21f37c149f29b39c6907680df3ed92ac_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

21f37c149f29b39c6907680df3ed92ac_JaffaCakes118
Size

4.3MB
MD5

21f37c149f29b39c6907680df3ed92ac
SHA1

50bac8213bfe5333eb6938610025560480cc84a8
SHA256

31901fca13deec13c8129cebfeb0c94d07533816f21768b160b97b486220ad98
SHA512

ecf1895042e2ffc6fd9d623b478763d5155a9828b27c1df053a3ba8893a5a1674ab11757a52475dec071841cdf8b518d1913d8864281a0cab1a930f9b003fdf9
SSDEEP

98304:iq5AdWhOWLo6S7AC8YfzhZiI8vIQa2bi1Ec10eCB6eD4+euSyM/EMi5O:iq51hOWkPpfzXigQaQiUBj8+f4EM+O

Score

3^/10

Malware Config

Signatures

Unsigned PE 10 IoCs

Checks for missing Authenticode signature.

resource
21f37c149f29b39c6907680df3ed92ac_JaffaCakes118
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/LangDLL.dll
unpack001/IRLink.Lite/IRLink.Lite.exe
unpack001/IRLink.Lite/IRLinkOSD.exe
unpack001/IRLink.Lite/OsdManager.dll
unpack001/IRLink.Lite/windows.dll
unpack001/IRLink.Plugin/IRLink.Plugin.exe
unpack001/IRLink.Plugin/windows.dll
unpack001/Uninstall.exe

NSIS installer 3 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/Uninstall.exe	nsis_installer_2

Files

21f37c149f29b39c6907680df3ed92ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 288KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$APPDATA/IRLink/key.xml
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

9b6b6a7858e17fb0b17e1c1428330343

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GetACP
lstrlenA
lstrcmpA
lstrcpynA
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc

user32

SetWindowTextA
SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
LoadIconA
SendMessageA
ShowWindow
GetDC

gdi32

CreateFontIndirectA
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 697B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
IRLink.Lite/IRLink.Lite.exe
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 49KB - Virtual size: 332KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IRLink.Lite/IRLink.Lite.jar
.jar
IRLink.Lite/IRLinkOSD.exe
.exe windows:4 windows x86 arch:x86

60999906f8564a8c24af105d5184b2fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaLenBstr
__vbaLateIdCall
__vbaFreeVarList
_adj_fdiv_m64
_adj_fprem1
__vbaRecAnsiToUni
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
ord556
_adj_fdiv_m32
ord669
ord595
__vbaStrLike
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaRefVarAry
_CIsin
ord709
__vbaChkstk
EVENT_SINK_AddRef
DllFunctionCall
__vbaLbound
_adj_fpatan
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFailedFriend
ord530
__vbaFPException
__vbaUbound
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaI4Str
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
__vbaVarDup
__vbaStrToAnsi
ord616
_CIatan
__vbaStrMove
ord618
_allmul
__vbaLateIdSt
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IRLink.Lite/OsdManager.dll
.dll windows:5 windows x86 arch:x86

a0729a842c60dae4a8400490bd31ae6c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

IsWindow

Exports

Exports

_Java_com_ir_1rc_irlinkLite_gui_osd_OsdManager_nativeHideOsd@8
_Java_com_ir_1rc_irlinkLite_gui_osd_OsdManager_nativeShowOsd@8

Sections

.text
Size: 19KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IRLink.Lite/images/5.ico
IRLink.Lite/images/6.ico
IRLink.Lite/images/images/Combobox/top_window.png
.png
IRLink.Lite/images/images/Combobox/tulza-empty.png
.png
IRLink.Lite/images/images/Combobox/tulza-hov.png
.png
IRLink.Lite/images/images/Combobox/tulza-norm.png
.png
IRLink.Lite/images/images/Combobox/tulza-self.png
.png
IRLink.Lite/images/images/border/gradPanelImg.png
.png
IRLink.Lite/images/images/btnAdd/add.png
.png
IRLink.Lite/images/images/btnAdd/add_disabled.png
.png
IRLink.Lite/images/images/btnAdd/add_pressed.png
.png
IRLink.Lite/images/images/btnClose/close.png
.png
IRLink.Lite/images/images/btnClose/close_pressed.png
.png
IRLink.Lite/images/images/btnGreen/b.png
.png
IRLink.Lite/images/images/btnGreen/bl.png
.png
IRLink.Lite/images/images/btnGreen/br.png
.png
IRLink.Lite/images/images/btnGreen/l.png
.png
IRLink.Lite/images/images/btnGreen/r.png
.png
IRLink.Lite/images/images/btnGreen/t.png
.png
IRLink.Lite/images/images/btnGreen/tl.png
.png
IRLink.Lite/images/images/btnGreen/tr.png
.png
IRLink.Lite/images/images/btnHelp/1.png
.png
IRLink.Lite/images/images/btnHelp/2.png
.png
IRLink.Lite/images/images/btnPlugin/plugin.png
.png
IRLink.Lite/images/images/btnPlugin/plugin_pressed.png
.png
IRLink.Lite/images/images/btnRefresh/refr.png
.png
IRLink.Lite/images/images/btnRefresh/refr2.png
.png
IRLink.Lite/images/images/btnRemove/rem.png
.png
IRLink.Lite/images/images/btnRemove/rem_disabled.png
.png
IRLink.Lite/images/images/btnRemove/rem_pressed.png
.png
IRLink.Lite/images/images/btnWizard/_wizard.png
.png
IRLink.Lite/images/images/btnWizard/_wizard_pressed.png
.png
IRLink.Lite/images/images/btnWizard/wizard.png
.png
IRLink.Lite/images/images/btnWizard/wizard_pressed.png
.png
IRLink.Lite/images/images/checkbox/checked.png
.png
IRLink.Lite/images/images/checkbox/chekb_diz.png
.png
IRLink.Lite/images/images/checkbox/unchecked.png
.png
IRLink.Lite/images/images/gui/finder_tool_big.gif
.gif
IRLink.Lite/images/images/gui/finder_tool_small.png
.gif
IRLink.Lite/images/images/gui/top_window.png
.png
IRLink.Lite/images/images/ir_link.png
.png
IRLink.Lite/images/images/irlink3logo.png
.png
IRLink.Lite/images/images/menu/about.png
.png
IRLink.Lite/images/images/menu/about_h.png
.png
IRLink.Lite/images/images/menu/actions.png
.png
IRLink.Lite/images/images/menu/actions_h.png
.png
IRLink.Lite/images/images/menu/rc.png
.png
IRLink.Lite/images/images/menu/rc_h.png
.png
IRLink.Lite/images/images/menu/settings.png
.png
IRLink.Lite/images/images/menu/settings_h.png
.png
IRLink.Lite/images/images/menu/sr.png
.png
IRLink.Lite/images/images/menu/sr_h.png
.png
IRLink.Lite/images/images/remoteControlView/border/b.png
.png
IRLink.Lite/images/images/remoteControlView/border/bl.png
.png
IRLink.Lite/images/images/remoteControlView/border/br.png
.png
IRLink.Lite/images/images/remoteControlView/border/l.png
.png
IRLink.Lite/images/images/remoteControlView/border/r.png
.png
IRLink.Lite/images/images/remoteControlView/border/t.png
.png
IRLink.Lite/images/images/remoteControlView/border/tl.png
.png
IRLink.Lite/images/images/remoteControlView/border/tr.png
.png
IRLink.Lite/images/images/remoteControlView/key.png
.png
IRLink.Lite/images/images/remoteControlView/key_pressed.png
.png
IRLink.Lite/images/images/remoteControlView/key_pressed2.png
.png
IRLink.Lite/images/images/srSettings/callbackFreq.png
.png
IRLink.Lite/images/images/srSettings/repeatDelay.png
.png
IRLink.Lite/images/images/srSettings/sensitivity.png
.png
IRLink.Lite/images/images/tree/availableTree.png
.png
IRLink.Lite/images/images/tree/leaf.png
.png
IRLink.Lite/images/images/tree/openNode.png
.png
IRLink.Lite/images/images/tree/selectedTree.png
.png
IRLink.Lite/images/images/wizard/code.PNG
.png
IRLink.Lite/images/images/wizard/no_code.PNG
.png
IRLink.Lite/images/ir_link.ico
IRLink.Lite/images/ir_link_config.ico
IRLink.Lite/images/ir_link_error.ico
IRLink.Lite/images/ir_link_search.ico
IRLink.Lite/images/ir_link_waiting.ico
IRLink.Lite/resources/resources_headless_en.properties
IRLink.Lite/resources/resources_headless_ru.properties
IRLink.Lite/skins/blue/osd/file_chooser.swf
IRLink.Lite/skins/blue/osd/help.swf
IRLink.Lite/skins/blue/osd/main.swf
IRLink.Lite/skins/blue/osd/main_screen.swf
IRLink.Lite/skins/blue/osd/pult.swf
IRLink.Lite/skins/mce/osd/file_chooser.swf
IRLink.Lite/skins/mce/osd/help.swf
IRLink.Lite/skins/mce/osd/main.swf
IRLink.Lite/skins/mce/osd/main_screen.swf
IRLink.Lite/skins/mce/osd/pult.swf
IRLink.Lite/windows.dll
.dll windows:4 windows x86 arch:x86

7965c045e204efec8572d183a8dca35f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

mciSendStringA
mixerSetControlDetails
mixerGetControlDetailsA
mixerOpen
mixerGetLineInfoA
mixerGetLineControlsA

kernel32

OpenProcess
WaitForMultipleObjects
ResetEvent
CreateEventA
SetEvent
lstrcmpiA
GetExitCodeProcess
TerminateProcess
lstrcatA
SetErrorMode
FreeLibrary
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentThreadId
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
CreateFileA
InitializeCriticalSection
HeapSize
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
CloseHandle
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
RtlUnwind
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
HeapCreate
HeapDestroy
HeapReAlloc
VirtualAlloc
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLocaleInfoA
GetCommandLineA
FlushFileBuffers
SetEndOfFile
SetSystemPowerState
GetDriveTypeA
GetWindowsDirectoryA
GetCurrentProcessId
GetVersionExA
LoadLibraryA
GetProcAddress
CreateThread
Sleep
GetModuleHandleA
GetLastError
GetCurrentProcess
GetTickCount
ReadFile
SetFilePointer

user32

OpenIcon
IsIconic
GetWindowDC
GetWindowRgn
GetKeyboardLayout
MapVirtualKeyExA
GetKeyNameTextA
SetActiveWindow
SetFocus
WindowFromPoint
GetWindowTextA
GetAncestor
AttachThreadInput
GetFocus
EnumChildWindows
EnumWindows
BlockInput
GetAsyncKeyState
SendMessageTimeoutA
GetClassNameA
GetWindowThreadProcessId
IsWindowVisible
PostMessageA
SendMessageA
keybd_event
ExitWindowsEx
LoadCursorFromFileA
GetDesktopWindow
GetClassLongA
GetSystemMetrics
SetCursorPos
SendInput
CopyIcon
SetSystemCursor
FindWindowA
IsWindow
SetWindowPos
GetForegroundWindow
InvalidateRect
UpdateWindow
GetDC
GetClientRect
BeginPaint
EndPaint
PostQuitMessage
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
RegisterClassExA
MessageBoxA
CreateWindowExA
CreatePopupMenu
SetMenu
SetWindowLongA
DestroyWindow
PostThreadMessageA
GetWindowLongA
GetCursorPos
SetForegroundWindow
TrackPopupMenuEx
DefWindowProcA
AppendMenuA
ReleaseDC

gdi32

FrameRgn
GetTextExtentPointA
PatBlt
TextOutA
CreateFontA
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
CreateSolidBrush
SetTextColor
SetBkMode
BitBlt
CreateRectRgn

advapi32

OpenProcessToken
AdjustTokenPrivileges
RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegQueryValueExA
RegDeleteValueA
RegEnumValueA
LookupPrivilegeValueA

shell32

Shell_NotifyIconA
ExtractIconA
ShellExecuteExA

shlwapi

PathAppendA
PathFindFileNameA
StrStrIA

Exports

Exports

?Java_com_ir_1rc_shared_etc_Windows_nativeIsAlreadyRunning@@YGEPAUJNIEnv_@@PAV_jclass@@@Z
?Java_com_ir_1rc_shared_gui_sysTray_TrayIcon_nativeSetHint@@YGXPAUJNIEnv_@@PAV_jobject@@PAV_jbyteArray@@@Z
?Java_com_ir_1rc_shared_gui_sysTray_TrayIcon_nativeSetIcon@@YGXPAUJNIEnv_@@PAV_jobject@@J@Z
_Java_com_ir_1rc_shared_etc_Windows_checkApplicationSynonim@12
_Java_com_ir_1rc_shared_etc_Windows_enumCommPorts@8
_Java_com_ir_1rc_shared_etc_Windows_getCurrentProcessId@8
_Java_com_ir_1rc_shared_etc_Windows_getCurrentlyPressedKey@8
_Java_com_ir_1rc_shared_etc_Windows_getKeyName@12
_Java_com_ir_1rc_shared_etc_Windows_getRegistryKeyForExtension@12
_Java_com_ir_1rc_shared_etc_Windows_getScreenWidth@8
_Java_com_ir_1rc_shared_etc_Windows_moveCursor@24
_Java_com_ir_1rc_shared_etc_Windows_nativeActivateApp@24
_Java_com_ir_1rc_shared_etc_Windows_nativeCheckStartUp@20
_Java_com_ir_1rc_shared_etc_Windows_nativeCloseProcessHandle@12
_Java_com_ir_1rc_shared_etc_Windows_nativeEnumProcesses@8
_Java_com_ir_1rc_shared_etc_Windows_nativeGetChildWindowClass@12
_Java_com_ir_1rc_shared_etc_Windows_nativeGetDriveType@12
_Java_com_ir_1rc_shared_etc_Windows_nativeGetMouseLocation@8
_Java_com_ir_1rc_shared_etc_Windows_nativeGetWin32ProcessHandle@24
_Java_com_ir_1rc_shared_etc_Windows_nativeGetWindowFilePath@12
_Java_com_ir_1rc_shared_etc_Windows_nativeIsWindowFullscreen@12
_Java_com_ir_1rc_shared_etc_Windows_nativeIshProcessValid@12
_Java_com_ir_1rc_shared_etc_Windows_nativeKeybdEvent@32
_Java_com_ir_1rc_shared_etc_Windows_nativeLaunchApp@24
_Java_com_ir_1rc_shared_etc_Windows_nativeMouse_1dragged@12
_Java_com_ir_1rc_shared_etc_Windows_nativeMouse_1up@8
_Java_com_ir_1rc_shared_etc_Windows_nativePerformAction@12
_Java_com_ir_1rc_shared_etc_Windows_nativeRestoreGlobalCursor@8
_Java_com_ir_1rc_shared_etc_Windows_nativeSendSystemMessage@48
_Java_com_ir_1rc_shared_etc_Windows_nativeSetGlobalCursorToBig@8
_Java_com_ir_1rc_shared_etc_Windows_nativeShutDownProcess@12
_Java_com_ir_1rc_shared_etc_Windows_nativeTerminateApp@12
_Java_com_ir_1rc_shared_etc_Windows_nativeVolumeCommand@12
_Java_com_ir_1rc_shared_etc_Windows_pressKey@12
_Java_com_ir_1rc_shared_etc_Windows_pressMouseKey@12
_Java_com_ir_1rc_shared_etc_Windows_releaseKey@12
_Java_com_ir_1rc_shared_etc_Windows_releaseMouseKey@12
_Java_com_ir_1rc_shared_etc_Windows_resetActivationMonitor@8
_Java_com_ir_1rc_shared_etc_Windows_startActivationMonitor@12
_Java_com_ir_1rc_shared_etc_Windows_startWatching@12
_Java_com_ir_1rc_shared_etc_Windows_stopActivationMonitor@8
_Java_com_ir_1rc_shared_etc_Windows_stopWatching@8
_Java_com_ir_1rc_shared_gui_signalWindow_SignalWindow_nativeHide@8
_Java_com_ir_1rc_shared_gui_signalWindow_SignalWindow_nativeShow@12
_Java_com_ir_1rc_shared_gui_sysTray_TrayIcon_nativeAddMenuItem@16
_Java_com_ir_1rc_shared_gui_sysTray_TrayIcon_nativeCheckAlreadyRunning@8
_Java_com_ir_1rc_shared_gui_sysTray_TrayIcon_nativeDestroy@8
_Java_com_ir_1rc_shared_gui_sysTray_TrayIcon_nativeInit@8
_Java_com_ir_1rc_shared_gui_sysTray_TrayIcon_nativeLoadImage@12
_Java_com_ir_1rc_shared_gui_sysTray_TrayIcon_nativeShow@16

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IRLink.Plugin/IRLink.Plugin.exe
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 49KB - Virtual size: 332KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IRLink.Plugin/IRLink.Plugin.jar
.jar
IRLink.Plugin/images/images/Combobox/top_window.png
.png
IRLink.Plugin/images/images/Combobox/tulza-empty.png
.png
IRLink.Plugin/images/images/Combobox/tulza-hov.png
.png
IRLink.Plugin/images/images/Combobox/tulza-norm.png
.png
IRLink.Plugin/images/images/Combobox/tulza-self.png
.png
IRLink.Plugin/images/images/gui/finder_tool_big.gif
.gif
IRLink.Plugin/images/images/gui/finder_tool_small.png
.gif
IRLink.Plugin/images/images/gui/top_window.png
.png
IRLink.Plugin/resources/resources_headless_en.properties
IRLink.Plugin/resources/resources_headless_ru.properties
IRLink.Plugin/windows.dll
.dll windows:4 windows x86 arch:x86

7965c045e204efec8572d183a8dca35f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

mciSendStringA
mixerSetControlDetails
mixerGetControlDetailsA
mixerOpen
mixerGetLineInfoA
mixerGetLineControlsA

kernel32

OpenProcess
WaitForMultipleObjects
ResetEvent
CreateEventA
SetEvent
lstrcmpiA
GetExitCodeProcess
TerminateProcess
lstrcatA
SetErrorMode
FreeLibrary
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentThreadId
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
CreateFileA
InitializeCriticalSection
HeapSize
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
CloseHandle
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
RtlUnwind
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
HeapCreate
HeapDestroy
HeapReAlloc
VirtualAlloc
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLocaleInfoA
GetCommandLineA
FlushFileBuffers
SetEndOfFile
SetSystemPowerState
GetDriveTypeA
GetWindowsDirectoryA
GetCurrentProcessId
GetVersionExA
LoadLibraryA
GetProcAddress
CreateThread
Sleep
GetModuleHandleA
GetLastError
GetCurrentProcess
GetTickCount
ReadFile
SetFilePointer

user32

OpenIcon
IsIconic
GetWindowDC
GetWindowRgn
GetKeyboardLayout
MapVirtualKeyExA
GetKeyNameTextA
SetActiveWindow
SetFocus
WindowFromPoint
GetWindowTextA
GetAncestor
AttachThreadInput
GetFocus
EnumChildWindows
EnumWindows
BlockInput
GetAsyncKeyState
SendMessageTimeoutA
GetClassNameA
GetWindowThreadProcessId
IsWindowVisible
PostMessageA
SendMessageA
keybd_event
ExitWindowsEx
LoadCursorFromFileA
GetDesktopWindow
GetClassLongA
GetSystemMetrics
SetCursorPos
SendInput
CopyIcon
SetSystemCursor
FindWindowA
IsWindow
SetWindowPos
GetForegroundWindow
InvalidateRect
UpdateWindow
GetDC
GetClientRect
BeginPaint
EndPaint
PostQuitMessage
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
RegisterClassExA
MessageBoxA
CreateWindowExA
CreatePopupMenu
SetMenu
SetWindowLongA
DestroyWindow
PostThreadMessageA
GetWindowLongA
GetCursorPos
SetForegroundWindow
TrackPopupMenuEx
DefWindowProcA
AppendMenuA
ReleaseDC

gdi32

FrameRgn
GetTextExtentPointA
PatBlt
TextOutA
CreateFontA
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
CreateSolidBrush
SetTextColor
SetBkMode
BitBlt
CreateRectRgn

advapi32

OpenProcessToken
AdjustTokenPrivileges
RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegQueryValueExA
RegDeleteValueA
RegEnumValueA
LookupPrivilegeValueA

shell32

Shell_NotifyIconA
ExtractIconA
ShellExecuteExA

shlwapi

PathAppendA
PathFindFileNameA
StrStrIA

Exports

Exports

?Java_com_ir_1rc_shared_etc_Windows_nativeIsAlreadyRunning@@YGEPAUJNIEnv_@@PAV_jclass@@@Z
?Java_com_ir_1rc_shared_gui_sysTray_TrayIcon_nativeSetHint@@YGXPAUJNIEnv_@@PAV_jobject@@PAV_jbyteArray@@@Z
?Java_com_ir_1rc_shared_gui_sysTray_TrayIcon_nativeSetIcon@@YGXPAUJNIEnv_@@PAV_jobject@@J@Z
_Java_com_ir_1rc_shared_etc_Windows_checkApplicationSynonim@12
_Java_com_ir_1rc_shared_etc_Windows_enumCommPorts@8
_Java_com_ir_1rc_shared_etc_Windows_getCurrentProcessId@8
_Java_com_ir_1rc_shared_etc_Windows_getCurrentlyPressedKey@8
_Java_com_ir_1rc_shared_etc_Windows_getKeyName@12
_Java_com_ir_1rc_shared_etc_Windows_getRegistryKeyForExtension@12
_Java_com_ir_1rc_shared_etc_Windows_getScreenWidth@8
_Java_com_ir_1rc_shared_etc_Windows_moveCursor@24
_Java_com_ir_1rc_shared_etc_Windows_nativeActivateApp@24
_Java_com_ir_1rc_shared_etc_Windows_nativeCheckStartUp@20
_Java_com_ir_1rc_shared_etc_Windows_nativeCloseProcessHandle@12
_Java_com_ir_1rc_shared_etc_Windows_nativeEnumProcesses@8
_Java_com_ir_1rc_shared_etc_Windows_nativeGetChildWindowClass@12
_Java_com_ir_1rc_shared_etc_Windows_nativeGetDriveType@12
_Java_com_ir_1rc_shared_etc_Windows_nativeGetMouseLocation@8
_Java_com_ir_1rc_shared_etc_Windows_nativeGetWin32ProcessHandle@24
_Java_com_ir_1rc_shared_etc_Windows_nativeGetWindowFilePath@12
_Java_com_ir_1rc_shared_etc_Windows_nativeIsWindowFullscreen@12
_Java_com_ir_1rc_shared_etc_Windows_nativeIshProcessValid@12
_Java_com_ir_1rc_shared_etc_Windows_nativeKeybdEvent@32
_Java_com_ir_1rc_shared_etc_Windows_nativeLaunchApp@24
_Java_com_ir_1rc_shared_etc_Windows_nativeMouse_1dragged@12
_Java_com_ir_1rc_shared_etc_Windows_nativeMouse_1up@8
_Java_com_ir_1rc_shared_etc_Windows_nativePerformAction@12
_Java_com_ir_1rc_shared_etc_Windows_nativeRestoreGlobalCursor@8
_Java_com_ir_1rc_shared_etc_Windows_nativeSendSystemMessage@48
_Java_com_ir_1rc_shared_etc_Windows_nativeSetGlobalCursorToBig@8
_Java_com_ir_1rc_shared_etc_Windows_nativeShutDownProcess@12
_Java_com_ir_1rc_shared_etc_Windows_nativeTerminateApp@12
_Java_com_ir_1rc_shared_etc_Windows_nativeVolumeCommand@12
_Java_com_ir_1rc_shared_etc_Windows_pressKey@12
_Java_com_ir_1rc_shared_etc_Windows_pressMouseKey@12
_Java_com_ir_1rc_shared_etc_Windows_releaseKey@12
_Java_com_ir_1rc_shared_etc_Windows_releaseMouseKey@12
_Java_com_ir_1rc_shared_etc_Windows_resetActivationMonitor@8
_Java_com_ir_1rc_shared_etc_Windows_startActivationMonitor@12
_Java_com_ir_1rc_shared_etc_Windows_startWatching@12
_Java_com_ir_1rc_shared_etc_Windows_stopActivationMonitor@8
_Java_com_ir_1rc_shared_etc_Windows_stopWatching@8
_Java_com_ir_1rc_shared_gui_signalWindow_SignalWindow_nativeHide@8
_Java_com_ir_1rc_shared_gui_signalWindow_SignalWindow_nativeShow@12
_Java_com_ir_1rc_shared_gui_sysTray_TrayIcon_nativeAddMenuItem@16
_Java_com_ir_1rc_shared_gui_sysTray_TrayIcon_nativeCheckAlreadyRunning@8
_Java_com_ir_1rc_shared_gui_sysTray_TrayIcon_nativeDestroy@8
_Java_com_ir_1rc_shared_gui_sysTray_TrayIcon_nativeInit@8
_Java_com_ir_1rc_shared_gui_sysTray_TrayIcon_nativeLoadImage@12
_Java_com_ir_1rc_shared_gui_sysTray_TrayIcon_nativeShow@16

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Uninstall.exe
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 288KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/DIALOG/105
.rsrc/DIALOG/106
.rsrc/DIALOG/107
.rsrc/DIALOG/111
.rsrc/GROUP_ICON/103
.rsrc/ICON/1.ico
.rsrc/ICON/2.ico
.rsrc/ICON/3.ico
.rsrc/ICON/4.ico
.rsrc/MANIFEST/1
.xml
.text
help/IRLink.Lite.chm
.chm
plugins/1by1_pm.jar
.jar
plugins/Aimpmmc_pm.jar
.jar
plugins/CityGuide_pm.jar
.jar
plugins/GOM_player_pm.jar
.jar
plugins/IRLink.3_pm.jar
.jar
plugins/MucismatchJukebox_pm.jar
.jar
plugins/PocketGIS_pm.jar
.jar
plugins/StreetDeck_pm.jar
.jar
plugins/VLCplayer0.8.x_pm.jar
.jar
plugins/VLCplayer_pm.jar
.jar
plugins/XPlayer_pm.jar
.jar
plugins/abviewer_pm.jar
.jar
plugins/acdsee6,7_pm.jar
.jar
plugins/acdsee8_pm.jar
.jar
plugins/acrobatReader_pm.jar
.jar
plugins/aimp2_pm.jar
.jar
plugins/apollo_pm.jar
.jar
plugins/averTV_pm.jar
.jar
plugins/axifeFM_pm.jar
.jar
plugins/beholder_pm.jar
.jar
plugins/blazeDVD_pm.jar
.jar
plugins/blazeMediaPro_pm.jar
.jar
plugins/bookshelfTR_pm.jar
.jar
plugins/brenning's_pm.jar
.jar
plugins/bsplayer_pm.jar
.jar
plugins/centrafuse_pm.jar
.jar
plugins/compupic_pm.jar
.jar
plugins/coolPlayer_pm.jar
.jar
plugins/crystalPlayer_pm.jar
.jar
plugins/cyberlink powerCinema_pm.jar
.jar
plugins/deliPlayer2_pm.jar
.jar
plugins/divx_player_pm.jar
.jar
plugins/dscaler4_pm.jar
.jar
plugins/dvdXplayer_pm.jar
.jar
plugins/eline_pm.jar
.jar
plugins/fastStone_pm.jar
.jar
plugins/fly2000tv_pm.jar
.jar
plugins/flyDS_pm.jar
.jar
plugins/foobar2000_pm.jar
.jar
plugins/fullScreenPlayer_pm.jar
.jar
plugins/gdivXPlayer_pm.jar
.jar
plugins/gmplayer_pm.jar
.jar
plugins/gotview_pm.jar
.jar
plugins/iTunes_pm.jar
.jar
plugins/iceBookReader_pm.jar
.jar
plugins/inCarTerm_pm.jar
.jar
plugins/iptvplayer_pm.jar
.jar
plugins/irfanView_pm.jar
.jar
plugins/j.RiverMediaCenter11_pm.jar
.jar
plugins/janCooPlayer_pm.jar
.jar
plugins/jetAudio6_pm.jar
.jar
plugins/kmplayer_pm.jar
.jar
plugins/koolPlaya_pm.jar
.jar
plugins/lightAlloy2,3_pm.jar
.jar
plugins/mediaPlayer9,10_pm.jar
.jar
plugins/mediaPlayerClassic_pm.jar
.jar
plugins/mv2player_pm.jar
.jar
plugins/myHTPC_pm.jar
.jar
plugins/myTheatre_pm.jar
.jar
plugins/neroMediaPlayer_pm.jar
.jar
plugins/neroShowTime_pm.jar
.jar
plugins/officePictureManager_pm.jar
.jar
plugins/osd_pm.jar
.jar
plugins/picajet_pm.jar
.jar
plugins/picasa_pm.jar
.jar
plugins/pinnacleMediaCenter_pm.jar
.jar
plugins/pluton_pm.jar
.jar
plugins/powerDvd5,6_pm.jar
.jar
plugins/powerDvd7_pm.jar
.jar
plugins/powerPoint2003_pm.jar
.jar
plugins/progDVB_pm.jar
.jar
plugins/quickTime_pm.jar
.jar
plugins/quintessentialMediaPlayer_pm.jar
.jar
plugins/radiator_pm.jar
.jar
plugins/realPlayer10_pm.jar
.jar
plugins/roadRunner_pm.jar
.jar
plugins/sasami2k_pm.jar
.jar
plugins/sonique2_pm.jar
.jar
plugins/uBookReader_pm.jar
.jar
plugins/ultraPlayer_pm.jar
.jar
plugins/vocalJam_pm.jar
.jar
plugins/win32_pm.jar
.jar
plugins/win7_pm.jar
.jar
plugins/winDvd5_pm.jar
.jar
plugins/winDvd7_pm.jar
.jar
plugins/winPictureFaxViewer_pm.jar
.jar
plugins/winamp2x,5_pm.jar
.jar
plugins/winamp3_pm.jar
.jar
plugins/windowsMediaCenter_pm.jar
.jar
plugins/xVid;-)_pm.jar
.jar
plugins/xmPlay_pm.jar
.jar
plugins/xnView_pm.jar
.jar
plugins/zoomPlayer_pm.jar
.jar
remoteControl/ASUS XPC_rc.jar
.jar
remoteControl/ATI Remote Wonder Plus_rc.jar
.jar
remoteControl/ATI Remote Wonder_rc.jar
.jar
remoteControl/Abit_rc.jar
.jar
remoteControl/AverMedia 305, 307, e-TV_rc.jar
.jar
remoteControl/AverMedia 505, 507, Cardbus Plus_rc.jar
.jar
remoteControl/Basic Mobile Phone_rc.jar
.jar
remoteControl/Beholder 40x, 50x (RDS, FM)_rc.jar
.jar
remoteControl/Beholder 60x (RDS, FM), M6 (Extra)_rc.jar
.jar
remoteControl/Blaupunkt_rc.jar
.jar
remoteControl/Epro_rc.jar
.jar
remoteControl/Gotview USB Remote Control, USB2.0 DVD Deluxe, PCI DVD2 Deluxe_rc.jar
.jar
remoteControl/Gotview USB2.0 DVD Delux, PCI DVD, PCI DVD2 Lite, PCI DVD3 Hybrid, PCI Hybrid_rc.jar
.jar
remoteControl/IRLink Remote Control_rc.jar
.jar
remoteControl/LG (Goldstar) 105-210A, 105-230F_rc.jar
.jar
remoteControl/LG (music center)_rc.jar
.jar
remoteControl/Microsoft eHome remote control_rc.jar
.jar
remoteControl/Motorola K1_rc.jar
.jar
remoteControl/PanasonicN2QAJB000110_rc.jar
.jar
remoteControl/Pinnacle 100i, PCTV (Stereo, Pro)_rc.jar
.jar
remoteControl/Pinnacle110i_rc.jar
.jar
remoteControl/Pioneer (CD-SR100)_rc.jar
.jar
remoteControl/Prology RCD-350_rc.jar
.jar
remoteControl/Rolsen RC-P03A_rc.jar
.jar
remoteControl/Samsung 3F14-00038-093_rc.jar
.jar
remoteControl/Tennex (NetLine 200S)_rc.jar
.jar
remoteControl/VCR multi TV RC 8005M_rc.jar
.jar
remoteControl/Vestel RC-2440_rc.jar
.jar
remoteControl/Waver RC (IR)_rc.jar
.jar
remoteControl/Waver RC Mini (IR)_rc.jar
.jar
remoteControl/Waver RC Radio (433MHz)_rc.jar
.jar
remoteControl/aiwaRC-6VT05_rc.jar
.jar
remoteControl/akaiRC_v425A_rc.jar
.jar
remoteControl/beholderColumbus_rc.jar
.jar
remoteControl/chronos Video Shuttle II 32btn_rc.jar
.jar
remoteControl/compro VideoMate TV Gold II_rc.jar
.jar
remoteControl/daewooR-25_rc.jar
.jar
remoteControl/eDio Lazer_rc.jar
.jar
remoteControl/eDio Mouse_rc.jar
.jar
remoteControl/eDio_rc.jar
.jar
remoteControl/funTV_rc.jar
.jar
remoteControl/genius_rc.jar
.jar
remoteControl/gotview7135_rc.jar
.jar
remoteControl/gotview878,7134_rc.jar
.jar
remoteControl/grundig_765s_rc.jar
.jar
remoteControl/grundig_81D_rc.jar
.jar
remoteControl/lg105-230M_rc.jar
.jar
remoteControl/lg6710V00017F_rc.jar
.jar
remoteControl/panasonicEUR-51975_rc.jar
.jar
remoteControl/panasonicEUR-644666_rc.jar
.jar
remoteControl/philipsRC7805_rc.jar
.jar
remoteControl/philips_rc.jar
.jar
remoteControl/pinnacle100i_sr.jar
.jar
remoteControl/pinnacle300i_rc.jar
.jar
remoteControl/rc6_rc.jar
.jar
remoteControl/samsung00008D_rc.jar
.jar
remoteControl/samsung00198H_rc.jar
.jar
remoteControl/samsung633-251_rc.jar
.jar
remoteControl/samsungAA59-00332A_rc.jar
.jar
remoteControl/samsungAA59-00332D_rc.jar
.jar
remoteControl/skystar_rc.jar
.jar
remoteControl/smg3F14-00038-093_rc.jar
.jar
remoteControl/sonyRM-836_rc.jar
.jar
remoteControl/thomsonRCG111TB1_rc.jar
.jar
remoteControl/thomsonRCT-2100G_rc.jar
.jar
remoteControl/thomsonRCT100_rc.jar
.jar
remoteControl/thomsonRCT3004_rc.jar
.jar
signalReceiver/IRLink.Combi.2_sr.jar
.jar
signalReceiver/IRLink.VS_sr.jar
.jar
signalReceiver/MSeHomeRemoteControl_sr.jar
.jar
signalReceiver/abit_sr.jar
.jar
signalReceiver/asysXPC-RC01_sr.jar
.jar
signalReceiver/atiRemoteWonder_sr.jar
.jar
signalReceiver/averSAA71xx_sr.jar
.jar
signalReceiver/beholder_sr.jar
.jar
signalReceiver/blueSoleil_sr.jar
.jar
signalReceiver/combi_sr.jar
.jar
signalReceiver/comproVideoMateGold_sr.jar
.jar
signalReceiver/cronosVideoShuttleTVii_sr.jar
.jar
signalReceiver/dek_sr.jar
.jar
signalReceiver/e-tv_sr.jar
.jar
signalReceiver/eDioMouse_sr.jar
.jar
signalReceiver/eDio_sr.jar
.jar
signalReceiver/ePro_sr.jar
.jar
signalReceiver/funTV_sr.jar
.jar
signalReceiver/genius_sr.jar
.jar
signalReceiver/gotviewRemoteControl_sr.jar
.jar
signalReceiver/gotview_sr.jar
.jar
signalReceiver/igorPlug_sr.jar
.jar
signalReceiver/irlinkCom_sr.jar
.jar
signalReceiver/irlink_dk_sr.jar
.jar
signalReceiver/irlink_dn_sr.jar
.jar
signalReceiver/irlink_pComm_sr.jar
.jar
signalReceiver/irman,uir,redray_sr.jar
.jar
signalReceiver/mobileGPRS_sr.jar
.jar
signalReceiver/pinnacle100i_sr.jar
.jar
signalReceiver/pinnacle300i_sr.jar
.jar
signalReceiver/skyStar2_sr.jar
.jar
signalReceiver/tennex_sr.jar
.jar
signalReceiver/waver_sr.jar
.jar
signalReceiver/winlircCTS_sr.jar
.jar
signalReceiver/winlircDCD_sr.jar
.jar
signalReceiver/winlircDSR_sr.jar
.jar
signalReceiver/winlircTCP-IP_sr.jar
.jar
webInstaller.jar
.jar
webInstaller/resources/resources_gui_en.properties
webInstaller/resources/resources_gui_ru.properties
webInstaller/resources/resources_headless_en.properties
webInstaller/resources/resources_headless_ru.properties

Sharing

General

Malware Config

Signatures

Files

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 151KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 288KB - Virtual size: 288KB

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

9b6b6a7858e17fb0b17e1c1428330343

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 697B

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 352B

.reloc Size: 512B - Virtual size: 320B

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 49KB - Virtual size: 332KB

.rsrc Size: 5KB - Virtual size: 8KB

60999906f8564a8c24af105d5184b2fc

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 16KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 1KB

a0729a842c60dae4a8400490bd31ae6c

Headers

File Characteristics

Imports

kernel32

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 151KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 288KB - Virtual size: 288KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 697B

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 352B

.reloc
Size: 512B - Virtual size: 320B

.text
Size: 49KB - Virtual size: 332KB

.rsrc
Size: 5KB - Virtual size: 8KB

.text
Size: 16KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 1KB

.text
Size: 19KB - Virtual size: 52KB

.rsrc
Size: 3KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 512B

.text
Size: 56KB - Virtual size: 54KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 8KB - Virtual size: 6KB

.text
Size: 49KB - Virtual size: 332KB

.rsrc
Size: 5KB - Virtual size: 8KB

.text
Size: 56KB - Virtual size: 54KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 8KB - Virtual size: 6KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 4KB