2d4852961b4b25d3d7559114b983e0f2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d4852961b4b25d3d7559114b983e0f2_JaffaCakes118
Size

1.5MB
MD5

2d4852961b4b25d3d7559114b983e0f2
SHA1

c44a213e87a8569f17fe7d888947f50be8c6c665
SHA256

310bf2216467e5ef93ce19db4545565dbd98381803a347a01c01d4efd98b0a74
SHA512

b9339ab316313dfeea2a974dc3f403afe9a6afb36bfe68e676d072d8828b66edc265fe1e3e4773c1ecc088d99c135e2898791c93d0deb7b26df0f586a63f7dd6
SSDEEP

49152:Ia5lGgA9ZV8CNdfFS+M7788uMnIutAwyH:IajLA9ZV8CNZo+M7w8fI9

Score

3^/10

Malware Config

Signatures

Unsigned PE 7 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cf刷枪软件无需激活2014/TLEngine.dll
unpack001/cf刷枪软件无需激活2014/cf刷枪软件永久雷神 V9.0.exe
unpack001/cf刷枪软件无需激活2014/com.run
unpack001/cf刷枪软件无需激活2014/cs.dll
unpack001/cf刷枪软件无需激活2014/internet.fne
unpack001/cf刷枪软件无需激活2014/krnln.fnr
unpack001/cf刷枪软件无需激活2014/shell.fne

Files

2d4852961b4b25d3d7559114b983e0f2_JaffaCakes118
.rar
cf刷枪软件无需激活2014/TLEngine.dll
.exe windows:4 windows x86 arch:x86

3d3d967282b1619854edf6348ebd96b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
lstrcpynA
SetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
CreateSemaphoreA
SetStdHandle
IsBadCodePtr
IsBadReadPtr
CompareStringW
CompareStringA
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
IsBadWritePtr
VirtualAlloc
LCMapStringW
LCMapStringA
SetEnvironmentVariableA
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetACP
HeapSize
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
ReadFile
GetLastError
WaitForMultipleObjects
CreateFileA
SetEvent
FindResourceA
LoadResource
LockResource
GetModuleFileNameA
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
WinExec
lstrcpyA
FindNextFileA
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetFullPathNameA
FreeLibrary
LoadLibraryA
lstrlenA
GetVersionExA
WritePrivateProfileStringA
CreateThread
CreateEventA
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
FindFirstFileA
FindClose
TerminateProcess
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RaiseException
RtlUnwind
GetStartupInfoA
GetOEMCP
GetCPInfo
GetProcessVersion
SetErrorMode
GlobalFlags
GetCurrentThread
GetFileTime
GetFileSize
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
GetFileAttributesA
SetCurrentDirectoryA
GetVolumeInformationA
TlsAlloc
LocalAlloc
lstrcmpA
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpiA
GetModuleHandleA
GetProcAddress
MulDiv
GetCommandLineA
GetTickCount
WaitForSingleObject
CloseHandle
InterlockedIncrement

