll regsvr32 windows:5 windows x86 arch:x86

f010497d0b60dc45a47cc1d5d8151b41

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdiplus

GdipSetInterpolationMode
GdipAlloc
GdipDeleteGraphics
GdipLoadImageFromFile
GdipDisposeImage
GdipCreateBitmapFromScan0
GdiplusStartup
GdiplusShutdown
GdipCloneBrush
GdipDrawImageRectRectI
GdipFillRectangleI
GdipGraphicsClear
GdipSetPageUnit
GdipSetPixelOffsetMode
GdipSetSmoothingMode
GdipFree
GdipSetCompositingQuality
GdipSetCompositingMode
GdipCreateSolidFill
GdipCreateHBITMAPFromBitmap
GdipDeleteBrush
GdipCloneImage
GdipDrawImageRectI
GdipGetImageGraphicsContext

kernel32

QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
SetFilePointer
GetStartupInfoW
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GetCurrentProcess
lstrcmpW
GetCurrentThreadId
lstrlenW
GetModuleFileNameW
SetLastError
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
GetProcAddress
GetModuleHandleW
lstrcmpiW
GetTickCount
MultiByteToWideChar
LoadLibraryExW
SetThreadLocale
GetThreadLocale
CloseHandle
TerminateProcess
GetCommandLineA
DecodePointer
EncodePointer
RtlUnwind
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
IsDebuggerPresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
Sleep
ExitProcess
HeapCreate
WriteFile
UnhandledExceptionFilter
GetStdHandle
GetCPInfo
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryW
GetConsoleCP
GetConsoleMode
LCMapStringW
GetStringTypeW
SetStdHandle
FlushFileBuffers
CreateFileW
WriteConsoleW
FreeLibrary
SetUnhandledExceptionFilter

user32

EndPaint
DestroyWindow
FillRect
ReleaseCapture
GetClassNameW
IsChild
SetCapture
BeginPaint
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
GetClientRect
GetDesktopWindow
GetCursorPos
DestroyAcceleratorTable
GetWindow
GetFocus
SetFocus
IsWindow
CreateAcceleratorTableW
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
RegisterWindowMessageW
GetWindowRect
GetWindowDC
UpdateLayeredWindow
MapWindowPoints
GetSystemMetrics
FindWindowExW
UnregisterClassA
RedrawWindow
SetWindowPos
MoveWindow
CharNextW
GetSysColor
CreateWindowExW
RegisterClassExW
DefWindowProcW
LoadCursorW
GetClassInfoExW
GetParent
SendMessageW
PostMessageW
GetWindowLongW
SetWindowLongW
CallWindowProcW
CopyRect
GetDlgItem
GetActiveWindow

gdi32

GetStockObject
GetObjectW
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
DeleteObject
SelectObject

advapi32

RegOpenKeyExW
RegQueryInfoKeyW
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegQueryValueExW
RegEnumKeyExW
RegCloseKey
RegCreateKeyExW

ole32

CoCreateInstance
StringFromGUID2
OleLockRunning
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CoTaskMemAlloc
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoTaskMemRealloc
CoTaskMemFree

oleaut32

VariantInit
VariantClear
SysStringLen
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
VariantCopy
OleCreateFontIndirect
LoadTypeLi
LoadRegTypeLi
DispCallFunc
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysAllocStringLen
VariantChangeType
SysFreeString

shlwapi

PathRemoveFileSpecW
PathAddBackslashW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES/Minibar/config.xml
.xml
$PROGRAMFILES/Minibar/extension_info.json
$PROGRAMFILES/Minibar/icons/icon128.png
.png
$PROGRAMFILES/Minibar/icons/icon16.ico
$PROGRAMFILES/Minibar/icons/icon19.ico
$PROGRAMFILES/Minibar/icons/icon19.png
.png
$PROGRAMFILES/Minibar/icons/icon32.png
.png
$PROGRAMFILES/Minibar/icons/icon48.png
.png
$PROGRAMFILES/Minibar/kango-ui/browser_button.js
.js
$PROGRAMFILES/Minibar/kango-ui/commandbar_button.js
.js
$PROGRAMFILES/Minibar/kango-ui/theme/bubble/bottom-left.png
.png
$PROGRAMFILES/Minibar/kango-ui/theme/bubble/bottom-middle.png
.png
$PROGRAMFILES/Minibar/kango-ui/theme/bubble/bottom-right.png
.png
$PROGRAMFILES/Minibar/kango-ui/theme/bubble/middle-left.png
.png
$PROGRAMFILES/Minibar/kango-ui/theme/bubble/middle-right.png
.png
$PROGRAMFILES/Minibar/kango-ui/theme/bubble/tail-bottom.png
.png
$PROGRAMFILES/Minibar/kango-ui/theme/bubble/tail-left.png
.png
$PROGRAMFILES/Minibar/kango-ui/theme/bubble/tail-right.png
.png
$PROGRAMFILES/Minibar/kango-ui/theme/bubble/tail-top.png
.png
$PROGRAMFILES/Minibar/kango-ui/theme/bubble/top-left.png
.png
$PROGRAMFILES/Minibar/kango-ui/theme/bubble/top-middle.png
.png
$PROGRAMFILES/Minibar/kango-ui/theme/bubble/top-right.png
.png
$PROGRAMFILES/Minibar/kango-ui/ui.js
.js
$PROGRAMFILES/Minibar/kango/browser.js
.js
$PROGRAMFILES/Minibar/kango/console.js
$PROGRAMFILES/Minibar/kango/event_listener.js
$PROGRAMFILES/Minibar/kango/initialize.js
$PROGRAMFILES/Minibar/kango/io.js
.js
$PROGRAMFILES/Minibar/kango/json.js
.js
$PROGRAMFILES/Minibar/kango/jsonstorage.js
.js
$PROGRAMFILES/Minibar/kango/kango.js
.js
$PROGRAMFILES/Minibar/kango/lang.js
.js
$PROGRAMFILES/Minibar/kango/md5.js
.js
$PROGRAMFILES/Minibar/kango/messaging.js
.js
$PROGRAMFILES/Minibar/kango/storage.js
.js
$PROGRAMFILES/Minibar/kango/userscript_engine.js
.js
$PROGRAMFILES/Minibar/kango/utils.js
.js
$PROGRAMFILES/Minibar/kango/xhr.js
.js
$PROGRAMFILES/Minibar/minibar/actions.js
.js
$PROGRAMFILES/Minibar/minibar/cachedxhr.js
$PROGRAMFILES/Minibar/minibar/config.js
.js
$PROGRAMFILES/Minibar/minibar/config.json
$PROGRAMFILES/Minibar/minibar/macros.js
.js
$PROGRAMFILES/Minibar/minibar/minibar.js
.js
Uninstall.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsExec.dll
.dll windows:4 windows x86 arch:x86

d83f71e61ee459ee63ca3e829966a9dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetExitCodeProcess
WaitForSingleObject
Sleep
TerminateProcess
lstrcpyA
lstrcpynA
GlobalReAlloc
GlobalUnlock
GlobalSize
ReadFile
PeekNamedPipe
GetTickCount
CreateProcessA
GetStartupInfoA
CreatePipe
GetVersionExA
GetModuleHandleA
DeleteFileA
lstrcmpiA
lstrlenA
lstrcatA
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA
CopyFileA
GetTempFileNameA
GlobalFree
GlobalAlloc
GetModuleFileNameA
ExitProcess
GetCommandLineA
GetProcAddress
GlobalLock
GetCurrentProcess

user32

SendMessageA
OemToCharBuffA
CharNextA
wsprintfA
CharPrevA
FindWindowExA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 410B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
chrome_installer.js
.js
common.js
.js
firefox_installer.js
.js
ie_installer.js
.js
install.json
minibar.crx
.zip
background.html
cached_http_request.js
.js
extension_info.json
icons/icon128.png
.png
icons/icon19.png
.png
icons/icon32.png
.png
icons/icon48.png
.png
includes/content.js
includes/content_kango.js
.js
includes/content_messaging.js
.js
includes/content_userscript.js
.js
kango-ui/button.js
.js
kango-ui/ui.js
kango/browser.js
.js
kango/console.js
kango/event_listener.js
kango/initialize.js
.js
kango/io.js
.js
kango/jsonstorage.js
.js
kango/kango.js
.js
kango/lang.js
.js
kango/messaging.js
.js
kango/userscript_engine.js
.js
kango/xhr.js
.js
main.js
.js
manifest.json
minibar/actions.js
.js
minibar/cachedxhr.js
minibar/config.js
.js
minibar/macros.js
.js
minibar/minibar.js
.js
popup.html
popup.js
.js
tab.html
tab.js
.js
minibar.xpi
.zip .js polyglot
chrome.manifest
chrome/content/cached_http_request.js
.js
chrome/content/content.xul
chrome/content/extension_info.json
chrome/content/icons/icon128.png
.png
chrome/content/icons/icon19.png
.png
chrome/content/icons/icon32.png
.png
chrome/content/icons/icon48.png
.png
chrome/content/kango-ui/button.js
.js
chrome/content/kango-ui/popup.js
.js
chrome/content/kango-ui/popup_window.js
.js
chrome/content/kango-ui/popup_window.xul
chrome/content/kango-ui/theme/bubble/bottom-left.png
.png
chrome/content/kango-ui/theme/bubble/bottom-middle.png
.png
chrome/content/kango-ui/theme/bubble/bottom-right.png
.png
chrome/content/kango-ui/theme/bubble/middle-left.png
.png
chrome/content/kango-ui/theme/bubble/middle-right.png
.png
chrome/content/kango-ui/theme/bubble/style.css
chrome/content/kango-ui/theme/bubble/tail-bottom.png
.png
chrome/content/kango-ui/theme/bubble/tail-left.png
.png
chrome/content/kango-ui/theme/bubble/tail-right.png
.png
chrome/content/kango-ui/theme/bubble/tail-top.png
.png
chrome/content/kango-ui/theme/bubble/top-left.png
.png
chrome/content/kango-ui/theme/bubble/top-middle.png
.png
chrome/content/kango-ui/theme/bubble/top-right.png
.png
chrome/content/kango-ui/ui.js
chrome/content/kango/browser.js
.js
chrome/content/kango/console.js
chrome/content/kango/event_listener.js
chrome/content/kango/initialize.js
.js
chrome/content/kango/io.js
.js
chrome/content/kango/jsonstorage.js
.js
chrome/content/kango/kango.js
.js
chrome/content/kango/lang.js
.js
chrome/content/kango/messaging.js
.js
chrome/content/kango/storage.js
.js
chrome/content/kango/uninstall_observer.js
.js
chrome/content/kango/userscript_engine.js
.js
chrome/content/kango/xhr.js
.js
chrome/content/main.js
.js
chrome/content/minibar/actions.js
.js
chrome/content/minibar/cachedxhr.js
chrome/content/minibar/config.js
.js
chrome/content/minibar/config.json
chrome/content/minibar/homepage_helper.js
.js
chrome/content/minibar/macros.js
.js
chrome/content/minibar/minibar.js
.js
chrome/content/minibar/search_helper.js
.js
chrome/content/minibar/search_hook.js
.js
chrome/content/minibar/tabpage_helper.js
.js
install.rdf
sqlite3.exe
.exe windows:4 windows x86 arch:x86

146d733fc6865bded0562df01afedbdb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED

Imports

kernel32

AreFileApisANSI
CloseHandle
CreateFileA
CreateFileMappingA
CreateFileW
DeleteFileA
DeleteFileW
ExitProcess
FlushFileBuffers
FormatMessageA
FormatMessageW
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetDiskFreeSpaceA
GetDiskFreeSpaceW
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileSize
GetFullPathNameA
GetFullPathNameW
GetLastError
GetProcAddress
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempPathA
GetTempPathW
GetTickCount
GetVersionExA
LoadLibraryA
LoadLibraryW
LocalFree
LockFile
LockFileEx
MapViewOfFile
MultiByteToWideChar
QueryPerformanceCounter
ReadFile
SetEndOfFile
SetFilePointer
SetUnhandledExceptionFilter
Sleep
UnlockFile
UnlockFileEx
UnmapViewOfFile
WideCharToMultiByte
WriteFile

msvcrt

__getmainargs
__p__environ
__set_app_type
_access
_cexit
_fileno
_fmode
_fpreset
_iob
_isatty
_setmode
atexit
atoi
exit
fclose
fflush
fgets
fopen
fprintf
fputc
free
getenv
isalnum
isalpha
isdigit
isprint
isspace
localtime
malloc
memcpy
memmove
memset
printf
putc
qsort
realloc
signal
strcmp
strncmp
strncpy
tolower

Sections

.text
Size: 446KB - Virtual size: 446KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 928B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.stab
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.stabstr
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UninstallMinibar.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/inetc.dll
.dll windows:4 windows x86 arch:x86

5bdcdde5acd7b395f3f3d19ebbb8c6cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_mbschr
_adjust_fdiv
malloc
_initterm
free
strlen
strchr
strrchr
_mbsrchr
strtoul
memset
_mbsstr
strtol

kernel32

GlobalFree
CreateThread
WaitForSingleObject
TerminateThread
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc
LoadLibraryA
GetProcAddress
lstrcmpiA
CreateFileA
GetFileSize
lstrlenA
WriteFile
ReadFile
lstrcmpA
lstrcpynA
lstrcatA
GetLastError
DeleteFileA
CloseHandle
SleepEx
SetFilePointer
GetTickCount

user32

MessageBoxA
GetParent
ShowWindow
SetWindowLongA
IsWindow
SetWindowTextA
SendDlgItemMessageA
GetDlgItem
PostMessageA
GetWindowTextA
SendMessageA
SetDlgItemTextA
SetWindowPos
SystemParametersInfoA
GetClientRect
GetWindowRect
SetTimer
LoadIconA
UpdateWindow
DestroyWindow
KillTimer
RedrawWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
IsWindowVisible
EnableWindow
CreateDialogParamA
FindWindowExA
wsprintfA
GetWindowLongA

wininet

HttpSendRequestA
HttpSendRequestExA
HttpQueryInfoA
FtpCreateDirectoryA
FtpOpenFileA
InternetGetLastResponseInfoA
InternetSetFilePointer
InternetSetOptionA
InternetQueryOptionA
InternetCloseHandle
InternetErrorDlg
HttpOpenRequestA
HttpAddRequestHeadersA
HttpEndRequestA
InternetConnectA
InternetCrackUrlA
InternetOpenA
InternetReadFile
InternetWriteFile

comctl32

ord17

Exports

Exports

get
head
post
put

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
icon.ico

Sharing

General

Malware Config

Signatures

Files

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 64KB

.rsrc Size: 16KB - Virtual size: 16KB

7a3709b093081d5614be1eaa2fe7fe76

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 862B

.rdata Size: 1024B - Virtual size: 792B

.data Size: 512B - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 224B

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 784B

.data Size: 512B - Virtual size: 100B

.reloc Size: 1024B - Virtual size: 520B

5bdcdde5acd7b395f3f3d19ebbb8c6cd

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

wininet

comctl32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

1e2884056e655f2b7bc5a904e352fc80

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 64KB

.rsrc
Size: 16KB - Virtual size: 16KB

.text
Size: 1024B - Virtual size: 862B

.rdata
Size: 1024B - Virtual size: 792B

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 224B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 520B

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 572B

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 32KB

.rsrc
Size: 2KB - Virtual size: 2KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 410B

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 646B

.data
Size: - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 146B

.text
Size: 106KB - Virtual size: 105KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 4KB - Virtual size: 16KB

.rsrc
Size: 512B - Virtual size: 288B

.reloc
Size: 6KB - Virtual size: 6KB