08ed32f799e436ae8dcf68e61bcd96fd0e46fbb266eeb7555dc850ad6481f8ef

Sharing

Copy URL

Twitter E-mail

General

Target

08ed32f799e436ae8dcf68e61bcd96fd0e46fbb266eeb7555dc850ad6481f8ef
Size

5.4MB
MD5

bfabe8b41b02a355e40bfd9bacf23537
SHA1

fad96fe238933f5c5acdb6075a370dddda2393ee
SHA256

08ed32f799e436ae8dcf68e61bcd96fd0e46fbb266eeb7555dc850ad6481f8ef
SHA512

4e74ef27ddfe6f2701cac7c83db1e1141caa3f73b3e263f7e4298f2aae5ec49bd139b32a9dbf3c2b6e72adbd39ee0e30fd405fce67879e3b811c74562cfe3399
SSDEEP

98304:BJwMrweRJuxygWwQ8CYja4sMGWg2fNKICo/U+dSzis9azbNRZlPMgrsVP24/B:YJYsxygWwlCYjtoKK8/U+d9sovNRbMxZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/DjVuToy.dll
unpack001/DjVuToy.exe

Files

08ed32f799e436ae8dcf68e61bcd96fd0e46fbb266eeb7555dc850ad6481f8ef
.zip
DjVuToy.dll
.dll windows:4 windows x86

b9e616bf304b3d4da0a1f9ca7b3e0fa0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
SetEvent
EnterCriticalSection
WaitForSingleObject
CreateEventA
GetFileAttributesA
GetFileAttributesW
CreateDirectoryA
DeleteFileA
RemoveDirectoryA
FindClose
FindNextFileA
FindFirstFileA
GetFullPathNameA
GetTickCount
CreateThread
InterlockedIncrement
InterlockedDecrement
CreateMutexA
SetLastError
GlobalAlloc
GlobalFree
FreeLibrary
GetProcAddress
LoadLibraryA
CreateFileA
ReadFile
WriteFile
GetLastError
SetFilePointer
GlobalSize
GlobalReAlloc
LocalAlloc
lstrlenA
GetCommandLineA
GetVersion
RtlUnwind
HeapFree
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapAlloc
HeapReAlloc
RaiseException
TlsSetValue
TlsGetValue
ExitThread
MoveFileA
Sleep
GetCurrentDirectoryA
SetCurrentDirectoryA
LockFile
UnlockFile
MultiByteToWideChar
ExitProcess
TerminateProcess
GetCurrentProcess
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
TlsAlloc
TlsFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapSize
VirtualAlloc
IsBadWritePtr
SetStdHandle
LCMapStringA
LCMapStringW
FlushFileBuffers
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
IsBadReadPtr
IsBadCodePtr
CreateFileW
CompareStringA
CompareStringW
GetLocaleInfoW
SetEndOfFile
InterlockedExchange
FileTimeToSystemTime
GetDriveTypeA
DuplicateHandle
OutputDebugStringA
TerminateThread
CloseHandle
FormatMessageA
LocalFree
SetEnvironmentVariableA
GetModuleFileNameA
FileTimeToLocalFileTime

user32

wvsprintfA
GetFocus
MessageBoxA
wsprintfA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Exports

