858c56ce1a988a51044d3d4fab6429cd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

858c56ce1a988a51044d3d4fab6429cd_JaffaCakes118
Size

1.5MB
MD5

858c56ce1a988a51044d3d4fab6429cd
SHA1

644faaae57ff71d788b4a80e9a4fcbc26052e079
SHA256

d0b14a44a6596e78cac30eadc670264ee17dbc060278e5f0b70a6d1a2556558c
SHA512

49ff188071844ef59e8ea745a4a434a92581adf6271c6b403b94b958061a4e04fb1800610865187b396c9e39ea89aa08a2d3aa35ccd4010aaf42370c89710064
SSDEEP

24576:iz23UST2e8VBpIaoxN1O8bks8AmFLAiMEvJee2R8RBAxuIwmzuo7FJ+38/dRBjdN:9392tfqxGSt8lLGe2+RWuIwmKoRJh/db

Score

3^/10

Malware Config

Signatures

Unsigned PE 22 IoCs

Checks for missing Authenticode signature.

resource
858c56ce1a988a51044d3d4fab6429cd_JaffaCakes118
unpack001/$PLUGINSDIR/BrandingURL.dll
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/LangDLL.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/ToolTips.dll
unpack001/ActionUP.exe
unpack001/AutoDetect.exe
unpack001/CleanCenter.exe
unpack001/CleanFav.exe
unpack001/CleanShortCuts.exe
unpack001/KBClean.exe
unpack001/MyUpdate.exe
unpack001/RegistryDoctor.exe
unpack001/SkinPlusPlus.dll
unpack001/TrackClean.exe
unpack001/Unzip.exe
unpack001/VistaKBClr.exe
unpack001/WjfClean.exe
unpack001/ZeroRemover.exe
unpack001/uninst.exe
unpack002/$PLUGINSDIR/FindProcDLL.dll

Files

858c56ce1a988a51044d3d4fab6429cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dd1742eadfc6df18ded3c26ae64ad610

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
CloseHandle
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
ExitProcess

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/BrandingURL.dll
.dll windows:4 windows x86 arch:x86

711c893e4d8189fd14b6563a4e35e663

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GlobalFree

user32

GetWindowRect
SetCapture
InvalidateRect
SendMessageA
GetCapture
ClientToScreen
GetDlgItem
RedrawWindow
EnableWindow
LoadImageA
SetPropA
GetWindowLongA
PtInRect
ReleaseCapture
SetCursor
GetPropA
CallWindowProcA
SetWindowLongA

gdi32

GetObjectA
SetTextColor
CreateFontIndirectA

shell32

ShellExecuteA

Exports

Exports

Set
Unload

Sections

.text
Size: 1024B - Virtual size: 994B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 871B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

946eb0a1e85c9ade4acaf634eb5a64f1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetACP
GlobalFree
lstrcpynA
lstrcmpA
lstrlenA
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc

user32

SetWindowTextA
SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
LoadIconA
SendMessageA
ShowWindow
GetDC

gdi32

CreateFontIndirectA
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 697B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ToolTips.dll
.dll windows:4 windows x86 arch:x86

04338c58e26f4ac6ae89608ac6276429

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
GlobalFree
HeapAlloc

user32

GetClientRect
SendMessageA
CreateWindowExA

comctl32

ord17

Exports

Exports

Author
Classic
Modern

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 409B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
Action.inf
ActionUP.exe
.exe windows:4 windows x86 arch:x86

36d19efdcb373fc81ccbd035dfec0258

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord641
ord686
ord693
ord2514
ord2621
ord1134
ord800
ord3790
ord1105
ord823
ord2764
ord4202
ord6907
ord3998
ord858
ord537
ord535
ord2818
ord540
ord5265
ord4376
ord4853
ord4998
ord6052
ord1775
ord4407
ord5280
ord4425
ord3597
ord2582
ord6055
ord4078
ord1776
ord4402
ord5241
ord2385
ord5163
ord3262
ord4353
ord5290
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord3370
ord4627
ord3640
ord1146
ord1168
ord567
ord384
ord324
ord2302
ord4234
ord3996
ord2862
ord2096
ord4710
ord2379
ord755
ord470
ord6215
ord3663
ord2448
ord5710
ord4129
ord6929
ord6927
ord860
ord665
ord354
ord2044
ord5834
ord5450
ord6394
ord5440
ord6383
ord541
ord801
ord5861
ord6143
ord3136
ord4465
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord6374
ord4673
ord1576

msvcrt

__p___argc
_mbsicmp
rename
_mbscmp
_setmbcp
__dllonexit
_onexit
_controlfp
_exit
_XcptFilter
exit
_acmdln
sprintf
__CxxFrameHandler
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
strrchr

kernel32

CloseHandle
MoveFileExA
DeleteFileA
WinExec
TerminateProcess
OpenProcess
GetProcAddress
LoadLibraryA
Module32First
CreateToolhelp32Snapshot
GetVersionExA
Process32Next
GetPriorityClass
Process32First
FreeLibrary
GetModuleHandleA
GetStartupInfoA
Module32Next
GetModuleFileNameA

user32

EnableWindow
KillTimer
IsIconic
GetClientRect
DrawIcon
SendMessageA
SetWindowPos
SetTimer
LoadIconA
GetSystemMetrics

comctl32

ImageList_ReplaceIcon

skinplusplus

ord1

msvcirt

??0ifstream@@QAE@XZ
?openprot@filebuf@@2HB
?open@ifstream@@QAEXPBDHH@Z
??1ifstream@@UAE@XZ
??1ios@@UAE@XZ
?close@ifstream@@QAEXXZ
??_Difstream@@QAEXXZ
_mtunlock
?get@istream@@IAEAAV1@PADHH@Z
_mtlock

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
AutoDetect.exe
.exe windows:4 windows x86 arch:x86

bbb7a5fc93196082496d02d75a863919

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord858
ord6877
ord3790
ord5265
ord4998
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord1146
ord1168
ord860
ord324
ord2289
ord2370
ord2301
ord4234
ord4710
ord2379
ord755
ord470
ord1105
ord2864
ord1175
ord6334
ord4853
ord4224
ord6374
ord3663
ord4275
ord3571
ord3626
ord640
ord2414
ord5873
ord2860
ord2754
ord5785
ord1641
ord1640
ord323
ord1871
ord4220
ord2584
ord3654
ord2863
ord2438
ord1644
ord2764
ord537
ord2818
ord535
ord540
ord1134
ord2621
ord2514
ord800
ord641
ord815
ord825
ord561
ord3738
ord4424
ord4622
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord6215
ord4673
ord1576

msvcrt

_except_handler3
_setmbcp
sprintf
strrchr
__CxxFrameHandler
strstr
__p___argc
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

kernel32

ReleaseMutex
CloseHandle
GetLastError
GetStartupInfoA
CreateMutexA
Sleep
GetModuleHandleA
GetModuleFileNameA
GetVersion
lstrlenA

user32

GetMenuItemID
EnableWindow
RegisterHotKey
UnregisterHotKey
KillTimer
GetWindow
FindWindowExA
GetClassNameA
IsIconic
GetClientRect
DrawIcon
SetTimer
LoadIconA
SendMessageA
IsWindow
SetForegroundWindow
PostMessageA
TrackPopupMenu
GetSubMenu
SetMenuDefaultItem
GetSystemMetrics
GetCursorPos
LoadMenuA

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
BitBlt
MaskBlt

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA

shell32

Shell_NotifyIconA
ShellExecuteA

skinplusplus

ord1

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
CleanCenter.exe
.exe windows:4 windows x86 arch:x86

80a0ab1268cc66c356c396346e5410b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord472
ord5440
ord6383
ord5450
ord6394
ord2575
ord6055
ord4078
ord1776
ord4396
ord5241
ord2385
ord5163
ord6374
ord4353
ord5290
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3402
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3574
ord809
ord609
ord556
ord567
ord4275
ord4284
ord2379
ord5053
ord4774
ord5981
ord6270
ord3874
ord613
ord6880
ord289
ord2122
ord4160
ord6358
ord1088
ord6197
ord283
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord323
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord818
ord641
ord795
ord1195
ord5943
ord2621
ord1134
ord2818
ord3337
ord3811
ord5265
ord4376
ord4853
ord4998
ord6052
ord1775
ord4407
ord5280
ord4425
ord3597
ord324
ord2302
ord4234
ord3721
ord1168
ord6199
ord4710
ord755
ord470
ord6215
ord4299
ord2086
ord5953
ord3097
ord1929
ord2860
ord3797
ord2915
ord1200
ord926
ord2448
ord5710
ord6929
ord6927
ord665
ord3790
ord354
ord2044
ord5834
ord2393
ord690
ord5207
ord389
ord2135
ord1105
ord1572
ord2754
ord1949
ord4034
ord1640
ord6194
ord640
ord3619
ord3596
ord5864
ord6061
ord5571
ord5579
ord5736
ord5678
ord5794
ord5789
ord5873
ord6172
ord6021
ord6189
ord4330
ord6186
ord5756
ord6192
ord5759
ord2971
ord1641
ord858
ord2614
ord5788
ord2567
ord2414
ord5683
ord4277
ord2763
ord4129
ord5875
ord3626
ord2753
ord2452
ord536
ord5856
ord4202
ord2764
ord537
ord1621
ord4297
ord4133
ord5787
ord941
ord940
ord939
ord2919
ord5572
ord1146
ord1644
ord554
ord2120
ord4163
ord2012
ord2920
ord807
ord5860
ord2408
ord2096
ord1175
ord2864
ord2405
ord2514
ord5785
ord3693
ord3573
ord3571
ord2859
ord5606
ord2863
ord4083
ord6142
ord823
ord2438
ord3663
ord3654
ord2584
ord4220
ord1862
ord825
ord500
ord3701
ord772
ord540
ord1574
ord860
ord535
ord800
ord1099
ord686
ord2396
ord384
ord1576

