blackmoon | 2bc78b2cb385b002ee7cf3406e93c7ee336765022f9c3298637dc6496d8fc2fe

Sharing

Copy URL

Twitter E-mail

General

Target

2bc78b2cb385b002ee7cf3406e93c7ee336765022f9c3298637dc6496d8fc2fe
Size

11.2MB
MD5

79225ea0838211b5d0784dd0bcf7a877
SHA1

e92e39fbbf074fa076bd65f41bb8877aba71fc8c
SHA256

2bc78b2cb385b002ee7cf3406e93c7ee336765022f9c3298637dc6496d8fc2fe
SHA512

d6a75dbe60d46750e47ea1d55a318e272c12f5b10085c252362e93df489f9dba74e2a974684e6720e4ef234a4cbbf61eb8270254da379e06b96126061c276132
SSDEEP

196608:KaixOP4K0wRB9hQjqjnMwud/Dd/saC/CEdhmNajpArORrtpp0hnAPwuEGQ2g2+Xe:Kasc4K0wb98gn/kea4xH6yjpuxRc/1MY

Score

10^/10

vmprotect blackmoon

Malware Config

Signatures

Blackmoon family
blackmoon

Detect Blackmoon payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/츨12.16ɫ/츨12.16ɫ/update.exe	family_blackmoon

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

Processes:

resource	yara_rule
static1/unpack001/츨12.16ɫ/츨12.16ɫ/3km2.dll	vmprotect

Files

2bc78b2cb385b002ee7cf3406e93c7ee336765022f9c3298637dc6496d8fc2fe
.zip
츨12.16ɫ/츨.url
.url
츨12.16ɫ/Ա.url
.url
츨12.16ɫ/츨12.16ɫ/33BEE5EE.dat
.exe windows x86

74aa1b215003e47d3db2ffec14e884fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut
midiOutPrepareHeader
waveOutOpen
midiOutUnprepareHeader
midiStreamOpen
midiStreamProperty
waveOutReset
waveOutPause
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
midiStreamStop
midiOutReset
midiStreamClose
midiStreamRestart
waveOutGetNumDevs
waveOutClose

ws2_32

WSAAsyncSelect
closesocket
WSACleanup
recvfrom
ioctlsocket
inet_ntoa
recv
accept
getpeername

kernel32

MultiByteToWideChar
SetLastError
GetTimeZoneInformation
GetVersion
HeapSize
RaiseException
GetLocalTime
GetSystemTime
RtlUnwind
GetOEMCP
GetCPInfo
GetProcessVersion
SetErrorMode
GlobalFlags
GetCurrentThread
GetFileTime
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
lstrcmpA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpiA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
lstrcpynA
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalFree
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
TerminateProcess
GetCurrentProcess
GetFileSize
SetFilePointer
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
ReadFile
GetLastError
WaitForMultipleObjects
CreateFileA
SetEvent
FindResourceA
LoadResource
LockResource
GetModuleFileNameA
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
WinExec
lstrcpyA
FindNextFileA
InterlockedExchange
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetFullPathNameA
FreeLibrary
LoadLibraryA
lstrlenA
GetVersionExA
WritePrivateProfileStringA
CreateThread
CreateEventA
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
FindFirstFileA
FindClose
GetFileAttributesA
SetCurrentDirectoryA
GetVolumeInformationA
GetModuleHandleA
GetProcAddress
MulDiv
GetCommandLineA
GetTickCount
WaitForSingleObject
CloseHandle
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
SetEnvironmentVariableA
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetStringTypeA
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
GetStringTypeW
CompareStringA
CompareStringW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetStartupInfoA

user32

IsIconic
SetFocus
GetActiveWindow
GetWindow
DestroyAcceleratorTable
PeekMessageA
SetMenu
GetMenu
GetKeyState
LoadImageA
EnumDisplaySettingsA
ClientToScreen
EnableMenuItem
GetSubMenu
GetDlgCtrlID
DefWindowProcA
GetClassInfoA
IsZoomed
PostQuitMessage
CopyAcceleratorTableA
TranslateAcceleratorA
IsWindowEnabled
ShowWindow
CreateAcceleratorTableA
CreateMenu
SetWindowRgn
GetMessagePos
ScreenToClient
ChildWindowFromPointEx
CopyRect
LoadBitmapA
ModifyMenuA
KillTimer
SetTimer
ReleaseCapture
GetCapture
SetCapture
GetScrollRange
SetScrollRange
SetScrollPos
InflateRect
SetRect
IntersectRect
GetSysColorBrush
DestroyIcon
PtInRect
OffsetRect
IsWindowVisible
EnableWindow
RedrawWindow
GetWindowLongA
SetWindowLongA
GetSysColor
SetActiveWindow
SetCursorPos
LoadCursorA
SetCursor
GetDC
FillRect
IsRectEmpty
ReleaseDC
IsChild
DestroyMenu
SetForegroundWindow
GetWindowRect
EqualRect
UpdateWindow
ValidateRect
InvalidateRect
GetClientRect
GetFocus
GetParent
GetTopWindow
PostMessageA
IsWindow
SetParent
DestroyCursor
SendMessageA
SetWindowPos
MessageBoxA
GetCursorPos
GetSystemMetrics
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
wsprintfA
AppendMenuA
CreatePopupMenu
DrawIconEx
CreateIconFromResource
CreateIconFromResourceEx
RegisterClipboardFormatA
DispatchMessageA
GetMessageA
WindowFromPoint
DrawFocusRect
DrawEdge
DrawFrameControl
LoadIconA
TranslateMessage
SystemParametersInfoA
GetDesktopWindow
GetClassNameA
GetDlgItem
GetWindowTextA
WinHelpA
UnregisterClassA
SetRectEmpty
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
RegisterWindowMessageA
GetForegroundWindow
GetLastActivePopup
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetScrollPos
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
LoadStringA

gdi32

GetTextMetricsA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetViewportExtEx
ExtSelectClipRgn
CreateSolidBrush
GetStockObject
CreateFontIndirectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
CreateCompatibleDC
Ellipse
Rectangle
DPtoLP
GetCurrentObject
RoundRect
GetTextExtentPoint32A
GetDeviceCaps
CreateRectRgnIndirect
SetBkColor
LineTo
MoveToEx
ExcludeClipRect
GetClipBox
ScaleWindowExtEx
CombineRgn
CreateRectRgn
FillRgn
PatBlt
CreatePen
GetObjectA
SelectObject
CreateBitmap
CreateDCA
CreateCompatibleBitmap
GetPolyFillMode
GetStretchBltMode
GetROP2
GetBkColor
GetBkMode
GetTextColor
GetWindowOrgEx
GetViewportOrgEx
GetWindowExtEx
CreateRoundRectRgn
CreateEllipticRgn
PathToRegion
EndPath
BeginPath
GetDIBits
RealizePalette
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SelectPalette
StretchBlt
CreatePalette
GetSystemPaletteEntries
CreateDIBitmap
DeleteObject
SelectClipRgn
GetClipRgn
SetStretchBltMode
LPtoDP
CreatePolygonRgn
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegQueryValueA
RegCreateKeyExA

shell32

ShellExecuteA
Shell_NotifyIconA

ole32

CLSIDFromString
OleUninitialize
OleInitialize

oleaut32

LoadTypeLi
RegisterTypeLi
UnRegisterTypeLi

comctl32

ord17
ImageList_Destroy

comdlg32

ChooseColorA
GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

Sections

.text
Size: 428KB - Virtual size: 427KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
츨12.16ɫ/츨12.16ɫ/3km2.dll
.dll windows x86

3d859c332b0bf0b0d1a14f49350a54a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamRestart
midiStreamClose
midiOutReset
midiStreamStop
midiOutUnprepareHeader
midiStreamOut
midiOutPrepareHeader
midiStreamProperty
midiStreamOpen
waveOutOpen
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutWrite
waveOutPause
waveOutReset
waveOutClose
waveOutGetNumDevs

ws2_32

WSAAsyncSelect
ioctlsocket
getpeername
closesocket
WSACleanup
inet_ntoa
recv
recvfrom
accept

kernel32

MultiByteToWideChar
SetLastError
GetTimeZoneInformation
GetVersion
UnmapViewOfFile
CompareStringW
CompareStringA
SetUnhandledExceptionFilter
GetStringTypeA
IsBadWritePtr
LCMapStringW
LCMapStringA
SetEnvironmentVariableA
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetACP
HeapSize
RaiseException
GetLocalTime
GetSystemTime
RtlUnwind
GetOEMCP
GetCPInfo
GetProcessVersion
SetErrorMode
GlobalFlags
GetCurrentThread
GetFileTime
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
lstrcmpA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpiA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
lstrcpynA
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalFree
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
TerminateProcess
GetCurrentProcess
GetFileSize
SetFilePointer
IsBadReadPtr
VirtualFree
VirtualAlloc
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
ReadFile
GetLastError
WaitForMultipleObjects
CreateFileA
SetEvent
FindResourceA
LoadResource
LockResource
GetModuleFileNameA
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
WinExec
lstrcpyA
FindNextFileA
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetFullPathNameA
FreeLibrary
LoadLibraryA
lstrlenA
GetVersionExA
WritePrivateProfileStringA
GetPrivateProfileStringA
CreateThread
CreateEventA
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
FindFirstFileA
FindClose
GetFileAttributesA
DeleteFileA
CreateDirectoryA
SetCurrentDirectoryA
GetVolumeInformationA
GetModuleHandleA
GetProcAddress
MulDiv
GetCommandLineA
GetTickCount
WaitForSingleObject
CloseHandle
IsBadCodePtr
SetStdHandle
InterlockedExchange
GetStringTypeW
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

