0232c222a572c593f89b485446e9f0a5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0232c222a572c593f89b485446e9f0a5_JaffaCakes118
Size

2.2MB
MD5

0232c222a572c593f89b485446e9f0a5
SHA1

2b281bf88a57fdb36d95db530c8fa0741f52d36f
SHA256

0be3b406aca15f2e096f4c20bfee881113d446b017fd01573c46b7f447efca41
SHA512

6f3346fa6b62b571888a8a5e7f6265f1635688b3fd3d873447c8e074b426dba265ed963570c1ddd6db1034c3afdea14fb4dad336954acd70e84736dd71e62a05
SSDEEP

49152:Mqk62/A11qhLrpw1Q2DxpuFSTlyCY8TR8u+I5d5IoEGdrsOAYO1:ML7A1Cf+1Q2DxpUezTRr+0d5IouOPO1

Score

3^/10

Malware Config

Signatures

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
0232c222a572c593f89b485446e9f0a5_JaffaCakes118
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/th123e.dll
unpack001/th123e.exe
unpack001/uninstall_th123e.exe

Files

0232c222a572c593f89b485446e9f0a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bf95d1fc1d10de18b32654b123ad5e1f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
lstrcpynA
CloseHandle
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
CreateFileW
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrlenW

user32

ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 1.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

bd0c5e2173fde31d22cb05fc3c2a33dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
GetLastError
VirtualAlloc
VirtualProtect
lstrlenW
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 502B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

64c2fa30732f757c1ae944c5208636c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentDirectoryW
lstrcpyW
lstrcmpiW
GlobalAlloc
MulDiv
SetCurrentDirectoryW
HeapFree
GetProcessHeap
HeapAlloc
HeapReAlloc
lstrcpynW
lstrlenW
GlobalFree

user32

GetPropW
DestroyWindow
CallWindowProcW
DrawFocusRect
GetClientRect
DrawTextW
GetWindowTextW
GetDlgItem
SetWindowLongW
SetWindowPos
CreateDialogParamW
MapWindowPoints
GetWindowRect
SetPropW
CreateWindowExW
IsWindow
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
wsprintfW
CharPrevW
MapDialogRect
CharNextW
SendMessageW
GetWindowLongW

gdi32

SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW

comdlg32

GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
GetUserData
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 450B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
th123e.dat
.zip
MonoSpatialModSWR.ttf
VeraMono.ttf
WinterthurCondensed.ttf
data_csv_alice_spellcard.cv1
data_csv_alice_storyspell.cv1
data_csv_aya_spellcard.cv1
data_csv_background_sky.cv1
data_csv_chirno_spellcard.cv1
data_csv_chirno_storyspell.cv1
data_csv_common_spellcard.cv1
data_csv_iku_spellcard.cv1
data_csv_komachi_spellcard.cv1
data_csv_marisa_spellcard.cv1
data_csv_marisa_storyspell.cv1
data_csv_meirin_spellcard.cv1
data_csv_meirin_storyspell.cv1
data_csv_namazu_spellcard.cv1
data_csv_namazu_storyspell.cv1
data_csv_patchouli_spellcard.cv1
data_csv_patchouli_storyspell.cv1
data_csv_reimu_spellcard.cv1
data_csv_reimu_storyspell.cv1
data_csv_remilia_spellcard.cv1
data_csv_sakuya_spellcard.cv1
data_csv_sanae_spellcard.cv1
data_csv_sanae_storyspell.cv1
data_csv_suika_spellcard.cv1
data_csv_suwako_spellcard.cv1
data_csv_suwako_storyspell.cv1
data_csv_system_music.cv1
data_csv_system_music_limit.cv1
data_csv_tenshi_spellcard.cv1
data_csv_udonge_spellcard.cv1
data_csv_utsuho_spellcard.cv1
data_csv_utsuho_storyspell.cv1
data_csv_youmu_spellcard.cv1
data_csv_yukari_spellcard.cv1
data_csv_yuyuko_spellcard.cv1
data_guide_00.png
.png
data_guide_01.png
.png
data_guide_02.png
.png
data_guide_03.png
.png
data_guide_04.png
.png
data_guide_05.png
.png
data_guide_07.png
.png
data_guide_08.png
.png
data_guide_09.png
.png
data_guide_10.png
.png
data_guide_11.png
.png
data_guide_12.png
.png
data_guide_13.png
.png
data_guide_14.png
.png
data_guide_16.png
.png
data_guide_20.png
.png
data_guide_21.png
.png
data_guide_22.png
.png
data_guide_23.png
.png
data_guide_90.png
.png
data_guide_91.png
.png
data_guide_92.png
.png
data_guide_93.png
.png
data_infoeffect_effect.pat
data_infoeffect_result_panelA.png
.png
data_infoeffect_result_panelB.png
.png
data_infoeffect_result_panelC.png
.png
data_infoeffect_result_rankFont.png
.png
data_infoeffect_st00.png
.png
data_infoeffect_st01.png
.png
data_infoeffect_st02.png
.png
data_infoeffect_st03.png
.png
data_infoeffect_st04.png
.png
data_infoeffect_st05.png
.png
data_infoeffect_st06.png
.png
data_infoeffect_st10.png
.png
data_infoeffect_st11.png
.png
data_infoeffect_st12.png
.png
data_infoeffect_st13.png
.png
data_infoeffect_st14.png
.png
data_infoeffect_st15.png
.png
data_infoeffect_st16.png
.png
data_infoeffect_st17.png
.png
data_infoeffect_st18.png
.png
data_infoeffect_st19.png
.png
data_infoeffect_st20.png
.png
data_infoeffect_st21.png
.png
data_infoeffect_st22.png
.png
data_infoeffect_st30.png
.png
data_infoeffect_st31.png
.png
data_infoeffect_st32.png
.png
data_infoeffect_st33.png
.png
data_infoeffect_st34.png
.png
data_infoeffect_st35.png
.png
data_infoeffect_st40.png
.png
data_infoeffect_st41.png
.png
data_infoeffect_st42.png
.png
data_infoeffect_st43.png
.png
data_infoeffect_st99.png
.png
data_infoeffect_weatherName000.png
.png
data_infoeffect_weatherName001.png
.png
data_infoeffect_weatherName002.png
.png
data_infoeffect_weatherName003.png
.png
data_infoeffect_weatherName004.png
.png
data_infoeffect_weatherName005.png
.png
data_infoeffect_weatherName006.png
.png
data_infoeffect_weatherName007.png
.png
data_infoeffect_weatherName008.png
.png
data_infoeffect_weatherName009.png
.png
data_infoeffect_weatherName010.png
.png
data_infoeffect_weatherName012.png
.png
data_infoeffect_weatherName013.png
.png
data_infoeffect_weatherName014.png
.png
data_infoeffect_weatherName015.png
.png
data_infoeffect_weatherName016.png
.png
data_infoeffect_weatherName017.png
.png
data_infoeffect_weatherName018.png
.png
data_infoeffect_weatherName019.png
.png
data_infoeffect_weatherName020.png
.png
data_infoeffect_weatherName021.png
.png
data_infoeffect_weatherName022.png
.png
data_infoeffect_weatherNameB000.png
.png
data_infoeffect_weatherNameB001.png
.png
data_infoeffect_weatherNameB002.png
.png
data_infoeffect_weatherNameB003.png
.png
data_infoeffect_weatherNameB004.png
.png
data_infoeffect_weatherNameB005.png
.png
data_infoeffect_weatherNameB006.png
.png
data_infoeffect_weatherNameB007.png
.png
data_infoeffect_weatherNameB008.png
.png
data_infoeffect_weatherNameB009.png
.png
data_infoeffect_weatherNameB010.png
.png
data_infoeffect_weatherNameB011.png
.png
data_infoeffect_weatherNameB012.png
.png
data_infoeffect_weatherNameB013.png
.png
data_infoeffect_weatherNameB014.png
.png
data_infoeffect_weatherNameB015.png
.png
data_infoeffect_weatherNameB016.png
.png
data_infoeffect_weatherNameB017.png
.png
data_infoeffect_weatherNameB018.png
.png
data_infoeffect_weatherNameB019.png
.png
data_menu_22a_Yes.png
.png
data_menu_22b_Yes.png
.png
data_menu_23a_No.png
.png
data_menu_23b_No.png
.png
data_menu_battle_000_Restart.png
.png
data_menu_battle_010_1pKeyConfig.png
.png
data_menu_battle_020_2pKeyConfig.png
.png
data_menu_battle_030_Chara.png
.png
data_menu_battle_040_Title.png
.png
data_menu_battle_070_Exit.png
.png
data_menu_battle_pause.dat
data_menu_battle_pausePractice.dat
data_menu_battle_pauseStory.dat
data_menu_config_Config.dat
data_menu_config_Exit.png
.png
data_menu_config_c1[01].png
.png
data_menu_config_c1[02].png
.png
data_menu_config_c1[03].png
.png
data_menu_config_c1[04].png
.png
data_menu_config_c1[05].png
.png
data_menu_config_c1[06].png
.png
data_menu_config_c1[07].png
.png
data_menu_config_c2[01].png
.png
data_menu_config_c2[02].png
.png
data_menu_config_c2[03].png
.png
data_menu_config_c2[04].png
.png
data_menu_config_c2[05].png
.png
data_menu_config_c2[06].png
.png
data_menu_config_c2[07].png
.png
data_menu_config_c2[08].png
.png
data_menu_config_c2[09].png
.png
data_menu_config_c2[10].png
.png
data_menu_config_c2[11].png
.png
data_menu_config_c2[12].png
.png
data_menu_config_c2[13].png
.png
data_menu_config_c2[14].png
.png
data_menu_config_c2[15].png
.png
data_menu_connect_00a_Server.png
.png
data_menu_connect_01a_IP.png
.png
data_menu_connect_02a_List.png
.png
data_menu_connect_03a_History.png
.png
data_menu_connect_04a_Clipboard.png
.png
data_menu_connect_05a_Profile.png
.png
data_menu_connect_06a_Exit.png
.png
data_menu_connect_connect.dat
data_menu_continue_continue.dat
data_menu_menuBack.dat
data_menu_menuProfile.dat
data_menu_menuProfileEdit.dat
data_menu_menuWindow.dat
data_menu_musicroom_musicroom.dat
data_menu_practice_0.png
.png
data_menu_practice_1.png
.png
data_menu_practice_2.png
.png
data_menu_practice_2pPlay.png
.png
data_menu_practice_3.png
.png
data_menu_practice_4.png
.png
data_menu_practice_5.png
.png
data_menu_practice_6.png
.png
data_menu_practice_Center.png
.png
data_menu_practice_CharactorSerect.png
.png
data_menu_practice_Counter.png
.png
data_menu_practice_Down_guard.png
.png
data_menu_practice_GamePlay.png
.png
data_menu_practice_Guard.png
.png
data_menu_practice_Jump.png
.png
data_menu_practice_Left.png
.png
data_menu_practice_Off.png
.png
data_menu_practice_On.png
.png
data_menu_practice_One.png
.png
data_menu_practice_Passive.png
.png
data_menu_practice_Position.png
.png
data_menu_practice_Right.png
.png
data_menu_practice_SP.png
.png
data_menu_practice_Sit.png
.png
data_menu_practice_Stand.png
.png
data_menu_practice_State.png
.png
data_menu_practice_Stop.png
.png
data_menu_practice_Title.png
.png
data_menu_practice_Up_guard.png
.png
data_menu_practice_Weather.png
.png
data_menu_practice_WeatherTriangle.png
.png
data_menu_practice_Weather_list.png
.png
data_menu_practice_back.png
.png
data_menu_practice_front.png
.png
data_menu_practice_practice.dat
data_menu_practice_random.png
.png
data_menu_replay_Delete.png
.png
data_menu_replay_Exit.png
.png
data_menu_replay_play.png
.png
data_menu_replay_replay.dat
data_menu_result_result.dat
data_menu_select_000_1pProfile.png
.png
data_menu_select_010_2pProfile.png
.png
data_menu_select_020_1pDeck.png
.png
data_menu_select_030_2pDeck.png
.png
data_menu_select_040_1pKeyConfig.png
.png
data_menu_select_050_2pKeyConfig.png
.png
data_menu_select_060_Title.png
.png
data_menu_select_070_Exit.png
.png
data_menu_select_select.dat
data_profile_00a_NewMaking.png
.png
data_profile_01a_DeckConstruct.png
.png
data_profile_02a_KeyConfig.png
.png
data_profile_03a_Copy.png
.png
data_profile_04a_Delete.png
.png
data_profile_05a_Rename.png
.png
data_profile_06a_Exit.png
.png
data_profile_20_Name.png
.png
data_profile_deck1_00a_reimu.png
.png
data_profile_deck1_01a_marisa.png
.png
data_profile_deck1_02a_sakuya.png
.png
data_profile_deck1_03a_alice.png
.png
data_profile_deck1_04a_patchouli.png
.png
data_profile_deck1_05a_youmu.png
.png
data_profile_deck1_06a_remilia.png
.png
data_profile_deck1_07a_yuyuko.png
.png
data_profile_deck1_08a_yukari.png
.png
data_profile_deck1_09a_suika.png
.png
data_profile_deck1_10a_udonge.png
.png
data_profile_deck1_11a_aya.png
.png
data_profile_deck1_12a_komachi.png
.png
data_profile_deck1_13a_iku.png
.png
data_profile_deck1_14a_tenshi.png
.png
data_profile_deck1_15a_sanae.png
.png
data_profile_deck1_16a_chirno.png
.png
data_profile_deck1_17a_meirin.png
.png
data_profile_deck1_18a_utsuho.png
.png
data_profile_deck1_19a_suwako.png
.png
data_profile_deck1_99_exit.png
.png
data_profile_deck1_deck1.dat
data_profile_deck2_022_SkillCard000Cost.png
.png
data_profile_deck2_022_SkillCard001Cost.png
.png
data_profile_deck2_022_SkillCard002Cost.png
.png
data_profile_deck2_022_SkillCard003Cost.png
.png
data_profile_deck2_022_SkillCard004Cost.png
.png
data_profile_deck2_050_Yes.png
.png
data_profile_deck2_051_Yes.png
.png
data_profile_deck2_060_No.png
.png
data_profile_deck2_061_No.png
.png
data_profile_deck2_deck2.dat
data_profile_deck2_name_aya.png
.png
data_profile_deck2_name_chirno.png
.png
data_profile_deck2_name_komachi.png
.png
data_profile_deck2_name_meirin.png
.png
data_profile_deck2_name_tenshi.png
.png
data_profile_deck2_name_utsuho.png
.png
data_profile_keyconfig_003_menu.png
.png
data_profile_keyconfig_020_On.png
.png
data_profile_keyconfig_021_Off.png
.png
data_profile_profile.dat
data_scenario_alice_win.cv0
data_scenario_aya_win.cv0
data_scenario_chirno_000.cv0
data_scenario_chirno_001.cv0
data_scenario_chirno_002.cv0
data_scenario_chirno_003.cv0
data_scenario_chirno_004.cv0
data_scenario_chirno_ed.cv0
data_scenario_chirno_effect_StageTitle001.png
.png
data_scenario_chirno_effect_StageTitle002.png
.png
data_scenario_chirno_effect_StageTitle003.png
.png
data_scenario_chirno_effect_StageTitle004.png
.png
data_scenario_chirno_effect_StageTitle005.png
.png
data_scenario_chirno_effect_ec01_0.png
.png
data_scenario_chirno_effect_ec01_1.png
.png
data_scenario_chirno_effect_ec01_2.png
.png
data_scenario_chirno_effect_ec01_3.png
.png
data_scenario_chirno_effect_ec01_4.png
.png
data_scenario_chirno_effect_ec01_5.png
.png
data_scenario_chirno_effect_ec01_6.png
.png
data_scenario_chirno_effect_ec01_7.png
.png
data_scenario_chirno_effect_ec01_8.png
.png
data_scenario_chirno_effect_ec01_9.png
.png
data_scenario_chirno_win.cv0
data_scenario_iku_win.cv0
data_scenario_komachi_win.cv0
data_scenario_marisa_win.cv0
data_scenario_meirin_000.cv0
data_scenario_meirin_001.cv0
data_scenario_meirin_002.cv0
data_scenario_meirin_003.cv0
data_scenario_meirin_004.cv0
data_scenario_meirin_ed.cv0
data_scenario_meirin_effect_StageTitle001.png
.png
data_scenario_meirin_effect_StageTitle002.png
.png
data_scenario_meirin_effect_StageTitle003.png
.png
data_scenario_meirin_effect_StageTitle004.png
.png
data_scenario_meirin_effect_StageTitle005.png
.png
data_scenario_meirin_effect_ec02_0.png
.png
data_scenario_meirin_effect_ec02_1.png
.png
data_scenario_meirin_effect_ec02_2.png
.png
data_scenario_meirin_effect_ec02_3.png
.png
data_scenario_meirin_effect_ec02_4.png
.png
data_scenario_meirin_win.cv0
data_scenario_patchouli_win.cv0
data_scenario_reimu_win.cv0
data_scenario_remilia_win.cv0
data_scenario_sakuya_win.cv0
data_scenario_sanae_000.cv0
data_scenario_sanae_001.cv0
data_scenario_sanae_002.cv0
data_scenario_sanae_003.cv0
data_scenario_sanae_004.cv0
data_scenario_sanae_ed.cv0
data_scenario_sanae_effect_StageTitle001.png
.png
data_scenario_sanae_effect_StageTitle002.png
.png
data_scenario_sanae_effect_StageTitle003.png
.png
data_scenario_sanae_effect_StageTitle004.png
.png
data_scenario_sanae_effect_StageTitle005.png
.png
data_scenario_sanae_effect_ec00_0.png
.png
data_scenario_sanae_effect_ec00_1.png
.png
data_scenario_sanae_effect_ec00_2.png
.png
data_scenario_sanae_effect_ec00_3.png
.png
data_scenario_sanae_effect_ec00_4.png
.png
data_scenario_sanae_effect_ec00_5.png
.png
data_scenario_sanae_win.cv0
data_scenario_suika_win.cv0
data_scenario_suwako_win.cv0
data_scenario_tenshi_win.cv0
data_scenario_udonge_win.cv0
data_scenario_utsuho_win.cv0
data_scenario_youmu_win.cv0
data_scenario_yukari_win.cv0
data_scenario_yuyuko_win.cv0
data_scene_select_bg_bg.dat
data_scene_select_bg_bg_name00.png
.png
data_scene_select_bg_bg_name01.png
.png
data_scene_select_bg_bg_name02.png
.png
data_scene_select_bg_bg_name03.png
.png
data_scene_select_bg_bg_name04.png
.png
data_scene_select_bg_bg_name05.png
.png
data_scene_select_bg_bg_name10.png
.png
data_scene_select_bg_bg_name11.png
.png
data_scene_select_bg_bg_name12.png
.png
data_scene_select_bg_bg_name13.png
.png
data_scene_select_bg_bg_name14.png
.png
data_scene_select_bg_bg_name15.png
.png
data_scene_select_bg_bg_name16.png
.png
data_scene_select_bg_bg_name17.png
.png
data_scene_select_bg_bg_name18.png
.png
data_scene_select_bg_bg_name30.png
.png
data_scene_select_bg_bg_name31.png
.png
data_scene_select_bg_bg_name32.png
.png
data_scene_select_bg_bg_name33.png
.png
data_scene_select_bg_bg_name34.png
.png
data_scene_select_bg_bg_name99.png
.png
data_scene_select_character_01b_name_name_00.png
.png
data_scene_select_character_01b_name_name_01.png
.png
data_scene_select_character_01b_name_name_02.png
.png
data_scene_select_character_01b_name_name_03.png
.png
data_scene_select_character_01b_name_name_04.png
.png
data_scene_select_character_01b_name_name_05.png
.png
data_scene_select_character_01b_name_name_06.png
.png
data_scene_select_character_01b_name_name_07.png
.png
data_scene_select_character_01b_name_name_08.png
.png
data_scene_select_character_01b_name_name_09.png
.png
data_scene_select_character_01b_name_name_10.png
.png
data_scene_select_character_01b_name_name_11.png
.png
data_scene_select_character_01b_name_name_12.png
.png
data_scene_select_character_01b_name_name_13.png
.png
data_scene_select_character_01b_name_name_14.png
.png
data_scene_select_character_01b_name_name_15.png
.png
data_scene_select_character_01b_name_name_16.png
.png
data_scene_select_character_01b_name_name_17.png
.png
data_scene_select_character_01b_name_name_18.png
.png
data_scene_select_character_01b_name_name_19.png
.png
data_scene_select_character_01b_name_name_20.png
.png
data_scene_select_scenario_2_moji.png
.png
data_scene_select_scenario_easy.png
.png
data_scene_select_scenario_hard.png
.png
data_scene_select_scenario_lunatic.png
.png
data_scene_select_scenario_normal.png
.png
data_scene_staffroll_ed00_0.png
.png
data_scene_staffroll_ed00_1.png
.png
data_scene_staffroll_ed00_2.png
.png
data_scene_staffroll_ed00_3.png
.png
data_scene_staffroll_ed00_4.png
.png
data_scene_staffroll_ed01_0.png
.png
data_scene_staffroll_ed01_1.png
.png
data_scene_staffroll_ed01_2.png
.png
data_scene_staffroll_ed01_3.png
.png
data_scene_staffroll_ed01_4.png
.png
data_scene_staffroll_ed02_0.png
.png
data_scene_staffroll_ed02_1.png
.png
data_scene_staffroll_ed02_2.png
.png
data_scene_staffroll_ed02_3.png
.png
data_scene_staffroll_ed02_4.png
.png
th123e.dll
.dll windows:4 windows x86 arch:x86

c39f5fafb41a8aaa51dbcb996250d596

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

gdi32

AddFontMemResourceEx
CreateFontA
CreateFontW
DeleteObject
GetCurrentObject
GetGlyphOutlineW
SelectObject

kernel32

CreateMutexA
CreateSemaphoreA
DeleteCriticalSection
EnterCriticalSection
GetCurrentThreadId
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
ReleaseMutex
ReleaseSemaphore
SetLastError
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualProtect
WaitForSingleObject
WideCharToMultiByte

msvcrt

__dllonexit
__lc_codepage
__mb_cur_max
_errno
_iob
_setjmp
_wfopen
abort
fclose
fflush
fprintf
fputc
fputs
fread
free
fseek
ftell
fwrite
getenv
localeconv
longjmp
malloc
memchr
memcmp
memcpy
memmove
memset
pow
realloc
sprintf
strcat
strchr
strcmp
strcpy
strlen
strncpy
strstr
strtod
tolower
wcslen

shlwapi

PathRemoveFileSpecW

user32

wsprintfW

Exports

Exports

_ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeISt4pairIKSsiEEE10deallocateEPS5_j
_ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeISt4pairIKSsiEEE8allocateEjPKv
_ZN9__gnu_cxx13new_allocatorISt4pairIKSsiEE7destroyEPS3_
_ZN9__gnu_cxx13new_allocatorISt4pairIKSsiEE9constructEPS3_RKS3_
_ZNKSt3mapISsiSt4lessISsESaISt4pairIKSsiEEE8key_compEv
_ZNKSt4lessISsEclERKSsS2_
_ZNSt17_Rb_tree_iteratorISt4pairIKSsiEEmmEv
_ZNSt17_Rb_tree_iteratorISt4pairIKSsiEEppEv
_ZNSt3mapISsiSt4lessISsESaISt4pairIKSsiEEE11lower_boundERS3_
_ZNSt3mapISsiSt4lessISsESaISt4pairIKSsiEEE3endEv
_ZNSt3mapISsiSt4lessISsESaISt4pairIKSsiEEE6insertESt17_Rb_tree_iteratorIS4_ERKS4_
_ZNSt3mapISsiSt4lessISsESaISt4pairIKSsiEEEC1Ev
_ZNSt3mapISsiSt4lessISsESaISt4pairIKSsiEEED1Ev
_ZNSt3mapISsiSt4lessISsESaISt4pairIKSsiEEEixERS3_
_ZNSt4pairIKSsiEC1ERKS1_
_ZNSt4pairIKSsiEC1ERS0_RKi
_ZNSt4pairIKSsiED1Ev
_ZNSt8_Rb_treeISsSt4pairIKSsiESt10_Select1stIS2_ESt4lessISsESaIS2_EE11_M_get_nodeEv
_ZNSt8_Rb_treeISsSt4pairIKSsiESt10_Select1stIS2_ESt4lessISsESaIS2_EE11_M_put_nodeEPSt13_Rb_tree_nodeIS2_E
_ZNSt8_Rb_treeISsSt4pairIKSsiESt10_Select1stIS2_ESt4lessISsESaIS2_EE11lower_boundERS1_
_ZNSt8_Rb_treeISsSt4pairIKSsiESt10_Select1stIS2_ESt4lessISsESaIS2_EE13_Rb_tree_implIS6_Lb0EEC1ERKSaISt13_Rb_tree_nodeIS2_EERKS6_
_ZNSt8_Rb_treeISsSt4pairIKSsiESt10_Select1stIS2_ESt4lessISsESaIS2_EE14_M_create_nodeERKS2_
_ZNSt8_Rb_treeISsSt4pairIKSsiESt10_Select1stIS2_ESt4lessISsESaIS2_EE15_M_destroy_nodeEPSt13_Rb_tree_nodeIS2_E
_ZNSt8_Rb_treeISsSt4pairIKSsiESt10_Select1stIS2_ESt4lessISsESaIS2_EE16_M_insert_uniqueERKS2_
_ZNSt8_Rb_treeISsSt4pairIKSsiESt10_Select1stIS2_ESt4lessISsESaIS2_EE16_M_insert_uniqueESt17_Rb_tree_iteratorIS2_ERKS2_
_ZNSt8_Rb_treeISsSt4pairIKSsiESt10_Select1stIS2_ESt4lessISsESaIS2_EE8_M_eraseEPSt13_Rb_tree_nodeIS2_E
_ZNSt8_Rb_treeISsSt4pairIKSsiESt10_Select1stIS2_ESt4lessISsESaIS2_EE9_M_insertEPSt18_Rb_tree_node_baseSA_RKS2_
_ZNSt8_Rb_treeISsSt4pairIKSsiESt10_Select1stIS2_ESt4lessISsESaIS2_EEC1ERKS6_RKS7_
_ZNSt8_Rb_treeISsSt4pairIKSsiESt10_Select1stIS2_ESt4lessISsESaIS2_EED1Ev
_ZStltIcSt11char_traitsIcESaIcEEbRKSbIT_T0_T1_ES8_
_get_output_format
adler32
adler32_combine
crc32
crc32_combine
fclose_file_func
ferror_file_func
fill_fopen_filefunc
fopen_file_func
fread_file_func
fseek_file_func
ftell_file_func
fwrite_file_func
get_crc_table
inflate
inflateCopy
inflateEnd
inflateGetHeader
inflateInit2_
inflateInit_
inflatePrime
inflateReset
inflateSetDictionary
inflateSync
inflateSyncPoint
inflate_copyright
inflate_fast
inflate_table
png_IDAT
png_IEND
png_IHDR
png_PLTE
png_access_version_number
png_bKGD
png_build_gamma_table
png_build_grayscale_palette
png_cHRM
png_calculate_crc
png_check_chunk_name
png_check_sig
png_chunk_error
png_chunk_warning
png_combine_row
png_convert_to_rfc1123
png_crc_error
png_crc_finish
png_crc_read
png_create_info_struct
png_create_read_struct
png_create_read_struct_2
png_create_struct
png_create_struct_2
png_data_freer
png_decompress_chunk
png_default_read_data
png_destroy_info_struct
png_destroy_read_struct
png_destroy_struct
png_destroy_struct_2
png_do_background
png_do_bgr
png_do_chop
png_do_dither
png_do_expand
png_do_expand_palette
png_do_gamma
png_do_gray_to_rgb
png_do_invert
png_do_packswap
png_do_read_filler
png_do_read_interlace
png_do_read_intrapixel
png_do_read_invert_alpha
png_do_read_swap_alpha
png_do_read_transformations
png_do_rgb_to_gray
png_do_strip_filler
png_do_swap
png_do_unpack
png_do_unshift
png_error
png_free
png_free_data
png_free_default
png_gAMA
png_get_IHDR
png_get_PLTE
png_get_asm_flagmask
png_get_asm_flags
png_get_bKGD
png_get_bit_depth
png_get_cHRM
png_get_cHRM_fixed
png_get_channels
png_get_color_type
png_get_compression_buffer_size
png_get_compression_type
png_get_copyright
png_get_error_ptr
png_get_filter_type
png_get_gAMA
png_get_gAMA_fixed
png_get_hIST
png_get_header_ver
png_get_header_version
png_get_iCCP
png_get_image_height
png_get_image_width
png_get_int_32
png_get_interlace_type
png_get_io_ptr
png_get_libpng_ver
png_get_mem_ptr
png_get_mmx_bitdepth_threshold
png_get_mmx_flagmask
png_get_mmx_rowbytes_threshold
png_get_oFFs
png_get_pCAL
png_get_pHYs
png_get_pixel_aspect_ratio
png_get_pixels_per_meter
png_get_rgb_to_gray_status
png_get_rowbytes
png_get_rows
png_get_sBIT
png_get_sCAL
png_get_sPLT
png_get_sRGB
png_get_signature
png_get_tIME
png_get_tRNS
png_get_text
png_get_uint_16
png_get_uint_31
png_get_uint_32
png_get_unknown_chunks
png_get_user_chunk_ptr
png_get_user_height_max
png_get_user_transform_ptr
png_get_user_width_max
png_get_valid
png_get_x_offset_microns
png_get_x_offset_pixels
png_get_x_pixels_per_meter
png_get_y_offset_microns
png_get_y_offset_pixels
png_get_y_pixels_per_meter
png_hIST
png_handle_IEND
png_handle_IHDR
png_handle_PLTE
png_handle_as_unknown
png_handle_bKGD
png_handle_cHRM
png_handle_gAMA
png_handle_hIST
png_handle_iCCP
png_handle_oFFs
png_handle_pCAL
png_handle_pHYs
png_handle_sBIT
png_handle_sCAL
png_handle_sPLT
png_handle_sRGB
png_handle_tEXt
png_handle_tIME
png_handle_tRNS
png_handle_unknown
png_handle_zTXt
png_iCCP
png_iTXt
png_info_destroy
png_info_init
png_info_init_3
png_init_io
png_init_read_transformations
png_libpng_ver
png_malloc
png_malloc_default
png_malloc_warn
png_memcpy_check
png_memset_check
png_mmx_support
png_oFFs
png_pCAL
png_pHYs
png_pass_dsp_mask
png_pass_inc
png_pass_mask
png_pass_start
png_pass_yinc
png_pass_ystart
png_permit_empty_plte
png_permit_mng_features
png_read_data
png_read_destroy
png_read_end
png_read_filter_row
png_read_finish_row
png_read_image
png_read_info
png_read_init
png_read_init_2
png_read_init_3
png_read_png
png_read_row
png_read_rows
png_read_start_row
png_read_transform_info
png_read_update_info
png_reset_crc
png_reset_zstream
png_sBIT
png_sCAL
png_sPLT
png_sRGB
png_set_IHDR
png_set_PLTE
png_set_add_alpha
png_set_asm_flags
png_set_bKGD
png_set_background
png_set_bgr
png_set_cHRM
png_set_cHRM_fixed
png_set_compression_buffer_size
png_set_crc_action
png_set_dither
png_set_error_fn
png_set_expand
png_set_expand_gray_1_2_4_to_8
png_set_filler
png_set_gAMA
png_set_gAMA_fixed
png_set_gamma
png_set_gray_1_2_4_to_8
png_set_gray_to_rgb
png_set_hIST
png_set_iCCP
png_set_interlace_handling
png_set_invalid
png_set_invert_alpha
png_set_invert_mono
png_set_keep_unknown_chunks
png_set_mem_fn
png_set_mmx_thresholds
png_set_oFFs
png_set_pCAL
png_set_pHYs
png_set_packing
png_set_packswap
png_set_palette_to_rgb
png_set_read_fn
png_set_read_status_fn
png_set_read_user_chunk_fn
png_set_read_user_transform_fn
png_set_rgb_to_gray
png_set_rgb_to_gray_fixed
png_set_rows
png_set_sBIT
png_set_sCAL
png_set_sPLT
png_set_sRGB
png_set_sRGB_gAMA_and_cHRM
png_set_shift
png_set_sig_bytes
png_set_strip_16
png_set_strip_alpha
png_set_strip_error_numbers
png_set_swap
png_set_swap_alpha
png_set_tIME
png_set_tRNS
png_set_tRNS_to_alpha
png_set_text
png_set_text_2
png_set_unknown_chunk_location
png_set_unknown_chunks
png_set_user_limits
png_set_user_transform_info
png_sig
png_sig_cmp
png_start_read_image
png_tEXt
png_tIME
png_tRNS
png_warning
png_zTXt
png_zalloc
png_zfree
read_table
unzClose
unzCloseCurrentFile
unzGetCurrentFileInfo
unzGetFilePos
unzGetGlobalComment
unzGetGlobalInfo
unzGetLocalExtrafield
unzGetOffset
unzGoToFilePos
unzGoToFirstFile
unzGoToNextFile
unzLocateFile
unzOpen
unzOpen2
unzOpenCurrentFile
unzOpenCurrentFile2
unzOpenCurrentFile3
unzOpenCurrentFilePassword
unzReadCurrentFile
unzSetOffset
unzStringFileNameCompare
unz_copyright
unzeof
unztell
zError
z_errmsg
zcalloc
zcfree
zlibCompileFlags
zlibVersion

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
th123e.exe
.exe windows:4 windows x86 arch:x86

c9bec4cb37df589cec459d9031a168a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateProcessW
CreateRemoteThread
ExitProcess
FlushInstructionCache
GetExitCodeThread
GetFileAttributesExW
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetThreadContext
OpenProcess
ResumeThread
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
VirtualAllocEx
VirtualFreeEx
WaitForSingleObject
WriteProcessMemory
lstrcatW

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
atexit
memcpy
memset
signal

shlwapi

PathRemoveFileSpecW

user32

MessageBoxA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 52B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
th123e_readme.txt
uninstall_th123e.exe
.exe windows:4 windows x86 arch:x86

bf95d1fc1d10de18b32654b123ad5e1f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
lstrcpynA
CloseHandle
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
CreateFileW
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrlenW

user32

ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 1.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/BITMAP/110.bmp
.rsrc/DIALOG/103
.rsrc/DIALOG/104
.rsrc/DIALOG/105
.rsrc/DIALOG/106
.rsrc/DIALOG/107
.rsrc/DIALOG/111
.rsrc/GROUP_ICON/103
.rsrc/ICON/1.ico
.rsrc/ICON/2.ico
.rsrc/ICON/3.ico
.rsrc/ICON/4.ico
.rsrc/ICON/5.ico
.rsrc/ICON/6.ico
.rsrc/ICON/7.ico
.rsrc/MANIFEST/1
.xml
.text

Sharing

General

Malware Config

Signatures

Files

bf95d1fc1d10de18b32654b123ad5e1f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 452KB

.ndata Size: - Virtual size: 1.4MB

.rsrc Size: 18KB - Virtual size: 18KB

bd0c5e2173fde31d22cb05fc3c2a33dc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 1024B - Virtual size: 848B

.data Size: - Virtual size: 56B

.reloc Size: 512B - Virtual size: 502B

64c2fa30732f757c1ae944c5208636c0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: - Virtual size: 68B

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 512B - Virtual size: 450B

c39f5fafb41a8aaa51dbcb996250d596

Headers

File Characteristics

Imports

gdi32

kernel32

msvcrt

shlwapi

user32

Exports

Exports

Sections

.text Size: 163KB - Virtual size: 163KB

.data Size: 24KB - Virtual size: 24KB

.rdata Size: 29KB - Virtual size: 29KB

.bss Size: - Virtual size: 2KB

.edata Size: 11KB - Virtual size: 10KB

.idata Size: 2KB - Virtual size: 2KB

.reloc Size: 5KB - Virtual size: 5KB

c9bec4cb37df589cec459d9031a168a9

Headers

File Characteristics

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 452KB

.ndata
Size: - Virtual size: 1.4MB

.rsrc
Size: 18KB - Virtual size: 18KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 1024B - Virtual size: 848B

.data
Size: - Virtual size: 56B

.reloc
Size: 512B - Virtual size: 502B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: - Virtual size: 68B

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 512B - Virtual size: 450B

.text
Size: 163KB - Virtual size: 163KB

.data
Size: 24KB - Virtual size: 24KB

.rdata
Size: 29KB - Virtual size: 29KB

.bss
Size: - Virtual size: 2KB

.edata
Size: 11KB - Virtual size: 10KB

.idata
Size: 2KB - Virtual size: 2KB

.reloc
Size: 5KB - Virtual size: 5KB

.text
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 20B

.rdata
Size: 1024B - Virtual size: 824B

.bss
Size: - Virtual size: 52B

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 940B

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 452KB

.ndata
Size: - Virtual size: 1.4MB

.rsrc
Size: 18KB - Virtual size: 18KB