10ccdeae4685406c4bc2d7ca5e4ffe83_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

10ccdeae4685406c4bc2d7ca5e4ffe83_JaffaCakes118
Size

14.3MB
MD5

10ccdeae4685406c4bc2d7ca5e4ffe83
SHA1

13575a1de0674fd44e12a249ac63af4ca83b5f25
SHA256

af8aa3eee97d6bf909c7448459cfb69ca2a47b617a563a3959d5c8152819b363
SHA512

e6713c4798e84af631caec993083874ede9e0551d4d1c74018a3feca376ff2ff1f565b4e3318653cb8c0d3b4426485655036fd843535242b95bfe079980b6852
SSDEEP

393216:onWWA+w181E2XT+KP5Tka71NyNfSkW+44z4DFaM+5taPvV21:onvAdGEUNb1NyFSe449M+56vV21

Score

3^/10

Malware Config

Signatures

Unsigned PE 9 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ZuMa_chs_setup/7z.dll
unpack001/ZuMa_chs_setup/7z.exe
unpack002/RegSet.exe
unpack002/bass.dll
unpack002/zuma.exe
unpack002/中文功略.exe
unpack002/开始游戏.exe
unpack002/无限生命修改器.exe
unpack001/ZuMa_chs_setup/ZuMa_chs/7z.dll

Files

10ccdeae4685406c4bc2d7ca5e4ffe83_JaffaCakes118
.rar
ZuMa_chs_setup/7z.dll
.dll windows:4 windows x64 arch:x64

09c182b10b88cd78aa1b9a1fdb0142e4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

oleaut32

SysStringLen
VariantClear
VariantCopy
SysAllocString
SysAllocStringByteLen
SysFreeString
SysAllocStringLen

user32

CharUpperW
CharPrevExA

advapi32

SystemFunction036

msvcrt

strcpy
memset
realloc
free
malloc
__CxxFrameHandler
strlen
strcat
strstr
_CxxThrowException
wcscmp
strcmp
memmove
memcpy
memcmp
_purecall
strchr
__C_specific_handler
_beginthreadex
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
__dllonexit
_onexit
_initterm

kernel32

InitializeCriticalSection
ReleaseSemaphore
CreateSemaphoreW
ResetEvent
Sleep
CreateEventW
WaitForSingleObject
VirtualFree
VirtualAlloc
SetEvent
QueryPerformanceCounter
FileTimeToLocalFileTime
DeleteCriticalSection
LocalFileTimeToFileTime
WaitForMultipleObjects
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
FileTimeToDosDateTime
DosDateTimeToFileTime
GlobalMemoryStatusEx
GetSystemInfo
GetCurrentProcess
GetProcessAffinityMask
CompareFileTime
WriteFile
ReadFile
GetFileAttributesW
GetModuleHandleA
FindFirstFileW
GetLastError
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
CreateFileW
SetFileAttributesW
GetProcAddress
GetModuleHandleW
CreateDirectoryW
DeleteFileW
GetTempPathW
SetLastError
GetCurrentProcessId
GetTickCount
GetCurrentThreadId
FindClose

Exports

Exports

CreateDecoder
CreateEncoder
CreateObject
GetHandlerProperty
GetHandlerProperty2
GetHashers
GetIsArc
GetMethodProperty
GetNumberOfFormats
GetNumberOfMethods
SetCaseSensitive
SetCodecs
SetLargePageMode

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ZuMa_chs_setup/7z.exe
.exe windows:4 windows x64 arch:x64

0d7aba9c754411a90f57bf8f06b09ccc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

oleaut32

SysStringLen
VariantClear
VariantCopy
SysAllocString
SysStringByteLen
SysFreeString
SysAllocStringLen

user32

CharUpperW

advapi32

OpenProcessToken
GetFileSecurityW
SetFileSecurityW
RegOpenKeyExW
RegQueryValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegCloseKey

msvcrt

_exit
_c_exit
_XcptFilter
_onexit
__dllonexit
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
__C_specific_handler
_beginthreadex
_isatty
memcmp
_purecall
strlen
memset
wcsstr
_cexit
wcscmp
strcmp
memmove
fflush
fputc
fputs
_iob
fgetc
fclose
free
_CxxThrowException
malloc
__CxxFrameHandler
memcpy
__initenv
exit
__getmainargs
_initterm
__setusermatherr
_commode
_fmode
__set_app_type

kernel32

VirtualAlloc
VirtualFree
WaitForSingleObject
SetEvent
InitializeCriticalSection
FormatMessageW
GetConsoleMode
SetConsoleMode
SetFileApisToOEM
GetCommandLineW
GetConsoleScreenBufferInfo
SetConsoleCtrlHandler
IsProcessorFeaturePresent
GetProcessTimes
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
SetProcessAffinityMask
OpenEventW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
GetStdHandle
GetSystemTimeAsFileTime
FileTimeToDosDateTime
GlobalMemoryStatusEx
GetSystemInfo
GetProcessAffinityMask
FileTimeToLocalFileTime
FileTimeToSystemTime
CompareFileTime
GetCurrentProcess
GetDiskFreeSpaceW
GetFileInformationByHandle
SetEndOfFile
WriteFile
ReadFile
SetFilePointer
GetFileSize
DeviceIoControl
GetLogicalDriveStringsW
GetFileAttributesW
GetModuleHandleA
GetLastError
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
LoadLibraryExW
LoadLibraryW
GetModuleFileNameW
LocalFree
CloseHandle
SetFileTime
CreateFileW
SetFileAttributesW
RemoveDirectoryW
MoveFileW
GetProcAddress
GetModuleHandleW
CreateDirectoryW
DeleteFileW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetTempPathW
SetLastError
GetCurrentProcessId
GetTickCount
GetCurrentThreadId
FindClose
FindFirstFileW
FindNextFileW

Sections

.text
Size: 307KB - Virtual size: 306KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ZuMa_chs_setup/ZuMa_chs/#YouXun#
.7z
RegSet.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ZuMa_chs.ico
bass.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

BASS_Apply3D
BASS_CDDoor
BASS_CDFree
BASS_CDGetID
BASS_CDGetTrackLength
BASS_CDGetTracks
BASS_CDInDrive
BASS_CDInit
BASS_CDPlay
BASS_ChannelBytes2Seconds
BASS_ChannelGet3DAttributes
BASS_ChannelGet3DPosition
BASS_ChannelGetAttributes
BASS_ChannelGetData
BASS_ChannelGetEAXMix
BASS_ChannelGetFlags
BASS_ChannelGetLevel
BASS_ChannelGetPosition
BASS_ChannelIsActive
BASS_ChannelIsSliding
BASS_ChannelPause
BASS_ChannelRemoveDSP
BASS_ChannelRemoveFX
BASS_ChannelRemoveLink
BASS_ChannelRemoveSync
BASS_ChannelResume
BASS_ChannelSeconds2Bytes
BASS_ChannelSet3DAttributes
BASS_ChannelSet3DPosition
BASS_ChannelSetAttributes
BASS_ChannelSetDSP
BASS_ChannelSetEAXMix
BASS_ChannelSetFX
BASS_ChannelSetLink
BASS_ChannelSetPosition
BASS_ChannelSetSync
BASS_ChannelSlideAttributes
BASS_ChannelStop
BASS_ErrorGetCode
BASS_FXGetParameters
BASS_FXSetParameters
BASS_Free
BASS_Get3DFactors
BASS_Get3DPosition
BASS_GetCPU
BASS_GetDSoundObject
BASS_GetDeviceDescription
BASS_GetEAXParameters
BASS_GetGlobalVolumes
BASS_GetInfo
BASS_GetVersion
BASS_GetVolume
BASS_Init
BASS_MusicFree
BASS_MusicGetChannelVol
BASS_MusicGetLength
BASS_MusicGetName
BASS_MusicLoad
BASS_MusicPlay
BASS_MusicPlayEx
BASS_MusicPreBuf
BASS_MusicSetAmplify
BASS_MusicSetChannelVol
BASS_MusicSetPanSep
BASS_MusicSetPositionScaler
BASS_Pause
BASS_RecordFree
BASS_RecordGetDeviceDescription
BASS_RecordGetInfo
BASS_RecordGetInput
BASS_RecordGetInputName
BASS_RecordInit
BASS_RecordSetInput
BASS_RecordStart
BASS_SampleCreate
BASS_SampleCreateDone
BASS_SampleFree
BASS_SampleGetInfo
BASS_SampleLoad
BASS_SamplePlay
BASS_SamplePlay3D
BASS_SamplePlay3DEx
BASS_SamplePlayEx
BASS_SampleSetInfo
BASS_SampleStop
BASS_Set3DAlgorithm
BASS_Set3DFactors
BASS_Set3DPosition
BASS_SetBufferLength
BASS_SetCLSID
BASS_SetEAXParameters
BASS_SetGlobalVolumes
BASS_SetLogCurves
BASS_SetNetConfig
BASS_SetVolume
BASS_Start
BASS_Stop
BASS_StreamCreate
BASS_StreamCreateFile
BASS_StreamCreateURL
BASS_StreamFree
BASS_StreamGetFilePosition
BASS_StreamGetLength
BASS_StreamGetTags
BASS_StreamPlay
BASS_StreamPreBuf
BASS_Update
_

Sections

Size: 95KB - Virtual size: 336KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
fonts/_arial12bold.gif
.gif
fonts/_cancun10.gif
.gif
fonts/_cancun12.gif
.gif
fonts/_cancun13.gif
.gif
fonts/_cancun8.gif
.gif
fonts/_cancunfat8.gif
.gif
fonts/_cancunfloat14.gif
.gif
fonts/_cancunoutline10.gif
.gif
fonts/_nativealien48.gif
.gif
fonts/_nativealienextended16.gif
.gif
fonts/_nativealienextended18.gif
.gif
fonts/arial12bold.txt
fonts/cancun10.txt
fonts/cancun12.txt
fonts/cancun13.txt
fonts/cancun8.txt
fonts/cancunfloat14.gif
.gif
fonts/cancunfloat14.txt
fonts/nativealien48.gif
.gif
fonts/nativealien48.txt
fonts/nativealienextended16.gif
.gif
fonts/nativealienextended16.txt
fonts/nativealienextended18.gif
.gif
fonts/nativealienextended18.txt
gameyxdown.dat
images/_advback.gif
.gif
images/_advdoor1a.gif
.gif
images/_advdoor1b.gif
.gif
images/_advdoor1c.gif
.gif
images/_advdoor2a.gif
.gif
images/_advdoor2b.gif
.gif
images/_advdoor2c.gif
.gif
images/_advdoor3a.gif
.gif
images/_advdoor3b.gif
.gif
images/_advdoor3c.gif
.gif
images/_advdoor4a.gif
.gif
images/_advdoor4b.gif
.gif
images/_advdoor4c.gif
.gif
images/_advhighscore.gif
.gif
images/_advmainmenubutton.gif
.gif
images/_advmiddle.gif
.gif
images/_advplaybutton.gif
.gif
images/_advtemple1.gif
.gif
images/_advtemple2.gif
.gif
images/_advtemple2v.gif
.gif
images/_advtemple3.gif
.gif
images/_advtemple3v.gif
.gif
images/_advtemple4.gif
.gif
images/_advtitle.gif
.gif
images/_baaccuracylight.gif
.gif
images/_babackwardslight.gif
.gif
images/_babomb.gif
.gif
images/_balight.gif
.gif
images/_ballalpha.gif
.gif
images/_ballshadow.gif
.gif
images/_baslowlight.gif
.gif
images/_checkboxcap.gif
.gif
images/_checkboxsliver.gif
.gif
images/_checkbutton.gif
.gif
images/_coin.gif
.gif
images/_dialogbox.gif
.gif
images/_dialogbutton.gif
.gif
images/_gauge.gif
.gif
images/_gauntbackbutton.gif
.gif
images/_gauntdoor1.gif
.gif
images/_gauntdoor2.gif
.gif
images/_gauntdoor3.gif
.gif
images/_gauntdoor4.gif
.gif
images/_gaunteaglegem.gif
.gif
images/_gaunthighscore.gif
.gif
images/_gauntjaguargem.gif
.gif
images/_gauntmainmenubutton.gif
.gif
images/_gauntnextbutton.gif
.gif
images/_gauntpracticebutton.gif
.gif
images/_gauntscreen.gif
.gif
images/_gauntsungem.gif
.gif
images/_gauntsurvivalbutton.gif
.gif
images/_gaunttitle.gif
.gif
images/_godhead.gif
.gif
images/_grayplosion.gif
.gif
images/_hatchback.gif
.gif
images/_helpfront.gif
.gif
images/_hole.gif
.gif
images/_loaderbar.gif
.gif
images/_menubar.gif
.gif
images/_menubutton.gif
.gif
images/_mmarcadebutton.gif
.gif
images/_mmeyeleft.gif
.gif
images/_mmeyemask.gif
.gif
images/_mmeyeright.gif
.gif
images/_mmgauntletbutton.gif
.gif
images/_mmhat.gif
.gif
images/_mmmoregamesbutton.gif
.gif
images/_mmoptionsbutton.gif
.gif
images/_mmquitbutton.gif
.gif
images/_mmscreen.gif
.gif
images/_mmsun.gif
.gif
images/_mmsunglow.jpg
.jpg
images/_mmufo.gif
.gif
images/_moregamesscreen.gif
.gif
images/_pitcover.gif
.gif
images/_sliderthumb.gif
.gif
images/_slidertrack.gif
.gif
images/_smallfrogonpad.gif
.gif
images/_toadlives.gif
.gif
images/_tongue.gif
.gif
images/advback.jpg
.jpg
images/advdoor1a.jpg
.jpg
images/advdoor1b.jpg
.jpg
images/advdoor1c.jpg
.jpg
images/advdoor2a.jpg
.jpg
images/advdoor2b.jpg
.jpg
images/advdoor2c.jpg
.jpg
images/advdoor3a.jpg
.jpg
images/advdoor3b.jpg
.jpg
images/advdoor3c.jpg
.jpg
images/advdoor4a.jpg
.jpg
images/advdoor4b.jpg
.jpg
images/advdoor4c.jpg
.jpg
images/advhighscore.gif
.gif
images/advmainmenubutton.jpg
.jpg
images/advmiddle.jpg
.jpg
images/advplaybutton.jpg
.jpg
images/advsky.jpg
.jpg
images/advstage.gif
.gif
images/advtemple1.jpg
.jpg
images/advtemple2.jpg
.jpg
images/advtemple2v.jpg
.jpg
images/advtemple3.jpg
.jpg
images/advtemple3v.jpg
.jpg
images/advtemple4.jpg
.jpg
images/advtitle.jpg
.jpg
images/baaccuracyblue.gif
.gif
images/baaccuracygreen.gif
.gif
images/baaccuracypurple.gif
.gif
images/baaccuracyred.gif
.gif
images/baaccuracywhite.gif
.gif
images/baaccuracyyellow.gif
.gif
images/babackwardsblue.gif
.gif
images/babackwardsgreen.gif
.gif
images/babackwardspurple.gif
.gif
images/babackwardsred.gif
.gif
images/babackwardswhite.gif
.gif
images/babackwardsyellow.gif
.gif
images/baballblue.gif
.gif
images/baballgreen.gif
.gif
images/baballpurple.gif
.gif
images/baballred.gif
.gif
images/baballwhite.gif
.gif
images/baballyellow.gif
.gif
images/babombblue.gif
.gif
images/babombgreen.gif
.gif
images/babombpurple.gif
.gif
images/babombred.gif
.gif
images/babombwhite.gif
.gif
images/babombyellow.gif
.gif
images/badotz.gif
.gif
images/balightblue.gif
.gif
images/balightgreen.gif
.gif
images/balightpurple.gif
.gif
images/balightred.gif
.gif
images/balightwhite.gif
.gif
images/balightyellow.gif
.gif
images/baslowblue.gif
.gif
images/baslowgreen.gif
.gif
images/baslowpurple.gif
.gif
images/baslowred.gif
.gif
images/baslowwhite.gif
.gif
images/baslowyellow.gif
.gif
images/checkboxcap.gif
.gif
images/checkboxsliver.gif
.gif
images/checkbutton.gif
.gif
images/coin.gif
.gif
images/cursor_dragging.gif
.gif
images/cursor_dragging_.gif
.gif
images/cursor_hand.gif
.gif
images/cursor_hand_.gif
.gif
images/cursor_pointer.gif
.gif
images/cursor_pointer_.gif
.gif
images/cursor_text.gif
.gif
images/dialogbox.jpg
.jpg
images/dialogbutton.jpg
.jpg
images/explosion.gif
.gif
images/eyeblink.gif
.gif
images/gauge.gif
.gif
images/gaugegreen.gif
.gif
images/gauntbackbutton.jpg
.jpg
images/gauntdoor1.jpg
.jpg
images/gauntdoor2.jpg
.jpg
images/gauntdoor3.jpg
.jpg
images/gauntdoor4.jpg
.jpg
images/gaunteaglegem.gif
.gif
images/gaunthighscore.gif
.gif
images/gauntjaguargem.gif
.gif
images/gauntmainmenubutton.jpg
.jpg
images/gauntnextbutton.jpg
.jpg
images/gauntplaybutton.jpg
.jpg
images/gauntpracticebutton.jpg
.jpg
images/gauntscreen.jpg
.jpg
images/gauntsky.jpg
.jpg
images/gauntsungem.gif
.gif
images/gauntsurvivalbutton.jpg
.jpg
images/gaunttitle.gif
.gif
images/godhead.gif
.gif
images/grayplosion.gif
.gif
images/happyending.jpg
.jpg
images/helpback.jpg
.jpg
images/helpfront.jpg
.jpg
images/hole.gif
.gif
images/loaderbar.gif
.gif
images/loadingscreen.jpg
.jpg
images/menubar.jpg
.jpg
images/menubutton.jpg
.jpg
images/mmarcadebutton.jpg
.jpg
images/mmeyeleft.gif
.gif
images/mmeyeright.gif
.gif
images/mmgauntletbutton.jpg
.jpg
images/mmhat.jpg
.jpg
images/mmmoregamesbutton.jpg
.jpg
images/mmoptionsbutton.jpg
.jpg
images/mmquitbutton.jpg
.jpg
images/mmscreen.jpg
.jpg
images/mmsky.jpg
.jpg
images/mmsun.gif
.gif
images/mmufo.jpg
.jpg
images/moregamesbutton.gif
.gif
images/moregamesscreen.jpg
.jpg
images/nebula1.jpg
.jpg
images/pitcover.gif
.gif
images/sliderthumb.gif
.gif
images/slidertrack.gif
.gif
images/smallfrogonpad.gif
.gif
images/sparkle.gif
.gif
images/toadlives.gif
.gif
images/tongue.gif
.gif
images/tut_mouse_r.jpg
.jpg
images/tut_mouse_r_.jpg
.jpg
images/waitbar.gif
.gif
levels/Blackswirley/blackswirley-1.dat
levels/Blackswirley/blackswirley-2.dat
levels/Blackswirley/blackswirley.jpg
.jpg
levels/cached_thumbnails/blackswirley.png
.png
levels/cached_thumbnails/claw.png
.png
levels/cached_thumbnails/riverbed.png
.png
levels/cached_thumbnails/spiral.png
.png
levels/cached_thumbnails/targetglyph.png
.png
levels/cached_thumbnails/tiltspiral.png
.png
levels/cached_thumbnails/underover.png
.png
levels/cached_thumbnails/warshak.png
.png
levels/claw/claw.dat
levels/claw/claw.jpg
.jpg
levels/coaster/_tunnel01.gif
.gif
levels/coaster/_tunnel02.gif
.gif
levels/coaster/coaster.dat
levels/coaster/coaster.jpg
.jpg
levels/groovefest/_groovefest01.gif
.gif
levels/groovefest/_groovefest02.gif
.gif
levels/groovefest/_groovefest03.gif
.gif
levels/groovefest/groovefest.dat
levels/groovefest/groovefest.jpg
.jpg
levels/inversespiral/_tunnel.gif
.gif
levels/inversespiral/inversespiral.dat
levels/inversespiral/inversespiral.jpg
.jpg
levels/levels.xml
.xml
levels/longrange/longrange.dat
levels/longrange/longrange.jpg
.jpg
levels/loopy/_tunnel.gif
.gif
levels/loopy/loopy.dat
levels/loopy/loopy.jpg
.jpg
levels/overunder/_tunnel01.gif
.gif
levels/overunder/_tunnel02.gif
.gif
levels/overunder/overunder.dat
levels/overunder/overunder.jpg
.jpg
levels/perm_thumbnails/blackswirley.jpg
.jpg
levels/perm_thumbnails/claw.jpg
.jpg
levels/perm_thumbnails/coaster.jpg
.jpg
levels/perm_thumbnails/groovefest.jpg
.jpg
levels/perm_thumbnails/inversespiral.jpg
.jpg
levels/perm_thumbnails/longrange.jpg
.jpg
levels/perm_thumbnails/loopy.jpg
.jpg
levels/perm_thumbnails/overunder.jpg
.jpg
levels/perm_thumbnails/riverbed.jpg
.jpg
levels/perm_thumbnails/serpents.jpg
.jpg
levels/perm_thumbnails/snakepit.jpg
.jpg
levels/perm_thumbnails/spaceinvaders.jpg
.jpg
levels/perm_thumbnails/spiral.jpg
.jpg
levels/perm_thumbnails/squaresville.jpg
.jpg
levels/perm_thumbnails/targetglyph.jpg
.jpg
levels/perm_thumbnails/tiltspiral.jpg
.jpg
levels/perm_thumbnails/triangle.jpg
.jpg
levels/perm_thumbnails/tunnellevel.jpg
.jpg
levels/perm_thumbnails/turnaround.jpg
.jpg
levels/perm_thumbnails/underover.jpg
.jpg
levels/perm_thumbnails/warshak.jpg
.jpg
levels/riverbed/_riverbed01.gif
.gif
levels/riverbed/_riverbed02.gif
.gif
levels/riverbed/_riverbed03.gif
.gif
levels/riverbed/_riverbed04.gif
.gif
levels/riverbed/_riverbed05.gif
.gif
levels/riverbed/riverbed.dat
levels/riverbed/riverbed.jpg
.jpg
levels/serpents/_quake01.gif
.gif
levels/serpents/_quake02.gif
.gif
levels/serpents/_quake03.gif
.gif
levels/serpents/_quake04.gif
.gif
levels/serpents/_serpentsb.gif
.gif
levels/serpents/_serpentsm.gif
.gif
levels/serpents/_serpentst.gif
.gif
levels/serpents/serpents-1.dat
levels/serpents/serpents-2.dat
levels/serpents/serpents.jpg
.jpg
levels/snakepit/snakepit-1.dat
levels/snakepit/snakepit-2.dat
levels/snakepit/snakepit.jpg
.jpg
levels/space/space.dat
levels/spaceinvaders/_tunnel.gif
.gif
levels/spaceinvaders/spaceinvaders.dat
levels/spaceinvaders/spaceinvaders.jpg
.jpg
levels/spiral/spiral.dat
levels/spiral/spiral.jpg
.jpg
levels/squaresville/squaresville.dat
levels/squaresville/squaresville.jpg
.jpg
levels/targetglyph/targetglyph.dat
levels/targetglyph/targetglyph.jpg
.jpg
levels/tiltspiral/tiltspiral.dat
levels/tiltspiral/tiltspiral.jpg
.jpg
levels/triangle/triangle.dat
levels/triangle/triangle.jpg
.jpg
levels/tunnellevel/_tunnel1.gif
.gif
levels/tunnellevel/_tunnel2.gif
.gif
levels/tunnellevel/tunnellevel.dat
levels/tunnellevel/tunnellevel.jpg
.jpg
levels/turnaround/turnaround.dat
levels/turnaround/turnaround.jpg
.jpg
levels/underover/_left.gif
.gif
levels/underover/_right.gif
.gif
levels/underover/underover.dat
levels/underover/underover.jpg
.jpg
levels/warshak/warshak.dat
levels/warshak/warshak.jpg
.jpg
music/zuma.mo3
properties/partner.xml
properties/partner.xml.sig
properties/resources.xml
.xml
regfix.reg
sounds/accuracy3.ogg
sounds/ballclick1.ogg
sounds/ballclick2.ogg
sounds/ballsdestroyed1.ogg
sounds/ballsdestroyed2.ogg
sounds/ballsdestroyed3.ogg
sounds/ballsdestroyed4.ogg
sounds/ballsdestroyed5.ogg
sounds/bombexplode.ogg
sounds/button1.ogg
sounds/button2.ogg
sounds/cached_accuracy3.wav
sounds/cached_ballclick1.wav
sounds/cached_ballclick2.wav
sounds/cached_ballsdestroyed1.wav
sounds/cached_ballsdestroyed2.wav
sounds/cached_ballsdestroyed3.wav
sounds/cached_ballsdestroyed4.wav
sounds/cached_ballsdestroyed5.wav
sounds/cached_bombexplode.wav
sounds/cached_button1.wav
sounds/cached_button2.wav
sounds/cached_chain1.wav
sounds/cached_chant1.wav
sounds/cached_chant14.wav
sounds/cached_chant2.wav
sounds/cached_chant3.wav
sounds/cached_chant4.wav
sounds/cached_chant5.wav
sounds/cached_chant6.wav
sounds/cached_chant8.wav
sounds/cached_chime1.wav
sounds/cached_choral1.wav
sounds/cached_coingrab.wav
sounds/cached_earthquake.wav
sounds/cached_endoflevelpop1.wav
sounds/cached_extralife.wav
sounds/cached_fireball1.wav
sounds/cached_frogland2.wav
sounds/cached_gapbonus1.wav
sounds/cached_gemvanishes.wav
sounds/cached_jewelappear.wav
sounds/cached_lighttrail2.wav
sounds/cached_pop.wav
sounds/cached_reverse1.wav
sounds/cached_rolling.wav
sounds/cached_slowdown1.wav
sounds/cached_ufo1.wav
sounds/cached_warning1.wav
sounds/chain1.ogg
sounds/chant1.ogg
sounds/chant14.ogg
sounds/chant2.ogg
sounds/chant3.ogg
sounds/chant4.ogg
sounds/chant5.ogg
sounds/chant6.ogg
sounds/chant8.ogg
sounds/chime1.ogg
sounds/choral1.ogg
sounds/coingrab.ogg
sounds/earthquake.ogg
sounds/endoflevelpop1.ogg
sounds/extralife.ogg
sounds/fireball1.ogg
sounds/frogland2.ogg
sounds/gapbonus1.ogg
sounds/gemvanishes.ogg
sounds/jewelappear.ogg
sounds/lighttrail2.ogg
sounds/pop.ogg
sounds/reverse1.ogg
sounds/rolling.ogg
sounds/slowdown1.ogg
sounds/ufo1.ogg
sounds/warning1.ogg
userdata/adv1.sav
userdata/highscores.dat
userdata/user1.dat
userdata/users.dat
yx85.ini
yxdown.reg
zuma.exe
.exe windows:4 windows x86 arch:x86

f7c58dfcaf0e42d871716070b2fb95a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
SetCurrentDirectoryA
GetTickCount
CreateEventA
GetCurrentThread
SetThreadPriority
CloseHandle
ResetEvent
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
MulDiv
GetProcAddress
OutputDebugStringA
DeleteFileA
MultiByteToWideChar
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
GetWindowsDirectoryA
FindClose
FindNextFileA
FindFirstFileA
GetModuleFileNameA
GetModuleHandleA
GetLastError
CreateMutexA
GetCommandLineA
FreeLibrary
LoadLibraryA
SetUnhandledExceptionFilter
GetCurrentProcess
VirtualQuery
QueryPerformanceCounter
QueryPerformanceFrequency
GetThreadPriority
InitializeCriticalSection
DeleteCriticalSection
GetVersionExA
IsBadWritePtr
SetErrorMode
InterlockedIncrement
SetEvent
GetFileTime
CreateFileA
WideCharToMultiByte
GetLocaleInfoA
RtlUnwind
RaiseException
ExitProcess
ExitThread
TlsSetValue
TlsGetValue
ResumeThread
CreateThread
TerminateProcess
GetStartupInfoA
HeapFree
IsBadReadPtr
GetSystemTimeAsFileTime
GetDriveTypeA
GetCurrentDirectoryA
GetFullPathNameA
HeapReAlloc
HeapAlloc
LCMapStringA
LCMapStringW
GetCPInfo
GetTimeFormatA
GetDateFormatA
CompareStringA
CompareStringW
GetStringTypeA
GetStringTypeW
TlsFree
SetLastError
TlsAlloc
GetCurrentProcessId
ReadFile
WriteFile
HeapSize
UnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
FlushFileBuffers
SetFilePointer
GetTimeZoneInformation
VirtualProtect
GetSystemInfo
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
IsBadCodePtr
GetACP
GetOEMCP
SetStdHandle
SetEnvironmentVariableA
GetLocaleInfoW
SetEndOfFile
GetCurrentThreadId
InterlockedDecrement
Sleep
RemoveDirectoryA

winmm

timeGetTime
timeEndPeriod
timeBeginPeriod
mixerClose
mixerGetControlDetailsA
mixerGetLineControlsA
mixerGetLineInfoA
mixerGetDevCapsA
mixerOpen
mixerSetControlDetails

wsock32

__WSAFDIsSet
select
WSACleanup
closesocket
recv
send
WSAGetLastError
ioctlsocket
inet_ntoa
gethostbyname
htons
connect
socket
WSAStartup

user32

DestroyWindow
ScreenToClient
GetCursorPos
LoadCursorA
SetCursor
MessageBoxA
CloseClipboard
SetClipboardData
OpenClipboard
EndDialog
MoveWindow
SendMessageA
GetDlgItem
DialogBoxIndirectParamA
ReleaseCapture
SetCapture
WindowFromPoint
DispatchMessageA
TranslateMessage
PeekMessageA
SetFocus
GetClipboardData
GetWindowPlacement
SetTimer
CreateWindowExA
AdjustWindowRect
SetWindowLongA
SetForegroundWindow
DefWindowProcA
EndPaint
BeginPaint
GetWindowLongA
GetSystemMetrics
CreateCursor
RegisterClassA
LoadIconA
PostMessageA
RegisterWindowMessageA
DestroyCursor
GetWindowRect
GetMessageA
IsDialogMessageA
DrawTextA
FillRect
GetFocus
GetWindowTextA
GetSysColor
SetWindowTextA
GetSysColorBrush
GetDesktopWindow
ReleaseDC
GetClientRect
ClientToScreen
SystemParametersInfoA
ShowWindow
OffsetRect
DrawTextExA
CloseWindow
GetDC

gdi32

CreateFontA
GetTextMetricsA
TextOutA
SetTextColor
DeleteObject
CreateFontIndirectA
GetObjectA
SelectObject
GetDeviceCaps
CreateSolidBrush
GetTextExtentPoint32A
SetBkMode
IntersectClipRect

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteValueA
RegSetValueExA

shell32

ShellExecuteA

ole32

CoCreateInstance
CoInitialize

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 1012KB - Virtual size: 1010KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
中文功略.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 220KB - Virtual size: 560KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
启动游戏.bat
开始游戏.exe
.exe windows:4 windows x86 arch:x86

f7c58dfcaf0e42d871716070b2fb95a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
SetCurrentDirectoryA
GetTickCount
CreateEventA
GetCurrentThread
SetThreadPriority
CloseHandle
ResetEvent
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
MulDiv
GetProcAddress
OutputDebugStringA
DeleteFileA
MultiByteToWideChar
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
GetWindowsDirectoryA
FindClose
FindNextFileA
FindFirstFileA
GetModuleFileNameA
GetModuleHandleA
GetLastError
CreateMutexA
GetCommandLineA
FreeLibrary
LoadLibraryA
SetUnhandledExceptionFilter
GetCurrentProcess
VirtualQuery
QueryPerformanceCounter
QueryPerformanceFrequency
GetThreadPriority
InitializeCriticalSection
DeleteCriticalSection
GetVersionExA
IsBadWritePtr
SetErrorMode
InterlockedIncrement
SetEvent
GetFileTime
CreateFileA
WideCharToMultiByte
GetLocaleInfoA
RtlUnwind
RaiseException
ExitProcess
ExitThread
TlsSetValue
TlsGetValue
ResumeThread
CreateThread
TerminateProcess
GetStartupInfoA
HeapFree
IsBadReadPtr
GetSystemTimeAsFileTime
GetDriveTypeA
GetCurrentDirectoryA
GetFullPathNameA
HeapReAlloc
HeapAlloc
LCMapStringA
LCMapStringW
GetCPInfo
GetTimeFormatA
GetDateFormatA
CompareStringA
CompareStringW
GetStringTypeA
GetStringTypeW
TlsFree
SetLastError
TlsAlloc
GetCurrentProcessId
ReadFile
WriteFile
HeapSize
UnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
FlushFileBuffers
SetFilePointer
GetTimeZoneInformation
VirtualProtect
GetSystemInfo
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
IsBadCodePtr
GetACP
GetOEMCP
SetStdHandle
SetEnvironmentVariableA
GetLocaleInfoW
SetEndOfFile
GetCurrentThreadId
InterlockedDecrement
Sleep
RemoveDirectoryA

winmm

timeGetTime
timeEndPeriod
timeBeginPeriod
mixerClose
mixerGetControlDetailsA
mixerGetLineControlsA
mixerGetLineInfoA
mixerGetDevCapsA
mixerOpen
mixerSetControlDetails

wsock32

__WSAFDIsSet
select
WSACleanup
closesocket
recv
send
WSAGetLastError
ioctlsocket
inet_ntoa
gethostbyname
htons
connect
socket
WSAStartup

user32

DestroyWindow
ScreenToClient
GetCursorPos
LoadCursorA
SetCursor
MessageBoxA
CloseClipboard
SetClipboardData
OpenClipboard
EndDialog
MoveWindow
SendMessageA
GetDlgItem
DialogBoxIndirectParamA
ReleaseCapture
SetCapture
WindowFromPoint
DispatchMessageA
TranslateMessage
PeekMessageA
SetFocus
GetClipboardData
GetWindowPlacement
SetTimer
CreateWindowExA
AdjustWindowRect
SetWindowLongA
SetForegroundWindow
DefWindowProcA
EndPaint
BeginPaint
GetWindowLongA
GetSystemMetrics
CreateCursor
RegisterClassA
LoadIconA
PostMessageA
RegisterWindowMessageA
DestroyCursor
GetWindowRect
GetMessageA
IsDialogMessageA
DrawTextA
FillRect
GetFocus
GetWindowTextA
GetSysColor
SetWindowTextA
GetSysColorBrush
GetDesktopWindow
ReleaseDC
GetClientRect
ClientToScreen
SystemParametersInfoA
ShowWindow
OffsetRect
DrawTextExA
CloseWindow
GetDC

gdi32

CreateFontA
GetTextMetricsA
TextOutA
SetTextColor
DeleteObject
CreateFontIndirectA
GetObjectA
SelectObject
GetDeviceCaps
CreateSolidBrush
GetTextExtentPoint32A
SetBkMode
IntersectClipRect

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteValueA
RegSetValueExA

shell32

ShellExecuteA

ole32

CoCreateInstance
CoInitialize

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 1012KB - Virtual size: 1010KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
无限生命修改器.exe
.exe windows:4 windows x86 arch:x86

71f10e539e5fc4d5b75076f77facb165

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowThreadProcessId
GetAsyncKeyState
FindWindowA
SetWindowTextA
SetWindowRgn
DialogBoxParamA
EndDialog
GetDlgItem
GetKeyState
LoadIconA
MessageBoxA
SendMessageA
AnimateWindow
GetWindowLongA
GetDC
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
ShowWindow
SetWindowPos
GetWindowRect
SetCapture
ReleaseCapture
RegisterClassExA
GetParent
LoadCursorA
SetWindowLongA

kernel32

LoadResource
Sleep
CreateThread
ExitProcess
FindResourceA
GetModuleHandleA
WriteProcessMemory
LockResource
ResumeThread
SetLastError
SizeofResource
OpenProcess
MulDiv

gdi32

SetTextColor
CreateRoundRectRgn
SelectObject
GetDeviceCaps
DeleteObject
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
GetStockObject
SetBkMode
SetBkColor

ole32

CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoUninitialize
CreateStreamOnHGlobal

oleaut32

OleLoadPicture

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
游戏说明.txt
ZuMa_chs_setup/ZuMa_chs/7z.dll
.dll windows:4 windows x64 arch:x64

09c182b10b88cd78aa1b9a1fdb0142e4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

oleaut32

SysStringLen
VariantClear
VariantCopy
SysAllocString
SysAllocStringByteLen
SysFreeString
SysAllocStringLen

user32

CharUpperW
CharPrevExA

advapi32

SystemFunction036

msvcrt

strcpy
memset
realloc
free
malloc
__CxxFrameHandler
strlen
strcat
strstr
_CxxThrowException
wcscmp
strcmp
memmove
memcpy
memcmp
_purecall
strchr
__C_specific_handler
_beginthreadex
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
__dllonexit
_onexit
_initterm

kernel32

InitializeCriticalSection
ReleaseSemaphore
CreateSemaphoreW
ResetEvent
Sleep
CreateEventW
WaitForSingleObject
VirtualFree
VirtualAlloc
SetEvent
QueryPerformanceCounter
FileTimeToLocalFileTime
DeleteCriticalSection
LocalFileTimeToFileTime
WaitForMultipleObjects
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
FileTimeToDosDateTime
DosDateTimeToFileTime
GlobalMemoryStatusEx
GetSystemInfo
GetCurrentProcess
GetProcessAffinityMask
CompareFileTime
WriteFile
ReadFile
GetFileAttributesW
GetModuleHandleA
FindFirstFileW
GetLastError
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
CreateFileW
SetFileAttributesW
GetProcAddress
GetModuleHandleW
CreateDirectoryW
DeleteFileW
GetTempPathW
SetLastError
GetCurrentProcessId
GetTickCount
GetCurrentThreadId
FindClose

Exports

Exports

CreateDecoder
CreateEncoder
CreateObject
GetHandlerProperty
GetHandlerProperty2
GetHashers
GetIsArc
GetMethodProperty
GetNumberOfFormats
GetNumberOfMethods
SetCaseSensitive
SetCodecs
SetLargePageMode

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ZuMa_chs_setup/ZuMa_chs/gameyxdown.dat
ZuMa_chs_setup/ZuMa_chs/info.dat
ZuMa_chs_setup/ZuMa_chs/install.yx
ZuMa_chs_setup/ZuMa_chs/setup
.7z
gameyxdown.dat
ZuMa_chs_setup/双击安装游戏.bat
ZuMa_chs_setup/安装说明.txt
ZuMa_chs_setup/游戏下载.url
.url

Sharing

General

Malware Config

Signatures

Files

09c182b10b88cd78aa1b9a1fdb0142e4

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

user32

advapi32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 316KB - Virtual size: 315KB

.data Size: 1KB - Virtual size: 34KB

.pdata Size: 72KB - Virtual size: 71KB

.rsrc Size: 95KB - Virtual size: 94KB

.reloc Size: 12KB - Virtual size: 12KB

0d7aba9c754411a90f57bf8f06b09ccc

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

user32

advapi32

msvcrt

kernel32

Sections

.text Size: 307KB - Virtual size: 306KB

.rdata Size: 111KB - Virtual size: 111KB

.data Size: 2KB - Virtual size: 11KB

.pdata Size: 24KB - Virtual size: 23KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

Headers

File Characteristics

Sections

CODE Size: 313KB - Virtual size: 313KB

DATA Size: 4KB - Virtual size: 4KB

BSS Size: - Virtual size: 2KB

.idata Size: 8KB - Virtual size: 8KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 22KB - Virtual size: 22KB

.rsrc Size: 23KB - Virtual size: 23KB

Headers

File Characteristics

Exports

Exports

Sections

Size: 95KB - Virtual size: 336KB

Size: 4KB - Virtual size: 3KB

f7c58dfcaf0e42d871716070b2fb95a5

Headers

File Characteristics

Imports

kernel32

winmm

wsock32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 1012KB - Virtual size: 1010KB

.rdata Size: 192KB - Virtual size: 190KB

.data Size: 24KB - Virtual size: 335KB

.rsrc Size: 28KB - Virtual size: 25KB

Headers

File Characteristics

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 316KB - Virtual size: 315KB

.data
Size: 1KB - Virtual size: 34KB

.pdata
Size: 72KB - Virtual size: 71KB

.rsrc
Size: 95KB - Virtual size: 94KB

.reloc
Size: 12KB - Virtual size: 12KB

.text
Size: 307KB - Virtual size: 306KB

.rdata
Size: 111KB - Virtual size: 111KB

.data
Size: 2KB - Virtual size: 11KB

.pdata
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB

CODE
Size: 313KB - Virtual size: 313KB

DATA
Size: 4KB - Virtual size: 4KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 8KB - Virtual size: 8KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 22KB - Virtual size: 22KB

.rsrc
Size: 23KB - Virtual size: 23KB

.text
Size: 1012KB - Virtual size: 1010KB

.rdata
Size: 192KB - Virtual size: 190KB

.data
Size: 24KB - Virtual size: 335KB

.rsrc
Size: 28KB - Virtual size: 25KB

CODE
Size: 220KB - Virtual size: 560KB

DATA
Size: 3KB - Virtual size: 8KB

BSS
Size: - Virtual size: 8KB

.idata
Size: 3KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 36KB

.rsrc
Size: 11KB - Virtual size: 40KB

.aspack
Size: 8KB - Virtual size: 8KB

.data
Size: - Virtual size: 4KB

.text
Size: 1012KB - Virtual size: 1010KB

.rdata
Size: 192KB - Virtual size: 190KB

.data
Size: 24KB - Virtual size: 335KB

.rsrc
Size: 28KB - Virtual size: 25KB

.text
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 51KB - Virtual size: 50KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 316KB - Virtual size: 315KB

.data
Size: 1KB - Virtual size: 34KB

.pdata
Size: 72KB - Virtual size: 71KB

.rsrc
Size: 95KB - Virtual size: 94KB

.reloc
Size: 12KB - Virtual size: 12KB