baae50ec9a4edbd0117f449130705193_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

baae50ec9a4edbd0117f449130705193_JaffaCakes118
Size

13.7MB
MD5

baae50ec9a4edbd0117f449130705193
SHA1

9b7b47aab020e1e02a9df5ac9929bcaccea2c4ce
SHA256

4115fa765e28cf862d9490a6c73e0190aef71d601762a710f2a0546c60e5ce5b
SHA512

60ec21397c479feca0cb47bdf86a41ba7e3cd4a26225f84cd86a965c5a801a0743352e77f8e0ffff798847856d4594b0c52eb6c9c4cb09c64150503fc2c5dc12
SSDEEP

393216:mPlAn3wd8OHY/or4SMNX9u+vuT5nolz4IHnU1XfiAy7B3k:mK3SbH6ohMzu+CholJ01XaAO3k

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack002/mpweb.exe	aspack_v212_v242

Unsigned PE 14 IoCs

Checks for missing Authenticode signature.

resource
unpack001/mpcs-2011v3.exe
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$PLUGINSDIR/advsplash.dll
unpack002/API_COM.DLL
unpack002/BCLW32.DLL
unpack002/POS.exe
unpack002/WINPPLA.dll
unpack002/WINPPLB.dll
unpack002/WinPort.dll
unpack002/data.exe
unpack002/mpcs.exe
unpack002/mpsoftup.exe
unpack002/mpweb.exe
unpack002/uninst.exe

NSIS installer 2 IoCs

installer

resource	yara_rule
static1/unpack001/mpcs-2011v3.exe	nsis_installer_1
static1/unpack002/uninst.exe	nsis_installer_1

Files

baae50ec9a4edbd0117f449130705193_JaffaCakes118
.rar
mpcs-2011v3.exe
.exe windows:4 windows x86 arch:x86

9632e80596371cfa7f563f680f3c4498

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_AddMasked
ord17
ImageList_Destroy
ImageList_Create

kernel32

SetErrorMode
GetExitCodeProcess
WaitForSingleObject
ExpandEnvironmentStringsA
GetEnvironmentVariableA
lstrcmpiA
FindNextFileA
DeleteFileA
FindFirstFileA
SetFileTime
GetFileAttributesA
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
lstrcatA
SetCurrentDirectoryA
CreateDirectoryA
SetFileAttributesA
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetModuleHandleA
ExitProcess
lstrcpynA
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
GetUserDefaultLangID
GetDiskFreeSpaceA
GetVersion
GlobalUnlock
GlobalLock
GlobalAlloc
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcpyA
lstrlenA
GetSystemDirectoryA
EnterCriticalSection
Sleep
LeaveCriticalSection
InitializeCriticalSection
CloseHandle
GlobalFree
LoadLibraryA
GetProcAddress
CreateThread
FreeLibrary
MultiByteToWideChar
GetCurrentProcess
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
MulDiv
CopyFileA

user32

CharNextA
DialogBoxParamA
GetClassInfoA
CreateWindowExA
SystemParametersInfoA
RegisterClassA
EndDialog
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
LoadCursorA
SetCursor
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
PeekMessageA
DispatchMessageA
ExitWindowsEx
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
PostQuitMessage

gdi32

GetDeviceCaps
CreateFontIndirectA
DeleteObject
CreateBrushIndirect
CreateFontA
SetBkMode
SetTextColor
SetBkColor
SelectObject

advapi32

RegEnumValueA
RegEnumKeyA
RegQueryValueExA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyA
RegCloseKey

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHFileOperationA

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

3764e6c387ce3c76b39936a24d523dce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileIntA
MultiByteToWideChar
GetPrivateProfileStringA
MulDiv
lstrcmpiA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GetModuleHandleA
GlobalAlloc

user32

PtInRect
MapWindowPoints
GetDlgCtrlID
LoadIconA
LoadImageA
LoadCursorA
CreateWindowExA
GetDC
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
EnableWindow
SendMessageA
SetWindowTextA
GetWindowTextA
wsprintfA
CharNextA
SetWindowLongA

gdi32

SetTextColor
CreateCompatibleDC
SelectObject
GetTextMetricsA
GetTextExtentPoint32A
DeleteDC
DeleteObject

comdlg32

GetOpenFileNameA
CommDlgExtendedError
GetSaveFileNameA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/advsplash.dll
.dll windows:4 windows x86 arch:x86

41e025c99a5f731479582ce64a2527f4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeKillEvent
timeSetEvent
PlaySoundA

kernel32

GetVersion
lstrcpyA
GlobalAlloc
lstrcatA
GetProcAddress
GlobalFree
lstrcpynA
GetModuleHandleA

user32

IsWindow
PostMessageA
DefWindowProcA
CreateWindowExA
UnregisterClassA
DispatchMessageA
BeginPaint
GetClientRect
wsprintfA
EnumDisplaySettingsA
SetWindowRgn
GetMessageA
DestroyWindow
EndPaint
SystemParametersInfoA
LoadImageA
LoadCursorA
RegisterClassA
SetWindowLongA
SetWindowPos

gdi32

BitBlt
DeleteDC
GetDIBits
SelectObject
CreateCompatibleDC
CombineRgn
CreateRectRgn
GetObjectA
DeleteObject

Exports

Exports

show

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 406B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$TEMP/spltmp.bmp
API_COM.DLL
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

com_init
com_rest
com_send

Sections

CODE
Size: 253KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 109B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
BCLW32.DLL
.dll windows:4 windows x86 arch:x86

6af904140697ae3556e8a49ab1996229

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcatA
lstrcmpA
lstrcpyA
_lwrite
GlobalAlloc
GlobalReAlloc
GlobalLock
GlobalUnlock
GlobalFree
OpenFile
_lclose
lstrlenA
RtlUnwind
FreeEnvironmentStringsA
GetEnvironmentStrings
GetACP
MulDiv
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
HeapFree
HeapAlloc
GetStringTypeA
WideCharToMultiByte
GetStringTypeW
MultiByteToWideChar
ExitProcess
TerminateProcess
GetCurrentProcess
HeapCreate
HeapDestroy
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetCPInfo
CloseHandle
GetOEMCP
IsBadCodePtr
IsBadWritePtr
FreeEnvironmentStringsW
GetEnvironmentStringsW
DisableThreadLibraryCalls
WriteFile
GetLastError
SetFilePointer
SetUnhandledExceptionFilter
IsBadReadPtr
HeapReAlloc
HeapSize
LoadLibraryA
SetStdHandle
LCMapStringA
LCMapStringW
RaiseException
FlushFileBuffers

user32

ReleaseDC
GetDC
GetDesktopWindow
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard

gdi32

SelectObject
GetTextExtentPointA
GetDIBits
SelectPalette
RealizePalette
LPtoDP
SaveDC
GetViewportExtEx
GetWindowExtEx
SetMapMode
RestoreDC
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
Ellipse
BitBlt
Polygon
CreatePen
StretchBlt
GetObjectA
GetStockObject
DeleteObject
GetMapMode
PatBlt
CreateFontIndirectA
GetDeviceCaps
GetTextFaceA
GetCharABCWidthsA
SetTextAlign
TextOutA
GetTextAlign
SetTextColor
CreateSolidBrush

Exports

Exports

BuildMaxicodeData
BuildMaxicodeShippingData
CreateBarCode
CreateBarCodeIndirect
DeleteBarCode
DrawBarCodeToClipboard
DrawBarCodeToFile
DrawBarCodeToHDC
GetBarCodeSize
_BuildMaxicodeData@24
_BuildMaxicodeShippingData@64
_CreateBarCode@68
_CreateBarCodeIndirect@4
_DeleteBarCode@4
_DrawBarCodeToClipboard@20
_DrawBarCodeToFile@28
_DrawBarCodeToHDC@28
_GetBarCodeSize@16
_LibMain@16

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HZK24
POS.exe
.exe windows:1 windows x86 arch:x86

34a20e6ee3b746490940dc4b831bd06b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

