8ab81e9c89532397e28088a28919b1ec_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8ab81e9c89532397e28088a28919b1ec_JaffaCakes118
Size

1.4MB
MD5

8ab81e9c89532397e28088a28919b1ec
SHA1

a2720b6ce62e92fd1ba951a789ed353b38addbe9
SHA256

821e3443e3fb8610d9f7f571ac7701eb8dcf04e442d566cc05cf1054499837fe
SHA512

d38e3f16196a0e9c67b065d52855da258ea78c8cd4894f28f34b053d65b06523f38930ea0200e23e2f6fd83881419f4cc49c4b0b261d3b4bd40032acbc62a0da
SSDEEP

24576:ih1i7otqqBRpKjFXIYX7OItKkqISZKJvk9dXjKmoInXjlzsrxmcGOiYgWzgmPXmJ:ihHpRpK5XIYLOlkqkNEXOmoInxQrxmjD

Score

3^/10

Malware Config

Signatures

Unsigned PE 20 IoCs

Checks for missing Authenticode signature.

resource
unpack001/alasend/AlsChsRes.dll
unpack001/alasend/CharAid.dat
unpack001/alasend/GameDLL/BB12.dll
unpack001/alasend/GameDLL/BB13.dll
unpack001/alasend/GameDLL/GameLoadin.dll
unpack001/alasend/GameDLL/bd24.dll
unpack001/alasend/GameDLL/bd33.dll
unpack001/alasend/GameDLL/bd71.dll
unpack001/alasend/GameDLL/bd72.dll
unpack001/alasend/GameDLL/bd73.dll
unpack001/alasend/GameDLL/bd74.dll
unpack001/alasend/GameDLL/bd75.dll
unpack001/alasend/GameDLL/bd76.dll
unpack001/alasend/NtSvc.dll
unpack001/alasend/PKUtil.dll
unpack001/alasend/PsdMAid.dll
unpack001/alasend/alasend.exe
unpack001/alasend/alsUpdate.exe
unpack001/alasend/mfc42.dll
unpack001/alasend/msvcrt.dll

Files

8ab81e9c89532397e28088a28919b1ec_JaffaCakes118
.rar
alasend/AlsChsRes.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 852KB - Virtual size: 851KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
alasend/CharAid.dat
.sys windows:5 windows x86 arch:x86

15785d0af51754f90d2d50ed4b7b28c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
DbgPrint
IofCompleteRequest
IoDeleteSymbolicLink
IoDeleteDevice

Sections

.text
Size: 992B - Virtual size: 988B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 256B - Virtual size: 228B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 96B - Virtual size: 78B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
alasend/Config.ini
alasend/GameCtrlData/BB14.gfg
alasend/GameCtrlData/BD24.gfg
alasend/GameCtrlData/BD71.gfg
alasend/GameCtrlData/BD72.gfg
alasend/GameCtrlData/BD75.gfg
alasend/GameCtrlData/BD76.gfg
alasend/GameCtrlData/BE02.gfg
alasend/GameCtrlData/BE03.gfg
alasend/GameCtrlData/BE04.gfg
alasend/GameCtrlData/BE06.gfg
alasend/GameCtrlData/BE07.gfg
alasend/GameCtrlData/BE10.gfg
alasend/GameCtrlData/BE16.gfg
alasend/GameCtrlData/BE22.gfg
alasend/GameCtrlData/BE27.gfg
alasend/GameCtrlData/BE32.gfg
alasend/GameCtrlData/BE33.gfg
alasend/GameCtrlData/BE37.gfg
alasend/GameCtrlData/BE43.gfg
alasend/GameCtrlData/BE45.gfg
alasend/GameCtrlData/BE46.gfg
alasend/GameCtrlData/BE48.gfg
alasend/GameCtrlData/BE52.gfg
alasend/GameCtrlData/BE53.gfg
alasend/GameCtrlData/BE54.gfg
alasend/GameCtrlData/BE56.gfg
alasend/GameCtrlData/BE57.gfg
alasend/GameCtrlData/BE59.gfg
alasend/GameCtrlData/BE60.gfg
alasend/GameCtrlData/BE61.gfg
alasend/GameCtrlData/BE65.gfg
alasend/GameCtrlData/BE71.gfg
alasend/GameCtrlData/BE74.gfg
alasend/GameCtrlData/BE85.gfg
alasend/GameCtrlData/BE90.gfg
alasend/GameCtrlData/BF02.gfg
alasend/GameCtrlData/BF10.gfg
alasend/GameCtrlData/BF12.gfg
alasend/GameCtrlData/BF16.gfg
alasend/GameCtrlData/BF17.gfg
alasend/GameCtrlData/BF25.gfg
alasend/GameCtrlData/BF30.gfg
alasend/GameCtrlData/BF35.gfg
alasend/GameCtrlData/BF42.gfg
alasend/GameCtrlData/BF43.gfg
alasend/GameCtrlData/BF45.gfg
alasend/GameCtrlData/BF47.gfg
alasend/GameCtrlData/BF49.gfg
alasend/GameCtrlData/BF51.gfg
alasend/GameCtrlData/BF53.gfg
alasend/GameCtrlData/BF55.gfg
alasend/GameCtrlData/BF58.gfg
alasend/GameCtrlData/BF60.gfg
alasend/GameCtrlData/BF62.gfg
alasend/GameCtrlData/BF64.gfg
alasend/GameCtrlData/BF66.gfg
alasend/GameCtrlData/BF68.gfg
alasend/GameCtrlData/BF70.gfg
alasend/GameCtrlData/BF72.gfg
alasend/GameCtrlData/bb15.gfg
alasend/GameDLL/BB12.dll
.dll windows:4 windows x86 arch:x86

7614e53d6cdbbcdfa8b995be4356642e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord537
ord825
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3259
ord2818
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord823
ord3953
ord860
ord1116
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord826
ord269
ord1577
ord540
ord858
ord535
ord800
ord4465
ord1168
ord1575
ord1176
ord3147

msvcrt

_adjust_fdiv
malloc
_initterm
free
__CxxFrameHandler
strrchr
_mbscmp
__dllonexit
_onexit
??1type_info@@UAE@XZ

kernel32

LocalFree
CloseHandle
GetModuleHandleA
GetLastError
CreateFileA
Sleep
GetVersionExA
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
LocalAlloc

user32

IsWindowVisible
PtInRect
GetWindow
GetParent
GetWindowRect
GetWindowTextA
GetClassNameA
SendMessageA
ClientToScreen
SetCursorPos
ClipCursor
mouse_event
VkKeyScanA
MapVirtualKeyA
GetKeyboardState
keybd_event
ScreenToClient
ChildWindowFromPointEx
WindowFromPoint

advapi32

CloseServiceHandle
OpenSCManagerA
DeleteService
OpenServiceA
ControlService
StartServiceA
CreateServiceA

Exports

Exports

GM_StartLoadIn

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
alasend/GameDLL/BB13.dll
.dll windows:4 windows x86 arch:x86

