23d8d581d8be6247b1074913acdc72ecfcb30c03c543773f1b62bb0b8686f9ee

Sharing

Copy URL

Twitter E-mail

General

Target

23d8d581d8be6247b1074913acdc72ecfcb30c03c543773f1b62bb0b8686f9ee
Size

1.5MB
MD5

e6621b1a4a505d04ae3e6901053198d4
SHA1

a12ea358586894276713178ff090b8b4917eb0ea
SHA256

23d8d581d8be6247b1074913acdc72ecfcb30c03c543773f1b62bb0b8686f9ee
SHA512

916ebac299d0331f5f05ba4eee47ea943f1909365ae0039484e4ecd9f13d5cbc8ec1a628783bb6b6f73f969753b31ee9c70e879b4911e0cc1d4f0a605454aa1b
SSDEEP

24576:zXuFg3o4YzCYTZT2K/CYuypWkw2VHAm4pwPoTM5ftHZU9RIWXLDQaqlLpdc:z1Y1zCqTd6byU6wA4aaII3Qaqljc

Score

N/A

Malware Config

Signatures

Files

23d8d581d8be6247b1074913acdc72ecfcb30c03c543773f1b62bb0b8686f9ee
.zip
sKw˪c餤/bin/fp20htp.dll
.dll windows x86

a6a8b13b3b2ad6792cf8ccc77fb0f95b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

fp20tl

ord169
ord377
ord947
ord15
ord74
ord378
ord839
ord172
ord177
ord1254
ord26

mfc40

ord731
ord729

msvcrt40

_mtlock
strstr
?read@istream@@QAEAAV1@PADH@Z
_purecall
_mtunlock
__CxxFrameHandler
?tellg@istream@@QAEJXZ
memmove
__p__pctype
atol
?seekg@istream@@QAEAAV1@J@Z
strchr
sprintf
_except_handler3
?terminate@@YAXXZ
free
_initterm
malloc
_adjust_fdiv
__dllonexit
_onexit
strtol
_strnicmp
_stricmp

kernel32

WideCharToMultiByte
DisableThreadLibraryCalls
Sleep
GetVersion
GlobalAlloc
GlobalFree
IsValidCodePage
GetLastError
LoadLibraryA
GetProcAddress
MultiByteToWideChar
GetACP

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sKw˪c餤/bin/fp20ime.dll
.dll windows x86

57ab5a3443b99bbae5903ba552fe2c6a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

lead52n

ord79
ord2
ord182
ord31
ord90
ord13
ord170
ord61
ord9
ord32
ord33
ord12
ord80
ord60
ord169
ord181
ord188
ord140
ord89
ord200
ord6
ord230

avifil32

AVIStreamRead
AVIStreamOpenFromFileA
AVIStreamReadFormat
AVIStreamRelease
AVIFileInit
AVIFileExit

msvfw32

ICImageDecompress

fp20utl

ord210
ord209
ord370

fp20tl

ord225
ord168
ord338
ord342
ord1144
ord7

mfc40

ord3762
ord662
ord421
ord2081
ord4704
ord328
ord724
ord1046
ord957
ord5158
ord3906
ord3262
ord375
ord4953
ord3786
ord626
ord1090
ord509
ord5296
ord1041
ord3112
ord5420
ord5123
ord3186
ord4961
ord5649
ord3816
ord3528
ord2690
ord3379
ord5121
ord1425
ord314
ord3214
ord3110
ord5570
ord5441
ord883
ord2424
ord2146
ord279
ord2510
ord5338
ord5332
ord2511
ord1061
ord1060
ord1015
ord819
ord3547
ord3268
ord5124
ord4101
ord1474
ord3213
ord5487
ord5127
ord4681
ord3859
ord4312
ord4450
ord4173
ord2199
ord5360
ord1539
ord4694
ord3907
ord3134
ord570
ord315
ord2072
ord3724
ord3580
ord4931
ord2557
ord5031
ord3695
ord5049
ord817
ord2471
ord707
ord5193
ord487
ord2426
ord3656
ord1033
ord482
ord835
ord2561
ord624
ord611
ord358
ord374
ord5569
ord834
ord836
ord481
ord1035
ord3804
ord760
ord486
ord2293
ord731
ord706
ord3185
ord2694
ord3340
ord3346
ord3345
ord2696
ord2620
ord2845
ord2744
ord3945
ord2843
ord2754
ord2617
ord4691
ord1850
ord2140
ord4677
ord1494
ord4510
ord1473
ord3922
ord1785
ord2323
ord3837
ord4296
ord3314
ord2086
ord5647
ord4608
ord1540
ord4657
ord3890
ord285
ord3578
ord5363
ord3784
ord545
ord2515
ord762
ord3630
ord483
ord3158
ord1426
ord2115
ord729
ord3227
ord2440
ord3765
ord3626
ord2427
ord2804
ord3764
ord2647
ord569
ord2106
ord3307

msvcrt40

_stricmp
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
_strdup
?openprot@filebuf@@2HB
??0ofstream@@QAE@PBDHH@Z
??6ostream@@QAEAAV0@PBD@Z
?close@ofstream@@QAEXXZ
getc
??_Dofstream@@QAEXXZ
fseek
_ltoa
_purecall
__CxxFrameHandler
_ftol
sprintf
_isctype
__p__pctype
__p___mb_cur_max
atoi
fread
fclose
fputc
fflush
fwrite
fopen
fputs
memmove
ftell
strncmp
_mbscmp
fprintf
fgets
rename
memchr
strrchr
sscanf
qsort
__p__environ
_spawnlpe
_unlink
_strnicmp
_mbsicmp

kernel32

CreateDirectoryA
lstrcpyA
lstrlenA
GetTempPathA
GetPrivateProfileIntA
GetPrivateProfileStringA
lstrcatA
LoadResource
LockResource
FindResourceA
CopyFileA
GlobalAlloc
SizeofResource
GlobalLock
GlobalUnlock
MoveFileA
DeleteFileA
GetTempFileNameA
GlobalFree
FindFirstFileA
LoadLibraryA
FindNextFileA
GetFileAttributesA
WritePrivateProfileStringA
FreeLibrary
GetPrivateProfileSectionA
WritePrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetVersion
Sleep
FindClose
GetModuleFileNameA

user32

GetClientRect
CharNextA
GetDesktopWindow
IsRectEmpty
GetDC
ReleaseDC
UnionRect
InvalidateRect
SendMessageA
FillRect
GetForegroundWindow
EnableWindow
GetParent
PostMessageA
GetCursorPos
ScreenToClient
GetUpdateRect
PtInRect
GetKeyState
SetCursor
GetCapture
DrawFocusRect
ReleaseCapture
SetCapture
OffsetRect
LoadCursorA
IntersectRect
EqualRect
InflateRect
SetRect

gdi32

CreateCompatibleBitmap
GetStockObject
CreateBrushIndirect
BitBlt
CreateCompatibleDC
CreatePenIndirect
RealizePalette
UnrealizeObject
GetPaletteEntries
GetMapMode
GetViewportOrgEx
GetBitmapBits
DeleteObject
GetObjectA
SelectPalette
CreateBitmapIndirect
CreatePolygonRgn
Polygon
CreateEllipticRgnIndirect
RectInRegion
Ellipse
Rectangle
PatBlt
CreateBitmap
SetDIBits
DeleteDC
SelectObject
PlayMetaFile
SetViewportExtEx
SetMapMode
GetDeviceCaps
LPtoDP
GetViewportExtEx
CreatePalette

advapi32

RegQueryInfoKeyA
RegQueryValueExA
RegOpenKeyA
RegCloseKey
RegOpenKeyExA
RegEnumValueA
RegEnumKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA

ole32

ReleaseStgMedium

Exports

Exports

?CreateImage@@YAPAVCImageExport@@PAUHBITMAP__@@PAVCWnd@@VCPoint@@H@Z
?CreateImage@@YAPAVCImageExport@@PBDPAVCWnd@@VCPoint@@HH@Z
?CreateImage@@YAPAVCImageExport@@VCSize@@PAVCWnd@@VCPoint@@H@Z
?CreateImageFromDataObject@@YAPAVCImageExport@@PAVCOleDataObject@@PAVCWnd@@VCPoint@@H@Z
?DestroyImage@@YAXPAVCImageExport@@@Z
?IMESetFrontPad@@YAXXZ
?ImageGetFixedPalette@@YAPAUHPALETTE__@@XZ
?ImageInDataObject@@YAHPAVCOleDataObject@@@Z

