iupdate.exe

First submission 2024-10-15 18:12:03

File details

File type:	PE32 executable (GUI) Intel 80386, for MS Windows
Mime type:	application/x-dosexec
File size:	5385.5 KB (5514752 bytes)
Compile time:	2024-10-08 14:35:02
MD5:	8f2382e57ef226bcbf3f549280a59085
SHA1:	c2b51f4d2ab05a13e55ddf493febfbb64d091dd6
SHA256:	7610decf9c6c0fe1da22550d4542b9c42be3c7ede12a7c768200b74b45c4b470
Import Hash :	a5d5c38edfe5a4011fc459b9f1adab46
Sections 11	.text .itext .data .bss .idata .didata .edata .tls .rdata .reloc .rsrc
Directories 5	import export resource tls relocation

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

OSINT Enrichments

Virus Total:	28/77 VT report date: 2024-10-10 19:53:49
Malware Type 1	trojan
Threat Type 2	midie sonbokli

URLs, FQDN and IP indicators 1

URL	Host (FQDN/IP)	Date Added
hXXp://download.innovare.no/ftp/iupdate.exe	download.innovare.no	2024-10-15 18:12:03

PE Sections 2 suspicious

Name	VAddress	VSize	Size	SHA1	MD5
.text	0x1000	0x46a4c0	4630016	4c2b5cbd3118d643fda623317ff274135ab4bd21	eccbd6312c811e62c0b76446a0c107bc
.itext	0x46c000	0x5f18	24576	9e84e60397d55fb3dcea6cbf1e0e8791e93d8e57	2e813652681c973c49a115adb3f1575c
.data	0x472000	0x17718	96256	57d31d8a3d2b2c24fc5c83a1873a7fad3b21cd8a	1525d12d40ea56b7b2962985030edb93
.bss	0x48a000	0x1b4ec	0	da39a3ee5e6b4b0d3255bfef95601890afd80709	d41d8cd98f00b204e9800998ecf8427e
.idata	0x4a6000	0x3ade	15360	8b41d7363d108502b23f4834336ffdbac44d0ac4	e0cec0d9f82f7e7dd01f0d04801146b1
.didata	0x4aa000	0xe14	4096	e354c86b707bc878293b084fda2aa822a6dc1f93	5c9084f982cae4e046526dafb1920f5d
.edata	0x4ab000	0x70	512	017416f007e5d69b2656930441075bf17a1b2f5b	88d4fea0f70eace093a52c91f3fa0de7
.tls	0x4ac000	0x54	0	da39a3ee5e6b4b0d3255bfef95601890afd80709	d41d8cd98f00b204e9800998ecf8427e
.rdata	0x4ad000	0x5d	512	bc06fb5dce68f46596ceeabb9758d465736496aa	513cab3271beeb577823378207549162
.reloc	0x4ae000	0x5d7b4	382976	fd5a738bae67f560e60d223cb11b2e4588ce0678	dcdfd97b1144298b8a907e8d00e6257a
.rsrc	0x50c000	0x57c00	359424	adaf69f14c296f37f3d7eec80f06a6622a382cde	e286826f9bfbfeb018c6c88ac1b99d06

