Static task
static1
Behavioral task
behavioral1
Sample
yhdl.exe
Resource
win7-20230621-en
windows7-x64
Behavioral task
behavioral2
Sample
yhdl.exe
Resource
win10v2004-20230621-en
windows10-2004-x64
Target
yhdl.exe
Size
1.4MB
MD5
d6affe0bfbe329109f5dc3e785fce0b4
SHA1
cc340be4c3fcb28c2ad22169eb90cf12ecf017f3
SHA256
8e56c3d8c063172bf227e1980b09c41576440a1c3edef604cf5238f7c7299e3d
SHA512
40c63cfbe2c4d7ad095a871d3e9e53766c10d5f12719bc5f0e75773456807a25b9216d2647e91d3541fa105ac8e5991913d0034a91fcce13fdda6f7c15477388
SSDEEP
24576:PJieAp2G8DMMe8aTG2ZqESziFL8o0b5XzU+EJnjeRaBaAD2COkO1RKG:PJieAdb/8aTpou6oK5XzU+EJnjFBJOkW
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
GetDriveTypeW
GetModuleHandleExW
RtlUnwind
ExitProcess
VirtualQueryEx
ReadProcessMemory
VirtualProtectEx
SuspendThread
GetThreadContext
SetThreadContext
FlushInstructionCache
InterlockedCompareExchange
VirtualProtect
VirtualQuery
LoadLibraryExW
LocalFree
InitializeSListHead
QueryPerformanceCounter
IsProcessorFeaturePresent
UnhandledExceptionFilter
WaitForSingleObjectEx
GetFileType
SetEvent
VirtualFree
VirtualAlloc
GetCPInfo
SystemTimeToTzSpecificLocalTime
ExitThread
FreeLibraryAndExitThread
MoveFileExW
GetStdHandle
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
SetLastError
EncodePointer
GetTickCount
PeekNamedPipe
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetCurrentDirectoryW
ResetEvent
GetFullPathNameW
CreateEventW
InitializeCriticalSection
Module32NextW
Module32FirstW
SetStdHandle
GetExitCodeThread
GetModuleHandleA
ResumeThread
GetConsoleMode
VirtualFreeEx
ReadConsoleW
WriteFile
GetConsoleCP
SetFilePointerEx
FlushFileBuffers
FreeLibrary
CreateRemoteThread
Sleep
GlobalAlloc
WriteProcessMemory
VirtualAllocEx
TerminateProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
lstrcatW
TerminateThread
GetCurrentProcess
GetCurrentThread
SetUnhandledExceptionFilter
GetCurrentProcessId
OpenProcess
CreateFileW
GetCurrentThreadId
GetLocalTime
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleW
GetTimeZoneInformation
FindClose
FindFirstFileExW
IsValidCodePage
CreateThread
FindNextFileW
FindFirstFileW
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
InterlockedDecrement
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
GetProcAddress
WaitForSingleObject
GetNativeSystemInfo
GetVersionExW
CreateDirectoryW
SetEndOfFile
GetDiskFreeSpaceExW
DeleteCriticalSection
DecodePointer
RaiseException
InitializeCriticalSectionAndSpinCount
FindResourceExW
GetFileSize
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindResourceW
GetSystemWow64DirectoryW
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
SetCurrentDirectoryW
DeleteFileW
lstrcmpW
CreateProcessW
GlobalLock
GetStartupInfoW
GlobalUnlock
CreatePipe
GlobalFree
SystemTimeToFileTime
lstrcpynW
GetSystemInfo
FreeResource
LoadLibraryW
UpdateResourceW
BeginUpdateResourceW
EndUpdateResourceW
GetSystemDirectoryW
SetFileAttributesW
LoadResource
LockResource
SizeofResource
UnmapViewOfFile
GetProcessHeap
LCMapStringA
GetSystemPowerStatus
HeapAlloc
GetACP
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
lstrlenW
CloseHandle
GetLastError
ReadFile
SetFilePointer
GetTempPathW
CreateMutexW
lstrcmpiW
GetModuleFileNameW
lstrcpyW
wsprintfW
FindWindowW
IsIconic
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
PostQuitMessage
UpdateLayeredWindow
GetClipboardData
SetForegroundWindow
DispatchMessageW
TranslateMessage
GetMessageW
EnableWindow
GetWindow
GetSystemMetrics
SetWindowRgn
OffsetRect
MessageBoxW
FillRect
TrackMouseEvent
SendMessageW
ReleaseCapture
GetCursorPos
SetCapture
SetLayeredWindowAttributes
ClientToScreen
GetClientRect
ShowWindow
EndPaint
BeginPaint
SetWindowPos
MoveWindow
UnregisterClassW
PrivateExtractIconsW
DestroyWindow
DrawIconEx
SetWindowLongW
LoadImageW
GetDC
GetWindowRect
ReleaseDC
SetCursor
LoadCursorW
PostMessageW
GetWindowLongW
DefWindowProcW
LoadIconW
CreateWindowExW
RegisterClassExW
FtpGetFileSize
FtpOpenFileW
InternetReadFile
HttpAddRequestHeadersW
InternetGetConnectedState
HttpQueryInfoW
HttpSendRequestW
HttpOpenRequestW
GetUrlCacheEntryInfoW
InternetOpenW
InternetConnectW
InternetCloseHandle
InternetSetOptionW
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
PlaySoundW
mciSendStringW
GdipDrawImagePointsI
GdipDrawImageRectI
GdipMeasureString
GdipDrawString
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipResetWorldTransform
GdipDrawImageRectRectI
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipCreateFromHDC
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDisposeImage
GdipCreateSolidFill
GdipCloneBrush
GdipDeleteBrush
GdipSetImageAttributesColorKeys
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipAlloc
GdipFree
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipCloneImage
GdipSaveImageToFile
GdipSaveImageToStream
GdipGetImageWidth
GdipGetImageHeight
GdipImageRotateFlip
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup
GdiplusShutdown
GdipSetSmoothingMode
CertOpenStore
CertCloseStore
CertAddCertificateContextToStore
CertCreateCertificateContext
CertFindCertificateInStore
CertFreeCertificateContext
WinVerifyTrust
URLDownloadToFileW
CreatePen
CreateDIBSection
SetRectRgn
OffsetRgn
SetROP2
CreateRectRgn
DeleteObject
CreateSolidBrush
MoveToEx
LineTo
CreateDCW
GetTextExtentPoint32W
GetObjectW
GetStockObject
CreateFontIndirectW
BitBlt
SelectObject
DeleteDC
CreateCompatibleBitmap
CreateCompatibleDC
CombineRgn
GetObjectA
OleRun
CoCreateInstance
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
VariantChangeType
SysFreeString
VariantInit
VariantClear
SysAllocString
RegSetValueW
RegCreateKeyW
RegOpenKeyW
DeleteService
ControlService
StartServiceW
CloseServiceHandle
OpenServiceW
CreateServiceW
OpenSCManagerW
RegDeleteValueW
RegEnumKeyExW
RegNotifyChangeKeyValue
LookupAccountSidW
GetTokenInformation
OpenProcessToken
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
LookupPrivilegeValueW
AdjustTokenPrivileges
SHGetSpecialFolderPathW
ShellExecuteExW
SHBrowseForFolderW
ShellExecuteW
SHGetPathFromIDListW
Shell_NotifyIconW
SHChangeNotify
GetSaveFileNameW
ChooseColorW
GetOpenFileNameW
StackWalk64
SymGetLineFromAddr64
SymFunctionTableAccess64
SymCleanup
MiniDumpWriteDump
SymInitialize
SymGetModuleInfo64
SymGetSymFromAddr64
SymGetModuleBase64
GetAdaptersInfo
PathFileExistsW
?$TSS0@?1??Instance@CNsApp@@SAAAV2@XZ@4HA
?$TSS0@?1??Instance@CNsDownload@@SAAAV2@XZ@4HA
?$TSS0@?1??Instance@CNsFont@@SAAAV2@XZ@4HA
?$TSS0@?1??Instance@CNsHook@@SAAAV2@XZ@4HA
?$TSS0@?1??Instance@CNsImage@@SAAAV2@XZ@4HA
?$TSS0@?1??Instance@CNsLog@@SAAAV2@XZ@4HA
?$TSS0@?1??Instance@CNsNet@@SAAAV2@XZ@4HA
?$TSS0@?1??Instance@CNsProcess@@SAAAV2@XZ@4HA
?$TSS0@?1??Instance@CNsReg@@SAAAV2@XZ@4HA
?$TSS0@?1??Instance@CNsSkin@@SAAAV2@XZ@4HA
?$TSS0@?1??Instance@CNsThread@@SAAAV2@XZ@4HA
?$TSS0@?1??Instance@CNsUpdate@@SAAAV2@XZ@4HA
?$TSS0@?1??Instance@CNsXml@@SAAAV2@XZ@4HA
?$TSS0@?1??Instance@CNsZlib@@SAAAV2@XZ@4HA
?$TSS0@?1??Instance@CnsDump@@SAAAV2@XZ@4HA
??0CLock@@QAE@XZ
??0CNsApp@@QAE@XZ
??0CNsDC@@QAE@PAUHDC__@@AAUtagRECT@@_N2PAUHWND__@@@Z
??0CNsDC@@QAE@XZ
??0CNsDownload@@QAE@XZ
??0CNsFont@@QAE@ABV0@@Z
??0CNsFont@@QAE@XZ
??0CNsHook@@QAE@XZ
??0CNsImage@@QAE@ABV0@@Z
??0CNsImage@@QAE@XZ
??0CNsInstaller@@QAE@ABV0@@Z
??0CNsInstaller@@QAE@XZ
??0CNsLog@@QAE@ABV0@@Z
??0CNsLog@@QAE@XZ
??0CNsNet@@QAE@XZ
??0CNsPacket@@QAE@ABV0@@Z
??0CNsProcess@@QAE@XZ
??0CNsReg@@QAE@XZ
??0CNsSkin@@QAE@ABV0@@Z
??0CNsSkin@@QAE@XZ
??0CNsThread@@QAE@ABV0@@Z
??0CNsThread@@QAE@XZ
??0CNsUpdate@@QAE@ABV0@@Z
??0CNsUpdate@@QAE@XZ
??0CNsXml@@QAE@ABV0@@Z
??0CNsXml@@QAE@XZ
??0CNsZlib@@QAE@XZ
??0CnsDump@@QAE@ABV0@@Z
??0CnsDump@@QAE@XZ
??1CLock@@QAE@XZ
??1CNsApp@@QAE@XZ
??1CNsDC@@QAE@XZ
??1CNsDownload@@QAE@XZ
??1CNsFont@@QAE@XZ
??1CNsHook@@QAE@XZ
??1CNsImage@@QAE@XZ
??1CNsInstaller@@QAE@XZ
??1CNsLog@@QAE@XZ
??1CNsNet@@QAE@XZ
??1CNsProcess@@QAE@XZ
??1CNsReg@@QAE@XZ
??1CNsSkin@@QAE@XZ
??1CNsThread@@QAE@XZ
??1CNsUpdate@@QAE@XZ
??1CNsXml@@QAE@XZ
??1CNsZlib@@QAE@XZ
??1CnsDump@@QAE@XZ
??4CLock@@QAEAAV0@ABV0@@Z
??4CNsApp@@QAEAAV0@ABV0@@Z
??4CNsDC@@QAEAAV0@ABV0@@Z
??4CNsDownload@@QAEAAV0@ABV0@@Z
??4CNsFont@@QAEAAV0@ABV0@@Z
??4CNsHook@@QAEAAV0@ABV0@@Z
??4CNsImage@@QAEAAV0@ABV0@@Z
??4CNsInstaller@@QAEAAV0@ABV0@@Z
??4CNsLog@@QAEAAV0@ABV0@@Z
??4CNsNet@@QAEAAV0@ABV0@@Z
??4CNsPacket@@QAEAAV0@ABV0@@Z
??4CNsProcess@@QAEAAV0@ABV0@@Z
??4CNsReg@@QAEAAV0@ABV0@@Z
??4CNsSkin@@QAEAAV0@ABV0@@Z
??4CNsThread@@QAEAAV0@ABV0@@Z
??4CNsUpdate@@QAEAAV0@ABV0@@Z
??4CNsXml@@QAEAAV0@ABV0@@Z
??4CNsZlib@@QAEAAV0@$$QAV0@@Z
??4CNsZlib@@QAEAAV0@ABV0@@Z
??4CnsDump@@QAEAAV0@ABV0@@Z
?AddDelInfo@CNsInstaller@@AAE_NAAUtagDelInfo@@@Z
?AddMovie@CNsImage@@QAE_NPAUHWND__@@HPB_WHHHHHHHHPAUHDC__@@@Z
?AddMovie@CNsImage@@QAE_NPAUHWND__@@PB_WHHHHHHHHPAUHDC__@@@Z
?AddShellMenu@@YAHPB_W0H0H@Z
?AddTask@CNsDownload@@QAEHPB_W0@Z
?AddTimer@CNsThread@@AAEPAUtagNsTimer@@AAU2@@Z
?AdjustTokenPrivilegesForNT@CNsHook@@QAEXXZ
?AutoRun@CNsInstaller@@QAEXXZ
?BmToStream@CNsImage@@QAE_NPAUHBITMAP__@@PAUIStream@@PB_W@Z
?CertExists@@YAHPB_W@Z
?CheckComponent@CNsInstaller@@QAE_NXZ
?CheckDir@CNsInstaller@@QAEXPB_W0@Z
?CheckFont@CNsFont@@QAEHPB_W@Z
?CheckImage@CNsImage@@QAE_NPB_W@Z
?CheckInstalled@@YAHPB_W@Z
?CheckNotice@CNsInstaller@@QAEXXZ
?CheckOneInstance@@YAHPB_W0@Z
?CheckSetup@CNsUpdate@@AAEXXZ
?CheckTask@CNsUpdate@@AAEXPB_W@Z
?CheckUpdate@CNsUpdate@@QAEHPB_WP6GXHHH@ZP6GXH0_J2N@Z@Z
?CheckValid@CNsInstaller@@QAEXXZ
?CloseUsedProc@CNsHook@@QAEXPB_W@Z
?CompVersion@@YAHPB_W0@Z
?CreateCompatibleBitmapEx@CNsDC@@QAEPAUHBITMAP__@@UtagRECT@@@Z
?CreateDirTree@@YAHPB_W@Z
?CreateFolder@@YAHPB_W@Z
?CreateMemDC@CNsDC@@QAEXPAUHDC__@@AAUtagRECT@@_N2PAUHWND__@@@Z
?CreateNewFont@CNsFont@@AAEPAUHFONT__@@AAUtagFontInfo@@@Z
?CreateProcWithDll@CNsHook@@QAEXPB_WPBD@Z
?CreateShareMem@@YAPAXPB_WK@Z
?CreateShortcut@@YAHPB_W000G0H@Z
?CreateShortcuts@CNsInstaller@@QAEXPAUtagSetupInfo@@@Z
?CreateUID@@YAXPA_WH@Z
?CreateUninstallCfg@CNsInstaller@@QAEXPAUtagSetupInfo@@@Z
?CreateUrlShortcut@@YAHPB_W0@Z
?CreateUserShortcuts@CNsInstaller@@AAEXXZ
?DecodeFile@CNsZlib@@QAEJPB_W0K@Z
?DecodeGZipBuffer@CNsZlib@@QAEJPAEJPAPAEPAJ@Z
?DelTask@CNsDownload@@QAEHPB_W@Z
?DelTray@@YAHPAUHWND__@@@Z
?DesGo@@YAXQBDPADHH@Z
?DisableFsRedirection@@YAXPAPAX@Z
?DoFunc@@YAHPB_W0@Z
?DoReport@@YAXPB_W00@Z
?DoRun@@YAHPB_W0HH@Z
?DoSetup@CNsInstaller@@AAEXPB_W@Z
?DoUpdate@CNsInstaller@@QAEX_NPB_W@Z
?DownComponent@CNsInstaller@@AAEXPB_W@Z
?DownNotify2@CNsInstaller@@CGXHPB_W_J1N@Z
?DownNotify@CNsInstaller@@CGXHPB_W_J1N@Z
?DownloadThread@CNsDownload@@CGIPAX@Z
?Draw@CNsDC@@QAEXXZ
?DrawCaret@CNsApp@@QAEXPAUHWND__@@@Z
?DrawImg@CNsImage@@QAE_NPAUHDC__@@HPB_WHHHHPAUtagRECT@@@Z
?DrawImg@CNsImage@@QAE_NPAUHDC__@@PAUIStream@@HHHHPAUtagRECT@@@Z
?DrawImg@CNsImage@@QAE_NPAUHDC__@@PAVImage@Gdiplus@@HHHHPAUtagRECT@@PAVImageAttributes@4@@Z
?DrawImg@CNsImage@@QAE_NPAUHDC__@@PB_WHHHHPAUtagRECT@@@Z
?DrawImgEx@CNsImage@@QAE_NPAUHDC__@@HPB_WMMMMHHHH@Z
?DrawImgEx@CNsImage@@QAE_NPAUHDC__@@PAUIStream@@MMMMHHHH@Z
?DrawImgEx@CNsImage@@QAE_NPAUHDC__@@PB_WMMMMHHHH@Z
?DrawRotate3D@CNsImage@@QAEXPAUHDC__@@HPB_WHHHHHH@Z
?DrawRotate3D@CNsImage@@QAEXPAUHDC__@@PAUIStream@@HHHHHH@Z
?DrawRotate@CNsImage@@QAE_NPAUHDC__@@HPB_WHHHHH@Z
?DrawRotate@CNsImage@@QAE_NPAUHDC__@@PAUIStream@@HHHHH@Z
?DrawRotate@CNsImage@@QAE_NPAUHDC__@@PB_WHHHHH@Z
?DrawRotateFlip@CNsImage@@QAE_NPAUHDC__@@HPB_WHHHHW4RotateFlipType@Gdiplus@@M@Z
?DrawRotateFlip@CNsImage@@QAE_NPAUHDC__@@PAUIStream@@HHHHW4RotateFlipType@Gdiplus@@M@Z
?DrawRotateFlip@CNsImage@@QAE_NPAUHDC__@@PB_WHHHHW4RotateFlipType@Gdiplus@@M@Z
?DrawSplitH@CNsImage@@AAE_NPAUHDC__@@PAVImage@Gdiplus@@HHHHPAUtagRECT@@H@Z
?DrawSplitV@CNsImage@@AAE_NPAUHDC__@@PAVImage@Gdiplus@@HHHHPAUtagRECT@@HH@Z
?DrawStretchImg@CNsImage@@QAE_NPAUHDC__@@HPB_WHHHHHHHH@Z
?DrawStretchImg@CNsImage@@QAE_NPAUHDC__@@PAUIStream@@HHHHHHHH@Z
?DrawStretchImg@CNsImage@@QAE_NPAUHDC__@@PAVImage@Gdiplus@@HHHHHHHH@Z
?DrawStretchImg@CNsImage@@QAE_NPAUHDC__@@PB_WHHHHHHHH@Z
?DrawString@CNsImage@@QAEXPAUHDC__@@PAUHFONT__@@PB_WHHHHKH_N3H@Z
?DrawTranImg@CNsImage@@QAE_NPAUHDC__@@HPB_WKKHHHH@Z
?DrawTranImg@CNsImage@@QAE_NPAUHDC__@@PAUIStream@@KKHHHH@Z
?DrawTranImg@CNsImage@@QAE_NPAUHDC__@@PB_WKKHHHH@Z
?EasyEncode@@YAXPADH@Z
?EncodeFile@CNsZlib@@QAEJPB_W0H@Z
?ExceptionFilter@CnsDump@@CGJPAU_EXCEPTION_POINTERS@@@Z
?ExecScript@CNsInstaller@@QAEXPB_W@Z
?ExitApp@CNsApp@@QAEXXZ
?ExitThread@CNsThread@@QAEXPAXH@Z
?ExtractCollection@CNsInstaller@@AAE_N_JPB_WPAU_iobuf@@@Z
?ExtractFile@CNsInstaller@@AAE_NPAUtagPacketInfo@@PAU_iobuf@@@Z
?ExtractFileEx@CNsInstaller@@AAE_NPAUtagPacketInfo@@@Z
?ExtractFileName@@YAXPA_W@Z
?ExtractPath@@YAXPA_W@Z
?FileSize@@YA_JPB_W@Z
?FileTime@@YAHPB_WPAU_SYSTEMTIME@@11@Z
?FindRes@CNsSkin@@AAE_NPB_WPAUIStream@@@Z
?ForceLog@CNsLog@@QAEX_N@Z
?FreeSkin@CNsSkin@@QAEXXZ
?GbToTraditional@@YAXPADH@Z
?GetAdvInfo@CNsInstaller@@QAE_NAAUtagStyleInfo@@@Z
?GetBaseBoardByCmd@@YAHPADH@Z
?GetCPUID@@YAXPAD@Z
?GetClipboard@@YAHPA_WH@Z
?GetCloudInfo@CNsInstaller@@QAE_NAAUtagCloudInfo@@@Z
?GetCollectionInfo@CNsInstaller@@QAE_NAAUtagCollectionInfo@@@Z
?GetColorDlg@@YAKPAUHWND__@@K@Z
?GetCurPath@@YAXPA_W@Z
?GetCurPathEx@@YAXPB_WPA_W@Z
?GetDefaultSize@CNsFont@@QAEHXZ
?GetDeskWin@@YAPAUHWND__@@XZ
?GetDesktopPath@@YAHPA_W@Z
?GetEncoderClsid@CNsImage@@QAEHPB_WPAU_GUID@@@Z
?GetFileIcon@@YAPAUHICON__@@PB_WHH@Z
?GetFileVer@@YAHPB_WPA_W@Z
?GetFont@CNsFont@@AAEPAUHFONT__@@AAUtagFontInfo@@@Z
?GetFont@CNsFont@@QAEPAUHFONT__@@HPB_WHHH@Z
?GetFtpFile@CNsDownload@@QAEHPB_W0HP6GXH0_J1N@Z00@Z
?GetHttpFile@CNsDownload@@QAEHPB_W0HP6GXH0_J1N@ZH@Z
?GetImgSize@CNsImage@@QAE_NHAAH0@Z
?GetImgSize@CNsImage@@QAE_NPB_WAAH1@Z
?GetInfoLen@CNsNet@@QAEHXZ
?GetInstallPath@@YAHPB_WPA_W@Z
?GetLogFileName@CNsLog@@AAEXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?GetMacAddr@@YAHAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetModuleAddr@CNsHook@@QAE_NPB_WKPAPAE@Z
?GetMoreInfo@CNsInstaller@@QAE_NAAUtagMorePacketInfo@@@Z
?GetMovieIndex@CNsImage@@QAEHH@Z
?GetNodeAttr@CNsXml@@QAEHPB_W0PA_W@Z
?GetOsName@@YAHPA_W@Z
?GetPathUseSpace@@YA_KPB_W@Z
?GetProcByName@CNsProcess@@QAE_NPB_WPAUtagPROCESSENTRY32W@@@Z
?GetProcList@CNsProcess@@QAE_NAAV?$vector@UtagPROCESSENTRY32W@@V?$allocator@UtagPROCESSENTRY32W@@@std@@@std@@@Z
?GetProcessHandle@CNsHook@@QAEPAXPB_W@Z
?GetProgramFilePath@@YAHPA_W@Z
?GetProgramsPath@@YAHPA_W@Z
?GetQuickLaunchPath@@YAHPA_WH@Z
?GetRegInfo@@YAHPAUHKEY__@@PA_W1H1@Z
?GetRegInfo@CNsReg@@QAEHPAUHKEY__@@PA_W1H1@Z
?GetRes@CNsSkin@@QAE_NPB_WPAUIStream@@@Z
?GetResType@CNsSkin@@QAEHXZ
?GetSetupInfo@CNsInstaller@@QAE_NAAUtagSetupInfo@@@Z
?GetSetupInfoEx@CNsInstaller@@QAE_NAAUtagSetupInfo@@@Z
?GetShortcutIcon@@YAHPB_WPA_WPAH@Z
?GetShortcutUrl@@YAHPB_WPA_W@Z
?GetSoftVer@@YAHPB_WPA_W@Z
?GetStartMenuPath@@YAHPA_W@Z
?GetStrSize@CNsImage@@QAE?AUtagSIZE@@PB_WPAUHWND__@@PAUHFONT__@@VRectF@Gdiplus@@@Z
?GetStrWidth@CNsImage@@QAEHPB_WPAUHWND__@@PAUHFONT__@@_N@Z
?GetSystemVersion@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetThemesPath@CNsSkin@@QAEXPA_W@Z
?GetUrlCacheIcon@@YAPAUHICON__@@PB_WH@Z
?GetUrlCacheIconPath@@YAHPB_WPA_W@Z
?GetUrlInfo@@YAHPB_WPADH@Z
?GetUrlInfo@CNsNet@@QAEHPB_WPADHH@Z
?GetUrlShortcutIcon@@YAHPB_WPA_WH@Z
?GetXmlNode@CNsXml@@QAEHPA_WAAH@Z
?GetXmlNodeCount@@YAHPB_W@Z
?GetXmlNodeCount@CNsXml@@QAEHPB_W@Z
?GetXmlNodeValue2@@YAHPB_WPA_WH@Z
?GetXmlNodeValue3@@YAHPB_WPA_WPAH@Z
?GetXmlNodeValue@@YAHPB_WPA_W@Z
?GetXmlNodeValue@CNsXml@@QAEHPB_WPA_W@Z
?GetXmlNodeValue@CNsXml@@QAEHPB_WPA_WH@Z
?GetXmlNodeValue@CNsXml@@QAEHPB_WPA_WPAH@Z
?HideProcess@CNsProcess@@QAEXH@Z
?HookAPI@CNsHook@@QAEXPAPAXPAX@Z
?ImportCACert@@YAHPAXH@Z
?ImportCertFile@@YAHPB_W@Z
?ImportReg@CNsInstaller@@QAEXXZ
?InitPath@CNsInstaller@@AAEXAAUtagSetupInfo@@@Z
?InitZlib@CNsZlib@@QAEJPB_W@Z
?Inject@CNsProcess@@QAE_NKPBD0@Z
?InjectAllProc@CNsHook@@QAEXPBD@Z
?InjectProc@CNsHook@@QAE_NPBDH@Z
?InjectProc@CNsHook@@QAE_NPBDPB_W@Z
?Install@CnsDump@@QAEXPB_W0@Z
?InstallCloudFunc@CNsInstaller@@AAE_NXZ
?InstallCloudThread@CNsInstaller@@CGIPAX@Z
?InstallCollectionFunc@CNsInstaller@@AAE_NXZ
?InstallCollectionThread@CNsInstaller@@CGIPAX@Z
?InstallComponent@CNsInstaller@@AAEXXZ
?InstallDump@@YAXPB_W0@Z
?InstallFunc@CNsInstaller@@AAE_NXZ
?InstallFuncEx@CNsInstaller@@AAE_NXZ
?InstallThread@CNsInstaller@@CGIPAX@Z
?InstallUserComponent@CNsInstaller@@AAEXXZ
?Instance@CNsApp@@SAAAV1@XZ
?Instance@CNsDownload@@SAAAV1@XZ
?Instance@CNsFont@@SAAAV1@XZ
?Instance@CNsHook@@SAAAV1@XZ
?Instance@CNsImage@@SAAAV1@XZ
?Instance@CNsLog@@SAAAV1@XZ
?Instance@CNsNet@@SAAAV1@XZ
?Instance@CNsProcess@@SAAAV1@XZ
?Instance@CNsReg@@SAAAV1@XZ
?Instance@CNsSkin@@SAAAV1@XZ
?Instance@CNsThread@@SAAAV1@XZ
?Instance@CNsUpdate@@SAAAV1@XZ
?Instance@CNsXml@@SAAAV1@XZ
?Instance@CNsZlib@@SAAAV1@XZ
?Instance@CnsDump@@SAAAV1@XZ
?IntToStrSize@@YAX_JPA_W@Z
?Is64bitSystem@CNsHook@@QAEHXZ
?IsLockRead@CLock@@QAE_NXZ
?IsLockWrite@CLock@@QAE_NXZ
?IsRunasAdmin@CNsHook@@QAE_NPAX@Z
?IsSysProcess@CNsHook@@QAE_NPAX@Z
?IsWin8OrLater@CNsHook@@QAE_NXZ
?IsWow64ProcessEx@CNsHook@@QAEHPAX@Z
?KillProcess@CNsProcess@@QAEXK@Z
?KillProcess@CNsProcess@@QAEXPB_W@Z
?KillTimer@CNsThread@@QAEXH@Z
?LnkToRealPath@@YAJPB_WPA_W@Z
?LoadDrv@@YAHPB_W0@Z
?LoadPngFromRes@CNsImage@@AAEPAVImage@Gdiplus@@HPB_W@Z
?LoadProxyConfig@CNsDownload@@QAEXXZ
?LoadProxyConfig@CNsNet@@QAEXXZ
?LoadSkin@CNsSkin@@QAE_NPB_W@Z
?Lock@CLock@@QAEXXZ
?LockRead@CLock@@QAEXXZ
?MD5Go@@YAHPAD0@Z
?MakeSkin@CNsSkin@@QAE_NPB_W0@Z
?MonitorReg@CNsReg@@QAEHPAUHKEY__@@PA_WHP6GXPAX@Z2@Z
?MonitorThread@CNsReg@@SGKPAX@Z
?MovePos@CNsInstaller@@AAEXPAUtagPacketInfo@@PAU_iobuf@@@Z
?MovieThread@CNsImage@@CGIPAX@Z
?MsgLoop@CNsApp@@QAEHXZ
?NsAddJob@@YAHPB_W0H@Z
?NsDelJob@@YAHXZ
?NsEncode@@YAXQBDPADHH@Z
?NsEncodeFile@@YAHPB_W0@Z
?NsGetStrWidth@@YAHPB_WPAUHWND__@@PAUHFONT__@@@Z
?NsReadFile@@YAHPB_WPAXK@Z
?NsResGetBuff@@YAHHPB_WPAX@Z
?NsResGetBuffEx@@YAHPB_WH0PAX@Z
?NsResGetStream@@YAPAUIStream@@HPB_W@Z
?NsResSave@@YAHHPB_W0@Z
?NsResSaveEx@@YAHPB_WH00@Z
?NsResSize@@YAHHPB_W@Z
?NsResUpdate2@@YAHPB_WH0PAXH@Z
?NsResUpdate@@YAHPB_WH00@Z
?NsWriteFile@@YAHPB_WPAXK@Z
?OpenUrl@@YAXPB_WH@Z
?Parse@@YAHPB_W@Z
?Parse@CNsXml@@QAEHPB_W@Z
?ParseParams@CNsInstaller@@QAEXPB_W@Z
?PauseMP3@@YAXPB_W@Z
?PlayMP3@@YAXPB_WH@Z
?PlayMusic@CNsInstaller@@AAEXXZ
?PlayWav@@YAHPB_WH@Z
?Post@CNsNet@@QAEHPB_WPAXHPADHH@Z
?ReadShareMem2@@YAHPB_WPAXHH@Z
?ReadShareMem@@YAHPB_WPA_W@Z
?RefreshIconCache@@YAXXZ
?RegFileRelation@@YAXPB_W0000@Z
?RegProtocol@@YAXPB_W0@Z
?ReplaceExeIco@@YAHPB_W0H@Z
?ReplaceSysPath@CNsInstaller@@AAEXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?ReportCrash@CnsDump@@QAEXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?ResumeMP3@@YAXPB_W@Z
?ResumeProc@CNsProcess@@QAE_NK@Z
?RevertFsRedirection@@YAXPAPAX@Z
?RunasAdmin@CNsHook@@QAEPAXPB_W0@Z
?SavePic@CNsImage@@QAE_NPAUHDC__@@UtagRECT@@PB_W2@Z
?SavePic@CNsImage@@QAE_NPAUHWND__@@PB_W1@Z
?SavePic@CNsImage@@QAE_NPB_W00@Z
?SaveScreen@CNsImage@@QAE_NPB_W0@Z
?SaveUpdateCfg@CNsUpdate@@AAEXXZ
?SetAppName@CNsApp@@QAEXPB_W@Z
?SetAutoRun@@YAHPB_WH0@Z
?SetAutoRun@CNsReg@@QAEHPB_WH0@Z
?SetClipboard@@YAHPB_W@Z
?SetDefaultFont@CNsFont@@QAEXHPB_WH@Z
?SetDelay@CNsUpdate@@QAEXH@Z
?SetFolderIcon@@YAHPB_W0H@Z
?SetIcon@@YAHPAUHWND__@@PAUHICON__@@@Z
?SetInst@CNsImage@@QAEXPAUHINSTANCE__@@@Z
?SetMemName@CNsLog@@QAEXPB_WH@Z
?SetPath@CNsUpdate@@QAEXPB_W@Z
?SetPrivilege@@YAHPB_WH@Z
?SetRegInfo@@YAHPAUHKEY__@@PA_W1HPB_W@Z
?SetRegInfo@CNsReg@@QAEHPAUHKEY__@@PA_W1HPB_W@Z
?SetResType@CNsSkin@@QAEXH@Z
?SetRetry@CNsDownload@@QAEXHH@Z
?SetShortcutIcon@@YAHPB_W0@Z
?SetSkinName@CNsSkin@@QAEXPB_W@Z
?SetThemesName@CNsSkin@@QAEXPB_W@Z
?SetTip@@YAHPAUHWND__@@PB_W@Z
?ShowBalloon@@YAHPAUHWND__@@PB_W1H@Z
?ShowLicense@CNsInstaller@@QAEXXZ
?ShowOpenFileDlg@@YAHPA_WHPAUHWND__@@PB_W2H@Z
?ShowSaveFileDlg@@YAHPA_WPAUHWND__@@PB_W2@Z
?ShowSelDir@@YAHPA_WPAUHWND__@@@Z
?ShowTray@@YAHPAUHWND__@@PAUHICON__@@PB_WI@Z
?StartDownload@CNsDownload@@QAEXPB_W0P6GXH0_J1N@ZH@Z
?StartInstall@CNsInstaller@@QAEXPB_WPAUHWND__@@H1@Z
?StartInstallCloud@CNsInstaller@@QAEXPAUHWND__@@H@Z
?StartInstallCollection@CNsInstaller@@QAEXPAUHWND__@@H@Z
?StartMonitor@@YAXPAUHKEY__@@PB_WHP6GXPAX@Z2@Z
?StartMonitor@CNsReg@@QAEXPAUHKEY__@@PB_WHP6GXPAX@Z2@Z
?StartMovie@CNsImage@@QAEXH@Z
?StartThread@CNsThread@@QAEPAXP6GIPAX@Z0H@Z
?StartTimer@CNsThread@@QAEXHP6GXPAX@ZH0@Z
?StartUpdate@CNsUpdate@@QAEXPB_WP6GXHHH@ZP6GXH0_J2N@Z@Z
?Stop@CNsInstaller@@QAEXXZ
?Stop@CNsNet@@QAEXXZ
?Stop@CNsThread@@QAEXXZ
?StopMP3@@YAXPB_W@Z
?StopMonitor@@YAXXZ
?StopMonitor@CNsReg@@QAEXXZ
