3356559202bc774b2201346dcbfea6dadfd8b256288a8e0d7a8f7da120030fcb

Sharing

Copy URL

Twitter E-mail

General

Target

3356559202bc774b2201346dcbfea6dadfd8b256288a8e0d7a8f7da120030fcb
Size

12.8MB
MD5

239bf3b156c534745d584ad8cf02e5b0
SHA1

afa276ce42be4be7195e151370d3bf338acb437f
SHA256

3356559202bc774b2201346dcbfea6dadfd8b256288a8e0d7a8f7da120030fcb
SHA512

c9d5c44e7fbc8771547edb2d5a00495a06731768d4d463937de7699c8beeff4b4a39552ef52d741658eda230fc867bb882a0dc0221149dccbbaad294e193b58e
SSDEEP

196608:ai7OV7fPVUJqpZ6rspx/fuV9VPHNCMkn+meelg3rtyAnfAcH6GSeF9X0yxJ22gWy:D7OVgqpIrSf49bCMkn+PrtymBSeF9kyS

Score

8^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 3 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

Processes:

resource	yara_rule
static1/unpack001/GameHardware.exe	vmprotect
static1/unpack001/VMwarehardware.exe	vmprotect
static1/unpack001/hardware.exe	vmprotect

Files

3356559202bc774b2201346dcbfea6dadfd8b256288a8e0d7a8f7da120030fcb
.rar
GameHardware.exe
.exe windows x86

95fcdea6237ee6b61f2481f394057bbd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetVersionExA
TlsAlloc
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

IsIconic

gdi32

CreateSolidBrush

comdlg32

GetSaveFileNameW

advapi32

LookupPrivilegeValueW

shell32

ShellExecuteW

ole32

OleLockRunning

oleaut32

VariantInit

imagehlp

ImageNtHeader

imm32

ImmDisableIME

comctl32

ord17

wininet

HttpQueryInfoW

Exports

Exports

�|�1��%z�<sM��+_&w=c�i��4j�Vӥ/��);��x��B�-��fr(4[��P�'MΖ �K��,|3U��}�2��'4��#��S��-}�."�C\_�fN^��-�� (�#�uu�<��-�:+l�@탆9�p~9q ��V�>aAŴF�m�2 ��C�P�ֆq*�criy�l4ij��l�ˆ�%(��wgZ�g��Y��zQ��"�`u6�F�j�ʹ�Q��ԃ��EZ��|�c��F.�\�L7��UϞ�i��]yt�P��?�|��TXB'M�n8�4UX��=vdخi7�JQ��~}��O�;�"��,j��Ҽ�@�?w]�ǥ*�gR3_;�&�Qz��ب��Z��ͼ�@��;�e~��[W��:]�6��*��Z�SJ ��վ~t�t��k�W�-�b�U��Ӫ+R��b��۫Ŧ�u��l�$�]ut�4��W��`(�T�n�#�E"�ښw�SR7>�O��^3\m�<�T�h,��d�3��JC�>�̮}�p��$_B=e��=��r��M>��6!�8� њ��G��a��ڙ��}���RCJ��n�9ʰ˦��)��|�-�,ipm ��#��$�� u��w>��_ůd#��z$3�4)��<��K��^�AtZ{YťA ��ő�uʕ iٓ�W��7T�c�C��mk6�0]��~.�co�ԁ1��`DR��bör7�� \��qk<2Ǥ��`�/�D��Kn n��`��J�̷#�� 6V��q��6��<�H\��D��B2��dk�.�� @܆=��5��?��8G/��a-��Q��ZMx��F��E~�z 6:A��Cb��0/�]��h��L��X߽E�!ؙv)O�� p�d�8��0��F<W��O�t�{��ɤ]�6XLO��jD@֕��Y�/آ�#y<��b��%��t��FXQd#Ff��0��s�g��?A��I/�A�Ug�aT��ːG]Ճ��)��7��K��4:�I(mxv��?2�sҋ$�CQ�xRê�W9�\.*q�Sg�W��r�^ZtO��qMZH:��ҁ��e��Q��l=(agD|��p|gC��j�.[�Ȩ�v�b�`�j��p@�r��Yz��}��e^�O0��J1��(�!�uWG��Y6?W=��m��'��Hu�Z\��5�H7O ퟢ��5��7�g�� *rW��.��,9aǤ��pz.VS�eY�R�}w��뙆DÛ�o cf��w�ϓ^6�¦�aR'�_�X��U�''5k�˭Y��y\�!,w�Vo�� $N�[�'�U��m�].�->��bq��s�/�x�ƅ�~��L��8*��aA"l�2�v�b��m��?B��%��m(�ɚG�qѥЎ��z�v1�(�^9csc�e=6��=,|��& �Nx��J�9. \>-��83�Iq�c��J@%�p��vws��09ua�i{N��ݖ&��4BW ;a��~:�G,˺^�/��k`-2�֙^�KK*RF��=ы�=�fͫejSҮS".- qp��f�)��s�%ˡC "�9�j�L7l��a1j��Ft��a��Qᶄ&��_i��kB�I�P��jV��4ehG�d��Wu��k��I��<��vl��O.[(��3% E�GS�A��Z@�Qge�V�i��|�J��Y��)�#�o\[�y��&K��pG�]VvI�� ß�5�ro��Բ�էP`�ᓶ��L��0�d��MC!�챥/:w1�% �?M%��6&r�~m� ��zi�Yi_ v�A��v�z'Tj��,ӧ��CK�6�@F7d��~ �kL)�0a�^B<L�Uz�B�sZ��FB$g�b-&��ʏ��k ��,*�`�}�B!3`�:��+� 0y%��=V{l��~V ��*�x�奬��?��I��/G�j��\r/��i�Zs��)��3RA95��;F��:��v�%��J��Th��o��`*~��^�!�V�r�'G��v��,`��!�tE�3"8��K?W�Y��<�� ZC�G�Bm�Ϫ��.��hxx)*7�涮R [��i��џp��.��zwc �(�b�+ˌT�ң^M��hc4Ar��&��|�1��r�9��2~Y7�D`84�ի�s!w��R�٧��qx��~ �3/4T�Q�Y'r��a�>ɑ�:�bw��<�V:T�ω�gZ(��Ѩ-� �f�uef�]9d�� W%�XMC�;�Te$�l0H5*�Ck[~?��~TVr�r��{p��7θ/�7u�Q5k�<�a��xUOe�\n堠f{�Ԛ#&�� O�WV��)C��qLBT�B�i�@��W��V9p~��R��Z��ڂ ��Y�4�a5��+�DYl��M�Ex�}&��d�%�-�ĵa�Ƣ� �� A��$2@��pXߪb� ��dEUN��G�]�.�z��}4^ҙXL�>N��iw��O;�GF��s�p�:x`,��][wخ_S0� $�tَ��Of�X^+�z��P/�[S��5eL5��VX�FϿt�Z�?��eA�f\w� �1�%��K�/�GRd��h$�A[�@SGx�9��f�)*�?d-]`�px��8��uND n��T�'��M�u7�@��$��by��|��0U��7 U�F^�zl[��r��PZ �1�bL~��0B�`TK��b=�79+��V��bJ��)�BMϏ�l��l0�H�O8 ��W��dYɢ�. �ݷ��vh��ӝ��pi꣖�7�-�$��1M�W�Y�)�Y��4��'

Sections

.text
Size: - Virtual size: 340KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 668KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IP地址修改器.exe
.exe windows x86

f0bf84dc4f50c80dffd85e2831db09ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
QueryPerformanceCounter
IsBadReadPtr
VirtualFree
HeapCreate
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
SetUnhandledExceptionFilter
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
GetLocaleInfoA
TerminateProcess
GetSystemTimeAsFileTime
HeapSize
HeapReAlloc
CreateThread
ExitThread
ExitProcess
RaiseException
RtlUnwind
HeapFree
HeapAlloc
GetStartupInfoW
FindResourceExW
VirtualProtect
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GetProfileIntW
SearchPathW
GetTempPathW
GetTempFileNameW
SetErrorMode
WriteConsoleA
SetEnvironmentVariableA
CreateFileA
WriteConsoleW
GetFileType
FileTimeToSystemTime
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetFileSize
GetFileAttributesW
lstrcpyW
GetCurrentDirectoryW
GlobalGetAtomNameW
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
lstrlenA
CopyFileW
GlobalSize
FormatMessageW
LocalFree
MulDiv
GetModuleHandleA
InterlockedDecrement
GetCurrentProcessId
WaitForSingleObject
ResumeThread
SetThreadPriority
GlobalUnlock
WritePrivateProfileStringW
GetPrivateProfileIntW
GlobalFree
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GlobalLock
GlobalAlloc
lstrlenW
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
LoadLibraryA
GetLastError
SetLastError
FreeLibrary
lstrcmpW
GetModuleHandleW
GetVersionExA
GetThreadLocale
InterlockedIncrement
LockResource
SizeofResource
LoadResource
FindResourceW
CloseHandle
DeviceIoControl
CreateFileW
GetProcAddress
LoadLibraryW
Sleep
GetTickCount
MultiByteToWideChar
WideCharToMultiByte
GetConsoleOutputCP

user32

IsClipboardFormatAvailable
MapVirtualKeyExW
IsCharLowerW
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
SetCursorPos
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
UnregisterClassW
GetKeyNameTextW
GetNextDlgGroupItem
EmptyClipboard
CloseClipboard
SetClipboardData
LoadImageW
DestroyIcon
CopyImage
OpenClipboard
DrawStateW
RegisterClipboardFormatW
EnumChildWindows
LockWindowUpdate
BringWindowToTop
KillTimer
SetTimer
IsMenu
GetSystemMenu
SetClassLongW
SetParent
CreatePopupMenu
NotifyWinEvent
SetWindowRgn
CreateAcceleratorTableW
LoadAcceleratorsW
DestroyAcceleratorTable
GetAsyncKeyState
CharUpperW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyW
ToUnicodeEx
PostThreadMessageW
SetRectEmpty
DeleteMenu
WaitMessage
WindowFromPoint
LoadCursorW
GetSysColorBrush
DestroyMenu
InflateRect
ReleaseCapture
SetCapture
InvalidateRgn
InvalidateRect
CopyAcceleratorTableW
SetRect
IsRectEmpty
GetMenuStringW
AppendMenuW
InsertMenuW
RemoveMenu
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
DefFrameProcW
FillRect
GetWindowThreadProcessId
ShowOwnedPopups
SetCursor
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
LoadMenuW
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SetWindowContextHelpId
MapDialogRect
SystemParametersInfoW
MessageBeep
RedrawWindow
IsZoomed
PostQuitMessage
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
FrameRect
GetUpdateRect
CharUpperBuffW
CopyIcon
SubtractRect
GetIconInfo
GetDoubleClickTime
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
DestroyCursor
GetWindowRgn
TabbedTextOutW
CreateMenu
PostMessageW
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
IsWindow
GetWindowLongW
GetParent
OffsetRect
PtInRect
CopyRect
GetDlgCtrlID
GetWindow
CharNextW
GetWindowTextA
GetDlgItem
GetWindowTextW
MessageBoxW
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
SendMessageW
LoadIconW
EnableWindow
GetMenuItemInfoW