PE Resources 9

Name	Language	Sublanguage	Offset	Size	Data
RT_CURSOR	LANG_ENGLISH	SUBLANG_ENGLISH_US	0x50f018	308
RT_BITMAP	LANG_ENGLISH	SUBLANG_ENGLISH_US	0x50f96c	224
RT_ICON	LANG_ENGLISH	SUBLANG_ENGLISH_US	0x50fa4c	9640	PE Resource: RT_ICON - Data (0` 6666]6666666666666666666666]666666r5555554444333333333333444455555566r666666555544::QQ``jjoodvv;ww<ppemm``QQ::445555666666}555533QQaa{{}}{{zzyyyyyyzz\|\|~~"jjQQ33555566}2((1122FFXX]ttqqqqttwwyyzz\|\|\|\|}}}}}}}}\|\|\|\|\|\| uuzTT335555662]""::]]]]]bbiioottxx{{}}~~}}\|\|nnGG445566]r99@@GGQQ[[ddllrrww{{~~~~\|\|{{zz~~!WW445566rrK&&&&..;;GGRR]]ffnnuuzz~~}}\|\|zzxxwwww``335566r]c&&&&&&&&--::GGSS^^ggoovv{{~~\|\|{{yywwuuttsssscc335566]2ff&&&&&&&&++99FFRR]]ggoouuzz}}~~\|\|yywwuussrrppoonnnnoo{{``4455662 y\\&&&&&&&&((66CCPP[[eemmsswwyyzzyywwuurroommkkiihhhhhhhhhhkkzzWW4455} SS&&&&&&&&&&22@@MMXXbbiinnppqqppmmjjggddaa__^^]]]]^^__aaccffssGG5566} II&&&&&&&&&&..<<HHSS\\bbeeeeddaa]]YYUURRPPOOOOPPQQTTWWZZ]]ff\\3355665 ??&&&&&&&&&&((66BBLLRRVVWWUUQQMMHHDDAA??>>>>@@BBFFJJOOTTZZkkRR5566 55&&&&&&&&&&&&..99@@DDEECC??::5511--++++++..1166<<CCJJPPYYSSX335566r ++&&&&&&&&&&&&&&,,0011//++&&&&&&&&&&&&&&&&&&&&,,55>>FFMM``HH5566r~ &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&22;;--&&&&&&&&&&11;;CCPPCCt4455 nn&&&&&&&&&&&&&&&&&&&&&&*pWrr&&&&&&&&//::DDTT665566] D Daa&&&&&&&&&&&&&&&&&&55\&&&&&&&&11;;OO995566]c GG &&&&&&&&&&&&&&&&&&F&&&&&&))44EE554466 GG&&&&&&&&&&&&&&II &&&&66p??&&&&&&..==44W--66 GqyGq&&&&&&&&&&&&6b&&&&&&&&&&xx&&&&&&))7755''66 GbgG l&&&&&&&&&&KK&&&&&&&&&&&&&&&&&&22::##66 GVZF~vrW&&&&&&&&--&&&&&&&&&&x &&&&&&&&..CC 66 GMO8&&&&&&&&&&&&&&&&s!&&&&&&&&,,AA55 GHI/&&&&&&&&&&&&&&&&s &&&&&&&&,,4444 GFE)~^&&&&&&&&&&&&&&s &&&&&&&&,,++ 33 GFE'JP^&&&&&&&&&&&&s"&&&&&&&&..%%H22[ GIG)EJT&&&&&&&&&&&&s&&&&&&&&&11!!x""22] GNL.KRp_&&&&&&&&&&&&s&&&&&&&&55 &&22] GVS6YC]-99&&&&&&&&&&r/&&&&&&&&55++22i E_\9{ &&&&&&&&&&o&&&&&&&))N--r 3kf8s&&&&&&&&NN^^&&&&&&22!!..r\| wrw\|}&&&&&&&&==EE&&&&&&&&"''// {xuttuw{ &&&&&&&&&&&&&&&&*((b --&&&&&&&&&&&&2))} 99&&&&&&&& } FF&&&&&&j2: SS&&=2]F U]r> rr# ur]p ]2 :2}} %}'n r,rr]]????
RT_STRING	LANG_NEUTRAL	SUBLANG_NEUTRAL	0x5222e4	820	PE Resource: RT_STRING - Data <unknown>!'%s' is not a valid integer value('%s' is not a valid floating point value'%s' is not a valid date'%s' is not a valid time!'%s' is not a valid date and time '%d.%d' is not a valid timestamp'%s' is not a valid GUID value!'%s' is not a valid boolean valueInvalid argument to time encodeInvalid argument to date encode Out of memoryI/O error %dFile not foundInvalid filenameToo many open files
RT_RCDATA	LANG_NEUTRAL	SUBLANG_NEUTRAL	0x554ed0	58074	PE Resource: RT_RCDATA - Data TPF0TUpdateForm UpdateFormClientHeightClientWidthColor clBtnFaceTransparentColorValueclBackgroundFont.Height Font.NameTahoma StyleElementsseFontseClientseBorderOnShowFormShow ExplicitWidthExplicitHeight TextHeight TPanel FirstPanelWidthHeight StyleElementsseFontseClientseBorder ExplicitWidthExplicitHeightTLabelLabel16AlignWithMargins LeftTopWidth{Height$AlignalBottom AlignmenttaCenterAutoSizeCaptionCopyright 1992-2017 InnovareFont.CharsetANSI_CHARSET Font.ColorclBlackFont.Height Font.NameTahoma Font.Style ParentFontLayouttlCenterWordWrap OnDblClickLabel16DblClickExplicitLeft ExplicitWidth]TPanelHeaderpanelWidth StyleElementsseFontseClientseBorder ExplicitWidthTLabelHeaderLabelWidthHeight7CaptionInnovare programoppdatering Font.ColorclBlackFont.Height Font.StylefsBold StyleElementsseFontseClientseBorder ExplicitWidth,ExplicitHeightTImageImage1LeftGTopWidth:Height7CursorcrHandPointMargins.LeftMargins.Top Margins.RightMargins.BottomAlignalRightCenter Picture.Data TPngImagePNG IHDR00W pHYstEXtSoftwareAdobe ImageReadyqe<PIDATxY]LU> bdVcBMH&mt?)+e6vMj 4mbB#16m+bk3glwf _r;s{`\H~Gx^r>o7SySI5j8yu(q#%00t2%N{vP>r%0:M@xY!F5[}e;)u ?J[ 852tnH pO1uonUQ/P75fY $)O#8KGXZ@{nUm;yD4[)3dCZ{U%j88=+tj(AvS};0,G03M8j;s2<7`Xj'\rQ Iq2@xKM`Gw 3 8wQ[Q,`lj>SM:$2,\|{r4D?KChf&QI('tDMgJL{o1k$w3;)VuPH6I,<Vh $x&H/e #L//_(PtDxB@13!K~bGU6dLQzgxt]l"C/wyOkg4p@ geW XNZu&{W@%#n'xJ 5^iBpcJ^yBasdQuB, ?MJ#TO`tvR \ ZpwE\]ML lKmu?zlCU}>y`RH A'I4+8,HX!ZHG "ly{y~ #lnNsull1F/tXi}Uj:-<w'h } "N`B^D/URmS.d-v@ 9@$x%+z`YE3ZVh8:L=gG 3&'-uGrOHTLVL]]o+weHY~w6<qR^VU7l&{G6C'Pyl\|=L(uoX?(vI+\|F4">23,nv@Du'IR8!"nR=5[ T~pQuRyHt CN)gI:D(H + $e:09kLrl1%d4q&!L!2nCdK3?#A$#wl`\c^+6IENDB`Proportional OnClickImage1ClickExplicitLeftExplicitHeightTProgressBarBarTopWidth{ExplicitTop ExplicitWidth{TPanelPanel11LeftTopvWidthHeightAlignalBottom BevelOuterbvNoneParentColor TabOrderTLabelVerLabelAlignWithMargins LeftTopWidth{HeightAlignalClient AlignmenttaCenterAutoSizeCaptionVersionFont.CharsetANSI_CHARSET Font.ColorclBlackFont.Height Font.NameTahoma Font.Style ParentFontLayouttlCenterWordWrap ExplicitLeftExplicitTop ExplicitWidthExplicitHeight TPageControlPageControl1AlignWithMargins LeftTopKWidthYHeightMargins.LeftMargins.Top Margins.RightMargins.Bottom ActivePage TabSheet1AlignalClientStyle tsFlatButtonsTabOrder TTabSheet TabSheet1Caption AdministrativTBevelBevel7AlignWithMargins Left(TopoWidthHeight Margins.Left( Margins.Right(AlignalTopShape bsTopLineExplicitTop ExplicitWidthRTBevelBevel4AlignWithMargins Left(TopWidthHeight Margins.Left( Margins.Right(AlignalTopShape bsTopLineExplicitTopTBevelBevel2AlignWithMargins Left(Top/WidthHeight Margins.Left( Margins.Right(AlignalTopShape bsTopLineExplicitTop ExplicitWidthaTPanelPanel12AlignWithMargins Left2TopWidthHeightLMargins.Left2Margins.Top Margins.Right2Margins.BottomAlignalTop BevelOuterbvNoneParentColor TabOrderTLabelLabel11AlignWithMargins LeftATopWidthHeight&Margins.LeftAlignalLeftCaptionFirmapakken 11 NorskFont.CharsetDEFAULT_CHARSET Font.ColorclWindowTextFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTImageImage7LeftTopWidth2Height,CursorcrHandPointAlignalLeftCenter Picture.Data TIcon00(0`N\|_ bg&m8;=BGIwO{}]`cfjx~---------------KPQF7D------>?B<7D-------V'1L3UUUWXS--------Z/6JN 9E---------ZM%)R4;87D---------- Y.@A2N7D-----------I5$G8D------------!T0#=OD-------------(HQJC:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------"-"----------"-"-----------,&&&&--,&&&&---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- ---- -------------------------------------------------+----+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------OnClickImage7ClickExplicitLeftTLabelLabel12LeftTopWidth Height,AlignalRightCaption?Font.CharsetDEFAULT_CHARSET Font.ColorclGreenFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTPanelPanel13LeftTop,WidthHeight AlignalBottom BevelOuterbvNoneParentColor TabOrderTButtonButton7LeftuTopWidthxHeight Margins.Left Margins.TopMargins.BottomAlignalRightCaptionLast nedTabOrderOnClickButton7ClickTPanelPanel5AlignWithMargins Left2Top~WidthHeightLMargins.Left2Margins.Top Margins.Right2Margins.BottomAlignalTop BevelOuterbvNoneParentColor TabOrderTLabelLabel5AlignWithMargins LeftATopWidthHeight&Margins.LeftAlignalLeftCaptionFirmapakken 11 EnglishFont.CharsetDEFAULT_CHARSET Font.ColorclWindowTextFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTLabelLabel6LeftTopWidth Height,AlignalRightCaption?Font.CharsetDEFAULT_CHARSET Font.ColorclGreenFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTImageImage3LeftTopWidth2Height,CursorcrHandPointAlignalLeftCenter Picture.Data TIcon00(0`N\|_ bg&m8;=BGIwO{}]`cfjx~---------------KPQF7D------>?B<7D-------V'1L3UUUWXS--------Z/6JN 9E---------ZM%)R4;87D---------- Y.@A2N7D-----------I5$G8D------------!T0#=OD-------------(HQJC:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------"-"----------"-"-----------,&&&&--,&&&&---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- ---- -------------------------------------------------+----+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------OnClickImage3ClickExplicitLeftExplicitTopTPanelPanel6LeftTop,WidthHeight AlignalBottom BevelOuterbvNoneParentColor TabOrderTButtonButton2LeftuTopWidthxHeight Margins.Left Margins.TopMargins.BottomAlignalRightCaptionLast nedTabOrderOnClickButton2ClickTPanelPanel3AlignWithMargins Left2TopWidthHeightLMargins.Left2Margins.Top Margins.Right2Margins.BottomAlignalTop BevelOuterbvNoneParentColor TabOrderTLabelLabel2AlignWithMargins LeftATopWidthHeight&Margins.LeftAlignalLeftCaptionOrdrestemplingFont.CharsetDEFAULT_CHARSET Font.ColorclWindowTextFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTImageImage4LeftTopWidth2Height,CursorcrHandPointAlignalLeftCenter Picture.Data %TIcon00 %(0` ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffpppffffffffffffffffffffffffffffffffffffffffffffffffffffffyyyfffffffffffffffffffffffffffyyyffffffffffffffffffffffffffffffffffffpppfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffI$I$OnClickImage4ClickExplicitLeftExplicitTopExplicitHeight0TLabelLabel3LeftTopWidth Height,AlignalRightCaption?Font.CharsetDEFAULT_CHARSET Font.ColorclGreenFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTPanelPanel4LeftTop,WidthHeight AlignalBottom BevelOuterbvNoneParentColor TabOrderTButtonButton1LeftuTopWidthxHeight Margins.Left Margins.TopMargins.BottomAlignalRightCaptionLast nedTabOrderOnClickButton1ClickTPanelPanel32AlignWithMargins Left2Top>WidthHeightLMargins.Left2Margins.Top Margins.Right2Margins.BottomAlignalTop BevelOuterbvNoneParentColor TabOrderTLabelLabel34AlignWithMargins LeftATopWidth_Height&Margins.LeftAlignalLeftCaption PersonloggFont.CharsetDEFAULT_CHARSET Font.ColorclWindowTextFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTImageImage17LeftTopWidth2Height,CursorcrHandPointAlignalLeftCenter Picture.Data TIcon ( @UUUUUUUUUUUUUUU]U] U]U ]U]U]U]U]U]U] U ]U ] U ] U UU @`~p??OnClickImage17ClickExplicitLeftExplicitTopExplicitHeight0TLabelLabel35LeftTopWidth Height,AlignalRightCaption?Font.CharsetDEFAULT_CHARSET Font.ColorclGreenFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTPanelPanel33LeftTop,WidthHeight AlignalBottom BevelOuterbvNoneParentColor TabOrderTButtonButton18LeftuTopWidthxHeight Margins.Left Margins.TopMargins.BottomAlignalRightCaptionLast nedTabOrderOnClick Button18Click TTabSheet TabSheet2CaptionTeknisk ImageIndexTBevelBevel6AlignWithMargins Left(Top/WidthHeight Margins.Left( Margins.Right(AlignalTopShape bsTopLineTBevelBevel1AlignWithMargins Left(TopoWidthHeight Margins.Left( Margins.Right(AlignalTopShape bsTopLineExplicitTop_ ExplicitWidthaTBevelBevel13AlignWithMargins Left(TopWidthHeight Margins.Left( Margins.Right(AlignalTopShape bsTopLineExplicitLeft0ExplicitTopTPanelPanel1AlignWithMargins Left2TopWidthHeightLMargins.Left2Margins.Top Margins.Right2Margins.BottomAlignalTop BevelOuterbvNoneParentColor TabOrderTLabelLabel1AlignWithMargins LeftATopWidthHeight&Margins.LeftAlignalLeftCaptionPlastrr kalkulasjonFont.CharsetDEFAULT_CHARSET Font.ColorclWindowTextFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTImageImage2LeftTopWidth2Height,CursorcrHandPointAlignalLeftCenter Picture.Data TIcon ( @pppxxxpxwxxxxpxpwxxxppxpppppppxpppxppxpxp q ?8}OnClickImage2ClickExplicitHeight%TLabelLabel4LeftTopWidth Height,AlignalRightCaption?Font.CharsetDEFAULT_CHARSET Font.ColorclGreenFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTPanelPanel2LeftTop,WidthHeight AlignalBottom BevelOuterbvNoneParentColor TabOrderTButtonButton3LeftuTopWidthxHeight Margins.Left Margins.TopMargins.BottomAlignalRightCaptionLast nedTabOrderOnClickButton3ClickTPanelPanel9AlignWithMargins Left2Top>WidthHeightLMargins.Left2Margins.Top Margins.Right2Margins.BottomAlignalTop BevelOuterbvNoneParentColor TabOrderExplicitTopTLabelLabel9AlignWithMargins LeftATopWidthHeight&Margins.LeftAlignalLeftCaptionTverrFagleg MerkesystemFont.CharsetDEFAULT_CHARSET Font.ColorclWindowTextFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTImageImage6LeftTopWidth2Height,CursorcrHandPointAlignalLeftCenter Picture.Data TIcon ( @OnClickImage6ClickExplicitLeftExplicitTopExplicitHeight0TLabelLabel10LeftTopWidth Height,AlignalRightCaption?Font.CharsetDEFAULT_CHARSET Font.ColorclGreenFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTPanelPanel10LeftTop,WidthHeight AlignalBottom BevelOuterbvNoneParentColor TabOrderTButtonButton5LeftuTopWidthxHeight Margins.Left Margins.TopMargins.BottomAlignalRightCaptionLast nedTabOrderOnClickButton5ClickTPanelPanel7AlignWithMargins Left2Top~WidthHeightLMargins.Left2Margins.Top Margins.Right2Margins.BottomAlignalTop BevelOuterbvNoneParentColor TabOrderTLabelLabel7AlignWithMargins LeftATopWidthPHeight&Margins.LeftAlignalLeftCaption PlastsveisFont.CharsetDEFAULT_CHARSET Font.ColorclWindowTextFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTImageImage5LeftTopWidth2Height,CursorcrHandPointAlignalLeftCenter Picture.Data TIcon((((P???aaan6-DDDDDDDDDDDDDDDDDDDDDD@B""""$D@DDDD@"$DDDDDD@B""""$DDDDDDDDDDDDDDDDUUUUUQUUUUUUUUUUUQUUUUUUUUUUUQUUUUUUQUQUQUQUQ00UQ00U3333Q300031U333303333Q300031U333303333Q300031U333303333Q300031U333303333Q300031U333303333Q300031U333303333Q300031U333303333Q300031U333303333Q300031U333303333Q300031U33330Q00UQ00UQUOnClickImage5ClickExplicitLeftExplicitTopExplicitHeight0TLabelLabel8LeftTopWidth Height,AlignalRightCaption?Font.CharsetDEFAULT_CHARSET Font.ColorclGreenFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTPanelPanel8LeftTop,WidthHeight AlignalBottom BevelOuterbvNoneParentColor TabOrderTButtonButton4LeftuTopWidthxHeight Margins.Left Margins.TopMargins.BottomAlignalRightCaptionLast nedTabOrderOnClickButton4ClickTPanelPanel34AlignWithMargins Left2TopWidthHeightLMargins.Left2Margins.Top Margins.Right2Margins.BottomAlignalTop BevelOuterbvNoneParentColor TabOrderExplicitLeft:ExplicitTopTLabelLabel36AlignWithMargins LeftATopWidth`Height&Margins.LeftAlignalLeftCaptionRyrskjemaFont.CharsetDEFAULT_CHARSET Font.ColorclWindowTextFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTImageImage18LeftTopWidth2Height,CursorcrHandPointAlignalLeftCenter Picture.Data TPngImagePNG IHDR,,ZsBIT\|dbIDATx_HSQosNm.4#Y/dR9 (%!RA12(LhNgFfns6evy9s~!LQn2 %,cB"$b cst2P}[H4bC,h:9F?#Ge6vS3kPLJi{eO`W;5Il/cTV^<=cygOby=[[`185lz4N,'Sl!W Os8DE5&0C=CkLt`6 2%yLku}X6-1:4@6oNQYn}XvmX }m13fMKc\|Y~)x]<"k>.,>YkUU!qi<W#.#Y`uqBS`A'~8gJdQE!(HHnvlCv\ 6'X#zG3`Y`C:X3SdsZ99583H8K{jL:GkeXJk?kE`u97! KkJT\CM"Th ,?Uw,~MkXA,;vVW?2xkGD%Z"bZ}ic[G9f'@Z'i_sK-&:ch094U8E0X(bZv_ \|1IENDB`OnClickImage6ClickExplicitLeftExplicitTopExplicitHeight0TLabelLabel37LeftTopWidth Height,AlignalRightCaption?Font.CharsetDEFAULT_CHARSET Font.ColorclGreenFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTPanelPanel35LeftTop,WidthHeight AlignalBottom BevelOuterbvNoneParentColor TabOrderExplicitTop/TButtonButton19LeftuTopWidthxHeight Margins.Left Margins.TopMargins.BottomAlignalRightCaptionLast nedTabOrderOnClick Button19Click TTabSheet TabSheet3CaptionSmverkty ImageIndexTBevelBevel8AlignWithMargins Left(TopoWidthHeight Margins.Left( Margins.Right(AlignalTopShape bsTopLineExplicitLeft0ExplicitTopw ExplicitWidthTBevelBevel10AlignWithMargins Left(TopWidthHeight Margins.Left( Margins.Right(AlignalTopShape bsTopLineExplicitLeft0ExplicitTop ExplicitWidthTBevelBevel11AlignWithMargins Left(Top/WidthHeight Margins.Left( Margins.Right(AlignalTopShape bsTopLineExplicitTop ExplicitWidthTPanelPanel18AlignWithMargins Left2TopWidthHeightLMargins.Left2Margins.Top Margins.Right2Margins.BottomAlignalTop BevelOuterbvNoneParentColor TabOrderTLabelLabel18AlignWithMargins LeftATopWidth=Height&Margins.LeftAlignalLeftCaptionFylldiskFont.CharsetDEFAULT_CHARSET Font.ColorclWindowTextFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTImageImage10LeftTopWidth2Height,CursorcrHandPointAlignalLeftCenter Picture.Data TIcon ( @wwwwwwwwwwpwwwwwwwwppppxpwwwwwwwwwpDDDDDDDDDDDDDDD@DDD@DD@DDDDD@`D@fD@`D@`fD@f`D``DfffDHff`DD@??OnClickImage10ClickExplicitLeftTLabelLabel19LeftTopWidth Height,AlignalRightCaption?Font.CharsetDEFAULT_CHARSET Font.ColorclGreenFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTPanelPanel19LeftTop,WidthHeight AlignalBottom BevelOuterbvNoneParentColor TabOrderTButtonButton10LeftuTopWidthxHeight Margins.Left Margins.TopMargins.BottomAlignalRightCaptionLast nedTabOrderOnClick Button10ClickTPanelPanel20AlignWithMargins Left2TopWidthHeightLMargins.Left2Margins.Top Margins.Right2Margins.BottomAlignalTop BevelOuterbvNoneParentColor TabOrderTLabelLabel20AlignWithMargins LeftATopWidth:Height&Margins.LeftAlignalLeftCaptionSynk32Font.CharsetDEFAULT_CHARSET Font.ColorclWindowTextFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTImageImage11LeftTopWidth2Height,CursorcrHandPointAlignalLeftCenter Picture.Data TIcon ( @033333333333333333333033333333330PPUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUPP """""""""""""""""""" """""""""" OnClickImage11ClickExplicitLeftTLabelLabel21LeftTopWidth Height,AlignalRightCaption?Font.CharsetDEFAULT_CHARSET Font.ColorclGreenFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTPanelPanel21LeftTop,WidthHeight AlignalBottom BevelOuterbvNoneParentColor TabOrderTButtonButton11LeftuTopWidthxHeight Margins.Left Margins.TopMargins.BottomAlignalRightCaptionLast nedTabOrderOnClick Button11ClickTPanelPanel22AlignWithMargins Left2Top~WidthHeightLMargins.Left2Margins.Top Margins.Right2Margins.BottomAlignalTop BevelOuterbvNoneParentColor TabOrderTLabelLabel22AlignWithMargins LeftATopWidthUHeight&Margins.LeftAlignalLeftCaption KalkulatorFont.CharsetDEFAULT_CHARSET Font.ColorclWindowTextFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTImageImage12LeftTopWidth2Height,CursorcrHandPointAlignalLeftCenter Picture.Data TIcon ( @ wwwwp ppypwwwwppppppwwwwppppppwwwwppppppwwwwpppwppwpppwpwwwwpwpwwwwpwppp"?"?"