94ab426d1aa4af6b8657df57b6027150

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord537
ord825
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord823
ord3953
ord860
ord1116
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord826
ord269
ord2818
ord6927
ord6929
ord540
ord858
ord535
ord800
ord1577
ord1168
ord1575
ord1176
ord3259
ord2764

msvcrt

__dllonexit
??1type_info@@UAE@XZ
_adjust_fdiv
malloc
__CxxFrameHandler
strrchr
_mbscmp
_onexit
free
_initterm

kernel32

LocalFree
CloseHandle
GetModuleHandleA
GetLastError
CreateFileA
Sleep
GetVersionExA
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
LocalAlloc

user32

GetParent
GetWindowRect
PtInRect
IsWindowVisible
WindowFromPoint
ChildWindowFromPointEx
ScreenToClient
GetWindowTextA
ShowWindow
SendMessageA
ClientToScreen
SetCursorPos
ClipCursor
mouse_event
VkKeyScanA
MapVirtualKeyA
GetKeyboardState
keybd_event
GetWindow
GetClassNameA

advapi32

CloseServiceHandle
OpenSCManagerA
DeleteService
OpenServiceA
ControlService
StartServiceA
CreateServiceA

Exports

Exports

GM_StartLoadIn

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
alasend/GameDLL/GameLoadin.dll
.dll windows:4 windows x86 arch:x86

46ba5c6441da147ce694af1dde2af8c5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord5186
ord354
ord535
ord858
ord4129
ord5683
ord5572
ord2915
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord6571
ord3831
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord3953
ord2818
ord537
ord1116
ord860
ord603
ord273
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord826
ord269
ord1871
ord823
ord1577
ord665
ord882
ord6394
ord2801
ord6383
ord2740
ord879
ord5450
ord5440
ord800
ord825
ord540
ord3663
ord3825
ord1168
ord1575
ord1176
ord3830

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
malloc
__CxxFrameHandler
strrchr
__dllonexit
_onexit
free
_initterm

kernel32

LocalFree
CloseHandle
GetModuleHandleA
GetLastError
CreateFileA
Sleep
GetVersionExA
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
LocalAlloc

user32

GetWindowRect
GetSystemMetrics
SetWindowPos
GetCursorPos
ClientToScreen
SetCursorPos
GetClientRect
mouse_event
ClipCursor
VkKeyScanA
MapVirtualKeyA
GetKeyboardState
keybd_event
ScreenToClient
PtInRect

advapi32

CloseServiceHandle
OpenSCManagerA
DeleteService
OpenServiceA
ControlService
StartServiceA
CreateServiceA

Exports

Exports

GM_StartLoadIn

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
alasend/GameDLL/bd24.dll
.dll windows:4 windows x86 arch:x86

3b44edf5aeef95c74d22c8a9d0f97d15

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pkutil

ord6
ord10
ord8

mfc42

ord537
ord825
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord1979
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord823
ord3953
ord860
ord548
ord1116
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord826
ord269
ord665
ord1182
ord1577
ord540
ord858
ord800
ord5442
ord354
ord5186
ord4465
ord1168
ord1575
ord1176
ord3259
ord3789

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
__CxxFrameHandler
_mbsrchr
__dllonexit
_onexit
free

kernel32

LocalFree
lstrcmpA
Sleep
GetModuleFileNameA
lstrcatA
LocalAlloc

user32

PtInRect
GetClientRect
ClientToScreen
GetCursorPos
ClipCursor
SetCursorPos
PostMessageA
mouse_event
SendMessageA

Exports

Exports

GM_StartLoadIn

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
alasend/GameDLL/bd33.dll
.dll windows:4 windows x86 arch:x86

59c6254e320b4368a3bb9f72753c3b3d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

imm32

ImmReleaseContext
ImmGetContext
ImmSetOpenStatus

mfc42

ord825
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5714
ord3953
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord6467
ord537
ord2818
ord924
ord3811
ord2820
ord540
ord2915
ord5572
ord269
ord826
ord600
ord1578
ord1255
ord1253
ord5683
ord4129
ord858
ord535
ord800
ord1577
ord1168
ord1575
ord1176
ord5289
ord1182
ord342
ord1243
ord1197
ord1570
ord1116

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
??2@YAPAXI@Z
strrchr
fopen
fputs
fclose
__CxxFrameHandler

kernel32

LoadLibraryA
GetModuleHandleA
FreeLibrary
GetVersionExA
Sleep
CreateFileA
GetModuleFileNameA
GetLastError
CloseHandle
lstrcmpA
LocalFree
LocalAlloc
GetProcAddress

user32

ClientToScreen
GetWindowDC
ReleaseDC
GetCursorPos
SetCursorPos
mouse_event
ClipCursor
CallNextHookEx
GetWindowThreadProcessId
VkKeyScanA
MapVirtualKeyA
GetKeyboardState
keybd_event
GetWindow
PtInRect
SetWindowsHookExA
PostThreadMessageA
SetForegroundWindow
GetClassNameA
UnhookWindowsHookEx

gdi32

GetPixel

advapi32

DeleteService
CloseServiceHandle
CreateServiceA
OpenSCManagerA
OpenServiceA
ControlService
StartServiceA

Exports

Exports

GM_StartLoadIn

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
alasend/GameDLL/bd71.dll
.dll windows:4 windows x86 arch:x86

a5458a6740d135dbdba6d9133c5ae35c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord537
ord825
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord3953
ord2982
ord2818
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord6467
ord1116
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord924
ord3811
ord1577
ord1168
ord2820
ord540
ord2915
ord5572
ord5683
ord4129
ord858
ord535
ord800
ord3147
ord1575
ord1176
ord5714

msvcrt

strrchr
??1type_info@@UAE@XZ
_adjust_fdiv
malloc
__CxxFrameHandler
fclose
fputs
fopen
??2@YAPAXI@Z
__dllonexit
_onexit
free
_initterm

kernel32

CloseHandle
GetModuleHandleA
GetLastError
CreateFileA
Sleep
GetVersionExA
GetProcAddress
FreeLibrary
GetModuleFileNameA
LocalFree
LocalAlloc
LoadLibraryA

user32

PtInRect
GetSystemMetrics
ClientToScreen
GetCursorPos
wsprintfA
ClipCursor
SetCursorPos
VkKeyScanA
MapVirtualKeyA
GetKeyboardState
keybd_event
ScreenToClient

advapi32

CloseServiceHandle
OpenSCManagerA
DeleteService
OpenServiceA
ControlService
StartServiceA
CreateServiceA

Exports

Exports

GM_StartLoadIn

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
alasend/GameDLL/bd72.dll
.dll windows:4 windows x86 arch:x86

0edeb27e7a877d1eccdb76098c9579d2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord537
ord825
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord3953
ord2982
ord2818
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord6467
ord1116
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord924
ord3811
ord1577
ord1168
ord2820
ord540
ord2915
ord5572
ord5683
ord4129
ord858
ord535
ord800
ord3147
ord1575
ord1176
ord5714

msvcrt

strrchr
??1type_info@@UAE@XZ
_adjust_fdiv
malloc
__CxxFrameHandler
fclose
fputs
fopen
??2@YAPAXI@Z
__dllonexit
_onexit
free
_initterm

kernel32

CloseHandle
GetModuleHandleA
GetLastError
CreateFileA
Sleep
GetVersionExA
GetProcAddress
FreeLibrary
GetModuleFileNameA
LocalFree
LocalAlloc
LoadLibraryA

user32

PtInRect
GetSystemMetrics
SetWindowPos
ClientToScreen
GetCursorPos
ClipCursor
SetCursorPos
wsprintfA
VkKeyScanA
MapVirtualKeyA
GetKeyboardState
keybd_event
ScreenToClient
GetWindowRect

advapi32

CloseServiceHandle
OpenSCManagerA
DeleteService
OpenServiceA
ControlService
StartServiceA
CreateServiceA

Exports

Exports

GM_StartLoadIn

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
alasend/GameDLL/bd73.dll
.dll windows:4 windows x86 arch:x86

bf4f502f5590d68577ce0d08d93e2917

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord537
ord825
ord860
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2818
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord823
ord1116
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord826
ord269
ord924
ord3811
ord2820
ord540
ord2915
ord5572
ord5683
ord4129
ord858
ord535
ord800
ord3147
ord1577
ord1168
ord1575
ord1176
ord2982
ord3953

msvcrt

_adjust_fdiv
malloc
_initterm
free
__CxxFrameHandler
fclose
fputs
fopen
strrchr
__dllonexit
_onexit
??1type_info@@UAE@XZ

kernel32

LocalFree
CloseHandle
GetModuleHandleA
GetLastError
CreateFileA
Sleep
GetVersionExA
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
LocalAlloc

user32

PtInRect
GetCursorPos
ClientToScreen
SetCursorPos
ClipCursor
GetClientRect
GetSystemMetrics
VkKeyScanA
MapVirtualKeyA
GetKeyboardState
keybd_event
ScreenToClient

advapi32

CloseServiceHandle
OpenSCManagerA
DeleteService
OpenServiceA
ControlService
StartServiceA
CreateServiceA

Exports

Exports

GM_StartLoadIn

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
alasend/GameDLL/bd74.dll
.dll windows:4 windows x86 arch:x86

6c3bd44a3adf00d160018f12d6552820

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord825
ord860
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord1116
ord4234
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord826
ord269
ord540
ord858
ord800
ord3953
ord1577
ord1168
ord1575
ord1176
ord823

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
malloc
__CxxFrameHandler
__dllonexit
_onexit
free
_initterm

kernel32

LocalFree
Sleep
LocalAlloc

user32

PtInRect
GetCursorPos
GetClientRect
SendMessageA
ClipCursor
ClientToScreen
SetCursorPos
mouse_event

Exports

Exports

GM_StartLoadIn

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
alasend/GameDLL/bd75.dll
.dll windows:4 windows x86 arch:x86

912001579ec0a92f46ab038d24f554e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord537
ord825
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord3953
ord2982
ord2818
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord6467
ord1116
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord924
ord3811
ord1577
ord1168
ord2820
ord540
ord2915
ord5572
ord5683
ord4129
ord858
ord535
ord800
ord3147
ord1575
ord1176
ord5714

msvcrt

strrchr
??1type_info@@UAE@XZ
_adjust_fdiv
malloc
__CxxFrameHandler
fclose
fputs
fopen
??2@YAPAXI@Z
__dllonexit
_onexit
free
_initterm

kernel32

CloseHandle
GetModuleHandleA
GetLastError
CreateFileA
Sleep
GetVersionExA
GetProcAddress
FreeLibrary
GetModuleFileNameA
LocalFree
LocalAlloc
LoadLibraryA

user32

PtInRect
SetForegroundWindow
GetSystemMetrics
ClientToScreen
GetCursorPos
ClipCursor
SetCursorPos
wsprintfA
VkKeyScanA
MapVirtualKeyA
GetKeyboardState
keybd_event
ScreenToClient

advapi32

CloseServiceHandle
OpenSCManagerA
DeleteService
OpenServiceA
ControlService
StartServiceA
CreateServiceA

Exports

Exports

GM_StartLoadIn

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
alasend/GameDLL/bd76.dll
.dll windows:4 windows x86 arch:x86

d00a303a96e5e82742cc986b600878ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord537
ord825
ord610
ord5857
ord287
ord860
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2818
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord823
ord1116
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord826
ord269
ord540
ord858
ord535
ord800
ord3147
ord1577
ord1168
ord1575
ord1176
ord2982
ord3953

msvcrt

_adjust_fdiv
malloc
_initterm
free
__CxxFrameHandler
strrchr
__dllonexit
_onexit
??1type_info@@UAE@XZ

kernel32

LocalFree
CloseHandle
GetModuleHandleA
GetLastError
CreateFileA
Sleep
GetVersionExA
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
LocalAlloc

user32

PtInRect
ClientToScreen
GetCursorPos
SetCursorPos
ClipCursor
GetClientRect
SetRect
VkKeyScanA
MapVirtualKeyA
GetKeyboardState
keybd_event
ScreenToClient

advapi32

CloseServiceHandle
OpenSCManagerA
DeleteService
OpenServiceA
ControlService
StartServiceA
CreateServiceA

Exports

Exports

GM_StartLoadIn

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
alasend/ICO/108.ico
alasend/ICO/CrossFire.ico
alasend/ICO/DNF.ico
alasend/ICO/Gw.ico
alasend/ICO/KartRider.ico
alasend/ICO/LaTaleClient.ico
alasend/ICO/LineageII.ico
alasend/ICO/MapleStory.ico
alasend/ICO/Mir.ico
alasend/ICO/QQR2.ico
alasend/ICO/SUN.ico
alasend/ICO/Silkroad.ico
alasend/ICO/Skype.ico
alasend/ICO/Thumbs.db
alasend/ICO/Warhammer.ico
alasend/ICO/bfyx.ico
alasend/ICO/camelot.ico
alasend/ICO/cibi.ico
alasend/ICO/cqqz.ico
alasend/ICO/dndlauncher.ico
alasend/ICO/eve.ico
alasend/ICO/fetion.ico
alasend/ICO/glworld.ico
alasend/ICO/hf.ico
alasend/ICO/hfdj.ico
alasend/ICO/hx01.ico
alasend/ICO/hx2.ico
alasend/ICO/hxmf.ico
alasend/ICO/ie.ico
alasend/ICO/jxsj.ico
alasend/ICO/kdxy.ico
alasend/ICO/mj.ico
alasend/ICO/msnmsgr.ico
alasend/ICO/msnmsgr8.ico
alasend/ICO/msnmsgr9.ico
alasend/ICO/my.ico
alasend/ICO/nmh.ico
alasend/ICO/popo.ico
alasend/ICO/qq.ico
alasend/ICO/qqgame.ico
alasend/ICO/qqhx.ico
alasend/ICO/qqxw.ico
alasend/ICO/rf.ico
alasend/ICO/runescape.ico
alasend/ICO/rxjh.ico
alasend/ICO/sq.ico
alasend/ICO/thx.ico
alasend/ICO/tlbb.ico
alasend/ICO/wangwang.ico
alasend/ICO/wendao.ico
alasend/ICO/wlwc.ico
alasend/ICO/wmgj.ico
alasend/ICO/woool.ico
alasend/ICO/wow.ico
alasend/ICO/wowcn.ico
alasend/ICO/xy3launch.ico
alasend/ICO/yahoo.ico
alasend/ICO/zhengtu.ico
alasend/ICO/zhuxian.ico
alasend/ICO/zx.ico
alasend/ICO/华夏online.ico
alasend/Info/index.mht
.eml
email-html-1.txt
.html
alasend/Info1/images/ShowLogo.bmp
alasend/Info1/images/Thumbs.db
alasend/Info1/images/ala.jpg
.jpg
alasend/Info1/images/ban_but.gif
alasend/Info1/index.htm
.html
alasend/License.txt
alasend/NtSvc.dll
.dll windows:4 windows x86 arch:x86

a084ce651c669a60197199600a036f5d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pkutil

ord6
ord7

mfc42

ord6672
ord3810
ord548
ord3790
ord5186
ord354
ord1567
ord791
ord792
ord603
ord5440
ord2740
ord6383
ord2801
ord273
ord524
ord2029
ord2077
ord523
ord268
ord6467
ord5462
ord6404
ord880
ord887
ord2919
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord6385
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord1116
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord3953
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord1979
ord6153
ord665
ord1575
ord1176
ord5302
ord3259
ord269
ord826

msvcrt

_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
??1type_info@@UAE@XZ
??2@YAPAXI@Z
__CxxFrameHandler
_mbsrchr

kernel32

LocalFree
lstrlenA
GetModuleFileNameA
lstrcatA
lstrcpyA
LocalAlloc

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
alasend/PKUtil.dll
.dll windows:4 windows x86 arch:x86

8868a758ae65ac58ef5e9c7f599940a8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetLastError
lstrlenA
GetDriveTypeA
lstrcatA
GetModuleHandleA
GetModuleFileNameA
GetVersionExA
CreateFileA
CloseHandle
DeviceIoControl
FlushFileBuffers
SetStdHandle
LoadLibraryA
GetProcAddress
HeapFree
HeapAlloc
RtlUnwind
GetCommandLineA
GetVersion
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
SetFilePointer
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

wsprintfA

advapi32

CryptDeriveKey
CryptEncrypt
CryptDestroyKey
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
CryptDecrypt

iphlpapi

GetAdaptersInfo

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceInstanceIdA
SetupDiDestroyDeviceInfoList

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
alasend/PsdMAid.dll
.dll windows:4 windows x86 arch:x86

698cec8399b166a5f28f82b3aedcbf63

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord1182
ord823
ord342
ord1253
ord1168

msvcrt

free
_initterm
malloc
_adjust_fdiv
_stricmp

kernel32

GetProcAddress
LoadLibraryA
FreeLibrary

user32

GetWindowThreadProcessId
GetWindowTextA
PostMessageA
GetAsyncKeyState
CallNextHookEx
ActivateKeyboardLayout
LoadKeyboardLayoutA
PostThreadMessageA
SendMessageA

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 438B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
alasend/Skin/Buttons.bmp
alasend/Skin/Checkbox.bmp
alasend/Skin/DlgTitle.bmp
alasend/Skin/ExButtonLeft.BMP
alasend/Skin/ExButtonRight.BMP
alasend/Skin/Radio.bmp
alasend/Skin/ShowLogo.bmp
alasend/Skin/Thumbs.db
alasend/Skin/bottom.bmp
alasend/Skin/close.bmp
alasend/Skin/left.bmp
alasend/Skin/max.bmp
alasend/Skin/min.bmp
alasend/Skin/restore.bmp
alasend/Skin/right.bmp
alasend/Skin/theme.ini
alasend/Skin/top.bmp
alasend/alasend.exe
.exe windows:4 windows x86 arch:x86

7f3b72e80543d1cdddade8a73d03165f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

pkutil

ord7
ord10
ord6
ord13
ord5
ord4
ord8
ord12

psapi

EnumProcessModules
GetModuleFileNameExA

oleacc

ObjectFromLresult

mfc42

ord3880
ord3425
ord3054
ord3227
ord3408
ord3810
ord703
ord403
ord6779
ord939
ord6930
ord539
ord5710
ord4278
ord4129
ord4204
ord2614
ord1601
ord861
ord2301
ord6197
ord6380
ord2864
ord4123
ord665
ord1979
ord5186
ord354
ord5442
ord5683
ord668
ord3181
ord4058
ord2781
ord2770
ord356
ord4202
ord4277
ord6883
ord6662
ord6143
ord465
ord6663
ord6929
ord6927
ord1929
ord3619
ord795
ord1641
ord4275
ord3573
ord3693
ord755
ord5678
ord4133
ord5788
ord4297
ord6172
ord3873
ord3876
ord5875
ord6021
ord5736
ord470
ord3089
ord3797
ord4284
ord1799
ord4622
ord614
ord2623
ord290
ord4226
ord2486
ord4003
ord6877
ord2086
ord1114
ord1113
ord3258
ord3610
ord656
ord2289
ord6905
ord6007
ord6907
ord3998
ord3996
ord2639
ord3286
ord5856
ord6283
ord6282
ord1842
ord4242
ord2723
ord2390
ord3059
ord5100
ord5103
ord4303
ord3350
ord5012
ord5472
ord3403
ord2879
ord2878
ord4077
ord5237
ord2649
ord1665
ord4436
ord4427
ord3571
ord5823
ord3664
ord674
ord366
ord715
ord4163
ord2120
ord6000
ord6624
ord1768
ord4457
ord5252
ord1233
ord4151
ord2652
ord1669
ord5605
ord2761
ord5981
ord975
ord699
ord1081
ord397
ord5597
ord603
ord1969
ord273
ord4499
ord4413
ord5282
ord3481
ord3916
ord2252
ord5910
ord2975
ord6120
ord3566
ord5030
ord4337
ord3318
ord415
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5714
ord3738
ord815
ord561
ord4159
ord1105
ord6117
ord1205
ord2621
ord1134
ord2452
ord2725
ord5289
ord4614
ord4613
ord1945
ord4273
ord4589
ord4588
ord4899
ord4370
ord4892
ord5076
ord4341
ord4349
ord4723
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord5240
ord3748
ord1726
ord5260
ord3400
ord4432
ord3737
ord560
ord813
ord2535
ord4464
ord6270
ord2100
ord2380
ord816
ord2567
ord2714
ord562
ord6605
ord3721
ord6154
ord2530
ord4364
ord4056
ord5471
ord4121
ord2389
ord5234
ord6369
ord5279
ord5248
ord2444
ord2087
ord3495
ord2294
ord2362
ord4055
ord5082
ord1709
ord1712
ord5440
ord3598
ord2135
ord818
ord4287
ord3894
ord1949
ord1176
ord3643
ord394
ord696
ord909
ord5628
ord4185
ord2393
ord690
ord1988
ord5207
ord389
ord3733
ord810
ord4271
ord4125
ord2149
ord3914
ord4506
ord6311
ord4171
ord3303
ord3701
ord500
ord772
ord6142
ord5860
ord2845
ord2753
ord472
ord2754
ord2123
ord912
ord5280
ord324
ord4234
ord3353
ord1194
ord3815
ord4220
ord2584
ord3654
ord2863
ord2438
ord1644
ord4034
ord3993
ord996
ord940
ord5641
ord6597
ord6650
ord6591
ord6807
ord6857
ord6823
ord6855
ord6832
ord6859
ord6867
ord6847
ord6814
ord6839
ord6846
ord6858
ord6816
ord6815
ord6812
ord6845
ord6856
ord6808
ord6835
ord4340
ord4347
ord4889
ord4963
ord4960
ord6054
ord5281
ord1725
ord6614
ord6691
ord6478
ord6514
ord6800
ord6805
ord2634
ord4720
ord5651
ord3127
ord3616
ord350
ord640
ord5785
ord1640
ord2859
ord323
ord2450
ord5873
ord6157
ord1795
ord2575
ord4396
ord609
ord613
ord289
ord5781
ord2860
ord3706
ord2713
ord2455
ord3574
ord809
ord556
ord2122
ord6358
ord1088
ord2405
ord283
ord2971
ord5759
ord1576
ord5756
ord6186
ord4330
ord6189
ord5789
ord5794
ord5579
ord5571
ord6061
ord5864
ord3596
ord5787
ord6194
ord1803
ord4230
ord298
ord620
ord6442
ord4454
ord6335
ord6453
ord4476
ord6242
ord2867
ord327
ord642
ord4235
ord1938
ord4268
ord3295
ord5086
ord5064
ord554
ord807
ord4366
ord1711
ord1716
ord2453
ord5885
ord2012
ord5158
ord4598
ord4806
ord6064
ord4873
ord2558
ord3138
ord4400
ord3630
ord682
ord3370
ord2582
ord4402
ord3640
ord693
ord2841
ord4243
ord955
ord3301
ord3021
ord3293
ord3910
ord6696
ord2243
ord3752
ord2107
ord1862
ord4083
ord5606
ord2763
ord2920
ord1710
ord1715
ord3395
ord3730
ord3289
ord2919
ord1195
ord6146
ord5883
ord1865
ord5861
ord4759
ord3711
ord783
ord3742
ord2112
ord6128
ord1928
ord6232
ord6230
ord6148
ord2568
ord6268
ord6271
ord3225
ord3257
ord3912
ord2544
ord2543
ord2511
ord978
ord1731
ord5851
ord2883
ord2398
ord2418
ord6224
ord6226
ord2429
ord2250
ord4732
ord5477
ord2259
ord4836
ord4440
ord527
ord794
ord4264
ord1126
ord4789