EnableMenuItem
GetSubMenu
GetDlgCtrlID
CreateAcceleratorTableA
CreateMenu
ModifyMenuA
AppendMenuA
CreatePopupMenu
DrawIconEx
CreateIconFromResource
CreateIconFromResourceEx
RegisterClipboardFormatA
SetRectEmpty
DispatchMessageA
GetMessageA
WindowFromPoint
DrawFocusRect
DrawEdge
DrawFrameControl
TranslateMessage
LoadIconA
SystemParametersInfoA
GetDesktopWindow
ClientToScreen
EnumDisplaySettingsA
LoadImageA
ShowWindow
IsWindowEnabled
TranslateAcceleratorA
GetKeyState
GetDlgItem
PostQuitMessage
IsZoomed
GetSystemMenu
DeleteMenu
GetClassInfoA
DefWindowProcA
GetMenu
SetMenu
PeekMessageA
GetClassNameA
IsIconic
SetFocus
GetActiveWindow
GetWindow
DestroyAcceleratorTable
SetWindowRgn
GetMessagePos
ScreenToClient
ChildWindowFromPointEx
CopyRect
LoadBitmapA
WinHelpA
KillTimer
SetTimer
ReleaseCapture
GetCapture
SetCapture
GetScrollRange
SetScrollRange
SetScrollPos
InflateRect
SetRect
IntersectRect
DestroyIcon
PtInRect
OffsetRect
IsWindowVisible
EnableWindow
RedrawWindow
GetWindowLongA
SetWindowLongA
GetSysColor
SetActiveWindow
SetCursorPos
LoadCursorA
SetCursor
GetDC
FillRect
InvertRect
IsRectEmpty
ScrollDC
ReleaseDC
IsChild
DestroyMenu
SetForegroundWindow
GetWindowRect
EqualRect
UpdateWindow
ValidateRect
InvalidateRect
GetClientRect
GetFocus
GetParent
GetTopWindow
PostMessageA
IsWindow
SetParent
DestroyCursor
SendMessageA
SetWindowPos
MessageBoxA
GetCursorPos
GetSystemMetrics
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
wsprintfA
GetWindowTextA
CopyAcceleratorTableA
GetSysColorBrush
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
RegisterWindowMessageA
GetForegroundWindow
GetLastActivePopup
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetScrollPos
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
UnregisterClassA
LoadStringA

gdi32

ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreatePolygonRgn
SelectClipRgn
CreateDIBitmap
GetSystemPaletteEntries
CreatePalette
StretchBlt
SelectPalette
RealizePalette
GetDIBits
GetWindowExtEx
GetViewportOrgEx
GetWindowOrgEx
BeginPath
EndPath
PathToRegion
CreateEllipticRgn
CreateRoundRectRgn
GetTextColor
GetBkMode
GetBkColor
GetROP2
GetStretchBltMode
GetPolyFillMode
CreateCompatibleBitmap
CreateDCA
CreateBrushIndirect
CreateHatchBrush
CreateBitmap
SetWindowOrgEx
SelectObject
GetObjectA
CreatePen
PatBlt
FillRgn
CreateRectRgn
CombineRgn
CreateSolidBrush
GetStockObject
CreateFontIndirectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
CreateCompatibleDC
SetPixelV
Ellipse
Rectangle
LPtoDP
DPtoLP
GetCurrentObject
RoundRect
Pie
Chord
Arc
Polygon
GetTextExtentPoint32A
GetDeviceCaps
SetBkColor
GetNearestPaletteIndex
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
ExcludeClipRect
MoveToEx
LineTo
ExtSelectClipRgn
GetViewportExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextMetricsA
GetClipRgn
SetStretchBltMode
CreatePatternBrush
DeleteObject
CreateRectRgnIndirect

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegSetValueExA
RegQueryValueA
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteA
Shell_NotifyIconA

ole32

OleInitialize
OleUninitialize
CLSIDFromString

oleaut32

LoadTypeLi
RegisterTypeLi
UnRegisterTypeLi

comctl32

ImageList_GetIcon
ImageList_GetImageCount
ImageList_SetBkColor
ord17
ImageList_Destroy
ImageList_Read
ImageList_Duplicate

comdlg32

GetSaveFileNameA
ChooseColorA
GetFileTitleA
GetOpenFileNameA

Exports

Exports

3?��?
joggle
��w��ec�:�v�hw0&W:�Y��#9��҅g�o�!=��N�,�8B��A>a�|ӵ�]�`�`�糾��x��p�ǲ_��x�s��)>�Iس�5��..��N��ܨ%x��m��>�lO��O�xu�� IK�)i�(��`��Ab�V� nޓ�`Y�DBu�+�k,y�Y�ԣ��5�'Q��A��U��Q��a�X��=�V�hI��`6a+�_#��{Aq�Pq*��ى�o��t�� <�flC\�=��?b�F3Ԛ�K+/��b��K1rт/��\S��˫��. ��}��*��b/!�,!U��PB�ofz�l�)��>�s�X �_��j?�_��ւT��e�ub#��\f� �U��ă�]H�gP0�iE��꭬$�2��7�<�M�huJ�ȖY�9)��ݕ&�R��%U��5��Ӥ��@yo��l�T�b;E�.Q�N�;�9�f��2��Q�cyHÛ4ָ��8�D�!�0��SяJ�� 1gx��=�s�#��v�+��kI�S�x�J�0Y�>�v,]��m:�f��m�C�<a��W$M L��?m|�ad��O>�tBT ��=Ҧ�}��ℭ�MC��sf�ս�l�:�G��!�]\��M_�� L�9_�^LT4n@N,�~��A��f��q �S��C�hR��J�'�$�mff�nv��c�1K��l�$��Yr�O'4��*y!�^E�~E�1�I��&Й�Յe�;t�[w�aO�ΏR�� q��c!�#�'��A�E�q�g��.�DK�D2��F��%R�� 3��GY9��Q��뎖�ۮB��n��ޚh9E��ֵA11�D;�&�se�R�S'��AH��_4��%Z|�/u��`�OVB��҃��5�g��m��G�aQ�ݑ�g]hy� S�&��܏ �mcP��-��[��{�lf�s�X��@�/A��(��=�_�A��HPB�4�!?��Z�J�SF�t%@��1p�;��Ċ��u)�WF��`��M8��ḟ��q�'��G�!�ct�7{/O]v�B��A&��_׼��v ��o��}��Hk/�gG�S��On��ÖW,��+�;�c)��<�]��$*H(�Pjq~Vʴ$7 +C�a᧸! ��"8��O@�|��Ԡ|.�Ro)��P[* �Qo�'$�1�'X��/��.0b�8��aĞ W,� m7G��+�&�Qj��(#��z��śO\�q��7.J�)b��7a�+�� ϲi�B��N��-Es,�E��s��3<T�uܣ��Us��o�Ҷ��C�h�"��4.i�Z��ݜ�Cm�z��L#�K��'�S],K�e7=�t@_��ZB��1*&Yk��2�~� p�-aV2�m5��\�P�Lgo)\��Kl��t�zo��f�p�� \ިP�d[��iT��#"��<��q�L?Ԕ��ﱭ��ZȂd{a-��A q��v,��d�c�.b�r��xe ��˫��J��MY�y��z��#�x�ۅ�Y��Ӈ`��%Ga�~<{�TĹ�b�ef�&)`�8 耺;��n�кP^�b́0¸��J�n��RQiUm�۞��6;O[��D��&��|<��38W@Q�T��o*�K�zt>e�3M�� k��;2#�f_�`�F��7�nU��U�ˉRa�\6pB�(��ܙ��N�t��섃��:��o��]CX��jc�ؚOr��B0��z��V�#;��J��}1D��g0 N��1g��=��Ѳ�HX9k̶��S `~�m�M=( �ݩm�GKZO�/�N:&r�"�,~�#(RF!�t�@"PQ ��uhl&í'(�gFg��f4;a2G&��.[㺵Awq0�f�/��H��'~��P�J��>h��%�Lm^#�1��ÉT��D��#��z(ɍ䆋U�O�$�9�R೚��w��TKē��z�)k��e�7p�-��:ջ��Y�:"�ɺ:�F�\�y�]��"�,:o?�9i�Nҿ"1H]�[k&�D�Z)��B8G�n��'�E8��ꃽZT��ox�uґ%�Pc�ec�*\�*�`�4%�ܾ.u_��8=��N� ?r��Nޱ(kUҞ] �$��rvن�E�<��ڇ �N��w��|�D+�A~��Z}��mI�~�Ff�C��>E�u �"�=�E� ��l�8]<��#��(9[�'��]?�1F'��t�,��ؕ�D0u�c��٧97��n��$ ��2*N�zzD+��<� #9��n��j�4}[�=�k�ik��G��潫쌻�侓&(Y`��-��o�3�>Q��ɋln'0F�`7A�%6�JD��U�/�$⑧'�P='Aؔc��)B]�/1��,&j�;Z��q}�x��_��){`[[��f��a;PW�``[��u�(�p G��ŝ��|'U�߽;U�_v��a1� ��@⽦�c�+��b�o��XV�<�C�DY`l� ��*y�ͫU�'b��Ha_y��b&��Q��Q`Q�yjw��~��Z��_��5nOX�-��EY�\F�Uj�c~�ش�� 4��J4u��F�`�ѤI-�� dnq�_�1I��٦��.��e��mm�8ՙ�g˨Gx�s��x��D0�we��5�V�xO��ą�)��ꔽa9KL�Wl�xu�_;0؆�2�� ~7��g�ɳn8��a<�͉{ET. 03׵�#�q4�?��<|�]��F�]we0-f��v?aʮϖ:nKD1l�.��Ԝj��y-hK�,(�s�0_�n�:t��B5��M17jG�T�n!�P+wP��>��Q ��I2uxu��4qT��y�e��(V��J5�iWwʓ.��E��h�%<6\�#

Sections

.text
Size: 840KB - Virtual size: 838KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 248KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
츨12.16ɫ/츨12.16ɫ/Astar.dll
.dll windows x86

30e657f1f40d17e31263ff2a1027d7a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
HeapFree
VirtualFree
HeapDestroy
HeapCreate
VirtualAlloc
GetCurrentThreadId
DecodePointer
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetLastError
InterlockedDecrement
GetProcAddress
Sleep
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
LoadLibraryW
WriteFile
GetModuleFileNameW
RtlUnwind
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapSize
IsProcessorFeaturePresent

Exports

Exports

FindPath
MapCreate
MapDestroy
NextPath

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
츨12.16ɫ/츨12.16ɫ/Dll.dll
.dll windows x86

a92498414db21a706a4a16a356512c1a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetLastError
GetCurrentProcess
OpenProcess
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
Sleep
GetSystemTimeAsFileTime
InterlockedExchange
DecodePointer
EncodePointer

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

msvcr100

_except_handler4_common
_onexit
_lock
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
__dllonexit

Exports

Exports

??4CDll@@QAEAAV0@ABV0@@Z
DLLAPI_OpenProcess
DLLAPI_UpLevel
testproc

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 366B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
츨12.16ɫ/츨12.16ɫ/GetInfo.dll
.dll windows x86

b472b00c33930cac8adc882e982e968c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptVerifyMessageSignature

imagehlp

ImageGetCertificateData
ImageGetCertificateHeader

kernel32

SetEnvironmentVariableA
WriteConsoleW
CreateFileW
GetLastError
CloseHandle
FreeLibrary
InterlockedExchange
GetProcAddress
GetModuleHandleW
GlobalAlloc
lstrcmpW
GlobalLock
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceW
MultiByteToWideChar
SetLastError
GetConsoleCP
DeactivateActCtx
LoadLibraryW
ActivateActCtx
GetLocaleInfoW
GetModuleFileNameW
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
lstrcmpA
GetPrivateProfileIntW
WritePrivateProfileStringW
lstrlenW
GetPrivateProfileStringW
GetCurrentProcessId
GlobalAddAtomW
SetThreadPriority
LCMapStringW
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
QueryPerformanceCounter
HeapDestroy
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStartupInfoW
GetStdHandle
SetHandleCount
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetFileType
SetStdHandle
ResumeThread
WaitForSingleObject
GetConsoleMode
VirtualQuery
GetSystemInfo
CreateActCtxW
ReleaseActCtx
VirtualAlloc
GetSystemTimeAsFileTime
HeapReAlloc
HeapQueryInformation
HeapSize
RaiseException
CreateThread
ExitThread
ExitProcess
RtlUnwind
HeapFree
HeapAlloc
GetCommandLineA
DecodePointer
EncodePointer
FindResourceExW
VirtualProtect
SearchPathW
Sleep
GetProfileIntW
GetTickCount
InitializeCriticalSectionAndSpinCount
GetNumberFormatW
GetWindowsDirectoryW
GetTempPathW
GetTempFileNameW
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
GetFileAttributesExW
FileTimeToSystemTime
lstrlenA
GlobalGetAtomNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiW
lstrcpyW
DeleteFileW
InterlockedIncrement
CopyFileW
GlobalSize
FormatMessageW
GetCurrentDirectoryW
MulDiv
GlobalFlags
InterlockedDecrement
FreeResource
GlobalFindAtomW
GetVersionExW
CompareStringW
SetErrorMode
TlsFree
GlobalFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalUnlock
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalFree
LocalAlloc

user32

OpenClipboard
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
WaitMessage
PostThreadMessageW
CreateMenu
IsMenu
UpdateLayeredWindow
UnionRect
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
GetNextDlgGroupItem
LoadImageW
CopyImage
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyW
ToUnicodeEx
CopyAcceleratorTableW
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateW
MessageBeep
ReleaseCapture
SetCapture
GetSystemMenu
LoadMenuW
SetClassLongW
GetAsyncKeyState
NotifyWinEvent
WindowFromPoint
CreatePopupMenu
DestroyAcceleratorTable
SetParent
RedrawWindow
SetWindowRgn
OffsetRect
IsRectEmpty
IntersectRect
DestroyMenu
GetMenuItemInfoW
InflateRect
CharUpperW
DestroyIcon
IsIconic
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoW
SetRectEmpty
KillTimer
SetTimer
InvalidateRect
GetMenuStringW
AppendMenuW
RemoveMenu
EndPaint
BeginPaint
SetClipboardData
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
InsertMenuW
DeleteMenu
LoadCursorW
GetSystemMetrics
GetDC
ReleaseDC
GetSysColorBrush
GetDesktopWindow
RealChildWindowFromPoint
ClientToScreen
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
IsWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetClientRect
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
CloseClipboard
EmptyClipboard
RegisterClipboardFormatW
CopyIcon
GetWindowRgn
DestroyCursor
DrawIcon
MapDialogRect
AdjustWindowRectEx
GetWindowRect
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
SubtractRect
MapVirtualKeyExW
GetKeyNameTextW
IsCharLowerW
GetDoubleClickTime
GetWindowDC
CharUpperBuffW
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
GetWindow
UnregisterClassW
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
ShowOwnedPopups
SetCursor
PostMessageW
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
SendMessageW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
IsZoomed

gdi32

SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CopyMetaFileW
CreateDCW
CreateDIBitmap
CreateFontIndirectW
CreateCompatibleBitmap
CreateRectRgnIndirect
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
GetTextExtentPoint32W
SetLayout
CombineRgn
PatBlt
DPtoLP
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetBkColor
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
GetRgnBox
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExW
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceW
SetPixelV
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetDeviceCaps
DeleteObject
GetObjectW
SetBkColor
SetTextColor
SetRectRgn
CreateBitmap

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumKeyExW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
RegQueryValueExW

shell32

SHAppBarMessage
SHGetFileInfoW
ShellExecuteW
SHGetDesktopFolder
SHGetPathFromIDListW
SHBrowseForFolderW
DragQueryFileW
DragFinish
SHGetSpecialFolderLocation

comctl32

ImageList_GetIconSize

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW

ole32

DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
CoInitialize
CoCreateInstance
CoUninitialize
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoCreateGuid
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard

oleaut32

SysFreeString
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysAllocString

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageGraphicsContext
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI
GdipBitmapUnlockBits
GdipGetImageWidth

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Exports

Exports

GetPEFileInfo

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 261KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
츨12.16ɫ/츨12.16ɫ/Lua.dll
.dll windows x86

5e31d04adf39fed5d16a590f2b3bae68

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_isctype
__mb_cur_max
localeconv
strtoul
strtod
sprintf
strncat
strcspn
strncpy
strcoll
strstr
ungetc
fclose
getc
_iob
fopen
fread
strerror
_errno
realloc
free
fprintf
fputs
fgets
_popen
tmpfile
clearerr
fscanf
fwrite
ftell
fseek
setvbuf
fflush
_pclose
_CIsinh
_pctype
_CItanh
_CIasin
_CIacos
ceil
_CIfmod
modf
frexp
ldexp
rand
srand
_HUGE
system
remove
rename
tmpnam
getenv
clock
strftime
localtime
gmtime
time
mktime
difftime
setlocale
tolower
toupper
strpbrk
memchr
strrchr
_initterm
malloc
_adjust_fdiv
__dllonexit
_onexit
_setjmp3
longjmp
exit
strchr
_CIpow
floor
_CIcosh
_ftol

kernel32

GetModuleFileNameA
FreeLibrary
GetProcAddress
GetLastError
FormatMessageA
LoadLibraryA
DisableThreadLibraryCalls

Exports

Exports

luaD_growstack
luaF_newproto
luaL_addlstring
luaL_addstring
luaL_addvalue
luaL_argerror
luaL_buffinit
luaL_callmeta
luaL_checkany
luaL_checkinteger
luaL_checklstring
luaL_checknumber
luaL_checkoption
luaL_checkstack
luaL_checktype
luaL_checkudata
luaL_error
luaL_findtable
luaL_getmetafield
luaL_gsub
luaL_loadbuffer
luaL_loadfile
luaL_loadstring
luaL_newmetatable
luaL_newstate
luaL_openlib
luaL_openlibs
luaL_optinteger
luaL_optlstring
luaL_optnumber
luaL_prepbuffer
luaL_pushresult
luaL_ref
luaL_register
luaL_typerror
luaL_unref
luaL_where
luaM_realloc_
luaM_toobig
luaS_newlstr
luaU_dump
lua_atpanic
lua_call
lua_checkstack
lua_close
lua_concat
lua_cpcall
lua_createtable
lua_dump
lua_equal
lua_error
lua_gc
lua_getallocf
lua_getfenv
lua_getfield
lua_gethook
lua_gethookcount
lua_gethookmask
lua_getinfo
lua_getlocal
lua_getmetatable
lua_getstack
lua_gettable
lua_gettop
lua_getupvalue
lua_insert
lua_iscfunction
lua_isnumber
lua_isstring
lua_isuserdata
lua_lessthan
lua_load
lua_newstate
lua_newthread
lua_newuserdata
lua_next
lua_objlen
lua_pcall
lua_pushboolean
lua_pushcclosure
lua_pushfstring
lua_pushinteger
lua_pushlightuserdata
lua_pushlstring
lua_pushnil
lua_pushnumber
lua_pushstring
lua_pushthread
lua_pushvalue
lua_pushvfstring
lua_rawequal
lua_rawget
lua_rawgeti
lua_rawset
lua_rawseti
lua_remove
lua_replace
lua_resume
lua_setallocf
lua_setfenv
lua_setfield
lua_sethook
lua_setlocal
lua_setmetatable
lua_settable
lua_settop
lua_setupvalue
lua_status
lua_toboolean
lua_tocfunction
lua_tointeger
lua_tolstring
lua_tonumber
lua_topointer
lua_tothread
lua_touserdata
lua_type
lua_typename
lua_xmove
lua_yield
luaopen_base
luaopen_debug
luaopen_io
luaopen_math
luaopen_os
luaopen_package
luaopen_string
luaopen_table

Sections

.text
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
츨12.16ɫ/츨12.16ɫ/gom.dat
.exe windows x86

56c3c44f14c64295f9c942d5c3e3625b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut
midiOutPrepareHeader
waveOutOpen
midiOutUnprepareHeader
midiStreamOpen
midiStreamProperty
waveOutReset
waveOutPause
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
midiStreamStop
midiOutReset
midiStreamClose
midiStreamRestart
waveOutGetNumDevs
waveOutClose

ws2_32

WSAAsyncSelect
closesocket
WSACleanup
recvfrom
ioctlsocket
inet_ntoa
recv
accept
getpeername

kernel32

GetTimeZoneInformation
GetVersion
HeapSize
RaiseException
GetLocalTime
GetSystemTime
RtlUnwind
GetStartupInfoA
GetOEMCP
GetProcessVersion
SetErrorMode
GlobalFlags
GetCurrentThread
GetFileTime
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
lstrcmpA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpiA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
lstrcpynA
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalFree
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
SetLastError
MultiByteToWideChar
TerminateProcess
GetCurrentProcess
GetFileSize
SetFilePointer
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
ReadFile
GetLastError
WaitForMultipleObjects
CreateFileA
DeviceIoControl
SetEvent
FindResourceA
LoadResource
LockResource
GetModuleFileNameA
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
WinExec
lstrcpyA
InterlockedExchange
FindNextFileA
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetFullPathNameA
FreeLibrary
LoadLibraryA
lstrlenA
GetVersionExA
WritePrivateProfileStringA
GetPrivateProfileStringA
CreateThread
CreateEventA
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
FindFirstFileA
FindClose
GetFileAttributesA
CreateDirectoryA
SetCurrentDirectoryA
GetVolumeInformationA
GetModuleHandleA
GetProcAddress
MulDiv
GetCommandLineA
GetTickCount
WaitForSingleObject
CloseHandle
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
SetEnvironmentVariableA
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetCPInfo

user32

PeekMessageA
SetMenu
GetMenu
DefWindowProcA
GetClassInfoA
DeleteMenu
GetSystemMenu
IsZoomed
PostQuitMessage
CopyAcceleratorTableA
GetKeyState
TranslateAcceleratorA
IsWindowEnabled
ShowWindow
LoadImageA
EnumDisplaySettingsA
ClientToScreen
EnableMenuItem
GetSubMenu
GetDlgCtrlID
CreateAcceleratorTableA
CreateMenu
IsIconic
SetFocus
GetActiveWindow
GetWindow
DestroyAcceleratorTable
SetWindowRgn
GetMessagePos
ScreenToClient
ChildWindowFromPointEx
CopyRect
LoadBitmapA
ModifyMenuA
KillTimer
SetTimer
ReleaseCapture
GetCapture
SetCapture
GetScrollRange
SetScrollRange
SetScrollPos
InflateRect
SetRect
IntersectRect
GetSysColorBrush
DestroyIcon
PtInRect
OffsetRect
IsWindowVisible
EnableWindow
RedrawWindow
GetWindowLongA
SetWindowLongA
GetSysColor
SetActiveWindow
SetCursorPos
LoadCursorA
SetCursor
GetDC
FillRect
InvertRect
IsRectEmpty
ScrollDC
ReleaseDC
IsChild
DestroyMenu
SetForegroundWindow
GetWindowRect
EqualRect
UpdateWindow
ValidateRect
InvalidateRect
GetClientRect
GetFocus
GetParent
GetTopWindow
PostMessageA
IsWindow
SetParent
DestroyCursor
SendMessageA
SetWindowPos
MessageBoxA
GetCursorPos
GetSystemMetrics
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
wsprintfA
AppendMenuA
CreatePopupMenu
DrawIconEx
CreateIconFromResource
CreateIconFromResourceEx
RegisterClipboardFormatA
SetRectEmpty
DispatchMessageA
GetMessageA
DrawFocusRect
DrawEdge
DrawFrameControl
LoadIconA
TranslateMessage
SystemParametersInfoA
GetDesktopWindow
GetClassNameA
GetDlgItem
GetWindowTextA
WinHelpA
UnregisterClassA
WindowFromPoint
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
RegisterWindowMessageA
GetForegroundWindow
GetLastActivePopup
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetScrollPos
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
LoadStringA

gdi32

ExtTextOutA
TextOutA
RectVisible
PtVisible
GetViewportExtEx
ExtSelectClipRgn
CreatePen
PatBlt
FillRgn
CreateRectRgn
CombineRgn
CreateSolidBrush
GetStockObject
CreateFontIndirectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
CreateCompatibleDC
SetPixelV
Escape
Rectangle
LPtoDP
DPtoLP
GetCurrentObject
RoundRect
Pie
Chord
Arc
Polygon
GetTextExtentPoint32A
GetDeviceCaps
LineTo
MoveToEx
ExcludeClipRect
GetClipBox
ScaleWindowExtEx
GetTextMetricsA
GetObjectA
SelectObject
CreatePatternBrush
CreateBitmap
CreateHatchBrush
CreateBrushIndirect
CreateDCA
CreateCompatibleBitmap
GetPolyFillMode
GetStretchBltMode
GetROP2
GetBkColor
GetBkMode
GetTextColor
CreateRoundRectRgn
CreateEllipticRgn
PathToRegion
EndPath
BeginPath
GetWindowOrgEx
GetViewportOrgEx
GetWindowExtEx
GetDIBits
RealizePalette
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SelectPalette
StretchBlt
CreatePalette
GetSystemPaletteEntries
CreateDIBitmap
DeleteObject
SelectClipRgn
CreatePolygonRgn
GetClipRgn
SetStretchBltMode
CreateRectRgnIndirect
SetBkColor
Ellipse
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegSetValueExA
RegQueryValueA
RegCreateKeyExA
RegCloseKey

shell32

Shell_NotifyIconA
ShellExecuteA

ole32

CLSIDFromString
OleUninitialize
OleInitialize

oleaut32

LoadTypeLi
RegisterTypeLi
UnRegisterTypeLi

comctl32

ImageList_GetIcon
ImageList_GetImageCount
ImageList_SetBkColor
ord17
ImageList_Destroy
ImageList_Read
ImageList_Duplicate

comdlg32

ChooseColorA
GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

Sections

.text
Size: 572KB - Virtual size: 571KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
츨12.16ɫ/츨12.16ɫ/gom.dll
.dll windows x86

4923041e4cb39b4f32b023bb454d002f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamRestart
midiStreamClose
midiOutReset
midiStreamStop
midiOutUnprepareHeader
midiStreamOut
midiOutPrepareHeader
midiStreamProperty
midiStreamOpen
waveOutOpen
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutWrite
waveOutPause
waveOutReset
waveOutClose
waveOutGetNumDevs

ws2_32

WSAAsyncSelect
ioctlsocket
getpeername
closesocket
WSACleanup
inet_ntoa
recv
recvfrom
accept

kernel32

GetTimeZoneInformation
GetVersion
VirtualAlloc
VirtualFree
IsBadReadPtr
UnmapViewOfFile
CompareStringW
CompareStringA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadWritePtr
LCMapStringW
LCMapStringA
SetEnvironmentVariableA
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetACP
HeapSize
RaiseException
GetLocalTime
GetSystemTime
RtlUnwind
GetOEMCP
GetCPInfo
GetProcessVersion
SetErrorMode
GlobalFlags
GetCurrentThread
GetFileTime
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
lstrcmpA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpiA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
lstrcpynA
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalFree
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
SetLastError
MultiByteToWideChar
TerminateProcess
GetCurrentProcess
GetFileSize
SetFilePointer
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
ReadFile
GetLastError
WaitForMultipleObjects
CreateFileA
DeviceIoControl
SetEvent
FindResourceA
LoadResource
LockResource
GetModuleFileNameA
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
WinExec
lstrcpyA
FindNextFileA
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetFullPathNameA
FreeLibrary
LoadLibraryA
lstrlenA
GetVersionExA
WritePrivateProfileStringA
GetPrivateProfileStringA
CreateThread
CreateEventA
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
FindFirstFileA
FindClose
GetFileAttributesA
CreateDirectoryA
SetCurrentDirectoryA
GetVolumeInformationA
GetModuleHandleA
GetProcAddress
MulDiv
GetCommandLineA
GetTickCount
CreateProcessA
WaitForSingleObject
CloseHandle
IsBadCodePtr
SetStdHandle
InterlockedExchange
GetStringTypeA

user32

EnableMenuItem
GetSubMenu
GetDlgCtrlID
CreateAcceleratorTableA
CreateMenu
ModifyMenuA
AppendMenuA
CreatePopupMenu
DrawIconEx
CreateIconFromResource
CreateIconFromResourceEx
RegisterClipboardFormatA
SetRectEmpty
DispatchMessageA
GetMessageA
WindowFromPoint
DrawFocusRect
DrawEdge
DrawFrameControl
LoadIconA
TranslateMessage
SystemParametersInfoA
GetDesktopWindow
ClientToScreen
EnumDisplaySettingsA
LoadImageA
ShowWindow
IsWindowEnabled
TranslateAcceleratorA
GetKeyState
GetDlgItem
PostQuitMessage
IsZoomed
GetSystemMenu
DeleteMenu
GetClassInfoA
DefWindowProcA
GetMenu
SetMenu
PeekMessageA
GetClassNameA
IsIconic
SetFocus
GetActiveWindow
GetWindow
DestroyAcceleratorTable
SetWindowRgn
GetMessagePos
ScreenToClient
ChildWindowFromPointEx
CopyRect
LoadBitmapA
WinHelpA
KillTimer
SetTimer
ReleaseCapture
GetCapture
SetCapture
GetScrollRange
SetScrollRange
SetScrollPos
InflateRect
SetRect
IntersectRect
DestroyIcon
PtInRect
OffsetRect
IsWindowVisible
EnableWindow
RedrawWindow
GetWindowLongA
SetWindowLongA
GetSysColor
SetActiveWindow
SetCursorPos
LoadCursorA
SetCursor
GetDC
FillRect
InvertRect
IsRectEmpty
ScrollDC
ReleaseDC
IsChild
DestroyMenu
SetForegroundWindow
GetWindowRect
EqualRect
UpdateWindow
ValidateRect
InvalidateRect
GetClientRect
GetFocus
GetParent
GetTopWindow
PostMessageA
IsWindow
SetParent
DestroyCursor
SendMessageA
SetWindowPos
MessageBoxA
GetCursorPos
GetSystemMetrics
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
wsprintfA
WaitForInputIdle
GetWindowTextA
CopyAcceleratorTableA
GetSysColorBrush
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
RegisterWindowMessageA
GetForegroundWindow
GetLastActivePopup
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetScrollPos
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
UnregisterClassA
LoadStringA

gdi32

ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreatePolygonRgn
SelectClipRgn
CreateDIBitmap
GetSystemPaletteEntries
CreatePalette
StretchBlt
SelectPalette
RealizePalette
GetDIBits
GetWindowExtEx
GetViewportOrgEx
GetWindowOrgEx
BeginPath
EndPath
PathToRegion
CreateEllipticRgn
CreateRoundRectRgn
GetTextColor
GetBkMode
GetBkColor
GetROP2
GetStretchBltMode
GetPolyFillMode
CreateCompatibleBitmap
CreateDCA
CreateBrushIndirect
CreateHatchBrush
CreateBitmap
SetWindowOrgEx
SelectObject
GetObjectA
CreatePen
PatBlt
FillRgn
CreateRectRgn
CombineRgn
CreateSolidBrush
GetStockObject
CreateFontIndirectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
CreateCompatibleDC
SetPixelV
Ellipse
Rectangle
LPtoDP
DPtoLP
GetCurrentObject
RoundRect
Pie
Chord
Arc
Polygon
GetTextExtentPoint32A
GetDeviceCaps
SetBkColor
GetNearestPaletteIndex
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
ExcludeClipRect
MoveToEx
LineTo
ExtSelectClipRgn
GetViewportExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextMetricsA
GetClipRgn
SetStretchBltMode
CreatePatternBrush
DeleteObject
CreateRectRgnIndirect

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegSetValueExA
RegQueryValueA
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteA
Shell_NotifyIconA

ole32

OleInitialize
OleUninitialize
CLSIDFromString

oleaut32

LoadTypeLi
RegisterTypeLi
UnRegisterTypeLi

comctl32

ImageList_GetIcon
ImageList_GetImageCount
ImageList_SetBkColor
ord17
ImageList_Destroy
ImageList_Read
ImageList_Duplicate

comdlg32

GetSaveFileNameA
ChooseColorA
GetFileTitleA
GetOpenFileNameA

Exports

Exports

joggle
��ʼ��

Sections

.text
Size: 820KB - Virtual size: 818KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 220KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 216KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
츨12.16ɫ/츨12.16ɫ/jx.dat
츨12.16ɫ/츨12.16ɫ/jx.dll
.dll windows x86

d9a79a745a929acdbfa02a577f643f0c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
GlobalUnlock
SetStdHandle
IsBadCodePtr
IsBadReadPtr
CompareStringW
CompareStringA
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
IsBadWritePtr
FindClose
LCMapStringW
LCMapStringA
SetEnvironmentVariableA
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetACP
HeapSize
TerminateProcess
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RaiseException
RtlUnwind
GetOEMCP
GetCPInfo
GetProcessVersion
SetErrorMode
GlobalFlags
GetCurrentThread
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
ReadFile
GetLastError
WaitForMultipleObjects
CreateFileA
SetEvent
FindResourceA
LoadResource
LockResource
GetModuleFileNameA
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
WinExec
lstrcpyA
FindNextFileA
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetFullPathNameA
FreeLibrary
LoadLibraryA
lstrlenA
GetVersionExA
WritePrivateProfileStringA
CreateThread
CreateEventA
Sleep
GlobalAlloc
GlobalLock
GetFileTime
GetFileSize
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
lstrcmpA
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpiA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
lstrcpynA
SetLastError
GetFileAttributesA
SetCurrentDirectoryA
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetVolumeInformationA
GetModuleHandleA
GetProcAddress
MulDiv
GetCommandLineA
GetTickCount
WaitForSingleObject
VirtualAlloc
CloseHandle

user32

OpenClipboard
GetClipboardData
CloseClipboard
SetClipboardData
EmptyClipboard
wsprintfA
GetSystemMetrics
GetCursorPos
MessageBoxA
SetWindowPos
SendMessageA
DestroyCursor
SetParent
IsWindow
PostMessageA
GetTopWindow
GetParent
GetFocus
GetClientRect
InvalidateRect
ValidateRect
UpdateWindow
EqualRect
GetWindowRect
SetForegroundWindow
DestroyMenu
IsChild
ReleaseDC
IsRectEmpty
FillRect
SystemParametersInfoA
TranslateMessage
LoadIconA
DrawFrameControl
DrawEdge
DrawFocusRect
WindowFromPoint
GetMessageA
DispatchMessageA
SetRectEmpty
RegisterClipboardFormatA
CreateIconFromResourceEx
CreateIconFromResource
DrawIconEx
CreatePopupMenu
AppendMenuA
ModifyMenuA
CreateMenu
CreateAcceleratorTableA
ShowWindow
IsWindowEnabled
TranslateAcceleratorA
CopyAcceleratorTableA
PostQuitMessage
IsZoomed
GetClassInfoA
DefWindowProcA
GetDlgCtrlID
GetSubMenu
EnableMenuItem
ClientToScreen
EnumDisplaySettingsA
LoadImageA
GetKeyState
GetMenu
SetMenu
PeekMessageA
IsIconic
SetFocus
GetActiveWindow
GetWindow
DestroyAcceleratorTable
SetWindowRgn
GetMessagePos
ScreenToClient
ChildWindowFromPointEx
CopyRect
LoadBitmapA
WinHelpA
KillTimer
SetTimer
ReleaseCapture
GetWindowTextA
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetDlgItem
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
RegisterWindowMessageA
GetDC
GetLastActivePopup
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetScrollPos
GetForegroundWindow
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
GetClassNameA
GetDesktopWindow
UnregisterClassA
LoadStringA
GetSysColorBrush
GetCapture
SetCapture
GetScrollRange
SetScrollRange
SetScrollPos
InflateRect
SetRect
IntersectRect
DestroyIcon
PtInRect
OffsetRect
IsWindowVisible
EnableWindow
RedrawWindow
GetWindowLongA
SetWindowLongA
GetSysColor
SetActiveWindow
SetCursorPos
LoadCursorA
SetCursor

gdi32

SaveDC
SetBkColor
CreateRectRgnIndirect
SetStretchBltMode
GetClipRgn
CreatePolygonRgn
SelectClipRgn
DeleteObject
CreateDIBitmap
GetSystemPaletteEntries
CreatePalette
StretchBlt
SelectPalette
RealizePalette
GetDIBits
BeginPath
EndPath
PathToRegion
CreateEllipticRgn
CreateRoundRectRgn
GetWindowExtEx
GetViewportOrgEx
GetWindowOrgEx
GetTextColor
GetBkMode
GetBkColor
GetROP2
GetStretchBltMode
GetPolyFillMode
CreateCompatibleBitmap
CreateDCA
CreateBitmap
SelectObject
GetObjectA
CreatePen
PatBlt
FillRgn
CreateRectRgn
CombineRgn
CreateSolidBrush
GetStockObject
CreateFontIndirectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
CreateCompatibleDC
Ellipse
Rectangle
LPtoDP
DPtoLP
GetCurrentObject
RoundRect
GetTextExtentPoint32A
GetDeviceCaps
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
GetTextMetricsA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetViewportExtEx
ExtSelectClipRgn
LineTo
MoveToEx
ExcludeClipRect
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode

winmm

waveOutReset
midiStreamRestart
midiStreamClose
midiOutReset
midiStreamStop
midiStreamOut
midiOutPrepareHeader
midiStreamProperty
midiStreamOpen
midiOutUnprepareHeader
waveOutOpen
waveOutGetNumDevs
waveOutClose
waveOutUnprepareHeader
waveOutPause
waveOutWrite
waveOutPrepareHeader

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA

shell32

Shell_NotifyIconA
ShellExecuteA

ole32

OleUninitialize
CLSIDFromString
OleInitialize

oleaut32

UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi

comctl32

ImageList_Destroy
ord17

ws2_32

ioctlsocket
recv
getpeername
accept
inet_ntoa
WSACleanup
closesocket
WSAAsyncSelect
recvfrom

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA

Exports

Exports

joggle

Sections

.text
Size: 428KB - Virtual size: 427KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
츨12.16ɫ/츨12.16ɫ/ly.dat
츨12.16ɫ/츨12.16ɫ/qingtiandata.dat
츨12.16ɫ/츨12.16ɫ/sky.dll
.dll windows x86

91a49fa438a70ea8e8cfc02d537d32b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamRestart
midiStreamClose
midiOutReset
midiStreamStop
midiOutUnprepareHeader
midiStreamOut
midiOutPrepareHeader
midiStreamProperty
midiStreamOpen
waveOutOpen
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutWrite
waveOutPause
waveOutReset
waveOutClose
waveOutGetNumDevs

ws2_32

WSAAsyncSelect
ioctlsocket
getpeername
closesocket
WSACleanup
inet_ntoa
recv
recvfrom
accept

kernel32

GetTimeZoneInformation
GetVersion
VirtualAlloc
VirtualFree
IsBadReadPtr
UnmapViewOfFile
CompareStringW
CompareStringA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadWritePtr
LCMapStringW
LCMapStringA
SetEnvironmentVariableA
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetACP
HeapSize
RaiseException
GetLocalTime
GetSystemTime
RtlUnwind
GetOEMCP
GetCPInfo
GetProcessVersion
SetErrorMode
GlobalFlags
GetCurrentThread
GetFileTime
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
lstrcmpA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpiA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
lstrcpynA
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalFree
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
SetLastError
MultiByteToWideChar
TerminateProcess
GetCurrentProcess
GetFileSize
SetFilePointer
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
ReadFile
GetLastError
WaitForMultipleObjects
CreateFileA
DeviceIoControl
SetEvent
FindResourceA
LoadResource
LockResource
GetModuleFileNameA
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
WinExec
lstrcpyA
FindNextFileA
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetFullPathNameA
FreeLibrary
LoadLibraryA
lstrlenA
GetVersionExA
WritePrivateProfileStringA
GetPrivateProfileStringA
CreateThread
CreateEventA
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
FindFirstFileA
FindClose
GetFileAttributesA
DeleteFileA
CreateDirectoryA
SetCurrentDirectoryA
GetVolumeInformationA
GetModuleHandleA
GetProcAddress
MulDiv
GetCommandLineA
GetTickCount
WaitForSingleObject
CloseHandle
IsBadCodePtr
SetStdHandle
InterlockedExchange
GetStringTypeA

user32

EnableMenuItem
GetSubMenu
GetDlgCtrlID
CreateAcceleratorTableA
CreateMenu
ModifyMenuA
AppendMenuA
CreatePopupMenu
DrawIconEx
CreateIconFromResource
CreateIconFromResourceEx
RegisterClipboardFormatA
SetRectEmpty
DispatchMessageA
GetMessageA
WindowFromPoint
DrawFocusRect
DrawEdge
DrawFrameControl
LoadIconA
TranslateMessage
SystemParametersInfoA
GetDesktopWindow
ClientToScreen
EnumDisplaySettingsA
LoadImageA
ShowWindow
IsWindowEnabled
TranslateAcceleratorA
GetKeyState
GetDlgItem
PostQuitMessage
IsZoomed
GetSystemMenu
DeleteMenu
GetClassInfoA
DefWindowProcA
GetMenu
SetMenu
PeekMessageA
GetClassNameA
IsIconic
SetFocus
GetActiveWindow
GetWindow
DestroyAcceleratorTable
SetWindowRgn
GetMessagePos
ScreenToClient
ChildWindowFromPointEx
CopyRect
LoadBitmapA
WinHelpA
KillTimer
SetTimer
ReleaseCapture
GetCapture
SetCapture
GetScrollRange
SetScrollRange
SetScrollPos
InflateRect
SetRect
IntersectRect
DestroyIcon
PtInRect
OffsetRect
IsWindowVisible
EnableWindow
RedrawWindow
GetWindowLongA
SetWindowLongA
GetSysColor
SetActiveWindow
SetCursorPos
LoadCursorA
SetCursor
GetDC
FillRect
InvertRect
IsRectEmpty
ScrollDC
ReleaseDC
IsChild
DestroyMenu
SetForegroundWindow
GetWindowRect
EqualRect
UpdateWindow
ValidateRect
InvalidateRect
GetClientRect
GetFocus
GetParent
GetTopWindow
PostMessageA
IsWindow
SetParent
DestroyCursor
SendMessageA
SetWindowPos
MessageBoxA
GetCursorPos
GetSystemMetrics
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
wsprintfA
GetWindowTextA
CopyAcceleratorTableA
GetSysColorBrush
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
RegisterWindowMessageA
GetForegroundWindow
GetLastActivePopup
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetScrollPos
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
UnregisterClassA
LoadStringA

gdi32

ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreatePolygonRgn
SelectClipRgn
CreateDIBitmap
GetSystemPaletteEntries
CreatePalette
StretchBlt
SelectPalette
RealizePalette
GetDIBits
GetWindowExtEx
GetViewportOrgEx
GetWindowOrgEx
BeginPath
EndPath
PathToRegion
CreateEllipticRgn
CreateRoundRectRgn
GetTextColor
GetBkMode
GetBkColor
GetROP2
GetStretchBltMode
GetPolyFillMode
CreateCompatibleBitmap
CreateDCA
CreateBrushIndirect
CreateHatchBrush
CreateBitmap
SetWindowOrgEx
SelectObject
GetObjectA
CreatePen
PatBlt
FillRgn
CreateRectRgn
CombineRgn
CreateSolidBrush
GetStockObject
CreateFontIndirectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
CreateCompatibleDC
SetPixelV
Ellipse
Rectangle
LPtoDP
DPtoLP
GetCurrentObject
RoundRect
Pie
Chord
Arc
Polygon
GetTextExtentPoint32A
GetDeviceCaps
SetBkColor
GetNearestPaletteIndex
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
ExcludeClipRect
MoveToEx
LineTo
ExtSelectClipRgn
GetViewportExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextMetricsA
GetClipRgn
SetStretchBltMode
CreatePatternBrush
DeleteObject
CreateRectRgnIndirect

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegSetValueExA
RegQueryValueA
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteA
Shell_NotifyIconA

ole32

OleInitialize
OleUninitialize
CLSIDFromString

oleaut32

LoadTypeLi
RegisterTypeLi
UnRegisterTypeLi

comctl32

ImageList_GetIcon
ImageList_GetImageCount
ImageList_SetBkColor
ord17
ImageList_Destroy
ImageList_Read
ImageList_Duplicate

comdlg32

GetSaveFileNameA
ChooseColorA
GetFileTitleA
GetOpenFileNameA
ChooseFontA

Exports

Exports

joggle

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 676KB - Virtual size: 673KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 236KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
츨12.16ɫ/츨12.16ɫ/temp.dat
.exe windows x86

111a8b78a1d8aa470936ce9b1afa58af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeProcess
GetStringTypeW
WriteConsoleW
SetEnvironmentVariableA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetFileAttributesA
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
MultiByteToWideChar
HeapSize
HeapQueryInformation
ExitThread
VirtualQuery
GetSystemInfo
VirtualAlloc
RtlUnwind
HeapReAlloc
HeapAlloc
HeapFree
DecodePointer
EncodePointer
GetStartupInfoW
GetConsoleMode
GetCommandLineW
FindResourceExW
VirtualProtect
SearchPathW
GetProfileIntW
InitializeCriticalSectionAndSpinCount
GetTempPathW
GetTempFileNameW
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
GetFileAttributesExW
SetErrorMode
GetNumberFormatW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
lstrcmpiW
lstrcpyW
GetCurrentDirectoryW
GlobalGetAtomNameW
TlsFree
GetConsoleCP
GetTimeZoneInformation
HeapSetInformation
LCMapStringW
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
InterlockedIncrement
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
FileTimeToSystemTime
GetThreadLocale
GetCurrentProcessId
WaitForSingleObject
ResumeThread
SetThreadPriority
RaiseException
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
InterlockedExchange
WideCharToMultiByte
CopyFileW
GlobalSize
GlobalAlloc
FormatMessageW
LocalFree
MulDiv
lstrlenW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
LoadLibraryW
ActivateActCtx
DeactivateActCtx
SetLastError
lstrcmpW
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
QueryDosDeviceW
DeviceIoControl
FreeLibrary
GetProcAddress
LoadLibraryA
CreateThread
MoveFileExW
MoveFileW
WinExec
GetModuleHandleW
lstrcatA
GetModuleFileNameA
GetEnvironmentVariableA
GetTickCount
IsWow64Process
ExitProcess
Sleep
CreateProcessA
WriteFile
CreateFileW
DeleteFileW
GetWindowsDirectoryW
GetModuleFileNameW
CloseHandle
lstrlenA
GetCurrentProcess
CreateMutexW
FindResourceW
LoadResource
LockResource
SizeofResource
GetLastError

user32

EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetKeyNameTextW
RegisterClipboardFormatW
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFrameControl
DrawEdge
DrawStateW
GetSystemMenu
SetClassLongW
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
UnpackDDElParam
ReuseDDElParam
LoadMenuW
LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
DrawIconEx
LoadImageW
CopyImage
GetIconInfo
NotifyWinEvent
EnableScrollBar
HideCaret
DrawFocusRect
InvertRect
GetAsyncKeyState
MapVirtualKeyW
GetMenuDefaultItem
RedrawWindow
UnregisterClassW
CharUpperW
DestroyIcon
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableW
SetLayeredWindowAttributes
EnumDisplayMonitors
KillTimer
SetTimer
InvalidateRect
DeleteMenu
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
IntersectRect
LoadCursorW
GetSysColorBrush
RealChildWindowFromPoint
OffsetRect
CharNextW
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
GetWindowThreadProcessId
ShowOwnedPopups
SetCursor
GetMessageW
TranslateMessage
ValidateRect
SetWindowContextHelpId
MapDialogRect
IsCharLowerW
GetMenuStringW
InsertMenuW
RemoveMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
MapVirtualKeyExW
UnionRect
UpdateLayeredWindow
MonitorFromPoint
IsMenu
PostThreadMessageW
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
CreateMenu
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CopyIcon
CharUpperBuffW
GetDoubleClickTime
GetWindowRgn
DestroyCursor
PostQuitMessage
SubtractRect
GetSysColor
AdjustWindowRectEx
GetWindowRect
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowPos
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
AppendMenuW
CreatePopupMenu
GetCursorPos
UnhookWindowsHookEx
MessageBoxW
SetWindowsHookExW
MessageBoxA
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
PostMessageW
SetWindowLongW
GetWindowLongW
SendMessageW
wsprintfW
LoadIconW
EnableWindow
SetRectEmpty

gdi32

DPtoLP
CreateDIBitmap
CreateCompatibleBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetRgnBox
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
OffsetRgn
EnumFontFamiliesExW
PatBlt
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceW
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
CombineRgn
GetMapMode
SetWindowOrgEx
SetRectRgn
CreateRectRgnIndirect
GetTextMetricsW
GetTextColor
GetBkColor
GetTextExtentPoint32W
CreateFontIndirectW
CreateDCW
CopyMetaFileW
CreateHatchBrush
CreateSolidBrush
CreatePen
GetDeviceCaps
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreateBitmap
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
SetTextColor
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetObjectW
SetBkColor

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegQueryValueW
CreateServiceW
OpenServiceW
StartServiceW
DeleteService
CloseServiceHandle
RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegEnumValueW
OpenSCManagerW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegQueryValueExW

shell32

SHBrowseForFolderW
SHChangeNotify
Shell_NotifyIconW
SHGetFileInfoW
SHGetDesktopFolder
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteW
DragFinish
SHAppBarMessage
SHGetSpecialFolderPathW
DragQueryFileW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathAppendW
PathAddExtensionW
PathRemoveFileSpecW
SHDeleteKeyW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW

ole32

OleCreateMenuDescriptor
CreateStreamOnHGlobal
CoInitializeEx
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromProgID
OleDestroyMenuDescriptor
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
CoCreateInstance
CoUninitialize
CoInitialize
CoRevokeClassObject
CoRegisterMessageFilter
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoCreateGuid
CLSIDFromString

oleaut32

SysFreeString
OleCreateFontIndirect
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SafeArrayCreate
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnaccessData
SysStringLen
LoadRegTypeLi
DispCallFunc
VariantCopy
VariantInit
VariantChangeType
SysAllocStringLen
SysAllocString
VariantClear

oledlg

OleUIBusyW

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipSetInterpolationMode
GdipDrawImageI

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 956KB - Virtual size: 955KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
츨12.16ɫ/츨12.16ɫ/ty.dat
.exe windows x86

bf1481ed65fed5d9d77e9e96e54129ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
HeapReAlloc
HeapSize
IsValidLocale
GetCommandLineA
HeapSetInformation
RaiseException
WideCharToMultiByte
IsDebuggerPresent
MultiByteToWideChar
lstrlenA
LoadLibraryW
SetUnhandledExceptionFilter
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
GetCurrentThread
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
UnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
FreeLibrary
HeapFree
HeapAlloc
GetProcessHeap
VirtualQuery
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
SetConsoleCtrlHandler
InterlockedExchange
GetLocaleInfoW
Sleep
RtlUnwind
LCMapStringW
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsProcessorFeaturePresent
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

Exports

Exports

�(��z'��wU�5Q�è��{@��קp!�դǞ$K�:�TK/e>��<R%�vE��j?�i�wdW�� {�2c�U2Mb�2��V� L��a�D+��"��s~�}%��>��Sy�Ql�N�i�� Bk$>�fT��CB��N��Y ��TY|�KGfG��^��]1c�Ɩ��r[k�%��_$��/��6��2�s��&��=- ��j��²�'��'u��%�w|��~ژ�ζ�N��V��D�T�w��ʲ!մ��B��l�^y>&4T��%N�:5\�V`�N�^?��y{��l��ĩ��l�o��1L3��+0�� !�xEip�<$��'u�;�Q>�4�0��.o��݉��*�JJ4I��=b��2�ObՌ1��@�u�,�\_vdi`΂Ϡa[��p��q��w��2��O}��7��V"��߿�4Y��WbꔄUF��&_�ȎE��Ƙ��N�]SKG��W�M�χ #�؟K��9��rU��i��9v£�8N?�D��2�=�?��7GL�(��Gzb�+O��;M�E��g��<TH50T)�c�c��&~'M^�b��G*xòw$4��0=�7��Jkg_nI��>)��᜽Ķ�P�|q��~��E��(�O'"q%��)��$�I��ܚ��o&�w�W�(>7��ܩo��Kg�b�|k�v�`S� 'g�G�9��t�<�I��,��?�P�7&#up�1 K�o�U��"�bo��(��TSE^�}��o�)��X�\�1WBs��}<d2�V&�"�ԗ�B�qF��֐��P�1�o�㑯�ߦ��l��V<9�a�^��$��s��t��ҙ��V6�� RΫ��JJ�=�͐�� L&�C�:Á��ۀ"Y�"��s��G �a�� I˹��C��L��W|��n�ܑ.<�EH�� eX��Ž;��aZg�X�H��Y(�̛�D��I��Hq_��{<~d!�)zTc$q�B��áE�p��@Zk~7�f��A�ULS��Ι��K��%C��"^l0T.��]�(��g��^NW�E�8.�^#��`� �q�QϤ�}uX\[�}d��s�e��P��l�O��;�f�V� ��u��t�ˁ�H$�l�R��<g��!��Ê ~^0h��2 Q��l��c㯝��D�!�3�WL�n� r�Y�L{ڶ�:F��'�̰ű�`�iHW��6�vsy>@�B0Cb��9�a�i��i��ҵ��70�+d��dj�N��Wef�i!� L�H��O��35�N��pF��[s��̱��8H��^��E)��%J;��˝2��#b��Hɴ?c�x�] xZ��4�%�b�ޙyH2�n�s'�XE�p��~¾��>8yqqF�D�.��s�L�ʺvv�c2�>��?��o�0_Y� c�,Lk QQ�&��7��~?��SK�9dL�y��REn��.�?I��E�Xb�q~% ;>�v�/n�բ�$d��i�K��X{�4RWuX��1��c�ؔ�cҶv�u�-&1��a4�:�|X{*A�/H��$!��S��R�3?8�Y��ǁ\�ϛ"7$IE��<��qg��!ٍG Z�)�0��v�Fؕ��~K�C�e��2f��8e��rH.)��l��R}EBS��<�L�y�n͞,0��@;�� /� T�&{Pt�4�u@��)Y�y�uh��'�nI#�)G9b�=� �|��-Kϐ8XA��Ι�nb�w��6��a��Ÿ�ษ��{݆��Btm[��^��P�͞ s��4�"տ��o��o��/�61��*X�6q�h�yR��Z�9C�FN��#,[�Ls@ڳ��*��9_�^��Z�LKж��l��Y.��e-1�o��:��!�G��^f��ڙ/<�S�q�0 Բw��^{c�]R��'��Ý��Wݩ}��7f�ʬ쨥U�h013nT��Uo�H�P�:Wx.�%��=�-�@�߆�5xR�-��f��?��Y(��dj��h+��ڢ��bd��P��?q�蕕y��n�z�Vr�}��҅�!v ��;K�x�,�m��-��釈S��-��F��z�W�bVqGx5|�� 7Z�lE��y��6-4��L>]�۫ȣ�B�#t_[�6�YCĖ��O�b5=��ګ�y�-�#�r��HZC��j�8ʗںV�z��I��!�)�-��;g%��?��Kvu��t8)/�'jW�[��nF�6SB{�|sd%��l�C��C*��BwZ�F��1�s�yWp�E�*�=u��7��DGe�G��(_�O�LςjG��.��ݓ�C�� }�2F��pk��g��|��/*�`5�-�J��'֣��~_o��ٍ �5�ͯ`�EV�z%�+�� C��w�<W��)�,�+H��aQ�`Z�_�2�f;Viº�g� k�݉T��iNfM��a�}�%6��%��S*Ր�+?�_�c�|�ӊ�2c_�)^A��Ӿ`V��+��D3��4��h��ՙm�F��.R'lDꆏ ��7��F�ʷ�U9��ϼ��`u��!�u�#v0p��F��mFQ�>i��*�w��g��Q�y�zG�^��K�4� O�1qMP�/б��]�ak؀*#�+��{�a|nF�M��Cg��)wVH��xA�(�m:�[h�<�C_�R��Е�R�)e�T;�2g��RY7��M� o�G��]�EI�Ǩ:S%s��_C�IEԼ��o�ł��"�ذOV��@GpW?�e�B�)�f=qQV�� C

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.se0
Size: - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.se1
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 494B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
츨12.16ɫ/츨12.16ɫ/ty.dll
.dll windows x86

5b7ec16ed19ff7926ee7bae0090291d2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateToolhelp32Snapshot
Module32First
Module32Next
ReadProcessMemory
VirtualProtect
WriteProcessMemory
VirtualQueryEx
GetCurrentThreadId
OpenProcess
GetProcAddress
DisableThreadLibraryCalls
HeapCreate
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
IsBadCodePtr
GetTickCount
GetModuleHandleA
VirtualAllocEx
VirtualFreeEx
CloseHandle
GetLastError
GetCurrentProcess
CreateFileW
WriteConsoleW
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
EncodePointer
DecodePointer
GetCommandLineA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
IsProcessorFeaturePresent
RaiseException
Sleep
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringW
MultiByteToWideChar
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
RtlUnwind
HeapReAlloc
FlushFileBuffers

advapi32

LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges

psapi

GetModuleFileNameExA

Exports

Exports

QW50aUdhbWVscM90ZWN0U3RHcnQ

Sections

.text
Size: 267KB - Virtual size: 266KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

HookStub
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vp0
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 434B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
츨12.16ɫ/츨12.16ɫ/update.exe
.exe windows x86

e303a9a374a42905565cf07442368623

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
FreeLibrary
GetModuleFileNameA
WriteFile
SetFilePointer
CreateFileA
GetTickCount
MoveFileA
CopyFileA
Sleep
DeleteFileA
GetStartupInfoA
CreateProcessA
WaitForSingleObject
CloseHandle
InterlockedExchange
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetCommandLineA
IsBadReadPtr
HeapReAlloc
ExitProcess
VirtualFree
GetProcAddress
LoadLibraryA
VirtualAlloc
lstrcpynA
WideCharToMultiByte
LocalSize
HeapAlloc
HeapFree
GetProcessHeap
RtlMoveMemory
SetStdHandle
IsBadCodePtr
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
LCMapStringW
IsBadWritePtr
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
MultiByteToWideChar
GetModuleHandleA
Module32First
CreateToolhelp32Snapshot
lstrcpyn
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetACP
HeapSize
RaiseException
RtlUnwind
GetOEMCP
GetCPInfo
SetErrorMode
GetProcessVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
WritePrivateProfileStringA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
FlushFileBuffers
LocalFree
MulDiv
InterlockedDecrement
InterlockedIncrement
CreateThread
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateThread
Process32Next
Process32First
GetLastError
GetCurrentProcess
GetVersionExA
TerminateProcess
OpenProcess
lstrcpyA
lstrlenA
SetLastError
lstrcatA
LockResource
LoadResource
FindResourceA
GetVersion
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom

shlwapi

PathFileExistsA

user32

EndPaint
BeginPaint
GetDlgItem
LoadIconA
CreateWindowExA
GetWindowLongA
PeekMessageA
GetMessageA
TranslateMessage
IsWindow
GetClassNameA
SetFocus
GetFocus
GetWindowRect
CallWindowProcA
GetParent
ScreenToClient
GetTopWindow
GetAsyncKeyState
DefWindowProcA
GetClientRect
EndDialog
DestroyWindow
SendMessageA
DefMDIChildProcA
LoadCursorA
SetCursor
TrackMouseEvent
DestroyIcon
PostQuitMessage
SetWindowLongA
DestroyCursor
ValidateRect
UpdateWindow
MoveWindow
GetWindowThreadProcessId
FindWindowA
SystemParametersInfoA
GetCursorPos
PtInRect
GetWindow
GetLastActivePopup
SetWindowsHookExA
CallNextHookEx
GetKeyState
GetActiveWindow
GetNextDlgTabItem
EnableMenuItem
ModifyMenuA
LoadBitmapA
GetMenuCheckMarkDimensions
RegisterClipboardFormatA
ClientToScreen
TabbedTextOutA
DrawTextA
GrayStringA
UnhookWindowsHookEx
CreateDialogIndirectParamA
SetActiveWindow
GetDlgCtrlID
IsDialogMessageA
GetWindowPlacement
GetForegroundWindow
GetMessagePos
GetMessageTime
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
SetWindowPos
CopyRect
AdjustWindowRectEx
MapWindowPoints
GetSysColorBrush
LoadStringA
UnregisterClassA
PostThreadMessageA
DispatchMessageA
wsprintfA
SetMenuDefaultItem
SetMenuItemBitmaps
SetMenuItemInfoA
CheckMenuItem
RemoveMenu
MenuItemFromPoint
GetMenuDefaultItem
GetMenuInfo
GetMenuState
GetMenuItemRect
GetMenuItemInfoA
GetMenuStringA
TrackPopupMenu
SetForegroundWindow
CheckMenuRadioItem
GetMenuItemID
GetSubMenu
SetMenuInfo
InsertMenuA
GetMenuItemCount
AppendMenuA
DestroyMenu
LoadMenuA
GetSystemMenu
CreatePopupMenu
CreateMenu
ReleaseDC
GetDC
GetDialogBaseUnits
SendDlgItemMessageA
SetDlgItemTextA
GetDlgItemTextA
SetDlgItemInt
GetDlgItemInt
CreateDialogParamA
DialogBoxParamA
GetClassInfoExA
RegisterClassExA
UnregisterHotKey
RegisterHotKey
RegisterWindowMessageA
DrawMenuBar
SetMenu
GetMenu
GetSystemMetrics
IsZoomed
IsIconic
GetSysColor
FillRect
SetClassLongA
GetClassLongA
SetRect
SetWindowRgn
RemovePropA
GetPropA
SetPropA
MessageBoxA
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
EnableWindow
IsWindowEnabled
ShowWindow
IsWindowVisible
SetParent
PostMessageA
InvalidateRect

gdi32

CreateBitmap
GetDeviceCaps
DeleteObject
GetObjectA
CreateCompatibleDC
CreateDIBSection
DeleteDC
SelectObject
BitBlt
ExtCreateRegion
CombineRgn
CreateRoundRectRgn
StretchBlt
CreateSolidBrush
CreatePatternBrush
SetTextColor
SetBkMode
SetBkColor
GetStockObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
RestoreDC
SaveDC

shell32

DragAcceptFiles
Shell_NotifyIconA
DragQueryFileA
DragFinish

comctl32

InitCommonControlsEx
ord17

ole32

OleFlushClipboard
CLSIDFromString
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleIsCurrentClipboard

wininet

InternetGetConnectedState
InternetOpenA
InternetOpenUrlA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle

atl

ord11
ord10
ord42
ord47

oledlg

ord8

oleaut32

VariantChangeType
VariantInit
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElemsize
VarR8FromCy
VarR8FromBool
SafeArrayCreate
SysAllocString
VariantClear
SafeArrayDestroy

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegSetValueExA

Sections

.text
Size: 204KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
츨12.16ɫ/츨12.16ɫ/wd.dat
츨12.16ɫ/츨12.16ɫ/ws.dat
츨12.16ɫ/츨12.16ɫ/ws.dll
츨12.16ɫ/츨12.16ɫ/yx.dat
츨12.16ɫ/츨12.16ɫ/ű/װ
츨12.16ɫ/츨12.16ɫ/ű/Զ
츨12.16ɫ/츨12.16ɫ/ļ/SKY/00.ini
츨12.16ɫ/츨12.16ɫ/ļ/SKY/1.76.ini
츨12.16ɫ/츨12.16ɫ/ļ/SKY/1.85.ini
츨12.16ɫ/츨12.16ɫ/ļ/SKY/PK.ini
츨12.16ɫ/츨12.16ɫ/ļ/SKY/.ini
츨12.16ɫ/츨12.16ɫ/ļ/SKY/һ.ini
츨12.16ɫ/츨12.16ɫ/ļ/SKY/ʧٵ.ini
츨12.16ɫ/츨12.16ɫ/ļ/SKY/ʧ౶.ini
츨12.16ɫ/츨12.16ɫ/ļ/SKY/.ini
츨12.16ɫ/츨12.16ɫ/ļ/SKY/б౶.ini
츨12.16ɫ/츨12.16ɫ/ļ/SKY/бӰ.ini
츨12.16ɫ/츨12.16ɫ/ļ/config.ini
츨12.16ɫ/츨12.16ɫ/츨12.16ɫ.exe
.exe windows x86

d21b66ced11e375c323d1cc90edca26d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite
waveOutPause
waveOutReset
waveOutClose
waveOutGetNumDevs
waveOutOpen
midiOutUnprepareHeader
midiStreamOpen
midiStreamProperty
midiOutPrepareHeader
midiStreamOut
midiStreamStop
midiOutReset
midiStreamClose
midiStreamRestart

ws2_32

accept
getpeername
inet_ntoa
WSAStartup
WSACleanup
select
send
closesocket
WSAAsyncSelect
recv
ioctlsocket
recvfrom

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerLanguageNameA

rasapi32

RasGetConnectStatusA
RasHangUpA

kernel32

GetWindowsDirectoryA
GetSystemDirectoryA
MultiByteToWideChar
SetLastError
GetTimeZoneInformation
GetVersion
VirtualAlloc
VirtualFree
IsBadReadPtr
FileTimeToSystemTime
GetVolumeInformationA
SetCurrentDirectoryA
CreateDirectoryA
InterlockedExchange
IsBadCodePtr
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
IsBadWritePtr
LCMapStringW
LCMapStringA
SetEnvironmentVariableA
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
SetStdHandle
GetACP
HeapSize
RaiseException
GetLocalTime
GetSystemTime
RtlUnwind
GetStartupInfoA
GetOEMCP
GetCPInfo
GetProcessVersion
SetErrorMode
GlobalFlags
GetCurrentThread
GetFileTime
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
lstrcmpA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpiA
GetThreadLocale
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
lstrcpynA
FileTimeToLocalFileTime
FormatMessageA
LocalFree
InterlockedDecrement
InterlockedIncrement
DeleteFileA
GetFileAttributesA
FindClose
FindFirstFileA
GetTempPathA
GetProcAddress
MulDiv
GetCommandLineA
GetTickCount
CreateProcessA
GetModuleHandleA
WaitForSingleObject
CloseHandle
GlobalUnlock
GlobalLock
GlobalAlloc
Sleep
CreateEventA
CreateThread
GetPrivateProfileStringA
WritePrivateProfileStringA
GetVersionExA
lstrlenA
LoadLibraryA
FreeLibrary
GetFullPathNameA
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
TerminateProcess
GetCurrentProcess
GetFileSize
SetFilePointer
WideCharToMultiByte
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
ReadFile
GetLastError
WaitForMultipleObjects
CreateFileA
DeviceIoControl
SetEvent
FindResourceA
LoadResource
LockResource
GetModuleFileNameA
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
WinExec
lstrcpyA
FindNextFileA
GlobalReAlloc

user32

wsprintfA
WaitForInputIdle
SetRect
CloseClipboard
GetClipboardData
OpenClipboard
SetClipboardData
EmptyClipboard
PostThreadMessageA
GetNextDlgGroupItem
GetSysColorBrush
GetForegroundWindow
SetWindowTextA
GetWindowTextA
FindWindowExA
GetDlgItem
GetClassNameA
GetDesktopWindow
SystemParametersInfoA
TranslateMessage
LoadIconA
DrawFrameControl
DrawEdge
DrawFocusRect
WindowFromPoint
GetMessageA
DispatchMessageA
SetRectEmpty
RegisterClipboardFormatA
CreateIconFromResourceEx
CreateIconFromResource
DrawIconEx
CreatePopupMenu
AppendMenuA
ModifyMenuA
CreateMenu
CreateAcceleratorTableA
GetDlgCtrlID
GetSubMenu
EnableMenuItem
ClientToScreen
EnumDisplaySettingsA
LoadImageA
LoadStringA
MapDialogRect
SetWindowContextHelpId
CharNextA
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
MoveWindow
IsDialogMessageA
ScrollWindowEx
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
GetScrollPos
RegisterClassA
GetMenuItemCount
GetMenuItemID
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
ShowWindow
IsWindowEnabled
TranslateAcceleratorA
GetKeyState
CopyAcceleratorTableA
PostQuitMessage
IsZoomed
GetSystemMenu
DeleteMenu
GetClassInfoA
DefWindowProcA
GetMenu
SetMenu
PeekMessageA
IsIconic
SetFocus
GetActiveWindow
GetWindow
DestroyAcceleratorTable
SetWindowRgn
GetMessagePos
ScreenToClient
ChildWindowFromPointEx
CopyRect
LoadBitmapA
WinHelpA
KillTimer
SetTimer
ReleaseCapture
GetCapture
SetCapture
GetScrollRange
SetScrollRange
SetScrollPos
InflateRect
UnregisterClassA
IntersectRect
DestroyIcon
PtInRect
OffsetRect
IsWindowVisible
EnableWindow
RedrawWindow
GetWindowLongA
SetWindowLongA
GetSysColor
SetActiveWindow
SetCursorPos
LoadCursorA
SetCursor
GetDC
FillRect
InvertRect
IsRectEmpty
ScrollDC
ReleaseDC
IsChild
DestroyMenu
SetForegroundWindow
GetWindowRect
EqualRect
UpdateWindow
ValidateRect
InvalidateRect
GetClientRect
GetFocus
GetParent
GetTopWindow
PostMessageA
IsWindow
SetParent
DestroyCursor
SendMessageA
SetWindowPos
MessageBeep
MessageBoxA
GetCursorPos
GetSystemMetrics
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
RegisterWindowMessageA
GetLastActivePopup
GetMessageTime
RemovePropA

gdi32

ExtSelectClipRgn
GetViewportExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextMetricsA
GetMapMode
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
ExcludeClipRect
MoveToEx
LineTo
GetTextColor
SetBkColor
CreateRectRgnIndirect
SetStretchBltMode
GetClipRgn
CreatePolygonRgn
SelectClipRgn
DeleteObject
CreateDIBitmap
GetSystemPaletteEntries
CreatePalette
StretchBlt
SelectPalette
RealizePalette
GetDIBits
GetWindowExtEx
GetViewportOrgEx
GetWindowOrgEx
BeginPath
EndPath
PathToRegion
CreateEllipticRgn
CreateRoundRectRgn
GetBkMode
GetBkColor
GetROP2
GetStretchBltMode
GetPolyFillMode
CreateCompatibleBitmap
CreateDCA
CreateBrushIndirect
CreateHatchBrush
CreateBitmap
CreatePatternBrush
SelectObject
GetObjectA
CreatePen
PatBlt
FillRgn
CreateRectRgn
CombineRgn
CreateSolidBrush
GetStockObject
CreateFontIndirectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
CreateCompatibleDC
SetPixelV
Ellipse
Rectangle
LPtoDP
DPtoLP
GetCurrentObject
RoundRect
Pie
Chord
Arc
Polygon
GetTextExtentPoint32A
GetDeviceCaps

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegQueryValueA
RegCreateKeyExA

shell32

ShellExecuteA
Shell_NotifyIconA
DragQueryFileA
SHGetSpecialFolderPathA

ole32

CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
OleUninitialize
CoCreateInstance
OleInitialize
RegisterDragDrop
RevokeDragDrop
ReleaseStgMedium

oleaut32

SafeArrayGetLBound
SafeArrayGetDim
SafeArrayUnaccessData
SafeArrayAccessData
SysAllocString
SafeArrayCreate
UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi
OleCreateFontIndirect
SafeArrayGetUBound
SafeArrayGetElemsize
SysFreeString
SysAllocStringLen
SysStringLen
VariantTimeToSystemTime
VariantChangeType
VariantClear
VariantCopy
SysAllocStringByteLen

comctl32

ImageList_GetIcon
ord17
ImageList_Duplicate
ImageList_Read
ImageList_Destroy

oledlg

ord8

wldap32

ord29

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetConnectA
InternetSetOptionA
InternetOpenA
InternetCloseHandle
InternetReadFile

comdlg32

ChooseColorA
GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA

Sections

.text
Size: 708KB - Virtual size: 706KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 339KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
츨12.16ɫ/½ҷ.txt
츨12.16ɫ/վٳ޸ߡؿ.txt

Sharing

General

Malware Config

Signatures

Files

74aa1b215003e47d3db2ffec14e884fa

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

comdlg32

Sections

.text Size: 428KB - Virtual size: 427KB

.rdata Size: 72KB - Virtual size: 69KB

.data Size: 68KB - Virtual size: 191KB

.rsrc Size: 24KB - Virtual size: 21KB

3d859c332b0bf0b0d1a14f49350a54a9

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

comdlg32

Exports

Exports

Sections

.text Size: 840KB - Virtual size: 838KB

.rdata Size: 260KB - Virtual size: 256KB

.data Size: 72KB - Virtual size: 295KB

.vmp0 Size: 248KB - Virtual size: 244KB

.tls Size: 4KB - Virtual size: 24B

.vmp1 Size: 60KB - Virtual size: 56KB

.reloc Size: 52KB - Virtual size: 51KB

.rsrc Size: 24KB - Virtual size: 22KB

30e657f1f40d17e31263ff2a1027d7a5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 19KB - Virtual size: 18KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

a92498414db21a706a4a16a356512c1a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

msvcr100

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 1KB

.text
Size: 428KB - Virtual size: 427KB

.rdata
Size: 72KB - Virtual size: 69KB

.data
Size: 68KB - Virtual size: 191KB

.rsrc
Size: 24KB - Virtual size: 21KB

.text
Size: 840KB - Virtual size: 838KB

.rdata
Size: 260KB - Virtual size: 256KB

.data
Size: 72KB - Virtual size: 295KB

.vmp0
Size: 248KB - Virtual size: 244KB

.tls
Size: 4KB - Virtual size: 24B

.vmp1
Size: 60KB - Virtual size: 56KB

.reloc
Size: 52KB - Virtual size: 51KB

.rsrc
Size: 24KB - Virtual size: 22KB

.text
Size: 19KB - Virtual size: 18KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 860B

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 512B - Virtual size: 366B

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 261KB - Virtual size: 261KB

.data
Size: 23KB - Virtual size: 52KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 160KB - Virtual size: 159KB

.text
Size: 120KB - Virtual size: 117KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 12KB - Virtual size: 9KB

.idata
Size: 4KB - Virtual size: 2KB

.reloc
Size: 8KB - Virtual size: 4KB

.text
Size: 572KB - Virtual size: 571KB

.rdata
Size: 152KB - Virtual size: 148KB

.data
Size: 64KB - Virtual size: 239KB

.vmp0
Size: 84KB - Virtual size: 83KB

.rsrc
Size: 24KB - Virtual size: 22KB