?"8>8>888OnClickImage12ClickExplicitLeftTLabelLabel23LeftTopWidth Height,AlignalRightCaption?Font.CharsetDEFAULT_CHARSET Font.ColorclGreenFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTPanelPanel23LeftTop,WidthHeight AlignalBottom BevelOuterbvNoneParentColor TabOrderTButtonButton12LeftuTopWidthxHeight Margins.Left Margins.TopMargins.BottomAlignalRightCaptionLast nedTabOrderOnClick Button12ClickTPanelPanel28AlignWithMargins Left2Top>WidthHeightLMargins.Left2Margins.Top Margins.Right2Margins.BottomAlignalTop BevelOuterbvNoneParentColor TabOrderTLabelLabel28AlignWithMargins LeftATopWidth2Height&Margins.LeftAlignalLeftCaptionEditorFont.CharsetDEFAULT_CHARSET Font.ColorclWindowTextFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTImageImage15LeftTopWidth2Height,CursorcrHandPointAlignalLeftCenter Picture.Data TIcon ( @h333333330""""" 333333333"""" 3333333330"""" 3333333333""" 33333333330""" 33333333333"" 333333333330"" 333333333333" 3333333333330" 3333333333333 33333333333330 33333333333333333333333333330333333333333330333333333333330333333333333330333333333333330333333333333330333333333333330333333333333330333333333333330333333333333330333333333333330333333333333330333333333333330OnClickImage15ClickExplicitLeftTLabelLabel29LeftTopWidth Height,AlignalRightCaption?Font.CharsetDEFAULT_CHARSET Font.ColorclGreenFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTPanelPanel29LeftTop,WidthHeight AlignalBottom BevelOuterbvNoneParentColor TabOrderTButtonButton15LeftuTopWidthxHeight Margins.Left Margins.TopMargins.BottomAlignalRightCaptionLast nedTabOrderOnClick Button15Click TTabSheet TabSheet4CaptionSysAdm ImageIndexTBevelBevel3AlignWithMargins Left(TopoWidthHeight Margins.Left( Margins.Right(AlignalTopShape bsTopLineExplicitLeft0ExplicitTopw ExplicitWidthDTBevelBevel5AlignWithMargins Left(Top/WidthHeight Margins.Left( Margins.Right(AlignalTopShape bsTopLineExplicitTop? ExplicitWidthTBevelBevel9AlignWithMargins Left(TopWidthHeight Margins.Left( Margins.Right(AlignalTopShape bsTopLineExplicitLeft2ExplicitTop ExplicitWidthTBevelBevel12AlignWithMargins Left(TopWidthHeight Margins.Left( Margins.Right(AlignalTopShape bsTopLineExplicitTop ExplicitWidthTPanelPanel14AlignWithMargins Left2TopWidthHeightLMargins.Left2Margins.Top Margins.Right2Margins.BottomAlignalTop BevelOuterbvNoneParentColor TabOrderTLabelLabel13AlignWithMargins LeftATopWidthHeight&Margins.LeftAlignalLeftCaptionFirmapakken SQL administrasjonFont.CharsetDEFAULT_CHARSET Font.ColorclWindowTextFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTImageImage8LeftTopWidth2Height,CursorcrHandPointAlignalLeftCenter Picture.Data TIcon ( @ :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::DD::::::hhhhhhhhhhhhhhhhhhhhhhhhhh::::::DDD::::::hhhhhhhhhhhhhhhhhhhhhhhhh::::::DDDD::::::hhhhhhhhhhhhhhhhhhhhhhhh::::::DDDDD::::::hhhhhhhhhhhhhhhhhhhhhhh::::::DDDDDD::::::hhhhhhhhhhhhhhhhhhhhhh::::::DDDDDDD::::::hhhhhhhhhhhhhhhhhhhhh::::::DDDDDD::::::::::::hhhhhhhhhhhhhhhhhhhh::::::DDDDD::::::::::::hhhhhhhhhhhhhhhhhhh::::::DDDD::::::::::::hhhhhhhhhhhhhhhhhh::::::DDD::::::::::::hhhhhhhhhhhhhhhhh::::::DD::::::::::::hhhhhhhhhhhhhhhh::::::D::::::::::::::::::hhhhhhhhhhhhhhh::::::::::::(:::::::::::::::hhhhhhhhhhhhhh:::::::::::::::::::::::::::hhhhhhhhhhhhh:::::::::::::::::::::hhhhhhhhhhhh:::::::::::::::2@::::::hhhhhhhhhhh::::::::::::2::::::hhhhhhhhhh::: 7::::::hhhhhhhhh:::::::::hhhhhhhh:::::::::hhhhhhh:::::::::hhhhhh:::::::::hhhhh:::::::::hhhh:::::::::hhh:::::::::hh:::::::::h:::::::::::::::::::::<OnClickImage8ClickExplicitLeftTLabelLabel14LeftTopWidth Height,AlignalRightCaption?Font.CharsetDEFAULT_CHARSET Font.ColorclGreenFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTPanelPanel15LeftTop,WidthHeight AlignalBottom BevelOuterbvNoneParentColor TabOrderTButtonButton8LeftuTopWidthxHeight Margins.Left Margins.TopMargins.BottomAlignalRightCaptionLast nedTabOrderOnClickButton8ClickTPanelPanel16AlignWithMargins Left2Top~WidthHeightLMargins.Left2Margins.Top Margins.Right2Margins.BottomAlignalTop BevelOuterbvNoneParentColor TabOrderTLabelLabel15AlignWithMargins LeftATopWidthHeight&Margins.LeftAlignalLeftCaptionFirmapakken SQL BackupFont.CharsetDEFAULT_CHARSET Font.ColorclWindowTextFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTImageImage9LeftTopWidth2Height,CursorcrHandPointAlignalLeftCenter Picture.Data TIcon ( @03333333333333333333303333333333w0xwwwwwwwwppxppxwwwwwwwwpw """""""""""""""""""" """"""""""w xwwwwwwwwppxppxwwwwwwwwpwOnClickImage9ClickExplicitLeftTLabelLabel17LeftTopWidth Height,AlignalRightCaption?Font.CharsetDEFAULT_CHARSET Font.ColorclGreenFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTPanelPanel17LeftTop,WidthHeight AlignalBottom BevelOuterbvNoneParentColor TabOrderTButtonButton9LeftuTopWidthxHeight Margins.Left Margins.TopMargins.BottomAlignalRightCaptionLast nedTabOrderOnClickButton9ClickTPanelPanel24AlignWithMargins Left2Top>WidthHeightLMargins.Left2Margins.Top Margins.Right2Margins.BottomAlignalTop BevelOuterbvNoneParentColor TabOrderTLabelLabel24AlignWithMargins LeftATopWidthAHeight&Margins.LeftAlignalLeftCaptionTestnettFont.CharsetDEFAULT_CHARSET Font.ColorclWindowTextFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTImageImage13LeftTopWidth2Height,CursorcrHandPointAlignalLeftCenter Picture.Data TIcon ( @??OnClickImage13ClickExplicitLeftTLabelLabel25LeftTopWidth Height,AlignalRightCaption?Font.CharsetDEFAULT_CHARSET Font.ColorclGreenFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTPanelPanel25LeftTop,WidthHeight AlignalBottom BevelOuterbvNoneParentColor TabOrderTButtonButton13LeftuTopWidthxHeight Margins.Left Margins.TopMargins.BottomAlignalRightCaptionLast nedTabOrderOnClick Button13ClickTPanelPanel26AlignWithMargins Left2TopWidthHeightLMargins.Left2Margins.Top Margins.Right2Margins.BottomAlignalTop BevelOuterbvNoneParentColor TabOrderTLabelLabel26AlignWithMargins LeftATopWidthQHeight&Margins.LeftAlignalLeftCaption LoggviserFont.CharsetDEFAULT_CHARSET Font.ColorclWindowTextFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTImageImage14LeftTopWidth2Height,CursorcrHandPointAlignalLeftCenter Picture.Data TIcon ( @DDD@?OnClickImage14ClickExplicitLeftTLabelLabel27LeftTopWidth Height,AlignalRightCaption?Font.CharsetDEFAULT_CHARSET Font.ColorclGreenFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTPanelPanel27LeftTop,WidthHeight AlignalBottom BevelOuterbvNoneParentColor TabOrderTButtonButton14LeftuTopWidthxHeight Margins.Left Margins.TopMargins.BottomAlignalRightCaptionLast nedTabOrderOnClick Button14ClickTPanelPanel30AlignWithMargins Left2TopWidthHeightLMargins.Left2Margins.Top Margins.Right2Margins.BottomAlignalTop BevelOuterbvNoneParentColor TabOrderTLabelLabel30AlignWithMargins LeftATopWidthHeight&Margins.LeftAlignalLeftCaptionFirmapakken SQL Backup EnglishFont.CharsetDEFAULT_CHARSET Font.ColorclWindowTextFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTImageImage16LeftTopWidth2Height,CursorcrHandPointAlignalLeftCenter Picture.Data TIcon ( @03333333333333333333303333333333w0xwwwwwwwwppxppxwwwwwwwwpw """""""""""""""""""" """"""""""w xwwwwwwwwppxppxwwwwwwwwpwOnClickImage16ClickExplicitLeftTLabelLabel31LeftTopWidth Height,AlignalRightCaption?Font.CharsetDEFAULT_CHARSET Font.ColorclGreenFont.Height Font.NameSegoe UI Font.Style ParentFontLayouttlCenterExplicitHeightTPanelPanel31LeftTop,WidthHeight AlignalBottom BevelOuterbvNoneParentColor TabOrderTButtonButton16LeftuTopWidthxHeight Margins.Left Margins.TopMargins.BottomAlignalRightCaptionLast nedTabOrderOnClick Button16Click TTabSheet TabSheet5CaptionOppsett ImageIndexTLabelLabel32LeftHTop_WidthHeightCaptionProgramvare for eldre maskiner.TLabelLabel33LeftHTopWidthHeightCaptionProgramvare for nye maskiner.TButtonButton6AlignWithMargins LeftHTop`WidthHeight)Margins.Left2Margins.Top Margins.RightMargins.BottomCaptionManuell nedlastingFont.CharsetDEFAULT_CHARSET Font.ColorclWindowTextFont.Height Font.NameSegoe UI Font.Style ParentFontTabOrderOnClickLabel16DblClickTRadioButtoni32Left8Top8WidthHeight)Caption32 bits programvareFont.CharsetDEFAULT_CHARSET Font.ColorclWindowTextFont.Height Font.NameSegoe UI Font.Style ParentFontTabOrderOnClicki32ClickTRadioButtoni64Left8TopWidthHeight)Caption64 bits programvareFont.CharsetDEFAULT_CHARSET Font.ColorclWindowTextFont.Height Font.NameSegoe UI Font.Style ParentFontTabOrderTButtonButton17AlignWithMargins LeftHTopWidthHeight)Margins.Left2Margins.Top Margins.RightMargins.BottomCaptionLast ned alle programFont.CharsetDEFAULT_CHARSET Font.ColorclWindowTextFont.Height Font.NameSegoe UI Font.Style ParentFontTabOrderOnClick Button17Click
RT_GROUP_CURSOR	LANG_ENGLISH	SUBLANG_ENGLISH_US	0x563238	20
RT_GROUP_ICON	LANG_ENGLISH	SUBLANG_ENGLISH_US	0x56324c	20
RT_VERSION	LANG_ENGLISH	SUBLANG_ENGLISH_US	0x563260	500
RT_MANIFEST	LANG_ENGLISH	SUBLANG_ENGLISH_US	0x563454	1495	PE Resource: RT_MANIFEST - Data <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0" xmlns:asmv3="urn:schemas-microsoft-com:asm.v3"> <dependency> <dependentAssembly> <assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" publicKeyToken="6595b64144ccf1df" language="" processorArchitecture=""/> </dependentAssembly> </dependency> <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3"> <security> <requestedPrivileges> <requestedExecutionLevel level="asInvoker" uiAccess="false" /> </requestedPrivileges> </security> </trustInfo> <compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1"> <application> <!--The ID below indicates app support for Windows Vista --> <supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"/> <!--The ID below indicates app support for Windows 7 --> <supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/> <!--The ID below indicates app support for Windows 8 --> <supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"/> <!--The ID below indicates app support for Windows 8.1 --> <supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"/> <!--The ID below indicates app support for Windows 10 --> <supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"/> </application> </compatibility> </assembly>

Meta infos 6

ProgramID:	com.embarcadero.iupdate
FileVersion:	1.0.0.0
FileDescription:	iupdate
Translation:	0x0409 0x04e4
ProductName:	iupdate
ProductVersion:	1.0.0.0

Packers detected 5

Borland Delphi 3.0 (???)
Borland Delphi 4.0
Borland Delphi v3.0
Borland Delphi v6.0 - v7.0
BobSoft Mini Delphi -> BoB / BobSoft

Anti debug functions 7

FindWindowExW
FindWindowW
GetLastError
GetWindowThreadProcessId
IsDebuggerPresent
RaiseException
UnhandledExceptionFilter

Strings analysis - File found

Database
Data.DB
Library
Cannot load ws2_32.dll
secur32.dll
IdnDL.dll
ssleay32.dll
security.dll
MSWSOCK.DLL
wship6.dll
libcrypto-3.dll
Fwpuclnt.dll
libmysqld.dll
WS2_32.dll
libcrypto-1_1.dll
USER32.dll
UxTheme.dll
ntdll.dll
OLEAUT32.dll
normaliz.dll
PSAPI.DLL
NETAPI32.dll
COMCTL32.dll
DWrite.dll
ole32.dll
IMM32.dll
ADVAPI32.dll
libssl-3.dll
Msctf.dll
xolehlp.dll
libmySQL.dll
KERNEL32.dll
IPHLPAPI.DLL
libssl-1_1.dll
libeay32.dll
Can not find xolehlp.dll
d2d1.dll
libssl32.dll
MSVCRT.dll
api-ms-win-core-winrt-l1-1-0.dll
dwmapi.dll
rpcrt4.dll
VERSION.dll
MSIMG32.dll
imagehlp.dll
WTSAPI32.dll
WSOCK32.dll
WindowsCodecs.dll
Shcore.dll
GDI32.dll
SHELL32.dll
Web Page
http://www.innovare.no/index.php?valgtside=oppdater.php

Strings analysis - Possible IPs found 3

0.0.0.1
255.255.255.255
127.0.0.1

Strings analysis - Possible URLs found 5

http://www.indyproject.org/
http://download.innovare.no/ftp/64/
file:///
http://www.innovare.no/index.php?valgtside=oppdater.php
http://download.innovare.no/ftp/

Import functions

gdi32.dll 109 wsock32.dll 23 IMAGEHLP.DLL 1 version.dll 3 WTSAPI32.DLL 2 advapi32.dll 17 kernel32.dll 146 msvcrt.dll 2 oleaut32.dll 17 shell32.dll 3 ole32.dll 8 comctl32.dll 37 user32.dll 197 winspool.drv 5

Function	Address	Souspicious	Anti Debug
Pie	0x8a71b4
SetBkMode	0x8a71b8
CreateCompatibleBitmap	0x8a71bc
GetEnhMetaFileHeader	0x8a71c0
RectVisible	0x8a71c4
AngleArc	0x8a71c8
ResizePalette	0x8a71cc
SetAbortProc	0x8a71d0
SetTextColor	0x8a71d4
GetTextColor	0x8a71d8
StretchBlt	0x8a71dc
RoundRect	0x8a71e0
SelectClipRgn	0x8a71e4
RestoreDC	0x8a71e8
SetRectRgn	0x8a71ec
GetTextMetricsW	0x8a71f0
GetWindowOrgEx	0x8a71f4
CreatePalette	0x8a71f8
CreateDCW	0x8a71fc
PolyBezierTo	0x8a7200
CreateICW	0x8a7204
GetStockObject	0x8a7208
CreateSolidBrush	0x8a720c
GetBkMode	0x8a7210
Polygon	0x8a7214
MoveToEx	0x8a7218
PlayEnhMetaFile	0x8a721c
Ellipse	0x8a7220
StartPage	0x8a7224
GetBitmapBits	0x8a7228
StartDocW	0x8a722c
AbortDoc	0x8a7230
GetSystemPaletteEntries	0x8a7234
GetEnhMetaFileBits	0x8a7238
GetEnhMetaFilePaletteEntries	0x8a723c
CreatePenIndirect	0x8a7240
CreateFontIndirectW	0x8a7244
PolyBezier	0x8a7248
EndDoc	0x8a724c
GetObjectW	0x8a7250
GetCurrentObject	0x8a7254
GetWinMetaFileBits	0x8a7258
SetROP2	0x8a725c
GetEnhMetaFileDescriptionW	0x8a7260
ArcTo	0x8a7264
Arc	0x8a7268
SelectPalette	0x8a726c
SetGraphicsMode	0x8a7270
ExcludeClipRect	0x8a7274
MaskBlt	0x8a7278
SetWindowOrgEx	0x8a727c
EndPage	0x8a7280
DeleteEnhMetaFile	0x8a7284
Chord	0x8a7288
SetDIBits	0x8a728c
GetViewportOrgEx	0x8a7290
SetViewportOrgEx	0x8a7294
CreateRectRgn	0x8a7298
RealizePalette	0x8a729c
SetDIBColorTable	0x8a72a0
GetDIBColorTable	0x8a72a4
CreateBrushIndirect	0x8a72a8
PatBlt	0x8a72ac
SetEnhMetaFileBits	0x8a72b0
Rectangle	0x8a72b4
SaveDC	0x8a72b8
DeleteDC	0x8a72bc
BitBlt	0x8a72c0
SetWorldTransform	0x8a72c4
FrameRgn	0x8a72c8
GetDeviceCaps	0x8a72cc
GetTextExtentPoint32W	0x8a72d0
GetClipBox	0x8a72d4
IntersectClipRect	0x8a72d8
Polyline	0x8a72dc
CreateBitmap	0x8a72e0
CombineRgn	0x8a72e4
SetWinMetaFileBits	0x8a72e8
GetStretchBltMode	0x8a72ec
CreateDIBitmap	0x8a72f0
SetStretchBltMode	0x8a72f4
GetDIBits	0x8a72f8
CreateDIBSection	0x8a72fc
ExtCreateRegion	0x8a7300
LineTo	0x8a7304
GetRgnBox	0x8a7308
EnumFontsW	0x8a730c
CreateHalftonePalette	0x8a7310
SelectObject	0x8a7314
DeleteObject	0x8a7318
ExtFloodFill	0x8a731c
UnrealizeObject	0x8a7320
CopyEnhMetaFileW	0x8a7324
SetBkColor	0x8a7328
CreateCompatibleDC	0x8a732c
GetBrushOrgEx	0x8a7330
GetCurrentPositionEx	0x8a7334
SetDCPenColor	0x8a7338
GetNearestPaletteIndex	0x8a733c
CreateRoundRectRgn	0x8a7340
GetTextExtentPointW	0x8a7344
ExtTextOutW	0x8a7348
SetBrushOrgEx	0x8a734c
GetPixel	0x8a7350
GdiFlush	0x8a7354
SetPixel	0x8a7358
EnumFontFamiliesExW	0x8a735c
StretchDIBits	0x8a7360
GetPaletteEntries	0x8a7364

Function	Address	Souspicious	Anti Debug
accept	0x8a7130
htons	0x8a7134
ntohs	0x8a7138
getsockopt	0x8a713c
setsockopt	0x8a7140
select	0x8a7144
WSAStartup	0x8a7148
__WSAFDIsSet	0x8a714c
WSACleanup	0x8a7150
getsockname	0x8a7154
listen	0x8a7158
gethostbyname	0x8a715c
bind	0x8a7160
closesocket	0x8a7164
inet_ntoa	0x8a7168
socket	0x8a716c
recv	0x8a7170
ioctlsocket	0x8a7174
WSAGetLastError	0x8a7178
connect	0x8a717c
shutdown	0x8a7180
inet_addr	0x8a7184
send	0x8a7188

Function	Address	Souspicious	Anti Debug
ImageDirectoryEntryToData	0x8a6edc

Function	Address	Souspicious	Anti Debug
GetFileVersionInfoSizeW	0x8a6e24
VerQueryValueW	0x8a6e28
GetFileVersionInfoW	0x8a6e2c

Function	Address	Souspicious	Anti Debug
WTSUnRegisterSessionNotification	0x8a6e7c
WTSRegisterSessionNotification	0x8a6e80

Function	Address	Souspicious	Anti Debug
RegSetValueExW	0x8a6e88
RegConnectRegistryW	0x8a6e8c
RegEnumKeyExW	0x8a6e90
RegLoadKeyW	0x8a6e94
RegDeleteKeyW	0x8a6e98
RegOpenKeyExW	0x8a6e9c
RegQueryInfoKeyW	0x8a6ea0
RegUnLoadKeyW	0x8a6ea4
RegSaveKeyW	0x8a6ea8
RegDeleteValueW	0x8a6eac
RegReplaceKeyW	0x8a6eb0
RegFlushKey	0x8a6eb4
RegQueryValueExW	0x8a6eb8
RegEnumValueW	0x8a6ebc
RegCloseKey	0x8a6ec0
RegCreateKeyExW	0x8a6ec4
RegRestoreKeyW	0x8a6ec8

Function	Address	Souspicious	Anti Debug
SetFileAttributesW	0x8a6ee4
GetFileType	0x8a6ee8
SetFileTime	0x8a6eec
QueryDosDeviceW	0x8a6ef0
GetACP	0x8a6ef4
CloseHandle	0x8a6ef8
LocalFree	0x8a6efc
GetCurrentProcessId	0x8a6f00
VirtualProtectEx	0x8a6f04
SizeofResource	0x8a6f08
TerminateThread	0x8a6f0c
QueryPerformanceFrequency	0x8a6f10
IsDebuggerPresent	0x8a6f14
FindNextFileW	0x8a6f18
GetFullPathNameW	0x8a6f1c
VirtualFree	0x8a6f20
GetProcessHeap	0x8a6f24
ExitProcess	0x8a6f28
HeapAlloc	0x8a6f2c
GetCPInfoExW	0x8a6f30
WriteProcessMemory	0x8a6f34
RtlUnwind	0x8a6f38
GetCPInfo	0x8a6f3c
EnumSystemLocalesW	0x8a6f40
GetStdHandle	0x8a6f44
GetTimeZoneInformation	0x8a6f48
FileTimeToLocalFileTime	0x8a6f4c
GetModuleHandleW	0x8a6f50
FreeLibrary	0x8a6f54
TryEnterCriticalSection	0x8a6f58
HeapDestroy	0x8a6f5c
FileTimeToDosDateTime	0x8a6f60
ReadFile	0x8a6f64
DosDateTimeToFileTime	0x8a6f68
GetLastError	0x8a6f6c
GetModuleFileNameW	0x8a6f70
WaitNamedPipeW	0x8a6f74
SetLastError	0x8a6f78
GlobalAlloc	0x8a6f7c
GlobalUnlock	0x8a6f80
FindResourceW	0x8a6f84
CreateThread	0x8a6f88
CompareStringW	0x8a6f8c
MapViewOfFile	0x8a6f90
CreateMutexW	0x8a6f94
LoadLibraryA	0x8a6f98
GetVolumeInformationW	0x8a6f9c
ResetEvent	0x8a6fa0
MulDiv	0x8a6fa4
FreeResource	0x8a6fa8
GetDriveTypeW	0x8a6fac
GetVersion	0x8a6fb0
RaiseException	0x8a6fb4
MoveFileW	0x8a6fb8
GlobalAddAtomW	0x8a6fbc
FormatMessageW	0x8a6fc0
SwitchToThread	0x8a6fc4
GetExitCodeThread	0x8a6fc8
GetCurrentThread	0x8a6fcc
LocalFileTimeToFileTime	0x8a6fd0
GetFileAttributesExW	0x8a6fd4
SetNamedPipeHandleState	0x8a6fd8
LoadLibraryExW	0x8a6fdc
LockResource	0x8a6fe0
FileTimeToSystemTime	0x8a6fe4
GetCurrentThreadId	0x8a6fe8
UnhandledExceptionFilter	0x8a6fec
GlobalFindAtomW	0x8a6ff0
VirtualQuery	0x8a6ff4
GlobalFree	0x8a6ff8
VirtualQueryEx	0x8a6ffc
Sleep	0x8a7000
EnterCriticalSection	0x8a7004
SetFilePointer	0x8a7008
ReleaseMutex	0x8a700c
LoadResource	0x8a7010
SuspendThread	0x8a7014
GetTickCount	0x8a7018
WritePrivateProfileStringW	0x8a701c
lstrcmpiA	0x8a7020
GetFileSize	0x8a7024
GlobalDeleteAtom	0x8a7028
GetStartupInfoW	0x8a702c
GetFileAttributesW	0x8a7030
InitializeCriticalSection	0x8a7034
GetThreadPriority	0x8a7038
GetCurrentProcess	0x8a703c
GlobalLock	0x8a7040
SetThreadPriority	0x8a7044
VirtualAlloc	0x8a7048
GetTempPathW	0x8a704c
GetCommandLineW	0x8a7050
GetSystemInfo	0x8a7054
LeaveCriticalSection	0x8a7058
GetProcAddress	0x8a705c
ResumeThread	0x8a7060
GetLogicalDriveStringsW	0x8a7064
GetVersionExW	0x8a7068
VerifyVersionInfoW	0x8a706c
HeapCreate	0x8a7070
LCMapStringW	0x8a7074
GetDiskFreeSpaceW	0x8a7078
VerSetConditionMask	0x8a707c
FindFirstFileW	0x8a7080
GetUserDefaultUILanguage	0x8a7084
GetConsoleOutputCP	0x8a7088
UnmapViewOfFile	0x8a708c
GetConsoleCP	0x8a7090
lstrlenW	0x8a7094
CompareStringA	0x8a7098
QueryPerformanceCounter	0x8a709c
SetEndOfFile	0x8a70a0
HeapFree	0x8a70a4
WideCharToMultiByte	0x8a70a8
FindClose	0x8a70ac
MultiByteToWideChar	0x8a70b0
LoadLibraryW	0x8a70b4
SetEvent	0x8a70b8
GetLocaleInfoW	0x8a70bc
CreateFileW	0x8a70c0
EnumResourceNamesW	0x8a70c4
DeleteFileW	0x8a70c8
IsDBCSLeadByteEx	0x8a70cc
GetEnvironmentVariableW	0x8a70d0
GetLocalTime	0x8a70d4
WaitForSingleObject	0x8a70d8
WriteFile	0x8a70dc
CreateFileMappingW	0x8a70e0
ExitThread	0x8a70e4
DeleteCriticalSection	0x8a70e8
GetDateFormatW	0x8a70ec
TlsGetValue	0x8a70f0
SetErrorMode	0x8a70f4
GetComputerNameW	0x8a70f8
IsValidLocale	0x8a70fc
TlsSetValue	0x8a7100
GetSystemDefaultUILanguage	0x8a7104
CreateDirectoryW	0x8a7108
EnumCalendarInfoW	0x8a710c
LocalAlloc	0x8a7110
RemoveDirectoryW	0x8a7114
CreateEventW	0x8a7118
GetPrivateProfileStringW	0x8a711c
WaitForMultipleObjectsEx	0x8a7120
GetThreadLocale	0x8a7124
SetThreadLocale	0x8a7128

Function	Address	Souspicious	Anti Debug
memcpy	0x8a6ed0
memset	0x8a6ed4

Function	Address	Souspicious	Anti Debug
SafeArrayPutElement	0x8a6e34
GetErrorInfo	0x8a6e38
VariantInit	0x8a6e3c
VariantClear	0x8a6e40
SysFreeString	0x8a6e44
SafeArrayAccessData	0x8a6e48
SysReAllocStringLen	0x8a6e4c
SafeArrayCreate	0x8a6e50
SafeArrayGetElement	0x8a6e54
SysAllocStringLen	0x8a6e58
SafeArrayUnaccessData	0x8a6e5c
SafeArrayPtrOfIndex	0x8a6e60
VariantCopy	0x8a6e64
SafeArrayGetUBound	0x8a6e68
SafeArrayGetLBound	0x8a6e6c
VariantCopyInd	0x8a6e70
VariantChangeType	0x8a6e74

Function	Address	Souspicious	Anti Debug
Shell_NotifyIconW	0x8a6afc
SHAppBarMessage	0x8a6b00
ShellExecuteW	0x8a6b04

Function	Address	Souspicious	Anti Debug
IsEqualGUID	0x8a7190
OleInitialize	0x8a7194
OleUninitialize	0x8a7198
CoInitialize	0x8a719c
CoCreateInstance	0x8a71a0
CoUninitialize	0x8a71a4
CoTaskMemFree	0x8a71a8
CoTaskMemAlloc	0x8a71ac

Function	Address	Souspicious	Anti Debug
ImageList_GetImageInfo	0x8a6a64
FlatSB_SetScrollInfo	0x8a6a68
InitCommonControls	0x8a6a6c
ImageList_DragMove	0x8a6a70
ImageList_Destroy	0x8a6a74
_TrackMouseEvent	0x8a6a78
ImageList_DragShowNolock	0x8a6a7c
ImageList_Add	0x8a6a80
FlatSB_SetScrollProp	0x8a6a84
ImageList_GetDragImage	0x8a6a88
ImageList_Create	0x8a6a8c
ImageList_EndDrag	0x8a6a90
ImageList_DrawEx	0x8a6a94
ImageList_SetImageCount	0x8a6a98
FlatSB_GetScrollPos	0x8a6a9c
FlatSB_SetScrollPos	0x8a6aa0
InitializeFlatSB	0x8a6aa4
ImageList_Copy	0x8a6aa8
FlatSB_GetScrollInfo	0x8a6aac
ImageList_Write	0x8a6ab0
ImageList_DrawIndirect	0x8a6ab4
ImageList_SetBkColor	0x8a6ab8
ImageList_GetBkColor	0x8a6abc
ImageList_BeginDrag	0x8a6ac0
ImageList_GetIcon	0x8a6ac4
ImageList_Replace	0x8a6ac8
ImageList_GetImageCount	0x8a6acc
ImageList_DragEnter	0x8a6ad0
ImageList_GetIconSize	0x8a6ad4
ImageList_SetIconSize	0x8a6ad8
ImageList_Read	0x8a6adc
ImageList_DragLeave	0x8a6ae0
ImageList_LoadImageW	0x8a6ae4
ImageList_Draw	0x8a6ae8
ImageList_Remove	0x8a6aec
ImageList_ReplaceIcon	0x8a6af0
ImageList_SetOverlayImage	0x8a6af4

Function	Address	Souspicious	Anti Debug
MoveWindow	0x8a6b0c
CopyImage	0x8a6b10
SetMenuItemInfoW	0x8a6b14
GetMenuItemInfoW	0x8a6b18
DefFrameProcW	0x8a6b1c
GetDlgCtrlID	0x8a6b20
FrameRect	0x8a6b24
RegisterWindowMessageW	0x8a6b28
GetMenuStringW	0x8a6b2c
FillRect	0x8a6b30
SendMessageA	0x8a6b34
EnumWindows	0x8a6b38
ShowOwnedPopups	0x8a6b3c
GetClassInfoExW	0x8a6b40
GetClassInfoW	0x8a6b44
GetScrollRange	0x8a6b48
SetActiveWindow	0x8a6b4c
GetActiveWindow	0x8a6b50
DrawEdge	0x8a6b54
GetKeyboardLayoutList	0x8a6b58
LoadBitmapW	0x8a6b5c
EnumChildWindows	0x8a6b60
GetScrollBarInfo	0x8a6b64
UnhookWindowsHookEx	0x8a6b68
SetCapture	0x8a6b6c
GetCapture	0x8a6b70
ShowCaret	0x8a6b74
CreatePopupMenu	0x8a6b78
GetMenuItemID	0x8a6b7c
CharLowerBuffW	0x8a6b80
PostMessageW	0x8a6b84
SetWindowLongW	0x8a6b88
IsZoomed	0x8a6b8c
SetParent	0x8a6b90
DrawMenuBar	0x8a6b94
GetClientRect	0x8a6b98
IsChild	0x8a6b9c
IsIconic	0x8a6ba0
CallNextHookEx	0x8a6ba4
ShowWindow	0x8a6ba8
GetWindowTextW	0x8a6bac
SetForegroundWindow	0x8a6bb0
IsDialogMessageW	0x8a6bb4
DestroyWindow	0x8a6bb8
RegisterClassW	0x8a6bbc
EndMenu	0x8a6bc0
CharNextW	0x8a6bc4
GetFocus	0x8a6bc8
GetDC	0x8a6bcc
SetFocus	0x8a6bd0
ReleaseDC	0x8a6bd4
GetClassLongW	0x8a6bd8
SetScrollRange	0x8a6bdc
DrawTextW	0x8a6be0
PeekMessageA	0x8a6be4
MessageBeep	0x8a6be8
SetClassLongW	0x8a6bec
RemovePropW	0x8a6bf0
GetSubMenu	0x8a6bf4
DestroyIcon	0x8a6bf8
IsWindowVisible	0x8a6bfc
PtInRect	0x8a6c00
DispatchMessageA	0x8a6c04
UnregisterClassW	0x8a6c08
GetTopWindow	0x8a6c0c
SendMessageW	0x8a6c10
GetComboBoxInfo	0x8a6c14
LoadStringW	0x8a6c18
CreateMenu	0x8a6c1c
CharLowerW	0x8a6c20
SetWindowRgn	0x8a6c24
SetWindowPos	0x8a6c28
GetMenuItemCount	0x8a6c2c
GetSysColorBrush	0x8a6c30
GetWindowDC	0x8a6c34
DrawTextExW	0x8a6c38
GetScrollInfo	0x8a6c3c
SetWindowTextW	0x8a6c40
GetMessageExtraInfo	0x8a6c44
GetSysColor	0x8a6c48
EnableScrollBar	0x8a6c4c
TrackPopupMenu	0x8a6c50
DrawIconEx	0x8a6c54
GetClassNameW	0x8a6c58
GetMessagePos	0x8a6c5c
GetIconInfo	0x8a6c60
SetScrollInfo	0x8a6c64
GetKeyNameTextW	0x8a6c68
GetDesktopWindow	0x8a6c6c
SetCursorPos	0x8a6c70
GetCursorPos	0x8a6c74
SetMenu	0x8a6c78
GetMenuState	0x8a6c7c
GetMenu	0x8a6c80
SetRect	0x8a6c84
GetKeyState	0x8a6c88
IsRectEmpty	0x8a6c8c
ValidateRect	0x8a6c90
GetCursor	0x8a6c94
KillTimer	0x8a6c98
WaitMessage	0x8a6c9c
TranslateMDISysAccel	0x8a6ca0
GetWindowPlacement	0x8a6ca4
GetMenuItemRect	0x8a6ca8
CreateIconIndirect	0x8a6cac
CreateWindowExW	0x8a6cb0
GetDCEx	0x8a6cb4
PeekMessageW	0x8a6cb8
MonitorFromWindow	0x8a6cbc
GetUpdateRect	0x8a6cc0
SetTimer	0x8a6cc4
WindowFromPoint	0x8a6cc8
BeginPaint	0x8a6ccc
RegisterClipboardFormatW	0x8a6cd0
MapVirtualKeyW	0x8a6cd4
OffsetRect	0x8a6cd8
IsWindowUnicode	0x8a6cdc
DispatchMessageW	0x8a6ce0
CreateAcceleratorTableW	0x8a6ce4
DefMDIChildProcW	0x8a6ce8
GetSystemMenu	0x8a6cec
SetScrollPos	0x8a6cf0
GetScrollPos	0x8a6cf4
InflateRect	0x8a6cf8
DrawFocusRect	0x8a6cfc
ReleaseCapture	0x8a6d00
LoadCursorW	0x8a6d04
ScrollWindow	0x8a6d08
GetLastActivePopup	0x8a6d0c
GetSystemMetrics	0x8a6d10
CharUpperBuffW	0x8a6d14
SetClipboardData	0x8a6d18
GetClipboardData	0x8a6d1c
ClientToScreen	0x8a6d20
SetWindowPlacement	0x8a6d24
GetMonitorInfoW	0x8a6d28
CheckMenuItem	0x8a6d2c
CharUpperW	0x8a6d30
DefWindowProcW	0x8a6d34
GetForegroundWindow	0x8a6d38
EnableWindow	0x8a6d3c
GetWindowThreadProcessId	0x8a6d40
RedrawWindow	0x8a6d44
EndPaint	0x8a6d48
MsgWaitForMultipleObjectsEx	0x8a6d4c
LoadKeyboardLayoutW	0x8a6d50
ActivateKeyboardLayout	0x8a6d54
GetParent	0x8a6d58
MonitorFromRect	0x8a6d5c
InsertMenuItemW	0x8a6d60
GetPropW	0x8a6d64
MessageBoxW	0x8a6d68
SetPropW	0x8a6d6c
UpdateWindow	0x8a6d70
MsgWaitForMultipleObjects	0x8a6d74
DestroyMenu	0x8a6d78
SetWindowsHookExW	0x8a6d7c
EmptyClipboard	0x8a6d80
GetDlgItem	0x8a6d84
AdjustWindowRectEx	0x8a6d88
IsWindow	0x8a6d8c
DrawIcon	0x8a6d90
EnumThreadWindows	0x8a6d94
InvalidateRect	0x8a6d98
GetKeyboardState	0x8a6d9c
ScreenToClient	0x8a6da0
DrawFrameControl	0x8a6da4
SetCursor	0x8a6da8
CreateIcon	0x8a6dac
RemoveMenu	0x8a6db0
GetKeyboardLayoutNameW	0x8a6db4
OpenClipboard	0x8a6db8
TranslateMessage	0x8a6dbc
MapWindowPoints	0x8a6dc0
EnumDisplayMonitors	0x8a6dc4
CallWindowProcW	0x8a6dc8
CloseClipboard	0x8a6dcc
DestroyCursor	0x8a6dd0
CopyIcon	0x8a6dd4
CharUpperBuffA	0x8a6dd8
PostQuitMessage	0x8a6ddc
ShowScrollBar	0x8a6de0
EnableMenuItem	0x8a6de4
HideCaret	0x8a6de8
FindWindowExW	0x8a6dec
MonitorFromPoint	0x8a6df0
LoadIconW	0x8a6df4
SystemParametersInfoW	0x8a6df8
GetWindow	0x8a6dfc
GetWindowRect	0x8a6e00
GetWindowLongW	0x8a6e04
InsertMenuW	0x8a6e08
IsWindowEnabled	0x8a6e0c
IsDialogMessageA	0x8a6e10
FindWindowW	0x8a6e14
GetKeyboardLayout	0x8a6e18
DeleteMenu	0x8a6e1c

Function	Address	Souspicious	Anti Debug
DocumentPropertiesW	0x8a6a4c
ClosePrinter	0x8a6a50
OpenPrinterW	0x8a6a54
GetDefaultPrinterW	0x8a6a58
EnumPrintersW	0x8a6a5c

PE Exports 2 suspicious

Function	Address
__dbk_fcall_wrapper	0x412788
dbkFCallWrapperAddr	0x88d648