?StopMovie@CNsImage@@QAEXH@Z
?StopTask@CNsDownload@@QAEXPB_WH@Z
?StopUpdate@CNsUpdate@@QAEXXZ
?StrToIntSize@@YA_JPB_W@Z
?SuspendProc@CNsProcess@@QAE_NK@Z
?SystemTimeToTimet@@YA_JU_SYSTEMTIME@@H@Z
?TimerThread@CNsThread@@CGIPAX@Z
?TimetToSystemTime@@YA?AU_SYSTEMTIME@@_JH@Z
?ToAsc@@YAXPADH@Z
?ToHex@@YAXPADH@Z
?URLEncode@@YAHPA_W@Z
?UnHookAPI@CNsHook@@QAEXPAPAXPAX@Z
?UnInjectAllProc@CNsHook@@QAEXPBD@Z
?UnInjectProc@CNsHook@@QAE_NPBDH@Z
?UnInjectProc@CNsHook@@QAE_NPBDPB_W@Z
?UnLoadDrv@@YAHPB_W@Z
?UninitZlib@CNsZlib@@QAEXXZ
?Unlock@CLock@@QAEXXZ
?UnlockRead@CLock@@QAEXXZ
?UpdateNotify@CNsInstaller@@CGXHHH@Z
?UpdateThread@CNsUpdate@@CGIPAX@Z
?UpdateUninstRes@CNsInstaller@@AAEXXZ
?VerifyFile@CNsUpdate@@QAEHPB_W0H@Z
?VerifySignature@@YAHPB_W@Z
?WaitInstall@CNsInstaller@@AAEXPB_W@Z
?WaitUpdate@CNsInstaller@@QAEXXZ
?WriteLog2@CNsLog@@QAAXPB_WZZ
?WriteLog3@CNsLog@@QAAXPB_WZZ
?WriteLog@@YAXPB_W@Z
?WriteLog@CNsLog@@QAEXPB_W@Z
?WriteReg@CNsInstaller@@QAEHPAUtagSetupInfo@@@Z
?WriteShareMem2@@YAHPB_WPAXHH@Z
?WriteShareMem@@YAHPB_W0H@Z
?WriteSkin@CNsSkin@@AAEXPAU_iobuf@@AAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?Zoom@CNsImage@@QAE_NPB_WMHH00@Z
?_NsReadFile@@YAHPAU_iobuf@@PAXK@Z
?_NsResUpdate@@YAHPAXHPB_W1@Z
?_NsWriteFile@@YAHPAU_iobuf@@PAXK@Z
?_ReplaceExeIco@@YAHPAXPB_WH@Z
?_ins@?1??Instance@CNsZlib@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsApp@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsDownload@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsFont@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsHook@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsImage@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsLog@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsNet@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsProcess@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsReg@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsSkin@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsThread@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsUpdate@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsXml@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CnsDump@@SAAAV2@XZ@4V2@A
?gb2big@@YAXPADH@Z
?isCancel@CNsUpdate@@QAEHXZ
?isConnected@@YAHPB_W@Z
?isConnected@CNsNet@@QAEHPB_W@Z
?isDigital@@YAHPBD@Z
?isDir@@YAHPB_W@Z
?isEnableUAC@@YAHXZ
?isEnglish@@YAHXZ
?isError@CNsUpdate@@QAEHXZ
?isExistsMovie@CNsImage@@AAE_NH@Z
?isExistsShareMem@@YAHPB_W@Z
?isGzip@CNsDownload@@AAEHPAX@Z
?isGzip@CNsNet@@QAEHPAX@Z
?isHZ@@YAHPBD@Z
?isLicense@CNsInstaller@@QAE_NXZ
?isLog@CNsLog@@AAE_NXZ
?isNotebook@@YAHXZ
?isRestart@CNsUpdate@@QAEHXZ
?isSimplified@@YAHXZ
?isStop@CNsDownload@@QAEHPB_W@Z
?isStop@CNsImage@@QAE_NH@Z
?isSupportYaHei@CNsFont@@QAEHXZ
?isSys64@@YAHXZ
?isTraditional@@YAHXZ
?isWin7@@YAHXZ
?isWin8@@YAHXZ
?isWow64@@YAHXZ
?m_bUpdated@CNsInstaller@@0_NA
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