FreeResource
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

CopyIcon
MessageBoxW

advapi32

RegOpenKeyExA

oleaut32

GetActiveObject

mpr

WNetCloseEnum

version

VerQueryValueA

gdi32

GetTextExtentPoint32W

ole32

CLSIDFromProgID

comctl32

ImageList_Replace

winspool.drv

DocumentPropertiesA

shell32

ShellExecuteA

comdlg32

ReplaceTextA

winmm

timeGetTime

api_com

com_rest

Exports

Exports

�z f��h�8�s��D��o{�f�#I�j��~�X0(�I��Vk��^��"e�Z2�e�1]p��{�� ͏��\��ڏ�`��yvS��k:D@prڰ�r��'� n'�r)��d%eY�<�I8$��E��{�ѣ�W��&��Pݖ�-��^�� .��ikT%��;]?h��qs`Y�-F��܊��dl��5�V茎�Ko�\$M�G�a��9S��S�`�&ϭ̵��3��c��i7�1��D��:�K Ko*��$xX��~��}{+w��K�>xIȯ��[h#y٩��$l�%��<��L[�@��^=Z�n�s��ߛ��4��#�V�6�2I�)��a�;,��ه7!w�r`��:pǊޏY��K3�+4�i��mf�v�=�e��.�9k�ղ��ęnB�F�Ϣ��~�Uo��cߜ�^�'�i%]��=Z��"�� 3Ȥ,$�%/��%k��YKf��!�9Ϋ9YTg��!WG }ݶ�>��:1�f��^�^Hy�]0]�jO�< n�)�~ 72��_f?�^P$0��+A��y�ܻ*�b��i��դF��X&3�� y��!�ssS��}��^�MJ��]�{s��e��d�� xk."o��ɣj�T>�ׯ� R�႟:xK��k3��I��8�o�B L�驆��%gZT�V{Nd�4��S��L��EOH��y��f�ҥ�D��ɿ��t�L��K�Ћ!�e� ��خS��q�[�EC��P�j��;��_Am#��ws�{�;��{�C��j��[K⶛��~ ��t��T��+:��-o"��׌��Ѧ�Y�"_��/v�?�dA��'��-� ;~*=��Ocsh��|>�_/VR1��w�H�_�! �=�?,�`��S�a帏�X(d*ƾ+�I��E�|<� 1v2c��?j�Ū��8�1�0k�ΰKt�vH��ɥ��A�m��,��c?��`��S�;k}��򤈤��3�U��J�?�]��<}��U��ٜ��o-��J$#"��I��g��M��qϧjL�.�I�"�g�*{�>)�a��U�ʈ�\N�U�h��YuF 5*��⛖��V�h�8�n��N�[#.ȩ�z��]�t�f#�ٓ��?�� ď}��B��g�yY"�}>�f*��e��w��ߴ1��8XH2cVX�CT4p��.q��/�N �!˝� U��g��A�GӣI�R��zl��S�]%��~l8I� �7m5�E3�+��[C�xC��jF��Ќ�V��T�{��߀q�{:7B̑��|�O��=�j�5��d��)�!�3�΀OF'��/ǳ\�>��\np��mU�ZגL'�hEu�ҫ_�p�lIχCKɽ�@xq��3m��YR��;�e/ ^L��%˒j9��/V�_�W�j^ +U\��>��^�>~��[�E�@�@�^��&&��Y��!Z&�Ώ��j�-��|Y��GTj�k3��v{+� ��=P�?��o�k�XQ��g=�N7s��:��}>��A8ؽ�q��L�V*�o��ѣdj�6�ME2�UR�I@��_��t�.�{_��Я�C�)��B�h�6��˰��϶U��o��Ѧ�E�]�Er��?�/xo�?��)W��o+1[M�wT��g��f��x0�7�B ��#ع��_a3�Z�EX#�@��E �p� �|>�j�em��F)fk��.BP��uD�.:��4u<}��o�r��9�-�� 6&y؃V�X�p��u�B3U�\�f�Ac��%�֭�O�6UF��*��h2��]��=^e�;��W9�ak.��x��q��A�T��^�N�\6��;ĊI_h��[��^�@��B<��xnޖ�p'� �R��4�s8�M��B,y��Ȱ-��ޗ��{��{ ְ;�8U�n��m)\F�~* �ϒ��HG��9�H��>�B�5Ӫ��e�e�T �iҚo}.��/��Y|8KJ��m�Z�Σ[��Հ^�S�&�=�\k��WV8�=��J��+�;��Z��[ӣ\�Z�5��Ĵ^l��cX�� $��%I�a ��5� ��@�` }��;3�H �Nے�4�@3�!��@�~Վ��oJ6i�C��M��N�(%��3i�f��+�q��ق� 9+��6��{×:^;�� ~_�^'r$"ϼ�� O�~�x&`��u�"�"m�a��r�d��Ϸ�]˅6��Ӛ��*��L05�I��ο.m��T��߳�bE�L!cY��ww��x�S =#k�SKǘ�DaW�W9�7ѓ��v� ��H�ް��$�zb㔝��*L��%M ��e�C�.�)rG;�E�m�ך^V�)�[�%��j�L��߿e�m��9�'4 �T�˖�M��ߣ�0�gV+Ѳ6��ہ}��H�'�d�ᅈ�>�9Q�2�sH�،^�s��3҃��[��Y`;��1��fi�a�� \h#}�^��K<��[��2>��*�ָཿ��3��ԓ!ʅ��nX�� 0��Vh��ٖ�I�a~e��u��|)�YUq��J=�F��&�Q�5w$?��R��㭊��?��3�o c��8�(Y� `�J<2y�$�PFHu �d7��W9!7�Gvq[��VZ��\a��⤶�#}�k��O{�I�l�y�#Z0��-)9�OK��y�~r�B��IR�<�,�U�WRy��S��(��U�� ^iM_#��@�l��o�`^.8dڒ�B ՟?]�x=�� ״�-�x�ٌ�X��O�3

Sections

CODE
Size: - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 179KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 24B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aspack0
Size: - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 37KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aspack1
Size: - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.aspack2
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Template/IWForm1.html
.html
Template/fmain.html
.html
Template/iwerror.html
.html
WINPPLA.dll
.dll windows:4 windows x86 arch:x86

0ec54909660def9d1c81b0dd95315856

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winport

_PortTimeSet_Entry@20
_PortOpen_Entry@40
_PortOpen_Serial@36
_OpenProcessDlg@0
_CloseProcessDlg@0
_PortSerialSet_Entry@28
_PortWrite_Entry@16
_PortClose_Entry@0

bclw32

_DrawBarCodeToFile@28
_DeleteBarCode@4
_CreateBarCodeIndirect@4

kernel32

HeapReAlloc
HeapAlloc
HeapFree
RtlUnwind
GetCommandLineA
RaiseException
HeapSize
GetACP
GetTimeZoneInformation
ExitProcess
TerminateProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
SetHandleCount
GetOEMCP
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetCPInfo
SetFilePointer
CloseHandle
ReadFile
CreateFileA
GetProcessVersion
FreeLibrary
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalFlags
GetVersion
lstrcatA
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalAlloc
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
lstrlenA
GetCurrentThreadId
lstrcmpA
GetFileTime
GetFileSize
GetFileAttributesA
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameA
lstrcmpiA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
MultiByteToWideChar
LoadLibraryA
DeleteFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WriteFile
GetCurrentProcess
DuplicateHandle
lstrcpynA
GetLastError
GlobalLock
GlobalUnlock
GetModuleHandleA
GetProcAddress
SetLastError
MulDiv
LocalAlloc
LocalHandle
LocalFree
GetStdHandle
GetVersionExA

user32

GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
LoadCursorA
GetSysColorBrush
PostQuitMessage
DestroyMenu
GetMenuItemID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
LoadStringA
SetFocus
SetWindowPos
SetWindowLongA
GetDlgItem
GetFocus
GetWindowTextA
SetWindowTextA
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
UnhookWindowsHookEx
DispatchMessageA
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
EnableWindow
GetSystemMetrics
CharUpperA
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
ClientToScreen
MessageBoxA
UnregisterClassA

gdi32

StretchDIBits
CreateCompatibleBitmap
SetPixel
GetTextExtentPoint32A
CreateFontIndirectA
Ellipse
CreatePenIndirect
CreateBrushIndirect
GetBitmapBits
GetObjectA
CreateDCA
GetTextMetricsA
GetCharABCWidthsA
GetDIBits
DeleteDC
SaveDC
RestoreDC
SelectObject
SetBkColor
SetBkMode
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
MoveToEx
LineTo
GetStockObject
DeleteObject
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateBitmap
PatBlt
SetDIBits
CreateCompatibleDC

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
EnumPrintersA
OpenPrinterA
GetPrinterDriverA
ClosePrinter

advapi32

RegCloseKey
RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumKeyExA

comctl32

ord17

Exports

Exports

A_Bar2d_DataMatrix
A_Bar2d_Maxi
A_Bar2d_Maxi_ABar
A_Bar2d_Maxi_Ori
A_Bar2d_PDF417
A_Bar2d_PDF417_ABar
A_Bar2d_PDF417_Ori
A_Clear_Memory
A_Clear_MemoryEx
A_ClosePrn
A_CreatePort
A_CreatePrn
A_CreateUSBPort
A_Del_Graphic
A_Draw_Box
A_Draw_Diagonal
A_Draw_Ellipse
A_Draw_Line
A_EnumUSB
A_Feed_Label
A_GetUSBBufferLen
A_Get_DLL_Version
A_Get_DLL_VersionA
A_Get_Graphic
A_Get_Graphic_ColorBMP
A_Get_Graphic_ColorBMP_Mem
A_Initial_Setting
A_Load_Graphic
A_Make_SoftFont
A_Open_ChineseFont
A_Print_Form
A_Print_Out
A_Print_Out_ARGOBAR
A_Prn_Barcode
A_Prn_Barcode_ARGOBAR
A_Prn_Text
A_Prn_Text_ARGOBAR
A_Prn_Text_Chinese
A_Prn_Text_SoftFont
A_Prn_Text_TrueType
A_Prn_Text_TrueType_ABar
A_Prn_Text_TrueType_W
A_Set_BMPSave
A_Set_Backfeed
A_Set_Cutting
A_Set_Darkness
A_Set_DebugDialog
A_Set_Feed
A_Set_FlashMemory
A_Set_Form
A_Set_Gap
A_Set_LabelVer
A_Set_Logic
A_Set_Margin
A_Set_PrinterDC
A_Set_Prncomport
A_Set_Prncomport_PC
A_Set_ProcessDlg
A_Set_Sensor_Mode
A_Set_Speed
A_Set_Syssetting
A_Set_Unit
Bar2d_Maxi
Bar2d_PDF417
Clear_Memory
ClosePrn
CreatePrn
Del_Graphic
Draw_Box
Draw_Line
Feed_Label
Get_Graphic
Get_Graphic_ColorBMP
Initial_Setting
Load_Graphic
Print_Form
Print_Out
Prn_Barcode
Prn_Text
Prn_Text_TrueType
Set_Backfeed
Set_Cutting
Set_Darkness
Set_Feed
Set_Form
Set_Margin
Set_Sensor_Mode
Set_Speed
Set_Syssetting
Set_Unit

Sections

.text
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WINPPLB.dll
.dll windows:4 windows x86 arch:x86

b7f8c3e770cabd1f8c72e361fb1ca6b3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winport

_PortTimeSet_Entry@20
_PortOpen_Entry@40
_PortRead_Entry@8
_PortOpen_Serial@36
_OpenProcessDlg@0
_CloseProcessDlg@0
_PortSerialSet_Entry@28
_PortWrite_Entry@16
_PortClose_Entry@0

bclw32

_DeleteBarCode@4
_CreateBarCodeIndirect@4
_DrawBarCodeToFile@28

kernel32

GetCPInfo
GetOEMCP
HeapReAlloc
HeapAlloc
HeapFree
RtlUnwind
GetCommandLineA
RaiseException
HeapSize
GetACP
GetTimeZoneInformation
ExitProcess
TerminateProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProcessVersion
FreeLibrary
SetFilePointer
CloseHandle
ReadFile
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalFlags
GetVersion
lstrcatA
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalAlloc
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
CreateFileA
GetCurrentThreadId
lstrcmpA
GetFileTime
GetFileSize
GetFileAttributesA
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameA
lstrcmpiA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
MultiByteToWideChar
LoadLibraryA
DeleteFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WriteFile
GetCurrentProcess
DuplicateHandle
GetLastError
GlobalLock
GlobalUnlock
GetModuleHandleA
GetProcAddress
SetLastError
MulDiv
LocalAlloc
LocalHandle
LocalFree
GetVersionExA
lstrcpynA
LCMapStringW
lstrlenA

user32

GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
LoadCursorA
GetSysColorBrush
PostQuitMessage
DestroyMenu
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
LoadStringA
SetFocus
SetWindowPos
SetWindowLongA
GetDlgItem
GetFocus
SetWindowTextA
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
UnregisterClassA
UnhookWindowsHookEx
DispatchMessageA
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
EnableWindow
GetSystemMetrics
CharUpperA
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
ClientToScreen
MessageBoxA
GetWindowTextA

gdi32

StretchDIBits
SetPixel
GetTextExtentPoint32A
CreateFontIndirectA
Ellipse
CreatePenIndirect
CreateBrushIndirect
GetBitmapBits
GetObjectA
CreateDCA
GetTextMetricsA
GetCharABCWidthsA
GetDIBits
DeleteDC
SaveDC
RestoreDC
SelectObject
SetBkColor
SetBkMode
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
MoveToEx
LineTo
CreateCompatibleDC
DeleteObject
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateBitmap
GetStockObject
PatBlt
CreateCompatibleBitmap

