d204c8d6b8b73631b540fc9992cf6501_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d204c8d6b8b73631b540fc9992cf6501_JaffaCakes118
Size

887KB
MD5

d204c8d6b8b73631b540fc9992cf6501
SHA1

ee8c0561c49e94f0e8204317dc72ce1426cbf4a3
SHA256

fe67c31e0527d03fe73cf5e167042931b2cd3674debaeb1d8a3aff604b855be2
SHA512

70f0ebb75ef31e90eb2fba8f6268016c5b36e1508017be714f9fd09786ce255ae8551e2cdaa1784de16b1f10d72558e9b47376dfc9552a6df857e20220aa6bf6
SSDEEP

24576:V/9fd/fb87h6yAU+eObfnUHqKffsxq/Op8UDCP:Vf/j87cyueObtKffsxBp1Dk

Score

3^/10

Malware Config

Signatures

Unsigned PE 12 IoCs

Checks for missing Authenticode signature.

resource
d204c8d6b8b73631b540fc9992cf6501_JaffaCakes118
unpack001/$2/Plugins/gen_klrc.dll
unpack001/$3/components/foo_klrc.dll
unpack001/$3/components/foo_ui_columns.dll
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/StartMenu.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PROGRAM_FILES/Super Rabbit/KLPlayer/KLrcEditor.exe
unpack001/$PROGRAM_FILES/Super Rabbit/KLPlayer/KLyricDll.dll
unpack001/$PROGRAM_FILES/Windows Media Player/KLrcWmp.dll
unpack001/$PROGRAM_FILES_COMMON/real/visualizations/KLrcPlugin.rpv
unpack001/uninst.exe

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
static1/unpack001/uninst.exe	nsis_installer_1

Files

d204c8d6b8b73631b540fc9992cf6501_JaffaCakes118
.exe windows:4 windows x86 arch:x86

237a51742fed62d237b6f1b75452402f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
SetFileTime
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
CloseHandle
lstrcmpiA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
MulDiv
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA

user32

ExitWindowsEx
CharNextA
DialogBoxParamA
GetClassInfoA
SystemParametersInfoA
RegisterClassA
EndDialog
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
CreateDialogParamA
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
LoadImageA
GetDC
EnableWindow
InvalidateRect
CreateWindowExA
GetWindowLongA
DrawFocusRect
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
TrackPopupMenu
wsprintfA
SendMessageA
CallWindowProcA
MapWindowPoints
GetWindowRect
ScreenToClient
PtInRect
LoadCursorA
SetCursor
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
SetWindowLongA

gdi32

SetBkColor
GetDeviceCaps
GetCurrentObject
GetObjectA
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegEnumKeyA
RegEnumValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegQueryValueExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 312KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$2/Plugins/gen_klrc.dll
.dll windows:4 windows x86 arch:x86

24f59e6ecc8e911e44418a403347a912

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
RaiseException
RtlUnwind
HeapReAlloc
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
WritePrivateProfileStringW
GetThreadLocale
InterlockedIncrement
GlobalFlags
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
CloseHandle
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
InterlockedExchange
WideCharToMultiByte
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
MultiByteToWideChar
GetVersionExA
FreeResource
GlobalFree
GlobalAlloc
FormatMessageW
LocalFree
InterlockedDecrement
GetModuleFileNameW
GetModuleHandleW
GlobalLock
GlobalUnlock
MulDiv
GetModuleHandleA
GetLastError
SetLastError
GetProcAddress
lstrlenW
LoadLibraryW
FreeLibrary
Sleep
LockResource
GetPrivateProfileIntW
SizeofResource
LoadResource
HeapCreate
FindResourceW

user32

GetSysColorBrush
DestroyMenu
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
UnregisterClassW
IsWindowVisible
UpdateWindow
GetMenu
PostMessageW
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
DefWindowProcW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
UnhookWindowsHookEx
EndPaint
BeginPaint
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
GetWindowThreadProcessId
PostQuitMessage
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetWindowLongW
SetWindowLongW
CallWindowProcW
SetCursor
GetWindowRect
FillRect
SetCapture
GetParent
LoadCursorW
PtInRect
IsWindow
ReleaseCapture
SetTimer
KillTimer
SetForegroundWindow
GetClientRect
InvalidateRect
GetSysColor
SendMessageW
EnableWindow
SetRect
LoadImageW
LoadBitmapW
GetDlgCtrlID
UnregisterClassA

gdi32

DeleteDC
CreateBitmap
GetStockObject
PtVisible
GetDeviceCaps
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
CreateSolidBrush
GetClipBox
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
BitBlt
DeleteObject
SelectObject
CreateCompatibleDC
GetObjectW
RectVisible

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegOpenKeyW
RegSetValueExW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW

shlwapi

PathFindExtensionW
PathFindFileNameW

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

winampGetGeneralPurposePlugin

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$3/components/foo_klrc.dll
.dll windows:4 windows x86 arch:x86

0bf4c24e26ac2274fe0cb96fbef0238d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcess
HeapFree
HeapReAlloc
RaiseException
HeapAlloc
RtlUnwind
GetCommandLineA
GetProcessHeap
HeapSize
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
HeapDestroy
VirtualFree
VirtualAlloc
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
SetFilePointer
WriteFile
InterlockedExchange
GetModuleHandleA
GlobalFlags
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryA
lstrcmpW
GetVersionExA
GetThreadLocale
GetCurrentProcessId
GetVersion
SetErrorMode
GetCurrentThreadId
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetModuleFileNameW
GetModuleHandleW
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
LocalFree
WideCharToMultiByte
MultiByteToWideChar
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
CloseHandle
SetLastError
GetLastError
GetTickCount
FindResourceW
LoadResource
LockResource
SizeofResource
FormatMessageW
InterlockedDecrement
InterlockedIncrement
GetProcAddress
FreeLibrary
LoadLibraryW
lstrlenW
HeapCreate

user32

DrawTextExW
GrayStringW
DestroyMenu
PostQuitMessage
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
GetClassNameW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
GetMessageTime
GetMessagePos
SetForegroundWindow
GetMenu
PostMessageW
GetClassInfoExW
GetClassInfoW
AdjustWindowRectEx
DrawTextW
UnregisterClassA
GetDlgCtrlID
CallWindowProcW
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetWindowTextW
GetLastActivePopup
IsWindowEnabled
EnableWindow
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
SetWindowsHookExW
CallNextHookEx
DispatchMessageW
PeekMessageW
ValidateRect
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
BeginPaint
EndPaint
KillTimer
SetTimer
ShowWindow
SetParent
SetWindowPos
CreateWindowExW
LoadCursorW
TabbedTextOutW
ClientToScreen
SetWindowTextW
RegisterClassW
SetWindowLongW
GetParent
RedrawWindow
DefWindowProcW
DestroyWindow
UnregisterClassW
MessageBoxW
MapWindowPoints
GetClientRect
PtInRect
GetClassLongW
GetWindow
GetKeyState
SendMessageW
GetWindowLongW
GetWindowThreadProcessId
CopyRect

gdi32

TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
RectVisible
PtVisible
CreateBitmap
GetDeviceCaps
OffsetWindowOrgEx
SetWindowOrgEx
SetMapMode
RestoreDC
SaveDC
DeleteObject
SetBkColor
SetTextColor
GetClipBox

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegQueryValueExW
RegCreateKeyExW
RegCloseKey

shlwapi

PathFindFileNameW
PathFindExtensionW

oleaut32

VariantChangeType
VariantClear
VariantInit

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$3/components/foo_ui_columns.dll
.dll windows:4 windows x86 arch:x86

f52b1f4a36cc5eb266a810c2cc0b45a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

