543b5848419046394cb751617268a743

Sharing

Copy URL Twitter E-mail

General

Target

543b5848419046394cb751617268a743
Size

1.3MB
MD5

543b5848419046394cb751617268a743
SHA1

4a862cbbd28d28a78d6f9dfd55817931c3a07a19
SHA256

60ae7bf7b28950941b6a1cf0a00ffbb5be8407a72b95febbaf998cbeb6054fdd
SHA512

8d90e87711be5eb66bafefd397461e5fb9b5607052c6734cb1e366bf59223512fc0034ce8ad5e809b8515ff656a6eb5b267cd1300294fc0b8541c1ccc0813e5b
SSDEEP

24576:TK3/eO4P3o+nKNqVhiQnctc53R/VwRk3cheY8rCf4XZx+bX9O4zRPcKqbD+S:kePPK4VhiwB55aRychTUMmZx+bFPcX+S

Score

3^/10

Malware Config

Signatures

Unsigned PE 18 IoCs

Checks for missing Authenticode signature.

resource
unpack001/电影播霸365/P2PCore.dll
unpack001/电影播霸365/P2SCore.dll
unpack001/电影播霸365/RealMediaSplitter.ax
unpack001/电影播霸365/bbplayer.dll
unpack001/电影播霸365/ckcore.dll
unpack001/电影播霸365/codec/real/codecs/atrc.dll
unpack001/电影播霸365/codec/real/codecs/cook.dll
unpack001/电影播霸365/codec/real/codecs/drv1.dll
unpack001/电影播霸365/codec/real/codecs/drv2.dll
unpack001/电影播霸365/codec/real/codecs/drvc.dll
unpack001/电影播霸365/codec/real/codecs/raac.dll
unpack001/电影播霸365/codec/real/codecs/rv10.dll
unpack001/电影播霸365/codec/real/codecs/rv20.dll
unpack001/电影播霸365/codec/real/codecs/rv30.dll
unpack001/电影播霸365/codec/real/codecs/rv40.dll
unpack001/电影播霸365/codec/real/codecs/sipr.dll
unpack001/电影播霸365/pncrt.dll
unpack001/电影播霸365/电影播霸.exe

Files

543b5848419046394cb751617268a743
.rar
电影播霸365/P2PCore.dll
.dll windows:4 windows x86 arch:x86

206a844d55411ce078964a43febf0ab5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LockResource
SizeofResource
FindResourceExW
FindResourceW
GetLocalTime
LoadResource
WideCharToMultiByte
CreateFileA
WriteFile
CloseHandle
FlushFileBuffers
MultiByteToWideChar
LocalFree
SetFilePointer
GetModuleFileNameA
GetFileAttributesExA
FormatMessageW
GetLastError
lstrlenW
GetVolumeInformationA
ReadFile
GetFileSize
GetModuleFileNameW
GetSystemDirectoryA
CreateFileW
RaiseException
GetFileSizeEx
DeleteFileW
LeaveCriticalSection
InitializeCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
DisableThreadLibraryCalls
WaitForSingleObject
CreateEventW
GetTickCount
lstrlenA
IsBadCodePtr
Sleep
GlobalAlloc
SetEvent
GlobalFree
WritePrivateProfileStringW
GetPrivateProfileStringW
GetCurrentProcessId
GetCommandLineA
GetSystemDirectoryW
IsBadWritePtr
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
CopyFileW
WaitForMultipleObjects
ReadFileEx
CancelIo
WaitForMultipleObjectsEx
InterlockedIncrement
LoadLibraryW
FreeLibrary
GetProcAddress
GetFileType
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
SetHandleCount
LoadLibraryA
GetConsoleMode
LCMapStringW
LCMapStringA
GetConsoleCP
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
ExitThread
CreateThread
RtlUnwind
HeapCreate
VirtualFree
VirtualAlloc
GetModuleHandleA
ExitProcess
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
InterlockedDecrement
GetCPInfo
GetOEMCP
IsValidCodePage
GetStringTypeA
GetStringTypeW
GetStartupInfoA

ws2_32

inet_addr
inet_ntoa
sendto
WSACleanup
WSAStartup
bind
closesocket
htonl
WSAEventSelect
socket
gethostbyname
setsockopt
WSAWaitForMultipleEvents
recvfrom
ntohl
WSAGetLastError
ntohs
htons

shlwapi

PathFileExistsA

iphlpapi

GetAdaptersInfo

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

user32

UnregisterClassA

Exports

Exports

create_p2p_task
delete_p2p_task
get_p2p_id
get_p2phandle_peerinfo
get_p2phandle_serverlist
get_p2phandle_serverlog
p2p_add_share
p2p_delete_share
p2p_find_share
p2p_get_handle_info
p2p_get_netinfo
p2p_get_share_filelist
p2p_get_uplist
p2p_initialize
p2p_move_share
p2p_notify_new_finish
p2p_pause_share
p2p_pause_upload
p2p_reload_option
p2p_task_limit_speed
p2p_uninitialize
set_auto_reload_sharelist
set_p2p_allow_add_share
set_p2p_debug_flag
set_p2p_debug_supernode
set_p2p_downloader_mode
set_p2p_ini_filename
set_p2p_local_share
set_p2p_no_submit_share
set_p2p_temp_mode
set_p2p_upload_english_ver
set_p2p_upload_speed_control
set_p2p_upload_speed_max
set_p2p_uploader_mode
start_p2p_task

Sections

.text
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
电影播霸365/P2SCore.dll
.dll windows:4 windows x86 arch:x86

d211d2adbe8dbd67de0c41d595cd616a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateEventW
FreeLibrary
WaitForSingleObject
GetTickCount
GetProcAddress
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetEvent
LoadLibraryW
GetExitCodeThread
InitializeCriticalSection
CloseHandle
LockResource
FindResourceExW
WideCharToMultiByte
FindResourceW
Sleep
LoadResource
MultiByteToWideChar
WaitForMultipleObjects
SizeofResource
GetLastError
lstrlenW
WriteFile
GetSystemInfo
MapViewOfFile
UnmapViewOfFile
GetFileSize
ReadFile
CreateFileMappingW
GetOverlappedResult
SetFilePointer
CreateFileW
FlushFileBuffers
RaiseException
GetOEMCP
GetModuleFileNameW
CreateDirectoryW
GetLocalTime
SetEndOfFile
OutputDebugStringW
OutputDebugStringA
MoveFileW
GetUserDefaultLCID
lstrlenA
InterlockedIncrement
GetDiskFreeSpaceExW
DeleteFileW
ResetEvent
GetCurrentThreadId
InterlockedDecrement
SetFileTime
SystemTimeToFileTime
GetFileAttributesW
SetLastError
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
GetCPInfo
LCMapStringW
LCMapStringA
RtlUnwind
GetCommandLineA
GetTimeZoneInformation
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
CreateThread
ExitThread
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
LoadLibraryA
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapAlloc
GetStartupInfoA
GetFileType
SetHandleCount
GetStringTypeW
GetStringTypeA
GetModuleFileNameA
GetStdHandle
VirtualAlloc
VirtualFree
HeapCreate
IsValidCodePage
HeapDestroy
GetVersionExA
ExitProcess
TlsFree

user32

MessageBoxW
SendMessageW
SetWindowTextW
GetWindowTextW
PostMessageW
GetScrollPos
UnregisterClassA

shlwapi

StrStrIA
PathIsDirectoryW
PathFileExistsW
UrlGetPartA
StrRChrA
PathStripPathA
StrTrimA

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA
InternetTimeToSystemTimeA
InternetGetCookieA

ws2_32

WSAGetLastError
bind
WSASend
WSASocketW
WSAAccept
closesocket
listen
getsockname
WSAEventSelect
ioctlsocket
WSAStartup
htons
WSAConnect
ntohs
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
setsockopt
inet_ntoa
WSACleanup
htonl
gethostbyname
inet_addr
ntohl
WSARecv

p2pcore

p2p_get_handle_info
p2p_task_limit_speed
get_p2p_id
set_p2p_temp_mode
set_p2p_upload_speed_max
ord2
set_p2p_downloader_mode
set_p2p_ini_filename
set_p2p_no_submit_share
p2p_move_share
get_p2phandle_serverlog
ord1
p2p_get_netinfo
set_p2p_upload_speed_control
p2p_find_share
p2p_pause_upload
set_p2p_uploader_mode
get_p2phandle_peerinfo
create_p2p_task
get_p2phandle_serverlist
delete_p2p_task
start_p2p_task
set_p2p_local_share
p2p_add_share

winmm

timeGetTime

Exports

Exports

??0P2SP@@QAE@XZ
??1P2SP@@QAE@XZ
??4P2SP@@QAEAAV0@ABV0@@Z
?AsyncReportPartHash@P2SP@@SAHPAE0_J0H@Z
?CheckFinish@P2SP@@QAE_N_JHPAD_N@Z
?DebugDisableLoadLive@P2SP@@SAXXZ
?DelResumeInfo@P2SP@@SAHAAUst_TASK_PARAMS@@@Z
?DelTempFile@P2SP@@SAHAAUst_TASK_PARAMS@@@Z
?Delete@P2SP@@QAE_NXZ
?GetBlockInfo@P2SP@@QAEHPAHHAAH@Z
?GetFilenameByURL@P2SP@@SAXPB_WPA_WH@Z
?GetFilesizeByURL@P2SP@@SA_JPB_W@Z
?GetServerList@P2SP@@QAEKPAUtagP2SServerItem@@K@Z
?GetServerLog@P2SP@@QAEKPA_WK@Z
?GetSourceList@P2SP@@QAEKPAUP2SP_SOURCE_LIST@@K@Z
?GetSourceLog@P2SP@@QAEKPA_WKH@Z
?GetTaskLog@P2SP@@QAEHPA_WHAAK1AAH@Z
?GetTaskPartHash@P2SP@@QAEKPAEH@Z
?Init@P2SP@@SAHXZ
?InitOther@P2SP@@SAXXZ
?LimitDownloadSpeed@P2SP@@QAEXH@Z
?NotifyExternalSpeed@P2SP@@QAEXH@Z
?ParseResume@P2SP@@SAHPA_W0AAUst_TASK_PARAMS@@AAUst_TASK_INFO@@@Z
?Quit@P2SP@@SAXXZ
?SearchTest@P2SP@@SAXPB_WAAUP2S_SEARCH_RESULT@@@Z
?SendLiveStat@P2SP@@QAEHPAULIVE_INFO_CORE_STAT@@@Z
?SetCacheSize@P2SP@@SAXH@Z
?SetDU@P2SP@@SAXH@Z
?SetP2sTz@P2SP@@QAEXXZ
?SetProxy@P2SP@@SAXHIPA_W00@Z
?SetRetry@P2SP@@SAXHHH@Z
?SetUseServerTime@P2SP@@SAXH@Z
?Start@P2SP@@QAEXAAUst_TASK_PARAMS@@@Z
?StopAsync@P2SP@@QAEXXZ
?StopSync@P2SP@@QAEXXZ
?UpdateDebugConsole@P2SP@@QAEKPA_WK@Z
?UpdateInfo@P2SP@@QAEXAAUst_TASK_INFO@@@Z
?get_complete@P2SP@@QAEPAEAAH@Z
?get_p2p_user_complete@P2SP@@QAEHKPA_J0HAAH@Z
p2s_enable_p4s
p2s_get_p2p_id
p2s_get_sharefile_url
p2s_hash_cid
p2s_make_upload
p2s_p2p_add_share
p2s_p2p_get_network_traffic
p2s_p2p_get_upload_speed
p2s_p2p_move_share
p2s_p2p_no_submit_share
p2s_p2p_pause_upload
p2s_p2p_set_downloader_mode
p2s_p2p_set_ini_filename
p2s_p2p_set_local_share
p2s_p2p_set_temp_mode
p2s_p2p_set_upload_speed_control
p2s_p2p_set_upload_speed_max
p2s_p2p_set_uploader_mode
p2s_report_url_fgid

Sections

.text
Size: 404KB - Virtual size: 401KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
电影播霸365/RealMediaSplitter.ax
.dll regsvr32 windows:4 windows x86 arch:x86

e55045fafe5ca0e8458178d6994851c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
LocalAlloc
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
lstrcatA
GlobalFlags
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCPInfo
GetOEMCP
HeapAlloc
HeapFree
ExitProcess
RtlUnwind
VirtualProtect
VirtualQuery
GetCommandLineA
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
TerminateProcess
HeapDestroy
HeapCreate
IsBadWritePtr
QueryPerformanceCounter
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetFullPathNameA
lstrcpyA
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpA
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
Sleep
CreateFileA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcessId
CreateThread
GetTickCount
SetThreadPriority
GetModuleHandleA
VirtualAlloc
GetCurrentThreadId
GetCurrentProcess
DuplicateHandle
VirtualFree
GetSystemInfo
WaitForSingleObject
ResetEvent
SetEvent
CreateEventA
CloseHandle
InterlockedDecrement
InterlockedIncrement
DisableThreadLibraryCalls
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
RaiseException
LoadLibraryA
GetProcAddress
GetModuleFileNameA
SetCurrentDirectoryA
FreeLibrary
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange

user32

DrawTextExA
DrawTextA
TabbedTextOutA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
PostMessageA
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
IsIconic
CopyRect
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowPos
SetWindowLongA
GetDlgItem
ClientToScreen
GetDlgCtrlID
GetWindowRect
PtInRect
GetFocus
SetWindowTextA
GetClassNameA
SetWindowsHookExA
CallNextHookEx
GetKeyState
ValidateRect
GetWindowTextA
LoadCursorA
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetSystemMetrics
UnhookWindowsHookEx
SendMessageA
MessageBoxA
PostQuitMessage
DestroyMenu
GetWindowPlacement
GrayStringA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
DispatchMessageA
RegisterWindowMessageA
PeekMessageA
UnregisterClassA
CharUpperA
GetWindow

gdi32

ScaleWindowExtEx
DeleteDC
GetStockObject
SetWindowExtEx
TextOutA
RectVisible
PtVisible
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
GetClipBox
CreateBitmap
DeleteObject
GetDeviceCaps
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
ExtTextOutA

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA
RegSetValueA
RegCreateKeyA
RegDeleteKeyA

comctl32

ord17

shlwapi

PathStripToRootA
PathFindFileNameA
PathFileExistsA
PathRemoveFileSpecA
PathAddBackslashA
PathIsUNCA

ole32

CLSIDFromString
StringFromGUID2
CoFreeUnusedLibraries
CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoInitialize

oleaut32

SysAllocStringLen
VariantChangeType
VariantClear
VariantInit
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 188KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
电影播霸365/bbplayer.dll
.dll regsvr32 windows:4 windows x86 arch:x86

c1d76e40bf3cf4340ca06a3c0ebfafa3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

rpcrt4

UuidCreate

kernel32

GlobalAddAtomW
GlobalDeleteAtom
lstrcmpW
Sleep
GetTickCount
CreateEventW
GetFileAttributesW
GetFileSize
FindNextFileW
FindClose
GetFullPathNameW
FindFirstFileW
GetDiskFreeSpaceExW
GetDriveTypeW
GetLogicalDriveStringsW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
SystemTimeToFileTime
GetSystemTime
RemoveDirectoryW
DeleteFileW
ReleaseSemaphore
CreateSemaphoreW
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
GetFileSizeEx
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapCreate
GetCommandLineA
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
ExitThread
VirtualQuery
GetSystemInfo
GetModuleHandleA
VirtualProtect
RtlUnwind
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange
lstrlenA
SetFilePointer
ReadFile
GetProcAddress
LoadLibraryW
MoveFileW
CreateFileW
WriteFile
GetCurrentProcessId
CreateThread
WaitForMultipleObjects
ResetEvent
WaitForSingleObject
SetEvent
CloseHandle
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
SetLastError
GetCurrentThreadId
WideCharToMultiByte
GetCurrentProcess
FlushInstructionCache
FindResourceExW
LockResource
GetThreadLocale
SetThreadLocale
GetModuleHandleW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
InterlockedDecrement
InterlockedIncrement
lstrcmpiW
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrlenW
GetModuleFileNameW

user32

UnregisterClassA
CharNextW
DestroyWindow
SetWindowLongW
MoveWindow
GetWindowRect
ShowWindow
SendMessageW
SetWindowPos
DefWindowProcW
CreateDialogParamW
PtInRect
UnionRect
GetWindowLongW
GetDlgItem
GetClassInfoExW
LoadCursorW
IsWindow
IsWindowVisible
BeginDeferWindowPos
ReleaseDC
GetDC
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
EndPaint
GetClientRect
BeginPaint
CallWindowProcW
GetKeyState
EndDeferWindowPos
GetClassLongW
GetSystemMetrics
InflateRect
DrawEdge
DrawFocusRect
GetCapture
GetDlgCtrlID
KillTimer
SetTimer
UpdateWindow
GetClassInfoW
DrawTextW
AdjustWindowRectEx
EnableWindow
IsWindowEnabled
GetMenu
SetForegroundWindow
InvalidateRect
RegisterClassExW
SetFocus
IsChild
GetFocus
GetParent
CreateWindowExW
PostQuitMessage
SetWindowsHookExW
MonitorFromPoint
UnhookWindowsHookEx
MonitorFromWindow
GetMonitorInfoW
SetParent
SystemParametersInfoW
GetCursorPos
ShowCursor
wsprintfW
BringWindowToTop
CallNextHookEx
PostMessageW
LoadImageW
CreateAcceleratorTableW
GetWindow
DestroyAcceleratorTable
GetDesktopWindow
FillRect
ReleaseCapture
GetClassNameW
SetCapture
RedrawWindow
InvalidateRgn
ClientToScreen
GetSysColor
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetDialogBaseUnits
DeferWindowPos
ScreenToClient
CopyRect
SetRect
SetPropW
MessageBoxW

gdi32

SetViewportOrgEx
DeleteDC
CreateDCW
CreateMetaFileW
SaveDC
SetWindowOrgEx
SetWindowExtEx
SetMapMode
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
GetDeviceCaps
LPtoDP
CreateFontIndirectW
StretchBlt
CreateBitmap
SetBkMode
SetTextColor
DPtoLP
DeleteObject
GetTextExtentPoint32W
GetTextMetricsW
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
SetBkColor
GetObjectW
GetStockObject
RestoreDC
CreateSolidBrush
ExtTextOutW

advapi32

RegQueryInfoKeyW
RegDeleteValueW
RegCloseKey
RegQueryValueExW
RegEnumKeyExW
RegDeleteKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW

shell32

ShellExecuteW

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance
OleLoadFromStream
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CreateDataAdviseHolder
CreateOleAdviseHolder
WriteClassStm
OleSaveToStream
GetRunningObjectTable
CreateItemMoniker
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
OleLockRunning
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoUninitialize
CoInitialize
CoFreeUnusedLibraries

oleaut32

SysStringLen
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
LoadRegTypeLi
VariantInit
VariantClear
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
OleCreatePropertyFrame
SysAllocStringLen
OleCreateFontIndirect
DispCallFunc
SysFreeString

shlwapi

PathIsDirectoryW

comctl32

ImageList_GetIconSize
ImageList_LoadImageW
ImageList_Draw
_TrackMouseEvent
ImageList_Destroy

wininet

InternetReadFile
HttpQueryInfoW
InternetOpenUrlW
InternetOpenW
InternetCloseHandle

ckcore

ack_start
ack_StatBin
ack_set_server
ack_end

p2score

p2s_p2p_set_upload_speed_max
?CheckFinish@P2SP@@QAE_N_JHPAD_N@Z
?LimitDownloadSpeed@P2SP@@QAEXH@Z
??1P2SP@@QAE@XZ
??0P2SP@@QAE@XZ
?GetFilenameByURL@P2SP@@SAXPB_WPA_WH@Z
?Start@P2SP@@QAEXAAUst_TASK_PARAMS@@@Z
?DebugDisableLoadLive@P2SP@@SAXXZ
?Init@P2SP@@SAHXZ
?InitOther@P2SP@@SAXXZ
?SetDU@P2SP@@SAXH@Z
p2s_p2p_set_upload_speed_control
?StopSync@P2SP@@QAEXXZ
?Quit@P2SP@@SAXXZ
?UpdateInfo@P2SP@@QAEXAAUst_TASK_INFO@@@Z
p2s_p2p_get_network_traffic
?GetBlockInfo@P2SP@@QAEHPAHHAAH@Z

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 284KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
电影播霸365/boba_buffer.html
电影播霸365/ckcore.dll
.dll windows:4 windows x86 arch:x86

04929565e45fac976b38344c84815747

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
FreeLibrary
RaiseException
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
IsDBCSLeadByte
FlushInstructionCache
GetCurrentProcess
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
SetLastError
Sleep
SuspendThread
WaitForSingleObject
SetThreadPriority
GetCurrentThread
GetVersionExA
lstrcmpA
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
GetProcAddress
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
ExitProcess
HeapCreate
GetCommandLineA
CreateThread
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualProtect
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetThreadLocale
GetLocaleInfoA
GetACP
ReadProcessMemory
WriteProcessMemory
GetTickCount
WriteFile
FlushFileBuffers
CloseHandle
CreateFileA
SetFilePointer
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FindResourceExA
FindResourceA
LoadResource
LockResource
SizeofResource
InterlockedExchange
lstrcmpiA
lstrlenW
lstrlenA
GetLastError
WideCharToMultiByte
MultiByteToWideChar
FreeEnvironmentStringsW

user32

DefWindowProcA
SetWindowLongA
GetWindowLongA
GetParent
SendMessageA
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
RegisterWindowMessageA
KillTimer
TranslateAcceleratorA
CharNextA
CreateAcceleratorTableA
DestroyAcceleratorTable
BeginPaint
EndPaint
FillRect
GetClassNameA
GetDlgItem
IsChild
InvalidateRgn
ChildWindowFromPoint
SetWindowPos
GetClientRect
ClientToScreen
UpdateWindow
InvalidateRect
ShowWindow
IsWindowVisible
RedrawWindow
SetCapture
GetDlgCtrlID
IsWindow
CallWindowProcA
GetMenuItemCount
GetMenuItemInfoA
SetTimer
ScreenToClient
GetMessageA
TranslateMessage
DispatchMessageA
LoadImageA
GetWindow
MoveWindow
PostMessageA
GetWindowRect
LoadStringW
PostQuitMessage
LoadStringA
SetMenuItemInfoA
CreateWindowExA
ReleaseCapture
GetClassInfoExA
DestroyWindow
GetFocus
GetSystemMetrics
GetDesktopWindow
RegisterClassExA
InflateRect
GetSysColor
ReleaseDC
GetDC
AdjustWindowRectEx
GetKeyState
SetFocus
SetMenuDefaultItem
CheckMenuRadioItem
GetMenuItemID
EnableMenuItem
AppendMenuA
DeleteMenu
LoadCursorA
SetCursor
UnregisterClassA

gdi32

CreateCompatibleDC
SetViewportOrgEx
CreateCompatibleBitmap
DeleteObject
Polygon
CreatePen
CreateSolidBrush
DeleteDC
BitBlt
GetDeviceCaps
GetObjectA
GetStockObject
SelectObject

advapi32

RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA
RegQueryInfoKeyA

ole32

OleInitialize
CreateStreamOnHGlobal
CLSIDFromProgID
OleLockRunning
StringFromGUID2
CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoGetClassObject
CLSIDFromString
OleUninitialize

oleaut32

VariantChangeType
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysAllocStringLen
VariantClear
VariantInit
VarBstrCat
SysStringLen
VarUI4FromStr
SysFreeString
DispCallFunc

comctl32

ImageList_BeginDrag
ImageList_Destroy
ImageList_Create
ImageList_EndDrag
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_DragLeave
ImageList_AddMasked

ws2_32

recvfrom
WSAGetLastError
socket
WSAAsyncSelect
closesocket
htons
sendto
inet_addr
gethostbyname
WSAStartup
WSACleanup

winmm

timeGetTime

Exports

Exports

ack_Stat
ack_StatBin
ack_end
ack_set_server
ack_start

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
电影播霸365/codec/real/codecs/atrc.dll
.dll windows:4 windows x86 arch:x86

5132cde9ac8899a69f40dfaacc320c4d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

_ftol
??3@YAXPAX@Z
memmove
calloc
free
malloc
_CIpow
floor
??2@YAPAXI@Z
_assert
_except_handler3
_purecall
_initterm
_adjust_fdiv
__dllonexit
_onexit

Exports

Exports

RACloseCodec
RACreateEncoderInstance
RADecode
RAEncode
RAFlush
RAFreeDecoder
RAFreeEncoder
RAGetBackend
RAGetDecoderBackendGUID
RAGetFlavorProperty
RAGetGUID
RAGetNumberOfFlavors
RAGetNumberOfFlavors2
RAInitDecoder
RAInitEncoder
RAOpenCodec
RAOpenCodec2
RASetComMode
RASetFlavor
_RASetPwd@8

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
电影播霸365/codec/real/codecs/cook.dll
.dll windows:4 windows x86 arch:x86

7186ef18b8145b9efacd73914d40cee0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

free
??3@YAXPAX@Z
memmove
_purecall
_CIpow
malloc
??2@YAPAXI@Z
_ftol
_initterm
_adjust_fdiv

Exports

Exports

RACloseCodec
RACreateEncoderInstance
RADecode
RAEncode
RAFlush
RAFreeDecoder
RAFreeEncoder
RAGetBackend
RAGetDecoderBackendGUID
RAGetFlavorProperty
RAGetGUID
RAGetNumberOfFlavors
RAGetNumberOfFlavors2
RAInitDecoder
RAInitEncoder
RAOpenCodec
RAOpenCodec2
RASetComMode
RASetFlavor
_RASetPwd@8

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
电影播霸365/codec/real/codecs/drv1.dll
.dll windows:4 windows x86 arch:x86

232d11e71e9db2c13e39696149eba4f6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

printf
putchar
free
_ftol
_iob
calloc
malloc
_initterm
_adjust_fdiv
fprintf

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetGUID
GetRV10DecParams
RV10toRGB3Alloc
RV10toRGB3Free
RV10toRGB3Init
RV10toRGB3Transform
RV10toYUVPostMove
RV10toYUVPostfilter
RV10toYUVTemporalInterp
RV10toYUVTemporalSetup
RV10toYUVTransform
SetRV10DecParams

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 797B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
电影播霸365/codec/real/codecs/drv2.dll
.dll windows:4 windows x86 arch:x86

44586b56c5dcc55b19268bed59258786

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

_initterm
_ftol
free
__CxxFrameHandler
malloc
_purecall
??2@YAPAXI@Z
??3@YAXPAX@Z
_adjust_fdiv

kernel32

DisableThreadLibraryCalls
GetSystemInfo

advapi32

RegOpenKeyExA
RegCloseKey

Exports

Exports

GetGUID
RV20toYUV420CustomMessage
RV20toYUV420Free
RV20toYUV420HiveMessage
RV20toYUV420Init
RV20toYUV420Transform
RV20toYUV420_RN_FRU_Free
RV20toYUV420_RN_FRU_GetFrame
RV20toYUV420_RN_FRU_Init
RV20toYUV420_RN_FRU_Setup

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

IACODE2
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

IACODE1
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

MMXCODE1
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MMXDATA1
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
电影播霸365/codec/real/codecs/drvc.dll
.dll windows:4 windows x86 arch:x86

5d841dc9603dda4e7058b842c1dedbfc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

__CxxFrameHandler
memmove
_ftol
_purecall
malloc
free
??3@YAXPAX@Z
_initterm
_adjust_fdiv
_beginthreadex
??2@YAPAXI@Z

kernel32

WaitForMultipleObjects
CreateThread
LeaveCriticalSection
EnterCriticalSection
GetPrivateProfileIntA
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
WaitForSingleObject
GetSystemInfo
CreateEventA
QueryPerformanceCounter
SetEvent
QueryPerformanceFrequency
ResetEvent

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Exports

Exports

?GetGUID@@YGJPAE@Z
RV40toYUV420CustomMessage
RV40toYUV420Free
RV40toYUV420HiveMessage
RV40toYUV420Init
RV40toYUV420Transform

Sections

.text
Size: 192KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
电影播霸365/codec/real/codecs/raac.dll
.dll windows:4 windows x86 arch:x86

2569b16af6a5e82c06ef6aed87f5e148

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

??2@YAPAXI@Z
memmove
_CxxThrowException
calloc
free
malloc
exp
fputs
printf
pow
??3@YAXPAX@Z
__CxxFrameHandler
strncpy
log10
atan
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
?terminate@@YAXXZ
_iob
log
_purecall
_except_handler3

kernel32

DisableThreadLibraryCalls
IsBadReadPtr

Exports

Exports

RACloseCodec
RACreateDecoderInstance
RACreateEncoderInstance
RADecode
RAFlush
RAFreeDecoder
RAGetBackend
RAGetFlavorProperty
RAGetGUID
RAInitDecoder
RAOpenCodec2
RASetComMode

Sections

.text
Size: 364KB - Virtual size: 363KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
电影播霸365/codec/real/codecs/rv10.dll
.dll windows:4 windows x86 arch:x86

7d0bbca4dd169c4c1a33b2513aa5069d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

rand
tolower
isupper
fprintf
strncpy
_stricmp
strchr
fread
fopen
__dllonexit
_onexit
free
_initterm
malloc
_adjust_fdiv
srand
memmove
fclose
_purecall
_ftol
??2@YAPAXI@Z
??3@YAXPAX@Z
_putenv

kernel32

DisableThreadLibraryCalls
GetProcAddress
FreeLibrary
SetErrorMode
LoadLibraryA
QueryPerformanceFrequency
QueryPerformanceCounter
GetTickCount

Exports

Exports

PNCodec_Close
PNCodec_GetMediaFormats
PNCodec_GetUIName
PNCodec_GetVersion
PNCodec_Input
PNCodec_Open
PNCodec_PreferredMediaFormat
PNCodec_QueryMediaFormat
PNCodec_StreamOpen
PNStream_Close
PNStream_GetIPNUnknown
PNStream_GetInputBufferSize
PNStream_GetProperty
PNStream_GetStreamHeader
PNStream_GetStreamHeaderSize
PNStream_Input
PNStream_OpenSettingsBox
PNStream_PostProcess
PNStream_ReleaseFrame
PNStream_SetDataCallback
PNStream_SetOutputPacketSize
PNStream_SetProperty
SetDLLAccessPath
_PNCodec_GetIPNUnknown@4

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
电影播霸365/codec/real/codecs/rv20.dll
.dll windows:4 windows x86 arch:x86

de93a6d25a8e8a4317757a0f9e71593a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

_stricmp
strchr
memmove
_purecall
_ftol
tolower
isupper
_initterm
_adjust_fdiv
strncpy
malloc
free
_putenv
??2@YAPAXI@Z
??3@YAXPAX@Z
__dllonexit
_onexit

kernel32

GetProcAddress
FreeLibrary
SetErrorMode
LoadLibraryA
DisableThreadLibraryCalls
QueryPerformanceFrequency
QueryPerformanceCounter

Exports

Exports

PNCodec_Close
PNCodec_GetMediaFormats
PNCodec_GetUIName
PNCodec_GetVersion
PNCodec_Input
PNCodec_Open
PNCodec_PreferredMediaFormat
PNCodec_QueryMediaFormat
PNCodec_StreamOpen
PNStream_Close
PNStream_GetIPNUnknown
PNStream_GetInputBufferSize
PNStream_GetProperty
PNStream_GetStreamHeader
PNStream_GetStreamHeaderSize
PNStream_Input
PNStream_OpenSettingsBox
PNStream_PostProcess
PNStream_ReleaseFrame
PNStream_SetDataCallback
PNStream_SetOutputPacketSize
PNStream_SetProperty
SetDLLAccessPath
_PNCodec_GetIPNUnknown@4

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
电影播霸365/codec/real/codecs/rv30.dll
.dll windows:4 windows x86 arch:x86

a5049b84d47d09c19faafd0e69f94d06

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

tolower
isupper
strncpy
_stricmp
__dllonexit
_onexit
_initterm
_adjust_fdiv
_ftol
memmove
_purecall
malloc
??2@YAPAXI@Z
free
??3@YAXPAX@Z
strchr
_putenv

kernel32

DisableThreadLibraryCalls
GetProcAddress
FreeLibrary
SetErrorMode
LoadLibraryA
QueryPerformanceFrequency
QueryPerformanceCounter
GetSystemInfo

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Exports

Exports

PNCodec_Close
PNCodec_GetMediaFormats
PNCodec_GetUIName
PNCodec_GetVersion
PNCodec_Input
PNCodec_Open
PNCodec_PreferredMediaFormat
PNCodec_QueryMediaFormat
PNCodec_StreamOpen
PNStream_Close
PNStream_GetIPNUnknown
PNStream_GetInputBufferSize
PNStream_GetProperty
PNStream_GetStreamHeader
PNStream_GetStreamHeaderSize
PNStream_Input
PNStream_OpenSettingsBox
PNStream_PostProcess
PNStream_ReleaseFrame
PNStream_SetDataCallback
PNStream_SetOutputPacketSize
PNStream_SetProperty
SetDLLAccessPath
_PNCodec_GetIPNUnknown@4

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
电影播霸365/codec/real/codecs/rv40.dll
.dll windows:4 windows x86 arch:x86

a5049b84d47d09c19faafd0e69f94d06

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

tolower
isupper
strncpy
_stricmp
__dllonexit
_onexit
_initterm
_adjust_fdiv
_ftol
memmove
_purecall
malloc
??2@YAPAXI@Z
free
??3@YAXPAX@Z
strchr
_putenv

kernel32

DisableThreadLibraryCalls
GetProcAddress
FreeLibrary
SetErrorMode
LoadLibraryA
QueryPerformanceFrequency
QueryPerformanceCounter
GetSystemInfo

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Exports

Exports

PNCodec_Close
PNCodec_GetMediaFormats
PNCodec_GetUIName
PNCodec_GetVersion
PNCodec_Input
PNCodec_Open
PNCodec_PreferredMediaFormat
PNCodec_QueryMediaFormat
PNCodec_StreamOpen
PNStream_Close
PNStream_GetIPNUnknown
PNStream_GetInputBufferSize
PNStream_GetProperty
PNStream_GetStreamHeader
PNStream_GetStreamHeaderSize
PNStream_Input
PNStream_OpenSettingsBox
PNStream_PostProcess
PNStream_ReleaseFrame
PNStream_SetDataCallback
PNStream_SetOutputPacketSize
PNStream_SetProperty
SetDLLAccessPath
_PNCodec_GetIPNUnknown@4

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 930B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
电影播霸365/codec/real/codecs/sipr.dll
.dll windows:4 windows x86 arch:x86

ab44f666347fdcd438ddb88f10cba053

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

frexp
??3@YAXPAX@Z
strncpy
_purecall
_ftol
rand
_CIpow
ldexp
??2@YAPAXI@Z
_CIacos
free
_initterm
malloc
_adjust_fdiv
__dllonexit
_onexit

Exports

Exports

RACloseCodec
RACreateEncoderInstance
RADecode
RAEncode
RAFlush
RAFreeDecoder
RAFreeEncoder
RAGetBackend
RAGetDecoderBackendGUID
RAGetFlavorProperty
RAGetGUID
RAGetNumberOfFlavors
RAInitDecoder
RAInitEncoder
RAOpenCodec
RAOpenCodec2
RASetComMode
RASetFlavor
RASetPwd
_RAGetNumberOfFlavors2@4

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
电影播霸365/image/boba/bottom.bmp
电影播霸365/image/boba/bottom_left.bmp
电影播霸365/image/boba/bottom_right.bmp
电影播霸365/image/boba/left.bmp
电影播霸365/image/boba/left_top.bmp
电影播霸365/image/boba/loading.gif
.gif
电影播霸365/image/boba/right.bmp
电影播霸365/image/boba/right_top.bmp
电影播霸365/image/boba/top.bmp
电影播霸365/image/boba/top_left.bmp
电影播霸365/image/boba/top_right.bmp
电影播霸365/image/boba/top_right_Down.bmp
电影播霸365/image/boba/top_right_Over.bmp
电影播霸365/image/vod/skin_bgrd.bmp
电影播霸365/image/vod/skin_btn_exitfs.bmp
电影播霸365/image/vod/skin_btn_fullscreen.bmp
电影播霸365/image/vod/skin_btn_mute.bmp
电影播霸365/image/vod/skin_btn_pause.bmp
电影播霸365/image/vod/skin_btn_play.bmp
电影播霸365/image/vod/skin_btn_topshow.bmp
电影播霸365/image/vod/skin_btn_voice.bmp
电影播霸365/image/vod/skin_slider_bgrd.bmp
电影播霸365/image/vod/skin_slider_thumb.bmp
电影播霸365/image/vod/skin_slider_voice_thumb.bmp
电影播霸365/pncrt.dll
.dll windows:4 windows x86 arch:x86

828907b7a8ec04c9c4031e40ef2f76ec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFilePointer
RtlUnwind
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetUnhandledExceptionFilter
GetModuleFileNameA
GetModuleFileNameW
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
ResumeThread
CreateThread
TlsSetValue
ExitThread
CloseHandle
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
HeapFree
HeapAlloc
HeapReAlloc
HeapValidate
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetConsoleCtrlHandler
SetEnvironmentVariableW
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
RaiseException
SetStdHandle
Sleep
CompareStringA
CompareStringW
GetLocaleInfoA
GetLocaleInfoW
IsValidLocale
IsValidCodePage
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
GetTimeZoneInformation
SetEnvironmentVariableA
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapCompact
HeapWalk
ReadConsoleA
SetConsoleMode
GetConsoleMode
SetEndOfFile
WriteConsoleA
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
LockFile
UnlockFile
CreateFileA
CreatePipe
ReadFile
CreateFileW
GetLocalTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
GetSystemTime
GetModuleHandleA

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_E__non_rtti_object@@UAEPAXI@Z
??_Ebad_cast@@UAEPAXI@Z
??_Ebad_typeid@@UAEPAXI@Z
??_Eexception@@UAEPAXI@Z
??_G__non_rtti_object@@UAEPAXI@Z
??_Gbad_cast@@UAEPAXI@Z
??_Gbad_typeid@@UAEPAXI@Z
??_Gexception@@UAEPAXI@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?terminate@@YAXXZ
?unexpected@@YAXXZ
?what@exception@@UBEPBDXZ
SetUserHeapAlloc
SetUserHeapCalloc
SetUserHeapFree
SetUserHeapReAlloc
SetUserHeapSize
SetUserHeapValidate
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CrtHeapAlloc
_CrtHeapCalloc
_CrtHeapFree
_CrtHeapReAlloc
_CrtHeapSize
_CrtHeapValidate
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CxxFrameHandler
__CxxLongjmpUnwind
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__argc
__argv
__badioinfo
__crtCompareStringA
__crtGetLocaleInfoW
__crtLCMapStringA
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__isascii
__iscsym
__iscsymf
__lc_codepage
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pioinfo
__pxcptinfoptrs
__set_app_type
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unguarded_readlc_active
__wargv
__wgetmainargs
__winitenv
_abnormal_termination
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_cexit
_cgets
_chdir
_chdrive
_chgsign
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_creat
_cscanf
_ctype
_cwait
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirsti64
_findnext
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_fsopen
_fstat
_fstati64
_ftime
_ftol
_fullpath
_futime
_gcvt
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getws
_global_unwind2
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_msize
_nextafter
_onexit
_open
_open_osfhandle
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putws
_pwctype
_read
_rmdir
_rmtmp
_rotl
_rotr
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_searchenv
_seh_longjmp_unwind
_set_error_mode
_set_sbh_threshold
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snwprintf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp
_spawnvpe
_splitpath
_stat
_stati64
_statusfp
_strcmpi
_strdate
_strdup
_strerror
_stricmp
_stricoll
_strlwr
_strncoll
_strnicmp
_strnicoll
_strnset
_strrev
_strset
_strtime
_strupr
_swab
_sys_errlist
_sys_nerr
_tell
_telli64
_tempnam
_timezone
_tolower
_toupper
_tzname
_tzset
_ui64toa
_ui64tow
_ultoa
_ultow
_umask
_ungetch
_unlink
_unloaddll
_unlock
_utime
_vsnprintf
_vsnwprintf
_waccess
_wasctime
_wchdir
_wchmod
_wcmdln
_wcreat
_wcsdup
_wcsicmp

Sections

.text
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
电影播霸365/新云软件.url
.url
电影播霸365/电影播霸.exe
.exe windows:4 windows x86 arch:x86

355306f84aee4bb07b6299bf922adb59

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
MulDiv
GlobalLock
GetLastError
GlobalUnlock
lstrcmpiW
MultiByteToWideChar
LoadLibraryExW
FlushFileBuffers
CloseHandle
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
SetFilePointer
RaiseException
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
WriteFile
IsValidCodePage
GetOEMCP
GetCPInfo
HeapCreate
HeapDestroy
ExitProcess
HeapSize
Sleep
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
lstrcmpW
FindResourceW
GetModuleFileNameW
SizeofResource
SetLastError
LoadResource
GetCurrentProcess
FlushInstructionCache
InterlockedDecrement
DeleteCriticalSection
InterlockedIncrement
GetCurrentThreadId
InitializeCriticalSection
GetPrivateProfileStringW
GetModuleHandleW
LeaveCriticalSection
GetPrivateProfileIntW
FreeLibrary
EnterCriticalSection
GetFileAttributesW
CreateMutexW
lstrlenW
RtlUnwind
GetStartupInfoW
HeapReAlloc
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange

user32

TranslateAcceleratorW
LoadIconW
DispatchMessageW
CharNextW
ClientToScreen
GetSystemMetrics
SetWindowLongW
ScreenToClient
OffsetRect
CreateAcceleratorTableW
GetWindowLongW
GetClientRect
GetDesktopWindow
LoadAcceleratorsW
GetWindowRect
GetDlgItem
SetFocus
GetSysColor
GetMessageW
SetCapture
SetWindowPos
RegisterClassExW
GetParent
MoveWindow
LoadCursorW
IsChild
GetClassInfoExW
RegisterWindowMessageW
GetWindow
RedrawWindow
LoadStringW
CallWindowProcW
FillRect
GetClassNameW
GetWindowTextLengthW
DefWindowProcW
IsWindow
ShowWindow
GetWindowTextW
GetFocus
SetWindowTextW
DestroyAcceleratorTable
InvalidateRgn
SetWindowRgn
PostMessageW
LoadImageW
InvalidateRect
SendMessageW
UpdateWindow
DestroyWindow
TranslateMessage
ReleaseDC
CreateWindowExW
GetWindowDC
GetDC
PostQuitMessage
ReleaseCapture
EndPaint
PtInRect
GetKeyState
BeginPaint
UnregisterClassA

gdi32

GetStockObject
DeleteObject
SelectObject
GetDeviceCaps
DeleteDC
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
StretchBlt
CreateRoundRectRgn
GetObjectW

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

ole32

OleLockRunning
CLSIDFromString
CoTaskMemAlloc
CoTaskMemFree
OleInitialize
CoTaskMemRealloc
OleUninitialize
CoCreateInstance
CLSIDFromProgID
CoGetClassObject
StringFromGUID2
CreateStreamOnHGlobal

oleaut32

SysStringByteLen
OleCreateFontIndirect
SysAllocStringLen
SysFreeString
SysAllocString
LoadRegTypeLi
VarUI4FromStr
VariantInit
VariantClear
LoadTypeLi
SysStringLen

Sections

.text
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
电影播霸365/电影播霸设置.bat

Sharing

General

Malware Config

Signatures

Files

206a844d55411ce078964a43febf0ab5

Headers

File Characteristics

Imports

kernel32

ws2_32

shlwapi

iphlpapi

version

user32

Exports

Exports

Sections

.text Size: 232KB - Virtual size: 231KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 8KB - Virtual size: 35KB

.rsrc Size: 4KB - Virtual size: 840B

.reloc Size: 16KB - Virtual size: 14KB

d211d2adbe8dbd67de0c41d595cd616a

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

wininet

ws2_32

p2pcore

winmm

Exports

Exports

Sections

.text Size: 404KB - Virtual size: 401KB

.rdata Size: 48KB - Virtual size: 47KB

.data Size: 12KB - Virtual size: 59KB

.rsrc Size: 4KB - Virtual size: 840B

.reloc Size: 24KB - Virtual size: 21KB

e55045fafe5ca0e8458178d6994851c2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 188KB - Virtual size: 184KB

.rdata Size: 52KB - Virtual size: 51KB

.data Size: 24KB - Virtual size: 36KB

.rsrc Size: 4KB - Virtual size: 928B

.reloc Size: 32KB - Virtual size: 28KB

c1d76e40bf3cf4340ca06a3c0ebfafa3

Headers

File Characteristics

Imports

rpcrt4

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

wininet

ckcore

.text
Size: 232KB - Virtual size: 231KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 8KB - Virtual size: 35KB

.rsrc
Size: 4KB - Virtual size: 840B

.reloc
Size: 16KB - Virtual size: 14KB

.text
Size: 404KB - Virtual size: 401KB

.rdata
Size: 48KB - Virtual size: 47KB

.data
Size: 12KB - Virtual size: 59KB

.rsrc
Size: 4KB - Virtual size: 840B

.reloc
Size: 24KB - Virtual size: 21KB

.text
Size: 188KB - Virtual size: 184KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 24KB - Virtual size: 36KB

.rsrc
Size: 4KB - Virtual size: 928B

.reloc
Size: 32KB - Virtual size: 28KB

.text
Size: 284KB - Virtual size: 280KB

.rdata
Size: 80KB - Virtual size: 76KB

.data
Size: 20KB - Virtual size: 26KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 28KB - Virtual size: 24KB

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 12KB - Virtual size: 18KB

.rsrc
Size: 4KB - Virtual size: 916B

.reloc
Size: 16KB - Virtual size: 15KB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 23KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 26KB

.rsrc
Size: 8KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: 72KB - Virtual size: 69KB

.rdata
Size: 4KB - Virtual size: 797B

.data
Size: 12KB - Virtual size: 155KB

.rsrc
Size: 4KB - Virtual size: 992B