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sKw˪c餤/bin/fp20tl.dll
.dll windows x86

353b49dbf658f8f5e7ced54b966ddcbc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

GlobalFree
DisableThreadLibraryCalls
CloseHandle
WaitForSingleObject
ReleaseMutex
GetVersionExA
TlsSetValue
TlsGetValue
TlsAlloc
DebugBreak
GlobalAlloc
Sleep
GetVersion

mfc40

ord729
ord731

msvcrt40

_access
strchr
strpbrk
toupper
strrchr
tolower
memmove
strcoll
strxfrm
mblen
?read@istream@@QAEAAV1@PADH@Z
?ws@@YAAAVistream@@AAV1@@Z
?get@istream@@QAEHXZ
?peek@istream@@QAEHXZ
?get@istream@@IAEAAV1@PADHH@Z
?putback@istream@@QAEAAV1@D@Z
__p__pctype
?get@istream@@QAEAAV1@AAD@Z
?osfx@ostream@@QAEXXZ
??6ostream@@QAEAAV0@PBD@Z
?write@ostream@@QAEAAV1@PBDH@Z
?opfx@ostream@@QAEHXZ
strtod
strtol
?x_statebuf@ios@@0PAJA
_purecall
vsprintf
localtime
_EH_prolog
exit
__CxxFrameHandler
fopen
fclose
sprintf
fread
fgetc
fwrite
ftell
fflush
fseek
__p__timezone
__p__daylight
__p__tzname
_tzset
_putenv
strcspn
strspn
strncpy
strncmp
memcmp
_assert
setlocale
strftime
mktime
localeconv
strstr
_except_handler3
?terminate@@YAXXZ
__dllonexit
_onexit
??1type_info@@UAE@XZ
free
_initterm
malloc
_adjust_fdiv
_CxxThrowException
?xalloc@ios@@SAHXZ
time
_fstat
_unlink
_fileno

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sKw˪c餤/bin/fp20utl.dll
.dll windows x86

04cca6185d71cad6dc6652db691b00b7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

fp20htp

ord75
ord4
ord2
ord6
ord102

fp20tl

ord143
ord1262
ord813
ord151
ord148
ord362
ord230
ord52
ord1274
ord779
ord17
ord70
ord1016
ord543
ord803
ord649
ord717
ord593
ord599
ord826
ord796
ord1126
ord645
ord609
ord618
ord624
ord946
ord1
ord679
ord567
ord101
ord3
ord581
ord167
ord197
ord1094
ord1091
ord654
ord349
ord23
ord348
ord170
ord1156
ord738
ord612
ord308
ord1229
ord6
ord168
ord1266
ord79
ord399
ord385
ord189
ord202
ord7
ord338
ord231
ord297
ord166
ord184
ord840
ord839
ord538
ord74
ord186
ord881
ord26
ord172
ord1041
ord758
ord949
ord1172
ord1171
ord1193
ord1192
ord732
ord1243
ord1003
ord843
ord344
ord737
ord905
ord904
ord906
ord332
ord334
ord333
ord227
ord18
ord13
ord16
ord15
ord915
ord340
ord1046
ord763
ord955
ord703
ord739
ord883
ord977
ord1180
ord1179
ord1201
ord1200
ord659
ord718
ord751
ord804
ord818
ord925
ord967
ord1061
ord1107
ord1119
ord1158
ord1216
ord824
ord1040
ord1120
ord1144
ord10
ord169
ord225
ord226
ord947
ord727

user32

DispatchMessageA
WaitForInputIdle
PeekMessageA
WinHelpA
FindWindowA
LoadCursorA
SetCursor
MessageBoxA

advapi32

RegSetValueExA
RegCloseKey
RegisterEventSourceA
ReportEventA
DeregisterEventSource
GetUserNameA
RegCreateKeyA
RegOpenKeyA
RegOpenKeyExA
RegEnumKeyA
RegQueryValueExA

ole32

OleInitialize
OleUninitialize

oleaut32

SysFreeString
SysAllocString

wsock32

recv
htons
gethostname
bind
listen
socket
connect
accept
closesocket
WSAStartup
ioctlsocket
gethostbyname
inet_addr
WSAGetLastError
WSACleanup
getsockname
send

mfc40

ord731
ord729

msvcrt40

time
fgetc
fseek
fread
strstr
_except_handler3
__p___mb_cur_max
_isctype
strftime
sscanf
_endthreadex
_beginthreadex
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
free
calloc
strerror
strtol
strncmp
_chmod
__p__pctype
strchr
strncpy
memchr
srand
_open_osfhandle
?close@fstream@@QAEXXZ
??0fstream@@QAE@H@Z
_adjust_fdiv
_initterm
malloc
??0ifstream@@QAE@PBDHH@Z
??0ifstream@@QAE@H@Z
?tellg@istream@@QAEJXZ
?seekg@istream@@QAEAAV1@JW4seek_dir@ios@@@Z
?get@istream@@IAEAAV1@PADHH@Z
?str@strstreambuf@@QAEPADXZ
?freeze@strstreambuf@@QAEXH@Z
??0ostrstream@@QAE@PADHH@Z
??0ostrstream@@QAE@XZ
?close@ofstream@@QAEXXZ
??0ofstream@@QAE@H@Z
?binary@filebuf@@2HB
?setmode@filebuf@@QAEHH@Z
?tellp@ostream@@QAEJXZ
?seekp@ostream@@QAEAAV1@JW4seek_dir@ios@@@Z
_sopen
_errno
??6ostream@@QAEAAV0@PBD@Z
fclose
fopen
vsprintf
_CxxThrowException
exit
_set_error_mode
setlocale
_heapmin
sprintf
atol
?close@ifstream@@QAEXXZ
??0istrstream@@QAE@PADH@Z
?openprot@filebuf@@2HB
__dllonexit
_onexit
_stricmp
_open
_fdopen
_fileno
_strnicmp
_stat
?terminate@@YAXXZ
??1type_info@@UAE@XZ
qsort
?flush@ostream@@QAEAAV1@XZ
_mtlock
?get@istream@@QAEHXZ
__CxxFrameHandler
_purecall
??6ostream@@QAEAAV0@E@Z
printf
wcslen
?write@ostream@@QAEAAV1@PBDH@Z
_mtunlock
rand
??6ostream@@QAEAAV0@J@Z
?read@istream@@QAEAAV1@PADH@Z
?peek@istream@@QAEHXZ
?putback@istream@@QAEAAV1@D@Z
??6ostream@@QAEAAV0@H@Z
??6ostream@@QAEAAV0@I@Z
??6ostream@@QAEAAV0@F@Z
?put@ostream@@QAEAAV1@E@Z
memmove
??6ostream@@QAEAAV0@G@Z
??6ostream@@QAEAAV0@K@Z

