D:\nstools\nsSetup\HofoInstallers-2.0\Release\Install_vip.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
096c09b7dd20e8022ed57ae2d7ebf9ef_JaffaCakes118.exe
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
096c09b7dd20e8022ed57ae2d7ebf9ef_JaffaCakes118.exe
Resource
win10v2004-20240419-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
096c09b7dd20e8022ed57ae2d7ebf9ef_JaffaCakes118
-
Size
3.8MB
-
MD5
096c09b7dd20e8022ed57ae2d7ebf9ef
-
SHA1
a1c478dcb2c9dc22546bafb3fcd8d6c49f824aae
-
SHA256
b3316111292b5a16208a39b12c666d1f7bba46ec67212847692c743d8f538a69
-
SHA512
07ae66672d93bda75995e6d7d7f0085f2a7b0f89509379370d7a27d92e12fc058ffdfd66e4f4297bebf0b32f6a8a3c62a00935d12909ca1178a174ef6d6e0237
-
SSDEEP
98304:uG2n41iloBPdcYbILfF7neJZOO3oUs8d1x+ctTu22pU:PQedcYboyz4qd3jtL2pU
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 096c09b7dd20e8022ed57ae2d7ebf9ef_JaffaCakes118
Files
-
096c09b7dd20e8022ed57ae2d7ebf9ef_JaffaCakes118.exe windows:5 windows x86 arch:x86
2a7a93d57d24e02195c178a80b7b89a2
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
ExitThread
FindClose
GetDriveTypeW
FindFirstFileExW
MoveFileW
GetFullPathNameW
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryW
SetEndOfFile
GetTimeZoneInformation
CompareStringW
CloseHandle
GetLastError
CreateMutexW
GetModuleFileNameW
lstrcpyW
GetCurrentThread
SetThreadPriority
GetCurrentProcess
SetPriorityClass
GetTickCount
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetCommandLineW
HeapSetInformation
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
lstrlenW
GetModuleHandleW
ExitProcess
IsProcessorFeaturePresent
WriteFile
GetStdHandle
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeLibrary
LoadLibraryW
RtlUnwind
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
MultiByteToWideChar
GetStringTypeW
SetStdHandle
WriteConsoleW
CreateFileW
FlushFileBuffers
lstrcmpW
lstrcatW
FreeResource
GlobalLock
GlobalUnlock
GetFileSize
ReadFile
FindFirstFileW
FindNextFileW
GlobalFree
WaitForSingleObject
TerminateThread
lstrlenA
GetVersionExW
CreateDirectoryW
GetDiskFreeSpaceExW
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
lstrcpynW
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
UnmapViewOfFile
LCMapStringA
GetSystemPowerStatus
lstrcmpiW
GetTempPathW
DeleteFileW
GetSystemWow64DirectoryW
GetSystemDirectoryW
CreateThread
OpenProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
GetLocalTime
InitializeCriticalSection
CreateEventW
ResetEvent
LocalFree
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GlobalAlloc
GetProcAddress
Sleep
SetEnvironmentVariableA
user32
DestroyWindow
UnregisterClassW
MoveWindow
BeginPaint
SetWindowLongW
LoadIconW
DefWindowProcW
EndPaint
GetWindowLongW
PostQuitMessage
SetTimer
SetWindowTextW
KillTimer
SetForegroundWindow
DispatchMessageW
TranslateMessage
GetMessageW
EnableWindow
CreateWindowExW
PostMessageW
IsWindowVisible
ReleaseDC
GetWindowRect
ShowWindow
GetDC
GetClientRect
ClientToScreen
SetLayeredWindowAttributes
SetWindowPos
UpdateLayeredWindow
wsprintfW
FindWindowW
IsIconic
OpenClipboard
EmptyClipboard
SetClipboardData
GetClipboardData
DrawIconEx
SendMessageW
FillRect
OffsetRect
SetWindowRgn
GetSystemMetrics
SetCursor
LoadCursorW
RegisterClassExW
CloseClipboard
gdi32
BitBlt
CreateSolidBrush
CreateDIBSection
GetStockObject
CreateDCW
DeleteDC
DeleteObject
CreateRectRgn
CombineRgn
OffsetRgn
SetRectRgn
GetObjectA
GetTextExtentPoint32W
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
GetObjectW
ole32
CoInitialize
CoUninitialize
CoCreateInstance
OleRun
CreateStreamOnHGlobal
shlwapi
PathFileExistsW
gdiplus
GdipSetStringFormatTrimming
GdipGetImageGraphicsContext
GdipSetTextRenderingHint
GdipSetInterpolationMode
GdipSetSmoothingMode
GdipResetWorldTransform
GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipDrawString
GdipDrawImageRectI
GdipDrawImagePointsI
GdipDrawImageRectRectI
GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipCloneImage
GdipSetStringFormatLineAlign
GdipSaveImageToStream
GdipGetImageWidth
GdipGetImageHeight
GdipImageRotateFlip
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup
GdiplusShutdown
GdipCloneBrush
GdipDeleteBrush
GdipSetImageAttributesColorKeys
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipAlloc
GdipSetStringFormatAlign
GdipCreateStringFormat
GdipFree
GdipCreateSolidFill
GdipDisposeImage
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipCloneStringFormat
GdipDeleteStringFormat
GdipSetStringFormatFlags
GdipStringFormatGetGenericTypographic
GdipCreateFromHDC
GdipDeleteGraphics
GdipMeasureString
GdipSaveImageToFile
dbghelp
MiniDumpWriteDump
comdlg32
ChooseColorW
GetSaveFileNameW
GetOpenFileNameW
advapi32
RegOpenKeyW
RegSetValueW
RegNotifyChangeKeyValue
RegDeleteValueW
DeleteService
ControlService
StartServiceW
CloseServiceHandle
OpenServiceW
RegCreateKeyW
CreateServiceW
OpenSCManagerW
RegEnumKeyExW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
shell32
SHBrowseForFolderW
ShellExecuteExW
Shell_NotifyIconW
SHGetSpecialFolderPathW
SHGetPathFromIDListW
oleaut32
SysAllocString
VariantChangeType
VariantInit
VariantClear
SysFreeString
wininet
FtpGetFileSize
FtpOpenFileW
InternetReadFile
HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
HttpQueryInfoW
InternetGetConnectedState
InternetOpenW
InternetSetOptionW
InternetConnectW
InternetCloseHandle
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
winmm
mciSendStringW
PlaySoundW
crypt32
CertOpenStore
CertFreeCertificateContext
CertAddCertificateContextToStore
CertCloseStore
CertFindCertificateInStore
CertCreateCertificateContext
wintrust
WinVerifyTrust
Exports
Exports
??0CLock@@QAE@XZ
??0CNsApp@@QAE@XZ
??0CNsDC@@QAE@PAUHDC__@@AAUtagRECT@@_N2PAUHWND__@@@Z
??0CNsDC@@QAE@XZ
??0CNsDownload@@QAE@XZ
??0CNsFont@@QAE@ABV0@@Z
??0CNsFont@@QAE@XZ
??0CNsImage@@QAE@ABV0@@Z
??0CNsImage@@QAE@XZ
??0CNsInstaller@@QAE@ABV0@@Z
??0CNsInstaller@@QAE@XZ
??0CNsLog@@QAE@ABV0@@Z
??0CNsLog@@QAE@XZ
??0CNsNet@@QAE@XZ
??0CNsPacket@@QAE@ABV0@@Z
??0CNsProcess@@QAE@XZ
??0CNsReg@@QAE@XZ
??0CNsSkin@@QAE@ABV0@@Z
??0CNsSkin@@QAE@XZ
??0CNsThread@@QAE@ABV0@@Z
??0CNsThread@@QAE@XZ
??0CNsUpdate@@QAE@ABV0@@Z
??0CNsUpdate@@QAE@XZ
??0CNsXml@@QAE@ABV0@@Z
??0CNsXml@@QAE@XZ
??0CNsZlib@@QAE@XZ
??0CnsDump@@QAE@ABV0@@Z
??0CnsDump@@QAE@XZ
??1CLock@@QAE@XZ
??1CNsApp@@QAE@XZ
??1CNsDC@@QAE@XZ
??1CNsDownload@@QAE@XZ
??1CNsFont@@QAE@XZ
??1CNsImage@@QAE@XZ
??1CNsInstaller@@QAE@XZ
??1CNsLog@@QAE@XZ
??1CNsNet@@QAE@XZ
??1CNsProcess@@QAE@XZ
??1CNsReg@@QAE@XZ
??1CNsSkin@@QAE@XZ
??1CNsThread@@QAE@XZ
??1CNsUpdate@@QAE@XZ
??1CNsXml@@QAE@XZ
??1CNsZlib@@QAE@XZ
??1CnsDump@@QAE@XZ
??4CLock@@QAEAAV0@ABV0@@Z
??4CNsApp@@QAEAAV0@ABV0@@Z
??4CNsDC@@QAEAAV0@ABV0@@Z
??4CNsDownload@@QAEAAV0@ABV0@@Z
??4CNsFont@@QAEAAV0@ABV0@@Z
??4CNsImage@@QAEAAV0@ABV0@@Z
??4CNsInstaller@@QAEAAV0@ABV0@@Z
??4CNsLog@@QAEAAV0@ABV0@@Z
??4CNsNet@@QAEAAV0@ABV0@@Z
??4CNsPacket@@QAEAAV0@ABV0@@Z
??4CNsProcess@@QAEAAV0@ABV0@@Z
??4CNsReg@@QAEAAV0@ABV0@@Z
??4CNsSkin@@QAEAAV0@ABV0@@Z
??4CNsThread@@QAEAAV0@ABV0@@Z
??4CNsUpdate@@QAEAAV0@ABV0@@Z
??4CNsXml@@QAEAAV0@ABV0@@Z
??4CNsZlib@@QAEAAV0@ABV0@@Z
??4CnsDump@@QAEAAV0@ABV0@@Z
??_B?1??Instance@CNsDownload@@SAAAV1@XZ@51
??_B?1??Instance@CNsLog@@SAAAV1@XZ@51
??_B?1??Instance@CNsNet@@SAAAV1@XZ@51
??_B?1??Instance@CNsProcess@@SAAAV1@XZ@51
??_B?1??Instance@CNsReg@@SAAAV1@XZ@51
??_B?1??Instance@CNsUpdate@@SAAAV1@XZ@51
??_B?1??Instance@CNsXml@@SAAAV1@XZ@51
??_B?1??Instance@CNsZlib@@SAAAV1@XZ@51
?AddDelInfo@CNsInstaller@@AAE_NAAUtagDelInfo@@@Z
?AddMovie@CNsImage@@QAE_NPAUHWND__@@HPB_WHHHHHHHHPAUHDC__@@@Z
?AddMovie@CNsImage@@QAE_NPAUHWND__@@PB_WHHHHHHHHPAUHDC__@@@Z
?AddTask@CNsDownload@@QAEHPB_W0@Z
?AddTimer@CNsThread@@AAEPAUtagNsTimer@@AAU2@@Z
?AutoRun@CNsInstaller@@QAEXXZ
?BmToStream@CNsImage@@QAE_NPAUHBITMAP__@@PAUIStream@@PB_W@Z
?CertExists@@YAHPB_W@Z
?CheckComponent@CNsInstaller@@QAE_NXZ
?CheckDir@CNsInstaller@@QAEXPB_W0@Z
?CheckFont@CNsFont@@QAEHPB_W@Z
?CheckImage@CNsImage@@QAE_NPB_W@Z
?CheckInstalled@@YAHPB_W@Z
?CheckOneInstance@@YAHPB_W0@Z
?CheckUpdate@CNsUpdate@@QAEHPB_WP6GXHHH@ZP6GXH0_J2N@Z@Z
?CompVersion@@YAHPB_W0@Z
?CreateCompatibleBitmapEx@CNsDC@@QAEPAUHBITMAP__@@UtagRECT@@@Z
?CreateDirTree@@YAHPB_W@Z
?CreateFolder@@YAHPB_W@Z
?CreateMemDC@CNsDC@@QAEXPAUHDC__@@AAUtagRECT@@_N2PAUHWND__@@@Z
?CreateNewFont@CNsFont@@AAEPAUHFONT__@@AAUtagFontInfo@@@Z
?CreateShareMem@@YAPAXPB_WK@Z
?CreateShortcut@@YAHPB_W000G0H@Z
?CreateShortcuts@CNsInstaller@@QAEXPAUtagSetupInfo@@@Z
?CreateUID@@YAXPA_WH@Z
?CreateUninstallCfg@CNsInstaller@@QAEXPAUtagSetupInfo@@@Z
?CreateUrlShortcut@@YAHPB_W0@Z
?CreateUserShortcuts@CNsInstaller@@AAEXXZ
?DecodeFile@CNsZlib@@QAEJPB_W0K@Z
?DecodeGZipBuffer@CNsZlib@@QAEJPAEJPAPAEPAJ@Z
?DelTask@CNsDownload@@QAEHPB_W@Z
?DelTray@@YAHPAUHWND__@@@Z
?DesGo@@YAXQBDPADHH@Z
?DisableFsRedirection@@YAXPAPAX@Z
?DoReport@@YAXPB_W00@Z
?DoRun@@YAHPB_W0HH@Z
?DoSetup@CNsInstaller@@AAEXXZ
?DoUpdate@CNsInstaller@@QAEX_N@Z
?DownComponent@CNsInstaller@@AAEXPB_W@Z
?DownNotify@CNsInstaller@@CGXHPB_W_J1N@Z
?DownloadThread@CNsDownload@@CGIPAX@Z
?Draw@CNsDC@@QAEXXZ
?DrawImg@CNsImage@@QAE_NPAUHDC__@@HPB_WHHHHPAUtagRECT@@@Z
?DrawImg@CNsImage@@QAE_NPAUHDC__@@PAUIStream@@HHHHPAUtagRECT@@@Z
?DrawImg@CNsImage@@QAE_NPAUHDC__@@PAVImage@Gdiplus@@HHHHPAUtagRECT@@PAVImageAttributes@4@@Z
?DrawImg@CNsImage@@QAE_NPAUHDC__@@PB_WHHHHPAUtagRECT@@@Z
?DrawImgEx@CNsImage@@QAE_NPAUHDC__@@HPB_WMMMMHHHH@Z
?DrawImgEx@CNsImage@@QAE_NPAUHDC__@@PAUIStream@@MMMMHHHH@Z
?DrawImgEx@CNsImage@@QAE_NPAUHDC__@@PB_WMMMMHHHH@Z
?DrawRotate3D@CNsImage@@QAEXPAUHDC__@@HPB_WHHHHHH@Z
?DrawRotate3D@CNsImage@@QAEXPAUHDC__@@PAUIStream@@HHHHHH@Z
?DrawRotate@CNsImage@@QAE_NPAUHDC__@@HPB_WHHHHH@Z
?DrawRotate@CNsImage@@QAE_NPAUHDC__@@PAUIStream@@HHHHH@Z
?DrawRotate@CNsImage@@QAE_NPAUHDC__@@PB_WHHHHH@Z
?DrawRotateFlip@CNsImage@@QAE_NPAUHDC__@@HPB_WHHHHW4RotateFlipType@Gdiplus@@M@Z
?DrawRotateFlip@CNsImage@@QAE_NPAUHDC__@@PAUIStream@@HHHHW4RotateFlipType@Gdiplus@@M@Z
?DrawRotateFlip@CNsImage@@QAE_NPAUHDC__@@PB_WHHHHW4RotateFlipType@Gdiplus@@M@Z
?DrawSplitH@CNsImage@@AAE_NPAUHDC__@@PAVImage@Gdiplus@@HHHHPAUtagRECT@@H@Z
?DrawSplitV@CNsImage@@AAE_NPAUHDC__@@PAVImage@Gdiplus@@HHHHPAUtagRECT@@HH@Z
?DrawStretchImg@CNsImage@@QAE_NPAUHDC__@@HPB_WHHHHHHHH@Z
?DrawStretchImg@CNsImage@@QAE_NPAUHDC__@@PAUIStream@@HHHHHHHH@Z
?DrawStretchImg@CNsImage@@QAE_NPAUHDC__@@PAVImage@Gdiplus@@HHHHHHHH@Z
?DrawStretchImg@CNsImage@@QAE_NPAUHDC__@@PB_WHHHHHHHH@Z
?DrawString@CNsImage@@QAEXPAUHDC__@@PAUHFONT__@@PB_WHHHHKH_N3H@Z
?DrawTranImg@CNsImage@@QAE_NPAUHDC__@@HPB_WKKHHHH@Z
?DrawTranImg@CNsImage@@QAE_NPAUHDC__@@PAUIStream@@KKHHHH@Z
?DrawTranImg@CNsImage@@QAE_NPAUHDC__@@PB_WKKHHHH@Z
?EasyEncode@@YAXPADH@Z
?EncodeFile@CNsZlib@@QAEJPB_W0H@Z
?ExceptionFilter@CnsDump@@CGJPAU_EXCEPTION_POINTERS@@@Z
?ExecScript@CNsInstaller@@QAEXPB_W@Z
?ExitApp@CNsApp@@QAEXXZ
?ExitThread@CNsThread@@QAEXPAXH@Z
?ExtractFile@CNsInstaller@@AAE_NPAUtagPacketInfo@@PAU_iobuf@@@Z
?ExtractPath@@YAXPA_W@Z
?FileSize@@YA_JPB_W@Z
?FileTime@@YAHPB_WPAU_SYSTEMTIME@@11@Z
?FindRes@CNsSkin@@AAE_NPB_WPAUIStream@@@Z
?ForceLog@CNsLog@@QAEX_N@Z
?FreeSkin@CNsSkin@@QAEXXZ
?GbToTraditional@@YAXPADH@Z
?GetCPUID@@YAXPAD@Z
?GetClipboard@@YAHPA_WH@Z
?GetColorDlg@@YAKPAUHWND__@@K@Z
?GetCurPath@@YAXPA_W@Z
?GetDefaultSize@CNsFont@@QAEHXZ
?GetDesktopPath@@YAHPA_W@Z
?GetEncoderClsid@CNsImage@@QAEHPB_WPAU_GUID@@@Z
?GetFileVer@@YAHPB_WPA_W@Z
?GetFont@CNsFont@@AAEPAUHFONT__@@AAUtagFontInfo@@@Z
?GetFont@CNsFont@@QAEPAUHFONT__@@HPB_WHHH@Z
?GetFtpFile@CNsDownload@@QAEHPB_W0HP6GXH0_J1N@Z00@Z
?GetHttpFile@CNsDownload@@QAEHPB_W0HP6GXH0_J1N@Z@Z
?GetImgSize@CNsImage@@QAE_NHAAH0@Z
?GetImgSize@CNsImage@@QAE_NPB_WAAH1@Z
?GetInfoLen@CNsNet@@QAEHXZ
?GetLogFileName@CNsLog@@AAEXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?GetMovieIndex@CNsImage@@QAEHH@Z
?GetNodeAttr@CNsXml@@QAEHPB_W0PA_W@Z
?GetOsName@@YAHPA_W@Z
?GetPathUseSpace@@YA_KPB_W@Z
?GetProcByName@CNsProcess@@QAE_NPB_WPAUtagPROCESSENTRY32W@@@Z
?GetProcList@CNsProcess@@QAE_NAAV?$vector@UtagPROCESSENTRY32W@@V?$allocator@UtagPROCESSENTRY32W@@@std@@@std@@@Z
?GetProgramFilePath@@YAHPA_W@Z
?GetProgramsPath@@YAHPA_W@Z
?GetQuickLaunchPath@@YAHPA_WH@Z
?GetRegInfo@@YAHPAUHKEY__@@PA_W1H1@Z
?GetRegInfo@CNsReg@@QAEHPAUHKEY__@@PA_W1H1@Z
?GetRes@CNsSkin@@QAE_NPB_WPAUIStream@@@Z
?GetResType@CNsSkin@@QAEHXZ
?GetSetupInfo@CNsInstaller@@QAE_NAAUtagSetupInfo@@@Z
?GetSoftVer@@YAHPB_WPA_W@Z
?GetStartMenuPath@@YAHPA_W@Z
?GetThemesPath@CNsSkin@@QAEXPA_W@Z
?GetUrlInfo@@YAHPB_WPADH@Z
?GetUrlInfo@CNsNet@@QAEHPB_WPADH@Z
?GetXmlNode@CNsXml@@QAEHPA_WAAH@Z
?GetXmlNodeCount@@YAHPB_W@Z
?GetXmlNodeCount@CNsXml@@QAEHPB_W@Z
?GetXmlNodeValue2@@YAHPB_WPA_WH@Z
?GetXmlNodeValue3@@YAHPB_WPA_WPAH@Z
?GetXmlNodeValue@@YAHPB_WPA_W@Z
?GetXmlNodeValue@CNsXml@@QAEHPB_WPA_W@Z
?GetXmlNodeValue@CNsXml@@QAEHPB_WPA_WH@Z
?GetXmlNodeValue@CNsXml@@QAEHPB_WPA_WPAH@Z
?HideProcess@CNsProcess@@QAEXH@Z
?ImportCACert@@YAHPAXH@Z
?ImportCertFile@@YAHPB_W@Z
?ImportReg@CNsInstaller@@QAEXXZ
?InitPath@CNsInstaller@@AAEXAAUtagSetupInfo@@@Z
?InitZlib@CNsZlib@@QAEJXZ
?Inject@CNsProcess@@QAE_NKPAXK0K@Z
?Install@CnsDump@@QAEXPB_W0@Z
?InstallComponent@CNsInstaller@@AAEXXZ
?InstallDump@@YAXPB_W0@Z
?InstallFunc@CNsInstaller@@AAE_NXZ
?InstallThread@CNsInstaller@@CGIPAX@Z
?Instance@CNsDownload@@SAAAV1@XZ
?Instance@CNsLog@@SAAAV1@XZ
?Instance@CNsNet@@SAAAV1@XZ
?Instance@CNsProcess@@SAAAV1@XZ
?Instance@CNsReg@@SAAAV1@XZ
?Instance@CNsUpdate@@SAAAV1@XZ
?Instance@CNsXml@@SAAAV1@XZ
?Instance@CNsZlib@@SAAAV1@XZ
?IntToStrSize@@YAX_JPA_W@Z
?IsLockRead@CLock@@QAE_NXZ
?IsLockWrite@CLock@@QAE_NXZ
?KillProcess@CNsProcess@@QAEXK@Z
?KillProcess@CNsProcess@@QAEXPB_W@Z
?KillTimer@CNsThread@@QAEXH@Z
?LnkToRealPath@@YAJPB_WPA_W@Z
?LoadDrv@@YAHPB_W0@Z
?LoadPngFromRes@CNsImage@@AAEPAVImage@Gdiplus@@HPB_W@Z
?LoadProxyConfig@CNsDownload@@QAEXXZ
?LoadProxyConfig@CNsNet@@QAEXXZ
?LoadSkin@CNsSkin@@QAE_NPB_W@Z
?Lock@CLock@@QAEXXZ
?LockRead@CLock@@QAEXXZ
?MD5Go@@YAHPAD0@Z
?MakeSkin@CNsSkin@@QAE_NPB_W0@Z
?MonitorReg@CNsReg@@QAEHPAUHKEY__@@PA_WHP6GXPAX@Z2@Z
?MonitorThread@CNsReg@@SGKPAX@Z
?MovePos@CNsInstaller@@AAEXPAUtagPacketInfo@@PAU_iobuf@@@Z
?MovieThread@CNsImage@@CGIPAX@Z
?MsgLoop@CNsApp@@QAEHXZ
?NsEncode@@YAXQBDPADHH@Z
?NsEncodeFile@@YAHPB_W0@Z
?NsGetStrWidth@@YAHPB_WPAUHWND__@@PAUHFONT__@@@Z
?NsReadFile@@YAHPB_WPAXAAK@Z
?NsResGetBuff@@YAHHPB_WPAX@Z
?NsResGetStream@@YAPAUIStream@@HPB_W@Z
?NsResSave@@YAHHPB_W0@Z
?NsResSize@@YAHHPB_W@Z
?NsResUpdate2@@YAHPB_WH0PAXH@Z
?NsResUpdate@@YAHPB_WH00@Z
?NsWriteFile@@YAHPB_WPAXK@Z
?OpenUrl@@YAXPB_WH@Z
?Parse@@YAHPB_W@Z
?Parse@CNsXml@@QAEHPB_W@Z
?ParseParams@CNsInstaller@@QAEXPB_W@Z
?PauseMP3@@YAXPB_W@Z
?PlayMP3@@YAXPB_WH@Z
?PlayWav@@YAHPB_WH@Z
?Post@CNsNet@@QAEHPB_WPAXHPADH@Z
?ReadShareMem2@@YAHPB_WPAXHH@Z
?ReadShareMem@@YAHPB_WPA_W@Z
?RefreshIconCache@@YAXXZ
?RegFileRelation@@YAXPB_W0000@Z
?RegProtocol@@YAXPB_W0@Z
?ReplaceExeIco@@YAHPB_W0H@Z
?ReplaceSysPath@CNsInstaller@@AAEXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?ResumeMP3@@YAXPB_W@Z
?RevertFsRedirection@@YAXPAPAX@Z
?SavePic@CNsImage@@QAE_NPAUHDC__@@UtagRECT@@PB_W2@Z
?SavePic@CNsImage@@QAE_NPAUHWND__@@PB_W1@Z
?SavePic@CNsImage@@QAE_NPB_W00@Z
?SaveScreen@CNsImage@@QAE_NPB_W0@Z
?SaveUpdateCfg@CNsUpdate@@AAEXXZ
?SetAppName@CNsApp@@QAEXPB_W@Z
?SetAutoRun@@YAHPB_WH0@Z
?SetAutoRun@CNsReg@@QAEHPB_WH0@Z
?SetClipboard@@YAHPB_W@Z
?SetDefaultFont@CNsFont@@QAEXHPB_WH@Z
?SetDelay@CNsUpdate@@QAEXH@Z
?SetIcon@@YAHPAUHWND__@@PAUHICON__@@@Z
?SetInst@CNsImage@@QAEXPAUHINSTANCE__@@@Z
?SetMemName@CNsLog@@QAEXPB_WH@Z
?SetPath@CNsUpdate@@QAEXPB_W@Z
?SetPrivilege@@YAHPB_WH@Z
?SetRegInfo@@YAHPAUHKEY__@@PA_W1HPB_W@Z
?SetRegInfo@CNsReg@@QAEHPAUHKEY__@@PA_W1HPB_W@Z
?SetResType@CNsSkin@@QAEXH@Z
?SetRetry@CNsDownload@@QAEXHH@Z
?SetShortcutIcon@@YAHPB_W0@Z
?SetSkinName@CNsSkin@@QAEXPB_W@Z
?SetThemesName@CNsSkin@@QAEXPB_W@Z
?SetTip@@YAHPAUHWND__@@PB_W@Z
?ShowBalloon@@YAHPAUHWND__@@PB_W1H@Z
?ShowLicense@CNsInstaller@@QAEXXZ
?ShowOpenFileDlg@@YAHPA_WHPAUHWND__@@PB_W2H@Z
?ShowSaveFileDlg@@YAHPA_WPAUHWND__@@PB_W2@Z
?ShowSelDir@@YAHPA_WPAUHWND__@@@Z
?ShowTray@@YAHPAUHWND__@@PAUHICON__@@PB_WI@Z
?StartDownload@CNsDownload@@QAEXPB_W0P6GXH0_J1N@ZH@Z
?StartInstall@CNsInstaller@@QAEXPB_WPAUHWND__@@H1@Z
?StartMonitor@@YAXPAUHKEY__@@PB_WHP6GXPAX@Z2@Z
?StartMonitor@CNsReg@@QAEXPAUHKEY__@@PB_WHP6GXPAX@Z2@Z
?StartMovie@CNsImage@@QAEXH@Z
?StartThread@CNsThread@@QAEPAXP6GIPAX@Z0H@Z
?StartTimer@CNsThread@@QAEXHP6GXPAX@ZH0@Z
?StartUpdate@CNsUpdate@@QAEXPB_WP6GXHHH@ZP6GXH0_J2N@Z@Z
?Stop@CNsInstaller@@QAEXXZ
?Stop@CNsNet@@QAEXXZ
?Stop@CNsThread@@QAEXXZ
?StopMP3@@YAXPB_W@Z
?StopMonitor@@YAXXZ
?StopMonitor@CNsReg@@QAEXXZ
?StopMovie@CNsImage@@QAEXH@Z
?StopTask@CNsDownload@@QAEXPB_WH@Z
?StopUpdate@CNsUpdate@@QAEXXZ
?StrToIntSize@@YA_JPB_W@Z
?TimerThread@CNsThread@@CGIPAX@Z
?ToAsc@@YAXPADH@Z
?ToHex@@YAXPADH@Z
?URLEncode@@YAHPA_W@Z
?UnLoadDrv@@YAHPB_W@Z
?UninitZlib@CNsZlib@@QAEXXZ
?Unlock@CLock@@QAEXXZ
?UnlockRead@CLock@@QAEXXZ
?UpdateNotify@CNsInstaller@@CGXHHH@Z
?UpdateThread@CNsUpdate@@CGIPAX@Z
?VerifyFile@CNsUpdate@@QAEHPB_W0H@Z
?VerifySignature@@YAHPB_W@Z
?WaitInstall@CNsInstaller@@AAEXXZ
?WaitUpdate@CNsInstaller@@QAEXXZ
?WriteLog2@CNsLog@@QAAXPB_WZZ
?WriteLog3@CNsLog@@QAAXPB_WZZ
?WriteLog@@YAXPB_W@Z
?WriteLog@CNsLog@@QAEXPB_W@Z
?WriteReg@CNsInstaller@@QAEHPAUtagSetupInfo@@@Z
?WriteShareMem2@@YAHPB_WPAXHH@Z
?WriteShareMem@@YAHPB_W0H@Z
?WriteSkin@CNsSkin@@AAEXPAU_iobuf@@AAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?Zoom@CNsImage@@QAE_NPB_WMHH00@Z
?_ins@?1??Instance@CNsZlib@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsDownload@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsLog@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsNet@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsProcess@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsReg@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsUpdate@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsXml@@SAAAV2@XZ@4V2@A
?gb2big@@YAXPADH@Z
?isCancel@CNsUpdate@@QAEHXZ
?isConnected@@YAHPB_W@Z
?isConnected@CNsNet@@QAEHPB_W@Z
?isDigital@@YAHPBD@Z
?isDir@@YAHPB_W@Z
?isEnableUAC@@YAHXZ
?isEnglish@@YAHXZ
?isError@CNsUpdate@@QAEHXZ
?isExistsMovie@CNsImage@@AAE_NH@Z
?isExistsShareMem@@YAHPB_W@Z
?isGzip@CNsDownload@@AAEHPAX@Z
?isGzip@CNsNet@@QAEHPAX@Z
?isHZ@@YAHPBD@Z
?isLicense@CNsInstaller@@QAE_NXZ
?isLog@CNsLog@@AAE_NXZ
?isNotebook@@YAHXZ
?isRestart@CNsUpdate@@QAEHXZ
?isSimplified@@YAHXZ
?isStop@CNsDownload@@QAEHPB_W@Z
?isStop@CNsImage@@QAE_NH@Z
?isSupportYaHei@CNsFont@@QAEHXZ
?isTraditional@@YAHXZ
?isWin7@@YAHXZ
?isWin8@@YAHXZ
?isWow64@@YAHXZ
?m_bUpdated@CNsInstaller@@0_NA
Sections
.text Size: 274KB - Virtual size: 274KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 60KB - Virtual size: 60KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 289KB - Virtual size: 288KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 17KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