d23bc817d7f8bdf031700f3faf9239f6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d23bc817d7f8bdf031700f3faf9239f6_JaffaCakes118
Size

8.0MB
MD5

d23bc817d7f8bdf031700f3faf9239f6
SHA1

72db312865871786c97453228d529a95f766c67c
SHA256

4dee7b4329905a3b9eac2422df878e88f835d90b5bd022ed0a16aa4d6911c191
SHA512

c93b80c8af250cb7db172b0d9a95e3d0b64df3249cfb46a9193c713bc9fd8fab40c0384b1de08a894b1c9b303d1b43a2ba627f458c91bfea6d6cc67504acff95
SSDEEP

196608:yE00BK+EU2rTke+K7wxJFD/MA1FK2/kH4smPBfXjSFXBh:yqKd3t7wxJdMAjK2/kH4smPlUz

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/彩名堂客户端/HPSocket4C-SSL.dll
unpack001/彩名堂客户端/lib.dll
unpack001/彩名堂客户端/彩名堂.exe

Files

d23bc817d7f8bdf031700f3faf9239f6_JaffaCakes118
.rar
彩名堂客户端/Group.ini
彩名堂客户端/HPSocket4C-SSL.dll
.dll windows:5 windows x86 arch:x86

eb34dc2352df69649927a9bd0f907504

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\MyWork\Cpp\HP-Socket_4.3.1\Bin\HPSocket4C\x86\HPSocket4C-SSL.pdb

Imports

kernel32

LoadResource
FindResourceW
FindResourceExW
SetLastError
UnmapViewOfFile
lstrlenA
ResetEvent
SetEvent
MultiByteToWideChar
GetExitCodeThread
CreateFileA
GetProcAddress
GetModuleHandleA
GetFileSize
CreateFileMappingA
MapViewOfFileEx
lstrcpyA
PostQueuedCompletionStatus
CreateIoCompletionPort
WaitForMultipleObjects
GetQueuedCompletionStatus
InterlockedExchangeAdd
SystemTimeToFileTime
GetSystemTime
GetModuleHandleExW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
DeleteFiber
SwitchToFiber
CreateFiber
GetModuleHandleW
GetVersion
WriteFile
GetFileType
GetStdHandle
FindNextFileW
FindFirstFileW
FindClose
ConvertFiberToThread
ConvertThreadToFiber
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetCurrentProcessId
GlobalMemoryStatus
FreeLibrary
LoadLibraryA
LoadLibraryW
GetConsoleMode
SetConsoleMode
ReadConsoleA
LockResource
GetEnvironmentVariableW
SetEnvironmentVariableA
CompareStringW
WriteConsoleW
FlushFileBuffers
SizeofResource
WideCharToMultiByte
GetLastError
CreateEventA
GetNativeSystemInfo
ReleaseSemaphore
WaitForSingleObject
CloseHandle
CreateSemaphoreA
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
SwitchToThread
Sleep
InterlockedCompareExchange
InterlockedDecrement
GetCurrentDirectoryW
GetDriveTypeW
PeekNamedPipe
GetFileInformationByHandle
GetFullPathNameA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
IsProcessorFeaturePresent
RtlUnwind
GetTimeZoneInformation
LCMapStringW
GetStringTypeW
ReadFile
SetEndOfFile
GetConsoleCP
SetStdHandle
GetStartupInfoW
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
FindFirstFileExA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
SetConsoleCtrlHandler
ExitProcess
GetCommandLineA
CreateThread
ExitThread
CreateFileW
SetFilePointer
DecodePointer
EncodePointer
InterlockedIncrement
HeapFree
HeapAlloc
HeapDestroy
HeapCreate
DeleteCriticalSection
ReadConsoleW
InitializeCriticalSectionAndSpinCount
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException

user32

wsprintfA
DispatchMessageA
GetProcessWindowStation
MessageBoxW
TranslateMessage
GetUserObjectInformationW
MsgWaitForMultipleObjectsEx
PeekMessageA

advapi32

CryptSignHashW
ReportEventW
RegisterEventSourceW
CryptEnumProvidersW
CryptReleaseContext
CryptDestroyKey
CryptGetProvParam
CryptGenRandom
CryptDecrypt
CryptCreateHash
CryptSetHashParam
DeregisterEventSource
CryptDestroyHash
CryptExportKey
CryptGetUserKey
CryptAcquireContextW

shlwapi

PathIsDirectoryA
PathFileExistsA

winmm

timeGetTime

ws2_32

WSASetLastError
connect
WSAGetOverlappedResult
bind
socket
WSARecvFrom
WSASendTo
WSARecv
WSASend
closesocket
shutdown
ioctlsocket
setsockopt
WSACreateEvent
ntohl
getpeername
getsockname
freeaddrinfo
getaddrinfo
inet_addr
WSAIoctl
htons
WSAGetLastError
ntohs
getsockopt
WSACleanup
WSAStartup
WSAWaitForMultipleEvents
WSAEventSelect
WSAEnumNetworkEvents
WSAResetEvent
recv
send
WSACloseEvent
listen
recvfrom
sendto
htonl

crypt32

CertGetCertificateContextProperty
CertOpenStore
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
CertFreeCertificateContext
CertDuplicateCertificateContext