user32

OpenClipboard
SetClipboardData
EmptyClipboard
GetSystemMetrics
GetCursorPos
MessageBoxA
SetWindowPos
SendMessageA
DestroyCursor
SetParent
GetClipboardData
PostMessageA
GetTopWindow
GetParent
GetFocus
GetClientRect
InvalidateRect
ValidateRect
UpdateWindow
CloseClipboard
wsprintfA
EqualRect
GetWindowRect
SetForegroundWindow
IsWindow
DestroyMenu
IsChild
ReleaseDC
IsRectEmpty
FillRect
GetDC
SetCursor
LoadCursorA
SetCursorPos
SetActiveWindow
GetSysColor
SetWindowLongA
GetWindowLongA
RedrawWindow
EnableWindow
IsWindowVisible
OffsetRect
PtInRect
DestroyIcon
IntersectRect
SetRect
InflateRect
SetScrollPos
SetScrollRange
GetScrollRange
SetCapture
SystemParametersInfoA
TranslateMessage
LoadIconA
DrawFrameControl
DrawEdge
DrawFocusRect
WindowFromPoint
GetMessageA
DispatchMessageA
SetRectEmpty
RegisterClipboardFormatA
CreateIconFromResourceEx
CreateIconFromResource
DrawIconEx
CreatePopupMenu
AppendMenuA
ModifyMenuA
CreateMenu
CreateAcceleratorTableA
GetDlgCtrlID
GetSubMenu
EnableMenuItem
ClientToScreen
EnumDisplaySettingsA
LoadImageA
ShowWindow
IsWindowEnabled
TranslateAcceleratorA
GetKeyState
CopyAcceleratorTableA
PostQuitMessage
IsZoomed
GetSystemMenu
GetWindowTextA
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetDlgItem
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
RegisterWindowMessageA
GetForegroundWindow
GetLastActivePopup
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetScrollPos
UnregisterClassA
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
GetClassNameA
GetDesktopWindow
LoadStringA
GetSysColorBrush
DeleteMenu
GetClassInfoA
DefWindowProcA
GetMenu
SetMenu
PeekMessageA
IsIconic
SetFocus
GetActiveWindow
GetWindow
DestroyAcceleratorTable
SetWindowRgn
GetMessagePos
ScreenToClient
ChildWindowFromPointEx
CopyRect
LoadBitmapA
WinHelpA
KillTimer
SetTimer
ReleaseCapture
GetCapture

gdi32

SetStretchBltMode
GetClipRgn
CreatePolygonRgn
SelectClipRgn
DeleteObject
CreateDIBitmap
GetSystemPaletteEntries
CreatePalette
StretchBlt
SelectPalette
RealizePalette
GetDIBits
GetWindowExtEx
GetViewportOrgEx
GetWindowOrgEx
BeginPath
EndPath
PathToRegion
CreateEllipticRgn
CreateRoundRectRgn
GetTextColor
GetBkMode
GetBkColor
GetROP2
GetStretchBltMode
GetPolyFillMode
CreateCompatibleBitmap
CreateDCA
CreateBitmap
SelectObject
GetObjectA
PatBlt
FillRgn
CreateRectRgn
CombineRgn
CreateSolidBrush
GetStockObject
CreateFontIndirectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
CreateCompatibleDC
Ellipse
Rectangle
LPtoDP
DPtoLP
GetCurrentObject
RoundRect
GetTextExtentPoint32A
GetDeviceCaps
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
ExcludeClipRect
MoveToEx
LineTo
CreateRectRgnIndirect
SetBkColor
CreatePen
GetTextMetricsA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetViewportExtEx
ExtSelectClipRgn

winmm

midiStreamRestart
midiStreamClose
midiOutReset
midiStreamStop
midiStreamOut
midiOutPrepareHeader
midiStreamProperty
midiStreamOpen
midiOutUnprepareHeader
waveOutOpen
waveOutGetNumDevs
waveOutClose
waveOutReset
waveOutPause
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegQueryValueA
RegCreateKeyExA

shell32

ShellExecuteA
Shell_NotifyIconA

ole32

OleUninitialize
CLSIDFromString
OleInitialize

oleaut32

UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi

comctl32

ImageList_Destroy
ord17

ws2_32

recv
getpeername
accept
ioctlsocket
recvfrom
WSAAsyncSelect
closesocket
WSACleanup
inet_ntoa

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA

Sections

.text
Size: 408KB - Virtual size: 405KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 156KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
cf刷枪软件无需激活2014/VipReward.xml
.xml
cf刷枪软件无需激活2014/VipServerGift.xml
.xml
cf刷枪软件无需激活2014/cf刷枪软件永久雷神 V9.0.exe
.exe windows:4 windows x86 arch:x86

f2c6cd61e0fb38d7e0b0c890cee74b8a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegConnectRegistryW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegFlushKey
RegLoadKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegReplaceKeyW
RegRestoreKeyW
RegSaveKeyW
RegSetValueExW
RegUnLoadKeyW

kernel32

CloseHandle
CompareStringW
CreateEventW
CreateFileA
CreateFileW
CreateThread
DeleteCriticalSection
DeleteFileA
DeleteFileW
EnterCriticalSection
EnumCalendarInfoW
ExitProcess
ExitThread
FindClose
FindFirstFileW
FindResourceW
FormatMessageW
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDiskFreeSpaceW
GetEnvironmentStrings
GetExitCodeThread
GetFileAttributesA
GetFileAttributesW
GetFileSize
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultLangID
GetSystemDefaultUILanguage
GetSystemInfo
GetTempPathW
GetThreadLocale
GetThreadPriority
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultUILanguage
GetVersion
GetVersionExA
GetVersionExW
GlobalAddAtomW
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomW
GlobalFree
GlobalLock
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
IsDBCSLeadByteEx
IsDebuggerPresent
IsValidLocale
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LockResource
MulDiv
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ResetEvent
ResumeThread
RtlUnwind
SetConsoleCtrlHandler
SetEndOfFile
SetErrorMode
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetThreadLocale
SetThreadPriority
SignalObjectAndWait
SizeofResource
Sleep
SuspendThread
SwitchToThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
VirtualQueryEx
WaitForMultipleObjectsEx
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpiA
lstrcpyW
lstrcpynW
lstrlenW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

winspool.drv

ClosePrinter
DocumentPropertiesW
EnumPrintersW
ord203
OpenPrinterW

comctl32

FlatSB_GetScrollInfo
FlatSB_GetScrollPos
FlatSB_SetScrollInfo
FlatSB_SetScrollPos
FlatSB_SetScrollProp
ImageList_Add
ImageList_BeginDrag
ImageList_Copy
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_Draw
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_SetOverlayImage
ImageList_Write
InitializeFlatSB
_TrackMouseEvent

gdi32

AbortDoc
Arc
BitBlt
Chord
CreateBitmap
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreateDIBitmap
CreateFontIndirectW
CreateHalftonePalette
CreateICW
CreatePalette
CreatePenIndirect
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
Ellipse
EndDoc
EndPage
EnumFontFamiliesExW
EnumFontsW
ExcludeClipRect
ExtFloodFill
ExtTextOutW
FrameRgn
GetBitmapBits
GetBrushOrgEx
GetClipBox
GetCurrentPositionEx
GetDCOrgEx
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetObjectW
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextExtentPoint32W
GetTextMetricsW
GetWindowOrgEx
IntersectClipRect
LineTo
MaskBlt
MoveToEx
PatBlt
Pie
PolyBezier
PolyBezierTo
Polygon
Polyline
RealizePalette
RectVisible
Rectangle
RestoreDC
RoundRect
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetAbortProc
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetDIBits
SetPixel
SetROP2
SetStretchBltMode
SetTextColor
SetViewportOrgEx
SetWindowOrgEx
StartDocW
StartPage
StretchBlt
StretchDIBits
UnrealizeObject

msimg32

AlphaBlend

shell32

ShellExecuteA

user32

ActivateKeyboardLayout
AdjustWindowRectEx
BeginPaint
CallNextHookEx
CallWindowProcW
CharLowerW
CharNextW
CharUpperBuffW
CheckMenuItem
ClientToScreen
CopyIcon
CreateAcceleratorTableW
CreateIcon
CreateMenu
CreatePopupMenu
CreateWindowExW
DefFrameProcW
DefMDIChildProcW
DefWindowProcW
DeleteMenu
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageA
DispatchMessageW
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIcon
DrawIconEx
DrawMenuBar
DrawTextExW
DrawTextW
EnableMenuItem
EnableScrollBar
EnableWindow
EndPaint
EnumChildWindows
EnumThreadWindows
EnumWindows
FillRect
FindWindowExW
FindWindowW
FrameRect
GetActiveWindow
GetCapture
GetClassInfoW
GetClassLongW
GetClientRect
GetCursor
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyNameTextW
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardLayoutNameW
GetKeyboardState
GetLastActivePopup
GetMenu
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMenuState
GetMenuStringW
GetMessageExtraInfo
GetMessagePos
GetParent
GetPropW
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetTopWindow
GetWindow
GetWindowDC
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextW
GetWindowThreadProcessId
InflateRect
InsertMenuItemW
InsertMenuW
IntersectRect
InvalidateRect
IsChild
IsDialogMessageA
IsDialogMessageW
IsIconic
IsWindow
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapW
LoadCursorW
LoadIconW
LoadKeyboardLayoutW
LoadStringW
MapVirtualKeyW
MapWindowPoints
MessageBoxA
MessageBoxW
MsgWaitForMultipleObjects
MsgWaitForMultipleObjectsEx
OffsetRect
PeekMessageA
PeekMessageW
PostMessageW
PostQuitMessage
RedrawWindow
RegisterClassW
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropW
ScreenToClient
ScrollWindow
SendMessageA
SendMessageW
SetActiveWindow
SetCapture
SetClassLongW
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetMenu
SetMenuItemInfoW
SetParent
SetPropW
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowTextW
SetWindowsHookExW
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoW
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnregisterClassW
UpdateWindow
WaitMessage
WindowFromPoint
wsprintfA

ole32

CoInitialize
CoUninitialize
OleInitialize
OleUninitialize

oleaut32

GetErrorInfo
SafeArrayCreate
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex
SysAllocStringLen
SysFreeString
SysReAllocStringLen
VariantChangeType
VariantClear
VariantCopy
VariantInit

Exports

Exports

@@Unit1@Finalize
@@Unit1@Initialize
_Form1
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 423KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 98KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
cf刷枪软件无需激活2014/com.run
.dll windows:4 windows x86 arch:x86

5867874cfed7eebbf10ef059dbad6450

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
RtlUnwind
GetCommandLineA
ExitProcess
TerminateProcess
RaiseException
HeapSize
GetACP
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFileTime
GetFileSize
GetFileAttributesA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetOEMCP
GetCPInfo
FileTimeToLocalFileTime
FileTimeToSystemTime
GetProcessVersion
GetLastError
WritePrivateProfileStringA
GlobalFlags
lstrcpynA
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GlobalUnlock
MulDiv
SetLastError
GetThreadLocale
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
GetModuleHandleA
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
FindResourceA
LoadResource
LockResource
CloseHandle
GetModuleFileNameA
GlobalLock
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GetProcAddress
GlobalAlloc
GlobalFree
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetVersionExA
LoadLibraryA
LoadLibraryExA
FreeLibrary
lstrlenW
lstrlenA
GetFileType
GetUserDefaultLCID

user32

CreateDialogIndirectParamA
EndDialog
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
LoadStringA
GetSysColorBrush
GetDesktopWindow
PtInRect
GetClassNameA
UnregisterClassA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
CharNextA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
LoadIconA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
SetActiveWindow
AdjustWindowRectEx
CopyRect
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
wsprintfA
LoadBitmapA
IsWindow
GetClientRect
LoadCursorA
EnableWindow
SetFocus
GetSysColor
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
UnhookWindowsHookEx
PostThreadMessageA
RegisterClipboardFormatA
MapDialogRect
SetWindowPos
IsRectEmpty
PostQuitMessage
PostMessageA
SendMessageA
SetCursor
MessageBoxA
GetWindowLongA
IsWindowEnabled
GetLastActivePopup
GetParent
SetWindowsHookExA
GetCursorPos
PeekMessageA
IsWindowVisible
ValidateRect
CallNextHookEx
GetKeyState
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
GetNextDlgTabItem
GetFocus
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
SetWindowContextHelpId
GetWindow
CharUpperA
DestroyMenu

gdi32

GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
ExtTextOutA
Escape
DPtoLP
LPtoDP
GetMapMode
TextOutA
DeleteObject
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SelectObject
RestoreDC
SaveDC
DeleteDC
GetBkColor
GetTextColor
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
PatBlt
CreateCompatibleDC
BitBlt
GetObjectA
GetStockObject

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegQueryValueA
RegOpenKeyA

comctl32

ord17

oledlg

ord8

ole32

OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoTaskMemAlloc
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromProgID
CreateStreamOnHGlobal
StringFromIID
CoTaskMemFree
IIDFromString
CLSIDFromString
CoCreateInstance
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord252
ord253
ord250

oleaut32

LoadRegTypeLi
SysFreeString
VariantClear
VariantChangeType
VariantInit
VariantCopyInd
GetRecordInfoFromTypeInfo
SysAllocString
VariantCopy
SysAllocStringLen
VariantTimeToSystemTime
SysStringLen
SysAllocStringByteLen

Exports

Exports

InitCtl
InitCtl2

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cf刷枪软件无需激活2014/config.ini
cf刷枪软件无需激活2014/cs.dll
.dll regsvr32 windows:4 windows x86 arch:x86

29b661a4c01bc09b11d02be5e19a9de0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaAptOffset
__vbaLenBstr
__vbaFreeVarList
_adj_fdiv_m64
_adj_fprem1
__vbaRecDestruct
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord595
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
ord525
__vbaChkstk
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
DllFunctionCall
__vbaRedimPreserve
_adj_fpatan
__vbaRedim
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
ord644
_CIlog
__vbaErrorOverflow
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
ord103
ord104
ord105
__vbaAryLock
__vbaVarDup
_CIatan
__vbaStrMove
_allmul
_CItan
__vbaAryUnlock
_CIexp

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cf刷枪软件无需激活2014/internet.fne
.dll windows:4 windows x86 arch:x86

947a94c34d0476950a2cd72e8004382c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

rasapi32

RasDialA
RasHangUpA
RasEnumConnectionsA
RasEnumEntriesA
RasGetEntryDialParamsA
RasGetConnectStatusA

kernel32

TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
lstrcatA
GetVersion
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
RtlUnwind
GetCommandLineA
RaiseException
GetSystemTime
GetLocalTime
GetACP
GlobalAlloc
HeapSize
SetStdHandle
GetFileType
ExitProcess
TerminateProcess
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalReAlloc
TlsFree
GlobalHandle
GlobalFree
TlsAlloc
GetCurrentThreadId
WaitForSingleObject
lstrcmpA
GetFileTime
GetFileSize
GetFileAttributesA
GetModuleFileNameA
lstrcmpiA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetProcAddress
SetEndOfFile
UnlockFile
LockFile
CloseHandle
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
FileTimeToLocalFileTime
GlobalLock
GlobalUnlock
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryA
LocalAlloc
FreeLibrary
lstrcpyA
EnterCriticalSection
lstrcpynA
GetLastError
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
SetLastError
GetTimeZoneInformation
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetTickCount
Sleep
FileTimeToSystemTime

user32

GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
GetClassNameA
PtInRect
LoadCursorA
GetSysColorBrush
PostQuitMessage
DestroyMenu
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
ClientToScreen
LoadIconA
MapWindowPoints
GetSysColor
GetFocus
SetFocus
AdjustWindowRectEx
GetClientRect
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetDlgCtrlID
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
LoadStringA
UnregisterClassA
UnhookWindowsHookEx
CopyRect
SendMessageA
GetKeyState
CallNextHookEx
SetWindowsHookExA
GetSystemMetrics
CharUpperA
GetWindowTextA
EnableWindow
PeekMessageA
DispatchMessageA
PostMessageA
IsWindow
SetWindowTextA
InvalidateRect
GetMessageTime

gdi32

GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateBitmap
DeleteObject
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comctl32

ord17

wsock32

setsockopt
socket
WSASetLastError
gethostbyname
ioctlsocket
htons
connect
send
recv
closesocket
select
gethostname
WSACleanup
WSAStartup

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
FtpFindFirstFileA
InternetFindNextFileA
FtpGetFileA
FtpPutFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
FtpCreateDirectoryA
FtpRenameFileA
FtpDeleteFileA
InternetConnectA
InternetSetOptionA
InternetCloseHandle
InternetOpenA

Exports

Exports

GetNewInf

Sections

.text
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cf刷枪软件无需激活2014/jl.txt
cf刷枪软件无需激活2014/krnln.fnr
.dll windows:4 windows x86 arch:x86

3fe89fa8d80000c8c9aa487e9ab5b867

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

waveOutPrepareHeader
midiStreamClose
midiOutReset
midiStreamStop
midiStreamOut
midiOutPrepareHeader
midiStreamProperty
midiStreamOpen
midiOutUnprepareHeader
waveOutOpen
waveOutGetNumDevs
waveOutClose
waveOutReset
waveOutPause
waveOutWrite
midiStreamRestart
waveOutUnprepareHeader

kernel32

FileTimeToSystemTime
FileTimeToLocalFileTime
FormatMessageA
lstrcmpA
GetCurrentThread
SetThreadPriority
SuspendThread
CreateMutexA
ReleaseMutex
GlobalFlags
SetErrorMode
GetProcessVersion
GetCPInfo
GetOEMCP
RtlUnwind
RaiseException
GetTimeZoneInformation
GetSystemTime
GetLocalTime
TerminateProcess
HeapSize
GetACP
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetEnvironmentVariableW
SetEnvironmentVariableA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetStdHandle
GetFileTime
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalFree
LocalAlloc
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetVersion
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpynA
SetLastError
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
SetCommTimeouts
SetCommMask
GetCommState
SetCommState
WriteFile
ReadFile
PurgeComm
WaitCommEvent
ClearCommError
GetLastError
WaitForMultipleObjects
GetOverlappedResult
GetCommModemStatus
SetEvent
GetProfileStringA
GetPrivateProfileSectionNamesA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetComputerNameA
EscapeCommFunction
CreateEventA
ResetEvent
OutputDebugStringA
ExpandEnvironmentStringsA
GlobalAlloc
GetTempPathA
SetFileAttributesA
GetFileAttributesA
MoveFileA
CopyFileA
CreateDirectoryA
SetVolumeLabelA
GetDiskFreeSpaceA
SetLocalTime
GetCommandLineA
CreateProcessA
SetCurrentDirectoryA
GetCurrentThreadId
GetModuleHandleA
GlobalSize
GlobalLock
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
WinExec
lstrcpyA
GetCurrentDirectoryA
GetLogicalDriveStringsA
GetDriveTypeA
GetVolumeInformationA
GlobalUnlock
GlobalReAlloc
HeapFree
HeapReAlloc
ExitProcess
HeapAlloc
WaitForSingleObject
GetProcessHeap
FindResourceA
LoadResource
LockResource
CreateThread
DeleteFileA
RemoveDirectoryA
FindNextFileA
GetModuleFileNameA
Sleep
MulDiv
FindFirstFileA
FindClose
LoadLibraryA
GetProcAddress
FreeLibrary
CreateFileA
CloseHandle
DeviceIoControl
GetVersionExA
GetFullPathNameA
lstrlenW
lstrlenA
GetUserDefaultLCID
GetTickCount
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
ExitThread

user32

UnregisterClassA
LoadStringA
GetSysColorBrush
EndDialog
CreateDialogIndirectParamA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
GetNextDlgTabItem
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
GetScrollPos
RegisterClassA
GetMenuItemCount
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
RegisterWindowMessageA
GetWindowPlacement
ShowWindow
IsWindowEnabled
TranslateAcceleratorA
CopyAcceleratorTableA
PostQuitMessage
IsZoomed
GetSystemMenu
DeleteMenu
GetClassInfoA
DefWindowProcA
GetDesktopWindow
LoadIconA
CreateIconFromResourceEx
CreateIconFromResource
DrawIconEx
GetMessageA
SetRectEmpty
RegisterClipboardFormatA
CreatePopupMenu
AppendMenuA
ModifyMenuA
CreateMenu
CreateAcceleratorTableA
SetCursor
InvertRect
ScrollDC
TrackPopupMenu
SetForegroundWindow
ValidateRect
LockWindowUpdate
MessageBeep
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
WaitForInputIdle
SetCursorPos
SetMenu
PeekMessageA
IsIconic
SetActiveWindow
DestroyMenu
SetFocus
SetWindowPos
GetActiveWindow
GetTopWindow
GetWindow
DestroyAcceleratorTable
DestroyCursor
SetWindowRgn
ScreenToClient
ChildWindowFromPointEx
WinHelpA
KillTimer
SetTimer
PostMessageA
GetScrollRange
SetScrollRange
SetScrollPos
SetParent
IsWindowVisible
GetWindowLongA
SetWindowLongA
TranslateMessage
DispatchMessageA
UpdateWindow
GetDC
ReleaseDC
EnumDisplaySettingsA
LoadImageA
MessageBoxA
LoadBitmapA
GetKeyState
DestroyIcon
IsChild
IsRectEmpty
GetFocus
IntersectRect
EqualRect
GetMenu
GetSubMenu
EnableMenuItem
AdjustWindowRect
LoadCursorA
GetCapture
ClientToScreen
wsprintfA
GetDlgCtrlID
InvalidateRect
GetClassNameA
WindowFromPoint
CharUpperA
ReleaseCapture
GetMessagePos
PtInRect
GetClientRect
GetCursorPos
SetCapture
SystemParametersInfoA
EnableWindow
SetRect
IsWindow
RedrawWindow
CopyRect
FillRect
GetSystemMetrics
DrawFrameControl
DrawEdge
InflateRect
OffsetRect
DrawFocusRect
GetWindowRect
GetParent
SendMessageA
GetSysColor
IsClipboardFormatAvailable

gdi32

StartDocA
CreateRectRgnIndirect
ExtCreateRegion
SetPixel
CreateDIBSection
GetDIBits
SelectPalette
GetSystemPaletteEntries
CreateRoundRectRgn
CreateEllipticRgn
PathToRegion
EndPath
BeginPath
GetClipBox
SetTextColor
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExcludeClipRect
MoveToEx
LineTo
GetBkColor
GetPixel
ExtSelectClipRgn
GetViewportExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextMetricsA
GetROP2
GetStretchBltMode
GetPolyFillMode
StartPage
EndPage
CreateDCA
DPtoLP
CreateBrushIndirect
CreateHatchBrush
CreatePatternBrush
Ellipse
RoundRect
FillRgn
GetCurrentObject
CombineRgn
CreateRectRgn
GetClipRgn
CreatePolygonRgn
SetPixelV
LPtoDP
Pie
GetViewportOrgEx
GetWindowOrgEx
PatBlt
CreateCompatibleDC
BitBlt
CreateSolidBrush
GetStockObject
GetObjectA
GetDeviceCaps
RealizePalette
CreatePen
GetTextExtentPoint32A
CreateFontIndirectA
CreatePalette
Chord
Arc
Polygon
EndDoc
GetTextColor
Rectangle
SelectClipRgn
CreateDIBitmap
CreateCompatibleBitmap
CreateBitmap
SetBkColor
SelectObject
SetStretchBltMode
StretchBlt
DeleteDC
DeleteObject
GetWindowExtEx
GetBkMode

comdlg32

PrintDlgA
ChooseFontA
GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA
ChooseColorA
CommDlgExtendedError

winspool.drv

DeleteFormA
DocumentPropertiesA
AddFormA
SetFormA
ClosePrinter
GetFormA
EnumFormsA
OpenPrinterA

advapi32

RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey

shell32

Shell_NotifyIconA
ShellExecuteA

comctl32

ord17
ImageList_Destroy
ImageList_LoadImageA

ole32

OleInitialize
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
OleUninitialize
OleRun
CoCreateInstance

olepro32

ord252
ord253

oleaut32

SafeArrayPutElement
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetElement
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
VariantCopy
UnRegisterTypeLi
SysAllocString
VariantCopyInd
VariantInit
VariantChangeType
VariantClear
GetActiveObject
LoadTypeLi
LHashValOfNameSys
RegisterTypeLi
VarDateFromStr

ws2_32

getpeername
listen
recv
connect
ioctlsocket
recvfrom
sendto
setsockopt
socket
htonl
bind
htons
WSAAsyncSelect
closesocket
send
select
gethostbyname
inet_ntoa
inet_addr
accept
gethostbyaddr
gethostname
WSACleanup
WSAStartup

Exports

Exports

GetNewInf
GetNewSock

Sections

.text
Size: 768KB - Virtual size: 766KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cf刷枪软件无需激活2014/psvince.dll
.dll windows:4 windows x86 arch:x86

27a86aaa3e5842ff2ceac4363ef98a7b

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2d:af:fb:7a:20:58:8a:40:87:11:b7:98:fd:3d:fc:f8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

07/01/2013, 00:00

Not After

07/01/2015, 23:59

Subject

CN=福州创意嘉和软件有限公司,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=技术中心,O=福州创意嘉和软件有限公司,L=FuZhou,ST=FuJian,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

80:0d:f3:03:a0:5c:5d:86:b9:a7:cb:15:87:83:79:fd:13:72:31:b8
Signer

Actual PE Digest

80:0d:f3:03:a0:5c:5d:86:b9:a7:cb:15:87:83:79:fd:13:72:31:b8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
OpenProcess
HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress
LoadLibraryA
GetVersionExA
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
FreeLibrary
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
HeapReAlloc
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW

Exports

Exports

IsModuleLoaded

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cf刷枪软件无需激活2014/shell.fne
.dll windows:4 windows x86 arch:x86

982b55eb63f51858ab5dbdb343dfc3f3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
GetTempPathA
GetSystemDirectoryA
GetWindowsDirectoryA
GetVersionExA
SetSystemPowerState
GetLastError
GetCurrentProcess
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
LoadLibraryA
GetProcAddress
VirtualAlloc
RtlUnwind
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
ExitProcess
TerminateProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP

user32

EnableWindow
ExitWindowsEx
SetForegroundWindow
SetActiveWindow
GetActiveWindow
IsWindow
GetForegroundWindow
IsWindowEnabled
GetParent

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

shell32

SHGetMalloc
SHFileOperationA
SHGetSpecialFolderPathA
ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetFileInfoA

ole32

CoCreateInstance

Exports

Exports

GetNewInf

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cf刷枪软件无需激活2014/游戏大全.url
.url
cf刷枪软件无需激活2014/游戏说明.txt

Sharing

General

Malware Config

Signatures

Files

3d3d967282b1619854edf6348ebd96b7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

comdlg32

Sections

.text Size: 408KB - Virtual size: 405KB

.rdata Size: 156KB - Virtual size: 153KB

.data Size: 60KB - Virtual size: 121KB

.rsrc Size: 116KB - Virtual size: 116KB

f2c6cd61e0fb38d7e0b0c890cee74b8a

Headers

File Characteristics

Imports

advapi32

kernel32

version

winspool.drv

comctl32

gdi32

msimg32

shell32

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.data Size: 52KB - Virtual size: 92KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 12KB - Virtual size: 12KB

.didata Size: 1024B - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 423KB - Virtual size: 424KB

.reloc Size: 98KB - Virtual size: 100KB

5867874cfed7eebbf10ef059dbad6450

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

Exports

Exports

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 16KB - Virtual size: 51KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 24KB - Virtual size: 20KB

29b661a4c01bc09b11d02be5e19a9de0

Headers

File Characteristics

Imports

.text
Size: 408KB - Virtual size: 405KB

.rdata
Size: 156KB - Virtual size: 153KB

.data
Size: 60KB - Virtual size: 121KB

.rsrc
Size: 116KB - Virtual size: 116KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 52KB - Virtual size: 92KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 12KB - Virtual size: 12KB

.didata
Size: 1024B - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 423KB - Virtual size: 424KB

.reloc
Size: 98KB - Virtual size: 100KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 16KB - Virtual size: 51KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 24KB - Virtual size: 20KB

.text
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: 108KB - Virtual size: 104KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 28KB - Virtual size: 87KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 20KB - Virtual size: 16KB

.text
Size: 768KB - Virtual size: 766KB

.rdata
Size: 104KB - Virtual size: 103KB

.data
Size: 60KB - Virtual size: 123KB

.rsrc
Size: 60KB - Virtual size: 57KB

.reloc
Size: 68KB - Virtual size: 65KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

2d:af:fb:7a:20:58:8a:40:87:11:b7:98:fd:3d:fc:f8
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate