c824432f43e00236f5a0d3f65709905f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c824432f43e00236f5a0d3f65709905f_JaffaCakes118
Size

2.1MB
MD5

c824432f43e00236f5a0d3f65709905f
SHA1

8bcf1036634f3b1cb30abe1030b6f7e1ff844439
SHA256

d6eb10ce5b00824c862b5ab20599eceffb3bf589504f4e6a06d0c6b5ed7f1c1e
SHA512

fb3c6f23c85029c2d8ca62396e84d8bc0444b1b562b8f5be71cec200fca1fa40cbc5f17d5492edc6d443819f99fbd581d48b3a73c39dcf8b9148856a6dbee8fc
SSDEEP

49152:SILiygVRBo5PBvQKcOX5YIvzPf6hbjaj953bZmYsF:SU8VRBonQ/O76J+B5sF

Score

3^/10

Malware Config

Signatures

Unsigned PE 20 IoCs

Checks for missing Authenticode signature.

resource
c824432f43e00236f5a0d3f65709905f_JaffaCakes118
unpack001/$PLUGINSDIR/FileInfo.dll
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$R0
unpack001/$R2/NSIS.Library.RegTool.v3.$_24_.exe
unpack001/HaoZip.exe
unpack001/HaoZipC.exe
unpack001/HaoZipCompress.dll
unpack001/HaoZipFormats.dll
unpack001/HaoZipImage.dll
unpack001/HaoZipUpdate.exe
unpack001/HaoZipVersion.dll
unpack001/UNACEV2.DLL
unpack001/Uninstall.exe
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$PLUGINSDIR/System.dll
unpack001/lang/HaoZipLang_chs.dll
unpack001/msvcr80.dll
unpack001/sfx/HaoZip7zSetup.sfx

Files

c824432f43e00236f5a0d3f65709905f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b729b61eb1515fcf7b3e511e4e66258b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
CloseHandle
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcpynA

user32

ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/FileInfo.dll
.dll windows:4 windows x86 arch:x86

f6e384a477f8efc14029bba8fca9bd0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\program files\nsis\nsis-2.42.6-unicode-src\plugins\FileInfo.pdb

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

SetLastError
lstrcpynW
GlobalFree
lstrcpyW
GlobalAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
LCMapStringA
GetLastError
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetProcAddress
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
WriteFile
InitializeCriticalSection
RtlUnwind
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
GetStringTypeW

user32

wsprintfW

Exports

Exports

GetSpecialBuild

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:5 windows x86 arch:x86

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiW
GetModuleHandleW
GlobalLock
GlobalUnlock
GetCurrentDirectoryW
SetCurrentDirectoryW
GetPrivateProfileIntW
GetPrivateProfileStringW
lstrcatW
WritePrivateProfileStringW
lstrcpynW
lstrlenW
lstrcpyW
GlobalFree
GlobalAlloc

user32

OpenClipboard
DestroyIcon
LoadCursorW
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
SetWindowLongW
GetClientRect
SetWindowRgn
LoadIconW
LoadImageW
CreateWindowExW
MapDialogRect
GetClipboardData
GetWindowRect
CreateDialogParamW
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
SetCursor
DrawTextW
GetWindowLongW
DrawFocusRect
CallWindowProcW
PostMessageW
wsprintfW
CharNextW
MessageBoxW
CloseClipboard
GetDlgCtrlID
MapWindowPoints
SetWindowPos
PtInRect
GetWindowTextW
SetWindowTextW
SendMessageW
DestroyWindow

gdi32

SelectObject
CreateRectRgn
GetObjectW
CombineRgn
DeleteObject
CreateCompatibleDC
GetDIBits
SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
SHGetDesktopFolder

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:5 windows x86 arch:x86

6c41c5e4d44f55745b925cc4e42b7fab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
lstrlenW
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 899B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 574B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/option.ini
$R0
.dll regsvr32 windows:4 windows x86 arch:x86

fc6f71f2836fa9a75531ac1fe001bf37

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\haozip1.7\rczip1.7.3612.chs\trunk\bin\win32\release_tiny\pdb\HaoZipExt.pdb

Imports

kernel32

CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateFileW
SetFilePointer
ReadFile
GetFileAttributesW
LoadLibraryW
GetACP
FindFirstFileW
FindClose
Sleep
GetCurrentThreadId
GetSystemDefaultLangID
GetPrivateProfileStringW
ReleaseMutex
CreateMutexW
GetFileSize
GetLongPathNameW
GetFullPathNameW
GetTempPathW
GetCurrentProcess
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
GetVersionExA
GetThreadLocale
GetLocaleInfoA
InterlockedExchange
CloseHandle
lstrcpynW
DeleteCriticalSection
lstrcpynA
lstrlenW
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GlobalLock
GetDriveTypeW
GlobalUnlock
LoadLibraryExW
SizeofResource
InitializeCriticalSection
EnterCriticalSection
FindResourceW
LeaveCriticalSection
lstrcmpiW
FreeLibrary
LoadResource
DisableThreadLibraryCalls
RaiseException
GetModuleFileNameW
GetLastError
MultiByteToWideChar
GetVersion
CreateEventW
WaitForSingleObject
GetModuleHandleW

user32

LoadImageW
GetDC
GetSysColor
InsertMenuItemW
DestroyMenu
CreatePopupMenu
UnregisterClassA
wsprintfW
LoadStringW
DrawIconEx
SetMenuItemBitmaps
ReleaseDC
LoadBitmapW
CharNextW

gdi32

DeleteObject
DeleteDC
ExtTextOutW
SetBkColor
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC

advapi32

RegEnumKeyExW
RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegDeleteValueW

shell32

ShellExecuteExW
SHGetPathFromIDListW
DragQueryFileW
ShellExecuteW
SHGetSpecialFolderLocation

ole32

CoTaskMemFree
CoCreateInstance
ReleaseStgMedium
StringFromGUID2
CoTaskMemAlloc
CoCreateGuid
CoTaskMemRealloc

oleaut32

VarUI4FromStr

msvcr80

?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
?terminate@@YAXXZ
__CxxFrameHandler3
_CxxThrowException
sprintf_s
towlower
_vsnwprintf_s
towupper
_crt_debugger_hook
_errno
_waccess
_wcsnicmp
memmove
wcscat_s
malloc
_recalloc
wcscpy_s
memcmp
free
wcsncpy_s
_purecall
memmove_s
wcslen
_invalid_parameter_noinfo
sprintf
__clean_type_info_names_internal
wcschr
??3@YAXPAX@Z
memcpy
??_V@YAXPAX@Z
memset
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
memcpy_s
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
strlen
??2@YAPAXI@Z

