ba1e287540bd30d980ed840815b3e564_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ba1e287540bd30d980ed840815b3e564_JaffaCakes118
Size

4.9MB
MD5

ba1e287540bd30d980ed840815b3e564
SHA1

99a5906ec65d90b9fa0f798230bda033aeca21fb
SHA256

ad454b657ddb2d22157338feba8615d1446712eb858cbf78f9754d24d2de674c
SHA512

bffa1115914ee9fbde61d4163598cd65164d812f527a40d0c6450594932078ff82c949c94272a380d3ba3b38b5ba827562f9635f7ec0698e9f01cb0ef63fc9a2
SSDEEP

98304:uM0wUBJ/jlC5CzVxKFpBkVKg6/NifVZ4btSK/LpVTmhsOZr8flvNylhEdCy:uMtWckzVEHgyifDUtSIFlclEJ

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack002/七彩连珠.exe	aspack_v212_v242

Unsigned PE 8 IoCs

Checks for missing Authenticode signature.

resource
unpack002/UninsFiles/ISTask.dll
unpack002/UninsFiles/ItDownload.dll
unpack002/UninsFiles/unins000.exe
unpack002/七彩连珠.exe
unpack001/QiCaiLianZhuV3.8_chs_setup/QiCaiLianZhuV3.8_chs/7z.dll
unpack003/Unistall.exe
unpack003/双击运行.exe
unpack001/QiCaiLianZhuV3.8_chs_setup/点击使用.exe

Files

ba1e287540bd30d980ed840815b3e564_JaffaCakes118
.rar
QiCaiLianZhuV3.8_chs_setup/QiCaiLianZhuV3.8_chs/#YouXun#
.7z
QiCaiLianZhuV3.8_chs.ico
Score.dat
UnInstall.exe
.exe windows:5 windows x86 arch:x86

8d14b914b780ff4ce65f0d41e0e884b2

Code Sign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

09:7e:d4:aa:54:da:96:dd:a0:b6:31:ef:1d:ce:7f:03
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

27/11/2012, 00:00

Not After

27/11/2013, 23:59

Subject

CN=Wuhan Yu Ku of Network Technology Co.\, Ltd,OU=Ministry of Technology,O=Wuhan Yu Ku of Network Technology Co.\, Ltd,L=wuhan,ST=hubei,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

31:7f:66:d1:d6:c1:b5:c4:af:33:49:1f:4b:4b:c1:dc:67:3e:72:6d
Signer

Actual PE Digest

31:7f:66:d1:d6:c1:b5:c4:af:33:49:1f:4b:4b:c1:dc:67:3e:72:6d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Backup\我的文档\Visual Studio 2010\Projects\AutoPackTool\99UnInstall-For2012\Release\XKUnInstall.pdb

Imports

kernel32

InitializeCriticalSection
LocalFree
CreateThread
SetFileAttributesW
FindNextFileW
FindClose
FindFirstFileW
DeleteCriticalSection
lstrcmpiW
EnterCriticalSection
GetProcAddress
RaiseException
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
LoadLibraryExW
FreeLibrary
GetCurrentProcessId
DeleteFileW
CloseHandle
RemoveDirectoryW
LockResource
GetLastError
GetTempPathW
lstrlenW
MultiByteToWideChar
CreateFileW
GetModuleFileNameW
SizeofResource
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentDirectoryW
SetCurrentDirectoryW
GetTickCount
GetACP
FreeResource
ExitProcess
GetFileSize
ReadFile
DosDateTimeToFileTime
SetFilePointer
SystemTimeToFileTime
GetCurrentProcess
WriteFile
GetFileType
DuplicateHandle
MulDiv
EncodePointer
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
HeapCreate
GetStdHandle
Sleep
GetLocaleInfoW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCPInfo
GetOEMCP
IsValidCodePage
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
IsProcessorFeaturePresent
LCMapStringW
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetStdHandle
FlushFileBuffers
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetEndOfFile
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
CopyFileW
WideCharToMultiByte
OpenProcess
WaitForSingleObject
CreateProcessW
LoadResource
FindResourceW
FindResourceExW
lstrlenA

user32

GetUpdateRect
BeginPaint
EndPaint
IsRectEmpty
InvalidateRect
MapWindowPoints
GetCursorPos
GetFocus
SetTimer
KillTimer
SetCapture
ReleaseCapture
PtInRect
LoadIconW
LoadStringW
OffsetRect
InflateRect
UnionRect
wvsprintfW
SetCursor
GetMonitorInfoW
MonitorFromWindow
IsZoomed
MessageBoxW
IntersectRect
CreateCaret
ShowCaret
GetKeyState
SetCaretPos
ClientToScreen
GetMenu
FillRect
DrawTextW
SetRect
CharPrevW
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
InvalidateRgn
CreateAcceleratorTableW
MoveWindow
TranslateMessage
SetFocus
GetMessageW
EnableWindow
GetWindow
IsWindow
SetWindowLongW
CreateWindowExW
DefWindowProcW
AdjustWindowRectEx
DispatchMessageW
PostMessageW
GetPropW
wsprintfW
GetDC
ReleaseDC
HideCaret
DestroyWindow
SetPropW
CallWindowProcW
GetWindowLongW
ShowWindow
CharNextW
GetClientRect
IsIconic
PostQuitMessage
GetWindowRect
RegisterClassExW
GetClassInfoExW
RegisterClassW
LoadCursorW
GetSystemMetrics
LoadImageW
SetWindowPos
SystemParametersInfoW
GetParent
SendMessageW
SetWindowRgn
ScreenToClient
GetSysColor

gdi32

CreateRectRgn
GetPixel
CombineRgn
PtInRegion
GetDeviceCaps
SelectClipRgn
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
CreateDIBSection
StretchBlt
SetStretchBltMode
SetBkColor
CreateSolidBrush
CreatePenIndirect
MoveToEx
LineTo
RoundRect
SetBkMode
SetTextColor
GetCharABCWidthsW
SaveDC
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
CreatePen
GetObjectW
SetWindowOrgEx
Rectangle
BitBlt
RestoreDC
GetObjectA
GdiFlush
TextOutW
GetTextExtentPoint32W
CreateRoundRectRgn
DeleteObject
CreateFontIndirectW
GetStockObject
ExtTextOutW
GetTextMetricsW

advapi32

RegCloseKey
RegDeleteValueW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW

shell32

SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation
SHFileOperationW
ShellExecuteW
Shell_NotifyIconW

ole32

CoTaskMemAlloc
CoTaskMemFree
OleUninitialize
OleInitialize
CoTaskMemRealloc
CoCreateInstance
CoInitialize
CoUninitialize
CLSIDFromProgID
CLSIDFromString
OleLockRunning

oleaut32

SysFreeString
VarUI4FromStr
SysAllocString
VariantInit
VariantClear

shlwapi

PathFileExistsW
SHDeleteKeyW

wininet

InternetReadFile
InternetOpenUrlW
InternetOpenW
InternetCloseHandle

winmm

timeSetEvent
timeKillEvent
timeEndPeriod
timeGetDevCaps
timeBeginPeriod

comctl32

ord17
ImageList_LoadImageW
ImageList_GetIcon
_TrackMouseEvent

gdiplus

GdipDrawString
GdipCloneBrush
GdipAlloc
GdipFree
GdipDeleteBrush
GdiplusStartup
GdiplusShutdown
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetTextRenderingHint
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipCreateLineBrushI

Exports

Exports

??0?$CDelegate@VCCalendarUI@UiLib@@V12@J@UiLib@@QAE@ABV01@@Z
??0?$CDelegate@VCCalendarUI@UiLib@@V12@J@UiLib@@QAE@PAVCCalendarUI@1@P821@AE_NPAUtagTNotifyUI@1@JI@ZPB_WJI@Z
??0?$CDelegate@VCControlUI@UiLib@@V12@PAUtagTActionGroup@2@@UiLib@@QAE@ABV01@@Z
??0?$CDelegate@VCControlUI@UiLib@@V12@PAUtagTActionGroup@2@@UiLib@@QAE@PAVCControlUI@1@P821@AE_NPAUtagTEventUI@1@PAUtagTActionGroup@1@I@ZI2I@Z
??0?$CDelegate@VCControlUI@UiLib@@V12@PAUtagTActionGroup@2@@UiLib@@QAE@PAVCControlUI@1@P821@AE_NPAUtagTNotifyUI@1@PAUtagTActionGroup@1@I@ZPB_W2I@Z
??0?$CDelegate@VCTreeViewUI@UiLib@@V12@J@UiLib@@QAE@ABV01@@Z
??0?$CDelegate@VCTreeViewUI@UiLib@@V12@J@UiLib@@QAE@PAVCTreeViewUI@1@P821@AE_NPAUtagTNotifyUI@1@JI@ZPB_WJI@Z
??0?$DelegatingObject@VCActiveXCtrl@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCButtonUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCCalendarUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCChartViewUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCCheckBoxUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCChildLayoutUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCComboBoxUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCComboUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCContainerUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCControlUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCEditUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCFadeButtonUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCFlashUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCHorizontalLayoutUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCLabelUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCListContainerElementUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCListHeaderItemUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCListHeaderUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCListImageTextElementUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCListLabelElementUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCListTextElementUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCListUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCOptionUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCProgressUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCRadioBoxUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCRichEditUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCScrollBarUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCSliderUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCTabLayoutUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCTextUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCTileLayoutUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCTreeNodeUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCTreeViewUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCVerticalLayoutUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCWebBrowserUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$TDuiTimer@VCControlUI@UiLib@@V12@PAUtagTActionGroup@2@@UiLib@@QAE@ABV01@@Z
??0?$TDuiTimer@VCControlUI@UiLib@@V12@PAUtagTActionGroup@2@@UiLib@@QAE@PAVCControlUI@1@P821@AEXPAVIDuiTimer@1@PAUtagTActionGroup@1@@Z2HH_N44@Z
??0?$TDuiTimer@VCControlUI@UiLib@@V12@PAUtagTProperty@2@@UiLib@@QAE@ABV01@@Z
??0?$TDuiTimer@VCControlUI@UiLib@@V12@PAUtagTProperty@2@@UiLib@@QAE@PAVCControlUI@1@P821@AEXPAVIDuiTimer@1@PAUtagTProperty@1@@Z2HH_N44@Z
??0?$TDuiTimer@VCDuiTrayIcon@UiLib@@V12@PAX@UiLib@@QAE@ABV01@@Z
??0?$TDuiTimer@VCDuiTrayIcon@UiLib@@V12@PAX@UiLib@@QAE@PAVCDuiTrayIcon@1@P821@AEXPAVIDuiTimer@1@@ZHH_N33@Z
??0?$TStdPtrArray@PAUtagTProperty@UiLib@@@UiLib@@QAE@H@Z
??0?$TStdPtrArray@PAVCChartItem@UiLib@@@UiLib@@QAE@ABV01@@Z
??0?$TStdPtrArray@PAVCChartItem@UiLib@@@UiLib@@QAE@H@Z
??0?$TStdPtrArray@PAVCChartSeries@UiLib@@@UiLib@@QAE@ABV01@@Z
??0?$TStdPtrArray@PAVCChartSeries@UiLib@@@UiLib@@QAE@H@Z
??0?$TStdPtrArray@PAVCDelegateBase@UiLib@@@UiLib@@QAE@ABV01@@Z
??0?$TStdPtrArray@PAVCDelegateBase@UiLib@@@UiLib@@QAE@H@Z
??0?$TStdPtrArray@PAVCDuiString@UiLib@@@UiLib@@QAE@ABV01@@Z
??0?$TStdPtrArray@PAVCDuiString@UiLib@@@UiLib@@QAE@H@Z
??0?$TStdStringPtrMap@PAUtagActionPropertys@UiLib@@@UiLib@@QAE@H@Z
??0?$TStdStringPtrMap@PAUtagTActionGroup@UiLib@@@UiLib@@QAE@H@Z
??0?$TStdValArray@HH@UiLib@@QAE@HH@Z
??0?$TStdValArray@VCDuiString@UiLib@@PB_W@UiLib@@QAE@HH@Z
??0CActiveXUI@UiLib@@QAE@ABV01@@Z
??0CActiveXUI@UiLib@@QAE@XZ
??0CAnimationData@UiLib@@QAE@HHHH@Z
??0CButtonUI@UiLib@@QAE@ABV01@@Z
??0CButtonUI@UiLib@@QAE@XZ
??0CChartItem@UiLib@@QAE@N@Z
??0CChartSeries@UiLib@@QAE@ABV01@@Z
??0CChartSeries@UiLib@@QAE@PB_W00@Z
??0CChartSeries@UiLib@@QAE@PB_WKK@Z
??0CChartViewUI@UiLib@@QAE@ABV01@@Z
??0CChartViewUI@UiLib@@QAE@XZ
??0CChartXYAxis@UiLib@@QAE@ABV01@@Z
??0CChartXYAxis@UiLib@@QAE@XZ
??0CCheckBoxUI@UiLib@@QAE@ABV01@@Z
??0CCheckBoxUI@UiLib@@QAE@XZ
??0CChildLayoutUI@UiLib@@QAE@ABV01@@Z
??0CChildLayoutUI@UiLib@@QAE@XZ
??0CComboBoxUI@UiLib@@QAE@ABV01@@Z
??0CComboBoxUI@UiLib@@QAE@XZ
??0CComboUI@UiLib@@QAE@ABV01@@Z
??0CComboUI@UiLib@@QAE@XZ
??0CContainerUI@UiLib@@QAE@ABV01@@Z
??0CContainerUI@UiLib@@QAE@XZ
??0CControlUI@UiLib@@QAE@ABV01@@Z
??0CControlUI@UiLib@@QAE@XZ
??0CDelegateBase@UiLib@@QAE@ABV01@@Z
??0CDelegateBase@UiLib@@QAE@PAXP6A_N0JI@ZJI@Z
??0CDelegateBase@UiLib@@QAE@PAXP6A_NPAUtagTEventUI@1@JI@ZIJI@Z
??0CDelegateBase@UiLib@@QAE@PAXP6A_NPAUtagTNotifyUI@1@JI@ZPB_WJI@Z
??0CDelegateStatic@UiLib@@QAE@ABV01@@Z
??0CDelegateStatic@UiLib@@QAE@P6A_NPAUtagTEventUI@1@JI@ZIJI@Z
??0CDelegateStatic@UiLib@@QAE@P6A_NPAUtagTNotifyUI@1@JI@ZPB_WJI@Z
??0CDelegateStatic@UiLib@@QAE@P6A_NPAXJI@ZJI@Z
??0CDialogBuilder@UiLib@@QAE@XZ
??0CDuiAutoComplete@UiLib@@QAE@ABV01@@Z
??0CDuiAutoComplete@UiLib@@QAE@XZ
??0CDuiRect@UiLib@@QAE@ABUtagRECT@@@Z
??0CDuiRect@UiLib@@QAE@HHHH@Z
??0CDuiRect@UiLib@@QAE@XZ
??0CDuiString@UiLib@@QAE@ABV01@@Z
??0CDuiString@UiLib@@QAE@PB_WH@Z
??0CDuiString@UiLib@@QAE@XZ
??0CDuiString@UiLib@@QAE@_W@Z
??0CDuiTimer@UiLib@@QAE@ABV01@@Z
??0CDuiTimer@UiLib@@QAE@PAUHWND__@@JIHH_N11@Z
??0CDuiTimer@UiLib@@QAE@XZ
??0CDuiTimerBase@UiLib@@QAE@ABV01@@Z
??0CDuiTimerBase@UiLib@@QAE@PAUHWND__@@JIHH_N11@Z
??0CDuiTimerBase@UiLib@@QAE@PAX00HH_N11@Z
??0CDuiTimerBase@UiLib@@QAE@PAX0HH_N11@Z
??0CDuiTimerBase@UiLib@@QAE@PAX0PAUHWND__@@JIHH_N22@Z
??0CDuiTimerBase@UiLib@@QAE@XZ
??0CDuiTrayIcon@UiLib@@QAE@XZ
??0CEditUI@UiLib@@QAE@ABV01@@Z
??0CEditUI@UiLib@@QAE@XZ
??0CEventSource@UiLib@@QAE@ABV01@@Z
??0CEventSource@UiLib@@QAE@XZ
??0CFadeButtonUI@UiLib@@QAE@ABV01@@Z
??0CFadeButtonUI@UiLib@@QAE@XZ
??0CFlashUI@UiLib@@QAE@ABV01@@Z
??0CFlashUI@UiLib@@QAE@XZ
??0CHorizontalLayoutUI@UiLib@@QAE@ABV01@@Z
??0CHorizontalLayoutUI@UiLib@@QAE@XZ
??0CLabelUI@UiLib@@QAE@ABV01@@Z
??0CLabelUI@UiLib@@QAE@XZ
??0CListBodyUI@UiLib@@QAE@ABV01@@Z
??0CListBodyUI@UiLib@@QAE@PAVCListUI@1@@Z
??0CListContainerElementUI@UiLib@@QAE@ABV01@@Z
??0CListContainerElementUI@UiLib@@QAE@XZ
??0CListElementUI@UiLib@@QAE@ABV01@@Z
??0CListElementUI@UiLib@@QAE@XZ
??0CListHeaderItemUI@UiLib@@QAE@ABV01@@Z
??0CListHeaderItemUI@UiLib@@QAE@XZ
??0CListHeaderUI@UiLib@@QAE@ABV01@@Z
??0CListHeaderUI@UiLib@@QAE@XZ
??0CListImageTextElementUI@UiLib@@QAE@ABV01@@Z
??0CListImageTextElementUI@UiLib@@QAE@XZ
??0CListLabelElementUI@UiLib@@QAE@ABV01@@Z
??0CListLabelElementUI@UiLib@@QAE@XZ
??0CListTextElementUI@UiLib@@QAE@ABV01@@Z
??0CListTextElementUI@UiLib@@QAE@XZ
??0CListUI@UiLib@@QAE@ABV01@@Z
??0CListUI@UiLib@@QAE@XZ
??0CMarkup@UiLib@@QAE@PB_W@Z
??0CMarkupNode@UiLib@@AAE@PAVCMarkup@1@H@Z
??0CMarkupNode@UiLib@@AAE@XZ
??0CNotifyPump@UiLib@@QAE@ABV01@@Z
??0COptionUI@UiLib@@QAE@ABV01@@Z
??0COptionUI@UiLib@@QAE@XZ
??0CPaintManagerUI@UiLib@@QAE@ABV01@@Z
??0CPaintManagerUI@UiLib@@QAE@XZ
??0CPoint@UiLib@@QAE@ABUtagPOINT@@@Z
??0CPoint@UiLib@@QAE@HH@Z
??0CPoint@UiLib@@QAE@J@Z
??0CPoint@UiLib@@QAE@XZ
??0CProgressUI@UiLib@@QAE@ABV01@@Z
??0CProgressUI@UiLib@@QAE@XZ
??0CRadioBoxUI@UiLib@@QAE@ABV01@@Z
??0CRadioBoxUI@UiLib@@QAE@XZ
??0CRichEditUI@UiLib@@QAE@ABV01@@Z
??0CRichEditUI@UiLib@@QAE@XZ
??0CScrollBarUI@UiLib@@QAE@ABV01@@Z
??0CScrollBarUI@UiLib@@QAE@XZ
??0CSize@UiLib@@QAE@ABUtagSIZE@@@Z
??0CSize@UiLib@@QAE@HH@Z
??0CSize@UiLib@@QAE@UtagRECT@@@Z
??0CSize@UiLib@@QAE@XZ
??0CSliderUI@UiLib@@QAE@ABV01@@Z
??0CSliderUI@UiLib@@QAE@XZ
??0CStdPtrArray@UiLib@@QAE@ABV01@@Z
??0CStdPtrArray@UiLib@@QAE@H@Z
??0CStdStringPtrMap@UiLib@@QAE@H@Z
??0CStdValArray@UiLib@@QAE@HH@Z
??0CTabLayoutUI@UiLib@@QAE@ABV01@@Z
??0CTabLayoutUI@UiLib@@QAE@XZ
??0CTextUI@UiLib@@QAE@ABV01@@Z
??0CTextUI@UiLib@@QAE@XZ
??0CTileLayoutUI@UiLib@@QAE@ABV01@@Z
??0CTileLayoutUI@UiLib@@QAE@XZ
??0CTimerSource@UiLib@@QAE@ABV01@@Z
??0CTimerSource@UiLib@@QAE@XZ
??0CTreeNodeUI@UiLib@@QAE@ABV01@@Z
??0CTreeNodeUI@UiLib@@QAE@PAV01@@Z
??0CTreeViewUI@UiLib@@QAE@ABV01@@Z
??0CTreeViewUI@UiLib@@QAE@XZ
??0CUIAnimation@UiLib@@QAE@ABV01@@Z
??0CUIAnimation@UiLib@@QAE@PAVCControlUI@1@@Z
??0CVerticalLayoutUI@UiLib@@QAE@ABV01@@Z
??0CVerticalLayoutUI@UiLib@@QAE@XZ
??0CWaitCursor@UiLib@@QAE@XZ
??0CWebBrowserUI@UiLib@@QAE@ABV01@@Z
??0CWebBrowserUI@UiLib@@QAE@XZ
??0CWindowWnd@UiLib@@QAE@ABV01@@Z
??0CWindowWnd@UiLib@@QAE@XZ
??0DuiObjectMap@UiLib@@AAE@XZ
??0IDelegate@UiLib@@QAE@ABV01@@Z
??0IDelegate@UiLib@@QAE@XZ
??0IDuiTimer@UiLib@@QAE@ABV01@@Z
??0IDuiTimer@UiLib@@QAE@XZ
??0IUIAnimation@UiLib@@QAE@ABV01@@Z
??0IUIAnimation@UiLib@@QAE@XZ
??0IWindowBase@@QAE@ABV0@@Z
??0IWindowBase@@QAE@PB_W@Z
??0WindowImplBase@UiLib@@QAE@ABV01@@Z
??1?$CDelegate@VCCalendarUI@UiLib@@V12@J@UiLib@@UAE@XZ
??1?$CDelegate@VCControlUI@UiLib@@V12@PAUtagTActionGroup@2@@UiLib@@UAE@XZ
??1?$CDelegate@VCTreeViewUI@UiLib@@V12@J@UiLib@@UAE@XZ
??1?$TDuiTimer@VCControlUI@UiLib@@V12@PAUtagTActionGroup@2@@UiLib@@UAE@XZ
??1?$TDuiTimer@VCControlUI@UiLib@@V12@PAUtagTProperty@2@@UiLib@@UAE@XZ
??1?$TDuiTimer@VCDuiTrayIcon@UiLib@@V12@PAX@UiLib@@UAE@XZ
??1?$TStdPtrArray@PAUtagTProperty@UiLib@@@UiLib@@QAE@XZ
??1?$TStdPtrArray@PAVCChartItem@UiLib@@@UiLib@@QAE@XZ
??1?$TStdPtrArray@PAVCChartSeries@UiLib@@@UiLib@@QAE@XZ
??1?$TStdPtrArray@PAVCDelegateBase@UiLib@@@UiLib@@QAE@XZ
??1?$TStdPtrArray@PAVCDuiString@UiLib@@@UiLib@@QAE@XZ
??1?$TStdStringPtrMap@PAUtagActionPropertys@UiLib@@@UiLib@@QAE@XZ
??1?$TStdStringPtrMap@PAUtagTActionGroup@UiLib@@@UiLib@@QAE@XZ
??1?$TStdValArray@HH@UiLib@@QAE@XZ
??1?$TStdValArray@VCDuiString@UiLib@@PB_W@UiLib@@QAE@XZ
??1CActiveXUI@UiLib@@UAE@XZ
??1CButtonUI@UiLib@@UAE@XZ
??1CChartItem@UiLib@@QAE@XZ
??1CChartSeries@UiLib@@QAE@XZ
??1CChartViewUI@UiLib@@UAE@XZ
??1CChartXYAxis@UiLib@@QAE@XZ
??1CCheckBoxUI@UiLib@@UAE@XZ
??1CChildLayoutUI@UiLib@@UAE@XZ
??1CComboBoxUI@UiLib@@UAE@XZ
??1CComboUI@UiLib@@UAE@XZ
??1CContainerUI@UiLib@@UAE@XZ
??1CControlUI@UiLib@@UAE@XZ
??1CDelegateBase@UiLib@@UAE@XZ
??1CDelegateStatic@UiLib@@UAE@XZ
??1CDuiAutoComplete@UiLib@@QAE@XZ
??1CDuiString@UiLib@@QAE@XZ
??1CDuiTimer@UiLib@@UAE@XZ
??1CDuiTimerBase@UiLib@@UAE@XZ
??1CDuiTrayIcon@UiLib@@QAE@XZ
??1CEditUI@UiLib@@UAE@XZ
??1CEventSource@UiLib@@QAE@XZ
??1CFadeButtonUI@UiLib@@UAE@XZ
??1CFlashUI@UiLib@@UAE@XZ
??1CHorizontalLayoutUI@UiLib@@UAE@XZ
??1CLabelUI@UiLib@@UAE@XZ
??1CListBodyUI@UiLib@@UAE@XZ
??1CListContainerElementUI@UiLib@@UAE@XZ
??1CListElementUI@UiLib@@UAE@XZ
??1CListHeaderItemUI@UiLib@@UAE@XZ
??1CListHeaderUI@UiLib@@UAE@XZ
??1CListImageTextElementUI@UiLib@@UAE@XZ
??1CListLabelElementUI@UiLib@@UAE@XZ
??1CListTextElementUI@UiLib@@UAE@XZ
??1CListUI@UiLib@@UAE@XZ
??1CMarkup@UiLib@@QAE@XZ
??1COptionUI@UiLib@@UAE@XZ
??1CPaintManagerUI@UiLib@@QAE@XZ
??1CProgressUI@UiLib@@UAE@XZ
??1CRadioBoxUI@UiLib@@UAE@XZ
??1CRenderClip@UiLib@@QAE@XZ
??1CRichEditUI@UiLib@@UAE@XZ
??1CScrollBarUI@UiLib@@UAE@XZ
??1CSliderUI@UiLib@@UAE@XZ
??1CStdPtrArray@UiLib@@QAE@XZ
??1CStdStringPtrMap@UiLib@@QAE@XZ
??1CStdValArray@UiLib@@QAE@XZ
??1CTabLayoutUI@UiLib@@UAE@XZ
??1CTextUI@UiLib@@UAE@XZ
??1CTileLayoutUI@UiLib@@UAE@XZ
??1CTimerSource@UiLib@@QAE@XZ
??1CTreeNodeUI@UiLib@@UAE@XZ
??1CTreeViewUI@UiLib@@UAE@XZ
??1CUIAnimation@UiLib@@UAE@XZ
??1CVerticalLayoutUI@UiLib@@UAE@XZ
??1CWaitCursor@UiLib@@QAE@XZ
??1CWebBrowserUI@UiLib@@UAE@XZ
??1IUIAnimation@UiLib@@UAE@XZ
??1IWindowBase@@UAE@XZ
??4?$CDelegate@VCCalendarUI@UiLib@@V12@J@UiLib@@QAEAAV01@ABV01@@Z
??4?$CDelegate@VCControlUI@UiLib@@V12@PAUtagTActionGroup@2@@UiLib@@QAEAAV01@ABV01@@Z
??4?$CDelegate@VCTreeViewUI@UiLib@@V12@J@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCActiveXCtrl@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCButtonUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCCalendarUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCChartViewUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCCheckBoxUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCChildLayoutUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCComboBoxUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCComboUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCContainerUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCControlUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCEditUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCFadeButtonUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCFlashUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCHorizontalLayoutUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCLabelUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCListContainerElementUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCListHeaderItemUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCListHeaderUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCListImageTextElementUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCListLabelElementUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCListTextElementUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCListUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCOptionUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCProgressUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCRadioBoxUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCRichEditUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCScrollBarUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCSliderUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCTabLayoutUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCTextUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCTileLayoutUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCTreeNodeUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCTreeViewUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCVerticalLayoutUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCWebBrowserUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$TDuiTimer@VCControlUI@UiLib@@V12@PAUtagTActionGroup@2@@UiLib@@QAEAAV01@ABV01@@Z
??4?$TDuiTimer@VCControlUI@UiLib@@V12@PAUtagTProperty@2@@UiLib@@QAEAAV01@ABV01@@Z
??4?$TDuiTimer@VCDuiTrayIcon@UiLib@@V12@PAX@UiLib@@QAEAAV01@ABV01@@Z
??4?$TStdPtrArray@PAUtagTProperty@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$TStdPtrArray@PAVCChartItem@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$TStdPtrArray@PAVCChartSeries@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$TStdPtrArray@PAVCDelegateBase@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$TStdPtrArray@PAVCDuiString@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$TStdStringPtrMap@PAUtagActionPropertys@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$TStdStringPtrMap@PAUtagTActionGroup@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$TStdValArray@HH@UiLib@@QAEAAV01@ABV01@@Z
??4?$TStdValArray@VCDuiString@UiLib@@PB_W@UiLib@@QAEAAV01@ABV01@@Z
??4CActiveXUI@UiLib@@QAEAAV01@ABV01@@Z
??4CAnimationData@UiLib@@QAEAAV01@ABV01@@Z
??4CButtonUI@UiLib@@QAEAAV01@ABV01@@Z
??4CChartItem@UiLib@@QAEAAV01@ABV01@@Z
??4CChartSeries@UiLib@@QAEAAV01@ABV01@@Z
??4CChartViewUI@UiLib@@QAEAAV01@ABV01@@Z
??4CChartXYAxis@UiLib@@QAEAAV01@ABV01@@Z
??4CCheckBoxUI@UiLib@@QAEAAV01@ABV01@@Z
??4CChildLayoutUI@UiLib@@QAEAAV01@ABV01@@Z
??4CComboBoxUI@UiLib@@QAEAAV01@ABV01@@Z
??4CComboUI@UiLib@@QAEAAV01@ABV01@@Z
??4CContainerUI@UiLib@@QAEAAV01@ABV01@@Z
??4CControlUI@UiLib@@QAEAAV01@ABV01@@Z
??4CDelegateBase@UiLib@@QAEAAV01@ABV01@@Z
??4CDelegateStatic@UiLib@@QAEAAV01@ABV01@@Z
??4CDialogBuilder@UiLib@@QAEAAV01@ABV01@@Z
??4CDuiAutoComplete@UiLib@@QAEAAV01@ABV01@@Z
??4CDuiRect@UiLib@@QAEAAV01@ABV01@@Z
??4CDuiString@UiLib@@QAEABV01@ABV01@@Z
??4CDuiString@UiLib@@QAEABV01@PBD@Z
??4CDuiString@UiLib@@QAEABV01@PB_W@Z
??4CDuiString@UiLib@@QAEABV01@_W@Z
??4CDuiTimer@UiLib@@QAEAAV01@ABV01@@Z
??4CDuiTimerBase@UiLib@@QAEAAV01@ABV01@@Z
??4CDuiTrayIcon@UiLib@@QAEAAV01@ABV01@@Z
??4CEditUI@UiLib@@QAEAAV01@ABV01@@Z
??4CEventSource@UiLib@@QAEAAV01@ABV01@@Z
??4CFadeButtonUI@UiLib@@QAEAAV01@ABV01@@Z
??4CFlashUI@UiLib@@QAEAAV01@ABV01@@Z
??4CHorizontalLayoutUI@UiLib@@QAEAAV01@ABV01@@Z
??4CLabelUI@UiLib@@QAEAAV01@ABV01@@Z
??4CListBodyUI@UiLib@@QAEAAV01@ABV01@@Z
??4CListContainerElementUI@UiLib@@QAEAAV01@ABV01@@Z
??4CListElementUI@UiLib@@QAEAAV01@ABV01@@Z
??4CListHeaderItemUI@UiLib@@QAEAAV01@ABV01@@Z
??4CListHeaderUI@UiLib@@QAEAAV01@ABV01@@Z
??4CListImageTextElementUI@UiLib@@QAEAAV01@ABV01@@Z
??4CListLabelElementUI@UiLib@@QAEAAV01@ABV01@@Z
??4CListTextElementUI@UiLib@@QAEAAV01@ABV01@@Z
??4CListUI@UiLib@@QAEAAV01@ABV01@@Z
??4CMarkup@UiLib@@QAEAAV01@ABV01@@Z
??4CMarkupNode@UiLib@@QAEAAV01@ABV01@@Z
??4CNotifyPump@UiLib@@QAEAAV01@ABV01@@Z
??4COptionUI@UiLib@@QAEAAV01@ABV01@@Z
??4CPaintManagerUI@UiLib@@QAEAAV01@ABV01@@Z
??4CPoint@UiLib@@QAEAAV01@ABV01@@Z
??4CProgressUI@UiLib@@QAEAAV01@ABV01@@Z
??4CRadioBoxUI@UiLib@@QAEAAV01@ABV01@@Z
??4CRenderClip@UiLib@@QAEAAV01@ABV01@@Z
??4CRenderEngine@UiLib@@QAEAAV01@ABV01@@Z
??4CRichEditUI@UiLib@@QAEAAV01@ABV01@@Z
??4CScrollBarUI@UiLib@@QAEAAV01@ABV01@@Z
??4CSize@UiLib@@QAEAAV01@ABV01@@Z
??4CSliderUI@UiLib@@QAEAAV01@ABV01@@Z
??4CStdPtrArray@UiLib@@QAEAAV01@ABV01@@Z
??4CStdStringPtrMap@UiLib@@QAEAAV01@ABV01@@Z
??4CStdValArray@UiLib@@QAEAAV01@ABV01@@Z
??4CTabLayoutUI@UiLib@@QAEAAV01@ABV01@@Z
??4CTextUI@UiLib@@QAEAAV01@ABV01@@Z
??4CTileLayoutUI@UiLib@@QAEAAV01@ABV01@@Z
??4CTimerSource@UiLib@@QAEAAV01@ABV01@@Z
??4CTreeNodeUI@UiLib@@QAEAAV01@ABV01@@Z
??4CTreeViewUI@UiLib@@QAEAAV01@ABV01@@Z
??4CUIAnimation@UiLib@@QAEAAV01@ABV01@@Z
??4CVerticalLayoutUI@UiLib@@QAEAAV01@ABV01@@Z
??4CWaitCursor@UiLib@@QAEAAV01@ABV01@@Z
??4CWebBrowserUI@UiLib@@QAEAAV01@ABV01@@Z
??4CWindowWnd@UiLib@@QAEAAV01@ABV01@@Z
??4DuiObjectMap@UiLib@@QAEAAV01@ABV01@@Z
??4IDelegate@UiLib@@QAEAAV01@ABV01@@Z
??4IDuiTimer@UiLib@@QAEAAV01@ABV01@@Z
??4IUIAnimation@UiLib@@QAEAAV01@ABV01@@Z
??4IWindowBase@@QAEAAV0@ABV0@@Z
??4WindowImplBase@UiLib@@QAEAAV01@ABV01@@Z
??8CDuiString@UiLib@@QBE_NPB_W@Z
??9CDuiString@UiLib@@QBE_NPB_W@Z
??A?$TStdPtrArray@PAVCDuiString@UiLib@@@UiLib@@QBEPAVCDuiString@1@H@Z
??ACDuiString@UiLib@@QBE_WH@Z
??ACStdPtrArray@UiLib@@QBEPAXH@Z
??ACStdStringPtrMap@UiLib@@QBEPB_WH@Z
??ACStdValArray@UiLib@@QBEPAXH@Z
??BCDuiString@UiLib@@QBEPB_WXZ
??BCEventSource@UiLib@@QAE_NXZ
??BCTimerSource@UiLib@@QAE_NXZ
??BCWindowWnd@UiLib@@QBEPAUHWND__@@XZ
??HCDuiString@UiLib@@QBE?AV01@ABV01@@Z
??HCDuiString@UiLib@@QBE?AV01@PB_W@Z
??MCDuiString@UiLib@@QBE_NPB_W@Z
??NCDuiString@UiLib@@QBE_NPB_W@Z
??OCDuiString@UiLib@@QBE_NPB_W@Z
??PCDuiString@UiLib@@QBE_NPB_W@Z
??RCDelegateBase@UiLib@@QAE_NPAUtagTEventUI@1@IJI@Z
??RCDelegateBase@UiLib@@QAE_NPAUtagTNotifyUI@1@PB_WJI@Z
??RCDelegateBase@UiLib@@QAE_NPAXJI@Z
??RCDuiTimerBase@UiLib@@QAEXPAVIDuiTimer@1@@Z
??RCDuiTimerBase@UiLib@@QAEXPAVIDuiTimer@1@PAUHWND__@@JI@Z
??RCDuiTimerBase@UiLib@@QAEXPAVIDuiTimer@1@PAX@Z
??RCEventSource@UiLib@@QAE_NPAUtagTEventUI@1@@Z
??RCEventSource@UiLib@@QAE_NPAUtagTNotifyUI@1@@Z
??RCEventSource@UiLib@@QAE_NPAX@Z
??YCDuiString@UiLib@@QAEABV01@ABV01@@Z
??YCDuiString@UiLib@@QAEABV01@PBD@Z
??YCDuiString@UiLib@@QAEABV01@PB_W@Z
??YCDuiString@UiLib@@QAEABV01@_W@Z
??YCEventSource@UiLib@@QAEXABVCDelegateBase@1@@Z
??YCEventSource@UiLib@@QAEXP6A_NPAXJI@Z@Z
??YCTimerSource@UiLib@@QAEXABVCDuiTimerBase@1@@Z
??YCTimerSource@UiLib@@QAEXPAVCDuiTimerBase@1@@Z
??YCTimerSource@UiLib@@QAEXPAVIDuiTimer@1@@Z
??ZCEventSource@UiLib@@QAEXABVCDelegateBase@1@@Z
??ZCEventSource@UiLib@@QAEXP6A_NPAXJI@Z@Z
??ZCTimerSource@UiLib@@QAEXABVCDuiTimerBase@1@@Z
??ZCTimerSource@UiLib@@QAEXPAVIDuiTimer@1@@Z
??ZCTimerSource@UiLib@@QAEXPBVCDuiTimerBase@1@@Z
??_7?$CDelegate@VCCalendarUI@UiLib@@V12@J@UiLib@@6B@
??_7?$CDelegate@VCControlUI@UiLib@@V12@PAUtagTActionGroup@2@@UiLib@@6B@
??_7?$CDelegate@VCTreeViewUI@UiLib@@V12@J@UiLib@@6B@
??_7?$TDuiTimer@VCControlUI@UiLib@@V12@PAUtagTActionGroup@2@@UiLib@@6B@
??_7?$TDuiTimer@VCControlUI@UiLib@@V12@PAUtagTProperty@2@@UiLib@@6B@
??_7?$TDuiTimer@VCDuiTrayIcon@UiLib@@V12@PAX@UiLib@@6B@
??_7CActiveXUI@UiLib@@6BCControlUI@1@@
??_7CActiveXUI@UiLib@@6BIMessageFilterUI@1@@
??_7CButtonUI@UiLib@@6B@
??_7CChartViewUI@UiLib@@6BCControlUI@1@@
??_7CChartViewUI@UiLib@@6BIContainerUI@1@@
??_7CCheckBoxUI@UiLib@@6B@
??_7CChildLayoutUI@UiLib@@6BCControlUI@1@@
??_7CChildLayoutUI@UiLib@@6BIContainerUI@1@@
??_7CComboBoxUI@UiLib@@6B@
??_7CComboBoxUI@UiLib@@6BCControlUI@1@@
??_7CComboBoxUI@UiLib@@6BIContainerUI@1@@
??_7CComboUI@UiLib@@6B@
??_7CComboUI@UiLib@@6BCControlUI@1@@
??_7CComboUI@UiLib@@6BIContainerUI@1@@
??_7CContainerUI@UiLib@@6BCControlUI@1@@
??_7CContainerUI@UiLib@@6BIContainerUI@1@@
??_7CControlUI@UiLib@@6B@
??_7CDelegateBase@UiLib@@6B@
??_7CDelegateStatic@UiLib@@6B@
??_7CDuiAutoComplete@UiLib@@6B@
??_7CDuiTimer@UiLib@@6B@
??_7CDuiTimerBase@UiLib@@6B@
??_7CEditUI@UiLib@@6B@
??_7CFadeButtonUI@UiLib@@6BCButtonUI@1@@
??_7CFadeButtonUI@UiLib@@6BCUIAnimation@1@@
??_7CFlashUI@UiLib@@6BCControlUI@1@@
??_7CFlashUI@UiLib@@6BIMessageFilterUI@1@@
??_7CFlashUI@UiLib@@6BITranslateAccelerator@1@@
??_7CFlashUI@UiLib@@6B_IShockwaveFlashEvents@@@
??_7CHorizontalLayoutUI@UiLib@@6BCControlUI@1@@
??_7CHorizontalLayoutUI@UiLib@@6BIContainerUI@1@@
??_7CLabelUI@UiLib@@6B@
??_7CListBodyUI@UiLib@@6BCControlUI@1@@
??_7CListBodyUI@UiLib@@6BIContainerUI@1@@
??_7CListContainerElementUI@UiLib@@6B@
??_7CListContainerElementUI@UiLib@@6BCControlUI@1@@
??_7CListContainerElementUI@UiLib@@6BIContainerUI@1@@
??_7CListElementUI@UiLib@@6BCControlUI@1@@
??_7CListElementUI@UiLib@@6BIListItemUI@1@@
??_7CListHeaderItemUI@UiLib@@6B@
??_7CListHeaderUI@UiLib@@6BCControlUI@1@@
??_7CListHeaderUI@UiLib@@6BIContainerUI@1@@
??_7CListImageTextElementUI@UiLib@@6BCControlUI@1@@
??_7CListImageTextElementUI@UiLib@@6BIListItemUI@1@@
??_7CListLabelElementUI@UiLib@@6BCControlUI@1@@
??_7CListLabelElementUI@UiLib@@6BIListItemUI@1@@
??_7CListTextElementUI@UiLib@@6BCControlUI@1@@
??_7CListTextElementUI@UiLib@@6BIListItemUI@1@@
??_7CListUI@UiLib@@6B@
??_7CListUI@UiLib@@6BCControlUI@1@@
??_7CListUI@UiLib@@6BIContainerUI@1@@
??_7COptionUI@UiLib@@6B@

Sections

.text
Size: 571KB - Virtual size: 570KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 239KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UninsFiles/ISTask.dll
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

ExecConsoleAppX
KillTask
RunTask
SerialNumberDisk
SerialNumberHDD

Sections

CODE
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 167B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
UninsFiles/ItDownload.dll
.dll windows:4 windows x86 arch:x86

04c8754c68f4349c85ad5221e435c9bf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

user32

GetKeyboardType
DestroyWindow
LoadStringA
MessageBoxA
CharNextA
CreateWindowExA
UpdateWindow
TranslateMessage
SetWindowTextA
SetWindowPos
SetWindowLongA
SendMessageA
ScreenToClient
ReleaseDC
RegisterClassExA
PostThreadMessageA
PostQuitMessage
PostMessageA
PeekMessageA
MsgWaitForMultipleObjects
MessageBoxA
LoadStringA
InvalidateRect
GetWindowRect
GetWindowLongA
GetSystemMetrics
GetMessageA
GetDC
FillRect
EndPaint
DispatchMessageA
DestroyWindow
DefWindowProcA
CallWindowProcA
BeginPaint
CharNextA
CharUpperBuffA
CharToOemA

kernel32

GetACP
Sleep
VirtualFree
VirtualAlloc
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
ExitThread
CreateThread
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
LocalFree
LocalAlloc
WriteFile
WaitForSingleObject
VirtualQuery
VirtualFree
VirtualAlloc
Sleep
SetFilePointer
SetEvent
SetEndOfFile
ResumeThread
ResetEvent
ReadFile
QueryPerformanceFrequency
QueryPerformanceCounter
OutputDebugStringA
LoadLibraryA
LeaveCriticalSection
InitializeCriticalSection
GetVersionExA
GetTickCount
GetThreadLocale
GetStdHandle
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLocalTime
GetLastError
GetFullPathNameA
GetFileAttributesA
GetExitCodeThread
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentThreadId
GetCPInfo
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
FreeLibrary
FormatMessageA
EnumCalendarInfoA
EnterCriticalSection
DeleteCriticalSection
CreateFileA
CreateEventA
CompareStringA
CloseHandle
Sleep

gdi32

TextOutA
SetBkMode
SelectObject
GetTextMetricsA
GetTextExtentPoint32A
DeleteObject
CreateFontA

wininet

InternetQueryOptionA

Exports

Exports

itd_addfile
itd_addfilesize
itd_addmirror
itd_cancel
itd_clearfiles
itd_downloadfile
itd_downloadfiles
itd_filecount
itd_getfilesize
itd_getoption
itd_getresultlen
itd_getresultstring
itd_getstring
itd_initui
itd_loadstrings
itd_postpage
itd_setoption
itd_setstring

Sections

.text
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 19KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
UninsFiles/itd_en.ini
UninsFiles/itd_fr.ini
UninsFiles/itd_nl.ini
UninsFiles/itd_ptbr.ini
UninsFiles/unins000.dat
UninsFiles/unins000.exe
.exe windows:5 windows x86 arch:x86

f5a1c848777debecdad2c9b40ea8aa48

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
GetErrorInfo
GetActiveObject
RegisterTypeLib
LoadTypeLib
SysFreeString
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopyInd
VariantCopy
VariantClear
VariantInit
SysFreeString

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
OpenThreadToken
OpenProcessToken
LookupPrivilegeValueW
GetUserNameW
GetTokenInformation
FreeSid
EqualSid
AllocateAndInitializeSid
AdjustTokenPrivileges

user32

GetKeyboardType
LoadStringW
MessageBoxA
CharNextW
CreateWindowExW
WindowFromPoint
WaitMessage
WaitForInputIdle
UpdateWindow
UnregisterClassW
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenu
SystemParametersInfoW
ShowWindow
ShowScrollBar
ShowOwnedPopups
SetWindowsHookExW
SetWindowTextW
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetRectEmpty
SetRect
SetPropW
SetParent
SetMenuItemInfoW
SetMenu
SetForegroundWindow
SetFocus
SetCursor
SetClassLongW
SetCapture
SetActiveWindow
SendNotifyMessageW
SendMessageTimeoutW
SendMessageA
SendMessageW
ScrollWindowEx
ScrollWindow
ScreenToClient
ReplyMessage
RemovePropW
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClassW
RedrawWindow
PtInRect
PostQuitMessage
PostMessageW
PeekMessageA
PeekMessageW
OffsetRect
OemToCharBuffA
MsgWaitForMultipleObjectsEx
MsgWaitForMultipleObjects
MoveWindow
MessageBoxW
MessageBeep
MapWindowPoints
MapVirtualKeyW
LoadStringW
LoadKeyboardLayoutW
LoadIconW
LoadCursorW
LoadBitmapW
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDialogMessageA
IsDialogMessageW
IsChild
InvalidateRect
IntersectRect
InsertMenuItemW
InsertMenuW
InflateRect
GetWindowThreadProcessId
GetWindowTextW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropW
GetParent
GetWindow
GetMessagePos
GetMessageW
GetMenuStringW
GetMenuState
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutNameW
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextW
GetIconInfo
GetForegroundWindow
GetFocus
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetCapture
GetActiveWindow
FrameRect
FindWindowExW
FindWindowW
FillRect
ExitWindowsEx
EnumWindows
EnumThreadWindows
EnumChildWindows
EndPaint
EnableWindow
EnableScrollBar
EnableMenuItem
DrawTextExW
DrawTextW
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageA
DispatchMessageW
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcW
DefMDIChildProcW
DefFrameProcW
CreatePopupMenu
CreateMenu
CreateIcon
ClientToScreen
CheckMenuItem
CharUpperBuffW
CharNextW
CharLowerBuffW
CharLowerW
CallWindowProcW
CallNextHookEx
BringWindowToTop
BeginPaint
AppendMenuW
CharToOemBuffA
AdjustWindowRectEx
ActivateKeyboardLayout

kernel32

GetACP
Sleep
VirtualFree
VirtualAlloc
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
SetCurrentDirectoryW
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetCurrentDirectoryW
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
ExitThread
CreateThread
CompareStringW
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
CloseHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleW
lstrcpyW
lstrcmpW
WriteProfileStringW
WritePrivateProfileStringW
WriteFile
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjectsEx
VirtualQueryEx
VirtualQuery
VirtualFree
VirtualAlloc
TransactNamedPipe
TerminateProcess
SwitchToThread
SizeofResource
SignalObjectAndWait
SetThreadLocale
SetNamedPipeHandleState
SetLastError
SetFileTime
SetFilePointer
SetFileAttributesW
SetEvent
SetErrorMode
SetEndOfFile
SetCurrentDirectoryW
ResumeThread
ResetEvent
RemoveDirectoryW
ReleaseMutex
ReadFile
QueryPerformanceCounter
OpenProcess
OpenMutexW
MultiByteToWideChar
MulDiv
MoveFileExW
MoveFileW
LockResource
LocalFree
LocalFileTimeToFileTime
LoadResource
LoadLibraryExW
LoadLibraryW
LeaveCriticalSection
IsDBCSLeadByte
IsBadWritePtr
InitializeCriticalSection
GlobalFindAtomW
GlobalDeleteAtom
GlobalAddAtomW
GetWindowsDirectoryW
GetVersionExW
GetVersion
GetUserDefaultLangID
GetTickCount
GetThreadLocale
GetSystemTimeAsFileTime
GetSystemInfo
GetSystemDirectoryW
GetStdHandle
GetShortPathNameW
GetProfileStringW
GetProcAddress
GetPrivateProfileStringW
GetOverlappedResult
GetModuleHandleW
GetModuleFileNameW
GetLogicalDrives
GetLocaleInfoW
GetLocalTime
GetLastError
GetFullPathNameW
GetFileSize
GetFileAttributesW
GetExitCodeThread
GetExitCodeProcess
GetEnvironmentVariableW
GetDriveTypeW
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetComputerNameW
GetCommandLineW
GetCPInfo
FreeResource
InterlockedIncrement
InterlockedExchangeAdd
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
FreeLibrary
FormatMessageW
FlushFileBuffers
FindResourceW
FindNextFileW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
EnumCalendarInfoW
EnterCriticalSection
DeviceIoControl
DeleteFileW
DeleteCriticalSection
CreateThread
CreateProcessW
CreateNamedPipeW
CreateMutexW
CreateFileW
CreateEventW
CreateDirectoryW
CopyFileW
CompareStringW
CompareFileTime
CloseHandle
Sleep

msimg32

AlphaBlend

gdi32

UnrealizeObject
StretchBlt
SetWindowOrgEx
SetViewportOrgEx
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SelectPalette
SelectObject
SaveDC
RoundRect
RestoreDC
RemoveFontResourceW
Rectangle
RectVisible
RealizePalette
Polyline
Pie
PatBlt
MoveToEx
MaskBlt
LineTo
LineDDA
IntersectClipRect
GetWindowOrgEx
GetTextMetricsW
GetTextExtentPointW
GetTextExtentPoint32W
GetSystemPaletteEntries
GetStockObject
GetRgnBox
GetPixel
GetPaletteEntries
GetObjectW
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetDCOrgEx
GetCurrentPositionEx
GetClipBox
GetBrushOrgEx
GetBitmapBits
FrameRgn
ExtTextOutW
ExtFloodFill
ExcludeClipRect
EnumFontsW
Ellipse
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePenIndirect
CreatePalette
CreateHalftonePalette
CreateFontIndirectW
CreateDIBitmap
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
Chord
BitBlt
Arc
AddFontResourceW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

mpr

WNetOpenEnumW
WNetGetUniversalNameW
WNetGetConnectionW
WNetEnumResourceW
WNetCloseEnum

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CLSIDFromProgID
CLSIDFromString
StringFromCLSID
CoCreateInstance
CoFreeUnusedLibraries
CoUninitialize
CoInitialize
IsEqualGUID
CoDisconnectObject

comctl32

InitializeFlatSB
FlatSB_SetScrollProp
FlatSB_SetScrollPos
FlatSB_SetScrollInfo
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
_TrackMouseEvent
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Remove
ImageList_DrawEx
ImageList_Draw
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_Add
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
InitCommonControls

shell32

ShellExecuteExW
ShellExecuteW
SHGetFileInfoW
ExtractIconW
SHGetPathFromIDListW
SHGetMalloc
SHChangeNotify
SHBrowseForFolderW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 24KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 60B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
YK_GameManager.exe
.exe windows:5 windows x86 arch:x86

