D:\nstools\nsSetup\HofoInstallers-2.0\Release\Install_rocket.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
02c39c7c957c107ae92246ecd48a57e9_JaffaCakes118.exe
Resource
win7-20240903-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
02c39c7c957c107ae92246ecd48a57e9_JaffaCakes118.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
02c39c7c957c107ae92246ecd48a57e9_JaffaCakes118
-
Size
4.2MB
-
MD5
02c39c7c957c107ae92246ecd48a57e9
-
SHA1
fc98cb2e6466c450b93f980e7ae00ec96c010202
-
SHA256
3d2a6d93a5800d1072c754952fbb68817be069548709cfaba895ac892795432b
-
SHA512
804928140f80fbb7522f27873794ad5793e224966d181a5eb41e059e034ffb98f5aa80322596120ad20a767aee7e9135659baeb3367e5431fc0366aaf3c17532
-
SSDEEP
98304:Q8EystyBs0PdZ/1TZP8zz2+6+j9VXriyGzpMnaa7xIhA6Lba8grS:PTtdZ/BZ0zz2JSziBpMnaa1ItLba8p
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 02c39c7c957c107ae92246ecd48a57e9_JaffaCakes118
Files
-
02c39c7c957c107ae92246ecd48a57e9_JaffaCakes118.exe windows:5 windows x86 arch:x86
770ad7cc215a1201cac31f8cc9ecb6fd
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
ExitThread
FindClose
GetDriveTypeW
FindFirstFileExW
MoveFileW
GetFullPathNameW
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryW
SetEndOfFile
GetTimeZoneInformation
CompareStringW
CloseHandle
GetLastError
CreateMutexW
GetModuleFileNameW
lstrcpyW
GetCurrentThread
SetThreadPriority
GetCurrentProcess
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetCommandLineW
HeapSetInformation
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
GetModuleHandleW
SetPriorityClass
IsProcessorFeaturePresent
WriteFile
GetStdHandle
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeLibrary
LoadLibraryW
RtlUnwind
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
MultiByteToWideChar
GetStringTypeW
SetStdHandle
WriteConsoleW
CreateFileW
FlushFileBuffers
lstrcmpW
lstrcatW
FreeResource
GlobalLock
GlobalUnlock
GetFileSize
ReadFile
FindFirstFileW
FindNextFileW
GlobalFree
WaitForSingleObject
TerminateThread
lstrlenA
GetVersionExW
CreateDirectoryW
GetDiskFreeSpaceExW
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
lstrcpynW
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
UnmapViewOfFile
LCMapStringA
GetSystemPowerStatus
lstrcmpiW
GetTempPathW
DeleteFileW
GetSystemWow64DirectoryW
GetSystemDirectoryW
CreateThread
OpenProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
GetLocalTime
InitializeCriticalSection
CreateEventW
ResetEvent
LocalFree
GetTickCount
lstrlenW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GlobalAlloc
ExitProcess
Sleep
SetEnvironmentVariableA
user32
DestroyWindow
UnregisterClassW
MoveWindow
BeginPaint
SetWindowLongW
LoadIconW
DefWindowProcW
GetWindowLongW
ShowWindow
PostQuitMessage
SetWindowTextW
DrawIconEx
SetForegroundWindow
DispatchMessageW
TranslateMessage
GetMessageW
EnableWindow
CreateWindowExW
PostMessageW
IsWindowVisible
ReleaseDC
GetWindowRect
EndPaint
GetDC
GetClientRect
ClientToScreen
SetLayeredWindowAttributes
SetWindowPos
UpdateLayeredWindow
wsprintfW
FindWindowW
IsIconic
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SendMessageW
FillRect
OffsetRect
SetWindowRgn
GetSystemMetrics
SetCursor
LoadCursorW
RegisterClassExW
GetClipboardData
gdi32
DeleteObject
CreateRectRgn
BitBlt
GetTextExtentPoint32W
CreateDIBSection
CreateDCW
CombineRgn
OffsetRgn
SetRectRgn
GetObjectA
GetStockObject
CreateSolidBrush
DeleteDC
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
GetObjectW
ole32
CoInitialize
CoUninitialize
CoCreateInstance
OleRun
CreateStreamOnHGlobal
shlwapi
PathFileExistsW
gdiplus
GdipSetStringFormatTrimming
GdipGetImageGraphicsContext
GdipSetTextRenderingHint
GdipSetInterpolationMode
GdipSetSmoothingMode
GdipResetWorldTransform
GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipDrawString
GdipDrawImageRectI
GdipDrawImagePointsI
GdipDrawImageRectRectI
GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipCloneImage
GdipSetStringFormatLineAlign
GdipSaveImageToStream
GdipGetImageWidth
GdipGetImageHeight
GdipImageRotateFlip
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup
GdiplusShutdown
GdipCloneBrush
GdipDeleteBrush
GdipSetImageAttributesColorKeys
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipAlloc
GdipSetStringFormatAlign
GdipCreateStringFormat
GdipFree
GdipCreateSolidFill
GdipDisposeImage
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipCloneStringFormat
GdipDeleteStringFormat
GdipSetStringFormatFlags
GdipStringFormatGetGenericTypographic
GdipCreateFromHDC
GdipDeleteGraphics
GdipMeasureString
GdipSaveImageToFile
dbghelp
MiniDumpWriteDump
comdlg32
ChooseColorW
GetSaveFileNameW
GetOpenFileNameW
advapi32
CloseServiceHandle
RegCreateKeyW