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
EnumPrintersA
OpenPrinterA
GetPrinterDriverA
ClosePrinter

advapi32

RegCloseKey
RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumKeyExA

comctl32

ord17

Exports

Exports

B_Bar2d_Maxi
B_Bar2d_Maxi_ABar
B_Bar2d_PDF417
B_Bar2d_PDF417_ABar
B_Bar2d_PDF417_N
B_ClosePrn
B_CreatePort
B_CreatePrn
B_CreateUSBPort
B_Define_Date
B_Define_Time
B_Del_Form
B_Del_Pcx
B_Draw_Box
B_Draw_Diagonal
B_Draw_Ellipse
B_Draw_Line
B_EnumUSB
B_Error_Reporting
B_Execute_Form
B_GetPrinterResponse
B_GetUSBBufferLen
B_Get_DLL_Version
B_Get_DLL_VersionA
B_Get_Graphic_ColorBMP
B_Get_Graphic_ColorBMP_Mem
B_Get_Pcx
B_Initial_Setting
B_Load_Pcx
B_Make_SoftFont
B_Open_ChineseFont
B_Print_Form
B_Print_Form_Save
B_Print_MCopy
B_Print_Out
B_Print_Out_ARGOBAR
B_Prn_Barcode
B_Prn_Barcode_A
B_Prn_Barcode_ARGOBAR
B_Prn_Barcode_ARGOBAR_A
B_Prn_Barcode_Form
B_Prn_Configuration
B_Prn_Text
B_Prn_Text_A
B_Prn_Text_ARGOBAR
B_Prn_Text_ARGOBAR_A
B_Prn_Text_Chinese
B_Prn_Text_Form
B_Prn_Text_SoftFont
B_Prn_Text_TrueType
B_Prn_Text_TrueType_ABar
B_Prn_Text_TrueType_W
B_ResetPrinter
B_Select_Option
B_Select_Option2
B_Select_Symbol
B_Select_Symbol2
B_Set_BMPSave
B_Set_Backfeed
B_Set_Darkness
B_Set_DebugDialog
B_Set_Direction
B_Set_FlashMemory
B_Set_Form
B_Set_Form_New
B_Set_Labgap
B_Set_Labwidth
B_Set_Originpoint
B_Set_PrinterDC
B_Set_Prncomport
B_Set_Prncomport_PC
B_Set_ProcessDlg
B_Set_Speed
B_TFeedMode
B_TFeedTest
Bar2d_Maxi
Bar2d_PDF417
ClosePrn
CreatePrn
Del_Form
Del_Pcx
Draw_Box
Draw_Line
Error_Reporting
Get_Pcx
Initial_Setting
Load_Pcx
Open_ChineseFont
Print_Form
Print_MCopy
Print_Out
Prn_Barcode
Prn_Configuration
Prn_Text
Prn_Text_Chinese
Prn_Text_TrueType
Select_Option
Select_Symbol
Set_Backfeed
Set_Darkness
Set_Direction
Set_Form
Set_Labgap
Set_Labwidth
Set_Originpoint
Set_Prncomport
Set_Speed

Sections

.text
Size: 144KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WinPort.dll
.dll windows:4 windows x86 arch:x86

31d5d930b174fb9a60f502450a9e0bf0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetOEMCP
WritePrivateProfileStringA
FileTimeToSystemTime
FileTimeToLocalFileTime
RtlUnwind
GetCommandLineA
HeapAlloc
HeapFree
RaiseException
GetCPInfo
TerminateProcess
HeapSize
HeapReAlloc
GetACP
GetTimeZoneInformation
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
CreateThread
GetProcessVersion
HeapDestroy
MulDiv
GlobalFlags
GetModuleHandleA
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetCommState
SetCommState
SetEvent
GetFileTime
GetFileSize
GetFileAttributesA
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GlobalAlloc
lstrcmpA
GetCurrentThread
SuspendThread
SetThreadPriority
ResumeThread
FreeLibrary
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalDeleteAtom
GlobalFindAtomA
ReadFile
HeapCreate
WaitForSingleObject
SetLastError
LocalFree
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
GetModuleFileNameA
lstrcmpiA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
LoadLibraryA
GetProcAddress
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
VirtualFree
GetEnvironmentStrings
GetEnvironmentStringsW
CreateEventA
ClearCommError
CreateFileA
CloseHandle
OutputDebugStringA
SetCommTimeouts
GetOverlappedResult
GetLastError
WriteFile
ExitThread

user32

IsDialogMessageA
SetWindowTextA
ShowWindow
EnableMenuItem
SetMenuItemBitmaps
CheckMenuItem
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
GetCursorPos
ValidateRect
ModifyMenuA
GetMessageA
ReleaseDC
GetDC
TranslateMessage
SetCursor
UnregisterClassA
LoadCursorA
GetSysColorBrush
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
TabbedTextOutA
DrawTextA
GrayStringA
DestroyMenu
AdjustWindowRectEx
GetClientRect
CopyRect
IsWindowVisible
GetTopWindow
GetClassInfoA
RegisterClassA
GetMenu
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMenuItemCount
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetLastActivePopup
MessageBoxA
LoadStringA
GetNextDlgTabItem
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
GetParent
GetFocus
IsWindowEnabled
IsWindow
SetFocus
GetSystemMetrics
CharUpperA
UpdateWindow
SetActiveWindow
PeekMessageA
SendMessageA
EnableWindow
KillTimer
SetTimer
PostMessageA
wsprintfA
LoadIconA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
GetCapture
DispatchMessageA
WinHelpA
GetMessagePos
GetMessageTime
UnhookWindowsHookEx

gdi32

GetClipBox
SetBkColor
GetObjectA
CreateBitmap
GetDeviceCaps
DeleteObject
SelectObject
GetStockObject
DeleteDC
SaveDC
RestoreDC
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetTextColor

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

comctl32

ord17

Exports

Exports

_CloseErrorDlg@0
_CloseProcessDlg@0
_DebugMessage@4
_OpenErrorDlg@0
_OpenProcessDlg@0
_PortClose_Entry@0
_PortOpen_Entry@40
_PortOpen_Serial@36
_PortRead_Entry@8
_PortSerialSet_Entry@28
_PortTimeSet_Entry@20
_PortWrite_Entry@16
_ReadDataWaiting@0
_SetFilter_PathEntry@8

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
data.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 177KB - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
data/mpdata.mdb
files/bg_gradient.gif
.gif
files/bg_gradient.jpg
.jpg
files/bg_gradient.png
.png
files/bot_bg_left.jpg
.jpg
files/bot_bg_mid.jpg
.jpg
files/bot_bg_right.jpg
.jpg
files/downarrow.gif
.gif
files/input_bg_left.jpg
.jpg
files/input_bg_mid.jpg
.jpg
files/input_bg_right.jpg
.jpg
files/kcbdexp.xls
.xls windows office2003
files/login_bg_bot.jpg
.jpg
files/login_bg_mid.jpg
.jpg
files/login_bg_top.gif
files/login_btn.jpg
.jpg
files/logo.jpg
.jpg
files/style.css
files/wrong.jpg
.jpg
help/Snap1.jpg
.jpg
help/Snap10.jpg
.jpg
help/Snap11.jpg
.jpg
help/Snap12.jpg
.jpg
help/Snap13.jpg
.jpg
help/Snap14.jpg
.jpg
help/Snap15.jpg
.jpg
help/Snap16.jpg
.jpg
help/Snap17.jpg
.jpg
help/Snap18.jpg
.jpg
help/Snap19.jpg
.jpg
help/Snap2.jpg
.jpg
help/Snap20.jpg
.jpg
help/Snap21.jpg
.jpg
help/Snap22.jpg
.jpg
help/Snap23.jpg
.jpg
help/Snap24.jpg
.jpg
help/Snap25.jpg
.jpg
help/Snap26.jpg
.jpg
help/Snap27.jpg
.jpg
help/Snap28.jpg
.jpg
help/Snap29.jpg
.jpg
help/Snap3.jpg
.jpg
help/Snap30.jpg
.jpg
help/Snap31.jpg
.jpg
help/Snap32.jpg
.jpg
help/Snap33.jpg
.jpg
help/Snap34.jpg
.jpg
help/Snap35.jpg
.jpg
help/Snap36.jpg
.jpg
help/Snap37.jpg
.jpg
help/Snap38.jpg
.jpg
help/Snap39.jpg
.jpg
help/Snap4.jpg
.jpg
help/Snap40.jpg
.jpg
help/Snap41.jpg
.jpg
help/Snap42.jpg
.jpg
help/Snap43.jpg
.jpg
help/Snap44.jpg
.jpg
help/Snap45.jpg
.jpg
help/Snap46.jpg
.jpg
help/Snap47.jpg
.jpg
help/Snap48.jpg
.jpg
help/Snap49.jpg
.jpg
help/Snap5.jpg
.jpg
help/Snap50.jpg
.jpg
help/Snap51.jpg
.jpg
help/Snap52.jpg
.jpg
help/Snap6.jpg
.jpg
help/Snap7.jpg
.jpg
help/Snap8.jpg
.jpg
help/Snap9.jpg
.jpg
help/about.jpg
help/before.gif
.gif
help/boxset.jpg
.jpg
help/dyyl.jpg
.jpg
help/posmodel.jpg
.jpg
help/rjdj.gif
.gif
help/rjqy.gif
.gif
help/tmdy.jpg
.jpg
mpcs.exe
.exe windows:1 windows x86 arch:x86

2dd1f89271761d027b5db9c6fc1f70df

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

SetFileAttributesA
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

SetCapture
MessageBoxW

advapi32

RegFlushKey

oleaut32

SafeArrayGetUBound

mpr

WNetCloseEnum

version

GetFileVersionInfoA

gdi32

SetDIBColorTable

ole32

ReleaseStgMedium

comctl32

ImageList_Write

winspool.drv

OpenPrinterA

shell32

SHGetMalloc

comdlg32

ReplaceTextA

winmm

timeGetTime

wsock32

gethostbyname

oledlg

OleUIInsertObjectA

Exports

Exports

ő�˩�{�2<��:��;��q�E�՗��9��u�u�� 䴺U�s�< ��1�t%��Ҙu��ؽ%Y��I N�AF9��3i��K��=��Ņ��9�.i��B��{��ŘD"[��Ώ>��ʑ��+p��]�No( G��}U�BK �*Ǫ�F��[�ӝ)��r��O�VO��9��L��Xɦ��ك_��K�+;Jq�S�>�V2�+a:m-�(-G��s�Z�^�z�*.��g��=��=.0V��V�O�5��L�S82��<��I�{�Y��sQuy�Q�7��^��K2� F�c6� �k��4fK��N8�|��o��1��}{UNH�� h]�f-\6�e��TBGiyr8$>��2��r�]G�:��x�� 9h��{բA��d"x�S�'GK�NYT3n"��ÎRN��,��T��{�`�=�=��ds�eШ؂k�5�P�(x8�?�e��}��%d��_��zf��~�36�e~?�>T�@��b�Hx2Hh:V�p�\��5 ��U�%��q��{bk ��jG��H�w�{��Ei�#��xޡv��x��6��<1e��9��c�u�G��d��a�(�k�� >Pd��`<�;��ީ��;��D�w��ؕ�x1yB��*�kÓ�j��F�|0I�u%d��{Y��ŝ��$׫�,��|�;��*��t9��7}(ٹ�w�0��u��ʀK��n��e��P��dt`<��[v��B��U�MGtO��_�71��aD게-�J��و��R�� .^��S��PvS�8о�p�z`��?P:��JF^¥��^��T;/��'��"#-k΄T��8%8\}Y�BfĕR٣��Zs�.w�j7',��bHL��ch�� l��U�j�(��ȔU��6��*r��(��# C��=1++��2}��@K�;?Y��D��(л�$�?��d%f�n�{� �3�X.1yO!k9.ms��c�e�yx�^��I��{��ò3 �f�^��:y�Y�-={e`�� s^�N��/�PG��W@:<��^`�>ч��5['̵��r��ʱnH�w�8��iD`��#��m>y��7��S@��0��еi��[�mO��V'x��B�"T�Ͱl�ޠQ� �G�1�ӛŞ��C�b��}��Ύ�bh}��]Dg��^��4�V�a��p��ς?�_��X ��Ē�� ^r=�H��|��p-'�[�N_�n��nf��|�ι��1cߕCk��Ѫ BpHKR$Tm��#;�9��/m�.^�^ �D��wa��I�� &��qc��l�d��z�A��X4|�l� ��;%�͌'��x��D�Mb��Ͱe� �4)�'*�3��J��6n��z��a9��쾡�]H%�P�-��Cj��R�bxB��Ul�B �ӽ#�H��ɟ&�\L��P��G��d��K:c�#i�d2,�=��$�[��~�U#��Q�O�b]�\ $�s�á��p�NG� �Փ(V�P�\w~k��@2��v���sԴ0zZ�=��<�Ei��Ӿǻ Ԗ��y����=��s/��`�V]F��`D7Jy�ʹT�T�d��Q��$<U�7f$�!4]�&��)�w�؝�f��pD�sh��|K�� 4y�]Y{å;oOz��5��Z��eT�P�Խӣ�i@4?��.7T��o�X8WXk��QprN?�Fg��Eտ�#��J��ђ�H�&yF��QGAx�q=F��3�0��Ɋ��9�)Jzv7�GX��@��hg�)��ߚWu�(�<Q�pĆ�Z�#k��;*�UF��d�� f��,*T�W�F�} �;��_T��Q҄TL�Tڶ¿_��5kC�� .�n?g��8�g�Ze?Gu�9��:�~+-9�þ_��]�)�Nw��q$��G� ��N�� fy��nJ��c��yA��|�=3�Y1m,M��l�K�'Hy崠-S��2�]W7�A���z��Vn�a� +��ݯ޼��6��隮��2�* 0ޒJ�J�w^Ko?�2��G(^��$�ޱ�>�4�:��Q�?�B�]��/v}@��u��SLm�Jw�*��.��ȸJ��9:&�ͯ�~{��k̭<�a�K��,l ��b��VO�K7�~;� �R┸��W�cP㍜i�{x �RՈ�W4 �6Tt�;[�<{)��<�su�wdd�G��d�]��LOgX�~��h�E��&E��P��̄=7�sxnNnp5��+�kZ0G�BH1!�[��W��V�_ZcV�7�<��(�`�sS�hg��M��J��>s��1��ن�Xc3��ȭ~4��,bp�é�^�N�9b��v�<q�ެfւ��j��4m_�G^%;OC6��\�z�U(�F Љ��8��t5"A �-�a��,:>��v�@� ��鉏0�}s�sNᖣ�C'c��X��yb�o�MY�Bi[�OE�S��O��ۘ8��GG�y6B$�H�W��媛72 �Ʋn)��:;Ke�qh^K:�GG[��Ń��%�G�,� ��ܥ�Bڡ�au4a��V��6jFR.��Y gԮ�uج��Ȩ��}�b��e2o`�޻Hq�=�։t/'c�m�ݒ��~"nG��.n'��fݘ��(ֶ�4'w�C�'uQ��Z�F��7�)"��G�1h�W��|��lZ M��^��:��!,DG��N��'T�7��!|]��α:%��ـ��n �}��I�Y��rT�,u�q��]�C�vIy�<��-�_��Yp8yk�j�LМ'xh�F�4�Uk

