8a817ab1255df8eea386f2c5b8bbf62a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8a817ab1255df8eea386f2c5b8bbf62a_JaffaCakes118
Size

1.6MB
MD5

8a817ab1255df8eea386f2c5b8bbf62a
SHA1

be95759a47d8cedac6cf0dd618add2a951d6f454
SHA256

ba83b87aef7b1761fb0247b28099f46f116b34d7373ddf822835b6ea202ec8cb
SHA512

27f8de23ab7dc67446553cfe4be556ecd0cd9aab8559071c2eb237242a357d03697cd520c3fbe3a3a990b88bc913a7d4f8abbb4582f0368fec19fd6334fc2812
SSDEEP

24576:U1LMEWi7OBC5m11VxhyzdvNE9pW5rkdDhZTHdnzZSfByeXTmkZ:UtM47k11Vx4zdlEbW5yZTHn0QAmm

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 2 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/巧手即时通讯/PCEQ.exe	aspack_v212_v242
static1/unpack001/巧手即时通讯/Skin.dll	aspack_v212_v242

Unsigned PE 23 IoCs

Checks for missing Authenticode signature.

resource
unpack001/巧手即时通讯/AVMode.dll
unpack001/巧手即时通讯/BaseExternFunc.dll
unpack001/巧手即时通讯/BaseObject.dll
unpack001/巧手即时通讯/CAVSound.dll
unpack001/巧手即时通讯/CUDP.dll
unpack001/巧手即时通讯/CatshWin.dll
unpack001/巧手即时通讯/EQFace.dll
unpack001/巧手即时通讯/FUDP.dll
unpack001/巧手即时通讯/IEAction.dll
unpack001/巧手即时通讯/IEScript.dll
unpack001/巧手即时通讯/IEWin.dll
unpack001/巧手即时通讯/IeOut/OutIERunF.dll
unpack001/巧手即时通讯/ImageOle.dll
unpack001/巧手即时通讯/JpgDll.dll
unpack001/巧手即时通讯/MFFace.exe
unpack001/巧手即时通讯/MiRunWeb.dll
unpack001/巧手即时通讯/NetZip.dll
unpack001/巧手即时通讯/PCEQ.exe
unpack001/巧手即时通讯/Skin.dll
unpack001/巧手即时通讯/WebServiceDLL.dll
unpack001/巧手即时通讯/XVCClientEngine.dll
unpack001/巧手即时通讯/XVCClientRowNet.dll
unpack001/巧手即时通讯/YaShu.dll

Files

8a817ab1255df8eea386f2c5b8bbf62a_JaffaCakes118
.rar
巧手即时通讯/AVMode.dll
.dll windows:4 windows x86 arch:x86

c9afd081a2986e6fbf42b3665997223f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord1775
ord4407
ord6052
ord2514
ord5163
ord6374
ord4353
ord4078
ord4998
ord2385
ord5241
ord5280
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord3798
ord4837
ord3147
ord3259
ord4441
ord4465
ord4853
ord2985
ord4376
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4425
ord3597
ord324
ord4234
ord2379
ord3092
ord4710
ord5265
ord6197
ord825
ord2086
ord6215
ord641
ord1182
ord823
ord342
ord1253
ord3136
ord3262
ord1168
ord5277
ord2982
ord3081

msvcrt

_initterm
_onexit
__dllonexit
_CIpow
printf
_CIacos
malloc
free
_ftol
__CxxFrameHandler
_adjust_fdiv

kernel32

CreateThread
GetExitCodeThread
TerminateThread
Sleep

user32

GetDC
FillRect
GetClientRect
ShowWindow
ReleaseDC
GetWindowRect
IsWindow
EnableWindow
IsWindowVisible
GetSystemMetrics
GetMessageA
DestroyWindow
SendMessageA
PostThreadMessageA

gdi32

CreateSolidBrush
DeleteDC
DeleteObject
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
BitBlt

msvfw32

ICDecompress
ICSeqCompressFrame
ICCompressorFree
ICClose
ICSeqCompressFrameEnd
ICSendMessage
ICSeqCompressFrameStart
ICOpen
DrawDibOpen
DrawDibDraw
DrawDibClose

avicap32

capGetDriverDescriptionA
capCreateCaptureWindowA

winmm

waveInPrepareHeader
waveInUnprepareHeader
waveOutUnprepareHeader
waveOutWrite
waveOutPrepareHeader
waveInStart
waveInReset
waveInAddBuffer
waveInOpen
waveInClose
waveOutOpen
waveOutClose
waveOutReset

Exports

Exports

CenterVideo
InitNetAV
PlayAudio
PlayVideo
ShowVideo
StartAV
StartSound
StopAV

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
巧手即时通讯/BaseExternFunc.dll
.dll windows:4 windows x86 arch:x86

91a8434b64e8510f66d816a3423ddf0c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord773
ord800
ord535
ord2776
ord825
ord6883
ord501
ord541
ord2811
ord829
ord860
ord2818
ord801
ord1083
ord1182
ord823
ord1253
ord342
ord1168
ord2814
ord858
ord537

msvcrt

_initterm
__dllonexit
_onexit
_adjust_fdiv
malloc
?terminate@@YAXXZ
_except_handler3
_mbscmp
__CxxFrameHandler
free
wcslen
_CxxThrowException
??1type_info@@UAE@XZ

kernel32

LocalFree
InterlockedDecrement
WideCharToMultiByte
GetLastError

oleaut32

VariantInit
SysAllocString
SysFreeString
VariantCopy
VariantChangeType
VariantClear

Exports

Exports

??0CExternFunc@@QAE@XZ
??1CExternFunc@@UAE@XZ
??_7CExternFunc@@6B@
?AddFunc@CExternFunc@@QAEXVCString@@P6A_NPAUtagVARIANT@@AAVCStringArray@@@Z@Z
?GetFuncIDFromName@CExternFunc@@QAEHVCString@@@Z
?LoadFunc@CExternFunc@@UAEXXZ
?RunFunc@CExternFunc@@UAE_NJABU_GUID@@KGPAUtagDISPPARAMS@@PAUtagVARIANT@@PAUtagEXCEPINFO@@PAI@Z
?SetIEMain@CExternFunc@@QAEXPAVCWnd@@@Z

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
巧手即时通讯/BaseObject.dll
.dll windows:4 windows x86 arch:x86

71020c7f4cacbcc4b0ea56a44b7d5a15

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord2842
ord6139
ord1615
ord2060
ord5602
ord610
ord287
ord1168
ord1187
ord825
ord1182
ord823
ord342
ord1253
ord5857

msvcrt

_adjust_fdiv
malloc
_initterm
free
_except_handler3
__CxxFrameHandler
?terminate@@YAXXZ

kernel32

GlobalAlloc
GlobalFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
Sleep
GetTickCount
GlobalLock
InitializeCriticalSection

user32

TranslateMessage
PeekMessageA
DispatchMessageA

Exports

Exports

??0CBasePack@@QAE@ABV0@@Z
??0CBasePack@@QAE@XZ
??0XVarArray@@QAE@AAV0@@Z
??0XVarArray@@QAE@XZ
??1CBasePack@@UAE@XZ
??1XVarArray@@UAE@XZ
??4CBasePack@@QAEAAV0@ABV0@@Z
??4XVarArray@@QAEAAV0@AAV0@@Z
??_7CBasePack@@6B@
??_7XVarArray@@6B@
?AddBuffer@CBasePack@@QAE_NPAEH@Z
?AddRealByte@XVarArray@@QAE_NE@Z
?AddRealBytes@XVarArray@@QAEXPAEH@Z
?AttachBytes@XVarArray@@SA_NPAEHAAV?$CArray@VXVarArray@@AAV1@@@@Z
?ClearArray@XVarArray@@QAEXXZ
?Copy@XVarArray@@QAEXAAV1@@Z
?CopyBuffer@CBasePack@@QAE_NPAEH@Z
?DelEnd@XVarArray@@QAEXXZ
?DisPlay@XVarArray@@QAEXXZ
?GetElementCount@XVarArray@@QAEHXZ
?GetFrameNum@CBasePack@@QAEHXZ
?GetVarArrayBufSize@XVarArray@@QAEHXZ
?GetVarArrayBuffer@XVarArray@@QAEXPAEAAH@Z
?GetXVarBuffer@XVarArray@@QAE_NPAEAAH@Z
?PackGetOneApp@CBasePack@@QAEHPAEAAHPAD@Z
?PackGetOneShareObject@CBasePack@@QAEHPAEAAHPAD2_N@Z
?PackRetOneApp@CBasePack@@QAEHPAEHPAD_N@Z
?PackRetOneShareObject@CBasePack@@QAEHPAEHPAD1_N@Z
?PackRetRunFunc@CBasePack@@QAEHPAEHPAD1_N1AAVXVarArray@@@Z
?PackRetSetXEvent@CBasePack@@QAEHPAEHPAD1_N1@Z
?PackRunFunc@CBasePack@@QAEHPAEAAHPAD2_N2AAVXVarArray@@@Z
?PackSetXEvent@CBasePack@@QAEHPAEAAHPAD2_N2@Z
?PackSoarkEvent@CBasePack@@QAEHPAEAAHPAD2H2AAVXVarArray@@@Z
?ReadBytes@XVarArray@@QAE_NPAEAAH@Z
?ReadElement@XVarArray@@QAE_NPAXAAEAAH@Z
?ReadFloat@XVarArray@@QAE_NAAM@Z
?ReadInt64@XVarArray@@QAE_NAA_J@Z
?ReadInt@XVarArray@@QAE_NAAH@Z
?ReadObj@XVarArray@@QAE_NPAXAAH@Z
?ReadStr@XVarArray@@QAE_NPADAAH@Z
?RealRealBytes@XVarArray@@QAE_NPAEAAH@Z
?RemoveElementAt@XVarArray@@QAE_NH@Z
?SetOrderElementPos@XVarArray@@QAE_NH@Z
?SetRealPos@XVarArray@@QAEXH@Z
?SetRealPosBegin@XVarArray@@QAEXXZ
?SetRealPosEnd@XVarArray@@QAEXXZ
?ShowMe@XVarArray@@QAEXXZ
?UnPack@CBasePack@@QAE_NAAU_BASE_COM_HEAD@@AAV?$CArray@VXVarArray@@AAV1@@@AA_N@Z
?WaitFor@CBasePack@@QAEXH@Z
?WriteBytes@XVarArray@@QAEXPAEH@Z
?WriteBytesBAK@XVarArray@@QAEXPAEH@Z
?WriteEnd@XVarArray@@QAEXXZ
?WriteFloat@XVarArray@@QAEXM@Z
?WriteFloatBAK@XVarArray@@QAEXM@Z
?WriteInt64@XVarArray@@QAEX_J@Z
?WriteInt64BAK@XVarArray@@QAEX_J@Z
?WriteInt@XVarArray@@QAEXH@Z
?WriteIntBAK@XVarArray@@QAEXH@Z
?WriteObj@XVarArray@@QAEXPAXH@Z
?WriteObjBAK@XVarArray@@QAEXPAXH@Z
?WriteStr@XVarArray@@QAEXPAD@Z
?WriteStrBAK@XVarArray@@QAEXPAD@Z

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
巧手即时通讯/CAVSound.dll
.dll windows:4 windows x86 arch:x86

81b221e27015a8d44d66a10d9c3a4e3c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord1105
ord773
ord501
ord825
ord5621
ord1168
ord5607
ord2776
ord1083
ord823
ord342
ord1182
ord1253

msvcrt

sprintf
free
_initterm
__CxxFrameHandler
malloc
_adjust_fdiv
_onexit
__dllonexit
atoi

kernel32

CreateEventA
WaitForSingleObject
ResetEvent
Sleep
GetTickCount
EnterCriticalSection
SetEvent
LeaveCriticalSection
InitializeCriticalSection

ws2_32

htons
inet_addr

cudp

?SendBuffer@CUdpSocket@@QAE_NPAEKPAUsockaddr@@@Z
?InitUDP@CUdpSocket@@QAE_NAAHP6GXPAEKPAUsockaddr@@PAX@Z3@Z
??0CUdpSocket@@QAE@XZ
??1CUdpSocket@@UAE@XZ

avmode

ShowVideo
CenterVideo
InitNetAV
StopAV
StartSound
StartAV
PlayAudio
PlayVideo

Exports

Exports

AskMedia
CenterNetVideo
CloseMedia
InitMediaNet
InitMediaWin
ShowNetVideo

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
巧手即时通讯/CUDP.dll
.dll windows:4 windows x86 arch:x86

62debf660fd9de7535c494942bcf80a2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord3584
ord823
ord825
ord543
ord1182
ord803
ord1105
ord1253
ord1168
ord342

msvcrt

_adjust_fdiv
malloc
_initterm
free
?terminate@@YAXXZ
_except_handler3

kernel32

DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CloseHandle
InitializeCriticalSection
WaitForMultipleObjects
WaitForSingleObject

ws2_32

WSAStartup
WSACreateEvent
WSACleanup
WSACloseEvent
setsockopt
bind
htons
htonl
WSASocketA
WSAGetOverlappedResult
WSAGetLastError
WSASendTo
WSAResetEvent
WSARecvFrom

Exports

Exports

??0CUdpSocket@@QAE@XZ
??1CUdpSocket@@UAE@XZ
??_7CUdpSocket@@6B@
?InitUDP@CUdpSocket@@QAE_NAAHP6GXPAEKPAUsockaddr@@PAX@Z3@Z
?RecvRequest@CUdpSocket@@QAE_NPAEAAKPAUsockaddr@@@Z
?RecvThread@CUdpSocket@@SAIPAX@Z
?SendBuffer@CUdpSocket@@QAE_NPAEKPAUsockaddr@@@Z

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
巧手即时通讯/CatshWin.dll
.dll windows:4 windows x86 arch:x86

98dd217a89fed0a4e7bb3d65484955d0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4425
ord3597
ord3706
ord3573
ord641
ord1641
ord2860
ord1146
ord1168
ord324
ord825
ord3663
ord3626
ord2414
ord2302
ord4234
ord4299
ord6197
ord6380
ord4710
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord6172
ord5873
ord5789
ord5794
ord5678
ord5736
ord5579
ord5571
ord2446
ord5864
ord3596
ord640
ord2379
ord2564
ord3817
ord2405
ord5785
ord6194
ord1640
ord323
ord755
ord470
ord4376
ord6267
ord3911
ord4853
ord5926
ord2859
ord613
ord800
ord6199
ord939
ord860
ord2818
ord540
ord289
ord3619
ord537
ord5875
ord2243
ord472
ord5280
ord3571
ord1253
ord342
ord823
ord1182
ord6055
ord1776
ord5290
ord4424
ord3610
ord567
ord656
ord4275
ord2593
ord3223
ord3221
ord4386
ord1093
ord2042
ord777
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord6061
ord5265

msvcrt

free
_initterm
malloc
_adjust_fdiv
__CxxFrameHandler

user32

HideCaret
LoadBitmapA
SetClipboardData
CloseClipboard
SetCursor
PostQuitMessage
IsIconic
EnableWindow
DrawIcon
GetWindowRect
SendMessageA
SetRect
LoadCursorA
GetSystemMetrics
GrayStringA
DrawTextA
TabbedTextOutA
InvalidateRgn
GetCursorPos
IsRectEmpty
OpenClipboard
GetClientRect
EmptyClipboard

gdi32

BitBlt
GetObjectA
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
DeleteDC
SelectObject
CreateDCA
GetPixel
Rectangle
GetStockObject
GetDeviceCaps
GetTextExtentPoint32A
GetTextMetricsA
CombineRgn
CreateRectRgnIndirect
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateRectRgn

Exports

Exports

StartCatch

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
巧手即时通讯/EQFace.dll
.dll windows:4 windows x86 arch:x86

0340ea5ba0bd761600e77c1253f12124

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord5241
ord2385
ord5163
ord6374
ord4353
ord5290
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord3574
ord567
ord609
ord4275
ord5265
ord4376
ord4853
ord4998
ord6052
ord1775
ord4407
ord5280
ord4425
ord3597
ord324
ord3825
ord4234
ord1168
ord924
ord800
ord858
ord4278
ord5683
ord2818
ord540
ord4396
ord4710
ord755
ord470
ord2379
ord6453
ord535
ord801
ord541
ord6883
ord2764
ord1176
ord1575
ord1577
ord1182
ord342
ord1243
ord1116
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord3953
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord1776
ord4078
ord6055
ord6467
ord2514
ord641
ord815
ord561
ord3738
ord4424
ord4622
ord4080
ord823
ord3079
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord2302
ord825

msvcrt

?terminate@@YAXXZ
_purecall
fclose
fopen
fread
fwrite
fseek
fflush
fputc
getc
fgets
fscanf
__CxxFrameHandler
sprintf
free
malloc
strncmp
strncpy
floor
_ftol
_mbsnbicmp
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
_onexit
__dllonexit
ftell
_except_handler3
realloc
_mbslen
calloc
_mbsnbcpy
ldiv

kernel32

LocalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
SizeofResource
LoadResource
LockResource
FindFirstFileA
FindNextFileA
FindClose
GetModuleFileNameA
LocalAlloc

user32

DrawTextA
FillRect
GetDlgItemTextA
GetParent
CopyRect
EnableWindow
LoadBitmapA
SetWindowPos
SetDlgItemTextA
ReleaseDC
GetDC
InvalidateRect
wsprintfA
SetTimer
GetIconInfo
PtInRect
PostMessageA
UnionRect
TrackMouseEvent
KillTimer

gdi32

SetBkMode
DeleteObject
CreateSolidBrush
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
Rectangle
GetStockObject
CreatePen
CreateCompatibleBitmap
PatBlt
SetBrushOrgEx
CreateDIBPatternBrushPt
CreateDIBSection
GetDIBits
RealizePalette
GetObjectA
RestoreDC
SetDIBitsToDevice
SetStretchBltMode
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
SaveDC
StretchBlt
SetBkColor
CreateBitmap
RectVisible
StretchDIBits
CreateFontIndirectA
SetTextColor

Exports

Exports

??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@XZ
??0CxIOFile@@QAE@ABV0@@Z
??0CxIOFile@@QAE@PAU_iobuf@@@Z
??0CxImage@@QAE@ABV0@_N11@Z
??0CxImage@@QAE@K@Z
??0CxImage@@QAE@KKKK@Z
??0CxImage@@QAE@PAEKK@Z
??0CxImage@@QAE@PAU_iobuf@@K@Z
??0CxImage@@QAE@PAVCxFile@@K@Z
??0CxImage@@QAE@PBDK@Z
??0CxImageGIF@@QAE@ABV0@@Z
??0CxImageGIF@@QAE@XZ
??0CxMemFile@@QAE@ABV0@@Z
??0CxMemFile@@QAE@PAEK@Z
??1CxFile@@UAE@XZ
??1CxIOFile@@UAE@XZ
??1CxImage@@UAE@XZ
??1CxImageGIF@@UAE@XZ
??1CxMemFile@@UAE@XZ
??4CxFile@@QAEAAV0@ABV0@@Z
??4CxIOFile@@QAEAAV0@ABV0@@Z
??4CxImage@@QAEAAV0@ABV0@@Z
??4CxImageGIF@@QAEAAV0@ABV0@@Z
??4CxMemFile@@QAEAAV0@ABV0@@Z
??4CxPoint2@@QAEAAV0@ABV0@@Z
??4CxRect2@@QAEAAV0@ABV0@@Z
??_7CxFile@@6B@
??_7CxIOFile@@6B@
??_7CxImage@@6B@
??_7CxImageGIF@@6B@
??_7CxMemFile@@6B@
??_FCxIOFile@@QAEXXZ
??_FCxImage@@QAEXXZ
??_FCxMemFile@@QAEXXZ
??_OCxImage@@QAEXABV0@@Z
?Alloc@CxMemFile@@IAE_NK@Z
?Bitfield2RGB@CxImage@@IAEXPAEKKKE@Z
?BlendPalette@CxImage@@QAEXKJ@Z
?BlendPixelColor@CxImage@@QAEXJJUtagRGBQUAD@@M_N@Z
?BlindGetPixelColor@CxImage@@IAE?AUtagRGBQUAD@@JJ_N@Z
?BlindGetPixelIndex@CxImage@@IAEEJJ@Z
?BlindGetPixelPointer@CxImage@@IAEPAXJJ@Z
?BlindSetPixelColor@CxImage@@IAEXJJUtagRGBQUAD@@_N@Z
?BlindSetPixelIndex@CxImage@@IAEXJJE@Z
?Blt@CxImage@@QAEJPAUHDC__@@JJ@Z
?CheckFormat@CxImage@@QAE_NPAEKK@Z
?CheckFormat@CxImage@@QAE_NPAVCxFile@@K@Z
?Clear@CxImage@@QAEXE@Z
?Close@CxIOFile@@UAE_NXZ
?Close@CxMemFile@@UAE_NXZ
?CompareColors@CxImage@@KAHPBX0@Z
?Copy@CxImage@@QAEXABV1@_N11@Z
?CopyInfo@CxImage@@IAEXABV1@@Z
?CopyToHandle@CxImage@@QAEPAXXZ
?Create@CxImage@@QAEPAXKKKK@Z
?CreateFromArray@CxImage@@QAE_NPAEKKKK_N@Z
?CreateFromHANDLE@CxImage@@QAE_NPAX@Z
?CreateFromHBITMAP@CxImage@@QAE_NPAUHBITMAP__@@PAUHPALETTE__@@@Z
?CreateFromHICON@CxImage@@QAE_NPAUHICON__@@@Z
?CreateFromMatrix@CxImage@@QAE_NPAPAEKKKK_N@Z
?Decode@CxImage@@QAE_NPAEKK@Z
?Decode@CxImage@@QAE_NPAU_iobuf@@K@Z
?Decode@CxImage@@QAE_NPAVCxFile@@K@Z
?Decode@CxImageGIF@@QAE_NPAU_iobuf@@@Z
?Decode@CxImageGIF@@QAE_NPAVCxFile@@@Z
?DecodeExtension@CxImageGIF@@IAE_NPAVCxFile@@@Z
?Destroy@CxImage@@QAE_NXZ
?DestroyFrames@CxImage@@QAE_NXZ
?Draw2@CxImage@@QAEJPAUHDC__@@ABUtagRECT@@@Z
?Draw2@CxImage@@QAEJPAUHDC__@@JJJJ@Z
?Draw@CxImage@@QAEJPAUHDC__@@ABUtagRECT@@PAU3@_N@Z
?Draw@CxImage@@QAEJPAUHDC__@@JJJJPAUtagRECT@@_N@Z
?DrawLine@CxImage@@QAEXHHHHK@Z
?DrawLine@CxImage@@QAEXHHHHUtagRGBQUAD@@_N@Z
?DrawString@CxImage@@QAEJPAUHDC__@@JJPBDUtagRGBQUAD@@1JJEE_N@Z
?DrawStringEx@CxImage@@QAEJPAUHDC__@@JJPAUtagCxTextInfo@1@_N@Z
?Dump@CxImage@@QAEKPAE@Z
?DumpSize@CxImage@@QAEKXZ
?Enable@CxImage@@QAEX_N@Z
?Eof@CxIOFile@@UAE_NXZ
?Eof@CxMemFile@@UAE_NXZ
?Error@CxIOFile@@UAEJXZ
?Error@CxMemFile@@UAEJXZ
?Flip@CxImage@@QAE_N_N0@Z
?Flush@CxIOFile@@UAE_NXZ
?Flush@CxMemFile@@UAE_NXZ
?Free@CxMemFile@@IAEXXZ
?FreeMemory@CxImage@@QAEXPAX@Z
?GetBits@CxImage@@QAEPAEK@Z
?GetBpp@CxImage@@QBEGXZ
?GetBuffer@CxMemFile@@QAEPAE_N@Z
?GetC@CxIOFile@@UAEJXZ
?GetC@CxMemFile@@UAEJXZ
?GetClrImportant@CxImage@@QBEKXZ
?GetCodecOption@CxImage@@QAEKK@Z
?GetColorType@CxImage@@QAEEXZ
?GetComment@CxImageGIF@@QAEXPAD@Z
?GetDIB@CxImage@@QBEPAXXZ
?GetDisposalMethod@CxImage@@QBEEXZ
?GetEffWidth@CxImage@@QBEKXZ
?GetEscape@CxImage@@QBEJXZ
?GetFlags@CxImage@@QBEKXZ
?GetFrame@CxImage@@QBEJXZ
?GetFrame@CxImage@@QBEPAV1@J@Z
?GetFrameDelay@CxImage@@QBEKXZ
?GetHeight@CxImage@@QBEKXZ
?GetJpegQuality@CxImage@@QBEEXZ
?GetJpegQualityF@CxImage@@QBEMXZ
?GetJpegScale@CxImage@@QBEEXZ
?GetLastError@CxImage@@QAEPBDXZ
?GetLoops@CxImageGIF@@QAEJXZ
?GetNearestIndex@CxImage@@QAEEUtagRGBQUAD@@@Z
?GetNumColors@CxImage@@QBEKXZ
?GetNumFrames@CxImage@@QBEJXZ
?GetNumTypes@CxImage@@SAKXZ
?GetOffset@CxImage@@QAEXPAJ0@Z
?GetPalette@CxImage@@QBEPAUtagRGBQUAD@@XZ
?GetPaletteColor@CxImage@@QAE?AUtagRGBQUAD@@E@Z
?GetPaletteColor@CxImage@@QAE_NEPAE00@Z
?GetPaletteSize@CxImage@@QAEKXZ
?GetPixelColor@CxImage@@QAE?AUtagRGBQUAD@@JJ_N@Z
?GetPixelGray@CxImage@@QAEEJJ@Z
?GetPixelIndex@CxImage@@QAEEJJ@Z
?GetProgress@CxImage@@QBEJXZ
?GetRetreiveAllFrames@CxImage@@QBE_NXZ
?GetS@CxIOFile@@UAEPADPADH@Z
?GetS@CxMemFile@@UAEPADPADH@Z
?GetSize@CxImage@@QAEJXZ
?GetTransColor@CxImage@@QAE?AUtagRGBQUAD@@XZ
?GetTransIndex@CxImage@@QBEJXZ
?GetTransparentMask@CxImage@@QAE_NPAV1@@Z
?GetType@CxImage@@QBEKXZ
?GetTypeIdFromIndex@CxImage@@SAKK@Z
?GetTypeIdFromName@CxImage@@SAKPBD@Z
?GetTypeIndexFromId@CxImage@@SAKK@Z
?GetVersion@CxImage@@SAPBDXZ
?GetVersionNumber@CxImage@@SA?BMXZ
?GetWidth@CxImage@@QBEKXZ
?GetXDPI@CxImage@@QBEJXZ
?GetYDPI@CxImage@@QBEJXZ
?Ghost@CxImage@@IAEXPBV1@@Z
?GifMix@CxImageGIF@@IAEXAAVCxImage@@AAUtag_image@1@@Z
?GifNextPixel@CxImageGIF@@IAEHXZ
?GrayScale@CxImage@@QAE_NXZ
?InitTextInfo@CxImage@@QAEXPAUtagCxTextInfo@1@@Z
?IsEnabled@CxImage@@QBE_NXZ
?IsGrayScale@CxImage@@QAE_NXZ
?IsIndexed@CxImage@@QBE_NXZ
?IsInside@CxImage@@QAE_NJJ@Z
?IsSamePalette@CxImage@@QAE_NAAV1@_N@Z
?IsTransparent@CxImage@@QAE_NJJ@Z
?IsTransparent@CxImage@@QBE_NXZ
?IsValid@CxImage@@QBE_NXZ
?Load@CxImage@@QAE_NPBDK@Z
?LoadResource@CxImage@@QAE_NPAUHRSRC__@@KPAUHINSTANCE__@@@Z
?MakeBitmap@CxImage@@QAEPAUHBITMAP__@@PAUHDC__@@@Z
?Mirror@CxImage@@QAE_N_N0@Z
?Negative@CxImage@@QAE_NXZ
?Open@CxIOFile@@QAE_NPBD0@Z
?Open@CxMemFile@@QAE_NXZ
?PutC@CxFile@@UAE_NE@Z
?PutC@CxIOFile@@UAE_NE@Z
?PutC@CxMemFile@@UAE_NE@Z
?Putword@CxImageGIF@@IAEXHPAVCxFile@@@Z
?RGBQUADtoRGB@CxImage@@SAKUtagRGBQUAD@@@Z
?RGBtoBGR@CxImage@@IAEXPAEH@Z
?RGBtoRGBQUAD@CxImage@@SA?AUtagRGBQUAD@@K@Z
?Read@CxIOFile@@UAEIPAXII@Z
?Read@CxMemFile@@UAEIPAXII@Z
?RotateLeft@CxImage@@QAE_NPAV1@@Z
?RotateRight@CxImage@@QAE_NPAV1@@Z
?Scanf@CxIOFile@@UAEJPBDPAX@Z
?Scanf@CxMemFile@@UAEJPBDPAX@Z
?Seek@CxIOFile@@UAE_NJH@Z
?Seek@CxMemFile@@UAE_NJH@Z
?SetClrImportant@CxImage@@QAEXK@Z
?SetCodecOption@CxImage@@QAE_NKK@Z
?SetComment@CxImageGIF@@QAEXPBD@Z
?SetDisposalMethod@CxImage@@QAEXE@Z
?SetEscape@CxImage@@QAEXJ@Z
?SetFlags@CxImage@@QAEXK_N@Z
?SetFrame@CxImage@@QAEXJ@Z
?SetFrameDelay@CxImage@@QAEXK@Z
?SetGrayPalette@CxImage@@QAEXXZ
?SetJpegQuality@CxImage@@QAEXE@Z
?SetJpegQualityF@CxImage@@QAEXM@Z
?SetJpegScale@CxImage@@QAEXE@Z
?SetLoops@CxImageGIF@@QAEXH@Z
?SetOffset@CxImage@@QAEXJJ@Z
?SetPalette@CxImage@@QAEXKPAE00@Z
?SetPalette@CxImage@@QAEXPAUrgb_color@1@K@Z
?SetPalette@CxImage@@QAEXPAUtagRGBQUAD@@K@Z
?SetPaletteColor@CxImage@@QAEXEEEEE@Z
?SetPaletteColor@CxImage@@QAEXEK@Z
?SetPaletteColor@CxImage@@QAEXEUtagRGBQUAD@@@Z
?SetPixelColor@CxImage@@QAEXJJK@Z
?SetPixelColor@CxImage@@QAEXJJUtagRGBQUAD@@_N@Z
?SetPixelIndex@CxImage@@QAEXJJE@Z
?SetProgress@CxImage@@QAEXJ@Z
?SetRetreiveAllFrames@CxImage@@QAEX_N@Z
?SetStdPalette@CxImage@@QAEXXZ
?SetTransColor@CxImage@@QAEXUtagRGBQUAD@@@Z
?SetTransIndex@CxImage@@QAEXJ@Z
?SetType@CxImage@@QAE_NK@Z
?SetXDPI@CxImage@@QAEXJ@Z
?SetYDPI@CxImage@@QAEXJ@Z
?Size@CxIOFile@@UAEJXZ
?Size@CxMemFile@@UAEJXZ
?Startup@CxImage@@IAEXK@Z
?Stretch@CxImage@@QAEJPAUHDC__@@ABUtagRECT@@K@Z
?Stretch@CxImage@@QAEJPAUHDC__@@JJJJK@Z
?SwapIndex@CxImage@@QAEXEE@Z
?SwapRGB2BGR@CxImage@@QAEXXZ
?Tell@CxIOFile@@UAEJXZ
?Tell@CxMemFile@@UAEJXZ
?Tile@CxImage@@QAEJPAUHDC__@@PAUtagRECT@@@Z
?Transfer@CxImage@@QAE_NAAV1@_N@Z
?UnDump@CxImage@@QAEKPBE@Z
?Write@CxIOFile@@UAEIPBXII@Z
?Write@CxMemFile@@UAEIPBXII@Z
?bihtoh@CxImage@@IAEXPAUtagBITMAPINFOHEADER@@@Z
?char_out@CxImageGIF@@IAEXH@Z
?cl_hash@CxImageGIF@@IAEXJ@Z
?compressLZW@CxImageGIF@@IAEXHPAVCxFile@@@Z
?compressNONE@CxImageGIF@@IAEXHPAVCxFile@@@Z
?compressRLE@CxImageGIF@@IAEXHPAVCxFile@@@Z
?decoder@CxImageGIF@@IAEFPAVCxFile@@PAVCImageIterator@@FAAH@Z
?flush_char@CxImageGIF@@IAEXXZ
?get_byte@CxImageGIF@@IAEHPAVCxFile@@@Z
?get_next_code@CxImageGIF@@IAEFPAVCxFile@@@Z
?get_num_frames@CxImageGIF@@IAEHPAVCxFile@@PAUtag_TabCol@1@PAUtag_dscgif@1@@Z
?init_exp@CxImageGIF@@IAEFF@Z
?ntohl@CxImage@@IAEJJ@Z
?ntohs@CxImage@@IAEFF@Z
?out_line@CxImageGIF@@IAEHPAVCImageIterator@@PAEH@Z
?output@CxImageGIF@@IAEXF@Z
?rle_block_flush@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?rle_block_out@CxImageGIF@@IAEXEPAUtag_RLE@1@@Z
?rle_clear@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?rle_compute_triangle_count@CxImageGIF@@IAEIII@Z
?rle_flush@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?rle_flush_clearorrep@CxImageGIF@@IAEXHPAUtag_RLE@1@@Z
?rle_flush_fromclear@CxImageGIF@@IAEXHPAUtag_RLE@1@@Z
?rle_flush_withtable@CxImageGIF@@IAEXHPAUtag_RLE@1@@Z
?rle_isqrt@CxImageGIF@@IAEII@Z
?rle_output@CxImageGIF@@IAEXHPAUtag_RLE@1@@Z
?rle_output_flush@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?rle_output_plain@CxImageGIF@@IAEXHPAUtag_RLE@1@@Z
?rle_reset_out_clear@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?rle_write_block@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?seek_next_image@CxImageGIF@@IAEJPAVCxFile@@J@Z
ShowQFace

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 276KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
巧手即时通讯/FUDP.dll
.dll windows:4 windows x86 arch:x86

89947e53c32a9303fd71984d0c4edd84

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord1200
ord825
ord1182
ord823
ord1168
ord342
ord1253

msvcrt

_adjust_fdiv
malloc
_initterm
free
?terminate@@YAXXZ
_except_handler3
sprintf

kernel32

GlobalAlloc
GlobalFree
InitializeCriticalSection
CloseHandle
CreateThread
GetSystemInfo
CreateIoCompletionPort
LeaveCriticalSection
EnterCriticalSection
GetLastError
GetQueuedCompletionStatus

ws2_32

inet_ntoa
ntohs
WSARecvFrom
WSAStartup
WSACleanup
WSAGetLastError
setsockopt
bind
htons
htonl
WSASocketA
WSASendTo

Exports

Exports

??0CUdpICOP@@QAE@ABV0@@Z
??0CUdpICOP@@QAE@XZ
??1CUdpICOP@@UAE@XZ
??4CUdpICOP@@QAEAAV0@ABV0@@Z
??_7CUdpICOP@@6B@
?BeginAllWork@CUdpICOP@@QAEXH@Z
?InitUDP@CUdpICOP@@QAE_NIP6GXPAEKPAUsockaddr@@PAX@Z2@Z
?SendToCilent@CUdpICOP@@QAE_NPAEHAAUsockaddr@@@Z

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
巧手即时通讯/Faces/00.gif
.gif
巧手即时通讯/Faces/01.gif
.gif
巧手即时通讯/Faces/02.gif
.gif
巧手即时通讯/Faces/03.gif
.gif
巧手即时通讯/Faces/04.gif
.gif
巧手即时通讯/Faces/05.gif
.gif
巧手即时通讯/Faces/06.gif
.gif
巧手即时通讯/Faces/07.gif
.gif
巧手即时通讯/Faces/08.gif
.gif
巧手即时通讯/Faces/09.gif
.gif
巧手即时通讯/Faces/10.gif
.gif
巧手即时通讯/Faces/11.gif
.gif
巧手即时通讯/Faces/12.gif
.gif
巧手即时通讯/Faces/13.gif
.gif
巧手即时通讯/Faces/14.gif
.gif
巧手即时通讯/Faces/15.gif
.gif
巧手即时通讯/Faces/16.gif
.gif
巧手即时通讯/Faces/17.gif
.gif
巧手即时通讯/Faces/18.gif
.gif
巧手即时通讯/Faces/19.gif
.gif
巧手即时通讯/Faces/20.gif
.gif
巧手即时通讯/Faces/21.gif
.gif
巧手即时通讯/Faces/22.gif
.gif
巧手即时通讯/Faces/23.gif
.gif
巧手即时通讯/Faces/24.gif
.gif
巧手即时通讯/Faces/25.gif
.gif
巧手即时通讯/Faces/26.gif
.gif
巧手即时通讯/Faces/27.gif
.gif
巧手即时通讯/Faces/28.gif
.gif
巧手即时通讯/Faces/29.gif
.gif
巧手即时通讯/Faces/30.gif
.gif
巧手即时通讯/Faces/31.gif
.gif
巧手即时通讯/Faces/32.gif
.gif
巧手即时通讯/Faces/33.gif
.gif
巧手即时通讯/Faces/34.gif
.gif
巧手即时通讯/Faces/35.gif
.gif
巧手即时通讯/Faces/36.gif
.gif
巧手即时通讯/Faces/37.gif
.gif
巧手即时通讯/Faces/38.gif
.gif
巧手即时通讯/Faces/39.gif
.gif
巧手即时通讯/Faces/40.gif
.gif
巧手即时通讯/Faces/41.gif
.gif
巧手即时通讯/Faces/42.gif
.gif
巧手即时通讯/Faces/43.gif
.gif
巧手即时通讯/Faces/44.gif
.gif
巧手即时通讯/Faces/45.gif
.gif
巧手即时通讯/Faces/46.gif
.gif
巧手即时通讯/Faces/47.gif
.gif
巧手即时通讯/Faces/48.gif
.gif
巧手即时通讯/Faces/49.gif
.gif
巧手即时通讯/Faces/50.gif
.gif
巧手即时通讯/Faces/51.gif
.gif
巧手即时通讯/Faces/52.gif
.gif
巧手即时通讯/Faces/53.gif
.gif
巧手即时通讯/Faces/54.gif
.gif
巧手即时通讯/Faces/55.gif
.gif
巧手即时通讯/Faces/56.gif
.gif
巧手即时通讯/Faces/57.gif
.gif
巧手即时通讯/Faces/58.gif
.gif
巧手即时通讯/Faces/59.gif
.gif
巧手即时通讯/Faces/60.gif
.gif
巧手即时通讯/Faces/61.gif
.gif
巧手即时通讯/Faces/62.gif
.gif
巧手即时通讯/Faces/63.gif
.gif
巧手即时通讯/Faces/64.gif
.gif
巧手即时通讯/Faces/65.gif
.gif
巧手即时通讯/Faces/66.gif
.gif
巧手即时通讯/Faces/67.gif
.gif
巧手即时通讯/Faces/68.gif
.gif
巧手即时通讯/Faces/69.gif
.gif
巧手即时通讯/Faces/70.gif
.gif
巧手即时通讯/Faces/71.gif
.gif
巧手即时通讯/Faces/72.gif
.gif
巧手即时通讯/Faces/73.gif
.gif
巧手即时通讯/Faces/74.gif
.gif
巧手即时通讯/Faces/75.gif
.gif
巧手即时通讯/Faces/76.gif
.gif
巧手即时通讯/Faces/77.gif
.gif
巧手即时通讯/Faces/78.gif
.gif
巧手即时通讯/Faces/79.gif
.gif
巧手即时通讯/Faces/80.gif
.gif
巧手即时通讯/Faces/81.gif
.gif
巧手即时通讯/Faces/82.gif
.gif
巧手即时通讯/Faces/83.gif
.gif
巧手即时通讯/Faces/84.gif
.gif
巧手即时通讯/Faces/85.gif
.gif
巧手即时通讯/Faces/86.gif
.gif
巧手即时通讯/Faces/87.gif
.gif
巧手即时通讯/Faces/88.gif
.gif
巧手即时通讯/Faces/89.gif
.gif
巧手即时通讯/Faces/90.gif
.gif
巧手即时通讯/Faces/91.gif
.gif
巧手即时通讯/Faces/92.gif
.gif
巧手即时通讯/Faces/93.gif
.gif
巧手即时通讯/Faces/94.gif
.gif
巧手即时通讯/Faces/95.gif
.gif
巧手即时通讯/Faces/96.gif
.gif
巧手即时通讯/Faces/97.gif
.gif
巧手即时通讯/Faces/98.gif
.gif
巧手即时通讯/Faces/99.gif
.gif
巧手即时通讯/Faces/Thumbs.db
巧手即时通讯/IEAction.dll
.dll windows:4 windows x86 arch:x86