kernel32

GlobalFree
DebugBreak
GetTempFileNameA
ResumeThread
SuspendThread
TlsFree
TlsAlloc
TlsSetValue
FormatMessageA
InterlockedIncrement
InterlockedDecrement
MoveFileA
GetShortPathNameA
MoveFileExA
DeleteFileA
SetFileAttributesA
RemoveDirectoryA
GetDriveTypeA
GetVolumeInformationA
GetSystemDirectoryA
CreateFileA
CreateDirectoryA
GetTempPathA
WideCharToMultiByte
CreatePipe
CreateProcessA
GetModuleHandleA
MultiByteToWideChar
IsValidCodePage
WritePrivateProfileStringA
GetWindowsDirectoryA
GetPrivateProfileStringA
GetSystemDefaultLCID
GetLocaleInfoA
GetVersionExA
SetHandleCount
GetCurrentThread
SetThreadPriority
TlsGetValue
GetProcAddress
LoadLibraryA
FreeLibrary
FindNextFileA
FindFirstFileA
GetLastError
FindClose
GetACP
ReleaseSemaphore
CreateSemaphoreA
ReleaseMutex
CreateMutexA
WaitForSingleObject
ResetEvent
SetEvent
CreateEventA
CloseHandle
GlobalAlloc
Sleep
GetTickCount
GetVersion

Sections

.text
Size: 395KB - Virtual size: 394KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sKw˪c餤/bin/fpedsat.dll
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.rsrc
Size: 247KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sKw˪c餤/bin/fpwpp.dll
.dll regsvr32 windows x86

7f55e4b16f16d42075bd12121c938175

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreatePropertySheetPageA
ord17
DestroyPropertySheetPage

wsock32

gethostbyname
gethostname
WSAStartup

wininet

InternetReadFile
HttpAddRequestHeadersA
InternetSetOptionA
InternetQueryOptionA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetOpenA
InternetCloseHandle
InternetCrackUrlA

mfc40

ord2471
ord5193
ord2427
ord482
ord3764
ord821
ord808
ord3682
ord5031
ord3626
ord817
ord762
ord481
ord760
ord487
ord483
ord486
ord360
ord613
ord707
ord731
ord729
ord706

msvcrt40

_strnicmp
_initterm
free
malloc
_adjust_fdiv
_onexit
??1type_info@@UAE@XZ
strrchr
strchr
printf
sscanf
__dllonexit
__CxxFrameHandler
strncpy
_CxxThrowException
_mbscmp
fopen
fread
fclose
_purecall
strstr
strncmp
atoi
_stricmp

kernel32

FindClose
CreateMutexA
FreeLibrary
MultiByteToWideChar
WideCharToMultiByte
lstrcpyA
GetLastError
CloseHandle
GetWindowsDirectoryA
lstrcatA
CreateFileA
SetFilePointer
lstrlenA
WriteFile
lstrlenW
LocalAlloc
LocalFree
lstrcmpiA
ReadFile
GetFileSize
FormatMessageA
FindNextFileA
GetFileAttributesA
lstrcmpA
FindFirstFileA
GlobalAlloc
GlobalFree
GetVersion
GetTempPathA
GetTempFileNameA
WaitForSingleObject
CreateThread
CompareStringA
Sleep
LoadLibraryA
GetProcAddress
GetVersionExA
ReleaseMutex

user32

CharUpperBuffA
ShowCursor
CharNextA
SetCursor
LoadCursorA
SetWindowPos
ReleaseDC
wvsprintfA
GetDC
LoadStringA
MessageBoxA
MessageBeep
SetFocus
GetDlgItem
SendDlgItemMessageA
EnableWindow
GetWindowRect
DialogBoxParamA
GetWindowTextA
GetClassNameA
IsWindowVisible
EnumWindows
ShowWindow
wsprintfA
EndDialog
GetDlgItemTextA
SetDlgItemTextA
GetDesktopWindow
PostMessageA
SendMessageA
DispatchMessageA
TranslateMessage
IsDialogMessageA
PeekMessageA
GetWindowLongA
GetParent
SetWindowLongA
WinHelpA
CheckRadioButton
DestroyWindow
CreateDialogParamA
IsDlgButtonChecked
CharPrevA

gdi32

GetDeviceCaps

advapi32

RegDeleteValueA
RegSetValueExA
RegDeleteKeyA
RegCloseKey
RegEnumKeyExA
RegOpenKeyExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyA
RegCreateKeyA
RegQueryValueExA
RegQueryInfoKeyA

Exports

Exports

DllCanUnloadNow
DllEntryPoint
DllGetClassObject
DllRegisterServer
DllUnregisterServer
WppBindToSiteA
WppBindToSiteW
WppDeleteSiteA
WppDeleteSiteW
WppListSitesA
WppListSitesW

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 512B - Virtual size: 323B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.instanc
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sKw˪c餤/bin/fpxpress.chm
.chm
sKw˪c餤/bin/fpxpress.exe
.exe windows x86

f8aacf4dda8dbecb0870ee14b9d83bc0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

fp20htp

ord54
ord34
ord55
ord58
ord52
ord45
ord43
ord84
ord89
ord56
ord9
ord78
ord61
ord59
ord39
ord63
ord33
ord32
ord36
ord53
ord46
ord48
ord57
ord51
ord85
ord44
ord42
ord65
ord83
ord62
ord27
ord88
ord64
ord79
ord10
ord66
ord86
ord4
ord6
ord5
ord26
ord76
ord40
ord37
ord47
ord60
ord25
ord28
ord35
ord49

fp20ime

?DestroyImage@@YAXPAVCImageExport@@@Z
?CreateImage@@YAPAVCImageExport@@PBDPAVCWnd@@VCPoint@@HH@Z
?ImageGetFixedPalette@@YAPAUHPALETTE__@@XZ
?CreateImage@@YAPAVCImageExport@@PAUHBITMAP__@@PAVCWnd@@VCPoint@@H@Z
?IMESetFrontPad@@YAXXZ
?CreateImageFromDataObject@@YAPAVCImageExport@@PAVCOleDataObject@@PAVCWnd@@VCPoint@@H@Z
?ImageInDataObject@@YAHPAVCOleDataObject@@@Z

imm32

ImmGetDefaultIMEWnd
ImmNotifyIME
ImmEscapeA
ImmGetProperty
ImmSetCompositionFontA
ImmGetCompositionStringA
ImmSetCandidateWindow
ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

fp20utl

ord1975
ord2098
ord1609
ord1612
ord1610
ord1613
ord2224
ord1837
ord384
ord209
ord1265
ord2223
ord344
ord320
ord370
ord1839
ord210
ord2112
ord72
ord132
ord341
ord127
ord1198
ord207
ord1379
ord327
ord1207
ord95
ord306
ord1580
ord1872
ord1870
ord1323
ord1321
ord39
ord1177
ord76

fp20tl

ord1144
ord225
ord168
ord338
ord7
ord297

rpcrt4

UuidCreate

wininet

InternetQueryOptionA
InternetOpenA
InternetSetStatusCallback
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