RegSetValueW
RegNotifyChangeKeyValue
RegDeleteValueW
DeleteService
ControlService
StartServiceW
RegOpenKeyW
OpenServiceW
CreateServiceW
OpenSCManagerW
RegEnumKeyExW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
shell32
SHBrowseForFolderW
ShellExecuteExW
Shell_NotifyIconW
SHGetSpecialFolderPathW
SHGetPathFromIDListW
oleaut32
SysAllocString
VariantChangeType
VariantInit
VariantClear
SysFreeString
wininet
FtpGetFileSize
FtpOpenFileW
InternetReadFile
HttpOpenRequestW
HttpSendRequestW
InternetCloseHandle
HttpQueryInfoW
InternetGetConnectedState
InternetOpenW
InternetSetOptionW
InternetConnectW
HttpAddRequestHeadersW
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
winmm
PlaySoundW
mciSendStringW
crypt32
CertOpenStore
CertFreeCertificateContext
CertAddCertificateContextToStore
CertCloseStore
CertFindCertificateInStore
CertCreateCertificateContext
wintrust
WinVerifyTrust
Exports
Exports
??0CLock@@QAE@XZ
??0CNsApp@@QAE@XZ
??0CNsDC@@QAE@PAUHDC__@@AAUtagRECT@@_N2PAUHWND__@@@Z
??0CNsDC@@QAE@XZ
??0CNsDownload@@QAE@XZ
??0CNsFont@@QAE@ABV0@@Z
??0CNsFont@@QAE@XZ
??0CNsImage@@QAE@ABV0@@Z
??0CNsImage@@QAE@XZ
??0CNsInstaller@@QAE@ABV0@@Z
??0CNsInstaller@@QAE@XZ
??0CNsLog@@QAE@ABV0@@Z
??0CNsLog@@QAE@XZ
??0CNsNet@@QAE@XZ
??0CNsPacket@@QAE@ABV0@@Z
??0CNsProcess@@QAE@XZ
??0CNsReg@@QAE@XZ
??0CNsSkin@@QAE@ABV0@@Z
??0CNsSkin@@QAE@XZ
??0CNsThread@@QAE@ABV0@@Z
??0CNsThread@@QAE@XZ
??0CNsUpdate@@QAE@ABV0@@Z
??0CNsUpdate@@QAE@XZ
??0CNsXml@@QAE@ABV0@@Z
??0CNsXml@@QAE@XZ
??0CNsZlib@@QAE@XZ
??0CnsDump@@QAE@ABV0@@Z
??0CnsDump@@QAE@XZ
??1CLock@@QAE@XZ
??1CNsApp@@QAE@XZ
??1CNsDC@@QAE@XZ
??1CNsDownload@@QAE@XZ
??1CNsFont@@QAE@XZ
??1CNsImage@@QAE@XZ
??1CNsInstaller@@QAE@XZ
??1CNsLog@@QAE@XZ
??1CNsNet@@QAE@XZ
??1CNsProcess@@QAE@XZ
??1CNsReg@@QAE@XZ
??1CNsSkin@@QAE@XZ
??1CNsThread@@QAE@XZ
??1CNsUpdate@@QAE@XZ
??1CNsXml@@QAE@XZ
??1CNsZlib@@QAE@XZ
??1CnsDump@@QAE@XZ
??4CLock@@QAEAAV0@ABV0@@Z
??4CNsApp@@QAEAAV0@ABV0@@Z
??4CNsDC@@QAEAAV0@ABV0@@Z
??4CNsDownload@@QAEAAV0@ABV0@@Z
??4CNsFont@@QAEAAV0@ABV0@@Z
??4CNsImage@@QAEAAV0@ABV0@@Z
??4CNsInstaller@@QAEAAV0@ABV0@@Z
??4CNsLog@@QAEAAV0@ABV0@@Z
??4CNsNet@@QAEAAV0@ABV0@@Z
??4CNsPacket@@QAEAAV0@ABV0@@Z
??4CNsProcess@@QAEAAV0@ABV0@@Z
??4CNsReg@@QAEAAV0@ABV0@@Z
??4CNsSkin@@QAEAAV0@ABV0@@Z
??4CNsThread@@QAEAAV0@ABV0@@Z
??4CNsUpdate@@QAEAAV0@ABV0@@Z
??4CNsXml@@QAEAAV0@ABV0@@Z
