Overview

overview

7

Static

static

7

a56f38ea27...18.exe

windows7-x64

7

a56f38ea27...18.exe

windows10-2004-x64

7

$PLUGINSDI...gy.exe

windows7-x64

7

$PLUGINSDI...gy.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

content/aboutTabs.htm

windows7-x64

3

content/aboutTabs.htm

windows10-2004-x64

3

content/ctoolbar.js

windows7-x64

3

content/ctoolbar.js

windows10-2004-x64

3

$PLUGINSDI...rch.js

windows7-x64

3

$PLUGINSDI...rch.js

windows10-2004-x64

3

$PLUGINSDI...bar.js

windows7-x64

3

$PLUGINSDI...bar.js

windows10-2004-x64

3

$PLUGINSDI...rt.dll

windows7-x64

3

$PLUGINSDI...rt.dll

windows10-2004-x64

3

$PLUGINSDI...re.dll

windows7-x64

3

$PLUGINSDI...re.dll

windows10-2004-x64

3

$PLUGINSDI...t.html

windows7-x64

3

$PLUGINSDI...t.html

windows10-2004-x64

3

$PLUGINSDI...com.js

windows7-x64

3

$PLUGINSDI...com.js

windows10-2004-x64

3

Azureus Sp...ro.exe

windows7-x64

7

Azureus Sp...ro.exe

windows10-2004-x64

7

SkinMagic.dll

windows7-x64

3

SkinMagic.dll

windows10-2004-x64

3

packet.dll

windows7-x64

3

packet.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    a56f38ea2782676582cb6c5cac941129_JaffaCakes118

  • Size

    2.8MB

  • MD5

    a56f38ea2782676582cb6c5cac941129

  • SHA1

    763bc9eedaff659c35f762b4abce1516999e5756

  • SHA256

    757d5dd3b527355b254e9290ec797f5cc28a62cf8e02db69bc29bd530422503b

  • SHA512

    b82ce5fa11de48e317fead4fadd27d875338c176d0e528728c0a5c6e984f388034acba970f1bfe92cd854c8fcb7a3fc7d54c30a7c046c9189470f635540f5a41

  • SSDEEP

    49152:0me8LvctmQiBK4PliaU5XD0E2V7SPmPFHnv:0b8ctm5KMDUBk1PFP

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 8 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • a56f38ea2782676582cb6c5cac941129_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/Download_Energy.exe
    .exe windows:4 windows x86 arch:x86

    81638d02019c0bfcaaf23a9c69f2f12c


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsProcess.dll
    .dll windows:4 windows x86 arch:x86