urlmon

CreateURLMoniker

mfc40

ord5506
ord5296
ord1016
ord760
ord1061
ord481
ord1387
ord2690
ord819
ord708
ord817
ord834
ord2293
ord1433
ord387
ord4878
ord4931
ord488
ord4681
ord4450
ord2199
ord5360
ord1539
ord3890
ord4694
ord2557
ord3134
ord2112
ord1752
ord3709
ord2258
ord3881
ord3120
ord2255
ord5363
ord3578
ord1540
ord3907
ord4657
ord2086
ord4608
ord5647
ord3837
ord4704
ord3314
ord4296
ord3922
ord2323
ord1785
ord5649
ord3268
ord4510
ord1494
ord3879
ord2140
ord1850
ord4691
ord2696
ord2961
ord4101
ord3113
ord542
ord724
ord548
ord509
ord570
ord403
ord651
ord3724
ord3656
ord2317
ord5512
ord4173
ord3385
ord3145
ord582
ord5610
ord4677
ord3242
ord701
ord3326
ord5492
ord4143
ord707
ord487
ord2579
ord1546
ord5193
ord2473
ord3626
ord2427
ord5441
ord5570
ord5569
ord3765
ord2905
ord2707
ord2072
ord1996
ord2007
ord3695
ord5513
ord3383
ord2004
ord761
ord3185
ord3153
ord3158
ord2115
ord2008
ord1955
ord2081
ord2320
ord2266
ord3888
ord3244
ord703
ord2060
ord1060
ord1844
ord2471
ord5488
ord3379
ord5531
ord3110
ord3112
ord569
ord2145
ord2417
ord5123
ord5124
ord1426
ord1014
ord5130
ord1425
ord2005
ord3771
ord289
ord2510
ord2890
ord2146
ord5490
ord1808
ord5125
ord5467
ord5207
ord2923
ord4442
ord4386
ord4391
ord2854
ord2916
ord4096
ord3117
ord638
ord388
ord5230
ord2087
ord3762
ord2561
ord3391
ord4751
ord2855
ord395
ord3850
ord4006
ord4020
ord5033
ord2856
ord644
ord396
ord835
ord5725
ord5765
ord2114
ord1753
ord3710
ord2261
ord3884
ord3162
ord606
ord3319
ord4817
ord5656
ord4826
ord5665
ord2046
ord3237
ord696
ord543
ord624
ord374
ord283
ord5439
ord5437
ord5191
ord5189
ord2426
ord1015
ord3786
ord5415
ord2001
ord2064
ord2213
ord3697
ord821
ord4178
ord1461
ord4702
ord3920
ord1784
ord2945
ord3912
ord3221
ord678
ord895
ord5471
ord448
ord4606
ord4607
ord4605
ord4362
ord314
ord4402
ord4701
ord4294
ord3240
ord699
ord675
ord5339
ord3745
ord662
ord5026
ord3630
ord3784
ord3528
ord5075
ord421
ord3222
ord5440
ord679
ord450
ord1449
ord2327
ord3842
ord2440
ord1663
ord446
ord3746
ord5181
ord1543
ord3092
ord2065
ord2321
ord5182
ord3025
ord482
ord1806
ord2944
ord820
ord2704
ord279
ord957
ord2434
ord2262
ord3885
ord2931
ord3163
ord3213
ord607
ord604
ord353
ord2147
ord3732
ord5121
ord2198
ord5188
ord5031
ord818
ord2513
ord1427
ord5127
ord3219
ord672
ord2531
ord2883
ord3024
ord4993
ord3696
ord545
ord285
ord3382
ord4961
ord4953
ord433
ord2424
ord3046
ord2200
ord341
ord592
ord1725
ord4619
ord340
ord3956
ord5192
ord3067
ord3494
ord4964
ord2067
ord1999
ord807
ord3681
ord359
ord612
ord5158
ord3186
ord626
ord375
ord4975
ord883
ord2822
ord4429
ord3495
ord5465
ord2106
ord280
ord2691
ord3214
ord423
ord1817
ord5487
ord5420
ord3232
ord1838
ord1827
ord689
ord2497
ord4962
ord3492
ord580
ord327
ord5190
ord5438
ord3858
ord4311
ord4652
ord3152
ord342
ord3262
ord2955
ord3252
ord714
ord2868
ord1825
ord1869
ord868
ord1847
ord1842
ord5319
ord3229
ord688
ord5375
ord3034
ord5260
ord2678
ord1837
ord5434
ord3286
ord5432
ord392
ord5003
ord2738
ord3197
ord1862
ord267
ord336
ord1359
ord2735
ord3148
ord4933
ord3537
ord3043
ord3929
ord4140
ord4153
ord4150
ord2876
ord1741
ord1616
ord3735
ord2877
ord3849
ord4531
ord1477
ord1482
ord4509
ord4664
ord3251
ord3378
ord1851
ord2388
ord2092
ord2676
ord4547
ord4550
ord3948
ord3790
ord2913
ord4463
ord862
ord4845
ord2529
ord2527
ord3649
ord3577
ord4653
ord2085
ord4698
ord2324
ord1445
ord3918
ord3910
ord2265
ord5451
ord2215
ord3848
ord3561
ord4844
ord3618
ord2090
ord4530
ord1476
ord1481
ord3887
ord4650
ord5642
ord4693
ord4674
ord2138
ord2951
ord3243
ord702
ord476
ord364
ord600
ord4865
ord5203
ord3642
ord2181
ord2176
ord2303
ord5374
ord5314
ord1843
ord3659
ord1846
ord3938
ord3313
ord3576
ord5071
ord5673
ord5674
ord3896
ord5213
ord5500
ord3978
ord5142
ord3068
ord1818
ord2962
ord1861
ord339
ord1090
ord4222
ord1742
ord718
ord502
ord496
ord1432
ord2154
ord3282
ord1019
ord1054
ord4086
ord4084
ord3761
ord5648
ord3963
ord2234
ord2197
ord5070
ord2097
ord2909
ord4713
ord4715
ord3579
ord4719
ord5053
ord3259
ord721

msvcrt40

??0istrstream@@QAE@PAD@Z
_stricmp
memmove
?str@strstreambuf@@QAEPADXZ
??_Distrstream@@QAEXXZ
?read@istream@@QAEAAV1@PADH@Z
?tellg@istream@@QAEJXZ
?seekg@istream@@QAEAAV1@JW4seek_dir@ios@@@Z
strchr
_strnicmp
__p__winmajor
?endl@@YAAAVostream@@AAV1@@Z
?get@istream@@QAEAAV1@AAD@Z
?peek@istream@@QAEHXZ
??6ostream@@QAEAAV0@PBD@Z
wcscpy
fread
ftell
fseek
atof
setlocale
_getcwd
remove
?write@ostream@@QAEAAV1@PBDH@Z
?open@ofstream@@QAEXPBDHH@Z
??0ofstream@@QAE@XZ
_errno
strrchr
??0istrstream@@QAE@PADH@Z
_ismbcalnum
qsort
_unlink
_spawnlpe
__p__environ
_strdup
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
_CxxThrowException
??1type_info@@UAE@XZ
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
_exit
_XcptFilter
exit
__p__acmdln
_initterm
__getmainargs
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
?openprot@filebuf@@2HB
_controlfp
??0ofstream@@QAE@PBDHH@Z
?close@ofstream@@QAEXXZ
??0ifstream@@QAE@PBDHH@Z
?close@ifstream@@QAEXXZ
??_Difstream@@QAEXXZ
??_Dofstream@@QAEXXZ
wcslen
_mbslen
toupper
_fullpath
free
__RTDynamicCast
strtol
_ismbcspace
_ismbcdigit
sscanf
atol
_ftol
_stat
_purecall
??0strstream@@QAE@PADHH@Z
??6ostream@@QAEAAV0@E@Z
??_Dstrstream@@QAEXXZ
sprintf
__p___mb_cur_max
_isctype
__p__pctype
strstr
atoi
_mbsicmp
fopen
fwrite
fclose
_mbscmp
strncmp
__CxxFrameHandler
_setmbcp
_ltoa
_itoa
_strcmpi

kernel32

GetLocaleInfoA
GetStartupInfoA
GetModuleHandleA
GetPrivateProfileSectionA
WritePrivateProfileStringA
GetDateFormatA
CreateDirectoryA
GetModuleFileNameA
GetPrivateProfileIntA
GlobalSize
lstrlenW
FindFirstFileA
FindNextFileA
FindClose
GetVersionExA
CreateFileA
GetFileTime
CloseHandle
GetShortPathNameA
GetTempPathA
OpenFile
CreateProcessA
GetLastError
GlobalAlloc
WideCharToMultiByte
GlobalLock
GetACP
IsDBCSLeadByte
CopyFileA
LockResource
SizeofResource
GetComputerNameA
FindResourceA
lstrcatA
LoadResource
lstrcpyA
GetProcAddress
lstrlenA
GlobalFree
GetUserDefaultLangID
LoadLibraryA
lstrcmpA
MultiByteToWideChar
FreeLibrary
Sleep
MulDiv
GetTempFileNameA
GetVersion
GetUserDefaultLCID
IsValidCodePage
MoveFileA
GetTimeFormatA
GetSystemDefaultLCID
GetPrivateProfileStringA
GetSystemDirectoryA
GetFileAttributesA
DeleteFileA
GlobalUnlock
SetFileAttributesA
CompareFileTime

user32

GetCapture
TranslateMessage
PtInRect
SetWindowLongA
DispatchMessageA
CharToOemA
GetSubMenu
GetMenuItemCount
GetLastActivePopup
BringWindowToTop
SetForegroundWindow
IsIconic
PostMessageA
EnableWindow
SendMessageA
GetActiveWindow
MessageBeep
MapDialogRect
IsWindowVisible
DrawFocusRect
InflateRect
LoadBitmapA
CopyRect
InvalidateRect
ReleaseDC
GetDC
GetSystemMetrics
GetWindowRect
GetSysColor
GetClientRect
GetDialogBaseUnits
OffsetRect
ScreenToClient
GetParent
ChildWindowFromPoint
GetFocus
FillRect
UpdateWindow
RedrawWindow
IsZoomed
LoadStringA
FrameRect
wsprintfA
ShowCaret
SetCaretPos
CreateCaret
InvertRect
GetForegroundWindow
ShowScrollBar
SetCursor
LoadCursorA
GetWindowLongA
GetTopWindow
ReleaseCapture
SetCapture
SetTimer
KillTimer
InsertMenuA
CharNextA
RegisterWindowMessageA
RegisterClipboardFormatA
SetActiveWindow
ChangeClipboardChain
GetWindowDC
GetDesktopWindow
ClientToScreen
GetNextDlgTabItem
GetKeyState
GetDlgItem
PeekMessageA
HideCaret
GetKeyboardLayout
RegisterClassA
LoadIconA
DefWindowProcA
SetClipboardViewer
GetMenu
FindWindowA
DrawMenuBar
DdeFreeStringHandle
DdeDisconnect
DdeClientTransaction
DdeCreateStringHandleA
DdeConnect
GetWindowThreadProcessId
DdeQueryConvInfo
DdeInitializeA
WaitForInputIdle
MoveWindow
GetWindowPlacement
EnumWindows
DdeFreeDataHandle
DdeGetData
GetCursorPos
GetAsyncKeyState
SystemParametersInfoA
AppendMenuA
CreatePopupMenu
ModifyMenuA
GetMenuStringA
EqualRect
SetMenuDefaultItem

gdi32

LPtoDP
EnumFontFamiliesExA
CreatePen
CreateSolidBrush
Rectangle
EnumFontFamiliesA
TextOutA
GetTextMetricsA
GetStockObject
BitBlt
PatBlt
SetBrushOrgEx
StretchBlt
GetTextCharset
UnrealizeObject
GetCharWidthA
GetBkColor
CreateBrushIndirect
SelectPalette
GetNearestColor
Ellipse
CreateCompatibleDC
GetDeviceCaps
DeleteObject
GetTextExtentPointA
ExtTextOutA
CreateFontIndirectA
SelectObject
CreateFontA
GetObjectA
RealizePalette
CreateCompatibleBitmap

comdlg32

CommDlgExtendedError

advapi32

RegSetValueExA
RegEnumKeyExA
RegCloseKey
RegEnumKeyA
RegQueryValueA
RegOpenKeyA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueExA
RegQueryInfoKeyA
RegEnumValueA
RegOpenKeyExA
RegCreateKeyExA

shell32

DragQueryFileA
DragQueryPoint
DragFinish
ShellExecuteA

comctl32

ImageList_Destroy
ImageList_Add
ImageList_SetBkColor
ImageList_Create

ole32

ReleaseStgMedium
CoGetMalloc
CoTaskMemAlloc
OleSetContainedObject
OleDraw
CoDisconnectObject
CoCreateInstance
CreateStreamOnHGlobal

oleaut32

VariantChangeType
SysAllocStringLen
SysFreeString
VariantInit
VariantClear

Exports

Exports

??0HTMLLexer@@QAE@ABV0@@Z
??0HTMLParser@@QAE@ABV0@@Z
??0HTMLReader@@QAE@ABV0@@Z
??0HTMLReader@@QAE@XZ
??1HTMLReader@@UAE@XZ
??4HTMLLexer@@QAEAAV0@ABV0@@Z
??4HTMLParser@@QAEAAV0@ABV0@@Z
??4HTMLReader@@QAEAAV0@ABV0@@Z
??_7HTMLLexer@@6B@
??_7HTMLParser@@6B@
??_7HTMLReader@@6B@
??_EHTMLLexer@@UAEPAXI@Z
??_EHTMLParser@@UAEPAXI@Z
??_EHTMLReader@@UAEPAXI@Z
??_GHTMLLexer@@UAEPAXI@Z
??_GHTMLParser@@UAEPAXI@Z
??_GHTMLReader@@UAEPAXI@Z

Sections

.text
Size: 1006KB - Virtual size: 1005KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 238KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 247KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sKw˪c餤/bin/lead52n.dll
.dll windows x86

94d914c7873b009e5e624bcd4203f15f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnmapViewOfFile
OpenFile
MapViewOfFile
CreateFileMappingA
lstrcatA
lstrcmpiA
GetWindowsDirectoryA
FreeLibrary
SetErrorMode
LoadLibraryA
SetFilePointer
DeleteFileA
CloseHandle
GetTempPathA
WriteFile
ReadFile
GlobalReAlloc
GetTempFileNameA
CreateFileA
lstrlenA
GetProfileStringA
MulDiv
GlobalFree
GlobalAlloc
GlobalLock
GetModuleHandleA
GlobalUnlock
lstrcmpA
LoadResource
GetProcAddress
FindResourceA
FreeResource
LockResource
GlobalHandle
GetModuleFileNameA
GetVersionExA
SetEnvironmentVariableA
lstrcpyA
GetTimeZoneInformation
RaiseException
GetOEMCP
GetACP
GetCPInfo
VirtualFree
MultiByteToWideChar
VirtualAlloc
RtlUnwind
GetStartupInfoA
WideCharToMultiByte
GetFileType
GetStdHandle
GetVersion
GetCommandLineA
ExitProcess
GetLocalTime
SetEndOfFile
GetEnvironmentStrings
GetLastError

user32

GetClientRect
GetWindowRect
GetParent
ScreenToClient
MoveWindow
GetDlgCtrlID
SetScrollRange
SetScrollPos
GetWindowLongA
UnregisterClassA
LoadCursorA
RegisterClassA
IsIconic
UpdateWindow
DispatchMessageA
GetSystemMetrics
SetRect
IntersectRect
OffsetRect
wsprintfA
SendMessageA
GetDC
ReleaseDC
InvalidateRect
DefMDIChildProcA
IsZoomed
DefWindowProcA
FillRect
ScrollWindow
EndPaint
EmptyClipboard
OpenClipboard
SetClipboardData
IsClipboardFormatAvailable
MessageBeep
GetClipboardData
CloseClipboard
SetWindowLongA
PostQuitMessage
GetWindowTextA
GetMessageA
GetClassLongA
TranslateMessage
BeginPaint

gdi32

DeleteDC
CreateCompatibleDC
SelectObject
CreatePalette
DeleteMetaFile
CreateBitmap
SetViewportExtEx
SetViewportOrgEx
PlayMetaFile
SetWindowOrgEx
SetMapMode
SetWindowExtEx
PatBlt
SetMetaFileBitsEx
GetDeviceCaps
GetPaletteEntries
GetSystemPaletteEntries
GetMetaFileA
EndPage
AbortDoc
EndDoc
SelectPalette
StartPage
RealizePalette
CreateDCA
StretchDIBits
StartDocA
BitBlt
CreateCompatibleBitmap
SetPaletteEntries
GetObjectA
GetNearestPaletteIndex
DeleteObject
GetStockObject
GetDIBits

Exports

Exports

DllMain
L_AccessBitmap
L_AddBitmapNoise
L_AllocateBitmap
L_AverageFilterBitmap
L_ChangeBitmapContrast
L_ChangeBitmapHeight
L_ChangeBitmapHue
L_ChangeBitmapIntensity
L_ChangeBitmapSaturation
L_ChangeFromDDB
L_ChangeFromDIB
L_ChangeToDDB
L_ChangeToDIB
L_ClearBitmap
L_ClipboardReady
L_ColorMergeBitmap
L_ColorResBitmap
L_ColorResolution
L_ColorSeparateBitmap
L_CombineBitmap
L_CompressALL
L_CompressBMP
L_CompressBitmap
L_CompressBitmap1Bit
L_CompressBitmapWithStamp
L_CompressBuffer
L_CompressData
L_CompressGIF
L_CompressPCX
L_CompressTGA
L_CompressTIF
L_ConvertBuffer
L_ConvertColorSpace
L_ConvertFile
L_ConvertFromDDB
L_ConvertFromDIB
L_ConvertToDDB
L_ConvertToDIB
L_CopyBitmap
L_CopyBitmapData
L_CopyBitmapHandle
L_CopyBitmapRect
L_CopyFromClipboard
L_CopyToClipboard
L_CopyToClipboardExt
L_Create1BitTable
L_CreateBitmap
L_CreateLeadDC
L_CreatePaintPalette
L_CreateScreenPalette
L_CreateUserMatchTable
L_DecompressALL
L_DecompressBMP
L_DecompressBitmap
L_DecompressBitmap1Bit
L_DecompressBitmapMemory
L_DecompressData
L_DecompressFile
L_DecompressGIF
L_DecompressMemory
L_DecompressPCX
L_DecompressTGA
L_DecompressTIF
L_DefaultDithering
L_DeleteLeadDC
L_DitherBitmap
L_DitherLine
L_DupPalette
L_EmbossBitmap
L_EnableDitheredPaint
L_EnableFastPaint
L_EnableIndexedPaint
L_EnableOrderedDither
L_EndCompressBuffer
L_EndCompressData
L_EndDecompressData
L_FileConvert
L_FileInfo
L_FileInfoMemory
L_FillBitmap
L_FlipBitmap
L_Free1BitTable
L_FreeBitmap
L_FreeUserMatchTable
L_GammaCorrectBitmap
L_GetBitmapColors
L_GetBitmapHistogram
L_GetBitmapRow
L_GetBitmapRowCol
L_GetComment
L_GetCompressFileStamp
L_GetDisplayMode
L_GetFixedPalette
L_GetPCDResolution
L_GetPixelColor
L_GrayScaleBitmap
L_HalfToneBitmap
L_HalfToneBitmapExt
L_HistoContrastBitmap
L_HistoEqualizeBitmap
L_InitBitmap
L_IntensityDetectBitmap
L_InvertBitmap
L_LoadBMPBitmap
L_LoadBMPFile
L_LoadBitmap
L_LoadBitmapMemory
L_LoadCALSBitmap
L_LoadCALSFile
L_LoadCustomQTable
L_LoadEPSBitmap
L_LoadEPSFile
L_LoadFile
L_LoadFileOffset
L_LoadGIFBitmap
L_LoadGIFFile
L_LoadIMGBitmap
L_LoadIMGFile
L_LoadMACBitmap
L_LoadMACFile
L_LoadMSPBitmap
L_LoadMSPFile
L_LoadMemory
L_LoadPCDBitmap
L_LoadPCDFile
L_LoadPCTBitmap
L_LoadPCTFile
L_LoadPCXBitmap
L_LoadPCXFile
L_LoadRASBitmap
L_LoadRASFile
L_LoadTGABitmap
L_LoadTGAFile
L_LoadTIFBitmap
L_LoadTIFFile
L_LoadWMFBitmap
L_LoadWPGBitmap
L_LoadWPGFile
L_MedianFilterBitmap
L_MosaicBitmap
L_NormalizeWFXBitmap
L_OptimizeBitmap
L_PaintBuffer
L_PaintDC
L_PaintDCBuffer
L_PaintDCEffect
L_PaintDevice
L_PaintEffect
L_PosterizeBitmap
L_PrintBitmap
L_PrintBitmapExt
L_PrintBitmapFast
L_ProcessBitmap
L_PutBitmapColors
L_PutBitmapRow
L_PutBitmapRowCol
L_PutPixelColor
L_ReadFileComment
L_RedirectIO
L_ReleaseBitmap
L_RemapBitmapIntensity
L_ResampleBitmap
L_Resize
L_ResizeBitmap
L_ReverseBitmap
L_RotateBitmap
L_RotateBitmapFine
L_SaveBMPBitmap
L_SaveBitmap
L_SaveBitmapMemory
L_SaveCALSBitmap
L_SaveEPSBitmap
L_SaveFile
L_SaveFileOffset
L_SaveGIFBitmap
L_SaveIMGBitmap
L_SaveMACBitmap
L_SaveMSPBitmap
L_SaveMultiTIFBitmap
L_SavePCTBitmap
L_SavePCXBitmap
L_SaveRASBitmap
L_SaveTGABitmap
L_SaveTIFBitmap
L_SaveWMFBitmap
L_SaveWPGBitmap
L_ScreenCaptureBitmap
L_SetCallbackLine
L_SetComment
L_SetDisplayMode
L_SetGrayFixedPalette
L_SetLoadInfoCallback
L_SetPCDResolution
L_SetStatusCallBack
L_SetTIFFOption
L_SetTIFFXYResolution
L_SetUserMatchTable
L_SharpenBitmap
L_ShearBitmap
L_SizeBitmap
L_SpatialFilterBitmap
L_StartCompressBuffer
L_StartCompressData
L_StartDecompressData
L_StartDithering
L_StartResize
L_StopDithering
L_StopResize
L_StretchBitmapIntensity
L_TwainAcquire
L_TwainAcquireExt
L_TwainEnumSources
L_TwainSelect
L_TwainSetProps
L_UnderlayBitmap
L_UnlockLZWSupport
L_VersionInfo

Sections

.text
Size: 595KB - Virtual size: 594KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 521B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sKw˪c餤/bin/vtforsat.dll
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sKw˪c餤/bin/vthomsat.dll
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sKw˪c餤/bin/vtimesat.dll
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sKw˪c餤/pages/confirm.tem/confirm.htm
.html
sKw˪c餤/pages/confirm.tem/confirm.inf
sKw˪c餤/pages/normal.tem/normal.htm
.html
sKw˪c餤/pages/normal.tem/normal.inf
sKw˪c餤/pages/survey.tem/survey.htm
.html
sKw˪c餤/pages/survey.tem/survey.inf
sKw˪c餤/pages/vtiform.wiz/vtiform.exe
.exe windows x86

0e24d4d946dcd1b1a3c7bebb74919494

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidCreate

fp20htp

ord37
ord56
ord66
ord43
ord45
ord86
ord52
ord58
ord49
ord47
ord54
ord61
ord34
ord35
ord40
ord60
ord62
ord79
ord10
ord25
ord9
ord78
ord84
ord89
ord64
ord44
ord59
ord39
ord63
ord33
ord32
ord36
ord53
ord46
ord48
ord57
ord51
ord85
ord42
ord65
ord83
ord88
ord55

mfc40

ord2471
ord760
ord706
ord3695
ord483
ord834
ord5031
ord3697
ord486
ord3626
ord2254
ord3111
ord3185
ord2255
ord5363
ord3578
ord3537
ord3879
ord4657
ord2086
ord4608
ord5647
ord3837
ord1540
ord3314
ord4296
ord3922
ord2323
ord1785
ord5649
ord3268
ord4510
ord1494
ord4677
ord835
ord762
ord4704
ord2617
ord2754
ord2843
ord3945
ord2744
ord2845
ord2620
ord2696
ord2961
ord3345
ord3346
ord3340
ord2694
ord1850
ord4101
ord3906
ord3113
ord3110
ord3158
ord542
ord724
ord509
ord731
ord2707
ord2115
ord4681
ord4450
ord4173
ord2199
ord5360
ord1539
ord3890
ord4694
ord3907
ord3134
ord2140
ord4691
ord2008
ord5296
ord3580
ord481
ord1035
ord1015
ord5610
ord1014
ord3145
ord582
ord3762
ord2081
ord2426
ord817
ord3764
ord315
ord317
ord3724
ord819
ord729
ord2427
ord5725
ord5765
ord2114
ord1753
ord3710
ord2261
ord1060
ord836
ord3242
ord701
ord606
ord5492
ord1016
ord2060
ord2007
ord2003
ord2065
ord1996
ord2317
ord707
ord487
ord3656
ord3219
ord672
ord1532
ord662
ord421
ord5506
ord1814
ord1061
ord3552
ord5193
ord5441
ord5570
ord5569
ord4142
ord3761
ord5648
ord3963
ord2234
ord2197
ord5070
ord3431
ord965
ord4627
ord2097
ord2909
ord4713
ord4715
ord3579
ord4165
ord4719
ord5053
ord4096
ord3259
ord721
ord504
ord3655
ord2299
ord1066
ord2293
ord4703
ord2515
ord3884
ord3859
ord4312
ord3213
ord392
ord5003
ord2738
ord3197
ord4933
ord1862
ord336
ord2735
ord3148
ord1449
ord2327
ord4817
ord5656
ord4826
ord5665
ord4931
ord2557
ord1033
ord3307
ord624
ord611
ord358
ord374
ord3162
ord570
ord2072
ord2390
ord1368

msvcrt40

_mbsicmp
atoi
setlocale
_unlink
memmove
??_Dofstream@@QAEXXZ
?close@ofstream@@QAEXXZ
??0ofstream@@QAE@PBDHH@Z
?openprot@filebuf@@2HB
strstr
strrchr
_purecall
__dllonexit
_onexit
_exit
_XcptFilter
exit
__p__acmdln
_initterm
__getmainargs
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
?terminate@@YAXXZ
_controlfp
??6ostream@@QAEAAV0@PBD@Z
_mbscmp
__CxxFrameHandler
??6ostream@@QAEAAV0@H@Z
_strdup
_setmbcp

kernel32

GetStartupInfoA
GetModuleHandleA
GetVersion
Sleep
WritePrivateProfileStringA
GetTempPathA
GetPrivateProfileStringA
FreeLibrary
LoadLibraryA
GetACP
MultiByteToWideChar
DeleteFileA
GetTempFileNameA
GetModuleFileNameA
CreateFileMappingA
GetLastError
IsDBCSLeadByte
LockResource

user32

CharNextA
PostQuitMessage
LoadAcceleratorsA
GetFocus
GetClassNameA
TranslateAcceleratorA
GetKeyState
GetSystemMetrics
GetNextDlgTabItem
MessageBoxA
FindWindowA
MessageBeep
EnableWindow
IsIconic
LoadIconA
GetClientRect
DrawIcon
RegisterClipboardFormatA
SendMessageA
CopyRect

gdi32

SelectPalette
SetStretchBltMode
SetDIBitsToDevice
StretchDIBits

comctl32

ord17

Exports

Exports

??0HTMLLexer@@QAE@ABV0@@Z
??0HTMLParser@@QAE@ABV0@@Z
??0HTMLReader@@QAE@ABV0@@Z
??0HTMLReader@@QAE@XZ
??1HTMLReader@@UAE@XZ
??4HTMLLexer@@QAEAAV0@ABV0@@Z
??4HTMLParser@@QAEAAV0@ABV0@@Z
??4HTMLReader@@QAEAAV0@ABV0@@Z
??_7HTMLLexer@@6B@
??_7HTMLParser@@6B@
??_7HTMLReader@@6B@
??_EHTMLLexer@@UAEPAXI@Z
??_EHTMLParser@@UAEPAXI@Z
??_EHTMLReader@@UAEPAXI@Z
??_GHTMLLexer@@UAEPAXI@Z
??_GHTMLParser@@UAEPAXI@Z
??_GHTMLReader@@UAEPAXI@Z

Sections

.text
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sKw˪c餤/pages/vtiform.wiz/vtiform.inf
sKw˪c餤/pages/vtihome.wiz/vtihome.exe
.exe windows x86