Exports

Exports

Create_HP_HttpAgent
Create_HP_HttpAgentListener
Create_HP_HttpClient
Create_HP_HttpClientListener
Create_HP_HttpServer
Create_HP_HttpServerListener
Create_HP_HttpSyncClient
Create_HP_HttpsAgent
Create_HP_HttpsClient
Create_HP_HttpsServer
Create_HP_HttpsSyncClient
Create_HP_SSLAgent
Create_HP_SSLClient
Create_HP_SSLPackAgent
Create_HP_SSLPackClient
Create_HP_SSLPackServer
Create_HP_SSLPullAgent
Create_HP_SSLPullClient
Create_HP_SSLPullServer
Create_HP_SSLServer
Create_HP_TcpAgent
Create_HP_TcpAgentListener
Create_HP_TcpClient
Create_HP_TcpClientListener
Create_HP_TcpPackAgent
Create_HP_TcpPackAgentListener
Create_HP_TcpPackClient
Create_HP_TcpPackClientListener
Create_HP_TcpPackServer
Create_HP_TcpPackServerListener
Create_HP_TcpPullAgent
Create_HP_TcpPullAgentListener
Create_HP_TcpPullClient
Create_HP_TcpPullClientListener
Create_HP_TcpPullServer
Create_HP_TcpPullServerListener
Create_HP_TcpServer
Create_HP_TcpServerListener
Create_HP_UdpCast
Create_HP_UdpCastListener
Create_HP_UdpClient
Create_HP_UdpClientListener
Create_HP_UdpServer
Create_HP_UdpServerListener
Destroy_HP_HttpAgent
Destroy_HP_HttpAgentListener
Destroy_HP_HttpClient
Destroy_HP_HttpClientListener
Destroy_HP_HttpServer
Destroy_HP_HttpServerListener
Destroy_HP_HttpSyncClient
Destroy_HP_HttpsAgent
Destroy_HP_HttpsClient
Destroy_HP_HttpsServer
Destroy_HP_HttpsSyncClient
Destroy_HP_SSLAgent
Destroy_HP_SSLClient
Destroy_HP_SSLPackAgent
Destroy_HP_SSLPackClient
Destroy_HP_SSLPackServer
Destroy_HP_SSLPullAgent
Destroy_HP_SSLPullClient
Destroy_HP_SSLPullServer
Destroy_HP_SSLServer
Destroy_HP_TcpAgent
Destroy_HP_TcpAgentListener
Destroy_HP_TcpClient
Destroy_HP_TcpClientListener
Destroy_HP_TcpPackAgent
Destroy_HP_TcpPackAgentListener
Destroy_HP_TcpPackClient
Destroy_HP_TcpPackClientListener
Destroy_HP_TcpPackServer
Destroy_HP_TcpPackServerListener
Destroy_HP_TcpPullAgent
Destroy_HP_TcpPullAgentListener
Destroy_HP_TcpPullClient
Destroy_HP_TcpPullClientListener
Destroy_HP_TcpPullServer
Destroy_HP_TcpPullServerListener
Destroy_HP_TcpServer
Destroy_HP_TcpServerListener
Destroy_HP_UdpCast
Destroy_HP_UdpCastListener
Destroy_HP_UdpClient
Destroy_HP_UdpClientListener
Destroy_HP_UdpServer
Destroy_HP_UdpServerListener
HP_Agent_Connect
HP_Agent_Disconnect
HP_Agent_DisconnectLongConnections
HP_Agent_DisconnectSilenceConnections
HP_Agent_GetAllConnectionIDs
HP_Agent_GetConnectPeriod
HP_Agent_GetConnectionCount
HP_Agent_GetConnectionExtra
HP_Agent_GetFreeBufferObjHold
HP_Agent_GetFreeBufferObjPool
HP_Agent_GetFreeSocketObjHold
HP_Agent_GetFreeSocketObjLockTime
HP_Agent_GetFreeSocketObjPool
HP_Agent_GetLastError
HP_Agent_GetLastErrorDesc
HP_Agent_GetLocalAddress
HP_Agent_GetMaxConnectionCount
HP_Agent_GetPendingDataLength
HP_Agent_GetRemoteAddress
HP_Agent_GetRemoteHost
HP_Agent_GetSendPolicy
HP_Agent_GetSilencePeriod
HP_Agent_GetState
HP_Agent_GetWorkerThreadCount
HP_Agent_HasStarted
HP_Agent_IsMarkSilence
HP_Agent_IsSecure
HP_Agent_Send
HP_Agent_SendPackets
HP_Agent_SendPart
HP_Agent_SetConnectionExtra
HP_Agent_SetFreeBufferObjHold
HP_Agent_SetFreeBufferObjPool
HP_Agent_SetFreeSocketObjHold
HP_Agent_SetFreeSocketObjLockTime
HP_Agent_SetFreeSocketObjPool
HP_Agent_SetMarkSilence
HP_Agent_SetMaxConnectionCount
HP_Agent_SetSendPolicy
HP_Agent_SetWorkerThreadCount
HP_Agent_Start
HP_Agent_Stop
HP_Client_GetConnectionID
HP_Client_GetExtra
HP_Client_GetFreeBufferPoolHold
HP_Client_GetFreeBufferPoolSize
HP_Client_GetLastError
HP_Client_GetLastErrorDesc
HP_Client_GetLocalAddress
HP_Client_GetPendingDataLength
HP_Client_GetRemoteHost
HP_Client_GetState
HP_Client_HasStarted
HP_Client_IsSecure
HP_Client_Send
HP_Client_SendPackets
HP_Client_SendPart
HP_Client_SetExtra
HP_Client_SetFreeBufferPoolHold
HP_Client_SetFreeBufferPoolSize
HP_Client_Start
HP_Client_StartWithBindAddress
HP_Client_Stop
HP_GetHPSocketVersion
HP_GetSocketErrorDesc
HP_HttpAgent_GetAllCookies
HP_HttpAgent_GetAllHeaderNames
HP_HttpAgent_GetAllHeaders
HP_HttpAgent_GetContentEncoding
HP_HttpAgent_GetContentLength
HP_HttpAgent_GetContentType
HP_HttpAgent_GetCookie
HP_HttpAgent_GetHeader
HP_HttpAgent_GetHeaders
HP_HttpAgent_GetLocalVersion
HP_HttpAgent_GetParseErrorCode
HP_HttpAgent_GetStatusCode
HP_HttpAgent_GetTransferEncoding
HP_HttpAgent_GetUpgradeType
HP_HttpAgent_GetVersion
HP_HttpAgent_GetWSMessageState
HP_HttpAgent_IsKeepAlive
HP_HttpAgent_IsUpgrade
HP_HttpAgent_IsUseCookie
HP_HttpAgent_SendConnect
HP_HttpAgent_SendDelete
HP_HttpAgent_SendGet
HP_HttpAgent_SendHead
HP_HttpAgent_SendLocalFile
HP_HttpAgent_SendOptions
HP_HttpAgent_SendPatch
HP_HttpAgent_SendPost
HP_HttpAgent_SendPut
HP_HttpAgent_SendRequest
HP_HttpAgent_SendTrace
HP_HttpAgent_SendWSMessage
HP_HttpAgent_SetLocalVersion
HP_HttpAgent_SetUseCookie
HP_HttpClient_GetAllCookies
HP_HttpClient_GetAllHeaderNames
HP_HttpClient_GetAllHeaders
HP_HttpClient_GetContentEncoding
HP_HttpClient_GetContentLength
HP_HttpClient_GetContentType
HP_HttpClient_GetCookie
HP_HttpClient_GetHeader
HP_HttpClient_GetHeaders
HP_HttpClient_GetLocalVersion
HP_HttpClient_GetParseErrorCode
HP_HttpClient_GetStatusCode
HP_HttpClient_GetTransferEncoding
HP_HttpClient_GetUpgradeType
HP_HttpClient_GetVersion
HP_HttpClient_GetWSMessageState
HP_HttpClient_IsKeepAlive
HP_HttpClient_IsUpgrade
HP_HttpClient_IsUseCookie
HP_HttpClient_SendConnect
HP_HttpClient_SendDelete
HP_HttpClient_SendGet
HP_HttpClient_SendHead
HP_HttpClient_SendLocalFile
HP_HttpClient_SendOptions
HP_HttpClient_SendPatch
HP_HttpClient_SendPost
HP_HttpClient_SendPut
HP_HttpClient_SendRequest
HP_HttpClient_SendTrace
HP_HttpClient_SendWSMessage
HP_HttpClient_SetLocalVersion
HP_HttpClient_SetUseCookie
HP_HttpCookie_HLP_CurrentUTCTime
HP_HttpCookie_HLP_ExpiresToMaxAge
HP_HttpCookie_HLP_MakeExpiresStr
HP_HttpCookie_HLP_MaxAgeToExpires
HP_HttpCookie_HLP_ParseExpires
HP_HttpCookie_HLP_ToString
HP_HttpCookie_MGR_ClearCookies
HP_HttpCookie_MGR_DeleteCookie
HP_HttpCookie_MGR_IsEnableThirdPartyCookie
HP_HttpCookie_MGR_LoadFromFile
HP_HttpCookie_MGR_RemoveExpiredCookies
HP_HttpCookie_MGR_SaveToFile
HP_HttpCookie_MGR_SetCookie
HP_HttpCookie_MGR_SetEnableThirdPartyCookie
HP_HttpServer_GetAllCookies
HP_HttpServer_GetAllHeaderNames
HP_HttpServer_GetAllHeaders
HP_HttpServer_GetContentEncoding
HP_HttpServer_GetContentLength
HP_HttpServer_GetContentType
HP_HttpServer_GetCookie
HP_HttpServer_GetHeader
HP_HttpServer_GetHeaders
HP_HttpServer_GetHost
HP_HttpServer_GetLocalVersion
HP_HttpServer_GetMethod
HP_HttpServer_GetParseErrorCode
HP_HttpServer_GetReleaseDelay
HP_HttpServer_GetTransferEncoding
HP_HttpServer_GetUpgradeType
HP_HttpServer_GetUrlField
HP_HttpServer_GetUrlFieldSet
HP_HttpServer_GetVersion
HP_HttpServer_GetWSMessageState
HP_HttpServer_IsKeepAlive
HP_HttpServer_IsUpgrade
HP_HttpServer_Release
HP_HttpServer_SendLocalFile
HP_HttpServer_SendResponse
HP_HttpServer_SendWSMessage
HP_HttpServer_SetLocalVersion
HP_HttpServer_SetReleaseDelay
HP_HttpSyncClient_CleanupRequestResult
HP_HttpSyncClient_GetConnectTimeout
HP_HttpSyncClient_GetRequestTimeout
HP_HttpSyncClient_GetResponseBody
HP_HttpSyncClient_OpenUrl
HP_HttpSyncClient_SetConnectTimeout
HP_HttpSyncClient_SetRequestTimeout
HP_SSL_AddServerContext
HP_SSL_Cleanup
HP_SSL_Initialize
HP_SSL_IsValid
HP_SSL_RemoveThreadLocalState
HP_Server_Disconnect
HP_Server_DisconnectLongConnections
HP_Server_DisconnectSilenceConnections
HP_Server_GetAllConnectionIDs
HP_Server_GetConnectPeriod
HP_Server_GetConnectionCount
HP_Server_GetConnectionExtra
HP_Server_GetFreeBufferObjHold
HP_Server_GetFreeBufferObjPool
HP_Server_GetFreeSocketObjHold
HP_Server_GetFreeSocketObjLockTime
HP_Server_GetFreeSocketObjPool
HP_Server_GetLastError
HP_Server_GetLastErrorDesc
HP_Server_GetListenAddress
HP_Server_GetLocalAddress
HP_Server_GetMaxConnectionCount
HP_Server_GetPendingDataLength
HP_Server_GetRemoteAddress
HP_Server_GetSendPolicy
HP_Server_GetSilencePeriod
HP_Server_GetState
HP_Server_GetWorkerThreadCount
HP_Server_HasStarted
HP_Server_IsMarkSilence
HP_Server_IsSecure
HP_Server_Send
HP_Server_SendPackets
HP_Server_SendPart
HP_Server_SetConnectionExtra
HP_Server_SetFreeBufferObjHold
HP_Server_SetFreeBufferObjPool
HP_Server_SetFreeSocketObjHold
HP_Server_SetFreeSocketObjLockTime
HP_Server_SetFreeSocketObjPool
HP_Server_SetMarkSilence
HP_Server_SetMaxConnectionCount
HP_Server_SetSendPolicy
HP_Server_SetWorkerThreadCount
HP_Server_Start
HP_Server_Stop
HP_Set_FN_Agent_OnClose
HP_Set_FN_Agent_OnConnect
HP_Set_FN_Agent_OnHandShake
HP_Set_FN_Agent_OnPrepareConnect
HP_Set_FN_Agent_OnPullReceive
HP_Set_FN_Agent_OnReceive
HP_Set_FN_Agent_OnSend
HP_Set_FN_Agent_OnShutdown
HP_Set_FN_Client_OnClose
HP_Set_FN_Client_OnConnect
HP_Set_FN_Client_OnHandShake
HP_Set_FN_Client_OnPrepareConnect
HP_Set_FN_Client_OnPullReceive
HP_Set_FN_Client_OnReceive
HP_Set_FN_Client_OnSend
HP_Set_FN_HttpAgent_OnBody
HP_Set_FN_HttpAgent_OnChunkComplete
HP_Set_FN_HttpAgent_OnChunkHeader
HP_Set_FN_HttpAgent_OnClose
HP_Set_FN_HttpAgent_OnConnect
HP_Set_FN_HttpAgent_OnHandShake
HP_Set_FN_HttpAgent_OnHeader
HP_Set_FN_HttpAgent_OnHeadersComplete
HP_Set_FN_HttpAgent_OnMessageBegin
HP_Set_FN_HttpAgent_OnMessageComplete
HP_Set_FN_HttpAgent_OnParseError
HP_Set_FN_HttpAgent_OnPrepareConnect
HP_Set_FN_HttpAgent_OnReceive
HP_Set_FN_HttpAgent_OnSend
HP_Set_FN_HttpAgent_OnShutdown
HP_Set_FN_HttpAgent_OnStatusLine
HP_Set_FN_HttpAgent_OnUpgrade
HP_Set_FN_HttpAgent_OnWSMessageBody
HP_Set_FN_HttpAgent_OnWSMessageComplete
HP_Set_FN_HttpAgent_OnWSMessageHeader
HP_Set_FN_HttpClient_OnBody
HP_Set_FN_HttpClient_OnChunkComplete
HP_Set_FN_HttpClient_OnChunkHeader
HP_Set_FN_HttpClient_OnClose
HP_Set_FN_HttpClient_OnConnect
HP_Set_FN_HttpClient_OnHandShake
HP_Set_FN_HttpClient_OnHeader
HP_Set_FN_HttpClient_OnHeadersComplete
HP_Set_FN_HttpClient_OnMessageBegin
HP_Set_FN_HttpClient_OnMessageComplete
HP_Set_FN_HttpClient_OnParseError
HP_Set_FN_HttpClient_OnPrepareConnect
HP_Set_FN_HttpClient_OnReceive
HP_Set_FN_HttpClient_OnSend
HP_Set_FN_HttpClient_OnStatusLine
HP_Set_FN_HttpClient_OnUpgrade
HP_Set_FN_HttpClient_OnWSMessageBody
HP_Set_FN_HttpClient_OnWSMessageComplete
HP_Set_FN_HttpClient_OnWSMessageHeader
HP_Set_FN_HttpServer_OnAccept
HP_Set_FN_HttpServer_OnBody
HP_Set_FN_HttpServer_OnChunkComplete
HP_Set_FN_HttpServer_OnChunkHeader
HP_Set_FN_HttpServer_OnClose
HP_Set_FN_HttpServer_OnHandShake
HP_Set_FN_HttpServer_OnHeader
HP_Set_FN_HttpServer_OnHeadersComplete
HP_Set_FN_HttpServer_OnMessageBegin
HP_Set_FN_HttpServer_OnMessageComplete
HP_Set_FN_HttpServer_OnParseError
HP_Set_FN_HttpServer_OnPrepareListen
HP_Set_FN_HttpServer_OnReceive
HP_Set_FN_HttpServer_OnRequestLine
HP_Set_FN_HttpServer_OnSend
HP_Set_FN_HttpServer_OnShutdown
HP_Set_FN_HttpServer_OnUpgrade
HP_Set_FN_HttpServer_OnWSMessageBody
HP_Set_FN_HttpServer_OnWSMessageComplete
HP_Set_FN_HttpServer_OnWSMessageHeader
HP_Set_FN_Server_OnAccept
HP_Set_FN_Server_OnClose
HP_Set_FN_Server_OnHandShake
HP_Set_FN_Server_OnPrepareListen
HP_Set_FN_Server_OnPullReceive
HP_Set_FN_Server_OnReceive
HP_Set_FN_Server_OnSend
HP_Set_FN_Server_OnShutdown
HP_TcpAgent_GetKeepAliveInterval
HP_TcpAgent_GetKeepAliveTime
HP_TcpAgent_GetSocketBufferSize
HP_TcpAgent_IsReuseAddress
HP_TcpAgent_SendSmallFile
HP_TcpAgent_SetKeepAliveInterval
HP_TcpAgent_SetKeepAliveTime
HP_TcpAgent_SetReuseAddress
HP_TcpAgent_SetSocketBufferSize
HP_TcpClient_GetKeepAliveInterval
HP_TcpClient_GetKeepAliveTime
HP_TcpClient_GetSocketBufferSize
HP_TcpClient_SendSmallFile
HP_TcpClient_SetKeepAliveInterval
HP_TcpClient_SetKeepAliveTime
HP_TcpClient_SetSocketBufferSize
HP_TcpPackAgent_GetMaxPackSize
HP_TcpPackAgent_GetPackHeaderFlag
HP_TcpPackAgent_SetMaxPackSize
HP_TcpPackAgent_SetPackHeaderFlag
HP_TcpPackClient_GetMaxPackSize
HP_TcpPackClient_GetPackHeaderFlag
HP_TcpPackClient_SetMaxPackSize
HP_TcpPackClient_SetPackHeaderFlag
HP_TcpPackServer_GetMaxPackSize
HP_TcpPackServer_GetPackHeaderFlag
HP_TcpPackServer_SetMaxPackSize
HP_TcpPackServer_SetPackHeaderFlag
HP_TcpPullAgent_Fetch
HP_TcpPullAgent_Peek
HP_TcpPullClient_Fetch
HP_TcpPullClient_Peek
HP_TcpPullServer_Fetch
HP_TcpPullServer_Peek
HP_TcpServer_GetAcceptSocketCount
HP_TcpServer_GetKeepAliveInterval
HP_TcpServer_GetKeepAliveTime
HP_TcpServer_GetSocketBufferSize
HP_TcpServer_GetSocketListenQueue
HP_TcpServer_SendSmallFile
HP_TcpServer_SetAcceptSocketCount
HP_TcpServer_SetKeepAliveInterval
HP_TcpServer_SetKeepAliveTime
HP_TcpServer_SetSocketBufferSize
HP_TcpServer_SetSocketListenQueue
HP_UdpCast_GetCastMode
HP_UdpCast_GetMaxDatagramSize
HP_UdpCast_GetMultiCastTtl
HP_UdpCast_GetRemoteAddress
HP_UdpCast_IsMultiCastLoop
HP_UdpCast_IsReuseAddress
HP_UdpCast_SetCastMode
HP_UdpCast_SetMaxDatagramSize
HP_UdpCast_SetMultiCastLoop
HP_UdpCast_SetMultiCastTtl
HP_UdpCast_SetReuseAddress
HP_UdpClient_GetDetectAttempts
HP_UdpClient_GetDetectInterval
HP_UdpClient_GetMaxDatagramSize
HP_UdpClient_SetDetectAttempts
HP_UdpClient_SetDetectInterval
HP_UdpClient_SetMaxDatagramSize
HP_UdpServer_GetDetectAttempts
HP_UdpServer_GetDetectInterval
HP_UdpServer_GetMaxDatagramSize
HP_UdpServer_GetPostReceiveCount
HP_UdpServer_SetDetectAttempts
HP_UdpServer_SetDetectInterval
HP_UdpServer_SetMaxDatagramSize
HP_UdpServer_SetPostReceiveCount
SYS_Base64Decode
SYS_Base64Encode
SYS_CodePageToUnicode
SYS_Compress
SYS_CompressEx
SYS_GZipCompress
SYS_GZipGuessUncompressBound
SYS_GZipUncompress
SYS_GbkToUnicode
SYS_GbkToUtf8
SYS_GetIPAddress
SYS_GetIPv4InAddr
SYS_GetLastError
SYS_GetOptimalIPByHostName
SYS_GetSocketLocalAddress
SYS_GetSocketOption
SYS_GetSocketRemoteAddress
SYS_GuessBase64DecodeBound
SYS_GuessBase64EncodeBound
SYS_GuessCompressBound
SYS_GuessUrlDecodeBound
SYS_GuessUrlEncodeBound
SYS_HToN64
SYS_IoctlSocket
SYS_IsIPAddress
SYS_NToH64
SYS_SSO_DontLinger
SYS_SSO_Linger
SYS_SSO_NoDelay
SYS_SSO_RecvBuffSize
SYS_SSO_ReuseAddress
SYS_SSO_SendBuffSize
SYS_SetSocketOption
SYS_Uncompress