    c9fc7f6df8fedf8f8f1f9f820c072664


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/p2p-toolbar-screenshot.bmp
  • $PLUGINSDIR/setup.ini
  • $PLUGINSDIR/{ad708c09-d51b-45b3-9d28-4eba2681febf}/META-INF/manifest.mf
  • $PLUGINSDIR/{ad708c09-d51b-45b3-9d28-4eba2681febf}/META-INF/zigbert.rsa
  • $PLUGINSDIR/{ad708c09-d51b-45b3-9d28-4eba2681febf}/META-INF/zigbert.sf
  • $PLUGINSDIR/{ad708c09-d51b-45b3-9d28-4eba2681febf}/chrome.manifest
  • $PLUGINSDIR/{ad708c09-d51b-45b3-9d28-4eba2681febf}/chrome/download_energy.jar
    .zip
  • content/ScrollbarBindings.xml
    .xml
  • content/about.xul
    .xml
  • content/aboutTabs.htm
    .html
  • content/alert-bindings.xml
    .xml
  • content/alertAbout.xul
    .xml
  • content/alertMain.xul
    .xml
  • content/alertPreview.xul
    .xml
  • content/alertSettings.xul
    .xml
  • content/autocomplete-menulist.xml
    .js .xml polyglot
  • content/chat-menu-button.xml
    .js .xml polyglot
  • content/chevronToolbar.xul
    .js .xml polyglot
  • content/contents.rdf
    .xml
  • content/ctoolbar.js
    .js
  • content/enAddEdit.xul
    .js .xml polyglot
  • content/enConfirm.xul
    .js .xml polyglot
  • content/enSettings.xul
    .js .xml polyglot
  • content/enTestAccount.xul
    .xml
  • content/fbSettings.xul
    .xml
  • content/feed-bindings.xml
    .js .xml polyglot
  • content/manageMenu.xul
    .xml
  • content/multicommunity.xul
    .xml
  • content/multicommunity_detected.xul
    .js .xml polyglot
  • content/multicommunity_download.xul
    .xml
  • content/myStuffError.xul
    .xml
  • content/oldapi/weather_oldapi.xul
    .xml
  • content/options.xul
    .xml
  • content/popup.xul
    .js .xml polyglot
  • content/popup_chat.xul
    .js .xml polyglot
  • content/radio.xml
    .xml
  • content/radio_addEdit.xul
    .js .xml polyglot
  • content/radio_menu.xul
    .xml
  • content/radio_search.xul
    .xml
  • content/radio_volume.xul
    .xml
  • content/toolbarOverlay.xul
    .js .xml polyglot
  • content/toolbarbutton-mirrored-icon.xml
    .js .xml polyglot
  • content/truste.xul
    .xml
  • content/twitter-bindings.xml
    .js .xml polyglot
  • content/uninstall.xul
    .js .xml polyglot
  • content/wait.xul
    .xml
  • content/weather.xul
    .xml
  • content/weatherRTL.xul
    .js .xml polyglot
  • content/welcome.xul
    .xml
  • content/welcomeMacLinux.xul
    .xml
  • content/welcomeRTL.xul
    .xml
  • skin/AOL_load.gif
    .gif
  • skin/about_bg.png
    .png
  • skin/about_icon.png
    .png
  • skin/alert/AboutTitleBarImage.gif
    .gif
  • skin/alert/BottomStrip.gif
    .gif
  • skin/alert/CloseButtonAll.gif
    .gif
  • skin/alert/NextAll.gif
    .gif
  • skin/alert/OptionsTitleBarImage.gif
    .gif
  • skin/alert/PrevAll.gif
    .gif
  • skin/alert/SettingsButtonAll.gif
    .gif
  • skin/alert/TopStrip.gif
    .gif
  • skin/alert/TrayIcon.ico
  • skin/alert/TrayIconAnimated.gif
    .gif
  • skin/alert/TrayIconBlocked.ico
  • skin/alert/about.css
  • skin/alert/aboutAll.gif
    .gif
  • skin/alert/alert.css
  • skin/alert/btn.gif
    .gif
  • skin/alert/btn_dn.gif
    .gif
  • skin/alert/btn_hover.gif
    .gif
  • skin/alert/dot.gif
    .gif
  • skin/alert/faqAll.gif
    .gif
  • skin/alert/feedbackAll.gif
    .gif
  • skin/alert/preview.css
  • skin/alert/privacyAll.gif
    .gif
  • skin/alert/settings.css
  • skin/alert/viewRecentTitleBarImage.gif
    .gif
  • skin/blank.png
    .png
  • skin/block.png
    .png
  • skin/chat/HasUsersOnline.gif
    .gif
  • skin/chevron.png
    .png
  • skin/chevron_rtl.png
    .png
  • skin/contents.rdf
    .xml
  • skin/ebdialogstyle.css
  • skin/ebtoolbarbuttonstyleLinux.css
  • skin/ebtoolbarbuttonstyleMac.css
  • skin/ebtoolbarbuttonstyleWinXP.css
  • skin/ebtoolbarstyle.css
  • skin/email.png
    .png
  • skin/emailnew.png
    .png
  • skin/emailnewsmall.png
    .png
  • skin/enSound.wav
  • skin/facebook/component_icon_big.png
    .png
  • skin/facebook/facebook.css
  • skin/facebook/facebook_logo.png
    .png
  • skin/facebook/faq.png
    .png
  • skin/facebook/faq_over.png
    .png
  • skin/facebook/privacy.png
    .png
  • skin/facebook/privacy_over.png
    .png
  • skin/facebook/separator_line.jpg
    .jpg
  • skin/feed.css
  • skin/feedRTL_bg.png
    .png
  • skin/feed_bg.png
    .png
  • skin/feed_comment_all.png
    .png
  • skin/feed_delete_all.png
    .png
  • skin/feed_env_read.png
    .png
  • skin/feed_env_unread.png
    .png
  • skin/feed_read_all.png
    .png
  • skin/feed_refresh_all.png
    .png
  • skin/feed_unread_all.png
    .png
  • skin/gadgets/MyStuff.png
    .png
  • skin/gadgets/MyStuffBlinkAndHighlight.gif
    .gif
  • skin/gadgets/MyStuffHighlight.png
    .png
  • skin/gadgets/chat/Close.gif
    .gif
  • skin/gadgets/chat/CloseHover.gif
    .gif
  • skin/gadgets/chat/ClosePressed.gif
    .gif
  • skin/gadgets/chat/EditDown.gif
    .gif
  • skin/gadgets/chat/EditDownHover.gif
    .gif
  • skin/gadgets/chat/EditDownPressed.gif
    .gif
  • skin/gadgets/chat/EditUp.gif
    .gif
  • skin/gadgets/chat/EditUpHover.gif
    .gif
  • skin/gadgets/chat/EditUpPressed.gif
    .gif
  • skin/gadgets/chat/GadgetWindow.css
  • skin/gadgets/chat/Minimized.gif
    .gif
  • skin/gadgets/chat/MinimizedHover.gif
    .gif
  • skin/gadgets/chat/MinimizedPressed.gif
    .gif
  • skin/gadgets/chat/WindowTop.gif
    .gif
  • skin/gadgets/gadget/Close.gif
    .gif
  • skin/gadgets/gadget/CloseHover.gif
    .gif
  • skin/gadgets/gadget/ClosePressed.gif
    .gif
  • skin/gadgets/gadget/GadgetWindow.css
  • skin/gadgets/gadget/WindowTop.gif
    .gif
  • skin/go_btn.gif
    .gif
  • skin/go_btnRTL.gif
    .gif
  • skin/highlighter.png
    .png
  • skin/highlighterDisabled.png
    .png
  • skin/highlighterSearchTerm.png
    .png
  • skin/highlighter_chevron.png
    .png
  • skin/loading.gif
    .gif
  • skin/manage.gif
    .gif
  • skin/mc_add_active.png
    .png
  • skin/mc_add_candidate.png
    .png
  • skin/mc_add_flashing.gif
    .gif
  • skin/mc_add_inactive.png
    .png
  • skin/mc_community.png
    .png
  • skin/mc_community_dialog.png
    .png
  • skin/mc_community_dialog_over.png
    .png
  • skin/mc_community_selected.png
    .png
  • skin/mc_community_starred.png
    .png
  • skin/mc_options.png
    .png
  • skin/mc_search.png
    .png
  • skin/mc_tooltip_addTo.gif
    .gif
  • skin/mc_tooltip_addTo_dn.gif
    .gif
  • skin/mc_tooltip_addTo_over.gif
    .gif
  • skin/mc_tooltip_close.gif
    .gif
  • skin/mc_tooltip_close_dn.gif
    .gif
  • skin/mc_tooltip_close_over.gif
    .gif
  • skin/mc_tooltip_next.gif
    .gif
  • skin/mc_tooltip_next_dis.gif
    .gif
  • skin/mc_tooltip_next_dn.gif
    .gif
  • skin/mc_tooltip_next_over.gif
    .gif
  • skin/mc_tooltip_prev.gif
    .gif
  • skin/mc_tooltip_prev_dis.gif
    .gif
  • skin/mc_tooltip_prev_dn.gif
    .gif
  • skin/mc_tooltip_prev_over.gif
    .gif
  • skin/mc_tooltip_separator.gif
    .gif
  • skin/minibrowser.png
