f28c55416eeac8c11a529f3d089bd2aa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f28c55416eeac8c11a529f3d089bd2aa_JaffaCakes118
Size

4.0MB
MD5

f28c55416eeac8c11a529f3d089bd2aa
SHA1

a4c85a46493422e454d3ced4c3f5cbc65a1bd260
SHA256

340279cdb5fcd78fc6eb8cc57358f83b5bec9119e6f5a2d911f06c9e71bfbf1d
SHA512

3b5ba8123910cc681dc02eb3f03145e33f58f03df21b088a67e954ae816d15524f761e99ab70360575632230495a3251ce50687cc7774cf1e7b6cca658468398
SSDEEP

98304:F1lmglCcsvFKN5JG269tMPI6ZSAkYbUdaasFhGfQ9zhZYsZoMO:c4Cc0r269+Q60AkYbtasF0YhmspO

Score

3^/10

Malware Config

Signatures

Unsigned PE 11 IoCs

Checks for missing Authenticode signature.

resource
unpack001/上海金.exe
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/C4dll.dll
unpack002/SkyCHT.dll
unpack002/SkyEng.dll
unpack002/Uninstall.exe
unpack002/ZipArchive.dll
unpack002/iSky.exe
unpack002/skyUpdate2.exe
unpack003/$PLUGINSDIR/NSISdl.dll
unpack002/vic32.dll

NSIS installer 3 IoCs

installer

resource	yara_rule
static1/unpack001/上海金.exe	nsis_installer_1
static1/unpack002/Uninstall.exe	nsis_installer_1
static1/unpack002/skyUpdate2.exe	nsis_installer_1

Files

f28c55416eeac8c11a529f3d089bd2aa_JaffaCakes118
.rar
上海金.exe
.exe windows:4 windows x86 arch:x86

237a51742fed62d237b6f1b75452402f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
SetFileTime
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
CloseHandle
lstrcmpiA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
MulDiv
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA

user32

ExitWindowsEx
CharNextA
DialogBoxParamA
GetClassInfoA
SystemParametersInfoA
RegisterClassA
EndDialog
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
CreateDialogParamA
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
LoadImageA
GetDC
EnableWindow
InvalidateRect
CreateWindowExA
GetWindowLongA
DrawFocusRect
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
TrackPopupMenu
wsprintfA
SendMessageA
CallWindowProcA
MapWindowPoints
GetWindowRect
ScreenToClient
PtInRect
LoadCursorA
SetCursor
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
SetWindowLongA

gdi32

SetBkColor
GetDeviceCaps
GetCurrentObject
GetObjectA
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegEnumKeyA
RegEnumValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegQueryValueExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 296KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

57354bdeea3dfae6e948101add87501a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
GetPrivateProfileIntA
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
MultiByteToWideChar
GlobalAlloc

user32

GetDlgCtrlID
GetClientRect
SetWindowRgn
MapWindowPoints
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
PtInRect
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
LoadIconA

gdi32

SetTextColor
GetObjectA
SelectObject
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
CreateCompatibleDC

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
BLOCK/BLOCK.DEF
BLOCK/BLOCKS.DBF
BLOCK/BLOCKS.cdx
BLOCK/BLOCKS.fpt
BLOCK/EAGLEDBF.DBF
BLOCK/EAGLEDBF.cdx
C4dll.dll
.dll windows:5 windows x86 arch:x86

1ced1d5b613da7ec35720ce62b95330d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
CloseHandle
Sleep
CreateEventA
InitializeCriticalSection
FatalAppExitA
WaitForSingleObject
SetEvent
InterlockedIncrement
GetLocalTime
GlobalMemoryStatus
GetDiskFreeSpaceA
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
CreateFileA
GetLastError
GetFileSize
SetEndOfFile
SetFilePointer
ReadFile
ResetEvent
FindFirstFileA
FindNextFileA
FindClose
FlushFileBuffers
LockFile
UnlockFile
GetFileAttributesA
WriteFile
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
CreateSemaphoreA
GetConsoleOutputCP
WriteConsoleA
SetEnvironmentVariableA
CompareStringW
GetSystemTimeAsFileTime
ExitThread
ResumeThread
CreateThread
HeapAlloc
HeapFree
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
GetFullPathNameA
GetCurrentDirectoryA
DeleteFileA
MoveFileA
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
GetModuleHandleA
GetCPInfo
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
RaiseException
ExitProcess
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
HeapDestroy
GetStdHandle
GetModuleFileNameA
GetFileInformationByHandle
PeekNamedPipe
GetFileType
LCMapStringA
MultiByteToWideChar
LCMapStringW
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetConsoleCP
GetConsoleMode
SetStdHandle
GetProcessHeap
GetTimeZoneInformation
CompareStringA
WriteConsoleW

user32

OemToCharA
MessageBoxA
GetWindowLongA
CharUpperA

Exports

Exports

??0Find4file@@QAE@PBD00@Z
??1Find4file@@QAE@XZ
??4Find4file@@QAEAAV0@ABV0@@Z
??4l4linkSt@@QAEAAU0@ABU0@@Z
??_FFind4file@@QAEXXZ
?close@Find4file@@AAEXXZ
?e4strZero@@YAXXZ
?e4wideToStr@@YAXXZ
?expr4currency@@YGHPBUe4exprSt@@@Z
?getNext@Find4file@@QAEPBDPADI@Z
?t4exprContextSet@@YGXPAUTAG4St@@PAUDATA4St@@@Z
?t4field@@YGPAUFIELD4St@@PAUTAG4St@@@Z
?t4infoN@@YGHPAUTAG4St@@@Z
?t4tagFile@@YGPAUTAG4FILESt@@PAUTAG4St@@@Z
?tfile4exprNullLow@@YGHPAUTAG4FILESt@@@Z
?u4keycmp@@YAHPBX0IIIPAUCOLLATE4@@@Z
D4appendDirect
D4writeDirect
I4createOpen
RepWndProc
_c4atoCurrency@12
_c4atoLongLong@8
_c4atoul@8
_c4calcType@4
_c4currencyToA@20
_c4getClipperKeyLen@4
_c4getCodePage@4
_c4getCollatingSequence@4
_c4getCompatibility@4
_c4getCreateTemp@4
_c4getDoRemove@4
_c4getErrCreate@4
_c4getErrExpr@4
_c4getErrFieldName@4
_c4getErrGo@4
_c4getErrOff@4
_c4getErrSkip@4
_c4getFileFlush@4
_c4getLog@4
_c4getLogOpen@4
_c4getMemZeroAllocator@4
_c4getOledbSchemaCreate@4
_c4monDy@16
_c4setAttemptUpgrade@8
_c4setCodePage@8
_c4setCollatingSequence@8
_c4setCompatibility@8
_c4setCreateTemp@8
_c4setDoRemove@8
_c4setErrCreate@8
_c4setErrExpr@8
_c4setErrFieldName@8
_c4setErrGo@8
_c4setErrOff@8
_c4setErrSkip@8
_c4setFileFlush@8
_c4setHWnd@8
_c4setLog@8
_c4setLogOpen@8
_c4setMemSizeBuffer@8
_c4setMinCountOff@8
_c4setOledbSchemaCreate@8
_c4setTransFileName@8
_c4ytoj@4
_code4autoIncrementStart@12
_code4collateName@4
_code4collateNameSet@8
_code4collateNameUnicode@4
_code4collateNameUnicodeSet@8
_code4getErrorCode2@4
_code4getErrorCode@4
_code4initAllocLow@4
_code4memoExtension@4
_code4tranCommitPhaseOne@8
_code4tranCommitPhaseTwo@8
_code4tranCommitSingle@4
_code4tranInit2@12
_code4tranInit@4
_code4tranLockTransactions@8
_code4tranStartSingle@4
_code4tranUnlockTransactions@8
_code4transFileEnable@12
_code4transInitUndo@4
_code4unlockAutoSetDo@8
_code4version@4
_collate4convertCharToKey@24
_collation4getExport@4
_currency4add@12
_currency4compare@8
_currency4divideShort@12
_currency4multiplyShort@12
_currency4subtract@12
_d4appendOledb@4
_d4appendStartLow@8
_d4blankLow@8
_d4createLow@16
_d4fieldNull@4
_d4fieldsAdd@12
_d4fieldsRemove@12
_d4goDirectRead@16
_d4goLow2@16
_d4indexesRemove@4
_d4lock@8
_d4lockAll@4
_d4lockAppend@4
_d4lockAppendRecord@8
_d4lockFileInternal@12
_d4lockTestAppend@4
_d4lowAccessMode@4
_d4memoResetExport@4
_d4numTags@4
_d4recCountDo2@8
_d4recCountGreater@8
_d4recCountLess@8
_d4recCountLessEq@8
_d4recNoSet@8
_d4recordSet@8
_d4replace@12
_d4unappend@4
_d4unlockAppend@8
_d4unlockLow@12
_d4unlockRecord@8
_d4update@4
_d4versionCheck@4
_date4timeCompare@8
_date4yymmddToJulianLong@12
_dfile4lockIndex@8
_dfile4lockTestAppend@12
_dfile4lockTestFile@16
_dfile4recCount@8
_dfile4remove@4
_dfile4unlockIndex@8
_e4functions@0
_error4out@24
_error4set2@8
_expr4calcResultPos@8
_expr4context@8
_expr4execute@12
_expr4getReturnType@8
_expr4keyLen@4
_expr4keyLenFromType@12
_f4assignLongLong@12
_f4assignWideString@8
_f4flagAnd@8
_f4flagFlipReturns@4
_f4flagIsAllSet@12
_f4flagIsAnySet@12
_f4flagOr@8
_f4flagReset@8
_f4flagSetAll@4
_f4flagSetRange@12
_f4memoReadPart@16
_f4memoWriteFinish@4
_f4memoWritePart@20
_f4nullable@4
_file4advanceRead@24
_file4exists@4
_file4lenSet@8
_file4seqReadInitDo@28
_file4seqWriteDelay@4
_i4addEntryToGroupFile@8
_i4closeLow@4
_i4getIndexFileDo@4
_i4tagRemove@4
_i4versionCheck@12
_index4isProduction@4
_l4addAfter@12
_l4seek@8
_mem4allocErrDefault@12
_mem4init@0
_mem4reset@0
_semaphore4init@4
_semaphore4initShared@8
_semaphore4initUndo@4
_sort4getInitFree@8
_sort4getMemInit@4
_sort4initAlloc@4
_sort4initFree@20
_sort4initSet@16
_sort4spoolsInit@8
_t4create@16
_t4dblToFoxExport@12
_t4descending@4
_t4fileName@4
_t4getCollateName@4
_t4index@4
_t4keyLenExported@4
_t4reindex@4
_t4uniqueModify@8
_t4uniqueSetLow@12
_tfile4bottom@4
_tfile4descending@8
_tfile4dskipExport@8
_tfile4dtokExport@16
_tfile4empty@4
_tfile4eof@4
_tfile4go@16
_tfile4key@4
_tfile4lock@8
_tfile4recNo@4
_tfile4seek@12
_tfile4skip@8
_tfile4stokExport@16
_tfile4top@4
_tfile4unlock@8
_tfile4versionCheck@12
_tfile4versionCheckFree@4
_time4long@8
_tran4fileAppend@16
_tran4fileBottom@8
_tran4fileClose@4
_tran4fileSkip@12
_tran4fileTop@8
_tran4freeLocks@8
_tran4getData@8
_tran4lowAppend@12
_tran4lowCommitPhaseOne@12
_tran4lowCommitPhaseTwo@12
_tran4lowRollback@12
_tran4lowStart@12
_tran4putData@12
_tran4read@4
_tran4set@32
_u4getMaxIndexSize@0
_u4nameCreateMultiDirectories@20
_u4nameCurrentExtended@16
_u4nameExtWide@16
_u4nameFindFileName@8
_u4nameMakeFindDrive@16
_u4namePath@12
_u4namePathSpecial@12
_u4nameRemoveGivenExtension@8
_u4nameWideRemoveGivenExtension@8
_u4namecmp@12
_u4namencmp@16
_u4trim@4
_x4reverseLong@4
_x4reverseLongLong@4
area4add_object
area4create
area4free
area4numObjects
area4objFirst
area4objLast
area4objNext
area4objPrev
area4pageBreak
area4sort_obj_tree
bmp4FindDIBBits
bmp4GetDIB
bmp4PaletteSize
bmp4WriteDIB
c4atod
c4atod2
c4atoi
c4atol
c4clip
c4dllInst
c4dtoa45
c4encode
c4getAccessMode
c4getAppVerify
c4getAutoOpen
c4getErrDefaultUnique
c4getErrOpen
c4getErrRelate
c4getErrTagName
c4getErrorCode
c4getLockAttempts
c4getLockEnforce
c4getOptimize
c4getOptimizeWrite
c4getReadLockDo
c4getReadOnlyDo
c4getSafety
c4getSingleOpen
c4lower
c4ltoa45
c4setAccessMode
c4setAutoOpen
c4setErrDefaultUnique
c4setErrOpen
c4setErrRelate
c4setErrTagName
c4setErrorCode
c4setLockAttempts
c4setLockEnforce
c4setOptimize
c4setOptimizeWrite
c4setReadLockDo
c4setReadOnlyDo
c4setSafety
c4setSingleOpen
c4trimN
c4upper
code4accessMode
code4actionCode
code4allocLow
code4autoOpen
code4calcCreate
code4calcReset
code4close
code4codePage
code4collate
code4collateUnicode
code4collatingSequence
code4compatibility
code4connect
code4connectAcceptNew
code4connectCut
code4connectCutAll
code4connectionId
code4connectionStatus
code4createTemp
code4data
code4dateFormat
code4dateFormatSet
code4directory
code4errCreate
code4errDefaultUnique
code4errExpr
code4errFieldName
code4errGo
code4errOff
code4errOpen
code4errRelate
code4errSkip
code4errTagName
code4errorCallback
code4errorCode
code4errorCode2
code4exit
code4fileFlush
code4fileName
code4fileNameSet
code4flush
code4hInst
code4hWnd
code4indexBlockSize
code4indexBlockSizeSet
code4indexExtension
code4indexFormat
code4info
code4infoRetrieve
code4initLow
code4initP
code4initUndo
code4initVB
code4largeOn
code4lineNo
code4lineNoSet
code4lock
code4lockAttempts
code4lockAttemptsSingle
code4lockClear
code4lockDelay
code4lockEnforce
code4lockFileName
code4lockItem
code4lockNetworkId
code4lockUserId
code4log
code4logCreate
code4logFileName
code4logOpen
code4logOpenOff
code4memExpandBlock
code4memExpandData
code4memExpandIndex
code4memExpandLock
code4memExpandTag
code4memSizeBlock
code4memSizeBuffer
code4memSizeMemo
code4memSizeMemoExpr
code4memSizeSortBuffer
code4memSizeSortPool
code4memStartBlock
code4memStartData
code4memStartIndex
code4memStartLock
code4memStartMax
code4memStartTag
code4optAll
code4optStart
code4optSuspend
code4optimize
code4optimizeWrite
code4readLock
code4readOnly
code4safety
code4serverCloseFiles
code4serverConfigName
code4serverCurrentDirectory
code4serverName
code4serverOS
code4serverShutdown
code4singleOpen
code4status
code4swapLogFile
code4timeout
code4timeoutSet
code4tranCommit
code4tranRollback
code4tranStart
code4tranStatusCB
code4unlock
code4unlockAutoCB
code4unlockAutoSetCB
code4verifySet
ctrl4addCode
ctrl4codeListInit
ctrl4freeCodeList
ctrl4freeCtrlNode
ctrl4getCtrlCode
ctrl4getServerName
ctrl4initVBX
ctrl4initVBXUndo
ctrl4setServerName
d4alias
d4aliasSet
d4append
d4appendBlank
d4appendStart
d4blank
d4bof
d4bottom
d4changed
d4check
d4close
d4codePage
d4compatibilityExport
d4create
d4createTemp
d4delete
d4deleted
d4eof
d4field
d4fieldInfo
d4fieldJ
d4fieldNumber
d4fileName
d4flush
d4freeBlocks
d4fullPath
d4goBof
d4goEof
d4goLow
d4index
d4lockAdd
d4lockAddAll
d4lockAddAppend
d4lockAddFile
d4lockAllInternal
d4lockAllVB
d4lockAppendInternal
d4lockAppendVB
d4lockFile
d4lockFileVB
d4lockInternal
d4lockTest
d4lockVB
d4lock_group
d4log
d4logStatusCB
d4logVB
d4memoCompress
d4numFields
d4open
d4openClone
d4optimize
d4optimizeVB
d4optimizeWrite
d4optimizeWriteVB
d4pack
d4position
d4position2
d4positionSet
d4recCountDo
d4recNoLow
d4recWidthLow
d4recWidth_v
d4recall
d4recordLow
d4refresh
d4refreshRecord
d4reindex
d4reindexWithProgress
d4remove
d4seek
d4seekDouble
d4seekN
d4seekNext
d4seekNextDouble
d4seekNextN
d4skip
d4tag
d4tagDefault
d4tagNext
d4tagPrev

Sections

.text
Size: 433KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SYS/CONDITION.FUT
SYS/CONDITION.STK
SYS/FIELD.DB2
SYS/tod.txt
SkyCHT.dll
.dll windows:5 windows x86 arch:x86

f630891c9df09c853719d9190d018fdb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
lstrcpyA
GetCurrentThreadId
GetCommandLineA
GetLastError
HeapFree
HeapAlloc
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
HeapSize
WriteFile
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringW

Exports

Exports

GB2Language
GetLanguangeName
Language2GB

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 826KB - Virtual size: 826KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SkyEng.dll
.dll windows:5 windows x86 arch:x86

cbc46f829e951c6dae1d5e664305d931

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
lstrcpyA
GetCurrentThreadId
GetCommandLineA
GetLastError
HeapFree
HeapAlloc
RaiseException
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
HeapSize
WriteFile
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringW

Exports

Exports

GB2Language
GetLanguangeName
Language2GB

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 853KB - Virtual size: 852KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
URL.txt
USERS/C.ini
USERS/C2.ini
USERS/C3.ini
USERS/PAGE/1303AC21.BIN
USERS/PAGE/1303AC21.DSP
USERS/PAGE/1347FF25.BIN
USERS/PAGE/1347FF25.DSP
USERS/PAGE/3AC1F068.BIN
USERS/PAGE/3AC1F068.DSP
USERS/PAGE/6072FC06.BIN
USERS/PAGE/6072FC06.DSP
USERS/PAGE/A6260F11.BIN
USERS/PAGE/A6260F11.DSP
USERS/PAGE/CE85CE52.BIN
USERS/PAGE/CE85CE52.DSP
USERS/PAGE/E1AF58F6.BIN
USERS/PAGE/E1AF58F6.DSP
USERS/PAGE/E23C56CE.BIN
USERS/PAGE/E23C56CE.DSP
USERS/PAGE/ECF6F969.BIN
USERS/PAGE/ECF6F969.DSP
USERS/PAGE/pages.ini
USERS/alert.WAV
USERS/color.dat
Uninstall.exe
.exe windows:4 windows x86 arch:x86

237a51742fed62d237b6f1b75452402f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
SetFileTime
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
CloseHandle
lstrcmpiA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
MulDiv
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA

user32

ExitWindowsEx
CharNextA
DialogBoxParamA
GetClassInfoA
SystemParametersInfoA
RegisterClassA
EndDialog
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
CreateDialogParamA
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
LoadImageA
GetDC
EnableWindow
InvalidateRect
CreateWindowExA
GetWindowLongA
DrawFocusRect
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
TrackPopupMenu
wsprintfA
SendMessageA
CallWindowProcA
MapWindowPoints
GetWindowRect
ScreenToClient
PtInRect
LoadCursorA
SetCursor
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
SetWindowLongA

gdi32

SetBkColor
GetDeviceCaps
GetCurrentObject
GetObjectA
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegEnumKeyA
RegEnumValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegQueryValueExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 296KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ZipArchive.dll
.dll windows:5 windows x86 arch:x86

5312d15a3a5bc828586e00aff9b4ca88

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CloseHandle
GetLastError
FormatMessageA
LocalFree
GetDiskFreeSpaceExA
GetTempPathA
GetTempFileNameA
GetCurrentDirectoryA
SetFileAttributesA
GetFileAttributesA
FindFirstFileA
FindClose
CreateFileA
SetFileTime
GetDriveTypeA
SetVolumeLabelA
MultiByteToWideChar
WideCharToMultiByte
DeleteFileA
MoveFileA
CreateDirectoryA
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
HeapAlloc
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
SetFilePointer
WriteFile
GetConsoleCP
GetConsoleMode
ReadFile
SetEnvironmentVariableA
SetCurrentDirectoryA
SetEndOfFile
GetProcessHeap
GetFileType
FlushFileBuffers
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
GetCommandLineA
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
VirtualAlloc
RaiseException
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
CompareStringA
CompareStringW
LCMapStringA
LCMapStringW
GetStdHandle
GetModuleFileNameA
Sleep
HeapSize
ExitProcess
SetHandleCount
GetStartupInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
RtlUnwind
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
LoadLibraryA
GetLocaleInfoW
InitializeCriticalSection
GetModuleHandleA

Exports

Exports

??0?$CZipMap@HPAUCOptions@CZipCompressor@@@@QAE@ABV0@@Z
??0?$CZipMap@HPAUCOptions@CZipCompressor@@@@QAE@XZ
??0?$CZipMap@W4CallbackType@CZipActionCallback@@PAU2@@@QAE@ABV0@@Z
??0?$CZipMap@W4CallbackType@CZipActionCallback@@PAU2@@@QAE@XZ
??0?$_Container_base_aux_alloc_real@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@std@@@std@@IAE@ABV01@@Z
??0?$_Container_base_aux_alloc_real@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@std@@@std@@IAE@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@1@@Z
??0?$_Container_base_aux_alloc_real@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@std@@@std@@IAE@ABV01@@Z
??0?$_Container_base_aux_alloc_real@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@std@@@std@@IAE@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@1@@Z
??0?$_String_val@DV?$allocator@D@std@@@std@@IAE@V?$allocator@D@1@@Z
??0?$_String_val@DV?$allocator@D@std@@@std@@QAE@ABV01@@Z
??0?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@QAE@ABV01@@Z
??0?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@QAE@U?$less@H@1@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@1@@Z
??0?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@QAE@ABV01@@Z
??0?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@QAE@U?$less@W4CallbackType@CZipActionCallback@@@1@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@1@@Z
??0?$_Tree@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@QAE@ABU?$less@H@1@ABV?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@1@@Z
??0?$_Tree@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@QAE@ABV01@@Z
??0?$_Tree@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@QAE@PBU?$pair@$$CBHPAUCOptions@CZipCompressor@@@1@0ABU?$less@H@1@ABV?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@1@@Z
??0?$_Tree@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@QAE@ABU?$less@W4CallbackType@CZipActionCallback@@@1@ABV?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@1@@Z
??0?$_Tree@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@QAE@ABV01@@Z
??0?$_Tree@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@QAE@PBU?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@1@0ABU?$less@W4CallbackType@CZipActionCallback@@@1@ABV?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@1@@Z
??0?$_Tree_nod@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@IAE@ABU?$less@H@1@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@1@@Z
??0?$_Tree_nod@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@QAE@ABV01@@Z
??0?$_Tree_nod@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@IAE@ABU?$less@W4CallbackType@CZipActionCallback@@@1@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@1@@Z
??0?$_Tree_nod@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@QAE@ABV01@@Z
??0?$_Tree_ptr@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@IAE@ABU?$less@H@1@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@1@@Z
??0?$_Tree_ptr@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@QAE@ABV01@@Z
??0?$_Tree_ptr@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@IAE@ABU?$less@W4CallbackType@CZipActionCallback@@@1@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@1@@Z
??0?$_Tree_ptr@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@QAE@ABV01@@Z
??0?$_Tree_val@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@IAE@ABU?$less@H@1@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@1@@Z
??0?$_Tree_val@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@QAE@ABV01@@Z
??0?$_Tree_val@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@IAE@ABU?$less@W4CallbackType@CZipActionCallback@@@1@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@1@@Z
??0?$_Tree_val@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@IIABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@IDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDIABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@V?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@1@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$map@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@@std@@QAE@ABU?$less@H@1@@Z
??0?$map@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@@std@@QAE@ABU?$less@H@1@ABV?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@1@@Z
??0?$map@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@@std@@QAE@ABV01@@Z
??0?$map@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@@std@@QAE@XZ
??0?$map@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@@std@@QAE@ABU?$less@W4CallbackType@CZipActionCallback@@@1@@Z
??0?$map@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@@std@@QAE@ABU?$less@W4CallbackType@CZipActionCallback@@@1@ABV?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@1@@Z
??0?$map@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@@std@@QAE@ABV01@@Z
??0?$map@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@@std@@QAE@XZ
??0CBaseLibCompressor@ZipArchiveLib@@QAE@ABV01@@Z
??0CBaseLibCompressor@ZipArchiveLib@@QAE@PAVCZipStorage@@@Z
??0CBitFlag@ZipArchiveLib@@QAE@H@Z
??0CBitFlag@ZipArchiveLib@@QAE@XZ
??0CDeflateCompressor@ZipArchiveLib@@QAE@ABV01@@Z
??0CDeflateCompressor@ZipArchiveLib@@QAE@PAVCZipStorage@@@Z
??0CDirEnumerator@ZipArchiveLib@@IAE@PBD_N@Z
??0CDirEnumerator@ZipArchiveLib@@QAE@ABV01@@Z
??0CFileFilter@ZipArchiveLib@@QAE@ABV01@@Z
??0CFileFilter@ZipArchiveLib@@QAE@_N@Z
??0CFileInfo@ZipArchiveLib@@QAE@XZ
??0CGroupFileFilter@ZipArchiveLib@@QAE@ABV01@@Z
??0CGroupFileFilter@ZipArchiveLib@@QAE@W4GroupType@01@_N1@Z
??0CInfo@CZipCentralDir@@QAE@ABU01@@Z
??0CInfo@CZipCentralDir@@QAE@XZ
??0CNameFileFilter@ZipArchiveLib@@QAE@ABV01@@Z
??0CNameFileFilter@ZipArchiveLib@@QAE@PBD_NH1@Z
??0COptions@CBaseLibCompressor@ZipArchiveLib@@QAE@ABU012@@Z
??0COptions@CBaseLibCompressor@ZipArchiveLib@@QAE@XZ
??0COptions@CDeflateCompressor@ZipArchiveLib@@QAE@ABU012@@Z
??0COptions@CDeflateCompressor@ZipArchiveLib@@QAE@XZ
??0COptions@CZipCompressor@@QAE@ABU01@@Z
??0COptions@CZipCompressor@@QAE@XZ
??0COptionsMap@CZipCompressor@@QAE@ABV01@@Z
??0COptionsMap@CZipCompressor@@QAE@XZ
??0CWildcard@ZipArchiveLib@@QAE@ABV01@@Z
??0CWildcard@ZipArchiveLib@@QAE@PBD_N@Z
??0CWildcard@ZipArchiveLib@@QAE@XZ
??0CZipAbstractFile@@QAE@ABV0@@Z
??0CZipAbstractFile@@QAE@XZ
??0CZipActionCallback@@QAE@ABU0@@Z
??0CZipActionCallback@@QAE@XZ
??0CZipAddNewFileInfo@@QAE@ABU0@@Z
??0CZipAddNewFileInfo@@QAE@PAVCZipAbstractFile@@PBD@Z
??0CZipAddNewFileInfo@@QAE@PBD0@Z
??0CZipAddNewFileInfo@@QAE@PBD_N@Z
??0CZipArchive@@QAE@ABV0@@Z
??0CZipArchive@@QAE@XZ
??0CZipAutoBuffer@@QAE@ABV0@@Z
??0CZipAutoBuffer@@QAE@K_N@Z
??0CZipAutoBuffer@@QAE@XZ
??0CZipBinSplitNamesHandler@@QAE@ABV0@@Z
??0CZipBinSplitNamesHandler@@QAE@XZ
??0CZipCallback@@QAE@ABU0@@Z
??0CZipCallback@@QAE@XZ
??0CZipCallbackProvider@ZipArchiveLib@@QAE@ABV01@@Z
??0CZipCallbackProvider@ZipArchiveLib@@QAE@XZ
??0CZipCentralDir@@QAE@ABV0@@Z
??0CZipCentralDir@@QAE@XZ
??0CZipCompressor@@IAE@PAVCZipStorage@@@Z
??0CZipCompressor@@QAE@ABV0@@Z
??0CZipCrc32Cryptograph@@QAE@ABV0@@Z
??0CZipCrc32Cryptograph@@QAE@XZ
??0CZipCryptograph@@QAE@ABV0@@Z
??0CZipCryptograph@@QAE@XZ
??0CZipException@@QAE@AAV0@@Z
??0CZipException@@QAE@HPBD@Z
??0CZipExtraData@@QAE@ABV0@@Z
??0CZipExtraData@@QAE@G@Z
??0CZipExtraData@@QAE@XZ
??0CZipExtraField@@QAE@ABV0@@Z
??0CZipExtraField@@QAE@XZ
??0CZipFile@@QAE@ABV0@@Z
??0CZipFile@@QAE@PBDI@Z
??0CZipFile@@QAE@XZ
??0CZipFileHeader@@IAE@PAVCZipCentralDir@@@Z
??0CZipFileHeader@@QAE@ABV0@@Z
??0CZipFileHeader@@QAE@XZ
??0CZipFindFast@CZipCentralDir@@QAE@PAVCZipFileHeader@@G@Z
??0CZipFindFast@CZipCentralDir@@QAE@XZ
??0CZipMemFile@@QAE@AAV0@@Z
??0CZipMemFile@@QAE@J@Z
??0CZipMemFile@@QAE@PAEIJ@Z
??0CZipPathComponent@@QAE@ABV0@@Z
??0CZipPathComponent@@QAE@PBD@Z
??0CZipPathComponent@@QAE@XZ
??0CZipRegularSplitNamesHandler@@QAE@ABV0@@Z
??0CZipRegularSplitNamesHandler@@QAE@XZ
??0CZipSegmCallback@@QAE@ABU0@@Z
??0CZipSegmCallback@@QAE@XZ
??0CZipSplitNamesHandler@@QAE@ABV0@@Z
??0CZipSplitNamesHandler@@QAE@XZ
??0CZipStorage@@QAE@ABV0@@Z
??0CZipStorage@@QAE@XZ
??0CZipString@@QAE@ABV0@@Z
??0CZipString@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0CZipString@@QAE@DH@Z
??0CZipString@@QAE@PBD@Z
??0CZipString@@QAE@XZ
??1?$CZipMap@HPAUCOptions@CZipCompressor@@@@QAE@XZ
??1?$CZipMap@W4CallbackType@CZipActionCallback@@PAU2@@@QAE@XZ
??1?$_Container_base_aux_alloc_real@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@std@@@std@@IAE@XZ
??1?$_Container_base_aux_alloc_real@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@std@@@std@@IAE@XZ
??1?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@QAE@XZ
??1?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@QAE@XZ
??1?$_Tree@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@QAE@XZ
??1?$_Tree@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@QAE@XZ
??1?$_Tree_nod@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@QAE@XZ
??1?$_Tree_nod@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@QAE@XZ
??1?$_Tree_ptr@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@QAE@XZ
??1?$_Tree_ptr@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@QAE@XZ
??1?$_Tree_val@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@QAE@XZ
??1?$_Tree_val@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1?$map@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@@std@@QAE@XZ
??1?$map@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@@std@@QAE@XZ
??1CBaseLibCompressor@ZipArchiveLib@@UAE@XZ
??1CDeflateCompressor@ZipArchiveLib@@UAE@XZ
??1CDirEnumerator@ZipArchiveLib@@UAE@XZ
??1CFileFilter@ZipArchiveLib@@UAE@XZ
??1CGroupFileFilter@ZipArchiveLib@@UAE@XZ
??1CInfo@CZipCentralDir@@QAE@XZ
??1CNameFileFilter@ZipArchiveLib@@UAE@XZ
??1COptions@CBaseLibCompressor@ZipArchiveLib@@UAE@XZ
??1COptions@CDeflateCompressor@ZipArchiveLib@@UAE@XZ
??1COptions@CZipCompressor@@UAE@XZ
??1COptionsMap@CZipCompressor@@QAE@XZ
??1CWildcard@ZipArchiveLib@@UAE@XZ
??1CZipAbstractFile@@UAE@XZ
??1CZipActionCallback@@UAE@XZ
??1CZipAddNewFileInfo@@QAE@XZ
??1CZipArchive@@UAE@XZ
??1CZipAutoBuffer@@UAE@XZ
??1CZipBinSplitNamesHandler@@UAE@XZ
??1CZipCallback@@UAE@XZ
??1CZipCallbackProvider@ZipArchiveLib@@QAE@XZ
??1CZipCentralDir@@UAE@XZ
??1CZipCompressor@@UAE@XZ
??1CZipCrc32Cryptograph@@UAE@XZ
??1CZipCryptograph@@UAE@XZ
??1CZipException@@UAE@XZ
??1CZipExtraData@@QAE@XZ
??1CZipExtraField@@QAE@XZ
??1CZipFile@@UAE@XZ
??1CZipFileHeader@@UAE@XZ
??1CZipMemFile@@UAE@XZ
??1CZipPathComponent@@UAE@XZ
??1CZipRegularSplitNamesHandler@@UAE@XZ
??1CZipSegmCallback@@UAE@XZ
??1CZipSplitNamesHandler@@UAE@XZ
??1CZipStorage@@UAE@XZ
??1CZipString@@QAE@XZ
??4?$CZipMap@HPAUCOptions@CZipCompressor@@@@QAEAAV0@ABV0@@Z
??4?$CZipMap@W4CallbackType@CZipActionCallback@@PAU2@@@QAEAAV0@ABV0@@Z
??4?$_Container_base_aux_alloc_real@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@std@@@std@@IAEAAV01@ABV01@@Z
??4?$_Container_base_aux_alloc_real@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@std@@@std@@IAEAAV01@ABV01@@Z
??4?$_String_val@DV?$allocator@D@std@@@std@@QAEAAV01@ABV01@@Z
??4?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@QAEAAV01@ABV01@@Z
??4?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@QAEAAV01@ABV01@@Z
??4?$_Tree@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@QAEAAV01@ABV01@@Z
??4?$_Tree@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@QAEAAV01@ABV01@@Z
??4?$_Tree_nod@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@QAEAAV01@ABV01@@Z
??4?$_Tree_nod@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@QAEAAV01@ABV01@@Z
??4?$_Tree_ptr@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@QAEAAV01@ABV01@@Z
??4?$_Tree_ptr@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@QAEAAV01@ABV01@@Z
??4?$_Tree_val@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@QAEAAV01@ABV01@@Z
??4?$_Tree_val@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$map@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@@std@@QAEAAV01@ABV01@@Z
??4?$map@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@@std@@QAEAAV01@ABV01@@Z
??4CBaseLibCompressor@ZipArchiveLib@@QAEAAV01@ABV01@@Z
??4CBitFlag@ZipArchiveLib@@QAEAAU01@ABU01@@Z
??4CBytesWriter@ZipArchiveLib@@QAEAAV01@ABV01@@Z
??4CDeflateCompressor@ZipArchiveLib@@QAEAAV01@ABV01@@Z
??4CDirEnumerator@ZipArchiveLib@@QAEAAV01@ABV01@@Z
??4CFileFilter@ZipArchiveLib@@QAEAAV01@ABV01@@Z
??4CFileInfo@ZipArchiveLib@@QAEAAU01@ABU01@@Z
??4CGroupFileFilter@ZipArchiveLib@@QAEAAV01@ABV01@@Z
??4CInfo@CZipCentralDir@@QAEAAU01@ABU01@@Z
??4CMultiActionsInfo@CZipActionCallback@@QAEAAU01@ABU01@@Z
??4CNameFileFilter@ZipArchiveLib@@QAEAAV01@ABV01@@Z
??4COptions@CBaseLibCompressor@ZipArchiveLib@@QAEAAU012@ABU012@@Z
??4COptions@CDeflateCompressor@ZipArchiveLib@@QAEAAU012@ABU012@@Z
??4COptions@CZipCompressor@@QAEAAU01@ABU01@@Z
??4COptionsMap@CZipCompressor@@QAEAAV01@ABV01@@Z
??4CWildcard@ZipArchiveLib@@QAEAAV01@ABV01@@Z
??4CZipAbstractFile@@QAEAAV0@ABV0@@Z
??4CZipActionCallback@@QAEAAU0@ABU0@@Z
??4CZipAddNewFileInfo@@QAEAAU0@ABU0@@Z
??4CZipArchive@@QAEAAV0@ABV0@@Z
??4CZipAutoBuffer@@QAEAAV0@ABV0@@Z
??4CZipBinSplitNamesHandler@@QAEAAV0@ABV0@@Z
??4CZipCallback@@QAEAAU0@ABU0@@Z
??4CZipCallbackProvider@ZipArchiveLib@@QAEAAV01@ABV01@@Z
??4CZipCentralDir@@QAEAAV0@ABV0@@Z
??4CZipCompressor@@QAEAAV0@ABV0@@Z
??4CZipCrc32Cryptograph@@QAEAAV0@ABV0@@Z
??4CZipCryptograph@@QAEAAV0@ABV0@@Z
??4CZipException@@QAEAAV0@ABV0@@Z
??4CZipExtraData@@QAEAAV0@ABV0@@Z
??4CZipExtraField@@QAEAAV0@ABV0@@Z
??4CZipFile@@QAEAAV0@ABV0@@Z
??4CZipFileHeader@@QAEAAV0@ABV0@@Z
??4CZipFindFast@CZipCentralDir@@QAEAAU01@ABU01@@Z
??4CZipMemFile@@QAEAAV0@ABV0@@Z
??4CZipPathComponent@@QAEAAV0@ABV0@@Z
??4CZipRegularSplitNamesHandler@@QAEAAV0@ABV0@@Z
??4CZipSegmCallback@@QAEAAU0@ABU0@@Z
??4CZipSplitNamesHandler@@QAEAAV0@ABV0@@Z
??4CZipStorage@@QAEAAV0@ABV0@@Z
??4CZipString@@QAEAAV0@ABV0@@Z
??8CBitFlag@ZipArchiveLib@@QAE_NABU01@@Z
??8CBitFlag@ZipArchiveLib@@QAE_NH@Z
??8CZipExtraData@@QAE_NABV0@@Z
??8CZipString@@QAE_NPBD@Z
??9CZipExtraData@@QAE_NABV0@@Z
??9CZipString@@QAE_NPBD@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
??A?$map@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@@std@@QAEAAPAUCOptions@CZipCompressor@@ABH@Z
??A?$map@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@@std@@QAEAAPAUCZipActionCallback@@ABW4CallbackType@2@@Z
??ACGroupFileFilter@ZipArchiveLib@@QAEPAVCFileFilter@1@I@Z
??ACGroupFileFilter@ZipArchiveLib@@QBEPBVCFileFilter@1@I@Z
??ACZipArchive@@QAEPAVCZipFileHeader@@G@Z
??ACZipArchive@@QBEPBVCZipFileHeader@@G@Z
??ACZipCentralDir@@QAEPAVCZipFileHeader@@G@Z
??ACZipCentralDir@@QBEPBVCZipFileHeader@@G@Z
??ACZipString@@QBEDH@Z
??BCBitFlag@ZipArchiveLib@@QBEHXZ
??BCWildcard@ZipArchiveLib@@QAEPBDXZ
??BCZipAutoBuffer@@QAEPADXZ
??BCZipAutoBuffer@@QBEPBDXZ
??BCZipFile@@QAEPAXXZ
??BCZipString@@QBEPBDXZ
??MCZipExtraData@@QAE_NABV0@@Z
??NCZipExtraData@@QAE_NABV0@@Z
??OCZipExtraData@@QAE_NABV0@@Z
??PCZipExtraData@@QAE_NABV0@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??_7CBaseLibCompressor@ZipArchiveLib@@6B@
??_7CDeflateCompressor@ZipArchiveLib@@6B@
??_7CDirEnumerator@ZipArchiveLib@@6B@
??_7CFileFilter@ZipArchiveLib@@6B@
??_7CGroupFileFilter@ZipArchiveLib@@6B@
??_7CNameFileFilter@ZipArchiveLib@@6B@
??_7COptions@CBaseLibCompressor@ZipArchiveLib@@6B@
??_7COptions@CDeflateCompressor@ZipArchiveLib@@6B@
??_7COptions@CZipCompressor@@6B@
??_7CWildcard@ZipArchiveLib@@6B@
??_7CZipAbstractFile@@6B@
??_7CZipActionCallback@@6B@
??_7CZipArchive@@6B@
??_7CZipAutoBuffer@@6B@
??_7CZipBinSplitNamesHandler@@6B@
??_7CZipCallback@@6B@
??_7CZipCentralDir@@6B@
??_7CZipCompressor@@6B@
??_7CZipCrc32Cryptograph@@6B@
??_7CZipCryptograph@@6B@
??_7CZipException@@6B@
??_7CZipFile@@6B@
??_7CZipFileHeader@@6B@
??_7CZipMemFile@@6B@
??_7CZipPathComponent@@6B@
??_7CZipRegularSplitNamesHandler@@6B@
??_7CZipSegmCallback@@6B@
??_7CZipSplitNamesHandler@@6B@
??_7CZipStorage@@6B@
??_F?$_String_val@DV?$allocator@D@std@@@std@@QAEXXZ
??_FCFileFilter@ZipArchiveLib@@QAEXXZ
??_FCGroupFileFilter@ZipArchiveLib@@QAEXXZ
??_FCNameFileFilter@ZipArchiveLib@@QAEXXZ
??_FCZipException@@QAEXXZ
??_FCZipMemFile@@QAEXXZ
?Accept@CFileFilter@ZipArchiveLib@@MAE_NPBD0ABUCFileInfo@2@@Z
?Accept@CGroupFileFilter@ZipArchiveLib@@MAE_NPBD0ABUCFileInfo@2@@Z
?Accept@CNameFileFilter@ZipArchiveLib@@MAE_NPBD0ABUCFileInfo@2@@Z
?Add@CGroupFileFilter@ZipArchiveLib@@QAEXPAVCFileFilter@2@@Z
?Add@CZipExtraField@@QAEHPAVCZipExtraData@@@Z
?AddNewFile@CZipArchive@@QAE_NAAUCZipAddNewFileInfo@@@Z
?AddNewFile@CZipArchive@@QAE_NAAVCZipAbstractFile@@PBDHHK@Z
?AddNewFile@CZipArchive@@QAE_NPBD0HHK@Z
?AddNewFile@CZipArchive@@QAE_NPBDH_NHK@Z
?AddNewFile@CZipCentralDir@@QAEPAVCZipFileHeader@@ABV2@GH_N@Z
?AddNewFiles@CZipArchive@@QAE_NPBD0_NH1HK@Z
?AddNewFiles@CZipArchive@@QAE_NPBDAAVCFileFilter@ZipArchiveLib@@_NH2HK@Z
?AdjustLocalComprSize@CZipFileHeader@@IAEXAAK@Z
?AdjustLocalComprSize@CZipFileHeader@@IAEXXZ
?Allocate@CZipAutoBuffer@@QAEPADK_N@Z
?AnsiOem@ZipPlatform@@YAXAAVCZipAutoBuffer@@_N@Z
?AppendSeparator@CZipPathComponent@@SAXAAVCZipString@@@Z
?AppliesToType@CNameFileFilter@ZipArchiveLib@@QAE_NH@Z
?AssureFree@CZipStorage@@QAEKK@Z
?Attach@CZipMemFile@@QAEXPAEIJ@Z
?BuildFindFastArray@CZipCentralDir@@IAEX_N@Z
?CacheSizes@CZipStorage@@AAEXXZ
?CacheStepSize@CZipActionCallback@@IAEXXZ
?CalculateBytesBeforeZip@CInfo@CZipCentralDir@@AAEKXZ
?CallCallback@CZipActionCallback@@MAE_NK@Z
?CallCallback@CZipStorage@@IAEXKHVCZipString@@@Z
?CallbackEnd@CZipActionCallback@@UAEXXZ
?CanHandle@CZipCrc32Cryptograph@@UAE_NH@Z
?CanHandle@CZipCryptograph@@UAE_NH@Z
?CanModify@CZipArchive@@QAE_N_N0@Z
?CanProcess@CDeflateCompressor@ZipArchiveLib@@UAE_NG@Z
?Change@CBitFlag@ZipArchiveLib@@QAEXH_N@Z
?ChangeDirectory@ZipPlatform@@YA_NPBD@Z
?ChangeSpannedRead@CZipStorage@@IAE?AVCZipString@@XZ
?ChangeSplitRead@CZipStorage@@IAE?AVCZipString@@XZ
?ChangeVolume@CZipStorage@@QAEXG@Z
?ChangeVolume@CZipStorage@@QAEXXZ
?ChangeVolumeDec@CZipStorage@@QAEXXZ
?ChangeWithCheck@CBitFlag@ZipArchiveLib@@QAE_NH_N@Z
?CheckDataDescriptor@CZipFileHeader@@IBE_NPAVCZipStorage@@@Z
?CheckForError@CBaseLibCompressor@ZipArchiveLib@@IAEXH@Z
?CheckIfOK_1@CInfo@CZipCentralDir@@AAE_NXZ
?CheckIfOK_2@CInfo@CZipCentralDir@@AAE_NXZ
?CheckLengths@CZipFileHeader@@IBE_N_N@Z
?Clear@CBitFlag@ZipArchiveLib@@QAEXH@Z
?Clear@CGroupFileFilter@ZipArchiveLib@@QAEXXZ
?Clear@CZipExtraField@@IAEXXZ
?ClearCachedSizes@CZipStorage@@AAEXXZ
?ClearCompressor@CZipArchive@@IAEXXZ
?ClearCryptograph@CZipArchive@@IAEXXZ
?ClearFileName@CZipFileHeader@@AAEXXZ
?ClearFindFastArray@CZipCentralDir@@IAEXXZ
?ClearSplitNames@CZipStorage@@AAEXXZ
?ClearWithCheck@CBitFlag@ZipArchiveLib@@QAE_NH@Z
?Clone@COptions@CDeflateCompressor@ZipArchiveLib@@UBEPAU1CZipCompressor@@XZ
?Close@CZipArchive@@QAE?AVCZipString@@H_N@Z
?Close@CZipCentralDir@@QAEXXZ
?Close@CZipFile@@UAEXXZ
?Close@CZipMemFile@@UAEXXZ
?Close@CZipStorage@@QAE?AVCZipString@@_N0@Z
?CloseFile@CZipArchive@@QAEHAAVCZipFile@@@Z
?CloseFile@CZipArchive@@QAEHPBD_N@Z
?CloseFile@CZipCentralDir@@QAEX_N@Z
?CloseNewFile@CZipArchive@@QAE_N_N@Z
?CloseNewFile@CZipCentralDir@@QAEXXZ
?Collate@CZipString@@QBEHPBD@Z
?CollateNoCase@CZipString@@QBEHPBD@Z
?Combine@CZipPathComponent@@SAXAAVCZipString@@PBD@Z
?CommitChanges@CZipArchive@@QAE_NXZ
?Compare@CZipString@@QBEHPBD@Z
?CompareElement@CZipCentralDir@@IBEHPBDG@Z
?CompareFindFastCollate@CZipCentralDir@@KAHPBX0@Z
?CompareFindFastCollateNoCase@CZipCentralDir@@KAHPBX0@Z
?CompareHeaders@CZipCentralDir@@KAHPBX0@Z
?CompareNoCase@CZipString@@QBEHPBD@Z
?Compress@CDeflateCompressor@ZipArchiveLib@@UAEXPBXK@Z
?CompressionEfficient@CZipFileHeader@@QAE_NXZ
?ConvertBufferToString@ZipCompatibility@@YAXAAVCZipString@@ABVCZipAutoBuffer@@I@Z
?ConvertComment@CZipFileHeader@@ABEXAAVCZipAutoBuffer@@@Z
?ConvertComment@CZipFileHeader@@ABEXAAVCZipString@@@Z
?ConvertFileName@CZipFileHeader@@ABEXAAVCZipAutoBuffer@@@Z
?ConvertFileName@CZipFileHeader@@ABEXAAVCZipString@@@Z
?ConvertInternalError@CDeflateCompressor@ZipArchiveLib@@MBEHH@Z
?ConvertInternalError@CZipCompressor@@MBEHH@Z
?ConvertStringToBuffer@ZipCompatibility@@YAXPBDAAVCZipAutoBuffer@@I@Z
?ConvertToSystem@ZipCompatibility@@YAKKHH@Z
?Copy@CZipMemFile@@QAEXAAV1@@Z
?CreateCompressor@CZipArchive@@MAEXG@Z
?CreateCompressor@CZipCompressor@@SAPAV1@GPAVCZipStorage@@@Z
?CreateCryptograph@CZipArchive@@MAEXH@Z
?CreateCryptograph@CZipCryptograph@@SAPAV1@H@Z
?CreateNew@CZipExtraField@@QAEPAVCZipExtraData@@G@Z
?CreateNew@CZipExtraField@@QAEPAVCZipExtraData@@GAAH@Z
?CreateNewDirectory@ZipPlatform@@YA_NPBD@Z
?CreateSharedData@CZipCentralDir@@IAEXXZ
?CryptCRC32@CZipCrc32Cryptograph@@AAEKKD@Z
?CryptDecode@CZipCrc32Cryptograph@@AAEXAAD@Z
?CryptDecryptByte@CZipCrc32Cryptograph@@AAEDXZ
?CryptEncode@CZipCrc32Cryptograph@@AAEXAAD@Z
?CryptInitKeys@CZipCrc32Cryptograph@@AAEXAAVCZipAutoBuffer@@@Z
?CryptUpdateKeys@CZipCrc32Cryptograph@@AAEXD@Z
?CurrentFile@CZipArchive@@IAEPAVCZipFileHeader@@XZ
?Decode@CZipCrc32Cryptograph@@UAEXPADK@Z
?Decompress@CDeflateCompressor@ZipArchiveLib@@UAEKPAXK@Z
?Defaults@CZipAddNewFileInfo@@QAEXXZ
?Delete@CZipString@@QAEHHH@Z
?DestroySharedData@CZipCentralDir@@IAEXXZ
?Detach@CZipMemFile@@QAEPAEXZ
?Empty@CZipString@@QAEXXZ
?EmptyPtrList@CBaseLibCompressor@ZipArchiveLib@@IAEXXZ
?EmptyWriteBuffer@CZipStorage@@IAEXXZ
?EnableFindFast@CZipArchive@@QAEX_N@Z
?EnableFindFast@CZipCentralDir@@QAEX_N0@Z
?Encode@CZipCrc32Cryptograph@@UAEXPADK@Z
?EncryptAllFiles@CZipArchive@@QAE_NXZ
?EncryptFileA@CZipArchive@@QAE_NG@Z
?EncryptFiles@CZipArchive@@QAE_NAAV?$CZipArray@G@@@Z
?EncryptFilesInternal@CZipArchive@@IAE_NPAV?$CZipArray@G@@@Z
?EnsureSplitNames@CZipStorage@@AAEXXZ
?EnterDirectory@CDirEnumerator@ZipArchiveLib@@MAEXXZ
?Evaluate@CFileFilter@ZipArchiveLib@@QAE_NPBD0ABUCFileInfo@2@@Z
?ExitDirectory@CDirEnumerator@ZipArchiveLib@@MAEXXZ
?ExtractFile@CZipArchive@@QAE_NGAAVCZipAbstractFile@@_NK@Z
?ExtractFile@CZipArchive@@QAE_NGPBD_N0K@Z
?FileExists@ZipPlatform@@YAHPBD@Z
?Finalize@CZipArchive@@QAE_N_N@Z
?FinalizeSegm@CZipStorage@@QAEXXZ
?Find@CZipString@@QBEHDH@Z
?Find@CZipString@@QBEHPBDH@Z
?FindFile@CZipArchive@@QAEGPBDH_N@Z
?FindFile@CZipCentralDir@@QAEGPBD_N11@Z
?FindFileNameIndex@CZipCentralDir@@QBEGPBD@Z
?FindMatches@CZipArchive@@QAEXPBDAAV?$CZipArray@G@@_N@Z
?FinishCompression@CDeflateCompressor@ZipArchiveLib@@UAEX_N@Z
?FinishCompression@CZipCompressor@@UAEX_N@Z
?FinishDecode@CZipCryptograph@@UAEXAAVCZipFileHeader@@AAVCZipStorage@@@Z
?FinishDecompression@CDeflateCompressor@ZipArchiveLib@@UAEX_N@Z
?FinishDecompression@CZipCompressor@@UAEX_N@Z
?FinishEncode@CZipCryptograph@@UAEXAAVCZipFileHeader@@AAVCZipStorage@@@Z
?Flush@CZipFile@@UAEXXZ
?Flush@CZipMemFile@@UAEXXZ
?Flush@CZipStorage@@QAEXXZ
?FlushBuffers@CZipArchive@@QAEXXZ
?FlushBuffers@CZipStorage@@QAEXXZ
?FlushFile@CZipStorage@@QAEXXZ
?FlushFile@ZipPlatform@@YA_NH@Z
?FlushWriteBuffer@CZipCompressor@@IAEXXZ
?ForceDirectory@ZipPlatform@@YA_NPBD@Z
?Format@CZipString@@QAAXPBDZZ
?Free@CZipMemFile@@IAEXXZ
?Get@COptionsMap@CZipCompressor@@QBEPAUCOptions@2@H@Z
?Get@CZipCallbackProvider@ZipArchiveLib@@QAEPAUCZipActionCallback@@W4CallbackType@3@@Z
?GetAdvanced@CZipArchive@@QAEXPAH00@Z
?GetAppliesToTypes@CNameFileFilter@ZipArchiveLib@@QAEHXZ
?GetArchive@CZipCentralDir@@QAEPAVCZipArchive@@XZ
?GetArchivePath@CZipArchive@@QBE?AVCZipString@@XZ
?GetAt@CGroupFileFilter@ZipArchiveLib@@QAEPAVCFileFilter@2@I@Z
?GetAt@CGroupFileFilter@ZipArchiveLib@@QBEPBVCFileFilter@2@I@Z
?GetAt@CZipExtraField@@QBEPAVCZipExtraData@@H@Z
?GetAt@CZipString@@QBEDH@Z
?GetAutoFinalize@CZipArchive@@QBE_NXZ
?GetBuffer@CZipAutoBuffer@@QBEPBDXZ
?GetBuffer@CZipString@@QAEPADH@Z
?GetBytesBeforeZip@CZipArchive@@QBEKXZ
?GetCRCTable@CZipCrc32Cryptograph@@SAPBKXZ
?GetCZipStrCompFunc@@YAP8CZipString@@BEHPBD@Z_N1@Z
?GetCachedSize@CZipStorage@@AAE_KG@Z
?GetCallback@CZipArchive@@QAEPAUCZipActionCallback@@W4CallbackType@2@@Z
?GetCaseSensitivity@CZipArchive@@QBE_NXZ
?GetCentralDirInfo@CZipArchive@@QBEXAAUCInfo@CZipCentralDir@@@Z
?GetCentralDirSize@CZipArchive@@QBEK_N@Z
?GetComment@CZipCentralDir@@QBEXAAVCZipString@@@Z
?GetComment@CZipFileHeader@@QAEABVCZipString@@_N@Z
?GetCommitMode@CZipArchive@@QBEHXZ
?GetCompressionLevel@CZipFileHeader@@QBEHXZ
?GetCompressionMethod@CZipArchive@@QBEGXZ
?GetCompressionRatio@CZipFileHeader@@QAEMXZ
?GetCount@CZipArchive@@QAEG_N@Z
?GetCount@CZipArchive@@QBEGXZ

Sections

.text
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
caption.txt
iSky.exe
.exe windows:5 windows x86 arch:x86

d5780fa83dc2435eacf8918f52494e6b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

user32

MessageBoxExA

Sections

Size: 1.8MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 684KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 848KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gkovwpzk
Size: 662KB - Virtual size: 664KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mvluxvty
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
iconfig.ini
ip.txt
license.txt
sky2000.ico
sky2000.jpg
.jpg
skyUpdate2.exe
.exe windows:4 windows x86 arch:x86

18bc6fa81e19f21156316b1ae696ed6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
lstrcmpiA
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA

user32

ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
TrackPopupMenu
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/NSISdl.dll
.dll windows:4 windows x86 arch:x86

9cce555dd3ff1b6c7dc92d64c794c51a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
lstrcpynA
lstrlenA
lstrcatA
GlobalAlloc
GlobalFree
CloseHandle
GetTickCount
DeleteFileA
Sleep
WriteFile
CreateFileA
lstrcmpiA
lstrcpyA
MulDiv
CreateThread

user32

CharPrevA
SetWindowLongA
RegisterWindowMessageA
CallWindowProcA
DestroyWindow
EnableWindow
GetWindowLongA
CreateWindowExA
GetWindowRect
GetClientRect
ShowWindow
IsWindowVisible
GetFocus
GetDlgItem
FindWindowExA
SetWindowTextA
SendMessageA
wsprintfA
SetDlgItemTextA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ws2_32

gethostbyname
inet_addr
ioctlsocket
htons
socket
closesocket
shutdown
connect
__WSAFDIsSet
select
recv
WSAGetLastError
send
WSACleanup
WSAStartup

Exports

Exports

download
download_quiet

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 734B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
vic32.dll
.dll windows:4 windows x86 arch:x86

bccc9c2414227ee28e93b13aaa9d5180

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

GetModuleFileNameA
IsBadReadPtr
GetVersion
RaiseException
GetTempPathW
GetTempFileNameW
GetTempPathA
GetTempFileNameA
WriteFile
DeleteFileW
DeleteFileA
SetFilePointer
ReadFile
CreateFileW
CreateFileA
CloseHandle
GlobalUnlock
GlobalFree
IsBadHugeReadPtr
GlobalHandle
GlobalSize
GlobalAlloc
GlobalLock
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
LCMapStringA
LCMapStringW
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
HeapFree
HeapAlloc
RtlUnwind
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
ExitProcess
GetProcAddress
WideCharToMultiByte
TlsGetValue
GetStringTypeW
GetLastError
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
GetStartupInfoA
GetFileType
SetHandleCount
GetStdHandle
GetEnvironmentStringsW
GetStringTypeA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings

user32

wsprintfA
DispatchMessageA
TranslateMessage
PeekMessageA
CopyRect
GetWindowTextA
GetWindowTextW
IsWindowUnicode
ReleaseDC
GetDC
GetWindowRect
GetClientRect
ClientToScreen
GetDesktopWindow

gdi32

Escape
CreatePen
GetSystemPaletteEntries
CreateDCA
BitBlt
CreateCompatibleDC
CreateBitmap
DeleteObject
DeleteDC
SetAbortProc
SetStretchBltMode
StretchDIBits
GetDeviceCaps
EndPage
EndDoc
AbortDoc
StartDocW
StartDocA
StartPage
CreateDIBitmap
SetBkMode
GetStockObject
SelectObject
SetMapMode
SetWindowExtEx
SetViewportExtEx
SetViewportOrgEx
GetTextExtentPointA
TextOutA
Rectangle
SetBitmapBits
CreateHalftonePalette
SetDIBColorTable
SetDIBitsToDevice
CreateDIBSection
GetDIBColorTable
GetPaletteEntries
CreatePalette
CreateCompatibleBitmap
SelectPalette
RealizePalette
GetDIBits
GetObjectA

Exports

Exports

Align1bppBits_
CreateDefaultPalette_
Store1bppBits_
VicAbortProc
Victorversion
Victorversionex
addimage
allocDIB
allocimage
andimage
blur
blurthresh
bmpinfo
bmpinfoW
bmpinfofrombuffer
brightenmidrange
calcavglevel
calchisto
calchistorgb
changebright
checkrange16_
checkrange1_
checkrange_
clienttoimage
colordither
colorscatter
colortogray
convert1bitto8bit
convert1bitto8bitsmooth
convert8bitto1bit
convertgray16to8
convertgray8to16
convertpaltorgb
convertrgbtopal
convertrgbtopalex
copyimage
copyimagebits
copyimagepalette
copyimgdes
cover
coverclear
ddbtoimage
defaultpalette
dibsecttoimage
dibtobitmap
dibtoimage
dilate
divide
drawhisto
erode
exchangelevel
expandcontrast
flipimage
freeimage
gammabrighten
getgifcomment
getgifcommentW
getpixelcolor
getpngcomment
getpngcommentW
gifframecount
gifframecountW
gifframecountfrombuffer
gifinfo
gifinfoW
gifinfoallframes
gifinfoallframesW
gifinfoallframesfrombuffer
gifinfoframe
gifinfoframeW
gifinfoframefrombuffer
gifinfofrombuffer
histobrighten
histoequalize
hsv2rgb
imageareatorect
imagetodib
isgrayscaleimage
jpeggeterror
jpeginfo
jpeginfoW
jpeginfoex
jpeginfoexW
jpeginfofrombuffer
jpeginfofrombufferex
jpegsetthumbnailsize
jpegsetxyresolution
kodalith
limitlevel
loadbif
loadbifW
loadbmp
loadbmpW
loadbmpfrombuffer
loadbmppalette
loadbmppaletteW
loadbmppalettefrombuffer
loadgif
loadgifW
loadgifframe
loadgifframeW
loadgifframefrombuffer
loadgifframepalette
loadgifframepaletteW
loadgifframepalettefrombuffer
loadgiffrombuffer
loadgifglobalpalette
loadgifglobalpaletteW
loadgifglobalpalettefrombuffer
loadgifpalette
loadgifpaletteW
loadgifpalettefrombuffer
loadjpg
loadjpgW
loadjpgfrombuffer
loadjpgthumbnail
loadjpgthumbnailW
loadjpgthumbnailfrombuffer
loadpcx
loadpcxW
loadpcxpalette
loadpcxpaletteW
loadpng
loadpngW
loadpngfrombuffer
loadpngpalette
loadpngpaletteW
loadpngpalettefrombuffer
loadtga
loadtgaW
loadtgapalette
loadtgapaletteW
loadtif
loadtifW
loadtiffrombuffer
loadtifpage
loadtifpageW
loadtifpagebyindex
loadtifpagebyindexW
loadtifpalette
loadtifpaletteW
loadtifpalettefrombuffer
loadtifpalettepage
loadtifpalettepageW
loadtifpalettepagebyindex
loadtifpalettepagebyindexW
matchcolorimage
matchcolorimageex
matrixconv
matrixconvex
medianfilter
mirrorimage
multiply
negative
orimage
outline
pcxinfo
pcxinfoW
pixelcount
pixellize
pnggeterror
pnggetxyresolution
pnggetxyresolutionW
pnginfo
pnginfoW
pnginfofrombuffer
pngsetxyresolution
printimage
printimageenddoc
printimagenoeject
printimagestartdoc
printimagestartdocW
rainbowpalette
recttoimagearea
reduceimagecolors
removenoise
resize
resizeex
rgb2hsv
rotate
rotate90
savebif
savebifW
savebmp
savebmpW
savebmptobuffer
saveeps
saveepsW
savegif
savegifW
savegifex
savegifexW
savegifframe
savegifframeW
savegifframetobuffer
savegiftobufferex
savejpg
savejpgW
savejpgex
savejpgexW
savejpgtobuffer
savejpgtobufferex
savepcx
savepcxW
savepng
savepngW
savepngtobuffer
savetga
savetgaW
savetif
savetifW
savetifpage
savetifpageW
savetiftobuffer
setgifcomment
setimagearea
setpixelcolor
setupimgdes
sharpen
sharpengentle
standardpalette
subimage
tgainfo
tgainfoW
threshold
tiffgeterror
tiffgetpageinfo
tiffgetpageinfoW
tiffgetxyresolution
tiffgetxyresolutionW
tiffgetxyresolutionpagebyindex
tiffgetxyresolutionpagebyindexW
tiffinfo
tiffinfoW
tiffinfofrombuffer
tiffinfopage
tiffinfopageW
tiffinfopagebyindex
tiffinfopagebyindexW
tiffsetxyresolution
unlockLZW
updatebitmapcolortable
usetable
victowinpal
viewimage
viewimageex
windowtoimage
wintovicpal
wtaverage
xorimage
zeroimage
zeroimgdes

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

237a51742fed62d237b6f1b75452402f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 290KB

.ndata Size: - Virtual size: 296KB

.rsrc Size: 7KB - Virtual size: 8KB

57354bdeea3dfae6e948101add87501a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 954B

1ced1d5b613da7ec35720ce62b95330d

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 433KB - Virtual size: 432KB

.rdata Size: 74KB - Virtual size: 73KB

.data Size: 25KB - Virtual size: 32KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 13KB - Virtual size: 13KB

f630891c9df09c853719d9190d018fdb

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 26KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 826KB - Virtual size: 826KB

.reloc Size: 7KB - Virtual size: 6KB

cbc46f829e951c6dae1d5e664305d931

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 26KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 853KB - Virtual size: 852KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 290KB

.ndata
Size: - Virtual size: 296KB

.rsrc
Size: 7KB - Virtual size: 8KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 954B

.text
Size: 433KB - Virtual size: 432KB

.rdata
Size: 74KB - Virtual size: 73KB

.data
Size: 25KB - Virtual size: 32KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 13KB - Virtual size: 13KB

.text
Size: 26KB - Virtual size: 26KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 826KB - Virtual size: 826KB

.reloc
Size: 7KB - Virtual size: 6KB

.text
Size: 26KB - Virtual size: 26KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 853KB - Virtual size: 852KB

.reloc
Size: 7KB - Virtual size: 6KB

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 290KB

.ndata
Size: - Virtual size: 296KB

.rsrc
Size: 7KB - Virtual size: 8KB

.text
Size: 268KB - Virtual size: 267KB

.rdata
Size: 160KB - Virtual size: 159KB

.data
Size: 7KB - Virtual size: 14KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 13KB - Virtual size: 13KB

.rsrc
Size: 684KB - Virtual size: 1.3MB

.idata
Size: 512B - Virtual size: 4KB

gkovwpzk
Size: 662KB - Virtual size: 664KB

mvluxvty
Size: 512B - Virtual size: 4KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 153KB

.ndata
Size: - Virtual size: 32KB

.rsrc
Size: 4KB - Virtual size: 4KB