Sections

CODE
Size: - Virtual size: 7.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 183KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 24B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aspack0
Size: - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 66KB - Virtual size: 10.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aspack1
Size: - Virtual size: 528KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.aspack2
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mpsoftup.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 152KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
mpsoftup.ini
mpweb.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 620KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 192KB - Virtual size: 660KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
posreport/posthd.mtf
posreport/posxsd.mtf
readme.htm
.html
report/RMcf.mtf
report/RMcgjh.mtf
report/RMcgth.mtf
report/RMfy.mtf
report/RMghsfk.mtf
report/RMghssp.mtf
report/RMhyxs.mtf
report/RMkb.mtf
report/RMkcdb.mtf
report/RMkhfk.mtf
report/RMkhjh.mtf
report/RMlsxs.mtf
report/RMpfxs.mtf
report/RMposthd.mtf
report/RMposxs.mtf
report/RMposxsd.mtf
report/RMspbs.mtf
report/RMspby.mtf
report/RMsr.mtf
report/RMxsth.mtf
report/Rmdhd.mtf
report/gd.rls
report/gdmx.rls
report/rmbjc.mtf
uninst.exe
.exe windows:4 windows x86 arch:x86

9632e80596371cfa7f563f680f3c4498

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_AddMasked
ord17
ImageList_Destroy
ImageList_Create

kernel32

SetErrorMode
GetExitCodeProcess
WaitForSingleObject
ExpandEnvironmentStringsA
GetEnvironmentVariableA
lstrcmpiA
FindNextFileA
DeleteFileA
FindFirstFileA
SetFileTime
GetFileAttributesA
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
lstrcatA
SetCurrentDirectoryA
CreateDirectoryA
SetFileAttributesA
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetModuleHandleA
ExitProcess
lstrcpynA
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
GetUserDefaultLangID
GetDiskFreeSpaceA
GetVersion
GlobalUnlock
GlobalLock
GlobalAlloc
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcpyA
lstrlenA
GetSystemDirectoryA
EnterCriticalSection
Sleep
LeaveCriticalSection
InitializeCriticalSection
CloseHandle
GlobalFree
LoadLibraryA
GetProcAddress
CreateThread
FreeLibrary
MultiByteToWideChar
GetCurrentProcess
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
MulDiv
CopyFileA

user32

CharNextA
DialogBoxParamA
GetClassInfoA
CreateWindowExA
SystemParametersInfoA
RegisterClassA
EndDialog
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
LoadCursorA
SetCursor
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
PeekMessageA
DispatchMessageA
ExitWindowsEx
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
PostQuitMessage

gdi32

GetDeviceCaps
CreateFontIndirectA
DeleteObject
CreateBrushIndirect
CreateFontA
SetBkMode
SetTextColor
SetBkColor
SelectObject

advapi32

RegEnumValueA
RegEnumKeyA
RegQueryValueExA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyA
RegCloseKey

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHFileOperationA

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
ģļ/ɹģ.xls
.xls windows office2003
ģļ/Ʒ۵ģ.xls
.xls windows office2003
新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

9632e80596371cfa7f563f680f3c4498

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

version

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 13KB - Virtual size: 16KB

3764e6c387ce3c76b39936a24d523dce

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 924B

41e025c99a5f731479582ce64a2527f4

Headers

DLL Characteristics

File Characteristics

Imports

winmm

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: - Virtual size: 132B

.reloc Size: 512B - Virtual size: 406B

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 253KB - Virtual size: 252KB

DATA Size: 3KB - Virtual size: 3KB

BSS Size: - Virtual size: 2KB

.idata Size: 8KB - Virtual size: 7KB

.edata Size: 512B - Virtual size: 109B

.reloc Size: 17KB - Virtual size: 16KB

.rsrc Size: 12KB - Virtual size: 12KB

6af904140697ae3556e8a49ab1996229

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 87KB - Virtual size: 87KB

.rdata Size: 3KB - Virtual size: 2KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 13KB - Virtual size: 16KB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 924B

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: - Virtual size: 132B

.reloc
Size: 512B - Virtual size: 406B

CODE
Size: 253KB - Virtual size: 252KB

DATA
Size: 3KB - Virtual size: 3KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 8KB - Virtual size: 7KB

.edata
Size: 512B - Virtual size: 109B

.reloc
Size: 17KB - Virtual size: 16KB

.rsrc
Size: 12KB - Virtual size: 12KB

.text
Size: 87KB - Virtual size: 87KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 40KB - Virtual size: 54KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 5KB - Virtual size: 5KB

CODE
Size: - Virtual size: 3.6MB

DATA
Size: - Virtual size: 93KB

BSS
Size: - Virtual size: 179KB

.idata
Size: - Virtual size: 14KB

.tls
Size: - Virtual size: 24B

.rdata
Size: - Virtual size: 24B

.aspack0
Size: - Virtual size: 231KB

.rsrc
Size: 37KB - Virtual size: 2.1MB

.aspack1
Size: - Virtual size: 232KB

.aspack2
Size: 2.8MB - Virtual size: 2.8MB

.reloc
Size: 512B - Virtual size: 260B

.text
Size: 132KB - Virtual size: 130KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 12KB - Virtual size: 27KB

.reloc
Size: 16KB - Virtual size: 15KB