d755e3415b73114531fa387e2f62e3b4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d755e3415b73114531fa387e2f62e3b4_JaffaCakes118
Size

1.1MB
MD5

d755e3415b73114531fa387e2f62e3b4
SHA1

06b3aca9e06965e05643a1eeec060207eb7064dc
SHA256

9df989c768919bb11e86ebafa19f6e5948f969bf372e8cffa108c8f860a85aad
SHA512

a5b2799066d9e67d270f186b565a6246bac229c2f738afc3ff6f5390eb55b5bf6af93829e43fad5779a98f04e26cc4ca9e95683b31d8e19a3b591ce1894e0ec8
SSDEEP

24576:/rsqX3eUxqbbuD6ZFE7XNW/H7bWxBRUUFW3Y44444sNDntMG/POmyTvNFpKmw5zF://XUJwWihNCy5

Score

3^/10

Malware Config

Signatures

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
d755e3415b73114531fa387e2f62e3b4_JaffaCakes118
unpack001/$PLUGINSDIR/KillProcDLL.dll
unpack001/$PLUGINSDIR/StdUtils.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/VdSkin.dll
unpack001/$TEMP/vidownuninst/res/DuiLib.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

d755e3415b73114531fa387e2f62e3b4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dfb06052e74b26a42b0e490bd1c07959

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
MulDiv
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
RegisterClassA
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
EmptyClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
SetForegroundWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 369KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KillProcDLL.dll
.dll windows:4 windows x86 arch:x86

815c88741b87a0210c457b00b57bf9c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
CloseHandle
OpenProcess
FreeLibrary
LoadLibraryA
GetProcAddress
GetVersionExA
GlobalFree
lstrcpyA
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
RtlUnwind
GetCPInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP

Exports

Exports

KillProc

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/StdUtils.dll
.dll windows:5 windows x86 arch:x86

ea9b3ea5cd9e2014ad3724e31f62cf5e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

isspace
_msize
??2@YAPAXI@Z
iscntrl
isalpha
sscanf
abort
_beginthreadex
time
srand
rand
strncpy
isalnum
strchr
__getmainargs
_strnicmp
_stricmp
??3@YAXPAX@Z
calloc
free
_wcsicmp
_snprintf
memset
memcpy

shlwapi

ord176

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

GetVersion
InterlockedExchange
HeapValidate
InterlockedDecrement
InterlockedIncrement
GetSystemTime
OutputDebugStringA
DeleteCriticalSection
GetExitCodeProcess
InitializeCriticalSection
SystemTimeToFileTime
TerminateThread
WaitForSingleObject
GetModuleHandleA
GetProcAddress
GetCommandLineA
GetVersionExA
GetFileAttributesA
LoadLibraryW
GetModuleHandleW
FreeLibrary
CloseHandle
GetFileSizeEx
ReadFile
WriteFile
GlobalAlloc
lstrcpynA
GlobalFree
LeaveCriticalSection
EnterCriticalSection
GetTickCount
Sleep
VerSetConditionMask
GetVersionExW
VerifyVersionInfoW
GetLastError
LocalAlloc
LocalFree
CreateFileA
SetFilePointerEx
MultiByteToWideChar

user32

MessageBoxW
RegisterClassA
DispatchMessageA
UnregisterClassA
AllowSetForegroundWindow
SetTimer
DestroyWindow
wsprintfA
GetWindowThreadProcessId
LoadStringW
MessageBoxA
MsgWaitForMultipleObjects
KillTimer
PeekMessageA
CreateWindowExA

shell32

ShellExecuteExA
SHFileOperationA
ShellExecuteA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VariantClear
SysFreeString
VariantInit
SysAllocString

Exports

Exports

AppendToFile
DisableVerboseMode
Dummy
EnableVerboseMode
ExecShellAsUser
ExecShellWaitEx
FormatStr
FormatStr2
FormatStr3
GetAllParameters
GetDays
GetHours
GetLibVersion
GetMinutes
GetOsEdition
GetParameter
GetRealOsBuildNo
GetRealOsName
GetRealOsVersion
HashFile
HashText
InvokeShellVerb
ParameterCnt
ParameterStr
Rand
RandList
RandMax
RandMinMax
RevStr
SHFileCopy
SHFileMove
ScanStr
ScanStr2
ScanStr3
TestParameter
Time
TimerCreate
TimerDestroy
TrimStr
TrimStrLeft
TrimStrRight
ValidFileName
ValidPathSpec
VerifyRealOsBuildNo
VerifyRealOsVersion
WaitForProcEx

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/VdSkin.dll
.dll windows:5 windows x86 arch:x86

58f4dc7794d1a1c89373297d547be6dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc90

ord3412
ord3413
ord6810
ord6809
ord1137
ord899
ord945
ord5963
ord1252
ord1008
ord782
ord581
ord266
ord316
ord601
ord1087
ord801
ord322
ord4434
ord4409
ord6783
ord4159
ord6781
ord4733
ord2251
ord2206
ord6018
ord4165
ord1046
ord5533
ord6721
ord5813
ord4199
ord2087
ord3209
ord5657
ord5659
ord2447
ord4333
ord4981
ord5663
ord5646
ord6001
ord2766
ord2978
ord3107
ord4714
ord2961
ord3110
ord2769
ord2888
ord2759
ord4066
ord4067
ord4057
ord2886
ord4334
ord4890
ord4667
ord3659
ord4197
ord793
ord589
ord4029
ord1607
ord5997
ord4392
ord1603
ord817
ord310
ord2692
ord569
ord6302
ord798
ord512
ord2698
ord5835
ord320
ord1265
ord300
ord2539
ord820
ord605
ord1278
ord321
ord1243
ord1241
ord1268
ord1180
ord1233
ord2084
ord391
ord1152
ord1277
ord1275
ord1145
ord1075
ord800

msvcr90

memset
_invalid_parameter_noinfo
__clean_type_info_names_internal
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
__CxxFrameHandler3
free
sprintf
_beginthread
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABV01@@Z
??1exception@std@@UAE@XZ
_CxxThrowException
_mbsicmp
_purecall

kernel32

WideCharToMultiByte
LocalFree
GetDiskFreeSpaceExA
ExitProcess
Sleep
CreateDirectoryA
GetCommandLineW
lstrlenW
OutputDebugStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
LocalAlloc
lstrcpynA
lstrcpyA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetCurrentProcess
GlobalFree
GlobalAlloc
GetCurrentThreadId
GetLastError
FindClose
FindFirstFileA

user32

SetWindowPlacement
MoveWindow
IsIconic
GetWindowPlacement
GetSystemMetrics
BringWindowToTop
SetForegroundWindow
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
GetWindowLongA
FindWindowExA
SetWindowLongA
CallWindowProcA
PostMessageA
ShowWindow
GetDesktopWindow
SendMessageA
SetWindowPos
GetWindowRect
IsZoomed
wsprintfA

gdi32

SelectObject
GetTextExtentPointA

shell32

ShellExecuteA
CommandLineToArgvW
SHGetPathFromIDListA
SHBrowseForFolderA

shlwapi

PathFileExistsA
PathIsRootA
PathStripToRootA
PathIsDirectoryA

ole32

OleUninitialize
OleInitialize
ReleaseStgMedium

msvcp90

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

duilib

?VdMessageBox@DuiLib@@YAHPAUHWND__@@PBD1H111_N@Z
?MessageLoop@CPaintManagerUI@DuiLib@@SAXXZ
?GetPaintManager@WindowImplBase@DuiLib@@QAEAAVCPaintManagerUI@2@XZ
?CenterWindow@CWindowWnd@DuiLib@@QAEXPAUHWND__@@@Z
?Create@CWindowWnd@DuiLib@@QAEPAUHWND__@@PAU3@PBDKKHHHHPAUHMENU__@@@Z
?SetResourcePath@CPaintManagerUI@DuiLib@@SAXPBD@Z
?SetInstance@CPaintManagerUI@DuiLib@@SAXPAUHINSTANCE__@@@Z
?PostMessageA@CWindowWnd@DuiLib@@QAEJIIJ@Z
??MCDuiString@DuiLib@@QBE_NPBD@Z
?IsSelected@COptionUI@DuiLib@@QBE_NXZ
??BCDuiString@DuiLib@@QBEPBDXZ
?GetCurSel@CTabLayoutUI@DuiLib@@QBEHXZ
?Close@CWindowWnd@DuiLib@@QAEXI@Z
??8CDuiString@DuiLib@@QBE_NPBD@Z
?SelectItem@CTabLayoutUI@DuiLib@@QAE_NH_N@Z
?SetBkImage@CControlUI@DuiLib@@QAEXPBD@Z
?SetIcon@CWindowWnd@DuiLib@@QAEXI@Z
??0WindowImplBase@DuiLib@@QAE@XZ
??1WindowImplBase@DuiLib@@UAE@XZ
?GetSuperClassName@CWindowWnd@DuiLib@@MBEPBDXZ
?GetClassStyle@WindowImplBase@DuiLib@@UBEIXZ
?HandleMessage@WindowImplBase@DuiLib@@UAEJIIJ@Z
?OnFinalMessage@WindowImplBase@DuiLib@@UAEXPAUHWND__@@@Z
?InitWindow@WindowImplBase@DuiLib@@UAEXXZ
?OnClick@WindowImplBase@DuiLib@@MAEXAAUtagTNotifyUI@2@@Z
??0CDuiString@DuiLib@@QAE@PBDH@Z
??0CDuiString@DuiLib@@QAE@ABV01@@Z
?GetFont@CPaintManagerUI@DuiLib@@QAEPAUHFONT__@@H@Z
?GetZIPFileName@WindowImplBase@DuiLib@@UBE?AVCDuiString@2@XZ
?OnClose@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcActivate@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcCalcSize@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcPaint@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcHitTest@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnGetMinMaxInfo@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnMouseWheel@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnMouseHover@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@PBD@Z
?GetHWND@CWindowWnd@DuiLib@@QBEPAUHWND__@@XZ
?OnChar@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnSysCommand@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnCreate@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnKeyDown@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnKillFocus@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnSetFocus@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnLButtonDown@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnLButtonUp@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnMouseMove@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?HandleCustomMessage@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?GetStyle@WindowImplBase@DuiLib@@UAEJXZ
?IsInStaticControl@WindowImplBase@DuiLib@@UAEHPAVCControlUI@2@@Z
?GetMessageMap@WindowImplBase@DuiLib@@MBEPBUDUI_MSGMAP@2@XZ
?Notify@WindowImplBase@DuiLib@@UAEXAAUtagTNotifyUI@2@@Z
?MessageHandler@WindowImplBase@DuiLib@@UAEJIIJAA_N@Z
?CreateControl@WindowImplBase@DuiLib@@UAEPAVCControlUI@2@PBD@Z
??0CDuiString@DuiLib@@QAE@XZ
??1CDuiString@DuiLib@@QAE@XZ
??4CDuiString@DuiLib@@QAEABV01@PBD@Z
?GetFont@CLabelUI@DuiLib@@QBEHXZ
?GetPaintDC@CPaintManagerUI@DuiLib@@QBEPAUHDC__@@XZ
?SelectItem@CAnimationTabLayoutUI@DuiLib@@QAE_NH@Z
?SetValue@CProgressUI@DuiLib@@QAEXH@Z
?GetValue@CProgressUI@DuiLib@@QBEHXZ
?GetMaxValue@CProgressUI@DuiLib@@QBEHXZ
?ResponseDefaultKeyEvent@WindowImplBase@DuiLib@@MAEJI@Z

Exports

Exports

Checked
ExitSetup
FindControl
GetBindingInfo
GetInstallPath
InitCheckBox
InitUninstallSkinEngine
InitVDSkinEngine
InstallStart
IsLastPage
IsSelected
IsSetupMini
OnControlBindNSISScript
OnImmediatelyInstall
OpenLink
SelectFolderDialog
SelectPage
SetBindingHomepage
SetCheckBoxVisible
SetInstallPath
SetSpaceInfo
SetVersion
ShowSetupDlg
ShowUninstDlg
ShowVidownWnd
UnIsSelected
UninstallStart
VDSendMessage

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 713KB - Virtual size: 713KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/vidownuninst/res/DuiLib.dll
.dll windows:5 windows x86 arch:x86

b8c874f3bf5cbced3d42c7e3d16d1725

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
SetHandleCount
GetStringTypeW
GetStringTypeA
LCMapStringW
Sleep
VirtualAlloc
VirtualFree
HeapCreate
GetStdHandle
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
FindResourceExA
InterlockedDecrement
InterlockedIncrement
lstrlenA
GlobalAlloc
GlobalLock
GlobalUnlock
GetLocalTime
MulDiv
GetLastError
GetFileSize
MultiByteToWideChar
SetLastError
GetTickCount
GetModuleHandleA
LoadLibraryA
GetProcAddress
SetCurrentDirectoryA
GetModuleFileNameA
WriteFile
DisableThreadLibraryCalls
SetFileTime
GetCurrentDirectoryA
CreateDirectoryA
DosDateTimeToFileTime
SystemTimeToFileTime
ReadFile
CloseHandle
CreateFileA
GetCurrentProcess
DuplicateHandle
GetFileType
SetFilePointer
FindResourceA
LoadResource
FreeResource
SizeofResource
LockResource
ExitProcess
GetACP
WideCharToMultiByte
LCMapStringA

user32

CreateAcceleratorTableA
SetWindowTextA
GetCapture
GetWindowTextA
GetKeyNameTextA
MapVirtualKeyA
SetCaretPos
GetCursorPos
OffsetRect
InflateRect
UnionRect
MsgWaitForMultipleObjects
GetForegroundWindow
ClientToScreen
CreateCaret
HideCaret
ShowCaret
GetSysColor
CharLowerA
GetDesktopWindow
GetWindowTextLengthA
SetCursor
LoadCursorA
wvsprintfA
SetWindowLongA
GetWindowLongA
IsIconic
GetMonitorInfoA
MonitorFromWindow
IsZoomed
SetLayeredWindowAttributes
SetTimer
SetWindowPos
DrawTextA
KillTimer
SetWindowRgn
GetClientRect
ScreenToClient
GetWindowRect
MessageBoxA
PtInRect
IntersectRect
IsRectEmpty
CharNextA
GetKeyState
GetDC
PostMessageA
InvalidateRect
IsWindow
SetCapture
ReleaseCapture
ReleaseDC
DestroyWindow
SetFocus
GetFocus
UpdateLayeredWindow
EndPaint
BeginPaint
GetUpdateRect
CreateWindowExA
MapWindowPoints
MoveWindow
InvalidateRgn
GetClassInfoExA
RegisterClassExA
RegisterClassA
GetMenu
AdjustWindowRectEx
SetPropA
GetPropA
CallWindowProcA
GetSystemMetrics
ShowWindow
EnableWindow
PostQuitMessage
DefWindowProcA
wsprintfA
LoadImageA
SetRect
CharPrevA
FillRect
GetIconInfo
DrawIconEx
DestroyIcon
GetMessageA
TranslateMessage
DispatchMessageA
GetParent
GetWindow
SendMessageA
PeekMessageA

gdi32

SelectClipRgn
SetWindowOrgEx
CreateCompatibleDC
CreateDIBSection
SaveDC
RestoreDC
CreateCompatibleBitmap
BitBlt
DeleteDC
CreatePen
GetStockObject
GetObjectA
CreateFontIndirectA
GetTextMetricsA
CreateRoundRectRgn
DeleteObject
CreatePolygonRgn
ExtSelectClipRgn
StretchBlt
SetStretchBltMode
CreateSolidBrush
LineTo
MoveToEx
CreatePenIndirect
Rectangle
RoundRect
TextOutA
GetTextExtentPoint32A
GetCharABCWidthsA
SetBkColor
SetTextColor
SetBkMode
GdiFlush
GetDeviceCaps
CreateRectRgnIndirect
SelectObject
CombineRgn
GetClipBox

shell32

ShellExecuteA

ole32

CreateStreamOnHGlobal
CoCreateInstance
OleLockRunning
CLSIDFromString
CLSIDFromProgID
OleRun

oleaut32

SafeArrayCreate
SafeArrayPutElement
SafeArrayDestroy
SysAllocStringLen
SysAllocString
VariantClear
VariantInit
SysFreeString
GetErrorInfo

gdiplus

GdipCreateLineBrushI
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipDrawImageRectI
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipCloneBrush
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipMeasureString
GdipDrawString
GdipFillRectangleI
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipReleaseDC
GdipCreateFromHDC
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipCreateSolidFill
GdipDeleteFont
GdipDeleteGraphics
GdipDeleteStringFormat
GdipCreateStringFormat
GdipAlloc
GdipFree
GdipDeleteBrush

comctl32

ord17
_TrackMouseEvent

imm32

ImmGetVirtualKey

Exports

Exports

??0CActiveXUI@DuiLib@@QAE@ABV01@@Z
??0CActiveXUI@DuiLib@@QAE@XZ
??0CAnimationData@DuiLib@@QAE@HHHH@Z
??0CAnimationTabLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CAnimationTabLayoutUI@DuiLib@@QAE@XZ
??0CButtonUI@DuiLib@@QAE@ABV01@@Z
??0CButtonUI@DuiLib@@QAE@XZ
??0CCheckBoxUI@DuiLib@@QAE@ABV01@@Z
??0CCheckBoxUI@DuiLib@@QAE@XZ
??0CChildLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CChildLayoutUI@DuiLib@@QAE@XZ
??0CComboBoxUI@DuiLib@@QAE@ABV01@@Z
??0CComboBoxUI@DuiLib@@QAE@XZ
??0CComboUI@DuiLib@@QAE@ABV01@@Z
??0CComboUI@DuiLib@@QAE@XZ
??0CContainerUI@DuiLib@@QAE@ABV01@@Z
??0CContainerUI@DuiLib@@QAE@XZ
??0CControlUI@DuiLib@@QAE@ABV01@@Z
??0CControlUI@DuiLib@@QAE@XZ
??0CDateTimeUI@DuiLib@@QAE@ABV01@@Z
??0CDateTimeUI@DuiLib@@QAE@XZ
??0CDelegateBase@DuiLib@@QAE@ABV01@@Z
??0CDelegateBase@DuiLib@@QAE@PAX0@Z
??0CDialogBuilder@DuiLib@@QAE@XZ
??0CDragListUI@DuiLib@@QAE@ABV01@@Z
??0CDragListUI@DuiLib@@QAE@XZ
??0CDuiMarkup@DuiLib@@QAE@PBD@Z
??0CDuiMenu@DuiLib@@QAE@ABV01@@Z
??0CDuiMenu@DuiLib@@QAE@PBD@Z
??0CDuiPoint@DuiLib@@QAE@ABUtagPOINT@@@Z
??0CDuiPoint@DuiLib@@QAE@HH@Z
??0CDuiPoint@DuiLib@@QAE@J@Z
??0CDuiPoint@DuiLib@@QAE@XZ
??0CDuiRect@DuiLib@@QAE@ABUtagRECT@@@Z
??0CDuiRect@DuiLib@@QAE@HHHH@Z
??0CDuiRect@DuiLib@@QAE@XZ
??0CDuiSize@DuiLib@@QAE@ABUtagSIZE@@@Z
??0CDuiSize@DuiLib@@QAE@HH@Z
??0CDuiSize@DuiLib@@QAE@UtagRECT@@@Z
??0CDuiSize@DuiLib@@QAE@XZ
??0CDuiString@DuiLib@@QAE@ABV01@@Z
??0CDuiString@DuiLib@@QAE@D@Z
??0CDuiString@DuiLib@@QAE@PBDH@Z
??0CDuiString@DuiLib@@QAE@XZ
??0CEditUI@DuiLib@@QAE@ABV01@@Z
??0CEditUI@DuiLib@@QAE@XZ
??0CEventSource@DuiLib@@QAE@ABV01@@Z
??0CEventSource@DuiLib@@QAE@XZ
??0CGifAnimUI@DuiLib@@QAE@ABV01@@Z
??0CGifAnimUI@DuiLib@@QAE@XZ
??0CHorizontalLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CHorizontalLayoutUI@DuiLib@@QAE@XZ
??0CHotKeyUI@DuiLib@@QAE@ABV01@@Z
??0CHotKeyUI@DuiLib@@QAE@XZ
??0CHotKeyWnd@DuiLib@@QAE@ABV01@@Z
??0CHotKeyWnd@DuiLib@@QAE@XZ
??0CLabelUI@DuiLib@@QAE@ABV01@@Z
??0CLabelUI@DuiLib@@QAE@XZ
??0CListBodyUI@DuiLib@@QAE@ABV01@@Z
??0CListBodyUI@DuiLib@@QAE@PAVCListUI@1@@Z
??0CListContainerElementUI@DuiLib@@QAE@ABV01@@Z
??0CListContainerElementUI@DuiLib@@QAE@XZ
??0CListElementUI@DuiLib@@QAE@ABV01@@Z
??0CListElementUI@DuiLib@@QAE@XZ
??0CListHeaderItemUI@DuiLib@@QAE@ABV01@@Z
??0CListHeaderItemUI@DuiLib@@QAE@XZ
??0CListHeaderUI@DuiLib@@QAE@ABV01@@Z
??0CListHeaderUI@DuiLib@@QAE@XZ
??0CListLabelElementUI@DuiLib@@QAE@ABV01@@Z
??0CListLabelElementUI@DuiLib@@QAE@XZ
??0CListNode@DuiLib@@QAE@ABV01@@Z
??0CListNode@DuiLib@@QAE@XZ
??0CListTextElementUI@DuiLib@@QAE@ABV01@@Z
??0CListTextElementUI@DuiLib@@QAE@XZ
??0CListUI@DuiLib@@QAE@ABV01@@Z
??0CListUI@DuiLib@@QAE@XZ
??0CMarkupNode@DuiLib@@AAE@PAVCDuiMarkup@1@H@Z
??0CMarkupNode@DuiLib@@AAE@XZ
??0CMenuButtonUI@DuiLib@@QAE@ABV01@@Z
??0CMenuButtonUI@DuiLib@@QAE@XZ
??0CMenuContainer@DuiLib@@QAE@ABV01@@Z
??0CMenuContainer@DuiLib@@QAE@XZ
??0CMenuElementUI@DuiLib@@QAE@ABV01@@Z
??0CMenuElementUI@DuiLib@@QAE@XZ
??0CMenuUI@DuiLib@@QAE@ABV01@@Z
??0CMenuUI@DuiLib@@QAE@XZ
??0CMenuWnd@DuiLib@@QAE@ABV01@@Z
??0CMenuWnd@DuiLib@@QAE@XZ
??0CNotifyPump@DuiLib@@QAE@ABV01@@Z
??0CNotifyPump@DuiLib@@QAE@XZ
??0COptionUI@DuiLib@@QAE@ABV01@@Z
??0COptionUI@DuiLib@@QAE@XZ
??0CPaintManagerUI@DuiLib@@QAE@ABV01@@Z
??0CPaintManagerUI@DuiLib@@QAE@XZ
??0CProgressUI@DuiLib@@QAE@ABV01@@Z
??0CProgressUI@DuiLib@@QAE@XZ
??0CRichEditUI@DuiLib@@QAE@ABV01@@Z
??0CRichEditUI@DuiLib@@QAE@XZ
??0CScrollBarUI@DuiLib@@QAE@ABV01@@Z
??0CScrollBarUI@DuiLib@@QAE@XZ
??0CSliderUI@DuiLib@@QAE@ABV01@@Z
??0CSliderUI@DuiLib@@QAE@XZ
??0CStaticMenuElementUI@DuiLib@@QAE@ABV01@@Z
??0CStaticMenuElementUI@DuiLib@@QAE@XZ
??0CStdPtrArray@DuiLib@@QAE@ABV01@@Z
??0CStdPtrArray@DuiLib@@QAE@H@Z
??0CStdStringPtrMap@DuiLib@@QAE@H@Z
??0CStdValArray@DuiLib@@QAE@HH@Z
??0CTabLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CTabLayoutUI@DuiLib@@QAE@XZ
??0CTextUI@DuiLib@@QAE@ABV01@@Z
??0CTextUI@DuiLib@@QAE@XZ
??0CTileLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CTileLayoutUI@DuiLib@@QAE@XZ
??0CTreeNodeUI@DuiLib@@QAE@ABV01@@Z
??0CTreeNodeUI@DuiLib@@QAE@PAV01@@Z
??0CTreeViewUI@DuiLib@@QAE@ABV01@@Z
??0CTreeViewUI@DuiLib@@QAE@XZ
??0CUIAnimation@DuiLib@@QAE@ABV01@@Z
??0CUIAnimation@DuiLib@@QAE@PAVCControlUI@1@@Z
??0CVdMenu@DuiLib@@QAE@ABV01@@Z
??0CVdMenu@DuiLib@@QAE@VCDuiString@1@@Z
??0CVdMenuUI@DuiLib@@QAE@ABV01@@Z
??0CVdMenuUI@DuiLib@@QAE@XZ
??0CVdMessageBox@DuiLib@@QAE@ABV01@@Z
??0CVdMessageBox@DuiLib@@QAE@PBD@Z
??0CVdPlayProgressToolTip@DuiLib@@QAE@ABV01@@Z
??0CVdPlayProgressToolTip@DuiLib@@QAE@XZ
??0CVdToolTip@DuiLib@@QAE@ABV01@@Z
??0CVdToolTip@DuiLib@@QAE@XZ
??0CVerticalLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CVerticalLayoutUI@DuiLib@@QAE@XZ
??0CWaitCursor@DuiLib@@QAE@XZ
??0CWebBrowserUI@DuiLib@@QAE@ABV01@@Z
??0CWebBrowserUI@DuiLib@@QAE@XZ
??0CWindowWnd@DuiLib@@QAE@ABV01@@Z
??0CWindowWnd@DuiLib@@QAE@XZ
??0IUIAnimation@DuiLib@@QAE@ABV01@@Z
??0IUIAnimation@DuiLib@@QAE@XZ
??0MenuReturn@DuiLib@@QAE@ABU01@@Z
??0MenuReturn@DuiLib@@QAE@XZ
??0WindowImplBase@DuiLib@@QAE@ABV01@@Z
??0WindowImplBase@DuiLib@@QAE@XZ
??1CActiveXUI@DuiLib@@UAE@XZ
??1CAnimationTabLayoutUI@DuiLib@@UAE@XZ
??1CButtonUI@DuiLib@@UAE@XZ
??1CCheckBoxUI@DuiLib@@UAE@XZ
??1CChildLayoutUI@DuiLib@@UAE@XZ
??1CComboBoxUI@DuiLib@@UAE@XZ
??1CComboUI@DuiLib@@UAE@XZ
??1CContainerUI@DuiLib@@UAE@XZ
??1CControlUI@DuiLib@@UAE@XZ
??1CDateTimeUI@DuiLib@@UAE@XZ
??1CDelegateBase@DuiLib@@UAE@XZ
??1CDialogBuilder@DuiLib@@QAE@XZ
??1CDragListUI@DuiLib@@UAE@XZ
??1CDuiMarkup@DuiLib@@QAE@XZ
??1CDuiMenu@DuiLib@@QAE@XZ
??1CDuiString@DuiLib@@QAE@XZ
??1CEditUI@DuiLib@@UAE@XZ
??1CEventSource@DuiLib@@QAE@XZ
??1CGifAnimUI@DuiLib@@UAE@XZ
??1CHorizontalLayoutUI@DuiLib@@UAE@XZ
??1CHotKeyUI@DuiLib@@UAE@XZ
??1CHotKeyWnd@DuiLib@@QAE@XZ
??1CLabelUI@DuiLib@@UAE@XZ
??1CListBodyUI@DuiLib@@UAE@XZ
??1CListContainerElementUI@DuiLib@@UAE@XZ
??1CListElementUI@DuiLib@@UAE@XZ
??1CListHeaderItemUI@DuiLib@@UAE@XZ
??1CListHeaderUI@DuiLib@@UAE@XZ
??1CListLabelElementUI@DuiLib@@UAE@XZ
??1CListNode@DuiLib@@UAE@XZ
??1CListTextElementUI@DuiLib@@UAE@XZ
??1CListUI@DuiLib@@UAE@XZ
??1CMenuButtonUI@DuiLib@@UAE@XZ
??1CMenuContainer@DuiLib@@UAE@XZ
??1CMenuElementUI@DuiLib@@UAE@XZ
??1CMenuUI@DuiLib@@UAE@XZ
??1CMenuWnd@DuiLib@@QAE@XZ
??1CNotifyPump@DuiLib@@QAE@XZ
??1COptionUI@DuiLib@@UAE@XZ
??1CPaintManagerUI@DuiLib@@QAE@XZ
??1CProgressUI@DuiLib@@UAE@XZ
??1CRenderClip@DuiLib@@QAE@XZ
??1CRichEditUI@DuiLib@@UAE@XZ
??1CScrollBarUI@DuiLib@@UAE@XZ
??1CSliderUI@DuiLib@@UAE@XZ
??1CStaticMenuElementUI@DuiLib@@UAE@XZ
??1CStdPtrArray@DuiLib@@QAE@XZ
??1CStdStringPtrMap@DuiLib@@QAE@XZ
??1CStdValArray@DuiLib@@QAE@XZ
??1CTabLayoutUI@DuiLib@@UAE@XZ
??1CTextUI@DuiLib@@UAE@XZ
??1CTileLayoutUI@DuiLib@@UAE@XZ
??1CTreeNodeUI@DuiLib@@UAE@XZ
??1CTreeViewUI@DuiLib@@UAE@XZ
??1CUIAnimation@DuiLib@@UAE@XZ
??1CVdMenu@DuiLib@@UAE@XZ
??1CVdMenuUI@DuiLib@@UAE@XZ
??1CVdMessageBox@DuiLib@@UAE@XZ
??1CVdPlayProgressToolTip@DuiLib@@UAE@XZ
??1CVdToolTip@DuiLib@@UAE@XZ
??1CVerticalLayoutUI@DuiLib@@UAE@XZ
??1CWaitCursor@DuiLib@@QAE@XZ
??1CWebBrowserUI@DuiLib@@UAE@XZ
??1CWindowWnd@DuiLib@@QAE@XZ
??1IUIAnimation@DuiLib@@UAE@XZ
??1MenuReturn@DuiLib@@QAE@XZ
??1WindowImplBase@DuiLib@@UAE@XZ
??4CActiveXUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CAnimationData@DuiLib@@QAEAAV01@ABV01@@Z
??4CAnimationTabLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CButtonUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CCheckBoxUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CChildLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CComboBoxUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CComboUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CContainerUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CControlUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CDateTimeUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CDelegateBase@DuiLib@@QAEAAV01@ABV01@@Z
??4CDialogBuilder@DuiLib@@QAEAAV01@ABV01@@Z
??4CDragListUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiMarkup@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiMenu@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiPoint@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiRect@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiSize@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiString@DuiLib@@QAEABV01@ABV01@@Z
??4CDuiString@DuiLib@@QAEABV01@D@Z
??4CDuiString@DuiLib@@QAEABV01@PBD@Z
??4CDuiString@DuiLib@@QAEABV01@PB_W@Z
??4CEditUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CEventSource@DuiLib@@QAEAAV01@ABV01@@Z
??4CGifAnimUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CHorizontalLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CHotKeyUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CHotKeyWnd@DuiLib@@QAEAAV01@ABV01@@Z
??4CLabelUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListBodyUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListContainerElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListHeaderItemUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListHeaderUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListLabelElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListNode@DuiLib@@QAEAAV01@ABV01@@Z
??4CListTextElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CMarkupNode@DuiLib@@QAEAAV01@ABV01@@Z
??4CMenuButtonUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CMenuContainer@DuiLib@@QAEAAV01@ABV01@@Z
??4CMenuElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CMenuUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CMenuWnd@DuiLib@@QAEAAV01@ABV01@@Z
??4CNotifyPump@DuiLib@@QAEAAV01@ABV01@@Z
??4COptionUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CPaintManagerUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CProgressUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CRenderClip@DuiLib@@QAEAAV01@ABV01@@Z
??4CRenderEngine@DuiLib@@QAEAAV01@ABV01@@Z
??4CRichEditUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CSSE@DuiLib@@QAEAAV01@ABV01@@Z
??4CScrollBarUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CSliderUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CStaticMenuElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CStdPtrArray@DuiLib@@QAEAAV01@ABV01@@Z
??4CStdStringPtrMap@DuiLib@@QAEAAV01@ABV01@@Z
??4CStdValArray@DuiLib@@QAEAAV01@ABV01@@Z
??4CTabLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTextUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTileLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTreeNodeUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTreeViewUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CUIAnimation@DuiLib@@QAEAAV01@ABV01@@Z
??4CVdMenu@DuiLib@@QAEAAV01@ABV01@@Z
??4CVdMenuUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CVdMessageBox@DuiLib@@QAEAAV01@ABV01@@Z
??4CVdPlayProgressToolTip@DuiLib@@QAEAAV01@ABV01@@Z
??4CVdToolTip@DuiLib@@QAEAAV01@ABV01@@Z
??4CVerticalLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CWaitCursor@DuiLib@@QAEAAV01@ABV01@@Z
??4CWebBrowserUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CWindowWnd@DuiLib@@QAEAAV01@ABV01@@Z
??4IUIAnimation@DuiLib@@QAEAAV01@ABV01@@Z
??4MenuReturn@DuiLib@@QAEAAU01@ABU01@@Z
??4WindowImplBase@DuiLib@@QAEAAV01@ABV01@@Z
??8CDuiString@DuiLib@@QBE_NPBD@Z
??9CDuiString@DuiLib@@QBE_NPBD@Z
??ACDuiString@DuiLib@@QBEDH@Z
??ACStdPtrArray@DuiLib@@QBEPAXH@Z
??ACStdStringPtrMap@DuiLib@@QBEPBDH@Z
??ACStdValArray@DuiLib@@QBEPAXH@Z
??BCDuiString@DuiLib@@QBEPBDXZ
??BCEventSource@DuiLib@@QAE_NXZ
??BCWindowWnd@DuiLib@@QBEPAUHWND__@@XZ
??HCDuiString@DuiLib@@QBE?AV01@ABV01@@Z
??HCDuiString@DuiLib@@QBE?AV01@PBD@Z
??MCDuiString@DuiLib@@QBE_NPBD@Z
??NCDuiString@DuiLib@@QBE_NPBD@Z
??OCDuiString@DuiLib@@QBE_NPBD@Z
??PCDuiString@DuiLib@@QBE_NPBD@Z
??RCDelegateBase@DuiLib@@QAE_NPAX@Z
??RCEventSource@DuiLib@@QAE_NPAX@Z
??YCDuiString@DuiLib@@QAEABV01@ABV01@@Z
??YCDuiString@DuiLib@@QAEABV01@D@Z
??YCDuiString@DuiLib@@QAEABV01@PBD@Z
??YCDuiString@DuiLib@@QAEABV01@PB_W@Z
??YCEventSource@DuiLib@@QAEXABVCDelegateBase@1@@Z
??YCEventSource@DuiLib@@QAEXP6A_NPAX@Z@Z
??ZCEventSource@DuiLib@@QAEXABVCDelegateBase@1@@Z
??ZCEventSource@DuiLib@@QAEXP6A_NPAX@Z@Z
??_7CActiveXUI@DuiLib@@6BCControlUI@1@@
??_7CActiveXUI@DuiLib@@6BIMessageFilterUI@1@@
??_7CAnimationTabLayoutUI@DuiLib@@6B@
??_7CAnimationTabLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CAnimationTabLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CButtonUI@DuiLib@@6B@
??_7CCheckBoxUI@DuiLib@@6B@
??_7CChildLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CChildLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CComboBoxUI@DuiLib@@6B@
??_7CComboBoxUI@DuiLib@@6BCControlUI@1@@
??_7CComboBoxUI@DuiLib@@6BIContainerUI@1@@
??_7CComboUI@DuiLib@@6B@
??_7CComboUI@DuiLib@@6BCControlUI@1@@
??_7CComboUI@DuiLib@@6BIContainerUI@1@@
??_7CContainerUI@DuiLib@@6BCControlUI@1@@
??_7CContainerUI@DuiLib@@6BIContainerUI@1@@
??_7CControlUI@DuiLib@@6B@
??_7CDateTimeUI@DuiLib@@6B@
??_7CDelegateBase@DuiLib@@6B@
??_7CDragListUI@DuiLib@@6B@
??_7CDragListUI@DuiLib@@6BCControlUI@1@@
??_7CDragListUI@DuiLib@@6BIContainerUI@1@@
??_7CDuiMenu@DuiLib@@6B@
??_7CEditUI@DuiLib@@6B@
??_7CGifAnimUI@DuiLib@@6B@
??_7CHorizontalLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CHorizontalLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CHotKeyUI@DuiLib@@6B@
??_7CHotKeyWnd@DuiLib@@6B@
??_7CLabelUI@DuiLib@@6B@
??_7CListBodyUI@DuiLib@@6BCControlUI@1@@
??_7CListBodyUI@DuiLib@@6BIContainerUI@1@@
??_7CListContainerElementUI@DuiLib@@6B@
??_7CListContainerElementUI@DuiLib@@6BCControlUI@1@@
??_7CListContainerElementUI@DuiLib@@6BIContainerUI@1@@
??_7CListElementUI@DuiLib@@6BCControlUI@1@@
??_7CListElementUI@DuiLib@@6BIListItemUI@1@@
??_7CListHeaderItemUI@DuiLib@@6B@
??_7CListHeaderUI@DuiLib@@6BCControlUI@1@@
??_7CListHeaderUI@DuiLib@@6BIContainerUI@1@@
??_7CListLabelElementUI@DuiLib@@6BCControlUI@1@@
??_7CListLabelElementUI@DuiLib@@6BIListItemUI@1@@
??_7CListNode@DuiLib@@6B@
??_7CListNode@DuiLib@@6BCControlUI@1@@
??_7CListNode@DuiLib@@6BIContainerUI@1@@
??_7CListTextElementUI@DuiLib@@6BCControlUI@1@@
??_7CListTextElementUI@DuiLib@@6BIListItemUI@1@@
??_7CListUI@DuiLib@@6B@
??_7CListUI@DuiLib@@6BCControlUI@1@@
??_7CListUI@DuiLib@@6BIContainerUI@1@@
??_7CMenuButtonUI@DuiLib@@6B@
??_7CMenuContainer@DuiLib@@6BCControlUI@1@@
??_7CMenuContainer@DuiLib@@6BIContainerUI@1@@
??_7CMenuElementUI@DuiLib@@6B@
??_7CMenuElementUI@DuiLib@@6BCControlUI@1@@
??_7CMenuElementUI@DuiLib@@6BIContainerUI@1@@
??_7CMenuUI@DuiLib@@6BCControlUI@1@@
??_7CMenuUI@DuiLib@@6BCListUI@1@@
??_7CMenuUI@DuiLib@@6BIContainerUI@1@@
??_7CMenuUI@DuiLib@@6BINotifyUI@1@@
??_7CMenuWnd@DuiLib@@6B@
??_7CNotifyPump@DuiLib@@6B@
??_7COptionUI@DuiLib@@6B@
??_7CProgressUI@DuiLib@@6B@
??_7CRichEditUI@DuiLib@@6B@
??_7CRichEditUI@DuiLib@@6BCControlUI@1@@
??_7CRichEditUI@DuiLib@@6BIContainerUI@1@@
??_7CScrollBarUI@DuiLib@@6B@
??_7CSliderUI@DuiLib@@6B@
??_7CStaticMenuElementUI@DuiLib@@6B@
??_7CStaticMenuElementUI@DuiLib@@6BCControlUI@1@@
??_7CStaticMenuElementUI@DuiLib@@6BIContainerUI@1@@
??_7CTabLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CTabLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CTextUI@DuiLib@@6B@
??_7CTileLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CTileLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CTreeNodeUI@DuiLib@@6B@
??_7CTreeNodeUI@DuiLib@@6BCControlUI@1@@
??_7CTreeNodeUI@DuiLib@@6BIContainerUI@1@@
??_7CTreeViewUI@DuiLib@@6BCControlUI@1@@
??_7CTreeViewUI@DuiLib@@6BCDragListUI@1@@
??_7CTreeViewUI@DuiLib@@6BIContainerUI@1@@
??_7CTreeViewUI@DuiLib@@6BINotifyUI@1@@
??_7CUIAnimation@DuiLib@@6B@
??_7CVdMenu@DuiLib@@6B@
??_7CVdMenuUI@DuiLib@@6BCControlUI@1@@
??_7CVdMenuUI@DuiLib@@6BCListUI@1@@
??_7CVdMenuUI@DuiLib@@6BIContainerUI@1@@
??_7CVdMenuUI@DuiLib@@6BINotifyUI@1@@
??_7CVdMessageBox@DuiLib@@6BCNotifyPump@1@@
??_7CVdMessageBox@DuiLib@@6BCWindowWnd@1@@
??_7CVdMessageBox@DuiLib@@6BIDialogBuilderCallback@1@@
??_7CVdMessageBox@DuiLib@@6BIMessageFilterUI@1@@
??_7CVdMessageBox@DuiLib@@6BINotifyUI@1@@
??_7CVdPlayProgressToolTip@DuiLib@@6B@
??_7CVdToolTip@DuiLib@@6B@
??_7CVerticalLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CVerticalLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CWebBrowserUI@DuiLib@@6BCControlUI@1@@
??_7CWebBrowserUI@DuiLib@@6BIDispatch@@@
??_7CWebBrowserUI@DuiLib@@6BIDocHostUIHandler@@@
??_7CWebBrowserUI@DuiLib@@6BIMessageFilterUI@1@@
??_7CWebBrowserUI@DuiLib@@6BIOleCommandTarget@@@
??_7CWebBrowserUI@DuiLib@@6BIServiceProvider@@@
??_7CWebBrowserUI@DuiLib@@6BITranslateAccelerator@1@@
??_7CWindowWnd@DuiLib@@6B@
??_7IUIAnimation@DuiLib@@6B@
??_7WindowImplBase@DuiLib@@6BCNotifyPump@1@@
??_7WindowImplBase@DuiLib@@6BCWindowWnd@1@@
??_7WindowImplBase@DuiLib@@6BIDialogBuilderCallback@1@@
??_7WindowImplBase@DuiLib@@6BIMessageFilterUI@1@@
??_7WindowImplBase@DuiLib@@6BINotifyUI@1@@
??_FCDuiMarkup@DuiLib@@QAEXXZ
??_FCStdPtrArray@DuiLib@@QAEXXZ
??_FCStdStringPtrMap@DuiLib@@QAEXXZ
??_FCTreeNodeUI@DuiLib@@QAEXXZ
?Activate@CButtonUI@DuiLib@@UAE_NXZ
?Activate@CComboUI@DuiLib@@UAE_NXZ
?Activate@CControlUI@DuiLib@@UAE_NXZ
?Activate@CListContainerElementUI@DuiLib@@UAE_NXZ
?Activate@CListElementUI@DuiLib@@UAE_NXZ
?Activate@CMenuElementUI@DuiLib@@UAE_NXZ
?Activate@COptionUI@DuiLib@@UAE_NXZ
?Add@CComboUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CListUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CMenuUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CStdPtrArray@DuiLib@@QAE_NPAX@Z
?Add@CStdValArray@DuiLib@@QAE_NPBX@Z
?Add@CTabLayoutUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CTreeNodeUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CTreeViewUI@DuiLib@@UAE_NPAVCTreeNodeUI@2@@Z
?AddAt@CComboUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CListUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CTabLayoutUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CTreeNodeUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CTreeViewUI@DuiLib@@UAEJPAVCTreeNodeUI@2@H@Z
?AddAt@CTreeViewUI@DuiLib@@UAE_NPAVCTreeNodeUI@2@0@Z
?AddChild@CWindowWnd@DuiLib@@QAEXPAUHWND__@@@Z
?AddChildNode@CTreeNodeUI@DuiLib@@QAE_NPAV12@@Z
?AddDefaultAttributeList@CPaintManagerUI@DuiLib@@QAEXPBD0@Z
?AddDelayedCleanup@CPaintManagerUI@DuiLib@@QAEXPAVCControlUI@2@@Z
?AddFont@CPaintManagerUI@DuiLib@@QAEPAUHFONT__@@PBDH_N11@Z
?AddFontAt@CPaintManagerUI@DuiLib@@QAEPAUHFONT__@@HPBDH_N11@Z
?AddImage@CPaintManagerUI@DuiLib@@QAEPBUtagTImageInfo@2@PBD0K@Z
?AddImage@CPaintManagerUI@DuiLib@@QAEPBUtagTImageInfo@2@PBDPAUHBITMAP__@@HH_N@Z
?AddMessageFilter@CPaintManagerUI@DuiLib@@QAE_NPAVIMessageFilterUI@2@@Z
?AddNotifier@CMenuWnd@DuiLib@@QAEXPAVINotifyUI@2@@Z
?AddNotifier@CPaintManagerUI@DuiLib@@QAE_NPAVINotifyUI@2@@Z
?AddNotifier@CVdToolTip@DuiLib@@QAEXPAVINotifyUI@2@@Z
?AddOptionGroup@CPaintManagerUI@DuiLib@@QAE_NPBDPAVCControlUI@2@@Z
?AddPostPaint@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@@Z
?AddPreMessageFilter@CPaintManagerUI@DuiLib@@QAE_NPAVIMessageFilterUI@2@@Z
?AddRef@CWebBrowserUI@DuiLib@@UAGKXZ
?AddToDrag@CDragListUI@DuiLib@@UAEXPAVCListNode@2@@Z
?AddTranslateAccelerator@CPaintManagerUI@DuiLib@@QAE_NPAVITranslateAccelerator@2@@Z
?AddVirtualWnd@CNotifyPump@DuiLib@@QAE_NVCDuiString@2@PAV12@@Z
?AdjustAlpha@CSSE@DuiLib@@SAXAAK@Z
?AdjustColor@CRenderEngine@DuiLib@@SAKKFFF@Z
?AdjustMenuWidth@CMenuUI@DuiLib@@IAEXXZ
?AnimationSwitch@CAnimationTabLayoutUI@DuiLib@@QAEXXZ
?Append@CDuiString@DuiLib@@QAEXPBD@Z
?AppendText@CRichEditUI@DuiLib@@QAEHPBD_N@Z
?ApplyAttributeList@CControlUI@DuiLib@@QAEPAV12@PBD@Z
?Assign@CDuiString@DuiLib@@QAEXPBDH@Z
?AttachDialog@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@_N@Z
?BeforeNavigate2@CWebBrowserUI@DuiLib@@IAEXPAUIDispatch@@AAPAUtagVARIANT@@1111AAPAF@Z
?BindControl@CMenuWnd@DuiLib@@QAEXPAVCControlUI@2@@Z
?BindControl@CVdToolTip@DuiLib@@QAEXPAVCControlUI@2@@Z
?CalLocation@CTreeNodeUI@DuiLib@@AAEPAV12@PAV12@@Z
?CalPos@CHotKeyWnd@DuiLib@@QAE?AUtagRECT@@XZ
?CenterWindow@CWindowWnd@DuiLib@@QAEXPAUHWND__@@@Z
?CharFromPos@CRichEditUI@DuiLib@@QBEHVCDuiPoint@2@@Z
?CheckAlphaColor@CRenderEngine@DuiLib@@SAXAAK@Z
?CheckBoxSelected@CTreeNodeUI@DuiLib@@QAEX_N@Z
?CheckDCAndBitmap@CRenderEngine@DuiLib@@SA_NPAUHDC__@@AAPAU3@AAPAUHBITMAP__@@AAPAKAAUtagRECT@@UtagSIZE@@@Z
?Clear@CRichEditUI@DuiLib@@QAEXXZ
?ClearAlphaPixel@CRenderEngine@DuiLib@@SAXPAEHPAUtagRECT@@@Z
?Close@CWindowWnd@DuiLib@@QAEXI@Z
?CommandStateChange@CWebBrowserUI@DuiLib@@IAEXJF@Z
?Compare@CDuiString@DuiLib@@QBEHPBD@Z
?CompareNoCase@CDuiString@DuiLib@@QBEHPBD@Z
?ConvertIconToBitmap@CRenderEngine@DuiLib@@SAPAUHBITMAP__@@PAUHICON__@@PAH1@Z
?Copy@CRichEditUI@DuiLib@@QAEXXZ
?Create@CDialogBuilder@DuiLib@@QAEPAVCControlUI@2@PAVIDialogBuilderCallback@2@PAVCPaintManagerUI@2@PAV32@@Z

Sections

.text
Size: 346KB - Virtual size: 345KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/vidownuninst/res/VidownUninstDlg.xml
$TEMP/vidownuninst/res/image/appframe_bk.png
.png
$TEMP/vidownuninst/res/image/bg.png
.png
$TEMP/vidownuninst/res/image/btn_small.png
.png
$TEMP/vidownuninst/res/image/btn_small2.png
.png
$TEMP/vidownuninst/res/image/continue_use_btn.png
.png
$TEMP/vidownuninst/res/image/down_task_progress.png
.png
$TEMP/vidownuninst/res/image/logo_140.png
.png
$TEMP/vidownuninst/res/image/logo_18.png
.png
$TEMP/vidownuninst/res/image/page_1.jpg
.jpg
$TEMP/vidownuninst/res/image/page_2.jpg
.jpg
$TEMP/vidownuninst/res/image/page_3.jpg
.jpg
$TEMP/vidownuninst/res/image/progress.png
.png
$TEMP/vidownuninst/res/image/progress_bk.png
.png
$TEMP/vidownuninst/res/image/sys_select_checkbox.png
.png
$TEMP/vidownuninst/res/image/sysbtn_close.png
.png
$TEMP/vidownuninst/res/image/sysbtn_min.png
.png
$TEMP/vidownuninst/res/image/uninstall_start_btn.png
.png
$TEMP/vidownuninst/res/image/uninstall_success_btn.png
.png

Sharing

General

Malware Config

Signatures

Files

dfb06052e74b26a42b0e490bd1c07959

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 112KB

.ndata Size: - Virtual size: 48KB

.rsrc Size: 369KB - Virtual size: 368KB

815c88741b87a0210c457b00b57bf9c6

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 2KB

ea9b3ea5cd9e2014ad3724e31f62cf5e

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

shlwapi

version

kernel32

user32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 75KB - Virtual size: 75KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 904B

.reloc Size: 4KB - Virtual size: 3KB

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 784B

.data Size: 512B - Virtual size: 100B

.reloc Size: 1024B - Virtual size: 520B

58f4dc7794d1a1c89373297d547be6dd

Headers

DLL Characteristics

File Characteristics

Imports

mfc90

msvcr90

kernel32

user32

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 112KB

.ndata
Size: - Virtual size: 48KB

.rsrc
Size: 369KB - Virtual size: 368KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 2KB

.text
Size: 75KB - Virtual size: 75KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 904B

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 520B

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 713KB - Virtual size: 713KB

.reloc
Size: 8KB - Virtual size: 8KB

.text
Size: 346KB - Virtual size: 345KB

.rdata
Size: 187KB - Virtual size: 186KB

.data
Size: 9KB - Virtual size: 17KB

.reloc
Size: 28KB - Virtual size: 28KB