ImageList_Create
_TrackMouseEvent
ImageList_Destroy
InitCommonControlsEx
ImageList_Add
ImageList_AddMasked

shlwapi

SHAutoComplete

shared

??0uCallStackTracker@@QAE@PBD@Z
??1uCallStackTracker@@QAE@XZ
_uGetMenuItemType@8
_uGetMenuString@16
_uModifyMenu@20
_uTabCtrl_SetItem@12
_stricmp_utf8_ex@16
_uSendMessageText@16
_uGetFileAttributes@4
_uDragQueryFile@12
_uDragQueryFileCount@4
_uAppendMenu@16
_uFormatSystemErrorMessage@8
_uGetWindowText@8
_uSortStringCreate@4
_uSortStringFree@4
_uSortStringCompare@8
_uLoadImage@24
_uExtTextOut@32
_uGetTextExtentPoint32@16
_uSetWindowText@8
_ModalDialog_Switch@4
_uStringCompare@8
_uShellNotifyIconEx@32
_uFixAmpersandChars@8
_uSetDlgItemText@12
_FindOwningPopup@4
_uGetDlgItemText@12
_uTreeView_InsertItem@8
_uTabCtrl_InsertItem@12
_uCharLower@4
_uListBox_GetText@12
_uChooseColor@12
_uGetFullPathName@8
_uGetTextHeight@4
_uGetOpenFileName@32
_uSendDlgItemMessageText@20
_uLoadLibrary@4
_uGetModuleFileName@8
_stricmp_utf8_partial@12
_stricmp_utf8@8
_uMessageBox@16
_uPrintfV@12
_uGetFontHeight@4
_uRegisterWindowMessage@4
_uShellNotifyIcon@24
_uFixAmpersandChars_v2@8

kernel32

ReadFile
Sleep
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleA
InterlockedIncrement
InterlockedDecrement
MulDiv
CloseHandle
GetLastError
CreateEventW
SetLastError
GetLocalTime
GetCurrentThreadId
GetVersionExW
FreeLibrary
GetProcAddress
LoadLibraryW
LockResource
LoadResource
FindResourceW
QueryPerformanceCounter
QueryPerformanceFrequency
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
SetUnhandledExceptionFilter
GetProcessHeap
GetVersionExA
GetCommandLineA
RtlUnwind
HeapSize
HeapFree
HeapAlloc
HeapReAlloc
RaiseException
LoadLibraryA
InterlockedExchange
LocalAlloc
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
GetTickCount
WideCharToMultiByte
MultiByteToWideChar
FormatMessageW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
CreateFileW
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
CreateFileA

user32

IsZoomed
GetSystemMetrics
InsertMenuW
EndDialog
GetMonitorInfoW
MonitorFromPoint
SetWindowsHookExW
UnhookWindowsHookEx
IsWindow
SetWindowPlacement
SystemParametersInfoW
RegisterClassW
MessageBoxW
RegisterWindowMessageW
FindWindowW
GetSysColorBrush
UpdateWindow
SendDlgItemMessageW
EnableWindow
CreateDialogParamW
TrackPopupMenuEx
ValidateRect
GetUpdateRect
SetDlgItemInt
GetDlgItemInt
IsWindowEnabled
GetWindowPlacement
SetForegroundWindow
IsIconic
UnregisterClassW
DestroyIcon
GetDlgItem
SetLayeredWindowAttributes
CallNextHookEx
LoadImageW
IntersectRect
GetAncestor
RealChildWindowFromPoint
ChildWindowFromPoint
LoadCursorW
SetCursor
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetCapture
WindowFromPoint
IsChild
GetSysColor
BeginPaint
EndPaint
GetMenuItemCount
GetDoubleClickTime
ShowScrollBar
GetScrollInfo
ScrollWindowEx
DrawFocusRect
GetParent
GetAsyncKeyState
GetNextDlgTabItem
SetRectEmpty
SetScrollInfo
IsWindowVisible
SetCapture
ReleaseCapture
CreatePopupMenu
GetFocus
SetFocus
MapWindowPoints
AppendMenuW
SetMenuItemInfoW
TrackPopupMenu
DestroyMenu
FillRect
FrameRect
GetWindowLongW
DefWindowProcW
ClientToScreen
GetWindowRect
PtInRect
PostMessageW
GetKeyState
GetDC
ReleaseDC
TrackMouseEvent
CallWindowProcW
RedrawWindow
ScreenToClient
ChildWindowFromPointEx
SetWindowLongW
ShowWindow
SetParent
SetWindowPos
SendMessageW
SetTimer
GetMessagePos
CreateWindowExW
GetClientRect
DestroyWindow
KillTimer
DrawEdge
InvalidateRect
GetWindow
MapDialogRect
GetSubMenu
GetMenuState
GetMenuItemID
DialogBoxParamW
GetCursorPos

gdi32

SetPixel
SetWindowOrgEx
OffsetWindowOrgEx
CombineRgn
CreateRectRgnIndirect
CreateDIBSection
GdiFlush
CreateDIBitmap
GetObjectW
GetTextExtentExPointW
SetTextAlign
GetDeviceCaps
EnumFontFamiliesExW
SetBkMode
SetTextColor
CreateCompatibleDC
CreateCompatibleBitmap
CreatePen
MoveToEx
LineTo
BitBlt
DeleteDC
CreateSolidBrush
SelectObject
DeleteObject
CreateFontIndirectW

comdlg32

ChooseFontW

ole32

RevokeDragDrop
RegisterDragDrop
ReleaseStgMedium
DoDragDrop
OleInitialize
OleUninitialize

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 418KB - Virtual size: 417KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

57354bdeea3dfae6e948101add87501a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
GetPrivateProfileIntA
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
MultiByteToWideChar
GlobalAlloc

user32

GetDlgCtrlID
GetClientRect
SetWindowRgn
MapWindowPoints
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
PtInRect
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
LoadIconA

gdi32

SetTextColor
GetObjectA
SelectObject
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
CreateCompatibleDC

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/StartMenu.dll
.dll windows:4 windows x86 arch:x86

7d85f9c30f9e87a65fff848de2c96ac1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
GlobalAlloc
MulDiv
GetModuleHandleA
GlobalFree
FindClose
FindNextFileA
FindFirstFileA
lstrcmpiA
lstrcatA
lstrcpyA

user32

GetMessageA
IsDialogMessageA
PostMessageA
CallWindowProcA
TranslateMessage
CheckDlgButton
ShowWindow
LoadIconA
GetClientRect
MoveWindow
ScreenToClient
GetWindowRect
ReleaseDC
GetDC
EnableWindow
SetWindowTextA
SendMessageA
GetWindowTextA
IsDlgButtonChecked
DispatchMessageA
DestroyWindow
GetDlgItem
CreateDialogParamA
SetWindowLongA
wsprintfA
GetWindowLongA

gdi32

GetTextMetricsA
SelectObject

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA

Exports

Exports

Init
Select
Show

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 460B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 494B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PROGRAM_FILES/Super Rabbit/KLPlayer/KLrcEditor.exe
.exe windows:4 windows x86 arch:x86

22d913ec74d42eb0ac124d659738c95e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\HappyPlayer\_source\bin\KLrcEditor.pdb

Imports

kernel32

GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
TerminateProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
Sleep
LCMapStringA
FreeEnvironmentStringsW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetEnvironmentStrings
FindResourceW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapSize
ExitProcess
RaiseException
HeapReAlloc
RtlUnwind
GetSystemTimeAsFileTime
GetStartupInfoW
GetProcessHeap
HeapAlloc
HeapFree
SetErrorMode
LocalFileTimeToFileTime
FileTimeToLocalFileTime
CreateFileW
GetShortPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiW
GetStringTypeExW
DeleteFileW
MoveFileW
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrlenA
GlobalGetAtomNameW
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
SetFileTime
GetFileAttributesW
GetTickCount
InterlockedDecrement
WritePrivateProfileStringW
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GlobalFree
GlobalAlloc
FormatMessageW
LocalFree
CloseHandle
GlobalLock
GlobalUnlock
MulDiv
GetModuleHandleA
GetCurrentProcessId
GetVersionExW
GetCurrentThreadId
FreeLibrary
GetProcAddress
SetLastError
GetLastError
LoadLibraryW
GetModuleHandleW
lstrlenW
GetModuleFileNameW
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
LockResource
SizeofResource
LoadResource
GetTimeZoneInformation