gdi32

CreateRectRgnIndirect
GetRgnBox
CreateFontIndirectW
GetTextExtentPoint32W
OffsetRgn
CreateDIBitmap
CreateCompatibleBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
SetDIBColorTable
PatBlt
GetDIBits
RealizePalette
CombineRgn
StretchBlt
SetPixel
CreateDIBSection
SetRectRgn
GetMapMode
DPtoLP
CreateEllipticRgn
CreatePolygonRgn
Polyline
Ellipse
Polygon
Rectangle
RoundRect
CopyMetaFileW
GetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
ExtTextOutW
TextOutW
RectVisible
Escape
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType
SelectPalette
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
CreatePalette
GetStockObject
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
GetTextColor
GetBkColor
GetDeviceCaps
GetObjectW
SelectObject

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumKeyExW
RegCloseKey
RegQueryValueExW
RegDeleteValueW
RegSetValueExW
RegFlushKey
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyExW
RegQueryValueW
RegOpenKeyW

shell32

DragFinish
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW
DragQueryFileW
SHAppBarMessage
SHGetFileInfoW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW

oledlg

OleUIBusyW

ole32

OleCreateMenuDescriptor
CoRegisterMessageFilter
CoRevokeClassObject
CoInitializeEx
OleGetClipboard
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateStreamOnHGlobal
StgOpenStorageOnILockBytes
CoGetClassObject
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CLSIDFromProgID
CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CLSIDFromString
StringFromCLSID
StgCreateDocfileOnILockBytes
IsAccelerator
OleTranslateAccelerator
CreateILockBytesOnHGlobal
OleDestroyMenuDescriptor

oleaut32

SysAllocStringLen
VariantCopy
SysAllocString
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringLen
SysFreeString
VariantInit
VariantChangeType
VariantClear
OleCreateFontIndirect

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCloneImage

iphlpapi

GetAdaptersInfo
GetAdaptersAddresses
SendARP
GetPerAdapterInfo

ws2_32

inet_addr

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VMwarehardware.exe
.exe windows x86

7127463e4161bd2854914c62725bc419

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetVersion
TlsGetValue
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

SetWindowPos

gdi32

DeleteDC

comdlg32

GetOpenFileNameW

advapi32

RegOpenKeyExW

shell32

ShellExecuteW

ole32

CoUninitialize

imagehlp

ImageNtHeader

comctl32

_TrackMouseEvent

iphlpapi

GetAdaptersInfo

winmm

waveOutGetDevCapsW

wininet

InternetOpenW

imm32

ImmSetCompositionWindow

oleaut32

SysFreeString

gdiplus

GdipSetPixelOffsetMode

Exports

Exports

* ��2 �ڨ�w8�z�uJk_��NҊF^5,Ә��-��y*Ьd��DwG�7버��=��I]��|�n]a��$�Ok��WK=am�f��+��bb!��V��6^��i�U}��:xv�x�?�a�Cd$A#�N$�J�#x��-��@��C��B ��ޛ��!�D��*�f뽫|�ny�>w��}ʻ�]��#T�) ټeD��:)W9�Ig��ة�/$ J��p��N6N�� J'�,䒌 ��'��@��a��F7�Ɋz��;�s^k�� t��F�� <p��uW�>q�q+TպEK��n՛��L�d+��̂yZ"�0�.Em��#�c%[fQ&ƭ<Ⱔy'l��.�0(�\S(� ��֋RXbO�0 ]{��5��w�܃L��o��0�aK��6�'@(F�eh�S&��F��˫��"�<��3^��t��k�Bxo�ʽ(W��?�T��-7=�eq��P{_d�C��G ��y��(X��S��n��ڮ�:�6p�*��sU��G�8^0��#3�І�o#� � ��c͙ ��w��=ڜG��3�Rmr� ^�S��L��K�V�)�--�S� T�e�k��b��b��W%��nK��q�#@�i��0��;qi��O d?�+�{��,z7�V�YSY wb+�[��P��؀д�Т��Q��@��Na �* ϕ��'|@l�Y�U��]9�p5�Y_�Y�Z΍3��g PM�5d�~�?[��]W:�~P�,��Z�� 08P_�u�1mO,�;��RI�r&x�7ׂe��f��õ�j~�c�;��4��3~yϫ��5�� `<^��0��U�,��W`(=�g��O�X��|��I ��)"��$5J��o�NkzM�Q��qjqx��.��}�v�O�K��M��/��F�DNM�6۳4�c�N��09� ��!,��ϚZJ��q��J�|$*#5��G�R#8�w�3��>��v��,CMb'�䒸�� pN�5<��N8ԖG�t�B4%��]_#��[�X��$�ĈT+p��1�ψ]$��X�Ո$�(>n�TlFq�F�S�}xn��W!Y�B(��t��1��9��;��h�B�E�u��_�P� ��Y�_:��)��= Æ9_,ZW�1N��`.<��IU��qr��(��tJ*��4��]~E�8��םxd��x��&IP$V��VV`�%!��xrJ��8w~yO�B�P��n�L�7�(C��.vc��"~)�"�W]T�N� KR��zQ"��rg�ݮ��&��v�Zt��U�׿$�05_�G��Z��cK�_"�7a�m �jln�%�-t!qp~BP�@��ӕ��d��{+� ��I�xß?��j�� ^��|��FO�]]%Owa#��H��*��(PVq�$ha2JW�ā{�M_�)��:1��\�ܧ3o=��"j��|ĩ�П�#��Ǻ�d��:��d��F��'�i��Y\�a9��O73S�/{��mݦ��{��<Y;>�m:m:� ��e�,�܍��~H�lR�+�Ζ׺)��)b�f��I�YU`�M��v�v#Ҥ��ň�C�+<��`�?�� Mm�PT`�ޤ�#�N�>�B��n��Y_�햊�#EM�."_�D�sP�u!3��3�Gq@�M"��^�D�6=��E�K@��-=Y��7Aۅ~��jq��ͯ�X�}h�9�to^��&v��F�myUJ��$WC%w��Qj��㟝&�x��ͷ��zL-ڼW<��f�.ξ��N�2�> ��3M�Ҥ� E��>�(¹�kѾ�O.;E�$:�RYi{kI+�V�#^�oQ�w~��0 �PK��`r��e;��r�i�1��~�X{�kT��BQ�� &𲹵�7�� w��X̢��PS+N�(ǜ5�q�!{i�aw��^\\4p�oJ�ʤ;��GV߁|�o��vC��-��jۤMf&W��2#��4T�ֹ�0��k�*Z#�9��B�pK��k8�6��~qbg��֧ �� @re"�_��cmo&ۦ��O��BL�G̥��Q��*�ۆ�V81�'9�1�ii�Qu�%�<��xZ.\��,6�6S��/>�u�]��y�~��Gx�kF��"ܽ��Erm�6Za�L��M�M->(�%_X�3e��"!��Y�r��ĳ��S�"C��ly�'��_|A��J}��qfR��j8�>�ę%U�� :Y�_G��|Z��-�qURc��K��8��pGa��1�B��Vd�f��j�Eˎ5L�$B��G�e_��ҸDW,'h] ,zxm�іA��Xݿ��g�r��`�a��mt�tت��s퉠ya�(;ȷ�QOv��2��g�1��_�B�K�s�Ɣ��9�%�^,}��)5�8W�G5$�@�@*ְJ��۟7�rw!��g�ّ�8d�7-��~k�9�ey��=�6o��X�"��럶��%R�!_��%��q�|}r�嚓�j4ɱ��1�7�� 7Ձ��ǒ��LiI�\�w �:F_r�\E#P~vpU�.��Q?��?:��T�,��"V��qf2,��3�U��Bb�!� �f��-Fu �p$v~i͇ �(ėGh2ۥO��'�lȄ��|�ͻA��u�U�-z��Gߴ+��p3��0�dGP�j�,��h;��W��O-��U�� ~�{�m��k40)ZæR�X��e)`%��w��f�W�c�

Sections

.text
Size: - Virtual size: 664KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 963KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
hardware.exe
.exe windows x86

cbf35aa0e49c55fea42ace3691d707aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetVersion
SetEndOfFile
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

CallWindowProcW

comdlg32

GetOpenFileNameW

advapi32

OpenProcessToken

shell32

ShellExecuteW

ole32

CoCreateInstance

imagehlp

ImageNtHeader

comctl32

_TrackMouseEvent

iphlpapi

GetAdaptersAddresses

psapi

GetProcessImageFileNameW

wininet

HttpQueryInfoW

imm32

ImmReleaseContext

gdi32

CreatePenIndirect

oleaut32

VariantInit

gdiplus

GdipImageSelectActiveFrame

Exports

Exports

�u-C��D�~�r��b�b~##�2�e�&dO9��Pc6��7��~��bEm@w`�/O&��݂e�^k�l�ĥ�Ʋ�j��*0�X(��"�)�يq�8��v.�jj!̛�T �\��L��ѡ)`�"��}�gM�-��)M^��o�"�O��6cm\M�;6�d=;�2[�իh�5��i�(O �6�5��Jj�В��-�b�5��~�s�G$��t��6�@��-�. ��耪S�>m��[��]C�l�˧<zcI��^;@a��.n��V��9��ւѺ��g��:��1�64�@�4�H�h"Z ��7��h��Y��V�⪈��PV ��e��ݎ��_��J�c��z��c��0��I�`��\�1z=Ӗ ��/&��lrG��G�v1�ǃA�U��ΎDk��4�5�}��x�<��5vJB&Q�Q��t�L>�7��q(��$qVun�Z+آqL��k��!�u��0�P�` ː��5>һ��q��~��|ʚ �w��E��4�L��1?��W$��_�]�� s6��T�(��j��527��v�{6��'��G��77�(j�rYJ�{@s� �1��-�yt��t載��f��G��R7`��H�i�$;�KAG4w?di��?�0��H ��?�ҧ�y��C��Q>PݼbU�i�� 4�� F��-�&q��r��>�e��$h�ݤ�̈́L^Y��X�E��X��d��1,$��R��>.�iK�e�޵�O�%3��OG+��g�ø��{��;��q�~`�u��O CC��+EPt��ᛡt�*�=+G� �]��:�ݵ�5� ��'3��* eUz��M��z��U�5TN�3�5ʋMܒU� �,��O��/νU&�n!k��K�� 9��4�(�\�r�?0�܇��E~_g��m�$��ΗbQ@��[c��>؎�8��Q�̓ 9�{9)� bHILe׬1��mX��N��Bٍ4z�=�3��0Y}��}M}c�t]��I$�¤g�s�}�<7�� n��T��VV�]A��r��KA��WJ0�W�\fi��p��'�!Ѻ؏�E�:y=��X� �v�0i;��"��),�>�6��/�Q-p>&BUP��3u�n�V��vQ�9�ǡR�=jS��H��>�R�9�?�u��j7�XC�\�b��,�_#��9&1оȸ��ڵ�8��b��ò�ӜS�g�J�0m�wv��LAƊ:�#��z]��J�m(��{�uJ[ɘt:T��Jw2au�`��]Y� � �� HJ�v��2��ԉ��qAGd�޶5�x9�OI�r{a��K;�Z�{��ZT��W�#.~��SW?��[�+Ip~I��sU�b�{��;B ��0� 0�^MW�\9�T U��^�'*C��Y�_��Y�e��i��901�"�"䁥�Vz+��9��P0 .�,��b��?[/y��^( �m>�"��'�:�A��0v��]_��Fj{�<6̕�W).&wM��M[��Yyh�ũ֧\�i^�4dl�D��2��+:��5�Q'^y5į��C{¹� ��C��;_�<XQ[��"֒Z��Д��qD�x�#rQz�hj��3l~$��9\X�~�3��(:]ǒ -��@ �3�4c��"�̴)X�#p�2٪��O�?�5@��}#��g�`��x��c!��r;��A~-}40R]�'(�%�r�{�*��z�3+U��iAJ��e.�VM��y�Wec��veE��W�eJ. ��v:+��2�E�X;�AL�@�j��Z�Y7��)Æ0.��.8��ԑ*�^��`��ᜃ>:!b�� 5��赇��^��_o��r��(k�;%�tfp�K�+��ܻՠm�� 7U�"��ʚ�t��G8��i�h�X��>]�7^��}��d0۞��A��T�z��3ծ[��8&I�a��|�8�B��֒��G$��U�w�I�6�� ,�5Hӂ�-+�X%i�I�4��V?F~h㱁�� !