msvcrt

_CxxThrowException
_stricmp
_wcsicmp
_ltoa
_setmbcp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_onexit
__dllonexit
isalnum
wcslen
wcscpy
strchr
strtol
_itoa
_purecall
_access
_strdup
fprintf
_unlink
rename
__CxxFrameHandler
atoi
_mbscmp
sprintf
_mbsicmp
_mbsrchr
free
fclose
fwrite
malloc
fopen
fread
_mbsicoll
rand
srand
time
_except_handler3
sscanf
_mbsnbcpy
_mbsinc
_ismbcspace
memmove
wcscmp
strrchr
_mbschr
_ftol
strncpy
_controlfp

kernel32

GetCPInfo
lstrlenW
WideCharToMultiByte
MulDiv
FindResourceA
LoadResource
LockResource
GlobalAlloc
GlobalLock
GlobalUnlock
CopyFileA
GetVersion
CreateMutexA
ReleaseMutex
SetCurrentDirectoryA
GetCurrentProcess
GetExitCodeProcess
TerminateProcess
GetTickCount
GetDriveTypeA
WritePrivateProfileStringA
GetCurrentProcessId
WinExec
GetModuleHandleA
LocalFree
lstrcmpiA
DeleteFileA
OpenProcess
GetVersionExA
lstrcpynA
MultiByteToWideChar
GetLongPathNameA
GetLastError
CloseHandle
CreateFileA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcpyA
lstrcatA
lstrlenA
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentThreadId
Sleep
InterlockedDecrement
GetModuleFileNameA
GetStartupInfoA

user32

CreatePopupMenu
CreateMenu
GetMenuStringA
SetMenu
MessageBeep
GetScrollInfo
SendMessageA
EnableWindow
DrawStateA
InflateRect
DrawFocusRect
TrackPopupMenuEx
GetActiveWindow
GetNextDlgTabItem
DestroyCursor
DestroyMenu
GetMenuItemCount
GetSystemMenu
SystemParametersInfoA
CopyImage
DestroyIcon
SetWindowPos
SetWindowRgn
GetWindowRgn
GetFocus
GetDC
LoadMenuA
GetSubMenu
SetMenuDefaultItem
SetForegroundWindow
TrackPopupMenu
GetMenuItemID
GetMessagePos
SetTimer
GetMenuState
KillTimer
TranslateMessage
DispatchMessageA
SetWindowLongA
CallWindowProcA
EqualRect
CopyRect
SetParent
CallNextHookEx
LoadBitmapA
UpdateWindow
UnregisterHotKey
RegisterHotKey
IsIconic
GetAsyncKeyState
SetWindowTextA
SetRectEmpty
PeekMessageA
MessageBoxA
GetDlgItem
VkKeyScanA
MapVirtualKeyA
GetKeyboardState
PostMessageA
ShowCursor
TrackMouseEvent
InvalidateRect
FillRect
DrawIconEx
GetSysColor
RegisterWindowMessageA
SendMessageTimeoutA
GetDesktopWindow
ChildWindowFromPointEx
WindowFromPoint
IsWindowVisible
IsWindow
GetWindowDC
ModifyMenuA
AppendMenuA
GetMenuItemInfoA
IntersectRect
GetKeyState
EnumChildWindows
OffsetRect
IsRectEmpty
ReleaseDC
GetWindow
ReleaseCapture
LoadCursorA
SetCursor
SetCapture
SetWindowsHookExA
UnhookWindowsHookEx
SetRect
GetCursorPos
PtInRect
SetCursorPos
MoveWindow
GetClientRect
GetSystemMetrics
GetWindowThreadProcessId
AttachThreadInput
SetActiveWindow
keybd_event
FindWindowA
GetAncestor
ScreenToClient
GetWindowTextA
ClientToScreen
GetClassNameA
GetParent
GetWindowLongA
ShowWindow
ClipCursor
GrayStringA
DrawTextA
TabbedTextOutA
SendInput
FrameRect
GetWindowRect
RedrawWindow
LoadIconA
GetMenu
LoadImageA

gdi32

GetStockObject
SetTextColor
CombineRgn
SetPixel
GetPixel
RoundRect
GetBkColor
DPtoLP
GetMapMode
LPtoDP
PtVisible
RectVisible
ExtTextOutA
Escape
Rectangle
GetBkMode
GetTextExtentPoint32W
Ellipse
PtInRegion
CreateRectRgn
SelectClipRgn
CreateICA
GetDIBits
DeleteDC
ExtCreateRegion
StretchBlt
SelectPalette
RealizePalette
BitBlt
CreateBitmap
CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
DeleteObject
CreateFontIndirectA
GetObjectA
SelectObject
CreateSolidBrush
GetTextExtentPoint32A
CreatePen
TextOutA
SetBkColor
PatBlt
CreateFontA

advapi32

ControlService
RegQueryValueExA
RegOpenKeyExA
CryptReleaseContext
CryptDestroyKey
CryptEncrypt
CryptDestroyHash
CryptDeriveKey
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptDecrypt
RegSetValueExA
RegDeleteValueA
CloseServiceHandle
CreateServiceA
OpenSCManagerA
DeleteService
StartServiceA
RegCloseKey
OpenServiceA

shell32

ExtractIconA
ShellExecuteExA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
Shell_NotifyIconA

comctl32

ImageList_GetImageCount
ImageList_SetBkColor
ImageList_DragEnter
ImageList_BeginDrag
ImageList_GetImageInfo
ImageList_EndDrag
ImageList_DragLeave
ImageList_DragMove
ImageList_Remove
ImageList_Destroy
ImageList_Draw
ImageList_LoadImageA
_TrackMouseEvent
ImageList_AddMasked
ImageList_GetIcon
ImageList_DragShowNolock
ImageList_ReplaceIcon

ole32

CreateStreamOnHGlobal
CoCreateInstance

olepro32

ord251

oleaut32

SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
VariantClear
VariantInit
SysAllocString
SysFreeString

urlmon

URLDownloadToFileA

psdmaid

ord15
ord5
ord6
ord16

winmm

PlaySoundA

Sections

.text
Size: 288KB - Virtual size: 286KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
alasend/alsUpdate.exe
.exe windows:4 windows x86 arch:x86

d5504a50ce60e2a392443a3a3cd962a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

EnumProcessModules
GetModuleFileNameExA

mfc42

ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord567
ord609
ord4275
ord922
ord924
ord2567
ord613
ord289
ord2379
ord755
ord5781
ord470
ord5981
ord3089
ord5875
ord2860
ord3874
ord3706
ord2642
ord4284
ord3619
ord537
ord2818
ord2713
ord4220
ord2584
ord3654
ord2455
ord6270
ord2438
ord1644
ord1949
ord1176
ord3643
ord394
ord696
ord909
ord5628
ord4185
ord535
ord5710
ord5572
ord2915
ord858
ord4129
ord5683
ord5265
ord4376
ord4853
ord4998
ord2514
ord6052
ord1775
ord4407
ord5280
ord4425
ord3597
ord3573
ord641
ord324
ord1146
ord2446
ord4234
ord6453
ord4476
ord6197
ord6242
ord2867
ord4710
ord5440
ord6383
ord5450
ord6394
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord801
ord690
ord795
ord692
ord1228
ord541
ord2621
ord4277
ord6883
ord2763
ord6929
ord6927
ord6143
ord1771
ord6366
ord2413
ord1576
ord4219
ord2581
ord4401
ord3639
ord3402
ord3721
ord389
ord2370
ord2302
ord6199
ord3092
ord6334
ord6059
ord4160
ord2863
ord6380
ord926
ord6880
ord1200
ord798
ord1997
ord6392
ord5194
ord533
ord1567
ord1979
ord6385
ord353
ord5353
ord1263
ord5207
ord268
ord3698
ord765
ord816
ord2714
ord562
ord6605
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4396
ord1776
ord4078
ord6055
ord2575
ord1795
ord6157
ord5873
ord6172
ord2450
ord323
ord2864
ord2859
ord1640
ord1641
ord5785
ord2753
ord2452
ord640
ord354
ord350
ord540
ord860
ord5186
ord3318
ord5442
ord800
ord665
ord3616
ord3127
ord5651
ord823
ord2414
ord3663
ord3626
ord825
ord3571
ord1168
ord2024

msvcrt

_itoa
_setmbcp
_controlfp
_stricmp
__CxxFrameHandler
atoi
strchr
_mbscmp
atol
sprintf
sscanf
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3

kernel32

MulDiv
GetPrivateProfileIntA
GlobalAlloc
GlobalLock
GlobalUnlock
GetStartupInfoA
GetPrivateProfileStringA
GetProcAddress
DeleteFileA
GetModuleFileNameA
lstrcpyA
GetTempPathA
GetModuleHandleA
WinExec
GetTempFileNameA
WaitForSingleObject
CreateProcessA
Sleep
CloseHandle
TerminateProcess
GetExitCodeProcess
SetCurrentDirectoryA
OpenProcess

user32

DispatchMessageA
RedrawWindow
AppendMenuA
EnumChildWindows
GetClassNameA
FillRect
DrawStateA
LoadIconA
CallWindowProcA
GetMenuItemCount
TranslateMessage
GetSystemMenu
MoveWindow
ShowWindow
PtInRect
CopyRect
GetWindowDC
GetWindowRect
GetSystemMetrics
EqualRect
PeekMessageA
ReleaseDC
OffsetRect
GetMenuItemID
CopyImage
DrawIconEx
DestroyIcon
IsWindow
SetWindowPos
SetWindowLongA
EnableWindow
GetParent
SendMessageA
InvalidateRect
UpdateWindow
SetCapture
ReleaseCapture
SetWindowRgn
GetWindowRgn
GetFocus
GetWindowLongA
GetClientRect
GetSysColor
GetDC
GetDesktopWindow

gdi32

CreateSolidBrush
GetStockObject
CreateFontIndirectA
PtInRegion
CreateRectRgn
SelectClipRgn
DeleteObject
CreateICA
GetDIBits
DeleteDC
ExtCreateRegion
GetObjectA
StretchBlt
SelectPalette
RealizePalette
SelectObject
BitBlt
CreateBitmap
CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
CombineRgn

ole32

CreateStreamOnHGlobal

olepro32

ord251

msvcp60

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ifstream@DU?$char_traits@D@std@@@std@@UAE@XZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
?_Fpz@std@@3_JB
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??_8?$basic_ifstream@DU?$char_traits@D@std@@@std@@7B@
??0ios_base@std@@IAE@XZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??_7?$basic_ifstream@DU?$char_traits@D@std@@@std@@6B@
?open@?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAEPAV12@PBDH@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_filebuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@

wininet

InternetQueryDataAvailable

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
alasend/alscfgItem.pfg
alasend/mfc42.dll
.dll regsvr32 windows:5 windows x86 arch:x86

15526a399efc54049f061e8ef6944ab3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

mfc42.pdb

Imports

msvcrt

_mbclen
_mbsnbcmp
_mbsstr
_mbsspn
_mbsrchr
_mbscspn
wcslen
_mbsupr
_mbslwr
_mbsrev
_mbspbrk
_mbschr
_mbscmp
realloc
fflush
fseek
ftell
fgets
_onexit
__dllonexit
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
wcsncpy
wcscpy
_ltoa
_ultoa
swprintf
_itoa
modf
ceil
floor
_mbsnbicmp
__argc
__argv
_beginthreadex
_endthreadex
_splitpath
_fullpath
atol
_strdup
_mbsdec
_expand
strtod
strtol
strtoul
_snprintf
calloc
_msize
_purecall
_except_handler3
_mbctype
time
strftime
localtime
gmtime
mktime
_ismbcspace
atoi
_ismbcdigit
sprintf
vsprintf
fputs
fwrite
fread
clearerr
fclose
_open_osfhandle
_fdopen
__doserrno
_get_osfhandle
_mbsinc
abort
free
malloc
memmove
_CxxThrowException
?terminate@@YAXXZ
__CxxFrameHandler

kernel32

LocalFree
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCPInfo
GetOEMCP
LocalAlloc
LeaveCriticalSection
GlobalHandle
EnterCriticalSection
TlsGetValue
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
CreateMutexA
ReleaseMutex
CreateEventA
WaitForMultipleObjects
GetVersionExA
GetModuleHandleA
lstrcatA
FreeLibrary
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
GetVersion
FreeResource
LockResource
LoadResource
FindResourceA
MulDiv
GetProfileIntA
VirtualProtect
FindResourceExA
SizeofResource
GetProcessVersion
GlobalFlags
GetTempFileNameA
GetDiskFreeSpaceA
LocalUnlock
LocalLock
SearchPathA
GetTempPathA
FindNextFileA
SetThreadPriority
ResumeThread
SetEvent
SuspendThread
GetCurrentThread
SetErrorMode
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentDirectoryA
GetTickCount
lstrlenW
VirtualAlloc
GetSystemInfo
VirtualQuery
CopyFileA
lstrcpynW
GetUserDefaultLCID
IsDBCSLeadByte
LoadLibraryExA
GetSystemDirectoryA
InterlockedCompareExchange
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
InterlockedIncrement
WideCharToMultiByte
InterlockedDecrement
SetFileAttributesA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
FindClose
GetFileTime
GetFileSize
GetFileAttributesA
GlobalFree
GlobalUnlock
GlobalReAlloc
GlobalAlloc
GlobalLock
GlobalSize
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
lstrcpyA
LoadLibraryA
GetProcAddress
WriteFile
GetCurrentProcess
DuplicateHandle
MultiByteToWideChar
GetModuleFileNameA
GetShortPathNameA
lstrcmpiA
GetThreadLocale
GetStringTypeExA
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
CloseHandle
FlushFileBuffers
SetFilePointer
ReadFile
lstrcmpA
OutputDebugStringA
lstrlenA
GetLastError
SetLastError
lstrcpynA
FormatMessageA
DelayLoadFailureHook

user32

AppendMenuA
GetSystemMenu
SetParent
GetDCEx
LockWindowUpdate
GetTabbedTextExtentA
DrawTextA
GrayStringA
UnionRect
DrawFocusRect
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
wvsprintfA
GetAsyncKeyState
MapDialogRect
GetDialogBaseUnits
TabbedTextOutA
BeginPaint
EndPaint
GetSysColorBrush
GetClassNameA
SetWindowTextA
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageA
MoveWindow
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
DestroyIcon
DestroyCursor
SetCursorPos
FindWindowA
IsClipboardFormatAvailable
MessageBeep
RemoveMenu
ValidateRect
PostQuitMessage
UnregisterClassA
ShowOwnedPopups
GetMenuStringA
InsertMenuA
RegisterClipboardFormatA
CopyAcceleratorTableA
InSendMessage
PostThreadMessageA
CreateMenu
WindowFromDC
DeleteMenu
SetWindowContextHelpId
CharNextA
GetNextDlgGroupItem
ClipCursor
DrawEdge
EnumChildWindows
InvalidateRgn
FrameRect
LoadStringA
GetForegroundWindow
SetForegroundWindow
GetLastActivePopup
ShowScrollBar
AdjustWindowRectEx
SetActiveWindow
EqualRect
DeferWindowPos
IsWindowVisible
UpdateWindow
GetScrollInfo
SetScrollInfo
ScreenToClient
GetClientRect
MessageBoxA
GetMenu
PostMessageA
GetParent
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetClassInfoA
RegisterClassA
SetWindowPlacement
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
SendMessageA
CallWindowProcA
DefWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
GetWindow
MsgWaitForMultipleObjects
UnhookWindowsHookEx
OemToCharBuffA
CharToOemA
CharUpperA
GetSystemMetrics
wsprintfA
IsRectEmpty
IsZoomed
GetDC
KillTimer
SetTimer
SetRect
LoadBitmapA
ReleaseDC
GetWindowDC
InvertRect
FillRect
PtInRect
InflateRect
RedrawWindow
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
WaitMessage
GetMessageA
TranslateMessage
GetCursorPos
WindowFromPoint
SetCapture
GetWindowThreadProcessId
ClientToScreen
LoadCursorA
GetActiveWindow
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
SetCursor
ReleaseCapture
InvalidateRect
SetRectEmpty
BringWindowToTop
SetMenu
ShowWindow
GetDesktopWindow
IsWindowEnabled
TranslateAcceleratorA
RegisterWindowMessageA
LoadAcceleratorsA
GetCapture
WinHelpA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
DispatchMessageA
GetFocus
IsWindow
SetFocus
IsChild
GetMessageTime
GetMessagePos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetTopWindow
TrackPopupMenu
GetKeyState
DestroyWindow
SetScrollRange
GetSysColor
SetScrollPos
GetScrollPos
EnableWindow
LoadIconA
PeekMessageA
CountClipboardFormats
MapWindowPoints
GetScrollRange

advapi32

RegQueryValueExA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueA
RegDeleteKeyA
RegEnumKeyA
RegSetValueA
RegCreateKeyA
RegSetValueExA
GetFileSecurityA
SetFileSecurityA
RegOpenKeyA
RegCloseKey

gdi32

GetMapMode
CombineRgn
SetRectRgn
CreateHatchBrush
ExtCreatePen
CreateDIBPatternBrushPt
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
OffsetWindowOrgEx
SelectPalette
StartDocA
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
OffsetClipRgn
ExcludeClipRect
SetStretchBltMode
DPtoLP
SetPolyFillMode
SetBkMode
EnumFontFamiliesExA
CreateDCA
CreateRectRgnIndirect
UnrealizeObject
CreateBitmap
CreatePatternBrush
CreatePen
PatBlt
Rectangle
TextOutA
DeleteMetaFile
CloseMetaFile
ScaleWindowExtEx
ScaleViewportExtEx
IntersectClipRect
GetDeviceCaps
SetMapMode
SetWindowExtEx
SetViewportExtEx
OffsetViewportOrgEx
GetViewportOrgEx
SetViewportOrgEx
GetWindowOrgEx
SetWindowOrgEx
GetCurrentPositionEx
MoveToEx
GetWindowExtEx
GetViewportExtEx
EnumFontFamiliesA
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
LPtoDP
CopyMetaFileA
CreateMetaFileA
SetBrushOrgEx
OffsetRgn
CreatePalette
RealizePalette
GetPaletteEntries
SetROP2
GetClipBox
SetTextColor
SetBkColor
GetObjectA
CreateSolidBrush
CreateCompatibleDC
SelectObject
BitBlt
ExtTextOutA
GetTextExtentPoint32A
GetTextMetricsA
CreateFontIndirectA
DeleteDC
StretchDIBits
CreateCompatibleBitmap
DeleteObject
GetCharWidthA
CreateFontA
GetStockObject
RestoreDC
SaveDC
GetNearestColor
Escape
GetBkColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
PtVisible
RectVisible
GetTextAlign
GetTextFaceA
GetPixel

ole32

StringFromGUID2
OleLoadFromStream
ReadClassStm
CreateDataCache
CoGetMalloc
CreateDataAdviseHolder
CreateOleAdviseHolder
CoDisconnectObject
OleRegGetMiscStatus
OleRegEnumVerbs
OleDuplicateData
CoTreatAsClass
WriteFmtUserTypeStg
SetConvertStg
WriteClassStg
GetRunningObjectTable
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoRevokeClassObject
CoRegisterClassObject
CoRegisterMessageFilter
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
DoDragDrop
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
GetClassFile
CreateFileMoniker
CreateBindCtx
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
OleGetClipboard
CoTaskMemAlloc
OleIsRunning
OleRun
OleQueryLinkFromData
OleQueryCreateFromData
OleSetMenuDescriptor
CreateGenericComposite
CreateItemMoniker
OleGetIconOfClass
GetHGlobalFromILockBytes
StgOpenStorageOnILockBytes
OleLoad
OleCreate
OleCreateLinkToFile
OleCreateFromFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSetContainedObject
StringFromCLSID
OleLockRunning
CreateStreamOnHGlobal
OleSaveToStream
WriteClassStm
CoTaskMemFree
ReleaseStgMedium
OleSave
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoInitialize
CoGetClassObject
CoUninitialize

oleaut32

RegisterTypeLi
OleLoadPicture
OleCreatePictureIndirect
OleCreatePropertyFrame
OleTranslateColor
VariantTimeToSystemTime
OleCreateFontIndirect
LoadTypeLi
SafeArrayCreateVector
VarBstrFromDate
VarDateFromStr
VarBstrFromCy
VarCyFromStr
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
SysStringByteLen
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
SysReAllocStringLen
SysAllocStringLen
VariantCopy
VariantChangeType
SysAllocStringByteLen
SysStringLen
SysFreeString
VariantClear
LoadRegTypeLi

wininet

InternetSetFilePointer
InternetErrorDlg
FtpGetFileA
FtpPutFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
FtpCreateDirectoryA
FtpRenameFileA
FtpDeleteFileA
InternetQueryDataAvailable
InternetGetCookieA
InternetSetCookieA
InternetSetOptionExA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
HttpQueryInfoA
InternetFindNextFileA
InternetCloseHandle
InternetGetLastResponseInfoA
GopherGetAttributeA
FtpFindFirstFileA
GopherFindFirstFileA
InternetOpenA
InternetSetStatusCallback
HttpAddRequestHeadersA
InternetWriteFile
InternetReadFile
InternetConnectA
FtpOpenFileA
GopherCreateLocatorA
HttpSendRequestA
HttpEndRequestA
HttpSendRequestExA
InternetOpenUrlA
GopherOpenFileA
HttpOpenRequestA

wsock32

accept
socket
select
gethostbyname
WSASetLastError
htonl
htons
ioctlsocket
ntohs
inet_addr
bind
WSAGetLastError
getsockname
getpeername
connect
sendto
recvfrom
WSAAsyncSelect
send
recv
closesocket
WSACleanup
WSAStartup

odbc32

ord4
ord41
ord2
ord1
ord23
ord15
ord9
ord14
ord10
ord20
ord61
ord48
ord49
ord17
ord13
ord59
ord8
ord11
ord19
ord46
ord3
ord16
ord12
ord43
ord18
ord68
ord44
ord50
ord45
ord51
ord5
ord72

Exports

Exports

?classCCachedDataPathProperty@CCachedDataPathProperty@@2UCRuntimeClass@@B
?classCDataPathProperty@CDataPathProperty@@2UCRuntimeClass@@B
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1007KB - Virtual size: 1007KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
alasend/msvcrt.dll
.dll windows:5 windows x86 arch:x86

25a432f77bad9086d8a8d5268b15ff1b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcrt.pdb

Imports

kernel32

MultiByteToWideChar
GetLastError
WideCharToMultiByte
Sleep
Beep
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
FindFirstFileW
FindNextFileW
ExitProcess
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetFileAttributesA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
SetEnvironmentVariableW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
RaiseException
RtlUnwind
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
IsBadCodePtr
CloseHandle
GetExitCodeProcess
WaitForSingleObject
GetProcAddress
LoadLibraryA
FreeLibrary
CreateProcessA
CreateProcessW
HeapReAlloc
GetModuleHandleA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapValidate
HeapCompact
HeapWalk
HeapSize
VirtualProtect
GetSystemInfo
VirtualQuery
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
ReadConsoleA
SetConsoleMode
GetConsoleMode
IsDBCSLeadByteEx
GetConsoleCP
ReadConsoleW
SetEndOfFile
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
DuplicateHandle
GetCurrentProcess
GetFileInformationByHandle
PeekNamedPipe
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
LockFile
UnlockFile
SetFilePointer
CreateFileA
CreatePipe
ReadFile
CreateFileW
WriteFile
GetACP
GetOEMCP
GetCPInfo
UnhandledExceptionFilter
CompareStringA
CompareStringW
GetLocaleInfoA
GetLocaleInfoW
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
GetModuleFileNameA
GetCommandLineW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
InitializeCriticalSection
SetLastError
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
InterlockedExchange
TlsAlloc
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
ExitThread
ResumeThread
CreateThread
GetModuleFileNameW
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetSystemTimeAsFileTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
SetLocalTime
GetTickCount
QueryPerformanceCounter
TerminateProcess

ntdll

RtlGetNtVersionNumbers

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@AAE@PBQBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_cast@@QAE@PBD@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABQBDH@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_E__non_rtti_object@@UAEPAXI@Z
??_Ebad_cast@@UAEPAXI@Z
??_Ebad_typeid@@UAEPAXI@Z
??_Eexception@@UAEPAXI@Z
??_Fbad_cast@@QAEXXZ
??_Fbad_typeid@@QAEXXZ
??_G__non_rtti_object@@UAEPAXI@Z
??_Gbad_cast@@UAEPAXI@Z
??_Gbad_typeid@@UAEPAXI@Z
??_Gexception@@UAEPAXI@Z
??_U@YAPAXI@Z
??_V@YAXPAX@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?terminate@@YAXXZ
?unexpected@@YAXXZ
?what@exception@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CppXcptFilter
__CxxCallUnwindDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__crtCompareStringA
__crtCompareStringW
__crtGetLocaleInfoW
__crtGetStringTypeW
__crtLCMapStringA
__crtLCMapStringW
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__set_app_type
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unDNameEx
__uncaught_exception
__unguarded_readlc_active
__wargv
__wcserror
__wgetmainargs
__winitenv
_abnormal_termination
_abs64
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_aligned_free
_aligned_malloc
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_realloc
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_cexit
_cgets
_cgetws
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_cputws
_creat
_cscanf
_ctime64
_ctype
_cwait
_cwprintf
_cwscanf
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirst64
_findfirsti64
_findnext
_findnext64
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_fsopen
_fstat
_fstat64
_fstati64
_ftime
_ftime64
_ftol
_fullpath
_futime
_futime64
_gcvt
_get_heap_handle
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getwch
_getwche
_getws
_global_unwind2
_gmtime64
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_localtime64
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mkgmtime
_mkgmtime64
_mktemp
_mktime64
_msize
_nextafter
_onexit
_open
_open_osfhandle
_osplatform
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putwch
_putws
_pwctype
_read
_resetstkoflw
_rmdir
_rmtmp
_rotl
_rotl64
_rotr
_rotr64
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_scprintf
_scwprintf
_searchenv
_seh_longjmp_unwind
_set_SSE2_enable
_set_error_mode
_set_sbh_threshold
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snscanf
_snwprintf
_snwscanf
_sopen
_spawnl
_spawnle

Sections

.text
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
alasend/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.rsrc Size: 852KB - Virtual size: 851KB

.reloc Size: 4KB - Virtual size: 12B

15785d0af51754f90d2d50ed4b7b28c2

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 992B - Virtual size: 988B

.rdata Size: 128B - Virtual size: 116B

INIT Size: 256B - Virtual size: 228B

.reloc Size: 96B - Virtual size: 78B

7614e53d6cdbbcdfa8b995be4356642e

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 8KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 856B

.reloc Size: 4KB - Virtual size: 1KB

94ab426d1aa4af6b8657df57b6027150

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 856B

.reloc Size: 4KB - Virtual size: 1KB

46ba5c6441da147ce694af1dde2af8c5

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 856B

.reloc Size: 4KB - Virtual size: 1KB

3b44edf5aeef95c74d22c8a9d0f97d15

Headers

File Characteristics

Imports

pkutil

mfc42

msvcrt

kernel32

user32

.rsrc
Size: 852KB - Virtual size: 851KB

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 992B - Virtual size: 988B

.rdata
Size: 128B - Virtual size: 116B

INIT
Size: 256B - Virtual size: 228B

.reloc
Size: 96B - Virtual size: 78B

.text
Size: 12KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 856B

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 856B

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 856B

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 856B

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 856B

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 856B

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 4KB

.shared
Size: 4KB - Virtual size: 4B

.rsrc
Size: 4KB - Virtual size: 856B

.reloc
Size: 4KB - Virtual size: 1KB