user32

DrawMenuBar
TranslateMDISysAccel
CharUpperW
MessageBeep
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
UnregisterClassW
PostThreadMessageW
SetParent
CreateMenu
GetTabbedTextExtentA
GetDCEx
RegisterClipboardFormatW
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
DeferWindowPos
GetScrollInfo
SetScrollInfo
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
GetWindowPlacement
GetMenuStringW
InsertMenuW
TranslateMessage
DispatchMessageW
GetActiveWindow
PeekMessageW
ValidateRect
SetCursor
SetWindowRgn
DrawIcon
FindWindowW
EndPaint
BeginPaint
GetWindowDC
GetDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetWindowThreadProcessId
GetLastActivePopup
GetDlgCtrlID
AdjustWindowRectEx
GetWindow
IsChild
IsWindowEnabled
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
TrackPopupMenuEx
GetMenuState
LoadBitmapW
SetMenuInfo
GetMenuInfo
DestroyIcon
SetMenuItemInfoW
AnimateWindow
IntersectRect
ReleaseDC
GetDesktopWindow
GetMessageTime
GetMessagePos
IsRectEmpty
LoadCursorW
SubtractRect
GetSysColorBrush
keybd_event
ScreenToClient
DrawIconEx
CallNextHookEx
WindowFromPoint
SetFocus
GetMenuItemInfoW
SetRectEmpty
InsertMenuItemW
GetWindowLongW
AppendMenuW
CreatePopupMenu
IsWindow
SetWindowsHookExW
UnhookWindowsHookEx
MapWindowPoints
DrawFrameControl
GetSystemMenu
GetMenuItemID
GetClassLongW
GetMenuItemCount
RemoveMenu
OffsetRect
RedrawWindow
LoadImageW
CopyRect
FillRect
SetCapture
DefFrameProcW
SetCursorPos
UnpackDDElParam
ReuseDDElParam
GetParent
PtInRect
DestroyMenu
LoadAcceleratorsW
BringWindowToTop
TranslateAcceleratorW
SystemParametersInfoA
DestroyCursor
GetCapture
InflateRect
SetRect
UnionRect
GetSysColor
FrameRect
EqualRect
ReleaseCapture
ClientToScreen
SetTimer
IsIconic
PostMessageW
KillTimer
IsZoomed
GetMenu
SystemParametersInfoW
SetMenu
GetSystemMetrics
IsWindowVisible
GetWindowRect
RegisterWindowMessageW
GetKeyState
GetSubMenu
GetFocus
LockWindowUpdate
InvalidateRect
LoadMenuW
GetCursorPos
MessageBoxW
UpdateWindow
GetClientRect
SendMessageW
EnableWindow
GetMessageW
UnregisterClassA

gdi32

GetPixel
DeleteDC
CreatePatternBrush
GetStockObject
GetDeviceCaps
CreatePen
CreateSolidBrush
CreateEllipticRgn
DPtoLP
LPtoDP
Ellipse
CreateDCW
GetViewportOrgEx
Rectangle
PatBlt
StartPage
EndPage
SetAbortProc
EndDoc
GetTextExtentPoint32W
GetBkColor
GetTextMetricsW
GetCharWidthW
CreateFontW
StretchDIBits
SetRectRgn
CombineRgn
GetMapMode
GetTextColor
GetRgnBox
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceW
GetTextExtentPoint32A
GetWindowOrgEx
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
AbortDoc
ExtSelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateBitmap
CreateFontIndirectW
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
SetPixel
CreateRectRgnIndirect
StartDocW

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW
GetJobW

advapi32

RegOpenKeyExW
RegCreateKeyW
GetFileSecurityW
SetFileSecurityW
RegDeleteValueW
RegQueryValueW
RegEnumKeyW
RegCreateKeyExW
RegOpenKeyW
RegSetValueW
RegDeleteKeyW
RegSetValueExW
RegCloseKey
RegQueryValueExW

shell32

SHChangeNotify
SHGetFileInfoW
DragFinish
ExtractIconW
DragQueryFileW

comctl32

InitCommonControlsEx

shlwapi

PathRemoveExtensionW
PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoRegisterMessageFilter
OleFlushClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoFreeUnusedLibraries
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
OleUninitialize
OleInitialize
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
OleIsCurrentClipboard

oleaut32

SysFreeString
SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysStringLen

uxtheme

DrawThemeBackground
SetWindowTheme
OpenThemeData
CloseThemeData
IsThemeActive

Sections

.text
Size: 396KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PROGRAM_FILES/Super Rabbit/KLPlayer/KLyricDll.dll
.dll regsvr32 windows:4 windows x86 arch:x86

29bc98f66cbd5a1564ccdcd6709b917f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\HappyPlayer\_source\bin\KLyricDll.pdb

Imports

kernel32

GetFileAttributesW
GetFileTime
FindResourceExW
HeapFree
HeapAlloc
HeapReAlloc
VirtualAlloc
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetProcessHeap
RtlUnwind
ExitProcess
ExitThread
CreateThread
HeapSize
SetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
GlobalFlags
GetCPInfo
GetACP
GetOEMCP
Sleep
LCMapStringA
LCMapStringW
GetTimeZoneInformation
SetHandleCount
GetStartupInfoA
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
VirtualProtect
CreateEventW
SuspendThread
SetEvent
WaitForSingleObject
SetThreadPriority
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
GetVersion
InterlockedIncrement
GlobalAlloc
FormatMessageW
LocalFree
InterlockedDecrement
MulDiv
GetModuleHandleA
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
ReadFile
SetFilePointer
GetTempPathA
DeleteFileW
GetTempFileNameA
GetTempPathW
GetTempFileNameW
SetLastError
DeleteFileA
CreateDirectoryW
GetProcAddress
LoadLibraryW
ResumeThread
FindNextFileW
InterlockedExchange
CreateFileMappingW
CreateFileW
WriteFile
UnmapViewOfFile
MapViewOfFile
lstrlenA
GetFileSize
WideCharToMultiByte
FindClose
WritePrivateProfileStringW
GetPrivateProfileStringW
FindFirstFileW
DeleteCriticalSection
lstrcmpiW
EnterCriticalSection
RaiseException
lstrlenW
MultiByteToWideChar
GetModuleFileNameW
LeaveCriticalSection
InitializeCriticalSection
GetModuleHandleW
LoadLibraryExW
FreeLibrary
LockResource
SizeofResource
LoadResource
FindResourceW
CloseHandle
DeviceIoControl
GetVersionExW
GetVolumeInformationA
GetWindowsDirectoryA
GetCurrentProcess
CreateFileA
GetModuleFileNameA
GetLastError

user32

GetMessageW
TranslateMessage
ValidateRect
GetWindowThreadProcessId
PostQuitMessage
EndPaint
BeginPaint
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
SetForegroundWindow
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetDesktopWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamW
DestroyWindow
GetWindowLongW
EnableWindow
CopyRect
UnregisterClassA
SendMessageW
LoadBitmapW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuW
GetMenuState
GetIconInfo
GetSysColorBrush
IsWindowVisible
ShowWindow
OffsetRect
GetMenu
DestroyMenu
GetAsyncKeyState
MapDialogRect
WindowFromPoint
DrawFocusRect
UnregisterClassW
CharUpperW
GetClientRect
CharNextW
CheckMenuItem
IsWindow
GetActiveWindow
GetCursorPos
EnableMenuItem
LoadMenuW
GetParent
GetSubMenu
TrackPopupMenu
IsRectEmpty
ReleaseCapture
EqualRect
DestroyCursor
ReleaseDC
GetDC
PtInRect
LoadCursorW
GetKeyState
PostMessageW
SetCapture
GetMenuItemID
GetMenuItemCount
GetWindowRect
SetTimer
KillTimer
LoadIconW
DestroyIcon
GetWindow
MessageBoxW
ClientToScreen
GetWindowDC
DrawIcon
GetClassLongW
InvalidateRect
SetClassLongW
GetSysColor
SetCursor
FillRect

gdi32

ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SetViewportExtEx
CreatePen
GetTextMetricsW
EnumFontFamiliesExW
SetColorAdjustment
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetPixel
SetTextCharacterExtra
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetCurrentObject
GetDeviceCaps
Rectangle
BitBlt
DeleteDC
CreateDIBSection
CreateFontIndirectW
StretchBlt
GetDIBits
SetDIBColorTable
DeleteObject
SelectObject
CreateCompatibleBitmap
SetDCPenColor
StretchDIBits
GetColorAdjustment
SetStretchBltMode
GetStockObject
CreateSolidBrush
GetTextExtentPoint32W
CreateCompatibleDC
GetObjectW

msimg32

TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumKeyW
RegOpenKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegCreateKeyExW
RegQueryValueW

shell32

SHBrowseForFolderW
SHGetFolderPathW
SHGetPathFromIDListW
ShellExecuteW

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
UrlEscapeW
UrlUnescapeW

ole32

CoCreateInstance
CoTaskMemRealloc
StringFromGUID2
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
OleRun

oleaut32

SysAllocString
SysStringLen
LoadTypeLi
UnRegisterTypeLi
VarUI4FromStr
RegisterTypeLi
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
LoadRegTypeLi
SysFreeString

ws2_32

WSAStartup
htons
getprotobyname
WSACleanup
recv
socket
closesocket
gethostbyname
send
connect

gdiplus

GdipGetImageWidth
GdipCloneImage
GdipBitmapLockBits
GdipGetImagePaletteSize
GdipCreateBitmapFromFile
GdipDisposeImage
GdipAlloc
GdipBitmapUnlockBits
GdiplusStartup
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImageHeight
GdipFree
GdiplusShutdown
GdipGetImageGraphicsContext
GdipDrawImageI

iphlpapi

GetAdaptersInfo

winmm

mmioClose
mmioDescend
mmioSeek
mmioOpenW
mmioRead

wininet

InternetCrackUrlW
InternetCanonicalizeUrlW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
FileExists
FreeTsa
FreeTsas
GetLyricUrlA
GetLyricUrlW
GetLyricUrlsA
GetLyricUrlsW
GetMACAddress
GetPhysicalDriveSerialNumber
GetTempFileNameA
GetTempFileNameW
HttpDownload1A
HttpDownload1W
HttpDownloadA
HttpDownloadW
IntToLrcTime
Klyric_FreeMp3InfoObj
Klyric_FreeObj
Klyric_FreePaintObj
Klyric_GetMp3InfoObj
Klyric_GetObj
Klyric_GetPaintObj
Lrc2Krc
LrcTimeToStr
SearchLyricA
SearchLyricW
SearchMp3InfoA
SearchMp3InfoW
StrToLrcTime
aes_calc_ctlen_ex
aes_decrypt_ex
aes_encrypt_ex
aes_free_ex
aes_initialize_ex
des_str
func1
hex2str
hex2wstr
md5_buffer
md5_compare
md5_conparestr
md5_file
str2hex
undes_str
wstr2hex

Sections

.text
Size: 428KB - Virtual size: 427KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAM_FILES/Super Rabbit/KLPlayer/ReadMe.txt
$PROGRAM_FILES/Windows Media Player/KLrcWmp.dll
.dll regsvr32 windows:4 windows x86 arch:x86

39599a158cf1733f12a32c94907350ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
lstrcpynW
SetLastError
InitializeCriticalSection
DeleteCriticalSection
GetLastError
lstrcmpiW
GetModuleFileNameW
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
FreeLibrary
MultiByteToWideChar
LoadLibraryExW
GetModuleHandleW
LoadLibraryW
GetProcAddress
lstrlenW
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetOEMCP
GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
GetCurrentProcess
FlushInstructionCache
FindResourceW
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
RaiseException
EnterCriticalSection
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetFileType
SetHandleCount
HeapSize
Sleep
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
HeapCreate
HeapDestroy
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
RtlUnwind
HeapReAlloc
GetCommandLineA
SetUnhandledExceptionFilter
GetModuleHandleA
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetStartupInfoA

user32

GetWindowRect
SetWindowLongW
ReleaseDC
GetClientRect
GetDC
wsprintfW
RegisterWindowMessageA
PostMessageW
CharNextW
DialogBoxParamW
EndDialog
GetParent
GetWindow
UnregisterClassA
SystemParametersInfoW
MapWindowPoints
SetWindowPos
SetDlgItemTextW
GetDlgItemTextW
GetWindowLongW
LoadStringW

advapi32

RegEnumKeyExW
RegQueryValueExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

ole32

CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc

oleaut32

LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysAllocStringLen
SysStringLen
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAM_FILES_COMMON/real/visualizations/KLrcPlugin.rpv
.dll windows:4 windows x86 arch:x86

68153bff67cdb7c7c91e1573ed7d9fad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
RtlUnwind
GetCommandLineA
GetVersion
HeapAlloc
HeapFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
IsBadWritePtr
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo

user32

GetWindowLongA
CallWindowProcA
DefWindowProcA
InvalidateRect
BeginPaint
GetClientRect
EndPaint
SetWindowLongA
KillTimer
GetParent
GetWindowTextA
GetWindow
SetTimer
UpdateWindow

advapi32

RegQueryValueExA
RegCloseKey
RegCreateKeyExA

Exports

Exports

MPACreateVisualization

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninst.exe
.exe windows:4 windows x86 arch:x86

237a51742fed62d237b6f1b75452402f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
SetFileTime
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
CloseHandle
lstrcmpiA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
MulDiv
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA

user32

ExitWindowsEx
CharNextA
DialogBoxParamA
GetClassInfoA
SystemParametersInfoA
RegisterClassA
EndDialog
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
CreateDialogParamA
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
LoadImageA
GetDC
EnableWindow
InvalidateRect
CreateWindowExA
GetWindowLongA
DrawFocusRect
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
TrackPopupMenu
wsprintfA
SendMessageA
CallWindowProcA
MapWindowPoints
GetWindowRect
ScreenToClient
PtInRect
LoadCursorA
SetCursor
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
SetWindowLongA

gdi32

SetBkColor
GetDeviceCaps
GetCurrentObject
GetObjectA
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegEnumKeyA
RegEnumValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegQueryValueExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 312KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp

Sharing

General

Malware Config

Signatures

Files

237a51742fed62d237b6f1b75452402f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 290KB

.ndata Size: - Virtual size: 312KB

.rsrc Size: 23KB - Virtual size: 24KB

24f59e6ecc8e911e44418a403347a912

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shlwapi

oleaut32

Exports

Exports

Sections

.text Size: 140KB - Virtual size: 139KB

.rdata Size: 36KB - Virtual size: 32KB

.data Size: 12KB - Virtual size: 24KB

.rsrc Size: 52KB - Virtual size: 51KB

.reloc Size: 20KB - Virtual size: 19KB

0bf4c24e26ac2274fe0cb96fbef0238d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shlwapi

oleaut32

Exports

Exports

Sections

.text Size: 118KB - Virtual size: 117KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 8KB - Virtual size: 23KB

.rsrc Size: 512B - Virtual size: 176B

.reloc Size: 21KB - Virtual size: 21KB

f52b1f4a36cc5eb266a810c2cc0b45a5

Headers

File Characteristics

Imports

comctl32

shlwapi

shared

kernel32

user32

gdi32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 418KB - Virtual size: 417KB

.rdata Size: 91KB - Virtual size: 91KB

.data Size: 10KB - Virtual size: 21KB

.rsrc Size: 29KB - Virtual size: 28KB

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 290KB

.ndata
Size: - Virtual size: 312KB

.rsrc
Size: 23KB - Virtual size: 24KB

.text
Size: 140KB - Virtual size: 139KB

.rdata
Size: 36KB - Virtual size: 32KB

.data
Size: 12KB - Virtual size: 24KB

.rsrc
Size: 52KB - Virtual size: 51KB

.reloc
Size: 20KB - Virtual size: 19KB

.text
Size: 118KB - Virtual size: 117KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 8KB - Virtual size: 23KB

.rsrc
Size: 512B - Virtual size: 176B

.reloc
Size: 21KB - Virtual size: 21KB

.text
Size: 418KB - Virtual size: 417KB

.rdata
Size: 91KB - Virtual size: 91KB

.data
Size: 10KB - Virtual size: 21KB

.rsrc
Size: 29KB - Virtual size: 28KB

.reloc
Size: 46KB - Virtual size: 45KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 954B

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 296B

.reloc
Size: 512B - Virtual size: 460B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 92B

.reloc
Size: 512B - Virtual size: 494B

.text
Size: 396KB - Virtual size: 393KB

.rdata
Size: 104KB - Virtual size: 101KB

.data
Size: 16KB - Virtual size: 32KB