304b7a5f8434c1ba1015a3aea5cd5104

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord5065
ord1727
ord5261
ord2446
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3402
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord567
ord2135
ord818
ord1949
ord4034
ord3749
ord858
ord539
ord2818
ord801
ord501
ord541
ord773
ord2776
ord6883
ord2814
ord2811
ord829
ord860
ord1083
ord5600
ord1205
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1776
ord4078
ord6055
ord535
ord537
ord800
ord825
ord1182
ord823
ord342
ord1253
ord540
ord1168

msvcrt

_mbsnbcpy
memmove
__CxxFrameHandler
_CxxThrowException
wcslen
_except_handler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ
free
_initterm
malloc
_adjust_fdiv
__dllonexit
_mbscmp
_onexit

kernel32

MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
LocalFree
GetLastError
lstrlenA

user32

EnableWindow

ole32

OleRun
CoCreateInstance

oleaut32

SafeArrayCreateVector
SysStringLen
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
SafeArrayCreate
SafeArrayPutElement
SafeArrayDestroy
SysAllocString
SysFreeString
VariantInit
VariantCopy
VariantClear
VariantChangeType
GetErrorInfo

msvcp60

?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Refcnt@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEAAEPBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB

Exports

Exports

AddExternFun
CloseOneIEApp
GetInjectError
GetOneIEApp
InjectScript
OverInject
RunInjectFun
RunWebFun

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
巧手即时通讯/IEScript.dll
.dll windows:4 windows x86 arch:x86

7d754484e18f0f606732099da91260f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord1205
ord537
ord540
ord860
ord858
ord535
ord800
ord825
ord1182
ord823
ord1253
ord1168
ord342

msvcrt

memmove
_mbsnbcpy
_except_handler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ
free
_initterm
__dllonexit
__CxxFrameHandler
malloc
_adjust_fdiv
_onexit
_mbscmp
_CxxThrowException
wcslen

kernel32

LocalFree
GetLastError
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
LockResource
LoadResource
FindResourceA
CloseHandle
GlobalFree
ReadFile
CreateFileA
MultiByteToWideChar
GlobalAlloc
lstrlenA
GetFileSize

ole32

OleRun
CoCreateInstance

oleaut32

SafeArrayUnlock
SafeArrayLock
SafeArrayUnaccessData
SafeArrayGetDim
SafeArrayDestroy
SafeArrayGetElement
SysStringLen
SysStringByteLen
SysAllocStringByteLen
VariantChangeType
SysAllocString
SysFreeString
VariantInit
SafeArrayPutElement
SafeArrayCreateVector
SafeArrayCreate
SafeArrayAccessData
VariantClear
GetErrorInfo

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Refcnt@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEAAEPBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Xran@std@@YAXXZ

Exports

Exports

??0CRunScript@@QAE@ABV0@@Z
??0CRunScript@@QAE@XZ
??0CSafeArrayHelper@@QAE@XZ
??0CScriptObjectEx@@QAE@ABV0@@Z
??0CScriptObjectEx@@QAE@XZ
??0CUserScript@@QAE@ABV0@@Z
??0CUserScript@@QAE@XZ
??1CRunScript@@UAE@XZ
??1CSafeArrayHelper@@QAE@XZ
??1CScriptObjectEx@@QAE@XZ
??1CUserScript@@UAE@XZ
??4CRunScript@@QAEAAV0@ABV0@@Z
??4CSafeArrayHelper@@QAEAAV0@ABV0@@Z
??4CScriptObjectEx@@QAEAAV0@ABV0@@Z
??4CUserScript@@QAEAAV0@ABV0@@Z
??_7CRunScript@@6B@
??_7CUserScript@@6B@
?AccessData@CSafeArrayHelper@@QAE_NPAPAX@Z
?AddScript@CRunScript@@QAE_NVCString@@@Z
?AddScript@CScriptObjectEx@@QAE_NPBD@Z
?AddScript@CUserScript@@QAE_NVCString@@@Z
?Attach@CSafeArrayHelper@@QAE_NPAUtagSAFEARRAY@@@Z
?AttachFromVariant@CSafeArrayHelper@@QAE_NPAUtagVARIANT@@@Z
?CommonConstruct@CScriptObjectEx@@IAEXXZ
?Create@CSafeArrayHelper@@QAE_NGIII@Z
?Destroy@CSafeArrayHelper@@QAE_NXZ
?Detach@CSafeArrayHelper@@QAEPAUtagSAFEARRAY@@XZ
?ExecuteStatement@CScriptObjectEx@@QAE_NPBD@Z
?GetArray@CSafeArrayHelper@@QAEPAUtagSAFEARRAY@@XZ
?GetAsVariant@CSafeArrayHelper@@QAE?AUtagVARIANT@@XZ
?GetDimension@CSafeArrayHelper@@QAEIXZ
?GetElement@CSafeArrayHelper@@QAE_NJPAX@Z
?GetErrorString@CScriptObjectEx@@QAEPBDXZ
?GetLanguage@CScriptObjectEx@@QAEPBDXZ
?GetLastError@CRunScript@@QAE?AVCString@@XZ
?GetLastError@CUserScript@@QAE?AVCString@@XZ
?GetMethodsCount@CScriptObjectEx@@QBEHXZ
?GetMethodsName@CScriptObjectEx@@IAE_NXZ
?GetNameAt@CScriptObjectEx@@QAEPBDH@Z
?GetScriptFunction@CScriptObjectEx@@IAEPBDPBD@Z
?HaveProc@CRunScript@@QAE_NVCString@@@Z
?LoadScript@CScriptObjectEx@@QAE_NPBD@Z
?LoadScriptResource@CScriptObjectEx@@QAE_NPBD0PAUHINSTANCE__@@@Z
?Lock@CSafeArrayHelper@@QAE_NXZ
?PutElement@CSafeArrayHelper@@QAE_NJPAX@Z
?Reset@CScriptObjectEx@@QAEXXZ
?Run@CRunScript@@QAE_NVCString@@AAV2@@Z
?Run@CRunScript@@QAE_NVCString@@AAVCStringArray@@AAV2@@Z
?Run@CUserScript@@QAE_NVCString@@AAV2@@Z
?Run@CUserScript@@QAE_NVCString@@AAVCStringArray@@AAV2@@Z
?RunProcedure@CScriptObjectEx@@QAE_NPBDPAPAUtagSAFEARRAY@@PAUtagVARIANT@@@Z
?SetDocument@CRunScript@@QAEXAAV?$CComPtr@UIHTMLDocument2@@@ATL@@@Z
?SetDocument@CUserScript@@QAEXAAV?$CComPtr@UIHTMLDocument2@@@ATL@@@Z
?SetLanguage@CRunScript@@QAEXPBD@Z
?SetLanguage@CScriptObjectEx@@QAEXPBD@Z
?SetRunJS@CRunScript@@QAEXXZ
?SetRunJS@CUserScript@@QAEXXZ
?SetRunVB@CRunScript@@QAEXXZ
?SetRunVB@CUserScript@@QAEXXZ
?UnaccessData@CSafeArrayHelper@@QAE_NXZ
?Unlock@CSafeArrayHelper@@QAE_NXZ

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
巧手即时通讯/IEWin.dll
.dll windows:4 windows x86 arch:x86

26ccb2a04fbc73d26c5fbc9d4fe5d104

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

baseexternfunc

?GetFuncIDFromName@CExternFunc@@QAEHVCString@@@Z
?SetIEMain@CExternFunc@@QAEXPAVCWnd@@@Z

iescript

??1CUserScript@@UAE@XZ

mfc42

ord3259
ord4353
ord5290
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord5277
ord2982
ord5163
ord6374
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3402
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord567
ord2135
ord3147
ord4407
ord5241
ord2385
ord4376
ord4853
ord4998
ord6052
ord1775
ord5280
ord2124
ord4425
ord3597
ord324
ord2302
ord4234
ord1168
ord924
ord858
ord4278
ord5683
ord2818
ord2688
ord2379
ord6880
ord501
ord773
ord5600
ord2776
ord1776
ord4078
ord6055
ord860
ord2514
ord535
ord1182
ord823
ord342
ord1253
ord818
ord800
ord641
ord825
ord540
ord5265
ord1949
ord4034
ord4710

msvcrt

__dllonexit
_adjust_fdiv
malloc
_initterm
free
_onexit
?terminate@@YAXXZ
_except_handler3
__CxxFrameHandler

kernel32

InterlockedIncrement
GetModuleFileNameA
GetModuleHandleA
LoadLibraryA
GetProcAddress
InterlockedDecrement
WideCharToMultiByte

user32

PtInRect
EnableWindow
GetWindowRect
PostMessageA

Exports

Exports

??0CUserScript@@QAE@ABV0@@Z
??0XIEWin@@QAE@PAVCWnd@@@Z
??1XIEWin@@UAE@XZ
??4CUserScript@@QAEAAV0@ABV0@@Z
??_7CUserScript@@6B@
??_7XIEWin@@6B@
??_FXIEWin@@QAEXXZ
?DoDataExchange@XIEWin@@MAEXPAVCDataExchange@@@Z
?GetEventSinkMap@XIEWin@@MBEPBUAFX_EVENTSINKMAP@@XZ
?GetExternMode@XIEWin@@QAE?AVCString@@XZ
?GetMessageMap@XIEWin@@MBEPBUAFX_MSGMAP@@XZ
?InitIE@XIEWin@@QAEXXZ
?OnClose@XIEWin@@IAEXXZ
?OnDocumentCompleteExplorer1@XIEWin@@IAEXPAUIDispatch@@PAUtagVARIANT@@@Z
?OnDownloadCompleteExplorer1@XIEWin@@IAEXXZ
?OnInitDialog@XIEWin@@MAEHXZ
?OnLButtonDown@XIEWin@@IAEXIVCPoint@@@Z
?WindowProc@XIEWin@@MAEJIIJ@Z
?_GetBaseEventSinkMap@XIEWin@@KGPBUAFX_EVENTSINKMAP@@XZ
?_GetBaseMessageMap@XIEWin@@KGPBUAFX_MSGMAP@@XZ
?_eventsinkEntries@XIEWin@@0QBUAFX_EVENTSINKMAP_ENTRY@@B
?_eventsinkEntryCount@XIEWin@@0IA
?_messageEntries@XIEWin@@0QBUAFX_MSGMAP_ENTRY@@B
?eventsinkMap@XIEWin@@1UAFX_EVENTSINKMAP@@B
?messageMap@XIEWin@@1UAFX_MSGMAP@@B
IERun

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
巧手即时通讯/IeOut/OutIERunF.dll
.dll windows:4 windows x86 arch:x86

ddf423983dc874fc91fe7af79c33044d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

baseexternfunc

??0CExternFunc@@QAE@XZ
??1CExternFunc@@UAE@XZ
?AddFunc@CExternFunc@@QAEXVCString@@P6A_NPAUtagVARIANT@@AAVCStringArray@@@Z@Z
?RunFunc@CExternFunc@@UAE_NJABU_GUID@@KGPAUtagDISPPARAMS@@PAUtagVARIANT@@PAUtagEXCEPINFO@@PAI@Z

mfc42

ord1253
ord1168
ord342
ord823
ord1182
ord825
ord537
ord1200
ord800
ord535

msvcrt

_initterm
sprintf
__CxxFrameHandler
__dllonexit
_onexit
free
atoi
malloc
_adjust_fdiv

user32

PostMessageA

Exports

Exports

GetOutFClass

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 877B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 194B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
巧手即时通讯/ImageOle.dll
.dll regsvr32 windows:4 windows x86 arch:x86

66a3a1bca6de4137317716abc09b2e8b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
FlushInstructionCache
MulDiv
GetCurrentProcess
LeaveCriticalSection
WideCharToMultiByte
InterlockedDecrement
GlobalUnlock
ReadFile
CloseHandle
GlobalFree
GlobalLock
GlobalAlloc
SetFilePointer
CreateFileA
EnterCriticalSection
lstrlenW
DisableThreadLibraryCalls
HeapAlloc
GetSystemInfo
GetVersionExA
HeapCreate
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement

user32

GetClientRect
IsChild
SetFocus
WindowFromDC
PtInRect
GetDC
ReleaseDC
IntersectRect
GetKeyState
SetWindowPos
SetWindowRgn
OffsetRect
EqualRect
SendMessageA
EndPaint
UpdateWindow
KillTimer
IsWindowVisible
SetTimer
GetDesktopWindow
CreateWindowExA
CallWindowProcA
GetWindowLongA
SetWindowLongA
BeginPaint
GetFocus
ShowWindow
GetParent
InvalidateRect
DefWindowProcA
DestroyWindow
IsWindow
UnionRect

gdi32

CreateCompatibleDC
CloseMetaFile
CreateRectRgnIndirect
DeleteDC
LPtoDP
DeleteObject
SelectClipRgn
BitBlt
SelectObject
GetClipRgn
ExcludeClipRect
RectVisible
CreateMetaFileA
SetWindowExtEx
DeleteMetaFile
CreateCompatibleBitmap
CreateRectRgn
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
RestoreDC
GetDeviceCaps

ole32

OleRegGetMiscStatus
CreateOleAdviseHolder
OleRegGetUserType
OleRegEnumVerbs
CoTaskMemFree
CreateStreamOnHGlobal
CreateDataAdviseHolder
CoTaskMemAlloc

oleaut32

LoadRegTypeLi
SysFreeString
SysAllocString
OleCreatePropertyFrame
OleLoadPicture
SysStringLen
VariantClear

atl

ord26
ord43
ord44
ord50
ord46
ord51
ord58
ord27
ord32
ord57
ord18
ord15
ord16
ord21
ord23
ord31
ord30

msvcrt

_ftol
memcmp
_purecall
memcpy
memset
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z
_initterm
_adjust_fdiv
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
free
malloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
巧手即时通讯/JpgDll.dll
.dll windows:4 windows x86 arch:x86

d05c317f3b71a1aadbed40e7388e98d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

CloseHandle
CompareStringA
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
EnterCriticalSection
EnumCalendarInfoA
ExitProcess
FindClose
FindFirstFileA
FindResourceA
FormatMessageA
FreeEnvironmentStringsA
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceA
GetEnvironmentStrings
GetFileSize
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeExA
GetStringTypeW
GetSystemInfo
GetThreadLocale
GetTickCount
GetVersion
GetVersionExA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
GlobalFree
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadResource
LocalAlloc
LocalFree
LockResource
MulDiv
MultiByteToWideChar
RaiseException
ReadFile
ResetEvent
RtlUnwind
SetConsoleCtrlHandler
SetEndOfFile
SetErrorMode
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetThreadLocale
SizeofResource
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

comctl32

ImageList_Add
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_Draw
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Read
ImageList_Remove
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_SetIconSize
ImageList_Write
ord17

comdlg32

GetOpenFileNameA

gdi32

BitBlt
CombineRgn
CopyEnhMetaFileA
CreateBitmap
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreateDIBitmap
CreateFontIndirectA
CreateHalftonePalette
CreatePalette
CreatePenIndirect
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteEnhMetaFile
DeleteObject
ExcludeClipRect
ExtTextOutA
GdiFlush
GetBitmapBits
GetBrushOrgEx
GetClipBox
GetCurrentPositionEx
GetDCOrgEx
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetEnhMetaFileBits
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetObjectA
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextExtentPoint32A
GetTextMetricsA
GetWinMetaFileBits
GetWindowOrgEx
IntersectClipRect
LineTo
MaskBlt
MoveToEx
PatBlt
PlayEnhMetaFile
RealizePalette
RectVisible
Rectangle
RestoreDC
SaveDC
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetEnhMetaFileBits
SetPixel
SetROP2
SetStretchBltMode
SetTextColor
SetViewportOrgEx
SetWinMetaFileBits
SetWindowOrgEx
StretchBlt
UnrealizeObject

user32

ActivateKeyboardLayout
AdjustWindowRectEx
BeginDeferWindowPos
BeginPaint
CallNextHookEx
CallWindowProcA
CharLowerA
CharLowerBuffA
CharNextA
CheckMenuItem
ChildWindowFromPoint
ClientToScreen
CreateIcon
CreateMenu
CreatePopupMenu
CreateWindowExA
DefFrameProcA
DefMDIChildProcA
DefWindowProcA
DeferWindowPos
DeleteMenu
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageA
DrawEdge
DrawFrameControl
DrawIcon
DrawIconEx
DrawMenuBar
DrawTextA
EnableMenuItem
EnableScrollBar
EnableWindow
EndDeferWindowPos
EndPaint
EnumThreadWindows
EnumWindows
EqualRect
FillRect
FindWindowA
FrameRect
GetActiveWindow
GetCapture
GetClassInfoA
GetClassNameA
GetClientRect
GetClipboardData
GetCursor
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetDlgItem
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyNameTextA
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardState
GetKeyboardType
GetLastActivePopup
GetMenu
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoA
GetMenuState
GetMenuStringA
GetMessagePos
GetParent
GetPropA
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSystemMenu
GetSystemMetrics
GetTopWindow
GetWindow
GetWindowDC
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
InflateRect
InsertMenuA
InsertMenuItemA
IntersectRect
InvalidateRect
IsChild
IsDialogMessageA
IsIconic
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadKeyboardLayoutA
LoadStringA
MapVirtualKeyA
MapWindowPoints
MessageBoxA
OemToCharA
OffsetRect
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassA
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
ScrollWindow
SendMessageA
SetActiveWindow
SetCapture
SetClassLongA
SetCursor
SetFocus
SetForegroundWindow
SetMenu
SetMenuItemInfoA
SetPropA
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowTextA
SetWindowsHookExA
ShowCursor
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoA
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UpdateWindow
WaitMessage
WinHelpA
WindowFromPoint
wsprintfA
GetSysColor

oleaut32

SafeArrayCreate
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim
SysAllocStringLen
SysFreeString
SysReAllocStringLen
VarBoolFromStr
VarBstrFromBool
VarBstrFromCy
VarBstrFromDate
VarCyFromStr
VarDateFromStr
VarI4FromStr
VarNeg
VarNot
VarR8FromStr
VariantChangeTypeEx
VariantClear
VariantCopy
VariantCopyInd
VariantInit

Exports

Exports

@@Jpgdllunit@Finalize
@@Jpgdllunit@Initialize
BmpToJpg
_JPGForm
___CPPdebugHook

Sections

.text
Size: 580KB - Virtual size: 580KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
巧手即时通讯/LRecord.eq
巧手即时通讯/MFFace.exe
.exe windows:4 windows x86 arch:x86

c5ba04f72766e4b3ae985c3460818c3f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5714
ord2982
ord3147
ord3259
ord5289
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord3626
ord3663
ord641
ord800
ord2414
ord2514
ord2621
ord1134
ord5265
ord4376
ord4853
ord4998
ord4710
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord4079
ord5307
ord4441
ord2648
ord2055
ord4698
ord2725
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord4234
ord4220
ord2584
ord3654
ord2438
ord2864
ord2859
ord3693
ord1641
ord1146
ord1168
ord540
ord2764
ord4202
ord858
ord6197
ord6380
ord4160
ord2863
ord860
ord2379
ord4673
ord470
ord6215
ord535
ord537
ord4133
ord4297
ord6119
ord5788
ord823
ord3798
ord5302
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord5300
ord3346
ord2396
ord6376
ord3749
ord4837
ord755
ord1576

msvcrt

__CxxFrameHandler
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_purecall
??1type_info@@UAE@XZ
_setmbcp
_CxxThrowException
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_controlfp

kernel32

GetProcAddress
InterlockedDecrement
MultiByteToWideChar
GetModuleHandleA
GetStartupInfoA
LocalFree
LoadLibraryA

user32

AppendMenuA
CreateWindowExA
KillTimer
GetWindowLongA
RegisterClassExA
SendMessageA
GetDC
DefWindowProcA
EndPaint
GetParent
IsIconic
PostMessageA
GetSystemMenu
LoadIconA
GetDesktopWindow
GetCursorPos
GetWindowDC
ScreenToClient
ReleaseDC
GetWindowRect
SetCapture
SetWindowLongA
SetWindowPos
DrawIcon
GetSystemMetrics
GetClientRect
BeginPaint
SetTimer
ClientToScreen
ReleaseCapture
InvalidateRect
CallWindowProcA
EnableWindow
EqualRect

gdi32

BitBlt
CreatePen
DeleteObject
DeleteDC
GetDeviceCaps
SelectObject
CreateDIBSection
CreateCompatibleDC

ole32

OleDraw
OleCreate
OleSetContainedObject
CoCreateInstance
OleInitialize

oleaut32

GetErrorInfo
SysAllocString
SysFreeString

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
巧手即时通讯/MiRunWeb.dll
.dll windows:4 windows x86 arch:x86

ae131b594bbe9a10480eacfa040d8be9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

webservicedll

?GetResult@MyRong@@QAEPAUReturnRecord@@_N@Z
?GetOneRecord@MyRong@@QAE_NHAAVCStringArray@@@Z
?DecodeBase64@CBase64@@QAEHPBDPAEH@Z
?RunFunc@MyRong@@QAE_NVCString@@000@Z
??1CBase64@@UAE@XZ
?GetRecordCount@MyRong@@QAEJAA_N@Z
?RemoveOut@MyRong@@QAEXH@Z
??0MyRong@@QAE@XZ
??0CBase64@@QAE@XZ
?EncodeBase64@CBase64@@QAEHPBEPADHH@Z

yashu

YaData

mfc42

ord860
ord858
ord354
ord5186
ord3318
ord1979
ord1168
ord825
ord1253
ord342
ord823
ord1182
ord341
ord654
ord800
ord535
ord939
ord941
ord2818
ord540
ord1187
ord537
ord665

msvcrt

__dllonexit
_adjust_fdiv
malloc
_initterm
free
_onexit
?terminate@@YAXXZ
__CxxFrameHandler
sprintf
_ftol
atoi
_except_handler3

Exports

Exports

??0CBase64@@QAE@ABV0@@Z
??4CBase64@@QAEAAV0@ABV0@@Z
??_7CBase64@@6B@
Close_Service
Close_Url
Free_Web
Get_PostOneRecord
Get_PostOtherResult
Get_PostResult
Get_ReturnCount
OpenDown_UrlFile
OpenUp_UrlFile
Run_MiService
Run_Service

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 682B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
巧手即时通讯/NetZip.dll
.dll windows:4 windows x86 arch:x86

bb1a91925efb0127a727018f70cb6fe5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord1253
ord342
ord823
ord1182
ord1168

msvcrt

malloc
free
_initterm
_adjust_fdiv

Exports

Exports

ComPressData
UnComPressData

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
巧手即时通讯/PCEQ.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 80KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 14KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
巧手即时通讯/Skin.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

LoadSkin

Sections

CODE
Size: 201KB - Virtual size: 536KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 18KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
巧手即时通讯/WebServiceDLL.dll
.dll windows:4 windows x86 arch:x86

e25e5e9237c868912d76e2d02f24881d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord1979
ord6385
ord5186
ord354
ord939
ord922
ord665
ord537
ord860
ord1200
ord773
ord801
ord501
ord541
ord6143
ord539
ord941
ord924
ord6883
ord4278
ord5861
ord2776
ord5600
ord1601
ord926
ord4277
ord6199
ord5683
ord668
ord2781
ord2770
ord356
ord5572
ord2915
ord2818
ord2764
ord858
ord540
ord823
ord800
ord1182
ord825
ord342
ord1253
ord1083
ord5856
ord535
ord1168

msvcrt

_except_handler3
calloc
isspace
?terminate@@YAXXZ
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
isalnum
strncpy
_errno
strchr
atoi
free
isalpha
isdigit
realloc
malloc
__CxxFrameHandler
_mbscmp
sprintf
_strupr
_strdup
_CxxThrowException

kernel32

GetLastError
lstrlenA
InterlockedDecrement
GlobalSize
DeleteFileA
lstrcpynA
CreateDirectoryA
WideCharToMultiByte
GetCommandLineA
MultiByteToWideChar
LocalFree

user32

wsprintfA
SendMessageA

ole32

GetHGlobalFromStream
CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

SysFreeString
GetErrorInfo
SysAllocString
VariantClear

wininet

InternetGetConnectedState
InternetCloseHandle
InternetOpenA
InternetOpenUrlA
HttpQueryInfoA
InternetReadFile

winmm

timeGetTime

ws2_32

WSAStartup
socket
connect
closesocket
send
htons
recv
gethostbyname

Exports

Exports

??0CBase64@@QAE@ABV0@@Z
??0CBase64@@QAE@XZ
??0CHookWeb@@QAE@ABV0@@Z
??0CHookWeb@@QAE@XZ
??0CRunPagRong@@QAE@XZ
??0CURLEncode@@QAE@ABV0@@Z
??0CURLEncode@@QAE@XZ
??0CUpdateClass@@QAE@ABV0@@Z
??0CUpdateClass@@QAE@XZ
??0MyRong@@QAE@XZ
??0Request@@QAE@ABV0@@Z
??0Request@@QAE@XZ
??1CBase64@@UAE@XZ
??1CHookWeb@@UAE@XZ
??1CRunPagRong@@UAE@XZ
??1CURLEncode@@UAE@XZ
??1CUpdateClass@@UAE@XZ
??1MyRong@@UAE@XZ
??1Request@@UAE@XZ
??4CBase64@@QAEAAV0@ABV0@@Z
??4CHookWeb@@QAEAAV0@ABV0@@Z
??4CURLEncode@@QAEAAV0@ABV0@@Z
??4CUpdateClass@@QAEAAV0@ABV0@@Z
??4Request@@QAEAAV0@ABV0@@Z
??_7CBase64@@6B@
??_7CHookWeb@@6B@
??_7CRunPagRong@@6B@
??_7CURLEncode@@6B@
??_7CUpdateClass@@6B@
??_7MyRong@@6B@
??_7Request@@6B@
?AddDirectHead@CHookWeb@@QAEXVCString@@@Z
?AddHeader@CHookWeb@@QAEXVCString@@0@Z
?CreatePath@CUpdateClass@@QAEXXZ
?DecodeBase64@CBase64@@QAEHPBDPAEH@Z
?EncodeBase64@CBase64@@QAEHPBEPADHH@Z
?ExamPtr@CRunPagRong@@QAEXAAVCPtrList@@0@Z
?ExamPtr@MyRong@@QAEXAAVCPtrList@@0_N@Z
?GetAppPath@CUpdateClass@@QAEPADXZ
?GetColWei@MyRong@@QAEHVCString@@@Z
?GetFieldName@MyRong@@QAE_NAAVCStringArray@@@Z
?GetHostAddress@Request@@AAEKPBD@Z
?GetOneRecord@CRunPagRong@@QAEPAUPageRecordST@@H@Z
?GetOneRecord@MyRong@@QAE_NHAAVCStringArray@@@Z
?GetOtherFieldName@MyRong@@QAE_NAAVCStringArray@@@Z
?GetOutCount@CRunPagRong@@QAEJXZ
?GetPicture@Request@@QAE_NVCString@@000@Z
?GetRecordCount@MyRong@@QAEJAA_N@Z
?GetResult@MyRong@@QAEPAUReturnRecord@@_N@Z
?GetUpdateFile@CUpdateClass@@QAE_NVCString@@0AAVCStringArray@@1@Z
?GetUrl@CHookWeb@@QAE_NAAVCString@@0@Z
?GetWebPC@CHookWeb@@QAE_NVCString@@000@Z
?HaveNewVer@CUpdateClass@@QAE_NVCString@@0@Z
?IsDataSet2@MyRong@@QAE_NAAVCPtrList@@AAH_NAAVCStringArray@@@Z
?IsDataSet@MyRong@@QAE_NAAVCPtrList@@AAH_N@Z
?MemBufferAddBuffer@Request@@AAEXPAUMemBuffer@@PAEI@Z
?MemBufferAddByte@Request@@AAEXPAUMemBuffer@@E@Z
?MemBufferCreate@Request@@AAEXPAUMemBuffer@@@Z
?MemBufferGrow@Request@@AAEXPAUMemBuffer@@@Z
?Open@CHookWeb@@QAEXVCString@@@Z
?ParseURL@Request@@AAEXPBDPADH1H1HPAH@Z
?PostUpdate@CUpdateClass@@QAE_NVCString@@0PAVCProgressCtrl@@PAVCStatic@@PAVCListBox@@PAVCStringArray@@4@Z
?PostUrl@CHookWeb@@QAE_NVCString@@AAV2@1@Z
?PostUrlEx@CHookWeb@@QAE_NVCString@@AAV2@1@Z
?RemoveOut@CRunPagRong@@QAEXAAVCPtrList@@@Z
?RemoveOut@MyRong@@QAEXH@Z
?RemovePtr@CRunPagRong@@QAEXAAVCPtrList@@@Z
?RemovePtr@MyRong@@QAEXAAVCPtrList@@@Z
?RunForm@CRunPagRong@@QAE_NVCString@@0AAV2@1@Z
?RunFunc@MyRong@@QAE_NVCString@@000@Z
?RunGetUrl@CRunPagRong@@QAE_NVCString@@AAV2@1@Z
?RunPage@CRunPagRong@@QAE_NVCString@@0@Z
?SendHTTP2@Request@@AAEH_NPBD1PAEKPAUHTTPRequest@@@Z
?SendHTTP@Request@@AAEHPBD0PAEKPAUHTTPRequest@@@Z
?SendHTTPPC@Request@@QAEHPBD0VCString@@PAUHTTPRequest@@@Z
?SendRequest2@Request@@QAE_N_NPBDAAVCString@@22@Z
?SendRequest@Request@@QAE_N_NPBDAAVCString@@22@Z
?SendString@Request@@AAEXIPBD@Z
?SetPathName@CUpdateClass@@QAEXVCString@@@Z
?URLEncode@CURLEncode@@QAE_NVCString@@AAV2@@Z
?UTF8_Encode@CURLEncode@@QAE?AVCString@@PAD@Z
?ValidHostChar@Request@@AAEHD@Z
?toHex@CURLEncode@@AAEEABE@Z
FreeWeb
GetNewFile
GetPostOneRecord
GetPostOtherResult
GetPostResult
GetReturnCount
HaveNew
RunService

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
巧手即时通讯/XVCClientEngine.dll
.dll windows:4 windows x86 arch:x86

64802c561a24ea0b10186ee8a1f8e389

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

xvcclientrownet

CloseNet
GetOneNet
SendToNet

baseobject

??4XVarArray@@QAEAAV0@AAV0@@Z
?PackRunFunc@CBasePack@@QAEHPAEAAHPAD2_N2AAVXVarArray@@@Z
?WriteStr@XVarArray@@QAEXPAD@Z
?PackSetXEvent@CBasePack@@QAEHPAEAAHPAD2_N2@Z
??1CBasePack@@UAE@XZ
?DisPlay@XVarArray@@QAEXXZ
?Copy@XVarArray@@QAEXAAV1@@Z
?SetOrderElementPos@XVarArray@@QAE_NH@Z
?ReadInt@XVarArray@@QAE_NAAH@Z
?ReadStr@XVarArray@@QAE_NPADAAH@Z
?SetRealPos@XVarArray@@QAEXH@Z
??1XVarArray@@UAE@XZ
?UnPack@CBasePack@@QAE_NAAU_BASE_COM_HEAD@@AAV?$CArray@VXVarArray@@AAV1@@@AA_N@Z
?AddBuffer@CBasePack@@QAE_NPAEH@Z
??0XVarArray@@QAE@XZ
?WaitFor@CBasePack@@QAEXH@Z
?PackGetOneApp@CBasePack@@QAEHPAEAAHPAD@Z
?PackGetOneShareObject@CBasePack@@QAEHPAEAAHPAD2_N@Z
??0XVarArray@@QAE@AAV0@@Z
??0CBasePack@@QAE@XZ

mfc42

ord773
ord1105
ord501
ord5621
ord1083
ord541
ord801
ord5861
ord800
ord2818
ord540
ord6394
ord1253
ord342
ord1182
ord5450
ord6383
ord5440
ord3663
ord823
ord825
ord1187
ord1168

msvcrt

_adjust_fdiv
malloc
_initterm
free
?terminate@@YAXXZ
_except_handler3
_mbscmp
memmove
sprintf
__CxxFrameHandler

kernel32

LeaveCriticalSection
ResetEvent
EnterCriticalSection
GlobalFree
SetEvent
WaitForMultipleObjects
GetTickCount
Sleep
InitializeCriticalSection
CreateEventA
GlobalAlloc

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

Exports

Exports

??0CBasePack@@QAE@ABV0@@Z
??0XClientNetCtrl@@QAE@ABV0@@Z
??0XClientNetCtrl@@QAE@XZ
??0XClientOneNet@@QAE@XZ
??0XClientShareObject@@QAE@XZ
??0XRunShareObjectBase@@QAE@ABV0@@Z
??0XRunShareObjectBase@@QAE@XZ
??1XClientNetCtrl@@UAE@XZ
??1XClientOneNet@@UAE@XZ
??1XClientShareObject@@UAE@XZ
??1XRunShareObjectBase@@UAE@XZ
??4CBasePack@@QAEAAV0@ABV0@@Z
??4XClientNetCtrl@@QAEAAV0@ABV0@@Z
??4XRunShareObjectBase@@QAEAAV0@ABV0@@Z
??_7CBasePack@@6B@
??_7XClientNetCtrl@@6B@
??_7XClientOneNet@@6B@
??_7XClientShareObject@@6B@
??_7XRunShareObjectBase@@6B@
?ActOneFunc@XClientShareObject@@QAE_NPADAAVXVarArray@@PAV2@@Z
?AddListenEvent@XClientShareObject@@QAEXPAD@Z
?AddOneEventOut@XClientOneNet@@QAEXPAURunBaseST@@PAVXClientShareObject@@PADAAVXVarArray@@@Z
?AddOneFunResult@XClientOneNet@@QAEXPAURunBaseST@@PAVXClientShareObject@@PADAAVXVarArray@@@Z
?AddOneNet@XClientNetCtrl@@QAEXPAXPADPAVXClientOneNet@@@Z
?AppAdd@XClientShareObject@@QAEXPAXPADK@Z
?AttachXNetEvent@XClientShareObject@@QAEXPADKP8XRunShareObjectBase@@AEXPAV1@0AAVXVarArray@@K@Z@Z
?AttachXNetFuncReult@XClientShareObject@@QAEXPADKP8XRunShareObjectBase@@AEXPAV1@0AAVXVarArray@@K@Z@Z
?CallShareObjectFunc@XClientNetCtrl@@QAE_NPAVXClientShareObject@@PADAAVXVarArray@@PAV3@@Z
?Clear@XClientOneNet@@QAEXXZ
?ClearEventOut@XClientOneNet@@QAEXXZ
?ClearFunResult@XClientOneNet@@QAEXXZ
?CloseOneNet@XClientNetCtrl@@QAEXPAD@Z
?EventOutFunc@XClientShareObject@@QAE_NPADAAVXVarArray@@@Z
?EventOutFuncBAK@XClientShareObject@@QAE_NPADAAVXVarArray@@@Z
?EventOutThread@XClientOneNet@@SAIPAX@Z
?FindOneShareObject@XClientOneNet@@QAEPAVXClientShareObject@@PAD_N@Z
?FunResultThread@XClientOneNet@@SAIPAX@Z
?GetOneAppNet@XClientNetCtrl@@QAE_NPADI0P8XRunShareObjectBase@@AEXPAVXClientShareObject@@0AAVXVarArray@@K@ZK@Z
?GetOneNetShareObject@XClientNetCtrl@@QAEPAVXClientShareObject@@PAD0_N@Z
?GetOneShareObject@XClientOneNet@@QAEPAVXClientShareObject@@PAD_N@Z
?OutFuncResult@XClientShareObject@@QAE_NPADAAVXVarArray@@@Z
?OutFuncResultBAK@XClientShareObject@@QAE_NPADAAVXVarArray@@@Z
?RunEventOut@XClientOneNet@@QAEXXZ
?RunFunResult@XClientOneNet@@QAEXXZ
?RunOutFunc@XClientShareObject@@QAE_NPAD@Z
?SetNetEventFunc@XClientShareObject@@QAEXP6GXPAV1@PADPAXAAVXVarArray@@K@Z@Z

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
巧手即时通讯/XVCClientRowNet.dll
.dll windows:4 windows x86 arch:x86

4a6262b58583b53c422fd1cfb8380287

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord342
ord1182
ord823
ord1168
ord1253
ord825

msvcrt

_adjust_fdiv
_initterm
free
malloc
__CxxFrameHandler

kernel32

Sleep
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
CreateThread
DeleteCriticalSection

ws2_32

WSACreateEvent
WSACloseEvent
WSAGetOverlappedResult
WSAResetEvent
WSAStartup
WSAWaitForMultipleEvents
WSAGetLastError
WSASend
WSARecv
WSAEnumNetworkEvents
WSAEventSelect
closesocket
connect
inet_addr
htons
WSASocketA
shutdown
WSAIoctl
setsockopt

Exports

Exports

CloseNet
GetOneNet
SendToNet

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
巧手即时通讯/YaShu.dll
.dll windows:4 windows x86 arch:x86

6993b1adb2043b500e9b4abd574a8b58

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord1253
ord342
ord823
ord1182
ord825
ord1187
ord1168

msvcrt

__CxxFrameHandler
free
_initterm
malloc
_adjust_fdiv

Exports

Exports

UnYaData
YaData

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
巧手即时通讯/recvpic/Thumbs.db
巧手即时通讯/sound/down.wav
巧手即时通讯/sound/folder.wav
巧手即时通讯/sound/global.wav
巧手即时通讯/sound/msg.wav
巧手即时通讯/sound/system.wav

Sharing

General

Malware Config

Signatures

Files

c9afd081a2986e6fbf42b3665997223f

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

msvfw32

avicap32

winmm

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 20KB - Virtual size: 38KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 2KB

91a8434b64e8510f66d816a3423ddf0c

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

oleaut32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 228B

.rsrc Size: 4KB - Virtual size: 896B

.reloc Size: 4KB - Virtual size: 636B

71020c7f4cacbcc4b0ea56a44b7d5a15

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 10KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 84B

.rsrc Size: 4KB - Virtual size: 864B

.reloc Size: 4KB - Virtual size: 724B

81b221e27015a8d44d66a10d9c3a4e3c

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

ws2_32

cudp

avmode

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 344B

.rsrc Size: 4KB - Virtual size: 848B

.reloc Size: 4KB - Virtual size: 444B

62debf660fd9de7535c494942bcf80a2

Headers

File Characteristics

Imports

mfc42

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 20KB - Virtual size: 38KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 2KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 228B

.rsrc
Size: 4KB - Virtual size: 896B

.reloc
Size: 4KB - Virtual size: 636B

.text
Size: 12KB - Virtual size: 10KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 84B

.rsrc
Size: 4KB - Virtual size: 864B

.reloc
Size: 4KB - Virtual size: 724B

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 344B

.rsrc
Size: 4KB - Virtual size: 848B

.reloc
Size: 4KB - Virtual size: 444B

.text
Size: 4KB - Virtual size: 2KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 84B

.rsrc
Size: 4KB - Virtual size: 816B

.reloc
Size: 4KB - Virtual size: 284B

.text
Size: 12KB - Virtual size: 8KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 428B

.rsrc
Size: 76KB - Virtual size: 75KB

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 276KB - Virtual size: 272KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 4KB - Virtual size: 2KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 100B

.rsrc
Size: 4KB - Virtual size: 816B

.reloc
Size: 4KB - Virtual size: 272B