c1b1e71f04377962684ddae7ec1299d6

Sharing

Copy URL Twitter E-mail

General

Target

c1b1e71f04377962684ddae7ec1299d6
Size

10.4MB
MD5

c1b1e71f04377962684ddae7ec1299d6
SHA1

ef69edd2545ebad9753d595b86e6f6f91e8386eb
SHA256

5fd759d1ec37ca87dac33fc9e3f185236bb2732a2d96c10808e71415a7bf5174
SHA512

24dbb11c88369f7e6a142604c9aa046f9dfbd9d5b7c9509dd6d73bd27783d67bbcce9e449c14a7166649ea8e68a79cba117de5e91449a90d1fad275ad98148a2
SSDEEP

196608:GU865s7qXJ29EXTRu76z4zH2cyYchN2xFa3KAWtzr4xelz6hp3WSH5Oin7LmRQBa:GN65cqxD54zH2HYWN4waAqHIO6hdWLic

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 2 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack002/Puke888.exe	aspack_v212_v242
static1/unpack002/Puke888Update.exe	aspack_v212_v242

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/puke888_setup-v1.5b100728.exe
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/Puke888.exe
unpack002/Puke888Update.exe
unpack002/RICHED20.DLL
unpack002/uninst.exe

Files

c1b1e71f04377962684ddae7ec1299d6
.rar
puke888_setup-v1.5b100728.exe
.exe windows:4 windows x86 arch:x86

dd1742eadfc6df18ded3c26ae64ad610

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
CloseHandle
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
ExitProcess

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
Default.txt
ImageOle.dll
.dll regsvr32 windows:4 windows x86 arch:x86

15c3f47ce2cf6887f91a029cb36319d3

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:55:f9:95:e6:cd:a7:e4:0d:b8:62:9e:5a:f1:5e:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

26/02/2007, 00:00

Not After

26/02/2008, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Shenzhen R&D Center,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

57:03:d9:65:7d:8e:b9:99:04:0b:5b:5e:60:af:bc:a7:28:6b:78:28
Signer

Actual PE Digest

57:03:d9:65:7d:8e:b9:99:04:0b:5b:5e:60:af:bc:a7:28:6b:78:28

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LeaveCriticalSection
DeleteCriticalSection
GetProcAddress
LoadLibraryA
lstrcpyA
EnterCriticalSection
HeapDestroy
GetCurrentProcess
GetCurrentThreadId
InitializeCriticalSection
HeapCreate
GetVersionExA
GetSystemInfo
HeapAlloc
DisableThreadLibraryCalls
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
FlushInstructionCache
lstrcatA
lstrlenW
GlobalLock
ReadFile
GetTickCount
InterlockedIncrement
GlobalFree
MultiByteToWideChar
LocalAlloc
InterlockedExchange
RaiseException
InterlockedDecrement
CreateFileA
WideCharToMultiByte
CloseHandle
GlobalUnlock
GlobalAlloc
SetFilePointer

user32

GetParent
GetDC
SetFocus
IsChild
CreateWindowExA
GetWindowLongA
InvalidateRect
CharNextA
DefWindowProcA
IsWindow
GetKeyState
PtInRect
SetTimer
GetWindowTextA
GetClassNameA
IsWindowVisible
ReleaseDC
WindowFromDC
DestroyWindow
KillTimer
UpdateWindow
GetFocus
SendMessageA
ShowWindow
CallWindowProcA
IntersectRect
GetClientRect
EndPaint
GetClassInfoExA
UnionRect
SetWindowPos
SetWindowRgn
OffsetRect
EqualRect
SetWindowLongA
BeginPaint
LoadCursorA
wsprintfA
RegisterClassExA

gdi32

DeleteObject
CreateCompatibleDC
GetDeviceCaps
DeleteDC
BitBlt
SelectClipRgn
CreateRectRgn
SelectObject
CreateCompatibleBitmap
RestoreDC
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
SaveDC
LPtoDP
CreateDCA
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
CreateMetaFileA

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA

ole32

CreateOleAdviseHolder
CoLoadLibrary
OleLoadFromStream
CreateDataAdviseHolder
OleRegGetMiscStatus
OleSaveToStream
WriteClassStm
OleRegGetUserType
OleRegEnumVerbs
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CreateStreamOnHGlobal
CoTaskMemFree

oleaut32

LoadRegTypeLi
SysAllocStringByteLen
SysStringLen
VariantChangeType
RegisterTypeLi
SysStringByteLen
VarUI4FromStr
VariantClear
LoadTypeLi
SysAllocString
SysFreeString
OleCreatePropertyFrame

msvcp60

??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ

msvcrt

memset
memcpy
realloc
??2@YAPAXI@Z
malloc
free
_except_handler3
strncat
strlen
strncpy
_mbsrchr
__dllonexit
_onexit
memcmp
?terminate@@YAXXZ
_initterm
_adjust_fdiv
__CxxFrameHandler
_purecall

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Puke888.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

@$xp$15Bszlib@z_stream
@$xp$16Suiedit@TsuiEdit
@$xp$16Suiform@TsuiForm
@$xp$18Bsutils@TbsFBitmap
@$xp$18Suithemes@TsuiType
@$xp$19Bscolorctrls@TLineB
@$xp$19Bscolorctrls@TLineI
@$xp$19Bszlib@inflate_mode
@$xp$19Frmthememgr@TfrmMgr
@$xp$19Pngextra@TPNGButton
@$xp$19Suiform@TsuiMDIForm
@$xp$19Suiform@TsuiMenuBar
@$xp$20Bsutils@TbsNumGlyphs
@$xp$20Suibutton@TsuiButton
@$xp$20Suidbctrls@ENavClick
@$xp$20Suiedit@TsuiMaskEdit
@$xp$20Suiedit@TsuiSpinEdit
@$xp$20Suimgr@TsuiFileTheme
@$xp$21Suidbctrls@TsuiDBEdit
@$xp$21Suidbctrls@TsuiDBGrid
@$xp$21Suidbctrls@TsuiDBMemo
@$xp$21Suitabcontrol@TsuiTab
@$xp$21Suithemes@TsuiUIStyle
@$xp$21Thdtimer@TTimerThread
@$xp$22Bscolorctrls@TPSPColor
@$xp$22Bseffects@TbsEffectBmp
@$xp$22Bsskindata@TbsSkinData
@$xp$22Bsskinhint@TbsSkinHint
@$xp$22Bsskintabs@TbsBolArray
@$xp$22Bstrayicon@TbsTrayIcon
@$xp$22Bsutils@TbsStretchType
@$xp$22Suibutton@TsuiCheckBox
@$xp$22Suidbctrls@TsuiDBImage
@$xp$22Suiedit@TsuiNumberEdit
@$xp$22Suiform@TsuiMSNPopForm
@$xp$22Suitoolbar@TsuiToolBar
@$xp$23Bsskinctrls@TbsJumpMode
@$xp$23Bsskinctrls@TbsSkinPage
@$xp$23Bsskindata@TbsMorphKind
@$xp$23Bsskinmenus@TbsSkinMenu
@$xp$23Bsskintabs@TbsRectArray
@$xp$23Bsutils@TbsButtonLayout
@$xp$23Suiedit@TsuiSpinButtons
@$xp$23Suiimagepanel@TsuiPanel
@$xp$23Suimgr@TsuiThemeManager
@$xp$23Thdtimer@TThreadedTimer
@$xp$24Bscalendar@TbsDaysOfWeek
@$xp$24Bsskinctrls@TbsSkinBevel
@$xp$24Bsskinctrls@TbsSkinGauge
@$xp$24Bsskinctrls@TbsSkinLabel
@$xp$24Bsskinctrls@TbsSkinPanel
@$xp$24Bsskindata@TbsSkinColors
@$xp$24Bsskindata@TbsStdCommand
@$xp$24Bsskintabs@TbsCloseEvent
@$xp$24Bstrayicon@TbsCycleEvent
@$xp$24Frmmsnpop@TfrmMSNPopForm
@$xp$24Pngextra@TPNGButtonState
@$xp$24Pngextra@TPNGButtonStyle
@$xp$24Sui2define@Sui2define__1
@$xp$24Suicombobox@TsuiComboBox
@$xp$24Suidbctrls@TsuiDBListBox
@$xp$24Suidbctrls@TsuiNavButton
@$xp$24Suigroupbox@TsuiGroupBox
@$xp$24Suilistview@TsuiListView
@$xp$24Suimainmenu@TsuiMainMenu
@$xp$24Suiskinform@TsuiSkinForm
@$xp$24Suititlebar@TsuiTitleBar
@$xp$24Suitrackbar@TsuiTrackBar
@$xp$24Suiurllabel@TsuiURLLabel
@$xp$25Bsskinboxctrls@TbsListBox
@$xp$25Bsskinctrls@TbsEllipsType
@$xp$25Bsskinctrls@TbsPageButton
@$xp$25Bsskinctrls@TbsScrollType
@$xp$25Bsskinctrls@TbsSkinButton
@$xp$25Bsskinctrls@TbsSkinSlider
@$xp$25Bsskintabs@TbsCloseEvent2
@$xp$25Bszlib@inflate_block_mode
@$xp$25Bszlib@inflate_codes_mode
@$xp$25Bszlibcompress@EZlibError
@$xp$25Pngextra@TPNGButtonLayout
@$xp$25Sui2define@Tsk2IntElement
@$xp$25Suibutton@TsuiArrowButton
@$xp$25Suibutton@TsuiImageButton
@$xp$25Suibutton@TsuiRadioButton
@$xp$25Suidbctrls@TsuiDBCheckBox
@$xp$25Suidbctrls@TsuiDBComboBox
@$xp$26Bscolorctrls@TClickZonePSP
@$xp$26Bsskinboxctrls@TPopupAlign
@$xp$26Bsskinboxctrls@TbsSkinEdit
@$xp$26Bsskinboxctrls@TbsSkinMemo
@$xp$26Bsskinboxctrls@TbsURLState
@$xp$26Bsskinctrls@TbsEllipsType2
@$xp$26Bsskinctrls@TbsSectionItem
@$xp$26Bsskinctrls@TbsSkinControl
@$xp$26Bsskinctrls@TbsSkinCoolBar
@$xp$26Bsskinctrls@TbsSkinExPanel
@$xp$26Bsskinctrls@TbsSkinToolBar
@$xp$26Bsskinctrls@TbsSliderImage
@$xp$26Bsskindata@TbsSkinListItem
@$xp$26Bsskintabs@TbsSkinTabSheet
@$xp$26Businessskinform@TbsMDITab
@$xp$26Shdocvw_tlb@TCppWebBrowser
@$xp$26Sui2define@Tsk2BoolElement
@$xp$26Suibutton@TsuiCustomButton
@$xp$26Suidbctrls@TsuiDBNavigator
@$xp$26Suidbctrls@TsuiNavDataLink
@$xp$26Suipopupmenu@TsuiPopupMenu
@$xp$26Suiscrollbar@TsuiScrollBar
@$xp$26Suithemes@TsuiFileThemeMgr
@$xp$27Bscolorctrls@TbsColorViewer
@$xp$27Bsskinboxctrls@TbsSkinMemo2
@$xp$27Bsskinboxctrls@TbsValueType
@$xp$27Bsskinctrls@TbsSkinGroupBox
@$xp$27Bsskinctrls@TbsSkinListView
@$xp$27Bsskinctrls@TbsSkinNotebook
@$xp$27Bsskinctrls@TbsSkinRichEdit
@$xp$27Bsskinctrls@TbsSkinSplitter
@$xp$27Bsskinctrls@TbsSkinStdLabel
@$xp$27Bsskinctrls@TbsSkinTrackBar
@$xp$27Bsskinctrls@TbsSkinTreeView
@$xp$27Bsskinctrls@TbsSliderImages
@$xp$27Bsskinctrls@TbsSliderOption
@$xp$27Bsskindata@TbsDataSkinBevel
@$xp$27Bsskindata@TbsSkinListItems
@$xp$27Bsskinmenus@TbsSkinMenuItem
@$xp$27Suibutton@TsuiControlButton
@$xp$27Suidbctrls@TsuiDBRadioGroup
@$xp$27Suiimagepanel@TsuiDrawStyle
@$xp$27Suimgr@TsuiBuiltInFileTheme
@$xp$27Suimgr@TsuiThemeMgrCompList
@$xp$27Suipagecontrol@TsuiTabSheet
@$xp$28Bscolorctrls@TbsEmptyControl
@$xp$28Bsskinboxctrls@TCloseUpEvent
@$xp$28Bsskinboxctrls@TbsCustomEdit
@$xp$28Bsskinboxctrls@TbsFontDevice
@$xp$28Bsskinboxctrls@TbsSkinUpDown
@$xp$28Bsskinctrls@TbsButtonBarItem
@$xp$28Bsskinctrls@TbsImagePosition
@$xp$28Bsskinctrls@TbsSectionButton
@$xp$28Bsskinctrls@TbsSkinScrollBar
@$xp$28Bsskinctrls@TbsSkinStatusBar
@$xp$28Bsskinctrls@TbsSkinTextLabel
@$xp$28Bsskinctrls@TbsSliderOptions
@$xp$28Bsskinctrls@TbsTrackPosition
@$xp$28Bsskindata@TbsDataSkinButton
@$xp$28Bsskindata@TbsDataSkinObject
@$xp$28Bsskindata@TbsDataSkinSlider
@$xp$28Bsskindata@TbsDataUserObject
@$xp$28Bsskindata@TbsInActiveEffect
@$xp$28Bsskinhint@TbsSkinHintWindow
@$xp$28Bsskinmenus@TbsSkinPopupMenu
@$xp$28Bsskintabs@TbsSkinTabControl
@$xp$28Shdocvw_tlb@TCppShellWindows
@$xp$28Suiimagepanel@TsuiImagePanel
@$xp$28Suiradiogroup@TsuiCheckGroup
@$xp$28Suiradiogroup@TsuiRadioGroup
@$xp$28Suitabcontrol@TsuiTabControl
@$xp$29Bscolorctrls@TbsSkinColorGrid
@$xp$29Bsskinboxctrls@TbsComboExItem
@$xp$29Bsskinboxctrls@TbsSkinListBox
@$xp$29Bsskinboxctrls@TbsSkinNumEdit
@$xp$29Bsskinboxctrls@TbsSkinURLEdit
@$xp$29Bsskinboxctrls@TbsURLLinkType
@$xp$29Bsskinctrls@TbsButtonBarItems
@$xp$29Bsskinctrls@TbsCustomSplitter
@$xp$29Bsskinctrls@TbsNumThumbStates
@$xp$29Bsskinctrls@TbsSkinButtonsBar
@$xp$29Bsskinctrls@TbsSkinCheckGroup
@$xp$29Bsskinctrls@TbsSkinControlBar
@$xp$29Bsskinctrls@TbsSkinMenuButton
@$xp$29Bsskinctrls@TbsSkinPaintPanel
@$xp$29Bsskinctrls@TbsSkinRadioGroup
@$xp$29Bsskinctrls@TbsSkinSplitterEx
@$xp$29Bsskinctrls@TbsSkinWinControl
@$xp$29Bsskindata@TbsDataSkinAnimate
@$xp$29Bsskindata@TbsDataSkinCaption
@$xp$29Bsskindata@TbsDataSkinControl
@$xp$29Bsskindata@TbsDataSkinListBox
@$xp$29Bsskindata@TbsResourceStrData
@$xp$29Bsskinmenus@TbsImagesMenuItem
@$xp$29Bsskinmenus@TbsSkinImagesMenu
@$xp$29Bsskintabs@TbsSkinPageControl
@$xp$29Bstrayicon@TbsBalloonHintIcon
@$xp$29Businessskinform@TbsSkinFrame
@$xp$29Shdocvw_tlb@TCppShellUIHelper
@$xp$29Suibutton@TsuiArrowButtonType
@$xp$29Suicombobox@TsuiDriveComboBox
@$xp$29Suiimagepanel@TsuiCustomPanel
@$xp$29Suitabcontrol@TsuiTabPosition
@$xp$29Suititlebar@TsuiTitleBarAlign
@$xp$30Bsskinboxctrls@TbsCheckListBox
@$xp$30Bsskinboxctrls@TbsComboExItems
@$xp$30Bsskinboxctrls@TbsPasswordKind
@$xp$30Bsskinboxctrls@TbsPopupListBox
@$xp$30Bsskinboxctrls@TbsSkinComboBox
@$xp$30Bsskinboxctrls@TbsSkinDateEdit
@$xp$30Bsskinboxctrls@TbsSkinMaskEdit
@$xp$30Bsskinboxctrls@TbsSkinSpinEdit
@$xp$30Bsskinboxctrls@TbsSkinTimeEdit
@$xp$30Bsskinctrls@TbsExPanelRollKind
@$xp$30Bsskinctrls@TbsGaugePaintEvent
@$xp$30Bsskinctrls@TbsPaintPanelEvent
@$xp$30Bsskinctrls@TbsSkinBorderStyle
@$xp$30Bsskinctrls@TbsSkinButtonLabel
@$xp$30Bsskinctrls@TbsSkinScrollPanel
@$xp$30Bsskinctrls@TbsSkinSpeedButton
@$xp$30Bsskinctrls@TbsSkinStatusPanel
@$xp$30Bsskindata@TbsDataSkinComboBox
@$xp$30Bsskindata@TbsDataSkinListView
@$xp$30Bsskindata@TbsDataSkinMenuItem
@$xp$30Bsskindata@TbsDataSkinRichEdit
@$xp$30Bsskindata@TbsDataSkinTreeView
@$xp$30Bsskinexctrls@TbsSkinLinkImage
@$xp$30Bsskinexctrls@TbsSkinLinkLabel
@$xp$30Bsskinmenus@TbsImagesMenuItems
@$xp$30Bsskinmenus@TbsSkinPopupWindow
@$xp$30Bsskintabs@TbsDrawSkinTabEvent
@$xp$30Businessskinform@TbsBorderIcon
@$xp$30Businessskinform@TbsPaintEvent
@$xp$30Businessskinform@TbsUserObject
@$xp$30Suicombobox@TsuiCustomComboBox
@$xp$30Suicombobox@TsuiFilterComboBox
@$xp$30Suidbctrls@TsuiDBLookupListBox
@$xp$30Suigroupbox@TsuiCustomGroupBox
@$xp$30Suipagecontrol@TsuiPageControl
@$xp$30Suiprogressbar@TsuiProgressBar
@$xp$30Suitabcontrol@TTabActiveNotify
@$xp$30Suititlebar@TsuiTitleBarButton
@$xp$30Suitrackbar@TsuiScrollTrackBar
@$xp$31Bscalendar@TbsSkinMonthCalendar
@$xp$31Bscolorctrls@TbsSkinColorButton
@$xp$31Bscolorctrls@TbsSkinColorDialog
@$xp$31Bsskinboxctrls@TbsColorBoxStyle
@$xp$31Bsskinboxctrls@TbsSkinScrollBox
@$xp$31Bsskinboxctrls@TbsSkinTrackEdit
@$xp$31Bsskinctrls@TbsButtonBarSection
@$xp$31Bsskinctrls@TbsButtonPaintEvent
@$xp$31Bsskinctrls@TbsSkinCustomSlider
@$xp$31Bsskindata@TbsDataSkinStdButton
@$xp$31Businessskinform@TbsBorderIcons
@$xp$31Sui2define@Tsk2SkinColorElement
@$xp$31Suidbctrls@TsuiDBLookupComboBox
@$xp$31Suititlebar@TsuiTitleBarBtnType
@$xp$31Suititlebar@TsuiTitleBarButtons
@$xp$31Suititlebar@TsuiTitleBarSection
@$xp$32Bsskinboxctrls@TbsColorBoxStyles
@$xp$32Bsskinboxctrls@TbsFontListOption
@$xp$32Bsskinboxctrls@TbsSkinComboBoxEx
@$xp$32Bsskinboxctrls@TbsSkinCustomEdit
@$xp$32Bsskinctrls@TbsButtonBarSections
@$xp$32Bsskinctrls@TbsSkinCheckRadioBox
@$xp$32Bsskinctrls@TbsSkinCustomControl
@$xp$32Bsskinctrls@TbsSkinGraphicButton
@$xp$32Bsskinctrls@TbsSkinHeaderControl
@$xp$32Bsskinctrls@TbsSliderOrientation
@$xp$32Bsskindata@TbsCompressedSkinList
@$xp$32Bsskindata@TbsDataSkinControlBar
@$xp$32Bsskindata@TbsDataSkinHintWindow
@$xp$32Bsskindata@TbsDataSkinTabControl
@$xp$32Bsskinexctrls@TbsSkinXFormButton
@$xp$32Bsskintabs@TbsSkinCustomTabSheet
@$xp$32Bszlibcompress@ECompressionError
@$xp$32Bszlibcompress@TCompressionLevel
@$xp$32Bszlibcompress@TCustomZlibStream
@$xp$32Businessskinform@TbsMouseUpEvent
@$xp$32Businessskinform@TbsSkinMainMenu
@$xp$32Shdocvw_tlb@TCppInternetExplorer
@$xp$32Shdocvw_tlb@TShellShellNameSpace
@$xp$32Sui2define@Tsk2SkinBitmapElement
@$xp$32Suibutton@TsuiToolBarSpeedButton
@$xp$32Suititlebar@TsuiTitleBarSections
@$xp$33Bsskinboxctrls@TbsFontListOptions
@$xp$33Bsskinboxctrls@TbsSkinFontListBox
@$xp$33Bsskinboxctrls@TbsSkinMRUComboBox
@$xp$33Bsskinboxctrls@TbsSkinNumericEdit
@$xp$33Bsskinctrls@TbsGraphicSkinControl
@$xp$33Bsskinctrls@TbsSkinCustomListView
@$xp$33Bsskinctrls@TbsSkinCustomTreeView
@$xp$33Bsskinctrls@TbsSkinPanelNumGlyphs
@$xp$33Bsskinctrls@TbsSkinPenStyleButton
@$xp$33Bsskinctrls@TbsSkinPenWidthButton
@$xp$33Bsskindata@TbsDataSkinEditControl
@$xp$33Bsskindata@TbsDataSkinGridControl
@$xp$33Bsskindata@TbsDataSkinMainMenuBar
@$xp$33Bsskindata@TbsDataSkinMemoControl
@$xp$33Bsskindata@TbsDataSkinPopupWindow
@$xp$33Bsskinexctrls@TbsSkinAnimateGauge
@$xp$33Bszlibcompress@TCompressionStream
@$xp$33Businessskinform@TbsMenuBarObject
@$xp$33Businessskinform@TbsSkinComponent
@$xp$33Sui2skinreader@Tsk2SkinFileReader
@$xp$33Suititlebar@TsuiTitleBarPopupMenu
@$xp$34Bsskinboxctrls@TbsOnEditCancelMode
@$xp$34Bsskinboxctrls@TbsSkinCheckListBox
@$xp$34Bsskinboxctrls@TbsSkinColorListBox
@$xp$34Bsskinboxctrls@TbsSkinCurrencyEdit
@$xp$34Bsskinboxctrls@TbsSkinFontComboBox
@$xp$34Bsskinboxctrls@TbsSkinPasswordEdit
@$xp$34Bsskinctrls@TbsSkinMenuSpeedButton
@$xp$34Bsskindata@TbsCompressedStoredSkin
@$xp$34Bsskindata@TbsDataSkinCheckListBox
@$xp$34Bsskindata@TbsDataSkinGaugeControl
@$xp$34Bsskindata@TbsDataSkinLabelControl
@$xp$34Bsskindata@TbsDataSkinMainMenuItem
@$xp$34Bsskindata@TbsDataSkinPanelControl
@$xp$34Bszlibcompress@EDecompressionError
@$xp$34Businessskinform@TbsItemEnterEvent
@$xp$34Businessskinform@TbsItemLeaveEvent
@$xp$34Businessskinform@TbsMouseDownEvent
@$xp$34Businessskinform@TbsMouseMoveEvent
@$xp$34Businessskinform@TbsSkinMDITabKind
@$xp$34Businessskinform@TbsSkinMDITabsBar
@$xp$34Suiradiogroup@TsuiCheckGroupButton
@$xp$34Suiradiogroup@TsuiRadioGroupButton
@$xp$35Bscolorctrls@TbsSkinCustomColorGrid
@$xp$35Bscolorctrls@TbsSkinTextColorButton
@$xp$35Bsskinboxctrls@TbsDrawSkinItemEvent
@$xp$35Bsskinboxctrls@TbsPopupCheckListBox
@$xp$35Bsskinboxctrls@TbsSkinCheckComboBox
@$xp$35Bsskinboxctrls@TbsSkinColorComboBox
@$xp$35Bsskinboxctrls@TbsSkinCustomListBox
@$xp$35Bsskinboxctrls@TbsSkinPopupTrackBar
@$xp$35Bsskinboxctrls@TbsTrackBarPopupKind
@$xp$35Bsskinctrls@TbsSkinBrushStyleButton
@$xp$35Bsskinctrls@TbsSkinCustomCheckGroup
@$xp$35Bsskinctrls@TbsSkinCustomRadioGroup
@$xp$35Bsskinctrls@TbsStatusPanelNumGlyphs
@$xp$35Bsskindata@TbsDataSkinButtonControl
@$xp$35Bsskindata@TbsDataSkinCustomControl
@$xp$35Bsskindata@TbsDataSkinUpDownControl
@$xp$35Bszlibcompress@TDecompressionStream
@$xp$35Businessskinform@TbsMouseEnterEvent
@$xp$35Businessskinform@TbsMouseLeaveEvent
@$xp$35Businessskinform@TbsSkinMainMenuBar
@$xp$36Bscolorctrls@TbsSkinBrushColorButton
@$xp$36Bsskinboxctrls@TbsSkinCustomComboBox
@$xp$36Bsskinctrls@TbsSkinShadowStyleButton
@$xp$36Bsskindata@TbsDataSkinExPanelControl
@$xp$36Businessskinform@TbsActiveSkinObject
@$xp$36Businessskinform@TbsBusinessSkinForm
@$xp$36Businessskinform@TbsSkinButtonObject
@$xp$36Shdocvw_tlb@TShellFavoritesNameSpace
@$xp$36Suitabcontrol@TsuiTabControlTopPanel
@$xp$37Bsskinctrls@TbsDrawHeaderSectionEvent
@$xp$37Bsskindata@TbsDataSkinMainMenuBarItem
@$xp$37Bsskindata@TbsDataSkinSpinEditControl
@$xp$37Bsskindata@TbsDataSkinSplitterControl
@$xp$37Bsskindata@TbsDataSkinStdLabelControl
@$xp$37Bsskindata@TbsDataSkinTrackBarControl
@$xp$37Businessskinform@TbsCaptionPaintEvent
@$xp$37Businessskinform@TbsPositionInMonitor
@$xp$37Businessskinform@TbsSkinAnimateObject
@$xp$37Businessskinform@TbsSkinCaptionObject
@$xp$38Bsskinboxctrls@TbsSkinFontSizeComboBox
@$xp$38Bsskinctrls@TbsSkinGradientStyleButton
@$xp$38Bsskindata@TbsDataSkinScrollBarControl
@$xp$38Bsskindata@TbsDataSkinScrollBoxControl
@$xp$38Businessskinform@TbsMDITabMouseUpEvent
@$xp$38Suipagecontrol@TsuiPageControlTopPanel
@$xp$39Bsskinctrls@TbsGraphicSkinCustomControl
@$xp$39Bsskindata@TbsDataSkinCheckRadioControl
@$xp$39Bsskindata@TbsDataSkinMainMenuBarButton
@$xp$39Bsskindata@TbsDataSkinMenuButtonControl
@$xp$39Businessskinform@TbsSkinMainMenuBarItem
@$xp$39Businessskinform@TbsSkinStdButtonObject
@$xp$40Bsskinboxctrls@TbsSkinCustomCurrencyEdit
@$xp$40Bsskinboxctrls@TbsSkinPopupMonthCalendar
@$xp$40Bsskinmenus@TbsSkinImagesMenuPopupWindow
@$xp$40Businessskinform@TbsMDITabMouseDownEvent
@$xp$40Suititlebar@TsuiTitleBarButtonClickEvent
@$xp$41Bsskinboxctrls@TbsSkinCustomCheckComboBox
@$xp$41Bsskinboxctrls@TbsSkinCustomComboBoxStyle
@$xp$41Bsskinctrls@TbsCustomDrawSkinSectionEvent
@$xp$41Businessskinform@TbsMDITabMouseEnterEvent
@$xp$41Businessskinform@TbsMDITabMouseLeaveEvent
@$xp$41Businessskinform@TbsSkinMainMenuBarButton
@$xp$41Suiprogressbar@TsuiProgressBarOrientation
@$xp$45Businessskinform@TbsActivateCustomObjectEvent
@$xp$ynpqqrp14System@TObject$v
@$xp$ynpqqrp14System@TObjectrp20Controls@TDragObject$v
@$xp$ynpqqrp14System@TObjectt1ii$v
@$xp$ynpqqrp14System@TObjectt1ii19Controls@TDragStatero$v
@@Buychip@Finalize
@@Buychip@Initialize
@@Changeimg@Finalize
@@Changeimg@Initialize
@@Commmodule@Finalize
@@Commmodule@Initialize
@@Config@Finalize
@@Config@Initialize
@@Gamelog@Finalize
@@Gamelog@Initialize
@@Gonggao@Finalize
@@Gonggao@Initialize
@@Imageolelib_tlb@Finalize
@@Imageolelib_tlb@Initialize
@@Jiangjin@Finalize
@@Jiangjin@Initialize
@@Logindlg@Finalize
@@Logindlg@Initialize
@@Logout@Finalize
@@Logout@Initialize
@@Main@Finalize
@@Main@Initialize
@@Messagebox2@Finalize
@@Messagebox2@Initialize
@@Messagebox3@Finalize
@@Messagebox3@Initialize
@@Messagebox4@Finalize
@@Messagebox4@Initialize
@@Messagebox5@Finalize
@@Messagebox5@Initialize
@@Messagebox@Finalize
@@Messagebox@Initialize
@@Msgbroadcast@Finalize
@@Msgbroadcast@Initialize
@@Pwd@Finalize
@@Pwd@Initialize
@@Rank@Finalize
@@Rank@Initialize
@@Resource@Finalize
@@Resource@Initialize
@@Shdocvw_ocx@Finalize
@@Shdocvw_ocx@Initialize
@@Shdocvw_tlb@Finalize
@@Shdocvw_tlb@Initialize
@@Status@Finalize
@@Status@Initialize
@@Table@Finalize
@@Table@Initialize
@Bscalendar@Finalization$qqrv
@Bscalendar@TbsSkinMonthCalendar@
@Bscalendar@TbsSkinMonthCalendar@$bctr$qqrp18Classes@TComponent
@Bscalendar@TbsSkinMonthCalendar@ArangeControls$qqrv
@Bscalendar@TbsSkinMonthCalendar@ChangeSkinData$qqrv
@Bscalendar@TbsSkinMonthCalendar@CreateControlDefaultImage$qqrp16Graphics@TBitmap
@Bscalendar@TbsSkinMonthCalendar@CreateControlSkinImage$qqrp16Graphics@TBitmap
@Bscalendar@TbsSkinMonthCalendar@DayNumFromPoint$qqrii
@Bscalendar@TbsSkinMonthCalendar@DaysThisMonth$qqrv
@Bscalendar@TbsSkinMonthCalendar@DrawCalendar$qqrp16Graphics@TCanvas
@Bscalendar@TbsSkinMonthCalendar@DrawFrame$qqrrx11Types@TRectp16Graphics@TCanvas
@Bscalendar@TbsSkinMonthCalendar@GetMonthOffset$qqrv
@Bscalendar@TbsSkinMonthCalendar@Loaded$qqrv
@Bscalendar@TbsSkinMonthCalendar@MouseUp$qqr21Controls@TMouseButton46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%ii
@Bscalendar@TbsSkinMonthCalendar@NextMButtonClick$qqrp14System@TObject
@Bscalendar@TbsSkinMonthCalendar@NextYButtonClick$qqrp14System@TObject
@Bscalendar@TbsSkinMonthCalendar@OffsetMonth$qqri
@Bscalendar@TbsSkinMonthCalendar@OffsetYear$qqri
@Bscalendar@TbsSkinMonthCalendar@PriorMButtonClick$qqrp14System@TObject
@Bscalendar@TbsSkinMonthCalendar@PriorYButtonClick$qqrp14System@TObject
@Bscalendar@TbsSkinMonthCalendar@SetBoldDays$qqro
@Bscalendar@TbsSkinMonthCalendar@SetCaptionMode$qqro
@Bscalendar@TbsSkinMonthCalendar@SetDate$qqr16System@TDateTime
@Bscalendar@TbsSkinMonthCalendar@SetDefaultCaptionHeight$qqri
@Bscalendar@TbsSkinMonthCalendar@SetFirstDayOfWeek$qqr24Bscalendar@TbsDaysOfWeek
@Bscalendar@TbsSkinMonthCalendar@SetSkinData$qqrp22Bsskindata@TbsSkinData
@Bscalendar@TbsSkinMonthCalendar@SetTodayDefault$qqro
@Bscalendar@TbsSkinMonthCalendar@UpdateCalendar$qqrv
@Bscalendar@TbsSkinMonthCalendar@WMEraseBkgnd$qqrr22Messages@TWMEraseBkgnd
@Bscalendar@TbsSkinMonthCalendar@WMSIZE$qqrr16Messages@TWMSize
@Bscalendar@initialization$qqrv
@Bscolorctrls@CalcEpsilon
@Bscolorctrls@CalcRadian
@Bscolorctrls@Finalization$qqrv
@Bscolorctrls@PalettePSPCoord
@Bscolorctrls@RectActCol
@Bscolorctrls@RectPSP
@Bscolorctrls@RectPreCol
@Bscolorctrls@TPSPColor@
@Bscolorctrls@TPSPColor@$bctr$qqrv
@Bscolorctrls@TPSPColor@$bdtr$qqrv
@Bscolorctrls@TPSPColor@Assign$qqrpx22Bscolorctrls@TPSPColor
@Bscolorctrls@TPSPColor@HSLPSPToHSL$qqrv
@Bscolorctrls@TPSPColor@HSLToHSLPSP$qqrv
@Bscolorctrls@TPSPColor@HSLToRGB$qqrrx17Bscolorctrls@THSL
@Bscolorctrls@TPSPColor@RGBToHSL$qqr17Bscolorctrls@TRGB
@Bscolorctrls@TPSPColor@SeTHSL$qqrrx17Bscolorctrls@THSL
@Bscolorctrls@TPSPColor@SeTHSLPSP$qqrx20Bscolorctrls@THSLPSP
@Bscolorctrls@TPSPColor@SetRGB$qqrx17Bscolorctrls@TRGB
@Bscolorctrls@TbsColorViewer@
@Bscolorctrls@TbsColorViewer@$bctr$qqrp18Classes@TComponent
@Bscolorctrls@TbsColorViewer@Paint$qqrv
@Bscolorctrls@TbsColorViewer@SetColorValue$qqr15Graphics@TColor
@Bscolorctrls@TbsEmptyControl@
@Bscolorctrls@TbsEmptyControl@Paint$qqrv
@Bscolorctrls@TbsEmptyControl@WMEraseBkgnd$qqrr22Messages@TWMEraseBkgnd
@Bscolorctrls@TbsSkinBrushColorButton@
@Bscolorctrls@TbsSkinColorButton@
@Bscolorctrls@TbsSkinColorButton@$bctr$qqrp18Classes@TComponent
@Bscolorctrls@TbsSkinColorButton@$bdtr$qqrv
@Bscolorctrls@TbsSkinColorButton@GetMenuAlphaBlend$qqrv
@Bscolorctrls@TbsSkinColorButton@GetMenuAlphaBlendAnimation$qqrv
@Bscolorctrls@TbsSkinColorButton@GetMenuAlphaBlendValue$qqrv
@Bscolorctrls@TbsSkinColorButton@GetMenuDefaultFont$qqrv
@Bscolorctrls@TbsSkinColorButton@GetMenuUseSkinFont$qqrv
@Bscolorctrls@TbsSkinColorButton@InitColors$qqrv
@Bscolorctrls@TbsSkinColorButton@Loaded$qqrv
@Bscolorctrls@TbsSkinColorButton@Notification$qqrp18Classes@TComponent18Classes@TOperation
@Bscolorctrls@TbsSkinColorButton@OnImagesMenuClick$qqrp14System@TObject
@Bscolorctrls@TbsSkinColorButton@OnImagesMenuPopup$qqrp14System@TObject

Sections

.text
Size: 1.0MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 67KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 392KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 135KB - Virtual size: 844KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Puke888Update.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 246KB - Virtual size: 628KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 170KB - Virtual size: 728KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
RICHED20.DLL
.dll windows:5 windows x86 arch:x86

f009387e30ff32647a004d19f58c4f11

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

riched20.pdb

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExW
RegEnumKeyExA
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExA

gdi32

GetTextMetricsA
GetObjectW
CreateFontIndirectW
GetCharWidthA
GetCharWidthW
EnumFontFamiliesExW
LPtoDP
GetMapMode
CreatePalette
GetObjectType
Escape
CreateMetaFileA
CloseMetaFile
CreatePatternBrush
EnumMetaFile
SetViewportOrgEx
GetMetaFileBitsEx
CreateBitmap
SetMetaFileBitsEx
CreateSolidBrush
ExtTextOutA
CreateCompatibleBitmap
SetMapMode
GetObjectA
DPtoLP
GetBkMode
TranslateCharsetInfo
GetOutlineTextMetricsA
GetTextCharsetInfo
GetTextMetricsW
CreatePen
MoveToEx
LineTo
BitBlt
SetWindowOrgEx
SetWindowExtEx
GetPixel
ExtTextOutW
GetDeviceCaps
SetTextAlign
DeleteObject
CreateCompatibleDC
StretchBlt
DeleteDC
CreateDIBSection
SetROP2
GetStockObject
Rectangle
GetCurrentObject
SelectObject
SelectPalette
RealizePalette
SaveDC
RestoreDC
SetBkMode
PatBlt
SetBkColor
SetTextColor
IntersectClipRect
CreateFontIndirectA
CreateICA
CreateICW
GetTextFaceA
GetTextFaceW
DeleteMetaFile

kernel32

GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedExchange
RaiseException
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetUserDefaultLCID
GetProfileIntA
FindAtomW
GetModuleFileNameW
LeaveCriticalSection
GetSystemDefaultLCID
MultiByteToWideChar
WideCharToMultiByte
LocalLock
Sleep
GetTickCount
IsBadReadPtr
FreeLibrary
GetProcAddress
GetLocaleInfoW
LocalFree
lstrcmpiA
lstrlenA
FormatMessageA
DisableThreadLibraryCalls
InitializeCriticalSection
DeleteCriticalSection
GetSystemDefaultLangID
FindAtomA
GetCurrentThreadId
IsBadWritePtr
GetLastError
ReadFile
WriteFile
CloseHandle
SetFilePointer
IsValidCodePage
GetThreadLocale
GlobalAlloc
GlobalFree
GlobalFlags
GlobalReAlloc
GlobalSize
GlobalLock
GlobalHandle
GlobalUnlock
MulDiv
GetVersionExA
lstrcmpiW
GetACP
LocalAlloc
LocalReAlloc
GetModuleHandleA
GetModuleFileNameA
GetStringTypeExA
GetStringTypeExW
CreateFileA
CreateFileW
CompareStringA
CompareStringW
GetProfileSectionA
GetProfileSectionW
LoadLibraryA
LoadLibraryW
EnterCriticalSection

msvcrt

_adjust_fdiv
malloc
_initterm
free
_vsnprintf
wcsncmp
_ftol
memmove

user32

SetTimer
KillTimer
ScrollWindowEx
SetForegroundWindow
SetScrollInfo
GetFocus
GetDlgItem
GetWindow
IsWindow
GetDesktopWindow
SystemParametersInfoW
WindowFromPoint
GetForegroundWindow
IsChild
IsWindowEnabled
GetCapture
GetCaretPos
IsClipboardFormatAvailable
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
GetClipboardOwner
GetClipboardData
SetCaretPos
MessageBoxA
UnregisterClassA
ShowScrollBar
EnableScrollBar
DefWindowProcA
DefWindowProcW
GetWindowLongA
GetWindowLongW
GetClassLongA
GetClassLongW
LoadBitmapA
LoadBitmapW
LoadCursorA
LoadCursorW
SetWindowLongA
SetWindowLongW
PostMessageA
PostMessageW
PeekMessageA
PeekMessageW
RegisterWindowMessageA
PostQuitMessage
MessageBoxW
GetKeyboardLayout
SendMessageA
FindWindowA
SystemParametersInfoA
GetKeyboardLayoutList
CharLowerA
CharLowerBuffW
CharUpperA
CharUpperBuffW
SendMessageW
UnregisterClassW
RegisterClassA
RegisterClassW
GetDoubleClickTime
ShowCaret
HideCaret
CreateCaret
IsWindowVisible
MapWindowPoints
SetScrollPos
SetScrollRange
IsIconic
DestroyCaret
SetFocus
WindowFromDC
MessageBeep
RegisterClipboardFormatA
GetParent
TrackPopupMenu
SetCapture
GetAsyncKeyState
ReleaseCapture
GetMessageTime
GetMessagePos
IntersectRect
OffsetRect
InvertRect
CopyRect
ActivateKeyboardLayout
IsWindowUnicode
EnableWindow
GetDC
ReleaseDC
CreateWindowExW
CreateWindowExA
SetParent
ClientToScreen
MoveWindow
BeginPaint
FillRect
EndPaint
InflateRect
ShowWindow
InvalidateRect
SetWindowPos
UpdateWindow
GetClientRect
DrawFocusRect
GetSystemMetrics
GetCursorPos
ScreenToClient
GetWindowRect
PtInRect
GetKeyState
GetSysColor
DrawFrameControl
SetCursor
GetCursor
DestroyWindow
CharUpperW
DestroyMenu

Exports

Exports

CreateTextServices
IID_IRichEditOle
IID_IRichEditOleCallback
IID_ITextHost
IID_ITextHost2
IID_ITextServices
REExtendedRegisterClass
RichEdit10ANSIWndProc
RichEditANSIWndProc

Sections

.text
Size: 380KB - Virtual size: 379KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Sound/act.wav
Sound/cam.wav
Sound/click.wav
Sound/dl.wav
Sound/newgame.wav
Sound/pot.wav
Sound/self.wav
Sound/show.wav
Sound/time.wav
Sound/tmover.wav
Themes/Default/Chips/d1.gif
.gif
Themes/Default/Chips/d100.gif
.gif
Themes/Default/Chips/d1000.gif
.gif
Themes/Default/Chips/d100000.gif
.gif
Themes/Default/Chips/d1000000.gif
.gif
Themes/Default/Chips/d25.gif
.gif
Themes/Default/Chips/d25000.gif
.gif
Themes/Default/Chips/d5.gif
.gif
Themes/Default/Chips/d500.gif
.gif
Themes/Default/Chips/d5000.gif
.gif
Themes/Default/Chips/d500000.gif
.gif
Themes/Default/Chips/e01.gif
.gif
Themes/Default/Chips/e025.gif
.gif
Themes/Default/Chips/e05.gif
.gif
Themes/Default/Chips/e1.gif
.gif
Themes/Default/Chips/e5.gif
.gif
Themes/Default/Dealer.gif
.gif
Themes/Default/button/backtolobby1.bmp
Themes/Default/button/backtolobby2.bmp
Themes/Default/button/backtolobby3.bmp
Themes/Default/button/bb1.bmp
Themes/Default/button/bb2.bmp
Themes/Default/button/bb3.bmp
Themes/Default/button/button1_1.bmp
Themes/Default/button/button1_2.bmp
Themes/Default/button/button1_3.bmp
Themes/Default/button/button2_1.bmp
Themes/Default/button/button2_2.bmp
Themes/Default/button/button2_3.bmp
Themes/Default/button/button3_1.bmp
Themes/Default/button/button3_2.bmp
Themes/Default/button/button3_3.bmp
Themes/Default/button/button4_1.bmp
Themes/Default/button/button4_2.bmp
Themes/Default/button/button4_3.bmp
Themes/Default/button/button5_1.bmp
Themes/Default/button/button5_2.bmp
Themes/Default/button/button5_3.bmp
Themes/Default/button/button_b_1.bmp
Themes/Default/button/button_b_2.bmp
Themes/Default/button/button_b_3.bmp
Themes/Default/button/button_r_1.bmp
Themes/Default/button/button_r_2.bmp
Themes/Default/button/button_r_3.bmp
Themes/Default/button/button_send_1.bmp
Themes/Default/button/button_send_2.bmp
Themes/Default/button/button_sit1.png
.png
Themes/Default/button/button_sit2.png
.png
Themes/Default/button/buy.bmp
Themes/Default/button/cap1.png
.png
Themes/Default/button/cap2.png
.png
Themes/Default/button/close1.bmp
Themes/Default/button/close2.bmp
Themes/Default/button/duijiang.bmp
Themes/Default/button/exchange.bmp
Themes/Default/button/iden.bmp
Themes/Default/button/logout1.bmp
Themes/Default/button/logout2.bmp
Themes/Default/button/logout3.bmp
Themes/Default/button/messenger1.bmp
Themes/Default/button/messenger2.bmp
Themes/Default/button/messenger3.bmp
Themes/Default/button/min1.bmp
Themes/Default/button/min2.bmp
Themes/Default/button/opentable1.bmp
Themes/Default/button/opentable2.bmp
Themes/Default/button/opentable3.bmp
Themes/Default/button/psw.bmp
Themes/Default/button/refresh_01.bmp
Themes/Default/button/refresh_02.bmp
Themes/Default/button/reset.bmp
Themes/Default/button/signupt1.bmp
Themes/Default/button/signupt2.bmp
Themes/Default/button/signupt3.bmp
Themes/Default/button/update.bmp
Themes/Default/button/upgrade.bmp
Themes/Default/button/usr.bmp
Themes/Default/button/vipp.bmp
Themes/Default/c1.bmp
Themes/Default/c2.bmp
Themes/Default/card/0.png
.png
Themes/Default/card/0b.png
.png
Themes/Default/card/1.png
.png
Themes/Default/card/10.png
.png
Themes/Default/card/10b.png
.png
Themes/Default/card/11.png
.png
Themes/Default/card/11b.png
.png
Themes/Default/card/12.png
.png
Themes/Default/card/12b.png
.png
Themes/Default/card/13.png
.png
Themes/Default/card/13b.png
.png
Themes/Default/card/14.png
.png
Themes/Default/card/14b.png
.png
Themes/Default/card/15.png
.png
Themes/Default/card/15b.png
.png
Themes/Default/card/16.png
.png
Themes/Default/card/16b.png
.png
Themes/Default/card/17.png
.png
Themes/Default/card/17b.png
.png
Themes/Default/card/18.png
.png
Themes/Default/card/18b.png
.png
Themes/Default/card/19.png
.png
Themes/Default/card/19b.png
.png
Themes/Default/card/1b.png
.png
Themes/Default/card/2.png
.png
Themes/Default/card/20.png
.png
Themes/Default/card/20b.png
.png
Themes/Default/card/21.png
.png
Themes/Default/card/21b.png
.png
Themes/Default/card/22.png
.png
Themes/Default/card/22b.png
.png
Themes/Default/card/23.png
.png
Themes/Default/card/23b.png
.png
Themes/Default/card/24.png
.png
Themes/Default/card/24b.png
.png
Themes/Default/card/25.png
.png
Themes/Default/card/25b.png
.png
Themes/Default/card/26.png
.png
Themes/Default/card/26b.png
.png
Themes/Default/card/27.png
.png
Themes/Default/card/27b.png
.png
Themes/Default/card/28.png
.png
Themes/Default/card/28b.png
.png
Themes/Default/card/29.png
.png
Themes/Default/card/29b.png
.png
Themes/Default/card/2b.png
.png
Themes/Default/card/3.png
.png
Themes/Default/card/30.png
.png
Themes/Default/card/30b.png
.png
Themes/Default/card/31.png
.png
Themes/Default/card/31b.png
.png
Themes/Default/card/32.png
.png
Themes/Default/card/32b.png
.png
Themes/Default/card/33.png
.png
Themes/Default/card/33b.png
.png
Themes/Default/card/34.png
.png
Themes/Default/card/34b.png
.png
Themes/Default/card/35.png
.png
Themes/Default/card/35b.png
.png
Themes/Default/card/36.png
.png
Themes/Default/card/36b.png
.png
Themes/Default/card/37.png
.png
Themes/Default/card/37b.png
.png
Themes/Default/card/38.png
.png
Themes/Default/card/38b.png
.png
Themes/Default/card/39.png
.png
Themes/Default/card/39b.png
.png
Themes/Default/card/3b.png
.png
Themes/Default/card/4.png
.png
Themes/Default/card/40.png
.png
Themes/Default/card/40b.png
.png
Themes/Default/card/41.png
.png
Themes/Default/card/41b.png
.png
Themes/Default/card/42.png
.png
Themes/Default/card/42b.png
.png
Themes/Default/card/43.png
.png
Themes/Default/card/43b.png
.png
Themes/Default/card/44.png
.png
Themes/Default/card/44b.png
.png
Themes/Default/card/45.png
.png
Themes/Default/card/45b.png
.png
Themes/Default/card/46.png
.png
Themes/Default/card/46b.png
.png
Themes/Default/card/47.png
.png
Themes/Default/card/47b.png
.png
Themes/Default/card/48.png
.png
Themes/Default/card/48b.png
.png
Themes/Default/card/49.png
.png
Themes/Default/card/49b.png
.png
Themes/Default/card/4b.png
.png
Themes/Default/card/5.png
.png
Themes/Default/card/50.png
.png
Themes/Default/card/50b.png
.png
Themes/Default/card/51.png
.png
Themes/Default/card/51b.png
.png
Themes/Default/card/52.png
.png
Themes/Default/card/52b.png
.png
Themes/Default/card/5b.png
.png
Themes/Default/card/6.png
.png
Themes/Default/card/6b.png
.png
Themes/Default/card/7.png
.png
Themes/Default/card/7b.png
.png
Themes/Default/card/8.png
.png
Themes/Default/card/8b.png
.png
Themes/Default/card/9.png
.png
Themes/Default/card/9b.png
.png
Themes/Default/card_back.png
.png
Themes/Default/card_back_b.png
.png
Themes/Default/count.png
.png
Themes/Default/desktop_b.png
.png
Themes/Default/dx.png
.png
Themes/Default/empty.gif
.gif
Themes/Default/eptsit.png
.png
Themes/Default/f.png
.png
Themes/Default/fun.bmp
Themes/Default/h_bg.png
.png
Themes/Default/ico/1.ico
Themes/Default/ico/10.ico
Themes/Default/ico/11.ico
Themes/Default/ico/12.ico
Themes/Default/ico/2.ico
Themes/Default/ico/3.ico
Themes/Default/ico/4.ico
Themes/Default/ico/5.ico
Themes/Default/ico/6.ico
Themes/Default/ico/7.ico
Themes/Default/ico/8.ico
Themes/Default/ico/8886.ico
Themes/Default/ico/8887.ico
Themes/Default/ico/8888.ico
Themes/Default/ico/9.ico
Themes/Default/ico/l.ico
Themes/Default/ico/nl.ico
Themes/Default/ico/p.ico
Themes/Default/ico/sng.ico
Themes/Default/ico/vip.ico
Themes/Default/lobby.bmp
Themes/Default/lobby_right.bmp
Themes/Default/login.bmp
Themes/Default/m.png
.png
Themes/Default/pnconnect.bmp
Themes/Default/popo1.png
.png
Themes/Default/popo2.png
.png
Themes/Default/rs.kf
Themes/Default/s1.png
.png
Themes/Default/s2.png
.png
Themes/Default/sit1.png
.png
Themes/Default/sit2.png
.png
Themes/Default/sit3.png
.png
Themes/Default/sit4.png
.png
Themes/Default/snd1.png
.png
Themes/Default/snd2.png
.png
Themes/Default/splash.bmp
Themes/Default/table.bmp
Themes/Default/tag1.bmp
Themes/Default/tag2.bmp
Themes/Default/tb1.png
.png
Themes/Default/theme.ini
Themes/Default/tree_bg.bmp
Themes/Default/tur.jpg
.jpg
Themes/Default/unknow.bmp
Themes/Default/usr.bmp
Themes/Default/viphidden.png
.png
Themes/Default/y_bg.bmp
addr.txt
chatface/÷10.gif
.gif
chatface/÷2.gif
.gif
chatface/÷3.gif
.gif
chatface/÷4.gif
.gif
chatface/÷5.gif
.gif
chatface/÷6.gif
.gif
chatface/÷7.gif
.gif
chatface/÷8.gif
.gif
chatface/÷9.gif
.gif
chatface/÷A.gif
.gif
chatface/÷J.gif
.gif
chatface/÷K.gif
.gif
chatface/÷Q.gif
.gif
chatface/10.gif
.gif
chatface/2.gif
.gif
chatface/3.gif
.gif
chatface/4.gif
.gif
chatface/5.gif
.gif
chatface/6.gif
.gif
chatface/7.gif
.gif
chatface/8.gif
.gif
chatface/9.gif
.gif
chatface/A.gif
.gif
chatface/J.gif
.gif
chatface/K.gif
.gif
chatface/Q.gif
.gif
chatface/10.gif
.gif
chatface/2.gif
.gif
chatface/3.gif
.gif
chatface/4.gif
.gif
chatface/5.gif
.gif
chatface/6.gif
.gif
chatface/7.gif
.gif
chatface/8.gif
.gif
chatface/9.gif
.gif
chatface/A.gif
.gif
chatface/J.gif
.gif
chatface/K.gif
.gif
chatface/Q.gif
.gif
chatface/10.gif
.gif
chatface/2.gif
.gif
chatface/3.gif
.gif
chatface/4.gif
.gif
chatface/5.gif
.gif
chatface/6.gif
.gif
chatface/7.gif
.gif
chatface/8.gif
.gif
chatface/9.gif
.gif
chatface/A.gif
.gif
chatface/J.gif
.gif
chatface/K.gif
.gif
chatface/Q.gif
.gif
config.ini
face/01.png
.png
face/02.png
.png
face/03.png
.png
face/04.png
.png
face/05.png
.png
face/06.png
.png
face/07.png
.png
face/08.png
.png
face/09.png
.png
face/10.png
.png
face/11.png
.png
face/12.png
.png
face/13.png
.png
face/14.png
.png
face/15.png
.png
general.ini
maxim.txt
puke888.ico
rs.kf
sign.ini
tips.txt
uninst.exe
.exe windows:4 windows x86 arch:x86

dd1742eadfc6df18ded3c26ae64ad610

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
CloseHandle
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
ExitProcess

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
urlcfg.ini
urs/tb001.bmp
urs/tb002.bmp
urs/tb003.bmp
urs/tb004.bmp
urs/tb005.bmp
urs/tb006.bmp
新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

dd1742eadfc6df18ded3c26ae64ad610

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 151KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 16KB - Virtual size: 16KB

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 1012B

15c3f47ce2cf6887f91a029cb36319d3

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88Certificate

Extended Key Usages

Key Usages

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

0d:55:f9:95:e6:cd:a7:e4:0d:b8:62:9e:5a:f1:5e:48Certificate

Extended Key Usages

Key Usages

57:03:d9:65:7d:8e:b9:99:04:0b:5b:5e:60:af:bc:a7:28:6b:78:28Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

msvcp60

msvcrt

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 41KB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 3KB

Headers

File Characteristics

Exports

Exports

Sections

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 151KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 16KB - Virtual size: 16KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 1012B

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

0d:55:f9:95:e6:cd:a7:e4:0d:b8:62:9e:5a:f1:5e:48
Certificate

57:03:d9:65:7d:8e:b9:99:04:0b:5b:5e:60:af:bc:a7:28:6b:78:28
Signer

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 41KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 1.0MB - Virtual size: 3.7MB

.data
Size: 67KB - Virtual size: 360KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 4KB - Virtual size: 16KB

.edata
Size: 392KB - Virtual size: 392KB

.rsrc
Size: 135KB - Virtual size: 844KB

.reloc
Size: - Virtual size: 232KB

.aspack
Size: 32KB - Virtual size: 32KB

.adata
Size: - Virtual size: 4KB

CODE
Size: 246KB - Virtual size: 628KB

DATA
Size: 6KB - Virtual size: 12KB

BSS
Size: - Virtual size: 8KB

.idata
Size: 4KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 48KB

.rsrc
Size: 170KB - Virtual size: 728KB

.aspack
Size: 46KB - Virtual size: 48KB

.adata
Size: - Virtual size: 4KB

.text
Size: 380KB - Virtual size: 379KB

.data
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 30KB - Virtual size: 29KB

.reloc
Size: 10KB - Virtual size: 10KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 151KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 16KB - Virtual size: 16KB