??4CNsZlib@@QAEAAV0@ABV0@@Z
??4CnsDump@@QAEAAV0@ABV0@@Z
??_B?1??Instance@CNsDownload@@SAAAV1@XZ@51
??_B?1??Instance@CNsLog@@SAAAV1@XZ@51
??_B?1??Instance@CNsNet@@SAAAV1@XZ@51
??_B?1??Instance@CNsProcess@@SAAAV1@XZ@51
??_B?1??Instance@CNsReg@@SAAAV1@XZ@51
??_B?1??Instance@CNsUpdate@@SAAAV1@XZ@51
??_B?1??Instance@CNsXml@@SAAAV1@XZ@51
??_B?1??Instance@CNsZlib@@SAAAV1@XZ@51
?AddDelInfo@CNsInstaller@@AAE_NAAUtagDelInfo@@@Z
?AddMovie@CNsImage@@QAE_NPAUHWND__@@HPB_WHHHHHHHHPAUHDC__@@@Z
?AddMovie@CNsImage@@QAE_NPAUHWND__@@PB_WHHHHHHHHPAUHDC__@@@Z
?AddTask@CNsDownload@@QAEHPB_W0@Z
?AddTimer@CNsThread@@AAEPAUtagNsTimer@@AAU2@@Z
?AutoRun@CNsInstaller@@QAEXXZ
?BmToStream@CNsImage@@QAE_NPAUHBITMAP__@@PAUIStream@@PB_W@Z
?CertExists@@YAHPB_W@Z
?CheckComponent@CNsInstaller@@QAE_NXZ
?CheckDir@CNsInstaller@@QAEXPB_W0@Z
?CheckFont@CNsFont@@QAEHPB_W@Z
?CheckImage@CNsImage@@QAE_NPB_W@Z
?CheckInstalled@@YAHPB_W@Z
?CheckOneInstance@@YAHPB_W0@Z
?CheckUpdate@CNsUpdate@@QAEHPB_WP6GXHHH@ZP6GXH0_J2N@Z@Z
?CompVersion@@YAHPB_W0@Z
?CreateCompatibleBitmapEx@CNsDC@@QAEPAUHBITMAP__@@UtagRECT@@@Z
?CreateDirTree@@YAHPB_W@Z
?CreateFolder@@YAHPB_W@Z
?CreateMemDC@CNsDC@@QAEXPAUHDC__@@AAUtagRECT@@_N2PAUHWND__@@@Z
?CreateNewFont@CNsFont@@AAEPAUHFONT__@@AAUtagFontInfo@@@Z
?CreateShareMem@@YAPAXPB_WK@Z
?CreateShortcut@@YAHPB_W000G0H@Z
?CreateShortcuts@CNsInstaller@@QAEXPAUtagSetupInfo@@@Z
?CreateUID@@YAXPA_WH@Z
?CreateUninstallCfg@CNsInstaller@@QAEXPAUtagSetupInfo@@@Z
?CreateUrlShortcut@@YAHPB_W0@Z
?CreateUserShortcuts@CNsInstaller@@AAEXXZ
?DecodeFile@CNsZlib@@QAEJPB_W0K@Z
?DecodeGZipBuffer@CNsZlib@@QAEJPAEJPAPAEPAJ@Z
?DelTask@CNsDownload@@QAEHPB_W@Z
?DelTray@@YAHPAUHWND__@@@Z
?DesGo@@YAXQBDPADHH@Z
?DisableFsRedirection@@YAXPAPAX@Z
?DoReport@@YAXPB_W00@Z
?DoRun@@YAHPB_W0HH@Z
?DoSetup@CNsInstaller@@AAEXXZ
?DoUpdate@CNsInstaller@@QAEX_N@Z
?DownComponent@CNsInstaller@@AAEXPB_W@Z
?DownNotify@CNsInstaller@@CGXHPB_W_J1N@Z
?DownloadThread@CNsDownload@@CGIPAX@Z
?Draw@CNsDC@@QAEXXZ
?DrawImg@CNsImage@@QAE_NPAUHDC__@@HPB_WHHHHPAUtagRECT@@@Z
?DrawImg@CNsImage@@QAE_NPAUHDC__@@PAUIStream@@HHHHPAUtagRECT@@@Z
?DrawImg@CNsImage@@QAE_NPAUHDC__@@PAVImage@Gdiplus@@HHHHPAUtagRECT@@PAVImageAttributes@4@@Z
?DrawImg@CNsImage@@QAE_NPAUHDC__@@PB_WHHHHPAUtagRECT@@@Z
?DrawImgEx@CNsImage@@QAE_NPAUHDC__@@HPB_WMMMMHHHH@Z
?DrawImgEx@CNsImage@@QAE_NPAUHDC__@@PAUIStream@@MMMMHHHH@Z
?DrawImgEx@CNsImage@@QAE_NPAUHDC__@@PB_WMMMMHHHH@Z
?DrawRotate3D@CNsImage@@QAEXPAUHDC__@@HPB_WHHHHHH@Z
?DrawRotate3D@CNsImage@@QAEXPAUHDC__@@PAUIStream@@HHHHHH@Z
?DrawRotate@CNsImage@@QAE_NPAUHDC__@@HPB_WHHHHH@Z
?DrawRotate@CNsImage@@QAE_NPAUHDC__@@PAUIStream@@HHHHH@Z
?DrawRotate@CNsImage@@QAE_NPAUHDC__@@PB_WHHHHH@Z
?DrawRotateFlip@CNsImage@@QAE_NPAUHDC__@@HPB_WHHHHW4RotateFlipType@Gdiplus@@M@Z
?DrawRotateFlip@CNsImage@@QAE_NPAUHDC__@@PAUIStream@@HHHHW4RotateFlipType@Gdiplus@@M@Z
?DrawRotateFlip@CNsImage@@QAE_NPAUHDC__@@PB_WHHHHW4RotateFlipType@Gdiplus@@M@Z
?DrawSplitH@CNsImage@@AAE_NPAUHDC__@@PAVImage@Gdiplus@@HHHHPAUtagRECT@@H@Z
?DrawSplitV@CNsImage@@AAE_NPAUHDC__@@PAVImage@Gdiplus@@HHHHPAUtagRECT@@HH@Z
?DrawStretchImg@CNsImage@@QAE_NPAUHDC__@@HPB_WHHHHHHHH@Z
?DrawStretchImg@CNsImage@@QAE_NPAUHDC__@@PAUIStream@@HHHHHHHH@Z
?DrawStretchImg@CNsImage@@QAE_NPAUHDC__@@PAVImage@Gdiplus@@HHHHHHHH@Z
?DrawStretchImg@CNsImage@@QAE_NPAUHDC__@@PB_WHHHHHHHH@Z
?DrawString@CNsImage@@QAEXPAUHDC__@@PAUHFONT__@@PB_WHHHHKH_N3H@Z
?DrawTranImg@CNsImage@@QAE_NPAUHDC__@@HPB_WKKHHHH@Z
?DrawTranImg@CNsImage@@QAE_NPAUHDC__@@PAUIStream@@KKHHHH@Z
?DrawTranImg@CNsImage@@QAE_NPAUHDC__@@PB_WKKHHHH@Z
?EasyEncode@@YAXPADH@Z
?EncodeFile@CNsZlib@@QAEJPB_W0H@Z
?ExceptionFilter@CnsDump@@CGJPAU_EXCEPTION_POINTERS@@@Z
?ExecScript@CNsInstaller@@QAEXPB_W@Z
?ExitApp@CNsApp@@QAEXXZ
?ExitThread@CNsThread@@QAEXPAXH@Z
?ExtractFile@CNsInstaller@@AAE_NPAUtagPacketInfo@@PAU_iobuf@@@Z
?ExtractPath@@YAXPA_W@Z
?FileSize@@YA_JPB_W@Z
?FileTime@@YAHPB_WPAU_SYSTEMTIME@@11@Z
?FindRes@CNsSkin@@AAE_NPB_WPAUIStream@@@Z
?ForceLog@CNsLog@@QAEX_N@Z
?FreeSkin@CNsSkin@@QAEXXZ
?GbToTraditional@@YAXPADH@Z
?GetCPUID@@YAXPAD@Z
?GetClipboard@@YAHPA_WH@Z
?GetColorDlg@@YAKPAUHWND__@@K@Z
?GetCurPath@@YAXPA_W@Z
?GetDefaultSize@CNsFont@@QAEHXZ
?GetDesktopPath@@YAHPA_W@Z
?GetEncoderClsid@CNsImage@@QAEHPB_WPAU_GUID@@@Z
?GetFileVer@@YAHPB_WPA_W@Z
?GetFont@CNsFont@@AAEPAUHFONT__@@AAUtagFontInfo@@@Z
?GetFont@CNsFont@@QAEPAUHFONT__@@HPB_WHHH@Z
?GetFtpFile@CNsDownload@@QAEHPB_W0HP6GXH0_J1N@Z00@Z
?GetHttpFile@CNsDownload@@QAEHPB_W0HP6GXH0_J1N@Z@Z
?GetImgSize@CNsImage@@QAE_NHAAH0@Z
?GetImgSize@CNsImage@@QAE_NPB_WAAH1@Z
?GetInfoLen@CNsNet@@QAEHXZ
?GetLogFileName@CNsLog@@AAEXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?GetMovieIndex@CNsImage@@QAEHH@Z
