afed8a79c193df935c72325239481ba1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

afed8a79c193df935c72325239481ba1_JaffaCakes118
Size

6.2MB
MD5

afed8a79c193df935c72325239481ba1
SHA1

218e4145d9b9ff2cf1a82516f4a580e0b7612d4e
SHA256

39824c8b77a7de33da2bfe4f862f47edfd35e525fa04d3fa5862e6c4f743fdd8
SHA512

c1970d278c3cd8287ec70bbb84b5034c7c753fa46c350853cdef1cf034b4d6a399516dd81ee774e613880bcf122552b4edc2567173de406bbd8f642125515080
SSDEEP

196608:B5nWeXZdq9loMewCAXqJW6yzqMbmPLBU/Ctt2l45NC0Ttnk0:B5nWeXZo9loMewCAXqJWb2MbmPLBU/kn

Score

7^/10

upx vmprotect

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 8 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/jdyou_bbx/bbx/bin/BException.dll	acprotect
static1/unpack001/jdyou_bbx/bbx/bin/helper.dll	acprotect
static1/unpack001/jdyou_bbx/bbx/bin/plugin/BkgndColor.dll	acprotect
static1/unpack001/jdyou_bbx/bbx/bin/plugin/Console.dll	acprotect
static1/unpack001/jdyou_bbx/bbx/bin/plugin/File.dll	acprotect
static1/unpack001/jdyou_bbx/bbx/bin/plugin/GetSysInfo.dll	acprotect
static1/unpack001/jdyou_bbx/bbx/bin/plugin/Memory.dll	acprotect
static1/unpack001/jdyou_bbx/bbx/bin/plugin/Window.dll	acprotect

UPX packed file 16 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/jdyou_bbx/bbx/bbxtools/guanji/guanji.dat	upx
static1/unpack001/jdyou_bbx/bbx/bbxtools/jianpan/jianpan.dat	upx
static1/unpack001/jdyou_bbx/bbx/bbxtools/naozhong/naozhong.dat	upx
static1/unpack001/jdyou_bbx/bbx/bbxtools/shubiao/shubiao.dat	upx
static1/unpack001/jdyou_bbx/bbx/bbxtools/webtool/WebGame.exe	upx
static1/unpack001/jdyou_bbx/bbx/bbxtools/zhuomian/zhuomian.dat	upx
static1/unpack001/jdyou_bbx/bbx/bin/BException.dll	upx
static1/unpack001/jdyou_bbx/bbx/bin/helper.dll	upx
static1/unpack001/jdyou_bbx/bbx/bin/login_web.dat	upx
static1/unpack001/jdyou_bbx/bbx/bin/plugin/BkgndColor.dll	upx
static1/unpack001/jdyou_bbx/bbx/bin/plugin/Console.dll	upx
static1/unpack001/jdyou_bbx/bbx/bin/plugin/File.dll	upx
static1/unpack001/jdyou_bbx/bbx/bin/plugin/GetSysInfo.dll	upx
static1/unpack001/jdyou_bbx/bbx/bin/plugin/Memory.dll	upx
static1/unpack001/jdyou_bbx/bbx/bin/plugin/Window.dll	upx
static1/unpack001/jdyou_bbx/bbx/简单百宝箱.exe	upx

VMProtect packed file 2 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
static1/unpack001/jdyou_bbx/bbx/bbxtools/jianpan/tckpts.sys	vmprotect
static1/unpack001/jdyou_bbx/bbx/bbxtools/shubiao/tckpts.sys	vmprotect

Unsigned PE 41 IoCs

Checks for missing Authenticode signature.

resource
unpack001/jdyou_bbx/bbx/bbxtools/guanji/guanji.dat
unpack002/out.upx
unpack001/jdyou_bbx/bbx/bbxtools/jianpan/bbxinput.dll
unpack001/jdyou_bbx/bbx/bbxtools/jianpan/jianpan.dat
unpack003/out.upx
unpack001/jdyou_bbx/bbx/bbxtools/jianpan/tckpts.sys
unpack001/jdyou_bbx/bbx/bbxtools/naozhong/naozhong.dat
unpack004/out.upx
unpack001/jdyou_bbx/bbx/bbxtools/shubiao/bbxinput.dll
unpack001/jdyou_bbx/bbx/bbxtools/shubiao/shubiao.dat
unpack005/out.upx
unpack001/jdyou_bbx/bbx/bbxtools/shubiao/tckpts.sys
unpack001/jdyou_bbx/bbx/bbxtools/webtool/WebGame.exe
unpack006/out.upx
unpack001/jdyou_bbx/bbx/bbxtools/zhuomian/zhuomian.dat
unpack007/out.upx
unpack001/jdyou_bbx/bbx/bbxtools/zhuomian/zhuomian.dll
unpack001/jdyou_bbx/bbx/bin/BException.dll
unpack008/out.upx
unpack001/jdyou_bbx/bbx/bin/MSSCRIPT.OCX
unpack001/jdyou_bbx/bbx/bin/Play.exe
unpack001/jdyou_bbx/bbx/bin/QMDispatch.dll
unpack001/jdyou_bbx/bbx/bin/avp.exe
unpack001/jdyou_bbx/bbx/bin/cfgdll.dll
unpack001/jdyou_bbx/bbx/bin/cooper.dll
unpack001/jdyou_bbx/bbx/bin/gwlkyj.dll
unpack001/jdyou_bbx/bbx/bin/helper.dll
unpack009/out.upx
unpack001/jdyou_bbx/bbx/bin/hknm.sys
unpack001/jdyou_bbx/bbx/bin/login_web.dat
unpack001/jdyou_bbx/bbx/bin/plugin/BkgndColor.dll
unpack001/jdyou_bbx/bbx/bin/plugin/Console.dll
unpack001/jdyou_bbx/bbx/bin/plugin/File.dll
unpack001/jdyou_bbx/bbx/bin/plugin/GetSysInfo.dll
unpack001/jdyou_bbx/bbx/bin/plugin/Memory.dll
unpack001/jdyou_bbx/bbx/bin/plugin/Window.dll
unpack001/jdyou_bbx/bbx/bin/recomp.dll
unpack001/jdyou_bbx/bbx/bin/reporter.exe
unpack001/jdyou_bbx/bbx/bin/zmrn.dll
unpack001/jdyou_bbx/bbx/简单游.exe
unpack001/jdyou_bbx/bbx/简单百宝箱.exe

Files

afed8a79c193df935c72325239481ba1_JaffaCakes118
.rar
jdyou_bbx/bbx/bbx.ini
jdyou_bbx/bbx/bbxtools/GameSelect.html
.html
jdyou_bbx/bbx/bbxtools/guanji/guanji.dat
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 564KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 580KB - Virtual size: 577KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/bbxtools/jianpan/bbxinput.dll
.dll windows:4 windows x86 arch:x86

97a73544ea0446cdb0035137af6f0d1a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
SetLastError
HeapFree
ReadFile
HeapAlloc
GetProcessHeap
GetFileInformationByHandle
GetSystemDirectoryA
UnmapViewOfFile
MapViewOfFile
GetModuleHandleA
Sleep
OutputDebugStringA
GetVersion
VirtualAlloc
CreateFileA
GetLastError
GetCurrentProcessId
DeviceIoControl
FreeLibrary
LoadLibraryA
CreateFileMappingA
GetProcAddress
RtlUnwind
GetCommandLineA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
FlushFileBuffers
SetFilePointer
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle

user32

MapVirtualKeyA
SystemParametersInfoA
GetSystemMetrics
SendInput
keybd_event

gdi32

GetPixel

advapi32

DeleteService
OpenServiceA
StartServiceA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
ControlService

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/bbxtools/jianpan/jianpan.dat
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 580KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 109KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 604KB - Virtual size: 601KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/bbxtools/jianpan/tckpts.sys
.dll windows:4 windows x86 arch:x86

387f999872a562b115e05bff360201eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntoskrnl.exe

PsGetCurrentProcessId
KeAttachProcess
KeServiceDescriptorTable
MmIsAddressValid
KeAddSystemServiceTable
_except_handler3
PsGetVersion
IoDeleteDevice
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
IofCompleteRequest
ExFreePool
ZwDeviceIoControlFile
NtDeviceIoControlFile
ExAllocatePoolWithTag
NtOpenProcess
MmFreeNonCachedMemory
Ke386SetIoAccessMap
Ke386IoSetAccessProcess
IoGetCurrentProcess
MmAllocateNonCachedMemory
IoDeleteSymbolicLink
ZwClose
ZwMapViewOfSection
ZwOpenSection
ZwUnmapViewOfSection
ZwQuerySystemInformation
ObfDereferenceObject
ObReferenceObjectByName
IoDriverObjectType
PsLookupThreadByThreadId
MmGetPhysicalAddress
ObReferenceObjectByHandle

hal

HalTranslateBusAddress

Exports

Exports

_NtGdiGetPixel_Vir@12

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 82B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/bbxtools/naozhong/naozhong.dat
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 680KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 132KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 696KB - Virtual size: 694KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/bbxtools/shubiao/bbxinput.dll
.dll windows:4 windows x86 arch:x86

17c261cd8aa1ce8aeff0f9d5c09e429e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
SetLastError
HeapFree
ReadFile
HeapAlloc
GetProcessHeap
GetFileInformationByHandle
GetSystemDirectoryA
UnmapViewOfFile
MapViewOfFile
GetModuleHandleA
Sleep
OutputDebugStringA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetVersion
VirtualAlloc
CreateFileA
GetLastError
GetCurrentProcessId
DeviceIoControl
FreeLibrary
LoadLibraryA
CreateFileMappingA
GetProcAddress
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
FlushFileBuffers
SetFilePointer
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle

user32

MapVirtualKeyA
SystemParametersInfoA
GetSystemMetrics
SendInput
keybd_event

gdi32

GetPixel

advapi32

DeleteService
OpenServiceA
StartServiceA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
ControlService

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/bbxtools/shubiao/shubiao.dat
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 464KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 106KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 488KB - Virtual size: 487KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/bbxtools/shubiao/tckpts.sys
.dll windows:4 windows x86 arch:x86

387f999872a562b115e05bff360201eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntoskrnl.exe

PsGetCurrentProcessId
KeAttachProcess
KeServiceDescriptorTable
MmIsAddressValid
KeAddSystemServiceTable
_except_handler3
PsGetVersion
IoDeleteDevice
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
IofCompleteRequest
ExFreePool
ZwDeviceIoControlFile
NtDeviceIoControlFile
ExAllocatePoolWithTag
NtOpenProcess
MmFreeNonCachedMemory
Ke386SetIoAccessMap
Ke386IoSetAccessProcess
IoGetCurrentProcess
MmAllocateNonCachedMemory
IoDeleteSymbolicLink
ZwClose
ZwMapViewOfSection
ZwOpenSection
ZwUnmapViewOfSection
ZwQuerySystemInformation
ObfDereferenceObject
ObReferenceObjectByName
IoDriverObjectType
PsLookupThreadByThreadId
MmGetPhysicalAddress
ObReferenceObjectByHandle

hal

HalTranslateBusAddress

Exports

Exports

_NtGdiGetPixel_Vir@12

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 82B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/bbxtools/skin/bbxskin/Tools_Default_Click.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/Tools_Default_Hover.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/Tools_Default_Normal.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/anjianjl.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/anjianjl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/biansujl.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/biansujl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/guanji.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/guanji_on.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/huoxingwensrf.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/huoxingwensrf_on.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/jdyou.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/jdyou_on.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/jianpan.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/jianpan_on.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/jinchenggl.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/jinchenggl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/naozhong.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/naozhong_on.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/neicunyh.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/neicunyh_on.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/shubiao.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/shubiao_on.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/skin.ini
jdyou_bbx/bbx/bbxtools/skin/bbxskin/theworld.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/theworld_on.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/weishi.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/weishi_on.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/zhuomian.bmp
jdyou_bbx/bbx/bbxtools/skin/bbxskin/zhuomian_on.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/Tools_Default_Click.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/Tools_Default_Hover.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/Tools_Default_Normal.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/anjianjl.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/anjianjl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/bbxbanner.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/biansujl.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/biansujl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/dnf-chuangkoutjq.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/dnf-chuangkoutjq_on.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/guanji.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/guanji_on.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/huoxingwensrf.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/huoxingwensrf_on.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/jdyou.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/jdyou_on.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/jianpan.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/jianpan_on.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/jinchenggl.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/jinchenggl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/naozhong.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/naozhong_on.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/neicunyh.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/neicunyh_on.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/shubiao.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/shubiao_on.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/skin.ini
jdyou_bbx/bbx/bbxtools/skin/dnf/theworld.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/theworld_on.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/weishi.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/weishi_on.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/zhuomian.bmp
jdyou_bbx/bbx/bbxtools/skin/dnf/zhuomian_on.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/Tools_Default_Click.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/Tools_Default_Hover.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/Tools_Default_Normal.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/anjianjl.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/anjianjl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/bbxbanner.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/biansujl.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/biansujl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/guanji.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/guanji_on.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/huoxingwensrf.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/huoxingwensrf_on.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/jdyou.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/jdyou_on.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/jianpan.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/jianpan_on.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/jinchenggl.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/jinchenggl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/moyu-huanshouczjsq.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/moyu-huanshouczjsq_on.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/naozhong.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/naozhong_on.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/neicunyh.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/neicunyh_on.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/shubiao.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/shubiao_on.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/skin.ini
jdyou_bbx/bbx/bbxtools/skin/moyu/theworld.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/theworld_on.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/weishi.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/weishi_on.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/zhuomian.bmp
jdyou_bbx/bbx/bbxtools/skin/moyu/zhuomian_on.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/Tools_Default_Click.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/Tools_Default_Hover.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/Tools_Default_Normal.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/anjianjl.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/anjianjl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/bbxbanner.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/biansujl.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/biansujl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/guanji.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/guanji_on.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/huoxingwensrf.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/huoxingwensrf_on.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/jdyou.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/jdyou_on.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/jianpan.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/jianpan_on.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/jinchenggl.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/jinchenggl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/naozhong.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/naozhong_on.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/neicunyh.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/neicunyh_on.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/qqhx-jinengmnq.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/qqhx-jinengmnq_on.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/shubiao.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/shubiao_on.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/skin.ini
jdyou_bbx/bbx/bbxtools/skin/qqhx/theworld.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/theworld_on.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/weishi.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/weishi_on.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/zhuomian.bmp
jdyou_bbx/bbx/bbxtools/skin/qqhx/zhuomian_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/Tools_Default_Click.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/Tools_Default_Hover.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/Tools_Default_Normal.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/anjianjl.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/anjianjl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/bbxbanner.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/biansujl.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/biansujl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/guanji.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/guanji_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/huoxingwensrf.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/huoxingwensrf_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/jdyou.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/jdyou_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/jianpan.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/jianpan_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/jinchenggl.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/jinchenggl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/naozhong.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/naozhong_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/neicunyh.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/neicunyh_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/shubiao.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/shubiao_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/skin.ini
jdyou_bbx/bbx/bbxtools/skin/tl/theworld.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/theworld_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/tl-jdtao.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/tl-jdtao_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/tl-juesemnq.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/tl-juesemnq_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/tl-kejudtq.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/tl-kejudtq_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/tl-zhenshouczcxq.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/tl-zhenshouczcxq_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/weishi.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/weishi_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/zhuomian.bmp
jdyou_bbx/bbx/bbxtools/skin/tl/zhuomian_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/Tools_Default_Click.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/Tools_Default_Hover.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/Tools_Default_Normal.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/anjianjl.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/anjianjl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/bbxbanner.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/biansujl.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/biansujl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/guanji.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/guanji_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/huoxingwensrf.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/huoxingwensrf_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/jdyou.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/jdyou_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/jianpan.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/jianpan_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/jinchenggl.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/jinchenggl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/naozhong.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/naozhong_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/neicunyh.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/neicunyh_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/shubiao.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/shubiao_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/skin.ini
jdyou_bbx/bbx/bbxtools/skin/tx2/theworld.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/theworld_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/tx2-fubendiaoluocxq.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/tx2-fubendiaoluocxq_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/tx2-jingyanjsq.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/tx2-jingyanjsq_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/tx2-npczuobiaocxq.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/tx2-npczuobiaocxq_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/tx2-zonghecxq.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/tx2-zonghecxq_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/weishi.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/weishi_on.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/zhuomian.bmp
jdyou_bbx/bbx/bbxtools/skin/tx2/zhuomian_on.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/ChKenPlayer.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/ChKenPlayer_on.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/Tools_Default_Click.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/Tools_Default_Hover.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/Tools_Default_Normal.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/anjianjl.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/anjianjl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/bbxbanner.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/biansujl.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/biansujl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/guanji.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/guanji_on.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/huoxingwensrf.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/huoxingwensrf_on.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/jdyou.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/jdyou_on.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/jianpan.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/jianpan_on.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/jinchenggl.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/jinchenggl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/naozhong.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/naozhong_on.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/neicunyh.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/neicunyh_on.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/shubiao.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/shubiao_on.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/skin.ini
jdyou_bbx/bbx/bbxtools/skin/wow/teamspeak.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/teamspeak_on.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/theworld.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/theworld_on.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/weishi.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/weishi_on.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/wow-bigfoot.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/wow-bigfoot_on.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/wow-ditucxq.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/wow-ditucxq_on.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/wow-fishing.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/wow-fishing_on.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/wow-jingjichangzbcxq.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/wow-jingjichangzbcxq_on.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/wow-tianfumnq.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/wow-tianfumnq_on.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/wow-yingxiongbang.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/wow-yingxiongbang_on.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/zhuomian.bmp
jdyou_bbx/bbx/bbxtools/skin/wow/zhuomian_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/Tools_Default_Click.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/Tools_Default_Hover.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/Tools_Default_Normal.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/anjianjl.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/anjianjl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/bbxbanner.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/biansujl.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/biansujl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/guanji.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/guanji_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/huoxingwensrf.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/huoxingwensrf_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/jdyou.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/jdyou_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/jianpan.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/jianpan_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/jinchenggl.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/jinchenggl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/naozhong.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/naozhong_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/neicunyh.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/neicunyh_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/shubiao.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/shubiao_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/skin.ini
jdyou_bbx/bbx/bbxtools/skin/xy/theworld.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/theworld_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/weishi.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/weishi_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/xy-baobaotz.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/xy-baobaotz_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/xy-fabaozh.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/xy-fabaozh_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/xy-fashuhl.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/xy-fashuhl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/xy-juesesx.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/xy-juesesx_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/xy-neidanxg.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/xy-neidanxg_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/xy-wujiacx.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/xy-wujiacx_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/xy-zhaohuanshousjgs.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/xy-zhaohuanshousjgs_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/xy-zuoqisx.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/xy-zuoqisx_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/zhuomian.bmp
jdyou_bbx/bbx/bbxtools/skin/xy/zhuomian_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/Tools_Default_Click.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/Tools_Default_Hover.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/Tools_Default_Normal.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/anjianjl.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/anjianjl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/bbxbanner.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/biansujl.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/biansujl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/guanji.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/guanji_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/huoxingwensrf.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/huoxingwensrf_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/jdyou.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/jdyou_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/jianpan.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/jianpan_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/jinchenggl.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/jinchenggl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/naozhong.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/naozhong_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/neicunyh.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/neicunyh_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/shubiao.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/shubiao_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/skin.ini
jdyou_bbx/bbx/bbxtools/skin/xyq/theworld.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/theworld_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/weishi.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/weishi_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/xyq-jixianjl.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/xyq-jixianjl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/xyq-shiyonggjx.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/xyq-shiyonggjx_on.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/zhuomian.bmp
jdyou_bbx/bbx/bbxtools/skin/xyq/zhuomian_on.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/Tools_Default_Click.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/Tools_Default_Hover.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/Tools_Default_Normal.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/anjianjl.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/anjianjl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/bbxbanner.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/biansujl.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/biansujl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/guanji.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/guanji_on.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/huoxingwensrf.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/huoxingwensrf_on.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/jdyou.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/jdyou_on.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/jianpan.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/jianpan_on.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/jinchenggl.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/jinchenggl_on.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/naozhong.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/naozhong_on.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/neicunyh.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/neicunyh_on.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/shubiao.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/shubiao_on.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/skin.ini
jdyou_bbx/bbx/bbxtools/skin/zt/theworld.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/theworld_on.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/weishi.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/weishi_on.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/zhuomian.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/zhuomian_on.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/zt-shuxingjdq.bmp
jdyou_bbx/bbx/bbxtools/skin/zt/zt-shuxingjdq_on.bmp
jdyou_bbx/bbx/bbxtools/webtool/WebGame.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/bbxtools/zhuomian/zhuomian.dat
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 908KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 207KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1020KB - Virtual size: 1018KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/bbxtools/zhuomian/zhuomian.dll
.dll windows:4 windows x86 arch:x86

33f29f172531c7c4a4d857ee09563508

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SendMessageA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx

kernel32

GetEnvironmentStrings
RtlUnwind
GetStringTypeW
GetStringTypeA
LCMapStringW
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA

Exports

Exports

SetMainHwnd
SetMouseHook
SetMouseKeyValue

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/bin/BException.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

SetExceptionReport
SetSoftwareName

Sections

UPX0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/bin/COMCTL32.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

c8cebbf034d8c6304701e5ec3fae70a4

Code Sign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

comctl32

ImageList_SetOverlayImage
ImageList_DrawEx
ImageList_GetIconSize
ImageList_SetBkColor
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Add
ImageList_AddMasked
ord16
ord17
ImageList_Draw
ImageList_Create
ImageList_Destroy
ImageList_Remove

kernel32

lstrcmpA
GetProcAddress
GlobalSize
CloseHandle
GetFileSize
ReadFile
lstrcmpiA
IsDBCSLeadByte
lstrcmpiW
LockResource
FindResourceA
LoadResource
GetWindowsDirectoryA
GetLastError
GetLocaleInfoA
OpenFile
MultiByteToWideChar
lstrcatA
DisableThreadLibraryCalls
GetVersion
GetProcessHeap
GetDateFormatA
GetLocalTime
GetTimeFormatA
GetModuleFileNameA
GetCurrentThreadId
LoadLibraryA
GlobalUnlock
GlobalAlloc
GlobalLock
CompareStringA
GlobalFree
GetVersionExA
lstrlenA
lstrcpyA
IsBadReadPtr
HeapReAlloc
lstrcpynA
IsBadWritePtr
InterlockedDecrement
WideCharToMultiByte
InitializeCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
InterlockedIncrement
HeapAlloc
lstrlenW
LeaveCriticalSection
EnterCriticalSection

user32

IsWindowVisible
EndPaint
BeginPaint
MoveWindow
CharUpperA
IntersectRect
MessageBeep
SetCursor
EndDialog
RedrawWindow
GetMessagePos
CreateAcceleratorTableA
VkKeyScanA
PeekMessageA
PeekMessageW
SetWindowRgn
RegisterWindowMessageA
RegisterClipboardFormatA
SetCursorPos
OffsetRect
EqualRect
IsChild
GetWindowTextA
SetCapture
GetCursorPos
ScreenToClient
PostMessageA
DrawEdge
GetSysColor
wsprintfA
FillRect
InflateRect
DrawTextA
GetWindowRect
MapVirtualKeyA
DestroyWindow
CreateWindowExA
GetSysColorBrush
GetParent
GetAsyncKeyState
SetWindowLongA
TranslateMessage
DispatchMessageA
IsWindowEnabled
GetActiveWindow
CreateDialogIndirectParamA
IsDialogMessageA
GetNextDlgTabItem
GetWindow
CharNextA
SetParent
InvalidateRect
UpdateWindow
UnregisterClassA
MessageBoxA
SetWindowsHookExA
SetTimer
KillTimer
CheckRadioButton
CallNextHookEx
SetActiveWindow
DestroyIcon
SetFocus
DrawIcon
UnionRect
DialogBoxParamA
PtInRect
LoadCursorA
GetWindowDC
SetRect
IsRectEmpty
GetDC
ReleaseDC
GetClipboardFormatNameA
ClientToScreen
PostMessageW
FrameRect
GetClientRect
CallWindowProcA
GetKeyState
GetCapture
ReleaseCapture
GetClassInfoA
RegisterClassA
LoadIconA
GetSystemMetrics
CopyImage
MapDialogRect
GetWindowLongA
SetWindowPos
GetFocus
EnableWindow
GetDlgItemTextA
SetDlgItemTextA
GetDlgItem
SetDlgItemInt
GetDlgItemInt
IsDlgButtonChecked
SendDlgItemMessageA
CheckDlgButton
LoadStringA
DefWindowProcA
SendMessageA
ShowWindow
WinHelpA
UnhookWindowsHookEx

ole32

CreateStreamOnHGlobal
RevokeDragDrop
CreateOleAdviseHolder
RegisterDragDrop
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
DoDragDrop
ReleaseStgMedium
OleLoadFromStream
OleSaveToStream

advapi32

RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueA
RegEnumKeyExA
RegCloseKey

oleaut32

SafeArrayPutElement
SafeArrayGetElement
SafeArrayRedim
SafeArrayGetUBound
SafeArrayCreate
SafeArrayGetLBound
SafeArrayUnaccessData
SafeArrayDestroy
SafeArrayAccessData
VariantCopy
GetErrorInfo
OleCreateFontIndirect
CreateErrorInfo
SetErrorInfo
OleCreatePropertyFrame
LoadTypeLibEx
UnRegisterTypeLi
LoadRegTypeLi
RegisterTypeLi
OleLoadPicture
LoadTypeLi
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
OleCreatePictureIndirect
VariantCopyInd
OleTranslateColor
VariantChangeType
SysFreeString
SysStringLen
VariantClear
SysAllocString
VariantInit
SafeArrayCopy

comdlg32

GetOpenFileNameA

gdi32

GetNearestColor
CreatePalette
LPtoDP
GetWindowExtEx
GetBitmapBits
TextOutA
CreateDIBitmap
RealizePalette
GetViewportExtEx
SelectPalette
GetPaletteEntries
GetDIBits
CopyEnhMetaFileA
CreateICA
CopyMetaFileA
StretchBlt
Rectangle
GetObjectA
SetBkColor
CreateDCA
CreateRectRgn
SetViewportOrgEx
SetWindowOrgEx
DeleteObject
SetWindowExtEx
SetMapMode
SetViewportExtEx
CreateSolidBrush
GetDeviceCaps
SelectObject
ExcludeClipRect
GetClipRgn
SelectClipRgn
GetClipBox
DeleteDC
CreateRectRgnIndirect
CreateCompatibleDC
PatBlt
CreateCompatibleBitmap
SetBkMode
SetTextColor
CreateBitmap
GetStockObject
GetTextExtentPoint32A

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/bin/MSSCRIPT.OCX
.dll regsvr32 windows:5 windows x86 arch:x86

3793b90a92464f525c430a6b5fdf224f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msscript.pdb

Imports

msvcrt

??1type_info@@UAE@XZ
?terminate@@YAXXZ
_beginthreadex
wcslen
_purecall
__CxxFrameHandler
_wcsicmp
_vsnprintf
_onexit
__dllonexit
_adjust_fdiv
malloc
_initterm
free
_except_handler3

oleaut32

VariantCopyInd
SetErrorInfo
CreateErrorInfo
SysFreeString
SysAllocStringLen
SysStringLen
OleCreatePropertyFrame
LoadRegTypeLi
VariantChangeType
LoadTypeLibEx
UnRegisterTypeLi
LoadTypeLi
RegisterTypeLi
SysAllocString
VariantChangeTypeEx
VariantClear
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayAccessData
SafeArrayUnaccessData
LHashValOfNameSys

ole32

CoCreateInstance
CLSIDFromProgID
CoTaskMemAlloc
CreateOleAdviseHolder
CoTaskMemFree

advapi32

RegCloseKey
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA

kernel32

lstrlenW
HeapFree
HeapAlloc
GetVersion
GetWindowsDirectoryA
lstrcatA
lstrlenA
lstrcpynA
OpenFile
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
InterlockedIncrement
ResetEvent
WaitForSingleObject
InterlockedDecrement
TlsGetValue
GetCurrentThreadId
lstrcpyA
GetLastError
GetModuleFileNameA
LoadLibraryA
GetLocaleInfoA
HeapReAlloc
WideCharToMultiByte
GetProcessHeap
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
MultiByteToWideChar
GetTickCount
SetEvent
TlsAlloc
CloseHandle
TlsFree
TlsSetValue
CreateEventA

user32

PtInRect
GetKeyState
TranslateMessage
LoadStringA
IsWindow
EndDialog
DialogBoxParamA
DrawIcon
DrawEdge
LoadIconA
RegisterClassA
LoadCursorA
EnableWindow
GetSystemMetrics
DestroyWindow
SendMessageTimeoutA
EnumThreadWindows
PostThreadMessageA
SetWindowLongA
GetWindowLongA
CreateDialogParamA
KillTimer
DispatchMessageA
IsDialogMessageA
GetMessageA
SetTimer
UnregisterClassA
wsprintfA
ReleaseDC
GetDC
CharNextA
SetParent
DefWindowProcA
EndPaint
GetClientRect
BeginPaint
SetFocus
SendMessageA
SetWindowPos
CreateWindowExA
IsWindowVisible
GetWindowRect
ClientToScreen
GetParent
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
ShowWindow
GetActiveWindow

gdi32

SetWindowOrgEx
SetViewportExtEx
CreateRectRgnIndirect
GetDeviceCaps
SetWindowExtEx
SetMapMode
CreateDCA
GetViewportExtEx
GetWindowExtEx
LPtoDP
DeleteDC
SetViewportOrgEx

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/bin/Play.exe
.exe windows:4 windows x86 arch:x86

6fc53308ebad360fe131d32819ae4e72

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2446

msvcrt

_CxxThrowException

kernel32

GetStartupInfoA
LoadLibraryA
VirtualProtect
GetModuleFileNameA

user32

GetMenuItemInfoA
MessageBoxA

gdi32

GetTextColor

advapi32

RegSetValueExA

shell32

ShellExecuteExA

comctl32

ImageList_GetImageCount

ole32

CoInitialize

olepro32

ord252

oleaut32

GetErrorInfo

msvcp60

?_Xran@std@@YAXXZ

recomp

InstallWinIoDriver

helper

ord8

bexception

ord1

shlwapi

SHDeleteKeyA

version

GetFileVersionInfoSizeA

ws2_32

htonl

wininet

InternetGetCookieA

winmm

PlaySoundA

Sections

.text
Size: - Virtual size: 473KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 985KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jdy0
Size: - Virtual size: 842KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jdy1
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
jdyou_bbx/bbx/bin/QMDispatch.dll
.dll regsvr32 windows:4 windows x86 arch:x86

fc3dbefa0c17e0a7618e54645ed9be4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord844
ord535
ord1572
ord6569
ord6648
ord2818
ord2763
ord542
ord2841
ord2448
ord1116
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord823
ord6467
ord1131
ord2725
ord860
ord6927
ord6929
ord5683
ord4129
ord540
ord858
ord3953
ord825
ord561
ord3738
ord4424
ord4622
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord815
ord4274
ord800

msvcrt

memcmp
memcpy
__CxxFrameHandler
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
_purecall
free
malloc
realloc
memset
_CxxThrowException

kernel32

lstrcatA
lstrcpyA
LoadLibraryA
GetProcAddress
HeapDestroy
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
LoadLibraryExA
GetLastError
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
MultiByteToWideChar
lstrlenW
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
GetCommandLineA
SuspendThread
GetCurrentThread
WaitForSingleObject
LocalAlloc
LocalFree
FindResourceA
InitializeCriticalSection

user32

CharNextA
SendMessageA
GetAsyncKeyState
GetKeyState
PostMessageA

advapi32

RegDeleteKeyA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree

oleaut32

RegisterTypeLi
LoadRegTypeLi
VariantClear
VariantInit
VariantCopy
LoadTypeLi
SysAllocString
SysFreeString
VarUI4FromStr
GetErrorInfo
SysStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/bin/TABCTL32.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

e0cb36c66e5c120ef20ebc4f30366345

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:0e:7d:a7:00:00:00:00:00:48
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/10/2003, 05:59

Not After

25/01/2005, 06:09

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

07:16:79:f2:31:8b:3f:8a:bf:35:d8:e9:f0:71:c6:c1:69:48:39:b7
Signer

Actual PE Digest

07:16:79:f2:31:8b:3f:8a:bf:35:d8:e9:f0:71:c6:c1:69:48:39:b7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetStringTypeW
GetStringTypeA
VirtualAlloc
LCMapStringW
LCMapStringA
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
TerminateProcess
ExitProcess
RaiseException
GetOEMCP
GetACP
GetCPInfo
GetModuleHandleA
GetCommandLineA
lstrcpynA
GetFileAttributesA
GetVersion
DisableThreadLibraryCalls
FindResourceA
LoadResource
LockResource
GetLastError
InterlockedDecrement
InterlockedIncrement
GetProcAddress
GetLocaleInfoA
LoadLibraryA
GetWindowsDirectoryA
GetModuleFileNameA
MultiByteToWideChar
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
lstrcmpiA
lstrlenA
GlobalSize
IsDBCSLeadByte
LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
HeapAlloc
lstrcpyA
EnterCriticalSection
GetProcessHeap
HeapReAlloc
lstrcmpA
InitializeCriticalSection
lstrcatA

user32

BeginPaint
GetClientRect
MoveWindow
IntersectRect
PtInRect
CreateWindowExA
SetWindowPos
SetFocus
SetWindowRgn
FillRect
CopyRect
DrawFocusRect
GetSysColor
IsWindowEnabled
GetWindowRect
GetWindowDC
DestroyWindow
GetWindowLongA
SetWindowLongA
CallWindowProcA
CharNextA
OffsetRect
SetRectEmpty
ShowWindow
IsDialogMessageA
ScreenToClient
GetClipboardFormatNameA
RegisterClipboardFormatA
MapWindowPoints
SetCursorPos
InvalidateRect
UnregisterClassA
ReleaseCapture
GetNextDlgTabItem
CreateDialogIndirectParamA
IsChild
SetParent
IsWindowVisible
WinHelpA
InflateRect
EndDialog
GetActiveWindow
DialogBoxParamA
GetCursorPos
IsIconic
GetParent
LockWindowUpdate
EqualRect
IsWindow
MessageBeep
MessageBoxA
GetDlgItemInt
GetDlgItemTextA
IsDlgButtonChecked
SendDlgItemMessageA
SetDlgItemTextA
SetDlgItemInt
CheckDlgButton
GetDlgItem
wsprintfA
GetKeyState
DefWindowProcA
SetCursor
PeekMessageA
SendMessageA
GetFocus
GetDC
ReleaseDC
SetRect
IsCharAlphaNumericA
VkKeyScanA
CreateAcceleratorTableA
EnableWindow
LoadCursorA
RegisterClassA
DestroyAcceleratorTable
LoadStringA
GetWindow
GetSystemMetrics
EndPaint
ClientToScreen

ole32

ReleaseStgMedium
DoDragDrop
RegisterDragDrop
RevokeDragDrop
CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
OleSaveToStream
OleLoadFromStream

advapi32

RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

SysAllocStringLen
OleCreatePropertyFrame
LoadTypeLi
SafeArrayCopy
SafeArrayRedim
SafeArrayGetElement
SafeArrayCreate
SafeArrayPutElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayDestroy
SafeArrayUnaccessData
VariantCopyInd
SafeArrayAccessData
LoadTypeLibEx
UnRegisterTypeLi
VariantCopy
CreateErrorInfo
SetErrorInfo
RegisterTypeLi
VariantInit
SysStringLen
VariantChangeType
GetErrorInfo
OleLoadPicture
OleTranslateColor
LoadRegTypeLi
SysAllocStringByteLen
SysStringByteLen
OleCreatePictureIndirect
OleCreateFontIndirect
VariantClear
SysFreeString
SysAllocString

gdi32

SetMapMode
GetWindowExtEx
GetViewportExtEx
LPtoDP
GetNearestColor
CreatePalette
GetBitmapBits
CreateDIBitmap
GetDIBits
CopyEnhMetaFileA
CopyMetaFileA
CreateDCA
SetWindowOrgEx
SetViewportOrgEx
SetWindowExtEx
SetViewportExtEx
GetDeviceCaps
DeleteDC
DeleteObject
StretchBlt
SelectObject
CreateBitmap
CreateCompatibleDC
RealizePalette
SelectPalette
GetOutlineTextMetricsA
BitBlt
CreateCompatibleBitmap
SetTextColor
SetBkColor
CreateRectRgn
CreateFontIndirectA
GetObjectA
SelectClipRgn
CombineRgn
CreatePolygonRgn
SetBkMode
CreatePen
TextOutA
GetTextColor
LineTo
MoveToEx
GetTextExtentPoint32A
GetCharWidthA
GetCurrentPositionEx
SetTextAlign
GetStockObject
CreateSolidBrush
OffsetRgn
SetBrushOrgEx
UnrealizeObject
GetPaletteEntries
CreateRectRgnIndirect
CreateICA

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/bin/avp.exe
.exe windows:4 windows x86 arch:x86

0b0feb8c4e9c10951f10f4cd4f3c1e25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord1576
ord1199
ord470
ord755
ord2379
ord4160
ord2863
ord537
ord6663
ord6648
ord823
ord1158
ord939
ord2763
ord5710
ord6282
ord535
ord6927
ord6929
ord2764
ord922
ord924
ord1105
ord2818
ord6199
ord1200
ord860
ord5683
ord4129
ord858
ord2302
ord567
ord1168
ord1146
ord3610
ord3402
ord5290
ord1776
ord6055
ord4234
ord324
ord3597
ord4425
ord4627
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord4710
ord4998
ord4853
ord4376
ord5265
ord800
ord540
ord2725
ord2621
ord2514
ord656
ord641
ord815
ord561
ord3738
ord4424
ord4622
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord1799
ord614
ord2623
ord290
ord4226
ord2486
ord4003
ord446
ord743
ord1106
ord4021
ord5689
ord6283
ord1601
ord6354
ord5500
ord2915
ord861
ord941
ord6928
ord1770
ord462
ord926
ord539
ord3571
ord3626
ord3663
ord640
ord2450
ord2405
ord2414
ord1641
ord1640
ord323
ord715
ord415
ord2841
ord2107
ord5620
ord5450
ord5440
ord6383
ord6394
ord1175
ord4220
ord2584
ord3654
ord4278
ord6662
ord2438
ord2614
ord5572
ord2919
ord1644
ord541
ord801
ord6930
ord6877
ord6874
ord940
ord665
ord3318
ord353
ord1099
ord1574
ord6143
ord5861
ord5829
ord3726
ord2065
ord6883
ord859
ord6876
ord1948
ord5303
ord4699
ord5715
ord565
ord817
ord2726
ord4202
ord802
ord1085
ord2765
ord542
ord2448
ord844
ord1572
ord2044
ord5834
ord711
ord398
ord413
ord700
ord6307
ord913
ord4167
ord521
ord4189
ord6569
ord812
ord6144
ord5862
ord5610
ord3874
ord2864
ord559
ord1871
ord2452
ord1979
ord5442
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4673
ord825

msvcrt

free
_stricmp
_itoa
rand
srand
time
tolower
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
toupper
sscanf
_ftol
_mbsicmp
wcslen
isprint
fprintf
fgets
fwrite
_tempnam
isxdigit
strpbrk
rewind
strncpy
_mbsnbcpy
isalpha
strstr
wcsstr
wcscpy
_wcslwr
mbstowcs
_strnicmp
?terminate@@YAXXZ
_setmbcp
??8type_info@@QBEHABV0@@Z
__dllonexit
exit
sprintf
fopen
fseek
ftell
fread
fclose
atoi
_mbscmp
_CxxThrowException
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
strchr
__CxxFrameHandler
malloc
memmove
_mbsstr
_purecall
calloc

kernel32

GetVersion
CreateFileA
GetACP
IsDebuggerPresent
GetPrivateProfileSectionA
GetTempFileNameA
lstrlenA
lstrlenW
MoveFileA
CreateDirectoryA
SetEnvironmentVariableA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetSystemDirectoryA
IsDBCSLeadByte
InterlockedDecrement
InterlockedIncrement
GlobalFree
ReadFile
GlobalAlloc
GetFileSize
LocalAlloc
FormatMessageA
WideCharToMultiByte
GetCurrentThread
PulseEvent
DeviceIoControl
GlobalUnlock
GlobalLock
GlobalSize
GlobalReAlloc
HeapAlloc
SetLastError
HeapFree
VirtualQuery
FileTimeToSystemTime
SetFilePointer
GetFileInformationByHandle
WriteFile
SystemTimeToFileTime
GetLocalTime
GetStartupInfoA
GetModuleHandleA
Beep
DeleteFileA
GetPrivateProfileStringA
WritePrivateProfileStringA
OpenProcess
WaitForSingleObject
Sleep
GetPrivateProfileIntA
OpenEventA
SetEvent
GetCurrentThreadId
GetTickCount
GetCurrentDirectoryA
LocalFileTimeToFileTime
SetFileTime
MultiByteToWideChar
LocalFree
VirtualFree
GetSystemInfo
LCMapStringA
GetStringTypeExA
GetUserDefaultLCID
InterlockedCompareExchange
InterlockedExchange
GetCurrentProcessId
SuspendThread
ResumeThread
CreateEventA
WinExec
ReadProcessMemory
CloseHandle
GetTempPathA
VirtualProtect
GetModuleFileNameA
ResetEvent
GetWindowsDirectoryA
CopyFileA
SetFileAttributesA
LoadLibraryA
GetProcAddress
FreeLibrary
GetLastError
OutputDebugStringA
GetProcessHeap

user32

GetDesktopWindow
LoadImageA
keybd_event
wsprintfA
LoadStringA
GetGUIThreadInfo
SystemParametersInfoA
GetWindowDC
ReleaseDC
UnhookWindowsHookEx
CallNextHookEx
UnregisterHotKey
RegisterHotKey
LoadMenuA
GetSubMenu
GetMenuStringA
SendInput
GetWindowThreadProcessId
PostMessageA
GetIconInfo
GetForegroundWindow
ClipCursor
GetCursorPos
SetCursorPos
MapVirtualKeyA
LoadIconA
SetForegroundWindow
SetTimer
SendMessageA
AppendMenuA
GetSystemMenu
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
KillTimer
GetAsyncKeyState
EnableWindow
SetWindowsHookExA
GetDC

shell32

ShellExecuteA

msvcp60

??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??0_Lockit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?_Xlen@std@@YAXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHPBD@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBDI@Z
?what@logic_error@std@@UBEPBDXZ
??0logic_error@std@@QAE@ABV01@@Z
??0logic_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??_7logic_error@std@@6B@
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PAD0PBD1@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADXZ
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??1runtime_error@std@@UAE@XZ
??0runtime_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??_7runtime_error@std@@6B@
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??1_Lockit@std@@QAE@XZ
??0runtime_error@std@@QAE@ABV01@@Z
??8std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??_7bad_exception@std@@6B@
??1bad_exception@std@@UAE@XZ
??0bad_exception@std@@QAE@ABV01@@Z
??1logic_error@std@@UAE@XZ
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?what@runtime_error@std@@UBEPBDXZ
?_Doraise@runtime_error@std@@MBEXXZ
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IID@Z
??Nstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Ostd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z

recomp

InstallWinIoDriver
InitializeWinIo
GetPortVal
ShutdownWinIo
SetPortVal

helper

ord10
ord9
ord7
ord1
ord5
ord3
ord4
ord8
ord2

winmm

timeGetTime

shlwapi

SHDeleteKeyA

gdi32

SetDIBits
GetObjectA
GetDIBits
BitBlt
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetPixel
DeleteObject
CreateDIBSection

advapi32

RegSetValueExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA

ole32

CoInitialize
ProgIDFromCLSID
StgOpenStorage
CoUninitialize
CoCreateInstance
OleRun

oleaut32

SysAllocStringByteLen
VariantClear
SysFreeString
SysStringLen
SysAllocString
SysAllocStringLen
LoadTypeLi
GetErrorInfo
VariantInit

Sections

.text
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/bin/cfgdll.dll
.dll windows:4 windows x86 arch:x86

9ec94b44feb5177c460daec2d3d20fbc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ResetEvent
MapViewOfFile
OpenFileMappingA
CreateFileMappingA
UnmapViewOfFile
PulseEvent
CreateEventA
WaitForSingleObject
SetEnvironmentVariableA
CompareStringW
CompareStringA
OpenEventA
SetEvent
GetCurrentProcessId
CloseHandle
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
SetStdHandle
RtlUnwind
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers

user32

SetWindowsHookExA
PostMessageA
CallNextHookEx
MessageBoxA
mouse_event
UnhookWindowsHookEx

gdi32

GetPixel
DeleteDC
CreateDCA

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/bin/cooper.dll
.dll windows:4 windows x86 arch:x86

6cfc84e6d4e8604f1f443eae24ad6c86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5252
ord2446
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4427
ord3623
ord674
ord366
ord825
ord924
ord535
ord6928
ord6930
ord858
ord4129
ord2763
ord860
ord537
ord2915
ord2124
ord939
ord2818
ord5265
ord4376
ord4853
ord4998
ord2514
ord6052
ord1775
ord5280
ord4425
ord3597
ord4078
ord5241
ord5290
ord4441
ord5261
ord3402
ord4424
ord641
ord567
ord324
ord818
ord2302
ord4234
ord4710
ord2688
ord2379
ord1768
ord6215
ord6197
ord6379
ord2764
ord539
ord2135
ord3698
ord3721
ord795
ord765
ord5683
ord6927
ord823
ord2086
ord1105
ord6648
ord4224
ord4160
ord609
ord1199
ord6199
ord1175
ord690
ord5207
ord389
ord941
ord665
ord1979
ord5442
ord3318
ord5186
ord354
ord6153
ord5645
ord5583
ord6385
ord2393
ord5710
ord3790
ord926
ord6283
ord6282
ord2614
ord922
ord940
ord4436
ord4202
ord6877
ord3811
ord551
ord2784
ord4278
ord542
ord802
ord656
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord6467
ord2864
ord1134
ord2725
ord2575
ord4396
ord3574
ord2370
ord6453
ord6334
ord2642
ord4400
ord3630
ord3706
ord3626
ord3663
ord640
ord2450
ord5678
ord4133
ord4297
ord5788
ord472
ord283
ord2414
ord5786
ord1641
ord5736
ord1640
ord323
ord2582
ord4402
ord3370
ord3640
ord693
ord682
ord4243
ord6242
ord6696
ord801
ord6907
ord6883
ord5861
ord541
ord3998
ord6007
ord3286
ord6143
ord3996
ord3301
ord6905
ord6675
ord3619
ord613
ord2243
ord289
ord6888
ord3610
ord6569
ord2777
ord1949
ord4034
ord1116
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord4837
ord3798
ord1665
ord2649
ord5282
ord4353
ord6374
ord5163
ord2385
ord5237
ord4407
ord1776
ord4077
ord6055
ord4151
ord2878
ord2879
ord3403
ord5472
ord975
ord5012
ord3350
ord4303
ord4467
ord5103
ord5100
ord3059
ord2390
ord2723
ord4242
ord800
ord4277
ord540

msvcrt

_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
rewind
fgets
_CxxThrowException
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
_strupr
_strnicmp
__CxxFrameHandler
strncmp
fclose
fread
fseek
fopen
_mbscmp
fwrite
free
malloc
atoi
ftell
isdigit
isalpha
strchr
fgetc

kernel32

HeapFree
GetVersionExA
CreateThread
WaitForSingleObject
GetExitCodeThread
GetLastError
CreateEventA
CloseHandle
lstrlenA
Sleep
GetSystemDirectoryA
MoveFileExA
DeleteFileA
HeapAlloc
GetPrivateProfileStringA
GetPrivateProfileIntA
GetCommandLineA
FreeLibrary
LoadLibraryA
GetProcAddress
lstrcpynA
CreateDirectoryA
GetTempPathA
MoveFileA
WritePrivateProfileStringA
LocalFree
LocalAlloc
CreateProcessA
HeapReAlloc
GetProcessHeap

user32

IsWindow
SetTimer
EnableWindow
SendMessageA
PostMessageA
PostQuitMessage
wsprintfA
GetDesktopWindow
SetForegroundWindow
InvalidateRect
DrawTextA
FillRect
GetSysColor
CopyRect
KillTimer
GetClientRect

gdi32

CreateRectRgnIndirect

shell32

ShellExecuteA

oleaut32

SysFreeString

urlmon

URLDownloadToFileA

ws2_32

send
recv
connect
socket
ntohl
ntohs
htons
gethostbyname
inet_ntoa
inet_addr
WSAConnect
WSASend
WSAEnumNetworkEvents
WSARecv
shutdown
WSAWaitForMultipleEvents
closesocket
WSASocketA
setsockopt
WSAGetLastError
WSAStartup
WSACleanup
htonl
WSAEventSelect

Exports

Exports

Initialize
ShowNewsWindow
UpgradeSoftware

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 332KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/bin/gwlkyj.dll
.dll windows:4 windows x86 arch:x86

9ec94b44feb5177c460daec2d3d20fbc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ResetEvent
MapViewOfFile
OpenFileMappingA
CreateFileMappingA
UnmapViewOfFile
PulseEvent
CreateEventA
WaitForSingleObject
SetEnvironmentVariableA
CompareStringW
CompareStringA
OpenEventA
SetEvent
GetCurrentProcessId
CloseHandle
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
SetStdHandle
RtlUnwind
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers

user32

SetWindowsHookExA
PostMessageA
CallNextHookEx
MessageBoxA
mouse_event
UnhookWindowsHookEx

gdi32

GetPixel
DeleteDC
CreateDCA

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/bin/helper.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

UPX0
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/bin/hknm.sys
.sys windows:4 windows x86 arch:x86

c2231da77998b13b38444f61c0719e31

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoDeleteSymbolicLink
RtlInitUnicodeString
KeReleaseSemaphore
KeWaitForSingleObject
KeSetTimer
KeInitializeTimer
IoDetachDevice
IofCallDriver
RtlAssert
ExfInterlockedInsertTailList
KeClearEvent
KeSetEvent
IofCompleteRequest
ExInterlockedPopEntrySList
IoCreateNotificationEvent
IoDeleteDevice
memset
ZwClose
KeInsertQueueApc
KeInitializeApc
ExAllocatePoolWithTag
PsTerminateSystemThread
ExfInterlockedRemoveHeadList
PsCreateSystemThread
ExInterlockedPushEntrySList
IoCreateSymbolicLink
IoAttachDevice
KeInitializeSemaphore
ExInitializeNPagedLookasideList
IoCreateDevice
KeInitializeSpinLock
ExFreePool
ObReferenceObjectByHandle
ExDeleteNPagedLookasideList

hal

KfReleaseSpinLock
KfAcquireSpinLock

Sections

page
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

init
Size: 512B - Virtual size: 189B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 5B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 342B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/bin/login_web.dat
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
jdyou_bbx/bbx/bin/nogg.txt
jdyou_bbx/bbx/bin/plugin/BkgndColor.dll
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

UPX0
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
jdyou_bbx/bbx/bin/plugin/Console.dll
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

UPX0
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
jdyou_bbx/bbx/bin/plugin/File.dll
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

UPX0
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
jdyou_bbx/bbx/bin/plugin/GetSysInfo.dll
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

UPX0
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
jdyou_bbx/bbx/bin/plugin/Memory.dll
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

UPX0
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
jdyou_bbx/bbx/bin/plugin/Window.dll
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

UPX0
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
jdyou_bbx/bbx/bin/qmacrone.ini
jdyou_bbx/bbx/bin/recomp.dll
.dll windows:4 windows x86 arch:x86

039bb92bd3d75cb40b9da71e67d0f2c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
DeleteFileA
GetModuleFileNameA
GetVersionExA
DeviceIoControl
GetModuleHandleA
CloseHandle
GetLastError
GetCommandLineA
GetVersion
EnterCriticalSection
LeaveCriticalSection
HeapFree
WriteFile
InitializeCriticalSection
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
SetStdHandle
FlushFileBuffers
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile
ReadFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

advapi32

StartServiceA
OpenServiceA
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
ControlService

Exports

Exports

GetPhysLong
GetPortVal
InitializeWinIo
InstallWinIoDriver
MapPhysToLin
RemoveWinIoDriver
SetPhysLong
SetPortVal
ShutdownWinIo
UnmapPhysicalMemory

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/bin/rename.ini
jdyou_bbx/bbx/bin/reporter.exe
.exe windows:4 windows x86 arch:x86

0de96372d7690778efdbfb874d04fafa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord641
ord2514
ord2621
ord1134
ord941
ord860
ord5265
ord4376
ord4853
ord4998
ord4710
ord6052
ord4078
ord1775
ord2554
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord4234
ord1146
ord1168
ord2370
ord6197
ord6380
ord6199
ord3092
ord823
ord858
ord924
ord4160
ord2863
ord2379
ord755
ord470
ord1199
ord535
ord6334
ord4486
ord6375
ord4274
ord800
ord540
ord4407
ord4673
ord1576

msvcrt

fopen
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
ftell
fread
_splitpath
__CxxFrameHandler
_setmbcp
fseek

kernel32

SetCurrentDirectoryA
GlobalLock
GlobalAlloc
GetModuleHandleA
GetStartupInfoA
GlobalUnlock

user32

DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
GetSystemMenu
SetClipboardData
EmptyClipboard
OpenClipboard
EnableWindow
AppendMenuA
CloseClipboard
LoadIconA
SendMessageA

shell32

ShellExecuteA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/bin/stdlib.vbs
jdyou_bbx/bbx/bin/stdplugin.dat
.zip
jdyou_bbx/bbx/bin/version.ini
jdyou_bbx/bbx/bin/zmrn.dll
.dll windows:4 windows x86 arch:x86

9ec94b44feb5177c460daec2d3d20fbc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ResetEvent
MapViewOfFile
OpenFileMappingA
CreateFileMappingA
UnmapViewOfFile
PulseEvent
CreateEventA
WaitForSingleObject
SetEnvironmentVariableA
CompareStringW
CompareStringA
OpenEventA
SetEvent
GetCurrentProcessId
CloseHandle
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
SetStdHandle
RtlUnwind
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers

user32

SetWindowsHookExA
PostMessageA
CallNextHookEx
MessageBoxA
mouse_event
UnhookWindowsHookEx

gdi32

GetPixel
DeleteDC
CreateDCA

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/bin/必读！简单游使用说明.txt
jdyou_bbx/bbx/jdyoem.dat
jdyou_bbx/bbx/ver.ini
jdyou_bbx/bbx/中国破解联盟－木蚂蚁社区.URL
.url
jdyou_bbx/bbx/使用说明.txt
jdyou_bbx/bbx/注册说明.htm
.html .js polyglot
jdyou_bbx/bbx/简单游.exe
.exe windows:4 windows x86 arch:x86

779d6107925ff1420b89c162b130ebf8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord540
ord800
ord641
ord2514
ord2621
ord1134
ord922
ord4160
ord924
ord858
ord4129
ord5683
ord860
ord537
ord5265
ord2396
ord4853
ord4998
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord1146
ord1168
ord324
ord4234
ord1200
ord2863
ord4710
ord2379
ord755
ord470
ord665
ord1979
ord5186
ord354
ord939
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4376
ord4673
ord1576

msvcrt

_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_acmdln
_XcptFilter
_exit
_onexit
__dllonexit
exit
malloc
free
_splitpath
__CxxFrameHandler
strstr
_setmbcp
__getmainargs

kernel32

CreateDirectoryA
FindClose
FindFirstFileA
WaitForSingleObject
CreateProcessA
MoveFileA
MultiByteToWideChar
GetModuleHandleA
GetStartupInfoA
SetCurrentDirectoryA

user32

GetSystemMetrics
DrawIcon
EnableWindow
GetSystemMenu
AppendMenuA
IsIconic
GetClientRect
LoadIconA
SendMessageA

shell32

SHGetSpecialFolderPathA
ShellExecuteA

ole32

CoInitialize
CoCreateInstance

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
jdyou_bbx/bbx/简单百宝箱.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 154KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 564KB

UPX1 Size: 124KB - Virtual size: 124KB

.rsrc Size: 6KB - Virtual size: 8KB

Headers

File Characteristics

Sections

.text Size: 76KB - Virtual size: 73KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 580KB - Virtual size: 577KB

97a73544ea0446cdb0035137af6f0d1a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 6KB - Virtual size: 12KB

.reloc Size: 4KB - Virtual size: 4KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 580KB

UPX1 Size: 109KB - Virtual size: 112KB

.rsrc Size: 6KB - Virtual size: 8KB

Headers

File Characteristics

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 604KB - Virtual size: 601KB

387f999872a562b115e05bff360201eb

Headers

File Characteristics

Imports

ntoskrnl.exe

hal

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 464B

.edata Size: 512B - Virtual size: 82B

.vmp0 Size: 2KB - Virtual size: 1KB

.vmp1 Size: 109KB - Virtual size: 108KB

.reloc Size: 2KB - Virtual size: 1KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 680KB

UPX1 Size: 132KB - Virtual size: 136KB

.rsrc Size: 7KB - Virtual size: 8KB

Headers

File Characteristics

Sections

.text Size: 88KB - Virtual size: 84KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 696KB - Virtual size: 694KB

17c261cd8aa1ce8aeff0f9d5c09e429e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

UPX0
Size: - Virtual size: 564KB

UPX1
Size: 124KB - Virtual size: 124KB

.rsrc
Size: 6KB - Virtual size: 8KB

.text
Size: 76KB - Virtual size: 73KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 580KB - Virtual size: 577KB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 6KB - Virtual size: 12KB

.reloc
Size: 4KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 580KB

UPX1
Size: 109KB - Virtual size: 112KB

.rsrc
Size: 6KB - Virtual size: 8KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 604KB - Virtual size: 601KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 464B

.edata
Size: 512B - Virtual size: 82B

.vmp0
Size: 2KB - Virtual size: 1KB

.vmp1
Size: 109KB - Virtual size: 108KB

.reloc
Size: 2KB - Virtual size: 1KB

UPX0
Size: - Virtual size: 680KB

UPX1
Size: 132KB - Virtual size: 136KB

.rsrc
Size: 7KB - Virtual size: 8KB

.text
Size: 88KB - Virtual size: 84KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 696KB - Virtual size: 694KB

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 6KB - Virtual size: 12KB

.reloc
Size: 4KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 464KB

UPX1
Size: 106KB - Virtual size: 108KB

.rsrc
Size: 6KB - Virtual size: 8KB

.text
Size: 56KB - Virtual size: 54KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 488KB - Virtual size: 487KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 464B

.edata
Size: 512B - Virtual size: 82B

.vmp0
Size: 2KB - Virtual size: 1KB

.vmp1
Size: 109KB - Virtual size: 108KB

.reloc
Size: 2KB - Virtual size: 1KB

UPX0
Size: - Virtual size: 64KB

UPX1
Size: 33KB - Virtual size: 36KB

.rsrc
Size: 6KB - Virtual size: 8KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 28KB - Virtual size: 27KB

UPX0
Size: - Virtual size: 908KB

UPX1
Size: 207KB - Virtual size: 208KB

.rsrc
Size: 6KB - Virtual size: 8KB

.text
Size: 64KB - Virtual size: 63KB