2a3f01c62f6b125578883c5607ba36c5

Code Sign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

22:17:1a:6c:13:4e:71:95:7d:ce:f3:5d:91:4c:22:d5
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

18/09/2013, 00:00

Not After

18/12/2015, 23:59

Subject

CN=Wuhan Yu Ku of Network Technology Co.\, Ltd,OU=Ministry of Technology,O=Wuhan Yu Ku of Network Technology Co.\, Ltd,L=wuhan,ST=hubei,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1e:dc:d0:93:62:da:68:bf:06:0f:e3:b9:8f:ed:36:76:b2:db:91:1a
Signer

Actual PE Digest

1e:dc:d0:93:62:da:68:bf:06:0f:e3:b9:8f:ed:36:76:b2:db:91:1a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Works\wuliang\GameManage\Release\YK_GameManager.pdb

Imports

kernel32

SystemTimeToFileTime
GetCurrentProcess
WriteFile
GetFileType
DuplicateHandle
SetEnvironmentVariableA
SetEndOfFile
CreateFileA
SetStdHandle
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
GetTimeZoneInformation
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapCreate
IsProcessorFeaturePresent
SetHandleCount
GetLocaleInfoW
GetCurrentThreadId
SetLastError
SetFilePointer
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
CompareStringW
GetCPInfo
LCMapStringW
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetStdHandle
WriteConsoleW
GetSystemTimeAsFileTime
GetDateFormatW
GetTimeFormatW
LocalFree
InitializeCriticalSection
DecodePointer
EncodePointer
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
DosDateTimeToFileTime
ExitProcess
GetACP
CreateFileW
ReadFile
GetFileSize
GetTickCount
MulDiv
TerminateThread
GetExitCodeProcess
FreeResource
DeleteFileW
WinExec
ReleaseMutex
DeleteCriticalSection
lstrcmpiW
EnterCriticalSection
RaiseException
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
InterlockedDecrement
InterlockedIncrement
LoadLibraryExW
CreateMutexW
CreateThread
FindResourceExW
GetProcAddress
GetLastError
LoadLibraryW
GetModuleHandleW
FreeLibrary
GetCurrentProcessId
CloseHandle
GetLocalTime
FindClose
GetCurrentDirectoryW
GetTempPathW
WritePrivateProfileStringW
lstrlenW
MultiByteToWideChar
GetModuleFileNameW
FileTimeToSystemTime
GetVersionExW
CopyFileW
WideCharToMultiByte
OpenProcess
GetPrivateProfileStringW
CreateDirectoryW
CreateProcessW
lstrlenA
FindFirstFileW
GetTempFileNameW
Sleep
LockResource
SizeofResource
LoadResource
FindResourceW
TlsFree

user32

RegisterClassExW
GetSystemMetrics
GetClassInfoExW
LoadImageW
GetMessageW
DrawIconEx
GetUpdateRect
KillTimer
SetTimer
SetRect
SetWindowLongW
GetWindowLongW
TranslateMessage
IsIconic
GetWindowRect
ScreenToClient
SetWindowRgn
wsprintfW
PostMessageW
MessageBoxW
CharPrevW
DrawTextW
LoadIconW
OffsetRect
InflateRect
wvsprintfW
GetClientRect
SetPropW
GetWindow
DefWindowProcW
SendMessageW
RegisterClassW
CreateWindowExW
IsWindow
ShowWindow
GetPropW
CallWindowProcW
DispatchMessageW
HideCaret
ShowCaret
SetWindowPos
SystemParametersInfoW
GetDC
LoadCursorW
GetParent
CharNextW
GetMonitorInfoW
UnregisterHotKey
IsWindowVisible
GetCursorPos
MonitorFromWindow
IsZoomed
PostQuitMessage
ClientToScreen
MoveWindow
MapWindowPoints
GetDesktopWindow
IntersectRect
SetForegroundWindow
ReleaseCapture
ReleaseDC
InvalidateRect
BeginPaint
CreateAcceleratorTableW
InvalidateRgn
SetCapture
FillRect
DestroyWindow
EndPaint
PtInRect
SetCursor
SetWindowTextW
EnableWindow
GetWindowTextW
SetFocus
GetKeyState
GetWindowTextLengthW
GetFocus
IsRectEmpty
SetCaretPos
CreateCaret
GetSysColor

gdi32

GetObjectW
GetObjectA
SetTextColor
SetBkMode
GetStockObject
CreateSolidBrush
GetTextExtentPoint32W
GetDeviceCaps
DeleteDC
CreateDIBSection
SelectObject
CreateCompatibleDC
CreateFontIndirectW
DeleteObject
CreateRoundRectRgn
GetCharABCWidthsW
ExtTextOutW
CreateRectRgnIndirect
CreatePenIndirect
SelectClipRgn
SetBkColor
StretchBlt
LineTo
MoveToEx
CreateRectRgn
GetPixel
CombineRgn
PtInRegion
SetPixel
RestoreDC
CreatePen
SaveDC
Rectangle
GetTextMetricsW
BitBlt
SetWindowOrgEx
TextOutW
ExtSelectClipRgn
RoundRect
CreateCompatibleBitmap
SetStretchBltMode
GetClipBox

comdlg32

GetOpenFileNameW

advapi32

RegEnumKeyExW
RegDeleteValueW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegQueryInfoKeyW
RegSetValueExW

shell32

Shell_NotifyIconW
ShellExecuteW
SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetFolderPathW

ole32

CLSIDFromString
CLSIDFromProgID
OleLockRunning
CoTaskMemAlloc
CoTaskMemFree
OleUninitialize
OleInitialize
CoTaskMemRealloc
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

VariantChangeType
VariantCopy
VariantClear
VarUI4FromStr
SysFreeString
VariantInit
SysAllocString

shlwapi

PathFileExistsW

winmm

timeBeginPeriod
timeGetDevCaps
timeKillEvent
timeEndPeriod
timeGetTime
timeSetEvent

comctl32

ord17
_TrackMouseEvent

gdiplus

GdipCreateLineBrushI
GdipSetStringFormatLineAlign
GdipCreateFontFromLogfontA
GdipCloneBrush
GdipDeleteBrush
GdipImageGetFrameCount
GdipImageGetFrameDimensionsCount
GdipGetPropertyItemSize
GdipDrawImageI
GdipGetPropertyItem
GdipImageSelectActiveFrame
GdipImageGetFrameDimensionsList
GdiplusStartup
GdipDeleteFont
GdipCreateFromHDC
GdipDisposeImage
GdipAlloc
GdipLoadImageFromFile
GdipDeleteGraphics
GdipFree
GdiplusShutdown
GdipCreateStringFormat
GdipDeleteStringFormat
GdipCreateFontFromDC
GdipCloneImage
GdipSetStringFormatAlign
GdipSetTextRenderingHint
GdipDrawString

ws2_32

htons
recv
bind
socket
closesocket
send
listen
accept
connect
WSAStartup
inet_addr
htonl

wininet

InternetCloseHandle
HttpOpenRequestW
HttpAddRequestHeadersW
InternetOpenW
InternetCrackUrlW
InternetReadFile
InternetConnectW
HttpSendRequestW
InternetCheckConnectionW

d3d9

Direct3DCreate9

Sections

.text
Size: 663KB - Virtual size: 663KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
game.ico
gamex.config.ini
gameyxdown.dat
七彩连珠.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 163KB - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 616KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
QiCaiLianZhuV3.8_chs_setup/QiCaiLianZhuV3.8_chs/7z.dll
.dll windows:5 windows x86 arch:x86

82dc00c29a6aea96c6ff9b7fcd4e6e2a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
GetLastError
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
WaitForMultipleObjects
VirtualAlloc
VirtualFree
GetProcAddress
GetModuleHandleA
CloseHandle
WaitForSingleObject
CreateEventA
SetEvent
ResetEvent
CreateSemaphoreA
ReleaseSemaphore
InitializeCriticalSection
LocalFileTimeToFileTime
FileTimeToLocalFileTime
CompareFileTime
SetLastError
SetFileAttributesA
DeleteFileA
GetTempPathA
GetTempFileNameA
ReadFile
WriteFile
CreateFileA
GetSystemInfo
DosDateTimeToFileTime
FileTimeToDosDateTime
SystemTimeToFileTime
GetSystemTime
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
LoadLibraryA
RtlUnwind
RaiseException
HeapAlloc
HeapFree
HeapReAlloc
ExitThread
CreateThread
GetCommandLineA
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
Sleep
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount

user32

CharNextA
CharLowerW
CharUpperW
CharLowerA
CharUpperA
CharPrevExA

oleaut32

VariantCopy
SysFreeString
VariantClear
SysAllocString
SysAllocStringByteLen

Exports

Exports

CreateObject
GetHandlerProperty
GetHandlerProperty2
GetMethodProperty
GetNumberOfFormats
GetNumberOfMethods
SetLargePageMode

Sections

.text
Size: 607KB - Virtual size: 606KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QiCaiLianZhuV3.8_chs_setup/QiCaiLianZhuV3.8_chs/gameyxdown.dat
QiCaiLianZhuV3.8_chs_setup/QiCaiLianZhuV3.8_chs/info.dat
QiCaiLianZhuV3.8_chs_setup/QiCaiLianZhuV3.8_chs/install.yx
QiCaiLianZhuV3.8_chs_setup/QiCaiLianZhuV3.8_chs/setup
.7z
Unistall.exe
.exe windows:5 windows x86 arch:x86

9197afa0b3c8922a2e489709a1cb0d5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\svn_超哥\unist\Release\unist.pdb

