?interfaceMap@CCustomControlSite@@1UAFX_INTERFACEMAP@@B
Overview
overview
3Static
static
39553下载.htm
windows7-x64
19553下载.htm
windows10-2004-x64
1360�...��.url
windows7-x64
1360�...��.url
windows10-2004-x64
1�...��.url
windows7-x64
1�...��.url
windows10-2004-x64
1�...��.url
windows7-x64
1�...��.url
windows10-2004-x64
1�...er.exe
windows7-x64
1�...er.exe
windows10-2004-x64
1�...te.exe
windows7-x64
1�...te.exe
windows10-2004-x64
1�...��.exe
windows7-x64
1�...��.exe
windows10-2004-x64
3Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
9553下载.htm
Resource
win7-20240221-en
windows7-x64
4 signatures
150 seconds
Behavioral task
behavioral2
Sample
9553下载.htm
Resource
win10v2004-20240508-en
windows10-2004-x64
6 signatures
150 seconds
Behavioral task
behavioral3
Sample
360˵.url
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral4
Sample
360˵.url
Resource
win10v2004-20240508-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral5
Sample
.url
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral6
Sample
.url
Resource
win10v2004-20240426-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral7
Sample
⣬ѯǰ.url
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral8
Sample
⣬ѯǰ.url
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral9
Sample
ˢԱ/TbViewer.exe
Resource
win7-20240215-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral10
Sample
ˢԱ/TbViewer.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral11
Sample
ˢԱ/Update.exe
Resource
win7-20231129-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral12
Sample
ˢԱ/Update.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral13
Sample
ˢԱ/ˢԱ.exe
Resource
win7-20240221-en
windows7-x64
4 signatures
150 seconds
Behavioral task
behavioral14
Sample
ˢԱ/ˢԱ.exe
Resource
win10v2004-20240426-en
windows10-2004-x64
5 signatures
150 seconds
General
-
Target
884222ccd467cefbdb0b489950261ced_JaffaCakes118
-
Size
598KB
-
MD5
884222ccd467cefbdb0b489950261ced
-
SHA1
3d7fd1a1777aa20d3e4c317e80d73bec42843b97
-
SHA256
14a23d6d39ce3dfcda04873361f96fd9f849bc35880586dadb88133ae48e8e49
-
SHA512
b20e135fa7239584af6b0a1cb9877ed31020329fb39a9a98f0ba33aa2a4d524bf216aaa66c2a249bffe040358fb1bc7d2ff3b511138507666018c9593c6aad03
-
SSDEEP
12288:tz7bWfnXzHmI3Dvl1qvbTk/FnY8ZKxkdfzK+Tdiojnkt:lv6XDmcWvKnYGKxCVDkt
Score
3/10
Malware Config
Signatures
-
Unsigned PE 3 IoCs
Checks for missing Authenticode signature.
resource unpack002/ˢԱ/TbViewer.exe unpack002/ˢԱ/Update.exe unpack002/ˢԱ/ˢԱ.exe
Files
-
884222ccd467cefbdb0b489950261ced_JaffaCakes118.rar
-
9553下载.htm.html
-
lanjing.zip.zip
-
360˵.url.url
-
.url.url
-
⣬ѯǰ.url.url
-
ˢԱ/TbViewer.exe.exe windows:4 windows x86 arch:x86
bb99b3eaa446c649fd049dd45b514ade
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mfc42
ord5105
ord4468
ord3350
ord975
ord2880
ord4153
ord2383
ord5284
ord4437
ord2446
ord4428
ord796
ord554
ord529
ord402
ord807
ord6000
ord2117
ord4457
ord5255
ord4501
ord2379
ord3472
ord1168
ord6822
ord6857
ord6823
ord6855
ord6832
ord6859
ord6867
ord6847
ord6814
ord6839
ord6846
ord6858
ord6816
ord6815
ord6812
ord6845
ord6856
ord6808
ord6835
ord4589
ord4588
ord4899
ord4370
ord4892
ord6817
ord5076
ord4340
ord4347
ord4889
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4963
ord4960
ord4108
ord6054
ord4078
ord5240
ord2385
ord5281
ord4441
ord3748
ord1725
ord6671
ord6813
ord5861
ord2764
ord6143
ord6805
ord801
ord800
ord541
ord6199
ord3495
ord2818
ord540
ord535
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord4424
ord3738
ord561
ord815
ord4046
ord2145
ord2144
ord6225
ord5231
ord5247
ord2132
ord4601
ord6215
ord986
ord411
ord4159
ord6117
ord2621
ord1134
ord824
ord5435
ord1683
ord1673
ord2628
ord5980
ord2641
ord4122
ord6214
ord6196
ord4298
ord5948
ord3088
ord3875
ord3872
ord3871
ord6198
ord4286
ord5102
ord3137
ord3796
ord5719
ord6092
ord3524
ord4032
ord6095
ord4035
ord2549
ord2433
ord3353
ord3579
ord426
ord726
ord826
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord1775
ord5241
ord5280
ord5261
ord4425
ord3597
ord324
ord641
ord4234
ord2725
ord1825
ord4238
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord338
ord652
ord4823
ord5710
ord860
ord1228
ord6877
ord3337
ord3811
ord6283
ord6282
ord858
ord537
ord941
ord3447
ord3196
ord6449
ord2727
ord6467
ord2730
ord2729
ord4881
ord6597
ord6478
ord6514
ord6800
ord6658
ord6197
ord3797
ord5037
ord5260
ord3005
ord2135
ord4720
ord539
ord6591
ord6807
ord6650
ord4432
ord2884
ord6699
ord2614
ord6876
ord4129
ord6710
ord4203
ord940
ord6883
ord4277
ord4278
ord926
ord6663
ord2391
ord2127
ord3869
ord4246
ord1859
ord976
ord5254
ord674
ord825
ord401
ord4427
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2445
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4436
ord4837
ord3798
ord1665
ord2649
ord5283
ord4353
ord6374
ord5163
ord2382
ord5237
ord4407
ord1776
ord4077
ord6055
ord4152
ord2878
ord2879
ord3403
ord5472
ord5012
ord3351
ord4303
ord4467
ord5104
ord5100
ord3059
ord2390
ord2723
ord2101
ord5101
ord4245
ord1858
ord4283
ord823
ord1576
msvcrt
__CxxFrameHandler
_mbsicmp
_setmbcp
_CxxThrowException
atoi
srand
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
rand
time
_mbscmp
isalnum
_controlfp
kernel32
MultiByteToWideChar
lstrlenA
SetErrorMode
GetModuleHandleA
LocalFree
GetLastError
GetVersionExA
GetProcAddress
VirtualProtect
LoadLibraryA
GetStartupInfoA
InterlockedDecrement
user32
SystemParametersInfoA
KillTimer
SetTimer
PostMessageA
EnableWindow
MessageBoxIndirectW
IsWindow
GetClientRect
AdjustWindowRectEx
GetAsyncKeyState
UpdateWindow
GetKeyState
ole32
CoTaskMemAlloc
oleaut32
SysAllocString
SysAllocStringLen
VariantInit
VariantClear
SysFreeString
wininet
InternetSetOptionA
winmm
mixerGetNumDevs
mixerOpen
mixerGetDevCapsA
mixerGetLineInfoA
mixerGetLineControlsA
mixerSetControlDetails
mixerGetControlDetailsA
mixerClose
Exports
Exports
Sections
.text Size: 28KB - Virtual size: 26KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 20KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
ˢԱ/Update.exe.exe windows:4 windows x86 arch:x86
1c4145de6ad89c1ae9c1d9287f714691
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mfc42
ord860
ord535
ord858
ord4277
ord940
ord939
ord4129
ord2763
ord2614
ord2818
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord4424
ord3738
ord561
ord815
ord2621
ord1134
ord2575
ord6055
ord1776
ord4396
ord5290
ord3402
ord3574
ord809
ord609
ord556
ord567
ord4275
ord4284
ord2915
ord3874
ord5875
ord2971
ord5759
ord6192
ord5756
ord2379
ord4330
ord6189
ord6021
ord6172
ord5873
ord5789
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord2859
ord3089
ord6194
ord1601
ord537
ord2864
ord3706
ord4333
ord5781
ord3698
ord2582
ord4402
ord3370
ord3640
ord693
ord765
ord2302
ord1105
ord6907
ord3998
ord4224
ord3996
ord3301
ord5710
ord668
ord2770
ord356
ord1138
ord1168
ord3092
ord4476
ord665
ord1979
ord6385
ord5186
ord354
ord6197
ord323
ord1640
ord1641
ord5785
ord2405
ord2414
ord640
ord3626
ord3573
ord3571
ord3663
ord823
ord539
ord4710
ord2078
ord6215
ord4234
ord800
ord825
ord324
ord540
ord641
ord4425
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord1816
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord4853
ord4376
ord5265
ord6186
ord1576
msvcrt
??1exception@@UAE@XZ
__CxxFrameHandler
wcslen
fread
fclose
fopen
printf
_mbscmp
memmove
remove
rename
atol
sprintf
_ftol
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_setmbcp
_stricmp
_mbsstr
calloc
sscanf
_CxxThrowException
??0exception@@QAE@ABQBD@Z
_controlfp
??0exception@@QAE@ABV0@@Z
free
malloc
_purecall
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__dllonexit
_acmdln
exit
_onexit
_exit
_XcptFilter
kernel32
TerminateProcess
LoadLibraryA
GetProcAddress
GetCurrentThreadId
CreateFileMappingA
GetLastError
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
OpenProcess
ExitProcess
MultiByteToWideChar
FindResourceA
SizeofResource
LoadResource
LockResource
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
Process32Next
Process32First
CreateToolhelp32Snapshot
GetModuleFileNameA
SetFileAttributesA
GetFileAttributesA
FindClose
FindFirstFileA
CreateDirectoryA
GetCurrentProcess
Sleep
CreateProcessA
lstrlenA
GetModuleHandleA
GetStartupInfoA
CloseHandle
ReadFile
SetFilePointer
CreateFileA
WriteFile
SystemTimeToFileTime
GetCurrentDirectoryA
LocalFileTimeToFileTime
SetFileTime
GetCurrentProcessId
user32
RegisterWindowMessageA
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
wsprintfA
EnableWindow
PostMessageA
GetClientRect
FillRect
KillTimer
PostQuitMessage
SetTimer
MapWindowPoints
GrayStringA
DrawTextA
TabbedTextOutA
PtInRect
GetParent
GetNextDlgGroupItem
InvalidateRect
GetCapture
ReleaseCapture
SendMessageA
EqualRect
CopyRect
GetWindowLongA
gdi32
GetStockObject
CreateRectRgnIndirect
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
BitBlt
advapi32
LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges
shell32
ShellExecuteA
comctl32
_TrackMouseEvent
ole32
CreateStreamOnHGlobal
gdiplus
GdipGetImageHeight
GdipDeleteFont
GdipDeleteStringFormat
GdipDeleteBrush
GdipDrawString
GdipCreateSolidFill
GdipCreateFromHDC
GdipSetStringFormatAlign
GdipCreateStringFormat
GdipDeleteFontFamily
GdipCreateFont
GdipCreateFontFamilyFromName
GdipAlloc
GdipCloneBrush
GdipCreatePen1
GdipDrawRectangleI
GdipGetImageWidth
GdipDrawImagePointRectI
GdipDeletePen
GdipDeleteGraphics
GdipFree
GdipSetStringFormatLineAlign
GdiplusStartup
GdiplusShutdown
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipDisposeImage
GdipCloneImage
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetGenericFontFamilySansSerif
wininet
HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetGetConnectedState
InternetReadFile
winmm
timeGetTime
msvcp60
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PAD0PBD1@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??_7runtime_error@std@@6B@
??1runtime_error@std@@UAE@XZ
??0runtime_error@std@@QAE@ABV01@@Z
?_Split@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXXZ
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?_Freeze@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXXZ
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?_Xlen@std@@YAXXZ
?_Grow@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAE_NI_N@Z
?_Eos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
Sections
.text Size: 92KB - Virtual size: 88KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 24KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
ˢԱ/config.dat
-
ˢԱ/update.txt
-
ˢԱ/ˢԱ.exe.exe windows:4 windows x86 arch:x86
bf73cef5aec8e85b5af922e1e2a9dde1
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mfc42
ord6380
ord2393
ord6392
ord690
ord798
ord5194
ord533
ord5207
ord389
ord3873
ord2379
ord2370
ord5953
ord5875
ord2411
ord2023
ord4218
ord2578
ord4398
ord3582
ord616
ord6640
ord6334
ord2820
ord3631
ord683
ord3226
ord1199
ord3597
ord641
ord384
ord324
ord686
ord4234
ord3571
ord3626
ord2414
ord3996
ord2859
ord2862
ord2097
ord1641
ord1146
ord4710
ord2740
ord4220
ord2584
ord3654
ord2438
ord6270
ord2863
ord1644
ord6907
ord3998
ord2086
ord3573
ord640
ord2405
ord5785
ord1640
ord323
ord1979
ord5442
ord5186
ord1168
ord1768
ord4284
ord755
ord470
ord4202
ord6111
ord6877
ord5148
ord2582
ord4402
ord3370
ord3640
ord693
ord6888
ord6675
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord561
ord4046
ord2145
ord2144
ord6225
ord5231
ord4224
ord2132
ord4601
ord2621
ord4159
ord6117
ord1134
ord824
ord826
ord1816
ord3361
ord2078
ord4476
ord809
ord556
ord4275
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord6172
ord5873
ord5789
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord3089
ord6194
ord2864
ord6358
ord1088
ord2122
ord3706
ord4333
ord5781
ord3721
ord3619
ord795
ord2614
ord3797
ord3742
ord2152
ord1233
ord1570
ord1197
ord1871
ord4243
ord2754
ord3790
ord6453
ord1949
ord4034
ord1576
ord5981
ord6880
ord6199
ord2688
ord2380
ord4299
ord4853
ord6215
ord5280
ord3874
ord6283
ord3097
ord3092
ord2642
ord6197
ord4160
ord1601
ord2302
ord818
ord2135
ord567
ord656
ord609
ord4424
ord4627
ord4080
ord3079
ord3825
ord3831
ord726
ord426
ord2251
ord3579
ord3353
ord2433
ord2549
ord4035
ord6095
ord4032
ord3524
ord6092
ord5719
ord3796
ord3137
ord4283
ord4286
ord6198
ord3871
ord3872
ord3875
ord3088
ord5948
ord4298
ord6196
ord6214
ord4122
ord2641
ord5980
ord3830
ord3402
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1776
ord4078
ord6055
ord4425
ord2124
ord1775
ord6052
ord2514
ord4998
ord4376
ord5265
ord3574
ord4396
ord2575
ord3610
ord3663
ord354
ord665
ord3811
ord2824
ord800
ord356
ord2770
ord668
ord539
ord4277
ord4278
ord5572
ord5710
ord1228
ord6282
ord6663
ord2628
ord1673
ord1683
ord5435
ord2729
ord2730
ord6467
ord2727
ord6449
ord6928
ord6930
ord922
ord2919
ord926
ord5683
ord2764
ord6648
ord2763
ord4129
ord924
ord6403
ord1200
ord3522
ord6402
ord3521
ord1175
ord537
ord823
ord535
ord2818
ord858
ord2817
ord939
ord825
ord540
ord860
ord941
ord2915
ord5247
msvcrt
memchr
mktime
isspace
__CxxFrameHandler
fclose
fwrite
fopen
srand
time
wcslen
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
?terminate@@YAXXZ
_except_handler3
??1type_info@@UAE@XZ
_onexit
__dllonexit
_beginthreadex
fread
sscanf
_strdup
_mbslwr
atof
_mbsstr
free
_splitpath
strncpy
??0exception@@QAE@ABQBD@Z
_access
??8type_info@@QBEHABV0@@Z
tolower
wcsstr
malloc
strpbrk
printf
_endthreadex
_mbsicmp
calloc
_mbsnicmp
_getpid
realloc
_setmbcp
??1exception@@UAE@XZ
_CxxThrowException
??0exception@@QAE@ABV0@@Z
_ftol
wcscpy
wcscat
swprintf
strstr
_mbscmp
sprintf
memmove
_purecall
rand
atoi
atol
strtoul
kernel32
GetStartupInfoA
GetModuleHandleA
SetEvent
ResetEvent
ResumeThread
MulDiv
CreateEventA
GetPrivateProfileIntA
WritePrivateProfileStringA
lstrlenA
WinExec
lstrcpyA
GetWindowsDirectoryA
FreeLibrary
LoadLibraryA
GetProcAddress
GetModuleFileNameW
GetModuleFileNameA
GetCurrentThreadId
CreateFileMappingA
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
GetCurrentProcessId
ExitProcess
SetCurrentDirectoryA
FindResourceA
SizeofResource
LoadResource
LockResource
GlobalFree
DeleteFileA
WriteFile
CreateFileA
GetFileSize
SetFilePointer
CloseHandle
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcatA
FindFirstFileA
FindClose
CreateDirectoryA
GetLocalTime
MultiByteToWideChar
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetSystemInfo
WaitForSingleObject
GetLastError
CreateProcessA
TerminateProcess
OutputDebugStringA
Sleep
VirtualProtect
VirtualFree
VirtualQuery
LCMapStringA
GetStringTypeExA
GetUserDefaultLCID
GetStringTypeExW
LCMapStringW
InterlockedCompareExchange
InterlockedExchange
TerminateThread
FileTimeToSystemTime
ReadFile
GetFileInformationByHandle
SystemTimeToFileTime
GetTickCount
GetCurrentDirectoryA
LocalFileTimeToFileTime
SetFileTime
SetUnhandledExceptionFilter
HeapDestroy
HeapFree
HeapAlloc
GetProcessHeap
IsBadReadPtr
GetVersionExA
Module32Next
Module32First
CreateToolhelp32Snapshot
GetPrivateProfileStringA
user32
AttachThreadInput
GetClientRect
EnableWindow
DestroyWindow
DefWindowProcA
GetDesktopWindow
LoadStringW
PostMessageA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetClipboardData
MessageBoxA
SendMessageA
wvsprintfA
ShowWindow
GetWindowRect
SetForegroundWindow
KillTimer
InvalidateRect
SetTimer
LoadCursorA
GetDC
LoadBitmapA
SetWindowLongA
GetWindowLongA
ModifyMenuA
GetCursorPos
ClientToScreen
GetSubMenu
LoadMenuA
FillRect
LoadIconA
AppendMenuA
GetSystemMenu
DrawIcon
GetSystemMetrics
IsIconic
InflateRect
IsWindowVisible
PostQuitMessage
UnregisterHotKey
RegisterHotKey
SetRect
wsprintfA
SetMenuDefaultItem
TrackPopupMenu
GetMenuItemID
SetCapture
GetMessageA
DispatchMessageA
IsRectEmpty
CopyIcon
ReleaseDC
IsWindow
SetCursor
GetMessagePos
ScreenToClient
GetSysColor
MapWindowPoints
GrayStringA
DrawTextA
TabbedTextOutA
PtInRect
GetParent
GetNextDlgGroupItem
GetCapture
ReleaseCapture
EqualRect
CopyRect
RegisterWindowMessageA
GetForegroundWindow
GetWindowThreadProcessId
LoadStringA
gdi32
Escape
CreateRectRgnIndirect
GetObjectA
CreateFontIndirectA
ExtTextOutA
GetDeviceCaps
DeleteObject
DeleteDC
SelectObject
TextOutA
RectVisible
PtVisible
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
BitBlt
GetTextMetricsA
GetTextExtentPoint32A
GetStockObject
advapi32
RegDeleteValueA
RegSetValueExA
RegQueryValueA
RegCloseKey
RegOpenKeyExA
shell32
SHGetSpecialFolderPathA
ShellExecuteA
Shell_NotifyIconA
comctl32
ImageList_SetBkColor
_TrackMouseEvent
ole32
CoCreateInstance
CoUninitialize
CoInitialize
CreateStreamOnHGlobal
olepro32
ord251
oleaut32
SysFreeString
SysAllocStringLen
SysAllocString
msvcp60
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??0runtime_error@std@@QAE@ABV01@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Ostd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Nstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IID@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
??A?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAGI@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
??Ostd@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
?insert@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IIG@Z
??8std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
?_Doraise@runtime_error@std@@MBEXXZ
?what@runtime_error@std@@UBEPBDXZ
??1logic_error@std@@UAE@XZ
??0bad_exception@std@@QAE@ABV01@@Z
??1bad_exception@std@@UAE@XZ
??_7bad_exception@std@@6B@
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
??8std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??1?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UAE@XZ
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??_7?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@6B@
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??_8?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@7B@
??0ios_base@std@@IAE@XZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IG@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
??A?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEABGI@Z
??_7runtime_error@std@@6B@
??0runtime_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??1runtime_error@std@@UAE@XZ
??Mstd@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBG0@Z
?end@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEPAGXZ
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?replace@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PAG0PBG1@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADXZ
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PAD0PBD1@Z
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Xlen@std@@YAXXZ
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?_Xran@std@@YAXXZ
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?compare@?$char_traits@D@std@@SAHPBD0I@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?_Eos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
?_Grow@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAE_NI_N@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
?_Freeze@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXXZ
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
?_Split@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXXZ
?what@logic_error@std@@UBEPBDXZ
??0logic_error@std@@QAE@ABV01@@Z
??0logic_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??_7logic_error@std@@6B@
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBDI@Z
gdiplus
GdiplusStartup
GdiplusShutdown
GdipDrawRectangleI
GdipDrawImageRectRect
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipFillRectangle
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipCloneImage
GdipLoadImageFromFile
GdipGetImageWidth
GdipGetImageHeight
GdipDrawImagePointRectI
GdipDisposeImage
GdipGetGenericFontFamilySansSerif
GdipCreateFontFamilyFromName
GdipDrawLineI
GdipFree
GdipCloneBrush
GdipAlloc
GdipCreateFromHDC
GdipCreatePen1
GdipCreateFont
GdipDeleteFontFamily
GdipCreateStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipCreateSolidFill
GdipDrawString
GdipDeleteBrush
GdipDeleteStringFormat
GdipDeleteFont
GdipDeletePen
GdipDeleteGraphics
GdipDrawImageI
GdipCreateTexture
wininet
InternetCloseHandle
InternetSetOptionA
InternetOpenA
InternetReadFile
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetSetCookieA
HttpAddRequestHeadersA
HttpEndRequestA
InternetOpenUrlA
InternetGetCookieA
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
Exports
Exports
?interfaceMap@CCustomControlSite@@1UAFX_INTERFACEMAP@@B
Sections
.text Size: 652KB - Virtual size: 650KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 96KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 48KB - Virtual size: 45KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 256KB - Virtual size: 252KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