2bfaf024ef6405d364d7697439e139e7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2bfaf024ef6405d364d7697439e139e7_JaffaCakes118
Size

2.3MB
MD5

2bfaf024ef6405d364d7697439e139e7
SHA1

fda90ea23d3a2aa380b8fce4f0aea330d29a55de
SHA256

2ef36a8f4492b0d87e3b687c46b5709702cc99d108dd312a87ae508d4532fa0c
SHA512

7520726ecadc8b55de52126160e59ff99e13804fe48f8f8c5ff4d50f9dfd33b70bb4dffd79274fea06c7a0f19b914824cd47638e5537204da4b1096110372744
SSDEEP

49152:AiCndfXg2Ghrd9+mR3bGv+hdsaCkcmAZwcy4zfcB8R6vfXg2+KPe6m/I:A/chpL3dhbCk5AZwcy4jl6v/YKPe6mQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 14 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Evoconn3/ID3Changer.dll
unpack001/Evoconn3/MDX.DLL
unpack001/Evoconn3/Scripts/ID3Changer.dll
unpack001/Evoconn3/Scripts/MDX.DLL
unpack001/Evoconn3/Scripts/bars.mdx
unpack001/Evoconn3/Scripts/popups.dll
unpack001/Evoconn3/Scripts/views.mdx
unpack001/Evoconn3/Uninstal.exe
unpack001/Evoconn3/bars.mdx
unpack001/Evoconn3/mIRC.exe
unpack001/Evoconn3/nHTMLn_2.92.dll
unpack001/Evoconn3/popups.dll
unpack001/Evoconn3/registry.dll
unpack001/Evoconn3/views.mdx

Files

2bfaf024ef6405d364d7697439e139e7_JaffaCakes118
.rar
Evoconn3/Games/BonusQuestions.txt
Evoconn3/Games/SuperTrivia49.mrc
.js
Evoconn3/Games/SuperTrivia49EN.mrc
Evoconn3/Games/SuperTrivia49NL.mrc
Evoconn3/Games/questions.txt
Evoconn3/ID3Changer.dll
.dll windows:1 windows x86 arch:x86

5a498eee87e4d89512a84502f500181f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA

Exports

Exports

ID3v1Album
ID3v1Artist
ID3v1Comment
ID3v1GenreID
ID3v1Title
ID3v1Year

Sections

CODE
Size: 121KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp-md
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Evoconn3/MDX.DLL
.dll windows:4 windows x86 arch:x86

34b86dab5c0b41a24220fe3732aef3a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MapViewOfFile
WaitForSingleObject
ReleaseMutex
CreateFileMappingA
UnmapViewOfFile
CloseHandle
GetProcAddress
SetLastError
GetModuleFileNameA
LoadLibraryA
GetLastError
FreeLibrary
GlobalSize
GlobalFree
GlobalLock
GlobalAlloc
GlobalUnlock
GetCurrentProcessId
CreateMutexA

user32

SetWindowPos
GetWindowLongA
PostMessageA
DrawTextA
CreateWindowExA
SetWindowLongA
GetSysColorBrush
RedrawWindow
ChildWindowFromPointEx
GetParent
GetDlgCtrlID
GetWindowRect
ScreenToClient
MoveWindow
GetActiveWindow
SendMessageA
GetDlgItem
SetFocus
ShowWindow
InvalidateRgn
DestroyIcon
GetSysColor
CallWindowProcA
GetClientRect
GetClassNameA
EnumChildWindows
DestroyWindow
EnableWindow
MapWindowPoints
GetWindow
RegisterClipboardFormatA
LoadStringA

gdi32

DeleteDC
GetTextFaceA
GetTextMetricsA
SelectObject
CreateCompatibleDC
DeleteObject
GetObjectA
CreateFontIndirectA
CreateBrushIndirect
GetStockObject
GetBkColor
GetTextColor
SetTextColor
SetBkColor

shell32

ExtractIconExA
DragQueryFileA

ole32

ReleaseStgMedium

msvcrt

_initterm
_onexit
malloc
sprintf
vsprintf
__dllonexit
atoi
strtol
strncpy
_adjust_fdiv
_strdup
__CxxFrameHandler
??2@YAPAXI@Z
free
_stricmp
_itoa
??3@YAXPAX@Z

Exports

Exports

ControlFromPoint
ConvertCoords
DLLInfo
DynamicControl
ErrorInfo
GetFont
LoadDll
MarkDialog
MoveControl
Remove
SetBorderStyle
SetColor
SetControlMDX
SetDialog
SetFont
SetMDXStyle
SetMircVersion

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Evoconn3/Msn.ico
Evoconn3/Numeric.hlp
Evoconn3/OC-Pro readme.txt
Evoconn3/OC-Pro.ini
Evoconn3/OC-Pro.mrc
.js
Evoconn3/Pictures/AmyLeeT10.jpg
.jpg
Evoconn3/Pictures/AmyLeeT9.jpg
.jpg
Evoconn3/Pictures/Evanescence Wallpaper.jpg
.jpg
Evoconn3/Pictures/Grey Steel 6.03.bmp
Evoconn3/Pictures/Grey Steel 6.1.bmp
Evoconn3/Pictures/Grey Steel Blank 6.03.bmp
Evoconn3/Pictures/Grey Steel Blank 6.1.bmp
Evoconn3/Pictures/Msn.ico
Evoconn3/Pictures/Thumbs.db
Evoconn3/Pictures/auh.JPG
.jpg
Evoconn3/Pictures/buttons.bmp
Evoconn3/Pictures/evanescence.jpg
.jpg
Evoconn3/Pictures/fp.bmp
Evoconn3/Pictures/ghv8.JPG
.jpg
Evoconn3/Pictures/gold.bmp
Evoconn3/Pictures/grass.bmp
Evoconn3/Pictures/logoo.PNG
.png
Evoconn3/Pictures/mp.bmp
Evoconn3/Pictures/np.bmp
Evoconn3/Pictures/pfp.bmp
Evoconn3/Pictures/pmp.bmp
Evoconn3/Pictures/prp.bmp
Evoconn3/Pictures/rp.bmp
Evoconn3/Pictures/test.PNG
.png
Evoconn3/Pictures/wood.bmp
Evoconn3/Scripts/AwayRemote.mrc
Evoconn3/Scripts/Bigdialog.mrc
.js
Evoconn3/Scripts/Eventlogs.mrc
Evoconn3/Scripts/ID3Changer.dll
.dll windows:1 windows x86 arch:x86

5a498eee87e4d89512a84502f500181f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA

Exports

Exports

ID3v1Album
ID3v1Artist
ID3v1Comment
ID3v1GenreID
ID3v1Title
ID3v1Year

Sections

CODE
Size: 121KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp-md
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Evoconn3/Scripts/JoinCounter.mrc
Evoconn3/Scripts/MDX.DLL
.dll windows:4 windows x86 arch:x86

34b86dab5c0b41a24220fe3732aef3a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MapViewOfFile
WaitForSingleObject
ReleaseMutex
CreateFileMappingA
UnmapViewOfFile
CloseHandle
GetProcAddress
SetLastError
GetModuleFileNameA
LoadLibraryA
GetLastError
FreeLibrary
GlobalSize
GlobalFree
GlobalLock
GlobalAlloc
GlobalUnlock
GetCurrentProcessId
CreateMutexA

user32

SetWindowPos
GetWindowLongA
PostMessageA
DrawTextA
CreateWindowExA
SetWindowLongA
GetSysColorBrush
RedrawWindow
ChildWindowFromPointEx
GetParent
GetDlgCtrlID
GetWindowRect
ScreenToClient
MoveWindow
GetActiveWindow
SendMessageA
GetDlgItem
SetFocus
ShowWindow
InvalidateRgn
DestroyIcon
GetSysColor
CallWindowProcA
GetClientRect
GetClassNameA
EnumChildWindows
DestroyWindow
EnableWindow
MapWindowPoints
GetWindow
RegisterClipboardFormatA
LoadStringA

gdi32

DeleteDC
GetTextFaceA
GetTextMetricsA
SelectObject
CreateCompatibleDC
DeleteObject
GetObjectA
CreateFontIndirectA
CreateBrushIndirect
GetStockObject
GetBkColor
GetTextColor
SetTextColor
SetBkColor

shell32

ExtractIconExA
DragQueryFileA

ole32

ReleaseStgMedium

msvcrt

_initterm
_onexit
malloc
sprintf
vsprintf
__dllonexit
atoi
strtol
strncpy
_adjust_fdiv
_strdup
__CxxFrameHandler
??2@YAPAXI@Z
free
_stricmp
_itoa
??3@YAXPAX@Z

Exports

Exports

ControlFromPoint
ConvertCoords
DLLInfo
DynamicControl
ErrorInfo
GetFont
LoadDll
MarkDialog
MoveControl
Remove
SetBorderStyle
SetColor
SetControlMDX
SetDialog
SetFont
SetMDXStyle
SetMircVersion

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Evoconn3/Scripts/Protections1.mrc
Evoconn3/Scripts/Protections2.mrc
.js
Evoconn3/Scripts/Scriptprotection.mrc
Evoconn3/Scripts/Theme.mrc
.js
Evoconn3/Scripts/advertise
.js
Evoconn3/Scripts/antiop.mrc
Evoconn3/Scripts/badnick.mrc
.js
Evoconn3/Scripts/badwordkicker.mrc
.js
Evoconn3/Scripts/bars.mdx
.dll windows:4 windows x86 arch:x86

99eee5c933b3e274b3f9aa164c57762c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

InvalidateRect
PostMessageA
SendMessageA
SetWindowLongA
DestroyIcon
CallWindowProcA
GetWindowLongA
DefWindowProcA
CreateWindowExA
DestroyWindow
GetKeyState
LoadIconA
GetClientRect
FillRect
LoadImageA
GetParent
EnableWindow

gdi32

GetObjectA
CreateBrushIndirect
DeleteDC
Rectangle
CreatePen
SelectObject
StretchBlt
BitBlt
CreateCompatibleDC
DeleteObject

shell32

ExtractIconExA

comctl32

ImageList_ReplaceIcon
ImageList_Add
ImageList_Replace
ImageList_Create
ImageList_Destroy
InitCommonControlsEx

msvcrt

??2@YAPAXI@Z
malloc
_adjust_fdiv
_initterm
free
_itoa
_stricmp
strncpy
__CxxFrameHandler
atoi
??3@YAXPAX@Z

kernel32

DisableThreadLibraryCalls

Exports

Exports

getMDXHeader

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Evoconn3/Scripts/bmp3.mrc
.js
Evoconn3/Scripts/commandslist
Evoconn3/Scripts/emoprot.mrc
Evoconn3/Scripts/joincount.mrc
Evoconn3/Scripts/kickcount
Evoconn3/Scripts/laatstgejoined.mrc
.vbs
Evoconn3/Scripts/linkkick.mrc
Evoconn3/Scripts/logs record.mrc
Evoconn3/Scripts/menubarop.mrc
Evoconn3/Scripts/mp3.ico
Evoconn3/Scripts/onjoincheck.mrc
Evoconn3/Scripts/onstart.mrc
Evoconn3/Scripts/playitcommands.mrc
Evoconn3/Scripts/popups.dll
.dll windows:4 windows x86 arch:x86

3a10814cb4c1ecb8f052f0ca2be9a655

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
LoadLibraryA
GetModuleFileNameA

user32

GrayStringA
DrawTextA
CreatePopupMenu
GetSysColorBrush
DrawFrameControl
GetMenuItemInfoA
DeleteMenu
SetMenuItemInfoA
DestroyMenu
FillRect
GetSysColor
SystemParametersInfoA
DefWindowProcA
UnregisterClassA
DestroyWindow
CreateWindowExA
ReleaseDC
RegisterClassA
LoadImageA
DestroyIcon
TrackPopupMenuEx
GetDC
InsertMenuItemA
DrawIconEx
GetMenuItemCount

gdi32

MoveToEx
StretchBlt
CreateBitmap
CreateFontIndirectA
GetStockObject
GetTextExtentPoint32A
SetBkMode
PatBlt
GetBkColor
SetTextColor
LineTo
DeleteObject
SetBkColor
BitBlt
CreateCompatibleDC
GetObjectA
CreateCompatibleBitmap
DeleteDC
CreatePen
SelectObject

shell32

ExtractIconExA

msvcrt

_stricmp
_itoa
_adjust_fdiv
malloc
_initterm
free
atoi
toupper
strchr
??3@YAXPAX@Z
??2@YAPAXI@Z

Exports

Exports

AddItem
Destroy
GetProperty
LoadImg
New
Popup
Remove
RemoveItem
SetMetrics
SetProperty
SetStyle

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Evoconn3/Scripts/takejoin.mrc
Evoconn3/Scripts/takeongold.mrc
Evoconn3/Scripts/views.mdx
.dll windows:4 windows x86 arch:x86

