585ff284f41b6e477c986907aaac5f0f

Sharing

Copy URL Twitter E-mail

General

Target

585ff284f41b6e477c986907aaac5f0f
Size

2.4MB
MD5

585ff284f41b6e477c986907aaac5f0f
SHA1

14ba72dfbe6df9254524c46fb53171ab1495b3e7
SHA256

d25e1f64feb73172b65765c3412879c6adc08072f1cd0e5094961bb9b82926f1
SHA512

805b33f4ba838086e3a196dc2edbcdd13e929de6f86491b7f60f57b63ef4e030d85ffb955da5b7629720090bb1c22cced6d746a0a88cad07a76aad81fb88b297
SSDEEP

49152:JsDLYero/BAmPQHovSNww1853IK0tklJQPN9gwzKgjtmDtaH:JsDEeEnPnxxIti0Oc5jtwS

Score

3^/10

Malware Config

Signatures

Unsigned PE 29 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Setup.exe
unpack002/A-master.exe
unpack002/Aston.exe
unpack002/Hook.dll
unpack002/Plugins/AClock.plg
unpack002/Plugins/AutoRun.plg
unpack002/Plugins/Cpu95nt.tbp
unpack002/Plugins/DisksEx.plg
unpack002/Plugins/MenuEx.plg
unpack002/Plugins/NoteBk.tbp
unpack002/Plugins/Panel.plg
unpack002/Plugins/QLaunch.plg
unpack002/Plugins/RecycleBinEx.plg
unpack002/Plugins/SkinClckEx.plg
unpack002/Plugins/Toppanel.plg
unpack002/Plugins/VertPanel.plg
unpack002/Plugins/Zoom.tbp
unpack002/Plugins/aes.dll
unpack002/PrintMon.exe
unpack002/SHDoctor.exe
unpack002/ShellSwp.exe
unpack002/Starter.dll
unpack002/Thwizard.exe
unpack002/Unins12.exe
unpack002/XP/indicdll.dll
unpack002/XP/internat.exe
unpack002/drawpng.dll
unpack002/mmkbd.dll
unpack001/UNRAR.DLL

Files

585ff284f41b6e477c986907aaac5f0f
.rar
FILE_ID.DIZ
Readme.txt
Setup.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 780B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Setup.r
.rar
A-master.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 64KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gs
Size: 141KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ASTON.HLP
Aston Trans Refresh.txt
Aston.cnt
Aston.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 45KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gs
Size: 115KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Aston.rc
Aston.url
FAQ.TXT
Hook.dll
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

MouseHookProc

Sections

CODE
Size: 1024B - Virtual size: 868B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 33B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 73B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
License.txt
Pictures/AltDesk.bmp
Pictures/Aston.bmp
Pictures/COMPUTER1.ani
Pictures/Car.ico
Pictures/Closed Folder.ico
Pictures/FreeCell.ico
Pictures/GLOBE.ANI
Pictures/Hearts.ico
Pictures/Help.ico
Pictures/Install.bmp
Pictures/Media Player.ico
Pictures/Media Player1.ico
Pictures/MineSweeper.ico
Pictures/More.bmp
Pictures/Open Folder.ico
Pictures/Ppanel.bmp
Pictures/Solitare.ico
Pictures/Sound.ico
Pictures/Uninst.bmp
Pictures/Winzip.ico
Pictures/Wordpad.ico
Pictures/excel.ico
Pictures/mail.ico
Pictures/office.ani
Pictures/outlook.ico
Pictures/paint.ico
Pictures/sd1.ico
Pictures/sd2.ico
Pictures/thebat.ani
Pictures/wab.ico
Pictures/word.ico
Plugins.rc
Plugins/AClock.plg
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

CODE
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 123B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Plugins/AutoRun.plg
.dll windows:4 windows x86 arch:x86

362c1cd92b004c6d2efbbb87d8c9e93a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

starter

OpenCFGr
FindSection
GetCFGBool
CloseCFGr
DirExists
FileExists
PidlFromPathA
GetParamStr
SHFree

kernel32

GetExitCodeThread
SuspendThread
TerminateThread
HeapFree
HeapAlloc
GetProcessHeap
RtlMoveMemory
DisableThreadLibraryCalls
SetErrorMode
RtlZeroMemory
GetPrivateProfileStringA
lstrcatA
lstrcpyA
lstrcmpA
GetVolumeInformationA
OutputDebugStringA
GetDriveTypeA
WaitForSingleObject
SetThreadPriority
CreateThread
CreateEventA
CloseHandle
SetEvent

user32

GetForegroundWindow
GetAsyncKeyState
DefWindowProcA
CreateWindowExA
RegisterClassA
UnregisterClassA
DestroyWindow
SendMessageTimeoutA
wsprintfA
RegisterWindowMessageA

shell32

ord100
ShellExecuteExA

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/Cpu95nt.tbp
.dll windows:4 windows x86 arch:x86

a528b69b38c33a00aa066dd1383d8133

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentDirectoryA
GetModuleFileNameA
SetCurrentDirectoryA
CreateFileA
GetModuleHandleA
GetProcAddress
DeviceIoControl
GetVersionExA
RtlMoveMemory
RtlZeroMemory
lstrcpyA
CloseHandle
DisableThreadLibraryCalls

user32

DrawEdge
BeginPaint
EndPaint
GetDC
ReleaseDC
PostMessageA
DefWindowProcA
wvsprintfA
CopyRect
InflateRect
KillTimer
DestroyWindow
UnregisterClassA
LoadCursorA
RegisterClassA
FillRect
GetClientRect
SetTimer
InvalidateRect
SetWindowPos
SendMessageA
CreateWindowExA

gdi32

DeleteObject
CreatePen
CreateSolidBrush
LineTo
MoveToEx
SelectObject

advapi32

RegOpenKeyA
RegCloseKey
RegQueryValueExA

shell32

SHAppBarMessage

starter

GetCFGInt
CloseCFGr
CheckInt
NotifyTip
GetCFGHex
FindSection
OpenCFGr

msvcrt

_ftol

Exports

Exports

DoneModule
GetPluginInfo
InitToolbarModule

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/DisksEx.plg
.dll windows:4 windows x86 arch:x86

230a043c1c773a983714577b38475b2d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

starter

BitmapToRegion
DrawSkin
LayeredStyle
OpenCFGw
SetCFGInt
CloseCFGw
NotifyTip
FreeFont
FindSection
GetCFGString
GetFontHandle
LoadImageEx
GetCFGInt
CheckInt
GetCFGHex
GetCFGBool
GetCFGFont
CloseCFGr
OpenCFGr

drawpng

AlphaBlt
PreAlpha

shlwapi

PathFindFileNameA

kernel32

HeapAlloc
GetProcessHeap
GetVolumeInformationA
GetDiskFreeSpaceExA
GetModuleHandleA
GetProcAddress
GetLogicalDriveStringsA
GetDriveTypeA
RtlMoveMemory
HeapFree
RtlZeroMemory
DisableThreadLibraryCalls
OutputDebugStringA
IsDebuggerPresent
CloseHandle
WriteFile
lstrlenA
SetFilePointer
CreateFileA
GetModuleFileNameA
lstrcatA
lstrcpyA

user32

InvalidateRect
SetWindowPos
GetDesktopWindow
GetCursorPos
AppendMenuA
ReleaseDC
DrawTextA
GetDC
UnregisterClassA
KillTimer
DefWindowProcA
GetPropA
SetPropA
RemovePropA
EndPaint
BeginPaint
RegisterClassA
LoadCursorA
SetCapture
ReleaseCapture
GetWindowRect
SetTimer
SetWindowLongA
CreateWindowExA
UnionRect
FillRect
wsprintfA
SetRectEmpty
GetSystemMetrics
SetWindowRgn
DestroyWindow
ShowWindow
SendMessageA
CreatePopupMenu
TrackPopupMenuEx
DestroyMenu
GetClientRect
SetRect

gdi32

SelectObject
GetStockObject
DeleteObject
CreateCompatibleDC
DeleteDC
CreateDIBSection
SetTextColor
SetBkMode
BitBlt

shell32

ShellExecuteExA

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/MenuEx.plg
.dll windows:4 windows x86 arch:x86

d69ea08b5ca104c3f8d6b7d95be90140

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

starter

LayeredStyle
GetFontHandle
DrawSkin
DrawPicture
GetCFGHex
GetCFGFont
StretchSkin
FindSection
SwitchFix
GetShellIconSize
LoadImageEx
GetCFGBool
GetCFGInt
CloseCFGr
OpenCFGr
RunSHFolder
StrCopyEx
GetCFGPic
ConcatPIDLs
DirExists
SetLayered
DefCharSet
Run
CheckInt
FreePicture
FreeFont
NotifyTip

kernel32

GetVersionExA
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
HeapFree
HeapAlloc
SetHandleCount
FileTimeToDosDateTime
lstrcmpA
lstrlenA
lstrcpynA
GetTickCount
GetWindowsDirectoryA
Sleep
lstrcatA
RtlMoveMemory
FindFirstFileA
lstrcmpiA
GetProcAddress
DisableThreadLibraryCalls
FindClose
FindNextFileA
GetModuleHandleA
GetCurrentThreadId
FileTimeToLocalFileTime
RtlZeroMemory
lstrcpyA
FreeLibrary
GetFileAttributesA
GetSystemDirectoryA
LoadLibraryA
GetSystemInfo
VirtualProtect
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
HeapSize
VirtualQuery
InterlockedExchange
RtlUnwind
InitializeCriticalSection
HeapReAlloc
VirtualAlloc
GetCPInfo
GetOEMCP
GetACP
EnterCriticalSection
LeaveCriticalSection
WriteFile
UnhandledExceptionFilter
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
DeleteCriticalSection
GetStdHandle
GetStartupInfoA
GetFileType
TlsAlloc

user32

CharNextA
EndPaint
DestroyWindow
GetClassNameA
SetTimer
GetWindowRect
VkKeyScanExA
FillRect
KillTimer
DrawTextA
GetPropA
RemovePropA
MenuItemFromPoint
WindowFromPoint
GetClientRect
SetFocus
SendMessageA
DrawEdge
BeginPaint
GetDC
InflateRect
GetForegroundWindow
SetPropA
GetKeyboardLayout
TrackPopupMenuEx
GetAsyncKeyState
SetRect
SetWindowLongA
InvalidateRect
UnregisterClassA
GetWindowLongA
CreateWindowExA
ReleaseDC
GetMenuState
DefWindowProcA
SetWindowsHookExA
GetDesktopWindow
SetWindowPos
GetCursorPos
GetMenuItemInfoA
CreatePopupMenu
GetSysColorBrush
AppendMenuA
GetMenuItemCount
IsWindow
PostMessageA
SetMenuDefaultItem
UnhookWindowsHookEx
SystemParametersInfoA
GetSystemMetrics
UpdateWindow
CallWindowProcA
DestroyMenu
SetMenuItemInfoA
LoadCursorA
CopyRect
GetMessagePos
RegisterClassA
CallNextHookEx

gdi32

CreateFontIndirectA
SetBkMode
DeleteObject
SelectObject
PatBlt
SetTextColor
BitBlt

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
GetUserNameA

shell32

SHGetPathFromIDListA
ord155
SHGetSpecialFolderLocation
ShellExecuteExA
SHGetFileInfoA
SHFileOperationA
SHGetDesktopFolder

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/NOTEBOOK.DAT
Plugins/NoteBk.tbp
.dll windows:4 windows x86 arch:x86

36589b7a0c8f73f1d410e85820f269a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

ImageList_Create
ImageList_Add
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Destroy

starter

Run
GetShellIconSize
GetFontHandle
CanAnimate
FreeFont
DrawSkinTrans
FileExists
AnimateWnd
SetForeWndFix
SetLayered
LayeredStyle
NotifyTip
CloseCFGr
OpenCFGr
CloseCFGw
Unquote
SetCFGString
Quote
SetCFGInt
GetCFGString
FindSection
OpenCFGw
FreePicture
LoadImageEx
GetCFGPic
CheckInt
GetCFGFont
GetCFGInt
GetCFGBool
DrawPicture

kernel32

InterlockedExchange
RtlUnwind
VirtualQuery
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
GetProcAddress
RtlMoveMemory
lstrlenA
RtlZeroMemory
GetModuleFileNameA
lstrcpyA
lstrcatA
DisableThreadLibraryCalls
LoadLibraryA
SetErrorMode
FreeLibrary
MulDiv
CloseHandle
ReadFile
GetFileSize
CreateFileA
SetEndOfFile
WriteFile
GetTimeFormatA
GetDateFormatA
lstrcmpA
Sleep
GlobalFree
GetModuleHandleA
lstrcpynA
GlobalUnlock
GlobalDeleteAtom
GlobalLock
GetTickCount
GlobalAddAtomA

user32

CharUpperBuffA
EndDialog
SendDlgItemMessageA
GetDlgItem
DialogBoxParamA
SetFocus
GetClientRect
ReleaseDC
GetDC
DestroyIcon
CreateWindowExA
UnregisterClassA
DestroyWindow
CallWindowProcA
TranslateAcceleratorA
SetParent
GetParent
CreateDialogParamA
CheckMenuItem
IsClipboardFormatAvailable
EnableMenuItem
IsCharAlphaNumericA
GetForegroundWindow
IsChild
WindowFromPoint
GetCursorPos
IsWindowEnabled
TrackPopupMenu
ClientToScreen
GetSubMenu
GetMenu
InflateRect
LoadAcceleratorsA
LoadImageA
RegisterClassExA
LoadCursorA
CharLowerBuffA
PackDDElParam
UnpackDDElParam
MsgWaitForMultipleObjects
DispatchMessageA
TranslateMessage
PeekMessageA
wsprintfA
SendMessageTimeoutA
IsWindow
RegisterClassA
CharLowerA
wvsprintfA
GetWindowLongA
SetWindowLongA
RedrawWindow
BeginPaint
EndPaint
DefWindowProcA
UpdateWindow
IsWindowVisible
PostMessageA
SystemParametersInfoA
SetWindowPos
InvalidateRect
ShowWindow
SetWindowTextA
GetWindowTextLengthA
GetWindowTextA
SetRectEmpty
DrawTextA
SetRect
CopyRect
MessageBoxA
SendMessageA
GetLastActivePopup
GetWindowRect

gdi32

AbortDoc
DeleteDC
DeleteObject
GetStockObject
GetDeviceCaps
CreateFontIndirectA
StartDocA
SetMapMode
StartPage
SetViewportOrgEx
SetBkMode
SelectObject
GetTextMetricsA
EndPage
EndDoc
BitBlt

advapi32

GetUserNameA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA

Exports

Exports

DoneModule
GetPluginInfo
InitToolbarModule

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/Panel.plg
.dll windows:4 windows x86 arch:x86

6351455c2eb930eddc1f8438561f535b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

starter

OpenCFGw
SetCFGString
CloseCFGw
Quote
DrawSkin
BitmapToRegion
FreeNodeList
Unquote
LoadImageEx
LayeredStyle
FreeFont
GetCFGInt
SetLayered
GetCFGBool
GetCFGHex
GetCFGFont
GetFontHandle
CheckInt
GetCFGString
CloseCFGr
FindSection
GetNodeList
OpenCFGr

drawpng

AlphaBlt
PreAlpha

comctl32

ImageList_DrawEx

kernel32

HeapAlloc
GetProcessHeap
OutputDebugStringA
GetModuleFileNameA
lstrcmpA
lstrcatA
GetModuleHandleA
GetProcAddress
HeapFree
HeapReAlloc
HeapSize
lstrcpyA
RtlZeroMemory
DisableThreadLibraryCalls
RtlMoveMemory
lstrcmpiA
lstrlenA
GetDriveTypeA

user32

RemovePropA
EndPaint
BeginPaint
RegisterClassA
LoadCursorA
SetRect
SetRectEmpty
CopyRect
FillRect
ReleaseDC
GetDC
DrawTextA
SetWindowRgn
GetSystemMetrics
GetWindowRect
GetClassNameA
WindowFromPoint
GetCursorPos
wsprintfA
DestroyMenu
TrackPopupMenuEx
AppendMenuA
CreatePopupMenu
SetPropA
DefWindowProcA
KillTimer
SetTimer
UnregisterClassA
InvalidateRect
GetClientRect
CreateWindowExA
SetWindowLongA
SendMessageA
ShowWindow
GetPropA
DestroyWindow
SetWindowPos

gdi32

CreateDIBSection
BitBlt
CreateCompatibleDC
SetBkMode
SelectObject
DeleteDC
CreateSolidBrush
GetStockObject
DeleteObject
SetTextColor

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

shell32

SHAppBarMessage

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/QLaunch.plg
.dll windows:4 windows x86 arch:x86

5b85a316aa5041886018b7ebb8489a89

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

starter

StrCopyEx
DirExists
CloseCFGr
NotifyTip
Unquote
FileExists
DrawPicture
GetCFGString
FreeFont
FindSection
GetCFGHex
GetCFGBool
GetCFGInt
Run
GetFontHandle
OpenCFGr
FindNextNode
FindFirstNode
CloseCFGw
SetCFGString
NewNode
InsertString
OpenCFGw
FreePicture
DefCharSet
LoadImageEx
StretchSkin
DrawSkin
SetLayered
LayeredStyle
GetCFGFont
GetCFGPic
CheckInt
GetShellIconSize

comctl32

ImageList_DragEnter
ImageList_DragMove
ImageList_DragLeave
ImageList_EndDrag
ImageList_Destroy
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_BeginDrag

kernel32

RtlMoveMemory
GetWindowsDirectoryA
lstrcatA
GetProcessHeap
SetEvent
GetExitCodeThread
HeapAlloc
SuspendThread
TerminateThread
FindCloseChangeNotification
CreateEventA
FindFirstChangeNotificationA
CreateThread
SetThreadPriority
WaitForMultipleObjects
FindNextChangeNotification
GetModuleHandleA
HeapFree
HeapReAlloc
VirtualQuery
WaitForSingleObject
RtlUnwind
InterlockedExchange
CloseHandle
lstrlenA
FindClose
FindNextFileA
RtlZeroMemory
FindFirstFileA
lstrcpyA
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcmpA
GetCurrentThreadId
DisableThreadLibraryCalls
lstrcmpiA
Sleep
MultiByteToWideChar
lstrcpynA

user32

CreatePopupMenu
SetFocus
GetSystemMetrics
OffsetRect
KillTimer
SetTimer
InvalidateRect
AppendMenuA
ScreenToClient
GetCursorPos
GetClientRect
SetRectEmpty
GetAsyncKeyState
GetDesktopWindow
GetMessagePos
GetMenuItemInfoA
DefWindowProcA
ReleaseCapture
SetCapture
SetWindowPos
EndPaint
BeginPaint
IsWindow
CreateWindowExA
LoadImageA
RegisterClassA
LoadCursorA
UnregisterClassA
DestroyWindow
ClipCursor
ShowCursor
ClientToScreen
CallWindowProcA
GetDlgItem
ShowWindow
EndDialog
DialogBoxParamA
SetWindowsHookExA
GetWindowRect
TrackPopupMenuEx
DestroyMenu
UnhookWindowsHookEx
GetClassNameA
GetWindowLongA
SetWindowLongA
CallNextHookEx
CopyRect
DrawEdge
InflateRect
GetSysColorBrush
FillRect
SetRect
GetDC
DrawTextA
ReleaseDC
SystemParametersInfoA
PostMessageA
SendMessageA
PtInRect

gdi32

PatBlt
SelectObject
CreateFontIndirectA
CreateSolidBrush
DeleteObject
SetBkMode
SetTextColor
BitBlt

shell32

SHGetFileInfoA
SHFileOperationA
ShellExecuteExA
DragQueryFileA
DragFinish
ord155
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ord71

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/RecycleBinEx.plg
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

CODE
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 380B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 123B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Plugins/SkinClckEx.plg
.dll windows:4 windows x86 arch:x86

bf84488eca99fadb5941d1107e8ec784

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

starter

FreeFont
OpenCFGr
FindSection
GetCFGInt
CheckInt
GetCFGString
GetCFGHex
FreePicture
LoadImageEx
GetCFGFont
GetFontHandle
CloseCFGr
DrawSkin
NotifyTip
StretchSkin

kernel32

RtlZeroMemory
GetModuleHandleA
GetProcAddress
RtlMoveMemory
GetLocalTime
GetDateFormatA
lstrcpyA
DisableThreadLibraryCalls

user32

DestroyMenu
TrackPopupMenuEx
AppendMenuA
CreatePopupMenu
SetFocus
GetWindowRect
SetWindowPos
EndPaint
BeginPaint
SetTimer
SetRect
CreateWindowExA
RegisterClassA
LoadCursorA
UnregisterClassA
DestroyWindow
KillTimer
DefWindowProcA
GetDC
ReleaseDC
PostMessageA
GetClientRect
DrawEdge
DrawTextA
wvsprintfA
SendMessageA

gdi32

SetBkMode
SelectObject
GetStockObject
CreateSolidBrush
DeleteObject
SetTextColor

shell32

SHAppBarMessage

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 826B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/Toppanel.plg
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

CODE
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 729B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 125B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Plugins/VertPanel.plg
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

CODE
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 733B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 126B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Plugins/Zoom.tbp
.dll windows:4 windows x86 arch:x86

a79d8d20f36219eedb9ab554be099d26

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RtlMoveMemory
RtlZeroMemory
DisableThreadLibraryCalls

user32

SetWindowPos
LoadImageA
InflateRect
BeginPaint
GetClientRect
CreateWindowExA
RegisterClassA
LoadCursorA
UnregisterClassA
DestroyWindow
EndPaint
SendMessageA
InvalidateRect
UpdateWindow
SetCapture
ReleaseCapture
DefWindowProcA
GetCursorPos
GetDC
ReleaseDC
DrawIconEx
SetTimer
KillTimer
CopyRect

gdi32

StretchBlt
BitBlt

shell32

SHAppBarMessage

starter

CheckInt
CloseCFGr
FindSection
GetCFGBool
OpenCFGr
DrawSkinTrans
NotifyTip
GetCFGInt

Exports

Exports

DoneModule
GetPluginInfo
InitToolbarModule

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 470B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/aes.dll
.dll windows:4 windows x86 arch:x86

6c8408bb5d7d5a5b75b9314f94e68763

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls

Exports

Exports

aes_dec_blk
aes_dec_key
aes_enc_blk
aes_enc_key

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/aes_license.txt
Plugins/cpuusage.vxd
PrintMon.exe
.exe windows:4 windows x86 arch:x86

98c6b35d3302369aed53f5c1a30f7bcc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
HeapFree
LocalFree
SetProcessWorkingSetSize
GetCurrentProcess
GetCommandLineA
HeapAlloc
GetModuleHandleA
SetUnhandledExceptionFilter
GetLastError
WideCharToMultiByte
CloseHandle
FormatMessageA
ExitProcess
GetProcessHeap

user32

InsertMenuItemA
GetSystemMetrics
SetMenuDefaultItem
EnableMenuItem
GetSubMenu
DeleteMenu
GetCursorPos
DefWindowProcA
SetTimer
PostQuitMessage
TranslateMessage
DispatchMessageA
GetMessageA
CreateWindowExA
RegisterClassExA
FindWindowA
MessageBoxA
GetLastActivePopup
GetActiveWindow
wsprintfA
LoadStringA
SetForegroundWindow
TrackPopupMenuEx
DestroyWindow
LoadImageA
DestroyIcon
DestroyMenu
PostMessageA
LoadMenuA

gdi32

DeleteObject

winspool.drv

ClosePrinter
EnumJobsA
EnumPrintersA
OpenPrinterA

shell32

ShellExecuteExA
Shell_NotifyIconA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Readme.txt
SHDoctor.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 437B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 398B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ShellSwp.exe
.exe windows:4 windows x86 arch:x86

0747673248ea4a7741553d04f8cd4539

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

starter

CheckInt
GetCFGBool
GetCFGInt
FindSection
OpenCFGr
CloseCFGw
SetCFGInt
OpenCFGw
CloseCFGr

kernel32

GetCurrentThreadId
lstrlenA
WritePrivateProfileStringA
lstrcpyA
lstrcatA
WritePrivateProfileStringW
DeleteFileA
CopyFileA
GetWindowsDirectoryA
CloseHandle
CreateProcessA
RtlZeroMemory
WaitForSingleObject
Sleep
GetTickCount
lstrcmpiA
ExpandEnvironmentStringsA
lstrcmpA
SetEvent
OpenEventA
GetProcAddress
GetModuleHandleA
GetVersionExA
GetLastError
CreateMutexA
GetFileAttributesA
SetErrorMode
RtlMoveMemory
IsDBCSLeadByte
GetShortPathNameA
lstrcpynA
GetSystemDirectoryA
GetModuleFileNameA
SetProcessShutdownParameters
GetProcessHeap
HeapAlloc
HeapFree
ExitProcess
GetCommandLineA
GetStartupInfoA
GetPrivateProfileStringA

user32

CreateWindowExA
CreateDialogParamA
LoadImageA
LoadIconA
PostMessageA
GetDlgCtrlID
SetDlgItemTextA
GetSystemMetrics
SetFocus
IsWindowEnabled
DrawMenuBar
ModifyMenuA
GetMenu
wsprintfA
IsWindow
DestroyWindow
UnhookWindowsHookEx
SetWindowsHookExA
WaitForInputIdle
SystemParametersInfoA
GetShellWindow
DialogBoxParamA
SetForegroundWindow
IsWindowVisible
GetLastActivePopup
FindWindowA
CharNextA
CharPrevA
ExitWindowsEx
SetWindowPos
EnableWindow
GetFocus
CallNextHookEx
GetClassNameA
SendMessageA
ShowWindow
GetDlgItem
GetWindowRect
MapWindowPoints
MoveWindow
SetWindowTextA
CheckDlgButton
SendDlgItemMessageA
EndDialog
EnumChildWindows
GetParent

advapi32

GetUserNameA
RegDeleteValueA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegCreateKeyA
RegDeleteKeyA
RegFlushKey
RegCreateKeyExA
RegOpenKeyExA

shell32

ShellExecuteA
ExtractIconA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Shswdos.exe
Starter.dll
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

AdjustIcon
Afree
AllowForeWnd
Amalloc
AnimateWnd
Arealloc
BMPtoJPG
BitmapToRegion
CanAnimate
CheckInt
CloseCFGr
CloseCFGw
ConcatPIDLs
CopyPIDL
CreateKey
CreatePIDL
CreateSection
DefCharSet
DeleteKey
DirExists
DoneAstonAPI
DoneExtractor
DrawPicture
DrawSkin
DrawSkinTrans
EnterLock
ErrorBox
FileExists
FindFirstNode
FindNextNode
FindSection
FreeExIcon
FreeFont
FreeNode
FreeNodeList
FreePicture
GetCFGBool
GetCFGFont
GetCFGHex
GetCFGInt
GetCFGPic
GetCFGString
GetFontHandle
GetNodeList
GetPIDLSize
GetParamStr
GetRegInt
GetShellIconBPP
GetShellIconSize
IconMCount
InitAstonAPI
InitExtractor
InsertString
IsPSTREmpty
JPGtoBMP
LayeredStyle
LeaveLock
LoadImageEx
LoadJPG
MakeHIcon
MakeMask
NewNode
NextPIDL
NotifyTip
OpenCFGr
OpenCFGw
PidlFromPathA
Quote
ReadIconFromModule
ReadRC
ReadTip
ResetFontCache
ResetPictureCache
Run
RunSCF
RunSHFolder
SHAlloc
SHFree
Scan
SetCFGFont
SetCFGHex
SetCFGInt
SetCFGPic
SetCFGString
SetForeWndFix
SetLayered
StrCopyEx
StretchSkin
SwitchFix
Unquote
free
malloc
realloc
strcopy
strecopy
strmoven

Sections

CODE
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 169B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TIPS.RC
Themes/Aqua/Aqua1024x768.tfa
Themes/Aqua/Aqua1152x864.tfa
Themes/Aqua/Aqua1280x1024.tfa
Themes/Aqua/Aqua1600x1200.tfa
Themes/Aqua/Aqua800x600.tfa
Themes/Aqua/BarSkin.bmp
Themes/Aqua/Cursors/Arrow.cur
Themes/Aqua/Icons/cp1.bmp
Themes/Aqua/Icons/cp2.bmp
Themes/Aqua/Icons/cp3.bmp
Themes/Aqua/Icons/doc1.bmp
Themes/Aqua/Icons/doc2.bmp
Themes/Aqua/Icons/doc3.bmp
Themes/Aqua/Icons/mycomp1.bmp
Themes/Aqua/Icons/mycomp2.bmp
Themes/Aqua/Icons/mycomp3.bmp
Themes/Aqua/Icons/network1.bmp
Themes/Aqua/Icons/network2.bmp
Themes/Aqua/Icons/network3.bmp
Themes/Aqua/Icons/trash1.bmp
Themes/Aqua/Icons/trash2.bmp
Themes/Aqua/Icons/trash3.bmp
Themes/Aqua/LeftTopSkin.bmp
Themes/Aqua/Plugins/Blue1.bmp
Themes/Aqua/Plugins/Blue2.bmp
Themes/Aqua/Plugins/Blue3.bmp
Themes/Aqua/Plugins/Green1.bmp
Themes/Aqua/Plugins/Green2.bmp
Themes/Aqua/Plugins/Green3.bmp
Themes/Aqua/Plugins/MacClock.png
.png
Themes/Aqua/Plugins/More1.bmp
Themes/Aqua/Plugins/Purple1.bmp
Themes/Aqua/Plugins/Purple2.bmp
Themes/Aqua/Plugins/Purple3.bmp
Themes/Aqua/Plugins/lsactmap.bmp
Themes/Aqua/Plugins/lsinactmap.bmp
Themes/Aqua/Plugins/lstitlemap.bmp
Themes/Aqua/Plugins/macclock.apc
Themes/Aqua/Plugins/qlaunch.bmp
Themes/Aqua/Plugins/separator.bmp
Themes/Aqua/Plugins/taskbar.bmp
Themes/Aqua/RightTopSkin.bmp
Themes/Aqua/Start1.bmp
Themes/Aqua/Start2.bmp
Themes/Aqua/Start3.bmp
Themes/Aqua/SysIcon/Administrative Tools.ico
Themes/Aqua/SysIcon/CD Drive.ico
Themes/Aqua/SysIcon/CD-ROM Drive.ico
Themes/Aqua/SysIcon/Closed Folder.ico
Themes/Aqua/SysIcon/Control Panel.ico
Themes/Aqua/SysIcon/Default Icon.ico
Themes/Aqua/SysIcon/Favorites.ico
Themes/Aqua/SysIcon/Floppy Drive (3.5).ico
Themes/Aqua/SysIcon/Hard Drive.ico
Themes/Aqua/SysIcon/MS Word Document.ico
Themes/Aqua/SysIcon/My Computer.ico
Themes/Aqua/SysIcon/My Documents.ico
Themes/Aqua/SysIcon/Network Neighborhood.ico
Themes/Aqua/SysIcon/Open Folder.ico
Themes/Aqua/SysIcon/Program Group.ico
Themes/Aqua/SysIcon/Recycle Bin (empty).ico
Themes/Aqua/SysIcon/Recycle Bin (full).ico
Themes/Aqua/SysIcon/Shortcut Overlay.ico
Themes/Aqua/SysIcon/The Internet.ico
Themes/Aqua/SysIcon/aqua.ait
Themes/Aqua/SysIcon/printers.ico
Themes/Aqua/TaskActi.bmp
Themes/Aqua/TaskInac.bmp
Themes/Aqua/TaskMin.bmp
Themes/Aqua/Template/1.PSD
Themes/Aqua/Template/1.UFO
Themes/Aqua/Template/2.psd
Themes/Aqua/Template/2.ufo
Themes/Aqua/Template/3.psd
Themes/Aqua/Template/3.ufo
Themes/Aqua/ToolLeft.bmp
Themes/Aqua/ToolRight.bmp
Themes/Aqua/TraySkin.bmp
Themes/Aqua/Wallpaper.jpg
.jpg
Themes/Aston 1.9.1 Desktop/AClock/Aclock.apc
Themes/Aston 1.9.1 Desktop/AClock/clock-glass.png
.png
Themes/Aston 1.9.1 Desktop/AClock/clock-hands.png
.png
Themes/Aston 1.9.1 Desktop/AClock/clock2.png
.png
Themes/Aston 1.9.1 Desktop/Altdesk/Skin/Handy-metallic.ini
Themes/Aston 1.9.1 Desktop/Altdesk/Skin/buttons.bmp
Themes/Aston 1.9.1 Desktop/Altdesk/Skin/main.bmp
Themes/Aston 1.9.1 Desktop/BarSkin.bmp
Themes/Aston 1.9.1 Desktop/Config1024x768.tfa
Themes/Aston 1.9.1 Desktop/Config1152x864.tfa
Themes/Aston 1.9.1 Desktop/Config1280x1024.tfa
Themes/Aston 1.9.1 Desktop/Config1600x1200.tfa
Themes/Aston 1.9.1 Desktop/Config800x600.tfa
Themes/Aston 1.9.1 Desktop/Fonts/Aston-f1.ttf
Themes/Aston 1.9.1 Desktop/Icons/3dmax.ico
Themes/Aston 1.9.1 Desktop/Icons/Panel1024.bmp
Themes/Aston 1.9.1 Desktop/Icons/Panel1152.bmp
Themes/Aston 1.9.1 Desktop/Icons/Panel1280.bmp
Themes/Aston 1.9.1 Desktop/Icons/Panel1600.bmp
Themes/Aston 1.9.1 Desktop/Icons/Panel800.bmp
Themes/Aston 1.9.1 Desktop/Icons/SF.ico
Themes/Aston 1.9.1 Desktop/Icons/astonshell.ico
Themes/Aston 1.9.1 Desktop/Icons/cnet.ico
Themes/Aston 1.9.1 Desktop/Icons/deviantart.ico
Themes/Aston 1.9.1 Desktop/Icons/fg.ico
Themes/Aston 1.9.1 Desktop/Icons/google.ico
Themes/Aston 1.9.1 Desktop/Icons/icq.ico
Themes/Aston 1.9.1 Desktop/Icons/ledit.ico
Themes/Aston 1.9.1 Desktop/Icons/nero.ico
Themes/Aston 1.9.1 Desktop/Icons/photoshop.ico
Themes/Aston 1.9.1 Desktop/Icons/tc.ico
Themes/Aston 1.9.1 Desktop/Icons/tucows.ico
Themes/Aston 1.9.1 Desktop/Icons/winamp.ico
Themes/Aston 1.9.1 Desktop/Icons/winrar.ico
Themes/Aston 1.9.1 Desktop/LeftTopSkin.bmp
Themes/Aston 1.9.1 Desktop/Objects/a-astonshell.ank
Themes/Aston 1.9.1 Desktop/Objects/a-help.ank
Themes/Aston 1.9.1 Desktop/Objects/a-master.ank
Themes/Aston 1.9.1 Desktop/Objects/a-sswapper.ank
Themes/Aston 1.9.1 Desktop/Objects/a-twizard.ank
Themes/Aston 1.9.1 Desktop/Objects/astonshell.bmp
Themes/Aston 1.9.1 Desktop/Objects/control panel.ank
Themes/Aston 1.9.1 Desktop/Objects/control panel.bmp
Themes/Aston 1.9.1 Desktop/Objects/find.ank
Themes/Aston 1.9.1 Desktop/Objects/find.bmp
Themes/Aston 1.9.1 Desktop/Objects/help.bmp
Themes/Aston 1.9.1 Desktop/Objects/light.bmp
Themes/Aston 1.9.1 Desktop/Objects/logoff.ank
Themes/Aston 1.9.1 Desktop/Objects/logoff.bmp
Themes/Aston 1.9.1 Desktop/Objects/master.bmp
Themes/Aston 1.9.1 Desktop/Objects/my comp.png
.png
Themes/Aston 1.9.1 Desktop/Objects/my computer.ank
Themes/Aston 1.9.1 Desktop/Objects/my computer.bmp
Themes/Aston 1.9.1 Desktop/Objects/mycomp.ank
Themes/Aston 1.9.1 Desktop/Objects/recycle.ank
Themes/Aston 1.9.1 Desktop/Objects/recycle.bmp
Themes/Aston 1.9.1 Desktop/Objects/run.ank
Themes/Aston 1.9.1 Desktop/Objects/run.bmp
Themes/Aston 1.9.1 Desktop/Objects/screen settings.ank
Themes/Aston 1.9.1 Desktop/Objects/screen settings.bmp
Themes/Aston 1.9.1 Desktop/Objects/shut down.ank
Themes/Aston 1.9.1 Desktop/Objects/shutdown.bmp
Themes/Aston 1.9.1 Desktop/Objects/sswapper.bmp
Themes/Aston 1.9.1 Desktop/Objects/twizard.bmp
Themes/Aston 1.9.1 Desktop/Plugins/Clock-hands.bmp
Themes/Aston 1.9.1 Desktop/Plugins/Clock.bmp
Themes/Aston 1.9.1 Desktop/Plugins/disks.png
.png
Themes/Aston 1.9.1 Desktop/Plugins/left-flank.png
.png
Themes/Aston 1.9.1 Desktop/Plugins/mm-item.bmp
Themes/Aston 1.9.1 Desktop/Plugins/mm-select.bmp
Themes/Aston 1.9.1 Desktop/Plugins/mm-separator.bmp
Themes/Aston 1.9.1 Desktop/Plugins/mm-separator2.bmp
Themes/Aston 1.9.1 Desktop/Plugins/mm-title.bmp
Themes/Aston 1.9.1 Desktop/Plugins/q-launch-ico.bmp
Themes/Aston 1.9.1 Desktop/Plugins/q-launch.bmp
Themes/Aston 1.9.1 Desktop/Plugins/right-flank.png
.png
Themes/Aston 1.9.1 Desktop/Plugins/topp-footer1.png
.png
Themes/Aston 1.9.1 Desktop/Plugins/topp-footer2.png
.png
Themes/Aston 1.9.1 Desktop/Plugins/topp-footer3.png
.png
Themes/Aston 1.9.1 Desktop/Plugins/topp-header.png
.png
Themes/Aston 1.9.1 Desktop/Plugins/topp-item1.png
.png
Themes/Aston 1.9.1 Desktop/Plugins/topp-item2.png
.png
Themes/Aston 1.9.1 Desktop/Plugins/topp-item3.png
.png
Themes/Aston 1.9.1 Desktop/Plugins/topp-separator.png
.png
Themes/Aston 1.9.1 Desktop/Plugins/topp-subitem1.png
.png
Themes/Aston 1.9.1 Desktop/Plugins/topp-subitem2.png
.png
Themes/Aston 1.9.1 Desktop/Plugins/topp-subitem3.png
.png
Themes/Aston 1.9.1 Desktop/Plugins/trash.png
.png
Themes/Aston 1.9.1 Desktop/Plugins/tray.bmp
Themes/Aston 1.9.1 Desktop/RightTopSkin.bmp
Themes/Aston 1.9.1 Desktop/Start1.bmp
Themes/Aston 1.9.1 Desktop/Start2.bmp
Themes/Aston 1.9.1 Desktop/Start3.bmp
Themes/Aston 1.9.1 Desktop/TaskActi.bmp
Themes/Aston 1.9.1 Desktop/TaskInac.bmp
Themes/Aston 1.9.1 Desktop/TaskMin.bmp
Themes/Aston 1.9.1 Desktop/ToolLeft.bmp
Themes/Aston 1.9.1 Desktop/ToolRight.bmp
Themes/Aston 1.9.1 Desktop/TraySkin.bmp
Themes/Aston 1.9.1 Desktop/Wallpaper.jpg
.jpg
Themes/AstonDesktop/AstDesk1.jpg
.jpg
Themes/AstonDesktop/AstDesk1024x768.tfa
Themes/AstonDesktop/AstDesk1152x864.tfa
Themes/AstonDesktop/AstDesk1280x1024.tfa
Themes/AstonDesktop/AstDesk1600x1200.tfa
Themes/AstonDesktop/AstDesk2.jpg
.jpg
Themes/AstonDesktop/AstDesk800x600.tfa
Themes/AstonDesktop/Cursors/Arrow(Blue).ani
Themes/AstonDesktop/Cursors/Busy.ani
Themes/AstonDesktop/Cursors/Prohibited Arrow rotating.ani
Themes/AstonDesktop/Fonts/AST126.TTF
Themes/AstonDesktop/Fonts/Mini.ttf
Themes/AstonDesktop/Icons/B-AMaster-1.bmp
Themes/AstonDesktop/Icons/B-AMaster-2.bmp
Themes/AstonDesktop/Icons/B-AMaster-3.bmp
Themes/AstonDesktop/Icons/B-Exit-1.bmp
Themes/AstonDesktop/Icons/B-Exit-2.bmp
Themes/AstonDesktop/Icons/B-Exit-3.bmp
Themes/AstonDesktop/Icons/B-GetTheme-1.bmp
Themes/AstonDesktop/Icons/B-GetTheme-2.bmp
Themes/AstonDesktop/Icons/B-GetTheme-3.bmp
Themes/AstonDesktop/Icons/B-Homepage-1.bmp
Themes/AstonDesktop/Icons/B-Homepage-2.bmp
Themes/AstonDesktop/Icons/B-Homepage-3.bmp
Themes/AstonDesktop/Icons/B-Logoff-1.bmp
Themes/AstonDesktop/Icons/B-Logoff-2.bmp
Themes/AstonDesktop/Icons/B-Logoff-3.bmp
Themes/AstonDesktop/Icons/B-MyComp-1.bmp
Themes/AstonDesktop/Icons/B-MyComp-2.bmp
Themes/AstonDesktop/Icons/B-MyComp-3.bmp
Themes/AstonDesktop/Icons/B-SSwapper-1.bmp
Themes/AstonDesktop/Icons/B-SSwapper-2.bmp
Themes/AstonDesktop/Icons/B-SSwapper-3.bmp
Themes/AstonDesktop/Icons/B-Screen-1.bmp
Themes/AstonDesktop/Icons/B-Screen-2.bmp
Themes/AstonDesktop/Icons/B-Screen-3.bmp
Themes/AstonDesktop/Icons/B-ThemeWizard-1.bmp
Themes/AstonDesktop/Icons/B-ThemeWizard-2.bmp
Themes/AstonDesktop/Icons/B-ThemeWizard-3.bmp
Themes/AstonDesktop/Plugins/1.bmp
Themes/AstonDesktop/Plugins/2.bmp
Themes/AstonDesktop/Plugins/3.bmp
Themes/AstonDesktop/Plugins/clockskin.bmp
Themes/AstonDesktop/Plugins/lsactmap.bmp
Themes/AstonDesktop/Plugins/lsinactmap.bmp
Themes/AstonDesktop/Plugins/lstitlemap.bmp
Themes/AstonDesktop/Plugins/qlaunch.bmp
Themes/AstonDesktop/Plugins/separator.bmp
Themes/AstonDesktop/Plugins/taskbar.bmp
Themes/AstonDesktop/Plugins/top.bmp
Themes/AstonDesktop/Start1.bmp
Themes/AstonDesktop/Start2.bmp
Themes/AstonDesktop/Start3.bmp
Themes/AstonDesktop/bar_act.bmp
Themes/AstonDesktop/bar_inact.bmp
Themes/AstonDesktop/bar_min.bmp
Themes/AstonDesktop/ltop.bmp
Themes/AstonDesktop/rtop.bmp
Themes/AstonDesktop/taskbar.bmp
Themes/AstonDesktop/toolbarleft.bmp
Themes/AstonDesktop/toolbarright.bmp
Themes/AstonDesktop/tray.bmp
Themes/AstonXP/AstonXP1.jpg
.jpg
Themes/AstonXP/AstonXP1024x768.tfa
Themes/AstonXP/AstonXP1152x864.tfa
Themes/AstonXP/AstonXP1280x1024.tfa
Themes/AstonXP/AstonXP1600x1200.tfa
Themes/AstonXP/AstonXP2.JPG
.jpg
Themes/AstonXP/AstonXP800x600.tfa
Themes/AstonXP/Cursors/AppStarting.ani
Themes/AstonXP/Cursors/Arrow.ani
Themes/AstonXP/Cursors/Crosshair.ani
Themes/AstonXP/Cursors/Help.ani
Themes/AstonXP/Cursors/IBeam.ani
Themes/AstonXP/Cursors/NWPen.ani
Themes/AstonXP/Cursors/No.ani
Themes/AstonXP/Cursors/SizeAll.ani
Themes/AstonXP/Cursors/SizeNESW.ani
Themes/AstonXP/Cursors/SizeNS.ani
Themes/AstonXP/Cursors/SizeNWSE.ani
Themes/AstonXP/Cursors/SizeWE.ani
Themes/AstonXP/Cursors/UpArrow.ani
Themes/AstonXP/Cursors/Wait.ani
Themes/AstonXP/Fonts/AST126.TTF
Themes/AstonXP/Objects/calc.ank
Themes/AstonXP/Objects/calc.png
.png
Themes/AstonXP/Objects/ie.ank
Themes/AstonXP/Objects/ie.png
.png
Themes/AstonXP/Objects/mp.ank
Themes/AstonXP/Objects/mp.png
.png
Themes/AstonXP/Objects/mycomp.ank
Themes/AstonXP/Objects/mycomp.png
.png
Themes/AstonXP/Objects/network.ank
Themes/AstonXP/Objects/network.png
.png
Themes/AstonXP/Objects/outlook.ank
Themes/AstonXP/Objects/outlook.png
.png
Themes/AstonXP/Objects/printer.ank
Themes/AstonXP/Objects/printer.png
.png
Themes/AstonXP/Objects/recycle.ank
Themes/AstonXP/Objects/recycle.png
.png
Themes/AstonXP/Plugins/Glass.png
.png
Themes/AstonXP/Plugins/More.bmp
Themes/AstonXP/Plugins/XPClock.png
.png
Themes/AstonXP/Plugins/aclock.apc
Themes/AstonXP/Plugins/bar.bmp
Themes/AstonXP/Plugins/clockskin.bmp
Themes/AstonXP/Plugins/lsactmap.bmp
Themes/AstonXP/Plugins/lsinactmap.bmp
Themes/AstonXP/Plugins/lstitlemap.bmp
Themes/AstonXP/Plugins/separator5.bmp
Themes/AstonXP/Toolbarfinalleft.bmp
Themes/AstonXP/Toolbarfinalright.bmp
Themes/AstonXP/bar.bmp
Themes/AstonXP/bara.bmp
Themes/AstonXP/barb.bmp
Themes/AstonXP/start1.bmp
Themes/AstonXP/start2.bmp
Themes/AstonXP/start3.bmp
Themes/AstonXP/sysIcons/ActiveX Cache.ico
Themes/AstonXP/sysIcons/Administrative Tools.ico
Themes/AstonXP/sysIcons/Audio CD.ico
Themes/AstonXP/sysIcons/Bitmap Image.ico
Themes/AstonXP/sysIcons/CD Audio Track.ico
Themes/AstonXP/sysIcons/CD-ROM Drive.ico
Themes/AstonXP/sysIcons/Closed Folder.ico
Themes/AstonXP/sysIcons/Computer.ico
Themes/AstonXP/sysIcons/Configuration Settings.ico
Themes/AstonXP/sysIcons/Control Panel.ico
Themes/AstonXP/sysIcons/Default Document.ico
Themes/AstonXP/sysIcons/Default Icon.ico
Themes/AstonXP/sysIcons/Dial-Up Networking.ico
Themes/AstonXP/sysIcons/FTP Folder.ico
Themes/AstonXP/sysIcons/Favorites.ico
Themes/AstonXP/sysIcons/Find.ico
Themes/AstonXP/sysIcons/Floppy Drive (3.5).ico
Themes/AstonXP/sysIcons/Floppy Drive (5.25).ico
Themes/AstonXP/sysIcons/Fonts.ico
Themes/AstonXP/sysIcons/GIF Image.ico
Themes/AstonXP/sysIcons/Hard Drive.ico
Themes/AstonXP/sysIcons/Help file.ico
Themes/AstonXP/sysIcons/IconsXP.ait
Themes/AstonXP/sysIcons/Internet Document.ico
Themes/AstonXP/sysIcons/JPEG Image.ico
Themes/AstonXP/sysIcons/Log Off.ico
Themes/AstonXP/sysIcons/MPEG Audio file (mp3).ico
Themes/AstonXP/sysIcons/MPEG Video file.ico
Themes/AstonXP/sysIcons/MS Exel Document.ico
Themes/AstonXP/sysIcons/MS Word Document.ico
Themes/AstonXP/sysIcons/MS-DOS Application.ico
Themes/AstonXP/sysIcons/MS-DOS Batch File.ico
Themes/AstonXP/sysIcons/Microsoft Audio File.ico
Themes/AstonXP/sysIcons/My Briefcase.ico
Themes/AstonXP/sysIcons/My Computer.ico
Themes/AstonXP/sysIcons/My Documents.ico
Themes/AstonXP/sysIcons/Network Drive (connected).ico
Themes/AstonXP/sysIcons/Network Drive (offline).ico
Themes/AstonXP/sysIcons/Network Neighborhood.ico
Themes/AstonXP/sysIcons/Open Folder.ico
Themes/AstonXP/sysIcons/Playlist file.ico
Themes/AstonXP/sysIcons/Printers.ico
Themes/AstonXP/sysIcons/Program Group.ico
Themes/AstonXP/sysIcons/RAM Drive.ico
Themes/AstonXP/sysIcons/Recent.ico
Themes/AstonXP/sysIcons/Recycle Bin (empty).ico
Themes/AstonXP/sysIcons/Recycle Bin (full).ico
Themes/AstonXP/sysIcons/Removable Drive.ico
Themes/AstonXP/sysIcons/Rich Text Format.ico
Themes/AstonXP/sysIcons/Run.ico
Themes/AstonXP/sysIcons/Scheduled Tasks.ico
Themes/AstonXP/sysIcons/Sharing Overlay.ico
Themes/AstonXP/sysIcons/Shortcut Overlay.ico
Themes/AstonXP/sysIcons/Shut Down.ico
Themes/AstonXP/sysIcons/Subscriptions.ico
Themes/AstonXP/sysIcons/Suspend.ico
Themes/AstonXP/sysIcons/Text Document.ico
Themes/AstonXP/sysIcons/The Internet.ico
Themes/AstonXP/sysIcons/Url History.ico
Themes/AstonXP/sysIcons/Video Clip (asf).ico
Themes/AstonXP/sysIcons/Video Clip (avi).ico
Themes/AstonXP/sysIcons/Wave Sound.ico
Themes/AstonXP/sysIcons/Web Folders.ico
Themes/AstonXP/sysIcons/Workgroup.ico
Themes/AstonXP/sysIcons/Write Document.ico
Themes/AstonXP/sysIcons/Zip File.ico
Themes/AstonXP/top.bmp
Thwizard.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 31KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gs
Size: 113KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Unins12.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
WhatsNew.txt
XP/indicdll.dll
.dll windows:5 windows x86 arch:x86

e849a4fb4c69e579ec1b546f9edc4a93

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

HeapFree
GetACP
HeapAlloc
HeapCreate
lstrlenW
GetCurrentProcessId
CreateFileMappingW
GetCurrentThreadId
lstrcmpW
UnmapViewOfFile
GetLastError
MapViewOfFile
GlobalFree
GlobalAlloc
CloseHandle

user32

IsWindow
GetFocus
GetWindowThreadProcessId
CallNextHookEx
PostMessageW
CreatePopupMenu
InsertMenuItemW
SendMessageW
GetKeyboardLayout
SetWindowsHookExW
UnhookWindowsHookEx
GetMessagePos
GetWindowRect
PtInRect
GetParent
GetClassNameW
GetDesktopWindow

gdi32

DeleteObject

imm32

ImmReleaseContext
ImmGetConversionStatus
ImmGetOpenStatus
ImmGetDefaultIMEWnd
ImmGetImeMenuItemsW
ImmGetContext

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
XP/internat.exe
.exe windows:5 windows x86 arch:x86

6ec4b9854181010bb09f30f0c6b36520

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrlenW
GlobalReAlloc
GlobalLock
lstrcatW
GlobalUnlock
FreeLibrary
lstrcpyW
AddAtomW
IsValidLocale
GlobalFree
DeleteAtom
LoadLibraryW
lstrcmpW
GetProcAddress
LocalAlloc
lstrcpynW
GetLocaleInfoW
GlobalGetAtomNameW
LocalFree
WinExec
GetModuleHandleW
GetStartupInfoW
GetAtomNameW
ExitProcess
GlobalAlloc
lstrcmpiW

user32

RemovePropW
SetPropW
AllowSetForegroundWindow
GetWindow
DestroyMenu
GetPropW
GetDesktopWindow
MapWindowPoints
TrackPopupMenuEx
GetLastActivePopup
GetParent
GetWindowLongW
LoadBitmapW
GetSysColor
DrawTextW
CreateIconIndirect
GetKeyboardLayout
GetKeyboardLayoutList
DestroyIcon
GetWindowThreadProcessId
AttachThreadInput
MessageBeep
GetDC
ReleaseDC
EnumChildWindows
DrawFocusRect
GetSystemMetrics
GetWindowDC
SystemParametersInfoW
wsprintfW
UnloadKeyboardLayout
GetMessageW
TranslateMessage
DispatchMessageW
CreateWindowExW
ShowWindow
LoadStringW
FindWindowW
MessageBoxW
LoadIconW
LoadCursorW
RegisterClassExW
PostMessageW
LoadStringA
WinHelpW
GetProcessDefaultLayout
CreatePopupMenu
InsertMenuW
CheckMenuItem
DestroyWindow
KillTimer
SetTimer
GetMessagePos
InSendMessageEx
GetClassNameW
DefWindowProcW
SetForegroundWindow
IsWindow
SendMessageW
SetActiveWindow
PostQuitMessage
RegisterWindowMessageW
GetClientRect

gdi32

TranslateCharsetInfo
DeleteDC
DeleteObject
GetTextCharsetInfo
GetStockObject
ExtTextOutW
PatBlt
SetBkColor
SelectObject
SetTextColor
CreateCompatibleBitmap
CreateCompatibleDC
CreateBitmap
GetTextExtentPointW
BitBlt
CreateFontIndirectW
GetObjectW

comctl32

ord329
ImageList_Create
ImageList_Destroy
ord328
ImageList_ReplaceIcon
ord334
ImageList_GetIconSize
ImageList_GetIcon
ord332
ImageList_Draw
ImageList_Remove

imm32

ImmAssociateContext
ImmGetDefaultIMEWnd
ImmGetIMEFileNameW
ImmGetDescriptionW
ImmGetProperty

setupapi

SetupOpenInfFileW
SetupOpenAppendInfFileW
SetupCloseInfFile
SetupFindFirstLineW
SetupGetStringFieldW

advapi32

RegFlushKey
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegDeleteValueW

shell32

SHAppBarMessage
ExtractIconExW
Shell_NotifyIconW

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
drawpng.dll
.dll windows:4 windows x86 arch:x86

68c21e5785fa94baba1215fe6d8f67dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
CloseHandle
RtlZeroMemory
LoadLibraryA
HeapAlloc
HeapFree
DisableThreadLibraryCalls
GetProcAddress
RaiseException
ReadFile
GetFileAttributesA
FreeLibrary
GetProcessHeap
CreateFileA

gdi32

DeleteDC
CreateDIBSection
GdiFlush
DeleteObject
SelectObject
CreateCompatibleDC
BitBlt

Exports

Exports

AlphaBlt
BlendDIB32
LoadPng
PreAlpha
ResetRenderer

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mmkbd.dll
.dll windows:4 windows x86 arch:x86

f9903b1c103680ccebfe99335e528652

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExA
RtlZeroMemory
DisableThreadLibraryCalls
lstrcpyW
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetLastError
RaiseException
InterlockedExchange
FreeLibrary
LocalAlloc

user32

wsprintfW

shell32

SHGetSpecialFolderLocation
ShellExecuteExW
ord90
ord155

shlwapi

PathUnquoteSpacesW
PathGetArgsW
SHRegCloseUSKey
SHRegQueryUSValueW
SHRegOpenUSKeyW

Exports

Exports

AppCmd

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UNRAR.DLL
.dll windows:1 windows x86 arch:x86

1ff761076169ad337e671a2d22c2681b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
FindClose
CreateFileA
AreFileApisANSI
CreateDirectoryA
EnterCriticalSection
ExitProcess
FileTimeToDosDateTime
FileTimeToLocalFileTime
CloseHandle
DosDateTimeToFileTime
FindNextFileA
FreeEnvironmentStringsA
GetCommandLineA
GetCurrentThreadId
GetEnvironmentStrings
GetFileAttributesA
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
DeleteFileA
FindFirstFileA
GetProcAddress
GetStartupInfoA
GetStdHandle
GetVersion
GetVolumeInformationA
GlobalMemoryStatus
InitializeCriticalSection
LeaveCriticalSection
LocalFileTimeToFileTime
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WriteFile
GetModuleFileNameA

user32

OemToCharA
MessageBoxA
EnumThreadWindows

Exports

Exports

@__lockDebuggerData$qv
@__unlockDebuggerData$qv
RARCloseArchive
RAROpenArchive
RARProcessFile
RARReadHeader
RARSetChangeVolProc
RARSetPassword
RARSetProcessDataProc
__DebuggerHookData

Sections

CODE
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 14KB - Virtual size: 13KB

DATA Size: 1024B - Virtual size: 780B

BSS Size: - Virtual size: 2KB

.idata Size: 2KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

.rsrc Size: 41KB - Virtual size: 40KB

Headers

File Characteristics

Sections

Size: 64KB - Virtual size: 188KB

Size: 3KB - Virtual size: 12KB

Size: - Virtual size: 72KB

Size: 5KB - Virtual size: 8KB

Size: 512B - Virtual size: 4KB

Size: - Virtual size: 20KB

.rsrc Size: 11KB - Virtual size: 76KB

.gs Size: 141KB - Virtual size: 144KB

.adata Size: - Virtual size: 4KB

Headers

File Characteristics

Sections

Size: 45KB - Virtual size: 104KB

Size: 1KB - Virtual size: 4KB

Size: - Virtual size: 8KB

Size: 7KB - Virtual size: 8KB

Size: 512B - Virtual size: 4KB

Size: - Virtual size: 12KB

.rsrc Size: 15KB - Virtual size: 16KB

.gs Size: 115KB - Virtual size: 116KB

.adata Size: - Virtual size: 4KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 1024B - Virtual size: 868B

DATA Size: 512B - Virtual size: 12B

BSS Size: - Virtual size: 33B

.idata Size: 512B - Virtual size: 252B

.edata Size: 512B - Virtual size: 73B

.reloc Size: 512B - Virtual size: 144B

.rsrc Size: 512B - Virtual size: 512B

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 17KB - Virtual size: 16KB

DATA Size: 1KB - Virtual size: 1KB

BSS Size: - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 1KB

.edata Size: 512B - Virtual size: 123B

.reloc Size: 2KB - Virtual size: 1KB

.rsrc Size: 21KB - Virtual size: 21KB

362c1cd92b004c6d2efbbb87d8c9e93a

Headers

File Characteristics

Imports

starter

kernel32

user32

shell32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 272B

.reloc Size: 512B - Virtual size: 416B

a528b69b38c33a00aa066dd1383d8133

Headers

File Characteristics

CODE
Size: 14KB - Virtual size: 13KB

DATA
Size: 1024B - Virtual size: 780B

BSS
Size: - Virtual size: 2KB

.idata
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 41KB - Virtual size: 40KB

.rsrc
Size: 11KB - Virtual size: 76KB

.gs
Size: 141KB - Virtual size: 144KB

.adata
Size: - Virtual size: 4KB

.rsrc
Size: 15KB - Virtual size: 16KB

.gs
Size: 115KB - Virtual size: 116KB

.adata
Size: - Virtual size: 4KB

CODE
Size: 1024B - Virtual size: 868B

DATA
Size: 512B - Virtual size: 12B

BSS
Size: - Virtual size: 33B

.idata
Size: 512B - Virtual size: 252B

.edata
Size: 512B - Virtual size: 73B

.reloc
Size: 512B - Virtual size: 144B

.rsrc
Size: 512B - Virtual size: 512B

CODE
Size: 17KB - Virtual size: 16KB

DATA
Size: 1KB - Virtual size: 1KB

BSS
Size: - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 123B

.reloc
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 21KB - Virtual size: 21KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 272B

.reloc
Size: 512B - Virtual size: 416B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 720B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 3KB - Virtual size: 6KB

.reloc
Size: 5KB - Virtual size: 5KB