?GetNodeAttr@CNsXml@@QAEHPB_W0PA_W@Z
?GetOsName@@YAHPA_W@Z
?GetPathUseSpace@@YA_KPB_W@Z
?GetProcByName@CNsProcess@@QAE_NPB_WPAUtagPROCESSENTRY32W@@@Z
?GetProcList@CNsProcess@@QAE_NAAV?$vector@UtagPROCESSENTRY32W@@V?$allocator@UtagPROCESSENTRY32W@@@std@@@std@@@Z
?GetProgramFilePath@@YAHPA_W@Z
?GetProgramsPath@@YAHPA_W@Z
?GetQuickLaunchPath@@YAHPA_WH@Z
?GetRegInfo@@YAHPAUHKEY__@@PA_W1H1@Z
?GetRegInfo@CNsReg@@QAEHPAUHKEY__@@PA_W1H1@Z
?GetRes@CNsSkin@@QAE_NPB_WPAUIStream@@@Z
?GetResType@CNsSkin@@QAEHXZ
?GetSetupInfo@CNsInstaller@@QAE_NAAUtagSetupInfo@@@Z
?GetSoftVer@@YAHPB_WPA_W@Z
?GetStartMenuPath@@YAHPA_W@Z
?GetThemesPath@CNsSkin@@QAEXPA_W@Z
?GetUrlInfo@@YAHPB_WPADH@Z
?GetUrlInfo@CNsNet@@QAEHPB_WPADH@Z
?GetXmlNode@CNsXml@@QAEHPA_WAAH@Z
?GetXmlNodeCount@@YAHPB_W@Z
?GetXmlNodeCount@CNsXml@@QAEHPB_W@Z
?GetXmlNodeValue2@@YAHPB_WPA_WH@Z
?GetXmlNodeValue3@@YAHPB_WPA_WPAH@Z
?GetXmlNodeValue@@YAHPB_WPA_W@Z
?GetXmlNodeValue@CNsXml@@QAEHPB_WPA_W@Z
?GetXmlNodeValue@CNsXml@@QAEHPB_WPA_WH@Z
?GetXmlNodeValue@CNsXml@@QAEHPB_WPA_WPAH@Z
?HideProcess@CNsProcess@@QAEXH@Z
?ImportCACert@@YAHPAXH@Z
?ImportCertFile@@YAHPB_W@Z
?ImportReg@CNsInstaller@@QAEXXZ
?InitPath@CNsInstaller@@AAEXAAUtagSetupInfo@@@Z
?InitZlib@CNsZlib@@QAEJXZ
?Inject@CNsProcess@@QAE_NKPAXK0K@Z
?Install@CnsDump@@QAEXPB_W0@Z
?InstallComponent@CNsInstaller@@AAEXXZ
?InstallDump@@YAXPB_W0@Z
?InstallFunc@CNsInstaller@@AAE_NXZ
?InstallThread@CNsInstaller@@CGIPAX@Z
?Instance@CNsDownload@@SAAAV1@XZ
?Instance@CNsLog@@SAAAV1@XZ
?Instance@CNsNet@@SAAAV1@XZ
?Instance@CNsProcess@@SAAAV1@XZ
?Instance@CNsReg@@SAAAV1@XZ
?Instance@CNsUpdate@@SAAAV1@XZ
?Instance@CNsXml@@SAAAV1@XZ
?Instance@CNsZlib@@SAAAV1@XZ
?IntToStrSize@@YAX_JPA_W@Z
?IsLockRead@CLock@@QAE_NXZ
?IsLockWrite@CLock@@QAE_NXZ
?KillProcess@CNsProcess@@QAEXK@Z
?KillProcess@CNsProcess@@QAEXPB_W@Z
?KillTimer@CNsThread@@QAEXH@Z
?LnkToRealPath@@YAJPB_WPA_W@Z
?LoadDrv@@YAHPB_W0@Z
?LoadPngFromRes@CNsImage@@AAEPAVImage@Gdiplus@@HPB_W@Z
?LoadProxyConfig@CNsDownload@@QAEXXZ
?LoadProxyConfig@CNsNet@@QAEXXZ
?LoadSkin@CNsSkin@@QAE_NPB_W@Z
?Lock@CLock@@QAEXXZ
?LockRead@CLock@@QAEXXZ
?MD5Go@@YAHPAD0@Z
?MakeSkin@CNsSkin@@QAE_NPB_W0@Z
?MonitorReg@CNsReg@@QAEHPAUHKEY__@@PA_WHP6GXPAX@Z2@Z
?MonitorThread@CNsReg@@SGKPAX@Z
?MovePos@CNsInstaller@@AAEXPAUtagPacketInfo@@PAU_iobuf@@@Z
?MovieThread@CNsImage@@CGIPAX@Z
?MsgLoop@CNsApp@@QAEHXZ
?NsEncode@@YAXQBDPADHH@Z
?NsEncodeFile@@YAHPB_W0@Z
?NsGetStrWidth@@YAHPB_WPAUHWND__@@PAUHFONT__@@@Z
?NsReadFile@@YAHPB_WPAXAAK@Z
?NsResGetBuff@@YAHHPB_WPAX@Z
?NsResGetStream@@YAPAUIStream@@HPB_W@Z
?NsResSave@@YAHHPB_W0@Z
?NsResSize@@YAHHPB_W@Z
?NsResUpdate2@@YAHPB_WH0PAXH@Z
?NsResUpdate@@YAHPB_WH00@Z
?NsWriteFile@@YAHPB_WPAXK@Z
?OpenUrl@@YAXPB_WH@Z
?Parse@@YAHPB_W@Z
?Parse@CNsXml@@QAEHPB_W@Z
?ParseParams@CNsInstaller@@QAEXPB_W@Z
?PauseMP3@@YAXPB_W@Z
?PlayMP3@@YAXPB_WH@Z
?PlayWav@@YAHPB_WH@Z
?Post@CNsNet@@QAEHPB_WPAXHPADH@Z
?ReadShareMem2@@YAHPB_WPAXHH@Z
?ReadShareMem@@YAHPB_WPA_W@Z
?RefreshIconCache@@YAXXZ
?RegFileRelation@@YAXPB_W0000@Z
?RegProtocol@@YAXPB_W0@Z
?ReplaceExeIco@@YAHPB_W0H@Z
?ReplaceSysPath@CNsInstaller@@AAEXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?ResumeMP3@@YAXPB_W@Z
?RevertFsRedirection@@YAXPAPAX@Z
?SavePic@CNsImage@@QAE_NPAUHDC__@@UtagRECT@@PB_W2@Z
?SavePic@CNsImage@@QAE_NPAUHWND__@@PB_W1@Z
?SavePic@CNsImage@@QAE_NPB_W00@Z
?SaveScreen@CNsImage@@QAE_NPB_W0@Z
?SaveUpdateCfg@CNsUpdate@@AAEXXZ
?SetAppName@CNsApp@@QAEXPB_W@Z
?SetAutoRun@@YAHPB_WH0@Z
?SetAutoRun@CNsReg@@QAEHPB_WH0@Z
?SetClipboard@@YAHPB_W@Z
?SetDefaultFont@CNsFont@@QAEXHPB_WH@Z
?SetDelay@CNsUpdate@@QAEXH@Z
?SetIcon@@YAHPAUHWND__@@PAUHICON__@@@Z
?SetInst@CNsImage@@QAEXPAUHINSTANCE__@@@Z
?SetMemName@CNsLog@@QAEXPB_WH@Z
?SetPath@CNsUpdate@@QAEXPB_W@Z
?SetPrivilege@@YAHPB_WH@Z
?SetRegInfo@@YAHPAUHKEY__@@PA_W1HPB_W@Z
?SetRegInfo@CNsReg@@QAEHPAUHKEY__@@PA_W1HPB_W@Z
?SetResType@CNsSkin@@QAEXH@Z
?SetRetry@CNsDownload@@QAEXHH@Z
?SetShortcutIcon@@YAHPB_W0@Z
?SetSkinName@CNsSkin@@QAEXPB_W@Z
?SetThemesName@CNsSkin@@QAEXPB_W@Z
?SetTip@@YAHPAUHWND__@@PB_W@Z
?ShowBalloon@@YAHPAUHWND__@@PB_W1H@Z
?ShowLicense@CNsInstaller@@QAEXXZ
?ShowOpenFileDlg@@YAHPA_WHPAUHWND__@@PB_W2H@Z
?ShowSaveFileDlg@@YAHPA_WPAUHWND__@@PB_W2@Z
?ShowSelDir@@YAHPA_WPAUHWND__@@@Z
?ShowTray@@YAHPAUHWND__@@PAUHICON__@@PB_WI@Z
?StartDownload@CNsDownload@@QAEXPB_W0P6GXH0_J1N@ZH@Z
?StartInstall@CNsInstaller@@QAEXPB_WPAUHWND__@@H1@Z
?StartMonitor@@YAXPAUHKEY__@@PB_WHP6GXPAX@Z2@Z
?StartMonitor@CNsReg@@QAEXPAUHKEY__@@PB_WHP6GXPAX@Z2@Z
?StartMovie@CNsImage@@QAEXH@Z
?StartThread@CNsThread@@QAEPAXP6GIPAX@Z0H@Z
?StartTimer@CNsThread@@QAEXHP6GXPAX@ZH0@Z
?StartUpdate@CNsUpdate@@QAEXPB_WP6GXHHH@ZP6GXH0_J2N@Z@Z
?Stop@CNsInstaller@@QAEXXZ
?Stop@CNsNet@@QAEXXZ
?Stop@CNsThread@@QAEXXZ
?StopMP3@@YAXPB_W@Z
?StopMonitor@@YAXXZ
?StopMonitor@CNsReg@@QAEXXZ
?StopMovie@CNsImage@@QAEXH@Z
?StopTask@CNsDownload@@QAEXPB_WH@Z
?StopUpdate@CNsUpdate@@QAEXXZ
?StrToIntSize@@YA_JPB_W@Z
?TimerThread@CNsThread@@CGIPAX@Z
?ToAsc@@YAXPADH@Z
?ToHex@@YAXPADH@Z
?URLEncode@@YAHPA_W@Z
?UnLoadDrv@@YAHPB_W@Z
?UninitZlib@CNsZlib@@QAEXXZ
?Unlock@CLock@@QAEXXZ
?UnlockRead@CLock@@QAEXXZ
?UpdateNotify@CNsInstaller@@CGXHHH@Z
?UpdateThread@CNsUpdate@@CGIPAX@Z
?VerifyFile@CNsUpdate@@QAEHPB_W0H@Z
?VerifySignature@@YAHPB_W@Z
?WaitInstall@CNsInstaller@@AAEXXZ
?WaitUpdate@CNsInstaller@@QAEXXZ
?WriteLog2@CNsLog@@QAAXPB_WZZ
?WriteLog3@CNsLog@@QAAXPB_WZZ
?WriteLog@@YAXPB_W@Z
?WriteLog@CNsLog@@QAEXPB_W@Z
?WriteReg@CNsInstaller@@QAEHPAUtagSetupInfo@@@Z
?WriteShareMem2@@YAHPB_WPAXHH@Z
?WriteShareMem@@YAHPB_W0H@Z
?WriteSkin@CNsSkin@@AAEXPAU_iobuf@@AAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?Zoom@CNsImage@@QAE_NPB_WMHH00@Z
?_ins@?1??Instance@CNsZlib@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsDownload@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsLog@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsNet@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsProcess@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsReg@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsUpdate@@SAAAV2@XZ@4V2@A
?_obj@?1??Instance@CNsXml@@SAAAV2@XZ@4V2@A
?gb2big@@YAXPADH@Z
?isCancel@CNsUpdate@@QAEHXZ
?isConnected@@YAHPB_W@Z
?isConnected@CNsNet@@QAEHPB_W@Z
?isDigital@@YAHPBD@Z
?isDir@@YAHPB_W@Z
?isEnableUAC@@YAHXZ
?isEnglish@@YAHXZ
?isError@CNsUpdate@@QAEHXZ
?isExistsMovie@CNsImage@@AAE_NH@Z
?isExistsShareMem@@YAHPB_W@Z
?isGzip@CNsDownload@@AAEHPAX@Z
?isGzip@CNsNet@@QAEHPAX@Z
?isHZ@@YAHPBD@Z
?isLicense@CNsInstaller@@QAE_NXZ
?isLog@CNsLog@@AAE_NXZ
?isNotebook@@YAHXZ
?isRestart@CNsUpdate@@QAEHXZ
?isSimplified@@YAHXZ
?isStop@CNsDownload@@QAEHPB_W@Z
?isStop@CNsImage@@QAE_NH@Z
?isSupportYaHei@CNsFont@@QAEHXZ
?isTraditional@@YAHXZ
?isWin7@@YAHXZ
?isWin8@@YAHXZ
?isWow64@@YAHXZ
?m_bUpdated@CNsInstaller@@0_NA
Sections
.text Size: 272KB - Virtual size: 271KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 60KB - Virtual size: 59KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 193KB - Virtual size: 193KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