�x�� &~Vt)��K��\mQKm Z s>�F�&p�,��1�즑S��uW��U8�D��dA�B"1��L��Y�q��V��`ܧ��U1Z�Q��n͙��A<iA��w��]5,��:z��s��r,��~�9E��9��ŧA*��1�n��ϐ�2"Я��6��:�H�v%��=�7Q� ��=��Ƌ��Jy7�z��cB�=��q��V�*"�,��ӈP�&-i8��΃�V�U�k��&�0Fu*0?��I혖R�#��q�w�c�<�e]��\9�r#d�F��c}�� v�H��b�l��Г�C��o��C��r�R��X}�!L�}V�)�㈤��Ϯu�i�Ҵ!k�y�aD{��v�O��~{�v��@�-'ó\~��(�p�<�k�s�V��q!@VR��ݢ�77]�e�|V��!��"�T�t�X�"cK�Q��s۬$�$S-�z��'��(��z��9X�V��Sp�v�oI.��=�/��f�H[��Ja�C�O�S�I��߿:��y\�f�%�F�85-c��|N* 0��+5��9H�Z�]x_��`|�t:R�}�x�! ��._G��m`~ٺ��'�\��-41T��F��,��DD�r��.��`$>E�{j��0G9�Х�ogX�z�y�cd=!�ĕrԵxj-��d�.�<�c��'.��{�]��L��6��P!Y��/�L�!~�*�懭�Yt��i��>�]�

Sections

.text
Size: - Virtual size: 661KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
一键修改系统信息.exe
.exe windows x86

f8d955f54ea1e57274502422605587a9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetTimeZoneInformation
IsDebuggerPresent
UnhandledExceptionFilter
QueryPerformanceCounter
IsBadReadPtr
VirtualFree
HeapCreate
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
CreateFileA
VirtualQuery
GetSystemInfo
VirtualAlloc
GetSystemTimeAsFileTime
HeapSize
TerminateProcess
HeapReAlloc
RaiseException
CreateThread
ExitThread
ExitProcess
RtlUnwind
HeapFree
HeapAlloc
GetStartupInfoW
FindResourceExW
VirtualProtect
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GetProfileIntW
SearchPathW
GetTempPathW
GetTempFileNameW
SetErrorMode
FileTimeToSystemTime
GlobalGetAtomNameW
SetEnvironmentVariableA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
lstrlenA
GetFileSize
GetFileAttributesW
lstrcpyW
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetModuleHandleA
GetCurrentDirectoryW
CopyFileW
GlobalSize
FormatMessageW
LocalFree
MulDiv
InterlockedDecrement
GlobalFindAtomW
GetVersionExW
CompareStringW
LoadLibraryA
GetVersionExA
GetCurrentProcessId
GetLastError
SetLastError
GlobalAddAtomW
WaitForSingleObject
ResumeThread
SetThreadPriority
GlobalUnlock
lstrlenW
WritePrivateProfileStringW
GetPrivateProfileIntW
FreeResource
GlobalFree
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
FreeLibrary
LockResource
SizeofResource
LoadResource
FindResourceW
GetModuleHandleW
GetDriveTypeW
GetLogicalDriveStringsW
LoadLibraryW
GetProcAddress
DeviceIoControl
CreateFileW
IsBadWritePtr
GetLocalTime
Sleep
GetTickCount
CloseHandle
GetCurrentProcess
MultiByteToWideChar
WideCharToMultiByte