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 426KB - Virtual size: 426KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
彩名堂客户端/expression/1.gif
.gif
彩名堂客户端/expression/10.gif
.gif
彩名堂客户端/expression/11.gif
.gif
彩名堂客户端/expression/12.gif
.gif
彩名堂客户端/expression/13.gif
.gif
彩名堂客户端/expression/14.gif
.gif
彩名堂客户端/expression/15.gif
.gif
彩名堂客户端/expression/16.gif
.gif
彩名堂客户端/expression/17.gif
.gif
彩名堂客户端/expression/18.gif
.gif
彩名堂客户端/expression/19.gif
.gif
彩名堂客户端/expression/2.gif
.gif
彩名堂客户端/expression/20.gif
.gif
彩名堂客户端/expression/3.gif
.gif
彩名堂客户端/expression/4.gif
.gif
彩名堂客户端/expression/5.gif
.gif
彩名堂客户端/expression/6.gif
.gif
彩名堂客户端/expression/7.gif
.gif
彩名堂客户端/expression/8.gif
.gif
彩名堂客户端/expression/9.gif
.gif
彩名堂客户端/fa/framewoke.html
.js
彩名堂客户端/fa/framewokeInit.html
彩名堂客户端/fa/framewokeInit2 - 使用命令.html
彩名堂客户端/fa/framewokeInit2 - 使用组建.html
.js
彩名堂客户端/fa/framewokeInit2.html
.js
彩名堂客户端/fa/framewokeInit3.html
彩名堂客户端/g1.png
.png
彩名堂客户端/h/1.png
彩名堂客户端/h/10.png
彩名堂客户端/h/11.png
彩名堂客户端/h/12.png
彩名堂客户端/h/13.png
彩名堂客户端/h/14.png
彩名堂客户端/h/15.png
彩名堂客户端/h/16.png
彩名堂客户端/h/17.png
彩名堂客户端/h/18.png
彩名堂客户端/h/19.png
彩名堂客户端/h/2.png
彩名堂客户端/h/20.png
彩名堂客户端/h/21.png
彩名堂客户端/h/22.png
彩名堂客户端/h/23.png
彩名堂客户端/h/24.png
彩名堂客户端/h/25.png
彩名堂客户端/h/3.png
彩名堂客户端/h/4.png
彩名堂客户端/h/5.png
彩名堂客户端/h/6.png
彩名堂客户端/h/7.png
彩名堂客户端/h/8.png
彩名堂客户端/h/9.png
彩名堂客户端/i/0.png
彩名堂客户端/i/1.png
彩名堂客户端/i/10.png
彩名堂客户端/i/11.png
彩名堂客户端/i/12.png
彩名堂客户端/i/13.png
彩名堂客户端/i/14.png
彩名堂客户端/i/15.png
彩名堂客户端/i/16.png
彩名堂客户端/i/17.png
彩名堂客户端/i/18.png
彩名堂客户端/i/19.png
彩名堂客户端/i/2.png
彩名堂客户端/i/20.png
彩名堂客户端/i/21.png
彩名堂客户端/i/22.png
彩名堂客户端/i/23.png
彩名堂客户端/i/24.png
彩名堂客户端/i/25.png
彩名堂客户端/i/26.png
彩名堂客户端/i/27.png
彩名堂客户端/i/28.png
彩名堂客户端/i/29.png
彩名堂客户端/i/3.png
彩名堂客户端/i/30.png
彩名堂客户端/i/31.png
彩名堂客户端/i/32.png
彩名堂客户端/i/33.png
彩名堂客户端/i/34.png
彩名堂客户端/i/35.png
彩名堂客户端/i/36.png
彩名堂客户端/i/37.png
彩名堂客户端/i/38.png
彩名堂客户端/i/39.png
彩名堂客户端/i/4.png
彩名堂客户端/i/40.png
彩名堂客户端/i/41.png
彩名堂客户端/i/42.png
彩名堂客户端/i/43.png
彩名堂客户端/i/44.png
彩名堂客户端/i/45.png
彩名堂客户端/i/46.png
彩名堂客户端/i/47.png
彩名堂客户端/i/48.png
彩名堂客户端/i/49.png
彩名堂客户端/i/5.png
彩名堂客户端/i/50.png
彩名堂客户端/i/51.png
彩名堂客户端/i/52.png
彩名堂客户端/i/53.png
彩名堂客户端/i/54.png
彩名堂客户端/i/55.png
彩名堂客户端/i/56.png
彩名堂客户端/i/57.png
彩名堂客户端/i/58.png
彩名堂客户端/i/59.png
彩名堂客户端/i/6.png
彩名堂客户端/i/60.png
彩名堂客户端/i/61.png
彩名堂客户端/i/62.png
彩名堂客户端/i/63.png
彩名堂客户端/i/64.png
彩名堂客户端/i/65.png
彩名堂客户端/i/66.png
彩名堂客户端/i/67.png
彩名堂客户端/i/68.png
彩名堂客户端/i/69.png
彩名堂客户端/i/7.png
彩名堂客户端/i/70.png
彩名堂客户端/i/71.png
彩名堂客户端/i/72.png
彩名堂客户端/i/73.png
彩名堂客户端/i/74.png
彩名堂客户端/i/75.png
彩名堂客户端/i/76.png
彩名堂客户端/i/77.png
彩名堂客户端/i/8.png
彩名堂客户端/i/9.png
彩名堂客户端/i/Layout.png
彩名堂客户端/i/a1.png
彩名堂客户端/i/a2.png
彩名堂客户端/i/a3.png
彩名堂客户端/i/a4.png
彩名堂客户端/i/border.png
.png
彩名堂客户端/i/border_1.png
.png
彩名堂客户端/i/border_2.png
.png
彩名堂客户端/i/border_3.png
.png
彩名堂客户端/i/q1.png
.png
彩名堂客户端/i/q2.png
.png
彩名堂客户端/i/q3.png
.png
彩名堂客户端/i/q4.png
.png
彩名堂客户端/i/q5.png
.png
彩名堂客户端/i/q6.png
.png
彩名堂客户端/i/release.png
.png
彩名堂客户端/i/release0.png
.png
彩名堂客户端/i/v0.png
彩名堂客户端/i/v1.png
彩名堂客户端/i/v2.png
彩名堂客户端/i/v3.png
彩名堂客户端/i/v4.png
彩名堂客户端/i/v5.png
彩名堂客户端/i/v6.png
彩名堂客户端/lh.ini
彩名堂客户端/lib.dll
.dll windows:5 windows x86 arch:x86

b070f394134929dd5353cb9140a1caaf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
SetFilePointer
WriteFile
ReadFile
CreateFileW
GetLastError
CloseHandle
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetCurrentThreadId
DecodePointer
GetCommandLineA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
HeapCreate
HeapDestroy
GetProcAddress
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameW
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
MultiByteToWideChar
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryW
HeapReAlloc
SetStdHandle
FlushFileBuffers
IsProcessorFeaturePresent
WriteConsoleW
LCMapStringW
GetStringTypeW
HeapSize
SetEndOfFile
GetProcessHeap

Exports

Exports

adler32
adler32_combine
compress
compress2
compressBound
crc32
crc32_combine
deflate
deflateBound
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflatePrime
deflateReset
deflateSetDictionary
deflateSetHeader
deflateTune
fill_win32_filefunc
fill_win32_filefunc64
fill_win32_filefunc64A
fill_win32_filefunc64W
get_crc_table
gzbuffer
gzclearerr
gzclose
gzclose_r
gzclose_w
gzdirect
gzdopen
gzeof
gzerror
gzflush
gzgetc
gzgets
gzoffset
gzopen
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzsetparams
gztell
gzungetc
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCopy
inflateEnd
inflateGetHeader
inflateInit2_
inflateInit_
inflateMark
inflatePrime
inflateReset
inflateReset2
inflateSetDictionary
inflateSync
inflateSyncPoint
inflateUndermine
uncompress
unzClose
unzCloseCurrentFile
unzGetCurrentFileInfo
unzGetCurrentFileInfo64
unzGetCurrentFileZStreamPos64
unzGetFilePos
unzGetFilePos64
unzGetGlobalComment
unzGetGlobalInfo
unzGetGlobalInfo64
unzGetLocalExtrafield
unzGoToFilePos
unzGoToFilePos64
unzGoToFirstFile
unzGoToNextFile
unzLocateFile
unzOpen
unzOpen2
unzOpen2_64
unzOpen64
unzOpenCurrentFile
unzOpenCurrentFile2
unzOpenCurrentFile3
unzOpenCurrentFilePassword
unzReadCurrentFile
unzStringFileNameCompare
unzeof
unztell
unztell64
zError
zipClose
zipCloseFileInZip
zipCloseFileInZipRaw
zipCloseFileInZipRaw64
zipOpen
zipOpen2
zipOpen2_64
zipOpen64
zipOpenNewFileInZip
zipOpenNewFileInZip2
zipOpenNewFileInZip2_64
zipOpenNewFileInZip3
zipOpenNewFileInZip3_64
zipOpenNewFileInZip4_64
zipOpenNewFileInZip64
zipWriteInFileInZip
zlibCompileFlags
zlibVersion

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
彩名堂客户端/log.txt
彩名堂客户端/music/1.wav
彩名堂客户端/music/2.wav
彩名堂客户端/sett.ini
彩名堂客户端/skin/1_1.png
彩名堂客户端/skin/1_2.png
彩名堂客户端/skin/1_3.png
彩名堂客户端/skin/1_4.png
彩名堂客户端/skin/1_b.png
彩名堂客户端/skin/1_g1.png
彩名堂客户端/skin/1_g2.png
彩名堂客户端/skin/2_1.png
彩名堂客户端/skin/2_2.png
彩名堂客户端/skin/2_3.png
彩名堂客户端/skin/2_4.png
彩名堂客户端/skin/2_b.png
彩名堂客户端/skin/2_g1.png
彩名堂客户端/skin/2_g2.png
彩名堂客户端/skin/3_1.png
彩名堂客户端/skin/3_2.png
彩名堂客户端/skin/3_3.png
彩名堂客户端/skin/3_4.png
彩名堂客户端/skin/3_b.png
彩名堂客户端/skin/3_g1.png
彩名堂客户端/skin/3_g2.png
彩名堂客户端/skin/4_1.png
彩名堂客户端/skin/4_2.png
彩名堂客户端/skin/4_3.png
彩名堂客户端/skin/4_4.png
彩名堂客户端/skin/4_b.png
彩名堂客户端/skin/4_g1.png
彩名堂客户端/skin/4_g2.png
彩名堂客户端/skin/bott_1.mig
彩名堂客户端/skin/bott_2.mig
彩名堂客户端/skin/bott_3.mig
彩名堂客户端/skin/bott_4.mig
彩名堂客户端/skin/im1.png
彩名堂客户端/skin/im2.png
彩名堂客户端/skin/im3.png
彩名堂客户端/skin/im4.png
彩名堂客户端/skin/lottom_1.mig
彩名堂客户端/skin/lottom_2.mig
彩名堂客户端/skin/lottom_3.mig
彩名堂客户端/skin/lottom_4.mig
彩名堂客户端/skin/tool_1.mig
彩名堂客户端/skin/tool_2.mig
彩名堂客户端/skin/tool_3.mig
彩名堂客户端/skin/tool_4.mig
彩名堂客户端/tx.txt
彩名堂客户端/updat
彩名堂客户端/uscof.ini
彩名堂客户端/xz.ini
彩名堂客户端/彩名堂.exe
.exe windows:4 windows x86 arch:x86

231e5e874a35594663a24bcca797f2c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut
midiStreamProperty
midiStreamOpen
midiOutUnprepareHeader
waveOutOpen
waveOutGetNumDevs
waveOutClose
waveOutReset
waveOutPause
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
midiStreamRestart
midiStreamClose
midiOutReset
midiStreamStop
PlaySoundA
midiOutPrepareHeader

ws2_32

WSACleanup
WSAStartup
select
inet_ntoa
recv
getpeername
accept
send
closesocket
WSAAsyncSelect
recvfrom
ioctlsocket

msvfw32

DrawDibDraw

avifil32

AVIStreamInfoA
AVIStreamGetFrame

rasapi32

RasGetConnectStatusA
RasHangUpA

kernel32

FileTimeToSystemTime
FlushFileBuffers
UnlockFile
LockFile
LockFileEx
GetSystemTime
GetSystemTimeAsFileTime
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
LocalFree
FormatMessageA
FileTimeToLocalFileTime
lstrcpynA
DuplicateHandle
GetThreadLocale
lstrcmpiA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
lstrcmpA
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
TlsSetValue
LocalReAlloc
TlsGetValue
GetFileTime
GetCurrentThread
GlobalFlags
GetProfileIntA
SetErrorMode
GetProcessVersion
GetCPInfo
GetOEMCP
GetStartupInfoA
RtlUnwind
GetLocalTime
RaiseException
HeapSize
GetACP
SetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
SetEnvironmentVariableA
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
IsBadReadPtr
IsBadCodePtr
UnmapViewOfFile
GetVersion
GetTimeZoneInformation
SetLastError
MultiByteToWideChar
OpenProcess
TerminateProcess
GetCurrentProcess
GetFileSize
SetFilePointer
CreateToolhelp32Snapshot
Process32First
Process32Next
TerminateThread
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
WaitForMultipleObjects
CreateFileA
SetEvent
FindResourceA
LoadResource
LockResource
ReadFile
lstrlenW
GetModuleFileNameA
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
lstrlenA
WinExec
lstrcpyA
FindNextFileA
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetUserDefaultLCID
GetFullPathNameA
FreeLibrary
LoadLibraryA
GetLastError
GetVersionExA
WritePrivateProfileStringA
GetPrivateProfileStringA
CreateThread
CreateEventA
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
GetTempPathA
FindFirstFileA
FindClose
GetFileAttributesA
DeleteFileA
CopyFileA
CreateDirectoryA
SetCurrentDirectoryA
GetVolumeInformationA
GetModuleHandleA
GetProcAddress
MulDiv
GetCommandLineA
GetTickCount
CreateProcessA
WaitForSingleObject
CloseHandle
InterlockedExchange
SetEndOfFile

user32

MapDialogRect
GetNextDlgGroupItem
PostThreadMessageA
LoadStringA
wvsprintfA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
IsDialogMessageA
ScrollWindowEx
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollPos
RegisterClassA
GetClassLongA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
RegisterWindowMessageA
GetWindowPlacement
EndDialog
CreateDialogIndirectParamA
DestroyWindow
EndPaint
BeginPaint
CharUpperA
GetWindowTextLengthA
GetDoubleClickTime
ClipCursor
UnregisterHotKey
RegisterHotKey
CreateWindowExA
GetNextDlgTabItem
UnionRect
FindWindowExA
UnregisterClassA
FindWindowA
GetWindowThreadProcessId
GetClassNameA
GetDesktopWindow
GetWindowTextA
SetWindowTextA
GetMenuItemCount
GetMenuItemID
GetMenuStringA
GetMenuState
GetTabbedTextExtentA
DrawStateA
GrayStringA
TabbedTextOutA
WindowFromDC
EnumChildWindows
GetWindowDC
UnhookWindowsHookEx
CallNextHookEx
SetWindowsHookExA
FrameRect
GetPropA
MoveWindow
CallWindowProcA
SetPropA
DrawTextA
GetCursor
LoadIconA
TranslateMessage
DrawFrameControl
DrawEdge
DrawFocusRect
WindowFromPoint
SetWindowContextHelpId
DispatchMessageA
SetRectEmpty
RegisterClipboardFormatA
CreateIconFromResourceEx
CreateIconFromResource
DrawIconEx
CreatePopupMenu
AppendMenuA
ModifyMenuA
CreateMenu
CreateAcceleratorTableA
GetDlgCtrlID
GetSubMenu
EnableMenuItem
ClientToScreen
EnumDisplaySettingsA
LoadImageA
SystemParametersInfoA
ShowWindow
IsWindowEnabled
TranslateAcceleratorA
GetKeyState
CopyAcceleratorTableA
PostQuitMessage
IsZoomed
GetClassInfoA
DefWindowProcA
GetSystemMenu
DeleteMenu
GetMenu
SetMenu
PeekMessageA
IsIconic
SetFocus
GetActiveWindow
GetWindow
DestroyAcceleratorTable
SetWindowRgn
GetMessagePos
ScreenToClient
ChildWindowFromPointEx
CopyRect
LoadBitmapA
WinHelpA
SetTimer
ReleaseCapture
GetCapture
SetCapture
GetScrollRange
SetScrollRange
SetScrollPos
SetRect
InflateRect
IntersectRect
DestroyIcon
PtInRect
OffsetRect
IsWindowVisible
EnableWindow
RedrawWindow
GetWindowLongA
SetWindowLongA
GetSysColor
SetActiveWindow
SetCursorPos
LoadCursorA
SetCursor
GetDC
FillRect
InvertRect
IsRectEmpty
ScrollDC
ReleaseDC
IsChild
TrackPopupMenu
DestroyMenu
SetForegroundWindow
GetWindowRect
EqualRect
UpdateWindow
ValidateRect
InvalidateRect
GetClientRect
GetFocus
GetParent
GetTopWindow
PostMessageA
IsWindow
SetParent
DestroyCursor
SendMessageA
SetWindowPos
MessageBeep
MessageBoxA
GetCursorPos
GetSystemMetrics
IsClipboardFormatAvailable
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
wsprintfA
WaitForInputIdle
CharNextA
GetSysColorBrush
GetMessageA
KillTimer
GetDlgItem

gdi32

CreateDCA
CreateCompatibleBitmap
CreateBrushIndirect
CreateHatchBrush
CreateBitmap
CreatePatternBrush
SelectObject
CreatePen
GetPolyFillMode
PatBlt
CombineRgn
CreateRectRgn
GetStretchBltMode
FillRgn
GetROP2
GetBkColor
GetBkMode
GetTextColor
CreateRoundRectRgn
CreateEllipticRgn
PathToRegion
StretchDIBits
SetDIBitsToDevice
CreateFontA
TranslateCharsetInfo
CreateSolidBrush
GetTextMetricsA
AbortDoc
SetBrushOrgEx
SetPolyFillMode
SetROP2
SetMapMode
CreateFontIndirectA
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
ExcludeClipRect
MoveToEx
LineTo
ExtSelectClipRgn
GetViewportExtEx
GetMapMode
CopyMetaFileA
TextOutA
RectVisible
PtVisible
CreatePenIndirect
RestoreDC
SaveDC
SetWindowOrgEx
SetTextColor
SetBkMode
SetBkColor
CreateRectRgnIndirect
CreateDIBSection
SetPixel
ExtCreateRegion
SetStretchBltMode
GetClipRgn
CreatePolygonRgn
SelectClipRgn
DeleteObject
CreateDIBitmap
GetSystemPaletteEntries
CreatePalette
StretchBlt
SelectPalette
RealizePalette
GetDIBits
GetStockObject
GetObjectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
GetPixel
CreateCompatibleDC
SetPixelV
SetViewportOrgEx
Ellipse
Rectangle
LPtoDP
DPtoLP
GetCurrentObject
RoundRect
Pie
Chord
Arc
Polygon
GetTextExtentPoint32A
Escape
GetNearestPaletteIndex
GetDeviceCaps
GetWindowExtEx
GetViewportOrgEx
GetWindowOrgEx
BeginPath
EndPath
ExtTextOutA

msimg32

GradientFill

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

ChooseColorA
ChooseFontA
GetOpenFileNameA
GetSaveFileNameA
PrintDlgA
GetFileTitleA

advapi32

RegCreateKeyExA
RegQueryValueA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

Shell_NotifyIconA
ShellExecuteA
DragQueryFileA
DragAcceptFiles
DragFinish

ole32

CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoDisconnectObject
OleDuplicateData
RevokeDragDrop
CoLockObjectExternal
DoDragDrop
OleGetClipboard
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoTaskMemFree
ReleaseStgMedium
CLSIDFromProgID
OleInitialize
OleUninitialize
CLSIDFromString
CreateStreamOnHGlobal
CoTaskMemAlloc

oleaut32

SysAllocString
VariantInit
VariantCopyInd
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
VariantChangeType
VariantClear
VariantCopy
UnRegisterTypeLi
OleCreateFontIndirect
OleCreatePictureIndirect
LoadTypeLi
VariantTimeToSystemTime
SysStringLen
SysAllocStringLen
SafeArrayCreate
RegisterTypeLi
LHashValOfNameSys
SysFreeString
SafeArrayGetElemsize
SysAllocStringByteLen
VarDateFromStr

comctl32

ImageList_GetImageInfo
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Duplicate
ImageList_DrawIndirect
ImageList_Read
ImageList_GetImageCount
ImageList_LoadImageA
ord17
ImageList_EndDrag
ImageList_DragShowNolock
ImageList_DragMove
ImageList_SetBkColor
ImageList_Draw
_TrackMouseEvent
ImageList_AddMasked
ImageList_Add
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave

oledlg

ord8

wininet

InternetCloseHandle
InternetCanonicalizeUrlA
InternetCrackUrlA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
InternetConnectA
InternetOpenA
InternetSetOptionA

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 570KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb34dc2352df69649927a9bd0f907504

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shlwapi

winmm

ws2_32

crypt32

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 426KB - Virtual size: 426KB

.data Size: 44KB - Virtual size: 59KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 85KB - Virtual size: 84KB

b070f394134929dd5353cb9140a1caaf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 98KB - Virtual size: 97KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 1024B - Virtual size: 912B

.reloc Size: 4KB - Virtual size: 4KB

231e5e874a35594663a24bcca797f2c8

Headers

File Characteristics

Imports

winmm

ws2_32

msvfw32

avifil32

rasapi32

kernel32

user32

gdi32

msimg32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

oledlg

wininet

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 1.6MB - Virtual size: 1.6MB

.data Size: 132KB - Virtual size: 570KB

.rsrc Size: 136KB - Virtual size: 134KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 426KB - Virtual size: 426KB

.data
Size: 44KB - Virtual size: 59KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 85KB - Virtual size: 84KB

.text
Size: 98KB - Virtual size: 97KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 1024B - Virtual size: 912B

.reloc
Size: 4KB - Virtual size: 4KB

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 1.6MB - Virtual size: 1.6MB

.data
Size: 132KB - Virtual size: 570KB

.rsrc
Size: 136KB - Virtual size: 134KB