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$R2/NSIS.Library.RegTool.v3.$_24_.exe
.exe windows:5 windows x86 arch:x86

cde62e7f485f127cc80c3ffdb9157507

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryW
GetModuleFileNameW
GlobalAlloc
FreeLibrary
LoadLibraryExW
lstrcmpiA
lstrlenA
CreateFileW
GetFileAttributesW
WriteFile
SetFilePointer
CreateProcessW
ReadFile
GetFileSize
lstrcatW
GetWindowsDirectoryW
WideCharToMultiByte
GetShortPathNameW
lstrcpyW
SetErrorMode
lstrlenW
ExitProcess
GetCommandLineW
CloseHandle
WaitForSingleObject
GlobalFree
GetModuleHandleW
lstrcpyA
GetProcAddress

oleaut32

LoadTypeLi
RegisterTypeLi

advapi32

RegQueryValueExW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyExW
RegCloseKey

user32

wsprintfW
CharNextA
wsprintfA
CharNextW

ole32

OleInitialize
OleUninitialize

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
7zNew.data
.7z
HaoZip.chm
.chm
HaoZip.exe
.exe windows:4 windows x86 arch:x86

912eceaf6d47ea05b9baf85228bcebfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\haozip1.7\rczip1.7.3612.chs\trunk\bin\win32\release_tiny\pdb\HaoZip.pdb

Imports

kernel32

FormatMessageW
WideCharToMultiByte
GetACP
MultiByteToWideChar
FileTimeToDosDateTime
SystemTimeToFileTime
GetSystemTime
DosDateTimeToFileTime
ResumeThread
WriteFile
SetEndOfFile
SetFileTime
ReadFile
SetFilePointer
GetFileSize
VirtualFree
VirtualAlloc
CreateMutexW
ReleaseMutex
GetTempFileNameW
MoveFileExW
SetFileAttributesW
GetLongPathNameW
SearchPathW
GetTempPathW
GetFullPathNameW
GetWindowsDirectoryW
lstrcatW
GetComputerNameW
GetLocalTime
GetVersionExW
LoadResource
LockResource
ExpandEnvironmentStringsW
GetSystemDefaultLangID
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
OpenEventW
GetLogicalDriveStringsW
GetVolumeInformationW
GetDiskFreeSpaceW
GetDiskFreeSpaceExW
EndUpdateResourceW
BeginUpdateResourceW
SizeofResource
UpdateResourceW
FreeResource
EnumResourceLanguagesW
FindResourceExW
EnumResourceNamesW
EnumResourceTypesW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetModuleFileNameW
LoadLibraryExW
FindResourceW
GetCurrentProcessId
GetProcessTimes
FileTimeToLocalFileTime
GetStdHandle
GlobalMemoryStatus
GetSystemInfo
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
GetThreadLocale
GetLocaleInfoA
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetVersionExA
Sleep
CreateSemaphoreW
ReleaseSemaphore
ResetEvent
TerminateThread
WaitForSingleObject
GlobalSize
InterlockedDecrement
InterlockedIncrement
GetDriveTypeW
GetFileTime
VirtualFreeEx
ReadProcessMemory
WriteProcessMemory
VirtualAllocEx
OpenProcess
GetTickCount
LoadLibraryA
DeleteCriticalSection
InitializeCriticalSection
LocalFree
LocalAlloc
MoveFileW
RemoveDirectoryW
FindNextFileW
CreateDirectoryW
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
CompareStringW
lstrcmpiW
lstrlenW
FreeLibrary
GetProcAddress
LoadLibraryW
RaiseException
FlushInstructionCache
GetCurrentThreadId
GetCurrentProcess
SetLastError
SetCurrentDirectoryW
DeleteFileW
FindCloseChangeNotification
FindFirstChangeNotificationW
LeaveCriticalSection
EnterCriticalSection
GetLastError
CreateFileW
FindClose
FindFirstFileW
CreateEventW
SetEvent
CloseHandle
WaitForMultipleObjects
InterlockedExchange
GetCurrentDirectoryW
SetErrorMode
CopyFileW
GetModuleHandleW
GetFileAttributesW
SystemTimeToTzSpecificLocalTime
CreateFileMappingW
FileTimeToSystemTime

