0589667e0f045232793959d6f87e8bbb

Sharing

Copy URL Twitter E-mail

General

Target

0589667e0f045232793959d6f87e8bbb
Size

4.0MB
MD5

0589667e0f045232793959d6f87e8bbb
SHA1

e0461541c20d82927d25d6941ea29d4068137e93
SHA256

01a8ed6c422fad391a3fc8b7d04db35fca80b670e92bd4975b98d8e722a03d23
SHA512

42783887b966ae3f83acc69d137b7dd286bf565e9c8e153d9a4616cd876a442267e61be351c2f8dabb9fef7e8886b89a8c42f196b78f48fd50223b338094bde8
SSDEEP

98304:qe2YN0LaqTza0zEbUoXd8Ebpm4HA+h19J1jCws5TDjEpo:BO/aAEbUMkDY19J1yFUo

Score

3^/10

Malware Config

Signatures

Unsigned PE 10 IoCs

Checks for missing Authenticode signature.

resource
unpack001/VU/@绿化工具.exe
unpack001/VU/BKPlayer.dll
unpack001/VU/Lobster.dll
unpack001/VU/UpdateModoule/BKPlayer.dll
unpack001/VU/UpdateModoule/Lobster.dll
unpack001/VU/UpdateModoule/VU.exe
unpack001/VU/UpdateModoule/zipdll.dll
unpack001/VU/VU.exe
unpack001/VU/VUUpdate.exe
unpack001/VU/zipdll.dll

NSIS installer 3 IoCs

installer

resource	yara_rule
static1/unpack001/VU/@绿化工具.exe	nsis_installer_1
static1/unpack001/VU/@绿化工具.exe	nsis_installer_2
static1/unpack001/VU/install_flash_player_active_x.exe	nsis_installer_1

Files

0589667e0f045232793959d6f87e8bbb
.rar
VU/@绿化工具.exe
.exe windows:4 windows x86 arch:x86

1c042238f43557c055fca8642de8a074

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
MulDiv
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
RegisterClassA
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
EmptyClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
SetForegroundWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 360KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VU/BKPlayer.dll
.dll regsvr32 windows:4 windows x86 arch:x86

7a9f10e94843ff5a1643242a510fde1b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
HeapFree
HeapReAlloc
RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
GetProcessHeap
ExitProcess
HeapSize
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
GetModuleFileNameA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
IsProcessorFeaturePresent
InterlockedCompareExchange
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFindAtomW
LoadLibraryA
GetVersionExA
GlobalFlags
GetModuleHandleA
WritePrivateProfileStringW
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalReAlloc
TlsGetValue
LocalAlloc
GetCurrentProcessId
GlobalAddAtomW
CloseHandle
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
WideCharToMultiByte
InterlockedExchange
GetProcAddress
FormatMessageW
LocalFree
GetThreadLocale
SetThreadLocale
GlobalHandle
GlobalFree
GetModuleHandleW
LoadLibraryExW
SizeofResource
GlobalLock
GlobalUnlock
GetModuleFileNameW
lstrcmpW
LockResource
GetCurrentThreadId
SetLastError
lstrlenA
MultiByteToWideChar
GlobalAlloc
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
FindResourceW
LoadResource
FreeLibrary
InterlockedIncrement
OutputDebugStringW
InterlockedDecrement
lstrcmpiW
GetLastError
DeleteCriticalSection
InitializeCriticalSection
MulDiv
RaiseException
FreeEnvironmentStringsW
lstrlenW

user32

LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetMenu
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetDlgCtrlID
GetWindowRect
GrayStringW
DrawTextExW
TabbedTextOutW
GetSystemMetrics
UnregisterClassW
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
PeekMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
PostMessageW
PostQuitMessage
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
MoveWindow
GetClientRect
UnregisterClassA
ShowWindow
SetTimer
KillTimer
GetMenuItemCount
GetSubMenu
EnumChildWindows
CreateDialogIndirectParamW
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
CreateAcceleratorTableW
CopyAcceleratorTableW
IsDialogMessageW
UnionRect
PtInRect
DestroyMenu
GetSysColorBrush
GetDlgItem
GetDialogBaseUnits
ReleaseDC
GetDC
SendMessageW
CharNextW
DestroyWindow
SetWindowLongW
GetWindowLongW
SetWindowPos
SendDlgItemMessageW
GetWindow
IsChild
SetWindowContextHelpId
DrawTextW
GetSysColor
MapDialogRect
CreateWindowExW
SystemParametersInfoW
GetParent
GetFocus
DefWindowProcW
SetFocus
IsWindow
GetKeyState
ClientToScreen
ScreenToClient
InvalidateRect
InvalidateRgn
RedrawWindow
SetCapture
GetClassNameW
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
GetNextDlgTabItem
RegisterClassExW
LoadCursorW
GetClassInfoExW
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
CallWindowProcW
FillRect
ReleaseCapture

gdi32

ScaleWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
DeleteObject
GetClipBox
CreateBitmap
CreateMetaFileW
SetWindowExtEx
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
SetBkColor
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC
CreateDCW
GetStockObject
Rectangle
SetTextColor
SetBkMode
CreateSolidBrush
GetDeviceCaps
CreateFontIndirectW
SelectObject
GetTextMetricsW
GetTextExtentPointW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueW
RegEnumKeyW
RegQueryValueExW
RegOpenKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

shlwapi

PathFindExtensionW
PathFindFileNameW

ole32

OleUninitialize
OleInitialize
OleSaveToStream
WriteClassStm
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
CreateOleAdviseHolder
OleLoadFromStream
CreateStreamOnHGlobal
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
OleRegEnumVerbs

oleaut32

SysFreeString
VariantInit
VariantClear
SysAllocString
VarUI4FromStr
SysStringLen
SysAllocStringLen
SysStringByteLen
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
SysAllocStringByteLen
VariantChangeType
DispCallFunc
OleCreatePropertyFrame
OleTranslateColor
UnRegisterTypeLi
RegisterTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 212KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VU/CHANNEL.bmp
VU/Flash9f.dll
.dll regsvr32 windows:4 windows x86 arch:x86

c78b62c1feda53e018e3bc7fa4a262b7

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4b:ea:81:7c:ba:c7:c3:8a:ba:72:e7:be:6f:00:de:6d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

07/11/2007, 00:00

Not After

10/12/2008, 23:59

Subject

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Information Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

cd:3e:63:1e:88:3a:7b:1c:fc:62:9b:7e:d0:38:04:ff:10:cc:60:5e
Signer

Actual PE Digest

cd:3e:63:1e:88:3a:7b:1c:fc:62:9b:7e:d0:38:04:ff:10:cc:60:5e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

waveOutClose
waveOutReset
timeKillEvent
waveOutGetPosition
waveOutOpen
waveOutPrepareHeader
waveInGetDevCapsA
waveOutGetNumDevs
waveInGetNumDevs
waveInStart
waveInAddBuffer
waveInStop
timeSetEvent
waveOutGetDevCapsA
waveOutUnprepareHeader
timeEndPeriod
timeBeginPeriod
timeGetDevCaps
timeGetTime
waveOutWrite
waveInPrepareHeader
waveInOpen
waveInReset
waveInUnprepareHeader
waveInClose

wininet

HttpQueryInfoA
InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
InternetCloseHandle

crypt32

CryptVerifyMessageSignature
CryptGetMessageCertificates
CertCreateCertificateContext
CertFindCertificateInStore
CertVerifySubjectCertificateContext
CertFreeCertificateContext
CertCloseStore

rpcrt4

UuidToStringA
RpcStringFreeA

oleaut32

SysFreeString
SysAllocStringLen
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VariantInit
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SafeArrayCreateVector
SafeArrayLock
SafeArrayUnlock
VarBstrCat
SysAllocStringByteLen
OleCreatePropertyFrame
SysStringLen
LoadRegTypeLi
VarUI4FromStr
VariantChangeType
SysStringByteLen
VariantClear

kernel32

GetLastError
FlushInstructionCache
GetCurrentProcess
lstrcmpiA
LocalFree
LocalAlloc
SetFileAttributesA
GetFileAttributesA
CreateMutexA
CloseHandle
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GlobalUnlock
GlobalLock
MulDiv
InterlockedIncrement
InterlockedDecrement
lstrcpynA
lstrcpyA
lstrcatA
GetCurrentThreadId
OutputDebugStringA
DisableThreadLibraryCalls
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
SetErrorMode
GetTickCount
LCMapStringA
LCMapStringW
lstrlenW
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
QueryPerformanceCounter
QueryPerformanceFrequency
SetThreadPriority
CreateWaitableTimerA
WaitForSingleObject
SetWaitableTimer
CreateThread
GetTempFileNameW
GetSystemDefaultLangID
DeleteFileA
CreateFileA
MoveFileA
VirtualQuery
GetSystemInfo
GetUserDefaultLangID
ExitThread
GetFileAttributesW
WriteFile
SetFilePointer
LockResource
FindResourceExA
FindResourceExW
SetUnhandledExceptionFilter
GetTempPathA
GetCurrentProcessId
FindClose
FindNextFileA
FindFirstFileA
GetTimeZoneInformation
GetSystemTime
SystemTimeToFileTime
CreateDirectoryA
ReadFile
GetCurrentDirectoryA
GetTempFileNameA
GetSystemDirectoryA
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
GetFileSize
SetCurrentDirectoryA
GetFileAttributesExA
RemoveDirectoryA
UnmapViewOfFile
ReleaseMutex
MapViewOfFile
CreateFileMappingA
TerminateThread
IsDBCSLeadByteEx
GetProcessTimes
CreateEventA
SetEvent
ResetEvent
WaitForMultipleObjects
ReleaseSemaphore
CreateSemaphoreA
GetThreadPriority
WideCharToMultiByte
lstrlenA
GlobalAlloc
GlobalFree
GetCurrentThread
SetThreadAffinityMask
IsDBCSLeadByte
GetCPInfo
MultiByteToWideChar
InterlockedCompareExchange
Sleep
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
VirtualProtect
HeapReAlloc
GetCommandLineA
ExitProcess
GetACP
InterlockedExchange
RtlUnwind
HeapDestroy
HeapCreate
TerminateProcess
HeapSize
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetOEMCP
SetStdHandle
FlushFileBuffers
CreateProcessA

user32

EmptyClipboard
PostThreadMessageA
GetQueueStatus
MsgWaitForMultipleObjects
RegisterWindowMessageA
SetClipboardData
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
RegisterClipboardFormatA
PeekMessageA
WaitForInputIdle
GetForegroundWindow
TranslateMessage
DispatchMessageA
DialogBoxParamW
DialogBoxParamA
DialogBoxIndirectParamW
DialogBoxIndirectParamA
EndDialog
GetWindowRect
GetDesktopWindow
LoadIconA
SendMessageA
GetDlgItem
SetWindowTextA
GetMenuItemCount
GetMenuItemInfoA
InsertMenuItemA
MonitorFromWindow
GetParent
IsChild
PtInRect
SystemParametersInfoA
GetMenuItemID
DeleteMenu
TrackPopupMenu
KillTimer
SetTimer
UpdateWindow
RegisterClassA
MapVirtualKeyA
GetKeyState
GetFocus
ReleaseCapture
GetSystemMetrics
EnumDisplaySettingsA
GetCapture
WindowFromPoint
GetCursorPos
ScreenToClient
MessageBoxA
ClientToScreen
LoadMenuA
GetSubMenu
DestroyMenu
SetCursor
IsWindow
DestroyWindow
FillRect
EnableMenuItem
CheckMenuItem
LoadStringA
SetCapture
SetFocus
GetWindowInfo
CopyRect
SendInput
GetKeyboardLayout
RegisterClassExA
LoadCursorA
wsprintfA
CreateWindowExA
ShowWindow
GetClassInfoExA
InvalidateRect
CallWindowProcA
GetWindowLongA
DefWindowProcA
BeginPaint
GetClientRect
EndPaint
GetDC
ReleaseDC
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
UnionRect
SetWindowLongA
CharNextA
GetTopWindow
GetDoubleClickTime
EnumWindows
PostMessageA
IsWindowEnabled
GetClassNameA
GetWindowTextW
GetWindowTextA
UnregisterClassA
GetWindow

gdi32

ExtTextOutW
SetTextColor
GetClipRgn
CreateRectRgn
GetTextAlign
GetBkMode
GetTextColor
GetBkColor
SetTextCharacterExtra
CreatePen
DPtoLP
GetTextExtentPoint32W
GetCurrentObject
GetTextExtentPoint32A
CreatePalette
StartDocA
EndDoc
StrokePath
ExtCreatePen
SelectClipRgn
IntersectClipRect
SetBkMode
EnumFontFamiliesA
GetTextMetricsA
CreateFontIndirectA
CreateCompatibleBitmap
GetDIBits
EndPage
BeginPath
EndPath
SetPolyFillMode
MoveToEx
LineTo
PolyBezierTo
SelectClipPath
SaveDC
RestoreDC
TextOutA
SetTextAlign
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
SetWindowOrgEx
CreateMetaFileA
GetDeviceCaps
GetObjectA
DeleteObject
CreateSolidBrush
Rectangle
SelectObject
GetStockObject
StretchDIBits
FillPath
GetObjectType
CreateDIBSection
GetStretchBltMode
SetStretchBltMode
StretchBlt
SetBkColor
ExtTextOutA
RealizePalette
GdiFlush
GetPixel
SelectPalette
StartPage
GetSystemPaletteEntries
GetClipBox
BitBlt
LPtoDP
SetViewportOrgEx
CreateDCA
DeleteDC
CreateCompatibleDC

comdlg32

PrintDlgA
GetSaveFileNameA
CommDlgExtendedError
GetOpenFileNameA

advapi32

RegCreateKeyA
RegEnumKeyExA
RegQueryValueExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHAppBarMessage
SHBrowseForFolderA

ole32

OleRegGetUserType
CreateOleAdviseHolder
CoTaskMemRealloc
OleRegEnumVerbs
CreateBindCtx
CoTaskMemAlloc
CoFreeUnusedLibraries
CoInitialize
CoUninitialize
CoRegisterMessageFilter
OleSaveToStream
WriteClassStm
OleLoadFromStream
StringFromGUID2
CoCreateInstance
CreateDataAdviseHolder
OleRegGetMiscStatus
CoTaskMemFree

shlwapi

PathFindExtensionA
SHDeleteKeyA

urlmon

HlinkSimpleNavigateToMoniker
RegisterBindStatusCallback
CreateURLMoniker

ws2_32

getservbyname
htons
gethostbyaddr
ntohs
getservbyport
WSASetLastError
getsockname
setsockopt
connect
recvfrom
sendto
WSAAddressToStringA
gethostname
select
ioctlsocket
ntohl
htonl
inet_ntoa
gethostbyname
send
recv
WSAStartup
WSASocketA
socket
WSAAsyncSelect
WSAIoctl
WSAGetLastError
closesocket
WSACleanup
inet_addr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
pcre_callout
pcre_compile
pcre_compile2
pcre_exec
pcre_free
pcre_fullinfo
pcre_malloc
pcre_stack_free
pcre_stack_malloc

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 196KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VU/FlashUtil9f.exe
.exe windows:4 windows x86 arch:x86

a9d79d340821ec352051fcf0138d0a55

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4b:ea:81:7c:ba:c7:c3:8a:ba:72:e7:be:6f:00:de:6d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

07/11/2007, 00:00

Not After

10/12/2008, 23:59

Subject

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Information Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

8c:b7:e4:0b:42:13:fd:77:65:c1:a1:79:66:09:38:a1:ae:76:8e:6f
Signer

Actual PE Digest

8c:b7:e4:0b:42:13:fd:77:65:c1:a1:79:66:09:38:a1:ae:76:8e:6f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

wininet

InternetOpenA
InternetCloseHandle
HttpQueryInfoA
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
InternetConnectA

crypt32

CertFindCertificateInStore
CertCreateCertificateContext
CryptVerifyMessageSignature
CertCloseStore
CertFreeCertificateContext
CertVerifySubjectCertificateContext
CryptGetMessageCertificates

shlwapi

SHDeleteKeyA

kernel32

GetProcessHeap
HeapAlloc
GetCommandLineA
GetLastError
CreateMutexA
CloseHandle
ReadFile
GetFileSize
CreateFileA
GetTempPathA
WriteFile
FormatMessageA
_lclose
_lread
OpenFile
GetSystemDirectoryA
SetThreadLocale
GetSystemDefaultLangID
LocalFree
LocalAlloc
GetCurrentProcess
CreateThread
GetModuleHandleA
GetVersionExA
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleFileNameA
UnmapViewOfFile
GetTickCount
WaitForSingleObject
ReleaseMutex
WideCharToMultiByte
GetACP
GetFileAttributesA
CreateDirectoryA
DeleteFileA
MultiByteToWideChar
SetFilePointer
SetFileAttributesA
InterlockedIncrement
InterlockedDecrement
MapViewOfFile
CreateFileMappingA
CreateProcessA
FindClose
ExitProcess
HeapFree

user32

SendMessageA
ShowWindow
PostMessageA
SetWindowPos
GetWindowRect
GetDesktopWindow
GetParent
EndDialog
DialogBoxParamA
LoadStringA
GetWindowLongA
LoadBitmapA
MessageBoxA
SetWindowLongA
GetDlgItem
CreateWindowExA
ScreenToClient
DestroyWindow
CreateDialogParamA
DefWindowProcA
RegisterClassExA
LoadCursorA
DestroyIcon
DispatchMessageA
TranslateMessage
IsDialogMessageA
GetMessageA
LoadImageA
GetForegroundWindow
WaitForInputIdle
CharNextA
DdeUninitialize
DdeClientTransaction
DdeCreateStringHandleA
DdeConnect
DdeFreeStringHandle
DdeInitializeA
PostQuitMessage
SetWindowTextA
DdeDisconnect

gdi32

DeleteObject

advapi32

RegCreateKeyExA
RegCreateKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA

shell32

ShellExecuteA

ole32

CoUninitialize
CoRegisterClassObject
CoRevokeClassObject
CoInitialize

oleaut32

DispGetIDsOfNames
DispInvoke
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
SysAllocString
LoadRegTypeLi

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VU/Lobster.dll
.dll regsvr32 windows:4 windows x86 arch:x86

df0e7c9348936189e0c701f80de6d17d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

iphlpapi

GetAdaptersInfo

kernel32

FindResourceW
LoadLibraryExW
GetModuleHandleW
SetThreadLocale
GetThreadLocale
OutputDebugStringW
OutputDebugStringA
MulDiv
LoadLibraryW
FlushInstructionCache
GetCurrentProcess
GlobalAlloc
SetLastError
LockResource
lstrcmpW
GlobalUnlock
GlobalLock
GlobalFree
GlobalHandle
CreateSemaphoreA
ReleaseSemaphore
ResumeThread
GetLocaleInfoA
SetEnvironmentVariableA
CreateFileA
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
HeapCreate
HeapDestroy
GetTimeZoneInformation
IsValidCodePage
LoadResource
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStartupInfoA
SetHandleCount
SetStdHandle
GetModuleFileNameA
GetStdHandle
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStringTypeW
GetStringTypeA
CompareStringW
CompareStringA
ExitProcess
GetCPInfo
LCMapStringW
LCMapStringA
GetCommandLineA
VirtualQuery
GetSystemInfo
GetModuleHandleA
VirtualProtect
HeapReAlloc
GetSystemTimeAsFileTime
GetDateFormatA
GetTimeFormatA
CreateThread
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
ReadFile
SetEndOfFile
SetFilePointer
SizeofResource
FreeLibrary
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
lstrcmpiW
GetLastError
RaiseException
CreateEventW
ResetEvent
GetCurrentThreadId
SetEvent
TerminateThread
CloseHandle
WaitForSingleObject
CreateDirectoryW
GetFileAttributesW
SetFileAttributesW
GetLogicalDrives
GetDriveTypeW
FindFirstFileW
DeleteFileW
FindNextFileW
FindClose
RemoveDirectoryW
Sleep
lstrlenW
lstrlenA
WideCharToMultiByte
GetDiskFreeSpaceExW
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetTickCount
GetVersionExA
GetACP
GetOEMCP
GetConsoleMode
GetConsoleCP
WriteFile
FlushFileBuffers
MoveFileW
CreateFileW
GetFileType
RtlUnwind
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
InterlockedExchange

user32

GetWindowTextW
DefWindowProcW
GetParent
GetFocus
SetFocus
IsWindow
GetKeyState
MoveWindow
GetClientRect
ClientToScreen
ScreenToClient
InvalidateRect
InvalidateRgn
RedrawWindow
SetCapture
GetClassNameW
ReleaseCapture
FillRect
CallWindowProcW
EndPaint
BeginPaint
GetDesktopWindow
DestroyAcceleratorTable
GetClassInfoExW
LoadCursorW
RegisterClassExW
CreateAcceleratorTableW
GetNextDlgTabItem
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
PtInRect
CharNextW
UnregisterClassA
GetDialogBaseUnits
ReleaseDC
GetDC
SetTimer
DestroyWindow
SetWindowLongW
GetWindowLongW
SetWindowPos
ShowWindow
SendDlgItemMessageW
GetWindow
IsChild
GetDlgItem
SetWindowContextHelpId
SendMessageW
DrawTextW
GetSysColor
MapDialogRect
CreateWindowExW
PostMessageW
EnumChildWindows
CreateDialogIndirectParamW
RegisterWindowMessageW
GetWindowTextLengthW
UnionRect
SetWindowTextW
CopyAcceleratorTableW
IsDialogMessageW
SystemParametersInfoW

gdi32

SetWindowExtEx
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
CreateSolidBrush
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
SetBkColor
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC
CreateDCW
GetStockObject
Rectangle
SetTextColor
SetBkMode
GetDeviceCaps
CreateFontIndirectW
SelectObject
GetTextMetricsW
GetTextExtentPointW
DeleteObject
CreateMetaFileW

advapi32

RegQueryInfoKeyW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

ole32

CoTaskMemFree
StringFromGUID2
CoCreateInstance
OleLockRunning
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
OleLoadFromStream
CoTaskMemRealloc
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CreateDataAdviseHolder
WriteClassStm
OleSaveToStream
OleInitialize
OleUninitialize
CreateOleAdviseHolder
CoTaskMemAlloc

oleaut32

SysStringLen
SysFreeString
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
VariantInit
VariantClear
SysAllocStringLen
SysStringByteLen
OleCreateFontIndirect
LoadRegTypeLi
SysAllocStringByteLen
VariantChangeType
OleCreatePropertyFrame
OleTranslateColor

ws2_32

accept
getpeername
gethostname
gethostbyname
inet_addr
WSAStartup
WSASocketW
listen
WSACreateEvent
WSAEventSelect
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
WSAAccept
WSACloseEvent
WSACleanup
sendto
recvfrom
htonl
htons
bind
socket
connect
inet_ntoa
ioctlsocket
send
select
__WSAFDIsSet
recv
WSAGetLastError
setsockopt
shutdown
closesocket

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 388KB - Virtual size: 385KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VU/PROGRAM.bmp
VU/UpdateModoule/BKPlayer.dll
.dll regsvr32 windows:4 windows x86 arch:x86

7a9f10e94843ff5a1643242a510fde1b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
HeapFree
HeapReAlloc
RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
GetProcessHeap
ExitProcess
HeapSize
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
GetModuleFileNameA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
IsProcessorFeaturePresent
InterlockedCompareExchange
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFindAtomW
LoadLibraryA
GetVersionExA
GlobalFlags
GetModuleHandleA
WritePrivateProfileStringW
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalReAlloc
TlsGetValue
LocalAlloc
GetCurrentProcessId
GlobalAddAtomW
CloseHandle
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
WideCharToMultiByte
InterlockedExchange
GetProcAddress
FormatMessageW
LocalFree
GetThreadLocale
SetThreadLocale
GlobalHandle
GlobalFree
GetModuleHandleW
LoadLibraryExW
SizeofResource
GlobalLock
GlobalUnlock
GetModuleFileNameW
lstrcmpW
LockResource
GetCurrentThreadId
SetLastError
lstrlenA
MultiByteToWideChar
GlobalAlloc
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
FindResourceW
LoadResource
FreeLibrary
InterlockedIncrement
OutputDebugStringW
InterlockedDecrement
lstrcmpiW
GetLastError
DeleteCriticalSection
InitializeCriticalSection
MulDiv
RaiseException
FreeEnvironmentStringsW
lstrlenW

user32

LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetMenu
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetDlgCtrlID
GetWindowRect
GrayStringW
DrawTextExW
TabbedTextOutW
GetSystemMetrics
UnregisterClassW
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
PeekMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
PostMessageW
PostQuitMessage
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
MoveWindow
GetClientRect
UnregisterClassA
ShowWindow
SetTimer
KillTimer
GetMenuItemCount
GetSubMenu
EnumChildWindows
CreateDialogIndirectParamW
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
CreateAcceleratorTableW
CopyAcceleratorTableW
IsDialogMessageW
UnionRect
PtInRect
DestroyMenu
GetSysColorBrush
GetDlgItem
GetDialogBaseUnits
ReleaseDC
GetDC
SendMessageW
CharNextW
DestroyWindow
SetWindowLongW
GetWindowLongW
SetWindowPos
SendDlgItemMessageW
GetWindow
IsChild
SetWindowContextHelpId
DrawTextW
GetSysColor
MapDialogRect
CreateWindowExW
SystemParametersInfoW
GetParent
GetFocus
DefWindowProcW
SetFocus
IsWindow
GetKeyState
ClientToScreen
ScreenToClient
InvalidateRect
InvalidateRgn
RedrawWindow
SetCapture
GetClassNameW
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
GetNextDlgTabItem
RegisterClassExW
LoadCursorW
GetClassInfoExW
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
CallWindowProcW
FillRect
ReleaseCapture

gdi32

ScaleWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
DeleteObject
GetClipBox
CreateBitmap
CreateMetaFileW
SetWindowExtEx
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
SetBkColor
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC
CreateDCW
GetStockObject
Rectangle
SetTextColor
SetBkMode
CreateSolidBrush
GetDeviceCaps
CreateFontIndirectW
SelectObject
GetTextMetricsW
GetTextExtentPointW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueW
RegEnumKeyW
RegQueryValueExW
RegOpenKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

shlwapi

PathFindExtensionW
PathFindFileNameW

ole32

OleUninitialize
OleInitialize
OleSaveToStream
WriteClassStm
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
CreateOleAdviseHolder
OleLoadFromStream
CreateStreamOnHGlobal
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
OleRegEnumVerbs

oleaut32

SysFreeString
VariantInit
VariantClear
SysAllocString
VarUI4FromStr
SysStringLen
SysAllocStringLen
SysStringByteLen
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
SysAllocStringByteLen
VariantChangeType
DispCallFunc
OleCreatePropertyFrame
OleTranslateColor
UnRegisterTypeLi
RegisterTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 212KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VU/UpdateModoule/CHANNEL.bmp
VU/UpdateModoule/Flash9f.dll
.dll regsvr32 windows:4 windows x86 arch:x86

c78b62c1feda53e018e3bc7fa4a262b7

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4b:ea:81:7c:ba:c7:c3:8a:ba:72:e7:be:6f:00:de:6d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

07/11/2007, 00:00

Not After

10/12/2008, 23:59

Subject

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Information Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

cd:3e:63:1e:88:3a:7b:1c:fc:62:9b:7e:d0:38:04:ff:10:cc:60:5e
Signer

Actual PE Digest

cd:3e:63:1e:88:3a:7b:1c:fc:62:9b:7e:d0:38:04:ff:10:cc:60:5e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

waveOutClose
waveOutReset
timeKillEvent
waveOutGetPosition
waveOutOpen
waveOutPrepareHeader
waveInGetDevCapsA
waveOutGetNumDevs
waveInGetNumDevs
waveInStart
waveInAddBuffer
waveInStop
timeSetEvent
waveOutGetDevCapsA
waveOutUnprepareHeader
timeEndPeriod
timeBeginPeriod
timeGetDevCaps
timeGetTime
waveOutWrite
waveInPrepareHeader
waveInOpen
waveInReset
waveInUnprepareHeader
waveInClose

wininet

HttpQueryInfoA
InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
InternetCloseHandle

crypt32

CryptVerifyMessageSignature
CryptGetMessageCertificates
CertCreateCertificateContext
CertFindCertificateInStore
CertVerifySubjectCertificateContext
CertFreeCertificateContext
CertCloseStore

rpcrt4

UuidToStringA
RpcStringFreeA

oleaut32

SysFreeString
SysAllocStringLen
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VariantInit
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SafeArrayCreateVector
SafeArrayLock
SafeArrayUnlock
VarBstrCat
SysAllocStringByteLen
OleCreatePropertyFrame
SysStringLen
LoadRegTypeLi
VarUI4FromStr
VariantChangeType
SysStringByteLen
VariantClear

kernel32

GetLastError
FlushInstructionCache
GetCurrentProcess
lstrcmpiA
LocalFree
LocalAlloc
SetFileAttributesA
GetFileAttributesA
CreateMutexA
CloseHandle
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GlobalUnlock
GlobalLock
MulDiv
InterlockedIncrement
InterlockedDecrement
lstrcpynA
lstrcpyA
lstrcatA
GetCurrentThreadId
OutputDebugStringA
DisableThreadLibraryCalls
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
SetErrorMode
GetTickCount
LCMapStringA
LCMapStringW
lstrlenW
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
QueryPerformanceCounter
QueryPerformanceFrequency
SetThreadPriority
CreateWaitableTimerA
WaitForSingleObject
SetWaitableTimer
CreateThread
GetTempFileNameW
GetSystemDefaultLangID
DeleteFileA
CreateFileA
MoveFileA
VirtualQuery
GetSystemInfo
GetUserDefaultLangID
ExitThread
GetFileAttributesW
WriteFile
SetFilePointer
LockResource
FindResourceExA
FindResourceExW
SetUnhandledExceptionFilter
GetTempPathA
GetCurrentProcessId
FindClose
FindNextFileA
FindFirstFileA
GetTimeZoneInformation
GetSystemTime
SystemTimeToFileTime
CreateDirectoryA
ReadFile
GetCurrentDirectoryA
GetTempFileNameA
GetSystemDirectoryA
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
GetFileSize
SetCurrentDirectoryA
GetFileAttributesExA
RemoveDirectoryA
UnmapViewOfFile
ReleaseMutex
MapViewOfFile
CreateFileMappingA
TerminateThread
IsDBCSLeadByteEx
GetProcessTimes
CreateEventA
SetEvent
ResetEvent
WaitForMultipleObjects
ReleaseSemaphore
CreateSemaphoreA
GetThreadPriority
WideCharToMultiByte
lstrlenA
GlobalAlloc
GlobalFree
GetCurrentThread
SetThreadAffinityMask
IsDBCSLeadByte
GetCPInfo
MultiByteToWideChar
InterlockedCompareExchange
Sleep
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
VirtualProtect
HeapReAlloc
GetCommandLineA
ExitProcess
GetACP
InterlockedExchange
RtlUnwind
HeapDestroy
HeapCreate
TerminateProcess
HeapSize
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetOEMCP
SetStdHandle
FlushFileBuffers
CreateProcessA

user32

EmptyClipboard
PostThreadMessageA
GetQueueStatus
MsgWaitForMultipleObjects
RegisterWindowMessageA
SetClipboardData
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
RegisterClipboardFormatA
PeekMessageA
WaitForInputIdle
GetForegroundWindow
TranslateMessage
DispatchMessageA
DialogBoxParamW
DialogBoxParamA
DialogBoxIndirectParamW
DialogBoxIndirectParamA
EndDialog
GetWindowRect
GetDesktopWindow
LoadIconA
SendMessageA
GetDlgItem
SetWindowTextA
GetMenuItemCount
GetMenuItemInfoA
InsertMenuItemA
MonitorFromWindow
GetParent
IsChild
PtInRect
SystemParametersInfoA
GetMenuItemID
DeleteMenu
TrackPopupMenu
KillTimer
SetTimer
UpdateWindow
RegisterClassA
MapVirtualKeyA
GetKeyState
GetFocus
ReleaseCapture
GetSystemMetrics
EnumDisplaySettingsA
GetCapture
WindowFromPoint
GetCursorPos
ScreenToClient
MessageBoxA
ClientToScreen
LoadMenuA
GetSubMenu
DestroyMenu
SetCursor
IsWindow
DestroyWindow
FillRect
EnableMenuItem
CheckMenuItem
LoadStringA
SetCapture
SetFocus
GetWindowInfo
CopyRect
SendInput
GetKeyboardLayout
RegisterClassExA
LoadCursorA
wsprintfA
CreateWindowExA
ShowWindow
GetClassInfoExA
InvalidateRect
CallWindowProcA
GetWindowLongA
DefWindowProcA
BeginPaint
GetClientRect
EndPaint
GetDC
ReleaseDC
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
UnionRect
SetWindowLongA
CharNextA
GetTopWindow
GetDoubleClickTime
EnumWindows
PostMessageA
IsWindowEnabled
GetClassNameA
GetWindowTextW
GetWindowTextA
UnregisterClassA
GetWindow

gdi32

ExtTextOutW
SetTextColor
GetClipRgn
CreateRectRgn
GetTextAlign
GetBkMode
GetTextColor
GetBkColor
SetTextCharacterExtra
CreatePen
DPtoLP
GetTextExtentPoint32W
GetCurrentObject
GetTextExtentPoint32A
CreatePalette
StartDocA
EndDoc
StrokePath
ExtCreatePen
SelectClipRgn
IntersectClipRect
SetBkMode
EnumFontFamiliesA
GetTextMetricsA
CreateFontIndirectA
CreateCompatibleBitmap
GetDIBits
EndPage
BeginPath
EndPath
SetPolyFillMode
MoveToEx
LineTo
PolyBezierTo
SelectClipPath
SaveDC
RestoreDC
TextOutA
SetTextAlign
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
SetWindowOrgEx
CreateMetaFileA
GetDeviceCaps
GetObjectA
DeleteObject
CreateSolidBrush
Rectangle
SelectObject
GetStockObject
StretchDIBits
FillPath
GetObjectType
CreateDIBSection
GetStretchBltMode
SetStretchBltMode
StretchBlt
SetBkColor
ExtTextOutA
RealizePalette
GdiFlush
GetPixel
SelectPalette
StartPage
GetSystemPaletteEntries
GetClipBox
BitBlt
LPtoDP
SetViewportOrgEx
CreateDCA
DeleteDC
CreateCompatibleDC

comdlg32

PrintDlgA
GetSaveFileNameA
CommDlgExtendedError
GetOpenFileNameA

advapi32

RegCreateKeyA
RegEnumKeyExA
RegQueryValueExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHAppBarMessage
SHBrowseForFolderA

ole32

OleRegGetUserType
CreateOleAdviseHolder
CoTaskMemRealloc
OleRegEnumVerbs
CreateBindCtx
CoTaskMemAlloc
CoFreeUnusedLibraries
CoInitialize
CoUninitialize
CoRegisterMessageFilter
OleSaveToStream
WriteClassStm
OleLoadFromStream
StringFromGUID2
CoCreateInstance
CreateDataAdviseHolder
OleRegGetMiscStatus
CoTaskMemFree

shlwapi

PathFindExtensionA
SHDeleteKeyA

urlmon

HlinkSimpleNavigateToMoniker
RegisterBindStatusCallback
CreateURLMoniker

ws2_32

getservbyname
htons
gethostbyaddr
ntohs
getservbyport
WSASetLastError
getsockname
setsockopt
connect
recvfrom
sendto
WSAAddressToStringA
gethostname
select
ioctlsocket
ntohl
htonl
inet_ntoa
gethostbyname
send
recv
WSAStartup
WSASocketA
socket
WSAAsyncSelect
WSAIoctl
WSAGetLastError
closesocket
WSACleanup
inet_addr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
pcre_callout
pcre_compile
pcre_compile2
pcre_exec
pcre_free
pcre_fullinfo
pcre_malloc
pcre_stack_free
pcre_stack_malloc

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 196KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VU/UpdateModoule/FlashUtil9f.exe
.exe windows:4 windows x86 arch:x86

a9d79d340821ec352051fcf0138d0a55

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4b:ea:81:7c:ba:c7:c3:8a:ba:72:e7:be:6f:00:de:6d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

07/11/2007, 00:00

Not After

10/12/2008, 23:59

Subject

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Information Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

8c:b7:e4:0b:42:13:fd:77:65:c1:a1:79:66:09:38:a1:ae:76:8e:6f
Signer

Actual PE Digest

8c:b7:e4:0b:42:13:fd:77:65:c1:a1:79:66:09:38:a1:ae:76:8e:6f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

wininet

InternetOpenA
InternetCloseHandle
HttpQueryInfoA
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
InternetConnectA

crypt32

CertFindCertificateInStore
CertCreateCertificateContext
CryptVerifyMessageSignature
CertCloseStore
CertFreeCertificateContext
CertVerifySubjectCertificateContext
CryptGetMessageCertificates

shlwapi

SHDeleteKeyA

kernel32

GetProcessHeap
HeapAlloc
GetCommandLineA
GetLastError
CreateMutexA
CloseHandle
ReadFile
GetFileSize
CreateFileA
GetTempPathA
WriteFile
FormatMessageA
_lclose
_lread
OpenFile
GetSystemDirectoryA
SetThreadLocale
GetSystemDefaultLangID
LocalFree
LocalAlloc
GetCurrentProcess
CreateThread
GetModuleHandleA
GetVersionExA
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleFileNameA
UnmapViewOfFile
GetTickCount
WaitForSingleObject
ReleaseMutex
WideCharToMultiByte
GetACP
GetFileAttributesA
CreateDirectoryA
DeleteFileA
MultiByteToWideChar
SetFilePointer
SetFileAttributesA
InterlockedIncrement
InterlockedDecrement
MapViewOfFile
CreateFileMappingA
CreateProcessA
FindClose
ExitProcess
HeapFree

user32

SendMessageA
ShowWindow
PostMessageA
SetWindowPos
GetWindowRect
GetDesktopWindow
GetParent
EndDialog
DialogBoxParamA
LoadStringA
GetWindowLongA
LoadBitmapA
MessageBoxA
SetWindowLongA
GetDlgItem
CreateWindowExA
ScreenToClient
DestroyWindow
CreateDialogParamA
DefWindowProcA
RegisterClassExA
LoadCursorA
DestroyIcon
DispatchMessageA
TranslateMessage
IsDialogMessageA
GetMessageA
LoadImageA
GetForegroundWindow
WaitForInputIdle
CharNextA
DdeUninitialize
DdeClientTransaction
DdeCreateStringHandleA
DdeConnect
DdeFreeStringHandle
DdeInitializeA
PostQuitMessage
SetWindowTextA
DdeDisconnect

gdi32

DeleteObject

advapi32

RegCreateKeyExA
RegCreateKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA

shell32

ShellExecuteA

ole32

CoUninitialize
CoRegisterClassObject
CoRevokeClassObject
CoInitialize

oleaut32

DispGetIDsOfNames
DispInvoke
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
SysAllocString
LoadRegTypeLi

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VU/UpdateModoule/Lobster.dll
.dll regsvr32 windows:4 windows x86 arch:x86

df0e7c9348936189e0c701f80de6d17d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

iphlpapi

GetAdaptersInfo

kernel32

FindResourceW
LoadLibraryExW
GetModuleHandleW
SetThreadLocale
GetThreadLocale
OutputDebugStringW
OutputDebugStringA
MulDiv
LoadLibraryW
FlushInstructionCache
GetCurrentProcess
GlobalAlloc
SetLastError
LockResource
lstrcmpW
GlobalUnlock
GlobalLock
GlobalFree
GlobalHandle
CreateSemaphoreA
ReleaseSemaphore
ResumeThread
GetLocaleInfoA
SetEnvironmentVariableA
CreateFileA
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
HeapCreate
HeapDestroy
GetTimeZoneInformation
IsValidCodePage
LoadResource
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStartupInfoA
SetHandleCount
SetStdHandle
GetModuleFileNameA
GetStdHandle
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStringTypeW
GetStringTypeA
CompareStringW
CompareStringA
ExitProcess
GetCPInfo
LCMapStringW
LCMapStringA
GetCommandLineA
VirtualQuery
GetSystemInfo
GetModuleHandleA
VirtualProtect
HeapReAlloc
GetSystemTimeAsFileTime
GetDateFormatA
GetTimeFormatA
CreateThread
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
ReadFile
SetEndOfFile
SetFilePointer
SizeofResource
FreeLibrary
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
lstrcmpiW
GetLastError
RaiseException
CreateEventW
ResetEvent
GetCurrentThreadId
SetEvent
TerminateThread
CloseHandle
WaitForSingleObject
CreateDirectoryW
GetFileAttributesW
SetFileAttributesW
GetLogicalDrives
GetDriveTypeW
FindFirstFileW
DeleteFileW
FindNextFileW
FindClose
RemoveDirectoryW
Sleep
lstrlenW
lstrlenA
WideCharToMultiByte
GetDiskFreeSpaceExW
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetTickCount
GetVersionExA
GetACP
GetOEMCP
GetConsoleMode
GetConsoleCP
WriteFile
FlushFileBuffers
MoveFileW
CreateFileW
GetFileType
RtlUnwind
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
InterlockedExchange

user32

GetWindowTextW
DefWindowProcW
GetParent
GetFocus
SetFocus
IsWindow
GetKeyState
MoveWindow
GetClientRect
ClientToScreen
ScreenToClient
InvalidateRect
InvalidateRgn
RedrawWindow
SetCapture
GetClassNameW
ReleaseCapture
FillRect
CallWindowProcW
EndPaint
BeginPaint
GetDesktopWindow
DestroyAcceleratorTable
GetClassInfoExW
LoadCursorW
RegisterClassExW
CreateAcceleratorTableW
GetNextDlgTabItem
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
PtInRect
CharNextW
UnregisterClassA
GetDialogBaseUnits
ReleaseDC
GetDC
SetTimer
DestroyWindow
SetWindowLongW
GetWindowLongW
SetWindowPos
ShowWindow
SendDlgItemMessageW
GetWindow
IsChild
GetDlgItem
SetWindowContextHelpId
SendMessageW
DrawTextW
GetSysColor
MapDialogRect
CreateWindowExW
PostMessageW
EnumChildWindows
CreateDialogIndirectParamW
RegisterWindowMessageW
GetWindowTextLengthW
UnionRect
SetWindowTextW
CopyAcceleratorTableW
IsDialogMessageW
SystemParametersInfoW

gdi32

SetWindowExtEx
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
CreateSolidBrush
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
SetBkColor
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC
CreateDCW
GetStockObject
Rectangle
SetTextColor
SetBkMode
GetDeviceCaps
CreateFontIndirectW
SelectObject
GetTextMetricsW
GetTextExtentPointW
DeleteObject
CreateMetaFileW

advapi32

RegQueryInfoKeyW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

ole32

CoTaskMemFree
StringFromGUID2
CoCreateInstance
OleLockRunning
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
OleLoadFromStream
CoTaskMemRealloc
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CreateDataAdviseHolder
WriteClassStm
OleSaveToStream
OleInitialize
OleUninitialize
CreateOleAdviseHolder
CoTaskMemAlloc

oleaut32

SysStringLen
SysFreeString
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
VariantInit
VariantClear
SysAllocStringLen
SysStringByteLen
OleCreateFontIndirect
LoadRegTypeLi
SysAllocStringByteLen
VariantChangeType
OleCreatePropertyFrame
OleTranslateColor

ws2_32

accept
getpeername
gethostname
gethostbyname
inet_addr
WSAStartup
WSASocketW
listen
WSACreateEvent
WSAEventSelect
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
WSAAccept
WSACloseEvent
WSACleanup
sendto
recvfrom
htonl
htons
bind
socket
connect
inet_ntoa
ioctlsocket
send
select
__WSAFDIsSet
recv
WSAGetLastError
setsockopt
shutdown
closesocket

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 388KB - Virtual size: 385KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VU/UpdateModoule/PROGRAM.bmp
VU/UpdateModoule/VU.exe
.exe windows:4 windows x86 arch:x86

ba13786447b3ca7d212f1005761904aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

zipdll

?SwapSize@CMamaZip@@QAEXPBD@Z
??0CUnzip@@QAE@PBD@Z

kernel32

FileTimeToLocalFileTime
GetFileAttributesW
GetFileTime
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
ExitProcess
GetFileType
GetConsoleCP
GetConsoleMode
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
ExitThread
CreateThread
RtlUnwind
RaiseException
HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
SetErrorMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CreateFileA
SetEnvironmentVariableA
FileTimeToSystemTime
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetCurrentProcessId
GetModuleHandleA
GetThreadLocale
GlobalFree
FormatMessageW
LocalFree
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
SetLastError
lstrcmpW
GetVersionExA
GetModuleFileNameW
GetVersion
CreateDirectoryW
lstrlenA
OutputDebugStringA
WaitForSingleObject
SetEvent
CreateEventW
WritePrivateProfileStringW
GetDiskFreeSpaceExW
GetPrivateProfileIntW
CopyFileW
CloseHandle
GetLastError
CreateMutexW
OutputDebugStringW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcpyW
InterlockedDecrement
InterlockedIncrement
GetTickCount
DeleteFileW
GetPrivateProfileStringW
GetModuleHandleW
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
GlobalUnlock
FreeLibrary
GetProcAddress
LoadLibraryW
GlobalLock
GlobalAlloc
FreeResource
SizeofResource
FindResourceW
LoadResource
LockResource
MulDiv
Sleep
GetEnvironmentStrings

user32

GetNextDlgGroupItem
UnregisterClassW
RegisterClipboardFormatW
PostThreadMessageW
ValidateRect
PostQuitMessage
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
MoveWindow
SetWindowTextW
IsDialogMessageW
UnregisterClassA
CharNextW
SetWindowContextHelpId
MapDialogRect
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
IsWindowEnabled
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
ReleaseCapture
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageW
MapWindowPoints
TrackPopupMenu
GetKeyState
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
AdjustWindowRectEx
GetParent
ScreenToClient
EqualRect
DeferWindowPos
CopyRect
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
CreatePopupMenu
SetLayeredWindowAttributes
GetAsyncKeyState
GetCursorPos
ShowCursor
DrawIcon
CheckMenuItem
AppendMenuW
SetCapture
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableW
GetSysColorBrush
CharUpperW
LoadIconW
DefDlgProcW
DestroyMenu
SetCursor
GetMessageW
RemovePropW
TranslateMessage
UpdateWindow
MessageBoxW
SystemParametersInfoW
SetForegroundWindow
ShowWindow
IsIconic
BringWindowToTop
GetLastActivePopup
FindWindowW
RegisterClassW
GetSysColor
LoadCursorW
SendMessageW
MessageBeep
AnimateWindow
SetTimer
KillTimer
IsWindow
InvalidateRect
SetWindowPos
PostMessageW
SetWindowLongW
GetWindowLongW
PtInRect
GetWindowRect
GetClientRect
EnableWindow
IsWindowVisible
GetSystemMetrics
ReleaseDC
GetDC
GetMessagePos

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
Escape
TextOutW
CreateRectRgnIndirect
GetMapMode
GetRgnBox
ExtTextOutW
LineTo
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
CreatePen
SetMapMode
RestoreDC
SaveDC
GetTextColor
GetBkColor
GetStockObject
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetObjectW
DeleteDC
GetDeviceCaps
CreateCompatibleBitmap
CreateCompatibleDC
CreateSolidBrush
MoveToEx
SelectObject

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegQueryValueExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegCreateKeyW

shell32

SHBrowseForFolderW
ShellExecuteW
Shell_NotifyIconW
SHGetPathFromIDListW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject

oleaut32

VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocString
OleCreateFontIndirect
SysStringLen
SysFreeString
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen

urlmon

URLDownloadToFileW

gdiplus

GdipAlloc
GdipFree
GdipLoadImageFromFile
GdipGetImageHeight
GdipGetImageWidth
GdipReleaseDC
GdiplusStartup
GdiplusShutdown
GdipDisposeImage
GdipDrawImagePointsI
GdipDeleteGraphics
GdipCreateFromHDC
GdipCloneImage

ws2_32

recvfrom
bind
htonl
WSACleanup
WSAStartup
sendto
ioctlsocket
send
WSAGetLastError
gethostbyname
__WSAFDIsSet
select
connect
htons
inet_addr
socket
setsockopt
closesocket
shutdown
inet_ntoa
recv

wininet

DeleteUrlCacheEntryA
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
InternetSetOptionW

netapi32

Netbios

Sections

.text
Size: 344KB - Virtual size: 341KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VU/UpdateModoule/VersionInfo.xml
.xml
VU/UpdateModoule/addtoDL.hts
VU/UpdateModoule/clsbt.hts
VU/UpdateModoule/cmup.hts
VU/UpdateModoule/cnnerr.hts
VU/UpdateModoule/cpl.hts
VU/UpdateModoule/downloadedList.swf
VU/UpdateModoule/downloadingList.swf
VU/UpdateModoule/drg.hts
VU/UpdateModoule/epg.hts
VU/UpdateModoule/fromDLtoPlay.hts
VU/UpdateModoule/glamor.hts
VU/UpdateModoule/gpger.hts
VU/UpdateModoule/hasInDL.hts
VU/UpdateModoule/hlp.hts
VU/UpdateModoule/mediaplayer.hts
VU/UpdateModoule/nothing.hts
VU/UpdateModoule/notp.hts
VU/UpdateModoule/pnxt.hts
VU/UpdateModoule/startDL.hts
VU/UpdateModoule/wellcm.png
.png
VU/UpdateModoule/zipdll.dll
.dll windows:4 windows x86 arch:x86

d944839c615124bc166ea9c84662e6ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RaiseException
HeapFree
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
WideCharToMultiByte
SetStdHandle
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsBadCodePtr
SetFilePointer
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
CloseHandle
LCMapStringA
LCMapStringW
CreateFileA
DeleteFileA
ReadFile
SetEndOfFile

Exports

Exports

??0CMamaZip@@QAE@ABV0@@Z
??0CMamaZip@@QAE@PBD@Z
??0CUnzip@@QAE@ABV0@@Z
??0CUnzip@@QAE@PBD@Z
??0CZip@@QAE@ABV0@@Z
??0CZip@@QAE@PBD@Z
??0CZipException@@QAA@PBDZZ
??4CMamaZip@@QAEAAV0@ABV0@@Z
??4CUnzip@@QAEAAV0@ABV0@@Z
??4CZip@@QAEAAV0@ABV0@@Z
??4CZipException@@QAEAAV0@ABV0@@Z
??_7CMamaZip@@6B@
??_7CUnzip@@6B@
??_7CZip@@6B@
?GetString@CZipException@@QAEPBDXZ
?HardWork@CUnzip@@MAEHHH@Z
?HardWork@CZip@@MAEHHH@Z
?SwapSize@CMamaZip@@QAEXPBD@Z

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VU/VU.exe
.exe windows:4 windows x86 arch:x86

ba13786447b3ca7d212f1005761904aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

zipdll

?SwapSize@CMamaZip@@QAEXPBD@Z
??0CUnzip@@QAE@PBD@Z

kernel32

FileTimeToLocalFileTime
GetFileAttributesW
GetFileTime
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
ExitProcess
GetFileType
GetConsoleCP
GetConsoleMode
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
ExitThread
CreateThread
RtlUnwind
RaiseException
HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
SetErrorMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CreateFileA
SetEnvironmentVariableA
FileTimeToSystemTime
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetCurrentProcessId
GetModuleHandleA
GetThreadLocale
GlobalFree
FormatMessageW
LocalFree
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
SetLastError
lstrcmpW
GetVersionExA
GetModuleFileNameW
GetVersion
CreateDirectoryW
lstrlenA
OutputDebugStringA
WaitForSingleObject
SetEvent
CreateEventW
WritePrivateProfileStringW
GetDiskFreeSpaceExW
GetPrivateProfileIntW
CopyFileW
CloseHandle
GetLastError
CreateMutexW
OutputDebugStringW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcpyW
InterlockedDecrement
InterlockedIncrement
GetTickCount
DeleteFileW
GetPrivateProfileStringW
GetModuleHandleW
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
GlobalUnlock
FreeLibrary
GetProcAddress
LoadLibraryW
GlobalLock
GlobalAlloc
FreeResource
SizeofResource
FindResourceW
LoadResource
LockResource
MulDiv
Sleep
GetEnvironmentStrings

user32

GetNextDlgGroupItem
UnregisterClassW
RegisterClipboardFormatW
PostThreadMessageW
ValidateRect
PostQuitMessage
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
MoveWindow
SetWindowTextW
IsDialogMessageW
UnregisterClassA
CharNextW
SetWindowContextHelpId
MapDialogRect
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
IsWindowEnabled
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
ReleaseCapture
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageW
MapWindowPoints
TrackPopupMenu
GetKeyState
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
AdjustWindowRectEx
GetParent
ScreenToClient
EqualRect
DeferWindowPos
CopyRect
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
CreatePopupMenu
SetLayeredWindowAttributes
GetAsyncKeyState
GetCursorPos
ShowCursor
DrawIcon
CheckMenuItem
AppendMenuW
SetCapture
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableW
GetSysColorBrush
CharUpperW
LoadIconW
DefDlgProcW
DestroyMenu
SetCursor
GetMessageW
RemovePropW
TranslateMessage
UpdateWindow
MessageBoxW
SystemParametersInfoW
SetForegroundWindow
ShowWindow
IsIconic
BringWindowToTop
GetLastActivePopup
FindWindowW
RegisterClassW
GetSysColor
LoadCursorW
SendMessageW
MessageBeep
AnimateWindow
SetTimer
KillTimer
IsWindow
InvalidateRect
SetWindowPos
PostMessageW
SetWindowLongW
GetWindowLongW
PtInRect
GetWindowRect
GetClientRect
EnableWindow
IsWindowVisible
GetSystemMetrics
ReleaseDC
GetDC
GetMessagePos

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
Escape
TextOutW
CreateRectRgnIndirect
GetMapMode
GetRgnBox
ExtTextOutW
LineTo
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
CreatePen
SetMapMode
RestoreDC
SaveDC
GetTextColor
GetBkColor
GetStockObject
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetObjectW
DeleteDC
GetDeviceCaps
CreateCompatibleBitmap
CreateCompatibleDC
CreateSolidBrush
MoveToEx
SelectObject

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegQueryValueExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegCreateKeyW

shell32

SHBrowseForFolderW
ShellExecuteW
Shell_NotifyIconW
SHGetPathFromIDListW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject

oleaut32

VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocString
OleCreateFontIndirect
SysStringLen
SysFreeString
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen

urlmon

URLDownloadToFileW

gdiplus

GdipAlloc
GdipFree
GdipLoadImageFromFile
GdipGetImageHeight
GdipGetImageWidth
GdipReleaseDC
GdiplusStartup
GdiplusShutdown
GdipDisposeImage
GdipDrawImagePointsI
GdipDeleteGraphics
GdipCreateFromHDC
GdipCloneImage

ws2_32

recvfrom
bind
htonl
WSACleanup
WSAStartup
sendto
ioctlsocket
send
WSAGetLastError
gethostbyname
__WSAFDIsSet
select
connect
htons
inet_addr
socket
setsockopt
closesocket
shutdown
inet_ntoa
recv

wininet

DeleteUrlCacheEntryA
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
InternetSetOptionW

netapi32

Netbios

Sections

.text
Size: 344KB - Virtual size: 341KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VU/VUUpdate.exe
.exe windows:4 windows x86 arch:x86

fdb4d84a81f079fe8e1b9de700813de9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetReadFile
HttpQueryInfoA
InternetErrorDlg
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetSetStatusCallback
InternetOpenA
InternetCloseHandle
InternetCanonicalizeUrlA
InternetCrackUrlA

kernel32

RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
HeapFree
CreateThread
ExitThread
HeapAlloc
RaiseException
GetACP
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
GetTimeZoneInformation
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetOEMCP
GetCPInfo
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesA
SizeofResource
GetProcessVersion
GetCurrentDirectoryA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
FindNextFileA
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
MulDiv
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetModuleHandleA
FormatMessageA
LocalFree
SetLastError
FreeLibrary
GetThreadLocale
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
LoadLibraryA
GetProcAddress
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetProfileStringA
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
CreateEventA
SuspendThread
SetThreadPriority
SetEvent
CloseHandle
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
WritePrivateProfileStringA
WaitForSingleObject
GetTickCount
DeleteFileA
ResumeThread
OutputDebugStringA
CopyFileA
CreateDirectoryA
GetLastError
CreateProcessA
GetModuleFileNameA
UnhandledExceptionFilter

user32

CharNextA
CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
MessageBeep
InvalidateRect
RegisterClipboardFormatA
PostThreadMessageA
PtInRect
GetClassNameA
LoadCursorA
GetDesktopWindow
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
DestroyMenu
LoadStringA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
ScreenToClient
InflateRect
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
GetWindowRect
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
CharUpperA
wsprintfA
CopyRect
GetDC
ReleaseDC
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetSysColorBrush
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
SetCursor
PostQuitMessage
EnableWindow
PostMessageA
KillTimer
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
SendMessageA
SetTimer
LoadIconA
HideCaret
UnregisterClassA
GetWindowTextLengthA

gdi32

GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetViewportExtEx
GetMapMode
DPtoLP
GetTextColor
GetBkColor
LPtoDP
GetDeviceCaps
DeleteObject
SetTextColor
GetClipBox
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateDIBitmap
PatBlt
CreateBitmap
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

comctl32

ImageList_Destroy
ord17

oledlg

ord8

ole32

CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
OleUninitialize
CoFreeUnusedLibraries
CoInitialize
OleInitialize
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
SysAllocStringLen
SysStringLen
SysStringByteLen
SysAllocStringByteLen
VariantClear
SysFreeString
GetErrorInfo

wsock32

WSAStartup
WSACleanup

Sections

.text
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VU/VersionInfo.xml
.xml
VU/addtoDL.hts
VU/clsbt.hts
VU/cmup.hts
VU/cnnerr.hts
VU/cpl.hts
VU/downloadedList.swf
VU/downloadingList.swf
VU/drg.hts
VU/epg.hts
VU/fromDLtoPlay.hts
VU/glamor.hts
VU/gpger.hts
VU/hasInDL.hts
VU/hlp.hts
VU/install_flash_player_active_x.exe
.exe windows:4 windows x86 arch:x86

f14903f539cc8667478f89ca4497258f

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4b:ea:81:7c:ba:c7:c3:8a:ba:72:e7:be:6f:00:de:6d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

07/11/2007, 00:00

Not After

10/12/2008, 23:59

Subject

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Information Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

c6:9d:89:e0:d7:27:17:0a:42:7b:65:12:34:fb:9f:ca:a4:62:95:d7
Signer

Actual PE Digest

c6:9d:89:e0:d7:27:17:0a:42:7b:65:12:34:fb:9f:ca:a4:62:95:d7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
lstrcmpiA
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
MulDiv
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA

user32

ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
TrackPopupMenu
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
SetForegroundWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VU/mediaplayer.hts
VU/nothing.hts
VU/notp.hts
VU/ntv.ini
VU/pnxt.hts
VU/startDL.hts
VU/wellcm.png
.png
VU/zipdll.dll
.dll windows:4 windows x86 arch:x86

d944839c615124bc166ea9c84662e6ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RaiseException
HeapFree
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
WideCharToMultiByte
SetStdHandle
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsBadCodePtr
SetFilePointer
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
CloseHandle
LCMapStringA
LCMapStringW
CreateFileA
DeleteFileA
ReadFile
SetEndOfFile

Exports

Exports

??0CMamaZip@@QAE@ABV0@@Z
??0CMamaZip@@QAE@PBD@Z
??0CUnzip@@QAE@ABV0@@Z
??0CUnzip@@QAE@PBD@Z
??0CZip@@QAE@ABV0@@Z
??0CZip@@QAE@PBD@Z
??0CZipException@@QAA@PBDZZ
??4CMamaZip@@QAEAAV0@ABV0@@Z
??4CUnzip@@QAEAAV0@ABV0@@Z
??4CZip@@QAEAAV0@ABV0@@Z
??4CZipException@@QAEAAV0@ABV0@@Z
??_7CMamaZip@@6B@
??_7CUnzip@@6B@
??_7CZip@@6B@
?GetString@CZipException@@QAEPBDXZ
?HardWork@CUnzip@@MAEHHH@Z
?HardWork@CZip@@MAEHHH@Z
?SwapSize@CMamaZip@@QAEXPBD@Z

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VU/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

1c042238f43557c055fca8642de8a074

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 296KB

.ndata Size: - Virtual size: 360KB

.rsrc Size: 88KB - Virtual size: 88KB

7a9f10e94843ff5a1643242a510fde1b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shlwapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 212KB - Virtual size: 208KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 16KB - Virtual size: 31KB

.rsrc Size: 12KB - Virtual size: 8KB

.reloc Size: 28KB - Virtual size: 27KB

c78b62c1feda53e018e3bc7fa4a262b7

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

4b:ea:81:7c:ba:c7:c3:8a:ba:72:e7:be:6f:00:de:6dCertificate

Extended Key Usages

Key Usages

cd:3e:63:1e:88:3a:7b:1c:fc:62:9b:7e:d0:38:04:ff:10:cc:60:5eSigner

Headers

File Characteristics

Imports

version

winmm

wininet

crypt32

rpcrt4

oleaut32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

urlmon

ws2_32

Exports

Exports

Sections

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 296KB

.ndata
Size: - Virtual size: 360KB

.rsrc
Size: 88KB - Virtual size: 88KB

.text
Size: 212KB - Virtual size: 208KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 16KB - Virtual size: 31KB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 28KB - Virtual size: 27KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

4b:ea:81:7c:ba:c7:c3:8a:ba:72:e7:be:6f:00:de:6d
Certificate

cd:3e:63:1e:88:3a:7b:1c:fc:62:9b:7e:d0:38:04:ff:10:cc:60:5e
Signer

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 280KB - Virtual size: 276KB

.data
Size: 196KB - Virtual size: 1.0MB

.rodata
Size: 4KB - Virtual size: 192B

.rsrc
Size: 52KB - Virtual size: 48KB

.reloc
Size: 80KB - Virtual size: 79KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

4b:ea:81:7c:ba:c7:c3:8a:ba:72:e7:be:6f:00:de:6d
Certificate

8c:b7:e4:0b:42:13:fd:77:65:c1:a1:79:66:09:38:a1:ae:76:8e:6f
Signer

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 4KB - Virtual size: 156B

.rsrc
Size: 116KB - Virtual size: 112KB

.text
Size: 388KB - Virtual size: 385KB

.rdata
Size: 84KB - Virtual size: 81KB

.data
Size: 24KB - Virtual size: 32KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 32KB - Virtual size: 31KB