2b68170ff58863be7a66cff77b408c77

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidCreate

fp20htp

ord54
ord56
ord89
ord84
ord45
ord86
ord52
ord58
ord49
ord47
ord61
ord37
ord34
ord35
ord64
ord40
ord62
ord79
ord10
ord25
ord9
ord78
ord43
ord66
ord60
ord44
ord59
ord39
ord63
ord33
ord32
ord36
ord53
ord46
ord48
ord57
ord51
ord85
ord42
ord65
ord83
ord88
ord55

mfc40

ord2471
ord5031
ord760
ord3695
ord483
ord834
ord3626
ord3697
ord486
ord3537
ord2254
ord3111
ord3185
ord2255
ord835
ord706
ord1540
ord3879
ord4657
ord2086
ord4608
ord5647
ord762
ord4704
ord3314
ord4296
ord3922
ord2323
ord1785
ord5649
ord3268
ord4510
ord1494
ord4677
ord5363
ord3578
ord3837
ord2617
ord2754
ord2843
ord3945
ord2744
ord2845
ord2620
ord2696
ord2961
ord3345
ord3346
ord3340
ord2694
ord2140
ord4101
ord3906
ord3113
ord3110
ord3158
ord542
ord724
ord509
ord731
ord2707
ord2115
ord4681
ord4450
ord4173
ord2199
ord5360
ord1539
ord3890
ord4694
ord3907
ord3134
ord570
ord1850
ord4691
ord5296
ord1060
ord3580
ord1035
ord1015
ord5610
ord1014
ord3145
ord582
ord3762
ord2081
ord2426
ord817
ord3764
ord315
ord317
ord3724
ord819
ord729
ord2427
ord2007
ord2060
ord707
ord487
ord2317
ord3046
ord2200
ord481
ord836
ord5725
ord5765
ord2114
ord1753
ord3710
ord2261
ord3884
ord3162
ord606
ord3319
ord3219
ord672
ord1532
ord662
ord421
ord5506
ord5492
ord1814
ord1061
ord3552
ord5193
ord5441
ord4142
ord3761
ord5648
ord3963
ord2234
ord2197
ord5070
ord3431
ord965
ord4627
ord2097
ord2909
ord4713
ord4715
ord3579
ord4165
ord4719
ord5053
ord4096
ord3259
ord721
ord504
ord3655
ord2299
ord1066
ord2293
ord5570
ord5569
ord4703
ord2515
ord2390
ord3859
ord4312
ord3242
ord341
ord701
ord392
ord5003
ord2738
ord3197
ord4933
ord1862
ord336
ord2735
ord3148
ord1449
ord2327
ord1016
ord3383
ord4817
ord5656
ord4826
ord5665
ord4931
ord2557
ord1033
ord3307
ord624
ord611
ord358
ord374
ord3656
ord2072
ord2008
ord3213
ord1368

msvcrt40

setlocale
_mbsicmp
atoi
_unlink
??_Dofstream@@QAEXXZ
??_Difstream@@QAEXXZ
?close@ofstream@@QAEXXZ
?close@ifstream@@QAEXXZ
?get@istream@@QAEHXZ
??0ifstream@@QAE@PBDHH@Z
?openprot@filebuf@@2HB
??0ofstream@@QAE@PBDHH@Z
strstr
strrchr
_purecall
_strdup
__dllonexit
_onexit
_exit
_XcptFilter
exit
__p__acmdln
_initterm
__getmainargs
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
?terminate@@YAXXZ
_controlfp
??6ostream@@QAEAAV0@E@Z
??6ostream@@QAEAAV0@PBD@Z
_mbscmp
__CxxFrameHandler
_setmbcp
??6ostream@@QAEAAV0@H@Z

kernel32

GetStartupInfoA
GetModuleHandleA
GetVersion
Sleep
WritePrivateProfileStringA
GetTempPathA
GetPrivateProfileStringA
FreeLibrary
LoadLibraryA
GetACP
DeleteFileA
GetTempFileNameA
GetModuleFileNameA
CreateFileMappingA
GetLastError
IsDBCSLeadByte
LockResource

user32

CharNextA
PostQuitMessage
LoadAcceleratorsA
GetFocus
IsIconic
GetClassNameA
TranslateAcceleratorA
GetKeyState
GetNextDlgTabItem
MessageBoxA
FindWindowA
CopyRect
DrawIcon
GetSystemMetrics
RegisterClipboardFormatA
GetClientRect
EnableWindow
LoadIconA
SendMessageA

gdi32

SelectPalette
SetStretchBltMode
SetDIBitsToDevice
StretchDIBits

comctl32

ord17

Exports

Exports

??0HTMLLexer@@QAE@ABV0@@Z
??0HTMLParser@@QAE@ABV0@@Z
??0HTMLReader@@QAE@ABV0@@Z
??0HTMLReader@@QAE@XZ
??1HTMLReader@@UAE@XZ
??4HTMLLexer@@QAEAAV0@ABV0@@Z
??4HTMLParser@@QAEAAV0@ABV0@@Z
??4HTMLReader@@QAEAAV0@ABV0@@Z
??_7HTMLLexer@@6B@
??_7HTMLParser@@6B@
??_7HTMLReader@@6B@
??_EHTMLLexer@@UAEPAXI@Z
??_EHTMLParser@@UAEPAXI@Z
??_EHTMLReader@@UAEPAXI@Z
??_GHTMLLexer@@UAEPAXI@Z
??_GHTMLParser@@UAEPAXI@Z
??_GHTMLReader@@UAEPAXI@Z

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sKw˪c餤/pages/vtihome.wiz/vtihome.inf

Sharing

General

Malware Config

Signatures

Files

a6a8b13b3b2ad6792cf8ccc77fb0f95b

Headers

File Characteristics

Imports

fp20tl

mfc40

msvcrt40

kernel32

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 40KB - Virtual size: 40KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 2KB

57ab5a3443b99bbae5903ba552fe2c6a

Headers

File Characteristics

Imports

lead52n

avifil32

msvfw32

fp20utl

fp20tl

mfc40

msvcrt40

kernel32

user32

gdi32

advapi32

ole32

Exports

Exports

Sections

.text Size: 82KB - Virtual size: 82KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 2KB - Virtual size: 96KB

.idata Size: 6KB - Virtual size: 5KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 8KB - Virtual size: 8KB

353b49dbf658f8f5e7ced54b966ddcbc

Headers

File Characteristics

Imports

user32

kernel32

mfc40

msvcrt40

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 3KB - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 7KB - Virtual size: 6KB

04cca6185d71cad6dc6652db691b00b7

Headers

File Characteristics

Imports

fp20htp

fp20tl

user32

advapi32

ole32

oleaut32

wsock32

mfc40

msvcrt40

kernel32

Sections

.text Size: 395KB - Virtual size: 394KB

.rdata Size: 71KB - Virtual size: 71KB

.data Size: 87KB - Virtual size: 104KB

.idata Size: 8KB - Virtual size: 7KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 40KB - Virtual size: 40KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 82KB - Virtual size: 82KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 2KB - Virtual size: 96KB

.idata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 8KB - Virtual size: 8KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 3KB - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 7KB - Virtual size: 6KB

.text
Size: 395KB - Virtual size: 394KB

.rdata
Size: 71KB - Virtual size: 71KB

.data
Size: 87KB - Virtual size: 104KB

.idata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 29KB - Virtual size: 29KB

.rsrc
Size: 247KB - Virtual size: 246KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 51KB - Virtual size: 50KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 6KB

.idata
Size: 4KB - Virtual size: 3KB

.shared
Size: 512B - Virtual size: 323B

.instanc
Size: 512B - Virtual size: 260B

.rsrc
Size: 31KB - Virtual size: 30KB

.reloc
Size: 4KB - Virtual size: 4KB

.text
Size: 1006KB - Virtual size: 1005KB

.rdata
Size: 238KB - Virtual size: 238KB

.data
Size: 31KB - Virtual size: 33KB

.idata
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 247KB - Virtual size: 246KB

.reloc
Size: 104KB - Virtual size: 103KB