44aff1cd2cb6e62b2b4f18ab6e9aae85_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

44aff1cd2cb6e62b2b4f18ab6e9aae85_JaffaCakes118
Size

12.5MB
MD5

44aff1cd2cb6e62b2b4f18ab6e9aae85
SHA1

2a77cf49d38b7a05c3ec858abe420a30b253b97f
SHA256

dd93d4b7ac96f1009e958d967f988645571b23dfb1363ffb8d56ca97b3050e61
SHA512

9e9c6f2f7082514746b646180bcfbbb0a93734494936e811a99123c392a7393448ab13944ed03d5d051b2ec6c2abad1790eaefa420f1f0393f264252ec02a7e6
SSDEEP

393216:5+LROrOxVxiInBOXydwST002zVte7gRvGtsNIl:ALROCxK+OUwS6XtRvjIl

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
44aff1cd2cb6e62b2b4f18ab6e9aae85_JaffaCakes118
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/dskinlite.dll
unpack001/uninst.exe
unpack001/zhuna.exe

NSIS installer 4 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/uninst.exe	nsis_installer_1
static1/unpack001/uninst.exe	nsis_installer_2

Files

44aff1cd2cb6e62b2b4f18ab6e9aae85_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
Config.ini
Skin/HotelSkin/Button/btn_disable.png
.png
Skin/HotelSkin/Button/btn_down.png
.png
Skin/HotelSkin/Button/btn_hot.png
.png
Skin/HotelSkin/Button/btn_normal.png
.png
Skin/HotelSkin/CheckButton/checkbox_hot.bmp
Skin/HotelSkin/CheckButton/checkbox_nor.bmp
Skin/HotelSkin/CheckButton/checkbox_tick_hot.bmp
Skin/HotelSkin/CheckButton/checkbox_tick_nor.bmp
Skin/HotelSkin/Combo_nor.bmp
Skin/HotelSkin/Combo_over.bmp
Skin/HotelSkin/ComboboxDemo/combobox_bk.png
.png
Skin/HotelSkin/ComboboxDemo/downdrag_nor.png
.png
Skin/HotelSkin/HeaderCtrl/HeaderCtrl_arrowUp.bmp
Skin/HotelSkin/HeaderCtrl/Headerctrl_Sperator.png
.png
Skin/HotelSkin/HeaderCtrl/Headerctrl_arrowDown.bmp
Skin/HotelSkin/HeaderCtrl/headerctrl_ItemDown.bmp
Skin/HotelSkin/HeaderCtrl/headerctrl_ItemHot.bmp
Skin/HotelSkin/HeaderCtrl/headerctrl_itemNor.bmp
Skin/HotelSkin/HeaderCtrl/order_headerctrlNor.png
.png
Skin/HotelSkin/Mask_bg.png
.png
Skin/HotelSkin/RadioButton/radiobtn_hot.bmp
Skin/HotelSkin/RadioButton/radiobtn_nor.bmp
Skin/HotelSkin/RadioButton/radiobtn_tick_hot.bmp
Skin/HotelSkin/RadioButton/radiobtn_tick_nor.bmp
Skin/HotelSkin/ScrollBar/SBArrowBtm_Down.bmp
Skin/HotelSkin/ScrollBar/Untitled.pdn
Skin/HotelSkin/ScrollBar/scrollbar.bmp
Skin/HotelSkin/ScrollBar/scrollbar2.bmp
Skin/HotelSkin/SysButton/sys_close_down.bmp
Skin/HotelSkin/SysButton/sys_close_hot.bmp
Skin/HotelSkin/SysButton/sys_close_nor.bmp
Skin/HotelSkin/SysButton/sys_max_down.bmp
Skin/HotelSkin/SysButton/sys_max_hot.bmp
Skin/HotelSkin/SysButton/sys_max_nor.bmp
Skin/HotelSkin/SysButton/sys_min_down.bmp
Skin/HotelSkin/SysButton/sys_min_hot.bmp
Skin/HotelSkin/SysButton/sys_min_nor.bmp
Skin/HotelSkin/SysButton/sys_restore_down.bmp
Skin/HotelSkin/SysButton/sys_restore_hot.bmp
Skin/HotelSkin/SysButton/sys_restore_nor.bmp
Skin/HotelSkin/Tree_expand.png
.png
Skin/HotelSkin/Window/dialog.bmp
Skin/HotelSkin/Window/dlg_bk.png
.png
Skin/HotelSkin/Window/dlg_left.png
.png
Skin/HotelSkin/Window/selcitybk.png
.png
Skin/HotelSkin/Window/window.bmp
Skin/HotelSkin/Window/window2.bmp
Skin/HotelSkin/an01.png
.png
Skin/HotelSkin/an011.png
.png
Skin/HotelSkin/bg2.png
.png
Skin/HotelSkin/btn_clear_n.png
.png
Skin/HotelSkin/btn_fav_h.png
.png
Skin/HotelSkin/btn_fav_n.png
.png
Skin/HotelSkin/btn_fav_v.png
.png
Skin/HotelSkin/btn_order_h.png
.png
Skin/HotelSkin/btn_order_v.png
.png
Skin/HotelSkin/btn_srh_h.png
.png
Skin/HotelSkin/btn_srh_n.png
.png
Skin/HotelSkin/btn_srh_v.png
.png
Skin/HotelSkin/btn_tab_c.png
.png
Skin/HotelSkin/btn_tab_h.png
.png
Skin/HotelSkin/btn_tab_n.png
.png
Skin/HotelSkin/btn_yd_h.png
.png
Skin/HotelSkin/btn_yd_n.png
.png
Skin/HotelSkin/btn_yd_v.png
.png
Skin/HotelSkin/datetimectrl/buttondown.bmp
Skin/HotelSkin/edit_bk2.png
.png
Skin/HotelSkin/folder1.png
.png
Skin/HotelSkin/hand.cur
Skin/HotelSkin/hotelpic.bmp
Skin/HotelSkin/ico_czjd.png
.png
Skin/HotelSkin/icon4.bmp
Skin/HotelSkin/icon4.png
.png
Skin/HotelSkin/icon_bx_c.png
.png
Skin/HotelSkin/icon_bx_h.png
.png
Skin/HotelSkin/icon_bx_n.png
.png
Skin/HotelSkin/icon_close_n.bmp
Skin/HotelSkin/icon_close_n.png
.png
Skin/HotelSkin/icon_dd_c.png
.png
Skin/HotelSkin/icon_dd_h.png
.png
Skin/HotelSkin/icon_dd_n.png
.png
Skin/HotelSkin/icon_dt_c.png
.png
Skin/HotelSkin/icon_dt_h.png
.png
Skin/HotelSkin/icon_dt_n.png
.png
Skin/HotelSkin/icon_fankui_n.png
.png
Skin/HotelSkin/icon_fav1_h.png
.png
Skin/HotelSkin/icon_fav1_n.png
.png
Skin/HotelSkin/icon_fav_h.png
.png
Skin/HotelSkin/icon_fav_n.png
.png
Skin/HotelSkin/icon_help_n.png
.png
Skin/HotelSkin/icon_jd_c.png
.png
Skin/HotelSkin/icon_jd_h.png
.png
Skin/HotelSkin/icon_jd_n.png
.png
Skin/HotelSkin/icon_list_c.png
.png
Skin/HotelSkin/icon_list_h.png
.png
Skin/HotelSkin/icon_list_n.png
.png
Skin/HotelSkin/icon_ll_c.png
.png
Skin/HotelSkin/icon_ll_h.png
.png
Skin/HotelSkin/icon_ll_n.png
.png
Skin/HotelSkin/icon_map_c.png
.png
Skin/HotelSkin/icon_map_h.png
.png
Skin/HotelSkin/icon_map_n.png
.png
Skin/HotelSkin/icon_person.png
.png
Skin/HotelSkin/icon_set_n.png
.png
Skin/HotelSkin/icon_side_chian.png
.png
Skin/HotelSkin/icon_side_faci.png
.png
Skin/HotelSkin/icon_side_price.png
.png
Skin/HotelSkin/icon_side_star.png
.png
Skin/HotelSkin/icon_tj_c.png
.png
Skin/HotelSkin/icon_tj_h.png
.png
Skin/HotelSkin/icon_tj_n.png
.png
Skin/HotelSkin/ioc1.png
.png
Skin/HotelSkin/line.bmp
Skin/HotelSkin/line.png
.png
Skin/HotelSkin/line2.bmp
Skin/HotelSkin/list_bg.png
.png
Skin/HotelSkin/load.png
.png
Skin/HotelSkin/login_bk2.png
.png
Skin/HotelSkin/login_down.png
.png
Skin/HotelSkin/login_edit.png
.png
Skin/HotelSkin/messagebox/information.png
.png
Skin/HotelSkin/messagebox/question.png
.png
Skin/HotelSkin/messagebox/stop.png
.png
Skin/HotelSkin/messagebox/warning.png
.png
Skin/HotelSkin/myd_bg.png
.png
Skin/HotelSkin/noresults.bmp
Skin/HotelSkin/noresults.png
.png
Skin/HotelSkin/scrollButton/left_dis.png
.png
Skin/HotelSkin/scrollButton/left_nor.png
.png
Skin/HotelSkin/scrollButton/left_over.png
.png
Skin/HotelSkin/scrollButton/right_dis.png
.png
Skin/HotelSkin/scrollButton/right_nor.png
.png
Skin/HotelSkin/scrollButton/right_over.png
.png
Skin/HotelSkin/sel01.png
.png
Skin/HotelSkin/separ1.png
.png
Skin/HotelSkin/star/star1.gif
.gif
Skin/HotelSkin/star/star1.png
.png
Skin/HotelSkin/star/star2.png
.png
Skin/HotelSkin/star/star3.png
.png
Skin/HotelSkin/star/star4.png
.png
Skin/HotelSkin/star/star5.png
.png
Skin/HotelSkin/star/star6.png
.png
Skin/HotelSkin/star/star7.png
.png
Skin/HotelSkin/star/star8.png
.png
Skin/HotelSkin/star/star9.png
.png
Skin/HotelSkin/star05.png
.png
Skin/HotelSkin/szfgx.png
.png
Skin/HotelSkin/szxmjt.png
.png
Skin/HotelSkin/szxmk.png
.png
Skin/HotelSkin/topbar.png
.png
Skin/HotelSkin/url.blank.png
.png
Skin/HotelSkin/win_close_h.png
.png
Skin/HotelSkin/win_close_n.png
.png
Skin/HotelSkin/win_max_h.png
.png
Skin/HotelSkin/win_max_n.png
.png
Skin/HotelSkin/win_min_h.png
.png
Skin/HotelSkin/win_min_n.png
.png
Skin/HotelSkin/win_restore_h.png
.png
Skin/HotelSkin/win_restore_n.png
.png
Skin/HotelSkin/zhuna.ico
Skin/HotelSkin/zhuna_logo.png
.png
Skin/Skin.xml
data/hotel.db
dskinlite.dll
.dll windows:4 windows x86 arch:x86

6ef264966f117fef5b34fc787a343432

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\work\dskinlite3.0\trunk\bin\dskinlite.pdb

Imports

comctl32

ImageList_Create
ImageList_Add
ImageList_DragMove
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_EndDrag
ImageList_Destroy

kernel32

CompareStringW
InterlockedExchange
CompareStringA
VirtualQuery
VirtualProtect
VirtualAlloc
InterlockedCompareExchange
ResumeThread
FlushInstructionCache
GetCurrentProcess
SetThreadContext
GetThreadContext
SuspendThread
GetConsoleOutputCP
WriteConsoleA
SetEnvironmentVariableA
SetStdHandle
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetLocaleInfoA
GetCurrentDirectoryA
InitializeCriticalSection
SetFilePointer
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
HeapSize
Sleep
GetStdHandle
WriteFile
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetDriveTypeA
ExitProcess
RaiseException
LeaveCriticalSection
EnterCriticalSection
GetCommandLineA
HeapReAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
GetFullPathNameA
SetEndOfFile
GetThreadLocale
GetVersionExA
GlobalReAlloc
GetCurrentThreadId
GetFileAttributesA
lstrlenW
GetPrivateProfileStringA
GetPrivateProfileIntA
LocalUnlock
GetConsoleWindow
LocalFree
LocalLock
LocalAlloc
MultiByteToWideChar
GetModuleHandleA
FreeLibrary
GetProcAddress
LoadLibraryA
GlobalUnlock
GlobalFree
GlobalLock
GlobalAlloc
CloseHandle
ReadFile
GetFileSize
CreateFileA
GetCurrentThread
WriteConsoleW
WideCharToMultiByte
FindResourceExA
LoadResource
LockResource
SizeofResource
FindResourceA
GetModuleFileNameA
FindNextFileA
GetLastError
FindFirstFileA
SetLastError
lstrlenA
FindClose
MulDiv
GetVersion
GetProcessHeap
HeapFree
HeapAlloc
GetCurrentProcessId

user32

SetMenuItemInfoA
GetSubMenu
GetMenuStringA
GetMenuItemID
GetDesktopWindow
GetKeyState
RegisterWindowMessageA
WindowFromPoint
SetWindowsHookExA
GetDC
EnumChildWindows
GetMenu
GetMenuState
PostMessageA
GetMonitorInfoA
MonitorFromWindow
SystemParametersInfoA
IsZoomed
GetWindowRgn
SetWindowRgn
EqualRect
GetComboBoxInfo
GetNextDlgGroupItem
GetDlgCtrlID
UpdateWindow
GetMenuItemInfoA
GetFocus
CreateWindowExA
IsWindowVisible
GetWindowTextLengthA
SetRectEmpty
EndPaint
BeginPaint
DestroyWindow
PostQuitMessage
WaitMessage
DispatchMessageA
TranslateMessage
IsDialogMessageA
PeekMessageA
CreateDialogIndirectParamA
GetAsyncKeyState
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
ShowWindow
GetWindowPlacement
IsIconic
RedrawWindow
GetWindowTextA
WinHelpA
SetWindowTextA
MoveWindow
SetForegroundWindow
GetMenuItemCount
TrackPopupMenu
SetFocus
CheckDlgButton
WindowFromDC
UnhookWindowsHookEx
AdjustWindowRectEx
GetClassLongA
SetClassLongA
GetForegroundWindow
CallNextHookEx
DrawFocusRect
GetSystemMenu
EnableMenuItem
EnableWindow
GetDlgItem
LoadIconA
GetDialogBaseUnits
DrawIcon
MessageBeep
GetLastActivePopup
GetActiveWindow
MessageBoxA
GetClassNameA
GetTopWindow
CreateIconFromResourceEx
LookupIconIdFromDirectoryEx
DestroyIcon
DrawIconEx
LoadImageA
GetCursor
SetCursor
ClientToScreen
LoadCursorA
DrawTextA
UnionRect
IntersectRect
IsRectEmpty
GetWindow
InvalidateRect
IsWindow
SetTimer
ScreenToClient
GetWindowRect
GetWindowDC
FillRect
SetCapture
KillTimer
GetParent
DrawEdge
PtInRect
OffsetRect
SetRect
ReleaseDC
GetSysColor
GetCursorPos
GetSysColorBrush
ReleaseCapture
GetSystemMetrics
MapWindowPoints
CallWindowProcA
DrawFrameControl
CopyRect
GetMessagePos
GetPropA
RemovePropA
GetClientRect
SendMessageA
SetScrollRange
GetScrollRange
SetPropA
SetWindowLongA
GetScrollInfo
GetWindowLongA
SetScrollPos
SetWindowPos
EnableScrollBar
ShowScrollBar
SetScrollInfo
GetScrollPos
IsWindowEnabled
UnregisterClassA

gdi32

GetStockObject
CreatePatternBrush
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
DeleteObject
UnrealizeObject
CreateBitmap
ExcludeClipRect
SetBkColor
SetBrushOrgEx
DeleteDC
SetTextColor
PatBlt
BitBlt
CreateDIBSection
SetStretchBltMode
StretchDIBits
CreateSolidBrush
CreateDCA
GetTextExtentPoint32A
CreatePen
GetObjectA
CreateFontIndirectA
SetBkMode
CreateFontA
GetTextMetricsA
CreateRectRgnIndirect
CreateEllipticRgnIndirect
CreateRoundRectRgn
CombineRgn
OffsetRgn
RectInRegion
CreateRectRgn
ExtSelectClipRgn
SaveDC
RestoreDC
SelectClipRgn
MoveToEx
LineTo
RoundRect
ExtCreateRegion
StretchBlt
SetViewportOrgEx
ExtTextOutA

shell32

DuplicateIcon

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture

shlwapi

PathIsRelativeA
PathRemoveFileSpecA
PathCombineA
PathIsDirectoryA
PathFileExistsA

Exports

Exports

??0dsTabControl@@QAE@ABV0@@Z
??0dsTabControl@@QAE@PAX@Z
??0dsTreeControl@@QAE@ABV0@@Z
??0dsTreeControl@@QAE@PAX@Z
??1dsTabControl@@UAE@XZ
??1dsTreeControl@@UAE@XZ
??4dsTabControl@@QAEAAV0@ABV0@@Z
??4dsTreeControl@@QAEAAV0@ABV0@@Z
??_7dsTabControl@@6B@
??_7dsTreeControl@@6B@
?AddCustomItem@dsTabControl@@QAEHPBD00@Z
?AddCustomItem@dsTabControl@@QAEHPBD0@Z
?AddItem@dsTabControl@@QAEHPBD00@Z
?AddItem@dsTabControl@@QAEHPBD0@Z
?CreateTabWidget@dsTabControl@@SAPAV1@PAUHWND__@@PBD@Z
?CreateTreeWidget@dsTreeControl@@SAPAV1@PAUHWND__@@PBD@Z
?DeleteAllItem@dsTabControl@@QAEHXZ
?DeleteAllItems@dsTreeControl@@QAEHXZ
?DeleteItem@dsTabControl@@QAEHH@Z
?DeleteItem@dsTreeControl@@QAEHPAU_TREEITEM@@@Z
?EnableDragDrop@dsTreeControl@@QAEXHIH@Z
?EnableEventItem@dsTreeControl@@QAEHPAU_TREEITEM@@PBDHH@Z
?EnsureVisible@dsTreeControl@@QAEHPAU_TREEITEM@@@Z
?Expand@dsTreeControl@@QAEHPAU_TREEITEM@@I@Z
?GetChildItem@dsTreeControl@@QAEPAU_TREEITEM@@PAU2@@Z
?GetChildItem@dsTreeControl@@QAEPAU_TREEITEM@@PAU2@H@Z
?GetChildrenCount@dsTreeControl@@QAEHPAU_TREEITEM@@@Z
?GetCount@dsTabControl@@QAEHXZ
?GetCurSel@dsTabControl@@QAEHXZ
?GetItemData@dsTabControl@@QAEKH@Z
?GetItemData@dsTreeControl@@QAEKPAU_TREEITEM@@@Z
?GetItemDrag@dsTreeControl@@QAEIPAU_TREEITEM@@@Z
?GetItemHeight@dsTreeControl@@QAEHPAU_TREEITEM@@I@Z
?GetItemRect@dsTabControl@@QAE?AUtagRECT@@H@Z
?GetItemRect@dsTreeControl@@QAEHPAU_TREEITEM@@PAUtagRECT@@@Z
?GetItemState@dsTreeControl@@QAEHPAU_TREEITEM@@@Z
?GetItemText@dsTabControl@@QAEHHPAD@Z
?GetItemText@dsTreeControl@@QAEHPAU_TREEITEM@@PAD@Z
?GetNextSiblingItem@dsTreeControl@@QAEPAU_TREEITEM@@PAU2@@Z
?GetParentItem@dsTreeControl@@QAEPAU_TREEITEM@@PAU2@@Z
?GetPrevSiblingItem@dsTreeControl@@QAEPAU_TREEITEM@@PAU2@@Z
?GetRootItem@dsTreeControl@@QAEPAU_TREEITEM@@XZ
?GetSelectedItem@dsTreeControl@@QAEPAU_TREEITEM@@XZ
?HitTest@dsTabControl@@QAEHHH@Z
?HitTest@dsTabControl@@QAEHUtagPOINT@@@Z
?HitTest@dsTreeControl@@QBEPAU_TREEITEM@@HH@Z
?InsertItem@dsTabControl@@QAEHHPBD00@Z
?InsertItem@dsTabControl@@QAEHHPBD0@Z
?InsertItem@dsTreeControl@@QAEPAU_TREEITEM@@PBD0PAU2@1@Z
?IsItemExpanded@dsTreeControl@@QAEHPAU_TREEITEM@@@Z
?ItemHasChildren@dsTreeControl@@QBEHPAU_TREEITEM@@@Z
?LockUpdate@dsTreeControl@@QAEXH@Z
?MoveItem@dsTreeControl@@QAEHPAU_TREEITEM@@0@Z
?MoveTab@dsTabControl@@QAEXHH@Z
?RedrawWindow@dsTreeControl@@QAEXXZ
?ResetItemHeight@dsTreeControl@@QAEXXZ
?SelectItem@dsTreeControl@@QAEXPAU_TREEITEM@@@Z
?SelectionBehaviorOnRemove@dsTabControl@@QBE?AW4SelectionBehavior@1@XZ
?SendMsgToParent@dsTabControl@@QAEXH@Z
?SetCurSel@dsTabControl@@QAEXH@Z
?SetDefaultItemSize@dsTabControl@@QAEXHH@Z
?SetDrawItemValue@dsTabControl@@QAEHHPBD0H@Z
?SetDrawItemValue@dsTreeControl@@QAEHPAU_TREEITEM@@PBD1H@Z
?SetDrawItemValueOfEventItem@dsTabControl@@QAEHHPBD00H@Z
?SetDrawItemValueOfEventItem@dsTreeControl@@QAEHPAU_TREEITEM@@PBD11H@Z
?SetDrawItemVisible@dsTabControl@@QAEHHHHHH@Z
?SetDrawItemVisible@dsTreeControl@@QAEHPAU_TREEITEM@@HHHH@Z
?SetDrawItemVisibleEx@dsTabControl@@QAEHHPBDHH@Z
?SetDrawItemVisibleEx@dsTreeControl@@QAEHPAU_TREEITEM@@PBDHH@Z
?SetItemData@dsTabControl@@QAEXHK@Z
?SetItemData@dsTreeControl@@QAEXPAU_TREEITEM@@K@Z
?SetItemDrag@dsTreeControl@@QAEXPAU_TREEITEM@@I@Z
?SetItemHeight@dsTreeControl@@QAEXPAU_TREEITEM@@HI@Z
?SetItemImage@dsTabControl@@QAEHHPBD@Z
?SetItemSize@dsTabControl@@QAEXHHH@Z
?SetItemText@dsTabControl@@QAEHHPBD@Z
?SetItemText@dsTreeControl@@QAEXPAU_TREEITEM@@PBD@Z
?SetItemToolTip@dsTabControl@@QAEXHPBD@Z
?SetLevelIndent@dsTreeControl@@QAEXH@Z
?SetLevelItemHeight@dsTreeControl@@QAEXHHH@Z
?SetMode@dsTabControl@@QAEXW4TabMode@1@@Z
?SetRedraw@dsTabControl@@QAEXH@Z
?SetSelectionBehaviorOnRemove@dsTabControl@@QAEXW4SelectionBehavior@1@@Z
?SetShape@dsTabControl@@QAEXW4Shape@1@@Z
?SetTabAutoSize@dsTabControl@@QAEXHH@Z
?SetTabInterval@dsTabControl@@QAEXH@Z
?SetTabStartPos@dsTabControl@@QAEXHH@Z
?SetToolTipsOfEventItem@dsTreeControl@@QAEHPAU_TREEITEM@@PBD1@Z
?SortChildren@dsTreeControl@@QAEHPAU_TREEITEM@@@Z
?SortChildrenCB@dsTreeControl@@QAEHPAUtagTVSORTCB@@@Z
dsAddMenuBar
dsAddStyleFile
dsAdjustColor
dsAdjustColor2
dsDrawImage
dsEnableMenuNoBorder
dsExitSkin
dsGetClientRect
dsGetColor
dsGetFont
dsGetIcon
dsGetLastError
dsGetMaxMinBox
dsInitKeys
dsInvalidateRect
dsLoadSkin
dsLoadSkinFromRes
dsLockState
dsMessageBox
dsResetAnimate
dsSetAnimateFrame
dsSetAnimatePlay
dsSetDrawItemSelfPaint
dsSetDrawItemValue
dsSetDrawItemValueEx
dsSetDrawItemValueOfEventItemEx
dsSetDrawItemVisible
dsSetDrawItemVisibleEx
dsSetDrawItemVisibleEx2
dsSetDrawItemVisibleOfEventItemEx
dsSetHighLight
dsSetItemStyle
dsSetProgressItemPos
dsSetProgressItemRange
dsSetSelfPaint
dsSetToolTips
dsSkinLayerWindow
dsSkinWindow
dsTrackPopupMenu

Sections

.text
Size: 556KB - Virtual size: 552KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninst.exe
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
zhuna.exe
.exe windows:5 windows x86 arch:x86

ca164867d4defb5694a42e1981085c98

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\程序源码\VC++\酒店预订\HotleBookSkin\Release\zhuna.pdb

Imports

dskinlite

dsSetItemStyle
dsExitSkin
dsLoadSkin
dsInitKeys
dsSetDrawItemVisible
dsSetDrawItemValue
?GetItemData@dsTabControl@@QAEKH@Z
dsSetDrawItemVisibleEx
dsSkinWindow
?DeleteItem@dsTabControl@@QAEHH@Z
?GetCount@dsTabControl@@QAEHXZ
?SetItemData@dsTabControl@@QAEXHK@Z
?AddItem@dsTabControl@@QAEHPBD0@Z
?SetRedraw@dsTabControl@@QAEXH@Z
?SendMsgToParent@dsTabControl@@QAEXH@Z
?SetTabStartPos@dsTabControl@@QAEXHH@Z
?SetDefaultItemSize@dsTabControl@@QAEXHH@Z
?SetTabInterval@dsTabControl@@QAEXH@Z
?SetMode@dsTabControl@@QAEXW4TabMode@1@@Z
?SetShape@dsTabControl@@QAEXW4Shape@1@@Z
dsSetDrawItemValueEx
?CreateTabWidget@dsTabControl@@SAPAV1@PAUHWND__@@PBD@Z
dsMessageBox
dsSetDrawItemValueOfEventItemEx

kernel32

LeaveCriticalSection
LocalAlloc
FindNextFileA
GlobalFlags
GetModuleHandleW
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
GetFileAttributesA
GetFileTime
GetCurrentDirectoryA
SetErrorMode
GetFileSizeEx
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
EnterCriticalSection
GetCommandLineA
GetStartupInfoA
RtlUnwind
HeapReAlloc
RaiseException
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitThread
CreateThread
Sleep
ExitProcess
HeapSize
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
VirtualFree
HeapCreate
GetStdHandle
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetDriveTypeA
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
GetModuleFileNameW
GetCurrentProcessId
FileTimeToSystemTime
lstrcmpA
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetModuleHandleA
GetProcAddress
SetLastError
GlobalAlloc
FormatMessageA
LocalFree
MulDiv
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetTickCount
InterlockedIncrement
FreeLibrary
LoadLibraryA
DeviceIoControl
CreateFileA
GetVersionExA
RemoveDirectoryA
CopyFileExA
CreateDirectoryA
FindClose
FindFirstFileA
DeleteFileA
MultiByteToWideChar
lstrlenA
HeapFree
GetProcessHeap
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
CloseHandle
GetModuleFileNameA
GetLastError
CreateMutexA
InterlockedDecrement
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
HeapAlloc

user32

SetWindowRgn
SetTimer
KillTimer
GetSysColorBrush
TranslateAcceleratorA
CreatePopupMenu
InsertMenuItemA
LoadAcceleratorsA
ReuseDDElParam
UnpackDDElParam
CharNextA
UnregisterClassA
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
FillRect
DestroyMenu
GetMenuItemInfoA
InflateRect
GetWindowThreadProcessId
GetMessageA
TranslateMessage
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetForegroundWindow
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
IsWindowVisible
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
ReleaseCapture
GetScrollInfo
SetScrollInfo
PtInRect
DefWindowProcA
CallWindowProcA
GetMenu
IntersectRect
GetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetFocus
SetWindowPos
SetFocus
ShowWindow
MoveWindow
SetWindowLongA
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
ScreenToClient
SetCursor
GetCursor
LoadCursorA
SystemParametersInfoA
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
EqualRect
SetRect
CopyRect
SetRectEmpty
AdjustWindowRectEx
GetParent
ReleaseDC
GetDC
MessageBoxA
PostMessageA
GetLastActivePopup
BroadcastSystemMessageA
BringWindowToTop
TrackPopupMenu
GetCursorPos
GetSubMenu
SetForegroundWindow
SetCapture
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableA
CharUpperA
ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
EndPaint
DrawIcon
GetSystemMetrics
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
GetSysColor
TabbedTextOutA
IsIconic
LoadMenuA
LoadIconA
GetDlgCtrlID
GetClassNameA
IsZoomed
InvalidateRect
GetClientRect
RemovePropA
GetPropA
SetPropA
IsWindow
SendMessageA
EnableWindow
OffsetRect
GetWindowRect
RegisterWindowMessageA

gdi32

TextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
PtVisible
DeleteDC
SetBkMode
GetStockObject
SaveDC
CreateSolidBrush
GetRgnBox
CreateEllipticRgn
LPtoDP
Ellipse
CreateCompatibleBitmap
GetBkColor
GetTextColor
GetMapMode
CreatePatternBrush
RestoreDC
GetPixel
GetWindowExtEx
GetViewportExtEx
GetTextExtentPoint32A
ExtTextOutA
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateRectRgnIndirect
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
DeleteObject
SetMapMode
RectVisible

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegOpenKeyExA
RegSetValueExA
RegOpenKeyA
RegDeleteKeyA
RegCloseKey
RegQueryValueExA

shell32

Shell_NotifyIconA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
DragFinish
ShellExecuteA
DragQueryFileA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
UrlUnescapeA
PathFindExtensionA
PathRemoveFileSpecW

oledlg

ord8

ole32

CoRegisterMessageFilter
CoTaskMemAlloc
CoInitialize
CoUninitialize
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleRun
CoTaskMemFree
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoInitializeEx
CoDisconnectObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject

oleaut32

SysFreeString
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysStringLen
SysAllocStringLen
SafeArrayCreate
VarUdateFromDate
VariantChangeType
SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringByteLen
SysAllocStringByteLen
VariantClear
VariantCopy
VariantInit
SafeArrayGetDim
SafeArrayDestroy
VarBstrFromCy
LoadTypeLi
OleCreateFontIndirect
GetErrorInfo

wininet

InternetQueryOptionA
InternetCanonicalizeUrlA
InternetOpenUrlA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
InternetQueryDataAvailable
InternetCrackUrlA

Sections

.text
Size: 486KB - Virtual size: 485KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 34KB - Virtual size: 34KB

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

6ef264966f117fef5b34fc787a343432

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

gdi32

shell32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 556KB - Virtual size: 552KB

.rdata Size: 100KB - Virtual size: 98KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 4KB - Virtual size: 924B

.reloc Size: 32KB - Virtual size: 31KB

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 34KB - Virtual size: 34KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 556KB - Virtual size: 552KB

.rdata
Size: 100KB - Virtual size: 98KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 4KB - Virtual size: 924B

.reloc
Size: 32KB - Virtual size: 31KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 34KB - Virtual size: 34KB

.text
Size: 486KB - Virtual size: 485KB

.rdata
Size: 125KB - Virtual size: 124KB

.data
Size: 14KB - Virtual size: 28KB

.rsrc
Size: 121KB - Virtual size: 120KB

.reloc
Size: 60KB - Virtual size: 59KB