Exports

??0ArrayRep@@IAE@ABV0@@Z
??0ArrayRep@@IAE@HP6AXPAXHH@Z1P6AX0HHPBXHH@Z3P6AX0HH2H@Z@Z
??0BSByteStream@@IAE@V?$GP@VByteStream@@@@@Z
??0ByteStream@@IAE@XZ
??0DjVmDir@@IAE@XZ
??0DjVmDoc@@IAE@XZ
??0DjVuANT@@IAE@XZ
??0DjVuDocument@@IAE@XZ
??0DjVuErrorList@@IAE@XZ
??0DjVuFile@@IAE@XZ
??0DjVuImage@@IAE@XZ
??0DjVuInfo@@IAE@XZ
??0DjVuMessage@@IAE@XZ
??0DjVuMessageLite@@IAE@XZ
??0DjVuNavDir@@IAE@AAVByteStream@@ABVGURL@@@Z
??0DjVuNavDir@@IAE@ABVGURL@@@Z
??0DjVuPalette@@IAE@XZ
??0DjVuPalette@@QAE@ABV0@@Z
??0DjVuParseOptions@@QAE@AAV0@@Z
??0DjVuParseOptions@@QAE@ABVGUTF8String@@0PAVDjVuTokenList@@@Z
??0DjVuParseOptions@@QAE@ABVGUTF8String@@@Z
??0DjVuPort@@QAE@ABV0@@Z
??0DjVuPort@@QAE@XZ
??0DjVuPortcaster@@QAE@XZ
??0File@DjVmDir@@IAE@XZ
??0Filename@GURL@@QAE@ABVGNativeString@@@Z
??0Filename@GURL@@QAE@ABVGUTF8String@@@Z
??0GArrayBase@@QAE@ABUTraits@@@Z
??0GArrayBase@@QAE@ABUTraits@@HH@Z
??0GArrayBase@@QAE@ABV0@@Z
??0GBitmap@@IAE@XZ
??0GBitmapScaler@@IAE@HHHH@Z
??0GBitmapScaler@@IAE@XZ
??0GException@@QAE@ABV0@@Z
??0GException@@QAE@PBD0H0W4source_type@0@@Z
??0GException@@QAE@XZ
??0GListBase@@IAE@ABUTraits@@@Z
??0GListBase@@IAE@ABV0@@Z
??0GMapArea@@IAE@XZ
??0GMapOval@@IAE@ABVGRect@@@Z
??0GMapOval@@IAE@XZ
??0GMapPoly@@IAE@PBH0H_N@Z
??0GMapPoly@@IAE@XZ
??0GMapRect@@IAE@ABVGRect@@@Z
??0GMapRect@@IAE@XZ
??0GMonitor@@QAE@XZ
??0GNativeString@@QAE@ABV0@@Z
??0GNativeString@@QAE@ABVGBaseString@@@Z
??0GNativeString@@QAE@ABVGBaseString@@HH@Z
??0GNativeString@@QAE@D@Z
??0GNativeString@@QAE@H@Z
??0GNativeString@@QAE@N@Z
??0GNativeString@@QAE@PBD@Z
??0GNativeString@@QAE@PBDI@Z
??0GNativeString@@QAE@PBE@Z
??0GNativeString@@QAE@PBG@Z
??0GNativeString@@QAE@PBGI@Z
??0GNativeString@@QAE@PBK@Z
??0GNativeString@@QAE@PBKI@Z
??0GPBufferBase@@QAE@AAPAXII_N@Z
??0GPixmap@@IAE@XZ
??0GPixmapScaler@@IAE@HHHH@Z
??0GPixmapScaler@@IAE@XZ
??0GRectMapper@@QAE@XZ
??0GScaler@@IAE@XZ
??0GSetBase@@IAE@ABUTraits@@@Z
??0GSetBase@@IAE@ABV0@@Z
??0GStringRep@@QAE@XZ
??0GThread@@QAE@H@Z
??0GURL@@IAE@PBD@Z
??0GURL@@QAE@ABV0@@Z
??0GURL@@QAE@ABVGNativeString@@@Z
??0GURL@@QAE@ABVGNativeString@@ABV0@@Z
??0GURL@@QAE@ABVGUTF8String@@@Z
??0GURL@@QAE@ABVGUTF8String@@ABV0@@Z
??0GURL@@QAE@XZ
??0GUTF8String@@QAE@ABV0@AAPAD@Z
??0GUTF8String@@QAE@ABVGBaseString@@HH@Z
??0GUTF8String@@QAE@D@Z
??0GUTF8String@@QAE@H@Z
??0GUTF8String@@QAE@N@Z
??0GUTF8String@@QAE@PBD@Z
??0GUTF8String@@QAE@PBDI@Z
??0GUTF8String@@QAE@PBE@Z
??0GUTF8String@@QAE@PBGI@Z
??0GUTF8String@@QAE@PBKI@Z
??0IFFByteStream@@IAE@ABV?$GP@VByteStream@@@@H@Z
??0IW44Image@@IAE@XZ
??0IWEncoderParms@@QAE@XZ
??0JB2Dict@@IAE@XZ
??0JB2Image@@IAE@XZ
??0MMRDecoder@@IAE@HH@Z
??0Native@Filename@GURL@@QAE@ABVGNativeString@@@Z
??0Native@GURL@@QAE@ABVGNativeString@@@Z
??0Native@GURL@@QAE@ABVGNativeString@@ABV1@@Z
??0UTF8@Filename@GURL@@QAE@ABVGUTF8String@@@Z
??0UTF8@GStringRep@@QAE@XZ
??0UTF8@GURL@@QAE@ABVGUTF8String@@@Z
??0UTF8@GURL@@QAE@ABVGUTF8String@@ABV1@@Z
??0UnicodeByteStream@@IAE@ABV0@@Z
??0UnicodeByteStream@@IAE@V?$GP@VByteStream@@@@W4EncodeType@GStringRep@@@Z
??0XMLByteStream@@IAE@AAV?$GP@VByteStream@@@@@Z
??0XMLByteStream@@IAE@AAVUnicodeByteStream@@@Z
??0ZPCodec@@IAE@V?$GP@VByteStream@@@@_N1@Z
??0Zone@DjVuTXT@@QAE@XZ
??0lt_XMLContents@@QAE@V?$GP@Vlt_XMLTags@@@@@Z
??0lt_XMLContents@@QAE@XZ
??0lt_XMLParser@@IAE@XZ
??0lt_XMLTags@@IAE@QBD@Z
??0lt_XMLTags@@IAE@XZ
??1ArrayBase@@QAE@XZ
??1BSByteStream@@UAE@XZ
??1DjVuMessage@@UAE@XZ
??1DjVuMessageLite@@UAE@XZ
??1DjVuNavDir@@UAE@XZ
??1DjVuPalette@@UAE@XZ
??1DjVuParseOptions@@QAE@XZ
??1GArrayBase@@QAE@XZ
??1GBaseString@@IAE@XZ
??1GEnterOnlyOnce@@QAE@XZ
??1GException@@QAE@XZ
??1GListBase@@QAE@XZ
??1GMonitor@@QAE@XZ
??1GNativeString@@QAE@XZ
??1GPBase@@QAE@XZ
??1GPBufferBase@@QAE@XZ
??1GSetBase@@QAE@XZ
??1GThread@@QAE@XZ
??1GUTF8String@@QAE@XZ
??1MMRDecoder@@UAE@XZ
??1ZPCodec@@UAE@XZ
??1_ArrayBase@@QAE@XZ
??1lt_XMLTags@@UAE@XZ
??2DjVuPort@@SAPAXI@Z
??3DjVuPort@@SAXPAX@Z
??4ArrayRep@@QAEAAV0@ABV0@@Z
??4DjVuPalette@@QAEAAV0@ABV0@@Z
??4DjVuPort@@QAEAAV0@ABV0@@Z
??4GArrayBase@@QAEAAV0@ABV0@@Z
??4GException@@QAEAAV0@ABV0@@Z
??4GListBase@@QAEAAV0@ABV0@@Z
??4GMapRect@@QAEAAV0@ABVGRect@@@Z
??4GNativeString@@QAEAAV0@D@Z
??4GNativeString@@QAEAAV0@PBD@Z
??4GSafeFlags@@QAEAAV0@ABV0@@Z
??4GSafeFlags@@QAEAAV0@J@Z
??4GSetBase@@QAEAAV0@ABV0@@Z
??4GURL@@QAEAAV0@ABV0@@Z
??4GUTF8String@@QAEAAV0@D@Z
??4GUTF8String@@QAEAAV0@PBD@Z
??8@YAHABVGRect@@0@Z
??8GURL@@QBE_NABV0@@Z
??BGSafeFlags@@QBEJXZ
??H@YA?AVGNativeString@@PBDABV0@@Z
??H@YA?AVGUTF8String@@PBDABV0@@Z
??HGBaseString@@QBE?AVGNativeString@@ABV1@@Z
??HGBaseString@@QBE?AVGUTF8String@@ABV1@@Z
??HGNativeString@@QBE?AV0@ABV0@@Z
??HGNativeString@@QBE?AV0@ABVGBaseString@@@Z
??HGNativeString@@QBE?AV0@PBD@Z
??HGNativeString@@QBE?AVGUTF8String@@ABV1@@Z
??HGUTF8String@@QBE?AV0@ABV0@@Z
??HGUTF8String@@QBE?AV0@ABVGBaseString@@@Z
??HGUTF8String@@QBE?AV0@ABVGNativeString@@@Z
??HGUTF8String@@QBE?AV0@PBD@Z
??YGNativeString@@QAEAAV0@ABVGBaseString@@@Z
??YGNativeString@@QAEAAV0@D@Z
??YGNativeString@@QAEAAV0@PBD@Z
??YGUTF8String@@QAEAAV0@ABVGBaseString@@@Z
??YGUTF8String@@QAEAAV0@D@Z
??YGUTF8String@@QAEAAV0@PBD@Z
??_FGThread@@QAEXXZ
?AddByteStream@DjVuMessageLite@@IAEXABV?$GP@VByteStream@@@@@Z
?AddByteStreamLater@DjVuMessage@@SAXABV?$GP@VByteStream@@@@@Z
?AddByteStreamLater@DjVuMessageLite@@SAXABV?$GP@VByteStream@@@@@Z
?BORDER_AVIS_TAG@GMapArea@@2QBDB
?ChangeProfile@DjVuParseOptions@@QAE_NABVGUTF8String@@@Z
?ClearError@DjVuParseOptions@@QAEXXZ
?ConfigFilename@DjVuParseOptions@@QAEQBDABVGUTF8String@@@Z
?DjVuPort_destructor@DjVuPort@@AAEXXZ
?EndOfFile@ByteStream@@2PBDB
?GPEnabled_destructor@GPEnabled@@AAEXXZ
?GetBest@DjVuParseOptions@@QAEHHQBH_N@Z
?GetBest@DjVuParseOptions@@QAEHHQBQBD_N@Z
?GetError@DjVuErrorList@@QAE?AVGUTF8String@@XZ
?GetError@DjVuParseOptions@@QAEPBDXZ
?GetInteger@DjVuParseOptions@@QBEHHHHH@Z
?GetNumber@DjVuParseOptions@@QBEHHH@Z
?GetProfilePaths@DjVuMessage@@SA?AV?$GList@VGURL@@@@XZ
?GetStatus@DjVuErrorList@@QAE?AVGUTF8String@@XZ
?GetToken@DjVuTokenList@@QBEHABVGUTF8String@@@Z
?GetValue@DjVuParseOptions@@QBEQBDH@Z
?HILITE_TAG@GMapArea@@2QBDB
?HasError@DjVuParseOptions@@QBEHXZ
?InsertArg@DjVuMessageLite@@IBEXAAVGUTF8String@@HABV2@@Z
?LookUp@DjVuMessageLite@@QBE?AVGUTF8String@@ABV2@@Z
?LookUpID@DjVuMessageLite@@IBEXABVGUTF8String@@AAV2@1@Z
?LookUpNative@DjVuMessage@@SA?AVGNativeString@@ABVGUTF8String@@@Z
?LookUpNative@DjVuMessageLite@@SA?AVGNativeString@@ABVGUTF8String@@@Z
?LookUpSingle@DjVuMessageLite@@IBE?AVGUTF8String@@ABV2@@Z
?LookUpUTF8@DjVuMessage@@SA?AVGUTF8String@@ABV2@@Z
?LookUpUTF8@DjVuMessageLite@@SA?AVGUTF8String@@ABV2@@Z
?MAPAREA_TAG@GMapArea@@2QBDB
?NO_BORDER_TAG@GMapArea@@2QBDB
?NativeFilename@GURL@@QBE?AVGNativeString@@XZ
?NativeToUTF8@GStringRep@@SA?AV?$GP@VGStringRep@@@@PBD@Z
?OVAL_TAG@GMapArea@@2QBDB
?POLY_TAG@GMapArea@@2QBDB
?ParseArguments@DjVuParseOptions@@QAEHABV?$DArray@VGUTF8String@@@@QBUdjvu_option@@H@Z
?ParseValues@lt_XMLTags@@SAXPBDAAV?$GMap@VGUTF8String@@V1@@@_N@Z
?RECT_TAG@GMapArea@@2QBDB
?SHADOW_EIN_BORDER_TAG@GMapArea@@2QBDB
?SHADOW_EOUT_BORDER_TAG@GMapArea@@2QBDB
?SHADOW_IN_BORDER_TAG@GMapArea@@2QBDB
?SHADOW_OUT_BORDER_TAG@GMapArea@@2QBDB
?SOLID_BORDER_TAG@GMapArea@@2QBDB
?SetToken@DjVuTokenList@@QAEHABVGUTF8String@@@Z
?TARGET_SELF@GMapArea@@2QBDB
?UCS4toNative@GStringRep@@SAPAEKPAEPAH@Z
?UCS4toUTF16@GStringRep@@SAHKAAG0@Z
?UCS4toUTF8@GStringRep@@SAPAEKPAE@Z
?URL_TAG@GMapArea@@2QBDB
?UTF16toUCS4@GStringRep@@SAHAAKQBGQBX@Z
?UTF8Filename@GURL@@QBE?AVGUTF8String@@XZ
?UTF8ToNative@GStringRep@@SA?AV?$GP@VGStringRep@@@@PBDW4EscapeMode@1@@Z
?UTF8toUCS4@GStringRep@@SAKAAPBEQBX@Z
?XOR_BORDER_TAG@GMapArea@@2QBDB
?add_alias@DjVuPortcaster@@QAEXPBVDjVuPort@@ABVGUTF8String@@@Z
?add_blit@JB2Image@@QAEHABVJB2Blit@@@Z
?add_data@DataPool@@QAEXPBXH@Z
?add_data@DataPool@@QAEXPBXHH@Z
?add_data@DjVuMemoryPort@@QAEXABVGURL@@ABV?$GP@VDataPool@@@@@Z
?add_djvu_cgi_argument@GURL@@QAEXABVGUTF8String@@PBD@Z
?add_file@DjVmDir0@@QAEXABVGUTF8String@@_NHH@Z
?add_file@DjVuFileCache@@QAEXABV?$GP@VDjVuFile@@@@@Z
?add_route@DjVuPortcaster@@QAEXPBVDjVuPort@@PAV2@@Z
?add_shape@JB2Dict@@QAEHABVJB2Shape@@@Z
?add_thumb_req@DjVuDocument@@IAE?AV?$GP@VThumbReq@DjVuDocument@@@@ABV2@@Z
?add_to_cache@DjVuDocument@@IAEXABV?$GP@VDjVuFile@@@@@Z
?add_trigger@DataPool@@QAEXHHP6AXPAX@Z0@Z
?add_trigger@DataPool@@QAEXHP6AXPAX@Z0@Z
?add_vertex@GMapPoly@@QAEHHH@Z
?alias_to_port@DjVuPortcaster@@QAE?AV?$GP@VDjVuPort@@@@ABVGUTF8String@@@Z
?alloc@ArrayRep@@SAPAV1@ABV1@@Z
?alloc@ArrayRep@@SAPAV1@HP6AXPAXHH@Z1P6AX0HHPBXHH@Z3P6AX0HH2H@Z@Z
?alloc@ArrayRep@@SAPAV1@HP6AXPAXHH@Z1P6AX0HHPBXHH@Z3P6AX0HH2H@ZH@Z
?alloc@ArrayRep@@SAPAV1@HP6AXPAXHH@Z1P6AX0HHPBXHH@Z3P6AX0HH2H@ZHH@Z
?append@GListBase@@IAEXPAUNode@@@Z
?append@GStringRep@@QBE?AV?$GP@VGStringRep@@@@PBD@Z
?append_child@Zone@DjVuTXT@@QAEPAV12@XZ
?append_line@GBitmap@@CAXAAPAEPBEH_N@Z
?append_long_run@GBitmap@@CAXAAPAEH@Z
?assign@GPBase@@QAEAAV1@ABV1@@Z
?assign@GPBase@@QAEAAV1@PAVGPEnabled@@@Z
?attenuate@GPixmap@@QAEXPBVGBitmap@@HH@Z
?base@GURL@@QBE?AV1@XZ
?basename@GOS@@SA?AVGUTF8String@@ABV2@PBD@Z
?beautify_path@GURL@@IAEXXZ
?beautify_path@GURL@@KA?AVGUTF8String@@V2@@Z
?binarize_grays@GBitmap@@QAEXH@Z
?blend@GPixmap@@QAEXPBVGBitmap@@HHPBV1@@Z
?blit@GBitmap@@QAEXPBV1@HH@Z
?blit@GBitmap@@QAEXPBV1@HHH@Z
?blit@GPixmap@@QAEXPBVGBitmap@@HHPBUGPixel@@@Z
?blit@GPixmap@@QAEXPBVGBitmap@@HHPBV1@@Z
?borrow_data@GBitmap@@QAEXPAEHH@Z
?borrow_data@GPixmap@@QAEXPAUGPixel@@HH@Z
?broadcast@GMonitor@@QAEXXZ
?cgi_arguments@GURL@@QBEHXZ
?cgi_name@GURL@@QBE?AVGUTF8String@@H@Z
?cgi_names@GURL@@QBE?AV?$DArray@VGUTF8String@@@@XZ
?cgi_value@GURL@@QBE?AVGUTF8String@@H@Z
?cgi_values@GURL@@QBE?AV?$DArray@VGUTF8String@@@@XZ
?change_grays@GBitmap@@QAEXH@Z
?change_info@DjVuFile@@QAEXV?$GP@VDjVuInfo@@@@_N@Z
?change_meta@DjVuFile@@QAEXABVGUTF8String@@_N@Z
?change_text@DjVuFile@@QAEXV?$GP@VDjVuTXT@@@@_N@Z
?check@DjVuDocument@@IBEXXZ
?checkGPEnabled@GPEnabled@@SAPAV1@PAV1@@Z
?check_data@GMapPoly@@QAEQBDXZ
?check_id@IFFByteStream@@SAHPBD@Z
?check_object@GMapArea@@QAEQBDXZ
?check_save_name@File@DjVmDir@@QAEABVGUTF8String@@_N@Z
?check_unnamed_files@DjVuDocument@@IAEXXZ
?clear@GRectMapper@@QAEXXZ
?clear_aliases@DjVuPortcaster@@QAEXPBVDjVuPort@@@Z
?clear_all_aliases@DjVuPortcaster@@SAXXZ
?clear_all_arguments@GURL@@QAEXXZ
?clear_cgi_arguments@GURL@@QAEXXZ
?clear_djvu_cgi_arguments@GURL@@QAEXXZ
?clear_hash_argument@GURL@@QAEXXZ
?clear_stream@DataPool@@QAEX_N@Z
?cleardir@GURL@@QBEHH@Z
?close_all@DataPool@@SAXXZ
?close_chunk@IFFByteStream@@QAEXXZ
?close_poly@GMapPoly@@QAEXXZ
?cmp@GStringRep@@QBEHPBDH@Z
?cmp@GStringRep@@SAHABV?$GP@VGStringRep@@@@0H@Z
?cmp@GStringRep@@SAHABV?$GP@VGStringRep@@@@PBDH@Z
?cmp@GStringRep@@SAHPBD0H@Z
?cmp@GStringRep@@SAHPBDABV?$GP@VGStringRep@@@@H@Z
?cmp_cause@GException@@QBEHQBD@Z
?cmp_cause@GException@@SAHQBD0@Z
?color_correct@DjVuPalette@@QAEXN@Z
?color_correct@GPixmap@@QAEXN@Z
?color_correct@GPixmap@@SAXNPAUGPixel@@H@Z
?color_to_index@DjVuPalette@@QAEHPBE@Z
?compare@IFFByteStream@@QAE_NAAV1@@Z
?composite@IFFByteStream@@QAEHXZ
?compress@GBitmap@@QAEXXZ
?compress@JB2Dict@@QAEXXZ
?compute_palette@DjVuPalette@@QAEHHH@Z
?compute_palette_and_quantize@DjVuPalette@@QAEHAAVGPixmap@@HH@Z
?compute_pixmap_palette@DjVuPalette@@QAEHABVGPixmap@@HH@Z
?concat@GStringRep@@QBE?AV?$GP@VGStringRep@@@@ABV2@0@Z
?concat@GStringRep@@QBE?AV?$GP@VGStringRep@@@@ABV2@PBD@Z
?concat@GStringRep@@QBE?AV?$GP@VGStringRep@@@@PBD0@Z
?concat@GStringRep@@QBE?AV?$GP@VGStringRep@@@@PBDABV2@@Z
?connect@DataPool@@QAEXABV?$GP@VDataPool@@@@HH@Z
?connect@DataPool@@QAEXABVGURL@@HH@Z
?connect@DjVuImage@@QAEXABV?$GP@VDjVuFile@@@@@Z
?contains@GRect@@QBEHABV1@@Z
?contains@GStringRep@@QBEHQBDH@Z
?contains_anno@DjVuFile@@QAE_NXZ
?contains_chunk@DjVuFile@@QAE_NABVGUTF8String@@@Z
?contains_meta@DjVuFile@@QAE_NXZ
?contains_text@DjVuFile@@QAE_NXZ
?convert_slashes@GURL@@IAEXXZ
?copy@ByteStream@@QAEIAAV1@I@Z
?copy@DjVuANT@@QBE?AV?$GP@VDjVuANT@@@@XZ
?copy@DjVuAnno@@QBE?AV?$GP@VDjVuAnno@@@@XZ
?copy@DjVuTXT@@QBE?AV?$GP@VDjVuTXT@@@@XZ
?copy@DjVuText@@QBE?AV?$GP@VDjVuText@@@@XZ
?copy_routes@DjVuPortcaster@@QAEXPAVDjVuPort@@PBV2@@Z
?create@BSByteStream@@SA?AV?$GP@VByteStream@@@@V2@@Z
?create@BSByteStream@@SA?AV?$GP@VByteStream@@@@V2@H@Z
?create@ByteStream@@SA?AV?$GP@VByteStream@@@@ABVGURL@@QBD@Z
?create@ByteStream@@SA?AV?$GP@VByteStream@@@@HQBD_N@Z
?create@ByteStream@@SA?AV?$GP@VByteStream@@@@QAU_iobuf@@QBD_N@Z
?create@ByteStream@@SA?AV?$GP@VByteStream@@@@QBD@Z
?create@ByteStream@@SA?AV?$GP@VByteStream@@@@QBXI@Z
?create@ByteStream@@SA?AV?$GP@VByteStream@@@@XZ
?create@DataPool@@SA?AV?$GP@VDataPool@@@@ABV2@HH@Z
?create@DataPool@@SA?AV?$GP@VDataPool@@@@ABV?$GP@VByteStream@@@@@Z
?create@DataPool@@SA?AV?$GP@VDataPool@@@@ABVGURL@@HH@Z
?create@DataPool@@SA?AV?$GP@VDataPool@@@@XZ
?create@DjVmDir0@@SA?AV?$GP@VDjVmDir0@@@@XZ
?create@DjVmDir@@SA?AV?$GP@VDjVmDir@@@@XZ
?create@DjVmDoc@@SA?AV?$GP@VDjVmDoc@@@@XZ
?create@DjVuANT@@SA?AV?$GP@VDjVuANT@@@@XZ
?create@DjVuAnno@@SA?AV?$GP@VDjVuAnno@@@@XZ
?create@DjVuDocument@@SA?AV?$GP@VDjVuDocument@@@@ABV?$GP@VByteStream@@@@V?$GP@VDjVuPort@@@@QAVDjVuFileCache@@@Z
?create@DjVuDocument@@SA?AV?$GP@VDjVuDocument@@@@ABVGURL@@V?$GP@VDjVuPort@@@@QAVDjVuFileCache@@@Z
?create@DjVuDocument@@SA?AV?$GP@VDjVuDocument@@@@V?$GP@VDataPool@@@@V?$GP@VDjVuPort@@@@QAVDjVuFileCache@@@Z
?create@DjVuErrorList@@SA?AV?$GP@VDjVuErrorList@@@@XZ
?create@DjVuFile@@SA?AV?$GP@VDjVuFile@@@@ABV?$GP@VByteStream@@@@W4ErrorRecoveryAction@DjVuPort@@_N@Z
?create@DjVuFile@@SA?AV?$GP@VDjVuFile@@@@ABVGURL@@V?$GP@VDjVuPort@@@@W4ErrorRecoveryAction@DjVuPort@@_N@Z
?create@DjVuFileCache@@SA?AV?$GP@VDjVuFileCache@@@@H@Z
?create@DjVuImage@@SA?AV?$GP@VDjVuImage@@@@XZ
?create@DjVuInfo@@SA?AV?$GP@VDjVuInfo@@@@XZ
?create@DjVuMessageLite@@2P6AABV1@XZA
?create@DjVuNavDir@@SA?AV?$GP@VDjVuNavDir@@@@AAVByteStream@@ABVGURL@@@Z
?create@DjVuNavDir@@SA?AV?$GP@VDjVuNavDir@@@@ABVGURL@@@Z
?create@DjVuPalette@@SA?AV?$GP@VDjVuPalette@@@@XZ
?create@DjVuTXT@@SA?AV?$GP@VDjVuTXT@@@@XZ
?create@DjVuText@@SA?AV?$GP@VDjVuText@@@@XZ
?create@File@DjVmDir@@SA?AV?$GP@VFile@DjVmDir@@@@ABVGUTF8String@@00W4FILE_TYPE@12@@Z
?create@File@DjVmDir@@SA?AV?$GP@VFile@DjVmDir@@@@XZ
?create@GBitmap@@SA?AV?$GP@VGBitmap@@@@AAVByteStream@@H@Z
?create@GBitmap@@SA?AV?$GP@VGBitmap@@@@ABV1@@Z
?create@GBitmap@@SA?AV?$GP@VGBitmap@@@@ABV1@ABVGRect@@H@Z
?create@GBitmap@@SA?AV?$GP@VGBitmap@@@@ABV1@H@Z
?create@GBitmap@@SA?AV?$GP@VGBitmap@@@@HHH@Z
?create@GBitmap@@SA?AV?$GP@VGBitmap@@@@XZ
?create@GBitmapScaler@@SA?AV?$GP@VGBitmapScaler@@@@HHHH@Z
?create@GBitmapScaler@@SA?AV?$GP@VGBitmapScaler@@@@XZ
?create@GMapOval@@SA?AV?$GP@VGMapOval@@@@ABVGRect@@@Z
?create@GMapOval@@SA?AV?$GP@VGMapOval@@@@XZ
?create@GMapPoly@@SA?AV?$GP@VGMapPoly@@@@QBH0H_N@Z
?create@GMapPoly@@SA?AV?$GP@VGMapPoly@@@@XZ
?create@GMapRect@@SA?AV?$GP@VGMapRect@@@@ABVGRect@@@Z
?create@GMapRect@@SA?AV?$GP@VGMapRect@@@@XZ
?create@GPixmap@@SA?AV?$GP@VGPixmap@@@@AAVByteStream@@@Z
?create@GPixmap@@SA?AV?$GP@VGPixmap@@@@ABV1@@Z
?create@GPixmap@@SA?AV?$GP@VGPixmap@@@@ABV1@ABVGRect@@@Z
?create@GPixmap@@SA?AV?$GP@VGPixmap@@@@ABVGBitmap@@@Z
?create@GPixmap@@SA?AV?$GP@VGPixmap@@@@ABVGBitmap@@ABVGRect@@@Z
?create@GPixmap@@SA?AV?$GP@VGPixmap@@@@HHPBUGPixel@@@Z
?create@GPixmap@@SA?AV?$GP@VGPixmap@@@@XZ
?create@GPixmapScaler@@SA?AV?$GP@VGPixmapScaler@@@@HHHH@Z
?create@GPixmapScaler@@SA?AV?$GP@VGPixmapScaler@@@@XZ
?create@GThread@@QAEHP6AXPAX@Z0@Z
?create@GUTF8String@@SA?AV1@PBDI@Z
?create@GUTF8String@@SA?AV1@PBGI@Z
?create@GUTF8String@@SA?AV1@PBKI@Z
?create@GUTF8String@@SA?AV1@QBXIABV1@@Z
?create@GUTF8String@@SA?AV1@QBXIABV?$GP@VUnicode@GStringRep@@@@@Z
?create@GUTF8String@@SA?AV1@QBXIW4EncodeType@GStringRep@@@Z
?create@GUTF8String@@SA?AV1@QBXIW4EncodeType@GStringRep@@ABV1@@Z
?create@IFFByteStream@@SA?AV?$GP@VIFFByteStream@@@@ABV?$GP@VByteStream@@@@@Z
?create@JB2Dict@@SA?AV?$GP@VJB2Dict@@@@XZ
?create@JB2Image@@SA?AV?$GP@VJB2Image@@@@XZ
?create@MMRDecoder@@SA?AV?$GP@VMMRDecoder@@@@V?$GP@VByteStream@@@@HH_N@Z
?create@UTF8@GStringRep@@SA?AV?$GP@VGStringRep@@@@ABV3@0@Z
?create@UTF8@GStringRep@@SA?AV?$GP@VGStringRep@@@@ABV3@PBD@Z
?create@UTF8@GStringRep@@SA?AV?$GP@VGStringRep@@@@PBD0@Z
?create@UTF8@GStringRep@@SA?AV?$GP@VGStringRep@@@@PBD@Z
?create@UTF8@GStringRep@@SA?AV?$GP@VGStringRep@@@@PBDABV3@@Z
?create@UTF8@GStringRep@@SA?AV?$GP@VGStringRep@@@@PBDHH@Z
?create@UTF8@GStringRep@@SA?AV?$GP@VGStringRep@@@@PBGHH@Z
?create@UTF8@GStringRep@@SA?AV?$GP@VGStringRep@@@@PBKHH@Z
?create@UTF8@GStringRep@@SA?AV?$GP@VGStringRep@@@@QBDPAD@Z
?create@UnicodeByteStream@@SA?AV?$GP@VUnicodeByteStream@@@@V?$GP@VByteStream@@@@W4EncodeType@GStringRep@@@Z
?create@XMLByteStream@@SA?AV?$GP@VXMLByteStream@@@@V?$GP@VByteStream@@@@@Z
?create@ZPCodec@@SA?AV?$GP@VZPCodec@@@@V?$GP@VByteStream@@@@_N1@Z
?create@lt_XMLParser@@SA?AV?$GP@Vlt_XMLParser@@@@XZ
?create@lt_XMLTags@@SA?AV?$GP@Vlt_XMLTags@@@@AAVXMLByteStream@@@Z
?create@lt_XMLTags@@SA?AV?$GP@Vlt_XMLTags@@@@ABV?$GP@VByteStream@@@@@Z
?create@lt_XMLTags@@SA?AV?$GP@Vlt_XMLTags@@@@ABVGURL@@@Z
?create@lt_XMLTags@@SA?AV?$GP@Vlt_XMLTags@@@@QBD@Z
?create@lt_XMLTags@@SA?AV?$GP@Vlt_XMLTags@@@@XZ
?create_decode@IW44Image@@SA?AV?$GP@VIW44Image@@@@W4ImageType@1@@Z
?create_encode@IW44Image@@SA?AV?$GP@VIW44Image@@@@ABVGBitmap@@V?$GP@VGBitmap@@@@@Z
?create_encode@IW44Image@@SA?AV?$GP@VIW44Image@@@@ABVGPixmap@@V?$GP@VGBitmap@@@@W4CRCBMode@1@@Z
?create_encode@IW44Image@@SA?AV?$GP@VIW44Image@@@@W4ImageType@1@@Z
?create_format@UTF8@GStringRep@@SA?AV?$GP@VGStringRep@@@@QBDZZ
?create_full@DjVuMessage@@SAABVDjVuMessageLite@@XZ
?create_lite@DjVuMessageLite@@SAABV1@XZ
?create_noinit@DjVuDocument@@SA?AV?$GP@VDjVuDocument@@@@XZ
?create_static@ByteStream@@SA?AV?$GP@VByteStream@@@@QBXI@Z
?create_wait@DjVuDocument@@SA?AV?$GP@VDjVuDocument@@@@ABVGURL@@V?$GP@VDjVuPort@@@@QAVDjVuFileCache@@@Z
?current@GThread@@SAPAXXZ
?cvt_color@DjVuANT@@SAKPBDK@Z
?cwd@GOS@@SA?AVGUTF8String@@ABV2@@Z
?decode@DjVmDir0@@QAEXAAVByteStream@@@Z
?decode@DjVmDir@@QAEXABV?$GP@VByteStream@@@@@Z
?decode@DjVuANT@@QAEXAAVByteStream@@@Z
?decode@DjVuAnno@@QAEXABV?$GP@VByteStream@@@@@Z
?decode@DjVuImage@@QAEXAAVByteStream@@PAVDjVuInterface@@@Z
?decode@DjVuInfo@@QAEXAAVByteStream@@@Z
?decode@DjVuNavDir@@QAEXAAVByteStream@@@Z
?decode@DjVuPalette@@QAEXV?$GP@VByteStream@@@@@Z
?decode@DjVuTXT@@QAEXABV?$GP@VByteStream@@@@@Z
?decode@DjVuText@@QAEXABV?$GP@VByteStream@@@@@Z
?decode@JB2Dict@@QAEXABV?$GP@VByteStream@@@@P6A?AV?$GP@VJB2Dict@@@@PAX@Z1@Z
?decode@JB2Image@@QAEXABV?$GP@VByteStream@@@@P6A?AV?$GP@VJB2Dict@@@@PAX@Z1@Z
?decode@JPEGDecoder@@SA?AV?$GP@VGPixmap@@@@AAVByteStream@@@Z
?decode@JPEGDecoder@@SAXAAVByteStream@@AAVGPixmap@@@Z
?decode@MMRDecoder@@SA?AV?$GP@VJB2Image@@@@V?$GP@VByteStream@@@@@Z
?decode_header@MMRDecoder@@SA_NAAVByteStream@@AAH11@Z
?decode_ndir@DjVuFile@@QAE?AV?$GP@VDjVuNavDir@@@@XZ
?decode_reserved@GURL@@SA?AVGUTF8String@@ABV2@@Z
?decode_rgb_entries@DjVuPalette@@QAEXAAVByteStream@@H@Z
?del@ArrayRep@@QAEXHI@Z
?del@GArrayBase@@QAEXHH@Z
?del@GListBase@@IAEXAAVGPosition@@@Z
?del@GSetBase@@QAEXAAVGPosition@@@Z
?del_file@DjVuFileCache@@QAEXPBVDjVuFile@@@Z
?del_port@DjVuPortcaster@@QAEXPBVDjVuPort@@@Z
?del_route@DjVuPortcaster@@QAEXPBVDjVuPort@@PAV2@@Z
?del_trigger@DataPool@@QAEXP6AXPAX@Z0@Z
?delete_file@DjVmDir@@QAEXABVGUTF8String@@@Z
?delete_file@DjVmDoc@@QAEXABVGUTF8String@@@Z
?delete_page@DjVuNavDir@@QAEXH@Z
?deletefile@GURL@@QBEHXZ
?deletenode@GSetBase@@IAEXPAUHNode@@@Z
?destroy@GBitmap@@QAEXXZ
?destroy@GPixmap@@QAEXXZ
?destruct@ArrayRep@@AAEXXZ
?disable_mmx@MMXControl@@SAHXZ
?disable_standard_port@DjVuFile@@QAEXXZ
?djvu_cgi_arguments@GURL@@QBEHXZ
?djvu_cgi_name@GURL@@QBE?AVGUTF8String@@H@Z
?djvu_cgi_names@GURL@@QBE?AV?$DArray@VGUTF8String@@@@XZ
?djvu_cgi_value@GURL@@QBE?AVGUTF8String@@H@Z
?djvu_cgi_values@GURL@@QBE?AV?$DArray@VGUTF8String@@@@XZ
?djvu_compress_codec@DjVuDocument@@1P6AXAAV?$GP@VByteStream@@@@ABVGURL@@_N@ZA
?djvu_import_codec@DjVuDocument@@1P6AXAAV?$GP@VDataPool@@@@ABVGURL@@AA_N2@ZA
?does_side_cross_rect@GMapPoly@@QAE_NABVGRect@@H@Z
?donate_data@GBitmap@@QAEXAAV?$GPBuffer@E@@HH@Z
?donate_data@GPixmap@@QAEXAAV?$GPBuffer@UGPixel@@@@HH@Z
?donate_rle@GBitmap@@QAEXAAV?$GPBuffer@E@@HH@Z
?downcase@GStringRep@@QBE?AV?$GP@VGStringRep@@@@XZ
?downsample43@GPixmap@@QAEXPBV1@PBVGRect@@@Z
?downsample@GPixmap@@QAEXPBV1@HPBVGRect@@@Z
?duplicate@ByteStream@@QBE?AV?$GP@VByteStream@@@@I@Z
?empty@GArrayBase@@QAEXXZ
?empty@GBaseString@@QAEXXZ
?empty@GListBase@@QAEXXZ
?empty@GSetBase@@QAEXXZ
?enable@DjVuFileCache@@QAEX_N@Z
?enable_mmx@MMXControl@@SAHXZ
?encode@DjVmDir0@@QAEXAAVByteStream@@@Z
?encode@DjVmDir@@QBEXABV?$GP@VByteStream@@@@_N@Z
?encode@DjVuANT@@QAEXAAVByteStream@@@Z
?encode@DjVuAnno@@QAEXABV?$GP@VByteStream@@@@@Z
?encode@DjVuInfo@@QAEXAAVByteStream@@@Z
?encode@DjVuNavDir@@QAEXAAVByteStream@@@Z
?encode@DjVuPalette@@QBEXV?$GP@VByteStream@@@@@Z
?encode@DjVuTXT@@QBEXABV?$GP@VByteStream@@@@@Z

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 484KB - Virtual size: 481KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DjVuToy.exe
.exe windows:4 windows x86

f4bf81e705e8712f34a0f8241edd0edc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathQuoteSpacesW
StrStrW
StrRChrW
StrStrIW
PathFileExistsW
PathFindExtensionW
StrChrW
PathFindFileNameW
PathFindExtensionA
PathIsDirectoryW
StrCmpNW
PathRenameExtensionW
StrChrA
PathCombineW
PathRemoveExtensionW
PathRemoveFileSpecW
PathAddBackslashW

kernel32

RaiseException
HeapAlloc
SetEnvironmentVariableW
SetCurrentDirectoryW
HeapReAlloc
TerminateProcess
CreateThread
ExitThread
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetUnhandledExceptionFilter
Sleep
LCMapStringA
LCMapStringW
IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetStdHandle
CreateFileA
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
CompareStringA
CompareStringW
GetLocaleInfoW
GetACP
GetOEMCP
SetEnvironmentVariableA
GetSystemTimeAsFileTime
ReleaseSemaphore
CreateSemaphoreA
GetSystemInfo
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
InterlockedIncrement
lstrcpyW
lstrlenW
lstrlenA
RtlUnwind
ExitProcess
GetStartupInfoW
FindResourceExW
GlobalSize
GetProcessVersion
SizeofResource
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GetCurrentProcessId
GetDriveTypeA
SetCurrentDirectoryA
GetCurrentDirectoryA
FindResourceA
GlobalAddAtomA
GetProfileStringA
IsDBCSLeadByte
lstrcpyA
lstrcpynA
ConvertDefaultLocale
CreateFileMappingW
ResetEvent
WaitForMultipleObjects
GetExitCodeProcess
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetTickCount
GetFullPathNameA
DeleteFileA
InterlockedCompareExchange
CreateEventA
InterlockedExchange
lstrcmpiW
lstrcpynW
lstrcatW
lstrcmpW
lstrcmpiA
GetModuleFileNameW
FreeLibrary
GetProcAddress
LoadLibraryW
FindClose
FindNextFileW
FindFirstFileW
GlobalFree
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetVersionExW
CopyFileW
GetTempFileNameW
GetTempPathW
GetModuleHandleW
SetThreadLocale
GetCurrentThreadId
MultiByteToWideChar
LockResource
HeapFree
LoadResource
FindResourceW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CreateDirectoryW
GetCurrentDirectoryW
CreateProcessW
GlobalHandle
TlsAlloc
LocalAlloc
SetErrorMode
FileTimeToLocalFileTime
FileTimeToSystemTime
IsBadReadPtr
IsBadWritePtr
IsBadStringPtrW
SystemTimeToFileTime
GetFileTime
GetFileSize
GetFileAttributesW
CreateEventW
CloseHandle
ReleaseMutex
WaitForSingleObject
GetLastError
CreateMutexW
GetCommandLineW
WideCharToMultiByte
LocalFree
DuplicateHandle
GetCurrentProcess
CreateFileW
SetThreadPriority
ResumeThread
SetEvent
GlobalAlloc
GetCurrentThread
LoadLibraryA
GetVersion
GlobalAddAtomW
GlobalFindAtomW
ReadFile
GlobalDeleteAtom
MulDiv
GetModuleHandleA
GlobalLock
GlobalUnlock
SetLastError
lstrcmpA
GetFullPathNameW
GetVolumeInformationW
DeleteFileW
MoveFileW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile

user32

SetParent
GetDCEx
GetSysColorBrush
KillTimer
SetTimer
GetDesktopWindow
DestroyMenu
LoadStringW
GetMessageW
ValidateRect
GetAsyncKeyState
IsClipboardFormatAvailable
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
wvsprintfW
SendDlgItemMessageA
wsprintfW
SetWindowTextW
EnableWindow
SetRect
GetParent
GetWindowRect
GetSystemMetrics
DrawFocusRect
GetSysColor
OffsetRect
AdjustWindowRectEx
EqualRect
DeferWindowPos
IsWindowVisible
GetScrollInfo
GetTopWindow
IsChild
WinHelpW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
SetPropW
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
GetMessageTime
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageW
IntersectRect
GetWindowPlacement
MoveWindow
GetWindowTextLengthW
IsDialogMessageW
InflateRect
DrawEdge
DrawFrameControl
CopyRect
RedrawWindow
IsWindow
SendMessageW
SetCapture
GetCapture
GetClientRect
ReleaseCapture
InvalidateRect
PtInRect
GetMessagePos
SystemParametersInfoW
SetWindowLongW
GetWindowLongW
GetKeyState
UnregisterClassW
GetWindowTextLengthA
SetDlgItemTextW
GetDlgItemTextW
GrayStringW
TabbedTextOutW
GetWindowDC
GetCursorPos
WindowFromPoint
SetRectEmpty
GetNextDlgTabItem
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
CharUpperW
GetLastActivePopup
MessageBoxW
LoadBitmapW
DrawStateW
DrawTextExW
GetUpdateRect
BeginPaint
EndPaint
FillRect
DrawTextW
FindWindowExW
AdjustWindowRect
ClientToScreen
ShowWindow
ScreenToClient
CreateWindowExW
GetWindowTextW
HideCaret
ShowCaret
ExcludeUpdateRgn
EndDialog
GetSystemMenu
InsertMenuW
MapDialogRect
SetCursor
MessageBeep
LoadCursorW
DestroyCursor
UpdateWindow
SendDlgItemMessageW
SetWindowsHookExW
CallNextHookEx
GetDC
ReleaseDC
UnhookWindowsHookEx
PeekMessageW
PostQuitMessage
TranslateMessage
DispatchMessageW
IsIconic
DrawIcon
GetFocus
IsWindowEnabled
SetFocus
GetDlgCtrlID
SetWindowPos
DestroyIcon
LockWindowUpdate
PostMessageW
GetDlgItem
GetWindow
GetClassNameW
LoadIconW
LoadImageW
MessageBoxA
CharNextW
GetPropA
SetPropA
SetWindowLongA
GetClassNameA
IsWindowUnicode
SendMessageA
GetWindowLongA
SetWindowsHookExA
RemovePropA
CallWindowProcA
CharNextA
DefWindowProcA
DefDlgProcA
GetClassInfoA
DrawTextA
GetWindowTextA
MapWindowPoints

gdi32

GetObjectW
CreateFontIndirectW
CreatePalette
GetTextExtentPoint32W
GetDeviceCaps
RealizePalette
CreatePen
Rectangle
CreateDCW
CreateCompatibleDC
DeleteDC
CreateCompatibleBitmap
SelectObject
SetBkColor
ExtTextOutW
DeleteObject
CreateRectRgn
SetViewportOrgEx
GetTextExtentPointW
CreatePatternBrush
PtVisible
RectVisible
TextOutW
Escape
CreateBitmap
PatBlt
SetRectRgn
CombineRgn
GetTextMetricsW
EnumFontFamiliesExW
BitBlt
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
GetStockObject
CreateFontW
CreateRectRgnIndirect
SetDIBitsToDevice
CreateSolidBrush
SetTextColor
SetBkMode
StretchDIBits
GetCharWidthW
SaveDC
RestoreDC
SelectPalette
SetStretchBltMode
SetMapMode
SetBitmapDimensionEx
CreateDIBSection
GetDIBits
SetBrushOrgEx
StretchBlt
ExtTextOutA
GetTextExtentPointA
CreateDIBitmap
MoveToEx
LineTo

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetFileTitleW
ChooseColorW
GetSaveFileNameW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueW
RegCloseKey

shell32

SHGetPathFromIDListW
SHGetMalloc
SHGetDesktopFolder
SHBrowseForFolderW
SHGetFileInfoW
SHFileOperationW
ShellExecuteExW
SHGetSpecialFolderPathW
ShellExecuteW
DragQueryFileW
DragFinish

comctl32

ImageList_Create
ImageList_Destroy
CreatePropertySheetPageW
DestroyPropertySheetPage
PropertySheetW
ord17
ImageList_GetIcon
ImageList_Draw
ImageList_GetImageInfo
ImageList_ReplaceIcon

ole32

CoInitialize
CoCreateInstance
CoUninitialize
OleGetClipboard

oleaut32

GetErrorInfo
SysFreeString
SysAllocString
VariantClear
SysAllocStringLen

ws2_32

htons
ntohs
htonl

Sections

.text
Size: 11.2MB - Virtual size: 11.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 400KB - Virtual size: 398KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 452KB - Virtual size: 451KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 580KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
DjVuToy.htm
.html
ʹ˵.txt
ϵͳ.html

Sharing

General

Malware Config

Signatures

Files

b9e616bf304b3d4da0a1f9ca7b3e0fa0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 484KB - Virtual size: 481KB

.data Size: 108KB - Virtual size: 140KB

.reloc Size: 92KB - Virtual size: 89KB

f4bf81e705e8712f34a0f8241edd0edc

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

ws2_32

Sections

.text Size: 11.2MB - Virtual size: 11.2MB

.text1 Size: 400KB - Virtual size: 398KB

.rdata Size: 452KB - Virtual size: 451KB

.data Size: 580KB - Virtual size: 1.6MB

.data1 Size: 1.2MB - Virtual size: 1.2MB

.rsrc Size: 84KB - Virtual size: 82KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 484KB - Virtual size: 481KB

.data
Size: 108KB - Virtual size: 140KB

.reloc
Size: 92KB - Virtual size: 89KB

.text
Size: 11.2MB - Virtual size: 11.2MB

.text1
Size: 400KB - Virtual size: 398KB

.rdata
Size: 452KB - Virtual size: 451KB

.data
Size: 580KB - Virtual size: 1.6MB

.data1
Size: 1.2MB - Virtual size: 1.2MB

.rsrc
Size: 84KB - Virtual size: 82KB