msvcrt

_setmbcp
free
malloc
__CxxFrameHandler
wcscpy
wcslen
_ftol
memmove
_mbscmp
_mbsnbcpy
sprintf
strrchr
_mbsstr
fclose
fwrite
fopen
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

kernel32

GetModuleHandleA
DeleteFileA
lstrcatA
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
WinExec
SetCurrentDirectoryA
GetModuleFileNameA
CreateMutexA
GetLastError
lstrcmpiA
FindResourceA
LoadResource
LockResource
GetACP
GetCPInfo
lstrlenW
lstrlenA
GetVersion
GetVersionExA
GetStartupInfoA

user32

GetMenuItemInfoA
GetDesktopWindow
GetSystemMetrics
AppendMenuA
GetMenuItemCount
ModifyMenuA
GetMenuState
GetMenuItemID
CreatePopupMenu
CreateMenu
GetMenuStringA
GetSysColorBrush
LoadBitmapA
TabbedTextOutA
SetRect
UpdateWindow
KillTimer
SetTimer
LoadCursorA
CopyIcon
IsWindow
SetWindowLongA
PtInRect
ReleaseCapture
DrawEdge
FillRect
CopyRect
RedrawWindow
SetCapture
MessageBeep
IsIconic
DrawIcon
GetSystemMenu
LoadIconA
EnableWindow
GetSubMenu
DestroyCursor
GetSysColor
SystemParametersInfoA
DestroyIcon
DrawIconEx
ReleaseDC
DrawTextA
MessageBoxA
GetDC
GetWindowLongA
SendMessageA
FrameRect
LoadImageA
DrawStateA
OffsetRect
GetClientRect
InflateRect
DrawFocusRect
GetWindowRect
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
GrayStringA

gdi32

PatBlt
TextOutA
ExtTextOutA
Escape
GetStockObject
CreateFontA
SetTextColor
SetBkColor
CreateBitmap
RectVisible
MaskBlt
PtVisible
GetObjectA
GetPixel
SetPixel
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
CreatePen
GetDeviceCaps
GetBkMode

advapi32

RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey
RegSetValueExA

shell32

ShellExecuteExA
ShellExecuteA

comctl32

ImageList_GetImageCount
ImageList_GetIcon
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_Draw
_TrackMouseEvent

oleaut32

VariantClear

skinplusplus

ord27
ord1

winmm

PlaySoundA

msvcirt

?close@ifstream@@QAEXXZ
_mtlock
?get@istream@@IAEAAV1@PADHH@Z
_mtunlock
??0ifstream@@QAE@XZ
?openprot@filebuf@@2HB
?open@ifstream@@QAEXPBDHH@Z
??1ifstream@@UAE@XZ
??1ios@@UAE@XZ
??_Difstream@@QAEXXZ

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
CleanFav.exe
.exe windows:4 windows x86 arch:x86

d0e3035b007b9d4ba48a3de8d49cdcef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2452
ord2753
ord1195
ord472
ord5440
ord6383
ord5450
ord6394
ord2575
ord5290
ord5277
ord3402
ord6055
ord4078
ord1776
ord4396
ord5241
ord2385
ord5163
ord6374
ord4353
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3574
ord809
ord609
ord556
ord567
ord4275
ord4284
ord2379
ord5053
ord4774
ord5981
ord6270
ord3874
ord613
ord6880
ord289
ord2122
ord283
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord1640
ord5714
ord4622
ord3738
ord561
ord815
ord641
ord818
ord693
ord765
ord2514
ord5943
ord2621
ord1134
ord1199
ord1247
ord536
ord2818
ord5861
ord922
ord923
ord6648
ord5265
ord4376
ord4853
ord4998
ord6052
ord1775
ord5280
ord4425
ord3597
ord4407
ord3698
ord2582
ord4402
ord3370
ord3640
ord1168
ord324
ord2135
ord2302
ord4234
ord1768
ord3996
ord2862
ord4710
ord755
ord470
ord801
ord1200
ord690
ord1988
ord2393
ord6888
ord6907
ord3998
ord5356
ord5808
ord1075
ord5204
ord3229
ord1228
ord389
ord5953
ord6143
ord541
ord1576
ord4224
ord3302
ord6675
ord2642
ord3092
ord2448
ord5710
ord6929
ord6927
ord665
ord3790
ord354
ord2044
ord5834
ord1949
ord6194
ord640
ord3596
ord5864
ord6061
ord5571
ord5579
ord5736
ord5678
ord5794
ord5789
ord5873
ord6172
ord6021
ord6189
ord4330
ord6186
ord5756
ord6192
ord5759
ord2971
ord3619
ord1641
ord858
ord2614
ord5788
ord2567
ord2414
ord5683
ord4277
ord2763
ord5856
ord4202
ord2764
ord537
ord1621
ord4297
ord4133
ord5787
ord941
ord940
ord939
ord2919
ord5572
ord1146
ord1644
ord554
ord2120
ord4163
ord2012
ord2920
ord807
ord5860
ord2408
ord2096
ord1175
ord2864
ord2405
ord5785
ord2725
ord323
ord4129
ord5875
ord3626
ord3693
ord3573
ord3571
ord2859
ord5606
ord2863
ord4083
ord6142
ord823
ord2438
ord3663
ord3654
ord2584
ord4220
ord1862
ord825
ord500
ord3701
ord772
ord540
ord1574
ord860
ord535
ord800
ord1099
ord686
ord384
ord5289
ord1105

msvcrt

_setmbcp
free
malloc
__CxxFrameHandler
wcscpy
wcslen
_ftol
memmove
_mbscmp
_mbsnbcpy
strrchr
sprintf
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__fmode
__set_app_type
_except_handler3
_controlfp
__p__commode

kernel32

GetModuleHandleA
TerminateThread
GetCurrentDirectoryA
GetProcessHeap
HeapAlloc
SetCurrentDirectoryA
FindFirstFileA
FindNextFileA
FindClose
HeapFree
DeleteFileA
GetModuleFileNameA
GetCurrentProcess
lstrcmpiA
FindResourceA
LoadResource
LockResource
GetACP
GetCPInfo
lstrlenW
lstrlenA
GetVersion
GetVersionExA
GetStartupInfoA

user32

SendMessageA
GetDesktopWindow
GetSystemMetrics
AppendMenuA
GetMenuItemCount
ModifyMenuA
GetMenuState
GetMenuItemID
CreatePopupMenu
CreateMenu
GetMenuStringA
GetSysColorBrush
LoadBitmapA
GetDC
TabbedTextOutA
GrayStringA
GetSubMenu
DrawTextA
ReleaseDC
DrawIconEx
DestroyCursor
GetWindowLongA
KillTimer
IsIconic
DrawIcon
SetWindowPos
SetTimer
LoadIconA
EnableWindow
DestroyIcon
GetMenuItemInfoA
SetRect
DrawEdge
FillRect
CopyRect
GetSysColor
FrameRect
LoadImageA
GetIconInfo
CreateIconIndirect
DrawStateA
OffsetRect
GetClientRect
InflateRect
DrawFocusRect
GetWindowRect
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
SystemParametersInfoA

gdi32

TextOutA
ExtTextOutA
Escape
GetStockObject
CreateFontA
SetBkColor
CreateBitmap
PatBlt
RectVisible
PtVisible
GetObjectA
GetPixel
SetPixel
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
CreatePen
GetDeviceCaps
GetBkMode

advapi32

RegQueryValueExA
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey

shell32

SHFileOperationA
ShellExecuteExA

comctl32

ImageList_GetImageCount
ImageList_GetIcon
ImageList_AddMasked
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_Draw

skinplusplus

ord1
ord27

winmm

PlaySoundA

msvcirt

_mtunlock
??0ifstream@@QAE@XZ
?openprot@filebuf@@2HB
?open@ifstream@@QAEXPBDHH@Z
??1ifstream@@UAE@XZ
??1ios@@UAE@XZ
?close@ifstream@@QAEXXZ
??_Difstream@@QAEXXZ
?get@istream@@IAEAAV1@PADHH@Z
_mtlock

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
CleanPlugin/ACDSee ʷ¼
CleanPlugin/AbsoluteFTP ʷ¼
CleanPlugin/Acrobat Reader 5 ʷ¼
CleanPlugin/Acrobat Reader 6 ʷ¼
CleanPlugin/Ad-aware 6 ʷ¼
CleanPlugin/Adaptec Easy CD Creator ʷ¼
CleanPlugin/Adobe Photoshop 6.0 ʷ¼
CleanPlugin/Adobe Photoshop 7.0 ʷ¼
CleanPlugin/BitTorrent滺
CleanPlugin/Bitcometؼ¼
CleanPlugin/Borland Delphi v7 ʷ¼
CleanPlugin/CuteFTP ʷ¼
CleanPlugin/Disk Explorer Professional 3 ʷ¼
CleanPlugin/Diskeeper 5.0 ʷ¼
CleanPlugin/DivX Player ʷ¼
CleanPlugin/Download Accelerator ʷ¼
CleanPlugin/Easy CD ¼¼
CleanPlugin/Ebay Toolbar ʷ¼
CleanPlugin/Eͨ
CleanPlugin/FlashFXPļ
CleanPlugin/Foxmail 
CleanPlugin/GetRight ʷ¼
CleanPlugin/Google Deskbar ʷ¼
CleanPlugin/Google Toolbar ʷ¼
CleanPlugin/Graphic Workshop Pro ʷ¼
CleanPlugin/HLSWϷ̨¼
CleanPlugin/HyperSnap 5 ͼ¼
CleanPlugin/ICQ 2003a ʷ¼
CleanPlugin/KMPlayer
CleanPlugin/LeapFTP 2.6 ʷ¼
CleanPlugin/MSN Messenger ʷ¼
CleanPlugin/MSN Toolbar ʷ¼
CleanPlugin/Macromedia Dreamweaver MX ʷ¼
CleanPlugin/Macromedia Firework MX ʷ¼
CleanPlugin/Macromedia Flash MX ʷ¼
CleanPlugin/McAfee Virus Scan() ʷ¼
CleanPlugin/Microsoft Imaging ʷ¼
CleanPlugin/Microsoft Netmeeting ʷ¼
CleanPlugin/Microsoft Office 2000 ʷ¼
CleanPlugin/Microsoft Office 97 ʷ¼
CleanPlugin/Microsoft Office XP ʷ¼
CleanPlugin/Microsoft Photo Editor 3.0 ʷ¼
CleanPlugin/Microsoft Publisher 2000 ʷ¼
CleanPlugin/Microsoft Word 2000 ʷ¼
CleanPlugin/Microsoft Word Backup Files ʷ¼
CleanPlugin/NetAnts ʷ¼
CleanPlugin/NetCaptor ʷ¼
CleanPlugin/Norton Anti-Virusŵɱ ʷ¼
CleanPlugin/Norton Firewalŵٷǽ ʷ¼
CleanPlugin/Norton Internet Securityŵٻǽ ʷ¼
CleanPlugin/Outlook Express 5,6 ʷ¼
CleanPlugin/PhotoDraw 2000 ʷ¼
CleanPlugin/PhotoImpact Viewer 4.0 ʷ¼
CleanPlugin/PhotoImpact(Ӳ) ʷ¼
CleanPlugin/PowerDVD ʷ¼
CleanPlugin/QQ Զʷ¼
CleanPlugin/QQ2004 ʷ
CleanPlugin/QQ2005 ʷ
CleanPlugin/QQGame2004 Ϸ
CleanPlugin/QQGame2005 Ϸ
CleanPlugin/QQϷʷ¼
CleanPlugin/RealNetworks Real Download ʷ¼
CleanPlugin/RealOne & RealPlayer ʷ¼
CleanPlugin/Roxio Easy CD Creator ʷ¼
CleanPlugin/Ulead GIF Animator ʷ¼
CleanPlugin/Ulead Photo Express ʷ¼
CleanPlugin/UltraEdit ʷ¼
CleanPlugin/WinAce 2. ʷ¼
CleanPlugin/WinISO ̾¼
CleanPlugin/WinRAR 3.0 ʷ¼
CleanPlugin/WinZip 9.0-9.1 ʷ¼
CleanPlugin/Winamp ʷ¼
CleanPlugin/Windows XP Ԥļ
CleanPlugin/Windows ӳб
CleanPlugin/Windows־ļ
CleanPlugin/Yahoo! Messenger ʷ¼
CleanPlugin/Yahoo! Player ʷ¼
CleanPlugin/Zone Alarm ǽ־
CleanPlugin/Ѹ׹滺
CleanPlugin/Ӱʹ ļ
CleanPlugin/
CleanPlugin/Ӱ¼
CleanPlugin/ؾؼ¼
CleanPlugin/⹤¼
CleanPlugin/ֺ
CleanPlugin/ǽ־
CleanPlugin/ʿ쳵FlashGet ʷ¼
CleanPlugin/UC
CleanShortCuts.exe
.exe windows:4 windows x86 arch:x86

6129ff200c772e5ff3e05c01d8ef98bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2753
ord1195
ord472
ord5440
ord6383
ord5450
ord6394
ord2575
ord5290
ord5277
ord3402
ord6055
ord4078
ord1776
ord4396
ord5241
ord2385
ord5163
ord6374
ord4353
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3574
ord809
ord609
ord556
ord567
ord4275
ord4284
ord2379
ord5053
ord4774
ord5981
ord6270
ord3874
ord613
ord6880
ord289
ord2122
ord283
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord3596
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord641
ord818
ord693
ord2514
ord2621
ord1134
ord2725
ord2452
ord801
ord5861
ord6143
ord3790
ord6648
ord2818
ord4204
ord665
ord1979
ord5442
ord3318
ord5186
ord354
ord922
ord923
ord1200
ord6907
ord926
ord2642
ord3092
ord5953
ord6883
ord5265
ord4376
ord4998
ord6052
ord1775
ord5280
ord4425
ord3597
ord4407
ord2582
ord4402
ord3370
ord3640
ord1168
ord324
ord2135
ord2302
ord4234
ord1768
ord1105
ord4710
ord755
ord470
ord4224
ord3302
ord6675
ord2862
ord3996
ord6888
ord1576
ord6215
ord2448
ord5710
ord6929
ord6927
ord2044
ord5834
ord1949
ord5864
ord6061
ord5571
ord5579
ord5736
ord5678
ord5794
ord5789
ord5873
ord6172
ord6021
ord6189
ord4330
ord6186
ord5756
ord6192
ord5759
ord2971
ord3619
ord1641
ord858
ord2614
ord5788
ord2567
ord2414
ord5683
ord4277
ord2763
ord4129
ord5875
ord3626
ord3693
ord3573
ord3571
ord2859
ord5606
ord536
ord5856
ord4202
ord2764
ord537
ord1621
ord4297
ord4133
ord5787
ord941
ord940
ord939
ord2919
ord5572
ord1146
ord1644
ord554
ord2120
ord4163
ord2012
ord2920
ord807
ord5860
ord2408
ord2096
ord1175
ord2864
ord2405
ord5785
ord323
ord1640
ord6194
ord541
ord640
ord2863
ord4083
ord6142
ord823
ord2438
ord3663
ord3654
ord2584
ord4220
ord1862
ord825
ord500
ord3701
ord772
ord540
ord1574
ord860
ord535
ord800
ord1099
ord686
ord384
ord5300

msvcrt

_setmbcp
free
malloc
__CxxFrameHandler
wcscpy
wcslen
_ftol
memmove
_mbscmp
_mbsnbcpy
strrchr
exit
fclose
fopen
sprintf
strstr
__p___argv
__p___argc
__dllonexit
_onexit
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__setusermatherr

kernel32

GetModuleHandleA
TerminateThread
GetWindowsDirectoryA
Sleep
GetCurrentDirectoryA
GetProcessHeap
HeapAlloc
SetCurrentDirectoryA
HeapFree
FindNextFileA
DeleteFileA
GetModuleFileNameA
FindFirstFileA
FindClose
GetDriveTypeA
lstrcmpiA
FindResourceA
LoadResource
LockResource
GetACP
GetCPInfo
lstrlenW
lstrlenA
GetVersion
GetVersionExA
GetStartupInfoA

user32

GetDesktopWindow
GetSystemMetrics
AppendMenuA
GetMenuItemCount
ModifyMenuA
GetMenuState
GetMenuItemID
CreatePopupMenu
CreateMenu
GetMenuStringA
GetSysColorBrush
KillTimer
GetDC
DrawIcon
SetWindowPos
SetTimer
LoadIconA
RegisterHotKey
LoadBitmapA
DrawTextA
ReleaseDC
EnableWindow
FrameRect
LoadImageA
GetIconInfo
CreateIconIndirect
DrawStateA
OffsetRect
GetClientRect
InflateRect
DrawIconEx
DestroyIcon
SystemParametersInfoA
GetSysColor
CopyRect
GetMenuItemInfoA
SetRect
DrawEdge
IsIconic
DrawFocusRect
GetWindowRect
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
SendMessageA
GetWindowLongA
DestroyCursor
GetSubMenu
GrayStringA
TabbedTextOutA
FillRect

gdi32

PtVisible
RectVisible
PatBlt
TextOutA
ExtTextOutA
Escape
GetStockObject
CreateFontA
GetObjectA
CreateBitmap
GetPixel
SetPixel
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
CreatePen
SetBkColor
GetDeviceCaps
GetBkMode

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHFileOperationA
ShellExecuteExA

comctl32

ImageList_GetImageCount
ImageList_GetIcon
ImageList_AddMasked
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_Draw

skinplusplus

ord32
ord1
ord27

winmm

PlaySoundA

msvcirt

??0ofstream@@QAE@XZ
?open@ofstream@@QAEXPBDHH@Z
??6ostream@@QAEAAV0@PBD@Z
??6ostream@@QAEAAV0@E@Z
?endl@@YAAAVostream@@AAV1@@Z
?close@ofstream@@QAEXXZ
??1ofstream@@UAE@XZ
_mtunlock
??0ifstream@@QAE@XZ
?openprot@filebuf@@2HB
?open@ifstream@@QAEXPBDHH@Z
??1ifstream@@UAE@XZ
??1ios@@UAE@XZ
?close@ifstream@@QAEXXZ
??_Difstream@@QAEXXZ
?get@istream@@IAEAAV1@PADHH@Z
??_Dofstream@@QAEXXZ
_mtlock

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
CleanShortCuts.ini
KBClean.exe
.exe windows:4 windows x86 arch:x86

f1927cedbaea6e93ee20ffca0b0f3df0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord554
ord1644
ord1146
ord5572
ord2919
ord939
ord940
ord941
ord5787
ord4133
ord4297
ord1621
ord537
ord2764
ord4202
ord5856
ord536
ord2452
ord2753
ord1195
ord472
ord5440
ord6383
ord5450
ord6394
ord2575
ord5290
ord5277
ord3402
ord6055
ord4078
ord1776
ord4396
ord5241
ord2385
ord5163
ord6374
ord4353
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3574
ord809
ord609
ord556
ord567
ord4275
ord4284
ord2379
ord5053
ord4774
ord5981
ord6270
ord3874
ord613
ord6880
ord289
ord2122
ord5873
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord1775
ord4407
ord5280
ord4425
ord3597
ord324
ord641
ord2120
ord3790
ord2818
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord765
ord693
ord2621
ord1134
ord1168
ord6883
ord922
ord923
ord541
ord801
ord3698
ord2582
ord4402
ord3370
ord3640
ord2301
ord2302
ord1768
ord3996
ord2862
ord755
ord470
ord5953
ord6907
ord3998
ord5861
ord6877
ord6143
ord4224
ord6888
ord3302
ord6199
ord926
ord2078
ord6675
ord3301
ord6334
ord6172
ord6021
ord6189
ord4330
ord6186
ord5756
ord6192
ord5759
ord2971
ord3619
ord1641
ord858
ord2614
ord5788
ord2567
ord2414
ord5683
ord4277
ord2763
ord4129
ord5875
ord3626
ord3693
ord3573
ord3571
ord2859
ord5606
ord2863
ord4083
ord6142
ord4163
ord2012
ord2920
ord807
ord5860
ord2408
ord2096
ord1175
ord2864
ord2405
ord5785
ord323
ord1640
ord6194
ord640
ord3596
ord5864
ord6061
ord5571
ord5579
ord5736
ord5678
ord5794
ord4234
ord5789
ord823
ord2438
ord3663
ord3654
ord2584
ord4220
ord1862
ord825
ord500
ord3701
ord772
ord540
ord1574
ord860
ord535
ord800
ord1099
ord686
ord283
ord384
ord1576

msvcrt

__setusermatherr
free
malloc
__CxxFrameHandler
wcscpy
wcslen
_ftol
memmove
_mbscmp
_mbsnbcpy
sprintf
strrchr
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_setmbcp

kernel32

GetModuleHandleA
WinExec
SetFileAttributesA
GetCurrentDirectoryA
GetProcessHeap
HeapAlloc
SetCurrentDirectoryA
HeapFree
GetWindowsDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetModuleFileNameA
lstrcmpiA
FindResourceA
LoadResource
LockResource
GetACP
GetCPInfo
lstrlenW
lstrlenA
GetVersion
GetVersionExA
GetStartupInfoA

user32

FillRect
WindowFromPoint
GetDC
GetMenuItemInfoA
GetDesktopWindow
GetSystemMetrics
AppendMenuA
GetMenuItemCount
ModifyMenuA
GetMenuState
ClientToScreen
GetMenuItemID
KillTimer
IsIconic
CopyRect
SetWindowPos
SetTimer
LoadIconA
PeekMessageA
PostQuitMessage
EnableWindow
FrameRect
LoadImageA
GetIconInfo
GetSysColor
SystemParametersInfoA
DestroyIcon
DrawIconEx
CreateIconIndirect
DrawStateA
OffsetRect
GetClientRect
InflateRect
DrawFocusRect
GetWindowRect
PostMessageA
ReleaseDC
DrawIcon
DrawTextA
SetRect
GetActiveWindow
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
SendMessageA
GetWindowLongA
DestroyCursor
GetSubMenu
GrayStringA
TabbedTextOutA
LoadBitmapA
GetSysColorBrush
GetMenuStringA
CreateMenu
DrawEdge
CreatePopupMenu

gdi32

RectVisible
PatBlt
TextOutA
ExtTextOutA
Escape
PtVisible
GetStockObject
CreateFontA
SetBkColor
CreateBitmap
GetObjectA
GetPixel
SetPixel
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
CreatePen
GetDeviceCaps
GetBkMode

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegEnumKeyExA

shell32

SHFileOperationA
ShellExecuteA
ShellExecuteExA

comctl32

ImageList_GetImageCount
ImageList_GetIcon
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_Draw
_TrackMouseEvent

skinplusplus

ord27
ord1

winmm

PlaySoundA

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 208KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Local.htm
MainCon.ini
MyUpdate.exe
.exe windows:4 windows x86 arch:x86

f3f54229ba80b29626a635e6f6549888

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpQueryInfoA
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetGetConnectedState
InternetReadFile

winmm

timeGetTime
PlaySoundA

mfc42

ord536
ord2452
ord2753
ord1195
ord5440
ord6383
ord5450
ord6394
ord2575
ord5290
ord5277
ord3402
ord6055
ord4078
ord1776
ord4396
ord5241
ord2385
ord5163
ord6374
ord4353
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3574
ord609
ord567
ord4275
ord2379
ord5053
ord4774
ord5981
ord6270
ord2448
ord5710
ord6929
ord6927
ord665
ord3790
ord354
ord2044
ord2818
ord5834
ord5265
ord5856
ord4998
ord4710
ord2514
ord6052
ord1775
ord4407
ord5280
ord4425
ord3597
ord324
ord641
ord4234
ord4224
ord4673
ord1168
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord692
ord818
ord1768
ord6215
ord1651
ord2621
ord1134
ord1199
ord1247
ord2725
ord1200
ord1105
ord348
ord2393
ord690
ord5207
ord389
ord4204
ord541
ord801
ord3584
ord543
ord803
ord6883
ord6143
ord5953
ord2652
ord1669
ord1771
ord6366
ord2413
ord2024
ord4219
ord2581
ord4401
ord3639
ord2135
ord2301
ord2302
ord2642
ord3092
ord1576
ord470
ord6334
ord4853
ord5861
ord1871
ord1949
ord4202
ord2764
ord537
ord1621
ord4297
ord4133
ord5787
ord941
ord940
ord939
ord2919
ord5572
ord1146
ord1644
ord554
ord2120
ord4163
ord2012
ord2920
ord807
ord5860
ord2408
ord2096
ord1175
ord2864
ord2405
ord5785
ord323
ord1640
ord6194
ord640
ord3596
ord5864
ord6061
ord5571
ord5579
ord5736
ord5678
ord5794
ord5789
ord5873
ord6172
ord6021
ord6189
ord4330
ord6186
ord5756
ord6192
ord5759
ord2971
ord3619
ord1641
ord858
ord2614
ord5788
ord2567
ord2414
ord5683
ord4277
ord2763
ord4129
ord5875
ord3626
ord3693
ord3573
ord3571
ord2859
ord5606
ord2863
ord4083
ord6142
ord823
ord2438
ord3663
ord3654
ord2584
ord4220
ord1862
ord825
ord500
ord3701
ord772
ord540
ord1574
ord860
ord535
ord800
ord1099
ord686
ord384
ord755

msvcrt

__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_initterm
_setmbcp
free
malloc
__CxxFrameHandler
wcscpy
wcslen
_ftol
memmove
_mbscmp
exit
strrchr
__p___argc
fflush
fclose
sprintf
fwrite
fopen
_mbsicmp
__p___argv
atol
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
_acmdln
__getmainargs
_controlfp

kernel32

lstrlenA
CreateToolhelp32Snapshot
GetVersionExA
lstrlenW
GetModuleHandleA
GetStartupInfoA
GetCPInfo
GetACP
LockResource
LoadResource
FindResourceA
lstrcmpiA
CloseHandle
Sleep
GetModuleFileNameA
WaitForSingleObject
SetEvent
WaitForMultipleObjects
CreateProcessA
TerminateProcess
OpenProcess
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CopyFileA
WinExec
GetCurrentProcessId
GetProcAddress
LoadLibraryA
Module32Next
Process32Next
Module32First
GetPriorityClass
Process32First
FreeLibrary
GetVersion

user32

IsWindow
SetForegroundWindow
GetCursorPos
SetMenuDefaultItem
UpdateWindow
SendDlgItemMessageA
SetDlgItemTextA
FindWindowA
PeekMessageA
PostQuitMessage
EnableWindow
GetClientRect
GetWindowRect
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
KillTimer
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
SendMessageA
GetSubMenu
GrayStringA
TabbedTextOutA
LoadBitmapA
GetSysColorBrush
GetMenuStringA
CreateMenu
CreatePopupMenu
GetMenuItemID
GetMenuState
IsIconic
DrawIcon
SetWindowPos
ModifyMenuA
GetMenuItemCount
AppendMenuA
GetSystemMetrics
GetDesktopWindow
GetDC
DrawTextA
SetTimer
LoadIconA
InvalidateRect
ReleaseDC
DrawIconEx
DestroyIcon
SystemParametersInfoA
GetSysColor
CopyRect
FillRect
DrawEdge
SetRect
GetMenuItemInfoA
MessageBoxA

gdi32

GetStockObject
Escape
ExtTextOutA
TextOutA
PatBlt
RectVisible
PtVisible
GetObjectA
GetPixel
SetPixel
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
CreatePen
GetBkMode
GetDeviceCaps

advapi32

RegSetValueExA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHGetSpecialFolderPathA
Shell_NotifyIconA
ShellExecuteExA

comctl32

ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_GetIcon
ImageList_GetImageCount
_TrackMouseEvent
ImageList_Draw

skinplusplus

ord1
ord32

msvcirt

?endl@@YAAAVostream@@AAV1@@Z
_mtlock
?get@istream@@IAEAAV1@PADHH@Z
_mtunlock
??0ofstream@@QAE@XZ
?open@ofstream@@QAEXPBDHH@Z
??6ostream@@QAEAAV0@PBD@Z
??6ostream@@QAEAAV0@E@Z
??_Difstream@@QAEXXZ
?close@ofstream@@QAEXXZ
??1ofstream@@UAE@XZ
??_Dofstream@@QAEXXZ
??0ifstream@@QAE@XZ
?openprot@filebuf@@2HB
?open@ifstream@@QAEXPBDHH@Z
??1ifstream@@UAE@XZ
??1ios@@UAE@XZ
?close@ifstream@@QAEXXZ

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
NewVersion.ini
.html
RegistryDoctor.exe
.exe windows:4 windows x86 arch:x86

7d55229946e36f591c9617a260e313ad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord4202
ord5856
ord536
ord2452
ord2753
ord1195
ord472
ord5440
ord6383
ord5450
ord6394
ord2575
ord5290
ord5277
ord3402
ord6055
ord4078
ord1776
ord4396
ord5241
ord2385
ord5163
ord6374
ord4353
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3574
ord809
ord609
ord556
ord567
ord4275
ord4284
ord2379
ord5053
ord4774
ord5981
ord6270
ord3874
ord613
ord6880
ord289
ord2122
ord283
ord5861
ord2818
ord6143
ord922
ord923
ord1771
ord6366
ord2413
ord2024
ord4219
ord2581
ord4401
ord3639
ord5265
ord4376
ord4998
ord2514
ord6052
ord1775
ord4407
ord5280
ord4425
ord5873
ord692
ord801
ord641
ord541
ord324
ord2302
ord4234
ord5953
ord6199
ord4710
ord4853
ord4224
ord2448
ord5710
ord6929
ord6927
ord665
ord3790
ord354
ord2044
ord2764
ord3721
ord795
ord818
ord1768
ord2642
ord4299
ord924
ord6215
ord1168
ord6883
ord926
ord4278
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord693
ord2621
ord1134
ord2725
ord4204
ord6648
ord1200
ord6907
ord5608
ord3092
ord1576
ord3301
ord6675
ord2582
ord4402
ord3370
ord3640
ord2135
ord1105
ord755
ord470
ord2862
ord3996
ord3998
ord2652
ord1669
ord3337
ord3811
ord1949
ord6172
ord6021
ord6189
ord4330
ord6186
ord5756
ord6192
ord5759
ord2971
ord3619
ord1641
ord858
ord2614
ord5788
ord2567
ord2414
ord5683
ord4277
ord2763
ord4129
ord5875
ord3626
ord3693
ord3573
ord3571
ord2859
ord5606
ord2863
ord4083
ord6142
ord823
ord2438
ord3663
ord3654
ord2584
ord4220
ord1862
ord825
ord500
ord3701
ord537
ord1621
ord4297
ord4133
ord5787
ord941
ord940
ord939
ord2919
ord5572
ord1146
ord1644
ord554
ord2120
ord4163
ord2012
ord2920
ord807
ord5860
ord2408
ord2096
ord1175
ord2864
ord2405
ord5785
ord323
ord1640
ord6194
ord640
ord3596
ord5864
ord6061
ord5571
ord5579
ord5736
ord5678
ord5794
ord5834
ord5789
ord772
ord540
ord1574
ord860
ord535
ord800
ord1099
ord686
ord384
ord3597
ord6888

msvcrt

__p__commode
_setmbcp
free
malloc
__CxxFrameHandler
wcscpy
wcslen
_ftol
memmove
_mbscmp
_mbsnbcpy
sprintf
strrchr
fclose
fprintf
fopen
exit
_mbsicmp
strchr
__p___argv
__p___argc
__dllonexit
_onexit
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__fmode
__set_app_type
_except_handler3
_controlfp
_strlwr

kernel32

GetModuleHandleA
Sleep
CopyFileA
CreateDirectoryA
TerminateThread
GetWindowsDirectoryA
WinExec
GetSystemDirectoryA
GetModuleFileNameA
GetCurrentDirectoryA
GetProcessHeap
HeapAlloc
SetCurrentDirectoryA
RemoveDirectoryA
SetFileAttributesA
DeleteFileA
HeapFree
FindFirstFileA
FindNextFileA
FindClose
lstrcmpiA
FindResourceA
LoadResource
LockResource
GetACP
GetCPInfo
lstrlenW
lstrlenA
GetVersion
GetVersionExA
GetStartupInfoA

user32

DestroyIcon
SystemParametersInfoA
GetSysColor
GetSubMenu
SetTimer
DrawEdge
SetRect
GetMenuItemInfoA
LoadIconA
DestroyCursor
MessageBoxA
SetForegroundWindow
IsWindowVisible
DrawIconEx
IsWindow
EnableWindow
FrameRect
LoadImageA
GetIconInfo
CreateIconIndirect
DrawStateA
OffsetRect
GetClientRect
InflateRect
DrawFocusRect
GetWindowRect
PostMessageA
ClientToScreen
WindowFromPoint
ReleaseDC
DrawTextA
GetActiveWindow
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
SendMessageA
GetWindowLongA
KillTimer
IsIconic
DrawIcon
RegisterHotKey
SetWindowPos
FillRect
GrayStringA
TabbedTextOutA
LoadBitmapA
GetSysColorBrush
GetMenuStringA
CreateMenu
CreatePopupMenu
GetMenuItemID
GetMenuState
ModifyMenuA
GetMenuItemCount
AppendMenuA
GetSystemMetrics
GetDesktopWindow
CopyRect
GetDC

gdi32

PatBlt
TextOutA
ExtTextOutA
Escape
RectVisible
GetStockObject
CreateFontA
SetBkColor
CreateBitmap
PtVisible
GetObjectA
GetPixel
SetPixel
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
CreatePen
GetDeviceCaps
GetBkMode

advapi32

RegQueryInfoKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegCloseKey
RegEnumValueA
RegEnumKeyExA

shell32

ShellExecuteA
ShellExecuteExA

comctl32

ImageList_GetImageCount
ImageList_GetIcon
ImageList_AddMasked
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_Draw

skinplusplus

ord27
ord1
ord32

winmm

PlaySoundA

msvcirt

_mtlock
_mtunlock
??0ofstream@@QAE@XZ
?open@ofstream@@QAEXPBDHH@Z
??6ostream@@QAEAAV0@PBD@Z
??6ostream@@QAEAAV0@E@Z
?endl@@YAAAVostream@@AAV1@@Z
?close@ofstream@@QAEXXZ
??1ofstream@@UAE@XZ
??_Dofstream@@QAEXXZ
??0ifstream@@QAE@XZ
?openprot@filebuf@@2HB
?open@ifstream@@QAEXPBDHH@Z
??1ifstream@@UAE@XZ
??1ios@@UAE@XZ
?close@ifstream@@QAEXXZ
??_Difstream@@QAEXXZ
?get@istream@@IAEAAV1@PADHH@Z

Sections

.text
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RegistryDoctor.ini
Resource.ini
Skin.ssk
SkinPlusPlus.dll
.dll windows:4 windows x86 arch:x86

598ae977394a6b93fbf9769d688859f0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord2725
ord3953
ord823
ord641
ord2513
ord293
ord800
ord537
ord665
ord1979
ord6385
ord353
ord3573
ord540
ord6194
ord6170
ord5781
ord2753
ord2567
ord3920
ord2713
ord2243
ord4129
ord2763
ord2919
ord2380
ord4023
ord809
ord556
ord5875
ord4297
ord4133
ord5787
ord5788
ord3693
ord2864
ord2860
ord1644
ord2455
ord2438
ord3654
ord2584
ord4220
ord1270
ord2859
ord3706
ord5590
ord3643
ord4185
ord696
ord394
ord909
ord5628
ord3435
ord2452
ord922
ord924
ord3790
ord939
ord5710
ord858
ord2044
ord5834
ord6394
ord6383
ord5440
ord5450
ord535
ord2714
ord3596
ord3663
ord1116
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord826
ord269
ord941
ord860
ord5572
ord2915
ord3626
ord2764
ord5442
ord3619
ord1641
ord3571
ord640
ord2405
ord2754
ord5785
ord1640
ord323
ord4204
ord861
ord2450
ord2448
ord2841
ord2818
ord2107
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord6172
ord5873
ord5789
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord2414

msvcrt

__CxxFrameHandler
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
_onexit
__dllonexit
_EH_prolog
_CxxThrowException
getc
fputc
fflush
toupper
_except_handler3
fseek
ftell
fread
fopen
fwrite
realloc
strncpy
_mbsstr
_mbsnbcpy
gmtime
strstr
calloc
memchr
fclose
strchr
ceil
floor
malloc
free
sprintf
_purecall
atoi
memmove
_mbscmp
_mbsicmp
_ftol
__RTDynamicCast

kernel32

LocalAlloc
LocalFree
WaitForSingleObject
ReleaseMutex
CreateMutexA
FlushInstructionCache
VirtualProtect
SetLastError
UnmapViewOfFile
WriteFile
SetFileTime
CreateDirectoryA
lstrcpyA
DosDateTimeToFileTime
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetFileType
SetFilePointer
MulDiv
GetVersionExA
Sleep
ExitThread
TerminateThread
CloseHandle
CreateThread
lstrcmpA
lstrlenA
lstrcmpiA
GetCurrentThreadId
lstrlenW
WideCharToMultiByte
GetVersion
GetProcAddress
FindFirstFileA
FindClose
DeleteFileA
GetTempPathA
GetModuleHandleA
GetModuleFileNameA
FindResourceA
LoadResource
SizeofResource
GlobalAlloc
GlobalLock
LockResource
GlobalUnlock
GlobalFree
LoadLibraryA

user32

DeferWindowPos
EndDeferWindowPos
BeginDeferWindowPos
EqualRect
RegisterClassExA
IsZoomed
IsIconic
GetWindowInfo
ShowWindow
SetActiveWindow
EnableWindow
DestroyWindow
SetWindowTextA
GetMenuState
GetMenuItemRect
MenuItemFromPoint
GetMenuDefaultItem
GetMenuCheckMarkDimensions
DestroyMenu
SystemParametersInfoA
UnionRect
GetForegroundWindow
GetSystemMenu
DestroyIcon
GetMessagePos
KillTimer
SetTimer
IntersectRect
MoveWindow
SetCursor
LoadCursorA
ReleaseCapture
GetFocus
SetFocus
SetCapture
GetAsyncKeyState
CreateIconIndirect
SetRect
SendMessageTimeoutA
DrawIconEx
IsMenu
CreatePopupMenu
GetMenuItemID
AppendMenuA
SetMenuItemInfoA
SetWindowRgn
UpdateWindow
IsWindowVisible
GetCapture
GetMenuStringA
SetWindowPos
ClientToScreen
MapWindowPoints
GetMenuItemCount
GetMenuItemInfoA
SetRectEmpty
LoadImageA
LoadCursorFromFileA
CallNextHookEx
GetWindowRect
IsWindowEnabled
GrayStringA
TabbedTextOutA
GetDlgCtrlID
InvalidateRect
IsRectEmpty
SetClassLongA
FindWindowExA
GetDlgItem
GetWindowTextA
PostMessageA
SetWindowsHookExA
UnhookWindowsHookEx
ScreenToClient
GetClientRect
RemovePropA
GetParent
ShowScrollBar
LockWindowUpdate
GetDesktopWindow
SetPropA
GetClassNameA
WindowFromDC
DrawStateA
DrawFocusRect
DefWindowProcA
GetCursorPos
IsWindow
GetPropA
PtInRect
InflateRect
LoadBitmapA
CallWindowProcA
EndPaint
BeginPaint
GetSubMenu
CheckMenuItem
DrawEdge
ModifyMenuW
ModifyMenuA
CreateWindowExA
ReleaseDC
GetWindowDC
GetDC
FillRect
SetMenu
GetMenu
DrawTextW
TrackPopupMenuEx
TrackPopupMenu
RemoveMenu
EnableMenuItem
InsertMenuW
InsertMenuA
InsertMenuItemW
InsertMenuItemA
DeleteMenu
DrawFrameControl
GetClassLongA
GetSysColor
SetScrollRange
SetScrollPos
SetScrollInfo
GetScrollRange
SetWindowLongA
GetWindowLongA
GetScrollPos
GetScrollInfo
EnableScrollBar
CopyRect
OffsetRect
DrawTextA
MessageBoxA
SendMessageA
RedrawWindow
GetSystemMetrics
GetWindow

gdi32

ExtTextOutA
Rectangle
BitBlt
SetBkColor
CreatePen
PatBlt
CreateCompatibleDC
DeleteDC
ExcludeClipRect
CreateCompatibleBitmap
DeleteObject
CreateSolidBrush
GetPixel
GetClipBox
PtVisible
RectVisible
Escape
GetObjectA
GetStockObject
CombineRgn
GetTextExtentPointW
StretchBlt
SetStretchBltMode
CreateBitmap
SetPixelV
CreateDIBSection
ExtCreateRegion
GetDIBits
CreateICA
GetDeviceCaps
SetPixel
RoundRect
OffsetRgn
GetRegionData
CreateRectRgn
GetNearestColor
CreateDIBitmap
RealizePalette
SetDIBitsToDevice
ExtSelectClipRgn
StretchDIBits
RestoreDC
SelectClipRgn
SaveDC
GetCharWidthA
CreateFontA
SetRectRgn
PlgBlt
SetBoundsRect
GetCurrentObject
GetTextColor
GetBkMode
GetBkColor
GetTextExtentPointA
SetTextAlign
GetWindowOrgEx
GetTextExtentPoint32A
GetViewportOrgEx
SetViewportOrgEx
TextOutA
SetBkMode
CreateFontIndirectA
SetTextColor
CreateRectRgnIndirect
SelectObject

comdlg32

GetOpenFileNameA

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA

comctl32

ImageList_Destroy
ImageList_Draw
ImageList_GetImageInfo
ImageList_Duplicate
_TrackMouseEvent
ImageList_GetIcon
ImageList_GetIconSize

msvcp60

??1_Lockit@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADXZ
?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
??0_Lockit@std@@QAE@XZ

winmm

sndPlaySoundA

Exports

Exports

sppColorize
sppDrawSkinBitmap
sppDrawSkinImage
sppExitSkin
sppGetDefaultSysColor
sppGetFreeWindowID
sppGetHookAPI
sppGetHookAPIStyle
sppGetSkinResFile
sppGetSkinSysColor
sppGetSystemMetrics
sppGetWindowResID
sppInitializeSkin
sppLoadSkin
sppLoadSkinFromRes
sppModifyHookAPIStyle
sppRemoveSkin
sppRemoveSkinHwnd
sppSelectSkin
sppSetButtonTooltip
sppSetCustSysBtnStatus
sppSetCustSysBtnVisible
sppSetCustomDraw
sppSetDialogBkClipRgn
sppSetDialogEraseBkgnd
sppSetFreeWindowID
sppSetHookAPI
sppSetHookMessage
sppSetListHeaderSortInfo
sppSetNoSkinHwnd
sppSetRedraw
sppSetRgnEnable
sppSetSkinHwnd
sppSetTabCtrlItemsStatus
sppSetTabCtrlPosition
sppSetWindowResID
sppTakeoutSysMenu
sppValidateDevTools

Sections

.text
Size: 528KB - Virtual size: 527KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TrackClean.exe
.exe windows:4 windows x86 arch:x86

e4a130f42319f84ce62c99ec1fa44c45

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

DeleteUrlCacheEntry
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
FindCloseUrlCache

shell32

SHEmptyRecycleBinA
ShellExecuteA
ShellExecuteExA
SHFileOperationA

mfc42

ord2864
ord1175
ord2096
ord2408
ord5860
ord807
ord2920
ord2012
ord4163
ord2120
ord554
ord1644
ord1146
ord5572
ord2919
ord939
ord940
ord941
ord5787
ord4133
ord4297
ord1621
ord537
ord2764
ord4202
ord5856
ord536
ord2452
ord2753
ord1195
ord472
ord5440
ord6383
ord5450
ord6394
ord2575
ord5290
ord5277
ord3402
ord6055
ord4078
ord1776
ord4396
ord5241
ord2385
ord5163
ord6374
ord4353
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3574
ord809
ord609
ord556
ord1641
ord4275
ord4284
ord2379
ord5053
ord4774
ord5981
ord6270
ord3874
ord613
ord6880
ord289
ord2122
ord283
ord801
ord6143
ord541
ord6883
ord2405
ord4376
ord4853
ord4998
ord2514
ord6052
ord1775
ord4407
ord5280
ord4425
ord3597
ord641
ord324
ord2301
ord4234
ord6334
ord5953
ord4710
ord2818
ord2448
ord5710
ord6929
ord6927
ord665
ord3790
ord354
ord2044
ord5834
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord1576
ord815
ord818
ord795
ord5943
ord2621
ord1134
ord2725
ord3721
ord1168
ord2135
ord2302
ord1768
ord6199
ord4299
ord6215
ord2086
ord755
ord470
ord4224
ord1949
ord858
ord2614
ord5788
ord2567
ord2414
ord5683
ord4277
ord2763
ord4129
ord5875
ord3626
ord3693
ord3573
ord3571
ord2859
ord5606
ord2863
ord4083
ord6142
ord823
ord2438
ord3663
ord3654
ord2584
ord4220
ord1862
ord825
ord500
ord3701
ord772
ord540
ord1574
ord860
ord535
ord5785
ord323
ord1640
ord6194
ord640
ord3619
ord3596
ord5864
ord6061
ord5571
ord5579
ord5736
ord5678
ord5794
ord5789
ord5873
ord6172
ord6021
ord6189
ord4330
ord6186
ord5756
ord6192
ord5759
ord5265
ord2971
ord800
ord1099
ord686
ord384
ord567
ord561

msvcrt

_setmbcp
free
malloc
__CxxFrameHandler
wcscpy
wcslen
_ftol
memmove
_mbscmp
_mbsnbcpy
sprintf
strrchr
__p___argc
__p___argv
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_adjust_fdiv

kernel32

GetLastError
WinExec
GetModuleHandleA
GetModuleFileNameA
FindFirstFileA
FindNextFileA
FindClose
SetFileAttributesA
DeleteFileA
GetTempPathA
lstrcmpiA
FindResourceA
LoadResource
LockResource
GetACP
GetCPInfo
lstrlenW
lstrlenA
GetVersion
GetVersionExA
GetStartupInfoA

user32

KillTimer
AnimateWindow
SetTimer
OpenClipboard
EmptyClipboard
CloseClipboard
SystemParametersInfoA
EnableWindow
FrameRect
LoadImageA
GetIconInfo
CreateIconIndirect
DrawStateA
OffsetRect
GetClientRect
InflateRect
DrawFocusRect
GetWindowRect
PostMessageA
ClientToScreen
WindowFromPoint
GetMenuItemInfoA
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
SendMessageA
GetWindowLongA
DestroyCursor
GetSubMenu
GrayStringA
SetRect
DrawEdge
FillRect
CopyRect
GetSysColor
TabbedTextOutA
LoadBitmapA
GetSysColorBrush
GetMenuStringA
CreateMenu
CreatePopupMenu
GetMenuItemID
GetMenuState
ModifyMenuA
IsIconic
DrawIcon
LoadIconA
GetActiveWindow
GetMenuItemCount
AppendMenuA
GetSystemMetrics
GetDesktopWindow
GetDC
DrawTextA
ReleaseDC
DrawIconEx
DestroyIcon
SetWindowPos

gdi32

GetTextExtentPoint32A
Ellipse
DeleteDC
DeleteObject
SelectObject
CreateDIBSection
GetTextExtentPoint32W
RectVisible
SetPixel
GetPixel
CreateCompatibleBitmap
TextOutA
ExtTextOutA
PatBlt
Escape
GetStockObject
CreateFontA
SetBkColor
CreateBitmap
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
CreatePen
GetObjectA
PtVisible
GetDeviceCaps
GetBkMode

advapi32

RegEnumKeyExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegEnumValueA

comctl32

ImageList_Draw
_TrackMouseEvent
ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_GetIcon
ImageList_GetImageCount

ole32

CoInitialize
CoCreateInstance
CoUninitialize

skinplusplus

ord1
ord27

winmm

PlaySoundA

msvcirt

??0ifstream@@QAE@XZ
?openprot@filebuf@@2HB
?open@ifstream@@QAEXPBDHH@Z
??1ifstream@@UAE@XZ
??1ios@@UAE@XZ
?close@ifstream@@QAEXXZ
??_Difstream@@QAEXXZ
_mtunlock
?get@istream@@IAEAAV1@PADHH@Z
_mtlock

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TrackClean.ini
Unzip.exe
.exe windows:4 windows x86 arch:x86

e791bd94ae9d9fa3ba03d79cea7f12fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord858
ord2621
ord1134
ord4698
ord1168
ord4234
ord2379
ord755
ord470
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord540
ord2818
ord535
ord800
ord4673
ord1576

msvcrt

exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_exit
_onexit
__dllonexit
calloc
fclose
fseek
ftell
fwrite
fread
fopen
malloc
_strdup
free
_splitpath
sprintf
__CxxFrameHandler
strrchr
_setmbcp
_XcptFilter

kernel32

GetModuleFileNameA
GetFileAttributesA
lstrcmpiA
lstrlenA
CloseHandle
WriteFile
CreateFileA
lstrcatA
CreateDirectoryA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetFileTime
GetModuleHandleA
GetStartupInfoA
lstrcpyA

user32

DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
SendMessageA

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
UpdateInfo.INI
UpdateUrl.ini
VistaKBClr.exe
.exe windows:4 windows x86 arch:x86

337d802628dfabc395d96c59f3d2ce3a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord554
ord1644
ord1146
ord5572
ord2919
ord939
ord940
ord941
ord5787
ord4133
ord4297
ord1621
ord537
ord2764
ord4202
ord5856
ord536
ord2452
ord2753
ord1195
ord472
ord5440
ord6383
ord5450
ord6394
ord2575
ord5290
ord5277
ord3402
ord6055
ord4078
ord1776
ord4396
ord5241
ord2385
ord5163
ord6374
ord4353
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3574
ord809
ord609
ord556
ord567
ord4275
ord4284
ord2379
ord5053
ord4774
ord5981
ord6270
ord3874
ord613
ord6880
ord289
ord2122
ord5873
ord283
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord1775
ord4407
ord5280
ord4425
ord3597
ord324
ord2120
ord4234
ord3790
ord2818
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord765
ord693
ord2621
ord1134
ord541
ord801
ord1168
ord6883
ord5861
ord922
ord923
ord3698
ord2582
ord4402
ord3370
ord3640
ord2302
ord1768
ord3996
ord2862
ord755
ord470
ord5953
ord6907
ord3998
ord6877
ord6143
ord4224
ord6888
ord6199
ord926
ord2078
ord6675
ord6172
ord6021
ord6189
ord4330
ord6186
ord5756
ord6192
ord5759
ord2971
ord3619
ord1641
ord858
ord2614
ord5788
ord2567
ord2414
ord5683
ord4277
ord2763
ord4129
ord5875
ord3626
ord3693
ord3573
ord3571
ord2859
ord5606
ord2863
ord4083
ord6142
ord823
ord2438
ord3663
ord4163
ord2012
ord2920
ord807
ord5860
ord2408
ord2096
ord1175
ord2864
ord2405
ord5785
ord323
ord1640
ord6194
ord640
ord3596
ord5864
ord6061
ord5571
ord5579
ord5736
ord5678
ord5794
ord641
ord5789
ord3654
ord2584
ord4220
ord1862
ord825
ord500
ord3701
ord772
ord540
ord1574
ord860
ord535
ord800
ord1099
ord686
ord384
ord1576

msvcrt

_setmbcp
free
malloc
__CxxFrameHandler
wcscpy
wcslen
_ftol
memmove
_mbscmp
_mbsnbcpy
sprintf
strrchr
fclose
fprintf
fopen
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

kernel32

GetModuleHandleA
Sleep
DeleteFileA
GetCurrentDirectoryA
GetProcessHeap
HeapAlloc
SetCurrentDirectoryA
HeapFree
GetWindowsDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetModuleFileNameA
lstrcmpiA
FindResourceA
LoadResource
LockResource
GetACP
GetCPInfo
lstrlenW
lstrlenA
GetVersion
GetVersionExA
GetStartupInfoA

user32

GetMenuItemInfoA
DrawIconEx
ReleaseDC
DrawTextA
GetDC
GetDesktopWindow
GetSystemMetrics
AppendMenuA
GetMenuItemCount
KillTimer
IsIconic
DrawIcon
SetWindowPos
SetTimer
LoadIconA
SetRect
PostQuitMessage
EnableWindow
FrameRect
LoadImageA
GetIconInfo
CreateIconIndirect
DrawStateA
OffsetRect
DrawEdge
FillRect
DestroyIcon
CopyRect
GetClientRect
InflateRect
DrawFocusRect
GetWindowRect
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
GetSysColor
SystemParametersInfoA
PeekMessageA
GetMenuState
GetMenuItemID
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
SendMessageA
GetWindowLongA
DestroyCursor
GetSubMenu
GrayStringA
TabbedTextOutA
LoadBitmapA
GetSysColorBrush
GetMenuStringA
CreateMenu
CreatePopupMenu
ModifyMenuA

gdi32

RectVisible
PatBlt
TextOutA
ExtTextOutA
Escape
PtVisible
GetStockObject
CreateFontA
SetBkColor
CreateBitmap
GetObjectA
GetPixel
SetPixel
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
CreatePen
GetDeviceCaps
GetBkMode

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteExA
ShellExecuteA

comctl32

ImageList_GetImageCount
ImageList_GetIcon
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_Draw
_TrackMouseEvent

skinplusplus

ord27
ord1

winmm

PlaySoundA

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 344KB - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
WjfClean.exe
.exe windows:4 windows x86 arch:x86

165249057509573a9769bc09b5ae393f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FindCloseUrlCache
FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA
DeleteUrlCacheEntry

shlwapi

SHDeleteKeyA

shell32

ExtractIconA
SHGetSpecialFolderPathA
SHFileOperationA
ShellExecuteExA
ShellExecuteA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

mfc42

ord4129
ord2763
ord4277
ord5683
ord2414
ord2567
ord5788
ord2614
ord1641
ord3619
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord6172
ord5873
ord5789
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord640
ord6194
ord1640
ord323
ord5785
ord2405
ord2864
ord1175
ord2096
ord2408
ord5860
ord807
ord2920
ord2012
ord4163
ord2120
ord554
ord1644
ord1146
ord5572
ord2919
ord940
ord5787
ord4133
ord4297
ord1621
ord4202
ord5856
ord536
ord2452
ord2753
ord1195
ord472
ord5440
ord6383
ord5450
ord6394
ord2575
ord3402
ord4396
ord3574
ord809
ord609
ord556
ord4275
ord4284
ord2379
ord5053
ord4774
ord5981
ord6270
ord3874
ord613
ord6880
ord289
ord2122
ord4160
ord6358
ord1088
ord6197
ord283
ord3721
ord3698
ord795
ord765
ord1168
ord6199
ord2124
ord354
ord4853
ord6241
ord2582
ord4402
ord3370
ord3640
ord693
ord2862
ord6907
ord4278
ord5608
ord859
ord6675
ord926
ord2448
ord5710
ord6929
ord6927
ord3790
ord2044
ord5834
ord4219
ord2581
ord4401
ord5875
ord2642
ord2587
ord4406
ord3729
ord804
ord6215
ord2086
ord6379
ord4267
ord2301
ord3742
ord5821
ord3662
ord818
ord414
ord713
ord755
ord2754
ord470
ord2393
ord5859
ord6141
ord1768
ord2078
ord2108
ord2116
ord2152
ord1233
ord4299
ord924
ord2135
ord6785
ord3092
ord6877
ord1871
ord1949
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord1576
ord561
ord815
ord2621
ord5943
ord1134
ord2725
ord3584
ord543
ord803
ord5861
ord6648
ord1105
ord6888
ord922
ord923
ord3302
ord2652
ord1669
ord6283
ord6282
ord3998
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord4376
ord5265
ord3577
ord4424
ord3352
ord5290
ord4397
ord1776
ord6055
ord2576
ord4217
ord2024
ord2413
ord6366
ord1771
ord4644
ord4204
ord537
ord858
ord1200
ord2764
ord2818
ord535
ord3626
ord3693
ord3573
ord3571
ord2859
ord5606
ord2863
ord4083
ord6142
ord823
ord2438
ord3663
ord3654
ord2584
ord4220
ord1862
ord500
ord3701
ord772
ord1574
ord1099
ord2937
ord4224
ord547
ord3337
ord6334
ord5890
ord4710
ord5953
ord4234
ord2302
ord2370
ord692
ord825
ord324
ord384
ord567
ord641
ord686
ord3597
ord4425
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord3639
ord5277
ord541
ord540
ord6143
ord941
ord939
ord800
ord6883
ord860
ord801
ord665
ord3738

msvcrt

_strupr
_fcloseall
_setmbcp
__CxxFrameHandler
strrchr
sprintf
_mbsicmp
strchr
free
malloc
wcscpy
wcslen
_ftol
memmove
_mbscmp
_mbsnbcpy
atoi
_mbsstr
vsprintf
fread
fclose
fwrite
fopen
exit
__p___argv
atol
strstr
__p___argc
rename
remove
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__fmode
__set_app_type
_except_handler3
_controlfp
__p__commode

kernel32

GetModuleHandleA
CopyFileA
GetFileSize
TerminateThread
Sleep
GetSystemTime
SetFileAttributesA
GetLongPathNameA
GetCurrentDirectoryA
GetProcessHeap
HeapAlloc
SetCurrentDirectoryA
HeapFree
GetTempPathA
FindNextFileA
IsBadStringPtrA
CloseHandle
GetCurrentProcess
GetLastError
CreateFileA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetSystemDirectoryA
GetModuleFileNameA
DeleteFileA
lstrcatA
lstrcpyA
WinExec
GetDriveTypeA
GetDiskFreeSpaceExA
lstrcmpiA
FindResourceA
LoadResource
LockResource
GetACP
GetCPInfo
lstrlenW
lstrlenA
GetVersion
GetVersionExA
FindClose
FindFirstFileA
LoadLibraryA
GetProcAddress
FreeLibrary
GetStartupInfoA

user32

GetSysColor
CopyRect
FillRect
DrawEdge
GetMenuItemInfoA
EnableWindow
SendMessageA
GetCursorPos
wsprintfA
GetFocus
ReleaseDC
PeekMessageA
PostQuitMessage
SetForegroundWindow
IsWindowVisible
IsRectEmpty
DefWindowProcA
RegisterClassA
LoadCursorA
IsWindow
SetWindowLongA
PtInRect
ReleaseCapture
SystemParametersInfoA
SetCapture
MessageBeep
SetTimer
FindWindowA
LoadIconA
FrameRect
LoadImageA
GetIconInfo
CreateIconIndirect
DrawStateA
OffsetRect
GetClientRect
InflateRect
DrawFocusRect
GetWindowRect
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
GetWindowLongA
DestroyCursor
GetSubMenu
GrayStringA
DestroyIcon
DrawIconEx
SetDlgItemTextA
IsIconic
DrawIcon
GetSystemMenu
SetWindowPos
ExitWindowsEx
RedrawWindow
TabbedTextOutA
LoadBitmapA
GetSysColorBrush
GetMenuStringA
CreateMenu
CreatePopupMenu
KillTimer
RegisterHotKey
GetMenuItemID
GetMenuState
ModifyMenuA
GetMenuItemCount
AppendMenuA
GetSystemMetrics
GetDesktopWindow
GetDC
DrawTextA
SetRect

gdi32

PatBlt
TextOutA
ExtTextOutA
Escape
GetStockObject
CreateFontA
SetBkColor
CreateBitmap
RectVisible
Pie
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
CreatePen
DeleteDC
GetObjectA
GetPixel
SetPixel
CreateDIBSection
SelectObject
DeleteObject
PtVisible
GetDeviceCaps
GetBkMode

advapi32

GetSidIdentifierAuthority
GetSidSubAuthority
GetTokenInformation
GetLengthSid
CopySid
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegEnumValueA
GetUserNameA
RegSetKeySecurity
RegQueryInfoKeyA
RegEnumKeyA
AllocateAndInitializeSid
InitializeAcl
AddAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
RegGetKeySecurity
RegEnumKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetSidSubAuthorityCount

comctl32

ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_GetIcon
ImageList_GetImageCount
ImageList_Draw
_TrackMouseEvent

ole32

CoCreateInstance
CoInitialize
CoUninitialize

msvcirt

?endl@@YAAAVostream@@AAV1@@Z
?close@ofstream@@QAEXXZ
??1ofstream@@UAE@XZ
??_Dofstream@@QAEXXZ
??0ifstream@@QAE@XZ
?openprot@filebuf@@2HB
?open@ifstream@@QAEXPBDHH@Z
??1ifstream@@UAE@XZ
??1ios@@UAE@XZ
?close@ifstream@@QAEXXZ
??_Difstream@@QAEXXZ
??6ostream@@QAEAAV0@E@Z
??6ostream@@QAEAAV0@PBD@Z
?open@ofstream@@QAEXPBDHH@Z
??0ofstream@@QAE@XZ
_mtunlock
?get@istream@@IAEAAV1@PADHH@Z
_mtlock

skinplusplus

ord27
ord32
ord1

winmm

PlaySoundA

Sections

.text
Size: 360KB - Virtual size: 357KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 596KB - Virtual size: 594KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
WjfClean.ini
ZFilters.ini
ZeroRemover.exe
.exe windows:4 windows x86 arch:x86

c0d77bc3206364bd8b761fc0fcc8403f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5277
ord3402
ord6055
ord4078
ord1776
ord4396
ord5241
ord2385
ord5163
ord6374
ord4353
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3574
ord809
ord609
ord556
ord567
ord4275
ord4284
ord2379
ord5053
ord4774
ord5981
ord6270
ord3874
ord613
ord6880
ord289
ord2122
ord283
ord5265
ord4376
ord4998
ord2514
ord6052
ord1775
ord4407
ord5280
ord4425
ord3597
ord2582
ord4402
ord3370
ord3640
ord641
ord324
ord693
ord2302
ord4234
ord4710
ord5678
ord3998
ord4853
ord6675
ord4204
ord1105
ord3790
ord1168
ord4278
ord5861
ord924
ord922
ord5290
ord1200
ord2448
ord5710
ord6929
ord6927
ord665
ord354
ord2044
ord5834
ord6199
ord926
ord1771
ord6366
ord2413
ord2024
ord4219
ord2581
ord4401
ord3639
ord692
ord3996
ord4224
ord3698
ord765
ord6215
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord5943
ord2621
ord1134
ord5953
ord2862
ord755
ord470
ord6907
ord1768
ord2086
ord3301
ord5794
ord5789
ord5873
ord6172
ord6021
ord6189
ord4330
ord6186
ord5756
ord6192
ord5759
ord2971
ord1641
ord858
ord2614
ord5788
ord2567
ord2414
ord5683
ord4277
ord2763
ord4129
ord5875
ord3626
ord3693
ord3573
ord3571
ord2859
ord5606
ord2863
ord4083
ord6142
ord823
ord2438
ord3663
ord2575
ord6394
ord5450
ord6383
ord5440
ord472
ord1195
ord2753
ord2452
ord536
ord5856
ord4202
ord1621
ord4297
ord4133
ord5787
ord941
ord940
ord939
ord2919
ord5572
ord1146
ord1644
ord554
ord2120
ord4163
ord2012
ord2920
ord807
ord5860
ord2408
ord2096
ord2864
ord2405
ord5785
ord323
ord1640
ord6194
ord640
ord3619
ord3596
ord5864
ord6061
ord5571
ord5579
ord923
ord5736
ord3654
ord2584
ord4220
ord1862
ord500
ord3701
ord772
ord1574
ord1099
ord686
ord384
ord6143
ord2764
ord6883
ord6877
ord537
ord1175
ord860
ord3811
ord3337
ord2818
ord535
ord825
ord540
ord541
ord800
ord6888
ord801
ord1576

msvcrt

_setmbcp
__CxxFrameHandler
sprintf
free
malloc
wcscpy
wcslen
_ftol
memmove
_mbscmp
_mbsnbcpy
strrchr
fclose
fprintf
fopen
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

kernel32

GetModuleHandleA
ExitProcess
GetCurrentDirectoryA
GetProcessHeap
HeapAlloc
HeapFree
GetDriveTypeA
SetCurrentDirectoryA
GetModuleFileNameA
GetVolumeInformationA
lstrcmpiA
FindResourceA
LoadResource
LockResource
GetACP
GetCPInfo
lstrlenW
lstrlenA
GetVersion
GetVersionExA
CopyFileA
MoveFileExA
FindFirstFileA
FindNextFileA
FindClose
GetLastError
CreateDirectoryA
GetStartupInfoA

user32

GetSystemMetrics
AppendMenuA
GetMenuItemCount
ModifyMenuA
GetMenuState
GetMenuItemID
CreatePopupMenu
CreateMenu
GetMenuStringA
GetSysColorBrush
LoadBitmapA
TabbedTextOutA
GrayStringA
IsIconic
DrawIcon
UpdateWindow
GetDesktopWindow
GetDC
DrawTextA
ReleaseDC
DrawIconEx
DestroyIcon
MessageBoxA
PeekMessageA
PostQuitMessage
LoadIconA
EnableWindow
GetSubMenu
DestroyCursor
GetMenuItemInfoA
SetRect
DrawEdge
FillRect
FrameRect
LoadImageA
GetIconInfo
CreateIconIndirect
DrawStateA
OffsetRect
GetClientRect
InflateRect
DrawFocusRect
GetWindowRect
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
CopyRect
GetSysColor
SystemParametersInfoA
GetWindowLongA
SendMessageA

gdi32

ExtTextOutA
PatBlt
Escape
GetStockObject
CreateFontA
SetBkColor
CreateBitmap
TextOutA
RectVisible
PtVisible
GetObjectA
GetPixel
SetPixel
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
CreatePen
GetDeviceCaps
GetBkMode

advapi32

RegQueryInfoKeyA
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyA
RegCloseKey
RegEnumValueA

shell32

ShellExecuteA
ShellExecuteExA
SHFileOperationA

comctl32

ImageList_GetImageCount
ImageList_GetIcon
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_Draw
_TrackMouseEvent

msvcirt

?close@ifstream@@QAEXXZ
_mtlock
?get@istream@@IAEAAV1@PADHH@Z
_mtunlock
??0ofstream@@QAE@XZ
?open@ofstream@@QAEXPBDHH@Z
??6ostream@@QAEAAV0@PBD@Z
??6ostream@@QAEAAV0@E@Z
?endl@@YAAAVostream@@AAV1@@Z
?close@ofstream@@QAEXXZ
??1ofstream@@UAE@XZ
??_Dofstream@@QAEXXZ
??0ifstream@@QAE@XZ
?openprot@filebuf@@2HB
?open@ifstream@@QAEXPBDHH@Z
??1ifstream@@UAE@XZ
??1ios@@UAE@XZ
??_Difstream@@QAEXXZ

skinplusplus

ord1
ord27

winmm

PlaySoundA

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 344KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
license.TXT
uninst.exe
.exe windows:4 windows x86 arch:x86

dd1742eadfc6df18ded3c26ae64ad610

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
CloseHandle
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
ExitProcess

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/FindProcDLL.dll
.dll windows:4 windows x86 arch:x86

c480ee4d2a64d4a16edee43fdfe35079

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
OpenProcess
LoadLibraryA
CloseHandle
GetProcAddress
GetVersionExA
GlobalFree
lstrcpyA
HeapCreate
VirtualFree
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
FreeLibrary
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
DisableThreadLibraryCalls
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetACP
GetOEMCP
WriteFile
VirtualAlloc
RtlUnwind
GetStringTypeA
GetStringTypeW
GetCPInfo

user32

wsprintfA

Exports

Exports

FindProc

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp

Sharing

General

Malware Config

Signatures

Files

dd1742eadfc6df18ded3c26ae64ad610

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 60KB

.rsrc Size: 7KB - Virtual size: 6KB

711c893e4d8189fd14b6563a4e35e663

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 994B

.rdata Size: 1024B - Virtual size: 871B

.data Size: - Virtual size: 300B

.reloc Size: 512B - Virtual size: 220B

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 1012B

946eb0a1e85c9ade4acaf634eb5a64f1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 697B

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 352B

.reloc Size: 512B - Virtual size: 264B

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 60KB

.rsrc
Size: 7KB - Virtual size: 6KB

.text
Size: 1024B - Virtual size: 994B

.rdata
Size: 1024B - Virtual size: 871B

.data
Size: - Virtual size: 300B

.reloc
Size: 512B - Virtual size: 220B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 1012B

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 697B

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 352B

.reloc
Size: 512B - Virtual size: 264B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 92B

.reloc
Size: 512B - Virtual size: 496B

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 512B - Virtual size: 409B

.data
Size: 512B - Virtual size: 68B

.reloc
Size: 512B - Virtual size: 186B

.text
Size: 16KB - Virtual size: 13KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 636B

.rsrc
Size: 8KB - Virtual size: 5KB

.text
Size: 16KB - Virtual size: 13KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 120KB - Virtual size: 116KB