user32

LoadCursorW
SetCursor
SendDlgItemMessageW
GetDlgItem
SetWindowTextW
wsprintfW
TrackPopupMenu
GetMessageW
TranslateMessage
UnregisterClassA
DispatchMessageW
IsDialogMessageW
IsRectEmpty
GetMenuItemRect
SetMenuItemInfoW
CheckMenuItem
GetMenuState
ExitWindowsEx
MessageBoxW
ShowCursor
GetWindowPlacement
CopyRect
SetWindowPlacement
CreateIconIndirect
GetIconInfo
CopyIcon
DeleteMenu
SetScrollInfo
GetScrollInfo
ScrollWindowEx
IsMenu
SetScrollPos
GetSysColorBrush
ClientToScreen
GetMenuItemInfoW
GetSubMenu
DrawIconEx
GetMenuItemCount
DrawFrameControl
InflateRect
TrackPopupMenuEx
InsertMenuItemW
DrawStateW
GetClassInfoExW
RegisterClassExW
CheckRadioButton
SetDlgItemInt
CheckDlgButton
GetDlgItemInt
MessageBeep
MonitorFromPoint
GetMonitorInfoW
GetCursor
EnableMenuItem
GetTopWindow
SetDlgItemTextW
LoadStringW
EnumWindows
IsChild
GetSystemMetrics
SetParent
WindowFromPoint
SetTimer
KillTimer
GetWindowThreadProcessId
FindWindowExW
GetWindowDC
EqualRect
LoadBitmapW
GetClassLongW
MoveWindow
SetClipboardViewer
ChangeClipboardChain
RegisterClassW
RegisterClipboardFormatW
SetClipboardData
EmptyClipboard
SetCapture
CallWindowProcW
DefWindowProcW
EndPaint
BeginPaint
SetRectEmpty
GetCursorPos
PtInRect
GetDlgCtrlID
GetFocus
ReleaseCapture
DrawFocusRect
FillRect
GetCapture
DestroyWindow
OffsetRect
GetClientRect
CharNextW
GetWindowTextW
GetWindow
DrawTextW
GetWindowTextLengthW
MapWindowPoints
SetWindowPos
GetPropW
SystemParametersInfoW
SetPropW
GetParent
CreateWindowExW
ScreenToClient
RedrawWindow
IsWindowEnabled
EndDialog
DialogBoxParamW
UpdateWindow
SetFocus
EnableWindow
CreateDialogParamW
SetWindowLongW
PostQuitMessage
GetWindowRect
IsWindowVisible
GetWindowLongW
InvalidateRect
LoadImageW
GetActiveWindow
GetMenu
ReleaseDC
GetDC
DestroyMenu
SetMenu
GetClipboardData
CloseClipboard
DrawTextExW
GetDesktopWindow
OpenClipboard
GetClassNameW
DestroyIcon
LoadIconW
GetSysColor
SendMessageW
AppendMenuW
CreatePopupMenu
CreateMenu
GetKeyState
BringWindowToTop
SetForegroundWindow
ShowWindow
IsIconic
IsWindow
PostMessageW
PostThreadMessageW

gdi32

SetROP2
BitBlt
CreatePatternBrush
Ellipse
LineTo
DeleteObject
MoveToEx
SetBkMode
CreateFontIndirectW
GetPixel
Rectangle
SetPixel
ExcludeClipRect
GetClipBox
GetBkColor
CreatePen
CreateCompatibleBitmap
PathToRegion
TextOutW
EndPath
BeginPath
FillPath
SetViewportOrgEx
GetTextExtentPoint32W
GetTextMetricsW
CreateSolidBrush
CreateBitmap
PatBlt
GetStockObject
GetObjectW
StretchBlt
SelectObject
ExtTextOutW
SetBkColor
CreateCompatibleDC
DeleteDC
SetTextColor

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
ChooseFontW

advapi32

RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegOpenKeyW
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueW
RegSetValueExW
RegDeleteKeyW
RegCreateKeyW
GetUserNameW
RegOpenKeyExW
RegQueryValueExW

shell32

ShellExecuteW
DragQueryFileW
SHFileOperationW
SHGetDesktopFolder
ord28
ord74
Shell_NotifyIconW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetMalloc
SHGetFileInfoW
DragFinish
SHChangeNotify
FindExecutableW
ShellExecuteExW

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
RegisterDragDrop
CoCreateInstance
OleRun
DoDragDrop
CoInitialize
CoUninitialize
ReleaseStgMedium
RevokeDragDrop

oleaut32

GetErrorInfo
VariantClear

shlwapi

PathIsRelativeW
AssocQueryStringW
SHAutoComplete
StrRetToBufW

msimg32

TransparentBlt

msvcr80

_wfopen_s
fread
strcpy_s
_wcsnicmp
_rotl
_localtime64_s
fsetpos
iswpunct
fclose
fwrite
ungetc
fgetc
fseek
setvbuf
fflush
iswascii
ispunct
fgetpos
toupper
fputc
_recalloc
sprintf_s
strcmp
memmove
rand
srand
swprintf_s
_wrename
towlower
_vsnwprintf_s
towupper
_errno
_mktime64
__RTDynamicCast
_wtoi64
wcscmp
_wtof
_snwprintf
abs
wcsstr
memcmp
wcscpy
strcpy
free
_wtoi
malloc
wcscpy_s
_purecall
wcscat
wcsncpy_s
_beginthreadex
_waccess
_endthreadex
feof
_wchmod
_CxxThrowException
__CxxFrameHandler3
__crtLCMapStringA
__pctype_func
isupper
___lc_codepage_func
___lc_handle_func
_calloc_crt
setlocale
islower
__uncaught_exception
_invoke_watson
_fsopen
wcstombs_s
_wfsopen
_get_osplatform
abort
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
wcsncmp
_time64
strlen
_itow
??0exception@std@@QAE@XZ
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_controlfp_s
_wcsupr
__iob_func
_fileno
_isatty
swscanf
sscanf
memcpy
memset
??_V@YAXPAX@Z
memcpy_s
_wcsicmp
wcsrchr
_vswprintf
wcschr
??0exception@std@@QAE@ABV01@@Z
??1exception@std@@UAE@XZ
??2@YAPAXI@Z
??0exception@std@@QAE@ABQBD@Z
wcslen
wcsncpy
_invalid_parameter_noinfo
?what@exception@std@@UBEPBDXZ
memmove_s
??3@YAXPAX@Z
memchr

comctl32

ImageList_Add
ImageList_GetIconSize
DestroyPropertySheetPage
CreatePropertySheetPageW
CreateStatusWindowW
InitCommonControlsEx
_TrackMouseEvent
PropertySheetW
ImageList_GetIcon
ImageList_GetImageCount
ImageList_LoadImageW
ord8
ImageList_ReplaceIcon
ImageList_Remove
ImageList_Destroy
ImageList_Create
ImageList_SetBkColor
ImageList_Draw

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 243KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HaoZipC.exe
.exe windows:4 windows x86 arch:x86

13c21ad40e91258da760689c09d4d0dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\haozip1.7\rczip1.7.3612.chs\trunk\bin\win32\release_tiny\pdb\HaoZipC.pdb

Imports

kernel32

GetCommandLineW
GetLastError
CloseHandle
CreateFileW
FindResourceW
GetModuleHandleW
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
GetProcAddress
GetModuleFileNameW
FreeLibrary
LoadLibraryW
LocalFree
FormatMessageW
GetPrivateProfileStringW
GetSystemDefaultLangID
DeleteFileW
CreateDirectoryW
RemoveDirectoryW
GetFileAttributesW
WaitForSingleObject
CreateMutexW
ReleaseMutex
GetStdHandle
WriteFile
FindNextFileW
FindFirstFileW
FindClose
FileTimeToDosDateTime
DosDateTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
ReadFile
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetFilePointer
GetFileSize
GetFullPathNameW
GetTempFileNameW
GetLongPathNameW
SetFileTime
SearchPathW
MoveFileW
MoveFileExW
lstrlenW
SetFileAttributesW
GetTempPathW
SetEndOfFile
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
InterlockedExchange
InterlockedCompareExchange
GetSystemTimeAsFileTime

user32

MessageBoxW
LoadStringW
IsWindow

shell32

SHGetSpecialFolderLocation
SHFileOperationW
SHChangeNotify
SHGetPathFromIDListW

ole32

CoTaskMemFree

msvcr80

setvbuf
_controlfp_s
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__winitenv
exit
_XcptFilter
memset
_purecall
??3@YAXPAX@Z
memchr
??_V@YAXPAX@Z
memmove_s
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
_invalid_parameter_noinfo
??0bad_cast@std@@QAE@ABV01@@Z
_exit
strlen
memcpy_s
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??2@YAPAXI@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
sprintf_s
localeconv
wcslen
strcspn
memcpy
memmove
__RTDynamicCast
_isatty
__iob_func
_fileno
_vsnwprintf_s
_errno
srand
_time64
rand
signal
malloc
towupper
wcschr
towlower
_waccess
__crtGetStringTypeW
__CxxFrameHandler3
_CxxThrowException
setlocale
fgetwc
fputwc
ungetwc
fflush
free
ungetc
fgetc
fwrite
fgetpos
fseek
fsetpos
fclose
__uncaught_exception
___mb_cur_max_l_func
___lc_codepage_func
___lc_handle_func
__crtLCMapStringW
__pctype_func
_calloc_crt
_create_locale
_ui64toa_s
_free_locale
_malloc_crt
abort
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_amsg_exit
__wgetmainargs
_cexit

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Sections

.text
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HaoZipCompress.dll
.dll windows:4 windows x86 arch:x86

220779d8179341f5a5a10cf1b74c1e38

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\haozip1.7\rczip1.7.3612.chs\trunk\bin\win32\release_tiny\pdb\HaoZipCompress.pdb

Imports

kernel32

GetTickCount
GetCurrentProcessId
QueryPerformanceCounter
GetCurrentThreadId
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
GetProcAddress
VirtualAlloc
VirtualFree
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
WaitForSingleObject
SetEvent
ReleaseSemaphore
GetLastError
ResetEvent
CreateSemaphoreW
CreateEventW
CloseHandle
Sleep
ResumeThread
FreeLibrary
LoadLibraryW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
GetSystemTimeAsFileTime

msvcr80

memmove_s
??2@YAPAXI@Z
memcpy_s
_invalid_parameter_noinfo
strlen
??0exception@std@@QAE@XZ
_purecall
??_V@YAXPAX@Z
memcpy
memmove
_rotl
memset
abs
strncpy_s
free
malloc
??3@YAXPAX@Z
strncmp
_fstat64i32
ungetc
strcpy
fread
_fileno
fwrite
ftell
realloc
fseek
fclose
labs
isdigit
_CxxThrowException
__CxxFrameHandler3
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
??0exception@std@@QAE@ABV01@@Z
wcslen
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
_beginthreadex

Exports

Exports

CreateCodecs
SetResFileName

Sections

.text
Size: 210KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipFormats.dll
.dll windows:4 windows x86 arch:x86

8c4f44fb30470ae4f6e953875a906d7c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\haozip1.7\rczip1.7.3612.chs\trunk\bin\win32\release_tiny\pdb\HaoZipFormats.pdb

Imports

kernel32

SetCurrentDirectoryW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
QueryPerformanceCounter
GetCurrentProcessId
GetTickCount
GetCPInfo
WideCharToMultiByte
IsDBCSLeadByte
MultiByteToWideChar
CloseHandle
ReadFile
CreateFileW
GetStdHandle
GetLastError
SetLastError
WriteFile
GetFileType
CreateFileA
SetFilePointer
SetEndOfFile
GetFileAttributesA
SetFileAttributesW
GetFileAttributesW
CreateDirectoryW
GetDiskFreeSpaceA
GetModuleHandleA
GetFullPathNameW
GetDriveTypeA
GetCurrentDirectoryW
LocalFree
FormatMessageA
Sleep
GetCurrentProcess
FileTimeToSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
GetVersionExA
SetConsoleMode
ReadConsoleA
GetConsoleMode
FindFirstFileA
FindClose
FindFirstFileW
FindNextFileA
FindNextFileW
GetTempFileNameW
GetWindowsDirectoryW
GetTempPathW
lstrlenW
MoveFileW
DeleteFileW
RemoveDirectoryW
GetFileSize
WaitForMultipleObjects
FreeLibrary
GetModuleFileNameW
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetLongPathNameW
ResumeThread
CreateSemaphoreW
ResetEvent
ReleaseSemaphore
SetEvent
WaitForSingleObject
CreateEventW
InitializeCriticalSection
VirtualAlloc
VirtualFree
DosDateTimeToFileTime
FileTimeToDosDateTime
GetACP
GetSystemInfo
InterlockedDecrement
InterlockedIncrement
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
InterlockedExchange

user32

CharToOemBuffA
CharToOemA
OemToCharA
CharLowerA
OemToCharBuffA
CharUpperA

msvcr80

free
_rotl
malloc
strcpy
vsprintf
realloc
strncpy
toupper
remove
rename
sprintf
exit
strchr
isdigit
putchar
strcat
abs
strrchr
strpbrk
_CxxThrowException
__CxxFrameHandler3
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
_crt_debugger_hook
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
strcmp
atoi
memchr
memset
memcmp
memcpy
__RTDynamicCast
memmove
_purecall
towupper
towlower
wcschr
??_V@YAXPAX@Z
_errno
_vsnwprintf_s
_invalid_parameter_noinfo
??2@YAPAXI@Z
strlen
wcslen
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
memmove_s
??3@YAXPAX@Z
memcpy_s
rand
_time64
srand
_beginthreadex
??0exception@std@@QAE@XZ
_waccess

Exports

Exports

CreateArchiveInfoObjects
SetResFileName

Sections

.text
Size: 676KB - Virtual size: 676KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipImage.dll
.dll windows:4 windows x86 arch:x86

bfdcd2e7e3883606afef4bedf2ce6e76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\haozip1.7\rczip1.7.3612.chs\trunk\bin\win32\release_tiny\pdb\HaoZipImage.pdb

Imports

kernel32

InterlockedCompareExchange
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
lstrlenW
GetFullPathNameW
SetFileAttributesW
LoadLibraryW
FreeLibrary
FindFirstFileW
FindClose
LocalFree
FormatMessageW
DeleteFileW
InterlockedDecrement
InterlockedIncrement
GetLastError
GetModuleHandleW
FindResourceW
UnhandledExceptionFilter
GetCurrentProcess
Sleep
InterlockedExchange
TerminateProcess

user32

LoadStringW
FillRect
ReleaseDC
GetDC

gdi32

CreateDIBSection
SaveDC
RestoreDC
GetDIBits
GetObjectW
SetDIBitsToDevice
SetStretchBltMode
SetWindowOrgEx
SetMapMode
LPtoDP
CreateCompatibleBitmap
BitBlt
DeleteDC
SelectObject
DPtoLP
GetMapMode
GetClipBox
CreateCompatibleDC
CreateSolidBrush
DeleteObject

msvcr80

fclose
memmove_s
fflush
_wfopen
getc
fputc
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
wcslen
??0exception@std@@QAE@ABQBD@Z
_purecall
??0exception@std@@QAE@ABV01@@Z
fread
??3@YAXPAX@Z
feof
fseek
memcpy_s
ftell
ferror
_invalid_parameter_noinfo
fgets
??_V@YAXPAX@Z
_vsnwprintf_s
_waccess
??0exception@std@@QAE@XZ
strlen
wcschr
towlower
_errno
memcpy
memset
floor
free
ldiv
malloc
strcpy
_wcsnicmp
calloc
exp
strncpy
strcmp
strncmp
longjmp
log
printf
memcmp
isprint
sprintf
__iob_func
fprintf
exit
sscanf
getenv
_CxxThrowException
__CxxFrameHandler3
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
??2@YAPAXI@Z
fwrite
_setjmp3
fscanf
__CxxLongjmpUnwind

Exports

Exports

CreateImageConvertObject
CreateImageViewObject
SetResFileName

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipUpdate.exe
.exe windows:4 windows x86 arch:x86

7c16af63b5302ea788314851647408d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\HaoZip1.7\rczip1.7.3612.chs\trunk.tiny\bin\win32\release_tiny\pdb\HaoZipUpdate.pdb

Imports

kernel32

CompareStringW
CopyFileW
MoveFileW
LoadLibraryW
GetCurrentDirectoryW
FileTimeToSystemTime
DeleteFileW
CreateDirectoryW
GetFileAttributesW
RemoveDirectoryW
WaitForSingleObject
CloseHandle
ResumeThread
GetACP
WideCharToMultiByte
FileTimeToLocalFileTime
SystemTimeToFileTime
GetSystemTime
SetFileTime
GetFileSize
WriteFile
SetFilePointer
ReadFile
CreateFileW
SetEndOfFile
GetLongPathNameW
SetFileAttributesW
GetFullPathNameW
GetTempPathW
GetTempFileNameW
GetTickCount
GetWindowsDirectoryW
FindNextFileW
FindFirstFileW
FindClose
FormatMessageW
LocalFree
GetComputerNameW
SetPriorityClass
DeviceIoControl
GetVersionExW
ExpandEnvironmentStringsW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
GetVersionExA
GetThreadLocale
GetLocaleInfoA
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
InterlockedIncrement
FreeLibrary
RaiseException
GetSystemTimeAsFileTime
GetSystemDefaultLangID
GetPrivateProfileStringW
FlushInstructionCache
lstrcmpiW
GetCurrentProcess
LeaveCriticalSection
GetModuleHandleW
GetProcAddress
LoadLibraryA
InitializeCriticalSection
GetCurrentThreadId
Sleep
GetLastError
CreateMutexW
lstrlenW
InterlockedExchange
DeleteCriticalSection
GetModuleFileNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
EnterCriticalSection
MultiByteToWideChar
SetLastError
InterlockedDecrement
InterlockedCompareExchange

user32

UnregisterClassA
GetDlgItem
PtInRect
SendMessageW
LoadIconW
GetWindow
GetWindowRect
GetWindowLongW
SetWindowTextW
LoadCursorW
GetClassNameW
SetCursor
LoadImageW
SetRectEmpty
BeginPaint
CreateWindowExW
EndPaint
IsDialogMessageW
SetFocus
UpdateWindow
GetWindowTextLengthW
GetSysColor
GetSystemMetrics
GetFocus
KillTimer
SetCapture
IsIconic
SystemParametersInfoW
DrawFocusRect
SetTimer
GetCapture
GetDlgCtrlID
GetWindowTextW
SetForegroundWindow
GetSubMenu
RegisterClassExW
DestroyMenu
IsMenu
TrackPopupMenu
GetMenuDefaultItem
LoadMenuW
SetMenuDefaultItem
ReleaseCapture
GetClassInfoExW
RegisterWindowMessageW
LoadStringW
PostMessageW
GetActiveWindow
SetDlgItemTextW
CallWindowProcW
OffsetRect
IsWindowVisible
ScreenToClient
GetCursorPos
IsWindowEnabled
DialogBoxParamW
ReleaseDC
PostQuitMessage
InvalidateRect
DrawTextW
GetDC
IsWindow
FillRect
GetParent
EndDialog
GetClientRect
MapWindowPoints
SetWindowPos
SetWindowLongW
CharNextW
DefWindowProcW
MessageBoxW
DestroyWindow
CreateDialogParamW
ShowWindow
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
DestroyIcon

gdi32

GetObjectW
SelectObject
SetTextColor
SetBkMode
CreateFontIndirectW
DeleteObject
GetStockObject

advapi32

RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW
RegEnumKeyW
GetUserNameW
RegOpenKeyW
RegQueryValueExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegEnumKeyExW
RegSetValueExW

shell32

ShellExecuteExW
ShellExecuteW
Shell_NotifyIconW
SHChangeNotify
SHGetPathFromIDListW
SHGetSpecialFolderLocation

ole32

CoInitialize
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoTaskMemRealloc

oleaut32

VarUI4FromStr

comctl32

_TrackMouseEvent
InitCommonControlsEx

msvcr80

??1exception@std@@UAE@XZ
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
__CxxFrameHandler3
_CxxThrowException
swprintf_s
strncpy
_vswprintf
swscanf_s
vswprintf_s
memcmp
_vswprintf_c_l
_localtime64_s
memcpy
strcmp
memmove
_beginthreadex
_waccess
srand
_time64
rand
wcschr
_errno
towlower
towupper
_vsnwprintf_s
_purecall
_invalid_parameter_noinfo
wcscpy_s
_wtoi
??0exception@std@@QAE@XZ
strlen
??_V@YAXPAX@Z
memcpy_s
_recalloc
wcsncpy_s
wcslen
??0exception@std@@QAE@ABV01@@Z
free
sprintf_s
??2@YAPAXI@Z
malloc
??0exception@std@@QAE@ABQBD@Z
memset
?what@exception@std@@UBEPBDXZ
memmove_s
??3@YAXPAX@Z
_controlfp_s

wininet

InternetWriteFile
InternetCrackUrlW
HttpEndRequestW
HttpOpenRequestW
HttpQueryInfoW
InternetConnectW
InternetSetOptionW
InternetOpenW
InternetCloseHandle
InternetReadFile
InternetOpenUrlW
HttpSendRequestExW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HaoZipVersion.dll
.dll windows:4 windows x86 arch:x86

24da43a02b017d3044f9525b61004f90

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\haozip1.7\rczip1.7.3612.chs\trunk\bin\win32\release_tiny\pdb\HaoZipVersion.pdb

Imports

msvcr80

_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_except_handler4_common
_encode_pointer

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

Exports

Exports

DllGetVersion

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 350B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Microsoft.VC80.CRT.manifest
TarNew.data
UNACEV2.DLL
.dll windows:1 windows x86 arch:x86

8390514c40641509cd0941c1fb7588ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

ShellExecuteA
ShellExecuteExA

kernel32

AllocConsole
CloseHandle
CreateDirectoryA
CreateFileA
CreateProcessA
DeleteFileA
DeviceIoControl
DisableThreadLibraryCalls
DosDateTimeToFileTime
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FreeConsole
GetCommandLineA
GetConsoleCursorInfo
GetConsoleScreenBufferInfo
GetCurrentDirectoryA
GetCurrentProcess
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFileInformationByHandle
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetSystemTime
GetTempPathA
GetTimeZoneInformation
GetVersion
GetVolumeInformationA
GlobalMemoryStatus
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
LCMapStringA
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
PeekConsoleInputA
ReadConsoleInputA
ReadConsoleOutputAttribute
ReadConsoleOutputA
ReadFile
RemoveDirectoryA
ScrollConsoleScreenBufferA
SearchPathA
SetConsoleCtrlHandler
SetConsoleCursorInfo
SetConsoleCursorPosition
SetConsoleScreenBufferSize
SetConsoleWindowInfo
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
SetStdHandle
Sleep
SystemTimeToFileTime
TerminateProcess
VirtualAlloc
VirtualFree
WaitForSingleObject
WriteConsoleOutputA
WriteConsoleOutputCharacterA
WriteFile

advapi32

RegCloseKey
RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

gdi32

CreateFontA
DeleteObject

user32

CharToOemBuffA
CreateDialogParamA
DestroyWindow
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
GetDlgItem
GetDlgItemTextA
GetKeyState
GetWindowTextA
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
MessageBeep
MessageBoxA
OemToCharBuffA
PeekMessageA
SendDlgItemMessageA
SetCursor
SetDlgItemTextA
SetFocus
SetTimer
SetWindowTextA
ShowCursor
ShowWindow
TranslateMessage