07056cc36c129798d605c78512f748e3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
GetLastError
GlobalFree
GlobalLock
GlobalUnlock
GetCurrentProcessId

user32

CallWindowProcA
SendMessageA
SetTimer
InvalidateRect
KillTimer
LoadStringA
MapWindowPoints
DestroyIcon
RedrawWindow
DefWindowProcA
GetWindowLongA
PostMessageA
LoadIconA
UpdateWindow
GetScrollInfo
SetScrollInfo
ScreenToClient
SetWindowLongA
SetFocus
GetClientRect
MessageBoxA
GetSysColorBrush
FillRect
GetSysColor
GetFocus
GetCursorPos

gdi32

GetBkColor
SetTextColor
CreateDIBPatternBrushPt
SelectObject
PatBlt
CreateSolidBrush
DeleteObject
SetBkMode
SetBkColor
GetTextExtentPoint32A
Ellipse
CreateRectRgnIndirect
SelectClipRgn

shell32

DragQueryFileA
ExtractIconExA

comctl32

InitCommonControlsEx
ImageList_SetOverlayImage
ImageList_Remove
ImageList_Draw
ImageList_ReplaceIcon
ImageList_Create
ImageList_Destroy

ole32

OleUninitialize
OleInitialize
DoDragDrop
RevokeDragDrop
RegisterDragDrop
ReleaseStgMedium

msvcrt

??3@YAXPAX@Z
??2@YAPAXI@Z
strncpy
atoi
free
vsprintf
__CxxFrameHandler
malloc
_adjust_fdiv
_itoa
_initterm
_stricmp
_strnicmp
_strdup
_purecall

Exports

Exports

getMDXHeader

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Evoconn3/Scripts/welcomestart.mrc
Evoconn3/Scripts/welkomstgroet.mrc
Evoconn3/Uninstal.exe
.exe windows:4 windows x86 arch:x86

a5e271e034cb008d607c9730dced824a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
GetModuleFileNameA
GetShortPathNameA
GetVersionExA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
GetTimeZoneInformation
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetSystemDirectoryA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetProcAddress
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
GetOEMCP
GetACP
GetCPInfo
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
LocalAlloc
LocalFree
GetCurrentDirectoryA
SetCurrentDirectoryA
FreeLibrary
GetEnvironmentStrings
LoadLibraryA
GetExitCodeProcess
CreateProcessA
lstrcatA
lstrlenA
WinExec
CloseHandle
GetLastError
SetFilePointer
WriteFile
ReadFile
GetEnvironmentVariableA
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
CreateFileA
LCMapStringW
SetFileAttributesA
GetFileAttributesA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapCompact
HeapAlloc
HeapReAlloc
HeapFree
RemoveDirectoryA
DeleteFileA
FindFirstFileA
FindNextFileA
SetEnvironmentVariableA

user32

SendMessageA
GetWindow
GetSystemMetrics
CreateWindowExA
LoadIconA
LoadCursorA
RegisterClassA
CreateDialogParamA
GetDlgItem
DestroyWindow
PostQuitMessage
DefWindowProcA
CharToOemA
DialogBoxParamA
EndDialog
SetDlgItemTextA
TranslateMessage
DispatchMessageA
GetMessageA
IsDialogMessageA
SetWindowLongA
SetWindowTextA
MessageBoxA
wsprintfA
PeekMessageA

gdi32

DeleteObject
RemoveFontResourceA
GetObjectA
CreateFontIndirectA
GetStockObject

advapi32

RegQueryValueExA
RegQueryValueA
RegEnumKeyExA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyA
RegSetValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA

ole32

OleUninitialize
OleInitialize

comctl32

ord17

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Evoconn3/aliases.ini
Evoconn3/allowed.txt
Evoconn3/bars.mdx
.dll windows:4 windows x86 arch:x86

99eee5c933b3e274b3f9aa164c57762c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

InvalidateRect
PostMessageA
SendMessageA
SetWindowLongA
DestroyIcon
CallWindowProcA
GetWindowLongA
DefWindowProcA
CreateWindowExA
DestroyWindow
GetKeyState
LoadIconA
GetClientRect
FillRect
LoadImageA
GetParent
EnableWindow

gdi32

GetObjectA
CreateBrushIndirect
DeleteDC
Rectangle
CreatePen
SelectObject
StretchBlt
BitBlt
CreateCompatibleDC
DeleteObject

shell32

ExtractIconExA

comctl32

ImageList_ReplaceIcon
ImageList_Add
ImageList_Replace
ImageList_Create
ImageList_Destroy
InitCommonControlsEx

msvcrt

??2@YAPAXI@Z
malloc
_adjust_fdiv
_initterm
free
_itoa
_stricmp
strncpy
__CxxFrameHandler
atoi
??3@YAXPAX@Z

kernel32

DisableThreadLibraryCalls

Exports

Exports

getMDXHeader

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Evoconn3/bmp3.txt
Evoconn3/commandsadmin.txt
Evoconn3/commandsfriends.txt
Evoconn3/commandshost.txt
Evoconn3/helpme.TXT
Evoconn3/ircintro.hlp
Evoconn3/jcreport.txt
Evoconn3/logs/@20_Jaar_en_Ouder.20090815.log
Evoconn3/mIRC.exe
.exe windows:4 windows x86 arch:x86

2ce2d224afe3bb87cd164a31b4377ebd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeEndPeriod
timeSetEvent
timeKillEvent
mciGetErrorStringA
timeGetDevCaps
mixerClose
mixerSetControlDetails
mciGetDeviceIDA
mciSendStringA
timeBeginPeriod
sndPlaySoundA
mixerGetLineControlsA
mixerGetLineInfoA
mixerOpen
mixerGetControlDetailsA

wsock32

sendto
getsockname
bind
ntohs
recvfrom
listen
inet_addr
WSAAsyncGetHostByAddr
WSAAsyncGetHostByName
WSACancelAsyncRequest
ntohl
gethostname
recv
send
htons
connect
WSAGetLastError
accept
WSAAsyncSelect
shutdown
closesocket
ioctlsocket
htonl
WSACleanup
setsockopt
WSAStartup
socket

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

mpr

WNetEnumResourceA
WNetOpenEnumA
WNetCloseEnum

comctl32

ImageList_GetImageCount
ImageList_AddMasked
ImageList_Destroy
ImageList_Create

kernel32

WaitForSingleObject
CreateThread
CreateEventA
GetSystemDefaultLangID
GetLocaleInfoA
GetSystemDefaultLCID
GetWindowsDirectoryA
WinExec
GlobalFree
GlobalAlloc
GlobalUnlock
GlobalLock
GetVersionExA
QueryPerformanceCounter
QueryPerformanceFrequency
QueryDosDeviceA
GetFileType
CreateFileA
GetFileAttributesA
WriteFile
MulDiv
FindClose
FindNextFileA
FindFirstFileA
GetModuleFileNameA
_lwrite
_lclose
_hwrite
GlobalSize
OpenFile
_hread
_llseek
_lopen
SetThreadPriority
GetCurrentProcess
CloseHandle
SetFilePointer
GetLastError
ReadFile
SetEndOfFile
FlushFileBuffers
GetDiskFreeSpaceA
GetVolumeInformationA
GetDriveTypeA
GetLogicalDriveStringsA
SetFileAttributesA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetLocalTime
lstrcmpA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
SetErrorMode
FindCloseChangeNotification
Sleep
FindNextChangeNotification
WaitForMultipleObjects
FindFirstChangeNotificationA
GetEnvironmentVariableA
GetShortPathNameA
CompareFileTime
GetFileTime
lstrlenA
GetTimeZoneInformation
LocalAlloc
LocalReAlloc
LocalFree
lstrcpynA
lstrcatA
lstrcpyA
GetTempPathA
SizeofResource
LoadLibraryA
GetProcAddress
FreeLibrary
SetEvent
WideCharToMultiByte
MultiByteToWideChar
FindResourceA
LoadResource
LockResource
GetTickCount
MoveFileA
ExitProcess
HeapAlloc
GetModuleHandleA
TerminateProcess
RtlUnwind
GetACP
GetOEMCP
GetCPInfo
GetTimeFormatA
GetDateFormatA
GetStartupInfoA
GetCommandLineA
HeapDestroy
HeapCreate
HeapFree
GetSystemTimeAsFileTime
HeapReAlloc
SetConsoleCtrlHandler
DeleteFileA
VirtualFree
VirtualAlloc
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
SetEnvironmentVariableA
SetEnvironmentVariableW
VirtualProtect
GetSystemInfo
VirtualQuery
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
RaiseException
SetStdHandle
HeapSize
CompareStringA
CompareStringW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
RemoveDirectoryA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFullPathNameA
GetCurrentThreadId
CreateDirectoryA

user32

SetMenu
CreateMenu
SetScrollPos
GetScrollRange
GetScrollPos
ChildWindowFromPointEx
EnableMenuItem
GetNextDlgTabItem
ModifyMenuA
InsertMenuA
IsChild
DialogBoxParamA
DdeFreeStringHandle
DdeDisconnect
DdeUninitialize
DdeNameService
DdeFreeDataHandle
DdeUnaccessData
DdeAccessData
DdeQueryStringA
DdeCreateDataHandle
DdeClientTransaction
DdeConnect
DdeCreateStringHandleA
DdeInitializeA
CallWindowProcA
SetKeyboardState
GetKeyboardState
ToAscii
ScrollDC
DrawIconEx
GetMessageA
GetWindowThreadProcessId
ClipCursor
FlashWindow
ShowScrollBar
CharLowerBuffA
CharLowerA
GetWindowDC
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
VkKeyScanA
GetKeyboardLayout
CopyAcceleratorTableA
MapVirtualKeyA
CallNextHookEx
GetCapture
SystemParametersInfoA
RedrawWindow
PeekMessageA
DefMDIChildProcA
GetMenuState
IsMenu
RemoveMenu
SetMenuItemInfoA
GetMenuItemInfoA
GetMenuItemID
TrackPopupMenu
GetMenuCheckMarkDimensions
RegisterWindowMessageA
SetWindowsHookExA
LoadAcceleratorsA
DispatchMessageA
TranslateMessage
TranslateMDISysAccel
TranslateAcceleratorA
IsDialogMessageA
GetForegroundWindow
LoadMenuA
PostQuitMessage
DefFrameProcA
RegisterClassExA
UnhookWindowsHookEx
ChildWindowFromPoint
ValidateRect
IsClipboardFormatAvailable
CreateWindowExA
InvertRect
DefWindowProcA
RegisterClassA
CreateIconIndirect
FindWindowExA
FindWindowA
SetScrollInfo
EqualRect
SetRect
ClientToScreen
WindowFromPoint
ScreenToClient
BringWindowToTop
SetActiveWindow
SetWindowLongA
GetWindow
GetClassNameA
GetCursorPos
SetWindowPos
GetAsyncKeyState
GetWindowLongA
OpenClipboard
GetClipboardData
EmptyClipboard
CloseClipboard
SetClipboardData
GetWindowTextLengthA
GetWindowTextA
WinHelpA
LoadStringA
MessageBeep
GetTopWindow
IsZoomed
GetActiveWindow
IsWindow
IsCharAlphaNumericA
GetDesktopWindow
IsIconic
GetDialogBaseUnits
SetDlgItemInt
GetDlgItemInt
GetSystemMenu
CheckMenuItem
LoadCursorA
SetCursor
CreatePopupMenu
DestroyMenu
GetMenu
GetSubMenu
GetMenuItemCount
DeleteMenu
AppendMenuA
DrawMenuBar
FrameRect
FillRect
SetWindowTextA
LoadImageA
GetClientRect
GetParent
DrawFocusRect
GetSysColor
CheckDlgButton
IsWindowEnabled
GetKeyState
IsDlgButtonChecked
BeginPaint
EndPaint
SendMessageA
LoadBitmapA
InvalidateRect
UpdateWindow
KillTimer
EndDialog
ShowWindow
EnableWindow
MoveWindow
SetScrollRange
GetIconInfo
DrawIcon
GetDlgCtrlID
DrawTextA
SetCapture
ReleaseCapture
DestroyIcon
GetWindowPlacement
SetWindowPlacement
SetForegroundWindow
GetMenuStringA
CreateDialogParamA
DestroyWindow
GetSystemMetrics
CopyRect
SetTimer
SetFocus
PostMessageA
PtInRect
LoadIconA
wsprintfA
SendDlgItemMessageA
GetDC
GetDlgItem
GetWindowRect
MapWindowPoints
ReleaseDC
IsWindowVisible
GetFocus

gdi32

RoundRect
Ellipse
GetStockObject
SetROP2
SetBkMode
PtInRegion
CreatePolygonRgn
Polyline
SetPixel
ExcludeClipRect
CreateBitmap
Rectangle
StretchDIBits
SetWindowOrgEx
GetObjectType
TextOutA
CreatePatternBrush
ExtFloodFill
CreateDIBitmap
GetDIBits
CreateFontIndirectA
GetTextExtentPointA
GetDeviceCaps
GetNearestColor
CreateRectRgn
CombineRgn
SelectClipRgn
CreatePen
SetStretchBltMode
SetBrushOrgEx
GetPixel
SelectObject
DeleteObject
ExtTextOutA
MoveToEx
LineTo
CreateCompatibleBitmap
PatBlt
SetPixelV
CreateCompatibleDC
GetObjectA
BitBlt
DeleteDC
CreateFontA
CreateSolidBrush
CreateHatchBrush
GetTextMetricsA
SetTextColor
SetBkColor
StretchBlt

comdlg32

ChooseFontA
CommDlgExtendedError
GetOpenFileNameA
ChooseColorA

advapi32

RegCreateKeyExA
RegSetValueA
RegCreateKeyA
RegQueryValueA
RegOpenKeyExA
RegEnumKeyA
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegDeleteKeyA
RegOpenKeyA

shell32

SHGetSpecialFolderLocation
Shell_NotifyIconA
SHBrowseForFolderA
SHFileOperationA
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetMalloc
DragQueryPoint
DragQueryFileA
DragFinish
ExtractIconExA
ExtractIconA
FindExecutableA
ShellExecuteA
DragAcceptFiles

ole32

ProgIDFromCLSID
CoCreateInstance
CLSIDFromProgID
OleInitialize
OleUninitialize

oleaut32

VariantInit
VarR8FromCy
VariantClear
DispGetParam
VariantChangeType
VarDateFromR8
VarCyFromR8
VarR8FromDate
LoadRegTypeLi
SetErrorInfo
SysFreeString
SysAllocString

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 236KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Evoconn3/mirc.GID
Evoconn3/mirc.hlp
Evoconn3/mirc.ini
Evoconn3/mircfaq.hlp
Evoconn3/mp3.ico
Evoconn3/nHTMLn_2.92.dll
.dll windows:4 windows x86 arch:x86

69f3875ae7b4d0c7b04ae076dd01174e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
HeapAlloc
HeapFree
HeapReAlloc
lstrcmpA
lstrcpyA
GetProcessHeap
MapViewOfFile
CreateFileMappingA
CloseHandle
UnmapViewOfFile

user32

SendMessageA
wsprintfA
GetClassNameA
GetClientRect
CallWindowProcA
FindWindowExA
GetDesktopWindow
SetCursor
LoadCursorA
GetDlgItem
SetCapture
ReleaseCapture
IsWindow
EnumChildWindows
GetWindowTextA
SetWindowLongA
ShowWindow

ole32

OleUninitialize
OleInitialize
CoGetClassObject

oleaut32

DispGetParam
VariantClear
SysFreeString
VariantInit

Exports

Exports

LoadDll
UnloadDll
attach
back
caption
capture
cursor
detach
find
forward
handler
home
item
margins
name
navigate
print
ready
refresh
release
search
select
selected
stop
url
version
zoom

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Evoconn3/popups.dll
.dll windows:4 windows x86 arch:x86

3a10814cb4c1ecb8f052f0ca2be9a655

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
LoadLibraryA
GetModuleFileNameA

user32

GrayStringA
DrawTextA
CreatePopupMenu
GetSysColorBrush
DrawFrameControl
GetMenuItemInfoA
DeleteMenu
SetMenuItemInfoA
DestroyMenu
FillRect
GetSysColor
SystemParametersInfoA
DefWindowProcA
UnregisterClassA
DestroyWindow
CreateWindowExA
ReleaseDC
RegisterClassA
LoadImageA
DestroyIcon
TrackPopupMenuEx
GetDC
InsertMenuItemA
DrawIconEx
GetMenuItemCount

gdi32

MoveToEx
StretchBlt
CreateBitmap
CreateFontIndirectA
GetStockObject
GetTextExtentPoint32A
SetBkMode
PatBlt
GetBkColor
SetTextColor
LineTo
DeleteObject
SetBkColor
BitBlt
CreateCompatibleDC
GetObjectA
CreateCompatibleBitmap
DeleteDC
CreatePen
SelectObject

shell32

ExtractIconExA

msvcrt

_stricmp
_itoa
_adjust_fdiv
malloc
_initterm
free
atoi
toupper
strchr
??3@YAXPAX@Z
??2@YAPAXI@Z

Exports

Exports

AddItem
Destroy
GetProperty
LoadImg
New
Popup
Remove
RemoveItem
SetMetrics
SetProperty
SetStyle

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Evoconn3/popups.ini
Evoconn3/registry.dll
.dll windows:4 windows x86 arch:x86

14bb0daa9669388de7bc68c5848a677a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegQueryValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegCloseKey

kernel32

GetVersion
GetCommandLineA
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
RtlUnwind
LCMapStringA
LCMapStringW

Exports

Exports

DLLInfo
GetKeyType
GetKeyValue
GetSubKeyName
GetValueName

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Evoconn3/remote.ini
Evoconn3/servers.ini
Evoconn3/sounds/bye.wav
Evoconn3/sounds/callart.wav
Evoconn3/sounds/completed.wav
Evoconn3/sounds/hallo.wav
Evoconn3/sounds/negativeal.wav
Evoconn3/sounds/negativeax.wav
Evoconn3/urls.ini
Evoconn3/vars.ini
Evoconn3/versions.txt
Evoconn3/vfcache.dat
Evoconn3/views.mdx
.dll windows:4 windows x86 arch:x86

07056cc36c129798d605c78512f748e3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
GetLastError
GlobalFree
GlobalLock
GlobalUnlock
GetCurrentProcessId

user32

CallWindowProcA
SendMessageA
SetTimer
InvalidateRect
KillTimer
LoadStringA
MapWindowPoints
DestroyIcon
RedrawWindow
DefWindowProcA
GetWindowLongA
PostMessageA
LoadIconA
UpdateWindow
GetScrollInfo
SetScrollInfo
ScreenToClient
SetWindowLongA
SetFocus
GetClientRect
MessageBoxA
GetSysColorBrush
FillRect
GetSysColor
GetFocus
GetCursorPos

gdi32

GetBkColor
SetTextColor
CreateDIBPatternBrushPt
SelectObject
PatBlt
CreateSolidBrush
DeleteObject
SetBkMode
SetBkColor
GetTextExtentPoint32A
Ellipse
CreateRectRgnIndirect
SelectClipRgn

shell32

DragQueryFileA
ExtractIconExA

comctl32

InitCommonControlsEx
ImageList_SetOverlayImage
ImageList_Remove
ImageList_Draw
ImageList_ReplaceIcon
ImageList_Create
ImageList_Destroy

ole32

OleUninitialize
OleInitialize
DoDragDrop
RevokeDragDrop
RegisterDragDrop
ReleaseStgMedium

msvcrt

??3@YAXPAX@Z
??2@YAPAXI@Z
strncpy
atoi
free
vsprintf
__CxxFrameHandler
malloc
_adjust_fdiv
_itoa
_initterm
_stricmp
_strnicmp
_strdup
_purecall

Exports

Exports

getMDXHeader

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a498eee87e4d89512a84502f500181f

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

CODE Size: 121KB - Virtual size: 256KB

DATA Size: 1KB - Virtual size: 4KB

BSS Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 8KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 12KB - Virtual size: 20KB

.rsrc Size: 5KB - Virtual size: 12KB

.data Size: 2KB - Virtual size: 4KB

.avp-md Size: - Virtual size: 4KB

34b86dab5c0b41a24220fe3732aef3a1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

msvcrt

Exports

Exports

Sections

.text Size: 29KB - Virtual size: 29KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 2KB

5a498eee87e4d89512a84502f500181f

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

CODE Size: 121KB - Virtual size: 256KB

DATA Size: 1KB - Virtual size: 4KB

BSS Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 8KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 12KB - Virtual size: 20KB

.rsrc Size: 5KB - Virtual size: 12KB

.data Size: 2KB - Virtual size: 4KB

.avp-md Size: - Virtual size: 4KB

34b86dab5c0b41a24220fe3732aef3a1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

msvcrt

Exports

Exports

Sections

.text Size: 29KB - Virtual size: 29KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 2KB

99eee5c933b3e274b3f9aa164c57762c

Headers

File Characteristics

Imports

user32

CODE
Size: 121KB - Virtual size: 256KB

DATA
Size: 1KB - Virtual size: 4KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 12KB - Virtual size: 20KB

.rsrc
Size: 5KB - Virtual size: 12KB

.data
Size: 2KB - Virtual size: 4KB

.avp-md
Size: - Virtual size: 4KB

.text
Size: 29KB - Virtual size: 29KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 2KB

CODE
Size: 121KB - Virtual size: 256KB

DATA
Size: 1KB - Virtual size: 4KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 12KB - Virtual size: 20KB

.rsrc
Size: 5KB - Virtual size: 12KB

.data
Size: 2KB - Virtual size: 4KB

.avp-md
Size: - Virtual size: 4KB

.text
Size: 29KB - Virtual size: 29KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 35KB - Virtual size: 35KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 7KB - Virtual size: 8KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 2KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 12KB - Virtual size: 9KB