Imports

kernel32

ExitProcess
HeapAlloc
HeapFree
HeapReAlloc
RtlUnwind
RaiseException
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
Sleep
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetCurrentDirectoryA
GetDriveTypeA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetStartupInfoW
GetFileTime
GetFileSizeEx
GetModuleHandleA
CompareStringA
InterlockedExchange
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
LoadLibraryA
GetVersionExA
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GlobalAddAtomW
GlobalFlags
lstrcmpW
GetCurrentThreadId
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentProcessId
CompareStringW
InterlockedDecrement
InterlockedIncrement
GetThreadLocale
lstrlenA
lstrcmpA
FindFirstFileW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
FindClose
FreeResource
GetTickCount
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
MulDiv
FreeLibrary
LoadLibraryW
GetModuleHandleW
GetProcAddress
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
CloseHandle
WriteFile
WideCharToMultiByte
CreateFileW
GetLastError
RemoveDirectoryW
GetFileAttributesW
SetFileAttributesW
DeleteFileW
GetPrivateProfileStringW
GetModuleFileNameW

user32

DrawTextExW
DrawTextW
TabbedTextOutW
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
SetActiveWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
PostMessageW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CharUpperW
ClientToScreen
GetClassNameW
MessageBeep
IsChild
GetTopWindow
GetNextDlgTabItem
GetNextDlgGroupItem
ReleaseCapture
GetDesktopWindow
SetCapture
InvalidateRgn
InvalidateRect
GetClientRect
GetWindowRect
EqualRect
IntersectRect
CopyAcceleratorTableW
SetRect
IsRectEmpty
OffsetRect
PtInRect
CopyRect
CharNextW
GetFocus
SetFocus
ShowWindow
MoveWindow
SetWindowLongW
GetDlgCtrlID
IsWindow
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
LoadStringW
GetMessageW
GetDlgItem
PostThreadMessageW
SetWindowsHookExW
CallNextHookEx
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
ValidateRect
GetWindowThreadProcessId
CreateDialogIndirectParamW
SendMessageW
GetWindowLongW
DestroyMenu
GetWindowDC
CheckMenuItem
GrayStringW
TranslateMessage
DispatchMessageW
LoadIconW
LoadCursorW
RegisterClassExW
MessageBoxW
DialogBoxParamW
DestroyWindow
DefWindowProcW
BeginPaint
EndPaint
PostQuitMessage
EndDialog
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
RegisterClipboardFormatW
SetWindowPos
MapDialogRect
GetParent
SetWindowContextHelpId
GetWindow
GetWindowTextW
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
GetSystemMetrics
UnhookWindowsHookEx
EnableWindow
IsWindowEnabled
GetLastActivePopup
CallWindowProcW

gdi32

ExtSelectClipRgn
DeleteDC
GetMapMode
SetWindowExtEx
ScaleWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetDeviceCaps
GetWindowExtEx
GetViewportExtEx
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
DeleteObject
GetRgnBox
CreateRectRgnIndirect
GetTextColor
GetBkColor
GetObjectW
GetStockObject

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegOpenKeyW
RegCloseKey
RegDeleteKeyW

shell32

SHGetPathFromIDListW
ShellExecuteW
SHGetSpecialFolderLocation

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW

oledlg

OleUIBusyW

ole32

StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
CoTaskMemAlloc
CoCreateInstance
CoInitialize
CoUninitialize
CoTaskMemFree
OleUninitialize

oleaut32

SysFreeString
SysAllocStringLen
SysStringLen
VariantClear
VariantChangeType
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString
VariantInit

Sections

.text
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
gameyxdown.dat
双击运行.exe
.exe windows:5 windows x86 arch:x86

3636bfdb4307b796202b34da38da473f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\svn_游戏包\trunk\bin\Win32\Release\gamestart\gamestart.pdb

Imports

wininet

InternetCheckConnectionW
GetUrlCacheEntryInfoW
InternetOpenW
InternetCrackUrlW
InternetOpenUrlW
DeleteUrlCacheEntryW
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetQueryDataAvailable
InternetSetOptionExW
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetReadFile
InternetConnectW
HttpSendRequestW
HttpAddRequestHeadersW
HttpQueryInfoW
HttpOpenRequestW
InternetCloseHandle

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

psapi

GetModuleBaseNameW
EnumProcessModules
GetModuleFileNameExW
EnumProcesses

dbghelp

MiniDumpWriteDump

kernel32

HeapSize
LockFileEx
GetDiskFreeSpaceW
CreateFileMappingA
CreateFileMappingW
GetDiskFreeSpaceA
GetSystemInfo
GetFileAttributesExW
OutputDebugStringA
GetVersionExA
GetTempPathA
LocalFree
GetSystemTime
AreFileApisANSI
DeleteFileA
GetShortPathNameW
IsBadWritePtr
OpenProcess
TerminateProcess
ResumeThread
SetFileTime
GetCurrentDirectoryW
LocalFileTimeToFileTime
FileTimeToSystemTime
SetEvent
CreateEventW
ExitThread
WaitForMultipleObjects
GetDriveTypeW
SetVolumeLabelW
MoveFileW
GetDiskFreeSpaceExW
ReleaseSemaphore
CreateSemaphoreW
SetLastError
FileTimeToLocalFileTime
GetThreadLocale
DuplicateHandle
GetVolumeInformationW
MulDiv
lstrcmpA
HeapCreate
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
InterlockedExchange
CompareStringA
GetLocaleInfoW
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
GetModuleHandleA
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetFileSizeEx
GetFileTime
SetErrorMode
GlobalFlags
UnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
GetConsoleCP
GetConsoleMode
GetFileType
SetStdHandle
RtlUnwind
VirtualProtect
VirtualAlloc
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
VirtualFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
WriteConsoleA
GetTempPathW
WriteConsoleW
LCMapStringA
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetCurrentDirectoryA
GetDriveTypeA
SetEnvironmentVariableA
GetFileAttributesA
HeapDestroy
FormatMessageW
FormatMessageA
GetProcessHeap
UnlockFileEx
OutputDebugStringW
WaitForSingleObjectEx
LockFile
FlushViewOfFile
UnlockFile
InterlockedCompareExchange
HeapFree
QueryPerformanceCounter
SystemTimeToFileTime
HeapAlloc
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
TryEnterCriticalSection
SetFilePointer
HeapCompact
CreateMutexW
GetFileSize
CreateFileA
HeapReAlloc
GetFullPathNameA
GetFullPathNameW
FindNextFileW
FindClose
FindFirstFileW
DeleteCriticalSection
lstrcmpiW
EnterCriticalSection
RaiseException
LeaveCriticalSection
LoadLibraryExW
FreeLibrary
FreeResource
GlobalUnlock
GlobalLock
CreateThread
GetPrivateProfileIntW
GetVersionExW
InitializeCriticalSection
InterlockedIncrement
GetStartupInfoW
ReadFile
LoadLibraryW
GetCurrentProcessId
GetCurrentThreadId
GetCurrentProcess
SetUnhandledExceptionFilter
GetCommandLineW
LoadLibraryA
InterlockedDecrement
LocalAlloc
GlobalFree
GlobalAlloc
GetModuleFileNameW
WaitForSingleObject
lstrlenA
WriteFile
DeleteFileW
CloseHandle
CreateFileW
GetTickCount
LockResource
GetProcAddress
GetLastError
CreateDirectoryA
WritePrivateProfileStringW
lstrlenW
MultiByteToWideChar
SizeofResource
CopyFileW
Sleep
WideCharToMultiByte
GetPrivateProfileStringW
GetModuleHandleW
CreateDirectoryW
LoadResource
FindResourceW
SetFileAttributesW
GetFileAttributesW
GetSystemTimeAsFileTime
FlushFileBuffers
GetConsoleOutputCP
HeapValidate
lstrcmpW

user32

GetMessageW
TranslateMessage
GetActiveWindow
ValidateRect
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetWindowTextW
GetForegroundWindow
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
GetDlgCtrlID
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetLastActivePopup
IsWindowEnabled
GetMenuState
GetMenuItemID
CharUpperW
SetRectEmpty
SetCapture
SetFocus
CallWindowProcW
GetDesktopWindow
GetWindowThreadProcessId
TrackPopupMenu
GetSubMenu
DeleteMenu
LoadMenuW
SetMenuItemInfoW
MonitorFromWindow
GetMonitorInfoW
ScreenToClient
GetCursorPos
CharNextW
LoadIconW
CopyRect
UpdateLayeredWindow
GetSystemMetrics
SetCursor
LoadImageW
LoadCursorW
PtInRect
wsprintfW
InvalidateRect
SystemParametersInfoW
IsWindowVisible
SendMessageW
PostThreadMessageW
UnregisterClassW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
SetRect
IsRectEmpty
DestroyMenu
SetTimer
KillTimer
GetSysColorBrush
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FindWindowExW
EnableWindow
EndPaint
GetWindowRect
GetWindowDC
PostMessageW
GetParent
GetClientRect
BeginPaint
GetDC
RegisterClassExW
GetWindowLongW
CreateWindowExA
ReleaseDC
SetWindowLongW
SetWindowPos
ShowWindow
IsWindow
EqualRect
ReleaseCapture
DefWindowProcW
MoveWindow
MessageBoxW
RegisterClipboardFormatW
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetMenuItemCount

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
OffsetViewportOrgEx
SaveDC
CreateRectRgnIndirect
GetRgnBox
GetMapMode
PtVisible
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
GetTextColor
GetBkColor
GetStockObject
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
DeleteDC
Escape
ExtTextOutW
CreateDIBSection
GetDeviceCaps
BitBlt
TextOutW
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
SetMapMode
RestoreDC
RectVisible

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegQueryValueW
RegEnumKeyW
RegCreateKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
InitializeSecurityDescriptor
RegOpenKeyW
RegQueryValueExW

shell32

ShellExecuteExW
ShellExecuteW
CommandLineToArgvW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
Shell_NotifyIconW
SHFileOperationW

comctl32

_TrackMouseEvent

shlwapi

UrlUnescapeW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW
PathFileExistsW

ole32

OleFlushClipboard
CoRegisterMessageFilter
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoCreateInstance
CoUninitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
OleRun
OleDraw
OleCreate
OleSetContainedObject
CreateStreamOnHGlobal
CoInitialize
CoGetClassObject

oleaut32

VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SystemTimeToVariantTime
SysStringLen
VarUI4FromStr
VariantChangeType
VariantClear
SysAllocStringLen
VariantInit
SysFreeString
SysStringByteLen
SysAllocStringByteLen
SysAllocString
OleCreateFontIndirect
GetErrorInfo

oledlg

OleUIBusyW

urlmon

ObtainUserAgentString
UrlMkSetSessionOption

gdiplus

GdipCreatePath
GdipDeletePath
GdipGetFontSize
GdipAddPathString
GdipGetFamily
GdipGetFontStyle
GdipGetPathWorldBounds
GdipDrawRectangleI
GdipDeleteStringFormat
GdipCreatePen1
GdipCreateStringFormat
GdipFillRectangleI
GdipSetSolidFillColor
GdipCreateFontFamilyFromName
GdipDrawString
GdipCreateImageAttributes
GdipCreateFont
GdipDisposeImageAttributes
GdipCreateSolidFill
GdipDeleteFontFamily
GdipSetStringFormatAlign
GdipSetImageAttributesWrapMode
GdipFree
GdipAlloc
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipGetImageHeight
GdipDeleteGraphics
GdipCreateFromHDC
GdipGetImageWidth
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipDrawImageRectRect
GdipDeleteBrush
GdipDeletePen
GdipCloneBrush
GdipSetImageAttributesColorMatrix
GdipSetTextRenderingHint
GdipDeleteFont

ws2_32

send
connect
WSAStartup
select
WSAGetLastError
htons
recv
socket
__WSAFDIsSet
closesocket
gethostbyname