Exports

Exports

ACEExtract
ACEInitDll
ACEList
ACEReadArchiveData
ACETest
___DllMainCRTStartup@12

Sections

AUTO
Size: 59KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 210KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Uninstall.exe
.exe windows:5 windows x86 arch:x86

b729b61eb1515fcf7b3e511e4e66258b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
CloseHandle
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcpynA

user32

ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:5 windows x86 arch:x86

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiW
GetModuleHandleW
GlobalLock
GlobalUnlock
GetCurrentDirectoryW
SetCurrentDirectoryW
GetPrivateProfileIntW
GetPrivateProfileStringW
lstrcatW
WritePrivateProfileStringW
lstrcpynW
lstrlenW
lstrcpyW
GlobalFree
GlobalAlloc

user32

OpenClipboard
DestroyIcon
LoadCursorW
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
SetWindowLongW
GetClientRect
SetWindowRgn
LoadIconW
LoadImageW
CreateWindowExW
MapDialogRect
GetClipboardData
GetWindowRect
CreateDialogParamW
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
SetCursor
DrawTextW
GetWindowLongW
DrawFocusRect
CallWindowProcW
PostMessageW
wsprintfW
CharNextW
MessageBoxW
CloseClipboard
GetDlgCtrlID
MapWindowPoints
SetWindowPos
PtInRect
GetWindowTextW
SetWindowTextW
SendMessageW
DestroyWindow

gdi32

SelectObject
CreateRectRgn
GetObjectW
CombineRgn
DeleteObject
CreateCompatibleDC
GetDIBits
SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
SHGetDesktopFolder

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:5 windows x86 arch:x86

6c41c5e4d44f55745b925cc4e42b7fab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
lstrlenW
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 899B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 574B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/un.option.ini
ZipNew.data
lang/HaoZipLang_chs.dll
.dll windows:4 windows x86 arch:x86

d05906981f53157a7404d25bec1148ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\haozip1.7\rczip1.7.3612.chs\trunk\bin\win32\release_tiny\lang\pdb\HaoZipLang_chs.pdb

Imports

kernel32

GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess

Exports

Exports

GetLanguageName

Sections

.text
Size: 512B - Virtual size: 443B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 374KB - Virtual size: 374KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcr80.dll
.dll windows:4 windows x86 arch:x86

7fecbc4a16a5dc85a5394a1df6217680

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr80.i386.pdb

Imports

msvcrt

_getdrives

kernel32

GetStringTypeA
GetLocalTime
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetSystemDirectoryW
GetLongPathNameW
GetCurrentThreadId
TlsGetValue
DebugBreak
OutputDebugStringA
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
Sleep
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
VirtualAlloc
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WriteConsoleW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSection
MultiByteToWideChar
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
WideCharToMultiByte
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
SetLocalTime
GetStringTypeW
LoadLibraryW
GetLocaleInfoA
GetLocaleInfoW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
RtlUnwind
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
SetStdHandle
CreateFileA
CompareStringA
CompareStringW
Beep
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
RaiseException
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
CreateProcessW
HeapValidate
HeapCompact
HeapWalk
VirtualProtect
GetSystemInfo
VirtualQuery
IsDBCSLeadByteEx
ReadConsoleA
ReadConsoleW
SetConsoleMode
SetEndOfFile
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
LockFile
UnlockFile
CreatePipe
ReadFile
CreateFileW
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1exception@std@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@@6B@
??_7exception@std@@6B@
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?unexpected@@YAXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?what@exception@std@@UBEPBDXZ
@_calloc_crt@8
@_malloc_crt@4
@_realloc_crt@8
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_Strftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxCallUnwindDelDtor
__CxxCallUnwindDtor
__CxxCallUnwindStdDelDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___fls_getvalue@4
___fls_setvalue@8
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringW
__crtGetLocaleInfoW
__crtGetStringTypeW
__crtLCMapStringA
__crtLCMapStringW
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_app_type
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lc_clike
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osplatform
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__set_flsgetvalue
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abnormal_termination
_abs64
_access
_access_s
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_amsg_exit
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_calloc_crt
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_chsize_s
_clearfp
_close
_commit
_commode
_configthreadlocale
_control87
_controlfp
_controlfp_s
_copysign
_cprintf
_cprintf_l
_cprintf_p
_cprintf_p_l
_cprintf_s
_cprintf_s_l
_cputs
_cputws
_creat
_create_locale
_crt_debugger_hook
_cscanf
_cscanf_l
_cscanf_s
_cscanf_s_l
_ctime32
_ctime32_s
_ctime64
_ctime64_s
_cwait
_cwprintf
_cwprintf_l
_cwprintf_p
_cwprintf_p_l
_cwprintf_s
_cwprintf_s_l
_cwscanf
_cwscanf_l
_cwscanf_s
_cwscanf_s_l
_daylight
_decode_pointer
_difftime32
_difftime64
_dosmaperr
_dstbias
_dup
_dup2
_dupenv_s
_ecvt
_ecvt_s
_encode_pointer
_encoded_null
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_except_handler4_common
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fclose_nolock
_fcloseall
_fcvt
_fcvt_s
_fdopen
_fflush_nolock
_fgetchar
_fgetwc_nolock
_fgetwchar
_filbuf
_filelength
_filelengthi64
_fileno
_findclose
_findfirst32
_findfirst32i64
_findfirst64
_findfirst64i32
_findnext32
_findnext32i64
_findnext64
_findnext64i32
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fprintf_l
_fprintf_p
_fprintf_p_l
_fprintf_s_l
_fputchar
_fputwc_nolock
_fputwchar
_fread_nolock
_fread_nolock_s
_free_locale
_freea
_freea_s
_freefls
_fscanf_l
_fscanf_s_l
_fseek_nolock
_fseeki64
_fseeki64_nolock
_fsopen
_fstat32
_fstat32i64
_fstat64
_fstat64i32
_ftell_nolock
_ftelli64
_ftelli64_nolock
_ftime32
_ftime32_s
_ftime64
_ftime64_s
_ftol
_fullpath
_futime32
_futime64
_fwprintf_l
_fwprintf_p
_fwprintf_p_l
_fwprintf_s_l
_fwrite_nolock
_fwscanf_l
_fwscanf_s_l
_gcvt
_gcvt_s
_get_amblksiz
_get_current_locale
_get_daylight
_get_doserrno
_get_dstbias
_get_errno
_get_fmode
_get_heap_handle
_get_invalid_parameter_handler
_get_osfhandle
_get_osplatform
_get_osver
_get_output_format
_get_pgmptr
_get_printf_count_output
_get_purecall_handler
_get_sbh_threshold
_get_terminate
_get_timezone
_get_tzname
_get_unexpected
_get_winmajor
_get_winminor
_get_winver
_get_wpgmptr
_getch
_getch_nolock
_getche
_getche_nolock
_getcwd
_getdcwd
_getdcwd_nolock
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp

Sections

.text
Size: 396KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sfx/HaoZip7zSetup.sfx
.exe windows:4 windows x86 arch:x86

c8f7b83d62f6655426061884ffc021ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\HaoZip1.7\rczip1.7.3612.chs\trunk\bin\Win32\release\pdb\HaoZip7zSetup.pdb

Imports

comctl32

InitCommonControlsEx

shell32

SHGetSpecialFolderLocation
CommandLineToArgvW
ShellExecuteW
SHGetFileInfoW
SHBrowseForFolderW
SHGetMalloc
SHChangeNotify
ShellExecuteExW
SHGetPathFromIDListW

kernel32

CreateFileA
WaitForSingleObject
CreateProcessW
SetFileApisToOEM
SetPriorityClass
SetThreadPriority
GetLastError
GetCurrentProcess
GetCurrentDirectoryW
GetEnvironmentVariableW
GetCurrentThread
GetModuleFileNameW
GetShortPathNameW
LocalFree
GetCommandLineW
FindResourceW
GetModuleHandleW
CreateDirectoryW
DeleteFileW
RemoveDirectoryW
GetFileAttributesW
InterlockedIncrement
InterlockedDecrement
FindClose
FindFirstFileW
FindNextFileW
FileTimeToSystemTime
FreeLibrary
GetProcAddress
FormatMessageW
CloseHandle
ResumeThread
Sleep
GetCurrentThreadId
GetTempFileNameW
MoveFileW
CreateFileW
lstrlenW
GetTempPathW
SetFileAttributesW
GetFullPathNameW
SetFileTime
GetLongPathNameW
SetFilePointer
GetFileSize
ReadFile
WriteFile
GetDiskFreeSpaceExW
ExpandEnvironmentStringsW
GetDiskFreeSpaceW
GetVolumeInformationW
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
InitializeCriticalSection
LoadLibraryA
HeapReAlloc
VirtualAlloc
CreateEventW
GetConsoleMode
GetConsoleCP
LeaveCriticalSection
EnterCriticalSection
LCMapStringW
WideCharToMultiByte
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
WaitForMultipleObjects
SetEvent
ResetEvent
SetEndOfFile
DeleteCriticalSection
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
MultiByteToWideChar
FreeEnvironmentStringsA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
GetSystemTimeAsFileTime
ExitThread
CreateThread
RaiseException
RtlUnwind
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
ExitProcess
GetStdHandle
GetModuleFileNameA

user32

LoadStringW
GetDesktopWindow
IsDialogMessageW
ScreenToClient
PostQuitMessage
ShowWindow
KillTimer
IsWindowVisible
DispatchMessageW
TranslateMessage
CreateDialogParamW
SetTimer
DestroyIcon
SendMessageW
IsWindow
MessageBoxW
GetWindowRect
GetSystemMetrics
PostMessageW
DialogBoxParamW
SetWindowPos
GetWindowTextW
SetWindowTextW
GetDlgItem
EndDialog
EnableWindow
LoadIconW
GetMessageW

advapi32

RegCloseKey
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW

ole32

CoCreateInstance
CoUninitialize
CoTaskMemFree
CoInitialize
CoInitializeEx

Sections

.text
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
好压免责声明.txt

Sharing

General

Malware Config

Signatures

Files

b729b61eb1515fcf7b3e511e4e66258b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 409KB

.ndata Size: - Virtual size: 1.2MB

.rsrc Size: 18KB - Virtual size: 17KB

f6e384a477f8efc14029bba8fca9bd0f

Headers

File Characteristics

PDB Paths

Imports

version

kernel32

user32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 26KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 3KB - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 176B

.reloc Size: 5KB - Virtual size: 4KB

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 17KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

6c41c5e4d44f55745b925cc4e42b7fab

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 899B

.data Size: 512B - Virtual size: 64B

.reloc Size: 1024B - Virtual size: 574B

fc6f71f2836fa9a75531ac1fe001bf37

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 409KB

.ndata
Size: - Virtual size: 1.2MB

.rsrc
Size: 18KB - Virtual size: 17KB

.text
Size: 26KB - Virtual size: 26KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 3KB - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 176B

.reloc
Size: 5KB - Virtual size: 4KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 17KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 899B

.data
Size: 512B - Virtual size: 64B

.reloc
Size: 1024B - Virtual size: 574B

.text
Size: 109KB - Virtual size: 108KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 13KB - Virtual size: 13KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: - Virtual size: 7KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 243KB - Virtual size: 242KB

.data
Size: 31KB - Virtual size: 35KB

.rsrc
Size: 43KB - Virtual size: 43KB

.text
Size: 200KB - Virtual size: 200KB

.rdata
Size: 45KB - Virtual size: 45KB

.data
Size: 7KB - Virtual size: 8KB

.rsrc
Size: 2KB - Virtual size: 1KB