    .png
  • skin/multicommunityDialog_bg.png
    .png
  • skin/myGadgets_detect_x.png
    .png
  • skin/myGadgets_detect_x_dn.png
    .png
  • skin/myGadgets_detect_x_hover.png
    .png
  • skin/myStuff/add.png
    .png
  • skin/myStuff/myStuff.css
  • skin/myStuff/options.png
    .png
  • skin/radio/Podcast.png
    .png
  • skin/radio/RadioCombo.gif
    .gif
  • skin/radio/RadioEqualizerLoading.gif
    .gif
  • skin/radio/RadioEqualizerPause.gif
    .gif
  • skin/radio/RadioEqualizerPlay.gif
    .gif
  • skin/radio/RadioEqualizerReal.ico
  • skin/radio/RadioEqualizerSilent.gif
    .gif
  • skin/radio/RadioError.gif
    .gif
  • skin/radio/RadioErrow.ico
  • skin/radio/RadioErrowRTL.ico
  • skin/radio/RadioImgChev.ico
  • skin/radio/RadioMaxi.gif
    .gif
  • skin/radio/RadioMaxi_dn.gif
    .gif
  • skin/radio/RadioMaxi_on.gif
    .gif
  • skin/radio/RadioMini.gif
    .gif
  • skin/radio/RadioMini_dn.gif
    .gif
  • skin/radio/RadioMini_on.gif
    .gif
  • skin/radio/RadioPause.gif
    .gif
  • skin/radio/RadioPauseChev.ico
  • skin/radio/RadioPause_dn.gif
    .gif
  • skin/radio/RadioPause_on.gif
    .gif
  • skin/radio/RadioPlay.gif
    .gif
  • skin/radio/RadioPlayChev.ico
  • skin/radio/RadioPlay_dn.gif
    .gif
  • skin/radio/RadioPlay_on.gif
    .gif
  • skin/radio/RadioSliderBG.gif
    .gif
  • skin/radio/RadioSliderBall.gif
    .gif
  • skin/radio/RadioStop.gif
    .gif
  • skin/radio/RadioStopChev.ico
  • skin/radio/RadioStop_dn.gif
    .gif
  • skin/radio/RadioStop_on.gif
    .gif
  • skin/radio/RadioStrip.gif
    .gif
  • skin/radio/RadioTooltipPlaying.gif
    .gif
  • skin/radio/RadioTooltipStopped.gif
    .gif
  • skin/radio/RadioVolume.gif
    .gif
  • skin/radio/RadioVolume_dn.gif
    .gif
  • skin/radio/RadioVolume_on.gif
    .gif
  • skin/radio/RealLogo.png
    .png
  • skin/radio/WMPLogo.png
    .png
  • skin/radio/default_skin.xml
    .xml
  • skin/radio/defaultskin/RadioImgChev.ico
  • skin/radio/defaultskin/RadioPlayChev.ico
  • skin/radio/defaultskin/RadioStopChev.ico
  • skin/radio/defaultskin/display.gif
    .gif
  • skin/radio/defaultskin/equalizer_buffering.gif
    .gif
  • skin/radio/defaultskin/equalizer_error.gif
    .gif
  • skin/radio/defaultskin/equalizer_playing.gif
    .gif
  • skin/radio/defaultskin/equalizer_stopped.gif
    .gif
  • skin/radio/defaultskin/equalizer_stopped1.gif
    .gif
  • skin/radio/defaultskin/maxi.png
    .png
  • skin/radio/defaultskin/maxi_dn.png
    .png
  • skin/radio/defaultskin/maxi_over.png
    .png
  • skin/radio/defaultskin/minimize.png
    .png
  • skin/radio/defaultskin/minimize_dn.png
    .png
  • skin/radio/defaultskin/minimize_over.png
    .png
  • skin/radio/defaultskin/pause.gif
    .gif
  • skin/radio/defaultskin/pause_dn.gif
    .gif
  • skin/radio/defaultskin/pause_over.gif
    .gif
  • skin/radio/defaultskin/play.gif
    .gif
  • skin/radio/defaultskin/play_dn.gif
    .gif
  • skin/radio/defaultskin/play_over.gif
    .gif
  • skin/radio/defaultskin/slider.gif
    .gif
  • skin/radio/defaultskin/slider_bg.png
    .png
  • skin/radio/defaultskin/slider_dn.gif
    .gif
  • skin/radio/defaultskin/slider_over.gif
    .gif
  • skin/radio/defaultskin/stop.png
    .png
  • skin/radio/defaultskin/stop_dn.png
    .png
  • skin/radio/defaultskin/stop_over.png
    .png
  • skin/radio/defaultskin/vol.gif
    .gif
  • skin/radio/defaultskin/vol_dn.gif
    .gif
  • skin/radio/defaultskin/vol_over.gif
    .gif
  • skin/resize.gif
    .gif
  • skin/scrollbar/down-active.png
    .png
  • skin/scrollbar/down.png
    .png
  • skin/scrollbar/horizontal-background.png
    .png
  • skin/scrollbar/horizontal-gripper.png
    .png
  • skin/scrollbar/horizontal-thumb-end.png
    .png
  • skin/scrollbar/horizontal-thumb-start.png
    .png
  • skin/scrollbar/horizontal-thumb.png
    .png
  • skin/scrollbar/left-active.png
    .png
  • skin/scrollbar/left.png
    .png
  • skin/scrollbar/right-active.png
    .png
  • skin/scrollbar/right.png
    .png
  • skin/scrollbar/slider.gif
    .gif
  • skin/scrollbar/up-active.png
    .png
  • skin/scrollbar/up.png
    .png
  • skin/scrollbar/vertical-background.png
    .png
  • skin/scrollbar/vertical-gripper.png
    .png
  • skin/scrollbar/vertical-thumb-end.png
    .png
  • skin/scrollbar/vertical-thumb-start.png
    .png
  • skin/scrollbar/vertical-thumb.png
    .png
  • skin/scrollbars.css
  • skin/searchBox-suggest.xml
    .js .xml polyglot
  • skin/separator.png
    .png
  • skin/splitter.ico
  • skin/star.png
    .png
  • skin/truste_about.gif
    .gif
  • skin/truste_welcome.gif
    .gif
  • skin/twitter/twitter.css
  • skin/twitter/twitterRTL_bg.png
    .png
  • skin/twitter/twitter_bg.png
    .png
  • skin/twitter/twitter_chevron.gif
    .gif
  • skin/twitter/twitter_no_img.png
    .png
  • skin/v.png
    .png
  • skin/warning.png
    .png
  • skin/weather.png
    .png
  • skin/weather_bg.png
    .png
  • skin/weather_bg_rtl.png
    .png
  • skin/weather_bullet.png
    .png
  • skin/weather_close.png
    .png
  • skin/weather_close_dn.png
    .png
  • skin/weather_na.png
    .png
  • skin/welcome-rtl/arrow.png
    .png
  • skin/welcome-rtl/bottom.png
    .png
  • skin/welcome-rtl/corner_ld.png
    .png
  • skin/welcome-rtl/corner_lup.png
    .png
  • skin/welcome-rtl/corner_rd.png
    .png
  • skin/welcome-rtl/corner_rup.png
    .png
  • skin/welcome-rtl/emailNotifier.gif
    .gif
  • skin/welcome-rtl/facebook.png
    .png
  • skin/welcome-rtl/grad_dn.png
    .png
  • skin/welcome-rtl/left.png
    .png
  • skin/welcome-rtl/radio.gif
    .gif
  • skin/welcome-rtl/right.png
    .png
  • skin/welcome-rtl/upper_border.png
    .png
  • skin/welcome-rtl/weather.gif
    .gif
  • skin/welcome-rtl/welcomeDialog.css
  • skin/welcome.bmp
  • skin/welcome/arrow.png
    .png
  • skin/welcome/bottom.png
    .png
  • skin/welcome/corner_ld.png
    .png
  • skin/welcome/corner_lup.png
    .png
  • skin/welcome/corner_rd.png
    .png
  • skin/welcome/corner_rup.png
    .png
  • skin/welcome/emailNotifier.gif
    .gif
  • skin/welcome/facebook.png
    .png
  • skin/welcome/grad_dn.png
    .png
  • skin/welcome/left.png
    .png
  • skin/welcome/radio.gif
    .gif
  • skin/welcome/right.png
    .png
  • skin/welcome/upper_border.png
    .png
  • skin/welcome/weather.gif
    .gif
  • skin/welcome/welcomeDialog.css
  • skin/x.png
    .png
  • $PLUGINSDIR/{ad708c09-d51b-45b3-9d28-4eba2681febf}/components/ConduitAutoCompleteSearch.js
    .js
  • $PLUGINSDIR/{ad708c09-d51b-45b3-9d28-4eba2681febf}/components/ConduitAutoCompleteSearch.xpt
  • $PLUGINSDIR/{ad708c09-d51b-45b3-9d28-4eba2681febf}/components/ConduitToolbar.idl
  • $PLUGINSDIR/{ad708c09-d51b-45b3-9d28-4eba2681febf}/components/ConduitToolbar.js
    .js
  • $PLUGINSDIR/{ad708c09-d51b-45b3-9d28-4eba2681febf}/components/ConduitToolbar.xpt
  • $PLUGINSDIR/{ad708c09-d51b-45b3-9d28-4eba2681febf}/components/FFExternalAlert.dll
    .dll windows:5 windows x86 arch:x86

    3223d50e0400d555fa5614bff18da5cf


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/{ad708c09-d51b-45b3-9d28-4eba2681febf}/components/FFExternalAlert.xpt
  • $PLUGINSDIR/{ad708c09-d51b-45b3-9d28-4eba2681febf}/components/RadioWMPCore.dll
    .dll windows:5 windows x86 arch:x86

    a50dc75f0f339366da4f56137bf8807f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/{ad708c09-d51b-45b3-9d28-4eba2681febf}/components/RadioWMPCore.xpt
  • $PLUGINSDIR/{ad708c09-d51b-45b3-9d28-4eba2681febf}/defaults/default_radio_skin.xml
    .xml
  • $PLUGINSDIR/{ad708c09-d51b-45b3-9d28-4eba2681febf}/defaults/fbAlert.js
    .html .js polyglot
  • $PLUGINSDIR/{ad708c09-d51b-45b3-9d28-4eba2681febf}/install.rdf
    .xml
  • $PLUGINSDIR/{ad708c09-d51b-45b3-9d28-4eba2681febf}/lib/xpcom.js
    .js
  • $PLUGINSDIR/{ad708c09-d51b-45b3-9d28-4eba2681febf}/searchplugin/conduit.PNG
    .png
  • $PLUGINSDIR/{ad708c09-d51b-45b3-9d28-4eba2681febf}/searchplugin/conduit.gif
    .gif
  • $PLUGINSDIR/{ad708c09-d51b-45b3-9d28-4eba2681febf}/searchplugin/conduit.ico
  • $PLUGINSDIR/{ad708c09-d51b-45b3-9d28-4eba2681febf}/searchplugin/conduit.src
  • $PLUGINSDIR/{ad708c09-d51b-45b3-9d28-4eba2681febf}/searchplugin/conduit.xml
  • $PLUGINSDIR/{ad708c09-d51b-45b3-9d28-4eba2681febf}/setup.ini
  • $PLUGINSDIR/{ad708c09-d51b-45b3-9d28-4eba2681febf}/version.txt
  • Azureus SpeedUp Pro.exe
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • SkinMagic.dll
    .dll windows:4 windows x86 arch:x86

    73311293c21223a65c49aac91966fa84


    Headers

    Imports

    Exports

    Sections

  • packet.dll
    .dll windows:4 windows x86 arch:x86

    dc8c0d40b34348cdabb47af1cd619332


    Headers

    Imports

    Exports

    Sections

  • skin.smf
  • uninstall.exe.nsis