user32

IsClipboardFormatAvailable
MapVirtualKeyExW
GetKeyNameTextW
IsCharLowerW
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
SetCursorPos
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
UnregisterClassW
GetMenuItemInfoW
GetNextDlgGroupItem
InvalidateRgn
SetRect
CharNextW
EmptyClipboard
CloseClipboard
SetClipboardData
LoadImageW
DestroyIcon
CopyImage
OpenClipboard
DrawStateW
RegisterClipboardFormatW
EnumChildWindows
LockWindowUpdate
BringWindowToTop
IsRectEmpty
KillTimer
SetTimer
InvalidateRect
InflateRect
IsMenu
GetSystemMenu
SetClassLongW
SetParent
CreatePopupMenu
NotifyWinEvent
SetWindowRgn
CreateAcceleratorTableW
LoadAcceleratorsW
DestroyAcceleratorTable
GetAsyncKeyState
CharUpperW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyW
ToUnicodeEx
DestroyMenu
PostThreadMessageW
GetSysColorBrush
SetRectEmpty
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
DeleteMenu
WaitMessage
ReleaseCapture
LoadCursorW
WindowFromPoint
SetCapture
ClientToScreen
DefFrameProcW
AppendMenuW
InsertMenuW
RemoveMenu
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetClientRect
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
CopyRect
PtInRect
GetMenu
SetWindowLongW
IntersectRect
SystemParametersInfoA
IsIconic
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
FrameRect
GetUpdateRect
CharUpperBuffW
CopyIcon
SubtractRect
GetIconInfo
GetDoubleClickTime
CreateMenu
GetWindowRgn
GetWindowPlacement
GetSystemMetrics
GetWindowThreadProcessId
GetLastActivePopup
ShowOwnedPopups
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
DestroyCursor
GetMenuStringW
DrawIcon
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetWindowRect
LoadMenuW
GetSubMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetWindow
SetWindowContextHelpId
GetParent
MapDialogRect
SetWindowPos
WinHelpW
SystemParametersInfoW
OffsetRect
MessageBeep
RedrawWindow
IsZoomed
PostQuitMessage
PostMessageW
SendMessageW
LoadIconW
EnableWindow
MessageBoxW
CopyAcceleratorTableW

gdi32

CreateDIBitmap
CreateFontIndirectW
CreateCompatibleBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
GetTextColor
GetTextExtentPoint32W
SetDIBColorTable
PatBlt
GetDIBits
RealizePalette
CombineRgn
StretchBlt
SetPixel
CreateDIBSection
GetBkColor
SetRectRgn
GetMapMode
DPtoLP
CreateEllipticRgn
CreatePolygonRgn
Polyline
Ellipse
Polygon
Rectangle
RoundRect
CreatePalette
GetRgnBox
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
Escape
ExtTextOutW
TextOutW
SelectObject
OffsetRgn
CreateRectRgnIndirect
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
GetPaletteEntries
CreateBitmap
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CopyMetaFileW
GetDeviceCaps
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
SetViewportOrgEx

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegQueryValueExW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
OpenProcessToken
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW

shell32

DragQueryFileW
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW
SHAppBarMessage
DragFinish
SHGetFileInfoW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
SHDeleteKeyW
PathRemoveFileSpecW

oledlg

OleUIBusyW

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleGetClipboard
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CreateStreamOnHGlobal
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CLSIDFromProgID
CoTaskMemFree
StringFromCLSID
CoUninitialize
CoCreateInstance
CoInitialize
CLSIDFromString
CoRegisterMessageFilter
CoRevokeClassObject
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
IsAccelerator
OleTranslateAccelerator

oleaut32

SysFreeString
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SysAllocString
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCloneImage

iphlpapi

GetAdaptersAddresses
GetAdaptersInfo

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 285KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
分区序列号修改工具.exe
.exe windows x86

fddbb1ee1ec29758aea0be53f6f44564

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSectionAndSpinCount
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
IsBadReadPtr
QueryPerformanceCounter
VirtualFree
HeapCreate
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
CreateFileA
SetUnhandledExceptionFilter
GetFileType
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
GetSystemTimeAsFileTime
HeapSize
HeapReAlloc
RaiseException
CreateThread
ExitThread
ExitProcess
RtlUnwind
HeapFree
HeapAlloc
GetStartupInfoW
FindResourceExW
VirtualProtect
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GetProfileIntW
SearchPathW
GetTempPathW
GetTempFileNameW
SetErrorMode
WriteConsoleW
GetConsoleOutputCP
GetStdHandle
WriteConsoleA
FileTimeToSystemTime
GlobalGetAtomNameW
GetFullPathNameW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
lstrlenA
GetFileSize
GetFileAttributesW
lstrcpyW
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetModuleHandleA
GetCurrentDirectoryW
CopyFileW
GlobalSize
FormatMessageW
LocalFree
MulDiv
InterlockedDecrement
GlobalFindAtomW
GetVersionExW
CompareStringW
LoadLibraryA
GetVersionExA
GetCurrentProcessId
GetLastError
SetLastError
GlobalAddAtomW
WaitForSingleObject
ResumeThread
SetThreadPriority
GlobalUnlock
lstrlenW
WritePrivateProfileStringW
GetPrivateProfileIntW
FreeResource
GlobalFree
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
LoadLibraryW
CompareStringA
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
FreeLibrary
LockResource
SizeofResource
LoadResource
FindResourceW
GetVolumeInformationW
CloseHandle
CreateFileW
GetModuleHandleW
GetProcAddress
GetDriveTypeW
GetLogicalDriveStringsW
Sleep
GetTickCount
MultiByteToWideChar
WideCharToMultiByte

user32

DefFrameProcW
IsClipboardFormatAvailable
MapVirtualKeyExW
GetKeyNameTextW
IsCharLowerW
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
SetCursorPos
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
UnregisterClassW
GetMenuItemInfoW
GetNextDlgGroupItem
InvalidateRgn
SetRect
CharNextW
EmptyClipboard
CloseClipboard
SetClipboardData
LoadImageW
DestroyIcon
CopyImage
OpenClipboard
DrawStateW
RegisterClipboardFormatW
EnumChildWindows
LockWindowUpdate
BringWindowToTop
IsRectEmpty
KillTimer
SetTimer
InvalidateRect
InflateRect
IsMenu
GetSystemMenu
SetClassLongW
SetParent
CreatePopupMenu
NotifyWinEvent
SetWindowRgn
CreateAcceleratorTableW
LoadAcceleratorsW
DestroyAcceleratorTable
GetAsyncKeyState
CharUpperW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyW
ToUnicodeEx
CopyAcceleratorTableW
DestroyMenu
GetSysColorBrush
SetRectEmpty
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
DeleteMenu
WaitMessage
ReleaseCapture
LoadCursorW
WindowFromPoint
SetCapture
ClientToScreen
GetMenuStringW
DefMDIChildProcW
InsertMenuW
RemoveMenu
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetClientRect
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
CopyRect
PtInRect
GetMenu
SetWindowLongW
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindowThreadProcessId
DrawMenuBar
TranslateMDISysAccel
FrameRect
GetUpdateRect
CharUpperBuffW
CopyIcon
DrawIcon
GetLastActivePopup
ShowOwnedPopups
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
GetKeyState
PeekMessageW
DestroyCursor
GetWindowRgn
CreateMenu
GetDoubleClickTime
GetIconInfo
AppendMenuW
SubtractRect
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetWindowRect
LoadMenuW
GetSubMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetWindow
SetWindowContextHelpId
GetParent
MapDialogRect
SetWindowPos
WinHelpW
SystemParametersInfoW
OffsetRect
MessageBeep
RedrawWindow
IsZoomed
PostQuitMessage
PostMessageW
MessageBoxW
SendMessageW
LoadIconW
EnableWindow
PostThreadMessageW

gdi32

CreateRectRgnIndirect
OffsetRgn
GetRgnBox
CreateDIBitmap
CreateFontIndirectW
CreateCompatibleBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
GetTextColor
GetTextExtentPoint32W
SetDIBColorTable
PatBlt
GetDIBits
RealizePalette
CombineRgn
StretchBlt
SetPixel
CreateDIBSection
GetBkColor
SetRectRgn
GetMapMode
DPtoLP
CreateEllipticRgn
CreatePolygonRgn
Polyline
Ellipse
Polygon
Rectangle
RoundRect
CreateHatchBrush
GetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
Escape
ExtTextOutW
TextOutW
CreateSolidBrush
RectVisible
SelectObject
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
CreatePalette
CreateBitmap
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CopyMetaFileW
GetDeviceCaps
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
SetViewportOrgEx

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW
RegQueryValueW
RegCloseKey
RegEnumKeyExW

shell32

DragFinish
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW
DragQueryFileW
SHAppBarMessage
SHGetFileInfoW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW

oledlg

OleUIBusyW

ole32

CoInitializeEx
CoUninitialize
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleGetClipboard
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CreateStreamOnHGlobal
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
IsAccelerator
CoRegisterMessageFilter
CoRevokeClassObject
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoCreateInstance
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleLockRunning
OleCreateMenuDescriptor

oleaut32

SysFreeString
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SysAllocString
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCloneImage

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
网卡MAC地址修改工具.exe
.exe windows x86

c4a2a2e14187b37efacae15a2ac06bc3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
TerminateProcess
QueryPerformanceCounter
IsBadReadPtr
VirtualFree
HeapCreate
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
SetEnvironmentVariableA
GetFileType
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
GetSystemTimeAsFileTime
UnhandledExceptionFilter
HeapSize
HeapReAlloc
RaiseException
CreateThread
ExitThread
ExitProcess
RtlUnwind
HeapFree
HeapAlloc
GetStartupInfoW
FindResourceExW
VirtualProtect
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GetProfileIntW
SearchPathW
GetTempPathW
GetTempFileNameW
SetErrorMode
CreateFileA
WriteConsoleW
GetConsoleOutputCP
SetUnhandledExceptionFilter
FileTimeToSystemTime
GlobalGetAtomNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
lstrlenA
GetFileSize
GetFileAttributesW
lstrcpyW
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetCurrentDirectoryW
GetModuleHandleA
CopyFileW
GlobalSize
FormatMessageW
LocalFree
MulDiv
InterlockedDecrement
GlobalFindAtomW
GetVersionExW
CompareStringW
LoadLibraryA
GetVersionExA
GetCurrentProcessId
GetLastError
SetLastError
GlobalAddAtomW
WaitForSingleObject
ResumeThread
SetThreadPriority
GlobalUnlock
lstrlenW
WritePrivateProfileStringW
GetPrivateProfileIntW
FreeResource
GlobalFree
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
FreeLibrary
GetModuleHandleW
LoadLibraryW
GetProcAddress
CloseHandle
DeviceIoControl
CreateFileW
FindResourceW
LoadResource
LockResource
SizeofResource
Sleep
GetTickCount
MultiByteToWideChar
WideCharToMultiByte
WriteConsoleA

user32

IsClipboardFormatAvailable
MapVirtualKeyExW
GetKeyNameTextW
IsCharLowerW
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
SetCursorPos
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
UnregisterClassW
GetNextDlgGroupItem
InvalidateRgn
SetRect
CharNextW
EmptyClipboard
CloseClipboard
SetClipboardData
LoadImageW
DestroyIcon
CopyImage
OpenClipboard
DrawStateW
RegisterClipboardFormatW
EnumChildWindows
LockWindowUpdate
BringWindowToTop
IsRectEmpty
KillTimer
SetTimer
InvalidateRect
IsMenu
SetClassLongW
SetParent
CreatePopupMenu
NotifyWinEvent
SetWindowRgn
CreateAcceleratorTableW
LoadAcceleratorsW
DestroyAcceleratorTable
GetAsyncKeyState
CharUpperW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyW
ToUnicodeEx
CopyAcceleratorTableW
PostThreadMessageW
GetSysColorBrush
SetRectEmpty
DeleteMenu
ReleaseCapture
LoadCursorW
WindowFromPoint
SetCapture
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
InsertMenuW
RemoveMenu
GetMenuStringW
DestroyMenu
GetMenuItemInfoW
DefFrameProcW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
CopyRect
PtInRect
GetMenu
SetWindowLongW
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowThreadProcessId
GetLastActivePopup
ShowOwnedPopups
SetCursor
SetWindowsHookExW
CallNextHookEx
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
FrameRect
GetUpdateRect
CharUpperBuffW
CopyIcon
SubtractRect
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
DestroyCursor
GetWindowRgn
CreateMenu
GetDoubleClickTime
InflateRect
GetIconInfo
GetFocus
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetWindowRect
LoadMenuW
GetSubMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetWindow
SetWindowContextHelpId
GetParent
MapDialogRect
SetWindowPos
WinHelpW
SystemParametersInfoW
OffsetRect
MessageBeep
RedrawWindow
IsZoomed
PostQuitMessage
PostMessageW
MessageBoxW
GetDlgItem
GetWindowTextW
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
SendMessageW
AppendMenuW
GetSystemMenu
LoadIconW
EnableWindow
WaitMessage

gdi32

CreateSolidBrush
CreateHatchBrush
CreateRectRgnIndirect
OffsetRgn
GetRgnBox
CreateDIBitmap
CreateCompatibleBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
GetTextColor
SetDIBColorTable
PatBlt
GetDIBits
RealizePalette
CombineRgn
StretchBlt
SetPixel
CreateDIBSection
GetBkColor
SetRectRgn
GetMapMode
DPtoLP
CreateEllipticRgn
CreatePolygonRgn
Polyline
Ellipse
Polygon
Rectangle
RoundRect
GetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
PtVisible
GetPixel
RectVisible
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
CreatePalette
CreateBitmap
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CopyMetaFileW
GetDeviceCaps
GetTextExtentPoint32W
ExtTextOutW
BitBlt
CreateCompatibleDC
CreateFontIndirectW
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
TextOutW

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumKeyExW
RegCloseKey
RegQueryValueExW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW
RegOpenKeyExW
RegQueryValueW

shell32

DragFinish
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW
DragQueryFileW
SHAppBarMessage
SHGetFileInfoW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW

oledlg

OleUIBusyW

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleGetClipboard
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CreateStreamOnHGlobal
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CLSIDFromProgID
CoUninitialize
CoCreateInstance
CoInitialize
CLSIDFromString
CoTaskMemFree
StringFromCLSID
CoRegisterMessageFilter
CoRevokeClassObject
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
IsAccelerator
OleTranslateAccelerator

oleaut32

SysFreeString
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SysAllocString
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCloneImage

iphlpapi

GetAdaptersAddresses
GetAdaptersInfo

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 278KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
说明.txt

Sharing

General

Malware Config

Signatures

Files

95fcdea6237ee6b61f2481f394057bbd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

imagehlp

imm32

comctl32

wininet

Exports

Exports

Sections

.text Size: - Virtual size: 340KB

.rdata Size: - Virtual size: 36KB

.data Size: - Virtual size: 198KB

.vmp0 Size: - Virtual size: 1.9MB

.tls Size: 512B - Virtual size: 24B

.vmp1 Size: 2.9MB - Virtual size: 2.9MB

.reloc Size: 512B - Virtual size: 228B

.rsrc Size: 19KB - Virtual size: 668KB

f0bf84dc4f50c80dffd85e2831db09ce

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

iphlpapi

ws2_32

imm32

winmm

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 280KB - Virtual size: 280KB

.data Size: 24KB - Virtual size: 52KB

.rsrc Size: 81KB - Virtual size: 80KB

.reloc Size: 140KB - Virtual size: 140KB

7127463e4161bd2854914c62725bc419

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

imagehlp

comctl32

iphlpapi

winmm

wininet

imm32

.text
Size: - Virtual size: 340KB

.rdata
Size: - Virtual size: 36KB

.data
Size: - Virtual size: 198KB

.vmp0
Size: - Virtual size: 1.9MB

.tls
Size: 512B - Virtual size: 24B

.vmp1
Size: 2.9MB - Virtual size: 2.9MB

.reloc
Size: 512B - Virtual size: 228B

.rsrc
Size: 19KB - Virtual size: 668KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 280KB - Virtual size: 280KB

.data
Size: 24KB - Virtual size: 52KB

.rsrc
Size: 81KB - Virtual size: 80KB

.reloc
Size: 140KB - Virtual size: 140KB

.text
Size: - Virtual size: 664KB

.rdata
Size: - Virtual size: 107KB

.data
Size: - Virtual size: 116KB

.vmp0
Size: - Virtual size: 2.1MB

.tls
Size: 512B - Virtual size: 24B

.vmp1
Size: 3.6MB - Virtual size: 3.6MB

.reloc
Size: 512B - Virtual size: 368B

.rsrc
Size: 20KB - Virtual size: 963KB

.text
Size: - Virtual size: 661KB

.rdata
Size: - Virtual size: 105KB

.data
Size: - Virtual size: 110KB

.vmp0
Size: - Virtual size: 2.0MB

.tls
Size: 512B - Virtual size: 24B

.vmp1
Size: 3.8MB - Virtual size: 3.8MB

.reloc
Size: 512B - Virtual size: 348B

.rsrc
Size: 20KB - Virtual size: 1.2MB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 285KB - Virtual size: 285KB

.data
Size: 33KB - Virtual size: 63KB