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QiCaiLianZhuV3.8_chs_setup/安装说明.txt
QiCaiLianZhuV3.8_chs_setup/游迅网.url
.url
QiCaiLianZhuV3.8_chs_setup/点击使用.exe
.exe windows:5 windows x86 arch:x86

a61e1a6bd89891db55e6a2a47c5a5158

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\work\yxbox\trunk\bin\Win32\Release\build\GameGuide\点此安装.pdb

Imports

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

dbghelp

MiniDumpWriteDump

kernel32

GlobalAddAtomW
MulDiv
GetVersionExA
LoadLibraryA
CompareStringW
GlobalFindAtomW
FileTimeToLocalFileTime
GetModuleHandleA
LocalAlloc
GetThreadLocale
FlushFileBuffers
LockFile
UnlockFile
DuplicateHandle
GetVolumeInformationW
GlobalFlags
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
GetFileSizeEx
GetFileTime
HeapFree
HeapAlloc
UnhandledExceptionFilter
IsDebuggerPresent
GetFileAttributesA
ExitThread
ConvertDefaultLocale
GetConsoleCP
GetConsoleMode
GetFileType
GetProcessHeap
SetStdHandle
RtlUnwind
ExitProcess
RaiseException
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
LCMapStringA
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
CreateFileA
GetCurrentDirectoryA
GetDriveTypeA
SetEnvironmentVariableA
EnumResourceLanguagesW
lstrcmpA
SetLastError
CompareStringA
InterlockedExchange
lstrcmpW
LocalFree
FormatMessageW
TerminateProcess
GetStdHandle
FindNextFileW
SetEndOfFile
GetFullPathNameW
SetFileTime
ResumeThread
Sleep
SetFileAttributesW
GlobalFree
CreateDirectoryA
GetSystemTimeAsFileTime
InterlockedDecrement
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
FileTimeToSystemTime
SetFilePointer
GetFileSize
FindClose
FindFirstFileW
FreeLibrary
SetErrorMode
WideCharToMultiByte
GetStartupInfoW
ReadFile
LoadLibraryW
GetTickCount
lstrlenA
GetShortPathNameW
GetProcAddress
GetLastError
GetModuleFileNameW
GetFileAttributesW
GetVersionExW
GetModuleHandleW
FreeResource
CreateThread
DeleteFileW
GetDiskFreeSpaceExW
GlobalUnlock
WritePrivateProfileStringW
lstrlenW
MultiByteToWideChar
lstrcpynW
CopyFileW
GlobalAlloc
WriteFile
GetPrivateProfileStringW
WaitForSingleObject
GlobalLock
CreateDirectoryW
GetLogicalDriveStringsW
GetDriveTypeW
GetCurrentProcessId
CloseHandle
GetCurrentThreadId
LockResource
CreateFileW
SizeofResource
GetCurrentProcess
SetUnhandledExceptionFilter
LoadResource
FindResourceW
GetCommandLineW
GlobalDeleteAtom
GetLocaleInfoW
GetCurrentThread
InterlockedCompareExchange
HeapReAlloc

user32

CharNextW
GetSysColorBrush
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
CharUpperW
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
SetActiveWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
EqualRect
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowTextLengthW
GetWindowTextW
ShowWindow
MoveWindow
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
UnregisterClassW
SendDlgItemMessageW
RegisterClipboardFormatW
GetMenuItemID
GetMenuItemCount
GetSubMenu
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
GetKeyState
PeekMessageW
ValidateRect
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetLastActivePopup
IsWindowEnabled
MessageBoxW
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
SetCapture
SetFocus
GetWindowLongW
DestroyMenu
PostThreadMessageW
SetWindowLongW
ReleaseCapture
CallWindowProcW
DefWindowProcW
PtInRect
SetRectEmpty
IsRectEmpty
IsWindow
GetWindowThreadProcessId
GetDesktopWindow
wsprintfW
SetWindowRgn
GetWindowRect
CopyRect
SetRect
IsWindowVisible
SetCursor
SetTimer
ScreenToClient
PostMessageW
KillTimer
LoadCursorW
GetClientRect
LoadIconW
InvalidateRect
GetCursorPos
GetSystemMetrics
SendMessageW
EnableWindow
UpdateWindow
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
GetDlgItem

gdi32

GetStockObject
CreateFontIndirectW
CreateRectRgnIndirect
ExtSelectClipRgn
Escape
DPtoLP
GetBkColor
GetTextColor
GetRgnBox
DeleteDC
ExtTextOutW
TextOutW
RectVisible
PtVisible
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
GetClipBox
OffsetViewportOrgEx
GetDeviceCaps
CreateBitmap
CreateRoundRectRgn
SetViewportOrgEx
BitBlt
CreateCompatibleDC
GetMapMode
CreateCompatibleBitmap
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetObjectW
SetBkColor
SetTextColor
SelectObject

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

InitializeSecurityDescriptor
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegOpenKeyW
RegQueryValueExW

shell32

SHBrowseForFolderW
ShellExecuteExW
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
CommandLineToArgvW

comctl32

_TrackMouseEvent

shlwapi

ord156
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoTaskMemAlloc
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal
CoInitialize
CoTaskMemFree
CLSIDFromProgID
CLSIDFromString
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject

oleaut32

OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantChangeType
SysStringLen
VariantCopy
VariantClear
SysAllocString
SysFreeString
SysAllocStringLen
VariantInit

gdiplus

GdipDeleteBrush
GdipCloneBrush
GdipDeleteFont
GdipDeleteFontFamily
GdipCreateSolidFill
GdipCreateFont
GdipDrawString
GdipFillRectangle
GdipCreateFontFamilyFromName
GdipFillRectangleI
GdipDrawImageRectRect
GdipDeletePen
GdipSetImageAttributesColorMatrix
GdipGetImageHeight
GdipSetTextRenderingHint
GdipSetImageAttributesWrapMode
GdipCloneImage
GdipSetStringFormatAlign
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipSetSolidFillColor
GdipCreateStringFormat
GdipGetImageWidth
GdipCreatePen1
GdipDeleteStringFormat
GdipDrawRectangleI
GdipGetPathWorldBounds
GdipGetFontStyle
GdipGetFamily
GdipAddPathString
GdipGetFontSize
GdipDeletePath
GdipCreatePath
GdipLoadImageFromFile
GdipCreateFromHDC
GdipDisposeImage
GdipDeleteGraphics
GdipFree
GdipLoadImageFromStream
GdiplusStartup
GdiplusShutdown
GdipAlloc

Sections

.text
Size: 461KB - Virtual size: 460KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d14b914b780ff4ce65f0d41e0e884b2

Code Sign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91Certificate

Key Usages

09:7e:d4:aa:54:da:96:dd:a0:b6:31:ef:1d:ce:7f:03Certificate

Extended Key Usages

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate

Extended Key Usages

Key Usages

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5eCertificate

Extended Key Usages

Key Usages

31:7f:66:d1:d6:c1:b5:c4:af:33:49:1f:4b:4b:c1:dc:67:3e:72:6dSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

wininet

winmm

comctl32

gdiplus

Exports

Exports

Sections

.text Size: 571KB - Virtual size: 570KB

.rdata Size: 239KB - Virtual size: 239KB

.data Size: 11KB - Virtual size: 23KB

.rsrc Size: 204KB - Virtual size: 204KB

.reloc Size: 38KB - Virtual size: 37KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 50KB - Virtual size: 49KB

DATA Size: 1KB - Virtual size: 1KB

BSS Size: - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 167B

.reloc Size: 4KB - Virtual size: 4KB

.rsrc Size: 6KB - Virtual size: 6KB

04c8754c68f4349c85ad5221e435c9bf

Headers

File Characteristics

Imports

oleaut32

advapi32

user32

kernel32

gdi32

wininet

Exports

Exports

Sections

.text Size: 171KB - Virtual size: 170KB

.itext Size: 1KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 4KB

.bss Size: - Virtual size: 19KB

.idata Size: 4KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 501B

.reloc Size: 12KB - Virtual size: 11KB

.rsrc Size: 5KB - Virtual size: 5KB

f5a1c848777debecdad2c9b40ea8aa48

Headers

DLL Characteristics

File Characteristics

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

09:7e:d4:aa:54:da:96:dd:a0:b6:31:ef:1d:ce:7f:03
Certificate

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

31:7f:66:d1:d6:c1:b5:c4:af:33:49:1f:4b:4b:c1:dc:67:3e:72:6d
Signer

.text
Size: 571KB - Virtual size: 570KB

.rdata
Size: 239KB - Virtual size: 239KB

.data
Size: 11KB - Virtual size: 23KB

.rsrc
Size: 204KB - Virtual size: 204KB

.reloc
Size: 38KB - Virtual size: 37KB

CODE
Size: 50KB - Virtual size: 49KB

DATA
Size: 1KB - Virtual size: 1KB

BSS
Size: - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 167B

.reloc
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 6KB - Virtual size: 6KB

.text
Size: 171KB - Virtual size: 170KB

.itext
Size: 1KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 4KB

.bss
Size: - Virtual size: 19KB

.idata
Size: 4KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 501B

.reloc
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 5KB - Virtual size: 5KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.itext
Size: 5KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 12KB

.bss
Size: - Virtual size: 24KB

.idata
Size: 14KB - Virtual size: 13KB

.tls
Size: - Virtual size: 60B

.rdata
Size: 512B - Virtual size: 24B

.rsrc
Size: 112KB - Virtual size: 111KB

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

22:17:1a:6c:13:4e:71:95:7d:ce:f3:5d:91:4c:22:d5
Certificate

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

1e:dc:d0:93:62:da:68:bf:06:0f:e3:b9:8f:ed:36:76:b2:db:91:1a
Signer

.text
Size: 663KB - Virtual size: 663KB

.rdata
Size: 126KB - Virtual size: 126KB

.data
Size: 14KB - Virtual size: 38KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 52KB - Virtual size: 52KB

CODE
Size: 163KB - Virtual size: 400KB

DATA
Size: 2KB - Virtual size: 8KB

BSS
Size: - Virtual size: 264KB

.idata
Size: 3KB - Virtual size: 12KB