0e594360455ed22684b948e4b94beca3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0e594360455ed22684b948e4b94beca3_JaffaCakes118
Size

3.6MB
MD5

0e594360455ed22684b948e4b94beca3
SHA1

b971937d7d8682dd58763735427aaffe0f4171bb
SHA256

7a227d0978ffcfd8991f34cdff629b3e6127a275f671e6e580f4fefae01abc4a
SHA512

a1a540fb3150f1724fdd623b0bd3f4a5f498fb4e5a4bc35218b3e937c82e34aaf5b3cb309b5970c118248dd0537e441acb210a6acd10d4484fdb34952db79833
SSDEEP

98304:GUyKWFws0UqUkXQplwNRzZGYUG13zMcTcV5k:vEFT3ZKNRzZGYUG1T6k

Score

3^/10

Malware Config

Signatures

Unsigned PE 14 IoCs

Checks for missing Authenticode signature.

resource
unpack001/VB学习系统 V1.2西西绿化版/CmDlgCHS.dll
unpack001/VB学习系统 V1.2西西绿化版/Cmct3CHS.dll
unpack001/VB学习系统 V1.2西西绿化版/DAO350.DLL
unpack001/VB学习系统 V1.2西西绿化版/MSCmCCHS.dll
unpack001/VB学习系统 V1.2西西绿化版/MSJET35.DLL
unpack001/VB学习系统 V1.2西西绿化版/MSJINT35.DLL
unpack001/VB学习系统 V1.2西西绿化版/MSJTER35.DLL
unpack001/VB学习系统 V1.2西西绿化版/MSRD2X35.DLL
unpack001/VB学习系统 V1.2西西绿化版/MSREPL35.DLL
unpack001/VB学习系统 V1.2西西绿化版/VB5DB.DLL
unpack001/VB学习系统 V1.2西西绿化版/VB6CHS.DLL
unpack001/VB学习系统 V1.2西西绿化版/VBAR332.DLL
unpack001/VB学习系统 V1.2西西绿化版/VB学习系统.exe
unpack001/VB学习系统 V1.2西西绿化版/midas.dll

Files

0e594360455ed22684b948e4b94beca3_JaffaCakes118
.zip
VB学习系统 V1.2西西绿化版/COMCTL32.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

c8cebbf034d8c6304701e5ec3fae70a4

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:0e:7d:a7:00:00:00:00:00:48
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/10/2003, 05:59

Not After

25/01/2005, 06:09

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3a:e9:b1:64:12:e1:81:f2:31:c5:5b:ee:f2:50:5e:d1:a6:a5:30:9e
Signer

Actual PE Digest

3a:e9:b1:64:12:e1:81:f2:31:c5:5b:ee:f2:50:5e:d1:a6:a5:30:9e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

comctl32

ImageList_SetOverlayImage
ImageList_DrawEx
ImageList_GetIconSize
ImageList_SetBkColor
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Add
ImageList_AddMasked
ord16
ord17
ImageList_Draw
ImageList_Create
ImageList_Destroy
ImageList_Remove

kernel32

lstrcmpA
GetProcAddress
GlobalSize
CloseHandle
GetFileSize
ReadFile
lstrcmpiA
IsDBCSLeadByte
lstrcmpiW
LockResource
FindResourceA
LoadResource
GetWindowsDirectoryA
GetLastError
GetLocaleInfoA
OpenFile
MultiByteToWideChar
lstrcatA
DisableThreadLibraryCalls
GetVersion
GetProcessHeap
GetDateFormatA
GetLocalTime
GetTimeFormatA
GetModuleFileNameA
GetCurrentThreadId
LoadLibraryA
GlobalUnlock
GlobalAlloc
GlobalLock
CompareStringA
GlobalFree
GetVersionExA
lstrlenA
lstrcpyA
IsBadReadPtr
HeapReAlloc
lstrcpynA
IsBadWritePtr
InterlockedDecrement
WideCharToMultiByte
InitializeCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
InterlockedIncrement
HeapAlloc
lstrlenW
LeaveCriticalSection
EnterCriticalSection

user32

IsWindowVisible
EndPaint
BeginPaint
MoveWindow
CharUpperA
IntersectRect
MessageBeep
SetCursor
EndDialog
RedrawWindow
GetMessagePos
CreateAcceleratorTableA
VkKeyScanA
PeekMessageA
PeekMessageW
SetWindowRgn
RegisterWindowMessageA
RegisterClipboardFormatA
SetCursorPos
OffsetRect
EqualRect
IsChild
GetWindowTextA
SetCapture
GetCursorPos
ScreenToClient
PostMessageA
DrawEdge
GetSysColor
wsprintfA
FillRect
InflateRect
DrawTextA
GetWindowRect
MapVirtualKeyA
DestroyWindow
CreateWindowExA
GetSysColorBrush
GetParent
GetAsyncKeyState
SetWindowLongA
TranslateMessage
DispatchMessageA
IsWindowEnabled
GetActiveWindow
CreateDialogIndirectParamA
IsDialogMessageA
GetNextDlgTabItem
GetWindow
CharNextA
SetParent
InvalidateRect
UpdateWindow
UnregisterClassA
MessageBoxA
SetWindowsHookExA
SetTimer
KillTimer
CheckRadioButton
CallNextHookEx
SetActiveWindow
DestroyIcon
SetFocus
DrawIcon
UnionRect
DialogBoxParamA
PtInRect
LoadCursorA
GetWindowDC
SetRect
IsRectEmpty
GetDC
ReleaseDC
GetClipboardFormatNameA
ClientToScreen
PostMessageW
FrameRect
GetClientRect
CallWindowProcA
GetKeyState
GetCapture
ReleaseCapture
GetClassInfoA
RegisterClassA
LoadIconA
GetSystemMetrics
CopyImage
MapDialogRect
GetWindowLongA
SetWindowPos
GetFocus
EnableWindow
GetDlgItemTextA
SetDlgItemTextA
GetDlgItem
SetDlgItemInt
GetDlgItemInt
IsDlgButtonChecked
SendDlgItemMessageA
CheckDlgButton
LoadStringA
DefWindowProcA
SendMessageA
ShowWindow
WinHelpA
UnhookWindowsHookEx

ole32

CreateStreamOnHGlobal
RevokeDragDrop
CreateOleAdviseHolder
RegisterDragDrop
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
DoDragDrop
ReleaseStgMedium
OleLoadFromStream
OleSaveToStream

advapi32

RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueA
RegEnumKeyExA
RegCloseKey

oleaut32

SafeArrayPutElement
SafeArrayGetElement
SafeArrayRedim
SafeArrayGetUBound
SafeArrayCreate
SafeArrayGetLBound
SafeArrayUnaccessData
SafeArrayDestroy
SafeArrayAccessData
VariantCopy
GetErrorInfo
OleCreateFontIndirect
CreateErrorInfo
SetErrorInfo
OleCreatePropertyFrame
LoadTypeLibEx
UnRegisterTypeLi
LoadRegTypeLi
RegisterTypeLi
OleLoadPicture
LoadTypeLi
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
OleCreatePictureIndirect
VariantCopyInd
OleTranslateColor
VariantChangeType
SysFreeString
SysStringLen
VariantClear
SysAllocString
VariantInit
SafeArrayCopy

comdlg32

GetOpenFileNameA

gdi32

GetNearestColor
CreatePalette
LPtoDP
GetWindowExtEx
GetBitmapBits
TextOutA
CreateDIBitmap
RealizePalette
GetViewportExtEx
SelectPalette
GetPaletteEntries
GetDIBits
CopyEnhMetaFileA
CreateICA
CopyMetaFileA
StretchBlt
Rectangle
GetObjectA
SetBkColor
CreateDCA
CreateRectRgn
SetViewportOrgEx
SetWindowOrgEx
DeleteObject
SetWindowExtEx
SetMapMode
SetViewportExtEx
CreateSolidBrush
GetDeviceCaps
SelectObject
ExcludeClipRect
GetClipRgn
SelectClipRgn
GetClipBox
DeleteDC
CreateRectRgnIndirect
CreateCompatibleDC
PatBlt
CreateCompatibleBitmap
SetBkMode
SetTextColor
CreateBitmap
GetStockObject
GetTextExtentPoint32A

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 331KB - Virtual size: 330KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VB学习系统 V1.2西西绿化版/CmDlgCHS.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VB学习系统 V1.2西西绿化版/Cmct3CHS.dll
.dll regsvr32 windows:4 windows x86 arch:x86

9a5b4012e89a282a37f531ecf1bee9eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

_CIcos
_adj_fptan
_adj_fdiv_m64
_adj_fprem1
__vbaHresultCheckObj
_adj_fdiv_m32
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
ord103
ord104
ord105
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 298B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VB学习系统 V1.2西西绿化版/DAO2535.TLB
VB学习系统 V1.2西西绿化版/DAO350.DLL
.dll regsvr32 windows:4 windows x86 arch:x86

d249124e9bb3cd7ad1eff43913414080

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

msvcrt40

atol
_stricmp
atoi
_ultoa
wcslen
malloc
free
strncmp
wcscpy
??3@YAXPAX@Z
_ftol
_purecall
strtod
_strnicmp
??2@YAPAXI@Z
memmove
toupper
sprintf

kernel32

DeleteCriticalSection
TlsGetValue
InitializeCriticalSection
lstrcmpW
lstrlenA
GlobalUnlock
lstrcpynA
GlobalReAlloc
GlobalFree
GlobalLock
IsDBCSLeadByte
Sleep
InterlockedDecrement
InterlockedIncrement
FreeLibrary
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetModuleFileNameA
GetModuleHandleA
TlsFree
TlsAlloc
WideCharToMultiByte
GlobalAlloc
lstrcatA
lstrcpyA
CompareStringA
LeaveCriticalSection
GetCurrentThreadId
EnterCriticalSection
GetCurrentProcessId
CompareStringW
TlsSetValue

user32

GetWindow
DispatchMessageA
PeekMessageA
GetWindowLongA
GetWindowThreadProcessId
IsWindowVisible
wsprintfA
GetDesktopWindow
TranslateMessage

advapi32

RegQueryValueA
RegDeleteKeyA
RegOpenKeyA
RegCreateKeyA
RegSetValueExA
RegCloseKey

oleaut32

SysAllocString
VariantClear
DispGetParam
SafeArrayGetElement
SafeArrayPutElement
CreateErrorInfo
SafeArrayGetUBound
SafeArrayAccessData
SysAllocStringLen
SysStringLen
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
DispGetIDsOfNames
DispInvoke
SysStringByteLen
VariantInit
SetErrorInfo
GetErrorInfo
VariantChangeTypeEx
SafeArrayUnaccessData
SysFreeString
SysAllocStringByteLen
VariantCopy
VariantChangeType
SafeArrayUnlock
SafeArrayLock
SafeArrayCreate
SafeArrayDestroy
SafeArrayRedim

ole32

CoInitialize
CoGetClassObject
CoGetMalloc
CoUninitialize

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllRegisterServerEx
DllUnregisterServer

Sections

.text
Size: 458KB - Virtual size: 457KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VB学习系统 V1.2西西绿化版/MSCmCCHS.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VB学习系统 V1.2西西绿化版/MSJET35.DLL
.dll regsvr32 windows:4 windows x86 arch:x86

c201c30ce762f60892c7c901aa462205

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLocalTime
GetLastError
CloseHandle
CreateFileA
GetTempPathA
DeleteFileA
GetVersionExA
Sleep
GetComputerNameA
FindClose
FindFirstFileA
GetShortPathNameA
lstrcpyA
GetFullPathNameA
lstrlenA
IsBadStringPtrA
GetDriveTypeA
GetFileAttributesA
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
ReadFile
SetFilePointer
WriteFile
FlushFileBuffers
GetFileSize
SetEndOfFile
GetFileType
LockFile
UnlockFile
GetFileInformationByHandle
CompareStringA
LCMapStringA
GetSystemInfo
GlobalMemoryStatus
SetThreadPriority
GetTempFileNameA
HeapAlloc
GetProcessHeap
HeapFree
ResumeThread
GetProcAddress
GetTickCount
ResetEvent
WaitForSingleObject
GetCurrentThreadId
CreateThread
lstrcmpiA
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
GetCommandLineA
GetModuleHandleA
GetVersion
ExitProcess
GetSystemDefaultLangID
GetStringTypeW
HeapCreate
HeapDestroy
LCMapStringW
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
HeapSize
RtlUnwind
SetHandleCount
GetStdHandle
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetStdHandle
CompareStringW
SetEnvironmentVariableA
LoadLibraryA
GetUserDefaultLCID
GetLocaleInfoA
VirtualFree
VirtualQuery
VirtualAlloc
GetModuleFileNameA
DisableThreadLibraryCalls
IsDBCSLeadByte
SetEvent
CreateEventA
GetStringTypeA

user32

IsCharAlphaA
CharUpperA
wvsprintfA
wsprintfA
CharPrevA
IsCharAlphaNumericA

advapi32

RegEnumKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyA
RegCreateKeyA
RegSetValueExA
RegOpenKeyExA
RegEnumValueA
RegQueryInfoKeyA

ole32

CoCreateGuid

oleaut32

LHashValOfNameSys
VariantChangeType
SysFreeString
VarI2FromStr
VarI4FromStr
VarR4FromStr
VarR8FromStr
VarBstrFromDate
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
VariantClear
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromR8
VarBstrFromR4
VarBstrFromI4
VarBstrFromI2

Exports

Exports

DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 980KB - Virtual size: 978KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VB学习系统 V1.2西西绿化版/MSJINT35.DLL
.dll windows:4 windows x86 arch:x86

8ca2a6bee2fbfbab8621d081d904b4da

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetCPInfo
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapCreate
HeapDestroy
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
DisableThreadLibraryCalls
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
WriteFile
HeapAlloc
HeapFree
LoadLibraryA

user32

LoadStringA

Exports

Exports

CchLszOfId2
_WEP@4

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

WEP_TEXT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VB学习系统 V1.2西西绿化版/MSJTER35.DLL
.dll windows:4 windows x86 arch:x86

3bca76fb5ba89dcc243aedc87ac45dff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

msjint35

ord2

kernel32

HeapDestroy
HeapCreate
IsDBCSLeadByte
DisableThreadLibraryCalls
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
MultiByteToWideChar
WideCharToMultiByte
GetStringTypeA
GetStringTypeW
ExitProcess
TerminateProcess
GetCurrentProcess
LoadLibraryA
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WriteFile
HeapFree
HeapAlloc

Exports

Exports

JetErrFormattedMessage
JetErrIDAForError
JetErrIDARawMessage
JetErrRawMessage

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 580B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VB学习系统 V1.2西西绿化版/MSRD2X35.DLL
.dll regsvr32 windows:4 windows x86 arch:x86

a781de574e0567285ee1233bf6a57cc0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

msjet35

ord177

kernel32

CloseHandle
GetFileSize
ReadFile
SetFilePointer
WriteFile
FlushFileBuffers
GetLastError
GetFileType
DeleteFileA
LockFile
UnlockFile
GetComputerNameA
GetFullPathNameA
GetTempFileNameA
SetEndOfFile
GetTempPathA
GetTickCount
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
GetCurrentThreadId
GetModuleFileNameA
LoadLibraryA
GlobalSize
CreateFileA
GetCurrentProcessId
IsDBCSLeadByte
EnterCriticalSection
LeaveCriticalSection
GetLocalTime
DisableThreadLibraryCalls
GetCommandLineA
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GlobalAlloc
GlobalReAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetProcAddress

advapi32

RegDeleteKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyA
RegCreateKeyA
RegSetValueExA

Exports

Exports

DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 220KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VB学习系统 V1.2西西绿化版/MSREPL35.DLL
.dll windows:4 windows x86 arch:x86

f04a7d446e6c5d675167e675909f61c8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

msjet35

ord1101
ord108
ord136
ord156
ord177
ord908
ord140
ord138
ord157
ord167
ord107
ord130
ord129
ord912

msjter35

ord5
ord3
ord4

kernel32

CreateMutexA
CreateFileMappingA
OpenFileMappingA
GlobalAlloc
OpenProcess
CreateProcessA
CompareStringW
CompareStringA
GetModuleFileNameA
LoadLibraryA
FreeLibrary
GetProcAddress
GetTickCount
GetLocalTime
GetLastError
CloseHandle
CreateFileA
GetTempPathA
DeleteFileA
GetVersionExA
IsDBCSLeadByte
Sleep
FindClose
FindNextFileA
FindFirstFileA
GetTempFileNameA
GetComputerNameA
GetShortPathNameA
lstrcpyA
GetFullPathNameA
lstrlenA
IsBadStringPtrA
GetDriveTypeA
GetFileAttributesA
WideCharToMultiByte
MultiByteToWideChar
MoveFileA
GetFileSize
ReadFile
WriteFile
FlushFileBuffers
SetFilePointer
SetEndOfFile
SetStdHandle
HeapFree
GlobalLock
GetTimeZoneInformation
GlobalFree
GlobalUnlock
OpenMutexA
WaitForSingleObject
ReleaseMutex
CreateEventA
OpenEventA
MapViewOfFile
HeapReAlloc
SetEnvironmentVariableA
UnmapViewOfFile
FlushViewOfFile
SetEvent
ResetEvent
WaitForMultipleObjects
GetCurrentProcessId
CreateThread
GetStdHandle
GetEnvironmentVariableA
lstrcatA
HeapAlloc
SetHandleCount
GetFileType
GetSystemTime
GetCommandLineA
GetModuleHandleA
GetVersion
HeapCreate
HeapDestroy
LCMapStringA
LCMapStringW
ExitProcess
TerminateProcess
GetCurrentProcess
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
RtlUnwind
GetStringTypeA

user32

CharPrevA
IsCharAlphaA
PeekMessageA
wsprintfA
CharUpperA

advapi32

RegSetValueExA
RegFlushKey
RegCreateKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueExA
RegCloseKey

ole32

IIDFromString
CoCreateGuid
StringFromGUID2

Sections

.text
Size: 362KB - Virtual size: 361KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VB学习系统 V1.2西西绿化版/MSWINSCK.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

fcc40667ac22e0c598518006de958259

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:0e:7d:a7:00:00:00:00:00:48
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/10/2003, 05:59

Not After

25/01/2005, 06:09

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5b:3d:e6:b4:56:d1:a3:cc:c3:77:ec:dd:05:31:a7:25:62:28:b5:bc
Signer

Actual PE Digest

5b:3d:e6:b4:56:d1:a3:cc:c3:77:ec:dd:05:31:a7:25:62:28:b5:bc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

wsock32

accept
listen
inet_ntoa
recv
WSAGetLastError
WSASetLastError
select
__WSAFDIsSet
shutdown
ntohs
sendto
recvfrom
connect
getsockopt
setsockopt
getsockname
getpeername
closesocket
WSACancelAsyncRequest
gethostbyaddr
bind
WSAAsyncSelect
socket
WSAStartup
WSACleanup
inet_addr
WSAAsyncGetHostByName
WSAAsyncGetHostByAddr
gethostbyname
htons
gethostname
ioctlsocket
send

kernel32

WideCharToMultiByte
GetVersion
GetProcAddress
GetModuleFileNameA
InitializeCriticalSection
HeapFree
HeapAlloc
GetProcessHeap
lstrcpynA
lstrcpyA
lstrlenA
lstrcatA
IsBadWritePtr
DisableThreadLibraryCalls
lstrlenW
LeaveCriticalSection
GetCurrentThreadId
EnterCriticalSection
LocalFree
FormatMessageA
GetTickCount
MultiByteToWideChar
SetLastError
GetLocaleInfoA
DeleteCriticalSection
FreeLibrary
lstrcmpA
InterlockedDecrement
GetFileAttributesA
GetWindowsDirectoryA
LoadLibraryA
GetLastError
InterlockedIncrement
lstrcmpiA
FindResourceA
LockResource
LoadResource
HeapReAlloc

user32

EndDialog
DrawEdge
DialogBoxParamA
LoadCursorA
MessageBoxA
GetActiveWindow
GetDC
CharNextA
ReleaseDC
SetParent
GetWindowRect
ShowWindow
WinHelpA
IsDialogMessageA
GetWindow
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
IsChild
GetKeyState
SetWindowPos
LoadBitmapA
IsWindowVisible
EndPaint
GetClientRect
BeginPaint
GetSystemMetrics
GetDlgItemTextA
ClientToScreen
OffsetRect
EqualRect
IntersectRect
SetWindowRgn
PtInRect
MessageBeep
LoadStringA
IsWindow
CreateDialogIndirectParamA
GetParent
SetDlgItemTextA
SendMessageA
DefWindowProcA
GetWindowLongA
DestroyWindow
SetWindowLongA
KillTimer
SetTimer
UnregisterClassA
RegisterClassA
PeekMessageA
PostMessageA
SendDlgItemMessageA
GetDlgItemInt
SetDlgItemInt
SetFocus
MoveWindow
CreateWindowExA
wsprintfA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CreateOleAdviseHolder

advapi32

RegDeleteValueA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

VariantChangeType
SysAllocStringLen
SysAllocString
SafeArrayRedim
SysStringLen
RegisterTypeLi
LoadTypeLi
UnRegisterTypeLi
LoadTypeLibEx
OleCreatePropertyFrame
LoadRegTypeLi
SetErrorInfo
SysFreeString
CreateErrorInfo
GetErrorInfo
SafeArrayUnaccessData
SafeArrayDestroy
VariantClear
SysAllocStringByteLen
SafeArrayCreate
SysStringByteLen
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
VariantInit
SafeArrayAccessData
SafeArrayGetDim

gdi32

GetDeviceCaps
CreateCompatibleDC
CreateRectRgnIndirect
GetWindowExtEx
GetViewportExtEx
DeleteDC
DeleteObject
GetObjectA
LPtoDP
SetMapMode
SetViewportExtEx
SetWindowExtEx
SetViewportOrgEx
SetWindowOrgEx
CreateDCA
BitBlt
SelectObject

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VB学习系统 V1.2西西绿化版/Setting.ini
VB学习系统 V1.2西西绿化版/VB5DB.DLL
.dll windows:4 windows x86 arch:x86

2824fcddda9a05ec563c0e7037537798

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
GetLastError
OpenFile
_llseek
GetTempFileNameA
GetTempPathA
_lwrite
_lread
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
DeleteFileA
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
_lclose
LeaveCriticalSection
HeapAlloc
HeapFree
VirtualAlloc
LoadLibraryA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
FlushFileBuffers
CloseHandle
SetStdHandle
SetFilePointer

ole32

CoGetMalloc

oleaut32

SysAllocString
SysAllocStringByteLen
SysFreeString
SafeArrayDestroy
VariantInit
SafeArrayUnaccessData
SafeArrayAccessData
VariantClear
CreateErrorInfo
SysStringLen
VariantChangeType
SysAllocStringLen
VariantCopy
SafeArrayCreate
SetErrorInfo

Exports

Exports

DnaNewCRCRecordset

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VB学习系统 V1.2西西绿化版/VB6CHS.DLL
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Sections

.rdata
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VB学习系统 V1.2西西绿化版/VBAR332.DLL
.dll windows:4 windows x86 arch:x86

5e14d7670f11f0d91651943101ee9e7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

ole32

CoCreateInstance
CreateBindCtx
MkParseDisplayName
BindMoniker
CLSIDFromProgID
CoRevokeClassObject
CoRegisterClassObject
CoGetMalloc
OleBuildVersion

oleaut32

SafeArrayRedim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayPutElement
VariantInit
VariantChangeType
SafeArrayGetDim
SafeArrayGetElement
SysReAllocString
VarCyFromStr
VarDateFromStr
VarR8FromStr
VarR4FromStr
VarI4FromR8
VarI4FromStr
VarI2FromStr
SysReAllocStringLen
VarBstrFromCy
VarBstrFromDate
VarBstrFromR8
VarBstrFromR4
VarBstrFromI4
VarBstrFromI2
VarCyFromI4
VariantCopyInd
SafeArrayCopy
VariantClear
GetActiveObject
SafeArrayLock
SysAllocString
SafeArrayDestroy
SafeArrayCreate
VariantChangeTypeEx
SysFreeString
SysStringByteLen
SysAllocStringLen
SysStringLen
GetErrorInfo
SetErrorInfo
CreateErrorInfo
SafeArrayUnlock
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayAllocDescriptor
SafeArrayAllocData
SysAllocStringByteLen
VariantCopy

user32

CharToOemA
OemToCharA
CharLowerA
WaitForInputIdle
GetActiveWindow
GetDesktopWindow
IsWindowEnabled
IsWindowVisible
GetWindowTextA
SetForegroundWindow
SetFocus
GetWindow
GetForegroundWindow
MessageBeep
GetKeyboardLayout
SendMessageA
FindWindowA
FindWindowW
SetKeyboardState
CharLowerBuffW
CharUpperBuffA
CharUpperBuffW
GetSystemMetrics
LoadStringA
keybd_event
GetKeyboardState
VkKeyScanW
VkKeyScanA
SetWindowsHookExW
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
GetAsyncKeyState
AttachThreadInput
GetWindowThreadProcessId
CharLowerBuffA

kernel32

GlobalLock
GetLastError
VirtualQuery
WriteFile
ReadFile
GetFileType
MoveFileA
DeleteFileA
RemoveDirectoryA
CreateDirectoryA
SetEnvironmentVariableA
SetCurrentDirectoryA
GetCurrentDirectoryA
FlushFileBuffers
FindNextFileA
HeapFree
HeapAlloc
GetFullPathNameA
GetCommandLineA
RtlUnwind
GetUserDefaultLCID
lstrlenA
GetDateFormatA
CreateProcessA
CreateProcessW
GetCurrentProcess
SetLocalTime
GetLocalTime
GetFileAttributesA
FindFirstFileA
FindClose
SetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileTime
SetFileTime
CloseHandle
GetVolumeInformationA
GetTimeZoneInformation
GetStringTypeW
SetEndOfFile
SetStdHandle
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
HeapSize
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
DeleteCriticalSection
GetStartupInfoA
GetStdHandle
SetHandleCount
HeapDestroy
HeapCreate
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
HeapReAlloc
TerminateProcess
ExitProcess
UnlockFile
LockFile
WideCharToMultiByte
MultiByteToWideChar
GetTickCount
Sleep
RaiseException
GetProcAddress
GetModuleHandleA
GetVersion
FreeLibrary
DisableThreadLibraryCalls
GetSystemDefaultLangID
GetUserDefaultLangID
IsDBCSLeadByte
lstrcmpiA
LCMapStringA
GetStringTypeA
GlobalFree
GlobalUnlock
GlobalHandle
SetFilePointer
GlobalAlloc
CompareStringW
SetLastError
CompareStringA
LCMapStringW
LoadLibraryA
GetDriveTypeA
GetLocaleInfoW
GetLocaleInfoA
CreateFileA
FormatMessageW
GetModuleFileNameA
GetModuleFileNameW
SetErrorMode

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyA
RegCreateKeyW
RegQueryValueExA
RegQueryValueExW
RegEnumValueW
RegEnumKeyA
RegEnumKeyW
RegDeleteValueA
RegDeleteValueW
RegDeleteKeyA
RegDeleteKeyW
RegOpenKeyA
RegOpenKeyW
RegSetValueExA
RegSetValueExW

Exports

Exports

CopyRecord
CreateIExprSrvObj
DllFunctionCall
EbGetHandleOfExecutingProject
EbGetObjConnectionCounts
EbGetVBAObject
EbLibraryLoad
EbLibraryUnload
EbLoadRunTime
EbResetProject
EbResetProjectNormal
GetMem1
GetMem2
GetMem4
GetMem8
GetMemEvent
GetMemNewObj
GetMemObj
GetMemStr
GetMemVar
IID_IVbaHost
MethCallEngine
ProcCallEngine
PutMem1
PutMem2
PutMem4
PutMem8
PutMemEvent
PutMemNewObj
PutMemObj
PutMemStr
PutMemVar
SetMemEvent
SetMemNewObj
SetMemObj
SetMemVar
TipCreateInstanceProject
TipGetAddressOfPredeclaredInstance
TipInvokeMethod
TipInvokeMethod2
TipUnloadProject
VarPtr
__vbaRecAssign
__vbaRecDestruct
rtBoolFromErrVar
rtBstrFromErrVar
rtCyFromErrVar
rtDecFromVar
rtI2FromErrVar
rtI4FromErrVar
rtR4FromErrVar
rtR8FromErrVar
rtUI1FromErrVar
rtcAbsVar
rtcAnsiValueBstr
rtcAppActivate
rtcAppleScript
rtcArray
rtcAtn
rtcBeep
rtcBstrFromAnsi
rtcBstrFromByte
rtcBstrFromChar
rtcBstrFromError
rtcBstrFromFormatVar
rtcByteValueBstr
rtcCVErrFromVar
rtcChangeDir
rtcChangeDrive
rtcCharValueBstr
rtcChoose
rtcCommandBstr
rtcCommandVar
rtcCompareBstr
rtcCos
rtcCreateObject
rtcCurrentDir
rtcCurrentDirBstr
rtcDDB
rtcDateAdd
rtcDateDiff
rtcDateFromVar
rtcDatePart
rtcDeleteSetting
rtcDir
rtcDoEvents
rtcEndOfFile
rtcEnvironBstr
rtcEnvironVar
rtcErrObj
rtcExp
rtcFV
rtcFileAttributes
rtcFileCopy
rtcFileDateTime
rtcFileLen
rtcFileLength
rtcFileLocation
rtcFileReset
rtcFileSeek
rtcFileWidth
rtcFixVar
rtcFreeFile
rtcGetAllSettings
rtcGetCurrentCalendar
rtcGetDateBstr
rtcGetDateValue
rtcGetDateVar
rtcGetDayOfMonth
rtcGetDayOfWeek
rtcGetErl
rtcGetFileAttr
rtcGetHourOfDay
rtcGetMinuteOfHour
rtcGetMonthOfYear
rtcGetObject
rtcGetPresentDate
rtcGetSecondOfMinute
rtcGetSetting
rtcGetTimeBstr
rtcGetTimeValue
rtcGetTimeVar
rtcGetTimer
rtcGetYear
rtcHexBstrFromVar
rtcHexVarFromVar
rtcIMEStatus
rtcIPMT
rtcIRR
rtcImmediateIf
rtcInStr
rtcInStrChar
rtcInputBox
rtcInputCharCount
rtcInputCharCountVar
rtcInputCount
rtcInputCountVar
rtcIntVar
rtcIsArray
rtcIsDate
rtcIsEmpty
rtcIsError
rtcIsMissing
rtcIsNull
rtcIsNumeric
rtcIsObject
rtcKillFiles
rtcLeftBstr
rtcLeftCharBstr
rtcLeftCharVar
rtcLeftTrimBstr
rtcLeftTrimVar
rtcLeftVar
rtcLenCharVar
rtcLenVar
rtcLog
rtcLowerCaseBstr
rtcLowerCaseVar
rtcMIRR
rtcMacId
rtcMakeDir
rtcMidBstr
rtcMidCharBstr
rtcMidCharVar
rtcMidVar
rtcMsgBox
rtcNPV
rtcNPer
rtcOctBstrFromVar
rtcOctVarFromVar
rtcPMT
rtcPPMT
rtcPV
rtcPackDate
rtcPackTime
rtcPartition
rtcQBColor
rtcR8ValFromBstr
rtcRandomNext
rtcRandomize
rtcRate
rtcRemoveDir
rtcRgb
rtcRightBstr
rtcRightCharBstr
rtcRightCharVar
rtcRightTrimBstr
rtcRightTrimVar
rtcRightVar
rtcSLN
rtcSYD
rtcSaveSetting
rtcSendKeys
rtcSetCurrentCalendar
rtcSetDateBstr
rtcSetDateVar
rtcSetFileAttr
rtcSetTimeBstr
rtcSetTimeVar
rtcSgnVar
rtcShell
rtcSin
rtcSpaceBstr
rtcSpaceVar
rtcSqr
rtcStrConvVar
rtcStrFromVar
rtcStringBstr
rtcStringVar
rtcSwitch
rtcTan
rtcTrimBstr
rtcTrimVar
rtcTypeName
rtcUpperCaseBstr
rtcUpperCaseVar
rtcVarBstrFromAnsi
rtcVarBstrFromByte
rtcVarBstrFromChar
rtcVarDateFromVar
rtcVarFromError
rtcVarFromFormatVar
rtcVarFromVar
rtcVarStrFromVar
rtcVarType

Sections

.text
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ENGINE
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VB学习系统 V1.2西西绿化版/VB学习系统.exe
.exe windows:4 windows x86 arch:x86

c7f5a0db9ba3f99999aee912af93576e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
DebugActiveProcess
ResumeThread
GetThreadContext
TerminateProcess
GetExitCodeProcess
CreateProcessA
GetModuleFileNameA
GetStartupInfoA
GetVersionExA
SuspendThread
Sleep
GetTempPathA
FindClose
FindNextFileA
FindFirstFileA
UnmapViewOfFile
FreeLibrary
CloseHandle
GetCurrentProcess
GetShortPathNameA
GetCurrentThread
GetProcAddress
SetThreadContext
ReadFile
ReleaseMutex
LoadLibraryA
MapViewOfFile
CreateFileMappingA
CreateMutexA
SetFilePointer
GetCurrentProcessId
SleepEx
CreateThread
WriteFile
GetTempFileNameA
CreateMailslotA
SetEnvironmentVariableA
GetCommandLineA
GetModuleHandleA
GetFileSize
SetThreadPriority
ContinueDebugEvent
SetPriorityClass
WaitForDebugEvent
ReadProcessMemory
GetLastError
VirtualProtectEx
WaitForSingleObject
CreateFileA
CompareStringW
GetEnvironmentVariableA
WriteProcessMemory
GetVersion
ExitProcess
FlushFileBuffers
LCMapStringW
CompareStringA
SetStdHandle
GetOEMCP
LCMapStringA
GetCPInfo
GetStringTypeW
GetACP
MultiByteToWideChar
GetStringTypeA
VirtualAlloc
VirtualFree
HeapReAlloc
HeapDestroy
GetFileType
HeapCreate
SetHandleCount
GetEnvironmentStringsW
GetStdHandle
WideCharToMultiByte
FreeEnvironmentStringsW
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetEnvironmentStrings
HeapFree
HeapAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA

user32

EnumWindows
DestroyWindow
SendMessageTimeoutA
GetWindowThreadProcessId
UpdateWindow
SystemParametersInfoA
CreateDialogParamA
DispatchMessageA
SetTimer
GetDlgItem
SendMessageA
TranslateMessage
LoadCursorA
BeginPaint
EndPaint
KillTimer
GetSystemMetrics
ShowWindow
RegisterClassA
PostQuitMessage
DefWindowProcA
GetMessageA
CreateWindowExA
MessageBoxA
SetWindowTextA

gdi32

CreateDIBitmap
RealizePalette
DeleteDC
CreateDCA
CreatePalette
SelectPalette
SelectObject
CreateCompatibleDC
BitBlt
DeleteObject

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VB学习系统 V1.2西西绿化版/VB学习系统帮助文档.chm
.chm
VB学习系统 V1.2西西绿化版/comct332.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

dbe8238c18bfb73ca77d2900b19bbadf

Code Sign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

EVENT_SINK_GetIDsOfNames
__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaStrI4
__vbaVarVargNofree
__vbaAryMove
__vbaFreeVar
__vbaAptOffset
__vbaLenBstr
__vbaStrVarMove
ord697
__vbaFreeVarList
_adj_fdiv_m64
EVENT_SINK_Invoke
__vbaRaiseEvent
__vbaFreeObjList
__vbaStrErrVarCopy
ord517
_adj_fprem1
__vbaResume
__vbaCopyBytes
__vbaForEachCollAd
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
ord558
_adj_fdiv_m32
Zombie_GetTypeInfo
__vbaAryDestruct
__vbaLateMemSt
__vbaExitProc
__vbaForEachCollObj
ord300
ord595
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
__vbaVarIndexLoad
ord306
__vbaBoolVar
__vbaForEachCollVar
__vbaRefVarAry
__vbaBoolVarNull
__vbaVargVar
_CIsin
ord525
ord632
__vbaLateMemStAd
__vbaNextEachCollObj
__vbaVargVarMove
__vbaChkstk
ord526
EVENT_SINK_AddRef
__vbaStrCmp
__vbaExitEachColl
__vbaAryConstruct2
__vbaVarTstEq
__vbaObjVar
ord561
__vbaNextEachCollVar
ord562
DllFunctionCall
ord563
__vbaCastObjVar
__vbaStrR4
__vbaLbound
__vbaRedimPreserve
_adj_fpatan
__vbaR4Var
__vbaLateIdCallLd
Zombie_GetTypeInfoCount
__vbaStrR8
__vbaRedim
EVENT_SINK_Release
__vbaNew
_CIsqrt
__vbaObjIs
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord607
__vbaFailedFriend
__vbaFPException
ord717
ord319
__vbaUbound
__vbaStrVarVal
__vbaI2Var
ord644
_CIlog
__vbaVar2Vec
__vbaInStr
__vbaNew2
__vbaVarLateMemCallLdRf
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaVarSetObj
__vbaStrCopy
__vbaI4Str
__vbaFreeStrList
_adj_fdivr_m32
__vbaPowerR8
_adj_fdiv_r
ord685
__vbaVarTstNe
ord101
ord102
__vbaI4Var
ord103
ord104
ord105
__vbaAryLock
__vbaVarAdd
__vbaLateMemCall
ord320
__vbaVarDup
__vbaStrToAnsi
ord321
__vbaUnkVar
ord616
__vbaFpI4
__vbaVarLateMemCallLd
__vbaVarCopy
ord617
__vbaLateMemCallLd
_CIatan
ord618
__vbaCastObj
__vbaStrMove
__vbaStrVarCopy
_allmul
ord651
__vbaLateIdSt
__vbaFpCSngR4
_CItan
__vbaNextEachCollAd
__vbaAryUnlock
_CIexp
__vbaFreeStr
__vbaFreeObj
__vbaI4ErrVar
ord581

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 300KB - Virtual size: 298KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VB学习系统 V1.2西西绿化版/dujiaoshu.inf
VB学习系统 V1.2西西绿化版/midas.dll
.dll regsvr32 windows:4 windows x86 arch:x86

7aeeb458f15e4b68d4729b9a139b14d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegSetValueExA

kernel32

CloseHandle
CompareStringA
CreateFileA
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetCurrentThreadId
GetEnvironmentStrings
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetVersion
GetVersionExA
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
IsValidLocale
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
OutputDebugStringA
RaiseException
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
SetLastError
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA

user32

CharLowerA
CharUpperA
EnumThreadWindows
LoadStringA
MessageBoxA
wsprintfA

ole32

StringFromGUID2

oleaut32

LoadTypeLib
RegisterTypeLib
SafeArrayAccessData
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayDestroyDescriptor
SafeArrayRedim
SafeArrayUnaccessData
UnRegisterTypeLib

Exports

Exports

@WEP$qqsi
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
ExitAlchemy
InitAlchemy
___CPPdebugHook

Sections

.text
Size: 205KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VB学习系统 V1.2西西绿化版/un.reg
VB学习系统 V1.2西西绿化版/vbstu.stu
VB学习系统 V1.2西西绿化版/卸载.BAT
.bat .vbs
VB学习系统 V1.2西西绿化版/绿化说明（序列号）.txt
VB学习系统 V1.2西西绿化版/西西绿化.BAT
.bat .vbs
VB学习系统 V1.2西西绿化版/西西软件园.txt
VB学习系统 V1.2西西绿化版/西西软件园_游戏网下载_最安全的软件下载基地.url
.url

Sharing

General

Malware Config

Signatures

Files

c8cebbf034d8c6304701e5ec3fae70a4

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88Certificate

Extended Key Usages

Key Usages

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6Certificate

Extended Key Usages

Key Usages

61:0e:7d:a7:00:00:00:00:00:48Certificate

Extended Key Usages

Key Usages

3a:e9:b1:64:12:e1:81:f2:31:c5:5b:ee:f2:50:5e:d1:a6:a5:30:9eSigner

Headers

File Characteristics

Imports

version

comctl32

kernel32

user32

ole32

advapi32

oleaut32

comdlg32

gdi32

Exports

Exports

Sections

.text Size: 331KB - Virtual size: 330KB

.data Size: 7KB - Virtual size: 7KB

.rsrc Size: 224KB - Virtual size: 224KB

.reloc Size: 24KB - Virtual size: 23KB

Headers

File Characteristics

Sections

.rsrc Size: 26KB - Virtual size: 26KB

.reloc Size: 512B - Virtual size: 12B

9a5b4012e89a282a37f531ecf1bee9eb

Headers

File Characteristics

Imports

msvbvm60

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 784B

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 298B

d249124e9bb3cd7ad1eff43913414080

Headers

File Characteristics

Imports

msvcrt40

kernel32

user32

advapi32

oleaut32

ole32

Exports

Exports

Sections

.text Size: 458KB - Virtual size: 457KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 72KB - Virtual size: 71KB

.reloc Size: 20KB - Virtual size: 20KB

Headers

File Characteristics

Sections

.rsrc Size: 120KB - Virtual size: 120KB

.reloc Size: 512B - Virtual size: 12B

c201c30ce762f60892c7c901aa462205

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

61:0e:7d:a7:00:00:00:00:00:48
Certificate

3a:e9:b1:64:12:e1:81:f2:31:c5:5b:ee:f2:50:5e:d1:a6:a5:30:9e
Signer

.text
Size: 331KB - Virtual size: 330KB

.data
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 224KB - Virtual size: 224KB

.reloc
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 26KB - Virtual size: 26KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 784B

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 298B

.text
Size: 458KB - Virtual size: 457KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 72KB - Virtual size: 71KB

.reloc
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 120KB - Virtual size: 120KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 980KB - Virtual size: 978KB

.data
Size: 16KB - Virtual size: 214KB

.rsrc
Size: 4KB - Virtual size: 908B

.reloc
Size: 28KB - Virtual size: 25KB

.text
Size: 6KB - Virtual size: 6KB

WEP_TEXT
Size: 512B - Virtual size: 8B

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 110KB - Virtual size: 110KB

.reloc
Size: 1024B - Virtual size: 836B

.text
Size: 11KB - Virtual size: 10KB

.data
Size: 9KB - Virtual size: 11KB

.rsrc
Size: 1024B - Virtual size: 928B

.reloc
Size: 1024B - Virtual size: 580B

.text
Size: 220KB - Virtual size: 219KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 3KB - Virtual size: 136KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 896B

.reloc
Size: 7KB - Virtual size: 7KB