blackmoon | 刺客远程控制破解版修复免杀过传输报毒[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

刺客远程控制破解版修复免杀过传输报毒.zip
Size

28.2MB
MD5

33a5ef7be9a92b856270684810c822ce
SHA1

ef7f1e074026c5f403dec1178913ed744d56f84c
SHA256

c15b7d2402be8884b7f0e7cbc263e3b3c034601e559b530c55aeb5640ece8822
SHA512

daabc739cd92b6170b16fa8cf324d53eacd483e27d0defa26cbab91310019d94d03acf072fd37d789f82735ac84ccffbdb556890585ab6ac0a38bfd999361547
SSDEEP

786432:1kbXX5Y+ExmlAYeUtDYgfBv+NvtCWPy5SU5CrPYn+EPU9SkKOw956RGxHg:iN5ExWm2YgfdytCWkSaCrPY+ErtxA

Score

10^/10

upx blackmoon

Malware Config

Signatures

Blackmoon family
blackmoon

Detect Blackmoon payload 6 IoCs

resource	yara_rule
static1/unpack001/Cache/Api interface/dll_zz_th.dll	family_blackmoon
static1/unpack001/Cache/DAT/i.exp	family_blackmoon
static1/unpack001/Cache/DAT/install.pg	family_blackmoon
static1/unpack001/Cache/DAT/install.pg.dll	family_blackmoon
static1/unpack001/Cache/plugin/client/file_mame_0.8.dll	family_blackmoon
static1/unpack001/Cache/plugin/server/file_mame_0.9.dll	family_blackmoon

ACProtect 1.3x - 1.4x DLL software 4 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/Cache/Api interface/File Download Options.dll	acprotect
static1/unpack001/Cache/Api interface/grouping.dll	acprotect
static1/unpack001/Cache/Api interface/quick text editor.dll	acprotect
static1/unpack001/ssdl_data_thread.dll	acprotect

UPX packed file 4 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/Cache/Api interface/File Download Options.dll	upx
static1/unpack001/Cache/Api interface/grouping.dll	upx
static1/unpack001/Cache/Api interface/quick text editor.dll	upx
static1/unpack001/ssdl_data_thread.dll	upx

Unsigned PE 29 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Cache/Api interface/File Download Options.dll
unpack002/out.upx
unpack001/Cache/Api interface/Systeam Setini.dll
unpack001/Cache/Api interface/Windows Install.dll
unpack001/Cache/Api interface/dll_zz_th.dll
unpack001/Cache/Api interface/grouping.dll
unpack003/out.upx
unpack001/Cache/Api interface/quick text editor.dll
unpack004/out.upx
unpack001/Cache/DAT/i.exp
unpack001/Cache/DAT/install.pg
unpack001/Cache/DAT/install.pg.dll
unpack001/Cache/Winpe/atl.dll
unpack001/Cache/Winpe/crtdll.dll
unpack001/Cache/plugin/client/WQPlXhOR0.1.dll
unpack001/Cache/plugin/client/cmd_shell_0.1.dll
unpack001/Cache/plugin/client/file_mame_0.8.dll
unpack001/Cache/plugin/client/serv_server_0.1.dll
unpack001/Cache/plugin/client/video_screen_0.5.dll
unpack001/Cache/plugin/server/cmd_shell.dll
unpack001/Cache/plugin/server/cmd_shell_0.1.dll
unpack001/Cache/plugin/server/file_mame_0.9.dll
unpack001/Cache/plugin/server/remote_screen_3.1.dll
unpack001/Cache/plugin/server/serv_server_0.1.dll
unpack001/Cache/plugin/server/video_screen_0.2.dll
unpack001/ssdl_data_thread.dll
unpack005/out.upx
unpack001/winspool.drv
unpack001/刺客远程管理.exe

Files

刺客远程控制破解版修复免杀过传输报毒.zip
.zip
Cache/Api interface/File Download Options.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

file_download_options

Sections

UPX0
Size: - Virtual size: 544KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 304KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 508KB - Virtual size: 504KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cache/Api interface/Systeam Setini.dll
.dll windows:4 windows x86 arch:x86

95585fe4f2eee5fb6ec130132bbcb2ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFilePointer
GetCurrentProcess
DuplicateHandle
lstrcpynA
SetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalFree
InterlockedDecrement
SuspendThread
TerminateThread
ReleaseMutex
CreateMutexA
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
SetStdHandle
IsBadCodePtr
IsBadReadPtr
CompareStringW
CompareStringA
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
IsBadWritePtr
VirtualAlloc
LCMapStringW
LCMapStringA
SetEnvironmentVariableA
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetACP
HeapSize
TerminateProcess
RaiseException
WriteFile
WaitForMultipleObjects
CreateFileA
SetEvent
FindResourceA
LoadResource
LockResource
ReadFile
GetModuleFileNameA
WideCharToMultiByte
MultiByteToWideChar
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
lstrlenA
WinExec
lstrcpyA
FindNextFileA
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetFullPathNameA
FreeLibrary
LoadLibraryA
GetLastError
GetVersionExA
WritePrivateProfileStringA
GetPrivateProfileStringA
CreateThread
CreateEventA
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
FindFirstFileA
FindClose
GetFileAttributesA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
GetOEMCP
GetCPInfo
GetProcessVersion
SetErrorMode
GlobalFlags
GetCurrentThread
GetFileTime
GetFileSize
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
lstrcmpA
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
SetCurrentDirectoryA
GetVolumeInformationA
GetModuleHandleA
GetProcAddress
GlobalDeleteAtom
lstrcmpiA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
MulDiv
GetCommandLineA
GetTickCount
WaitForSingleObject
CloseHandle
InterlockedIncrement

user32

SetParent
GetParent
GetFocus
GetClientRect
DestroyCursor
SendMessageA
SetWindowPos
MessageBoxA
GetCursorPos
GetSystemMetrics
IsWindow
InvalidateRect
ValidateRect
UpdateWindow
EqualRect
GetWindowRect
SetForegroundWindow
DestroyMenu
wsprintfA
CloseClipboard
GetClipboardData
OpenClipboard
SetClipboardData
PostMessageA
EmptyClipboard
GetMenuItemID
IsChild
ReleaseDC
IsRectEmpty
FillRect
GetDC
SetCursor
LoadCursorA
SetCursorPos
SetActiveWindow
GetSysColor
SetWindowLongA
GetWindowLongA
RedrawWindow
EnableWindow
IsWindowVisible
OffsetRect
PtInRect
DestroyIcon
IntersectRect
InflateRect
SetRect
SetScrollPos
SetScrollRange
GetScrollRange
SetCapture
GetCapture
ReleaseCapture
SetTimer
KillTimer
LoadIconA
TranslateMessage
DrawFrameControl
DrawEdge
DrawFocusRect
WindowFromPoint
GetMessageA
DispatchMessageA
SetRectEmpty
RegisterClipboardFormatA
CreateIconFromResourceEx
CreateIconFromResource
DrawIconEx
CreatePopupMenu
AppendMenuA
ModifyMenuA
CreateMenu
CreateAcceleratorTableA
GetDlgCtrlID
GetSubMenu
EnableMenuItem
ClientToScreen
EnumDisplaySettingsA
LoadImageA
SystemParametersInfoA
ShowWindow
IsWindowEnabled
TranslateAcceleratorA
GetKeyState
CopyAcceleratorTableA
PostQuitMessage
IsZoomed
GetClassInfoA
DefWindowProcA
GetSystemMenu
DeleteMenu
GetMenu
SetMenu
PeekMessageA
IsIconic
GetWindowTextA
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetDlgItem
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
RegisterWindowMessageA
GetForegroundWindow
GetLastActivePopup
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
WinHelpA
GetMenuItemCount
RegisterClassA
GetScrollPos
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
GetClassNameA
GetDesktopWindow
UnregisterClassA
LoadStringA
GetSysColorBrush
SetFocus
GetActiveWindow
GetWindow
DestroyAcceleratorTable
SetWindowRgn
GetMessagePos
ScreenToClient
ChildWindowFromPointEx
CopyRect
LoadBitmapA
GetTopWindow

gdi32

GetSystemPaletteEntries
CreatePalette
StretchBlt
SelectPalette
RealizePalette
GetDIBits
GetWindowExtEx
GetViewportOrgEx
GetWindowOrgEx
BeginPath
EndPath
PathToRegion
CreateEllipticRgn
CreateRoundRectRgn
GetTextColor
GetBkMode
GetBkColor
GetROP2
GetStretchBltMode
GetPolyFillMode
CreateCompatibleBitmap
CreateDCA
CreateBitmap
SelectObject
GetObjectA
CreatePen
PatBlt
CombineRgn
CreateDIBitmap
FillRgn
CreateSolidBrush
GetStockObject
CreateFontIndirectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
CreateCompatibleDC
Ellipse
Rectangle
LPtoDP
DPtoLP
GetCurrentObject
RoundRect
GetTextExtentPoint32A
GetDeviceCaps
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
ExcludeClipRect
MoveToEx
LineTo
DeleteObject
SelectClipRgn
CreatePolygonRgn
GetClipRgn
SetStretchBltMode
CreateRectRgnIndirect
SetBkColor
CreateRectRgn
GetTextMetricsA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetViewportExtEx
ExtSelectClipRgn

winmm

midiStreamRestart
midiStreamClose
midiOutReset
midiStreamStop
midiStreamOut
midiOutPrepareHeader
midiStreamProperty
midiStreamOpen
midiOutUnprepareHeader
waveOutOpen
waveOutGetNumDevs
waveOutClose
waveOutReset
waveOutPause
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutRestart

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegQueryValueA
RegCreateKeyExA

shell32

ShellExecuteA
Shell_NotifyIconA

ole32

CLSIDFromString
OleUninitialize
OleInitialize

oleaut32

UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi

comctl32

ord17
ImageList_Destroy

ws2_32

inet_ntoa
WSACleanup
closesocket
WSAAsyncSelect
ntohl
accept
getpeername
recv
ioctlsocket
recvfrom

comdlg32

GetSaveFileNameA
GetOpenFileNameA
ChooseColorA
GetFileTitleA

Exports

Exports

Retini_Uninstall
Systeam_Setini

Sections

.text
Size: 644KB - Virtual size: 642KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cache/Api interface/Windows Install.dll
.dll windows:4 windows x86 arch:x86

cb93c75d19b9d01034d67df1b29deb2d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalFree
InterlockedDecrement
SuspendThread
TerminateThread
ReleaseMutex
CreateMutexA
GetCurrentProcess
GetWindowsDirectoryA
GetSystemDirectoryA
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
SetStdHandle
IsBadCodePtr
IsBadReadPtr
CompareStringW
CompareStringA
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
IsBadWritePtr
VirtualAlloc
LCMapStringW
LCMapStringA
SetEnvironmentVariableA
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetACP
HeapSize
TerminateProcess
RaiseException
WaitForMultipleObjects
CreateFileA
SetEvent
FindResourceA
LoadResource
LockResource
ReadFile
GetModuleFileNameA
WideCharToMultiByte
MultiByteToWideChar
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
lstrlenA
WinExec
lstrcpyA
FindNextFileA
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetFullPathNameA
FreeLibrary
LoadLibraryA
GetLastError
GetVersionExA
WritePrivateProfileStringA
GetPrivateProfileStringA
CreateThread
CreateEventA
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
GetTempPathA
FindFirstFileA
FindClose
GetFileAttributesA
SetCurrentDirectoryA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
GetOEMCP
GetCPInfo
GetProcessVersion
SetErrorMode
GlobalFlags
GetCurrentThread
GetFileTime
GetFileSize
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
lstrcmpA
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVolumeInformationA
GetModuleHandleA
GetProcAddress
MulDiv
GetCommandLineA
GetTickCount
WaitForSingleObject
CloseHandle
lstrcmpiA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
DuplicateHandle
lstrcpynA
SetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
InterlockedIncrement

user32

GetCursorPos
MessageBoxA
SetWindowPos
SendMessageA
DestroyCursor
SetParent
IsWindow
PostMessageA
GetTopWindow
GetParent
GetFocus
GetClientRect
InvalidateRect
ValidateRect
UpdateWindow
EqualRect
GetWindowRect
SetForegroundWindow
DestroyMenu
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
wsprintfA
GetSystemMetrics
IsChild
ReleaseDC
IsRectEmpty
FillRect
GetDC
SetCursor
LoadCursorA
SetCursorPos
SetActiveWindow
GetSysColor
SetWindowLongA
GetWindowLongA
RedrawWindow
EnableWindow
IsWindowVisible
OffsetRect
PtInRect
DestroyIcon
IntersectRect
InflateRect
SetRect
SetScrollPos
SetScrollRange
GetScrollRange
SetCapture
GetCapture
ReleaseCapture
SetTimer
KillTimer
WinHelpA
GetForegroundWindow
LoadIconA
TranslateMessage
DrawFrameControl
DrawEdge
DrawFocusRect
WindowFromPoint
GetMessageA
DispatchMessageA
SetRectEmpty
RegisterClipboardFormatA
CreateIconFromResourceEx
CreateIconFromResource
DrawIconEx
CreatePopupMenu
AppendMenuA
ModifyMenuA
CreateMenu
CreateAcceleratorTableA
GetDlgCtrlID
GetSubMenu
EnableMenuItem
ClientToScreen
EnumDisplaySettingsA
LoadImageA
SystemParametersInfoA
ShowWindow
IsWindowEnabled
TranslateAcceleratorA
GetKeyState
CopyAcceleratorTableA
PostQuitMessage
IsZoomed
GetClassInfoA
DefWindowProcA
GetSystemMenu
DeleteMenu
GetMenu
SetMenu
PeekMessageA
IsIconic
GetWindowTextA
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetDlgItem
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
RegisterWindowMessageA
GetLastActivePopup
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetScrollPos
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
GetClassNameA
GetDesktopWindow
UnregisterClassA
LoadStringA
GetSysColorBrush
SetFocus
GetActiveWindow
GetWindow
DestroyAcceleratorTable
SetWindowRgn
GetMessagePos
ScreenToClient
ChildWindowFromPointEx
CopyRect
LoadBitmapA

gdi32

GetWindowOrgEx
BeginPath
EndPath
PathToRegion
CreateEllipticRgn
CreateRoundRectRgn
GetTextColor
GetBkMode
GetBkColor
GetROP2
GetStretchBltMode
GetPolyFillMode
CreateCompatibleBitmap
CreateDCA
CreateBitmap
SelectObject
GetObjectA
CreatePen
PatBlt
CombineRgn
CreateRectRgn
FillRgn
CreateSolidBrush
GetStockObject
CreateFontIndirectA
EndPage
EndDoc
CreateRectRgnIndirect
StartDocA
StartPage
BitBlt
GetViewportOrgEx
Ellipse
Rectangle
LPtoDP
DPtoLP
GetCurrentObject
RoundRect
GetTextExtentPoint32A
GetDeviceCaps
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
ExcludeClipRect
MoveToEx
LineTo
GetWindowExtEx
GetDIBits
RealizePalette
SelectPalette
StretchBlt
CreatePalette
GetSystemPaletteEntries
CreateDIBitmap
DeleteObject
SelectClipRgn
CreatePolygonRgn
GetClipRgn
SetStretchBltMode
CreateCompatibleDC
SetBkColor
DeleteDC
GetTextMetricsA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetViewportExtEx
ExtSelectClipRgn

winmm

midiStreamRestart
midiStreamClose
midiOutReset
midiStreamStop
midiStreamOut
midiOutPrepareHeader
midiStreamProperty
midiStreamOpen
midiOutUnprepareHeader
waveOutOpen
waveOutGetNumDevs
waveOutClose
waveOutReset
waveOutPause
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutRestart

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA

shell32

SHGetSpecialFolderPathA
Shell_NotifyIconA
ShellExecuteA

ole32

OleInitialize
OleUninitialize
CLSIDFromString

oleaut32

UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi

comctl32

ord17
ImageList_Destroy
ImageList_Read
ImageList_Duplicate
ImageList_GetIcon

ws2_32

inet_ntoa
gethostbyname
WSAStartup
WSACleanup
closesocket
WSAAsyncSelect
recvfrom
ntohl
accept
getpeername
ioctlsocket
recv

comdlg32

GetFileTitleA
GetOpenFileNameA
ChooseColorA
GetSaveFileNameA

Exports

Exports

Windows_Install_Main
_��ӳ��
�ı�_��_�Ż�_NB

Sections

.text
Size: 696KB - Virtual size: 693KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 337KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cache/Api interface/dll_zz_th.dll
.dll windows:4 windows x86 arch:x86

7f441486db7538317035591b470cfeb3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
VirtualFree
LoadLibraryA
GetProcAddress
OpenProcess
LocalAlloc
LocalFree
lstrcatA
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
GetModuleFileNameA
WriteFile
CreateFileA
ReadFile
GetFileSize
SetFilePointer
GetUserDefaultLCID
GetCommandLineA
FreeLibrary
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
CloseHandle
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
RtlUnwind
RaiseException
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetLastError
TlsGetValue
SetLastError
TlsFree
VirtualQueryEx
GetCurrentProcess
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetVersion
InterlockedDecrement
InterlockedIncrement
TerminateProcess

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateInstance
OleRun
CoInitialize
CoUninitialize

user32

DispatchMessageA
MessageBoxA
PeekMessageA
GetMessageA
TranslateMessage
wsprintfA

shlwapi

PathFileExistsA

oleaut32

RegisterTypeLi
SafeArrayDestroy
VariantClear
VariantTimeToSystemTime
VariantInit
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElemsize
VarR8FromCy
VarR8FromBool
VariantChangeType
LoadTypeLi
LHashValOfNameSys
SysFreeString
VariantCopy
SafeArrayCreate
SysAllocString

Exports

Exports

dll_zz_th
�߳�_��ʼ��COM��
�߳�_ȡ��COM��

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cache/Api interface/grouping.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

��_��ķ��_��

Sections

UPX0
Size: - Virtual size: 536KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 304KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 504KB - Virtual size: 502KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cache/Api interface/quick text editor.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

quick_text_editor

Sections

UPX0
Size: - Virtual size: 792KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 349KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 612KB - Virtual size: 611KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cache/BUG/6817793 127.0.0.1.BUG.7620815
Cache/DAT/Copy.bat
Cache/DAT/i.exp
.dll windows:4 windows x86 arch:x86

478bf7d44bdab2cfdcb55f677c1b2ebd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeKillEvent
timeSetEvent

kernel32

DeleteTimerQueueTimer
RtlMoveMemory
RtlZeroMemory
CreateTimerQueueTimer
InterlockedCompareExchange
CreateThread
SetThreadPriority
PostQueuedCompletionStatus
GetQueuedCompletionStatus
CreatePipe
CreateProcessA
CloseHandle
PeekNamedPipe
ReadFile
GetExitCodeProcess
CreateFileA
GlobalAlloc
GlobalFree
GetLogicalProcessorInformation
Sleep
lstrcpyn
LocalSize
GetFileSizeEx
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
SetFilePointerEx
SetEndOfFile
MapViewOfFileEx
FlushViewOfFile
GetLastError
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateTimerQueue
CreateIoCompletionPort
DeleteTimerQueue
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
HeapCreate
HeapAlloc
HeapDestroy
GetProcessHeap
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
LeaveCriticalSection
DeleteCriticalSection
TryEnterCriticalSection
ExitProcess
HeapReAlloc
HeapFree
IsBadReadPtr
GetTickCount
CreateDirectoryA
DeleteFileA
CopyFileA
MoveFileA
GetModuleFileNameA
GetCommandLineA
FreeLibrary
LoadLibraryA
LCMapStringA

ws2_32

WSACleanup
freeaddrinfo
getaddrinfo
WSAStartup
recvfrom
bind
setsockopt
ioctlsocket
WSASocketA
sendto
closesocket
getsockname
inet_ntoa
ntohs
inet_addr
htons

user32

TranslateMessage
wsprintfA
GetMessageA
WaitForInputIdle
DispatchMessageA
PeekMessageA
MessageBoxA

msvcrt

floor
strncmp
memmove
??3@YAXPAX@Z
realloc
strchr
strrchr
_CIfmod
srand
__CxxFrameHandler
rand
malloc
atoi
_ftol
strtod
sprintf
modf
free

shlwapi

PathFileExistsA

Exports

Exports

UBroadcasts
UBuffAllocMem
UBuffCreate
UBuffDestory
UBuffFreeMem
UByteToTXT
UCRC32
UClose
UCloseAll
UCloseFile
UConnect
UConnectForwar
UCreate
UDestory
UForwarIf
UGetBind
UGetConnectINFO
UGetFileINFO
UGetForwarID
UGetIP
UGetIPv6
UGetMark1
UGetMark2
UGetOnlinelist
UGetPort
UGetRTT
UGetReceiveSpeed
UGetSendSpeed
UGetUUID
UGetUUIDLink
UGetVersion
UGetVersionLink
UHostNameToIP
UIsConnected
UKillTime
UNAT_PunchTy
UP2PConnect
UP2PConnectForwar
UP2PForwarServerLinkIf
UP2PGetEvents
UP2PGetID
UP2PServerLinkIf
UP2PSetForwarServer
UP2PSetLinkServerAUZ
UP2PSetServer
URecv
USend
USendFile
USend_UDP
USendto
USetCallback
USetFileRecv
USetMark1
USetMark2
USetPant
USetSpeed
USetSpeedLink
UShutDown
USocket
USocket_
UStartTime
UStartTime_
UTimeToTXT
Uinet_addr
Uinet_addr_Memcpy
Uinet_ntoa

Sections

.text
Size: 224KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cache/DAT/install.dat
.exe windows:4 windows x86 arch:x86

Code Sign

04:4b:e9:09:7d:bb:16:64
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

51:60:4c:75:69:48:9b:d4
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/11/2019, 00:00

Not After

04/02/2023, 12:00

Subject

CN=Beijing Qihu Technology Co.\, Ltd.,O=Beijing Qihu Technology Co.\, Ltd.,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:4b:e9:09:7d:bb:16:64
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

51:60:4c:75:69:48:9b:d4
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/11/2019, 00:00

Not After

04/02/2023, 12:00

Subject

CN=Beijing Qihu Technology Co.\, Ltd.,O=Beijing Qihu Technology Co.\, Ltd.,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ee:62:4d:c6:1c:4d:9c:9a:13:11:7a:f6:4e:21:65:d7:99:42:07:ca:14:f6:a7:5a:72:94:60:91:26:46:ec:ca
Signer

Actual PE Digest

ee:62:4d:c6:1c:4d:9c:9a:13:11:7a:f6:4e:21:65:d7:99:42:07:ca:14:f6:a7:5a:72:94:60:91:26:46:ec:ca

Digest Algorithm

sha256

PE Digest Matches

true

82:30:2c:4e:45:30:33:3f:8b:87:fb:da:23:28:5e:7c:eb:db:2b:83
Signer

Actual PE Digest

82:30:2c:4e:45:30:33:3f:8b:87:fb:da:23:28:5e:7c:eb:db:2b:83

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 728KB - Virtual size: 724KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.!rc!
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26.4MB - Virtual size: 26.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.enigma1
Size: 340KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma2
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Cache/DAT/install.pg
.dll windows:4 windows x86 arch:x86

39550e91dd36a97b4bddde0e00205002

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
CreateWaitableTimerA
SetWaitableTimer
LocalSize
RtlMoveMemory
ExpandEnvironmentStringsW
MultiByteToWideChar
lstrcmpiA
IsBadReadPtr
GetCurrentProcessId
GetEnvironmentVariableA
SetEnvironmentVariableA
TlsAlloc
TlsGetValue
TlsSetValue
Module32First
Module32Next
GetCurrentThreadId
GlobalAlloc
GlobalFree
GetLocaleInfoA
GetDateFormatA
GetTimeFormatA
GetProcessTimes
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLogicalDriveStringsA
GetDiskFreeSpaceExA
GlobalMemoryStatusEx
GetModuleHandleA
CreateFileW
GetFileTime
GetFileAttributesW
QueryPerformanceFrequency
QueryPerformanceCounter
CreateDirectoryA
MoveFileA
lstrlenW
GetTempPathW
GetTickCount
GetProcessHeap
Process32Next
SetLastError
HeapAlloc
HeapFree
CreateProcessW
WaitForSingleObject
GetLastError
VirtualQuery
ExitProcess
GetCurrentThread
ExitThread
OpenThread
GetThreadTimes
FlushInstructionCache
VirtualProtect
HeapReAlloc
GetModuleFileNameA
FindNextFileA
FindFirstFileA
FindClose
LCMapStringA
GetLocalTime
DeleteFileA
RemoveDirectoryA
ReadFile
GetFileSize
CreateFileA
WriteFile
SetFilePointer
SetEndOfFile
GetUserDefaultLCID
CreateProcessA
GetStartupInfoA
GetCommandLineA
FreeLibrary
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
DeleteCriticalSection
Process32First
IsBadCodePtr
CreateToolhelp32Snapshot
LocalFree
CreateThread
LocalAlloc
WideCharToMultiByte
QueryDosDeviceW
OpenProcess
ReleaseMutex
GetProcAddress
LoadLibraryA
VirtualFree
VirtualAlloc
GlobalUnlock
GlobalSize
GlobalLock
lstrlenA
CloseHandle
VirtualQueryEx
TerminateProcess
GetCurrentProcess

user32

SwitchToThisWindow
OpenClipboard
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
MsgWaitForMultipleObjects
CharLowerA
GetDesktopWindow
EnumChildWindows
GetClassNameA
GetWindowTextLengthW
GetWindowTextW
IsWindowVisible
wvsprintfA
MessageBoxA
GetWindow
GetWindowThreadProcessId
SetClipboardViewer
SetWindowLongA
TranslateMessage
GetMessageA
PeekMessageA
RegisterRawInputDevices
CallWindowProcA
GetRawInputData
GetForegroundWindow
GetWindowTextA
GetLastInputInfo
PostMessageW
ShowScrollBar
CloseWindow
GetSystemMetrics
DispatchMessageA
SetClipboardData
wsprintfA
WaitForInputIdle
CloseDesktop
CreateDesktopW
EmptyClipboard
CloseWindowStation
BlockInput
SendMessageA
MoveWindow
GetWindowRect
SetForegroundWindow
PostMessageA

psapi

GetProcessImageFileNameW

shlwapi

PathFileExistsA
PathFindExtensionA
PathFindFileNameA

advapi32

RegDeleteValueA
RegCreateKeyExA
CloseServiceHandle
DeleteService
OpenServiceA
OpenSCManagerA
CreateProcessWithTokenW
DuplicateTokenEx
OpenProcessToken
CreateProcessAsUserW
LookupAccountSidA
GetUserNameA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegEnumValueA
RegDeleteKeyA
RegSetValueExA

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
VariantClear
SysAllocString
SafeArrayCreate
VariantCopy
RegisterTypeLi
LHashValOfNameSys
LoadTypeLi
VariantChangeType
VariantInit
VarR8FromCy
VarR8FromBool
SysFreeString
SafeArrayGetElemsize
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
SafeArrayAllocData
SafeArrayAllocDescriptor

shell32

SHGetSpecialFolderPathW
ShellExecuteA

ws2_32

WSACleanup
htons
recvfrom
socket
bind
connect
closesocket
inet_ntoa
ntohs
WSAStartup
getpeername
getsockname
inet_addr
sendto
accept
recv
listen
send

netapi32

NetUserGetInfo
NetUserGetLocalGroups
NetApiBufferFree
NetUserAdd
NetLocalGroupAddMembers
NetUserDel

ole32

CoCreateInstance
CoUninitialize
CLSIDFromProgID
CLSIDFromString
OleRun
CoInitialize

dbghelp

MakeSureDirectoryPathExists

msvcrt

strchr
_CIfmod
_CIpow
??2@YAPAXI@Z
strncmp
??3@YAXPAX@Z
strncpy
strtod
malloc
strstr
free
rand
srand
atoi
sprintf
_ftol
floor
_stricmp
modf
realloc
calloc
strrchr

Exports

Exports

ServetGetip
UBroadcasts
UBuffAllocMem
UBuffCreate
UBuffDestory
UBuffFreeMem
UByteToTXT
UCRC32
UClose
UCloseAll
UCloseFile
UConnect
UConnectForwar
UCreate
UDestory
UForwarIf
UGetBind
UGetConnectINFO
UGetFileINFO
UGetForwarID
UGetIP
UGetMark1
UGetMark2
UGetOnlinelist
UGetPort
UGetRTT
UGetReceiveSpeed
UGetSendSpeed
UGetUUID
UGetUUIDLink
UGetVersion
UGetVersionLink
UHostNameToIP
UIsConnected
UKillTime
UNAT_PunchTy
UP2PConnect
UP2PConnectForwar
UP2PForwarServerLinkIf
UP2PGetEvents
UP2PGetID
UP2PServerLinkIf
UP2PSetForwarServer
UP2PSetLinkServerAUZ
UP2PSetServer
URecv
USend
USendFile
USend_UDP
USendto
USetCallback
USetFileRecv
USetMark1
USetMark2
USetPant
USetSpeed
USetSpeedLink
UShutDown
USocket
USocket_
UStartTime
UStartTime_
UTimeToTXT
Uinet_addr
Uinet_addr_Memcpy
Uinet_ntoa
data_CALL_��ָ��ָ�
��_ȡ�ı�W
ע��_ȡDWORD_32ֵ

Sections

.text
Size: 324KB - Virtual size: 321KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cache/DAT/install.pg.dll
.dll windows:4 windows x86 arch:x86

39550e91dd36a97b4bddde0e00205002

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
CreateWaitableTimerA
SetWaitableTimer
LocalSize
RtlMoveMemory
ExpandEnvironmentStringsW
MultiByteToWideChar
lstrcmpiA
IsBadReadPtr
GetCurrentProcessId
GetEnvironmentVariableA
SetEnvironmentVariableA
TlsAlloc
TlsGetValue
TlsSetValue
Module32First
Module32Next
GetCurrentThreadId
GlobalAlloc
GlobalFree
GetLocaleInfoA
GetDateFormatA
GetTimeFormatA
GetProcessTimes
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLogicalDriveStringsA
GetDiskFreeSpaceExA
GlobalMemoryStatusEx
GetModuleHandleA
CreateFileW
GetFileTime
GetFileAttributesW
QueryPerformanceFrequency
QueryPerformanceCounter
CreateDirectoryA
MoveFileA
lstrlenW
GetTempPathW
GetTickCount
GetProcessHeap
Process32Next
SetLastError
HeapAlloc
HeapFree
CreateProcessW
WaitForSingleObject
GetLastError
VirtualQuery
ExitProcess
GetCurrentThread
ExitThread
OpenThread
GetThreadTimes
FlushInstructionCache
VirtualProtect
HeapReAlloc
GetModuleFileNameA
FindNextFileA
FindFirstFileA
FindClose
LCMapStringA
GetLocalTime
DeleteFileA
RemoveDirectoryA
ReadFile
GetFileSize
CreateFileA
WriteFile
SetFilePointer
SetEndOfFile
GetUserDefaultLCID
CreateProcessA
GetStartupInfoA
GetCommandLineA
FreeLibrary
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
DeleteCriticalSection
Process32First
IsBadCodePtr
CreateToolhelp32Snapshot
LocalFree
CreateThread
LocalAlloc
WideCharToMultiByte
QueryDosDeviceW
OpenProcess
ReleaseMutex
GetProcAddress
LoadLibraryA
VirtualFree
VirtualAlloc
GlobalUnlock
GlobalSize
GlobalLock
lstrlenA
CloseHandle
VirtualQueryEx
TerminateProcess
GetCurrentProcess

user32

SwitchToThisWindow
OpenClipboard
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
MsgWaitForMultipleObjects
CharLowerA
GetDesktopWindow
EnumChildWindows
GetClassNameA
GetWindowTextLengthW
GetWindowTextW
IsWindowVisible
wvsprintfA
MessageBoxA
GetWindow
GetWindowThreadProcessId
SetClipboardViewer
SetWindowLongA
TranslateMessage
GetMessageA
PeekMessageA
RegisterRawInputDevices
CallWindowProcA
GetRawInputData
GetForegroundWindow
GetWindowTextA
GetLastInputInfo
PostMessageW
ShowScrollBar
CloseWindow
GetSystemMetrics
DispatchMessageA
SetClipboardData
wsprintfA
WaitForInputIdle
CloseDesktop
CreateDesktopW
EmptyClipboard
CloseWindowStation
BlockInput
SendMessageA
MoveWindow
GetWindowRect
SetForegroundWindow
PostMessageA

psapi

GetProcessImageFileNameW

shlwapi

PathFileExistsA
PathFindExtensionA
PathFindFileNameA

advapi32

RegDeleteValueA
RegCreateKeyExA
CloseServiceHandle
DeleteService
OpenServiceA
OpenSCManagerA
CreateProcessWithTokenW
DuplicateTokenEx
OpenProcessToken
CreateProcessAsUserW
LookupAccountSidA
GetUserNameA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegEnumValueA
RegDeleteKeyA
RegSetValueExA

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
VariantClear
SysAllocString
SafeArrayCreate
VariantCopy
RegisterTypeLi
LHashValOfNameSys
LoadTypeLi
VariantChangeType
VariantInit
VarR8FromCy
VarR8FromBool
SysFreeString
SafeArrayGetElemsize
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
SafeArrayAllocData
SafeArrayAllocDescriptor

shell32

SHGetSpecialFolderPathW
ShellExecuteA

ws2_32

WSACleanup
htons
recvfrom
socket
bind
connect
closesocket
inet_ntoa
ntohs
WSAStartup
getpeername
getsockname
inet_addr
sendto
accept
recv
listen
send

netapi32

NetUserGetInfo
NetUserGetLocalGroups
NetApiBufferFree
NetUserAdd
NetLocalGroupAddMembers
NetUserDel

ole32

CoCreateInstance
CoUninitialize
CLSIDFromProgID
CLSIDFromString
OleRun
CoInitialize

dbghelp

MakeSureDirectoryPathExists

msvcrt

strchr
_CIfmod
_CIpow
??2@YAPAXI@Z
strncmp
??3@YAXPAX@Z
strncpy
strtod
malloc
strstr
free
rand
srand
atoi
sprintf
_ftol
floor
_stricmp
modf
realloc
calloc
strrchr

Exports

Exports

ServetGetip
UBroadcasts
UBuffAllocMem
UBuffCreate
UBuffDestory
UBuffFreeMem
UByteToTXT
UCRC32
UClose
UCloseAll
UCloseFile
UConnect
UConnectForwar
UCreate
UDestory
UForwarIf
UGetBind
UGetConnectINFO
UGetFileINFO
UGetForwarID
UGetIP
UGetMark1
UGetMark2
UGetOnlinelist
UGetPort
UGetRTT
UGetReceiveSpeed
UGetSendSpeed
UGetUUID
UGetUUIDLink
UGetVersion
UGetVersionLink
UHostNameToIP
UIsConnected
UKillTime
UNAT_PunchTy
UP2PConnect
UP2PConnectForwar
UP2PForwarServerLinkIf
UP2PGetEvents
UP2PGetID
UP2PServerLinkIf
UP2PSetForwarServer
UP2PSetLinkServerAUZ
UP2PSetServer
URecv
USend
USendFile
USend_UDP
USendto
USetCallback
USetFileRecv
USetMark1
USetMark2
USetPant
USetSpeed
USetSpeedLink
UShutDown
USocket
USocket_
UStartTime
UStartTime_
UTimeToTXT
Uinet_addr
Uinet_addr_Memcpy
Uinet_ntoa
data_CALL_��ָ��ָ�
��_ȡ�ı�W
ע��_ȡDWORD_32ֵ

Sections

.text
Size: 324KB - Virtual size: 321KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cache/DAT/警告.txt
Cache/Quickaccess/Mylist.ini
Cache/Quickaccess/Quickaccess.ini
Cache/Winpe/atl.dll
.dll regsvr32 windows:10 windows x86 arch:x86

9770a95c6b6c769aa3c12b78be296801

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

atl.pdb

Imports

msvcrt

_except_handler4_common
_initterm
_XcptFilter
_callnewh
wcscat_s
realloc
free
_amsg_exit
wcscpy_s
malloc
memcpy
memcmp
memset

kernel32

InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
GetProcessHeap
GetACP
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsProcessorFeaturePresent
DecodePointer
HeapAlloc
EncodePointer
LoadLibraryExA
WaitForSingleObject
GetCurrentProcess
FormatMessageW
HeapDestroy
GetModuleFileNameW
GetLastError
LoadLibraryExW
GetProcAddress
FreeLibrary
lstrcpyW
RaiseException
GetCurrentThreadId
UnhandledExceptionFilter
HeapFree
CreateFileW
GetFileSize
ReadFile
CloseHandle
FindResourceExW
SizeofResource
SetUnhandledExceptionFilter
TerminateProcess
MultiByteToWideChar
GetSystemInfo
WideCharToMultiByte
VirtualQuery
VirtualAlloc
VirtualProtect
lstrcpynW
lstrcmpiW
GetModuleHandleW
SetLastError
DisableThreadLibraryCalls
QueryPerformanceCounter
FindResourceA
GetCurrentProcessId
FreeResource
GetSystemTimeAsFileTime
GetTickCount
Sleep
ResolveDelayLoadedAPI
DelayLoadFailureHook
GlobalHandle
GlobalFree
lstrcmpW
LockResource
LoadResource
FindResourceW
GlobalUnlock
VirtualFree
GlobalLock
GlobalAlloc

user32

SetCapture
ReleaseCapture
InvalidateRect
InvalidateRgn
GetDlgItem
SendMessageW
GetDesktopWindow
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
CreateAcceleratorTableW
SetWindowLongW
DefWindowProcW
GetWindowLongW
GetClassNameW
GetParent
DialogBoxIndirectParamW
IsWindow
RedrawWindow
EndPaint
FillRect
DialogBoxIndirectParamA
CreateDialogIndirectParamW
CreateDialogIndirectParamA
RegisterWindowMessageW
GetClientRect
CallWindowProcW
DestroyWindow
BeginPaint
CreateWindowExW
GetWindow
SetFocus
GetFocus
IsChild
GetSysColor
UnregisterClassW
ReleaseDC
CharPrevW
GetDC
RegisterClassExW
wsprintfW
LoadCursorW
GetClassInfoExW
RegisterClassExA
wsprintfA
LoadCursorA
GetClassInfoExA
LoadStringW
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
CharNextW
SetWindowPos

gdi32

GetObjectW
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
CreateSolidBrush
GetDeviceCaps
CreateDCW
GetStockObject

Exports

Exports

AtlAdvise
AtlAxAttachControl
AtlAxCreateControl
AtlAxCreateControlEx
AtlAxCreateDialogA
AtlAxCreateDialogW
AtlAxDialogBoxA
AtlAxDialogBoxW
AtlAxGetControl
AtlAxGetHost
AtlAxWinInit
AtlComPtrAssign
AtlComQIPtrAssign
AtlCreateTargetDC
AtlDevModeW2A
AtlFreeMarshalStream
AtlGetObjectSourceInterface
AtlGetVersion
AtlHiMetricToPixel
AtlIPersistPropertyBag_Load
AtlIPersistPropertyBag_Save
AtlIPersistStreamInit_GetSizeMax
AtlIPersistStreamInit_Load
AtlIPersistStreamInit_Save
AtlInternalQueryInterface
AtlMarshalPtrInProc
AtlModuleAddCreateWndData
AtlModuleAddTermFunc
AtlModuleExtractCreateWndData
AtlModuleGetClassObject
AtlModuleInit
AtlModuleLoadTypeLib
AtlModuleRegisterClassObjects
AtlModuleRegisterServer
AtlModuleRegisterTypeLib
AtlModuleRegisterWndClassInfoA
AtlModuleRegisterWndClassInfoW
AtlModuleRevokeClassObjects
AtlModuleTerm
AtlModuleUnRegisterTypeLib
AtlModuleUnregisterServer
AtlModuleUnregisterServerEx
AtlModuleUpdateRegistryFromResourceD
AtlPixelToHiMetric
AtlRegisterClassCategoriesHelper
AtlSetErrorInfo
AtlSetErrorInfo2
AtlUnadvise
AtlUnmarshalPtr
AtlWaitWithMessageLoop
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cache/Winpe/crtdll.dll
.dll windows:4 windows x86 arch:x86

ac8a18458b5e230a01fe80ee9ebcb2c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetDiskFreeSpaceA
GetEnvironmentStrings
GetCommandLineA
LoadLibraryA
GetModuleFileNameA
UnhandledExceptionFilter
ExitProcess
GetLastError
SetConsoleCtrlHandler
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetCurrentThread
RtlUnwind
GetFileAttributesA
Sleep
Beep
ResumeThread
CreateThread
ExitThread
CloseHandle
SetConsoleMode
ReadConsoleA
GetConsoleMode
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
SetEndOfFile
FlushFileBuffers
WriteConsoleA
GetExitCodeProcess
WaitForSingleObject
DuplicateHandle
GetCurrentProcess
HeapReAlloc
FindFirstFileA
FindNextFileA
FindClose
FileTimeToSystemTime
GetFileInformationByHandle
GetFileType
GetLocalTime
SetFileTime
SystemTimeToFileTime
SetStdHandle
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
GetVersion
GetProcAddress
GetLogicalDrives
GetCurrentProcessId
SetLocalTime
HeapValidate
GetProcessHeap
HeapUnlock
HeapWalk
HeapLock
HeapCompact
GetStringTypeW
MultiByteToWideChar
FreeLibrary
LockFile
UnlockFile
SetFilePointer
CreateDirectoryA
HeapSize
CreateFileA
CreatePipe
SetEnvironmentVariableA
ReadFile
RemoveDirectoryA
SetErrorMode
GetDriveTypeA
CompareStringW
WideCharToMultiByte
LCMapStringW
GetTimeZoneInformation
DeleteFileA
WriteFile
HeapAlloc
HeapFree
MoveFileA
GetSystemTime
GetStdHandle
GetStartupInfoA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateProcessA
GetCPInfo
GetLocaleInfoW
IsValidCodePage
GetOEMCP
GetUserDefaultLCID
RaiseException

Exports

Exports

??2@YAPAXI@Z
??3@YAXPAX@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_HUGE_dll
_XcptFilter
__GetMainArgs
__argc_dll
__argv_dll
__dllonexit
__doserrno
__fpecode
__isascii
__iscsym
__iscsymf
__mb_cur_max_dll
__pxcptinfoptrs
__threadhandle
__threadid
__toascii
_abnormal_termination
_access
_acmdln_dll
_aexit_rtn_dll
_amsg_exit
_assert
_basemajor_dll
_baseminor_dll
_baseversion_dll
_beep
_beginthread
_c_exit
_cabs
_cexit
_cgets
_chdir
_chdrive
_chgsign
_chmod
_chsize
_clearfp
_close
_commit
_commode_dll
_control87
_controlfp
_copysign
_cprintf
_cpumode_dll
_cputs
_creat
_cscanf
_ctype
_cwait
_daylight_dll
_dup
_dup2
_ecvt
_endthread
_environ_dll
_eof
_errno
_except_handler2
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo_dll
_filelength
_fileno
_findclose
_findfirst
_findnext
_finite
_flsbuf
_flushall
_fmode_dll
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_fsopen
_fstat
_ftime
_ftol
_fullpath
_futime
_gcvt
_get_osfhandle
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getpid
_getsystime
_getw
_global_unwind2
_heapchk
_heapmin
_heapset
_heapwalk
_hypot
_initterm
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalpha
_ismbcdigit
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_locking
_logb
_lrotl
_lrotr
_lsearch
_lseek
_ltoa
_ltow
_makepath
_matherr
_mbbtombc
_mbbtype
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcpy
_mbsnbicmp
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_msize
_nextafter
_onexit
_open
_open_osfhandle
_osmajor_dll
_osminor_dll
_osmode_dll
_osver_dll
_osversion_dll
_pclose
_pctype_dll
_pgmptr_dll
_pipe
_popen
_purecall
_putch
_putenv
_putw
_pwctype_dll
_read
_rmdir
_rmtmp
_rotl
_rotr
_scalb
_searchenv
_seterrormode
_setjmp
_setmode
_setsystime
_sleep
_snprintf
_snwprintf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp
_spawnvpe
_splitpath
_stat
_statusfp
_strcmpi
_strdate
_strdec
_strdup
_strerror
_stricmp
_stricoll
_strinc
_strlwr
_strncnt
_strnextc
_strnicmp
_strninc
_strnset
_strrev
_strset
_strspnp
_strtime
_strupr
_swab
_sys_errlist
_sys_nerr_dll
_tell
_tempnam
_timezone_dll
_tolower
_toupper
_tzname
_tzset
_ultoa
_ultow
_umask
_ungetch
_unlink
_unloaddll
_utime
_vsnprintf
_vsnwprintf
_wcsdup
_wcsicmp
_wcsicoll
_wcslwr
_wcsnicmp
_wcsnset
_wcsrev
_wcsset
_wcsupr
_winmajor_dll
_winminor_dll
_winver_dll
_write
_wtoi
_wtol
_y0
_y1
_yn
abort
abs
acos
asctime
asin
atan
atan2
atexit
atof
atoi
atol
bsearch
calloc
ceil
clearerr
clock
cos
cosh
ctime
difftime
div
exit
exp
fabs
fclose
feof
ferror
fflush
fgetc
fgetpos
fgets
fgetwc
floor
fmod
fopen
fprintf
fputc
fputs
fputwc
fread
free
freopen
frexp
fscanf
fseek
fsetpos
ftell
fwprintf
fwrite
fwscanf
getc
getchar
getenv
gets
gmtime
is_wctype
isalnum
isalpha
iscntrl
isdigit
isgraph
isleadbyte
islower
isprint
ispunct
isspace
isupper
iswalnum
iswalpha
iswascii
iswcntrl
iswctype
iswdigit
iswgraph
iswlower
iswprint
iswpunct
iswspace
iswupper
iswxdigit
isxdigit
labs
ldexp
ldiv
localeconv
localtime
log
log10
longjmp
malloc
mblen
mbstowcs
mbtowc
memchr
memcmp
memcpy
memmove
memset
mktime
modf
perror
pow
printf
putc
putchar
puts
qsort
raise
rand
realloc
remove
rename
rewind
scanf
setbuf
setlocale
setvbuf
signal
sin
sinh
sprintf
sqrt
srand
sscanf
strcat
strchr
strcmp
strcoll
strcpy
strcspn
strerror
strftime
strlen
strncat
strncmp
strncpy
strpbrk
strrchr
strspn
strstr
strtod
strtok
strtol
strtoul
strxfrm
swprintf
swscanf
system
tan
tanh
time
tmpfile
tmpnam
tolower
toupper
towlower
towupper
ungetc
ungetwc
vfprintf
vfwprintf
vprintf
vsprintf

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cache/Winpe/help.txt
Cache/ico/main.ico
Cache/menu.main
Cache/menu.main2
Cache/menu.menu
Cache/menu.regedit
Cache/plugin/client/WQPlXhOR0.1.dll
.dll windows:4 windows x86 arch:x86

a5677514b3b4e52a8205f1faa2f34f6e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
RtlMoveMemory
lstrcpynA
GetVersionExA
GetProcAddress
lstrcpyn
GlobalLock
GlobalSize
GlobalUnlock
GlobalFree
GlobalAlloc
MultiByteToWideChar
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
WideCharToMultiByte
GetTickCount
FreeLibrary
CloseHandle
FlushFileBuffers
SetStdHandle
LCMapStringW
GetStringTypeW
GetStringTypeA
InterlockedIncrement
InterlockedDecrement
SetFilePointer
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
VirtualQueryEx
GetCurrentProcess
IsBadCodePtr
CreateThread
SetWaitableTimer
CreateWaitableTimerA
LocalFree
LCMapStringA
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualAlloc
RaiseException
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
DeleteCriticalSection
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetLastError
TlsGetValue
SetLastError
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree

user32

EnumDisplayDevicesW
EnumDisplaySettingsW
GetDesktopWindow
GetWindowRect
MsgWaitForMultipleObjects
OpenWindowStationA
SetProcessWindowStation
GetCursorInfo
GetDC
ReleaseDC
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
MessageBoxA
keybd_event
SendMessageA
CloseWindowStation
CloseDesktop
GetIconInfo

gdiplus

GdiplusShutdown

gdi32

DeleteDC
CreateDIBSection
GetDeviceCaps
CreateCompatibleDC
GdiFlush
BitBlt
DeleteObject
SelectObject

ole32

CreateStreamOnHGlobal
GetHGlobalFromStream
CLSIDFromString
CoInitialize
CoUninitialize

oleaut32

VariantTimeToSystemTime

Exports

Exports

data_call_back_entry
service_management
��_ȡ��괦��ھ��

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cache/plugin/client/cmd_shell.ini
Cache/plugin/client/cmd_shell_0.1.dll
.dll windows:4 windows x86 arch:x86

58357f4aecd39b72dc3f48fab8638c87

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcess
OpenProcess
LocalAlloc
LocalFree
CloseHandle
CreatePipe
GetStartupInfoA
CreateProcessA
lstrlenW
GetTempPathW
WideCharToMultiByte
CreateThread
IsBadCodePtr
ReadFile
WriteFile
GetExitCodeThread
TerminateThread
TerminateProcess
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
GetModuleFileNameA
SetCurrentDirectoryA
GetCurrentDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
LCMapStringA
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
SetFilePointer
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringW
SetStdHandle
FlushFileBuffers

user32

MessageBoxA
wsprintfA

shell32

SHGetSpecialFolderPathW

oleaut32

VariantTimeToSystemTime

Exports

Exports

data_call_back_entry
service_management

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cache/plugin/client/file_mame.ini
Cache/plugin/client/file_mame_0.8.dll
.dll windows:4 windows x86 arch:x86

adc297eaaf76336387f01c34f49c4f40

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindFirstFileW
FindClose
GetLogicalDriveStringsA
CreateFileA
DeviceIoControl
GetDiskFreeSpaceExA
ExpandEnvironmentStringsW
CreateToolhelp32Snapshot
Process32First
Process32Next
LocalAlloc
LocalFree
CreateFileW
GetFileTime
GetFileAttributesW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLocaleInfoA
GetDateFormatA
GetTimeFormatA
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
FindNextFileA
FindFirstFileA
SetFilePointer
MultiByteToWideChar
GetFileSize
CloseHandle
WriteFile
GetLocalTime
GetCommandLineA
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
LCMapStringA
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
FlushFileBuffers
SetStdHandle
lstrlenW
CopyFileA
LCMapStringW
IsBadCodePtr
SetUnhandledExceptionFilter
WideCharToMultiByte
GetTempPathW
ReadFile
GetVersion
RtlUnwind
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RaiseException
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
InterlockedDecrement
InterlockedIncrement
GetStringTypeA
GetStringTypeW

user32

PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
MessageBoxA

shell32

SHGetSpecialFolderPathW

shlwapi

PathFindFileNameA
PathFindExtensionA

advapi32

LookupAccountSidA

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime

Exports

Exports

data_call_back_entry
service_management

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cache/plugin/client/loadname.txt
Cache/plugin/client/remote_screen.ini
Cache/plugin/client/serv_server.ini
Cache/plugin/client/serv_server_0.1.dll
.dll windows:4 windows x86 arch:x86

025115fac6ad0bf194728641ce9ac390

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
FreeLibrary
GetProcAddress
LoadLibraryA
GetProcessHeap
lstrcatA
GlobalAlloc
lstrcpyn
CloseHandle
LocalFree
LocalAlloc
OpenProcess
LCMapStringA
GetCurrentProcess
FlushFileBuffers
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
SetFilePointer
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringW
SetStdHandle

user32

GetMessageA
DispatchMessageA
wsprintfA
MessageBoxA
GetInputState
TranslateMessage
PeekMessageA

advapi32

QueryServiceConfigA
EnumServicesStatusA
ControlService
CloseServiceHandle
DeleteService
OpenServiceA
OpenSCManagerA
QueryServiceConfig2A

oleaut32

VariantTimeToSystemTime

Exports

Exports

data_call_back_entry
service_management

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cache/plugin/client/video_screen.ini
Cache/plugin/client/video_screen_0.5.dll
.dll windows:4 windows x86 arch:x86

fce8bc078b54cc613ed6ccd836af7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualQueryEx
LoadLibraryA
RtlMoveMemory
lstrcpynA
GetVersionExA
GetProcAddress
lstrcpyn
GlobalLock
GlobalSize
GlobalUnlock
GlobalFree
GlobalAlloc
MultiByteToWideChar
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
WideCharToMultiByte
GetTickCount
FreeLibrary
LCMapStringA
SetWaitableTimer
FlushFileBuffers
SetStdHandle
LCMapStringW
GetStringTypeW
GetStringTypeA
InterlockedIncrement
InterlockedDecrement
SetFilePointer
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualAlloc
RaiseException
CreateWaitableTimerA
IsBadCodePtr
CreateThread
CloseHandle
LocalFree
LocalAlloc
OpenProcess
GetCurrentProcess
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
DeleteCriticalSection
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetLastError
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
TerminateProcess
GetVersion
GetCommandLineA

user32

MsgWaitForMultipleObjects
PostMessageW
GetDesktopWindow
EnumDisplayDevicesW
EnumDisplaySettingsW
GetWindowRect
GetDC
ShowWindow
SetWindowLongA
GetWindowLongA
SetLayeredWindowAttributes
PeekMessageA
wsprintfA
MessageBoxA
keybd_event
SendMessageA
CloseWindowStation
CloseDesktop
ReleaseDC
GetIconInfo
GetCursorInfo
SetProcessWindowStation
OpenWindowStationA
DispatchMessageA
TranslateMessage
GetMessageA

gdiplus

GdiplusStartup
GdiplusShutdown

gdi32

DeleteDC
CreateDIBSection
GetDeviceCaps
CreateCompatibleDC
GdiFlush
BitBlt
DeleteObject
SelectObject

ole32

CreateStreamOnHGlobal
GetHGlobalFromStream
CLSIDFromString
CoInitialize
CoUninitialize

oleaut32

VariantTimeToSystemTime

Exports

Exports

data_call_back_entry
service_management
��_ȡ��괦��ھ��

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cache/plugin/server/cmd_shell.dll
.dll windows:4 windows x86 arch:x86

58357f4aecd39b72dc3f48fab8638c87

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcess
OpenProcess
LocalAlloc
LocalFree
CloseHandle
CreatePipe
GetStartupInfoA
CreateProcessA
lstrlenW
GetTempPathW
WideCharToMultiByte
CreateThread
IsBadCodePtr
ReadFile
WriteFile
GetExitCodeThread
TerminateThread
TerminateProcess
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
GetModuleFileNameA
SetCurrentDirectoryA
GetCurrentDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
LCMapStringA
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
SetFilePointer
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringW
SetStdHandle
FlushFileBuffers

user32

MessageBoxA
wsprintfA

shell32

SHGetSpecialFolderPathW

oleaut32

VariantTimeToSystemTime

Exports

Exports

data_call_back_entry
service_management

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cache/plugin/server/cmd_shell.ini
Cache/plugin/server/cmd_shell_0.1.dll
.dll windows:4 windows x86 arch:x86

8b6bf4c154caa645656c6fe3c78c12c8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathFindExtensionA
PathRemoveFileSpecW
PathFindFileNameW
wvnsprintfW
StrToIntExW
StrTrimW
StrToIntW
PathFindFileNameA

kernel32

RtlZeroMemory
lstrcmpW
GetModuleHandleW
GetCommandLineW
GetModuleFileNameW
GlobalAlloc
GlobalLock
GlobalUnlock
GetModuleHandleA
ExitProcess
HeapReAlloc
IsBadReadPtr
GetModuleFileNameA
GetPrivateProfileStringA
FreeLibrary
GetProcAddress
LoadLibraryA
LCMapStringA
CloseHandle
FlushFileBuffers
RaiseException
lstrcmpiA
HeapDestroy
LCMapStringW
GetStringTypeW
GetStringTypeA
SetFilePointer
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualAlloc
WriteFile
VirtualFree
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetLastError
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetCurrentProcess
TerminateProcess
GetVersion
GetCommandLineA
HeapCreate
GetAtomNameW
WideCharToMultiByte
MultiByteToWideChar
lstrcatW
lstrcmpiW
lstrcmpA
lstrlenW
lstrlenA
LocalSize
HeapFree
InterlockedDecrement
InterlockedIncrement
RtlMoveMemory
HeapAlloc
GetProcessHeap
SetStdHandle

gdiplus

GdipInvertMatrix
GdipScaleMatrix
GdipShearMatrix
GdipTransformMatrixPoints
GdipMultiplyMatrix
GdipIsMatrixInvertible
GdipIsMatrixIdentity
GdipIsMatrixEqual
GdipGetMatrixElements
GdipSetMatrixElements
GdipCloneMatrix
GdipCreateMatrix3
GdipCreateMatrix2
GdipRotateMatrix
GdipTranslateMatrix
GdipCreateMatrix
GdipCreateSolidFill
GdipBitmapSetResolution
GdipCloneBitmapArea
GdipCreateBitmapFromResource
GdipCreateBitmapFromHICON
GdipSetClipHrgn
GdipCreateBitmapFromGdiDib
GdipCreateBitmapFromGraphics
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipGetRegionScans
GdipGetRegionScansCount
GdipIsVisibleRegionRect
GdipIsVisibleRegionPoint
GdipIsEqualRegion
GdipIsInfiniteRegion
GdipIsEmptyRegion
GdipGetRegionHRgn
GdipGetRegionData
GdipGetRegionDataSize
GdipGetRegionBounds
GdipTransformRegion
GdipTranslateRegion
GdipCombineRegionPath
GdipCombineRegionRegion
GdipCombineRegionRect
GdipSetEmpty
GdipSetInfinite
GdipCloneRegion
GdipCreateRegionRgnData
GdipCreateRegionPath
GdipCreateRegionHrgn
GdipCreateRegionRect
GdipIsOutlineVisiblePathPoint
GdipIsVisiblePathPoint
GdipWarpPath
GdipWindingModeOutline
GdipWidenPath
GdipFlattenPath
GdipGetPathWorldBounds
GdipTransformPath
GdipAddPathString
GdipAddPathPath
GdipAddPathPolygon
GdipAddPathPie
GdipAddPathEllipse
GdipResetClip
GdipAddPathArcI
GdipAddPathLineI
GdipAddPathRectangle
GdipAddPathClosedCurve2
GdipAddPathClosedCurve
GdipAddPathCurve2
GdipAddPathCurve
GdipAddPathBezier
GdipAddPathArc
GdipAddPathLine
GdipGetPathLastPoint
GdipReversePath
GdipClearPathMarkers
GdipSetPathMarker
GdipClosePathFigures
GdipClosePathFigure
GdipStartPathFigure
GdipGetPathData
GdipGetPointCount
GdipSetPathFillMode
GdipGetPathFillMode
GdipResetPath
GdipClonePath
GdipCreatePath2
GdipCreatePath
GdipGetImageGraphicsContext
GdipCreateFromHWND
GdipGetLineSpacing
GdipGetCellDescent
GdipGetCellAscent
GdipGetEmHeight
GdipIsStyleAvailable
GdipGetFamilyName
GdipGetGenericFontFamilyMonospace
GdipGetGenericFontFamilySerif
GdipGetGenericFontFamilySansSerif
GdipCreateFontFamilyFromName
GdipCloneFontFamily
GdipGetFontCollectionFamilyList
GdipGetFontCollectionFamilyCount
GdipPrivateAddMemoryFont
GdipPrivateAddFontFile
GdipNewPrivateFontCollection
GdipNewInstalledFontCollection
GdipCreateHICONFromBitmap
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipGetImageThumbnail
GdipGetImageVerticalResolution
GdipGetImageHorizontalResolution
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageBounds
GdipGetImageDimension
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipGetImagePixelFormat
GdipGetImageRawFormat
GdipCloneImage
GdipLoadImageFromStream
GdipLoadImageFromFile
GdipEndContainer
GdipBeginContainer2
GdipBeginContainer
GdipRestoreGraphics
GdipSaveGraphics
GdipIsVisibleRect
GdipIsVisiblePoint
GdipIsVisibleClipEmpty
GdipIsClipEmpty
GdipGetVisibleClipBounds
GdipGetClipBounds
GdipGetClip
GdipTranslateClip
GdipVectorTransformMatrixPoints
GdipSetClipRegion
GdipSetClipRect
GdipSetClipPath
GdipSetClipGraphics
GdipDrawImagePointsRect
GdipDrawImagePointRect
GdipDrawImagePoints
GdipDrawImageRect
GdipDrawImageRectRect
GdipDrawImage
GdipDrawDriverString
GdipMeasureCharacterRanges
GdipCreateRegion
GdipMeasureString
GdipDrawString
GdipFillRegion
GdipFillClosedCurve2
GdipFillClosedCurve
GdipFillPath
GdipFillPie
GdipFillEllipse
GdipFillPolygon
GdipGraphicsClear
GdipDrawClosedCurve2
GdipDrawClosedCurve
GdipDrawCurve2
GdipDrawCurve
GdipDrawPath
GdipDrawPolygon
GdipDrawPie
GdipDrawEllipse
GdipDrawRectangle
GdipDrawBezier
GdipDrawArc
GdipDrawLine
GdipDeleteFont
GdipCreateTexture
GdipFillRectangle
GdipDeleteBrush
GdipDisposeImageAttributes
GdipDeleteGraphics
GdipDisposeImage
GdipCreateFont
GdipCreateFontFromLogfontW
GdipDeletePrivateFontCollection
GdipGetNearestColor
GdipTransformPointsI
GdipTransformPoints
GdipGetDpiY
GdipGetDpiX
GdipGetPageScale
GdipSetPageScale
GdipGetPageUnit
GdipSetPageUnit
GdipRotateWorldTransform
GdipScaleWorldTransform
GdipTranslateWorldTransform
GdipResetWorldTransform
GdipDeleteMatrix
GdipGetWorldTransform
GdipSetWorldTransform
GdipGetPixelOffsetMode
GdipSetPixelOffsetMode
GdipGetSmoothingMode
GdipSetSmoothingMode
GdipGetInterpolationMode
GdipSetInterpolationMode
GdipGetTextRenderingHint
GdipSetTextRenderingHint
GdipReleaseDC
GdipGetDC
GdipFlush
GdipCreateHBITMAPFromBitmap
GdipSetImageAttributesColorMatrix
GdipGetImageAttributesAdjustedPalette
GdipSetImageAttributesWrapMode
GdipSetImageAttributesRemapTable
GdipSetImageAttributesOutputChannelColorProfile
GdipSetImageAttributesOutputChannel
GdipSetImageAttributesColorKeys
GdipSetImageAttributesGamma
GdipSetImageAttributesNoOp
GdipSetImageAttributesThreshold
GdipResetImageAttributes
GdipSetImageAttributesToIdentity
GdipCloneImageAttributes
GdipCreateImageAttributes
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipDeleteRegion
GdipDeletePath
GdiplusStartup
GdipGetFontHeightGivenDPI
GdipGetFontHeight
GdipGetFontUnit
GdipGetFontSize
GdipGetFontStyle
GdipGetFamily
GdipGetLogFontA
GdipGetLogFontW
GdipCreateFromHDC
GdipCloneFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDeleteFontFamily
GdipCreateBitmapFromHBITMAP

user32

ShowWindow
PeekMessageA
GetMessageA
DispatchMessageA
wsprintfA
MessageBoxA
SetMenuDefaultItem
SetMenuItemInfoW
CheckMenuItem
RemoveMenu
MenuItemFromPoint
GetMenuDefaultItem
GetMenuState
GetMenuItemRect
GetMenuStringW
TrackPopupMenu
SetForegroundWindow
CheckMenuRadioItem
GetMenuItemID
GetSubMenu
SetMenuInfo
InsertMenuW
AppendMenuW
GetMenuItemInfoW
GetMenuItemCount
DestroyMenu
GetMenuInfo
LoadMenuW
GetSystemMenu
CreatePopupMenu
CreateMenu
CharLowerW
CharUpperW
LoadStringW
UpdateLayeredWindow
DrawIconEx
LoadImageW
CreateIconFromResourceEx
SystemParametersInfoW
RegisterWindowMessageW
DrawMenuBar
SetMenu
GetMenu
GetSystemMetrics
IsZoomed
IsIconic
SetRect
LoadIconW
PostQuitMessage
DispatchMessageW
TranslateMessage
IsDialogMessageW
TranslateAcceleratorW
TranslateMDISysAccel
IsChild
GetMessageW
EnumPropsExW
RemovePropA
RemovePropW
GetPropA
GetPropW
SetPropA
SetPropW
KillTimer
SetTimer
MessageBoxW
SetWindowTextW
SetParent
MoveWindow
ScreenToClient
UpdateWindow
ValidateRect
InvalidateRect
GetFocus
CopyIcon
PostMessageW
CallWindowProcW
CreateMDIWindowW
DialogBoxParamW
CreateDialogParamW
EndDialog
DialogBoxIndirectParamW
DestroyWindow
SetClassLongW
GetClassLongW
CreateDialogIndirectParamW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
GetIconInfo
SetWindowPos
EnableWindow
IsWindowEnabled
IsWindowVisible
DestroyAcceleratorTable
DestroyIcon
LoadCursorW
ReleaseCapture
SetCapture
ClientToScreen
FillRect
GetSysColor
GetWindowDC
DefWindowProcW
OffsetRect
GetClientRect
GetWindowRect
ReleaseDC
DrawTextA
GetDC
SetFocus
GetNextDlgTabItem
SetCursor
DestroyCursor
SendMessageW
GetWindowLongW
GetParent
GetWindowTextW
GetWindowTextLengthW
GetClassNameW
FindWindowExW
IsWindow
GetAsyncKeyState
SetWindowLongW
GetAncestor
GetDlgItem
TrackMouseEvent
EndPaint
BeginPaint
SetWindowRgn

shell32

DragQueryFileW
Shell_NotifyIconW
DragAcceptFiles
CommandLineToArgvW
DragFinish

gdi32

CreateSolidBrush
DeleteDC
SetTextColor
SelectObject
GetStockObject
SetBkColor
GetDIBits
CreatePatternBrush
CreateEllipticRgn
StretchBlt
SetStretchBltMode
GetStretchBltMode
BitBlt
CreateDIBSection
CreateCompatibleDC
CreateRoundRectRgn
CreateFontIndirectW
GetObjectW
DeleteObject
SetBkMode

crypt32

CryptStringToBinaryW

atl

ord42

comctl32

InitCommonControlsEx

msimg32

AlphaBlend

ole32

CoUninitialize
CoInitialize
CLSIDFromString
GetHGlobalFromStream
StringFromGUID2
CreateStreamOnHGlobal

oleaut32

VariantTimeToSystemTime

Exports

Exports

data_call_back_entry
service_management
socket_ssf_client

Sections

.text
Size: 344KB - Virtual size: 341KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cache/plugin/server/file_mame.ini
Cache/plugin/server/file_mame_0.9.dll
.dll windows:4 windows x86 arch:x86

a82aa3bf7d3c67a7bd4f2457057102b4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LCMapStringA
GetCommandLineA
FreeLibrary
GetProcAddress
LoadLibraryA
RemoveDirectoryA
DeleteFileA
CreateDirectoryA
FindClose
FindFirstFileA
FindNextFileA
SetCurrentDirectoryA
GetCurrentDirectoryA
WriteFile
GetTickCount
FlushFileBuffers
SetStdHandle
GetFileSize
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
SetFilePointer
VirtualAlloc
RaiseException
VirtualFree
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
TerminateProcess
RtlUnwind
GetVersion
GetCurrentProcess
GetLastError
GetVersionExA
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
ReadFile
GetPrivateProfileStringA
GetModuleFileNameA
IsBadReadPtr
HeapReAlloc
ExitProcess
GetModuleHandleA
lstrcpyn
GlobalUnlock
GlobalLock
TryEnterCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
lstrcmpW
RtlZeroMemory
lstrcmpiA
HeapDestroy
HeapCreate
GetAtomNameW
GetModuleFileNameW
GetCommandLineW
GetModuleHandleW
InitializeCriticalSection
lstrcatW
lstrcmpiW
lstrcmpA
lstrlenA
LocalSize
CreateFileW
FlushViewOfFile
MapViewOfFileEx
SetEndOfFile
SetFilePointerEx
MapViewOfFile
WideCharToMultiByte
lstrlenW
LocalAlloc
MultiByteToWideChar
GlobalAlloc
CreateFileA
CreateFileMappingA
UnmapViewOfFile
GetFileSizeEx
GlobalFree
CloseHandle
HeapFree
InterlockedDecrement
InterlockedIncrement
RtlMoveMemory
HeapAlloc
IsBadCodePtr
GetProcessHeap

user32

SendMessageW
DestroyIcon
DestroyCursor
GetIconInfo
MsgWaitForMultipleObjects
SetWindowRgn
BeginPaint
EndPaint
TrackMouseEvent
GetDlgItem
CreateDialogIndirectParamA
SendMessageA
SetWindowTextA
SetWindowLongA
GetWindowLongA
GetWindowTextLengthA
GetWindowTextA
GetCursorPos
PeekMessageA
GetMessageA
DispatchMessageA
wsprintfA
MessageBoxA
CharLowerW
CharUpperW
LoadStringW
UpdateLayeredWindow
SystemParametersInfoW
RegisterWindowMessageW
GetAncestor
SetWindowLongW
GetAsyncKeyState
IsWindow
FindWindowExW
GetClassNameW
GetWindowTextLengthW
GetWindowTextW
GetParent
GetWindowLongW
SetCursor
GetClientRect
SetCapture
ReleaseCapture
LoadCursorW
DestroyAcceleratorTable
GetSysColor
IsWindowVisible
IsWindowEnabled
EnableWindow
SetWindowPos
GetWindowRect
GetNextDlgTabItem
SetFocus
GetDC
DrawTextA
ReleaseDC
OffsetRect
DefWindowProcW
GetWindowDC
FillRect
ClientToScreen
CreateIconFromResourceEx
LoadImageW
LoadIconW
CopyIcon
DrawIconEx
SetRect
CreateMenu
CreatePopupMenu
GetSystemMenu
LoadMenuW
GetMenuInfo
DestroyMenu
GetMenuItemCount
GetMenuItemInfoW
AppendMenuW
InsertMenuW
SetMenu
DrawMenuBar
SetMenuInfo
GetSubMenu
GetMenuItemID
GetMenu
CheckMenuRadioItem
SetForegroundWindow
TrackPopupMenu
GetMenuStringW
GetMenuItemRect
GetMenuState
GetMenuDefaultItem
MenuItemFromPoint
RemoveMenu
CheckMenuItem
SetMenuItemInfoW
SetMenuDefaultItem
GetFocus
GetMessageW
IsChild
TranslateMDISysAccel
TranslateAcceleratorW
IsDialogMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
CreateWindowExW
GetClassInfoExW
RegisterClassExW
CreateDialogIndirectParamW
GetClassLongW
SetClassLongW
DestroyWindow
DialogBoxIndirectParamW
EndDialog
CreateDialogParamW
DialogBoxParamW
CreateMDIWindowW
CallWindowProcW
ShowWindow
PostMessageW
ScreenToClient
InvalidateRect
ValidateRect
UpdateWindow
MoveWindow
SetParent
SetWindowTextW
MessageBoxW
SetTimer
KillTimer
SetPropW
SetPropA
GetPropW
GetPropA
RemovePropW
RemovePropA
EnumPropsExW
IsIconic
IsZoomed
GetSystemMetrics

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfo
DragQueryFileW
DragFinish
Shell_NotifyIconW
CommandLineToArgvW
DragAcceptFiles
SHGetSpecialFolderPathA

ole32

CoTaskMemFree
CreateStreamOnHGlobal
GetHGlobalFromStream
StringFromGUID2
CoUninitialize
CoInitialize
CLSIDFromString

shlwapi

StrFormatByteSizeA
PathFileExistsA
StrToIntExW
wvnsprintfW
StrToIntW
StrTrimW
PathFindFileNameW
PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW

gdi32

StretchBlt
SetStretchBltMode
GetStretchBltMode
BitBlt
CreateCompatibleBitmap
CreateDIBitmap
CreateFontIndirectW
GetDIBits
CreatePatternBrush
CreateDIBSection
CreateCompatibleDC
GetObjectW
CreateSolidBrush
DeleteObject
CreateRoundRectRgn
CreateEllipticRgn
GetStockObject
SetBkColor
SetBkMode
SetTextColor
DeleteDC
SelectObject

comdlg32

GetOpenFileNameA

gdiplus

GdipSaveGraphics
GdipRestoreGraphics
GdipBeginContainer
GdipBeginContainer2
GdipEndContainer
GdipLoadImageFromFile
GdipLoadImageFromStream
GdipCloneImage
GdipGetImageRawFormat
GdipGetImagePixelFormat
GdipSaveImageToStream
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipGetImageDimension
GdipGetImageBounds
GdipGetImageWidth
GdipGetImageHeight
GdipGetImageHorizontalResolution
GdipGetImageVerticalResolution
GdipGetImageThumbnail
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipCreateHICONFromBitmap
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipCreateBitmapFromGraphics
GdipCreateBitmapFromGdiDib
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromHICON
GdipCreateBitmapFromResource
GdipCloneBitmapArea
GdipBitmapSetResolution
GdipGetImageGraphicsContext
GdipCreateSolidFill
GdipCreateMatrix
GdipTranslateMatrix
GdipRotateMatrix
GdipCreateFromHWND
GdipCreatePath
GdipCreatePath2
GdipClonePath
GdipResetPath
GdipGetPathFillMode
GdipGetClipBounds
GdipGetPointCount
GdipGetPathData
GdipStartPathFigure
GdipClosePathFigure
GdipClosePathFigures
GdipSetPixelOffsetMode
GdipClearPathMarkers
GdipReversePath
GdipGetPathLastPoint
GdipAddPathLine
GdipAddPathArc
GdipAddPathBezier
GdipAddPathCurve
GdipAddPathCurve2
GdipAddPathClosedCurve
GdipAddPathClosedCurve2
GdipAddPathRectangle
GdipAddPathLineI
GdipAddPathArcI
GdipAddPathEllipse
GdipAddPathPie
GdipAddPathPolygon
GdipAddPathPath
GdipAddPathString
GdipTransformPath
GdipGetPathWorldBounds
GdipFlattenPath
GdipWidenPath
GdipWindingModeOutline
GdipWarpPath
GdipIsVisiblePathPoint
GdipIsOutlineVisiblePathPoint
GdipCreateRegionRect
GdipCreateRegionHrgn
GdipCreateRegionPath
GdipCreateRegionRgnData
GdipCloneRegion
GdipSetInfinite
GdipSetEmpty
GdipCombineRegionRect
GdipCombineRegionRegion
GdipCombineRegionPath
GdipTranslateRegion
GdipTransformRegion
GdipGetRegionBounds
GdipGetRegionDataSize
GdipGetRegionData
GdipGetRegionHRgn
GdipIsEmptyRegion
GdipIsInfiniteRegion
GdipIsEqualRegion
GdipIsVisibleRegionPoint
GdipIsVisibleRegionRect
GdipGetRegionScansCount
GdipGetRegionScans
GdipNewInstalledFontCollection
GdipNewPrivateFontCollection
GdipPrivateAddFontFile
GdipPrivateAddMemoryFont
GdipGetFontCollectionFamilyCount
GdipGetFontCollectionFamilyList
GdipCloneFontFamily
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipGetGenericFontFamilySerif
GdipGetGenericFontFamilyMonospace
GdipGetFamilyName
GdipIsStyleAvailable
GdipGetEmHeight
GdipGetCellAscent
GdipGetCellDescent
GdipGetLineSpacing
GdipCreateMatrix2
GdipCreateMatrix3
GdipCloneMatrix
GdipIsVisibleRect
GdipGetMatrixElements
GdipMultiplyMatrix
GdipInvertMatrix
GdipScaleMatrix
GdipShearMatrix
GdipTransformMatrixPoints
GdipVectorTransformMatrixPoints
GdipIsMatrixInvertible
GdipIsMatrixIdentity
GdipIsMatrixEqual
GdipGetClip
GdipTranslateClip
GdipResetClip
GdipSetClipHrgn
GdipSetClipRegion
GdipSetClipRect
GdipSetClipPath
GdipSetClipGraphics
GdipDrawImagePointsRect
GdipDrawImagePointRect
GdipDrawImagePoints
GdipDrawImageRect
GdipDrawImageRectRect
GdipDrawImage
GdipDrawDriverString
GdipMeasureCharacterRanges
GdipCreateRegion
GdipMeasureString
GdipDrawString
GdipFillRegion
GdipFillClosedCurve2
GdipFillClosedCurve
GdipFillPath
GdipFillPie
GdipFillEllipse
GdipFillPolygon
GdipGraphicsClear
GdipDrawClosedCurve2
GdipDrawClosedCurve
GdipDrawCurve2
GdipDrawCurve
GdipDrawPath
GdipDrawPolygon
GdipDrawPie
GdipDrawEllipse
GdipDrawRectangle
GdipDrawBezier
GdipDrawArc
GdipDrawLine
GdipGetNearestColor
GdipTransformPointsI
GdipTransformPoints
GdipGetDpiY
GdipGetDpiX
GdipGetPageScale
GdipSetPageScale
GdipGetPageUnit
GdipSetPageUnit
GdipRotateWorldTransform
GdipScaleWorldTransform
GdipTranslateWorldTransform
GdipResetWorldTransform
GdipDeleteMatrix
GdipGetWorldTransform
GdipSetWorldTransform
GdipGetPixelOffsetMode
GdipGetSmoothingMode
GdipSetSmoothingMode
GdipGetInterpolationMode
GdipSetInterpolationMode
GdipGetTextRenderingHint
GdipSetTextRenderingHint
GdipReleaseDC
GdipGetDC
GdipFlush
GdipCreateHBITMAPFromBitmap
GdipSetImageAttributesColorMatrix
GdipGetImageAttributesAdjustedPalette
GdipSetImageAttributesWrapMode
GdipSetImageAttributesRemapTable
GdipSetImageAttributesOutputChannelColorProfile
GdipSetImageAttributesOutputChannel
GdipSetImageAttributesColorKeys
GdipSetImageAttributesGamma
GdipSetImageAttributesNoOp
GdipSetImageAttributesThreshold
GdipResetImageAttributes
GdipSetImageAttributesToIdentity
GdipCloneImageAttributes
GdipCreateImageAttributes
GdipGetFontHeightGivenDPI
GdipGetFontHeight
GdipGetFontUnit
GdipGetFontSize
GdipGetFontStyle
GdipGetFamily
GdipGetLogFontA
GdipGetLogFontW
GdipCreateFromHDC
GdipCloneFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDeleteFontFamily
GdipDeletePrivateFontCollection
GdipCreateFontFromLogfontW
GdipCreateFont
GdipDeleteRegion
GdipDeletePath
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipDeleteFont
GdipDisposeImage
GdipDeleteGraphics
GdipDisposeImageAttributes
GdipDeleteBrush
GdipFillRectangle
GdipCreateTexture
GdipIsVisiblePoint
GdipIsVisibleClipEmpty
GdipIsClipEmpty
GdipSetMatrixElements
GdipGetVisibleClipBounds
GdipSetPathFillMode
GdipSetPathMarker

comctl32

ImageList_Copy
ImageList_Duplicate
ImageList_ReplaceIcon
ImageList_Replace
ImageList_Remove
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_GetIcon
ImageList_SetIconSize
ImageList_GetImageCount
ImageList_SetImageCount
ImageList_GetImageInfo
ImageList_Write
ImageList_Draw
ImageList_DrawEx
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_EndDrag
ImageList_AddMasked
ImageList_Add
ImageList_LoadImageW
ImageList_Read
ImageList_Create
InitCommonControlsEx
ImageList_Destroy
ImageList_AddIcon
ImageList_GetIconSize

atl

ord42

crypt32

CryptStringToBinaryW

msimg32

AlphaBlend

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime

Exports

Exports

data_call_back_entry
service_management
socket_ssf_client

Sections

.text
Size: 592KB - Virtual size: 588KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cache/plugin/server/loadname.txt
Cache/plugin/server/remote_screen.ini
Cache/plugin/server/remote_screen_3.1.dll
.dll windows:4 windows x86 arch:x86

f5e9b45868e1171b433ae5da4f5762a8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapCreate
HeapDestroy
lstrcmpiA
RtlZeroMemory
lstrcmpW
GetModuleHandleW
GetCommandLineW
GetModuleFileNameW
GetModuleHandleA
ExitProcess
HeapReAlloc
IsBadReadPtr
GetModuleFileNameA
GetPrivateProfileStringA
WritePrivateProfileStringA
FreeLibrary
GetProcAddress
LCMapStringA
CloseHandle
FlushFileBuffers
RaiseException
SetStdHandle
LCMapStringW
GetStringTypeW
GetAtomNameW
SetFilePointer
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WriteFile
VirtualFree
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetLastError
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetCurrentProcess
TerminateProcess
GetVersion
GetCommandLineA
WideCharToMultiByte
GlobalFree
GlobalUnlock
WriteProcessMemory
GlobalLock
GlobalAlloc
VirtualAlloc
lstrcpynA
SetEvent
WaitForSingleObject
MultiByteToWideChar
lstrcatW
lstrcmpiW
lstrcmpA
lstrlenW
lstrlenA
HeapFree
InterlockedDecrement
InterlockedIncrement
LocalSize
HeapAlloc
GetProcessHeap
CreateEventA
LoadLibraryA
GetStringTypeA
RtlMoveMemory

user32

SetMenuItemInfoW
SetMenuDefaultItem
CreateIconFromResourceEx
LoadImageW
DrawIconEx
UpdateLayeredWindow
LoadStringW
CharUpperW
CheckMenuItem
MessageBoxA
wsprintfA
DispatchMessageA
GetMessageA
PeekMessageA
CloseClipboard
GetClipboardData
OpenClipboard
RemoveMenu
MenuItemFromPoint
GetMenuDefaultItem
GetMenuState
GetMenuItemRect
GetMenuStringW
TrackPopupMenu
CheckMenuRadioItem
SetForegroundWindow
GetMenuItemID
GetSubMenu
SetMenuInfo
InsertMenuW
CharLowerW
AppendMenuW
DrawMenuBar
SetMenu
GetMenu
GetSystemMetrics
IsZoomed
IsIconic
GetMenuItemInfoW
LoadIconW
EnumPropsExW
RemovePropA
RemovePropW
GetPropA
GetPropW
SetPropW
KillTimer
SetTimer
MessageBoxW
SetWindowTextW
SetParent
MoveWindow
GetAsyncKeyState
IsWindow
FindWindowExW
GetClassNameW
GetWindowTextLengthW
GetWindowTextW
GetParent
GetWindowLongW
SendMessageW
DestroyCursor
SetCursor
GetClientRect
SetCapture
ReleaseCapture
LoadCursorW
DestroyIcon
DestroyAcceleratorTable
GetSysColor
IsWindowVisible
IsWindowEnabled
EnableWindow
SetWindowPos
GetWindowRect
GetIconInfo
GetDC
ReleaseDC
CreateWindowExW
GetClassInfoExW
RegisterClassExW
CreateDialogIndirectParamW
GetClassLongW
SetClassLongW
DestroyWindow
DialogBoxIndirectParamW
EndDialog
CreateDialogParamW
DialogBoxParamW
CreateMDIWindowW
CallWindowProcW
DefWindowProcW
ShowWindow
PostMessageW
GetMenuItemCount
DestroyMenu
GetMenuInfo
LoadMenuW
GetSystemMenu
CreatePopupMenu
CreateMenu
PostQuitMessage
IsDialogMessageW
TranslateMDISysAccel
IsChild
GetNextDlgTabItem
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
SystemParametersInfoW
GetMessageW
SetRect
RegisterWindowMessageW
CopyIcon
SetFocus
GetFocus
ScreenToClient
InvalidateRect
ValidateRect
GetAncestor
GetDlgItem
TrackMouseEvent
EndPaint
BeginPaint
SetWindowRgn
MsgWaitForMultipleObjects
CallWindowProcA
SetWindowLongA
SetPropA
SetWindowLongW
UpdateWindow

shlwapi

wvnsprintfW
PathFindFileNameW
PathRemoveFileSpecW
StrToIntW
StrTrimW
PathFindExtensionA
PathFindFileNameA
StrToIntExW

shell32

DragAcceptFiles
Shell_NotifyIconW
DragFinish
DragQueryFileW
CommandLineToArgvW

gdi32

CreateCompatibleDC
CreateRoundRectRgn
GetStockObject
CreateSolidBrush
CreatePatternBrush
GetObjectW
BitBlt
SetStretchBltMode
StretchBlt
CreateFontIndirectW
CreateEllipticRgn
GetDIBits
CreateDIBSection
GdiFlush
SetBkColor
DeleteDC
GetStretchBltMode
DeleteObject
SelectObject

gdiplus

GdipGetClipBoundsI
GdipGetVisibleClipBounds
GdipGetVisibleClipBoundsI
GdipIsClipEmpty
GdipIsVisibleClipEmpty
GdipIsVisiblePoint
GdipIsVisiblePointI
GdipIsVisibleRect
GdipIsVisibleRectI
GdipSetWorldTransform
GdipGetWorldTransform
GdipDeleteMatrix
GdipSetPageUnit
GdipGetPageUnit
GdipSetPageScale
GdipGetPageScale
GdipGetDpiX
GdipGetDpiY
GdipTransformPoints
GdipTransformPointsI
GdipGetNearestColor
GdipSetPenWidth
GdipSetPenColor
GdipGetBrushType
GdipSetTextRenderingHint
GdipGetTextRenderingHint
GdipSetInterpolationMode
GdipGetInterpolationMode
GdipSetPixelOffsetMode
GdipGetPixelOffsetMode
GdiplusStartup
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateImageAttributes
GdipCloneImageAttributes
GdipSetImageAttributesToIdentity
GdipResetImageAttributes
GdipSetImageAttributesThreshold
GdipSetImageAttributesNoOp
GdipSetImageAttributesGamma
GdipSetImageAttributesColorKeys
GdipSetImageAttributesOutputChannel
GdipSetImageAttributesOutputChannelColorProfile
GdipSetImageAttributesRemapTable
GdipSetImageAttributesWrapMode
GdipGetImageAttributesAdjustedPalette
GdipSetImageAttributesColorMatrix
GdipCreateHBITMAPFromBitmap
GdipCreateFromHDC
GdipGetDC
GdipReleaseDC
GdipGraphicsClear
GdipCreateRegion
GdipMeasureCharacterRanges
GdipSetClipHrgn
GdipSaveGraphics
GdipRestoreGraphics
GdipBeginContainer
GdipBeginContainer2
GdipEndContainer
GdipLoadImageFromFile
GdipLoadImageFromStream
GdipCloneImage
GdipGetImageRawFormat
GdipGetImagePixelFormat
GdipSaveImageToStream
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipGetImageDimension
GdipGetClipBounds
GdipGetImageWidth
GdipGetImageHeight
GdipGetImageHorizontalResolution
GdipGetImageVerticalResolution
GdipGetImageThumbnail
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipCreateHICONFromBitmap
GdipCreateFromHWND
GdipGetImageGraphicsContext
GdipCreateFont
GdipCreateFontFromLogfontW
GdipDeletePrivateFontCollection
GdipDeleteFontFamily
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipCloneFont
GdipGetLogFontW
GdipGetLogFontA
GdipGetFamily
GdipGetFontStyle
GdipGetFontSize
GdipGetFontUnit
GdipGetFontHeight
GdipGetFontHeightGivenDPI
GdipCreatePath
GdipCreatePath2
GdipClonePath
GdipResetPath
GdipGetPathFillMode
GdipSetPathFillMode
GdipGetPointCount
GdipGetPathData
GdipStartPathFigure
GdipClosePathFigure
GdipClosePathFigures
GdipSetPathMarker
GdipClearPathMarkers
GdipReversePath
GdipGetPathLastPoint
GdipAddPathLine
GdipAddPathArc
GdipAddPathBezier
GdipAddPathCurve
GdipAddPathCurve2
GdipAddPathClosedCurve
GdipAddPathClosedCurve2
GdipAddPathRectangle
GdipAddPathLineI
GdipAddPathArcI
GdipAddPathEllipse
GdipAddPathPie
GdipAddPathPolygon
GdipAddPathPath
GdipAddPathString
GdipTransformPath
GdipGetPathWorldBounds
GdipGetClip
GdipWidenPath
GdipWindingModeOutline
GdipWarpPath
GdipIsVisiblePathPoint
GdipIsOutlineVisiblePathPoint
GdipCreateRegionRect
GdipCreateRegionHrgn
GdipCreateRegionPath
GdipCreateRegionRgnData
GdipCloneRegion
GdipSetInfinite
GdipSetEmpty
GdipCombineRegionRect
GdipCombineRegionRegion
GdipCombineRegionPath
GdipTranslateRegion
GdipTransformRegion
GdipGetRegionBounds
GdipGetRegionDataSize
GdipGetRegionData
GdipGetRegionHRgn
GdipIsEmptyRegion
GdipIsInfiniteRegion
GdipIsEqualRegion
GdipIsVisibleRegionPoint
GdipIsVisibleRegionRect
GdipGetRegionScansCount
GdipGetRegionScans
GdipCreatePen1
GdipCreatePen2
GdipClonePen
GdipGetPenWidth
GdipGetPenUnit
GdipSetPenUnit
GdipSetPenLineCap197819
GdipSetPenStartCap
GdipSetPenEndCap
GdipSetPenDashCap197819
GdipGetPenStartCap
GdipGetPenEndCap
GdipGetPenDashCap197819
GdipSetPenLineJoin
GdipGetPenLineJoin
GdipSetPenCustomStartCap
GdipGetPenCustomStartCap
GdipSetPenCustomEndCap
GdipGetPenCustomEndCap
GdipSetPenMiterLimit
GdipGetPenMiterLimit
GdipSetPenMode
GdipGetPenMode
GdipSetPenTransform
GdipGetPenTransform
GdipResetPenTransform
GdipMultiplyPenTransform
GdipRotatePenTransform
GdipTranslatePenTransform
GdipScalePenTransform
GdipGetPenColor
GdipSetPenBrushFill
GdipGetPenBrushFill
GdipGetPenFillType
GdipSetPenDashStyle
GdipGetPenDashStyle
GdipGetPenDashOffset
GdipSetPenDashOffset
GdipGetPenDashCount
GdipGetPenDashArray
GdipSetPenDashArray
GdipSetPenCompoundArray
GdipGetPenCompoundCount
GdipGetPenCompoundArray
GdipCloneBrush
GdipCreateSolidFill
GdipSetSolidFillColor
GdipGetSolidFillColor
GdipCreateStringFormat
GdipStringFormatGetGenericDefault
GdipStringFormatGetGenericTypographic
GdipCloneStringFormat
GdipSetStringFormatFlags
GdipGetStringFormatFlags
GdipSetStringFormatAlign
GdipGetStringFormatAlign
GdipSetStringFormatLineAlign
GdipGetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipGetStringFormatTrimming
GdipSetStringFormatHotkeyPrefix
GdipGetStringFormatHotkeyPrefix
GdipSetStringFormatTabStops
GdipGetStringFormatTabStopCount
GdipGetStringFormatTabStops
GdipSetStringFormatDigitSubstitution
GdipGetStringFormatDigitSubstitution
GdipSetStringFormatMeasurableCharacterRanges
GdipGetStringFormatMeasurableCharacterRangeCount
GdipCreateMatrix
GdipCreateMatrix2
GdipCreateMatrix3
GdipCloneMatrix
GdipSetMatrixElements
GdipGetMatrixElements
GdipMultiplyMatrix
GdipTranslateMatrix
GdipRotateMatrix
GdipInvertMatrix
GdipScaleMatrix
GdipShearMatrix
GdipTransformMatrixPoints
GdipVectorTransformMatrixPoints
GdipIsMatrixInvertible
GdipIsMatrixIdentity
GdipIsMatrixEqual
GdipCreateHatchBrush
GdipGetHatchStyle
GdipGetHatchForegroundColor
GdipGetHatchBackgroundColor
GdipCreateTexture2
GdipGetTextureTransform
GdipSetTextureTransform
GdipResetTextureTransform
GdipMultiplyTextureTransform
GdipTranslateTextureTransform
GdipScaleTextureTransform
GdipRotateTextureTransform
GdipGetTextureWrapMode
GdipSetTextureWrapMode
GdipGetTextureImage
GdipCreateLineBrush
GdipCreateLineBrushFromRect
GdipCreateLineBrushFromRectWithAngle
GdipGetLineColors
GdipSetLineColors
GdipGetLineRect
GdipSetLineGammaCorrection
GdipGetLineGammaCorrection
GdipSetLineBlend
GdipGetLineBlendCount
GdipGetLineBlend
GdipSetLinePresetBlend
GdipGetLinePresetBlendCount
GdipGetLinePresetBlend
GdipSetLineSigmaBlend
GdipSetLineLinearBlend
GdipGetLineWrapMode
GdipSetLineWrapMode
GdipGetLineTransform
GdipSetLineTransform
GdipResetLineTransform
GdipMultiplyLineTransform
GdipTranslateLineTransform
GdipScaleLineTransform
GdipRotateLineTransform
GdipCreatePathGradient
GdipCreatePathGradientFromPath
GdipGetPathGradientCenterColor
GdipSetPathGradientCenterColor
GdipGetPathGradientPointCount
GdipGetPathGradientSurroundColorCount
GdipGetPathGradientSurroundColorsWithCount
GdipSetPathGradientSurroundColorsWithCount
GdipGetPathGradientPath
GdipSetPathGradientPath
GdipGetPathGradientCenterPoint
GdipSetPathGradientCenterPoint
GdipGetPathGradientRect
GdipSetPathGradientGammaCorrection
GdipGetPathGradientGammaCorrection
GdipGetPathGradientBlendCount
GdipSetPathGradientBlend
GdipGetPathGradientBlend
GdipGetPathGradientPresetBlendCount
GdipSetPathGradientPresetBlend
GdipGetPathGradientPresetBlend
GdipSetPathGradientSigmaBlend
GdipSetPathGradientLinearBlend
GdipGetPathGradientFocusScales
GdipSetPathGradientFocusScales
GdipGetPathGradientWrapMode
GdipSetPathGradientWrapMode
GdipGetPathGradientTransform
GdipSetPathGradientTransform
GdipResetPathGradientTransform
GdipMultiplyPathGradientTransform
GdipTranslatePathGradientTransform
GdipScalePathGradientTransform
GdipRotatePathGradientTransform
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipCreateBitmapFromGraphics
GdipCreateBitmapFromGdiDib
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromHICON
GdipCreateBitmapFromResource
GdipCloneBitmapArea
GdipBitmapSetResolution
GdipNewInstalledFontCollection
GdipNewPrivateFontCollection
GdipPrivateAddFontFile
GdipPrivateAddMemoryFont
GdipGetFontCollectionFamilyCount
GdipGetFontCollectionFamilyList
GdipCloneFontFamily
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipGetGenericFontFamilySerif
GdipGetGenericFontFamilyMonospace
GdipGetFamilyName
GdipIsStyleAvailable
GdipGetEmHeight
GdipGetCellAscent
GdipGetCellDescent
GdipGetLineSpacing
GdipTranslateClipI
GdipTranslateClip
GdipResetClip
GdipSetClipRegion
GdipSetClipRectI
GdipSetClipRect
GdipSetClipPath
GdipSetClipGraphics
GdipDrawImagePointsRectI
GdipDrawImagePointsRect
GdipDrawImagePointRectI
GdipDrawImagePointRect
GdipDrawImagePointsI
GdipDrawImagePoints
GdipDrawImageRectI
GdipDrawImageRect
GdipDrawImageRectRectI
GdipDrawImageRectRect
GdipDrawImageI
GdipDrawImage
GdipDrawDriverString
GdipMeasureString
GdipDrawString
GdipFillRegion
GdipFillClosedCurve2I
GdipFillClosedCurve2
GdipFillClosedCurveI
GdipFillClosedCurve
GdipFillPieI
GdipFillPie
GdipFillEllipse
GdipFillPolygonI
GdipFillPolygon
GdipFillPath
GdipFillRectangleI
GdipDrawClosedCurve2I
GdipDrawClosedCurveI
GdipDrawClosedCurve2
GdipDrawClosedCurve
GdipDrawCurve2I
GdipDrawCurveI
GdipDrawCurve2
GdipDrawCurve
GdipDrawPath
GdipDrawPolygonI
GdipDrawPolygon
GdipDrawPieI
GdipDrawPie
GdipDrawEllipseI
GdipDrawEllipse
GdipSetSmoothingMode
GdipGetSmoothingMode
GdipDrawRectangleI
GdipDrawRectangle
GdipDrawBezierI
GdipDrawBezier
GdipDrawArcI
GdipDrawArc
GdipDrawLineI
GdipDrawLine
GdipRotateWorldTransform
GdipScaleWorldTransform
GdipTranslateWorldTransform
GdipResetWorldTransform
GdipFlush
GdipDeleteStringFormat
GdipDeletePen
GdipDeleteRegion
GdipDeletePath
GdipDeleteFont
GdiplusShutdown
GdipDisposeImage
GdipDeleteGraphics
GdipDisposeImageAttributes
GdipDeleteBrush
GdipFillRectangle
GdipCreateTexture
GdipFlattenPath
GdipGetImageBounds

ole32

CoUninitialize
CoInitialize
CLSIDFromString
GetHGlobalFromStream
StringFromGUID2
CreateStreamOnHGlobal

crypt32

CryptStringToBinaryW

atl

ord42

comctl32

InitCommonControlsEx

msimg32

AlphaBlend

oleaut32

VariantTimeToSystemTime

Exports

Exports

data_call_back_entry
service_management
socket_ssf_client

Sections

.text
Size: 448KB - Virtual size: 444KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cache/plugin/server/serv_server.ini
Cache/plugin/server/serv_server_0.1.dll
.dll windows:4 windows x86 arch:x86

c58db1b36018cb0c005d88e872a0e7e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathRemoveFileSpecW
PathFindExtensionA
PathFindFileNameW
wvnsprintfW
StrToIntExW
StrTrimW
StrToIntW
PathFindFileNameA

kernel32

FlushFileBuffers
RaiseException
SetStdHandle
LCMapStringW
GetStringTypeW
GetStringTypeA
SetFilePointer
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
GlobalAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualAlloc
VirtualFree
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
GetFileType
SetHandleCount
GetLastError
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetCurrentProcess
TerminateProcess
GetVersion
GetCommandLineA
LCMapStringA
LoadLibraryA
GetProcAddress
FreeLibrary
WriteFile
GetTickCount
CreateFileA
GetFileSize
ReadFile
CloseHandle
GetPrivateProfileStringA
GetModuleFileNameW
GetCommandLineW
GetModuleHandleW
lstrcmpW
RtlZeroMemory
lstrcmpiA
HeapDestroy
HeapCreate
GetAtomNameW
WideCharToMultiByte
MultiByteToWideChar
lstrcatW
lstrcmpiW
lstrcmpA
lstrlenW
lstrlenA
HeapFree
InterlockedDecrement
InterlockedIncrement
RtlMoveMemory
LocalSize
HeapAlloc
GetProcessHeap
GetModuleFileNameA
IsBadReadPtr
HeapReAlloc
ExitProcess
GetModuleHandleA
GlobalUnlock
GetStdHandle
GlobalLock

user32

GetCursorPos
PeekMessageA
GetMessageA
DispatchMessageA
wsprintfA
MessageBoxA
CharLowerW
CharUpperW
LoadStringW
UpdateLayeredWindow
DrawIconEx
LoadImageW
CreateIconFromResourceEx
SystemParametersInfoW
RegisterWindowMessageW
GetMenu
GetSystemMetrics
IsZoomed
IsIconic
SetRect
LoadIconW
UpdateWindow
PostQuitMessage
GetWindowTextLengthW
GetWindowTextW
GetParent
GetWindowLongW
SendMessageW
DestroyCursor
SetCursor
GetClientRect
SetCapture
ReleaseCapture
LoadCursorW
DestroyIcon
DestroyAcceleratorTable
GetSysColor
IsWindowVisible
IsWindowEnabled
EnableWindow
SetWindowPos
GetWindowRect
GetIconInfo
CreateMenu
CreatePopupMenu
GetSystemMenu
LoadMenuW
GetMenuInfo
DestroyMenu
GetMenuItemCount
GetMenuItemInfoW
AppendMenuW
InsertMenuW
SetMenu
DrawMenuBar
SetMenuInfo
GetSubMenu
GetMenuItemID
CheckMenuRadioItem
SetForegroundWindow
TrackPopupMenu
GetMenuStringW
GetMenuItemRect
GetMenuState
GetMenuDefaultItem
MenuItemFromPoint
RemoveMenu
CheckMenuItem
SetMenuItemInfoW
SetMenuDefaultItem
CreateWindowExW
GetClassInfoExW
RegisterClassExW
CreateDialogIndirectParamW
GetClassLongW
SetClassLongW
DestroyWindow
DialogBoxIndirectParamW
EndDialog
CreateDialogParamW
DialogBoxParamW
CreateMDIWindowW
FindWindowExW
IsWindow
GetAsyncKeyState
SetWindowLongW
GetAncestor
GetDlgItem
TrackMouseEvent
EndPaint
BeginPaint
SetWindowRgn
CallWindowProcW
DefWindowProcW
ShowWindow
PostMessageW
CopyIcon
SetFocus
DispatchMessageW
GetFocus
ScreenToClient
InvalidateRect
ValidateRect
MoveWindow
SetParent
SetWindowTextW
MessageBoxW
GetDC
ReleaseDC
SetTimer
KillTimer
SetPropW
SetPropA
GetPropW
GetPropA
RemovePropW
RemovePropA
EnumPropsExW
GetNextDlgTabItem
DrawTextA
OffsetRect
GetWindowDC
FillRect
ClientToScreen
GetMessageW
IsChild
TranslateMDISysAccel
TranslateAcceleratorW
IsDialogMessageW
TranslateMessage
GetClassNameW

shell32

DragAcceptFiles
DragFinish
DragQueryFileW
CommandLineToArgvW
Shell_NotifyIconW

gdi32

CreatePatternBrush
GetStockObject
SetTextColor
SetBkMode
CreateSolidBrush
DeleteDC
DeleteObject
CreateEllipticRgn
GetDIBits
CreateDIBitmap
StretchBlt
SetStretchBltMode
GetStretchBltMode
BitBlt
CreateDIBSection
CreateCompatibleDC
CreateFontIndirectW
GetObjectW
CreateRoundRectRgn
SetBkColor
SelectObject

gdiplus

GdipTranslateClip
GdipGetClip
GdipGetClipBounds
GdipGetVisibleClipBounds
GdipIsClipEmpty
GdipIsVisibleClipEmpty
GdipIsVisiblePoint
GdipIsVisibleRect
GdipSaveGraphics
GdipRestoreGraphics
GdipBeginContainer
GdipBeginContainer2
GdipEndContainer
GdipLoadImageFromFile
GdipLoadImageFromStream
GdipCloneImage
GdipGetImageRawFormat
GdipGetImagePixelFormat
GdipSaveImageToStream
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipGetImageDimension
GdipGetImageBounds
GdipGetImageWidth
GdipGetImageHeight
GdipGetImageHorizontalResolution
GdipGetImageVerticalResolution
GdipGetImageThumbnail
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipCreateHICONFromBitmap
GdipCreateFromHWND
GdipGetImageGraphicsContext
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipCreateBitmapFromGraphics
GdipCreateBitmapFromGdiDib
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromHICON
GdipCreateBitmapFromResource
GdipCloneBitmapArea
GdipBitmapSetResolution
GdipCreateSolidFill
GdipCreateMatrix
GdipTranslateMatrix
GdipRotateMatrix
GdipCreatePath
GdipCreatePath2
GdipClonePath
GdipResetPath
GdipGetPathFillMode
GdipSetPathFillMode
GdipGetPointCount
GdipGetPathData
GdipStartPathFigure
GdipClosePathFigure
GdipClosePathFigures
GdipResetClip
GdipClearPathMarkers
GdipReversePath
GdipGetPathLastPoint
GdipAddPathLine
GdipAddPathArc
GdipAddPathBezier
GdipAddPathCurve
GdipAddPathCurve2
GdipAddPathClosedCurve
GdipAddPathClosedCurve2
GdipAddPathRectangle
GdipAddPathLineI
GdipAddPathArcI
GdipAddPathEllipse
GdipAddPathPie
GdipAddPathPolygon
GdipAddPathPath
GdipAddPathString
GdipTransformPath
GdipGetPathWorldBounds
GdipFlattenPath
GdipWidenPath
GdipWindingModeOutline
GdipWarpPath
GdipIsVisiblePathPoint
GdipIsOutlineVisiblePathPoint
GdipCreateRegionRect
GdipCreateRegionHrgn
GdipCreateRegionPath
GdipCreateRegionRgnData
GdipCloneRegion
GdipSetInfinite
GdipSetEmpty
GdipCombineRegionRect
GdipCombineRegionRegion
GdipCombineRegionPath
GdipTranslateRegion
GdipTransformRegion
GdipGetRegionBounds
GdipGetRegionDataSize
GdipGetRegionData
GdipGetRegionHRgn
GdipIsEmptyRegion
GdipIsInfiniteRegion
GdipIsEqualRegion
GdipIsVisibleRegionPoint
GdipIsVisibleRegionRect
GdipGetRegionScansCount
GdipGetRegionScans
GdipNewInstalledFontCollection
GdipNewPrivateFontCollection
GdipPrivateAddFontFile
GdipPrivateAddMemoryFont
GdipGetFontCollectionFamilyCount
GdipGetFontCollectionFamilyList
GdipCloneFontFamily
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipGetGenericFontFamilySerif
GdipGetGenericFontFamilyMonospace
GdipGetFamilyName
GdipIsStyleAvailable
GdipGetEmHeight
GdipGetCellAscent
GdipGetCellDescent
GdipGetLineSpacing
GdipCreateMatrix2
GdipCreateMatrix3
GdipCloneMatrix
GdipSetMatrixElements
GdipGetMatrixElements
GdipMultiplyMatrix
GdipInvertMatrix
GdipScaleMatrix
GdipShearMatrix
GdipTransformMatrixPoints
GdipVectorTransformMatrixPoints
GdipIsMatrixInvertible
GdipIsMatrixIdentity
GdipIsMatrixEqual
GdipSetClipHrgn
GdipSetClipRegion
GdipSetClipRect
GdipSetClipPath
GdipSetClipGraphics
GdipDrawImagePointsRect
GdipDrawImagePointRect
GdipDrawImagePoints
GdipDrawImageRect
GdipDrawImageRectRect
GdipDrawImage
GdipDrawDriverString
GdipMeasureCharacterRanges
GdipCreateRegion
GdipMeasureString
GdipDrawString
GdipFillRegion
GdipFillClosedCurve2
GdipFillClosedCurve
GdipFillPath
GdipFillPie
GdipFillEllipse
GdipFillPolygon
GdipGraphicsClear
GdipDrawClosedCurve2
GdipDrawClosedCurve
GdipDrawCurve2
GdipDrawCurve
GdipDrawPath
GdipDrawPolygon
GdipDrawPie
GdipDrawRectangle
GdipDrawBezier
GdipDrawArc
GdipDrawLine
GdipGetNearestColor
GdipTransformPointsI
GdipTransformPoints
GdipGetDpiY
GdipGetDpiX
GdipGetPageScale
GdipSetPageScale
GdipGetPageUnit
GdipSetPageUnit
GdipRotateWorldTransform
GdipScaleWorldTransform
GdipTranslateWorldTransform
GdipResetWorldTransform
GdipDeleteMatrix
GdipGetWorldTransform
GdipSetWorldTransform
GdipGetPixelOffsetMode
GdipSetPixelOffsetMode
GdipGetSmoothingMode
GdipSetSmoothingMode
GdipGetInterpolationMode
GdipSetInterpolationMode
GdipGetTextRenderingHint
GdipSetTextRenderingHint
GdipReleaseDC
GdipGetDC
GdipFlush
GdipCreateHBITMAPFromBitmap
GdipSetImageAttributesColorMatrix
GdipGetImageAttributesAdjustedPalette
GdipSetImageAttributesWrapMode
GdipSetImageAttributesRemapTable
GdipSetImageAttributesOutputChannelColorProfile
GdipSetImageAttributesOutputChannel
GdipSetImageAttributesColorKeys
GdipSetImageAttributesGamma
GdipSetImageAttributesNoOp
GdipSetImageAttributesThreshold
GdipResetImageAttributes
GdipSetImageAttributesToIdentity
GdipCloneImageAttributes
GdipCreateImageAttributes
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipGetFontHeightGivenDPI
GdipGetFontHeight
GdipGetFontUnit
GdipGetFontSize
GdipGetFontStyle
GdipGetFamily
GdipGetLogFontA
GdipGetLogFontW
GdipCreateFromHDC
GdipCloneFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDeleteFontFamily
GdipDeletePrivateFontCollection
GdipCreateFontFromLogfontW
GdipCreateFont
GdipDeleteRegion
GdipDeletePath
GdiplusStartup
GdipDeleteFont
GdipDisposeImage
GdipDeleteGraphics
GdipDisposeImageAttributes
GdipDeleteBrush
GdipFillRectangle
GdipCreateTexture
GdipSetPathMarker
GdipDrawEllipse

crypt32

CryptStringToBinaryW

comctl32

ImageList_Add
ImageList_AddMasked
ImageList_Copy
ImageList_Duplicate
ImageList_ReplaceIcon
ImageList_Replace
ImageList_Remove
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_GetIcon
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_SetImageCount
ImageList_GetImageInfo
ImageList_Write
ImageList_Draw
ImageList_DrawEx
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_EndDrag
ImageList_GetImageCount
ImageList_LoadImageW
ImageList_Read
ImageList_Create
InitCommonControlsEx
ImageList_Destroy
ImageList_AddIcon

atl

ord42

msimg32

AlphaBlend

ole32

CoUninitialize
CoInitialize
CLSIDFromString
GetHGlobalFromStream
StringFromGUID2
CreateStreamOnHGlobal

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime

Exports

Exports

data_call_back_entry
service_management
socket_ssf_client

Sections

.text
Size: 444KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cache/plugin/server/video_screen.ini
Cache/plugin/server/video_screen_0.2.dll
.dll windows:4 windows x86 arch:x86

f5e9b45868e1171b433ae5da4f5762a8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapCreate
HeapDestroy
lstrcmpiA
RtlZeroMemory
lstrcmpW
GetModuleHandleW
GetCommandLineW
GetModuleFileNameW
GetModuleHandleA
ExitProcess
HeapReAlloc
IsBadReadPtr
GetModuleFileNameA
GetPrivateProfileStringA
WritePrivateProfileStringA
FreeLibrary
GetProcAddress
LCMapStringA
CloseHandle
FlushFileBuffers
RaiseException
SetStdHandle
LCMapStringW
GetStringTypeW
GetAtomNameW
SetFilePointer
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WriteFile
VirtualFree
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetLastError
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetCurrentProcess
TerminateProcess
GetVersion
GetCommandLineA
WideCharToMultiByte
GlobalFree
GlobalUnlock
WriteProcessMemory
GlobalLock
GlobalAlloc
VirtualAlloc
lstrcpynA
SetEvent
WaitForSingleObject
MultiByteToWideChar
lstrcatW
lstrcmpiW
lstrcmpA
lstrlenW
lstrlenA
HeapFree
InterlockedDecrement
InterlockedIncrement
LocalSize
HeapAlloc
GetProcessHeap
CreateEventA
LoadLibraryA
GetStringTypeA
RtlMoveMemory

user32

SetMenuItemInfoW
SetMenuDefaultItem
CreateIconFromResourceEx
LoadImageW
DrawIconEx
UpdateLayeredWindow
LoadStringW
CharUpperW
CheckMenuItem
MessageBoxA
wsprintfA
DispatchMessageA
GetMessageA
PeekMessageA
CloseClipboard
GetClipboardData
OpenClipboard
RemoveMenu
MenuItemFromPoint
GetMenuDefaultItem
GetMenuState
GetMenuItemRect
GetMenuStringW
TrackPopupMenu
CheckMenuRadioItem
SetForegroundWindow
GetMenuItemID
GetSubMenu
SetMenuInfo
InsertMenuW
CharLowerW
AppendMenuW
DrawMenuBar
SetMenu
GetMenu
GetSystemMetrics
IsZoomed
IsIconic
GetMenuItemInfoW
LoadIconW
EnumPropsExW
RemovePropA
RemovePropW
GetPropA
GetPropW
SetPropW
KillTimer
SetTimer
MessageBoxW
SetWindowTextW
SetParent
MoveWindow
GetAsyncKeyState
IsWindow
FindWindowExW
GetClassNameW
GetWindowTextLengthW
GetWindowTextW
GetParent
GetWindowLongW
SendMessageW
DestroyCursor
SetCursor
GetClientRect
SetCapture
ReleaseCapture
LoadCursorW
DestroyIcon
DestroyAcceleratorTable
GetSysColor
IsWindowVisible
IsWindowEnabled
EnableWindow
SetWindowPos
GetWindowRect
GetIconInfo
GetDC
ReleaseDC
CreateWindowExW
GetClassInfoExW
RegisterClassExW
CreateDialogIndirectParamW
GetClassLongW
SetClassLongW
DestroyWindow
DialogBoxIndirectParamW
EndDialog
CreateDialogParamW
DialogBoxParamW
CreateMDIWindowW
CallWindowProcW
DefWindowProcW
ShowWindow
PostMessageW
GetMenuItemCount
DestroyMenu
GetMenuInfo
LoadMenuW
GetSystemMenu
CreatePopupMenu
CreateMenu
PostQuitMessage
IsDialogMessageW
TranslateMDISysAccel
IsChild
GetNextDlgTabItem
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
SystemParametersInfoW
GetMessageW
SetRect
RegisterWindowMessageW
CopyIcon
SetFocus
GetFocus
ScreenToClient
InvalidateRect
ValidateRect
GetAncestor
GetDlgItem
TrackMouseEvent
EndPaint
BeginPaint
SetWindowRgn
MsgWaitForMultipleObjects
CallWindowProcA
SetWindowLongA
SetPropA
SetWindowLongW
UpdateWindow

shlwapi

wvnsprintfW
PathFindFileNameW
PathRemoveFileSpecW
StrToIntW
StrTrimW
PathFindExtensionA
PathFindFileNameA
StrToIntExW

shell32

DragAcceptFiles
Shell_NotifyIconW
DragFinish
DragQueryFileW
CommandLineToArgvW

gdi32

CreateCompatibleDC
CreateRoundRectRgn
GetStockObject
CreateSolidBrush
CreatePatternBrush
GetObjectW
BitBlt
SetStretchBltMode
StretchBlt
CreateFontIndirectW
CreateEllipticRgn
GetDIBits
CreateDIBSection
GdiFlush
SetBkColor
DeleteDC
GetStretchBltMode
DeleteObject
SelectObject

gdiplus

GdipGetClipBoundsI
GdipGetVisibleClipBounds
GdipGetVisibleClipBoundsI
GdipIsClipEmpty
GdipIsVisibleClipEmpty
GdipIsVisiblePoint
GdipIsVisiblePointI
GdipIsVisibleRect
GdipIsVisibleRectI
GdipSetWorldTransform
GdipGetWorldTransform
GdipDeleteMatrix
GdipSetPageUnit
GdipGetPageUnit
GdipSetPageScale
GdipGetPageScale
GdipGetDpiX
GdipGetDpiY
GdipTransformPoints
GdipTransformPointsI
GdipGetNearestColor
GdipSetPenWidth
GdipSetPenColor
GdipGetBrushType
GdipSetTextRenderingHint
GdipGetTextRenderingHint
GdipSetInterpolationMode
GdipGetInterpolationMode
GdipSetPixelOffsetMode
GdipGetPixelOffsetMode
GdiplusStartup
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateImageAttributes
GdipCloneImageAttributes
GdipSetImageAttributesToIdentity
GdipResetImageAttributes
GdipSetImageAttributesThreshold
GdipSetImageAttributesNoOp
GdipSetImageAttributesGamma
GdipSetImageAttributesColorKeys
GdipSetImageAttributesOutputChannel
GdipSetImageAttributesOutputChannelColorProfile
GdipSetImageAttributesRemapTable
GdipSetImageAttributesWrapMode
GdipGetImageAttributesAdjustedPalette
GdipSetImageAttributesColorMatrix
GdipCreateHBITMAPFromBitmap
GdipCreateFromHDC
GdipGetDC
GdipReleaseDC
GdipGraphicsClear
GdipCreateRegion
GdipMeasureCharacterRanges
GdipSetClipHrgn
GdipSaveGraphics
GdipRestoreGraphics
GdipBeginContainer
GdipBeginContainer2
GdipEndContainer
GdipLoadImageFromFile
GdipLoadImageFromStream
GdipCloneImage
GdipGetImageRawFormat
GdipGetImagePixelFormat
GdipSaveImageToStream
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipGetImageDimension
GdipGetClipBounds
GdipGetImageWidth
GdipGetImageHeight
GdipGetImageHorizontalResolution
GdipGetImageVerticalResolution
GdipGetImageThumbnail
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipCreateHICONFromBitmap
GdipCreateFromHWND
GdipGetImageGraphicsContext
GdipCreateFont
GdipCreateFontFromLogfontW
GdipDeletePrivateFontCollection
GdipDeleteFontFamily
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipCloneFont
GdipGetLogFontW
GdipGetLogFontA
GdipGetFamily
GdipGetFontStyle
GdipGetFontSize
GdipGetFontUnit
GdipGetFontHeight
GdipGetFontHeightGivenDPI
GdipCreatePath
GdipCreatePath2
GdipClonePath
GdipResetPath
GdipGetPathFillMode
GdipSetPathFillMode
GdipGetPointCount
GdipGetPathData
GdipStartPathFigure
GdipClosePathFigure
GdipClosePathFigures
GdipSetPathMarker
GdipClearPathMarkers
GdipReversePath
GdipGetPathLastPoint
GdipAddPathLine
GdipAddPathArc
GdipAddPathBezier
GdipAddPathCurve
GdipAddPathCurve2
GdipAddPathClosedCurve
GdipAddPathClosedCurve2
GdipAddPathRectangle
GdipAddPathLineI
GdipAddPathArcI
GdipAddPathEllipse
GdipAddPathPie
GdipAddPathPolygon
GdipAddPathPath
GdipAddPathString
GdipTransformPath
GdipGetPathWorldBounds
GdipGetClip
GdipWidenPath
GdipWindingModeOutline
GdipWarpPath
GdipIsVisiblePathPoint
GdipIsOutlineVisiblePathPoint
GdipCreateRegionRect
GdipCreateRegionHrgn
GdipCreateRegionPath
GdipCreateRegionRgnData
GdipCloneRegion
GdipSetInfinite
GdipSetEmpty
GdipCombineRegionRect
GdipCombineRegionRegion
GdipCombineRegionPath
GdipTranslateRegion
GdipTransformRegion
GdipGetRegionBounds
GdipGetRegionDataSize
GdipGetRegionData
GdipGetRegionHRgn
GdipIsEmptyRegion
GdipIsInfiniteRegion
GdipIsEqualRegion
GdipIsVisibleRegionPoint
GdipIsVisibleRegionRect
GdipGetRegionScansCount
GdipGetRegionScans
GdipCreatePen1
GdipCreatePen2
GdipClonePen
GdipGetPenWidth
GdipGetPenUnit
GdipSetPenUnit
GdipSetPenLineCap197819
GdipSetPenStartCap
GdipSetPenEndCap
GdipSetPenDashCap197819
GdipGetPenStartCap
GdipGetPenEndCap
GdipGetPenDashCap197819
GdipSetPenLineJoin
GdipGetPenLineJoin
GdipSetPenCustomStartCap
GdipGetPenCustomStartCap
GdipSetPenCustomEndCap
GdipGetPenCustomEndCap
GdipSetPenMiterLimit
GdipGetPenMiterLimit
GdipSetPenMode
GdipGetPenMode
GdipSetPenTransform
GdipGetPenTransform
GdipResetPenTransform
GdipMultiplyPenTransform
GdipRotatePenTransform
GdipTranslatePenTransform
GdipScalePenTransform
GdipGetPenColor
GdipSetPenBrushFill
GdipGetPenBrushFill
GdipGetPenFillType
GdipSetPenDashStyle
GdipGetPenDashStyle
GdipGetPenDashOffset
GdipSetPenDashOffset
GdipGetPenDashCount
GdipGetPenDashArray
GdipSetPenDashArray
GdipSetPenCompoundArray
GdipGetPenCompoundCount
GdipGetPenCompoundArray
GdipCloneBrush
GdipCreateSolidFill
GdipSetSolidFillColor
GdipGetSolidFillColor
GdipCreateStringFormat
GdipStringFormatGetGenericDefault
GdipStringFormatGetGenericTypographic
GdipCloneStringFormat
GdipSetStringFormatFlags
GdipGetStringFormatFlags
GdipSetStringFormatAlign
GdipGetStringFormatAlign
GdipSetStringFormatLineAlign
GdipGetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipGetStringFormatTrimming
GdipSetStringFormatHotkeyPrefix
GdipGetStringFormatHotkeyPrefix
GdipSetStringFormatTabStops
GdipGetStringFormatTabStopCount
GdipGetStringFormatTabStops
GdipSetStringFormatDigitSubstitution
GdipGetStringFormatDigitSubstitution
GdipSetStringFormatMeasurableCharacterRanges
GdipGetStringFormatMeasurableCharacterRangeCount
GdipCreateMatrix
GdipCreateMatrix2
GdipCreateMatrix3
GdipCloneMatrix
GdipSetMatrixElements
GdipGetMatrixElements
GdipMultiplyMatrix
GdipTranslateMatrix
GdipRotateMatrix
GdipInvertMatrix
GdipScaleMatrix
GdipShearMatrix
GdipTransformMatrixPoints
GdipVectorTransformMatrixPoints
GdipIsMatrixInvertible
GdipIsMatrixIdentity
GdipIsMatrixEqual
GdipCreateHatchBrush
GdipGetHatchStyle
GdipGetHatchForegroundColor
GdipGetHatchBackgroundColor
GdipCreateTexture2
GdipGetTextureTransform
GdipSetTextureTransform
GdipResetTextureTransform
GdipMultiplyTextureTransform
GdipTranslateTextureTransform
GdipScaleTextureTransform
GdipRotateTextureTransform
GdipGetTextureWrapMode
GdipSetTextureWrapMode
GdipGetTextureImage
GdipCreateLineBrush
GdipCreateLineBrushFromRect
GdipCreateLineBrushFromRectWithAngle
GdipGetLineColors
GdipSetLineColors
GdipGetLineRect
GdipSetLineGammaCorrection
GdipGetLineGammaCorrection
GdipSetLineBlend
GdipGetLineBlendCount
GdipGetLineBlend
GdipSetLinePresetBlend
GdipGetLinePresetBlendCount
GdipGetLinePresetBlend
GdipSetLineSigmaBlend
GdipSetLineLinearBlend
GdipGetLineWrapMode
GdipSetLineWrapMode
GdipGetLineTransform
GdipSetLineTransform
GdipResetLineTransform
GdipMultiplyLineTransform
GdipTranslateLineTransform
GdipScaleLineTransform
GdipRotateLineTransform
GdipCreatePathGradient
GdipCreatePathGradientFromPath
GdipGetPathGradientCenterColor
GdipSetPathGradientCenterColor
GdipGetPathGradientPointCount
GdipGetPathGradientSurroundColorCount
GdipGetPathGradientSurroundColorsWithCount
GdipSetPathGradientSurroundColorsWithCount
GdipGetPathGradientPath
GdipSetPathGradientPath
GdipGetPathGradientCenterPoint
GdipSetPathGradientCenterPoint
GdipGetPathGradientRect
GdipSetPathGradientGammaCorrection
GdipGetPathGradientGammaCorrection
GdipGetPathGradientBlendCount
GdipSetPathGradientBlend
GdipGetPathGradientBlend
GdipGetPathGradientPresetBlendCount
GdipSetPathGradientPresetBlend
GdipGetPathGradientPresetBlend
GdipSetPathGradientSigmaBlend
GdipSetPathGradientLinearBlend
GdipGetPathGradientFocusScales
GdipSetPathGradientFocusScales
GdipGetPathGradientWrapMode
GdipSetPathGradientWrapMode
GdipGetPathGradientTransform
GdipSetPathGradientTransform
GdipResetPathGradientTransform
GdipMultiplyPathGradientTransform
GdipTranslatePathGradientTransform
GdipScalePathGradientTransform
GdipRotatePathGradientTransform
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipCreateBitmapFromGraphics
GdipCreateBitmapFromGdiDib
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromHICON
GdipCreateBitmapFromResource
GdipCloneBitmapArea
GdipBitmapSetResolution
GdipNewInstalledFontCollection
GdipNewPrivateFontCollection
GdipPrivateAddFontFile
GdipPrivateAddMemoryFont
GdipGetFontCollectionFamilyCount
GdipGetFontCollectionFamilyList
GdipCloneFontFamily
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipGetGenericFontFamilySerif
GdipGetGenericFontFamilyMonospace
GdipGetFamilyName
GdipIsStyleAvailable
GdipGetEmHeight
GdipGetCellAscent
GdipGetCellDescent
GdipGetLineSpacing
GdipTranslateClipI
GdipTranslateClip
GdipResetClip
GdipSetClipRegion
GdipSetClipRectI
GdipSetClipRect
GdipSetClipPath
GdipSetClipGraphics
GdipDrawImagePointsRectI
GdipDrawImagePointsRect
GdipDrawImagePointRectI
GdipDrawImagePointRect
GdipDrawImagePointsI
GdipDrawImagePoints
GdipDrawImageRectI
GdipDrawImageRect
GdipDrawImageRectRectI
GdipDrawImageRectRect
GdipDrawImageI
GdipDrawImage
GdipDrawDriverString
GdipMeasureString
GdipDrawString
GdipFillRegion
GdipFillClosedCurve2I
GdipFillClosedCurve2
GdipFillClosedCurveI
GdipFillClosedCurve
GdipFillPieI
GdipFillPie
GdipFillEllipse
GdipFillPolygonI
GdipFillPolygon
GdipFillPath
GdipFillRectangleI
GdipDrawClosedCurve2I
GdipDrawClosedCurveI
GdipDrawClosedCurve2
GdipDrawClosedCurve
GdipDrawCurve2I
GdipDrawCurveI
GdipDrawCurve2
GdipDrawCurve
GdipDrawPath
GdipDrawPolygonI
GdipDrawPolygon
GdipDrawPieI
GdipDrawPie
GdipDrawEllipseI
GdipDrawEllipse
GdipSetSmoothingMode
GdipGetSmoothingMode
GdipDrawRectangleI
GdipDrawRectangle
GdipDrawBezierI
GdipDrawBezier
GdipDrawArcI
GdipDrawArc
GdipDrawLineI
GdipDrawLine
GdipRotateWorldTransform
GdipScaleWorldTransform
GdipTranslateWorldTransform
GdipResetWorldTransform
GdipFlush
GdipDeleteStringFormat
GdipDeletePen
GdipDeleteRegion
GdipDeletePath
GdipDeleteFont
GdiplusShutdown
GdipDisposeImage
GdipDeleteGraphics
GdipDisposeImageAttributes
GdipDeleteBrush
GdipFillRectangle
GdipCreateTexture
GdipFlattenPath
GdipGetImageBounds

ole32

CoUninitialize
CoInitialize
CLSIDFromString
GetHGlobalFromStream
StringFromGUID2
CreateStreamOnHGlobal

crypt32

CryptStringToBinaryW

atl

ord42

comctl32

InitCommonControlsEx

msimg32

AlphaBlend

oleaut32

VariantTimeToSystemTime

Exports

Exports

data_call_back_entry
service_management
socket_ssf_client

Sections

.text
Size: 448KB - Virtual size: 444KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cache/qqwry.dat
Cache/release.bat
Cache/rule.txt
Cache/variable/variable.txt
Cache/windows/Advanced Customization/Main.ini
Cache/windows/Advanced Customization/主体窗口图标.png
.png
Cache/windows/win_main/list.txt
Cache/windows/win_main/safe.txt
Cache/刺客远程管理.ini
ebxshouquan.dat
ico/1.ini
ico/1.localstorage
ico/1.md5
ico/1.sys
ico/1.txt
ico/1.url
ico/1BOOTNXT
ico/1bootmgr
ico/wjj.bmp
ssdl_data_thread.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

Call6P
ssdl_data_thread
Ŀ¼_ȡ��Ŀ¼

Sections

UPX0
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 563B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 366B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
winspool.drv
.dll windows:4 windows x86 arch:x86

1ce67502847c1640ec74e4b2bde67460

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindFirstFileA
GlobalUnlock
SetStdHandle
IsBadCodePtr
IsBadReadPtr
CompareStringW
CompareStringA
SetUnhandledExceptionFilter
GetStringTypeW
FindClose
IsBadWritePtr
VirtualAlloc
LCMapStringW
LCMapStringA
SetEnvironmentVariableA
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetACP
HeapSize
TerminateProcess
RaiseException
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
GetOEMCP
GetCPInfo
GetProcessVersion
SetErrorMode
GlobalFlags
GetCurrentThread
GetFileTime
GetFileSize
SuspendThread
ReleaseMutex
CreateMutexA
TerminateThread
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
ReadFile
WaitForMultipleObjects
CreateFileA
SetEvent
FindResourceA
LoadResource
LockResource
GetModuleFileNameA
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
lstrlenA
WinExec
lstrcpyA
FindNextFileA
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetFullPathNameA
FreeLibrary
LoadLibraryA
GetLastError
GetVersionExA
WritePrivateProfileStringA
CreateThread
CreateEventA
Sleep
GlobalAlloc
GlobalLock
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
lstrcmpA
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpiA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
GetFileAttributesA
SetCurrentDirectoryA
DuplicateHandle
lstrcpynA
SetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetVolumeInformationA
GetModuleHandleA
GetProcAddress
MulDiv
GetCommandLineA
GetTickCount
WaitForSingleObject
GetStringTypeA
CloseHandle

user32

OpenClipboard
GetClipboardData
CloseClipboard
SetClipboardData
EmptyClipboard
GetSystemMetrics
wsprintfA
AdjustWindowRectEx
GetCursorPos
MessageBoxA
SetWindowPos
SendMessageA
DestroyCursor
SetParent
IsWindow
PostMessageA
GetTopWindow
GetParent
GetFocus
GetClientRect
InvalidateRect
ValidateRect
UpdateWindow
EqualRect
GetWindowRect
SetForegroundWindow
DestroyMenu
IsChild
TranslateMessage
LoadIconA
DrawFrameControl
DrawEdge
DrawFocusRect
WindowFromPoint
GetMessageA
DispatchMessageA
SetRectEmpty
RegisterClipboardFormatA
CreateIconFromResourceEx
CreateIconFromResource
DrawIconEx
CreatePopupMenu
AppendMenuA
ModifyMenuA
CreateMenu
CreateAcceleratorTableA
SystemParametersInfoA
ShowWindow
IsWindowEnabled
TranslateAcceleratorA
CopyAcceleratorTableA
PostQuitMessage
IsZoomed
GetDlgCtrlID
GetSubMenu
EnableMenuItem
ClientToScreen
EnumDisplaySettingsA
LoadImageA
GetClassInfoA
DefWindowProcA
GetKeyState
GetMenu
SetMenu
PeekMessageA
IsIconic
SetFocus
GetActiveWindow
GetWindow
DestroyAcceleratorTable
SetWindowRgn
GetMessagePos
ScreenToClient
ChildWindowFromPointEx
CopyRect
LoadBitmapA
WinHelpA
KillTimer
SetTimer
ReleaseCapture
GetWindowTextA
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetDlgItem
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
RegisterWindowMessageA
GetForegroundWindow
GetLastActivePopup
ReleaseDC
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetScrollPos
GetMessageTime
MapWindowPoints
SendDlgItemMessageA
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
GetClassNameA
GetDesktopWindow
UnregisterClassA
LoadStringA
GetSysColorBrush
GetCapture
SetCapture
GetScrollRange
SetScrollRange
SetScrollPos
SetRect
InflateRect
IntersectRect
DestroyIcon
PtInRect
OffsetRect
IsWindowVisible
EnableWindow
RedrawWindow
GetWindowLongA
SetWindowLongA
GetSysColor
SetActiveWindow
SetCursorPos
LoadCursorA
SetCursor
GetDC
FillRect
IsRectEmpty

gdi32

RestoreDC
SetBkColor
CreateRectRgnIndirect
SetStretchBltMode
GetClipRgn
CreatePolygonRgn
SelectClipRgn
DeleteObject
CreateDIBitmap
GetSystemPaletteEntries
CreatePalette
StretchBlt
SelectPalette
RealizePalette
GetDIBits
BeginPath
EndPath
PathToRegion
CreateEllipticRgn
CreateRoundRectRgn
GetWindowExtEx
GetViewportOrgEx
GetWindowOrgEx
GetTextColor
GetBkMode
GetBkColor
GetROP2
GetStretchBltMode
GetPolyFillMode
CreateCompatibleBitmap
CreateDCA
CreateBitmap
SelectObject
GetObjectA
CreatePen
PatBlt
CombineRgn
CreateRectRgn
FillRgn
CreateSolidBrush
GetStockObject
CreateFontIndirectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
CreateCompatibleDC
Ellipse
Rectangle
LPtoDP
DPtoLP
GetCurrentObject
RoundRect
GetTextExtentPoint32A
GetDeviceCaps
SaveDC
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
GetTextMetricsA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetViewportExtEx
ExtSelectClipRgn
LineTo
MoveToEx
ExcludeClipRect
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx

winmm

waveOutOpen
midiStreamRestart
midiStreamClose
midiOutReset
midiStreamStop
midiStreamOut
midiOutPrepareHeader
midiStreamProperty
midiStreamOpen
midiOutUnprepareHeader
waveOutGetNumDevs
waveOutClose
waveOutReset
waveOutPause
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutRestart

advapi32

RegQueryValueA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA

shell32

Shell_NotifyIconA
ShellExecuteA

ole32

OleUninitialize
OleInitialize
CLSIDFromString

oleaut32

UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi

comctl32

ImageList_Destroy
ord17

ws2_32

recv
accept
ntohl
inet_ntoa
WSACleanup
closesocket
WSAAsyncSelect
getpeername
recvfrom
ioctlsocket

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA

Exports

Exports

ADVANCEDSETUPDIALOG
AbortPrinter
AddFormA
AddFormW
AddJobA
AddJobW
AddMonitorA
AddMonitorW
AddPortA
AddPortExA
AddPortExW
AddPortW
AddPrintProcessorA
AddPrintProcessorW
AddPrintProvidorA
AddPrintProvidorW
AddPrinterA
AddPrinterConnection2A
AddPrinterConnection2W
AddPrinterConnectionA
AddPrinterConnectionW
AddPrinterDriverA
AddPrinterDriverExA
AddPrinterDriverExW
AddPrinterDriverW
AddPrinterW
AdvancedDocumentPropertiesA
AdvancedDocumentPropertiesW
AdvancedSetupDialog
ClosePrinter
CloseSpoolFileHandle
CommitSpoolData
ConfigurePortA
ConfigurePortW
ConnectToPrinterDlg
ConvertAnsiDevModeToUnicodeDevmode
ConvertUnicodeDevModeToAnsiDevmode
CorePrinterDriverInstalledA
CorePrinterDriverInstalledW
CreatePrintAsyncNotifyChannel
CreatePrinterIC
DEVICECAPABILITIES
DEVICEMODE
DeleteFormA
DeleteFormW
DeleteMonitorA
DeleteMonitorW
DeletePortA
DeletePortW
DeletePrintProcessorA
DeletePrintProcessorW
DeletePrintProvidorA
DeletePrintProvidorW
DeletePrinter
DeletePrinterConnectionA
DeletePrinterConnectionW
DeletePrinterDataA
DeletePrinterDataExA
DeletePrinterDataExW
DeletePrinterDataW
DeletePrinterDriverA
DeletePrinterDriverExA
DeletePrinterDriverExW
DeletePrinterDriverPackageA
DeletePrinterDriverPackageW
DeletePrinterDriverW
DeletePrinterIC
DeletePrinterKeyA
DeletePrinterKeyW
DevQueryPrint
DevQueryPrintEx
DeviceCapabilities
DeviceCapabilitiesA
DeviceCapabilitiesW
DeviceMode
DevicePropertySheets
DocumentEvent
DocumentPropertiesA
DocumentPropertiesW
DocumentPropertySheets
EXTDEVICEMODE
EndDocPrinter
EndPagePrinter
EnumFormsA
EnumFormsW
EnumJobsA
EnumJobsW
EnumMonitorsA
EnumMonitorsW
EnumPortsA
EnumPortsW
EnumPrintProcessorDatatypesA
EnumPrintProcessorDatatypesW
EnumPrintProcessorsA
EnumPrintProcessorsW
EnumPrinterDataA
EnumPrinterDataExA
EnumPrinterDataExW
EnumPrinterDataW
EnumPrinterDriversA
EnumPrinterDriversW
EnumPrinterKeyA
EnumPrinterKeyW
EnumPrintersA
EnumPrintersW
ExtDeviceMode
FindClosePrinterChangeNotification
FindFirstPrinterChangeNotification
FindNextPrinterChangeNotification
FlushPrinter
FreePrinterNotifyInfo
GetCorePrinterDriversA
GetCorePrinterDriversW
GetDefaultPrinterA
GetDefaultPrinterW
GetFormA
GetFormW
GetJobA
GetJobW
GetPrintExecutionData
GetPrintProcessorDirectoryA
GetPrintProcessorDirectoryW
GetPrinterA
GetPrinterDataA
GetPrinterDataExA
GetPrinterDataExW
GetPrinterDataW
GetPrinterDriver2A
GetPrinterDriver2W
GetPrinterDriverA
GetPrinterDriverDirectoryA
GetPrinterDriverDirectoryW
GetPrinterDriverPackagePathA
GetPrinterDriverPackagePathW
GetPrinterDriverW
GetPrinterW
GetSpoolFileHandle
ID100
ID101
ID102
ID103
ID205
ID206
ID207
ID208
ID209
ID210
ID211
ID212
ID213
ID214
ID215
ID216
ID217
ID218
ID219
ID220
InstallPrinterDriverFromPackageA
InstallPrinterDriverFromPackageW
IsValidDevmodeA
IsValidDevmodeW
OpenPrinter2A
OpenPrinter2W
OpenPrinterA
OpenPrinterW
PerfClose
PerfCollect
PerfOpen
PlayGdiScriptOnPrinterIC
PrinterMessageBoxA
PrinterMessageBoxW
PrinterProperties
QueryColorProfile
QueryRemoteFonts
QuerySpoolMode
ReadPrinter
RegisterForPrintAsyncNotifications
ReportJobProcessingProgress
ResetPrinterA
ResetPrinterW
ScheduleJob
SeekPrinter
SetDefaultPrinterA
SetDefaultPrinterW
SetFormA
SetFormW
SetJobA
SetJobW
SetPortA
SetPortW
SetPrinterA
SetPrinterDataA
SetPrinterDataExA
SetPrinterDataExW
SetPrinterDataW
SetPrinterW
SplDriverUnloadComplete
SpoolerDevQueryPrintW
SpoolerPrinterEvent
StartDocDlgA
StartDocDlgW
StartDocPrinterA
StartDocPrinterW
StartPagePrinter
UnRegisterForPrintAsyncNotifications
UploadPrinterDriverPackageA
UploadPrinterDriverPackageW
WaitForPrinterChange
WritePrinter
XcvDataW
��

Sections

.text
Size: 616KB - Virtual size: 612KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
刺客远程管理.exe
.exe windows:5 windows x86 arch:x86

99901b9697bda9f2bb9bfaa466d7b500

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalDeleteAtom
LocalFree
GlobalHandle
TlsFree
GlobalReAlloc
LocalReAlloc
GlobalFlags
lstrcpyA
SetLastError
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetVersion
FindResourceA
DeleteCriticalSection
SetErrorMode
FlushFileBuffers
GetCPInfo
GetOEMCP
GetStartupInfoA
RtlUnwind
TerminateProcess
RaiseException
HeapSize
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
IsBadWritePtr
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
SetStdHandle
GetLastError
GetVersionExA
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
LeaveCriticalSection
InitializeCriticalSection
EnterCriticalSection
LCMapStringA
FreeLibrary
GetCommandLineA
SetFilePointer
GetUserDefaultLCID
WritePrivateProfileStringA
GetTickCount
GetModuleFileNameA
CreateFileA
GetPrivateProfileStringA
HeapReAlloc
MulDiv
WriteFile
ReadFile
GetFileSize
CreateFileW
WaitForSingleObject
Sleep
SetEvent
CreateEventW
ResetEvent
VirtualProtect
FlushInstructionCache
GetModuleFileNameW
GetCommandLineW
GetModuleHandleW
LoadLibraryW
GetModuleHandleExW
lstrcmpW
HeapDestroy
HeapCreate
GlobalUnlock
GlobalLock
GetAtomNameW
WideCharToMultiByte
GetThreadTimes
OpenThread
ExitThread
GetCurrentThread
GetModuleHandleA
ExitProcess
VirtualQuery
GetProcAddress
LoadLibraryA
VirtualFree
RtlZeroMemory
LockResource
LoadResource
FindResourceW
lstrcatW
lstrcmpiW
lstrcmpA
lstrlenW
lstrlenA
HeapFree
InterlockedDecrement
InterlockedIncrement
LocalSize
HeapAlloc
GetProcessHeap
lstrcpyn
MultiByteToWideChar
CreateProcessW
GetLocalTime
lstrcatA
GlobalFree
GlobalAlloc
GetCurrentThreadId
Module32Next
Module32First
CreateToolhelp32Snapshot
TlsSetValue
TlsGetValue
TlsAlloc
VirtualAlloc
RtlMoveMemory
SetEnvironmentVariableA
GetEnvironmentVariableA
GetCurrentProcessId
IsBadReadPtr
lstrcmpiA
IsBadCodePtr
CreateThread
LocalAlloc
GetCurrentProcess
lstrcpynA
CloseHandle
VirtualQueryEx
GetProcessVersion
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetWindowTextLengthA
GetWindowTextA
OpenClipboard
EmptyClipboard
CloseClipboard
GetWindowLongA
GetMessageA
DispatchMessageA
wsprintfA
SendDlgItemMessageW
SetDlgItemTextW
GetDlgItemTextW
SetDlgItemInt
GetDlgItemInt
SetWindowLongA
SetWindowTextA
SendMessageA
CreateDialogIndirectParamA
IsWindow
PeekMessageA
GetAsyncKeyState
SetWindowLongW
GetAncestor
GetDlgItem
TrackMouseEvent
EndPaint
BeginPaint
SetWindowRgn
SetClipboardData
GetClassNameA
GetWindowThreadProcessId
GetWindow
GetDesktopWindow
MessageBoxA
wvsprintfA
MsgWaitForMultipleObjects
FindWindowExW
MapDialogRect
GetDialogBaseUnits
CallWindowProcA
CharLowerW
CharUpperW
LoadStringW
PostQuitMessage
IsDialogMessageW
TranslateMDISysAccel
IsChild
DrawIconEx
LoadImageW
CreateIconFromResourceEx
MapWindowPoints
PtInRect
DrawFrameControl
PostThreadMessageA
UnregisterClassA
LoadStringA
GetSysColorBrush
LoadCursorA
LoadIconA
AdjustWindowRectEx
CopyRect
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
CreateWindowExA
GetClassLongA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
SystemParametersInfoA
GetWindowPlacement
IsDialogMessageA
SendDlgItemMessageA
GrayStringA
TabbedTextOutA
UnhookWindowsHookEx
GetDlgCtrlID
RegisterClipboardFormatA
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
SetMenuItemBitmaps
EnableMenuItem
GetKeyState
CallNextHookEx
SetWindowsHookExA
GetLastActivePopup
PostMessageA
GetClassNameW
SetActiveWindow
GetActiveWindow
GetForegroundWindow
DrawFocusRect
CheckRadioButton
FindWindowExA
UpdateLayeredWindow
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
SystemParametersInfoW
RegisterWindowMessageW
GetMenu
GetSystemMetrics
IsZoomed
IsIconic
LoadIconW
EnumPropsExW
RemovePropA
RemovePropW
GetPropW
SetPropW
KillTimer
SetTimer
MessageBoxW
SetWindowTextW
SetParent
UpdateWindow
ValidateRect
InvalidateRect
GetFocus
CopyIcon
PostMessageW
CreateMDIWindowW
DialogBoxParamW
CreateDialogParamW
EndDialog
DialogBoxIndirectParamW
DestroyWindow
SetClassLongW
GetClassLongW
CreateDialogIndirectParamW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
SetMenuDefaultItem
SetMenuItemInfoW
CheckMenuItem
RemoveMenu
MenuItemFromPoint
GetMenuDefaultItem
GetMenuState
GetMenuItemRect
GetMenuStringW
TrackPopupMenu
SetForegroundWindow
CheckMenuRadioItem
GetMenuItemID
GetSubMenu
SetMenuInfo
DrawMenuBar
SetMenu
InsertMenuW
AppendMenuW
GetMenuItemInfoW
GetMenuItemCount
DestroyMenu
GetMenuInfo
LoadMenuW
GetSystemMenu
CreatePopupMenu
CreateMenu
GetIconInfo
CallWindowProcW
GetPropA
SetPropA
ScreenToClient
GetCursorPos
ShowWindow
SetRect
MoveWindow
ClientToScreen
FillRect
GetWindowDC
DefWindowProcW
OffsetRect
ReleaseDC
DrawTextA
GetDC
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetParent
GetWindowLongW
SendMessageW
DestroyCursor
SetCursor
GetClientRect
SetCapture
ReleaseCapture
LoadCursorW
DestroyIcon
DestroyAcceleratorTable
GetSysColor
IsWindowVisible
IsWindowEnabled
EnableWindow
GetNextDlgTabItem
GetWindowRect
SetWindowPos
GetProcessWindowStation
GetUserObjectInformationW

shell32

SHGetSpecialFolderPathA
ShellExecuteA
DragQueryFileW
DragFinish
Shell_NotifyIconW
DragAcceptFiles
CommandLineToArgvW

ole32

OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
StringFromGUID2
CLSIDFromProgID
CoCreateInstance
OleRun
StgCreateDocfile
CLSIDFromString
GetHGlobalFromStream

shlwapi

PathFindExtensionA
PathAddBackslashW
PathFindFileNameA
PathFileExistsA
StrTrimW
StrToIntExW
wvnsprintfW
PathFindFileNameW
PathRemoveFileSpecW
StrToIntW

ws2_32

bind
getpeername
getsockname
closesocket
inet_ntoa
socket
inet_addr
htons
WSAStartup
connect
send
listen
recv
accept
sendto
recvfrom
ntohs

oleaut32

SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
VarR8FromCy
VarR8FromBool
VariantChangeType
SafeArrayGetElemsize
LHashValOfNameSys
RegisterTypeLi
VariantCopy
SafeArrayDestroy
SysFreeString
VariantClear
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
SysAllocString
VariantInit
VariantTimeToSystemTime
SystemTimeToVariantTime
LoadTypeLi

gdi32

GetClipBox
SetViewportOrgEx
SetWindowExtEx
ScaleViewportExtEx
SetMapMode
RestoreDC
SaveDC
CreateBitmap
StretchBlt
SetStretchBltMode
GetStretchBltMode
CreateDIBSection
CreateCompatibleDC
BitBlt
CreateRoundRectRgn
CreatePatternBrush
CreateSolidBrush
GetStockObject
OffsetViewportOrgEx
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
GetDIBits
CreateDIBitmap
CreateEllipticRgn
CreateFontIndirectW
SetViewportExtEx
GetObjectW
SetBkColor
SetTextColor
DeleteDC
SelectObject
ScaleWindowExtEx
SetBkMode
DeleteObject

gdiplus

GdipGetPenDashOffset
GdipSetPenDashOffset
GdipGetPenDashCount
GdipGetPenDashArray
GdipSetPenDashArray
GdipSetPenCompoundArray
GdipGetPenCompoundCount
GdipGetPenCompoundArray
GdipGetPenDashStyle
GdipSetPenDashStyle
GdipGetPenFillType
GdipGetPenBrushFill
GdipSetPenBrushFill
GdipSetPenColor
GdipGetPenColor
GdipScalePenTransform
GdipTranslatePenTransform
GdipRotatePenTransform
GdipMultiplyPenTransform
GdipResetPenTransform
GdipGetPenTransform
GdipSetPenTransform
GdipGetPenMode
GdipSetPenMode
GdipGetPenMiterLimit
GdipSetPenMiterLimit
GdipGetPenCustomEndCap
GdipSetPenCustomEndCap
GdipGetPenCustomStartCap
GdipSetPenCustomStartCap
GdipGetPenLineJoin
GdipSetPenLineJoin
GdipGetPenDashCap197819
GdipGetPenEndCap
GdipGetPenStartCap
GdipSetPenDashCap197819
GdipSetPenEndCap
GdipSetPenStartCap
GdipSetPenLineCap197819
GdipSetPenUnit
GdipGetPenUnit
GdipSetPenWidth
GdipGetPenWidth
GdipClonePen
GdipCreatePen2
GdipCreatePen1
GdipGetLineSpacing
GdipGetCellDescent
GdipGetCellAscent
GdipGetEmHeight
GdipIsStyleAvailable
GdipGetFamilyName
GdipGetGenericFontFamilyMonospace
GdipGetGenericFontFamilySerif
GdipGetGenericFontFamilySansSerif
GdipCreateFontFamilyFromName
GdipCloneFontFamily
GdipGetFontCollectionFamilyList
GdipGetFontCollectionFamilyCount
GdipPrivateAddMemoryFont
GdipPrivateAddFontFile
GdipNewPrivateFontCollection
GdipNewInstalledFontCollection
GdipDeletePen
GdipGetSolidFillColor
GdipSetSolidFillColor
GdipGetBrushType
GdipCreateTexture
GdipFillRectangle
GdipCloneBrush
GdipGetStringFormatMeasurableCharacterRangeCount
GdipSetStringFormatMeasurableCharacterRanges
GdipGetStringFormatDigitSubstitution
GdipSetStringFormatDigitSubstitution
GdipGetStringFormatTabStops
GdipGetStringFormatTabStopCount
GdipSetStringFormatTabStops
GdipGetStringFormatHotkeyPrefix
GdipSetStringFormatHotkeyPrefix
GdipGetStringFormatTrimming
GdipSetStringFormatTrimming
GdipGetStringFormatLineAlign
GdipSetStringFormatLineAlign
GdipGetStringFormatAlign
GdipSetStringFormatAlign
GdipGetStringFormatFlags
GdipSetStringFormatFlags
GdipCloneStringFormat
GdipStringFormatGetGenericTypographic
GdipStringFormatGetGenericDefault
GdipCreateStringFormat
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipCreateSolidFill
GdipBitmapSetResolution
GdipCloneBitmapArea
GdipCreateBitmapFromResource
GdipCreateBitmapFromHICON
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromGdiDib
GdipCreateBitmapFromGraphics
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipIsMatrixEqual
GdipIsMatrixIdentity
GdipIsMatrixInvertible
GdipVectorTransformMatrixPoints
GdipTransformMatrixPoints
GdipShearMatrix
GdipScaleMatrix
GdipInvertMatrix
GdipRotateMatrix
GdipTranslateMatrix
GdipMultiplyMatrix
GdipGetMatrixElements
GdipSetMatrixElements
GdipCloneMatrix
GdipCreateMatrix3
GdipCreateMatrix2
GdipCreateMatrix
GdipGetRegionScans
GdipGetRegionScansCount
GdipIsVisibleRegionRect
GdipIsVisibleRegionPoint
GdipIsEqualRegion
GdipIsInfiniteRegion
GdipIsEmptyRegion
GdipGetRegionHRgn
GdipGetRegionData
GdipGetRegionDataSize
GdipGetRegionBounds
GdipTransformRegion
GdipTranslateRegion
GdipCombineRegionPath
GdipCombineRegionRegion
GdipCombineRegionRect
GdipSetEmpty
GdipSetInfinite
GdipCloneRegion
GdipCreateRegionRgnData
GdipCreateRegionPath
GdipCreateRegionHrgn
GdipCreateRegionRect
GdipIsOutlineVisiblePathPoint
GdipIsVisiblePathPoint
GdipWarpPath
GdipWindingModeOutline
GdipWidenPath
GdipFlattenPath
GdipGetPathWorldBounds
GdipTransformPath
GdipAddPathString
GdipAddPathPath
GdipAddPathPolygon
GdipAddPathPie
GdipAddPathEllipse
GdipAddPathArcI
GdipAddPathLineI
GdipAddPathRectangle
GdipAddPathClosedCurve2
GdipAddPathClosedCurve
GdipAddPathCurve2
GdipAddPathCurve
GdipAddPathBezier
GdipAddPathLine
GdipGetPathLastPoint
GdipReversePath
GdipClearPathMarkers
GdipSetPathMarker
GdipClosePathFigures
GdipClosePathFigure
GdipStartPathFigure
GdipGetPathData
GdipGetPointCount
GdipSetPathFillMode
GdipGetPathFillMode
GdipResetPath
GdipClonePath
GdipCreatePath2
GdipCreatePath
GdipGetImageGraphicsContext
GdipCreateFromHWND
GdipGetFontHeightGivenDPI
GdipGetFontHeight
GdipGetFontUnit
GdipGetFontSize
GdipGetFontStyle
GdipGetFamily
GdipGetLogFontA
GdipGetLogFontW
GdipCloneFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDeleteFontFamily
GdipDeletePrivateFontCollection
GdipCreateFontFromLogfontW
GdipCreateFont
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipDeleteStringFormat
GdipCreateHICONFromBitmap
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipGetImageThumbnail
GdipGetImageVerticalResolution
GdipGetImageHorizontalResolution
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageBounds
GdipGetImageDimension
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipGetImagePixelFormat
GdipGetImageRawFormat
GdipCloneImage
GdipLoadImageFromStream
GdipLoadImageFromFile
GdipEndContainer
GdipBeginContainer2
GdipBeginContainer
GdipRestoreGraphics
GdipSaveGraphics
GdipIsVisibleRect
GdipIsVisiblePoint
GdipIsVisibleClipEmpty
GdipIsClipEmpty
GdipGetVisibleClipBounds
GdipGetClipBounds
GdipGetClip
GdipTranslateClip
GdipResetClip
GdipSetClipHrgn
GdipSetClipRegion
GdipSetClipRect
GdipSetClipPath
GdipSetClipGraphics
GdipDrawImagePointsRect
GdipDrawImagePointRect
GdipDrawImagePoints
GdipDrawImageRect
GdipDrawImageRectRect
GdipDrawImage
GdipDrawDriverString
GdipMeasureCharacterRanges
GdipCreateRegion
GdipMeasureString
GdipDrawString
GdipFillRegion
GdipFillClosedCurve2
GdipDeleteBrush
GdipDisposeImageAttributes
GdipDeleteGraphics
GdipDisposeImage
GdipDeleteFont
GdipDeletePath
GdipDeleteRegion
GdipCreateImageAttributes
GdipCloneImageAttributes
GdipSetImageAttributesToIdentity
GdipResetImageAttributes
GdipSetImageAttributesThreshold
GdipSetImageAttributesNoOp
GdipSetImageAttributesGamma
GdipSetImageAttributesColorKeys
GdipSetImageAttributesOutputChannel
GdipSetImageAttributesOutputChannelColorProfile
GdipSetImageAttributesRemapTable
GdipSetImageAttributesWrapMode
GdipGetImageAttributesAdjustedPalette
GdipSetImageAttributesColorMatrix
GdipCreateHBITMAPFromBitmap
GdipCreateFromHDC
GdipFlush
GdipFillClosedCurve
GdipFillPath
GdipFillPie
GdipFillEllipse
GdipFillPolygon
GdipGraphicsClear
GdipDrawClosedCurve2
GdipDrawClosedCurve
GdipDrawCurve2
GdipDrawCurve
GdipDrawPath
GdipDrawPolygon
GdipDrawPie
GdipDrawEllipse
GdipDrawRectangle
GdipDrawBezier
GdipDrawArc
GdipDrawLine
GdipGetNearestColor
GdipTransformPointsI
GdipTransformPoints
GdipGetDpiY
GdipGetDpiX
GdipGetPageScale
GdipSetPageScale
GdipGetPageUnit
GdipSetPageUnit
GdipRotateWorldTransform
GdipScaleWorldTransform
GdipTranslateWorldTransform
GdipResetWorldTransform
GdipDeleteMatrix
GdipGetWorldTransform
GdipSetWorldTransform
GdipGetPixelOffsetMode
GdipSetPixelOffsetMode
GdipGetSmoothingMode
GdipSetSmoothingMode
GdipGetInterpolationMode
GdipSetInterpolationMode
GdipGetTextRenderingHint
GdipSetTextRenderingHint
GdipReleaseDC
GdipGetDC
GdipAddPathArc

wininet

InternetOpenUrlA
HttpQueryInfoA
InternetOpenA

msimg32

AlphaBlend

crypt32

CryptStringToBinaryW

comctl32

ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_BeginDrag
ImageList_DrawEx
ImageList_Draw
ImageList_Write
ImageList_GetImageInfo
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_SetIconSize
ImageList_GetIcon
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_Duplicate
ImageList_Copy
ImageList_AddMasked
ImageList_Add
ImageList_GetIconSize
ImageList_AddIcon
ImageList_LoadImageW
ImageList_Read
ImageList_Create
InitCommonControlsEx
ImageList_Destroy
ImageList_EndDrag
ord17

atl

ord47
ord39
ord42
ord11
ord10

uxtheme

CloseThemeData
DrawThemeBackground
SetWindowTheme
OpenThemeData

comdlg32

ChooseColorW
GetSaveFileNameW
GetOpenFileNameW
ChooseFontW

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

oledlg

ord8

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

Sections

.text
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.IjzIL0
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.test
Size: - Virtual size: 1.4MB

IMAGE_SCN_MEM_EXECUTE

.IjzIL1
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.IjzIL2
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
剪辑版拦截信息/192.168.1.28.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 544KB

UPX1 Size: 304KB - Virtual size: 304KB

.rsrc Size: 6KB - Virtual size: 8KB

Headers

File Characteristics

Sections

.text Size: 508KB - Virtual size: 504KB

.rdata Size: 84KB - Virtual size: 80KB

.data Size: 72KB - Virtual size: 134KB

.rsrc Size: 24KB - Virtual size: 21KB

.reloc Size: 68KB - Virtual size: 67KB

95585fe4f2eee5fb6ec130132bbcb2ac

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

comdlg32

Exports

Exports

Sections

.text Size: 644KB - Virtual size: 642KB

.rdata Size: 100KB - Virtual size: 99KB

.data Size: 96KB - Virtual size: 295KB

.rsrc Size: 12KB - Virtual size: 8KB

.reloc Size: 80KB - Virtual size: 79KB

cb93c75d19b9d01034d67df1b29deb2d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

comdlg32

Exports

Exports

Sections

.text Size: 696KB - Virtual size: 693KB

.rdata Size: 120KB - Virtual size: 117KB

.data Size: 104KB - Virtual size: 337KB

.rsrc Size: 12KB - Virtual size: 9KB

.reloc Size: 84KB - Virtual size: 82KB

7f441486db7538317035591b470cfeb3

Headers

File Characteristics

Imports

kernel32

ole32

user32

shlwapi

oleaut32

Exports

Exports

UPX0
Size: - Virtual size: 544KB

UPX1
Size: 304KB - Virtual size: 304KB

.rsrc
Size: 6KB - Virtual size: 8KB

.text
Size: 508KB - Virtual size: 504KB

.rdata
Size: 84KB - Virtual size: 80KB

.data
Size: 72KB - Virtual size: 134KB

.rsrc
Size: 24KB - Virtual size: 21KB

.reloc
Size: 68KB - Virtual size: 67KB

.text
Size: 644KB - Virtual size: 642KB

.rdata
Size: 100KB - Virtual size: 99KB

.data
Size: 96KB - Virtual size: 295KB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 80KB - Virtual size: 79KB

.text
Size: 696KB - Virtual size: 693KB

.rdata
Size: 120KB - Virtual size: 117KB

.data
Size: 104KB - Virtual size: 337KB

.rsrc
Size: 12KB - Virtual size: 9KB

.reloc
Size: 84KB - Virtual size: 82KB

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 28KB - Virtual size: 91KB

.reloc
Size: 8KB - Virtual size: 6KB

UPX0
Size: - Virtual size: 536KB

UPX1
Size: 304KB - Virtual size: 308KB

.rsrc
Size: 7KB - Virtual size: 8KB

.text
Size: 504KB - Virtual size: 502KB

.rdata
Size: 80KB - Virtual size: 78KB

.data
Size: 72KB - Virtual size: 134KB

.rsrc
Size: 24KB - Virtual size: 22KB

.reloc
Size: 68KB - Virtual size: 67KB

UPX0
Size: - Virtual size: 792KB

UPX1
Size: 349KB - Virtual size: 352KB

.rsrc
Size: 5KB - Virtual size: 8KB

.text
Size: 612KB - Virtual size: 611KB

.rdata
Size: 88KB - Virtual size: 86KB

.data
Size: 96KB - Virtual size: 319KB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 80KB - Virtual size: 79KB

.text
Size: 224KB - Virtual size: 222KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 24KB - Virtual size: 82KB

.reloc
Size: 8KB - Virtual size: 7KB

04:4b:e9:09:7d:bb:16:64
Certificate

51:60:4c:75:69:48:9b:d4
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate