b90e3644fe316780e2af28800e319698

Sharing

Copy URL Twitter E-mail

General

Target

b90e3644fe316780e2af28800e319698
Size

2.2MB
MD5

b90e3644fe316780e2af28800e319698
SHA1

30002e3c3a72537d8c20c6b6462d87b37234500e
SHA256

47346162a96be838d181163a1e189893ef1523769c675c5ccde42e9006075c4d
SHA512

db3097688f6c3a964cc2c8d5ddc9f89094c17ae81aabd80bdb8321d5f404e899526c30696d20ee80283c1bdc5a23921ef3eaeb2118391c08805d1298ccb99466
SSDEEP

49152:VtvHEjDOWm0xm3f5PL7ONzza3Bf89TDCZSOdtA7:VtvHEfOWmimVmxWkDCAOdq7

Score

3^/10

Malware Config

Signatures

Unsigned PE 9 IoCs

Checks for missing Authenticode signature.

resource
unpack001/AutoFireWall.exe
unpack001/RemoveDevice.dll
unpack001/SinoCopy.exe
unpack001/SinoHook.dll
unpack001/SinoHttp.dll
unpack001/SinoLanguage.dll
unpack001/SinoUpdate.exe
unpack001/SkinPPWTL.dll
unpack001/VirusDef.dll

Files

b90e3644fe316780e2af28800e319698
.rar
155绿色软件站.url
.url
AlphaOS.ssk
AquaOS.ssk
AutoFireWall.exe
.exe windows:4 windows x86 arch:x86

6b143b5c8ea4f0b94cb86309bdc8bac8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

psapi

GetModuleFileNameExA
EnumProcessModules

winmm

sndPlaySoundA

skinppwtl

ord39
ord3
ord2

kernel32

TlsFree
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetCurrentDirectoryA
GetProcessVersion
SizeofResource
GetCPInfo
SetErrorMode
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapAlloc
HeapFree
GetCommandLineA
ExitProcess
ExitThread
RaiseException
GetACP
SetStdHandle
GetFileType
HeapReAlloc
HeapSize
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GlobalHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetModuleFileNameA
CreateMutexA
OpenMutexA
CloseHandle
OpenProcess
SetFileAttributesA
Sleep
GetPrivateProfileStringA
FreeLibrary
GetProcAddress
LoadLibraryA
GetOEMCP
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
TerminateProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
GetLogicalDriveStringsA
GetFileAttributesA
WritePrivateProfileStringA
WaitForSingleObject
CreateProcessA
GetStartupInfoA
CreatePipe
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
CreateFileA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSize
FileTimeToLocalFileTime
FileTimeToSystemTime
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
lstrcpynA
GetSystemDirectoryA
GetProfileStringA
GlobalFindAtomA
lstrcpyA
MulDiv
GetModuleHandleA
SetLastError
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
SuspendThread
SetThreadPriority
ResumeThread
GetDriveTypeA
SetEvent
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GetVersionExA
CreateThread
GetExitCodeThread
CreateEventA
GetWindowsDirectoryA
VirtualAllocEx
ReadProcessMemory
VirtualFreeEx
GetTickCount
lstrlenA
DeleteFileA
FindFirstFileA
FindNextFileA
GetLastError
FindClose
GetStdHandle

user32

CharNextA
CopyAcceleratorTableA
GetNextDlgGroupItem
InflateRect
RegisterClipboardFormatA
PostThreadMessageA
SetWindowTextA
IsDialogMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
CopyRect
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
GetDC
ClientToScreen
MapDialogRect
LoadStringA
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
GetFocus
GetNextDlgTabItem
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
PeekMessageA
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
PostQuitMessage
LoadCursorA
CopyIcon
SetCursor
GetMessagePos
ScreenToClient
PtInRect
MessageBeep
InvalidateRect
IsWindow
GetWindowRect
GetSysColorBrush
GetClassNameA
GetDesktopWindow
SetRect
RegisterHotKey
PostMessageA
RegisterWindowMessageA
UnregisterHotKey
KillTimer
ShowWindow
LoadMenuA
GetSubMenu
ModifyMenuA
EnableMenuItem
GetCursorPos
SetForegroundWindow
DestroyIcon
wsprintfA
GetWindow
IsWindowVisible
GetParent
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetForegroundWindow
AnimateWindow
GetSystemMenu
AppendMenuA
SendMessageA
IsCharAlphaNumericA
SetTimer
GetWindowLongA
SetWindowLongA
FindWindowA
FindWindowExA
GetWindowThreadProcessId
LoadIconA
EnableWindow
CharUpperA
SetWindowPos
DestroyMenu
HideCaret
UnregisterClassA
wvsprintfA
SetWindowContextHelpId
MoveWindow
ReleaseDC

gdi32

IntersectClipRect
DeleteObject
GetDeviceCaps
GetViewportExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
PatBlt
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkMode
SetBkColor
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
GetObjectA
CreateFontIndirectA
GetTextExtentPointA
BitBlt
CreateCompatibleDC
GetWindowExtEx
CreateDIBitmap
GetStockObject

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyExA
CloseServiceHandle
QueryServiceStatus
OpenServiceA
OpenSCManagerA
RegDeleteValueA
RegSetValueExA
RegCloseKey
RegQueryInfoKeyA
RegEnumValueA
ControlService
StartServiceA
RegCreateKeyExA

shell32

ShellExecuteExA
Shell_NotifyIconA
ShellExecuteA

comctl32

ord17
ImageList_Destroy

oledlg

ord8

ole32

CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CLSIDFromString
CoRegisterMessageFilter
CLSIDFromProgID
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringByteLen
SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

ws2_32

gethostbyname
inet_ntoa
inet_addr
WSASend
WSAEnumNetworkEvents
WSARecv
shutdown
WSAEventSelect
WSAWaitForMultipleEvents
closesocket
WSASocketA
setsockopt
WSAGetLastError
WSAStartup
WSACleanup
htons
ntohs
ntohl
htonl
WSAConnect

Sections

.text
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
AutoWarn.wav
Devoir.ssk
Dogmax.ssk
Dogmax2.ssk
FauxS-Toon.ssk
Language.ini
RedCopper.ssk
RemoveDevice.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

RemoveUSB

Sections

CODE
Size: 323KB - Virtual size: 322KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 77B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SinoCopy.exe
.exe windows:4 windows x86 arch:x86

a06648525b64579f0e50afd5444e6852

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
RtlUnwind
ExitProcess
HeapAlloc
HeapFree
TerminateProcess
RaiseException
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
FileTimeToLocalFileTime
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
FileTimeToSystemTime
SetErrorMode
GetCPInfo
GetProfileStringA
SizeofResource
GetProcessVersion
GetCurrentDirectoryA
GlobalFlags
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateFileA
lstrcpynA
GetFileTime
GetFileSize
MulDiv
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
GetModuleHandleA
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
SetLastError
lstrlenA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
DeleteFileA
FindFirstFileA
FindNextFileA
GetLastError
FindClose
CreatePipe
GetStartupInfoA
CreateProcessA
CloseHandle
WaitForSingleObject
GetModuleFileNameA
GetOEMCP
LoadLibraryA
GetProcAddress
FreeLibrary
GetPrivateProfileStringA
GetCommandLineA
Sleep
MoveFileA
SetFileAttributesA
WritePrivateProfileStringA
GetEnvironmentVariableA
GetFileAttributesA

user32

CharNextA
CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
MessageBeep
InvalidateRect
InflateRect
RegisterClipboardFormatA
PostThreadMessageA
CopyRect
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
GetSysColorBrush
SystemParametersInfoA
GetWindowRect
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
SetCursor
PostQuitMessage
wsprintfA
LoadIconA
SendMessageA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
SetTimer
KillTimer
WaitMessage
PeekMessageA
DispatchMessageA
PostMessageA
EnableWindow
DestroyIcon
FindWindowA
IsIconic
GetSystemMetrics
GetClientRect
PtInRect
GetClassNameA
IntersectRect
DrawIcon
GetSystemMenu
DefDlgProcA
IsWindowUnicode
AppendMenuA
LoadCursorA
CharUpperA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
DestroyMenu
LoadStringA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
SetMenuItemBitmaps
GetDesktopWindow
ScreenToClient
GetWindowPlacement

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

shell32

Shell_NotifyIconA

comctl32

ord17

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
CoRevokeClassObject
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
OleFlushClipboard
OleIsCurrentClipboard
StgOpenStorageOnILockBytes

olepro32

ord253

oleaut32

VariantTimeToSystemTime
SysAllocStringLen
SysFreeString
VariantCopy
VariantChangeType
SysAllocString
SysAllocStringByteLen
SysStringLen
VariantClear

wsock32

connect
sendto
recvfrom
socket
inet_ntoa
WSAAsyncSelect
send
recv
gethostbyname
closesocket
htonl
htons
bind
ioctlsocket
accept
WSAGetLastError
WSASetLastError
WSAStartup
WSACleanup

Sections

.text
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SinoHook.dll
.dll windows:4 windows x86 arch:x86

6cba59b39c434c02762a3adc70af6337

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

mixerGetNumDevs
mixerSetControlDetails
mixerGetControlDetailsA
mixerGetLineControlsA
mixerGetLineInfoA
mixerGetDevCapsA
mixerClose
mixerOpen

kernel32

TlsSetValue
LocalReAlloc
TlsGetValue
GetCurrentThreadId
GetVersion
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetProcessVersion
GlobalFlags
GetCPInfo
GetCurrentDirectoryA
RtlUnwind
GetCommandLineA
RaiseException
HeapAlloc
HeapFree
GetTimeZoneInformation
GetACP
HeapSize
HeapReAlloc
GlobalAlloc
TerminateProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetDriveTypeA
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalReAlloc
GlobalLock
TlsFree
GetPrivateProfileStringA
GlobalHandle
GlobalUnlock
GlobalFree
TlsAlloc
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcmpiA
GetFullPathNameA
GetVolumeInformationA
FlushFileBuffers
SetFilePointer
WriteFile
FreeLibrary
GetCurrentProcess
lstrcatA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FindNextFileA
lstrcpyA
SetLastError
GetLastError
FindFirstFileA
FindClose
lstrcpynA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
OpenProcess
VirtualAllocEx
ReadProcessMemory
VirtualFreeEx
CloseHandle
lstrcmpA
lstrlenA
GetModuleHandleA
GetModuleFileNameA
GetOEMCP
LoadLibraryA
ExitProcess
GetProcAddress

user32

GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
SetWindowTextA
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
DispatchMessageA
GetKeyState
PeekMessageA
GetParent
GetLastActivePopup
IsWindowEnabled
MessageBoxA
EnableWindow
GetSystemMetrics
CharUpperA
LoadStringA
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
SetForegroundWindow
EnumWindows
IsWindow
FindWindowA
FindWindowExA
GetWindowThreadProcessId
SendMessageA
GetDesktopWindow
GetWindowTextA
GetClassNameA
GetWindowLongA
ShowWindow

gdi32

CreateBitmap
GetDeviceCaps
DeleteObject
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SetBkColor
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetTextColor
GetClipBox
GetObjectA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

shell32

ShellExecuteExA

comctl32

ord17

Exports

Exports

GetHideWndNum
InstallHook
ShowOrHideWnd
UninstallHook

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Share
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SinoHttp.dll
.dll windows:4 windows x86 arch:x86

eaacf09a5630e0703fdb7d9cac9c744e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

WSAStartup
socket
setsockopt
closesocket
recv
send
gethostbyname
htons
connect
getprotobyname
WSACleanup

kernel32

SetFilePointer
FlushFileBuffers
GetCPInfo
GetOEMCP
RtlUnwind
GetCommandLineA
ExitProcess
TerminateProcess
HeapFree
HeapAlloc
RaiseException
HeapSize
HeapReAlloc
GetACP
WriteFile
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetCurrentProcess
GetProcessVersion
LoadLibraryA
FreeLibrary
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetLastError
GetModuleHandleA
GetProcAddress
SetLastError
WritePrivateProfileStringA
GlobalFlags
GetVersion
lstrcpynA
lstrcpyA
lstrcatA
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
CloseHandle
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
Sleep

user32

SetWindowLongA
SetWindowPos
ShowWindow
SetFocus
GetSystemMetrics
GetWindowPlacement
IsIconic
SystemParametersInfoA
RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
LoadStringA
DestroyMenu
GetDlgItem
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
wsprintfA
GetWindowTextA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
UnregisterClassA
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SetCursor
SendMessageA
PostMessageA
PostQuitMessage
GetMenuState
GetFocus

gdi32

CreateBitmap
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkColor
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
DeleteDC
DeleteObject
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA

comctl32

ord17

Exports

Exports

??0CHttpSocket@@QAE@ABV0@@Z
??0CHttpSocket@@QAE@XZ
??1CHttpSocket@@UAE@XZ
??4CHttpSocket@@QAEAAV0@ABV0@@Z
??_7CHttpSocket@@6B@
?CloseSocket@CHttpSocket@@QAEHXZ
?Connect@CHttpSocket@@QAEHPADH@Z
?FormatRequestHeader@CHttpSocket@@QAEPBDPAD0AAJ00JJH@Z
?GetField@CHttpSocket@@QAEHPBDPADH@Z
?GetRequestHeader@CHttpSocket@@QBEHPADH@Z
?GetResponseHeader@CHttpSocket@@QAEPBDAAH@Z
?GetResponseLine@CHttpSocket@@QAEHPADH@Z
?GetServerState@CHttpSocket@@QAEHXZ
?Receive@CHttpSocket@@QAEJPADJ@Z
?SendRequest@CHttpSocket@@QAEHPBDJ@Z
?SetTimeout@CHttpSocket@@QAEHHH@Z
?Socket@CHttpSocket@@QAEHXZ

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SinoLanguage.dll
.dll windows:4 windows x86 arch:x86

18f804254730c7b0d2a2ae50928a7540

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcessVersion
lstrcmpA
GlobalFlags
GetCPInfo
GetOEMCP
RtlUnwind
GetCommandLineA
RaiseException
HeapAlloc
HeapFree
HeapSize
GetTimeZoneInformation
GetACP
HeapReAlloc
ExitProcess
TerminateProcess
SetHandleCount
GetStdHandle
GetFileType
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
SetStdHandle
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
SetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcmpiA
GetFullPathNameA
GetVolumeInformationA
LoadLibraryA
GetProcAddress
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
GetVersion
lstrcpyA
lstrcatA
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalAlloc
GlobalReAlloc
GlobalLock
Sleep
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetCurrentThreadId
LocalFree
CreateFileA
CloseHandle
GetLastError
FindFirstFileA
FindClose
lstrcpynA
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetModuleHandleA
GetModuleFileNameA
lstrlenA
GetStartupInfoA

user32

CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
SetWindowTextA
IsWindowEnabled
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
EnableWindow
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetDlgCtrlID
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
GetSystemMetrics
CharUpperA
LoadStringA
UnregisterClassA
UnhookWindowsHookEx
DispatchMessageA
MessageBoxA
SetWindowsHookExA
SendMessageA
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowLongA

gdi32

RestoreDC
SelectObject
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SaveDC
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
DeleteDC
DeleteObject
GetDeviceCaps
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

comctl32

ord17

Exports

Exports

SinoLanguage

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SinoUpdate.exe
.exe windows:4 windows x86 arch:x86

195b481dddbe644ee7b862463bb6ab1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

psapi

GetModuleFileNameExA
EnumProcessModules

netapi32

Netbios

kernel32

GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
SizeofResource
GetCPInfo
SetErrorMode
WritePrivateProfileStringA
GetCurrentDirectoryA
RtlUnwind
HeapAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
ExitProcess
RaiseException
GetACP
ExitThread
TlsFree
GetFileType
HeapReAlloc
HeapSize
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalHandle
TlsAlloc
LocalAlloc
GetProcessVersion
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrlenW
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
GlobalAlloc
lstrcmpA
GetCurrentThread
MulDiv
SetLastError
GetThreadLocale
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
SystemTimeToFileTime
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
lstrcatA
ReadFile
GetFileTime
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
WriteFile
lstrcmpiA
GetFullPathNameA
InterlockedDecrement
CreateDirectoryA
MoveFileA
GetTickCount
GetProfileStringA
CreatePipe
GetStartupInfoA
CreateProcessA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CreateToolhelp32Snapshot
Process32First
OpenProcess
Process32Next
TerminateProcess
TerminateThread
lstrcpynA
GetModuleFileNameA
GetOEMCP
GetProcAddress
GetPrivateProfileStringA
OpenMutexA
CreateMutexA
GetVersionExA
CreateThread
GetExitCodeThread
GetLastError
CreateEventA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
Sleep
lstrcpyA
CreateFileA
GetFileSize
CloseHandle
lstrlenA
WaitForSingleObject
DeleteFileA
FindNextFileA
SetFileAttributesA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileAttributesA
GetDriveTypeA
GetVolumeInformationA
SetStdHandle

user32

RegisterClipboardFormatA
PostThreadMessageA
GetDesktopWindow
GetClassNameA
GetSysColorBrush
InflateRect
DestroyMenu
CharNextA
MapDialogRect
SetWindowContextHelpId
GetMessageA
ValidateRect
GetCursorPos
PostQuitMessage
LoadStringA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
CharUpperA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetFocus
SetFocus
AdjustWindowRectEx
CopyRect
GetTopWindow
MessageBoxA
IsChild
GetCapture
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextA
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
GetMessageTime
GetLastActivePopup
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GrayStringA
DrawTextA
TabbedTextOutA
GetNextDlgGroupItem
CopyAcceleratorTableA
RedrawWindow
GetSysColor
RegisterWindowMessageA
FindWindowA
PostMessageA
wsprintfA
GetForegroundWindow
AnimateWindow
GetWindow
IsWindowVisible
GetParent
SetForegroundWindow
DestroyIcon
IsIconic
GetSystemMetrics
DrawIcon
GetSystemMenu
AppendMenuA
GetWindowLongA
SetWindowLongA
GetWindowRect
SetRect
LoadIconA
LoadCursorA
CopyIcon
SetCursor
GetMessagePos
ScreenToClient
GetClientRect
PtInRect
KillTimer
MessageBeep
InvalidateRect
SetTimer
IsWindow
EnableWindow
SendMessageA
PeekMessageA
DispatchMessageA
IsDialogMessageA
TranslateMessage
GetWindowTextLengthA
WinHelpA

gdi32

GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PatBlt
GetTextColor
GetBkColor
GetMapMode
LPtoDP
GetTextExtentPointA
DeleteObject
PtVisible
CreateCompatibleBitmap
CreateCompatibleDC
CreateRectRgn
BitBlt
CreateDIBitmap
GetObjectA
CreateFontIndirectA
DPtoLP
GetStockObject
IntersectClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
Escape
ExtTextOutA
TextOutA
RectVisible

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

shell32

ShellExecuteExA
Shell_NotifyIconA
ShellExecuteA

comctl32

ord17
ImageList_Destroy

oledlg

ord8

ole32

CoFreeUnusedLibraries
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
OleInitialize
OleUninitialize
CoRevokeClassObject
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard

olepro32

ord253

oleaut32

SysStringLen
VariantTimeToSystemTime
VarBstrFromCy
SysAllocStringLen
SysAllocString
VariantInit
VariantCopy
VariantChangeType
SysAllocStringByteLen
SysFreeString
VariantClear

ws2_32

htons
gethostbyname
inet_ntoa
inet_addr
WSAConnect
WSASend
WSAEnumNetworkEvents
WSARecv
shutdown
WSAEventSelect
WSAWaitForMultipleEvents
closesocket
WSASocketA
setsockopt
WSAGetLastError
WSAStartup
WSACleanup
ntohs
ntohl
htonl

Sections

.text
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 304KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SkinPPWTL.dll
.dll windows:4 windows x86 arch:x86

8415b02065effcf3e8ba3b1c65054435

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FileTimeToDosDateTime
DeleteFileA
SetFileTime
CreateDirectoryA
SystemTimeToFileTime
ResumeThread
GetModuleHandleA
GetCurrentDirectoryA
DosDateTimeToFileTime
VirtualProtectEx
WriteProcessMemory
CreateRemoteThread
WaitForSingleObject
CloseHandle
OutputDebugStringA
DebugBreak
InterlockedDecrement
InterlockedIncrement
lstrlenA
GetTempPathA
GetFileType
GetWindowsDirectoryA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetProcessHeap
HeapAlloc
HeapFree
GlobalFree
lstrcmpA
Sleep
lstrlenW
GetVersion
GetVersionExA
FindResourceExW
FindResourceExA
GetCurrentThreadId
WideCharToMultiByte
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
FindNextFileA
GetLastError
GetModuleFileNameA
GetShortPathNameA
lstrcmpiA
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
lstrcpyA
FindFirstFileA
FindClose
lstrcpynA
GetFileTime
GetFileSize
GetFileAttributesA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
MulDiv
FindResourceA
LoadResource
LockResource
SizeofResource
FreeResource
GlobalAlloc
GlobalLock
GlobalUnlock
VirtualProtect
VirtualQuery
GetCurrentProcess
LoadLibraryA
FreeLibrary
SetLastError
CreateProcessW
SuspendThread
GetThreadContext
FlushInstructionCache
SetThreadContext
CreateProcessA
GetProcAddress
VirtualAllocEx
GetFileInformationByHandle
GetLocalTime

user32

GetCursorPos
KillTimer
RemoveMenu
UpdateWindow
InsertMenuA
GetDlgItem
GetWindowTextA
CheckMenuItem
GetForegroundWindow
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
IntersectRect
IsRectEmpty
EqualRect
GetClientRect
GetSysColor
FindWindowExA
SetPropA
GetMenu
CreateWindowExA
DestroyMenu
EnableScrollBar
GetScrollInfo
EndPaint
IsWindow
SetScrollPos
SetScrollInfo
GetWindowRect
TrackPopupMenuEx
OffsetRect
InflateRect
CopyRect
GetScrollPos
GetScrollRange
GetDlgCtrlID
MoveWindow
GetWindowDC
GetMenuItemInfoA
GetSubMenu
GetMenuItemID
SetRectEmpty
PtInRect
SetTimer
SetCursor
IsWindowEnabled
LoadCursorA
GetMenuItemCount
SetScrollRange
CharLowerA
GetSystemMetrics
DrawIconEx
CharUpperA
GetDesktopWindow
GetDC
ReleaseDC
LoadCursorFromFileA
LoadImageA
LoadStringA
CharNextA
wvsprintfA
ShowScrollBar
GetSysColorBrush
DrawFrameControl
SetWindowRgn
SetMenu
DeleteMenu
InsertMenuItemA
InsertMenuItemW
InsertMenuW
SetWindowPos
LoadStringW
DrawIcon
LoadIconA
LoadIconW
LoadImageW
LoadBitmapA
LoadBitmapW
TrackPopupMenu
DrawTextA
DrawTextW
DrawTextExA
DrawTextExW
MessageBoxIndirectA
WindowFromDC
MessageBoxA
SetMenuItemInfoA
AppendMenuA
GetMenuStringA
CreatePopupMenu
IsMenu
SendMessageTimeoutA
GetIconInfo
wsprintfA
ClientToScreen
CallWindowProcA
GetFocus
RedrawWindow
GetWindowTextLengthA
DestroyWindow
SetWindowTextA
DestroyIcon
GetMessagePos
ReleaseCapture
SetCapture
RemovePropA
FillRect
SetMenuInfo
GetMenuState
UnionRect
GetMenuItemRect
GetMenuDefaultItem
SetRect
GetCapture
WindowFromPoint
ScreenToClient
DrawFocusRect
IsWindowVisible
GetAsyncKeyState
MapWindowPoints
MonitorFromPoint
GetMonitorInfoA
EnableMenuItem
GetPropA
SetWindowLongA
GetWindow
GetClassLongA
SendMessageA
BeginPaint
GetParent
InvalidateRect
GetClassNameA
GetWindowLongA
DrawStateA
CreateIconIndirect
ModifyMenuA
PostMessageA
GetSystemMenu
SystemParametersInfoA
ShowWindow
GetMenuCheckMarkDimensions

gdi32

SetBkColor
CreateCompatibleBitmap
GetDeviceCaps
CreateCompatibleDC
SetPixel
GetPixel
SetWindowOrgEx
SetViewportOrgEx
SetViewportExtEx
SetWindowExtEx
SetMapMode
GetObjectA
ExtCreateRegion
GetDIBits
CreateICA
GetClipBox
GetCurrentObject
BitBlt
SetBoundsRect
SetTextColor
SetBkMode
GetTextColor
GetBkMode
GetBkColor
PlgBlt
CreateSolidBrush
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextExtentPointA
GetTextExtentPointW
StretchBlt
SetStretchBltMode
CreateBitmap
SetPixelV
CreateDIBSection
PatBlt
SetBrushOrgEx
CreatePatternBrush
CreateBitmapIndirect
GetNearestColor
RoundRect
CreatePen
CreateFontIndirectA
RestoreDC
ExcludeClipRect
SaveDC
CombineRgn
CreateRectRgnIndirect
Rectangle
OffsetRgn
CreateRectRgn
LineTo
MoveToEx
DPtoLP
TextOutA
SelectClipRgn
GetViewportOrgEx
GetWindowOrgEx
SetTextAlign
GetCharWidthA
CreateFontA
RealizePalette
SelectPalette
CreateDIBitmap
SetDIBitsToDevice
RectVisible
StretchDIBits
GetStockObject
DeleteObject
ExtTextOutA
SelectObject
DeleteDC

comdlg32

ChooseColorA
ChooseColorW
GetFileTitleA

advapi32

RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegQueryValueExA

shell32

ShellExecuteA

ole32

CreateStreamOnHGlobal
CoCreateGuid

oleaut32

OleLoadPicture

comctl32

ImageList_Destroy
ImageList_AddMasked
ImageList_GetImageInfo
ImageList_Copy
ImageList_Duplicate
ImageList_DrawIndirect
_TrackMouseEvent
ImageList_GetIcon
ImageList_Draw

msimg32

AlphaBlend

msvcrt

_initterm
_onexit
__dllonexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_CxxThrowException
strncpy
getc
fputc
fflush
ftell
fseek
fwrite
fread
realloc
fopen
fclose
div
sqrt
calloc
_mbsnbcpy
ceil
floor
malloc
free
strchr
strftime
_ismbblead
localtime
gmtime
time
mktime
sprintf
sin
cos
fabs
abs
_ftol
__RTDynamicCast
wcsncpy
toupper
_purecall
_mbschr
_mbsicmp
atof
_splitpath
_fullpath
_mbsrchr
_mbsinc
_mbsstr
memcmp
strcmp
_except_handler3
strcpy
strcat
memset
strlen
memmove
_ismbcspace
_ismbcdigit
wcslen
memcpy
atoi
_mbscmp
??2@YAPAXI@Z
??3@YAXPAX@Z
_EH_prolog
__CxxFrameHandler
_stricmp
_tzset
_adjust_fdiv

msvcp60

??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?close@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
?open@?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAEPAV12@PBDH@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?close@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADHD@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z

Exports

Exports

??0CSkinIniFile@@QAE@ABV0@@Z
??0CSkinIniFile@@QAE@VCString@WTL@@@Z
??0CSkinIniFile@@QAE@XZ
??1CSkinIniFile@@UAE@XZ
??4CSkinIniFile@@QAEAAV0@ABV0@@Z
??_7CSkinIniFile@@6B@
?DeleteKey@CSkinIniFile@@QAE_NABVCString@WTL@@@Z
?DeleteValue@CSkinIniFile@@QAE_NABVCString@WTL@@0@Z
?FindKey@CSkinIniFile@@QAEHABVCString@WTL@@@Z
?FindValue@CSkinIniFile@@QAEHHABVCString@WTL@@@Z
?GetNumKeys@CSkinIniFile@@QAEHXZ
?GetNumValues@CSkinIniFile@@QAEHVCString@WTL@@@Z
?GetValue@CSkinIniFile@@QAE?AVCString@WTL@@ABV23@00@Z
?GetValue@CSkinIniFile@@QAE?AVCString@WTL@@ABV23@HAAV23@@Z
?GetValueF@CSkinIniFile@@QAENABVCString@WTL@@0@Z
?GetValueI@CSkinIniFile@@QAEHABVCString@WTL@@0H@Z
?ReadFile@CSkinIniFile@@QAE_NABVCString@WTL@@@Z
?ReadFile@CSkinIniFile@@QAE_NPAEH@Z
?ReadProfile@CSkinIniFile@@QAEXABVCString@WTL@@@Z
?Reset@CSkinIniFile@@QAEXXZ
?SetPath@CSkinIniFile@@QAEXABVCString@WTL@@@Z
?SetValue@CSkinIniFile@@QAE_NABVCString@WTL@@000_N@Z
?SetValueF@CSkinIniFile@@QAE_NABVCString@WTL@@0N_N@Z
?SetValueI@CSkinIniFile@@QAE_NABVCString@WTL@@0HH_N@Z
?WriteFile@CSkinIniFile@@QAEXXZ
?getline2@CSkinIniFile@@QAEHVCString@WTL@@AAV23@@Z
?getline@CSkinIniFile@@QAEAAV?$basic_istream@DU?$char_traits@D@std@@@std@@AAV23@AAVCString@WTL@@@Z
?skinppDrawSkinObject@@YAXPAUHDC__@@UtagRECT@@W4DRAWTYPE@@H@Z
?skinppGetBitmapRes@@YAPAUHBITMAP__@@PBD@Z
?skinppGetBitmapResRect@@YAHPBDAAH111@Z
?skinppGetBitmapSize@@YAXPAUHBITMAP__@@AAH1@Z
?skinppGetImageListFromID@@YAPAU_IMAGELIST@@H@Z
?skinppGetMainFrameMenu@@YAPAUHMENU__@@XZ
?skinppGetMultiLangMenu@@YAPAUHMENU__@@XZ
?skinppGetResFromID@@YAPAUHBITMAP__@@W4SKINOBJTYPE@@HH@Z
?skinppGetResFromID@@YAPAXPAU_ResourceInfo@@@Z
?skinppGetSkinResource@@YAPAEPBDAAH@Z
?skinppLoadLanguageStr@@YAHPBDPADH@Z
?skinppLoadSkinFromRes@@YAHPAUHINSTANCE__@@PBD1PAD@Z
?skinppLoadString@@YAHHPADH@Z
?skinppSetBackgroundDC@@YAXPAUHWND__@@PAUHDC__@@@Z
?skinppSetButtonSounds@@YAXPAUHWND__@@PBD1@Z
?skinppSetButtonTooltip@@YAXPAUHWND__@@PBD@Z
?skinppSetCustomDraw@@YAXPAUHWND__@@H@Z
?skinppSetDialogBkClipRgn@@YAXPAUHWND__@@HH@Z
?skinppSetDialogEraseBkgnd@@YAXPAUHWND__@@H@Z
?skinppSetDrawMenu@@YAXPAUHMENU__@@H@Z
?skinppSetMenuItemImage@@YAHIPAU_IMAGELIST@@H@Z
?skinppSetMenuSkinObjectID@@YAXPAUHWND__@@H@Z
?skinppSetNoDrawText@@YAXPAUHWND__@@H@Z
?skinppSetSkinOwnerMenu@@YAXH@Z
?skinppSetStaticFont@@YAHHPBDH@Z
?skinppSetStaticTextAlign@@YAHHH@Z
?skinppSetStaticTextColor@@YAHHK@Z
?skinppSetStatusBarTransparent@@YAXPAUHWND__@@H@Z
?skinppSetTabItemImageID@@YAXPAUHWND__@@HH@Z
skinppExitSkin
skinppGetDefaultSysColor
skinppGetIconFromRes
skinppGetSkinSysColor
skinppInitializeSkin
skinppLoadSkin
skinppRemoveSkin
skinppRemoveSkinHwnd
skinppSetFreeDlgID
skinppSetListBoxItemDrawInfo
skinppSetListHeaderCtrlItemID
skinppSetListHeaderSortInfo
skinppSetNoSkinHwnd
skinppSetSkinHwnd
skinppSetSkinResID
skinppSetTrackPopupMenuID
skinppSetWindowResID

Sections

.text
Size: 348KB - Virtual size: 345KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HookSec
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Spring.ssk
VirusDef.dll
.dll windows:4 windows x86 arch:x86

410f828dcd69df72bf449d94b5ceba77

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

psapi

EnumProcessModules
GetModuleFileNameExA

kernel32

FlushFileBuffers
SetEndOfFile
GetVolumeInformationA
GetFullPathNameA
lstrcmpiA
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetProcessVersion
GlobalFlags
GetCPInfo
GetCurrentDirectoryA
RtlUnwind
GetCommandLineA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
RaiseException
HeapAlloc
HeapFree
HeapSize
SetFilePointer
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetDriveTypeA
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
SetStdHandle
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
WriteFile
ReadFile
GetCurrentProcess
GetVersion
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalAlloc
GlobalReAlloc
GlobalLock
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetCurrentThreadId
FileTimeToLocalFileTime
FileTimeToSystemTime
SetLastError
CreateFileA
Sleep
GetLastError
lstrcpynA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
MoveFileA
GetFileAttributesA
lstrcpyA
lstrcatA
FindFirstFileA
FindNextFileA
FindClose
lstrcmpA
CreateToolhelp32Snapshot
Process32First
OpenProcess
TerminateProcess
Process32Next
CreateDirectoryA
DeleteFileA
SetFileAttributesA
CreatePipe
GetStartupInfoA
CreateProcessA
CloseHandle
WaitForSingleObject
GetModuleFileNameA
GetOEMCP
LoadLibraryA
GetProcAddress
FreeLibrary
GetPrivateProfileStringA
lstrlenA
HeapReAlloc

user32

GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
SetWindowTextA
IsWindowEnabled
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
EnableWindow
GetTopWindow
CopyRect
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetDlgCtrlID
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
IsIconic
GetWindowPlacement
GetWindowRect
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
GetSystemMetrics
CharUpperA
LoadStringA
UnregisterClassA
UnhookWindowsHookEx
DispatchMessageA
SendMessageA
wsprintfA
MessageBoxA
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
SystemParametersInfoA

gdi32

RestoreDC
SelectObject
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SaveDC
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
DeleteDC
DeleteObject
GetDeviceCaps
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

shell32

SHFileOperationA

comctl32

ord17

Exports

Exports

KillVirus
RealVirus
VirusDefInfo

Sections

.text
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
XP-Home.ssk
[AFW]UpdateKeys.txt
[AFW]UserGuider.chm
.chm
[AFW]使用說明.chm
.chm
[AFW]使用说明.chm
.chm
[AFW]更新說明.txt
[AFW]更新说明.txt

Sharing

General

Malware Config

Signatures

Files

6b143b5c8ea4f0b94cb86309bdc8bac8

Headers

File Characteristics

Imports

version

psapi

winmm

skinppwtl

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

ws2_32

Sections

.text Size: 280KB - Virtual size: 279KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 20KB - Virtual size: 37KB

.tls Size: 4KB - Virtual size: 12B

.rsrc Size: 192KB - Virtual size: 190KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 323KB - Virtual size: 322KB

DATA Size: 4KB - Virtual size: 4KB

BSS Size: - Virtual size: 4KB

.idata Size: 8KB - Virtual size: 7KB

.edata Size: 512B - Virtual size: 77B

.reloc Size: 24KB - Virtual size: 23KB

.rsrc Size: 20KB - Virtual size: 20KB

a06648525b64579f0e50afd5444e6852

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

Sections

.text Size: 164KB - Virtual size: 160KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 20KB - Virtual size: 33KB

.rsrc Size: 24KB - Virtual size: 22KB

6cba59b39c434c02762a3adc70af6337

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

winspool.drv

shell32

comctl32

Exports

Exports

Sections

.text
Size: 280KB - Virtual size: 279KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 20KB - Virtual size: 37KB

.tls
Size: 4KB - Virtual size: 12B

.rsrc
Size: 192KB - Virtual size: 190KB

CODE
Size: 323KB - Virtual size: 322KB

DATA
Size: 4KB - Virtual size: 4KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 8KB - Virtual size: 7KB

.edata
Size: 512B - Virtual size: 77B

.reloc
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 20KB - Virtual size: 20KB

.text
Size: 164KB - Virtual size: 160KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 20KB - Virtual size: 33KB

.rsrc
Size: 24KB - Virtual size: 22KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 19KB

Share
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 1016B

.reloc
Size: 12KB - Virtual size: 10KB

.text
Size: 68KB - Virtual size: 66KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 16KB - Virtual size: 27KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 12KB - Virtual size: 10KB

.text
Size: 76KB - Virtual size: 73KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 16KB - Virtual size: 27KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 10KB

.text
Size: 276KB - Virtual size: 275KB

.rdata
Size: 56KB - Virtual size: 53KB

.data
Size: 28KB - Virtual size: 42KB

.tls
Size: 4KB - Virtual size: 12B

.rsrc
Size: 304KB - Virtual size: 302KB