f5c3d286ede64fec2c86c8ca454d3751_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f5c3d286ede64fec2c86c8ca454d3751_JaffaCakes118
Size

2.5MB
MD5

f5c3d286ede64fec2c86c8ca454d3751
SHA1

4664726e49bb81b5f255bb07ea9588da4c24e545
SHA256

39f16068b6954031a7398ec6b51137acb27c7d130f6170f1fedd698c23cfa272
SHA512

39f4f3a0d42416e00029995d39fb56b151cadec583a820f455b1acbc9dbb3d87568d8d9778c3299c75c24c50dbe27bc5ea3b161bc8d46a51015b7d1c633cd396
SSDEEP

49152:ohv3DkbXNvilnA9DvzCKjIdo1ZONeOcoUCyPwONMLjVh7Xc:av3DusCdvHjIdonOcCI5NMLjVh7Xc

Score

9^/10

upx

Malware Config

Signatures

Detected Nirsoft tools 1 IoCs

Free utilities often used by attackers which can steal passwords, product keys, etc.

resource	yara_rule
static1/unpack002/out.upx	Nirsoft

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/nircmd.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/out.upx

Files

f5c3d286ede64fec2c86c8ca454d3751_JaffaCakes118
.rar
蚂蚁浏览器(MyIE) V359/MyIE9.exe
.exe windows:4 windows x86 arch:x86

0ccbb82d190a32b64fc39452b62bc498

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

9f:ea:c8:11:b0:f1:62:47:a5:fc:20:d8:05:23:ac:e6
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

05/05/2015, 00:00

Not After

31/12/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d1:65:e0:13:9c:86:dc:e2:e5:3c:57:2e:7e:63:53:5c
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

15/08/2012, 00:00

Not After

15/08/2015, 23:59

Subject

CN=MyIE,O=MyIE,POSTALCODE=100082,STREET=ShangDi 10 street Jia 10 Number\, Haidian,L=Beijing,ST=China,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

f4:49:b1:5f:da:6e:cf:4b:0e:fa:f3:7d:8a:cb:7d:45:92:28:c8:73
Signer

Actual PE Digest

f4:49:b1:5f:da:6e:cf:4b:0e:fa:f3:7d:8a:cb:7d:45:92:28:c8:73

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
SetErrorMode
LocalAlloc
TlsAlloc
GlobalUnlock
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetModuleHandleA
GetModuleHandleW
GlobalFindAtomW
GlobalAddAtomW
GetVersion
FreeLibrary
LoadLibraryA
GetProcessVersion
FileTimeToSystemTime
FileTimeToLocalFileTime
GetStartupInfoW
ExitProcess
RtlUnwind
GetDriveTypeW
GetTimeZoneInformation
HeapFree
SetStdHandle
GetFileType
TerminateProcess
RaiseException
HeapReAlloc
LeaveCriticalSection
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
GetCurrentDirectoryA
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetCPInfo
GetDriveTypeA
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
DeleteCriticalSection
InitializeCriticalSection
SetLastError
GlobalLock
lstrcmpW
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
lstrcmpiW
GetFullPathNameW
lstrcpynW
GetProcAddress
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
MultiByteToWideChar
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
lstrcatW
HeapAlloc
HeapSize
FormatMessageW
LocalFree
FindFirstFileW
FindNextFileW
FindClose
CloseHandle
RemoveDirectoryW
lstrcpyW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
DeleteFileW
GetLastError
CopyFileW
Sleep
lstrlenW
GlobalAlloc
WideCharToMultiByte
GlobalFree
WritePrivateProfileStringW
UnhandledExceptionFilter

user32

RegisterWindowMessageW
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
DefWindowProcW
RemovePropW
CallWindowProcW
GetPropW
SetPropW
CreateWindowExW
DestroyWindow
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassW
GetClassInfoW
WinHelpW
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconW
GetSysColorBrush
DestroyMenu
SystemParametersInfoW
IsIconic
GetWindowPlacement
GrayStringW
DrawTextW
TabbedTextOutW
ReleaseDC
GetDC
GetMenuItemCount
GetWindow
GetWindowRect
PtInRect
GetClassNameW
ClientToScreen
LoadCursorW
GetCapture
LoadStringW
SetFocus
ShowWindow
SetWindowPos
SetWindowLongW
GetDlgCtrlID
GetWindowTextW
SetWindowTextW
GetDlgItem
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageW
GetCursorPos
SetWindowsHookExW
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongW
MessageBoxW
EnableWindow
SetCursor
SendMessageW
PostQuitMessage
PostMessageW
GetSystemMetrics
wsprintfW
GetMenuState
UnregisterClassW

gdi32

SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SetViewportExtEx
GetDeviceCaps
SelectObject
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
GetObjectW
ScaleViewportExtEx
RestoreDC
SaveDC
DeleteDC
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkColor
CreateBitmap
DeleteObject
GetStockObject

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegCreateKeyExW

shell32

ShellExecuteW

comctl32

ord17

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
蚂蚁浏览器(MyIE) V359/MyIE9Data/CacheWebIcons/ai.taobao.com.ico
蚂蚁浏览器(MyIE) V359/MyIE9Data/CacheWebIcons/dh.myie9.com.ico
蚂蚁浏览器(MyIE) V359/MyIE9Data/CacheWebIcons/union.click.jd.com.ico
蚂蚁浏览器(MyIE) V359/MyIE9Data/CacheWebIcons/www.baidu.com.ico
蚂蚁浏览器(MyIE) V359/MyIE9Data/Language/ChineseBig5.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Language/ChineseGB.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Language/English.ini
.js
蚂蚁浏览器(MyIE) V359/MyIE9Data/Language/ja.ini
.js
蚂蚁浏览器(MyIE) V359/MyIE9Data/MyIE9.exe
.exe windows:4 windows x86 arch:x86

c04531e9d84120a1b169123a8e719751

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

9f:ea:c8:11:b0:f1:62:47:a5:fc:20:d8:05:23:ac:e6
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

05/05/2015, 00:00

Not After

31/12/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d1:65:e0:13:9c:86:dc:e2:e5:3c:57:2e:7e:63:53:5c
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

15/08/2012, 00:00

Not After

15/08/2015, 23:59

Subject

CN=MyIE,O=MyIE,POSTALCODE=100082,STREET=ShangDi 10 street Jia 10 Number\, Haidian,L=Beijing,ST=China,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

9b:50:7a:b5:c1:d1:59:f0:fd:76:da:9e:d8:47:66:0e:5d:5a:5f:d3
Signer

Actual PE Digest

9b:50:7a:b5:c1:d1:59:f0:fd:76:da:9e:d8:47:66:0e:5d:5a:5f:d3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSAStartup
WSACleanup
gethostname
gethostbyname

winmm

sndPlaySoundW

kernel32

GetEnvironmentStrings
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapCreate
VirtualFree
FatalAppExitA
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetCurrentDirectoryA
SetCurrentDirectoryA
IsBadReadPtr
IsBadCodePtr
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
GetFullPathNameA
GetDriveTypeA
SetConsoleCtrlHandler
CompareStringA
CompareStringW
GetACP
GetOEMCP
GetEnvironmentStringsW
GlobalUnlock
GlobalLock
GetTickCount
lstrlenW
GetLocalTime
GetLastError
CopyFileW
CloseHandle
GetFileSize
CreateFileW
FreeLibrary
GetProcAddress
LoadLibraryW
GetFullPathNameW
FindClose
FindNextFileW
lstrcmpiW
lstrcmpW
FindFirstFileW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetPrivateProfileStringW
DeleteFileW
MoveFileW
FindNextFileA
FileTimeToDosDateTime
FindFirstFileA
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcpyW
lstrcatW
ExpandEnvironmentStringsW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
SetStdHandle
TerminateProcess
ExitThread
CreateThread
GetDriveTypeW
GetProfileStringA
GlobalAddAtomA
FindResourceA
GetSystemTime
GetTimeZoneInformation
HeapReAlloc
RtlUnwind
GetStartupInfoW
GetDiskFreeSpaceW
SetErrorMode
SetFileAttributesW
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileAttributesW
GetProcessVersion
SizeofResource
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GetCurrentThread
LeaveCriticalSection
EnterCriticalSection
GetThreadLocale
GetStringTypeExW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
ReadFile
DuplicateHandle
GlobalGetAtomNameW
CreateEventW
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
MulDiv
SetLastError
GetProfileIntW
GetModuleHandleA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LockResource
FindResourceW
LoadResource
LoadLibraryA
RaiseException
InterlockedExchange
MultiByteToWideChar
GetTempFileNameW
GetLogicalDriveStringsW
HeapSize
GetSystemDirectoryW
GetVolumeInformationW
FormatMessageW
GetFileInformationByHandle
RemoveDirectoryW
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcmpA
lstrcpynW
GetVersion
GetModuleFileNameW
GetModuleHandleW
GetShortPathNameW
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
GetCommandLineW
DeleteCriticalSection
HeapDestroy
CreateSemaphoreW
lstrcmpiA
GetPrivateProfileSectionW
GlobalMemoryStatus
DeleteFileA
GetTempPathW
LocalAlloc
LocalFree
lstrlenA
GetCurrentProcessId
GetCurrentThreadId
ExitProcess
QueryPerformanceCounter
QueryPerformanceFrequency
WritePrivateProfileSectionW
OpenProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetLocaleInfoW
Sleep
CreateProcessW
WaitForSingleObject
SetProcessWorkingSetSize
GetUserDefaultLangID
WritePrivateProfileStructW
GetPrivateProfileStructW
SetFilePointer
WriteFile
GetCurrentProcess
HeapAlloc
GetVersionExW
HeapFree
GetProcessHeap
WideCharToMultiByte
GlobalFree
GlobalSize
GlobalAlloc
SetEnvironmentVariableA

user32

ValidateRect
EndPaint
BeginPaint
GetWindowDC
IsClipboardFormatAvailable
wvsprintfW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
MoveWindow
SetWindowTextW
IsDialogMessageW
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SendDlgItemMessageW
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
EqualRect
DeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxW
GetCapture
WinHelpW
wsprintfW
GetClassInfoW
RegisterClassW
GetMenu
SetWindowPlacement
GetWindowTextLengthW
GetDlgCtrlID
CallWindowProcW
RemovePropW
DefWindowProcW
GetMessageTime
GetMessagePos
IntersectRect
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
IsWindowEnabled
SetRect
DrawEdge
DrawIconEx
GrayStringW
LoadAcceleratorsW
TabbedTextOutW
GetSystemMenu
SetParent
GetDCEx
FillRect
BeginDeferWindowPos
EndDeferWindowPos
OffsetRect
InflateRect
EnumChildWindows
GetDoubleClickTime
GetMessageW
GetPropW
GetLastActivePopup
SetMenu
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
GetSysColorBrush
CreateWindowExW
GetClassNameW
ExcludeUpdateRgn
GetWindowTextA
DrawTextA
DrawFocusRect
GetClassInfoA
DefDlgProcA
DefWindowProcA
CharNextA
CallWindowProcA
GetWindowTextW
GetMenuItemRect
SetWindowPos
DefMDIChildProcW
FindWindowW
BringWindowToTop
SetFocus
SetForegroundWindow
ReleaseDC
DeleteMenu
FindWindowExW
IsZoomed
UpdateWindow
IsIconic
SetMenuDefaultItem
DestroyAcceleratorTable
CreateAcceleratorTableW
DrawMenuBar
WindowFromPoint
IsChild
SetPropW
GetSystemMetrics
RegisterWindowMessageW
UnregisterHotKey
RegisterHotKey
CopyAcceleratorTableW
GetKeyboardLayout
MapVirtualKeyExW
GetKeyNameTextW
CharNextW
CharLowerBuffW
EnumWindows
GetWindowThreadProcessId
PeekMessageW
TranslateAcceleratorW
ReuseDDElParam
UnpackDDElParam
LoadStringW
DefFrameProcW
PostThreadMessageW
RemoveMenu
InvertRect
MapDialogRect
SetWindowContextHelpId
MessageBeep
ShowOwnedPopups
PostQuitMessage
DrawTextW
CharUpperW
TranslateMessage
DispatchMessageW
SetMenuInfo
GetDC
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetFocus
MapVirtualKeyW
keybd_event
SetMenuItemInfoW
GetNextDlgGroupItem
GetDesktopWindow
SetTimer
ModifyMenuW
LockWindowUpdate
TrackPopupMenuEx
SystemParametersInfoW
GetDialogBaseUnits
GetCursorPos
LoadMenuW
InsertMenuW
TrackPopupMenu
DestroyMenu
LoadImageW
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA
GetPropA
GetAsyncKeyState
SetWindowLongW
LoadBitmapW
KillTimer
GetWindow
LoadIconW
GetMenuItemCount
GetMenuItemInfoW
GetMenuState
GetMenuItemID
CheckMenuItem
EnableMenuItem
GetParent
UnionRect
IsRectEmpty
SetRectEmpty
GetWindowLongW
ShowWindow
CreatePopupMenu
ClientToScreen
IsMenu
AppendMenuW
GetSubMenu
GetMenuStringW
GetWindowRect
PtInRect
CopyRect
GetClientRect
DestroyIcon
ReleaseCapture
SetCapture
InvalidateRect
GetForegroundWindow
TranslateMDISysAccel
PostMessageW
GetCursor
ScreenToClient
SetCursor
RedrawWindow
LoadCursorW
GetSysColor
RegisterClipboardFormatW
GetKeyState
SendMessageW
IsWindow
IsWindowVisible
EnableWindow
ShowCaret
HideCaret
GetWindowTextLengthA
UnregisterClassW
GetClassLongW

gdi32

PolyBezierTo
GetClipRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetViewportExtEx
GetWindowExtEx
ExtCreatePen
SetColorAdjustment
CreatePatternBrush
CreateDIBPatternBrushPt
SetRectRgn
CombineRgn
DPtoLP
LPtoDP
GetBkColor
GetTextMetricsW
CopyMetaFileW
CreateDCW
PolylineTo
PolyDraw
SetArcDirection
ArcTo
GetCurrentPositionEx
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
MoveToEx
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
RestoreDC
SaveDC
StartDocW
CreateRectRgnIndirect
CreateFontW
GetCharWidthW
StretchDIBits
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
GetBkMode
Ellipse
CreatePen
CreateDIBSection
DeleteDC
Escape
TextOutW
RectVisible
PtVisible
CreateRectRgn
GetTextColor
GetDeviceCaps
ExtTextOutW
EnumFontFamiliesW
PatBlt
GetTextExtentPoint32W
CreateBitmap
CreateCompatibleBitmap
GetMapMode
GetObjectW
CreateCompatibleDC
SelectObject
BitBlt
CreateSolidBrush
CreateFontIndirectW
GetStockObject
ExtTextOutA
GetTextExtentPointA
CreateHatchBrush
CreateDIBitmap
DeleteObject

comdlg32

GetSaveFileNameW
ChooseColorW
GetOpenFileNameW
GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegDeleteKeyW
RegEnumKeyW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyW
RegDeleteValueW
CopySid
GetLengthSid
GetTokenInformation
OpenProcessToken
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
RegGetKeySecurity
RegOpenKeyExW
FreeSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAce
InitializeAcl
AllocateAndInitializeSid
RegQueryInfoKeyW
RegSetKeySecurity
RegCreateKeyW
RegQueryValueExA
RegEnumKeyExW
RegSetValueW
SetFileSecurityW
GetUserNameW
GetFileSecurityW
RegQueryValueW

shell32

DragAcceptFiles
SHGetFileInfoW
ExtractIconExW
Shell_NotifyIconW
DragFinish
SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW
ShellExecuteW
SHGetMalloc
SHGetDesktopFolder
DragQueryFileW
ExtractIconW

comctl32

ImageList_AddMasked
_TrackMouseEvent
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_BeginDrag
ImageList_DragShowNolock
ImageList_DragMove
ImageList_EndDrag
ImageList_DragLeave
ImageList_DragEnter
ImageList_SetImageCount
ImageList_GetImageCount
InitCommonControlsEx
ImageList_GetIconSize
ord17
ord13
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageW
ImageList_Merge
ImageList_Read
ImageList_Write
ImageList_DrawIndirect
ImageList_Duplicate
ImageList_Draw

oledlg

OleUIBusyW

ole32

StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemAlloc
CreateStreamOnHGlobal
OleDuplicateData
CreateBindCtx
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRun
CLSIDFromString
CLSIDFromProgID
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoDisconnectObject
OleGetClipboard
ReleaseStgMedium
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoRegisterClassObject
CoRevokeClassObject
CoUninitialize
CoInitialize
CoTaskMemFree
CoGetClassObject
CoCreateInstance
CoTreatAsClass
CoRegisterMessageFilter
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
StgOpenStorageOnILockBytes

olepro32

ord253

oleaut32

SysStringLen
VariantTimeToSystemTime
SysReAllocStringLen
SysAllocStringLen
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromDate
VarDateFromStr
VarBstrFromCy
VarCyFromStr
SysFreeString
SysAllocString
VariantClear
VariantInit
LoadTypeLi
RegisterTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
VariantChangeType
SysStringByteLen
SysAllocStringByteLen

urlmon

CoInternetGetSession
URLDownloadToFileW
ObtainUserAgentString
UrlMkSetSessionOption

gdiplus

GdipDisposeImage
GdipFree
GdipCloneImage
GdipAlloc
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusShutdown
GdiplusStartup
GdipReleaseDC
GdipGetDC
GdipSaveImageToFile
GdipCreateBitmapFromScan0

wininet

FtpDeleteFileW
InternetSetFilePointer
InternetGetCookieW
InternetSetCookieW
InternetSetStatusCallback
InternetSetOptionExW
InternetOpenUrlW
InternetCanonicalizeUrlW
InternetCrackUrlW
GetUrlCacheEntryInfoExW
InternetOpenW
InternetCloseHandle
InternetSetOptionW
InternetGetLastResponseInfoW
GopherFindFirstFileW
InternetFindNextFileW
FtpFindFirstFileW
HttpQueryInfoW
HttpSendRequestExW
HttpEndRequestW
HttpSendRequestW
HttpAddRequestHeadersW
InternetErrorDlg
HttpOpenRequestW
GopherOpenFileW
GopherGetAttributeW
GopherCreateLocatorW
FtpGetFileW
FtpPutFileW
FtpOpenFileW
FtpGetCurrentDirectoryW
FtpSetCurrentDirectoryW
FtpRemoveDirectoryW
FtpCreateDirectoryW
FtpRenameFileW
GetUrlCacheEntryInfoW
InternetConnectW
InternetQueryDataAvailable
InternetReadFile
DeleteUrlCacheEntryW
InternetCombineUrlW
InternetQueryOptionW
FindCloseUrlCache
FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW
InternetWriteFile

wintrust

WinVerifyTrust

crypt32

CryptDecodeObject
CertGetNameStringW
CryptQueryObject
CryptMsgGetParam
CertFindCertificateInStore
CertFreeCertificateContext
CryptMsgClose
CertCloseStore

Exports

Exports

?interfaceMap@CCustomControlSite@@1UAFX_INTERFACEMAP@@B

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 269KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 239KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
蚂蚁浏览器(MyIE) V359/MyIE9Data/MyIE9.exe.manifest
.xml
蚂蚁浏览器(MyIE) V359/MyIE9Data/MyIE9SilentUpgrade.exe
.exe windows:4 windows x86 arch:x86

8e58d800b172b3e00adfdd359c841e5c

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d1:65:e0:13:9c:86:dc:e2:e5:3c:57:2e:7e:63:53:5c
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

15/08/2012, 00:00

Not After

15/08/2015, 23:59

Subject

CN=MyIE,O=MyIE,POSTALCODE=100082,STREET=ShangDi 10 street Jia 10 Number\, Haidian,L=Beijing,ST=China,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

b4:da:7e:1d:a6:37:55:71:dc:43:f2:0b:75:2e:db:12:19:82:3f:8e
Signer

Actual PE Digest

b4:da:7e:1d:a6:37:55:71:dc:43:f2:0b:75:2e:db:12:19:82:3f:8e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomW
GetCurrentThreadId
GetVersion
GetModuleHandleA
GlobalUnlock
GlobalLock
GetFileAttributesW
GetFileSize
GetFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
lstrcmpW
GlobalFlags
GetProcessVersion
RtlUnwind
RaiseException
GetDriveTypeW
GetTimeZoneInformation
ExitProcess
HeapFree
GlobalFindAtomW
SetStdHandle
GetFileType
HeapReAlloc
TerminateProcess
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetCurrentDirectoryA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
GetDriveTypeA
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
GlobalDeleteAtom
SetErrorMode
lstrcmpiW
GetFullPathNameW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DuplicateHandle
SetLastError
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryA
LocalAlloc
lstrcpynW
EnterCriticalSection
MultiByteToWideChar
lstrlenA
InterlockedDecrement
InterlockedIncrement
GlobalAlloc
WideCharToMultiByte
GlobalFree
WritePrivateProfileSectionW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetModuleFileNameW
GetTempPathW
GetTempFileNameW
lstrcatW
HeapAlloc
HeapSize
lstrlenW
GetUserDefaultLangID
GetLocaleInfoW
LoadLibraryW
GetProcAddress
FreeLibrary
WaitForSingleObject
GetCurrentProcess
GetVolumeInformationW
FormatMessageW
LocalFree
FindFirstFileW
FindClose
CreateFileW
CloseHandle
lstrcpyW
CreateDirectoryW
GetCurrentDirectoryW
GetLastError
GetCommandLineW
GetModuleHandleW
GetPrivateProfileIntW
Sleep

user32

AdjustWindowRectEx
GetFocus
GetSysColor
MapWindowPoints
LoadIconW
ClientToScreen
GetDC
ReleaseDC
TabbedTextOutW
DrawTextW
GrayStringW
LoadStringW
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuW
GetMenuState
LoadBitmapW
GetMenuCheckMarkDimensions
GetClassNameW
PtInRect
PostQuitMessage
LoadCursorW
GetSysColorBrush
DestroyMenu
GetClientRect
CopyRect
GetTopWindow
MessageBoxW
GetCapture
WinHelpW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetKeyState
DestroyWindow
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SendMessageW
GetWindow
RegisterWindowMessageW
SystemParametersInfoW
IsIconic
GetWindowPlacement
GetWindowRect
GetParent
SetFocus
EnableWindow
IsWindowEnabled
SetWindowPos
SetWindowLongW
GetDlgCtrlID
GetWindowTextW
GetWindowLongW
GetDlgItem
GetSystemMetrics
CharUpperW
PostMessageW
PeekMessageW
DispatchMessageW
GetDesktopWindow
SetWindowTextW

gdi32

SetWindowExtEx
ScaleWindowExtEx
DeleteObject
SetViewportExtEx
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SaveDC
CreateBitmap
DeleteDC
ScaleViewportExtEx
GetObjectW
SetBkColor
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
SelectObject
SetTextColor
GetClipBox
RestoreDC

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

ShellExecuteW

comctl32

ord17

wininet

InternetGetLastResponseInfoW
HttpQueryInfoW
DeleteUrlCacheEntryW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetOpenW
InternetCloseHandle
InternetSetOptionExW
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable
InternetConnectW
HttpOpenRequestW
InternetErrorDlg
HttpAddRequestHeadersW
HttpSendRequestW

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
蚂蚁浏览器(MyIE) V359/MyIE9Data/Plugin/KillAd/KillFly.htm
.js
蚂蚁浏览器(MyIE) V359/MyIE9Data/Plugin/KillAd/killad.ico
蚂蚁浏览器(MyIE) V359/MyIE9Data/Plugin/KillAd/plugin.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Plugin/LastNovelPosition/ScrollTo.ico
蚂蚁浏览器(MyIE) V359/MyIE9Data/Plugin/LastNovelPosition/plugin.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Plugin/LastNovelPosition/script.htm
.js
蚂蚁浏览器(MyIE) V359/MyIE9Data/Plugin/LastPosition/ScrollTo.ico
蚂蚁浏览器(MyIE) V359/MyIE9Data/Plugin/LastPosition/plugin.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Plugin/LastPosition/script.htm
.js
蚂蚁浏览器(MyIE) V359/MyIE9Data/Plugin/MouseUnlock/MouseUnlock.htm
.js
蚂蚁浏览器(MyIE) V359/MyIE9Data/Plugin/MouseUnlock/MouseUnlock.ico
蚂蚁浏览器(MyIE) V359/MyIE9Data/Plugin/MouseUnlock/plugin.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Plugin/Mute/plugin.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Plugin/Mute/s.ico
蚂蚁浏览器(MyIE) V359/MyIE9Data/Plugin/Notepad/plugin.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Plugin/SnapShot/SnapShot.exe
.exe windows:4 windows x86 arch:x86

b45508046d4ef38f5c55aaf477efc9a4

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26/01/2010, 00:00

Not After

25/01/2013, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:e4:48:b4:2f:1b:8b:04:3d:ac:6e:68:1c:60:a4:85:3c:28:7c:12
Signer

Actual PE Digest

04:e4:48:b4:2f:1b:8b:04:3d:ac:6e:68:1c:60:a4:85:3c:28:7c:12

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\vqq_debug\release\pdb\SnapShot.pdb

Imports

kernel32

OpenMutexW
CreateMutexW
GetCommandLineW
Sleep
OpenProcess
MapViewOfFileEx
FlushInstructionCache
MulDiv
InterlockedDecrement
WideCharToMultiByte
GetCPInfo
GetFullPathNameW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetCurrentDirectoryA
VirtualAlloc
VirtualFree
HeapCreate
CompareStringW
CompareStringA
GetTimeZoneInformation
GetDateFormatA
GetTimeFormatA
GetStdHandle
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
RtlUnwind
GetStartupInfoW
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateDirectoryW
GetSystemTimeAsFileTime
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
SetEnvironmentVariableA
GetDriveTypeA
SetEndOfFile
InterlockedCompareExchange
lstrlenW
LocalFree
ProcessIdToSessionId
GetDriveTypeW
GetLogicalDrives
FindFirstFileW
FindClose
GetEnvironmentStringsW
DeviceIoControl
CopyFileW
GetFileSize
GetTempPathW
IsBadReadPtr
TlsFree
TlsAlloc
TlsGetValue
GetTempFileNameW
GetSystemDirectoryW
TlsSetValue
GetCurrentProcessId
DeleteFileW
GetThreadSelectorEntry
FreeLibrary
SetFilePointer
WriteFile
GetModuleFileNameA
VirtualQuery
VirtualQueryEx
GetVersionExW
CreateFileW
WritePrivateProfileStringW
ReadFile
GetCurrentProcess
GetCurrentThreadId
ReadProcessMemory
CreateFileA
MultiByteToWideChar
GetCurrentThread
SetUnhandledExceptionFilter
OpenFileMappingW
GetTickCount
GetLocalTime
CloseHandle
UnmapViewOfFile
MapViewOfFile
SystemTimeToFileTime
CreateFileMappingW
InterlockedIncrement
SizeofResource
LoadResource
FindResourceW
FindResourceExW
LockResource
GetVersion
GetModuleHandleA
LoadLibraryA
GetModuleHandleW
LoadLibraryW
GetProcAddress
GetFileAttributesW
SetLastError
OutputDebugStringA
GetLastError
ExitProcess
GetModuleFileNameW

user32

OpenClipboard
GetWindowTextW
SetCapture
InflateRect
MoveWindow
GetWindowTextLengthW
RegisterClassW
EndMenu
GetMessageW
SetForegroundWindow
UnhookWindowsHookEx
TrackPopupMenu
DispatchMessageW
GetMessageExtraInfo
GetForegroundWindow
SendInput
SetWindowLongA
IsWindowUnicode
GetMenuItemCount
CloseClipboard
TranslateMessage
DestroyMenu
GetWindowLongA
UpdateWindow
GetPropW
SetPropW
GetSubMenu
GetWindowThreadProcessId
RegisterClassExW
UpdateLayeredWindow
EmptyClipboard
SetWindowPlacement
InsertMenuW
BringWindowToTop
SetWindowTextW
DeleteMenu
CallNextHookEx
SetWindowsHookExW
DrawTextW
ReleaseCapture
EnableWindow
LoadMenuW
SetClipboardData
GetClassInfoW
ScreenToClient
SetFocus
GetFocus
UnregisterClassW
GetClassInfoExW
IsWindowVisible
PostMessageW
FrameRect
LoadBitmapW
LoadStringW
KillTimer
SetTimer
SendDlgItemMessageW
EndPaint
ShowWindow
CreateWindowExW
BeginPaint
ClientToScreen
GetDlgItem
EnumDisplayMonitors
DestroyWindow
SystemParametersInfoW
EndDialog
CreateDialogParamW
MapWindowPoints
GetWindow
IsWindow
GetMonitorInfoW
MonitorFromPoint
LoadCursorW
OffsetRect
SetCursor
GetDC
GetSystemMetrics
GetDesktopWindow
FillRect
ReleaseDC
IsWindowEnabled
LoadImageW
GetWindowRect
PtInRect
GetWindowLongW
GetClientRect
InvalidateRect
SendMessageW
GetParent
SetWindowPos
SetWindowLongW
CallWindowProcW
GetCursorPos
DefWindowProcW
UnregisterClassA

gdi32

LineTo
MoveToEx
CreatePen
CreateSolidBrush
CreateCompatibleBitmap
DeleteObject
StretchBlt
SelectObject
GetObjectW
CreateCompatibleDC
DeleteDC
Rectangle
SetROP2
SetStretchBltMode
SetTextColor
SetPixelV
GetStockObject
CreateFontIndirectW
GetPixel
Polygon
Ellipse
SetBkMode
GetDeviceCaps
PatBlt
CreateDIBSection
GetDIBits
BitBlt

advapi32

SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
SetEntriesInAclW
GetSecurityInfo
ConvertSidToStringSidW
LookupAccountNameW
RegSetValueExW
RegDeleteValueW
RegQueryValueExA
RegQueryValueExW
RegOpenKeyExA
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey

shell32

SHCreateDirectoryExW
ShellExecuteW
SHGetFolderPathW
SHGetSpecialFolderPathW

ole32

CoInitialize
CoUninitialize
CoCreateGuid

shlwapi

PathFindExtensionW
PathFileExistsW
PathFindFileNameW

msimg32

AlphaBlend

wtsapi32

WTSQuerySessionInformationW
WTSFreeMemory

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

ws2_32

WSACleanup
htons
closesocket
socket
gethostbyname
WSAStartup
sendto

netapi32

Netbios
NetApiBufferFree
NetWkstaTransportEnum

Sections

.text
Size: 412KB - Virtual size: 408KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
蚂蚁浏览器(MyIE) V359/MyIE9Data/Plugin/WeiboSelectionSina/plugin.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Plugin/WeiboSelectionSina/script.htm
.js
蚂蚁浏览器(MyIE) V359/MyIE9Data/Plugin/WeiboSelectionSina/weibo.ico
蚂蚁浏览器(MyIE) V359/MyIE9Data/Plugin/clearRubishFile/clearRubishFile.bat
蚂蚁浏览器(MyIE) V359/MyIE9Data/Plugin/clearRubishFile/favicon.ico
蚂蚁浏览器(MyIE) V359/MyIE9Data/Plugin/clearRubishFile/plugin.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/2Filter.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/2FilterFly.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/CollectorScript.txt
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/DownManager.ini
.vbs
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/ExternalPopDomain.txt
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/ExternalPopFull.txt
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/ExternalPopWhite.txt
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/Filter.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/FilterFly.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/FilterSys.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/FormData.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/JsExternal.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/JsExternalTV.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/LastVisit.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/PluginData.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/PopFilter.WAV
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/Proxy.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/RSSChoiceNames.txt
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/RSSChoiceURLs.txt
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/SearchEngine.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/TempleLinks/京东.url
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/TempleLinks/导航.url
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/TempleLinks/抢票.url
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/TempleLinks/百度.url
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/UnPack.exe
.exe windows:4 windows x86 arch:x86

e3f89a7da6dd7c650edff9da2358be39

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d1:65:e0:13:9c:86:dc:e2:e5:3c:57:2e:7e:63:53:5c
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

15/08/2012, 00:00

Not After

15/08/2015, 23:59

Subject

CN=MyIE,O=MyIE,POSTALCODE=100082,STREET=ShangDi 10 street Jia 10 Number\, Haidian,L=Beijing,ST=China,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

79:31:8d:a8:9e:c4:0b:1e:51:a2:be:3c:31:44:63:65:02:63:1b:6f
Signer

Actual PE Digest

79:31:8d:a8:9e:c4:0b:1e:51:a2:be:3c:31:44:63:65:02:63:1b:6f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
SetFileSecurityA
SetFileSecurityW

kernel32

CloseHandle
CompareStringA
CompareStringW
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FormatMessageA
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStrings
GetFileAttributesA
GetFileAttributesW
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetSystemTime
GetVersion
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapFree
IsDBCSLeadByte
LCMapStringA
LoadLibraryA
LocalFileTimeToFileTime
LocalFree
MoveFileA
MultiByteToWideChar
RaiseException
ReadConsoleA
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetConsoleMode
SetEndOfFile
SetErrorMode
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetPriorityClass
SetThreadPriority
Sleep
SystemTimeToFileTime
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WideCharToMultiByte
WriteFile

user32

CharLowerA
CharLowerW
CharToOemA
CharToOemBuffA
CharUpperA
CharUpperW
EnumThreadWindows
LoadStringA
MessageBoxA
OemToCharA
OemToCharBuffA
wsprintfA

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 147KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/UserConfig.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/b001.wav
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/n001.wav
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/nircmd.exe
.exe windows:4 windows x86 arch:x86

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d1:65:e0:13:9c:86:dc:e2:e5:3c:57:2e:7e:63:53:5c
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

15/08/2012, 00:00

Not After

15/08/2015, 23:59

Subject

CN=MyIE,O=MyIE,POSTALCODE=100082,STREET=ShangDi 10 street Jia 10 Number\, Haidian,L=Beijing,ST=China,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

75:18:ab:e3:f6:9a:81:39:41:02:b2:52:9d:5d:ae:91:49:b3:6a:cc
Signer

Actual PE Digest

75:18:ab:e3:f6:9a:81:39:41:02:b2:52:9d:5d:ae:91:49:b3:6a:cc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/playAlone.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/q001.wav
.js
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/startPage/MyIE9.htm
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/startPage/MyIE9G.htm
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/startPage/SpeedDial.htm
.html .js polyglot
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/startPage/SpeedDialConfig.htm
.html .js polyglot
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/startPage/SpeedDialG.htm
.html .js polyglot
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/startPage/baidu.css
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/startPage/baidu.htm
.html .js polyglot
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/startPage/baidu_logo.gif
.gif
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/startPage/baidugoogle.htm
.html .js polyglot
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/startPage/blank.htm
.html
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/startPage/i.png
.png
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/startPage/leftbak.htm
.js
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/startPage/search.htm
.html .js polyglot
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/startPage/searchG.htm
.html .js polyglot
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/startPage/startPageChoiceFiles.txt
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/startPage/startPageChoiceNames.txt
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/startPage/tu.js
.js
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/style/Compact.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/style/Default.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/style/Normal.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/style/Oneline.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/style/Simple.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Resource/version.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/Default/Add.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/Default/BackGround.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/Default/BottomTabBackGround.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/Default/FavBar.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/Default/Go.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/Default/MainMenu.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/Default/MainTool16.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/Default/MainTool24.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/Default/MainToolGray16.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/Default/MainToolGray24.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/Default/Monitor.ico
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/Default/SearchBar.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/Default/Skin.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/Default/StatusTool.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/Default/SystemBar.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/Default/TabActive.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/Default/TabActiveBottom.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/Default/TabClose.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/Default/TabNormal.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/Default/TabNormalBottom.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/Default/TaskBar.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/Default/Tray.ico
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/Default/WinBar.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/乡村爱情/Skin.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/乡村爱情/background.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/亮/BackGround.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/暗/BackGround.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/浅蓝/BackGround.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/浅蓝/Go.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/浅蓝/Skin.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/淡色/BackGround.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/淡色/skin.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/清纯校花/Skin.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/清纯校花/background.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/绿色/BackGround.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/雪花梦/Skin.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/雪花梦/background.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/黑单色方框/Go.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/黑单色方框/MainTool16.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/黑单色方框/MainTool24.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/黑单色方框/MainToolGray16.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/黑单色方框/MainToolGray24.bmp
蚂蚁浏览器(MyIE) V359/MyIE9Data/Skin/黑单色方框/Skin.ini
蚂蚁浏览器(MyIE) V359/MyIE9Data/icon/360buy.ico
蚂蚁浏览器(MyIE) V359/MyIE9Data/icon/baidu.ico
蚂蚁浏览器(MyIE) V359/Uninst.exe
.exe windows:5 windows x86 arch:x86

32f3282581436269b3a75b6675fe3e08

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

9f:ea:c8:11:b0:f1:62:47:a5:fc:20:d8:05:23:ac:e6
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

05/05/2015, 00:00

Not After

31/12/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d1:65:e0:13:9c:86:dc:e2:e5:3c:57:2e:7e:63:53:5c
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

15/08/2012, 00:00

Not After

15/08/2015, 23:59

Subject

CN=MyIE,O=MyIE,POSTALCODE=100082,STREET=ShangDi 10 street Jia 10 Number\, Haidian,L=Beijing,ST=China,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d2:93:7c:3d:9a:36:a5:84:f2:70:0d:5a:a5:4f:65:1e:e9:bf:36:47
Signer

Actual PE Digest

d2:93:7c:3d:9a:36:a5:84:f2:70:0d:5a:a5:4f:65:1e:e9:bf:36:47

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
CloseHandle
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpA
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
lstrlenA
MulDiv
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcpynA

user32

GetAsyncKeyState
IsDlgButtonChecked
ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
wvsprintfW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
FindWindowExW

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 415KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 660KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.data
.rdata
.reloc
.rsrc/0/version.txt
.rsrc/1033/DIALOG/105
.rsrc/1033/DIALOG/106
.rsrc/1033/DIALOG/111
.rsrc/1033/GROUP_ICON/103
.rsrc/1033/ICON/1.ico
.rsrc/1033/ICON/2.ico
.rsrc/1033/MANIFEST/1
.xml
.text
CERTIFICATE
[0]
[1]
蚂蚁浏览器(MyIE) V359/下载说明.txt
蚂蚁浏览器(MyIE) V359/华彩联盟论坛.url
.url
蚂蚁浏览器(MyIE) V359/华彩软件站-使用必读.url
.url

Sharing

General

Malware Config

Signatures

Files

0ccbb82d190a32b64fc39452b62bc498

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4bCertificate

Key Usages

9f:ea:c8:11:b0:f1:62:47:a5:fc:20:d8:05:23:ac:e6Certificate

Extended Key Usages

Key Usages

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bbCertificate

Extended Key Usages

Key Usages

d1:65:e0:13:9c:86:dc:e2:e5:3c:57:2e:7e:63:53:5cCertificate

Extended Key Usages

Key Usages

f4:49:b1:5f:da:6e:cf:4b:0e:fa:f3:7d:8a:cb:7d:45:92:28:c8:73Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 16KB - Virtual size: 28KB

.rsrc Size: 28KB - Virtual size: 25KB

c04531e9d84120a1b169123a8e719751

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4bCertificate

Key Usages

9f:ea:c8:11:b0:f1:62:47:a5:fc:20:d8:05:23:ac:e6Certificate

Extended Key Usages

Key Usages

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bbCertificate

Extended Key Usages

Key Usages

d1:65:e0:13:9c:86:dc:e2:e5:3c:57:2e:7e:63:53:5cCertificate

Extended Key Usages

Key Usages

9b:50:7a:b5:c1:d1:59:f0:fd:76:da:9e:d8:47:66:0e:5d:5a:5f:d3Signer

Headers

File Characteristics

Imports

wsock32

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

gdiplus

wininet

wintrust

crypt32

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 269KB - Virtual size: 268KB

.data Size: 82KB - Virtual size: 125KB

.rsrc Size: 239KB - Virtual size: 238KB

8e58d800b172b3e00adfdd359c841e5c

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4bCertificate

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

9f:ea:c8:11:b0:f1:62:47:a5:fc:20:d8:05:23:ac:e6
Certificate

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

d1:65:e0:13:9c:86:dc:e2:e5:3c:57:2e:7e:63:53:5c
Certificate

f4:49:b1:5f:da:6e:cf:4b:0e:fa:f3:7d:8a:cb:7d:45:92:28:c8:73
Signer

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 16KB - Virtual size: 28KB

.rsrc
Size: 28KB - Virtual size: 25KB

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

9f:ea:c8:11:b0:f1:62:47:a5:fc:20:d8:05:23:ac:e6
Certificate

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

d1:65:e0:13:9c:86:dc:e2:e5:3c:57:2e:7e:63:53:5c
Certificate

9b:50:7a:b5:c1:d1:59:f0:fd:76:da:9e:d8:47:66:0e:5d:5a:5f:d3
Signer

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 269KB - Virtual size: 268KB

.data
Size: 82KB - Virtual size: 125KB

.rsrc
Size: 239KB - Virtual size: 238KB

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

d1:65:e0:13:9c:86:dc:e2:e5:3c:57:2e:7e:63:53:5c
Certificate

b4:da:7e:1d:a6:37:55:71:dc:43:f2:0b:75:2e:db:12:19:82:3f:8e
Signer

.text
Size: 121KB - Virtual size: 120KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 18KB - Virtual size: 33KB

.rsrc
Size: 4KB - Virtual size: 4KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

04:e4:48:b4:2f:1b:8b:04:3d:ac:6e:68:1c:60:a4:85:3c:28:7c:12
Signer

.text
Size: 412KB - Virtual size: 408KB

.rdata
Size: 116KB - Virtual size: 114KB

.data
Size: 12KB - Virtual size: 22KB

.rsrc
Size: 136KB - Virtual size: 135KB

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate