3a0bccbda344f5670678aebd73c56f9f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3a0bccbda344f5670678aebd73c56f9f_JaffaCakes118
Size

3.9MB
MD5

3a0bccbda344f5670678aebd73c56f9f
SHA1

f0c9f410ba850783dbe0f6e8da40b9acecad705c
SHA256

14f8b8ca319489e895f972f52282241c631f2c1ca87f59f8913faafc5acd2115
SHA512

abda348451b260deb1412c860c998e5c4bb7c98e30dee3532540770d2ca37cff9c73e895b60ef2695675700faca5d9471e844b58389f9d2f84bdf5e3cee01d52
SSDEEP

98304:nXmiqpvgjTcOKxbPEIYG/8HHkulu4yzZpY51JRi:nXmiHsOKgE0n9iEJRi

Score

3^/10

Malware Config

Signatures

Unsigned PE 42 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Aston.1.9.5.exe
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$PLUGINSDIR/StartMenu.dll
unpack002/$PLUGINSDIR/System.dll
unpack002/A-Master.exe
unpack002/Ainet.dll
unpack002/Aston.exe
unpack002/AstonEx.dll
unpack002/Plugins/AClock.plg
unpack002/Plugins/AltDesk.plg
unpack002/Plugins/AstAmp.plg
unpack002/Plugins/AutoRun.plg
unpack002/Plugins/Cpu95nt.tbp
unpack002/Plugins/DisksEx.plg
unpack002/Plugins/MenuEx.plg
unpack002/Plugins/NetTraf.plg
unpack002/Plugins/NoteBk.tbp
unpack002/Plugins/Panel.plg
unpack002/Plugins/QLaunch.plg
unpack002/Plugins/RecycleBinEx.plg
unpack002/Plugins/Search.plg
unpack002/Plugins/SkinClckEx.plg
unpack002/Plugins/Sticker.plg
unpack002/Plugins/VertPanel.plg
unpack002/Plugins/VistaBTN.plg
unpack002/Plugins/Zoom.tbp
unpack002/Plugins/aes.dll
unpack002/Plugins/rss.plg
unpack002/PrintMon.exe
unpack002/SHDoctor.exe
unpack002/ShellSwp.exe
unpack002/Starter.dll
unpack002/Thwizard.dll
unpack002/Thwizard.exe
unpack002/XP/indicdll.dll
unpack002/XP/internat.exe
unpack002/aHook.dll
unpack002/drawpng.dll
unpack002/hook.dll
unpack002/lsapi.dll
unpack002/mmkbd.dll
unpack002/uninst.exe

NSIS installer 2 IoCs

installer

resource	yara_rule
static1/unpack001/Aston.1.9.5.exe	nsis_installer_1
static1/unpack002/uninst.exe	nsis_installer_1

Files

3a0bccbda344f5670678aebd73c56f9f_JaffaCakes118
.rar
Aston.1.9.5.exe
.exe windows:4 windows x86 arch:x86

18bc6fa81e19f21156316b1ae696ed6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
lstrcmpiA
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA

user32

ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
TrackPopupMenu
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

57354bdeea3dfae6e948101add87501a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
GetPrivateProfileIntA
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
MultiByteToWideChar
GlobalAlloc

user32

GetDlgCtrlID
GetClientRect
SetWindowRgn
MapWindowPoints
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
PtInRect
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
LoadIconA

gdi32

SetTextColor
GetObjectA
SelectObject
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
CreateCompatibleDC

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/StartMenu.dll
.dll windows:4 windows x86 arch:x86

28d94e5199b88ad374b3cb2118e31a66

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
GlobalAlloc
MulDiv
GetModuleHandleA
GlobalFree
FindClose
FindNextFileA
FindFirstFileA
lstrcmpiA
lstrcatA
lstrcpyA

user32

GetMessageA
IsDialogMessageA
PostMessageA
CallWindowProcA
TranslateMessage
CheckDlgButton
ShowWindow
LoadIconA
GetClientRect
MoveWindow
ScreenToClient
GetWindowRect
ReleaseDC
GetDC
EnableWindow
SetWindowTextA
SendMessageA
IsDlgButtonChecked
GetWindowTextA
DispatchMessageA
DestroyWindow
GetDlgItem
CreateDialogParamA
SetWindowLongA
wsprintfA
GetWindowLongA

gdi32

GetTextMetricsA
SelectObject

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA

Exports

Exports

Init
Select
Show

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 460B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 494B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
A-Master.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 71KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gs
Size: 142KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Ainet.dll
.dll windows:4 windows x86 arch:x86

7714763c636d6dcf2ea00a54cfc834b6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_initterm
malloc
free
??1type_info@@UAE@XZ
fopen
fwrite
fclose
memset
strncmp
strncpy
strcmp
atol
??3@YAXPAX@Z
??2@YAPAXI@Z
_adjust_fdiv
_except_handler3

wininet

HttpQueryInfoA
FtpGetFileSize
HttpSendRequestA
InternetOpenA
FtpOpenFileA
HttpAddRequestHeadersA
InternetReadFile
InternetConnectA
InternetAttemptConnect
InternetCloseHandle
HttpOpenRequestA

kernel32

GetLastError
lstrcmpiA
CloseHandle
WriteFile
CreateFileA
DisableThreadLibraryCalls
RtlMoveMemory
CreateThread
lstrcpyA
lstrlenA
RtlZeroMemory
lstrcatA

user32

SendMessageA
IsWindow

starter

Amalloc
Arealloc
Afree

Exports

Exports

Inet_Close
Inet_Connect

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 510B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Aston Trans Refresh.txt
Aston.chm
.chm
Aston.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 56KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gs
Size: 129KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Aston.rc
AstonEx.dll
.dll windows:4 windows x86 arch:x86

feb9c072304fc56de16b83eb12a025f1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
_except_handler3
_snwprintf
_snprintf
strcat
memmove
realloc
sprintf
strstr
strncpy
strcpy
strlen
malloc
strcmp
free
calloc
memcpy
??2@YAPAXI@Z
_wcsupr
??3@YAXPAX@Z
memset
wcslen
_ultow

kernel32

GetModuleFileNameA
GetLongPathNameA
SetEndOfFile
GetFileSize
GetLastError
IsDebuggerPresent
HeapFree
HeapAlloc
GetProcessHeap
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleA
lstrcmpiA
lstrcpyA
lstrlenA
GetFileAttributesA
CreateDirectoryA
lstrcatA
VirtualFree
FlushInstructionCache
GetCurrentProcess
OutputDebugStringA
VirtualAlloc
RtlZeroMemory
CreateEventA
SetFilePointer
SystemTimeToFileTime
CreateFileA
CloseHandle
ReadFile
LocalFileTimeToFileTime
GetCurrentDirectoryA
SetFileTime
WriteFile
WaitForSingleObject
SetThreadPriority
CreateThread
ResetEvent
TerminateThread
SuspendThread
GetExitCodeThread
SetEvent
RtlMoveMemory
RtlFillMemory
Sleep
GetSystemInfo
SleepEx
GetCurrentThreadId
GetSystemTimeAsFileTime
CopyFileA
OutputDebugStringW

user32

PostMessageA
OffsetRect
EqualRect
ClipCursor
WindowFromPoint
GetKeyState
ReleaseCapture
GetAsyncKeyState
DestroyWindow
InflateRect
DrawEdge
MessageBoxA
ReleaseDC
FillRect
SendMessageA
SetTimer
FindWindowA
UnionRect
BeginPaint
EndPaint
DefWindowProcA
GetWindowLongA
SetRect
CopyRect
IsWindow
GetWindowRect
InvalidateRect
GetWindowRgn
LoadCursorA
GetCursorPos
SetWindowPos
UnregisterClassA
RegisterClassExA
ScreenToClient
SetWindowLongA
SetRectEmpty
GetClassLongA
SetClassLongA
PtInRect
KillTimer
ShowWindow
SetCapture
GetClientRect
UpdateWindow
GetDC
CreateWindowExA
DrawTextA

gdi32

GetRegionData
CreateRectRgn
SetStretchBltMode
SetWorldTransform
SetMapMode
SetGraphicsMode
SelectObject
CombineRgn
DeleteDC
ExtCreateRegion
CreateCompatibleDC
BitBlt
GetStockObject
CreateDIBSection
GetObjectA
CreateSolidBrush
SetTextColor
SetBkMode
GetClipBox
CreateCompatibleBitmap
DeleteObject

comctl32

ImageList_DrawEx

shell32

SHFileOperationA
SHAppBarMessage

starter

LoadImageEx
DrawPicture
NotifyTip
DrawSkin
FileExists
FreePicture
DrawDesktop

drawpng

PreAlpha
AlphaBlt

Exports

Exports

ADrawText
CalcTextRect
ClearFolder
CloseZipFile
CreateAstonWND
DrawWnd
FindFile
GetDllVer
GetFileCount
GetFileInfo
OpenZipFile
ReadZipFile
SetPicTransparency
UnpackTheme

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Desktop.ini
FAQ.htm
.html
License.txt
Pictures/3dmax.ico
Pictures/Afolder.ico
Pictures/AltDesk.bmp
Pictures/Aston.bmp
Pictures/COMPUTER1.ani
Pictures/Car.ico
Pictures/Closed Folder.ico
Pictures/FreeCell.ico
Pictures/GLOBE.ANI
Pictures/Hearts.ico
Pictures/Help.ico
Pictures/Install.bmp
Pictures/Media Player.ico
Pictures/Media Player1.ico
Pictures/MineSweeper.ico
Pictures/More.bmp
Pictures/Open Folder.ico
Pictures/Ppanel.bmp
Pictures/SF.ico
Pictures/Solitare.ico
Pictures/Sound.ico
Pictures/Uninst.bmp
Pictures/Winzip.ico
Pictures/Wordpad.ico
Pictures/altdesk.ico
Pictures/astonshell.ico
Pictures/cnet.ico
Pictures/deviantart.ico
Pictures/excel.ico
Pictures/fg.ico
Pictures/firefox.ico
Pictures/google.ico
Pictures/icq.ico
Pictures/illustrator.ico
Pictures/ledit.ico
Pictures/mail.ico
Pictures/nero.ico
Pictures/office.ani
Pictures/outlook.ico
Pictures/paint.ico
Pictures/photoshop.ico
Pictures/private.ico
Pictures/sd1.ico
Pictures/sd2.ico
Pictures/tc.ico
Pictures/thebat.ani
Pictures/tucows.ico
Pictures/wab.ico
Pictures/winamp.ico
Pictures/windvd.ico
Pictures/winrar.ico
Pictures/word.ico
Plugins.rc
Plugins/AClock.plg
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

CODE
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 123B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Plugins/AltDesk.plg
.dll windows:4 windows x86 arch:x86

120c405da406cb0b8b62eaef8aa7840b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

starter

GetCFGFont
SetLayered
DefCharSet
GetFontHandle
NotifyTip
FileExists
FreePicture
OpenCFGr
FindSection
GetCFGInt
CheckInt
FreeFont
GetCFGString
LayeredStyle
LoadImageEx
GetCFGPic
GetCFGBool
GetCFGFontEx
GetFontHandleEx
CloseCFGr
DrawPicture
Afree
Arealloc
Amalloc
StretchSkin
DrawSkin
GetCFGHex

astonex

ADrawText

shlwapi

PathCombineA

msvcrt

_adjust_fdiv
malloc
_initterm
free

kernel32

lstrcmpA
GetCurrentThreadId
RtlMoveMemory
GetTempPathA
CreateFileA
CloseHandle
DeleteFileA
lstrlenA
lstrcpyA
DisableThreadLibraryCalls
RtlZeroMemory

user32

DestroyMenu
TrackPopupMenuEx
IsWindowVisible
AppendMenuA
CreatePopupMenu
GetWindowRect
IsWindow
FindWindowA
UnregisterClassA
DestroyWindow
DefWindowProcA
GetMessagePos
ReleaseCapture
SetCapture
SetWindowPos
EndPaint
BeginPaint
CreateWindowExA
LoadImageA
RegisterClassA
LoadCursorA
SystemParametersInfoA
ReleaseDC
DrawTextA
GetDC
FillRect
GetSysColorBrush
InflateRect
CallNextHookEx
SetWindowLongA
GetWindowLongA
GetClassNameA
PostMessageA
UnhookWindowsHookEx
SetWindowsHookExA
SetFocus
GetSystemMetrics
SetRectEmpty
SendMessageA
CopyRect
GetClientRect
DrawEdge
DrawIconEx
GetCursorPos
ScreenToClient
PtInRect
InvalidateRect
SetTimer
KillTimer
OffsetRect
SetRect
wsprintfA

gdi32

SelectObject
CreateFontIndirectA
DeleteObject
CreateSolidBrush
SetBkMode
SetTextColor
GetStockObject

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA
FindExecutableA

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/AstAmp.plg
.dll windows:4 windows x86 arch:x86

ca5091c0b24e19deb7bf9f67ed5f466e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

starter

DrawSkin
LoadImageEx
FileExists
NewNode
FindFirstNode
Quote
SetCFGString
DeleteKey
SetCFGPic
SetCFGInt
Arealloc
FreeNode
FindNextNode
Scan
InsertString
DrawPicture
CloseCFGw
OpenCFGw
Amalloc
LayeredStyle
Afree
FreeNodeList
FreeFont
SetLayered
BitmapToRegion
OpenCFGr
FindSection
GetCFGString
GetCFGInt
CheckInt
GetCFGRect
CloseCFGr
GetCFGHex
GetCFGBool
GetCFGFont
GetFontHandle
GetNodeList

drawpng

AlphaBlt
PreAlpha

kernel32

GetModuleHandleA
GetProcAddress
lstrcatA
OpenProcess
ReadProcessMemory
CloseHandle
lstrlenA
lstrcmpA
Sleep
lstrcmpiA
lstrcpyA
RtlMoveMemory
RtlZeroMemory
DisableThreadLibraryCalls

user32

EndDialog
SendDlgItemMessageA
DialogBoxParamA
SetFocus
GetDlgItem
ScreenToClient
DestroyMenu
TrackPopupMenuEx
GetCursorPos
AppendMenuA
CreatePopupMenu
ShowWindowAsync
IsWindowVisible
SetCapture
EndPaint
DrawEdge
DrawTextA
FillRect
BeginPaint
DefWindowProcA
GetKeyState
ReleaseCapture
wsprintfA
FindWindowA
MessageBoxA
IsWindow
GetWindowTextA
PostMessageA
GetWindowThreadProcessId
ReleaseDC
SetRectEmpty
GetDC
PtInRect
GetWindowLongA
GetWindowRect
GetSystemMetrics
WindowFromPoint
CopyRect
SetRect
InvalidateRect
UpdateWindow
LoadCursorA
RegisterClassA
KillTimer
DestroyWindow
UnregisterClassA
CreateWindowExA
SendMessageA
SetWindowPos
SetWindowLongA
SetWindowRgn
SystemParametersInfoA
SetTimer
GetClientRect
ShowWindow

gdi32

SetBkMode
SelectObject
CreateDIBSection
DeleteDC
SetTextColor
CreateCompatibleDC
LineTo
MoveToEx
ExtTextOutA
CreateSolidBrush
DeleteObject
BitBlt
GetStockObject

comdlg32

GetOpenFileNameA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

shell32

SHAppBarMessage
ShellExecuteA

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/AutoRun.plg
.dll windows:4 windows x86 arch:x86

362c1cd92b004c6d2efbbb87d8c9e93a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

starter

OpenCFGr
FindSection
GetCFGBool
CloseCFGr
DirExists
FileExists
PidlFromPathA
GetParamStr
SHFree

kernel32

GetExitCodeThread
SuspendThread
TerminateThread
HeapFree
HeapAlloc
GetProcessHeap
RtlMoveMemory
DisableThreadLibraryCalls
SetErrorMode
RtlZeroMemory
GetPrivateProfileStringA
lstrcatA
lstrcpyA
lstrcmpA
GetVolumeInformationA
OutputDebugStringA
GetDriveTypeA
WaitForSingleObject
SetThreadPriority
CreateThread
CreateEventA
CloseHandle
SetEvent

user32

GetForegroundWindow
GetAsyncKeyState
DefWindowProcA
CreateWindowExA
RegisterClassA
UnregisterClassA
DestroyWindow
SendMessageTimeoutA
wsprintfA
RegisterWindowMessageA

shell32

ord100
ShellExecuteExA

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/Cpu95nt.tbp
.dll windows:4 windows x86 arch:x86

a528b69b38c33a00aa066dd1383d8133

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentDirectoryA
GetModuleFileNameA
SetCurrentDirectoryA
CreateFileA
GetModuleHandleA
GetProcAddress
DeviceIoControl
GetVersionExA
RtlMoveMemory
RtlZeroMemory
lstrcpyA
CloseHandle
DisableThreadLibraryCalls

user32

DrawEdge
BeginPaint
EndPaint
GetDC
ReleaseDC
PostMessageA
DefWindowProcA
wvsprintfA
CopyRect
InflateRect
KillTimer
DestroyWindow
UnregisterClassA
LoadCursorA
RegisterClassA
FillRect
GetClientRect
SetTimer
InvalidateRect
SetWindowPos
SendMessageA
CreateWindowExA

gdi32

DeleteObject
CreatePen
CreateSolidBrush
LineTo
MoveToEx
SelectObject

advapi32

RegOpenKeyA
RegCloseKey
RegQueryValueExA

shell32

SHAppBarMessage

starter

GetCFGInt
CloseCFGr
CheckInt
NotifyTip
GetCFGHex
FindSection
OpenCFGr

msvcrt

_ftol

Exports

Exports

DoneModule
GetPluginInfo
InitToolbarModule

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/DisksEx.plg
.dll windows:4 windows x86 arch:x86

f9f3d070c994095e6a7852fc2c4695c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

starter

SetCFGInt
OpenCFGw
CloseCFGw
CheckInt
OpenCFGr
Amalloc
Afree
GetFontHandle
GetCFGHex
GetCFGRect
CloseCFGr
GetCFGInt
GetCFGBool
LoadImageEx
FindSection
GetCFGString
GetCFGFont
FreeFont

astonex

CreateAstonWND
SetPicTransparency

drawpng

AlphaBlt

kernel32

lstrcatA
GetVolumeInformationA
lstrlenA
lstrcpyA
RtlZeroMemory
DisableThreadLibraryCalls
GetLogicalDriveStringsA
RtlMoveMemory
GetDiskFreeSpaceExA
GetDriveTypeA

user32

DestroyMenu
AppendMenuA
CreatePopupMenu
GetCursorPos
GetDesktopWindow
SetRect
TrackPopupMenuEx
SendMessageA
GetClientRect
wsprintfA
SetTimer
GetWindowRect
KillTimer
DrawIconEx
SetClassLongA
EqualRect
LoadImageA
GetClassLongA
DestroyWindow

gdi32

DeleteDC
SelectObject
CreateCompatibleDC
DeleteObject
GetStockObject
BitBlt

shell32

ShellExecuteExA

msvcrt

memset

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/MenuEx.plg
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

CODE
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 123B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Plugins/NOTEBOOK.DAT
Plugins/NetTraf.plg
.dll windows:4 windows x86 arch:x86

46ab53f1aad77878df541e057e43debb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

starter

GetCFGFontEx
Unquote
SetCFGInt
SetCFGString
OpenCFGw
CloseCFGw
GetCFGRect
OpenCFGr
Amalloc
GetFontHandleEx
Afree
FreeFontEx
CloseCFGr
GetCFGInt
LoadImageEx
FindSection
CheckInt
GetCFGString

astonex

CreateAstonWND

drawpng

AlphaBlt

kernel32

LoadLibraryA
GetProcAddress
lstrcatA
FreeLibrary
lstrcpyA
RtlZeroMemory
DisableThreadLibraryCalls
lstrcmpiA
RtlMoveMemory
lstrcmpA

user32

AppendMenuA
CreatePopupMenu
GetCursorPos
TrackPopupMenuEx
SendMessageA
GetClientRect
wsprintfA
GetWindowRect
DestroyMenu
SetTimer
FillRect
KillTimer
SetRect
IsWindowVisible
DestroyWindow

gdi32

BitBlt
DeleteDC
SelectObject
CreateCompatibleDC
DeleteObject
GetStockObject

msvcrt

memset

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/NoteBk.tbp
.dll windows:4 windows x86 arch:x86

9783ff4a3a7bb51551bd84e98431bd01

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

ImageList_Create
ImageList_Add
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Destroy

starter

DrawSkinTrans
FileExists
AnimateWnd
SetForeWndFix
SetLayered
LayeredStyle
NotifyTip
CloseCFGr
OpenCFGr
CloseCFGw
Unquote
SetCFGString
Quote
GetCFGString
FindSection
Run
OpenCFGw
FreePicture
LoadImageEx
GetCFGPic
CheckInt
GetCFGFont
GetCFGInt
GetCFGBool
SetCFGInt
FreeFont
CanAnimate
GetFontHandle
GetShellIconSize
DrawPicture

kernel32

UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
VirtualQuery
RtlUnwind
GetVersionExA
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
RtlMoveMemory
lstrlenA
RtlZeroMemory
GetModuleFileNameA
lstrcpyA
lstrcatA
DisableThreadLibraryCalls
LoadLibraryA
SetErrorMode
FreeLibrary
MulDiv
CloseHandle
ReadFile
GetFileSize
CreateFileA
SetEndOfFile
WriteFile
GetTimeFormatA
GetDateFormatA
lstrcmpA
Sleep
GlobalFree
GetModuleHandleA
lstrcpynA
GlobalUnlock
GlobalDeleteAtom
GlobalLock
GetTickCount
GlobalAddAtomA
GetProcessHeap
HeapAlloc
HeapFree

user32

SetFocus
GetClientRect
ReleaseDC
GetDC
DestroyIcon
CreateWindowExA
UnregisterClassA
DestroyWindow
CallWindowProcA
TranslateAcceleratorA
SetParent
GetParent
CreateDialogParamA
CheckMenuItem
IsClipboardFormatAvailable
EnableMenuItem
GetLastActivePopup
GetForegroundWindow
IsChild
WindowFromPoint
GetCursorPos
DialogBoxParamA
TrackPopupMenu
ClientToScreen
GetSubMenu
GetMenu
InflateRect
LoadAcceleratorsA
LoadImageA
RegisterClassExA
LoadCursorA
CharLowerBuffA
PackDDElParam
UnpackDDElParam
MsgWaitForMultipleObjects
DispatchMessageA
TranslateMessage
PeekMessageA
wsprintfA
SendMessageTimeoutA
IsWindow
RegisterClassA
CharLowerA
GetDlgItem
SendDlgItemMessageA
EndDialog
CharUpperBuffA
IsCharAlphaNumericA
wvsprintfA
UpdateWindow
GetWindowLongA
SetWindowLongA
RedrawWindow
BeginPaint
EndPaint
DefWindowProcA
PostMessageA
GetWindowRect
SystemParametersInfoA
SetWindowPos
InvalidateRect
ShowWindow
SetWindowTextA
GetWindowTextLengthA
GetWindowTextA
SetRectEmpty
DrawTextA
SetRect
CopyRect
MessageBoxA
SendMessageA
IsWindowEnabled
IsWindowVisible

gdi32

StartDocA
AbortDoc
DeleteDC
EndDoc
EndPage
GetTextMetricsA
SelectObject
DeleteObject
GetStockObject
GetDeviceCaps
CreateFontIndirectA
BitBlt
SetMapMode
StartPage
SetViewportOrgEx
SetBkMode

advapi32

GetUserNameA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Exports

Exports

DoneModule
GetPluginInfo
InitToolbarModule

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/Noteboo1.dat
Plugins/Panel.plg
.dll windows:4 windows x86 arch:x86

7241deb11e4d22d203dd8eff327c3da2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

starter

GetNodeList
Unquote
LayeredStyle
Afree
FreeNodeList
FreeFont
LoadImageEx
OpenCFGr
GetCFGInt
GetCFGBool
GetCFGHex
GetCFGFont
GetFontHandle
GetCFGRect
CheckInt
GetCFGString
SetCFGString
FindSection
OpenCFGw
Quote
SetCFGInt
CloseCFGw
Amalloc
CloseCFGr

msvcrt

memset

astonex

CreateAstonWND
GetDllVer
SetPicTransparency

kernel32

GetModuleFileNameA
RtlMoveMemory
RtlZeroMemory
lstrcatA
lstrcpyA
OutputDebugStringA
lstrcmpiA
DisableThreadLibraryCalls
GetDriveTypeA
lstrlenA

user32

WindowFromPoint
GetCursorPos
CopyRect
FillRect
SetWindowPos
MessageBoxA
DestroyWindow
DestroyMenu
TrackPopupMenuEx
AppendMenuA
CreatePopupMenu
ScreenToClient
GetWindowRect
wsprintfA
SetTimer
KillTimer
SetRect
SendMessageA
GetAsyncKeyState

gdi32

GetStockObject

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

DragQueryFileA

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/QLaunch.plg
.dll windows:4 windows x86 arch:x86

f7c4ff11fa62054bf6e2f60da8a5264a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
_except_handler3
malloc
_initterm
free

kernel32

LoadLibraryA
lstrcmpA
GetCurrentThreadId
DisableThreadLibraryCalls
lstrcmpiA
Sleep
MultiByteToWideChar
lstrcpynA
GetModuleHandleA
FindCloseChangeNotification
TerminateThread
SuspendThread
WaitForSingleObject
GetProcAddress
GetExitCodeThread
SetEvent
CloseHandle
FindNextChangeNotification
WaitForMultipleObjects
CreateThread
FindFirstChangeNotificationA
CreateEventA
lstrcatA
GetWindowsDirectoryA
RtlMoveMemory
FreeLibrary
lstrcpyA
FindFirstFileA
RtlZeroMemory
FindNextFileA
FindClose
lstrlenA
SetThreadPriority

user32

DialogBoxParamA
ShowWindow
EndDialog
GetDlgItem
CallWindowProcA
ClientToScreen
ShowCursor
ClipCursor
DestroyWindow
UnregisterClassA
LoadCursorA
RegisterClassA
LoadImageA
CreateWindowExA
IsWindow
BeginPaint
EndPaint
SetCapture
DefWindowProcA
ReleaseCapture
GetMenuItemInfoA
GetMessagePos
GetDesktopWindow
GetAsyncKeyState
SetRectEmpty
GetClientRect
GetCursorPos
ScreenToClient
PtInRect
InvalidateRect
SetTimer
KillTimer
OffsetRect
GetSystemMetrics
SetFocus
CreatePopupMenu
AppendMenuA
SetWindowsHookExA
GetWindowRect
TrackPopupMenuEx
DestroyMenu
UnhookWindowsHookEx
GetClassNameA
GetWindowLongA
SetWindowLongA
CallNextHookEx
CopyRect
DrawEdge
InflateRect
GetSysColorBrush
FillRect
SetRect
GetDC
DrawTextA
ReleaseDC
SystemParametersInfoA
PostMessageA
SendMessageA
SetWindowPos

gdi32

CreateSolidBrush
DeleteObject
CreateFontIndirectA
SelectObject
SetTextColor
SetBkMode

comctl32

ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragMove
ImageList_DragLeave
ImageList_EndDrag
ImageList_Destroy
ImageList_DragShowNolock
ImageList_DrawEx

shell32

ord155
ord71
SHFileOperationA
ShellExecuteExA
DragQueryFileA
DragFinish
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetFileInfoA

starter

SetLayered
DrawSkin
StretchSkin
LoadImageEx
DefCharSet
GetFontHandle
LayeredStyle
Amalloc
GetShellIconSize
Arealloc
Afree
GetCFGFont
GetCFGPic
CheckInt
FreePicture
GetCFGBool
GetCFGInt
GetCFGHex
FindSection
FreeFont
Run
DrawPicture
FileExists
Unquote
NotifyTip
DirExists
StrCopyEx
GetCFGString
OpenCFGr
FindNextNode
FindFirstNode
CloseCFGw
SetCFGString
NewNode
InsertString
OpenCFGw
CloseCFGr

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/RecycleBinEx.plg
.dll windows:4 windows x86 arch:x86

a73a7ddd3ebba49273a2c9930e92106c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

starter

GetCFGRect
OpenCFGr
GetFontHandleEx
DrawPicture
GetCFGString
LoadImageEx
GetCFGBool
OpenCFGw
DoneExtractor
ReadIconFromModule
MakeHIcon
AdjustIcon
FindSection
FreeExIcon
Afree
Amalloc
InitExtractor
SetCFGInt
GetCFGFontEx
FreePicture
CheckInt
CloseCFGr
CloseCFGw
GetCFGInt

astonex

CreateAstonWND
SetPicTransparency

drawpng

AlphaBlt

msvcrt

strcpy

kernel32

RtlZeroMemory
lstrlenA
GetDiskFreeSpaceExA
lstrcpyA
GetDriveTypeA
DisableThreadLibraryCalls
GetLogicalDriveStringsA
RtlMoveMemory
lstrcatA

user32

KillTimer
SetTimer
DestroyWindow
DrawTextA
SetRectEmpty
GetDC
TrackPopupMenuEx
SetRect
ReleaseDC
SetClassLongA
GetDesktopWindow
GetCursorPos
CreatePopupMenu
AppendMenuA
GetSystemMetrics
DestroyMenu
GetClassLongA
GetWindowRect
wsprintfA
SendMessageA

gdi32

GetStockObject
CreateCompatibleDC
SelectObject
DeleteDC
BitBlt

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

shell32

SHQueryRecycleBinA
SHGetDesktopFolder
DragFinish
DragQueryFileA
SHGetSpecialFolderLocation
SHFileOperationA
DragAcceptFiles
ord155

ole32

CoInitialize

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/Search.plg
.dll windows:4 windows x86 arch:x86

c88847e31f506a54c8dbd47f7f945f5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

starter

SetCFGString
FreeNodeList
OpenCFGr
Amalloc
Afree
NewNode
DeleteKey
SetCFGInt
DrawPicture
GetCFGFont
GetCFGString
FindSection
LoadImageEx
GetCFGBool
GetCFGInt
FindNextNode
InsertString
SetCFGHex
GetFontHandle
GetNodeList
Scan
Quote
CloseCFGw
OpenCFGw
FindFirstNode
CheckInt
CloseCFGr

astonex

CreateAstonWND

shlwapi

PathCombineA

ainet

Inet_Close
Inet_Connect

kernel32

DeleteFileA
RtlZeroMemory
lstrcpyA
DisableThreadLibraryCalls
GetProcAddress
lstrcmpiA
RtlMoveMemory
CreateDirectoryA
lstrcatA
CreateProcessA
lstrlenA
CreateFileA
GetModuleHandleA
GetTempPathA
CloseHandle

user32

EndDialog
GetDlgItem
ReleaseDC
SetWindowLongA
SetRect
TrackPopupMenuEx
GetDC
SendMessageA
DrawIconEx
DrawTextA
FillRect
SendDlgItemMessageA
GetWindowRect
DestroyWindow
GetSysColor
SetWindowPos
ShowWindow
CreatePopupMenu
GetSysColorBrush
AppendMenuA
LoadImageA
CallWindowProcA
DestroyMenu
DialogBoxParamA
CopyRect
GetCursorPos

gdi32

SetBkMode
DeleteObject
SelectObject
GetStockObject
GetTextExtentPoint32A
SetTextColor

shell32

ShellExecuteA
FindExecutableA

msvcrt

memset

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/SkinClckEx.plg
.dll windows:4 windows x86 arch:x86

617f72517feddd32312fb5c7b7bdbd52

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

starter

CheckInt
FreeFontEx
CloseCFGr
GetCFGInt
GetCFGBool
LoadImageEx
GetCFGString
FreePicture
DrawSkin
GetFontHandle
StretchSkin
GetFontHandleEx
OpenCFGr
GetCFGRect
GetCFGFontEx
FreeFont
GetNodeList
NotifyTip
FreeNode
SetCFGInt
SetCFGString
FreeNodeList
Amalloc
Afree
NewNode
DeleteKey
Arealloc
DrawPicture
FindFirstNode
GetCFGHex
FindSection
FindNextNode
OpenCFGw
CloseCFGw
Scan
InsertString
GetCFGFont

astonex

ADrawText
CreateAstonWND
SetPicTransparency

kernel32

lstrcmpiA
RtlZeroMemory
GetLocalTime
RtlMoveMemory
lstrcatA
GetDateFormatA
lstrlenA
DisableThreadLibraryCalls
lstrcpyA

user32

GetDlgItem
MessageBoxA
SetRect
TrackPopupMenuEx
OffsetRect
PtInRect
SendMessageA
SetFocus
GetClientRect
wsprintfA
FillRect
SendDlgItemMessageA
GetWindowRect
RegisterClassA
LoadCursorA
PostMessageA
IsWindow
SetWindowPos
DefWindowProcA
ReleaseDC
CreateWindowExA
UnregisterClassA
InvalidateRect
GetDC
BeginPaint
SetRectEmpty
WindowFromPoint
DrawTextA
KillTimer
SetTimer
GetClassNameA
DestroyWindow
EndPaint
EndDialog
GetCursorPos
CreatePopupMenu
AppendMenuA
wvsprintfA
SetWindowTextA
DestroyMenu
DialogBoxParamA
CopyRect

gdi32

DeleteObject
SelectObject
GetStockObject
SetTextColor
SetBkMode
CreateSolidBrush

shell32

SHAppBarMessage

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/Sticker.plg
.dll windows:4 windows x86 arch:x86

6d5c3012cab6958a9833bff311a8b1a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

starter

OpenCFGr
Amalloc
GetFontHandleEx
Afree
DeleteKey
DrawPicture
GetCFGRect
FindSection
LoadImageEx
GetCFGBool
GetCFGInt
CloseCFGr
CloseCFGw
SetCFGInt
FileExists
GetCFGString
OpenCFGw
FreeFontEx
DirExists
GetCFGFontEx

astonex

CreateAstonWND

kernel32

DeleteFileA
lstrlenA
ReadFile
WriteFile
SetFilePointer
GetFileSize
CreateFileA
lstrcpyA
RtlZeroMemory
GetModuleFileNameA
DisableThreadLibraryCalls
RtlMoveMemory
CreateDirectoryA
lstrcatA
CloseHandle

user32

SendMessageA
SetFocus
GetParent
GetWindowRect
DestroyWindow
DestroyMenu
PostMessageA
AppendMenuA
CreatePopupMenu
GetCursorPos
GetDesktopWindow
TrackPopupMenuEx
GetClientRect
wsprintfA
SetWindowLongA
MessageBoxA
SetClassLongA
SetWindowPos
ShowWindow
LoadImageA
CallWindowProcA
GetClassLongA
SetRect

gdi32

DeleteObject
GetStockObject

shell32

SHGetSpecialFolderLocation
ord155
SHGetPathFromIDListA

msvcrt

memset

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/VertPanel.plg
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

CODE
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 737B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 126B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Plugins/VistaBTN.plg
.dll windows:4 windows x86 arch:x86

3ab50884d156352bbba422343fc13e04

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
_snwprintf
_snprintf
strcpy
_ultow
wcslen
??3@YAXPAX@Z
memset
_wcsupr
??2@YAPAXI@Z
free
_except_handler3
malloc
memcpy
realloc
memmove
strcat

astonex

CreateAstonWND

kernel32

CreateFileA
GetModuleFileNameA
GetLongPathNameA
GetFileAttributesA
SetEndOfFile
GetFileSize
SetFilePointer
WriteFile
GetLastError
IsDebuggerPresent
DisableThreadLibraryCalls
GetWindowsDirectoryA
lstrcpyA
RtlZeroMemory
VirtualFree
FlushInstructionCache
GetCurrentProcess
VirtualAlloc
CreateEventA
RtlMoveMemory
GetProcAddress
GetModuleHandleA
lstrlenA
WaitForSingleObject
SetThreadPriority
CreateThread
ResetEvent
CloseHandle
TerminateThread
SuspendThread
GetExitCodeThread
SetEvent
RtlFillMemory
Sleep
GetSystemInfo
SleepEx
GetCurrentThreadId
GetSystemTimeAsFileTime
CopyFileA
OutputDebugStringW

user32

KillTimer
PtInRect
UnionRect
GetCursorPos
OffsetRect
EqualRect
ClipCursor
WindowFromPoint
GetWindowLongA
GetKeyState
IsWindow
ReleaseCapture
GetAsyncKeyState
InflateRect
DrawEdge
MessageBoxA
SetTimer
ShowWindow
SetCapture
ScreenToClient
InvalidateRect
CopyRect
GetDC
DrawTextA
ReleaseDC
FillRect
SetRect
CreateWindowExA
BeginPaint
EndPaint
DefWindowProcA
DestroyWindow
GetWindowRect
GetClientRect
PostMessageA
CreatePopupMenu
AppendMenuA
TrackPopupMenuEx
DestroyMenu
SendMessageA
LoadCursorA
SetWindowPos
UnregisterClassA
RegisterClassExA
SetWindowLongA
SetRectEmpty

gdi32

CreateCompatibleDC
GetStockObject
CreateDIBSection
SelectObject
GetObjectA
SetTextColor
SetBkMode
DeleteDC
BitBlt
DeleteObject
CreateSolidBrush

comctl32

ImageList_DrawEx

starter

RunSHFolder
Run
CloseCFGr
CheckInt
FreePicture
LoadImageEx
GetCFGInt
GetCFGString
OpenCFGr
DrawSkin
StretchSkin
NotifyTip
DrawPicture
DrawDesktop
FindSection

drawpng

PreAlpha
AlphaBlt

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/Zoom.tbp
.dll windows:4 windows x86 arch:x86

a79d8d20f36219eedb9ab554be099d26

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RtlMoveMemory
RtlZeroMemory
DisableThreadLibraryCalls

user32

SetWindowPos
LoadImageA
InflateRect
BeginPaint
GetClientRect
CreateWindowExA
RegisterClassA
LoadCursorA
UnregisterClassA
DestroyWindow
EndPaint
SendMessageA
InvalidateRect
UpdateWindow
SetCapture
ReleaseCapture
DefWindowProcA
GetCursorPos
GetDC
ReleaseDC
DrawIconEx
SetTimer
KillTimer
CopyRect

gdi32

StretchBlt
BitBlt

shell32

SHAppBarMessage

starter

CheckInt
CloseCFGr
FindSection
GetCFGBool
OpenCFGr
DrawSkinTrans
NotifyTip
GetCFGInt

Exports

Exports

DoneModule
GetPluginInfo
InitToolbarModule

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 470B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/aes.dll
.dll windows:4 windows x86 arch:x86

6c8408bb5d7d5a5b75b9314f94e68763

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls

Exports

Exports

aes_dec_blk
aes_dec_key
aes_enc_blk
aes_enc_key

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/aes_license.txt
Plugins/cpuusage.vxd
Plugins/rss.plg
.dll windows:4 windows x86 arch:x86

a0c6ed2fb5066427b7d4f763799e7226

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

starter

CloseCFGr
GetCFGInt
FindSection
GetCFGPoint
CloseCFGw
GetCFGFontEx
FreeFontEx
OpenCFGw
GetNodeList
SetCFGString
NewNode
DeleteKey
Arealloc
FindNextNode
Quote
Scan
InsertString
FindFirstNode
SetCFGInt
GetCFGRect
OpenCFGr
Amalloc
GetFontHandleEx
Afree
GetCFGHex
GetCFGString
CheckInt

astonex

CreateAstonWND
CalcTextRect

shlwapi

PathFindExtensionW

wininet

InternetOpenW
InternetCrackUrlW
InternetReadFile
InternetConnectW
HttpSendRequestW
HttpAddRequestHeadersW
HttpQueryInfoW
InternetAttemptConnect
InternetCloseHandle
HttpOpenRequestW

msvcrt

free
malloc
strlen
_sleep
_wfopen
_beginthreadex
memset
fwrite
wcsncmp
realloc
fclose
??2@YAPAXI@Z
wcscat
_snwprintf
_wcsupr
wcscpy
_ltow
wcsstr
_wcsicmp
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
memcmp
mbstowcs
_itow
memcpy
??3@YAXPAX@Z
wcslen
_ultow
memmove
wcstoul

kernel32

DisableThreadLibraryCalls
TlsFree
TlsAlloc
TlsSetValue
TlsGetValue
GetExitCodeThread
FormatMessageA
lstrcpyW
IsDebuggerPresent
VirtualAlloc
GetLongPathNameW
CreateFileW
GetModuleFileNameW
GetFileAttributesW
CopyFileW
WriteFile
CreateEventW
LocalFree
WideCharToMultiByte
GetSystemTimeAsFileTime
VirtualFree
OutputDebugStringW
SetEndOfFile
SetFilePointer
GetFileSize
GetCurrentThreadId
GetSystemInfo
SleepEx
IsValidCodePage
MultiByteToWideChar
GetCPInfo
lstrcpyA
CloseHandle
GetLastError
SetThreadPriority
lstrcmpiW
lstrlenW
lstrcatA
TerminateThread
SetEvent
WaitForSingleObject
lstrlenA

user32

wsprintfW
MessageBoxW
SendDlgItemMessageA
DestroyMenu
SendMessageW
IsWindow
AppendMenuA
CreatePopupMenu
GetCursorPos
MessageBoxA
SetRect
TrackPopupMenuEx
OffsetRect
PtInRect
WindowFromPoint
KillTimer
PostMessageW
FillRect
GetWindowRect
ScreenToClient
SetTimer
DestroyWindow
DialogBoxParamA
SetWindowTextA
EndDialog
GetDlgItem
SetFocus

gdi32

GetStockObject

shell32

ShellExecuteW

ole32

CoRegisterClassObject
CoResumeClassObjects
CoInitialize
CoCreateInstance
CoUninitialize
CoRevokeClassObject

oleaut32

SysFreeString
SysAllocStringLen

Exports

Exports

DoneModule
GetPluginInfo
InitGlobalModule

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PrintMon.exe
.exe windows:4 windows x86 arch:x86

98c6b35d3302369aed53f5c1a30f7bcc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
HeapFree
LocalFree
SetProcessWorkingSetSize
GetCurrentProcess
GetCommandLineA
HeapAlloc
GetModuleHandleA
SetUnhandledExceptionFilter
GetLastError
WideCharToMultiByte
CloseHandle
FormatMessageA
ExitProcess
GetProcessHeap

user32

InsertMenuItemA
GetSystemMetrics
SetMenuDefaultItem
EnableMenuItem
GetSubMenu
DeleteMenu
GetCursorPos
DefWindowProcA
SetTimer
PostQuitMessage
TranslateMessage
DispatchMessageA
GetMessageA
CreateWindowExA
RegisterClassExA
FindWindowA
MessageBoxA
GetLastActivePopup
GetActiveWindow
wsprintfA
LoadStringA
SetForegroundWindow
TrackPopupMenuEx
DestroyWindow
LoadImageA
DestroyIcon
DestroyMenu
PostMessageA
LoadMenuA

gdi32

DeleteObject

winspool.drv

ClosePrinter
EnumJobsA
EnumPrintersA
OpenPrinterA

shell32

ShellExecuteExA
Shell_NotifyIconA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Readme.txt
SHDoctor.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 437B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 398B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ShellSwp.exe
.exe windows:4 windows x86 arch:x86

e7827a269f7f1e31f508c15ec8c2113f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

starter

CloseCFGr
GetCFGBool
CheckInt
GetCFGInt
FindSection
OpenCFGr
CloseCFGw
SetCFGInt
OpenCFGw
GetParamStr

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
malloc
free

kernel32

GetStartupInfoA
SetProcessShutdownParameters
GetModuleFileNameA
GetSystemDirectoryA
lstrcpynA
GetShortPathNameA
IsDBCSLeadByte
RtlMoveMemory
SetErrorMode
GetFileAttributesA
CreateMutexA
GetLastError
GetVersionExA
GetModuleHandleA
GetProcAddress
GetCommandLineA
OpenEventA
SetEvent
lstrcmpA
lstrcmpiA
lstrlenA
GetCurrentThreadId
WritePrivateProfileStringA
lstrcpyA
WritePrivateProfileStringW
DeleteFileA
CopyFileA
lstrcatA
GetWindowsDirectoryA
ExpandEnvironmentStringsA
GetPrivateProfileStringA
CloseHandle
CreateProcessA
RtlZeroMemory
WaitForSingleObject
Sleep
GetTickCount

user32

SetWindowsHookExA
CreateWindowExA
CreateDialogParamA
LoadImageA
LoadIconA
PostMessageA
GetDlgCtrlID
SetDlgItemTextA
GetClassNameA
SetFocus
IsWindowEnabled
DrawMenuBar
ModifyMenuA
GetMenu
MessageBoxA
wsprintfA
DestroyWindow
ShowWindow
UnhookWindowsHookEx
EndDialog
WaitForInputIdle
SystemParametersInfoA
GetShellWindow
DialogBoxParamA
SetForegroundWindow
IsWindowVisible
GetLastActivePopup
FindWindowA
CharNextA
CharPrevA
ExitWindowsEx
SetWindowPos
EnableWindow
GetFocus
GetDlgItem
GetWindowRect
MapWindowPoints
MoveWindow
SetWindowTextA
CheckDlgButton
SendDlgItemMessageA
EnumChildWindows
CallNextHookEx
IsWindow
SendMessageA
GetParent
GetSystemMetrics

advapi32

RegCreateKeyExA
RegQueryValueExA
RegDeleteKeyA
RegFlushKey
GetUserNameA
RegDeleteValueA
RegSetValueExA
RegCloseKey
RegOpenKeyExA

shell32

ShellExecuteA
ExtractIconA

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Shswdos.exe
Skinning Tutorial.chm
.chm
Starter.dll
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

AdjustIcon
Afree
AllowForeWnd
Amalloc
AnimateWnd
Arealloc
BMPtoJPG
BitmapToRegion
CanAnimate
CheckInt
ClearNewOption
ClearNewOptionInSection
CloseCFGr
CloseCFGw
ConcatPIDLs
CopyPIDL
CreateKey
CreatePIDL
CreateSection
DefCharSet
DeleteKey
DirExists
DoneAstonAPI
DoneExtractor
DrawDesktop
DrawPicture
DrawSkin
DrawSkinTrans
EnableNode
EnterLock
ErrorBox
FileExists
FindFirstNode
FindNextNode
FindSection
FreeExIcon
FreeFont
FreeFontEx
FreeNode
FreeNodeList
FreePicture
GetCFGBool
GetCFGFont
GetCFGFontEx
GetCFGHex
GetCFGInt
GetCFGPic
GetCFGPoint
GetCFGRect
GetCFGString
GetFontHandle
GetFontHandleEx
GetNodeList
GetPIDLSize
GetParamStr
GetRegInt
GetShellIconBPP
GetShellIconSize
IconMCount
InitAstonAPI
InitExtractor
InsertString
IsPSTREmpty
JPGtoBMP
LayeredStyle
LeaveLock
LoadBMPZip
LoadImageEx
LoadJPG
LoadJPGZip
LoadPngZip
MakeHIcon
MakeMask
NewNode
NextPIDL
NotifyTip
OpenCFGr
OpenCFGw
PidlFromPathA
Quote
ReadIconFromModule
ReadRC
ReadTip
ResetFontCache
ResetPictureCache
Run
RunAs
RunSCF
RunSHFolder
SHAlloc
SHFree
Scan
SetCFGFont
SetCFGFontEx
SetCFGHex
SetCFGInt
SetCFGPic
SetCFGPoint
SetCFGRect
SetCFGString
SetDrawDesktop
SetForeWndFix
SetLayered
StrCopyEx
StretchSkin
SwitchFix
Unquote
free
malloc
realloc
strcopy
strecopy
strmoven

Sections

CODE
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 181B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Themes/Aston Desktop.atz
.zip .ps1 polyglot
AltDesk/Skin/Handy-metallic.ini
AltDesk/Skin/buttons.bmp
AltDesk/Skin/main.bmp
BarSkin.bmp
Config1024x768.tfa
Config1152x864.tfa
Config1280x1024.tfa
Config1600x1200.tfa
Config800x600.tfa
Fonts/Aston-f1.ttf
Icons/A-Astonshell.ANKz
.zip
a-astonshell.ank
astonshell.bmp
Icons/A-Help.ANKz
.zip
a-help.ank
help.bmp
Icons/A-Master.ANKz
.zip
a-master.ank
master.bmp
Icons/A-SSwapper.ANKz
.zip
a-sswapper.ank
sswapper.bmp
Icons/A-Thwizard.ANKz
.zip
a-twizard.ank
twizard.bmp
Icons/Control Panel.ANKz
.zip
control panel.ank
control panel.bmp
Icons/Find.ANKz
.zip
Icons/Logoff.ANKz
.zip
Icons/My computer.ANKz
.zip
Icons/Mycomp.ANKz
.zip
Icons/Panel1024.bmp
Icons/Panel1152.bmp
Icons/Panel1280.bmp
Icons/Panel1600.bmp
Icons/Panel800.bmp
Icons/Run.ANKz
.zip
Icons/Screen Settings.ANKz
.zip
Icons/Shut Down.ANKz
.zip
Icons/recycle.ankz
.zip
LeftTopSkin.bmp
Plugins/AL.png
.png
Plugins/AR.png
.png
Plugins/Clock-hands.bmp
Plugins/Clock.bmp
Plugins/calendar.png
.png
Plugins/clockex.3pic
.zip
Plugins/disks.png
.png
Plugins/find1.ankz
.zip
Plugins/left-flank.png
.png
Plugins/mm-footer.bmp
Plugins/mm-item.bmp
Plugins/mm-select.bmp
Plugins/mm-separator.bmp
Plugins/mm-title.bmp
Plugins/q-launch-ico.bmp
Plugins/q-launch.3pic
.zip
Plugins/right-flank.png
.png
Plugins/search.3pic
.zip
Plugins/topp-footer1.png
.png
Plugins/topp-footer2.png
.png
Plugins/topp-footer3.png
.png
Plugins/topp-header.png
.png
Plugins/topp-item1.png
.png
Plugins/topp-item2.png
.png
Plugins/topp-item3.png
.png
Plugins/topp-separator.png
.png
Plugins/topp-subitem1.png
.png
Plugins/topp-subitem2.png
.png
Plugins/topp-subitem3.png
.png
Plugins/trash.png
.png
RightTopSkin.bmp
Start1.ANKz
.zip
TaskActi.3PIC
.zip
TaskInac.3pic
.zip
TaskMin.3pic
.zip
ToolLeft.bmp
ToolRight.bmp
TrayIcon1.bmp
TrayIcon2.bmp
TraySkin.bmp
Wallpaper1280x1024.jpg
.jpg
theme.jpg
.jpg
Themes/Aston XP.atz
.zip
Themes/Cios.atz
.zip
Themes/Makrom.atz
.zip
Thwizard.dll
.dll windows:4 windows x86 arch:x86

2abe8826b95991103fbe6dd6a3e95a00

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
FindClose
FindNextFileA
lstrcmpiA
lstrcatA
FindFirstFileA
lstrcpyA
lstrlenA
FileTimeToSystemTime
SystemTimeToFileTime
GetLocalTime
SetFilePointer
ReadFile
GetFileSize
GetFileInformationByHandle
CloseHandle
MapViewOfFile
CreateFileMappingA
CreateFileA
WriteFile
UnmapViewOfFile
GetTickCount
RtlUnwind
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
GetProcAddress
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetLastError
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
RaiseException
ExitProcess
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
GetLocaleInfoA
HeapSize
VirtualAlloc
HeapReAlloc
LoadLibraryA
InitializeCriticalSection

user32

GetDesktopWindow

Exports

Exports

PackTheme

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Thwizard.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 38KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gs
Size: 116KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Tips.rc
Whatsnew.htm
XP/indicdll.dll
.dll windows:5 windows x86 arch:x86

e849a4fb4c69e579ec1b546f9edc4a93

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

HeapFree
GetACP
HeapAlloc
HeapCreate
lstrlenW
GetCurrentProcessId
CreateFileMappingW
GetCurrentThreadId
lstrcmpW
UnmapViewOfFile
GetLastError
MapViewOfFile
GlobalFree
GlobalAlloc
CloseHandle

user32

IsWindow
GetFocus
GetWindowThreadProcessId
CallNextHookEx
PostMessageW
CreatePopupMenu
InsertMenuItemW
SendMessageW
GetKeyboardLayout
SetWindowsHookExW
UnhookWindowsHookEx
GetMessagePos
GetWindowRect
PtInRect
GetParent
GetClassNameW
GetDesktopWindow

gdi32

DeleteObject

imm32

ImmReleaseContext
ImmGetConversionStatus
ImmGetOpenStatus
ImmGetDefaultIMEWnd
ImmGetImeMenuItemsW
ImmGetContext

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
XP/internat.exe
.exe windows:5 windows x86 arch:x86

6ec4b9854181010bb09f30f0c6b36520

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrlenW
GlobalReAlloc
GlobalLock
lstrcatW
GlobalUnlock
FreeLibrary
lstrcpyW
AddAtomW
IsValidLocale
GlobalFree
DeleteAtom
LoadLibraryW
lstrcmpW
GetProcAddress
LocalAlloc
lstrcpynW
GetLocaleInfoW
GlobalGetAtomNameW
LocalFree
WinExec
GetModuleHandleW
GetStartupInfoW
GetAtomNameW
ExitProcess
GlobalAlloc
lstrcmpiW

user32

RemovePropW
SetPropW
AllowSetForegroundWindow
GetWindow
DestroyMenu
GetPropW
GetDesktopWindow
MapWindowPoints
TrackPopupMenuEx
GetLastActivePopup
GetParent
GetWindowLongW
LoadBitmapW
GetSysColor
DrawTextW
CreateIconIndirect
GetKeyboardLayout
GetKeyboardLayoutList
DestroyIcon
GetWindowThreadProcessId
AttachThreadInput
MessageBeep
GetDC
ReleaseDC
EnumChildWindows
DrawFocusRect
GetSystemMetrics
GetWindowDC
SystemParametersInfoW
wsprintfW
UnloadKeyboardLayout
GetMessageW
TranslateMessage
DispatchMessageW
CreateWindowExW
ShowWindow
LoadStringW
FindWindowW
MessageBoxW
LoadIconW
LoadCursorW
RegisterClassExW
PostMessageW
LoadStringA
WinHelpW
GetProcessDefaultLayout
CreatePopupMenu
InsertMenuW
CheckMenuItem
DestroyWindow
KillTimer
SetTimer
GetMessagePos
InSendMessageEx
GetClassNameW
DefWindowProcW
SetForegroundWindow
IsWindow
SendMessageW
SetActiveWindow
PostQuitMessage
RegisterWindowMessageW
GetClientRect

gdi32

TranslateCharsetInfo
DeleteDC
DeleteObject
GetTextCharsetInfo
GetStockObject
ExtTextOutW
PatBlt
SetBkColor
SelectObject
SetTextColor
CreateCompatibleBitmap
CreateCompatibleDC
CreateBitmap
GetTextExtentPointW
BitBlt
CreateFontIndirectW
GetObjectW

comctl32

ord329
ImageList_Create
ImageList_Destroy
ord328
ImageList_ReplaceIcon
ord334
ImageList_GetIconSize
ImageList_GetIcon
ord332
ImageList_Draw
ImageList_Remove

imm32

ImmAssociateContext
ImmGetDefaultIMEWnd
ImmGetIMEFileNameW
ImmGetDescriptionW
ImmGetProperty

setupapi

SetupOpenInfFileW
SetupOpenAppendInfFileW
SetupCloseInfFile
SetupFindFirstLineW
SetupGetStringFieldW

advapi32

RegFlushKey
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegDeleteValueW

shell32

SHAppBarMessage
ExtractIconExW
Shell_NotifyIconW

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
aHook.dll
.dll windows:4 windows x86 arch:x86

fd74a2843629e181becf5524f6b8a58f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SetWindowsHookExA
FindWindowA
SendMessageA
CallNextHookEx
UnhookWindowsHookEx

msvcrt

free
_adjust_fdiv
malloc
_initterm

Exports

Exports

clearMyHook
setMyHook

Sections

.text
Size: 1024B - Virtual size: 530B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
drawpng.dll
.dll windows:4 windows x86 arch:x86

0e15f35169a7236de6c546c4dd8b5599

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
malloc
_initterm
free
_except_handler3
_CIpow
abort
calloc
memcpy

kernel32

CreateFileA
FreeLibrary
GetFileAttributesA
ReadFile
RaiseException
GetProcAddress
DisableThreadLibraryCalls
LoadLibraryA
OutputDebugStringA
CloseHandle
RtlZeroMemory
GetModuleHandleA

gdi32

BitBlt
DeleteDC
CreateDIBSection
GdiFlush
DeleteObject
SelectObject
CreateCompatibleDC

Exports

Exports

AlphaBlt
BlendDIB32
LoadPng
LoadPngMem
PreAlpha
ResetRenderer

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
hook.dll
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

MouseHookProc

Sections

CODE
Size: 1024B - Virtual size: 868B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 33B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 73B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
lsapi.dll
.dll windows:4 windows x86 arch:x86

af6cad12466d61abb028e776eddc8acd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GetModuleHandleA
GetProcAddress
GlobalReAlloc
GlobalLock
GlobalUnlock
lstrcpyA
DisableThreadLibraryCalls
GlobalFree

user32

SendMessageA
SetRect
GetCursorPos
PostMessageA
GetIconInfo
DrawIconEx
FindWindowA
LoadImageA
GetWindowLongA

gdi32

SetBkColor
SetTextColor
BitBlt
CreateBitmapIndirect
CombineRgn
DeleteObject
ExtCreateRegion
SelectObject
CreateDIBSection
CreateCompatibleBitmap
CreateBitmap
DeleteDC
CreateSolidBrush
CreateCompatibleDC
GetObjectA

shell32

ExtractIconA

msvcrt

__p___mb_cur_max
fgets
atoi
_strnicmp
_adjust_fdiv
_initterm
toupper
strrchr
fseek
fopen
fclose
strncpy
__p__pctype
_isctype
tolower
_strcmpi
strtol
strchr
realloc
malloc
free

Exports

Exports

AddBangCommand
BitmapFromIcon
BitmapToRegion
CloseRC
GetLitestepWnd
GetRCBool
GetRCColor
GetRCInt
GetRCString
LCClose
LCOpen
LCReadNextCommand
LCReadNextConfig
LCTokenize
LoadLSImage
ParseBangCommand
SetupRC
TransparentBltLS
VarExpansion
is_pattern
is_valid_pattern
match
matche

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 575B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 770B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mmkbd.dll
.dll windows:4 windows x86 arch:x86

f9903b1c103680ccebfe99335e528652

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExA
RtlZeroMemory
DisableThreadLibraryCalls
lstrcpyW
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetLastError
RaiseException
InterlockedExchange
FreeLibrary
LocalAlloc

user32

wsprintfW

shell32

SHGetSpecialFolderLocation
ShellExecuteExW
ord90
ord155

shlwapi

PathUnquoteSpacesW
PathGetArgsW
SHRegCloseUSKey
SHRegQueryUSValueW
SHRegOpenUSKeyW

Exports

Exports

AppCmd

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninst.exe
.exe windows:4 windows x86 arch:x86

18bc6fa81e19f21156316b1ae696ed6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
lstrcmpiA
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA

user32

ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
TrackPopupMenu
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
使用说明.url
.url

Sharing

General

Malware Config

Signatures

Files

18bc6fa81e19f21156316b1ae696ed6b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 109KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 27KB - Virtual size: 27KB

57354bdeea3dfae6e948101add87501a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 954B

28d94e5199b88ad374b3cb2118e31a66

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 5KB

.rsrc Size: 512B - Virtual size: 296B

.reloc Size: 512B - Virtual size: 460B

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 1024B - Virtual size: 784B

.data Size: 512B - Virtual size: 92B

.reloc Size: 512B - Virtual size: 494B

Headers

File Characteristics

Sections

Size: 71KB - Virtual size: 208KB

Size: 3KB - Virtual size: 12KB

Size: - Virtual size: 72KB

Size: 5KB - Virtual size: 8KB

Size: 512B - Virtual size: 4KB

Size: - Virtual size: 20KB

.rsrc Size: 11KB - Virtual size: 80KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 109KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 27KB - Virtual size: 27KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 954B

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 296B

.reloc
Size: 512B - Virtual size: 460B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 92B

.reloc
Size: 512B - Virtual size: 494B

.rsrc
Size: 11KB - Virtual size: 80KB

.gs
Size: 142KB - Virtual size: 144KB

.adata
Size: - Virtual size: 4KB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 140B

.reloc
Size: 512B - Virtual size: 510B

.rsrc
Size: 75KB - Virtual size: 384KB

.gs
Size: 129KB - Virtual size: 132KB

.adata
Size: - Virtual size: 4KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 988B

.reloc
Size: 4KB - Virtual size: 2KB

CODE
Size: 13KB - Virtual size: 13KB

DATA
Size: 1KB - Virtual size: 1KB

BSS
Size: - Virtual size: 1KB

.idata
Size: 1KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 123B

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 21KB - Virtual size: 21KB