eed397c9b6fbf0f3c5afe8874df7a950_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eed397c9b6fbf0f3c5afe8874df7a950_JaffaCakes118
Size

12.8MB
MD5

eed397c9b6fbf0f3c5afe8874df7a950
SHA1

977bce447d12c2af8411234d01dd8ca30a3611fb
SHA256

7a740d0514a7c2a913326b0e9d839b638c3fe77e23e5f7dd5aca41ac03d70921
SHA512

033a339af927efe64a9329609611b5e52911e95b5030cccfb39fe6c8c9028e556d6c44264fcec0bbad333a38660ab0803a2105ad9e6b37cbd0dbbdd83c56b3e2
SSDEEP

393216:gNvojlsTxWzTOaGIlzlf6YQ0Eydedgw9+ta:gNwrmaGIzE0vdeH9f

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/SCV.Selector.Full.2009.04.27.exe	upx

Unsigned PE 16 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SCV.Selector.Full.2009.04.27.exe
unpack002/$PLUGINSDIR/InstallOptionsEx.dll
unpack002/$PLUGINSDIR/KillProcDLL.dll
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/VPatch.dll
unpack002/EditLocal.dll
unpack002/InstCC.exe
unpack002/Local.dll
unpack002/Riched20.dll
unpack002/Smackw32.dll
unpack002/StarCraft.exe
unpack002/StarEdit.exe
unpack002/battle.snp
unpack002/out.upx
unpack002/standard.snp
unpack002/storm.dll

NSIS installer 1 IoCs

installer

resource	yara_rule
static1/unpack002/out.upx	nsis_installer_2

Files

eed397c9b6fbf0f3c5afe8874df7a950_JaffaCakes118
.rar
155绿色软件站.url
.url
SCV.Selector.Full.2009.04.27.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 648KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$PLUGINSDIR/BW.ico
$PLUGINSDIR/InstallOptionsEx.dll
.dll windows:5 windows x86 arch:x86

23a320559023c8f8e95656c5e186588c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

ImageList_Create
ImageList_Destroy
ImageList_AddMasked

shlwapi

PathFileExistsA
PathFindExtensionA

kernel32

ReadFile
GlobalLock
CloseHandle
GetFileSize
CreateFileA
LoadLibraryA
HeapSize
GetProcessHeap
SetEndOfFile
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
HeapReAlloc
VirtualAlloc
HeapAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
VirtualFree
HeapDestroy
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
ExitProcess
Sleep
InterlockedDecrement
SetLastError
InterlockedIncrement
GlobalUnlock
GetModuleHandleA
GetSystemTime
GetPrivateProfileStringA
WritePrivateProfileStringA
GetDateFormatA
GetTimeFormatA
MultiByteToWideChar
MulDiv
lstrcatA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetTickCount
lstrcmpA
SetErrorMode
FindFirstFileA
lstrcmpiA
lstrlenA
lstrcpyA
GlobalFree
GlobalAlloc
lstrcpynA
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetProcAddress
GetModuleHandleW
DeleteCriticalSection
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
SetFilePointer
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapFree
EnterCriticalSection
LeaveCriticalSection
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
RtlUnwind

user32

ScreenToClient
IsDialogMessageA
GetMessageA
TranslateMessage
DispatchMessageA
DestroyWindow
DestroyCursor
DestroyIcon
ShowWindow
EnableWindow
GetSystemMenu
EnableMenuItem
CreateDialogParamA
GetWindowRect
MapWindowPoints
SetWindowPos
CopyImage
LoadImageA
CreateWindowExA
wsprintfA
GetClientRect
SetWindowLongA
GetCursorPos
SetWindowRgn
IsWindowEnabled
GetWindowLongA
DrawTextA
DrawFocusRect
GetSysColor
UpdateWindow
PostMessageA
SetTimer
GetDlgItem
GetDC
ReleaseDC
KillTimer
GetDlgCtrlID
GetKeyState
LoadCursorA
SetCursor
CallWindowProcA
MapDialogRect
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
SendMessageA
CharNextA
MessageBoxA

gdi32

CreateFontIndirectA
DeleteObject
CreateCompatibleDC
GetDIBits
CreateRectRgn
CombineRgn
SetTextColor
SetBkColor
CreateSolidBrush
SelectObject
PatBlt
SetBkMode
GetBkColor
GetTextColor
GetBkMode
CreateBrushIndirect
GetObjectA
GetDeviceCaps

comdlg32

ChooseColorA
ChooseFontA
GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

shell32

ShellExecuteA
SHGetPathFromIDListA
ExtractIconExA
SHGetDesktopFolder
SHBrowseForFolderA

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture

Exports

Exports

dialog
initDialog
setFocus
show

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 564B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KillProcDLL.dll
.dll windows:4 windows x86 arch:x86

153027ec3b10bcea606b777657dd3402

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExA
TerminateProcess
OpenProcess
LoadLibraryA
CloseHandle
GetProcAddress
FreeLibrary
GlobalFree
lstrcpyA
DisableThreadLibraryCalls

msvcrt

strcmp
_strupr
toupper
strlen
free
_initterm
malloc
_adjust_fdiv
strcpy
_itoa

Exports

Exports

KillProc

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/SC.ico
$PLUGINSDIR/SCV.ini
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/VPatch.dll
.dll windows:4 windows x86 arch:x86

308dbf2136b37be830bdd627b8ff3095

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFileTime
WriteFile
GetSystemTimeAsFileTime
ReadFile
SetFilePointer
DeleteFileA
CloseHandle
CreateFileA
GlobalFree
lstrcpyA
lstrcpynA
GlobalAlloc

Exports

Exports

GetFileCRC32
GetFileMD5
vpatchfile

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 532B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BroodWar.mpq
EditLocal.dll
.dll windows:4 windows x86 arch:x86

211a1ac2159862c6038f1d798175f2be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetEnvironmentStrings
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetCommandLineA
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualAlloc
GetProcAddress
LoadLibraryA
FlushFileBuffers
CloseHandle
SetStdHandle
SetFilePointer

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
InstCC.exe
.exe windows:4 windows x86 arch:x86

1c0c12beaf5f47bfead3fd73978803ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

kernel32

SetCurrentDirectoryA
GetModuleFileNameA
WritePrivateProfileStringA
GetWindowsDirectoryA
FormatMessageA
MoveFileExA
SetLastError
DeleteFileA
GetLastError
Sleep
GetVersionExA
lstrlenA
GetCurrentDirectoryA
lstrcpyA
lstrcatA
CreateFileA
WriteFile
ReadFile
GetFileSize
DeleteCriticalSection
HeapFree
GetProcessHeap
TerminateProcess
CloseHandle
GetCurrentProcess
GetVersion
OutputDebugStringA
FindClose
FindFirstFileA
GetSystemDirectoryA
GetExitCodeProcess
ExitProcess
InterlockedIncrement
LeaveCriticalSection
HeapAlloc
VirtualAlloc
GetSystemInfo
VirtualFree
GetProcAddress
LoadLibraryA
InterlockedDecrement
SetThreadPriority
CreateThread
CreateEventA
WaitForSingleObject
GetTickCount
SetFilePointer
GetModuleHandleA
GetFileAttributesA
GetDiskFreeSpaceA
GetVolumeInformationA
GetDriveTypeA
InitializeCriticalSection
EnterCriticalSection
SetEvent
WideCharToMultiByte
GetCPInfo
GetEnvironmentStringsW
SetConsoleMode
GetConsoleMode
GetCommandLineA
GetFullPathNameA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
UnhandledExceptionFilter
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
HeapReAlloc
HeapSize
SetStdHandle
GetACP
GetOEMCP
HeapDestroy
HeapCreate
RtlUnwind
GetStringTypeW
ReadConsoleInputA
LCMapStringA
LCMapStringW
FlushFileBuffers
GetStringTypeA

user32

wsprintfA
MessageBoxA
LoadStringA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Install.exe
License.txt
Local.dll
.dll windows:4 windows x86 arch:x86

3c41dd4da68b1f3823a2e4920078a3fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeEnvironmentStringsA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
GetCommandLineA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
WriteFile
HeapAlloc
HeapFree
VirtualAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetProcAddress
LoadLibraryA

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NoCD.pat
Readme.cnt
Readme.hlp
Riched20.dll
.dll windows:4 windows x86 arch:x86

f1b8da00f4263487d541e2ea5f136b35

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

crtdll

_wcsicmp
wcscmp
memset
wcsncpy
wcsncmp
memcpy
memcmp
wcscpy
strncmp
_ftol
strtoul
_initterm
malloc
__dllonexit
_wcsnicmp
_purecall
strlen
wcslen

kernel32

GlobalFree
GetVersion
LocalFree
LocalReAlloc
LocalAlloc
FreeLibrary
IsBadReadPtr
GetACP
IsValidCodePage
SetFilePointer
CloseHandle
WriteFile
ReadFile
GetLastError
GlobalHandle
lstrcmpiA
GetProfileIntA
GlobalFlags
lstrcpyA
lstrcmpA
LoadLibraryA
GetProcAddress
GetSystemDefaultLangID
IsDBCSLeadByte
GlobalAlloc
GlobalSize
GlobalReAlloc
EnterCriticalSection
GetThreadLocale
GetLocaleInfoA
LeaveCriticalSection
GetTickCount
IsBadWritePtr
Sleep
GlobalLock
lstrlenA
MulDiv
GlobalUnlock
GetVersionExA
GetProfileSectionA
GetStringTypeExA
OutputDebugStringA
GetSystemDefaultLCID
CompareStringA
CreateFileA
GetProfileSectionW
CompareStringW
CreateFileW
OutputDebugStringW
lstrcmpW
lstrcmpiW
MultiByteToWideChar
GetStringTypeExW
WideCharToMultiByte
DeleteCriticalSection
InitializeCriticalSection

user32

KillTimer
ScrollWindowEx
SetFocus
SetTimer
SetCursor
ClientToScreen
SetForegroundWindow
SetScrollInfo
IsClipboardFormatAvailable
IsChild
wsprintfA
GetCaretPos
TranslateMessage
RegisterClipboardFormatA
SystemParametersInfoA
GetDesktopWindow
GetDoubleClickTime
TrackPopupMenu
DestroyMenu
DestroyCaret
MessageBeep
ShowCaret
HideCaret
CreateCaret
UpdateWindow
SetScrollPos
EnableScrollBar
ShowScrollBar
IsWindowVisible
GetWindowRect
MapWindowPoints
GetDlgItem
GetFocus
BeginPaint
EndPaint
InvalidateRect
SetScrollRange
ReleaseDC
GetSysColor
IsIconic
GetParent
ActivateKeyboardLayout
SetCaretPos
GetClientRect
SetCapture
GetCursorPos
ScreenToClient
PeekMessageA
ReleaseCapture
GetMessageTime
GetMessagePos
IntersectRect
OffsetRect
InvertRect
CopyRect
InflateRect
PtInRect
wvsprintfA
SendMessageA
MessageBoxA
CharUpperA
CharLowerA
CharLowerW
CharLowerBuffW
CharUpperBuffW
DefWindowProcW
GetWindowLongW
LoadBitmapW
LoadCursorW
MessageBoxW
PostMessageW
RegisterClassW
SendMessageW
SetWindowLongW
UnregisterClassW
wvsprintfW
DefWindowProcA
GetWindowLongA
LoadBitmapA
LoadCursorA
PostMessageA
SetWindowLongA
GetKeyboardLayout
RegisterClassA
UnregisterClassA
RegisterWindowMessageA
GetKeyState
GetDC
GetAsyncKeyState
GetSystemMetrics

gdi32

CloseMetaFile
EnumMetaFile
DeleteMetaFile
GetObjectW
EnumFontFamiliesW
GetTextFaceW
CreateFontIndirectW
CreateICA
CreateICW
EnumFontFamiliesA
GetObjectA
CreateFontIndirectA
GetTextMetricsA
SetBkMode
GetTextFaceA
RestoreDC
Rectangle
GetCurrentObject
SelectObject
GetStockObject
SetROP2
SaveDC
SetTextAlign
ExtTextOutW
GetDeviceCaps
SetBkColor
GetTextMetricsW
CreateCompatibleBitmap
CreateCompatibleDC
RealizePalette
SelectPalette
DeleteDC
DeleteObject
GetOutlineTextMetricsA
IntersectClipRect
GetPixel
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
LPtoDP
GetMapMode
DPtoLP
SetMetaFileBitsEx
CreateBitmap
GetCharWidthW
GetCharWidthA
GetTextExtentPointW
ExtTextOutA
Escape
GetObjectType
GetTextAlign
SetTextColor
BitBlt
SetViewportExtEx
GetMetaFileBitsEx
CreatePatternBrush
CreateMetaFileA
SetWindowExtEx
CreatePalette
MoveToEx
CreateSolidBrush
PatBlt
CreatePen
LineTo

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

Exports

Exports

CreateTextServices
IID_IRichEditOle
IID_IRichEditOleCallback
IID_ITextHost
IID_ITextHost2
IID_ITextServices
_DllMain@12

Sections

.text
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Smackw32.dll
.dll windows:4 windows x86 arch:x86

dc69d2712ae58422570f2c7e9a9c52d4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SendMessageA
GetWindow
GetTopWindow
GetFocus
IsWindow
LoadStringA
IsWindowVisible
GetForegroundWindow
IsChild
SystemParametersInfoA
GetWindowRect
GetParent
ClientToScreen
GetClassInfoA
GetWindowLongA
CreateWindowExA
GetDC
ReleaseDC
GetClassLongA
LoadCursorA
SetWindowLongA
ShowWindow
GetSystemMetrics
SetWindowPos
SetFocus
CallWindowProcA
GetWindowThreadProcessId
GetActiveWindow
GetCursorPos
MessageBoxA
RegisterClassA
ShowCursor
PeekMessageA
ScreenToClient
SetCursor
DestroyWindow
UnregisterClassA
EndPaint
DefWindowProcA
BeginPaint
InvalidateRect

winmm

waveOutUnprepareHeader
timeKillEvent
timeSetEvent
waveOutGetID
waveOutSetVolume
waveOutReset
waveOutClose
waveOutOpen
waveOutPrepareHeader
waveOutWrite
timeGetTime

kernel32

FreeLibrary
lstrcpyA
GetCurrentProcessId
ReadFile
GetOEMCP
CloseHandle
GetCPInfo
GetStartupInfoA
GetACP
GetFileType
SetHandleCount
GetStdHandle
TerminateProcess
ExitProcess
GetCurrentProcess
HeapCreate
GetCommandLineA
HeapDestroy
GetProcAddress
GetModuleHandleA
GetVersion
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteFile
DisableThreadLibraryCalls
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
MultiByteToWideChar
FreeEnvironmentStringsA
SetFilePointer
GetProfileIntA
LoadLibraryA
SetErrorMode
LoadModule
HeapFree
GetModuleFileNameA
OutputDebugStringA
HeapAlloc
CreateFileA

gdi32

StretchBlt
GetPixel
SetPixel
CreateCompatibleBitmap
GetDIBits
SetStretchBltMode
StretchDIBits
BitBlt
PatBlt
DeleteDC
GetDeviceCaps
CreatePalette
SelectPalette
RealizePalette
DeleteObject
GetSystemPaletteUse
GetSystemPaletteEntries
CreateCompatibleDC
SelectObject

Exports

Exports

_CopyData@20
_SmackBlit@44
_SmackBlitClear@32
_SmackBlitClose@4
_SmackBlitMask@52
_SmackBlitMerge@52
_SmackBlitOpen@4
_SmackBlitSetFlags@8
_SmackBlitSetPalette@12
_SmackBlitString@8
_SmackBlitTrans@48
_SmackBufferBlit@32
_SmackBufferClear@8
_SmackBufferClose@4
_SmackBufferCopyPalette@12
_SmackBufferEndMultipleBlits@4
_SmackBufferFocused@4
_SmackBufferFromScreen@16
_SmackBufferNewPalette@12
_SmackBufferOpen@24
_SmackBufferSetPalette@4
_SmackBufferStartMultipleBlits@4
_SmackBufferString@8
_SmackBufferToBuffer@32
_SmackBufferToBufferMask@40
_SmackBufferToBufferMerge@40
_SmackBufferToBufferTrans@36
_SmackCheckCursor@20
_SmackClose@4
_SmackColorRemap@16
_SmackColorTrans@8
_SmackDDSurfaceType@4
_SmackDoFrame@4
_SmackFrameRate@4
_SmackGetTrackData@12
_SmackGoto@8
_SmackIsSoftwareCursor@8
_SmackNextFrame@4
_SmackOpen@12
_SmackRestoreCursor@4
_SmackSetSystemRes@4
_SmackSimulate@4
_SmackSoundCheck@0
_SmackSoundInTrack@8
_SmackSoundOnOff@8
_SmackSoundSetDirectSoundHWND@4
_SmackSoundUseDW@12
_SmackSoundUseDirectSound@4
_SmackSoundUseMSS@4
_SmackSoundUseWin@0
_SmackSummary@8
_SmackToBuffer@28
_SmackToBufferRect@8
_SmackToScreen@28
_SmackUseMMX@4
_SmackVolumePan@16
_SmackWait@4
_TimerFunc@20
_ailcallback@4
_radfree@4
_radmalloc@4

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_UNSTEXT
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
StarCraft.exe
.exe windows:4 windows x86 arch:x86

21e7ca335e42dff8d656d78e17055324

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

storm

ord140
ord106
ord119
ord109
ord130
ord115
ord137
ord139
ord117
ord120
ord123
ord102
ord122
ord121
ord128
ord138
ord101
ord116
ord256
ord462
ord134
ord440
ord436
ord443
ord438
ord432
ord354
ord437
ord468
ord351
ord523
ord524
ord529
ord525
ord452
ord334
ord331
ord332
ord261
ord257
ord264
ord275
ord255
ord258
ord423
ord252
ord266
ord272
ord502
ord118
ord133
ord103
ord451
ord424
ord421
ord321
ord105
ord112
ord107
ord457
ord454
ord458
ord313
ord386
ord389
ord393
ord390
ord385
ord383
ord314
ord216
ord422
ord425
ord206
ord211
ord431
ord221
ord434
ord445
ord125
ord113
ord222
ord357
ord346
ord506
ord208
ord114
ord505
ord323
ord325
ord269
ord265
ord253
ord267
ord268
ord463
ord276
ord274
ord342
ord442
ord465
ord503
ord350
ord356
ord453
ord501
ord260
ord426
ord127
ord401
ord403

shell32

FindExecutableA
ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

kernel32

WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapFree
HeapSize
HeapAlloc
HeapReAlloc
GetCurrentProcess
GetLocaleInfoA
SetLastError
TlsAlloc
LCMapStringW
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
ExitProcess
GetVersion
GetStartupInfoA
RtlUnwind
SetConsoleCtrlHandler
ExitThread
TlsSetValue
CreateThread
InterlockedIncrement
InterlockedDecrement
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetFileSize
RaiseException
GetStringTypeA
GetStringTypeW
VirtualAlloc
SetStdHandle
FlushFileBuffers
CreateFileA
SetFilePointer
SetEndOfFile
ReadFile
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetFileAttributesA
FreeLibrary
TlsGetValue
TerminateProcess
GetCurrentThreadId
LoadLibraryA
GetProcAddress
GetDateFormatA
GetTimeFormatA
SetEvent
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTickCount
Sleep
IsBadReadPtr
GetModuleHandleA
VirtualQuery
lstrcpynA
IsBadWritePtr
FormatMessageA
SetUnhandledExceptionFilter
GetLastError
CloseHandle
WaitForMultipleObjects
MulDiv
DeleteCriticalSection
GlobalMemoryStatus
FileTimeToSystemTime
FileTimeToLocalFileTime
CreateProcessA
GetFileAttributesA
WaitForSingleObject
CreateEventA
GetCommandLineA
GetDriveTypeA
GetLogicalDriveStringsA
SizeofResource
GetDiskFreeSpaceA
GetSystemInfo
LockResource
LoadResource
FindResourceA
CompareFileTime
CreateDirectoryA
InitializeCriticalSection

user32

PeekMessageA
InvalidateRect
ClipCursor
LoadStringA
PtInRect
DestroyAcceleratorTable
ReleaseCapture
SetCapture
PostMessageA
GetKeyState
SetFocus
FindWindowA
ShowCursor
SetCursorPos
GetCursorPos
SetCursor
LoadCursorA
EndPaint
BeginPaint
DefWindowProcA
DispatchMessageA
TranslateMessage
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
GetWindow
GetClassNameA
GetForegroundWindow
GetDesktopWindow
SetRect
GetActiveWindow
ReleaseDC
GetDC
SendMessageA
GetDlgItem
GetWindowLongA
OffsetRect
GetWindowRect
GetParent
SendDlgItemMessageA
ShowWindow
EnableWindow
UpdateWindow
DrawTextA
GetSysColor
GetFocus
ScreenToClient
GetClientRect
SetWindowLongA
MessageBoxA
SetWindowTextA
SetActiveWindow
SetForegroundWindow
EnumWindows
GetWindowThreadProcessId
WaitForInputIdle
KillTimer
SetTimer
DialogBoxParamA
SetDlgItemTextA
SetWindowPos
EndDialog
CreateWindowExA
GetSystemMetrics
RegisterClassA
LoadIconA
GetTopWindow
GetLastActivePopup
IsIconic

gdi32

GetPaletteEntries
DeleteDC
GetTextExtentPoint32A
SelectObject
CreateCompatibleDC
CreateFontIndirectA
GetObjectA
DeleteObject
GetTextMetricsA
ExtTextOutA
GetTextExtentExPointA
SetTextColor
SetBkColor
SetTextAlign
TextOutA
MoveToEx
CreateFontA
GetDeviceCaps
GetStockObject

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

advapi32

RegDeleteValueA
GetUserNameA
RegOpenKeyA

Sections

.text
Size: 853KB - Virtual size: 853KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
StarEdit.cnt
StarEdit.exe
.exe windows:4 windows x86 arch:x86

aadbadbe749e7407b10b4c7d07b4ed90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA
mmioRead
mmioDescend
mmioClose
mmioAscend
mmioOpenA

comctl32

ImageList_Destroy
ord14
PropertySheetA
ImageList_Create
ImageList_Add
ord17
ord6
ImageList_AddMasked
ImageList_ReplaceIcon
CreatePropertySheetPageA
ord13

storm

ord552
ord551
ord462
ord265
ord269
ord468
ord321
ord267
ord506
ord463
ord504
ord503
ord425
ord268
ord253
ord276
ord274
ord422
ord423
ord426
ord323
ord478
ord474
ord472
ord476
ord475
ord530
ord532
ord529
ord523
ord521
ord525
ord524
ord263
ord501
ord401
ord403
ord505
ord257
ord258
ord255
ord256
ord260
ord266
ord252

kernel32

LoadLibraryA
GetModuleFileNameA
FreeLibrary
SetLastError
GetProcAddress
GetCurrentProcess
GetTickCount
GetVersionExA
CopyFileA
WriteFile
HeapCreate
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
RaiseException
FlushFileBuffers
SetFileAttributesA
GetTempPathA
GetTempFileNameA
CreateFileA
GetFileSize
ReadFile
CloseHandle
SetCurrentDirectoryA
DeleteFileA
FindResourceA
SizeofResource
LoadResource
LockResource
GetCommandLineA
GetDriveTypeA
GetLogicalDriveStringsA
GetModuleHandleA
GetStartupInfoA
GetVersion
RtlUnwind
TerminateProcess
GetCPInfo
GetACP
GetOEMCP
HeapReAlloc
HeapAlloc
HeapSize
HeapFree
UnhandledExceptionFilter
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
GetLastError
CreateMutexA
GetFileAttributesA
SetEndOfFile
VirtualUnlock
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
VirtualLock
VirtualAlloc
GetDiskFreeSpaceA
GetCurrentDirectoryA
GetCurrentThreadId
ExitProcess
FormatMessageA
InitializeCriticalSection
DeleteCriticalSection
VirtualFree
SetFilePointer
LeaveCriticalSection
EnterCriticalSection
GetLocalTime
CreateEventA
Sleep
WaitForMultipleObjects

user32

GetScrollInfo
SetScrollInfo
TrackPopupMenu
GetSubMenu
ScrollWindow
SetCursorPos
ClientToScreen
CheckMenuItem
GetMenuState
DestroyMenu
IsMenu
SetMenuItemInfoA
GetMenuItemInfoA
InsertMenuItemA
LoadMenuA
AdjustWindowRectEx
ClipCursor
DrawEdge
CopyRect
CheckRadioButton
GetDlgCtrlID
SetDlgItemInt
SendDlgItemMessageA
WindowFromPoint
InsertMenuA
DeleteMenu
GetMenuItemID
GetMenuItemCount
GetMenuStringA
GetTopWindow
GetSystemMetrics
LoadStringA
MessageBoxA
ExitWindowsEx
DdeUninitialize
DdeNameService
DdeFreeStringHandle
WaitMessage
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
TranslateMDISysAccel
PeekMessageA
LoadAcceleratorsA
DdeCreateStringHandleA
DdeInitializeA
DdeCmpStringHandles
DdeAccessData
SetParent
IsWindowEnabled
GetNextDlgTabItem
GetFocus
DefMDIChildProcA
MessageBeep
SetCapture
GetCursorPos
GetDCEx
LoadIconA
GetDlgItemTextA
SetDlgItemTextA
ScreenToClient
RegisterWindowMessageA
GetDC
ReleaseDC
EnableWindow
WinHelpA
DestroyWindow
UpdateWindow
GetWindowRect
CreateDialogParamA
SetWindowPos
ShowWindow
IsDialogMessageA
LoadImageA
FillRect
EndDialog
GetDlgItem
GetWindowTextA
IsDlgButtonChecked
SetWindowTextA
CheckDlgButton
IsRectEmpty
GetWindowLongA
SetWindowLongA
SetFocus
DrawFocusRect
GetSysColor
GetParent
CallWindowProcA
SetRect
IntersectRect
FrameRect
PostMessageA
OffsetRect
UnionRect
InflateRect
PtInRect
GetClientRect
MoveWindow
LoadBitmapA
GetUpdateRgn
BeginPaint
EndPaint
InvalidateRect
LockWindowUpdate
DefWindowProcA
LoadCursorA
RegisterClassExA
CreateWindowExA
SendMessageA
DialogBoxParamA
GetCapture
ReleaseCapture
GetMenu
SetRectEmpty
EnableMenuItem
GetWindowPlacement
SubtractRect
SetCursor
wsprintfA
PostQuitMessage
SetTimer
GetWindow
IsWindow
DefFrameProcA
EnumChildWindows
GetSysColorBrush
DrawTextA
DrawMenuBar
KillTimer
GetDlgItemInt
ShowCursor

gdi32

DeleteObject
CreateSolidBrush
TextOutA
SetTextColor
SetBkMode
GetStockObject
DeleteDC
BitBlt
CreateCompatibleDC
ExtTextOutA
SetBkColor
RectInRegion
CreatePalette
GetDIBColorTable
GetObjectA
StretchBlt
SetStretchBltMode
SelectPalette
SetPaletteEntries
PatBlt
CreateBitmap
DPtoLP
RealizePalette
GetSystemPaletteEntries
GetDeviceCaps
CreateDIBSection
Polyline
CreatePen
SetWindowOrgEx
LineTo
MoveToEx
GetRegionData
CreateRectRgn
CreatePatternBrush
SelectObject

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

GetUserNameA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueA

shell32

SHGetFileInfoA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 523KB - Virtual size: 523KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
StarEdit.hlp
battle.snp
.dll windows:4 windows x86 arch:x86

845ca901317fdfb13d02b1b9860bf1c4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
SetThreadPriority
GetVersion
IsBadWritePtr
SetEvent
InterlockedDecrement
InterlockedIncrement
TerminateThread
GetComputerNameA
CreateEventA
DuplicateHandle
GetCurrentThread
GetCurrentProcess
GetLocaleInfoA
GetUserDefaultLangID
GetUserDefaultLCID
GetSystemDefaultLCID
LoadLibraryA
WaitForSingleObject
GetDiskFreeSpaceA
GlobalMemoryStatus
GetSystemInfo
IsBadReadPtr
GetFileSize
GetFileTime
SetFileTime
RtlUnwind
GetLastError
CreateThread
GetCurrentThreadId
TlsSetValue
ExitThread
GetCommandLineA
ExitProcess
HeapFree
TerminateProcess
GetLocalTime
GetTimeZoneInformation
HeapSize
GetProcAddress
FreeLibrary
LCMapStringA
LCMapStringW
TlsAlloc
TlsFree
SetLastError
TlsGetValue
UnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetStdHandle
FlushFileBuffers
GetStringTypeA
GetStringTypeW
SetEndOfFile
GetLocaleInfoW
LeaveCriticalSection
CompareStringW
SetEnvironmentVariableA
DeleteCriticalSection
InitializeCriticalSection
DeleteFileA
LoadResource
LockResource
SizeofResource
FindResourceExA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDateFormatA
MulDiv
FindResourceA
GetTickCount
GetSystemTime
SystemTimeToFileTime
CompareFileTime
WriteFile
GetModuleFileNameA
CreateFileA
ReadFile
SetFilePointer
EnterCriticalSection
CloseHandle
MultiByteToWideChar
WideCharToMultiByte
HeapReAlloc
HeapAlloc
CompareStringA
GetModuleHandleA

user32

GetClassInfoA
RegisterClassA
LoadCursorA
PtInRect
ReleaseCapture
SetSysColors
GetCapture
SetCapture
DefWindowProcA
EndPaint
BeginPaint
ScreenToClient
GetWindowRect
CreateWindowExA
FrameRect
GetDCEx
GetNextDlgTabItem
GetKeyState
RemovePropA
UnregisterClassA
ShowCursor
MessageBoxA
IsWindowEnabled
SetDlgItemTextA
GetDlgItemTextA
wsprintfA
LoadStringA
OffsetRect
GetCursorPos
MsgWaitForMultipleObjects
GetDC
GetSysColor
TranslateMessage
IsDialogMessageA
PeekMessageA
ShowWindow
GetFocus
SetWindowTextA
FindWindowA
GetLastActivePopup
UpdateWindow
IsWindow
DestroyWindow
GetActiveWindow
SetWindowPos
SetCursor
GetDesktopWindow
SetForegroundWindow
SetRect
GetClientRect
InvalidateRect
SendDlgItemMessageA
GetPropA
CallWindowProcA
GetDlgItem
EnableWindow
SendMessageA
SetWindowLongA
SetPropA
SetFocus
GetWindowLongA
GetParent
PostMessageA
CharLowerBuffA
SetActiveWindow
DispatchMessageA
ReleaseDC

gdi32

SetTextColor
CreateFontIndirectA
GetObjectA
GetTextExtentExPointA
SelectObject
TextOutA
SetTextAlign
MoveToEx
SetBkColor
ExtTextOutA
CreateSolidBrush
CreatePatternBrush
CreateBitmap
SetBkMode
CreateRectRgn
DeleteDC
GetTextMetricsA
CreateCompatibleDC
GetPaletteEntries
GetStockObject
DeleteObject

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
GetUserNameA

storm

ord210
ord431
ord434
ord433
ord342
ord204
ord425
ord463
ord118
ord465
ord503
ord427
ord506
ord422
ord426
ord253
ord208
ord269
ord265
ord268
ord251
ord266
ord424
ord357
ord343
ord217
ord205
ord203
ord215
ord423
ord455
ord346
ord457
ord202
ord219
ord321
ord458
ord313
ord213
ord206
ord216
ord211
ord315
ord252
ord302
ord501
ord401
ord403

wsock32

setsockopt
recv
connect
getsockname
gethostbyname
send
recvfrom
getpeername
bind
htons
WSAStartup
socket
sendto
ioctlsocket
WSACleanup
closesocket

shell32

ShellExecuteA
FindExecutableA

Exports

Exports

SnpBind
SnpQuery

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
noboot.dat
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 320KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
standard.snp
.dll windows:4 windows x86 arch:x86

f891e2441cddb9a2484c35190eecaf01

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeEnvironmentStringsA
DeleteCriticalSection
SetLastError
LeaveCriticalSection
FreeLibrary
EnterCriticalSection
CloseHandle
WaitForSingleObject
GetVersion
SetThreadPriority
GetProcAddress
LoadLibraryA
GetTickCount
IsBadWritePtr
SetEvent
Sleep
LockResource
LoadResource
FindResourceExA
WaitForMultipleObjects
ReadFile
ResetEvent
GetLastError
GetOverlappedResult
WriteFile
CreateEventA
LocalFree
LocalAlloc
QueryPerformanceCounter
SetCommState
GetCommState
SetCommTimeouts
InterlockedIncrement
CreateFileA
CreateThread
GetCurrentThreadId
TlsSetValue
ExitThread
GetCommandLineA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapAlloc
HeapSize
InterlockedDecrement
HeapFree
TlsAlloc
TlsFree
TlsGetValue
UnhandledExceptionFilter
RtlUnwind
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
InitializeCriticalSection
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetLocaleInfoA
LCMapStringA
LCMapStringW
SetFilePointer
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
GetLocaleInfoW

user32

wsprintfA
GetClientRect
PostMessageA
InvalidateRect
GetDlgItem
KillTimer
SetDlgItemTextA
GetDlgItemTextA
SendDlgItemMessageA
EnableWindow
SendMessageA
LoadStringA
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageA
GetCursorPos
SetTimer

storm

ord211
ord401
ord501
ord208
ord346
ord216
ord222
ord403
ord206
ord118
ord357
ord423
ord465

Exports

Exports

SnpBind
SnpQuery

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
storm.dll
.dll windows:4 windows x86 arch:x86

bd09f4b3d8becf73d0ded2381b6112de

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

crtdll

wcslen
wcstombs
strpbrk
_strupr
_purecall
strtol
vsprintf
qsort
_ftol
_CIpow
strncmp
_strnicmp
toupper
_fullpath
strstr
_stricmp
strtoul

kernel32

CreateFileMappingA
SetEvent
MapViewOfFile
SetThreadPriority
CreateThread
CreateEventA
WaitForSingleObject
GetLastError
SetFilePointer
Sleep
GetDiskFreeSpaceA
GetVolumeInformationA
GetDriveTypeA
GetFileAttributesA
FreeLibrary
UnmapViewOfFile
GetCurrentProcess
SetLastError
GetSystemInfo
VirtualQuery
VirtualUnlock
FindNextFileA
SystemTimeToFileTime
GetSystemTime
VirtualLock
CreateProcessA
DeleteFileA
SetUnhandledExceptionFilter
GetTempFileNameA
GetTempPathA
HeapAlloc
FormatMessageA
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameA
FindFirstFileA
FindClose
OutputDebugStringA
GetVersion
GetExitCodeProcess
VirtualAlloc
TerminateProcess
CloseHandle
ReadFile
GetProcessHeap
HeapFree
WriteFile
LoadLibraryA
SizeofResource
FreeResource
VirtualFree
GetProcAddress
DeleteCriticalSection
CreateFileA
GetCurrentProcessId
FindResourceA
LoadResource
LockResource
MulDiv
GetModuleHandleA
GetTickCount
GetFileSize
ExitProcess
GetLocalTime
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection

user32

RemovePropA
CallWindowProcA
SetActiveWindow
GetActiveWindow
EnableWindow
IsWindowEnabled
ReleaseDC
GetDC
SetCursor
DrawFocusRect
DrawEdge
CreateWindowExA
SetFocus
ShowWindow
AdjustWindowRectEx
GetFocus
DispatchMessageA
TranslateMessage
IsDialogMessageA
PostQuitMessage
PeekMessageA
DestroyWindow
EndDialog
EndPaint
GetDlgItem
FindWindowExA
GetWindowThreadProcessId
MessageBoxA
LoadIconA
CreateCursor
GetSystemMetrics
GetForegroundWindow
DestroyCursor
SetWindowLongA
DefDlgProcA
SetDlgItemTextA
SendDlgItemMessageA
GetDlgCtrlID
GetWindowTextLengthA
GetWindowTextA
DrawTextA
SendMessageA
SetPropA
InvalidateRect
DefWindowProcA
LoadCursorA
RegisterClassA
GetClassInfoA
ScreenToClient
GetTopWindow
GetCursorPos
ShowCursor
ClientToScreen
GetWindow
GetDesktopWindow
GetClientRect
GetParent
GetClassNameA
GetPropA
IsWindow
GetWindowLongA
GetUpdateRgn
GetClassLongA
SetClassLongA
BeginPaint
LoadStringA
wsprintfA
GetMessageA
GetDlgItemTextA
GetWindowRect
PostMessageA
IsWindowVisible
IsIconic
IntersectRect

gdi32

DeleteObject
CreateRectRgn
CombineRgn
GdiFlush
GetRegionData
RectInRegion
GetStockObject
SetTextColor
GetCharABCWidthsA
GetTextExtentPoint32A
SetTextAlign
SetBkMode
DeleteDC
GetTextMetricsA
GetCurrentObject
CreateCompatibleDC
CreateFontA
SetBkColor
GetSystemPaletteEntries
SelectPalette
CreatePalette
GetDeviceCaps
RealizePalette
SetPaletteEntries
GetDIBits
ExtTextOutA
Rectangle
CreateDIBitmap
SelectObject

advapi32

RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegFlushKey
RegOpenKeyExA

comdlg32

GetSaveFileNameA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 648KB

UPX1 Size: 18KB - Virtual size: 20KB

.rsrc Size: 54KB - Virtual size: 56KB

23a320559023c8f8e95656c5e186588c

Headers

File Characteristics

Imports

comctl32

shlwapi

kernel32

user32

gdi32

comdlg32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 79KB - Virtual size: 79KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 7KB - Virtual size: 14KB

.rsrc Size: 1024B - Virtual size: 564B

.reloc Size: 7KB - Virtual size: 6KB

153027ec3b10bcea606b777657dd3402

Headers

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 172B

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 1024B - Virtual size: 784B

.data Size: 512B - Virtual size: 92B

.reloc Size: 512B - Virtual size: 496B

308dbf2136b37be830bdd627b8ff3095

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 1024B - Virtual size: 532B

.data Size: 512B - Virtual size: 37KB

.reloc Size: 512B - Virtual size: 296B

211a1ac2159862c6038f1d798175f2be

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 10KB - Virtual size: 15KB

.rsrc Size: 62KB - Virtual size: 62KB

.reloc Size: 1KB - Virtual size: 1KB

UPX0
Size: - Virtual size: 648KB

UPX1
Size: 18KB - Virtual size: 20KB

.rsrc
Size: 54KB - Virtual size: 56KB

.text
Size: 79KB - Virtual size: 79KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 7KB - Virtual size: 14KB

.rsrc
Size: 1024B - Virtual size: 564B

.reloc
Size: 7KB - Virtual size: 6KB

.text
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 172B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 92B

.reloc
Size: 512B - Virtual size: 496B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 1024B - Virtual size: 532B

.data
Size: 512B - Virtual size: 37KB

.reloc
Size: 512B - Virtual size: 296B

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 10KB - Virtual size: 15KB

.rsrc
Size: 62KB - Virtual size: 62KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 43KB - Virtual size: 43KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 14KB - Virtual size: 28KB

.idata
Size: 3KB - Virtual size: 2KB

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 9KB

.rsrc
Size: 29KB - Virtual size: 28KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 232KB - Virtual size: 232KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 14KB

.idata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 28KB - Virtual size: 28KB

.reloc
Size: 8KB - Virtual size: 8KB

.text
Size: 49KB - Virtual size: 49KB

_UNSTEXT
Size: 19KB - Virtual size: 18KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 6KB - Virtual size: 7KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 5KB