17e93a0e9220cc3271550e921b7cbdd7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

17e93a0e9220cc3271550e921b7cbdd7_JaffaCakes118
Size

4.0MB
MD5

17e93a0e9220cc3271550e921b7cbdd7
SHA1

749e30e7b469ecf6816d0cec563d9914e0df72e5
SHA256

4bea5d7b035af332299f068daf2de39cf77abea5642c4b73a81aea0d754e753b
SHA512

900d2c88f33aa024c3c9a62304631c33825298e0f2ffc54918ddcd175597b34c3a7241b1369ea13fafb0576136a033038676e435a9ed795eb7d740ceee8c7422
SSDEEP

98304:871SP00b2Db98+dqK2ctrLSifImt1JWywgL9R:8Rs4DbddRrOifltjbwgJR

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/Windows小秘书1.3/iehome.exe	aspack_v212_v242

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Windows小秘书1.3/ProductInfo.dll
unpack001/Windows小秘书1.3/SkinPPBCB.dll
unpack001/Windows小秘书1.3/WindowsHelper.exe
unpack001/Windows小秘书1.3/iehome.exe

Files

17e93a0e9220cc3271550e921b7cbdd7_JaffaCakes118
.rar
Windows小秘书1.3/AlarmClockSound/AlarmClock.mp3
Windows小秘书1.3/PixOS.ssk
.zip
PixOS.uis
pixosClassicHelpButton.tga
pixosClassicMinButton.tga
pixosHelpButton.tga
pixosMenuBackground1.bmp
pixosMenuBarBack.bmp
pixosMenuBarItem.bmp
pixosProgressBar.bmp
pixosWindowFrameBottomUis2.bmp
pixosWindowFrameLeftUis2.bmp
pixosWindowFrameRightUis2.bmp
pixosWindowFrameTopUis2.bmp
pixoscheckboxnew.tga
pixosclassicclosebutton.tga
pixosclassicclosebuttonglyph.bmp
pixosclassicmaxbutton.tga
pixosclassicmaxbuttonglyph.bmp
pixosclassicrestorebutton.tga
pixosclassicrestorebuttonglyph.bmp
pixosclosetoolbutton.tga
pixosclosetoolbuttonglyph.bmp
pixoscomboboxdropdownbutton.bmp
pixoscomboboxdropdownglyph.tga
pixosextraimages.bmp
pixosgroupboxedge.bmp
pixoslistviewheader.bmp
pixosmdibuttonsuis1.bmp
pixosmenubackground.bmp
pixosmenuitem.tga
pixospushbutton.tga
pixosradiobuttonnew.tga
pixosrebar.bmp
pixosrebargripper.bmp
pixosscrollbararrows.bmp
pixosscrollbararrowsglyph.bmp
pixosscrollbarshafthorz.bmp
pixosscrollbarshaftvert.bmp
pixosscrollbarthumbbtnhorz.bmp
pixosscrollbarthumbbtnvert.bmp
pixosspinupdownhorizontal.bmp
pixosspinupdownhorizontalglyph.bmp
pixosspinupdownvertical.bmp
pixosspinupdownverticalglyph.bmp
pixosstatusbar.bmp
pixosstatuspane.bmp
pixossunkedge.bmp
pixostabitem.tga
pixostabitem_bottom.tga
pixostableft.tga
pixostabpane.bmp
pixostabpane_bottom.bmp
pixostabpane_left.bmp
pixostabpane_right.bmp
pixostabright.tga
pixostoolbarbutton.tga
pixostrackbarthumbdown.tga
pixostrackbarthumbhorz.tga
pixostrackbarthumbleft.tga
pixostrackbarthumbright.tga
pixostrackbarthumbup.tga
pixostrackbarthumbvert.tga
pixostrackbartrack.bmp
pixostrackbartrackvert.bmp
pixoswindowframetoolcaption.bmp
pixoswindowframetoolhorizontal.bmp
pixoswindowframetoolvertical.bmp
pixoswindowmincaption.bmp
Windows小秘书1.3/ProductInfo.dll
.dll windows:4 windows x86 arch:x86

75c9da2a69774aff9d523302feda7dd3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegFlushKey
RegOpenKeyExW
RegQueryValueExW

kernel32

CloseHandle
CompareStringW
CreateEventW
CreateFileA
CreateFileW
CreateThread
DeleteCriticalSection
DeleteFileA
DeleteFileW
EnterCriticalSection
EnumCalendarInfoA
ExitProcess
ExitThread
FindClose
FindFirstFileW
FindResourceW
FormatMessageW
FreeEnvironmentStringsA
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCommandLineW
GetComputerNameW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDiskFreeSpaceW
GetEnvironmentStrings
GetExitCodeThread
GetFileAttributesA
GetFileAttributesW
GetFileSize
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultLangID
GetSystemInfo
GetTempPathW
GetThreadLocale
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExA
GetVersionExW
GlobalAddAtomW
GlobalDeleteAtom
GlobalFindAtomW
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
IsDBCSLeadByteEx
IsDebuggerPresent
IsValidLocale
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LoadResource
LockResource
MulDiv
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ResetEvent
ResumeThread
RtlUnwind
SetConsoleCtrlHandler
SetEndOfFile
SetErrorMode
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetThreadLocale
SignalObjectAndWait
SizeofResource
Sleep
SwitchToThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
VirtualQueryEx
WaitForMultipleObjectsEx
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStringW
lstrcpyW
lstrcpynW
lstrlenW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

comctl32

FlatSB_GetScrollInfo
FlatSB_GetScrollPos
FlatSB_SetScrollInfo
FlatSB_SetScrollPos
FlatSB_SetScrollProp
ImageList_Add
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Read
ImageList_Remove
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_Write
InitializeFlatSB
_TrackMouseEvent

gdi32

BitBlt
CreateBitmap
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreateDIBitmap
CreateFontIndirectW
CreateHalftonePalette
CreatePalette
CreatePenIndirect
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
ExcludeClipRect
FrameRgn
GetBitmapBits
GetBrushOrgEx
GetClipBox
GetCurrentPositionEx
GetDCOrgEx
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetObjectW
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextExtentPoint32W
GetTextMetricsW
GetWindowOrgEx
IntersectClipRect
LineTo
MaskBlt
MoveToEx
PatBlt
RealizePalette
RectVisible
RestoreDC
SaveDC
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetPixel
SetROP2
SetStretchBltMode
SetTextColor
SetViewportOrgEx
SetWindowOrgEx
StretchBlt
UnrealizeObject

msimg32

AlphaBlend

user32

ActivateKeyboardLayout
AdjustWindowRectEx
BeginPaint
CallNextHookEx
CallWindowProcW
CharLowerW
CharNextW
CharToOemW
CharUpperBuffW
CheckMenuItem
ClientToScreen
CreateIcon
CreateMenu
CreatePopupMenu
CreateWindowExW
DefFrameProcW
DefMDIChildProcW
DefWindowProcW
DeleteMenu
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageA
DispatchMessageW
DrawEdge
DrawFrameControl
DrawIcon
DrawIconEx
DrawMenuBar
DrawTextExW
DrawTextW
EnableMenuItem
EnableScrollBar
EnableWindow
EndPaint
EnumChildWindows
EnumThreadWindows
EnumWindows
FillRect
FindWindowExW
FindWindowW
FrameRect
GetActiveWindow
GetCapture
GetClassInfoW
GetClassLongW
GetClientRect
GetCursor
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyNameTextW
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardLayoutNameW
GetKeyboardState
GetKeyboardType
GetLastActivePopup
GetMenu
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMenuState
GetMenuStringW
GetMessagePos
GetParent
GetPropW
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetTopWindow
GetWindow
GetWindowDC
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextW
GetWindowThreadProcessId
InflateRect
InsertMenuItemW
InsertMenuW
IntersectRect
InvalidateRect
IsChild
IsDialogMessageA
IsDialogMessageW
IsIconic
IsWindow
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapW
LoadCursorW
LoadIconW
LoadKeyboardLayoutW
LoadStringW
MapVirtualKeyW
MapWindowPoints
MessageBoxA
MessageBoxW
MsgWaitForMultipleObjects
MsgWaitForMultipleObjectsEx
OffsetRect
PeekMessageA
PeekMessageW
PostMessageW
PostQuitMessage
RedrawWindow
RegisterClassW
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropW
ScreenToClient
ScrollWindow
SendMessageA
SendMessageW
SetActiveWindow
SetCapture
SetClassLongW
SetCursor
SetFocus
SetForegroundWindow
SetMenu
SetMenuItemInfoW
SetParent
SetPropW
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowsHookExW
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoW
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnregisterClassW
UpdateWindow
WaitMessage
WindowFromPoint
wsprintfA

ole32

OleInitialize
OleUninitialize

oleaut32

SafeArrayCreate
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex
SysAllocStringLen
SysFreeString
SysReAllocStringLen
VariantChangeType
VariantClear
VariantCopy
VariantInit

Exports

Exports

@@Download@Finalize
@@Download@Initialize
@DownLoadProductImage$qqsrx20System@UnicodeStringt1
@GetProductInfo$qqsrx20System@UnicodeString
_Product
___CPPdebugHook

Sections

.text
Size: 908KB - Virtual size: 908KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 63KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows小秘书1.3/RubbishClear.bat
Windows小秘书1.3/SkinPPBCB.dll
.dll windows:4 windows x86 arch:x86

eaacb33cbfb37513e5642306fffe0c1a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord5781
ord6170
ord6194
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord2725
ord3953
ord1168
ord800
ord823
ord2764
ord537
ord641
ord2513
ord293
ord3573
ord540
ord3663
ord3626
ord2414
ord2753
ord2713
ord2567
ord2243
ord4129
ord2763
ord2919
ord2380
ord4023
ord809
ord556
ord5875
ord4297
ord4133
ord5787
ord5788
ord3693
ord2864
ord2860
ord1644
ord2455
ord2438
ord3654
ord2584
ord4220
ord1270
ord2859
ord2452
ord3706
ord5590
ord3643
ord4185
ord696
ord394
ord909
ord5628
ord3435
ord922
ord924
ord939
ord5710
ord858
ord2044
ord5834
ord6394
ord6383
ord5440
ord5450
ord535
ord2714
ord2107
ord2818
ord2841
ord941
ord860
ord1116
ord1176
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord826
ord269
ord4274
ord5572
ord2915
ord665
ord1979
ord5442
ord353
ord3619
ord1641
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord6172
ord5873
ord5789
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord640
ord1640
ord323
ord3920
ord3571
ord2405
ord2754
ord5785
ord4204
ord2450
ord2448

msvcrt

_strcmpi
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_adjust_fdiv
_onexit
__dllonexit
_CxxThrowException
getc
fputc
fflush
sprintf
toupper
_except_handler3
fseek
ftell
fread
fopen
fwrite
realloc
strncpy
_mbsstr
_mbsnbcpy
gmtime
strstr
calloc
memchr
fclose
strchr
ceil
floor
malloc
free
_purecall
atoi
memmove
_mbscmp
_mbsicmp
wcsncpy
_ftol
__RTDynamicCast
__CxxFrameHandler
_initterm

kernel32

LocalAlloc
LocalFree
FlushInstructionCache
VirtualProtect
SetLastError
UnmapViewOfFile
WriteFile
SetFileTime
CreateDirectoryA
lstrcpyA
DosDateTimeToFileTime
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
CloseHandle
CreateFileA
GetCurrentProcess
DuplicateHandle
GetFileType
SetFilePointer
MulDiv
GetVersionExA
lstrcmpA
GetTempPathA
DeleteFileA
lstrlenA
lstrcmpiA
GetCurrentThreadId
lstrlenW
WideCharToMultiByte
IsBadStringPtrA
GetVersion
GetProcAddress
FreeLibrary
FindFirstFileA
FindClose
GetModuleHandleA
GetModuleFileNameA
FindResourceA
LoadResource
SizeofResource
GlobalAlloc
GlobalLock
LockResource
GlobalUnlock
GlobalFree
LoadLibraryA

user32

IsIconic
GetWindowInfo
EnableMenuItem
ShowWindow
SetActiveWindow
EnableWindow
DestroyWindow
SetWindowTextA
GetMenuState
GetMenuItemRect
MenuItemFromPoint
GetMenuDefaultItem
GetMenuCheckMarkDimensions
DestroyMenu
SystemParametersInfoA
UnionRect
RemoveMenu
GetForegroundWindow
GetSystemMenu
DestroyIcon
GetMessagePos
KillTimer
SetTimer
IntersectRect
MoveWindow
SetCursor
LoadCursorA
ReleaseCapture
GetFocus
SetFocus
SetCapture
GetAsyncKeyState
CreateIconIndirect
SetRect
SendMessageTimeoutA
GetDesktopWindow
DrawIconEx
IsMenu
CreatePopupMenu
IsZoomed
AppendMenuA
SetMenuItemInfoA
SetWindowRgn
UpdateWindow
IsWindowVisible
GetCapture
GetMenuStringA
SetWindowPos
ClientToScreen
MapWindowPoints
IsWindowUnicode
GetMenuItemCount
GetMenuItemInfoA
LoadImageA
LoadCursorFromFileA
CallNextHookEx
GetDlgCtrlID
SetClassLongA
FindWindowExA
GetDlgItem
GetWindowTextA
PostMessageA
SetWindowsHookExA
UnhookWindowsHookEx
ScreenToClient
IsWindowEnabled
GetWindowRect
GetParent
EqualRect
GrayStringA
TabbedTextOutA
IsRectEmpty
MessageBoxA
SetPropA
GetSysColor
IsWindow
SetRectEmpty
GetClientRect
InvalidateRect
RemovePropA
GetMenuItemID
GetClassNameA
WindowFromDC
DrawStateA
SendMessageW
DrawFocusRect
GetPropA
SetWindowLongA
GetCursorPos
PtInRect
InflateRect
LoadBitmapA
CallWindowProcW
CallWindowProcA
EndPaint
BeginPaint
GetSubMenu
CheckMenuItem
DrawEdge
FrameRect
ModifyMenuW
ModifyMenuA
CreateWindowExA
ReleaseDC
GetWindowDC
GetDCEx
GetDC
FillRect
SetMenu
GetMenu
DrawTextW
TrackPopupMenuEx
TrackPopupMenu
InsertMenuW
InsertMenuA
InsertMenuItemW
InsertMenuItemA
DeleteMenu
DrawFrameControl
GetClassLongA
GetSysColorBrush
ShowScrollBar
SetScrollRange
SetScrollPos
SetScrollInfo
GetScrollRange
GetScrollPos
GetScrollInfo
EnableScrollBar
CopyRect
OffsetRect
DrawTextA
SendMessageA
RedrawWindow
GetSystemMetrics
GetWindow
GetWindowLongA

gdi32

ExtTextOutA
ExtTextOutW
Rectangle
BitBlt
SetBkColor
CreatePen
CreateBrushIndirect
IntersectClipRect
CreateCompatibleDC
DeleteDC
DeleteObject
CreateCompatibleBitmap
ExcludeClipRect
GetTextColor
GetClipBox
PtVisible
RectVisible
Escape
GetPixel
CreateSolidBrush
CombineRgn
GetTextExtentPointW
StretchBlt
SetStretchBltMode
CreateBitmap
GetObjectA
SetPixelV
CreateDIBSection
ExtCreateRegion
GetDIBits
CreateICA
GetDeviceCaps
SetPixel
RoundRect
OffsetRgn
GetRegionData
CreateRectRgn
GetNearestColor
CreateDIBitmap
RealizePalette
SetDIBitsToDevice
ExtSelectClipRgn
StretchDIBits
RestoreDC
SelectClipRgn
SaveDC
GetCharWidthA
CreateFontA
PlgBlt
SetBoundsRect
GetCurrentObject
GetBkMode
GetBkColor
GetTextExtentPointA
SetTextAlign
GetWindowOrgEx
GetTextExtentPoint32A
GetViewportOrgEx
SetViewportOrgEx
SetTextColor
SelectObject
CreateFontIndirectA
SetBkMode
CreateRectRgnIndirect
TextOutA

comdlg32

GetOpenFileNameA

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA

shell32

ShellExecuteA

comctl32

ImageList_Destroy
ImageList_Draw
ImageList_GetImageInfo
ImageList_Duplicate
_TrackMouseEvent
ImageList_GetIcon
ImageList_GetIconSize

msvcp60

?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADXZ
?_Xran@std@@YAXXZ
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z

Exports

Exports

sppColorize
sppDrawSkinBitmap
sppDrawSkinImage
sppExitSkin
sppGetDefaultSysColor
sppGetFreeWindowID
sppGetHookAPI
sppGetHookAPIStyle
sppGetSkinSysColor
sppGetSystemMetrics
sppGetWindowResID
sppInitializeSkin
sppLoadSkin
sppLoadSkinFromRes
sppModifyHookAPIStyle
sppRemoveSkin
sppRemoveSkinHwnd
sppSelectSkin
sppSetButtonTooltip
sppSetCustSysBtnStatus
sppSetCustSysBtnVisible
sppSetCustomDraw
sppSetDialogBkClipRgn
sppSetDialogEraseBkgnd
sppSetFreeWindowID
sppSetHookAPI
sppSetHookMessage
sppSetListHeaderSortInfo
sppSetNoSkinHwnd
sppSetRedraw
sppSetRgnEnable
sppSetSkinHwnd
sppSetTabCtrlItemsStatus
sppSetTabCtrlPosition
sppSetWindowResID
sppValidateDevTools

Sections

.text
Size: 480KB - Virtual size: 478KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Windows小秘书1.3/TimeSound/0.wav
Windows小秘书1.3/TimeSound/1.wav
Windows小秘书1.3/TimeSound/10.wav
Windows小秘书1.3/TimeSound/11.wav
Windows小秘书1.3/TimeSound/12.wav
Windows小秘书1.3/TimeSound/2.wav
Windows小秘书1.3/TimeSound/3.wav
Windows小秘书1.3/TimeSound/30.wav
Windows小秘书1.3/TimeSound/4.wav
Windows小秘书1.3/TimeSound/5.wav
Windows小秘书1.3/TimeSound/6.wav
Windows小秘书1.3/TimeSound/7.wav
Windows小秘书1.3/TimeSound/8.wav
Windows小秘书1.3/TimeSound/9.wav
Windows小秘书1.3/TimeSound/AM0.wav
Windows小秘书1.3/TimeSound/AM1.wav
Windows小秘书1.3/TimeSound/EM.wav
Windows小秘书1.3/TimeSound/MIN.wav
Windows小秘书1.3/TimeSound/PM.wav
Windows小秘书1.3/TimeSound/POINT.wav
Windows小秘书1.3/TimeSound/TIMENOW.wav
Windows小秘书1.3/WindowsHelper.exe
.exe windows:4 windows x86 arch:x86

d24d02fb39ae25bb92b66b72b8dabfa8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

productinfo

@GetProductInfo$qqsrx20System@UnicodeString

rasapi32

RasDialA

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegFlushKey
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW

kernel32

CloseHandle
CompareStringW
CreateEventW
CreateFileA
CreateFileW
CreateThread
DebugBreak
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
EnumCalendarInfoA
ExitProcess
ExitThread
FindClose
FindFirstFileW
FindResourceW
FormatMessageA
FormatMessageW
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetComputerNameW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDiskFreeSpaceW
GetEnvironmentStrings
GetExitCodeThread
GetFileAttributesA
GetFileAttributesW
GetFileSize
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultLangID
GetSystemInfo
GetTempPathW
GetThreadLocale
GetTickCount
GetUserDefaultLCID
GetVersion
GetVersionExA
GetVersionExW
GlobalAddAtomW
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomW
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalSize
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
IsDBCSLeadByteEx
IsDebuggerPresent
IsValidLocale
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalFree
LockResource
MulDiv
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ResetEvent
ResumeThread
RtlUnwind
SetConsoleCtrlHandler
SetEndOfFile
SetErrorMode
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetSystemPowerState
SetThreadLocale
SignalObjectAndWait
SizeofResource
Sleep
SwitchToThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
VirtualQueryEx
WaitForMultipleObjectsEx
WaitForSingleObject
WideCharToMultiByte
WinExec
WriteFile
WritePrivateProfileStringW
lstrcpyW
lstrcpynA
lstrcpynW
lstrlenW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

comctl32

FlatSB_GetScrollInfo
FlatSB_GetScrollPos
FlatSB_SetScrollInfo
FlatSB_SetScrollPos
FlatSB_SetScrollProp
ImageList_Add
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_Draw
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Read
ImageList_Remove
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_Write
ord17
InitializeFlatSB
_TrackMouseEvent

comdlg32

GetOpenFileNameW

gdi32

BitBlt
CloseEnhMetaFile
CopyEnhMetaFileW
CreateBitmap
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreateDIBitmap
CreateEnhMetaFileW
CreateFontIndirectW
CreateHalftonePalette
CreatePalette
CreatePenIndirect
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteEnhMetaFile
DeleteObject
ExcludeClipRect
ExtCreatePen
ExtTextOutW
FrameRgn
GdiFlush
GetBitmapBits
GetBrushOrgEx
GetClipBox
GetCurrentPositionEx
GetDCOrgEx
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetEnhMetaFileBits
GetEnhMetaFileDescriptionW
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetNearestPaletteIndex
GetObjectW
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextExtentPoint32W
GetTextExtentPointW
GetTextMetricsW
GetWinMetaFileBits
GetWindowOrgEx
IntersectClipRect
LPtoDP
LineTo
MaskBlt
MoveToEx
PatBlt
PlayEnhMetaFile
PolyPolyline
Polyline
RealizePalette
RectVisible
Rectangle
ResizePalette
RestoreDC
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetEnhMetaFileBits
SetMapMode
SetPaletteEntries
SetPixel
SetROP2
SetStretchBltMode
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWinMetaFileBits
SetWindowExtEx
SetWindowOrgEx
StretchBlt
StretchDIBits
UnrealizeObject

msimg32

AlphaBlend

shell32

ShellExecuteA
Shell_NotifyIconW

user32

ActivateKeyboardLayout
AdjustWindowRectEx
BeginPaint
CallNextHookEx
CallWindowProcW
CharLowerBuffW
CharLowerW
CharNextW
CharToOemW
CharUpperBuffW
CheckMenuItem
ClientToScreen
CloseClipboard
CreateCaret
CreateIcon
CreateMenu
CreatePopupMenu
CreateWindowExW
DefFrameProcW
DefMDIChildProcW
DefWindowProcW
DeleteMenu
DestroyCaret
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageA
DispatchMessageW
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIcon
DrawIconEx
DrawMenuBar
DrawTextExW
DrawTextW
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
EndPaint
EnumChildWindows
EnumClipboardFormats
EnumThreadWindows
EnumWindows
ExitWindowsEx
FillRect
FindWindowA
FindWindowExW
FindWindowW
FrameRect
GetActiveWindow
GetCapture
GetCaretPos
GetClassInfoW
GetClassLongW
GetClientRect
GetClipboardData
GetCursor
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetDlgItem
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyNameTextW
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardLayoutNameW
GetKeyboardState
GetKeyboardType
GetLastActivePopup
GetMenu
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMenuState
GetMenuStringW
GetMessagePos
GetMessageTime
GetParent
GetPropW
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetTopWindow
GetWindow
GetWindowDC
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextW
GetWindowThreadProcessId
InflateRect
InsertMenuItemW
InsertMenuW
IntersectRect
InvalidateRect
IsCharAlphaNumericW
IsCharAlphaW
IsChild
IsDialogMessageA
IsDialogMessageW
IsIconic
IsWindow
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapW
LoadCursorW
LoadIconW
LoadKeyboardLayoutW
LoadStringW
MapVirtualKeyW
MapWindowPoints
MessageBeep
MessageBoxA
MessageBoxW
MsgWaitForMultipleObjects
MsgWaitForMultipleObjectsEx
OffsetRect
OpenClipboard
PeekMessageA
PeekMessageW
PostMessageW
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassW
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropW
ScreenToClient
ScrollWindow
ScrollWindowEx
SendMessageA
SendMessageW
SetActiveWindow
SetCapture
SetCaretPos
SetClassLongW
SetClipboardData
SetCursor
SetFocus
SetForegroundWindow
SetKeyboardState
SetMenu
SetMenuItemInfoW
SetParent
SetPropW
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowTextW
SetWindowsHookExA
SetWindowsHookExW
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoA
SystemParametersInfoW
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnregisterClassW
UpdateWindow
ValidateRect
WaitMessage
WindowFromPoint
wsprintfA

winmm

mciGetErrorStringW
mciSendCommandW

ole32

CLSIDFromString
CoCreateInstance
CoGetClassObject
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CreateStreamOnHGlobal
IsAccelerator
IsEqualGUID
OleDraw
OleInitialize
OleSetMenuDescriptor
OleUninitialize
ProgIDFromCLSID
StringFromCLSID

oleaut32

GetActiveObject
GetErrorInfo
SafeArrayCreate
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex
SysAllocStringLen
SysFreeString
SysReAllocStringLen
VariantChangeType
VariantClear
VariantCopy
VariantInit

Exports

Exports

@$xp$15Pngimage@TChunk
@$xp$16Pngimage@TFilter
@$xp$17Pngimage@TFilters
@$xp$17Pngimage@TPNGList
@$xp$18Pngimage@EPngError
@$xp$18Pngimage@TPngImage
@$xp$18Pngimage@TUnitType
@$xp$19Pngimage@TChunkIDAT
@$xp$19Pngimage@TChunkIEND
@$xp$19Pngimage@TChunkIHDR
@$xp$19Pngimage@TChunkPLTE
@$xp$19Pngimage@TChunkgAMA
@$xp$19Pngimage@TChunkpHYs
@$xp$19Pngimage@TChunktEXt
@$xp$19Pngimage@TChunktIME
@$xp$19Pngimage@TChunktRNS
@$xp$19Pngimage@TChunkzTXt
@$xp$20Pngimage@Pngimage__1
@$xp$22Pngimage@EPNGNotExists
@$xp$22Pngimage@EPNGOutMemory
@$xp$22Pngimage@EPNGZLIBError
@$xp$23Pngimage@EPngInvalidCRC
@$xp$24Pngimage@EPNGInvalidSpec
@$xp$24Pngimage@EPNGNoImageData
@$xp$24Pngimage@EPNGSizeExceeds
@$xp$24Pngimage@EPngInvalidIHDR
@$xp$24Pngimage@TPNGPointerList
@$xp$25Pngimage@EPNGIHDRNotFirst
@$xp$25Pngimage@TInterlaceMethod
@$xp$26Pngimage@EPngUnexpectedEnd
@$xp$26Pngimage@TCompressionLevel
@$xp$26Shdocvw_tlb@TCppWebBrowser
@$xp$27Pngimage@EPNGInvalidNewSize
@$xp$27Pngimage@EPNGInvalidPalette
@$xp$27Pngimage@EPNGMissingPalette
@$xp$28Shdocvw_tlb@TCppShellWindows
@$xp$29Pngimage@EPNGHeaderNotPresent
@$xp$29Pngimage@EPNGUnknownInterlace
@$xp$29Pngimage@TPNGTransparencyMode
@$xp$29Shdocvw_tlb@TCppShellUIHelper
@$xp$30Pngimage@EPNGInvalidFileHeader
@$xp$31Pngimage@EPNGUnknownCompression
@$xp$32Pngimage@EPNGMissingMultipleIDAT
@$xp$32Shdocvw_tlb@TCppInternetExplorer
@$xp$32Shdocvw_tlb@TShellShellNameSpace
@$xp$33Pngimage@EPNGCouldNotLoadResource
@$xp$33Pngimage@EPNGUnknownCriticalChunk
@$xp$36Pngimage@EPNGCannotChangeTransparent
@$xp$36Shdocvw_tlb@TShellFavoritesNameSpace
@$xp$ynpqqrp14System@TObject$v
@@Disbleprocess@Finalize
@@Disbleprocess@Initialize
@@Logohint@Finalize
@@Logohint@Initialize
@@Main@Finalize
@@Main@Initialize
@@Memorandum@Finalize
@@Memorandum@Initialize
@@Netstatethread@Finalize
@@Netstatethread@Initialize
@@Optimizationsystem@Finalize
@@Optimizationsystem@Initialize
@@Shdocvw_ocx@Finalize
@@Shdocvw_ocx@Initialize
@@Shdocvw_tlb@Finalize
@@Shdocvw_tlb@Initialize
@@Shutdowncomputer@Finalize
@@Shutdowncomputer@Initialize
@@Systeminfo@Finalize
@@Systeminfo@Initialize
@@Unit1@Finalize
@@Unit1@Initialize
@@Weather@Finalize
@@Weather@Initialize
@Pngimage@ByteSwap$qqrxi
@Pngimage@EPNGCannotChangeTransparent@
@Pngimage@EPNGCouldNotLoadResource@
@Pngimage@EPNGHeaderNotPresent@
@Pngimage@EPNGIHDRNotFirst@
@Pngimage@EPNGInvalidFileHeader@
@Pngimage@EPNGInvalidNewSize@
@Pngimage@EPNGInvalidPalette@
@Pngimage@EPNGInvalidSpec@
@Pngimage@EPNGMissingMultipleIDAT@
@Pngimage@EPNGMissingPalette@
@Pngimage@EPNGNoImageData@
@Pngimage@EPNGNotExists@
@Pngimage@EPNGOutMemory@
@Pngimage@EPNGSizeExceeds@
@Pngimage@EPNGUnknownCompression@
@Pngimage@EPNGUnknownCriticalChunk@
@Pngimage@EPNGUnknownInterlace@
@Pngimage@EPNGZLIBError@
@Pngimage@EPngError@
@Pngimage@EPngInvalidCRC@
@Pngimage@EPngInvalidIHDR@
@Pngimage@EPngUnexpectedEnd@
@Pngimage@Finalization$qqrv
@Pngimage@RegisterChunk$qqrp17System@TMetaClass
@Pngimage@TChunk@
@Pngimage@TChunk@$bctr$qqrp18Pngimage@TPngImage
@Pngimage@TChunk@$bdtr$qqrv
@Pngimage@TChunk@Assign$qqrp15Pngimage@TChunk
@Pngimage@TChunk@GetChunkName$qqrv
@Pngimage@TChunk@GetHeader$qqrv
@Pngimage@TChunk@GetIndex$qqrv
@Pngimage@TChunk@GetName$qqrv
@Pngimage@TChunk@LoadFromStream$qqrp15Classes@TStreamx27System@%StaticArray$ci$i4$%i
@Pngimage@TChunk@ResizeData$qqrxui
@Pngimage@TChunk@SaveData$qqrp15Classes@TStream
@Pngimage@TChunk@SaveToStream$qqrp15Classes@TStream
@Pngimage@TChunkIDAT@
@Pngimage@TChunkIDAT@CopyInterlacedGray2$qqrxucpuct2t2t2
@Pngimage@TChunkIDAT@CopyInterlacedGrayscale16$qqrxucpuct2t2t2
@Pngimage@TChunkIDAT@CopyInterlacedGrayscaleAlpha16$qqrxucpuct2t2t2
@Pngimage@TChunkIDAT@CopyInterlacedGrayscaleAlpha8$qqrxucpuct2t2t2
@Pngimage@TChunkIDAT@CopyInterlacedPalette148$qqrxucpuct2t2t2
@Pngimage@TChunkIDAT@CopyInterlacedPalette2$qqrxucpuct2t2t2
@Pngimage@TChunkIDAT@CopyInterlacedRGB16$qqrxucpuct2t2t2
@Pngimage@TChunkIDAT@CopyInterlacedRGB8$qqrxucpuct2t2t2
@Pngimage@TChunkIDAT@CopyInterlacedRGBAlpha16$qqrxucpuct2t2t2
@Pngimage@TChunkIDAT@CopyInterlacedRGBAlpha8$qqrxucpuct2t2t2
@Pngimage@TChunkIDAT@CopyNonInterlacedGray2$qqrpuct1t1t1
@Pngimage@TChunkIDAT@CopyNonInterlacedGrayscale16$qqrpuct1t1t1
@Pngimage@TChunkIDAT@CopyNonInterlacedGrayscaleAlpha16$qqrpuct1t1t1
@Pngimage@TChunkIDAT@CopyNonInterlacedGrayscaleAlpha8$qqrpuct1t1t1
@Pngimage@TChunkIDAT@CopyNonInterlacedPalette148$qqrpuct1t1t1
@Pngimage@TChunkIDAT@CopyNonInterlacedPalette2$qqrpuct1t1t1
@Pngimage@TChunkIDAT@CopyNonInterlacedRGB16$qqrpuct1t1t1
@Pngimage@TChunkIDAT@CopyNonInterlacedRGB8$qqrpuct1t1t1
@Pngimage@TChunkIDAT@CopyNonInterlacedRGBAlpha16$qqrpuct1t1t1
@Pngimage@TChunkIDAT@CopyNonInterlacedRGBAlpha8$qqrpuct1t1t1
@Pngimage@TChunkIDAT@DecodeInterlacedAdam7$qqrp15Classes@TStreamr21Pngimage@TZStreamRec2xirui
@Pngimage@TChunkIDAT@DecodeNonInterlaced$qqrp15Classes@TStreamr21Pngimage@TZStreamRec2xirui
@Pngimage@TChunkIDAT@EncodeInterlacedAdam7$qqrp15Classes@TStreamr21Pngimage@TZStreamRec2
@Pngimage@TChunkIDAT@EncodeInterlacedGrayscale16$qqrxucpuct2t2
@Pngimage@TChunkIDAT@EncodeInterlacedGrayscaleAlpha16$qqrxucpuct2t2
@Pngimage@TChunkIDAT@EncodeInterlacedGrayscaleAlpha8$qqrxucpuct2t2
@Pngimage@TChunkIDAT@EncodeInterlacedPalette148$qqrxucpuct2t2
@Pngimage@TChunkIDAT@EncodeInterlacedRGB16$qqrxucpuct2t2
@Pngimage@TChunkIDAT@EncodeInterlacedRGB8$qqrxucpuct2t2
@Pngimage@TChunkIDAT@EncodeInterlacedRGBAlpha16$qqrxucpuct2t2
@Pngimage@TChunkIDAT@EncodeInterlacedRGBAlpha8$qqrxucpuct2t2
@Pngimage@TChunkIDAT@EncodeNonInterlaced$qqrp15Classes@TStreamr21Pngimage@TZStreamRec2
@Pngimage@TChunkIDAT@EncodeNonInterlacedGrayscale16$qqrpuct1t1
@Pngimage@TChunkIDAT@EncodeNonInterlacedGrayscaleAlpha16$qqrpuct1t1
@Pngimage@TChunkIDAT@EncodeNonInterlacedGrayscaleAlpha8$qqrpuct1t1
@Pngimage@TChunkIDAT@EncodeNonInterlacedPalette148$qqrpuct1t1
@Pngimage@TChunkIDAT@EncodeNonInterlacedRGB16$qqrpuct1t1
@Pngimage@TChunkIDAT@EncodeNonInterlacedRGB8$qqrpuct1t1
@Pngimage@TChunkIDAT@EncodeNonInterlacedRGBAlpha16$qqrpuct1t1
@Pngimage@TChunkIDAT@EncodeNonInterlacedRGBAlpha8$qqrpuct1t1
@Pngimage@TChunkIDAT@FilterRow$qqrv
@Pngimage@TChunkIDAT@FilterToEncode$qqrv
@Pngimage@TChunkIDAT@FinishIDATZlib$qqrr21Pngimage@TZStreamRec2
@Pngimage@TChunkIDAT@IDATZlibRead$qqrr21Pngimage@TZStreamRec2pvirirui
@Pngimage@TChunkIDAT@IDATZlibWrite$qqrr21Pngimage@TZStreamRec2pvxui
@Pngimage@TChunkIDAT@LoadFromStream$qqrp15Classes@TStreamx27System@%StaticArray$ci$i4$%i
@Pngimage@TChunkIDAT@PreparePalette$qqrv
@Pngimage@TChunkIDAT@SaveToStream$qqrp15Classes@TStream
@Pngimage@TChunkIEND@
@Pngimage@TChunkIHDR@
@Pngimage@TChunkIHDR@$bctr$qqrp18Pngimage@TPngImage
@Pngimage@TChunkIHDR@$bdtr$qqrv
@Pngimage@TChunkIHDR@Assign$qqrp15Pngimage@TChunk
@Pngimage@TChunkIHDR@CreateGrayscalePalette$qqri
@Pngimage@TChunkIHDR@FreeImageData$qqrv
@Pngimage@TChunkIHDR@LoadFromStream$qqrp15Classes@TStreamx27System@%StaticArray$ci$i4$%i
@Pngimage@TChunkIHDR@PaletteToDIB$qqrp10HPALETTE__
@Pngimage@TChunkIHDR@PrepareImageData$qqrv
@Pngimage@TChunkIHDR@SaveToStream$qqrp15Classes@TStream
@Pngimage@TChunkPLTE@
@Pngimage@TChunkPLTE@Assign$qqrp15Pngimage@TChunk
@Pngimage@TChunkPLTE@GetPaletteItem$qqruc
@Pngimage@TChunkPLTE@LoadFromStream$qqrp15Classes@TStreamx27System@%StaticArray$ci$i4$%i
@Pngimage@TChunkPLTE@SaveToStream$qqrp15Classes@TStream
@Pngimage@TChunkgAMA@
@Pngimage@TChunkgAMA@$bctr$qqrp18Pngimage@TPngImage
@Pngimage@TChunkgAMA@Assign$qqrp15Pngimage@TChunk
@Pngimage@TChunkgAMA@GetValue$qqrv
@Pngimage@TChunkgAMA@LoadFromStream$qqrp15Classes@TStreamx27System@%StaticArray$ci$i4$%i
@Pngimage@TChunkgAMA@SetValue$qqrxui
@Pngimage@TChunkpHYs@
@Pngimage@TChunkpHYs@Assign$qqrp15Pngimage@TChunk
@Pngimage@TChunkpHYs@LoadFromStream$qqrp15Classes@TStreamx27System@%StaticArray$ci$i4$%i
@Pngimage@TChunkpHYs@SaveToStream$qqrp15Classes@TStream
@Pngimage@TChunktEXt@
@Pngimage@TChunktEXt@Assign$qqrp15Pngimage@TChunk
@Pngimage@TChunktEXt@LoadFromStream$qqrp15Classes@TStreamx27System@%StaticArray$ci$i4$%i
@Pngimage@TChunktEXt@SaveToStream$qqrp15Classes@TStream
@Pngimage@TChunktIME@
@Pngimage@TChunktIME@Assign$qqrp15Pngimage@TChunk
@Pngimage@TChunktIME@LoadFromStream$qqrp15Classes@TStreamx27System@%StaticArray$ci$i4$%i
@Pngimage@TChunktIME@SaveToStream$qqrp15Classes@TStream
@Pngimage@TChunktRNS@
@Pngimage@TChunktRNS@Assign$qqrp15Pngimage@TChunk
@Pngimage@TChunktRNS@GetTransparentColor$qqrv
@Pngimage@TChunktRNS@LoadFromStream$qqrp15Classes@TStreamx27System@%StaticArray$ci$i4$%i
@Pngimage@TChunktRNS@SaveToStream$qqrp15Classes@TStream
@Pngimage@TChunktRNS@SetTransparentColor$qqrxui
@Pngimage@TChunkzTXt@
@Pngimage@TChunkzTXt@LoadFromStream$qqrp15Classes@TStreamx27System@%StaticArray$ci$i4$%i
@Pngimage@TChunkzTXt@SaveToStream$qqrp15Classes@TStream
@Pngimage@TPNGList@
@Pngimage@TPNGList@Add$qqrp17System@TMetaClass
@Pngimage@TPNGList@FindChunk$qqrp17System@TMetaClass
@Pngimage@TPNGList@GetItem$qqrui
@Pngimage@TPNGList@ItemFromClass$qqrp17System@TMetaClass
@Pngimage@TPNGList@RemoveChunk$qqrp15Pngimage@TChunk
@Pngimage@TPNGPointerList@
@Pngimage@TPNGPointerList@$bctr$qqrp18Pngimage@TPngImage
@Pngimage@TPNGPointerList@$bdtr$qqrv
@Pngimage@TPNGPointerList@Add$qqrpv
@Pngimage@TPNGPointerList@GetItem$qqrui
@Pngimage@TPNGPointerList@Insert$qqrpvui
@Pngimage@TPNGPointerList@Remove$qqrpv
@Pngimage@TPNGPointerList@SetItem$qqruipxv
@Pngimage@TPNGPointerList@SetSize$qqrxui
@Pngimage@TPngImage@
@Pngimage@TPngImage@$bctr$qqruiuiii
@Pngimage@TPngImage@$bctr$qqrv
@Pngimage@TPngImage@$bdtr$qqrv
@Pngimage@TPngImage@AddtEXt$qqrx27System@%AnsiStringT$us$i0$%t1
@Pngimage@TPngImage@AddzTXt$qqrx27System@%AnsiStringT$us$i0$%t1
@Pngimage@TPngImage@Assign$qqrp19Classes@TPersistent
@Pngimage@TPngImage@AssignHandle$qqrp9HBITMAP__oui
@Pngimage@TPngImage@AssignPNG$qqrp18Pngimage@TPngImage
@Pngimage@TPngImage@AssignTo$qqrp19Classes@TPersistent
@Pngimage@TPngImage@ClearChunks$qqrv
@Pngimage@TPngImage@CreateAlpha$qqrv
@Pngimage@TPngImage@DoSetPalette$qqrp10HPALETTE__xo
@Pngimage@TPngImage@Draw$qqrp16Graphics@TCanvasrx11Types@TRect
@Pngimage@TPngImage@DrawPartialTrans$qqrp5HDC__rx11Types@TRect
@Pngimage@TPngImage@DrawUsingPixelInformation$qqrp16Graphics@TCanvasrx12Types@TPoint
@Pngimage@TPngImage@GetAlphaScanline$qqrxi
@Pngimage@TPngImage@GetEmpty$qqrv
@Pngimage@TPngImage@GetExtraScanline$qqrxi
@Pngimage@TPngImage@GetHeader$qqrv
@Pngimage@TPngImage@GetHeight$qqrv
@Pngimage@TPngImage@GetLibraryVersion$qqrv
@Pngimage@TPngImage@GetPalette$qqrv
@Pngimage@TPngImage@GetPixelInfo$qqrruit1
@Pngimage@TPngImage@GetPixelInformation$qqrv
@Pngimage@TPngImage@GetPixels$qqrxixi
@Pngimage@TPngImage@GetScanline$qqrxi
@Pngimage@TPngImage@GetSupportsPartialTransparency$qqrv
@Pngimage@TPngImage@GetTransparencyMode$qqrv
@Pngimage@TPngImage@GetTransparent$qqrv
@Pngimage@TPngImage@GetTransparentColor$qqrv
@Pngimage@TPngImage@GetWidth$qqrv
@Pngimage@TPngImage@HasPixelInformation$qqrv
@Pngimage@TPngImage@HeaderPresent$qqrv
@Pngimage@TPngImage@InitializeGamma$qqrv
@Pngimage@TPngImage@LoadFromClipboardFormat$qqrusuip10HPALETTE__
@Pngimage@TPngImage@LoadFromResourceID$qqruii
@Pngimage@TPngImage@LoadFromResourceName$qqruix20System@UnicodeString
@Pngimage@TPngImage@LoadFromStream$qqrp15Classes@TStream
@Pngimage@TPngImage@RaiseError$qqrp17System@TMetaClass20System@UnicodeString
@Pngimage@TPngImage@RemoveTransparency$qqrv
@Pngimage@TPngImage@Resize$qqrxixi
@Pngimage@TPngImage@SaveToClipboardFormat$qqrrusruirp10HPALETTE__
@Pngimage@TPngImage@SaveToStream$qqrp15Classes@TStream
@Pngimage@TPngImage@SetHeight$qqri
@Pngimage@TPngImage@SetMaxIdatSize$qqrxi
@Pngimage@TPngImage@SetPalette$qqrp10HPALETTE__
@Pngimage@TPngImage@SetPixels$qqrxixix15Graphics@TColor
@Pngimage@TPngImage@SetTransparentColor$qqrx15Graphics@TColor
@Pngimage@TPngImage@SetWidth$qqri
@Pngimage@ZLIBErrors
@Pngimage@initialization$qqrv
@Pngimage@update_crc$qqruip32System@%StaticArray$uci$i65536$%i
@Pnglang@Finalization$qqrv
@Pnglang@_EInvalidNewSize
@Pnglang@_EInvalidSpec
@Pnglang@_EPNGCannotAddChunkText
@Pnglang@_EPNGCannotAddInvalidImageText
@Pnglang@_EPNGCannotAssignChunkText
@Pnglang@_EPNGCannotChangeTransparentText
@Pnglang@_EPNGCouldNotLoadResourceText
@Pnglang@_EPNGHeaderNotPresentText
@Pnglang@_EPNGIHDRNotFirstText
@Pnglang@_EPNGInvalidFileHeaderText
@Pnglang@_EPNGInvalidIHDRText
@Pnglang@_EPNGInvalidPaletteText
@Pnglang@_EPNGMissingMultipleIDATText
@Pnglang@_EPNGMissingPaletteText
@Pnglang@_EPNGNoImageDataText
@Pnglang@_EPNGNotExistsText
@Pnglang@_EPNGOutMemoryText
@Pnglang@_EPNGSizeExceedsText
@Pnglang@_EPNGUnexpectedEndText
@Pnglang@_EPNGUnknownCompressionText
@Pnglang@_EPNGUnknownCriticalChunkText
@Pnglang@_EPNGUnknownInterlaceText
@Pnglang@_EPNGUnknownPalEntryText
@Pnglang@_EPNGZLIBErrorText
@Pnglang@_EPngInvalidCRCText
@Pnglang@initialization$qqrv
@Shdocvw_ocx@Register$qqrv
@Shdocvw_tlb@CLSID_CppCScriptErrorList
@Shdocvw_tlb@CLSID_CppInternetExplorer
@Shdocvw_tlb@CLSID_CppShellBrowserWindow
@Shdocvw_tlb@CLSID_CppShellUIHelper
@Shdocvw_tlb@CLSID_CppShellWindows
@Shdocvw_tlb@CLSID_CppWebBrowser
@Shdocvw_tlb@CLSID_CppWebBrowser_V1
@Shdocvw_tlb@CLSID_ShellFavoritesNameSpace
@Shdocvw_tlb@CLSID_ShellShellNameSpace
@Shdocvw_tlb@DIID_DShellNameSpaceEvents
@Shdocvw_tlb@DIID_DShellWindowsEvents
@Shdocvw_tlb@DIID_DWebBrowserEvents
@Shdocvw_tlb@DIID_DWebBrowserEvents2
@Shdocvw_tlb@IID_IScriptErrorList
@Shdocvw_tlb@IID_IShellFavoritesNameSpace
@Shdocvw_tlb@IID_IShellNameSpace
@Shdocvw_tlb@IID_IShellUIHelper
@Shdocvw_tlb@IID_IShellUIHelper2
@Shdocvw_tlb@IID_IShellWindows
@Shdocvw_tlb@IID_IWebBrowser
@Shdocvw_tlb@IID_IWebBrowser2
@Shdocvw_tlb@IID_IWebBrowserApp
@Shdocvw_tlb@LIBID_SHDocVw
@Shdocvw_tlb@TCppInternetExplorer@
@Shdocvw_tlb@TCppInternetExplorer@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppInternetExplorer@BeforeDestruction$qqrv
@Shdocvw_tlb@TCppInternetExplorer@ClientToWindow$qqrpit1
@Shdocvw_tlb@TCppInternetExplorer@Connect$qqrv
@Shdocvw_tlb@TCppInternetExplorer@ConnectTo$qqr69%TComInterface$24Shdocvw_tlb@IWebBrowser2px5_GUID$gIID_IWebBrowser2$%
@Shdocvw_tlb@TCppInternetExplorer@Disconnect$qqrv
@Shdocvw_tlb@TCppInternetExplorer@ExecWB$qqr20Shdocvw_tlb@OLECMDID25Shdocvw_tlb@OLECMDEXECOPTp10tagVARIANTt3
@Shdocvw_tlb@TCppInternetExplorer@GetDefaultInterface$qv
@Shdocvw_tlb@TCppInternetExplorer@GetDunk$qqrv
@Shdocvw_tlb@TCppInternetExplorer@GetProperty$qqrpb
@Shdocvw_tlb@TCppInternetExplorer@GoBack$qqrv
@Shdocvw_tlb@TCppInternetExplorer@GoForward$qqrv
@Shdocvw_tlb@TCppInternetExplorer@GoHome$qqrv
@Shdocvw_tlb@TCppInternetExplorer@GoSearch$qqrv
@Shdocvw_tlb@TCppInternetExplorer@InitServerData$qqrv
@Shdocvw_tlb@TCppInternetExplorer@InvokeEvent$qqrir42System@%DynamicArray$t17System@OleVariant%
@Shdocvw_tlb@TCppInternetExplorer@Navigate$qqrpbp10tagVARIANTt2t2t2
@Shdocvw_tlb@TCppInternetExplorer@Navigate2$qqrp10tagVARIANTt1t1t1t1
@Shdocvw_tlb@TCppInternetExplorer@PutProperty$qqrpb10tagVARIANT
@Shdocvw_tlb@TCppInternetExplorer@QueryStatusWB$qqr20Shdocvw_tlb@OLECMDID
@Shdocvw_tlb@TCppInternetExplorer@Quit$qqrv
@Shdocvw_tlb@TCppInternetExplorer@Refresh$qqrv
@Shdocvw_tlb@TCppInternetExplorer@Refresh2$qqrp10tagVARIANT
@Shdocvw_tlb@TCppInternetExplorer@ShowBrowserBar$qqrp10tagVARIANTt1t1
@Shdocvw_tlb@TCppInternetExplorer@Stop$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_AddressBar$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Application$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Busy$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Container$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Document$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_FullName$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_FullScreen$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_HWND$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Height$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Left$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_LocationName$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_LocationURL$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_MenuBar$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Name$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Offline$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Parent$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Path$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_ReadyState$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_RegisterAsBrowser$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_RegisterAsDropTarget$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Resizable$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Silent$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_StatusBar$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_StatusText$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_TheaterMode$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_ToolBar$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Top$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_TopLevelContainer$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Type$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Visible$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Width$qqrv
@Shdocvw_tlb@TCppInternetExplorer@set_AddressBar$qqrs
@Shdocvw_tlb@TCppInternetExplorer@set_FullScreen$qqrs
@Shdocvw_tlb@TCppInternetExplorer@set_Height$qqrl
@Shdocvw_tlb@TCppInternetExplorer@set_Left$qqrl
@Shdocvw_tlb@TCppInternetExplorer@set_MenuBar$qqrs
@Shdocvw_tlb@TCppInternetExplorer@set_Offline$qqrs
@Shdocvw_tlb@TCppInternetExplorer@set_RegisterAsBrowser$qqrs
@Shdocvw_tlb@TCppInternetExplorer@set_RegisterAsDropTarget$qqrs
@Shdocvw_tlb@TCppInternetExplorer@set_Resizable$qqrs
@Shdocvw_tlb@TCppInternetExplorer@set_Silent$qqrs
@Shdocvw_tlb@TCppInternetExplorer@set_StatusBar$qqrs
@Shdocvw_tlb@TCppInternetExplorer@set_StatusText$qqrpb
@Shdocvw_tlb@TCppInternetExplorer@set_TheaterMode$qqrs
@Shdocvw_tlb@TCppInternetExplorer@set_ToolBar$qqri
@Shdocvw_tlb@TCppInternetExplorer@set_Top$qqrl
@Shdocvw_tlb@TCppInternetExplorer@set_Visible$qqrs
@Shdocvw_tlb@TCppInternetExplorer@set_Width$qqrl
@Shdocvw_tlb@TCppShellUIHelper@
@Shdocvw_tlb@TCppShellUIHelper@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellUIHelper@AddChannel$qqrpb
@Shdocvw_tlb@TCppShellUIHelper@AddDesktopComponent$qqrpbt1p10tagVARIANTt3t3t3
@Shdocvw_tlb@TCppShellUIHelper@AddFavorite$qqrpbp10tagVARIANT
@Shdocvw_tlb@TCppShellUIHelper@AddSearchProvider$qqrpb
@Shdocvw_tlb@TCppShellUIHelper@AutoCompleteAttach$qqrp10tagVARIANT
@Shdocvw_tlb@TCppShellUIHelper@AutoCompleteSaveForm$qqrp10tagVARIANT
@Shdocvw_tlb@TCppShellUIHelper@AutoScan$qqrpbt1p10tagVARIANT
@Shdocvw_tlb@TCppShellUIHelper@BeforeDestruction$qqrv
@Shdocvw_tlb@TCppShellUIHelper@BrandImageUri$qqrv
@Shdocvw_tlb@TCppShellUIHelper@Connect$qqrv
@Shdocvw_tlb@TCppShellUIHelper@ConnectTo$qqr75%TComInterface$27Shdocvw_tlb@IShellUIHelper2px5_GUID$gIID_IShellUIHelper2$%
@Shdocvw_tlb@TCppShellUIHelper@CustomizeClearType$qqrs
@Shdocvw_tlb@TCppShellUIHelper@CustomizeSettings$qqrsspb
@Shdocvw_tlb@TCppShellUIHelper@DefaultSearchProvider$qqrv
@Shdocvw_tlb@TCppShellUIHelper@DiagnoseConnection$qqrv
@Shdocvw_tlb@TCppShellUIHelper@Disconnect$qqrv
@Shdocvw_tlb@TCppShellUIHelper@GetDefaultInterface$qv
@Shdocvw_tlb@TCppShellUIHelper@GetDunk$qqrv
@Shdocvw_tlb@TCppShellUIHelper@ImportExportFavorites$qqrspb
@Shdocvw_tlb@TCppShellUIHelper@InitServerData$qqrv
@Shdocvw_tlb@TCppShellUIHelper@IsSearchMigrated$qqrv
@Shdocvw_tlb@TCppShellUIHelper@IsSearchProviderInstalled$qqrpb
@Shdocvw_tlb@TCppShellUIHelper@IsSubscribed$qqrpb
@Shdocvw_tlb@TCppShellUIHelper@NavigateAndFind$qqrpbt1p10tagVARIANT
@Shdocvw_tlb@TCppShellUIHelper@PhishingEnabled$qqrv
@Shdocvw_tlb@TCppShellUIHelper@RefreshOfflineDesktop$qqrv
@Shdocvw_tlb@TCppShellUIHelper@ResetFirstBootMode$qqrv
@Shdocvw_tlb@TCppShellUIHelper@ResetSafeMode$qqrv
@Shdocvw_tlb@TCppShellUIHelper@RunOnceHasShown$qqrv
@Shdocvw_tlb@TCppShellUIHelper@RunOnceRequiredSettingsComplete$qqrs
@Shdocvw_tlb@TCppShellUIHelper@RunOnceShown$qqrv
@Shdocvw_tlb@TCppShellUIHelper@SearchGuideUrl$qqrv
@Shdocvw_tlb@TCppShellUIHelper@ShowBrowserUI$qqrpbp10tagVARIANT
@Shdocvw_tlb@TCppShellUIHelper@SkipRunOnce$qqrv
@Shdocvw_tlb@TCppShellUIHelper@SkipTabsWelcome$qqrv
@Shdocvw_tlb@TCppShellUIHelper@SqmEnabled$qqrv
@Shdocvw_tlb@TCppShellWindows@
@Shdocvw_tlb@TCppShellWindows@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellWindows@BeforeDestruction$qqrv
@Shdocvw_tlb@TCppShellWindows@Connect$qqrv
@Shdocvw_tlb@TCppShellWindows@ConnectTo$qqr71%TComInterface$25Shdocvw_tlb@IShellWindowspx5_GUID$gIID_IShellWindows$%
@Shdocvw_tlb@TCppShellWindows@Disconnect$qqrv
@Shdocvw_tlb@TCppShellWindows@FindWindowSW$qqrp10tagVARIANTt1ipli
@Shdocvw_tlb@TCppShellWindows@GetDefaultInterface$qv
@Shdocvw_tlb@TCppShellWindows@GetDunk$qqrv
@Shdocvw_tlb@TCppShellWindows@InitServerData$qqrv
@Shdocvw_tlb@TCppShellWindows@InvokeEvent$qqrir42System@%DynamicArray$t17System@OleVariant%
@Shdocvw_tlb@TCppShellWindows@Item$qqr10tagVARIANT
@Shdocvw_tlb@TCppShellWindows@OnActivated$qqrls
@Shdocvw_tlb@TCppShellWindows@OnCreated$qqrlp8IUnknown
@Shdocvw_tlb@TCppShellWindows@OnNavigate$qqrlp10tagVARIANT
@Shdocvw_tlb@TCppShellWindows@ProcessAttachDetach$qqrs
@Shdocvw_tlb@TCppShellWindows@Register$qqrp9IDispatchlipl
@Shdocvw_tlb@TCppShellWindows@RegisterPending$qqrlp10tagVARIANTt2ipl
@Shdocvw_tlb@TCppShellWindows@Revoke$qqrl
@Shdocvw_tlb@TCppShellWindows@_NewEnum$qqrv
@Shdocvw_tlb@TCppShellWindows@get_Count$qqrv
@Shdocvw_tlb@TCppWebBrowser@
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrp6HWND__
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrpv
@Shdocvw_tlb@TCppWebBrowser@CControlData
@Shdocvw_tlb@TCppWebBrowser@ClientToWindow$qqrpit1
@Shdocvw_tlb@TCppWebBrowser@CreateControl$qqrv
@Shdocvw_tlb@TCppWebBrowser@DEF_CTL_INTF
@Shdocvw_tlb@TCppWebBrowser@EventDispIDs
@Shdocvw_tlb@TCppWebBrowser@ExecWB$qqr20Shdocvw_tlb@OLECMDID25Shdocvw_tlb@OLECMDEXECOPTp10tagVARIANTt3
@Shdocvw_tlb@TCppWebBrowser@GetDefaultInterface$qqrv
@Shdocvw_tlb@TCppWebBrowser@GetProperty$qqrpb
@Shdocvw_tlb@TCppWebBrowser@GetWordBoolProp$qqri
@Shdocvw_tlb@TCppWebBrowser@GoBack$qqrv
@Shdocvw_tlb@TCppWebBrowser@GoForward$qqrv
@Shdocvw_tlb@TCppWebBrowser@GoHome$qqrv
@Shdocvw_tlb@TCppWebBrowser@GoSearch$qqrv
@Shdocvw_tlb@TCppWebBrowser@InitControlData$qqrv
@Shdocvw_tlb@TCppWebBrowser@Navigate$qqrpbp10tagVARIANTt2t2t2
@Shdocvw_tlb@TCppWebBrowser@Navigate2$qqrp10tagVARIANTt1t1t1t1
@Shdocvw_tlb@TCppWebBrowser@OptParam
@Shdocvw_tlb@TCppWebBrowser@PutProperty$qqrpb10tagVARIANT
@Shdocvw_tlb@TCppWebBrowser@QueryStatusWB$qqr20Shdocvw_tlb@OLECMDID
@Shdocvw_tlb@TCppWebBrowser@Quit$qqrv
@Shdocvw_tlb@TCppWebBrowser@Refresh$qqrv
@Shdocvw_tlb@TCppWebBrowser@Refresh2$qqrp10tagVARIANT
@Shdocvw_tlb@TCppWebBrowser@SetWordBoolProp$qqrio
@Shdocvw_tlb@TCppWebBrowser@ShowBrowserBar$qqrp10tagVARIANTt1t1
@Shdocvw_tlb@TCppWebBrowser@Stop$qqrv
@Shdocvw_tlb@TCppWebBrowser@get_Application$qqrv
@Shdocvw_tlb@TCppWebBrowser@get_Container$qqrv
@Shdocvw_tlb@TCppWebBrowser@get_Document$qqrv
@Shdocvw_tlb@TCppWebBrowser@get_Parent$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@
@Shdocvw_tlb@TShellFavoritesNameSpace@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TShellFavoritesNameSpace@BeforeDestruction$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@Connect$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@ConnectTo$qqr75%TComInterface$27Shdocvw_tlb@IShellNameSpacepx5_GUID$gIID_IShellNameSpace$%
@Shdocvw_tlb@TShellFavoritesNameSpace@CreateSubscriptionForSelection$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@DeleteSubscriptionForSelection$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@Disconnect$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@Expand$qqr10tagVARIANTi
@Shdocvw_tlb@TShellFavoritesNameSpace@Export$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@GetDefaultInterface$qv
@Shdocvw_tlb@TShellFavoritesNameSpace@GetDunk$qqrv

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 121KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 353KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 89KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows小秘书1.3/Windows小秘书官方网站.url
Windows小秘书1.3/iehome.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 35KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Windows小秘书1.3/使用指南.html
.html
Windows小秘书1.3/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

75c9da2a69774aff9d523302feda7dd3

Headers

File Characteristics

Imports

advapi32

kernel32

version

comctl32

gdi32

msimg32

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 908KB - Virtual size: 908KB

.data Size: 47KB - Virtual size: 88KB

.tls Size: 512B - Virtual size: 4KB

.idata Size: 10KB - Virtual size: 12KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 63KB - Virtual size: 64KB

.reloc Size: 64KB - Virtual size: 64KB

eaacb33cbfb37513e5642306fffe0c1a

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

comdlg32

advapi32

shell32

comctl32

msvcp60

Exports

Exports

Sections

.text Size: 480KB - Virtual size: 478KB

.rdata Size: 96KB - Virtual size: 94KB

.data Size: 20KB - Virtual size: 87KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 52KB - Virtual size: 48KB

d24d02fb39ae25bb92b66b72b8dabfa8

Headers

File Characteristics

Imports

productinfo

rasapi32

advapi32

kernel32

version

comctl32

comdlg32

gdi32

msimg32

shell32

user32

winmm

ole32

oleaut32

Exports

Exports

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.data Size: 121KB - Virtual size: 164KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 13KB - Virtual size: 16KB

.edata Size: 33KB - Virtual size: 36KB

.rsrc Size: 353KB - Virtual size: 356KB

.reloc Size: 89KB - Virtual size: 92KB

Headers

.text
Size: 908KB - Virtual size: 908KB

.data
Size: 47KB - Virtual size: 88KB

.tls
Size: 512B - Virtual size: 4KB

.idata
Size: 10KB - Virtual size: 12KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 63KB - Virtual size: 64KB

.reloc
Size: 64KB - Virtual size: 64KB

.text
Size: 480KB - Virtual size: 478KB

.rdata
Size: 96KB - Virtual size: 94KB

.data
Size: 20KB - Virtual size: 87KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 52KB - Virtual size: 48KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 121KB - Virtual size: 164KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 13KB - Virtual size: 16KB

.edata
Size: 33KB - Virtual size: 36KB

.rsrc
Size: 353KB - Virtual size: 356KB

.reloc
Size: 89KB - Virtual size: 92KB

.text
Size: 35KB - Virtual size: 64KB

.rdata
Size: 5KB - Virtual size: 16KB

.data
Size: 2KB - Virtual size: 20KB

.rsrc
Size: 23KB - Virtual size: 40KB

.aspack
Size: 4KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB