061ced7f8b1af39750163cce04ec019a

Sharing

Copy URL Twitter E-mail

General

Target

061ced7f8b1af39750163cce04ec019a
Size

2.3MB
MD5

061ced7f8b1af39750163cce04ec019a
SHA1

64b03edcc00daadd497e0ff2216eee4e4b158281
SHA256

52502740009ae6cbbf3a7ba107f426dd048309df973563aa956853ff350051da
SHA512

53d2f532c031ca45de3653116d06a95188e53b604af7b18cb81b19f7d2001a46016c86779e3a5e6827704224b1cba48b821e6a0dcc2a996c31712445b9206aa3
SSDEEP

49152:DQc+Tb5k+FUImQiUqxuB1cmM7c4YAiuYUaevXrAlv1CTgK1FhI1wmi5bO+6:cFP5keiUKunb8liuYQbkv1CTggdmi5C

Score

3^/10

Malware Config

Signatures

Unsigned PE 9 IoCs

Checks for missing Authenticode signature.

resource
unpack001/响亮取名软件/CnCalendar.fne
unpack001/响亮取名软件/dp1.fne
unpack001/响亮取名软件/eAPI.fne
unpack001/响亮取名软件/iext.fnr
unpack001/响亮取名软件/iext2.fne
unpack001/响亮取名软件/kernel32
unpack001/响亮取名软件/spec.fne
unpack001/响亮取名软件/wininet.dll
unpack001/响亮取名软件/响亮宝宝取名软件 V15.0.exe

Files

061ced7f8b1af39750163cce04ec019a
.rar
响亮取名软件/CnCalendar.fne
.dll windows:4 windows x86 arch:x86

40e53c4191ba6b79c193870dc2ab08e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetACP
HeapSize
VirtualFree
VirtualAlloc
IsBadWritePtr
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
TerminateProcess
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
ExitProcess
GetSystemTime
GetTimeZoneInformation
HeapFree
RaiseException
GetCommandLineA
HeapAlloc
HeapReAlloc
RtlUnwind
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetFileTime
GetFileSize
GetFileAttributesA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GlobalFree
CloseHandle
GetModuleFileNameA
GlobalAlloc
lstrcmpA
GetCurrentThread
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalFree
GlobalLock
SetLastError
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
LockResource
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GetProcAddress
GlobalUnlock
GlobalReAlloc
MulDiv
GetLastError
GetTickCount
SetUnhandledExceptionFilter
GetLocalTime

user32

DestroyMenu
GetSysColorBrush
GetClassNameA
UnregisterClassA
CharUpperA
EndDialog
CreateDialogIndirectParamA
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
GetCursorPos
SetCursor
PostQuitMessage
EndPaint
BeginPaint
ClientToScreen
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
LoadIconA
SendDlgItemMessageA
MapWindowPoints
DispatchMessageA
GetFocus
SetActiveWindow
SetFocus
AdjustWindowRectEx
IsWindowVisible
GetTopWindow
MessageBoxA
GetParent
GetCapture
WinHelpA
wsprintfA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetDlgCtrlID
GetKeyState
UpdateWindow
SetRect
CopyRect
SendMessageA
InvalidateRect
PostMessageA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
RemovePropA
GetMessageTime
PeekMessageA
LoadStringA
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
PtInRect
LoadCursorA
DefWindowProcA
GetClassInfoA
EnableWindow
GetClientRect
WindowFromDC
ReleaseDC
GetDC
GetSysColor
TabbedTextOutA
DrawTextA
GrayStringA
CallWindowProcA
SetWindowLongA
GetWindowPlacement
GetWindowLongA
GetSystemMetrics
SetRectEmpty
GetWindowRect
IsWindow

gdi32

LineTo
MoveToEx
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
BitBlt
SetBkMode
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetStockObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateFontIndirectA
CreateBrushIndirect
GetObjectA
CreatePenIndirect
RestoreDC
SaveDC
GetDeviceCaps
SetWindowOrgEx
SelectObject
DeleteObject
DeleteDC
Rectangle
CreateCompatibleDC
CreateCompatibleBitmap

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

comctl32

_TrackMouseEvent
ord17

Exports

Exports

GetNewInf

Sections

.text
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
响亮取名软件/Skin/QQ2009.she
响亮取名软件/Skin/QQ2009_宽_底边.she
响亮取名软件/Skin/QQ2009_窄_底边.she
响亮取名软件/Skin/XP系统色.she
响亮取名软件/Skin/Xenes.she
响亮取名软件/Skin/enjoy.she
响亮取名软件/Skin/hlong.she
响亮取名软件/Skin/homestead.she
响亮取名软件/Skin/insomnia.she
响亮取名软件/Skin/itunes.she
响亮取名软件/Skin/longhorn.she
响亮取名软件/Skin/ouframe.she
响亮取名软件/Skin/pixos.she
响亮取名软件/Skin/qq2008.she
响亮取名软件/Skin/royale.she
响亮取名软件/Skin/storm音影.she
响亮取名软件/Skin/vista.she
响亮取名软件/Skin/whitefire.she
响亮取名软件/Skin/wish.she
响亮取名软件/Skin/仿MSN.she
响亮取名软件/Skin/仿QQ影音.she
响亮取名软件/Skin/仿REAL.she
响亮取名软件/Skin/仿office2007.she
响亮取名软件/Skin/仿qqgame.she
响亮取名软件/Skin/四方平板.she
响亮取名软件/Skin/按钮平行.she
响亮取名软件/Skin/木质色.she
响亮取名软件/Skin/标题黄.she
响亮取名软件/Skin/清纯淡蓝.she
响亮取名软件/Skin/炫绿色.she
响亮取名软件/Skin/精典黑.she
响亮取名软件/Skin/纯VISTA.she
响亮取名软件/Skin/纹条色.she
响亮取名软件/dp1.fne
.dll windows:4 windows x86 arch:x86

f4b4bca30df7e9c871bbc7c4aade35c8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
RtlUnwind
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetProcAddress
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
ReadFile
SetStdHandle
SetFilePointer
FlushFileBuffers
CloseHandle

user32

wsprintfA

Exports

Exports

Compress
GetNewInf
MGetMD5

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
响亮取名软件/eAPI.fne
.dll windows:4 windows x86 arch:x86

a8ae28fb7870151eb1647d665ac5f31c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

iphlpapi

SendARP
GetAdaptersInfo

shlwapi

PathAppendA
PathFileExistsA
SHDeleteValueA
SHDeleteKeyA

mpr

WNetAddConnection2A
WNetOpenEnumA
WNetEnumResourceA
WNetCloseEnum
WNetCancelConnection2A

winmm

waveOutGetDevCapsA
mciSendStringA
waveOutGetNumDevs

ws2_32

inet_ntoa
gethostname
gethostbyname
inet_addr
WSAStartup
gethostbyaddr
WSACleanup
closesocket
connect
htons
socket
sendto

version

GetFileVersionInfoSizeA
VerLanguageNameA
VerQueryValueA
GetFileVersionInfoA

kernel32

lstrcmpiA
lstrcmpA
GlobalDeleteAtom
GetModuleFileNameA
MulDiv
DuplicateHandle
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
lstrcpynA
GetFullPathNameA
GetFileTime
LocalAlloc
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GlobalHandle
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
GlobalFlags
GetCurrentDirectoryA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetProcessVersion
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCPInfo
GetOEMCP
RtlUnwind
RaiseException
GetSystemTime
GetLocalTime
GetCommandLineA
ExitProcess
HeapSize
GetACP
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
EnumSystemLocalesA
GetUserDefaultLCID
SetStdHandle
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetCurrentThreadId
LocalFree
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
HeapReAlloc
WinExec
lstrcatA
WriteProfileStringA
SetLastError
GetProfileStringA
CreateDirectoryA
GetSystemDirectoryA
EnumResourceNamesA
CopyFileA
Sleep
GetWindowsDirectoryA
GetTempPathA
GlobalMemoryStatus
Module32First
Module32Next
OpenProcess
InterlockedExchange
TerminateProcess
GetDriveTypeA
GetVolumeInformationA
GetLastError
GetProcessHeap
HeapAlloc
HeapFree
GetFileSize
FindFirstFileA
GetFileAttributesA
SetFileAttributesA
RemoveDirectoryA
FindNextFileA
FindClose
DeleteFileA
MultiByteToWideChar
GlobalAlloc
LoadLibraryExA
FindResourceA
LoadResource
LockResource
SizeofResource
lstrcpyA
GlobalLock
GlobalSize
GlobalUnlock
GlobalFree
CreateToolhelp32Snapshot
Process32First
Process32Next
WriteFile
ReadFile
SetFilePointer
GetLocaleInfoA
GetSystemDefaultLangID
GetTimeZoneInformation
CreateFileA
DeviceIoControl
CloseHandle
lstrlenA
GetModuleHandleA
GetVersion
GetVersionExA
LoadLibraryA
GetProcAddress
GetCurrentProcess
FreeLibrary
QueryPerformanceCounter
QueryPerformanceFrequency
TlsFree

user32

IsDialogMessageA
SetWindowPos
SetFocus
GetWindowPlacement
IsIconic
RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
DestroyMenu
CharUpperA
UnhookWindowsHookEx
GrayStringA
DrawTextA
TabbedTextOutA
ClientToScreen
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
EnableWindow
PostMessageA
PostQuitMessage
WindowFromPoint
GetParent
GetWindow
PtInRect
IsWindowVisible
GetWindowLongA
EnumWindows
GetWindowTextA
FindWindowExA
IsRectEmpty
GetCursorPos
SetWindowLongA
GetDlgItem
ShowWindow
UpdateWindow
SystemParametersInfoA
ChangeDisplaySettingsA
EnumDisplaySettingsA
SendMessageTimeoutA
FindWindowA
GetWindowThreadProcessId
SetCursorPos
mouse_event
keybd_event
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetClassNameA
IsWindow
SendMessageA
GetDesktopWindow
GetWindowRect
ReleaseCapture
SetCapture
GetSystemMetrics
LoadImageA
VkKeyScanExA
GetDC
ReleaseDC
GetKeyboardLayout
wsprintfA
SendDlgItemMessageA
GetMenuItemCount
SetWindowTextA
GetDlgCtrlID
LoadStringA
UnregisterClassA
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
LoadBitmapA
DestroyWindow
GetKeyboardState

gdi32

Escape
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
GetStockObject
GetObjectA
EnumFontFamiliesExA
AddFontResourceA
RemoveFontResourceA
GetDeviceCaps
GetPixel
CreateCompatibleBitmap
CreateDCA
GetDIBits
RealizePalette
SelectPalette
CreateBitmap
SaveDC
RestoreDC
SetBkColor
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
PtVisible
RectVisible
TextOutA
ExtTextOutA
DeleteObject

comdlg32

PrintDlgA
GetFileTitleA

winspool.drv

GetPrinterA
DocumentPropertiesA
ClosePrinter
SetPrinterA
OpenPrinterA
EnumPrintersA

advapi32

RegCloseKey
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExA
RegOpenKeyA
RegEnumKeyA
RegQueryInfoKeyA
RegSetKeySecurity
RegOpenKeyExA
CopySid
GetLengthSid
GetTokenInformation
OpenProcessToken
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
AddAce
InitializeAcl
FreeSid
AllocateAndInitializeSid
RegGetKeySecurity
RegSetValueExA
RegCreateKeyExA
GetUserNameA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyA

shell32

SHGetSpecialFolderPathA
SHEmptyRecycleBinA
SHChangeNotify
ShellExecuteA

comctl32

ord17

ole32

CoCreateGuid
CoCreateInstance

wininet

InternetOpenUrlA
InternetCloseHandle
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
DeleteUrlCacheEntry
InternetGetConnectedState
InternetOpenA

Exports

Exports

GetNewInf

Sections

.text
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
响亮取名软件/iext.fnr
.dll windows:4 windows x86 arch:x86

c026af21a6e107158b65bf9034b57c76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapSize
GetACP
GetTimeZoneInformation
VirtualFree
VirtualAlloc
IsBadWritePtr
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
RaiseException
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
TerminateProcess
ExitProcess
GetCommandLineA
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileTime
GetFileSize
GetFileAttributesA
GetOEMCP
GetCPInfo
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
GlobalFree
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
HeapAlloc
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetLastError
SetLastError
lstrcpynA
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
GetModuleHandleA
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
CloseHandle
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GlobalUnlock
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
GetEnvironmentStringsW

user32

SetFocus
MapWindowPoints
LoadIconA
SetWindowTextA
ShowWindow
CharUpperA
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
UnregisterClassA
GetClassNameA
PtInRect
GetSysColorBrush
LoadStringA
DestroyMenu
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
AdjustWindowRectEx
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
CopyRect
ReleaseDC
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
PeekMessageA
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
PostQuitMessage
OffsetRect
GetTopWindow
GetWindow
SendMessageA
GetFocus
InvalidateRect
GetSysColor
SetWindowLongA
GetWindowLongA
IsWindowVisible
GetWindowRect
IntersectRect
IsRectEmpty
RedrawWindow
GetClientRect
UpdateWindow
ClientToScreen
FillRect
DestroyWindow
GetParent
LoadCursorA
KillTimer
SetTimer
GetCursorPos
ScreenToClient
PostMessageA
IsWindow
EnableWindow
DestroyIcon
GetDC

gdi32

SetWindowExtEx
ScaleWindowExtEx
DeleteObject
ScaleViewportExtEx
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetCurrentObject
GetStockObject
CreateFontIndirectA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

comctl32

ImageList_SetBkColor
ImageList_Destroy
ImageList_GetImageInfo
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Create
ImageList_LoadImageA
ImageList_Read
ord17
ImageList_GetImageCount
ImageList_Duplicate

Exports

Exports

GetNewInf

Sections

.text
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
响亮取名软件/iext2.fne
.dll windows:4 windows x86 arch:x86

7286ba50216c69a37eae6422826c4a4f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvfw32

DrawDibDraw
DrawDibClose
DrawDibOpen

avifil32

AVIStreamGetFrameClose
AVIFileExit
AVIStreamInfoA
AVIStreamSampleToTime
AVIStreamStart
AVIStreamLength
AVIStreamGetFrameOpen
AVIStreamOpenFromFileA
AVIStreamRelease
AVIStreamGetFrame
AVIFileInit

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
MulDiv
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
TerminateProcess
ExitProcess
GetACP
HeapSize
ExitThread
GetTimeZoneInformation
RaiseException
GetCommandLineA
RtlUnwind
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
SetErrorMode
GetCurrentThread
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
SuspendThread
SetThreadPriority
ResumeThread
WaitForSingleObject
GetFileTime
GetFileSize
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcmpA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
lstrcpynA
GetLastError
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
SetLastError
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GlobalReAlloc
CreateEventA
GetProcAddress
ResetEvent
SetEvent
FreeLibrary
LoadLibraryA
lstrlenA
GlobalAlloc
lstrcpyA
GlobalUnlock
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GlobalSize
GlobalLock
GlobalFree
FindResourceA
LoadResource
LockResource
Sleep
CreateThread
CloseHandle
GetModuleFileNameA
OpenFile
GetTickCount
IsBadReadPtr

user32

LoadStringA
DestroyMenu
GetSysColorBrush
GetClassNameA
UnregisterClassA
PostQuitMessage
TranslateMessage
ValidateRect
CharUpperA
EndDialog
CreateDialogIndirectParamA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
LoadIconA
PostMessageA
SendDlgItemMessageA
MapWindowPoints
GetFocus
SetActiveWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
IsWindowVisible
GetTopWindow
MessageBoxA
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
SetWindowLongA
EnumDisplaySettingsA
EqualRect
PtInRect
IntersectRect
SetCursor
GetCapture
SetCapture
GetCursorPos
GetMessageA
DispatchMessageA
ReleaseCapture
LoadCursorA
OemToCharA
CharToOemA
MsgWaitForMultipleObjects
PeekMessageA
DrawStateA
CopyRect
FrameRect
InflateRect
GetSysColor
DrawFocusRect
ClientToScreen
WindowFromPoint
GetActiveWindow
GetNextDlgTabItem
GetWindowLongA
GetKeyState
InvertRect
UnionRect
IsRectEmpty
wsprintfA
DestroyIcon
SendMessageA
SetRect
UpdateWindow
GetDC
ReleaseDC
EnableWindow
FillRect
KillTimer
InvalidateRect
SetTimer
IsWindow
GetClientRect
GetWindowRect
GetParent
OffsetRect

gdi32

MoveToEx
LineTo
Ellipse
PtVisible
RectVisible
ExtTextOutA
Escape
Rectangle
GetCurrentObject
RoundRect
Pie
Chord
Arc
Polygon
GetTextExtentPoint32A
GetPixel
CreateDIBitmap
PatBlt
SetBkColor
SetStretchBltMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
GetClipBox
CreateFontIndirectA
CreateBrushIndirect
CreateHatchBrush
CreatePatternBrush
StretchDIBits
CreateDIBSection
CreateSolidBrush
SetBkMode
TextOutA
GetDIBits
CreatePen
SetTextColor
GetStockObject
DeleteObject
StretchBlt
DeleteDC
GetDeviceCaps
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
CreateBitmap
GetObjectA
SetDIBitsToDevice
SetPixelV

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegEnumKeyA
RegOpenKeyA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA

shell32

ExtractIconExA
ExtractIconA

comctl32

ImageList_SetBkColor
ImageList_Draw
ImageList_Remove
ImageList_GetImageInfo
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_AddMasked
_TrackMouseEvent
ImageList_Write
ImageList_Destroy
ImageList_Create
ImageList_Read
ImageList_GetImageCount
ord17
ImageList_Duplicate

ole32

OleUninitialize
OleInitialize

winmm

PlaySoundA

Exports

Exports

GetNewInf

Sections

.text
Size: 296KB - Virtual size: 292KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
响亮取名软件/kernel32
.dll windows:5 windows x86 arch:x86

437d147ea3f4a34fff9ac2110441696a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

_wcsnicmp
NtFsControlFile
NtCreateFile
RtlAllocateHeap
RtlFreeHeap
NtOpenFile
NtQueryInformationFile
NtQueryEaFile
RtlLengthSecurityDescriptor
NtQuerySecurityObject
NtSetEaFile
NtSetSecurityObject
NtSetInformationFile
CsrClientCallServer
NtDeviceIoControlFile
NtClose
RtlInitUnicodeString
wcscspn
RtlUnicodeToMultiByteSize
wcslen
_memicmp
memmove
NtQueryValueKey
NtOpenKey
NtFlushKey
NtSetValueKey
NtCreateKey
RtlNtStatusToDosError
RtlFreeUnicodeString
RtlDnsHostNameToComputerName
wcsncpy
RtlUnicodeStringToAnsiString
RtlxUnicodeStringToAnsiSize
NlsMbCodePageTag
RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlCreateUnicodeStringFromAsciiz
wcschr
wcsstr
RtlPrefixString
_wcsicmp
RtlGetFullPathName_U
RtlGetCurrentDirectory_U
NtQueryInformationProcess
RtlUnicodeStringToOemString
RtlReleasePebLock
RtlEqualUnicodeString
RtlAcquirePebLock
RtlFreeAnsiString
RtlSetCurrentDirectory_U
RtlTimeToTimeFields
NtSetSystemTime
RtlTimeFieldsToTime
NtQuerySystemInformation
RtlSetTimeZoneInformation
NtSetSystemInformation
RtlCutoverTimeToSystemTime
_allmul
NtEnumerateKey
RtlOpenCurrentUser
RtlQueryRegistryValues
_itow
DbgBreakPoint
RtlFreeSid
RtlSetDaclSecurityDescriptor
RtlCreateSecurityDescriptor
RtlAddAccessAllowedAce
RtlCreateAcl
RtlLengthSid
RtlAllocateAndInitializeSid
DbgPrint
NtOpenProcess
CsrGetProcessId
DbgUiDebugActiveProcess
DbgUiConnectToDbg
DbgUiIssueRemoteBreakin
NtSetInformationDebugObject
DbgUiGetThreadDebugObject
NtQueryInformationThread
DbgUiConvertStateChangeStructure
DbgUiWaitStateChange
DbgUiContinue
DbgUiStopDebugging
RtlDosPathNameToNtPathName_U
RtlIsDosDeviceName_U
RtlCreateAtomTable
NtAddAtom
RtlAddAtomToAtomTable
NtFindAtom
RtlLookupAtomInAtomTable
NtDeleteAtom
RtlDeleteAtomFromAtomTable
NtQueryInformationAtom
RtlQueryAtomInAtomTable
RtlOemStringToUnicodeString
RtlMultiByteToUnicodeN
RtlUnicodeToMultiByteN
RtlMultiByteToUnicodeSize
RtlPrefixUnicodeString
RtlLeaveCriticalSection
RtlEnterCriticalSection
NtEnumerateValueKey
RtlIsTextUnicode
NtReadFile
NtAllocateVirtualMemory
NtUnlockFile
NtLockFile
RtlAppendUnicodeStringToString
RtlAppendUnicodeToString
RtlCopyUnicodeString
NtFreeVirtualMemory
NtWriteFile
RtlCreateUnicodeString
RtlFormatCurrentUserKeyPath
RtlGetLongestNtPathLength
NtDuplicateObject
NtQueryKey
NtDeleteValueKey
RtlEqualString
CsrFreeCaptureBuffer
CsrCaptureMessageString
CsrAllocateCaptureBuffer
strncpy
RtlCharToInteger
RtlUpcaseUnicodeChar
RtlUpcaseUnicodeString
CsrAllocateMessagePointer
NtQueryObject
wcscmp
RtlCompareMemory
NtQueryDirectoryObject
NtQuerySymbolicLinkObject
NtOpenSymbolicLinkObject
NtOpenDirectoryObject
NtCreateIoCompletion
NtSetIoCompletion
NtRemoveIoCompletion
NtSetInformationProcess
NtQueryDirectoryFile
RtlDeleteCriticalSection
NtNotifyChangeDirectoryFile
NtWaitForSingleObject
RtlInitializeCriticalSection
NtQueryVolumeInformationFile
NtFlushBuffersFile
RtlDeactivateActivationContextUnsafeFast
RtlActivateActivationContextUnsafeFast
NtCancelIoFile
NtReadFileScatter
NtWriteFileGather
wcscpy
NtOpenSection
NtMapViewOfSection
NtFlushVirtualMemory
RtlFlushSecureMemoryCache
NtUnmapViewOfSection
NtCreateSection
NtQueryFullAttributesFile
swprintf
NtQueryAttributesFile
RtlDetermineDosPathNameType_U
NtRaiseHardError
NtQuerySystemEnvironmentValueEx
RtlGUIDFromString
NtSetSystemEnvironmentValueEx
RtlInitString
RtlUnlockHeap
RtlSetUserValueHeap
RtlFreeHandle
RtlAllocateHandle
RtlLockHeap
RtlSizeHeap
RtlGetUserInfoHeap
RtlReAllocateHeap
RtlIsValidHandle
RtlCompactHeap
RtlImageNtHeader
NtProtectVirtualMemory
NtQueryVirtualMemory
NtLockVirtualMemory
NtUnlockVirtualMemory
NtFlushInstructionCache
NtAllocateUserPhysicalPages
NtFreeUserPhysicalPages
NtMapUserPhysicalPages
NtMapUserPhysicalPagesScatter
NtGetWriteWatch
NtResetWriteWatch
NtSetInformationObject
LdrQueryImageFileExecutionOptions
CsrNewThread
CsrClientConnectToServer
RtlCreateTagHeap
LdrSetDllManifestProber
RtlSetThreadPoolStartFunc
RtlEncodePointer
_stricmp
wcscat
RtlCreateHeap
RtlDestroyHeap
RtlExtendHeap
RtlQueryTagHeap
RtlUsageHeap
RtlValidateHeap
RtlGetProcessHeaps
RtlWalkHeap
RtlSetHeapInformation
RtlQueryHeapInformation
RtlInitializeHandleTable
RtlExtendedLargeIntegerDivide
NtCreateMailslotFile
RtlFormatMessage
RtlFindMessage
LdrUnloadDll
LdrUnloadAlternateResourceModule
LdrDisableThreadCalloutsForDll
strchr
LdrGetDllHandle
LdrUnlockLoaderLock
LdrAddRefDll
RtlComputePrivatizedDllName_U
RtlPcToFileHeader
LdrLockLoaderLock
RtlGetVersion
LdrEnumerateLoadedModules
RtlVerifyVersionInfo
RtlUnicodeStringToInteger
LdrLoadAlternateResourceModule
RtlDosApplyFileIsolationRedirection_Ustr
LdrLoadDll
LdrGetProcedureAddress
LdrFindResource_U
LdrAccessResource
LdrFindResourceDirectory_U
RtlImageDirectoryEntryToData
_strcmpi
NtSetInformationThread
NtOpenThreadToken
NtCreateNamedPipeFile
RtlDefaultNpAcl
RtlDosSearchPath_Ustr
RtlInitUnicodeStringEx
RtlQueryEnvironmentVariable_U
RtlAnsiCharToUnicodeChar
RtlIntegerToChar
NtSetVolumeInformationFile
RtlIsNameLegalDOS8Dot3
NtQueryPerformanceCounter
sprintf
NtPowerInformation
NtInitiatePowerAction
NtSetThreadExecutionState
NtRequestWakeupLatency
NtGetDevicePowerState
NtIsSystemResumeAutomatic
NtRequestDeviceWakeup
NtCancelDeviceWakeupRequest
NtWriteVirtualMemory
LdrShutdownProcess
NtTerminateProcess
RtlRaiseStatus
RtlSetEnvironmentVariable
RtlExpandEnvironmentStrings_U
NtReadVirtualMemory
RtlCompareUnicodeString
NtCreateJobSet
NtCreateJobObject
NtIsProcessInJob
RtlEqualSid
RtlSubAuthoritySid
RtlInitializeSid
NtQueryInformationToken
NtOpenProcessToken
NtResumeThread
NtAssignProcessToJobObject
CsrCaptureMessageMultiUnicodeStringsInPlace
NtCreateThread
NtCreateProcessEx
RtlDestroyEnvironment
NtQuerySection
NtQueryInformationJobObject
RtlGetNativeSystemInformation
RtlxAnsiStringToUnicodeSize
NtOpenEvent
NtQueryEvent
NtTerminateThread
wcsrchr
NlsMbOemCodePageTag
RtlxUnicodeStringToOemSize
NtAdjustPrivilegesToken
RtlImpersonateSelf
wcsncmp
RtlDestroyProcessParameters
RtlCreateProcessParameters
RtlInitializeCriticalSectionAndSpinCount
NtSetEvent
NtClearEvent
NtPulseEvent
NtCreateSemaphore
NtOpenSemaphore
NtReleaseSemaphore
NtCreateMutant
NtOpenMutant
NtReleaseMutant
NtSignalAndWaitForSingleObject
NtWaitForMultipleObjects
NtDelayExecution
NtCreateTimer
NtOpenTimer
NtSetTimer
NtCancelTimer
NtCreateEvent
RtlCopyLuid
strrchr
_vsnwprintf
RtlReleaseActivationContext
RtlActivateActivationContextEx
RtlQueryInformationActivationContext
NtOpenThread
LdrShutdownThread
RtlFreeThreadActivationContextStack
NtGetContextThread
NtSetContextThread
NtSuspendThread
RtlRaiseException
RtlDecodePointer
towlower
RtlClearBits
RtlFindClearBitsAndSet
RtlAreBitsSet
NtQueueApcThread
NtYieldExecution
RtlRegisterWait
RtlDeregisterWait
RtlDeregisterWaitEx
RtlQueueWorkItem
RtlSetIoCompletionCallback
RtlCreateTimerQueue
RtlCreateTimer
RtlUpdateTimer
RtlDeleteTimer
RtlDeleteTimerQueueEx
CsrIdentifyAlertableThread
RtlApplicationVerifierStop
_alloca_probe
RtlDestroyQueryDebugBuffer
RtlQueryProcessDebugInformation
RtlCreateQueryDebugBuffer
RtlCreateEnvironment
RtlFreeOemString
strstr
toupper
isdigit
atol
tolower
NtOpenJobObject
NtTerminateJobObject
NtSetInformationJobObject
RtlAddRefActivationContext
RtlZombifyActivationContext
RtlActivateActivationContext
RtlDeactivateActivationContext
RtlGetActiveActivationContext
DbgPrintEx
LdrDestroyOutOfProcessImage
LdrAccessOutOfProcessResource
LdrFindCreateProcessManifest
LdrCreateOutOfProcessImage
RtlNtStatusToDosErrorNoTeb
RtlpApplyLengthFunction
RtlGetLengthWithoutLastFullDosOrNtPathElement
RtlpEnsureBufferSize
RtlMultiAppendUnicodeStringBuffer
_snwprintf
RtlCreateActivationContext
RtlFindActivationContextSectionString
RtlFindActivationContextSectionGuid
_allshl
RtlNtPathNameToDosPathName
RtlUnhandledExceptionFilter
CsrCaptureMessageBuffer
NtQueryInstallUILanguage
NtQueryDefaultUILanguage
wcspbrk
RtlGetDaclSecurityDescriptor
NtCreateDirectoryObject
_wcslwr
_wtol
RtlIntegerToUnicodeString
NtQueryDefaultLocale
_strlwr
RtlUnwind

Exports

Exports

ActivateActCtx
AddAtomA
AddAtomW
AddConsoleAliasA
AddConsoleAliasW
AddLocalAlternateComputerNameA
AddLocalAlternateComputerNameW
AddRefActCtx
AddVectoredExceptionHandler
AllocConsole
AllocateUserPhysicalPages
AreFileApisANSI
AssignProcessToJobObject
AttachConsole
BackupRead
BackupSeek
BackupWrite
BaseCheckAppcompatCache
BaseCleanupAppcompatCache
BaseCleanupAppcompatCacheSupport
BaseDumpAppcompatCache
BaseFlushAppcompatCache
BaseInitAppcompatCache
BaseInitAppcompatCacheSupport
BaseProcessInitPostImport
BaseQueryModuleData
BaseUpdateAppcompatCache
BasepCheckWinSaferRestrictions
Beep
BeginUpdateResourceA
BeginUpdateResourceW
BindIoCompletionCallback
BuildCommDCBA
BuildCommDCBAndTimeoutsA
BuildCommDCBAndTimeoutsW
BuildCommDCBW
CallNamedPipeA
CallNamedPipeW
CancelDeviceWakeupRequest
CancelIo
CancelTimerQueueTimer
CancelWaitableTimer
ChangeTimerQueueTimer
CheckNameLegalDOS8Dot3A
CheckNameLegalDOS8Dot3W
CheckRemoteDebuggerPresent
ClearCommBreak
ClearCommError
CloseConsoleHandle
CloseHandle
CloseProfileUserMapping
CmdBatNotification
CommConfigDialogA
CommConfigDialogW
CompareFileTime
CompareStringA
CompareStringW
ConnectNamedPipe
ConsoleMenuControl
ContinueDebugEvent
ConvertDefaultLocale
ConvertFiberToThread
ConvertThreadToFiber
CopyFileA
CopyFileExA
CopyFileExW
CopyFileW
CopyLZFile
CreateActCtxA
CreateActCtxW
CreateConsoleScreenBuffer
CreateDirectoryA
CreateDirectoryExA
CreateDirectoryExW
CreateDirectoryW
CreateEventA
CreateEventW
CreateFiber
CreateFiberEx
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateHardLinkA
CreateHardLinkW
CreateIoCompletionPort
CreateJobObjectA
CreateJobObjectW
CreateJobSet
CreateMailslotA
CreateMailslotW
CreateMemoryResourceNotification
CreateMutexA
CreateMutexW
CreateNamedPipeA
CreateNamedPipeW
CreateNlsSecurityDescriptor
CreatePipe
CreateProcessA
CreateProcessInternalA
CreateProcessInternalW
CreateProcessInternalWSecure
CreateProcessW
CreateRemoteThread
CreateSemaphoreA
CreateSemaphoreW
CreateSocketHandle
CreateTapePartition
CreateThread
CreateTimerQueue
CreateTimerQueueTimer
CreateToolhelp32Snapshot
CreateVirtualBuffer
CreateWaitableTimerA
CreateWaitableTimerW
DeactivateActCtx
DebugActiveProcess
DebugActiveProcessStop
DebugBreak
DebugBreakProcess
DebugSetProcessKillOnExit
DecodePointer
DecodeSystemPointer
DefineDosDeviceA
DefineDosDeviceW
DelayLoadFailureHook
DeleteAtom
DeleteCriticalSection
DeleteFiber
DeleteFileA
DeleteFileW
DeleteTimerQueue
DeleteTimerQueueEx
DeleteTimerQueueTimer
DeleteVolumeMountPointA
DeleteVolumeMountPointW
DeviceIoControl
DisableThreadLibraryCalls
DisconnectNamedPipe
DnsHostnameToComputerNameA
DnsHostnameToComputerNameW
DosDateTimeToFileTime
DosPathToSessionPathA
DosPathToSessionPathW
DuplicateConsoleHandle
DuplicateHandle
EncodePointer
EncodeSystemPointer
EndUpdateResourceA
EndUpdateResourceW
EnterCriticalSection
EnumCalendarInfoA
EnumCalendarInfoExA
EnumCalendarInfoExW
EnumCalendarInfoW
EnumDateFormatsA
EnumDateFormatsExA
EnumDateFormatsExW
EnumDateFormatsW
EnumLanguageGroupLocalesA
EnumLanguageGroupLocalesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceNamesA
EnumResourceNamesW
EnumResourceTypesA
EnumResourceTypesW
EnumSystemCodePagesA
EnumSystemCodePagesW
EnumSystemGeoID
EnumSystemLanguageGroupsA
EnumSystemLanguageGroupsW
EnumSystemLocalesA
EnumSystemLocalesW
EnumTimeFormatsA
EnumTimeFormatsW
EnumUILanguagesA
EnumUILanguagesW
EnumerateLocalComputerNamesA
EnumerateLocalComputerNamesW
EraseTape
EscapeCommFunction
ExitProcess
ExitThread
ExitVDM
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
ExpungeConsoleCommandHistoryA
ExpungeConsoleCommandHistoryW
ExtendVirtualBuffer
FatalAppExitA
FatalAppExitW
FatalExit
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
FillConsoleOutputCharacterW
FindActCtxSectionGuid
FindActCtxSectionStringA
FindActCtxSectionStringW
FindAtomA
FindAtomW
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationA
FindFirstChangeNotificationW
FindFirstFileA
FindFirstFileExA
FindFirstFileExW
FindFirstFileW
FindFirstVolumeA
FindFirstVolumeMountPointA
FindFirstVolumeMountPointW
FindFirstVolumeW
FindNextChangeNotification
FindNextFileA
FindNextFileW
FindNextVolumeA
FindNextVolumeMountPointA
FindNextVolumeMountPointW
FindNextVolumeW
FindResourceA
FindResourceExA
FindResourceExW
FindResourceW
FindVolumeClose
FindVolumeMountPointClose
FlushConsoleInputBuffer
FlushFileBuffers
FlushInstructionCache
FlushViewOfFile
FoldStringA
FoldStringW
FormatMessageA
FormatMessageW
FreeConsole
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
FreeResource
FreeUserPhysicalPages
FreeVirtualBuffer
GenerateConsoleCtrlEvent
GetACP
GetAtomNameA
GetAtomNameW
GetBinaryType
GetBinaryTypeA
GetBinaryTypeW
GetCPFileNameFromRegistry
GetCPInfo
GetCPInfoExA
GetCPInfoExW
GetCalendarInfoA
GetCalendarInfoW
GetComPlusPackageInstallStatus
GetCommConfig
GetCommMask
GetCommModemStatus
GetCommProperties
GetCommState
GetCommTimeouts
GetCommandLineA
GetCommandLineW
GetCompressedFileSizeA
GetCompressedFileSizeW
GetComputerNameA
GetComputerNameExA
GetComputerNameExW
GetComputerNameW
GetConsoleAliasA
GetConsoleAliasExesA
GetConsoleAliasExesLengthA
GetConsoleAliasExesLengthW
GetConsoleAliasExesW
GetConsoleAliasW
GetConsoleAliasesA
GetConsoleAliasesLengthA
GetConsoleAliasesLengthW
GetConsoleAliasesW
GetConsoleCP
GetConsoleCharType
GetConsoleCommandHistoryA
GetConsoleCommandHistoryLengthA
GetConsoleCommandHistoryLengthW
GetConsoleCommandHistoryW
GetConsoleCursorInfo
GetConsoleCursorMode
GetConsoleDisplayMode
GetConsoleFontInfo
GetConsoleFontSize
GetConsoleHardwareState
GetConsoleInputExeNameA
GetConsoleInputExeNameW
GetConsoleInputWaitHandle
GetConsoleKeyboardLayoutNameA
GetConsoleKeyboardLayoutNameW
GetConsoleMode
GetConsoleNlsMode
GetConsoleOutputCP
GetConsoleProcessList
GetConsoleScreenBufferInfo
GetConsoleSelectionInfo
GetConsoleTitleA
GetConsoleTitleW
GetConsoleWindow
GetCurrencyFormatA
GetCurrencyFormatW
GetCurrentActCtx
GetCurrentConsoleFont
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDateFormatW
GetDefaultCommConfigA
GetDefaultCommConfigW
GetDefaultSortkeySize
GetDevicePowerState
GetDiskFreeSpaceA
GetDiskFreeSpaceExA
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDllDirectoryA
GetDllDirectoryW
GetDriveTypeA
GetDriveTypeW
GetEnvironmentStrings
GetEnvironmentStringsA
GetEnvironmentStringsW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetExitCodeProcess
GetExitCodeThread
GetExpandedNameA
GetExpandedNameW
GetFileAttributesA
GetFileAttributesExA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileSizeEx
GetFileTime
GetFileType
GetFirmwareEnvironmentVariableA
GetFirmwareEnvironmentVariableW
GetFullPathNameA
GetFullPathNameW
GetGeoInfoA
GetGeoInfoW
GetHandleContext
GetHandleInformation
GetLargestConsoleWindowSize
GetLastError
GetLinguistLangSize
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDriveStringsA
GetLogicalDriveStringsW
GetLogicalDrives
GetLogicalProcessorInformation
GetLongPathNameA
GetLongPathNameW
GetMailslotInfo
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetNamedPipeHandleStateA
GetNamedPipeHandleStateW
GetNamedPipeInfo
GetNativeSystemInfo
GetNextVDMCommand
GetNlsSectionName
GetNumaAvailableMemory
GetNumaAvailableMemoryNode
GetNumaHighestNodeNumber
GetNumaNodeProcessorMask
GetNumaProcessorMap
GetNumaProcessorNode
GetNumberFormatA
GetNumberFormatW
GetNumberOfConsoleFonts
GetNumberOfConsoleInputEvents
GetNumberOfConsoleMouseButtons
GetOEMCP
GetOverlappedResult
GetPriorityClass
GetPrivateProfileIntA
GetPrivateProfileIntW
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
GetPrivateProfileStringA
GetPrivateProfileStringW
GetPrivateProfileStructA
GetPrivateProfileStructW
GetProcAddress
GetProcessAffinityMask
GetProcessDEPPolicy
GetProcessHandleCount
GetProcessHeap
GetProcessHeaps
GetProcessId
GetProcessIoCounters
GetProcessPriorityBoost
GetProcessShutdownParameters
GetProcessTimes
GetProcessVersion
GetProcessWorkingSetSize
GetProfileIntA
GetProfileIntW
GetProfileSectionA
GetProfileSectionW
GetProfileStringA
GetProfileStringW
GetQueuedCompletionStatus
GetShortPathNameA
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetStringTypeExA
GetStringTypeExW
GetStringTypeW
GetSystemDEPPolicy
GetSystemDefaultLCID
GetSystemDefaultLangID
GetSystemDefaultUILanguage
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetSystemPowerStatus
GetSystemRegistryQuota
GetSystemTime
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetSystemTimes
GetSystemWindowsDirectoryA
GetSystemWindowsDirectoryW
GetSystemWow64DirectoryA
GetSystemWow64DirectoryW
GetTapeParameters
GetTapePosition
GetTapeStatus
GetTempFileNameA
GetTempFileNameW
GetTempPathA
GetTempPathW
GetThreadContext
GetThreadIOPendingFlag
GetThreadLocale
GetThreadPriority
GetThreadPriorityBoost
GetThreadSelectorEntry
GetThreadTimes
GetTickCount
GetTimeFormatA
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetUserDefaultUILanguage
GetUserGeoID
GetVDMCurrentDirectories
GetVersion
GetVersionExA
GetVersionExW
GetVolumeInformationA
GetVolumeInformationW
GetVolumeNameForVolumeMountPointA
GetVolumeNameForVolumeMountPointW
GetVolumePathNameA
GetVolumePathNameW
GetVolumePathNamesForVolumeNameA
GetVolumePathNamesForVolumeNameW
GetWindowsDirectoryA
GetWindowsDirectoryW
GetWriteWatch
GlobalAddAtomA
GlobalAddAtomW
GlobalAlloc
GlobalCompact
GlobalDeleteAtom
GlobalFindAtomA
GlobalFindAtomW
GlobalFix
GlobalFlags

Sections

.text
Size: 524KB - Virtual size: 524KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 565KB - Virtual size: 564KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
响亮取名软件/spec.fne
.dll windows:4 windows x86 arch:x86

be3fe1d11f8ee4e772d13163095b126a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SetTimer
KillTimer

kernel32

GetTickCount
FreeLibrary
GetProcAddress
LoadLibraryA
HeapFree
HeapAlloc
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
RtlUnwind
GetLastError
CloseHandle
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
WriteFile
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle
FlushFileBuffers
GetCPInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP

Exports

Exports

GetNewInf

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
响亮取名软件/wininet.dll
.dll windows:5 windows x86 arch:x86

4eaf96aeeebf7735e59897702aee9c4f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegCreateKeyA
RegOpenKeyA
RegEnumKeyA
CryptGetProvParam
CryptSetProvParam
CryptAcquireContextA
CryptReleaseContext
RegDeleteValueA
OpenThreadToken
OpenProcessToken
GetTokenInformation
RegOpenKeyExW
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetUserNameA
OpenSCManagerA
EnumServicesStatusA
CloseServiceHandle
RegCreateKeyExW

crypt32

CertGetNameStringW
CryptDecodeObject
CertFindRDNAttr
CertRDNValueToStrA
CertControlStore
CertNameToStrA
CertCreateCertificateContext
CertGetCertificateContextProperty
CertFindCertificateInStore
CertSetCertificateContextProperty
CertOpenSystemStoreA
CertCloseStore
CertFindExtension
CertGetIntendedKeyUsage
CertDuplicateCertificateContext
CertFreeCertificateContext
CryptUnprotectData

kernel32

ExpandEnvironmentStringsA
SuspendThread
TerminateThread
GetACP
RtlMoveMemory
InitializeCriticalSectionAndSpinCount
ResetEvent
CreateThread
Sleep
SetErrorMode
FormatMessageA
lstrcatA
SystemTimeToFileTime
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
TlsGetValue
TlsAlloc
GetCurrentThreadId
TlsFree
TlsSetValue
ExitThread
GetTimeFormatA
lstrcpyA
InterlockedCompareExchange
GetCurrentThread
GetCurrentProcess
IsDBCSLeadByte
IsBadReadPtr
GlobalAlloc
GlobalFree
IsBadStringPtrW
DeleteFileA
IsBadCodePtr
IsBadWritePtr
SleepEx
GetModuleFileNameA
GetSystemTime
WritePrivateProfileStringA
WriteFile
SetFilePointer
ReadFile
FileTimeToSystemTime
LocalReAlloc
InitializeCriticalSection
InterlockedDecrement
DeleteCriticalSection
InterlockedIncrement
LocalAlloc
WaitForMultipleObjects
GetFileTime
ReleaseSemaphore
CreateSemaphoreA
LocalFileTimeToFileTime
MoveFileA
MoveFileExA
GetVersion
CompareStringA
GetFileAttributesA
GetEnvironmentVariableA
GetWindowsDirectoryA
RemoveDirectoryA
GetShortPathNameA
FileTimeToDosDateTime
SetFileAttributesA
CreateDirectoryA
GetPrivateProfileStringA
SetFileTime
CopyFileA
DeviceIoControl
GetDiskFreeSpaceA
FindClose
FindNextFileA
FindFirstFileA
DosDateTimeToFileTime
FlushViewOfFile
UnmapViewOfFile
MapViewOfFileEx
CreateFileMappingA
OpenFileMappingA
SetEndOfFile
LoadLibraryExA
GetUserDefaultLCID
HeapFree
HeapAlloc
GetProcessHeap
GetComputerNameA
LoadLibraryW
GlobalUnlock
GlobalLock
GlobalSize
lstrcpynW
GetDateFormatA
WaitForSingleObject
GetProcAddress
LoadLibraryA
lstrcmpiA
GetLastError
FreeLibrary
lstrcpynA
lstrlenA
WideCharToMultiByte
InterlockedExchange
CloseHandle
OpenEventA
LeaveCriticalSection
EnterCriticalSection
SetLastError
LocalFree
GetVersionExA
GetFileSize
CreateFileA
GetSystemDirectoryA
lstrlenW
MultiByteToWideChar
GetModuleHandleA
OpenMutexA
CreateMutexA
ReleaseMutex
RaiseException
lstrcmpA
SetEvent
CreateEventA
IsBadStringPtrA

msvcrt

memchr
isdigit
strpbrk
isspace
isalnum
time
strtoul
_vsnprintf
_ftol
ispunct
iscntrl
isalpha
_purecall
_CxxThrowException
wcsncpy
wcscat
wcsstr
srand
rand
wcslen
_wtoi
wcscpy
_wcsnicmp
wcstok
_wcsicmp
wcscmp
malloc
free
realloc
_initterm
_adjust_fdiv
__dllonexit
_onexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
sprintf
isxdigit
_except_handler3

oleaut32

SysStringByteLen
SysAllocStringLen
VariantClear
VariantInit
SysFreeString

shlwapi

PathRemoveFileSpecW
PathRemoveBackslashA
PathRemoveFileSpecA
StrNCatA
ord419
PathRenameExtensionA
ord215
SHDeleteKeyA
StrCmpNIW
ord342
wvnsprintfA
ord52
ord57
ord308
ord260
StrCmpNIA
StrStrA
ord151
StrChrW
StrChrA
ord154
ord217
UrlCombineW
UrlCanonicalizeW
ord340
UrlCombineA
UrlCanonicalizeA
ord153
PathCreateFromUrlA
UrlUnescapeA
StrNCatW
StrToIntW
StrCpyW
ord68
ord95
ord136
StrStrIA
StrCmpW
SHRegGetUSValueA
StrCmpNA
StrToIntA
StrCatBuffA
StrRChrA
StrCmpIW
ord59
ord107
SHSetValueW
ord563
ord437
ord309
StrStrIW
SHGetValueW
SHSetValueA
SHGetValueA
wnsprintfA
wnsprintfW
StrCpyNW
PathFindFileNameW
ord158
ord125
SHRegGetValueW
ord80
ord97
ord83
ord138
StrCatBuffW
ord310
ord311
ord143
ord128

user32

IsCharAlphaNumericA
IntersectRect
EqualRect
wsprintfW
LoadIconA
LoadImageA
DestroyIcon
SetForegroundWindow
EnumChildWindows
SetWindowTextA
GetParent
GetWindowRect
ScreenToClient
SetWindowPos
SendMessageA
PostMessageA
FindWindowA
LoadStringA
ShowWindow
GetDesktopWindow
wsprintfA
CharLowerA
DestroyWindow
IsDlgButtonChecked
EnableWindow
SetFocus
GetDlgItem
EndDialog
CheckDlgButton
CreateWindowExA
RegisterWindowMessageA
KillTimer
SetTimer
DefWindowProcA
SetWindowLongA
GetWindowLongA
RegisterClassA
CharNextA
CharToOemA
CharUpperA
CharLowerW
SendDlgItemMessageA
IsWindow
CharNextExA
WinHelpA

Exports

Exports

CommitUrlCacheEntryA
CommitUrlCacheEntryW
CreateMD5SSOHash
CreateUrlCacheContainerA
CreateUrlCacheContainerW
CreateUrlCacheEntryA
CreateUrlCacheEntryW
CreateUrlCacheGroup
DeleteIE3Cache
DeleteUrlCacheContainerA
DeleteUrlCacheContainerW
DeleteUrlCacheEntry
DeleteUrlCacheEntryA
DeleteUrlCacheEntryW
DeleteUrlCacheGroup
DetectAutoProxyUrl
DllInstall
FindCloseUrlCache
FindFirstUrlCacheContainerA
FindFirstUrlCacheContainerW
FindFirstUrlCacheEntryA
FindFirstUrlCacheEntryExA
FindFirstUrlCacheEntryExW
FindFirstUrlCacheEntryW
FindFirstUrlCacheGroup
FindNextUrlCacheContainerA
FindNextUrlCacheContainerW
FindNextUrlCacheEntryA
FindNextUrlCacheEntryExA
FindNextUrlCacheEntryExW
FindNextUrlCacheEntryW
FindNextUrlCacheGroup
ForceNexusLookup
ForceNexusLookupExW
FreeUrlCacheSpaceA
FreeUrlCacheSpaceW
FtpCommandA
FtpCommandW
FtpCreateDirectoryA
FtpCreateDirectoryW
FtpDeleteFileA
FtpDeleteFileW
FtpFindFirstFileA
FtpFindFirstFileW
FtpGetCurrentDirectoryA
FtpGetCurrentDirectoryW
FtpGetFileA
FtpGetFileEx
FtpGetFileSize
FtpGetFileW
FtpOpenFileA
FtpOpenFileW
FtpPutFileA
FtpPutFileEx
FtpPutFileW
FtpRemoveDirectoryA
FtpRemoveDirectoryW
FtpRenameFileA
FtpRenameFileW
FtpSetCurrentDirectoryA
FtpSetCurrentDirectoryW
GetUrlCacheConfigInfoA
GetUrlCacheConfigInfoW
GetUrlCacheEntryInfoA
GetUrlCacheEntryInfoExA
GetUrlCacheEntryInfoExW
GetUrlCacheEntryInfoW
GetUrlCacheGroupAttributeA
GetUrlCacheGroupAttributeW
GetUrlCacheHeaderData
GopherCreateLocatorA
GopherCreateLocatorW
GopherFindFirstFileA
GopherFindFirstFileW
GopherGetAttributeA
GopherGetAttributeW
GopherGetLocatorTypeA
GopherGetLocatorTypeW
GopherOpenFileA
GopherOpenFileW
HttpAddRequestHeadersA
HttpAddRequestHeadersW
HttpCheckDavCompliance
HttpEndRequestA
HttpEndRequestW
HttpOpenRequestA
HttpOpenRequestW
HttpQueryInfoA
HttpQueryInfoW
HttpSendRequestA
HttpSendRequestExA
HttpSendRequestExW
HttpSendRequestW
IncrementUrlCacheHeaderData
InternetAlgIdToStringA
InternetAlgIdToStringW
InternetAttemptConnect
InternetAutodial
InternetAutodialCallback
InternetAutodialHangup
InternetCanonicalizeUrlA
InternetCanonicalizeUrlW
InternetCheckConnectionA
InternetCheckConnectionW
InternetClearAllPerSiteCookieDecisions
InternetCloseHandle
InternetCombineUrlA
InternetCombineUrlW
InternetConfirmZoneCrossing
InternetConfirmZoneCrossingA
InternetConfirmZoneCrossingW
InternetConnectA
InternetConnectW
InternetCrackUrlA
InternetCrackUrlW
InternetCreateUrlA
InternetCreateUrlW
InternetDial
InternetDialA
InternetDialW
InternetEnumPerSiteCookieDecisionA
InternetEnumPerSiteCookieDecisionW
InternetErrorDlg
InternetFindNextFileA
InternetFindNextFileW
InternetFortezzaCommand
InternetGetCertByURL
InternetGetCertByURLA
InternetGetConnectedState
InternetGetConnectedStateEx
InternetGetConnectedStateExA
InternetGetConnectedStateExW
InternetGetCookieA
InternetGetCookieExA
InternetGetCookieExW
InternetGetCookieW
InternetGetLastResponseInfoA
InternetGetLastResponseInfoW
InternetGetPerSiteCookieDecisionA
InternetGetPerSiteCookieDecisionW
InternetGoOnline
InternetGoOnlineA
InternetGoOnlineW
InternetHangUp
InternetInitializeAutoProxyDll
InternetLockRequestFile
InternetOpenA
InternetOpenUrlA
InternetOpenUrlW
InternetOpenW
InternetQueryDataAvailable
InternetQueryFortezzaStatus
InternetQueryOptionA
InternetQueryOptionW
InternetReadFile
InternetReadFileExA
InternetReadFileExW
InternetSecurityProtocolToStringA
InternetSecurityProtocolToStringW
InternetSetCookieA
InternetSetCookieExA
InternetSetCookieExW
InternetSetCookieW
InternetSetDialState
InternetSetDialStateA
InternetSetDialStateW
InternetSetFilePointer
InternetSetOptionA
InternetSetOptionExA
InternetSetOptionExW
InternetSetOptionW
InternetSetPerSiteCookieDecisionA
InternetSetPerSiteCookieDecisionW
InternetSetStatusCallback
InternetSetStatusCallbackA
InternetSetStatusCallbackW
InternetShowSecurityInfoByURL
InternetShowSecurityInfoByURLA
InternetShowSecurityInfoByURLW
InternetTimeFromSystemTime
InternetTimeFromSystemTimeA
InternetTimeFromSystemTimeW
InternetTimeToSystemTime
InternetTimeToSystemTimeA
InternetTimeToSystemTimeW
InternetUnlockRequestFile
InternetWriteFile
InternetWriteFileExA
InternetWriteFileExW
IsHostInProxyBypassList
IsUrlCacheEntryExpiredA
IsUrlCacheEntryExpiredW
LoadUrlCacheContent
ParseX509EncodedCertificateForListBoxEntry
PrivacyGetZonePreferenceW
PrivacySetZonePreferenceW
ReadUrlCacheEntryStream
RegisterUrlCacheNotification
ResumeSuspendedDownload
RetrieveUrlCacheEntryFileA
RetrieveUrlCacheEntryFileW
RetrieveUrlCacheEntryStreamA
RetrieveUrlCacheEntryStreamW
RunOnceUrlCache
SetUrlCacheConfigInfoA
SetUrlCacheConfigInfoW
SetUrlCacheEntryGroup
SetUrlCacheEntryGroupA
SetUrlCacheEntryGroupW
SetUrlCacheEntryInfoA
SetUrlCacheEntryInfoW
SetUrlCacheGroupAttributeA
SetUrlCacheGroupAttributeW
SetUrlCacheHeaderData
ShowCertificate
ShowClientAuthCerts
ShowSecurityInfo
ShowX509EncodedCertificate
UnlockUrlCacheEntryFile
UnlockUrlCacheEntryFileA
UnlockUrlCacheEntryFileW
UnlockUrlCacheEntryStream
UpdateUrlCacheContentPath
UrlZonesDetach
_GetFileExtensionFromUrl

Sections

.text
Size: 550KB - Virtual size: 550KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
响亮取名软件/zm.fne
响亮取名软件/zw.fne
响亮取名软件/响亮宝宝取名软件 V15.0.exe
.exe windows:4 windows x86 arch:x86

89a921f5a89a013af5f7c6f5c3e68855

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
OutputDebugStringA
ExpandEnvironmentStringsA
GlobalAlloc
GetTempPathA
SetFileAttributesA
GetFileAttributesA
MoveFileA
CopyFileA
CreateDirectoryA
SetVolumeLabelA
GetDiskFreeSpaceA
SetLocalTime
GetCommandLineA
CreateProcessA
SetCurrentDirectoryA
GetCurrentThreadId
GetModuleHandleA
GlobalSize
GlobalLock
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
WinExec
lstrcpyA
GetCurrentDirectoryA
GetLogicalDriveStringsA
GetDriveTypeA
GetVolumeInformationA
GlobalUnlock
GlobalReAlloc
HeapFree
HeapReAlloc
HeapAlloc
GetComputerNameA
GetProcessHeap
FindResourceA
LoadResource
LockResource
CreateThread
DeleteFileA
RemoveDirectoryA
FindNextFileA
GetModuleFileNameA
Sleep
MulDiv
FindFirstFileA
FindClose
CreateFileA
CloseHandle
DeviceIoControl
GetVersionExA
GetFullPathNameA
lstrlenW
lstrlenA
GetUserDefaultLCID
GetTickCount
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
ExitThread
VirtualQuery
lstrcpyW
ExitProcess
GetEnvironmentVariableA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileSectionNamesA
GetProfileStringA
SetEvent
GetCommModemStatus
GetOverlappedResult
WaitForMultipleObjects
GetLastError
ClearCommError
WaitCommEvent
CreateEventA
ReadFile
WriteFile
SetCommState
GetCommState
SetCommMask
SetCommTimeouts
LeaveCriticalSection
EnterCriticalSection
ReleaseSemaphore
ResumeThread
CreateSemaphoreA
SetLastError
lstrcpynA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetVersion
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
MultiByteToWideChar
LocalAlloc
LocalFree
TlsAlloc
GlobalHandle
TlsFree
TlsSetValue
LocalReAlloc
TlsGetValue
DuplicateHandle
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
GetFileTime
SetStdHandle
CompareStringW
CompareStringA
IsBadCodePtr
IsBadReadPtr
UnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
SetEnvironmentVariableA
SetEnvironmentVariableW
IsBadWritePtr
VirtualAlloc
HeapCreate
HeapDestroy
LCMapStringW
LCMapStringA
GetACP
HeapSize
TerminateProcess
GetLocalTime
GetProcAddress
GetSystemTime
GetTimeZoneInformation
RaiseException
RtlUnwind
GetOEMCP
GetCPInfo
GetProcessVersion
SetErrorMode
GlobalFlags
ReleaseMutex
CreateMutexA
SuspendThread
SetThreadPriority
GetCurrentThread
FormatMessageA
FileTimeToLocalFileTime
FileTimeToSystemTime
PurgeComm
EscapeCommFunction
lstrcmpA
GetCurrentProcess
WriteProcessMemory
FreeLibrary
VirtualProtect
lstrcmpiA
VirtualFree
LoadLibraryA
WaitForSingleObject

imagehlp

ImageDirectoryEntryToData

user32

WindowFromPoint
CharUpperA
ReleaseCapture
GetMessagePos
PtInRect
GetClientRect
GetCursorPos
SetCapture
SystemParametersInfoA
EnableWindow
SetRect
IsWindow
RedrawWindow
CopyRect
FillRect
GetSystemMetrics
DrawFrameControl
DrawEdge
InflateRect
OffsetRect
DrawFocusRect
GetWindowRect
GetParent
SendMessageA
GetSysColor
IsClipboardFormatAvailable
SetWindowLongA
GetWindowLongA
IsWindowVisible
SetParent
SetScrollPos
SetScrollRange
GetScrollRange
PostMessageA
SetTimer
KillTimer
WinHelpA
ChildWindowFromPointEx
ScreenToClient
SetWindowRgn
DestroyCursor
DestroyAcceleratorTable
GetWindow
GetTopWindow
GetActiveWindow
SetWindowPos
SetFocus
DestroyMenu
SetActiveWindow
IsIconic
PeekMessageA
SetMenu
SetCursorPos
WaitForInputIdle
CloseClipboard
OpenClipboard
SetClipboardData
EmptyClipboard
MessageBeep
LockWindowUpdate
ValidateRect
SetForegroundWindow
TrackPopupMenu
ScrollDC
InvertRect
SetCursor
wsprintfA
CreateMenu
ModifyMenuA
AppendMenuA
CreatePopupMenu
RegisterClipboardFormatA
SetRectEmpty
GetClassNameA
DrawIconEx
CreateIconFromResource
CreateIconFromResourceEx
LoadIconA
GetDesktopWindow
DefWindowProcA
GetClassInfoA
DeleteMenu
GetSystemMenu
IsZoomed
PostQuitMessage
CopyAcceleratorTableA
TranslateAcceleratorA
IsWindowEnabled
ShowWindow
GetWindowPlacement
RegisterWindowMessageA
GetForegroundWindow
GetLastActivePopup
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
DestroyWindow
GetWindowTextA
GetWindowTextLengthA
GetDlgItem
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetScrollPos
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
GetNextDlgTabItem
CheckMenuItem
SetMenuItemBitmaps
UnregisterClassA
LoadStringA
GetSysColorBrush
ClientToScreen
GetCapture
LoadCursorA
AdjustWindowRect
EnableMenuItem
GetSubMenu
GetMenu
EqualRect
IntersectRect
GetFocus
IsRectEmpty
IsChild
DestroyIcon
GetKeyState
GetMenuState
GetMenuCheckMarkDimensions
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
CreateDialogIndirectParamA
EndDialog
InvalidateRect
GetMessageA
GetDlgCtrlID
LoadBitmapA
MessageBoxA
LoadImageA
EnumDisplaySettingsA
ReleaseDC
GetDC
UpdateWindow
DispatchMessageA
CreateAcceleratorTableA
TranslateMessage
GetClipboardData

gdi32

SetTextColor
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExcludeClipRect
MoveToEx
LineTo
GetBkColor
GetPixel
ExtSelectClipRgn
GetViewportExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextMetricsA
GetROP2
GetStretchBltMode
GetPolyFillMode
StartPage
EndPage
CreateDCA
DPtoLP
CreateBrushIndirect
CreateHatchBrush
CreatePatternBrush
Ellipse
RoundRect
FillRgn
GetClipBox
CombineRgn
CreateRectRgn
GetClipRgn
CreatePolygonRgn
SetPixelV
LPtoDP
Pie
GetViewportOrgEx
GetWindowOrgEx
PatBlt
CreateCompatibleDC
BitBlt
CreateSolidBrush
GetStockObject
GetObjectA
GetDeviceCaps
RealizePalette
CreatePen
GetTextExtentPoint32A
CreateFontIndirectA
CreatePalette
Chord
Arc
Polygon
EndDoc
GetTextColor
Rectangle
SelectClipRgn
CreateDIBitmap
CreateCompatibleBitmap
CreateBitmap
SetBkColor
SelectObject
SetStretchBltMode
StretchBlt
DeleteDC
DeleteObject
GetWindowExtEx
GetBkMode
BeginPath
EndPath
PathToRegion
CreateEllipticRgn
CreateRoundRectRgn
GetSystemPaletteEntries
SelectPalette
GetDIBits
CreateDIBSection
SetPixel
ExtCreateRegion
CreateRectRgnIndirect
GetCurrentObject
StartDocA

winspool.drv

GetFormA
ClosePrinter
SetFormA
EnumFormsA
OpenPrinterA
DocumentPropertiesA
DeleteFormA
AddFormA

comdlg32

GetFileTitleA
ChooseColorA
CommDlgExtendedError
ChooseFontA
PrintDlgA
GetOpenFileNameA
GetSaveFileNameA

advapi32

RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegQueryValueA
RegDeleteValueA
RegCreateKeyA
RegSetValueExA

shell32

Shell_NotifyIconA
ShellExecuteA

ole32

OleUninitialize
OleRun
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleInitialize
CreateStreamOnHGlobal

oleaut32

OleCreateFontIndirect
SafeArrayPutElement
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetElement
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
VariantCopy
UnRegisterTypeLi
SysAllocString
VariantCopyInd
VariantInit
VariantChangeType
VariantClear
GetActiveObject
LoadTypeLi
LHashValOfNameSys
RegisterTypeLi
VarDateFromStr
OleCreatePictureIndirect

winmm

waveOutUnprepareHeader
midiStreamRestart
waveOutWrite
waveOutPause
waveOutReset
waveOutClose
waveOutGetNumDevs
waveOutOpen
midiOutUnprepareHeader
midiStreamOpen
midiStreamProperty
midiOutPrepareHeader
midiStreamOut
midiStreamStop
midiOutReset
midiStreamClose
waveOutPrepareHeader

comctl32

ImageList_Destroy
ord17
ImageList_LoadImageA

Sections

.text
Size: 880KB - Virtual size: 879KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 452KB - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
响亮取名软件/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

40e53c4191ba6b79c193870dc2ab08e6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

Exports

Exports

Sections

.text Size: 128KB - Virtual size: 126KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 60KB - Virtual size: 71KB

.rsrc Size: 12KB - Virtual size: 10KB

.reloc Size: 24KB - Virtual size: 21KB

f4b4bca30df7e9c871bbc7c4aade35c8

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 78KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 24KB - Virtual size: 77KB

.reloc Size: 8KB - Virtual size: 4KB

a8ae28fb7870151eb1647d665ac5f31c

Headers

File Characteristics

Imports

iphlpapi

shlwapi

mpr

winmm

ws2_32

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

wininet

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 188KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 56KB - Virtual size: 118KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 28KB - Virtual size: 24KB

c026af21a6e107158b65bf9034b57c76

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 122KB

.text
Size: 128KB - Virtual size: 126KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 60KB - Virtual size: 71KB

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 24KB - Virtual size: 21KB

.text
Size: 80KB - Virtual size: 78KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 24KB - Virtual size: 77KB

.reloc
Size: 8KB - Virtual size: 4KB

.text
Size: 192KB - Virtual size: 188KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 56KB - Virtual size: 118KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 28KB - Virtual size: 24KB

.text
Size: 124KB - Virtual size: 122KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 20KB - Virtual size: 74KB

.rsrc
Size: 20KB - Virtual size: 16KB

.reloc
Size: 20KB - Virtual size: 17KB

.text
Size: 296KB - Virtual size: 292KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 88KB - Virtual size: 148KB

.rsrc
Size: 20KB - Virtual size: 19KB

.reloc
Size: 36KB - Virtual size: 33KB

.text
Size: 524KB - Virtual size: 524KB

.data
Size: 9KB - Virtual size: 17KB

.rsrc
Size: 565KB - Virtual size: 564KB

.reloc
Size: 23KB - Virtual size: 23KB

.text
Size: 44KB - Virtual size: 40KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 24KB - Virtual size: 40KB

.reloc
Size: 8KB - Virtual size: 4KB

.text
Size: 550KB - Virtual size: 550KB

.data
Size: 9KB - Virtual size: 24KB

.rsrc
Size: 56KB - Virtual size: 55KB