123bb10f1b9392e5d0c1816dbe29c8f0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

123bb10f1b9392e5d0c1816dbe29c8f0_JaffaCakes118
Size

989KB
MD5

123bb10f1b9392e5d0c1816dbe29c8f0
SHA1

fc5c5e1ebf302dec2c9337b550e884cca479a1d3
SHA256

255ba55168751d2b17f2bfa7a8b27ef0f43d3018fbc1fb207b7a5ff4c3825daf
SHA512

eeb2560d92ebceb94a6921edacd482b4ab33d52dede2e3ca323ed5db90a00b1a5566ef38479acf62fdfc8f8669067d9d84d815a663abe3fbf6bfd93c2eebdd81
SSDEEP

24576:99f9D/PUbP3smQDKX4Akvy/KqlfAeg+caRZgqw:zfh/rTDKX4tyyqWeDcaRZe

Score

3^/10

Malware Config

Signatures

Unsigned PE 12 IoCs

Checks for missing Authenticode signature.

resource
123bb10f1b9392e5d0c1816dbe29c8f0_JaffaCakes118
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/HTMLParse.dll
unpack001/RecoverSetup.exe
unpack001/SCommCtl.dll
unpack001/SDbAPI.dll
unpack001/SDocCatch.dll
unpack001/SDocDB.dll
unpack001/SDocDrag.exe
unpack001/Uninstall.exe
unpack001/hha.dll
unpack001/hhc.exe

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
static1/unpack001/Uninstall.exe	nsis_installer_1

Files

123bb10f1b9392e5d0c1816dbe29c8f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dae718ca7c0da2949ad685c2d593ec7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_AddMasked
ord17
ImageList_Destroy
ImageList_Create

kernel32

FindNextFileA
DeleteFileA
FindFirstFileA
CloseHandle
SetFileTime
GetFileAttributesA
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
lstrcatA
SetCurrentDirectoryA
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
CopyFileA
ExitProcess
lstrcpynA
GetCommandLineA
lstrcmpiA
GetTempPathA
GetUserDefaultLangID
GetDiskFreeSpaceA
GetVersion
GlobalUnlock
GlobalLock
GlobalAlloc
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcpyA
lstrlenA
GetSystemDirectoryA
MulDiv
FindClose
SetFilePointer
ReadFile
WriteFile
GetPrivateProfileStringA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
WritePrivateProfileStringA
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
GetCurrentProcess
GetWindowsDirectoryA

user32

CharNextA
DialogBoxParamA
GetClassInfoA
CreateWindowExA
SystemParametersInfoA
RegisterClassA
EndDialog
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
LoadCursorA
SetCursor
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
PeekMessageA
DispatchMessageA
PostQuitMessage
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ExitWindowsEx

gdi32

GetDeviceCaps
CreateFontIndirectA
DeleteObject
CreateBrushIndirect
CreateFontA
SetBkMode
SetTextColor
SetBkColor
SelectObject

advapi32

RegEnumValueA
RegEnumKeyA
RegQueryValueExA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyA
RegCloseKey

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHFileOperationA

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

3764e6c387ce3c76b39936a24d523dce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileIntA
MultiByteToWideChar
GetPrivateProfileStringA
MulDiv
lstrcmpiA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GetModuleHandleA
GlobalAlloc

user32

PtInRect
MapWindowPoints
GetDlgCtrlID
LoadIconA
LoadImageA
LoadCursorA
CreateWindowExA
GetDC
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
EnableWindow
SendMessageA
SetWindowTextA
GetWindowTextA
wsprintfA
CharNextA
SetWindowLongA

gdi32

SetTextColor
CreateCompatibleDC
SelectObject
GetTextMetricsA
GetTextExtentPoint32A
DeleteDC
DeleteObject

comdlg32

GetOpenFileNameA
CommDlgExtendedError
GetSaveFileNameA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
DataBase/info.dbx
DocDrag.chm
.chm
HTMLParse.dll
.dll windows:4 windows x86 arch:x86

a2497f92655d680cfc48e86ba47e1926

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

sdocdb

GetDocFileSavePath
CreateMultiLayerPath
GetDocNewID
NewDocSaveInDB
CloseSDocDbConn

shlwapi

PathFileExistsA

scommctl

?LoadBitmaps@CBMButton@@QAE_NIHHHHH@Z
?SetStep@CGradientProgressCtrl@@QAEHH@Z
?SetPos@CGradientProgressCtrl@@QAEHH@Z
?SetRange@CGradientProgressCtrl@@QAEXHH@Z
??1CGradientProgressCtrl@@UAE@XZ
??0CBMButton@@QAE@XZ
?StepIt@CGradientProgressCtrl@@QAEHXZ
??1CBMButton@@UAE@XZ
??0CGradientProgressCtrl@@QAE@XZ

wininet

GetUrlCacheEntryInfoA

mfc42

ord6199
ord1175
ord5829
ord3663
ord2642
ord6194
ord5736
ord641
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4425
ord3597
ord326
ord825
ord4234
ord3571
ord3626
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord6172
ord5873
ord5789
ord5794
ord5678
ord5186
ord5579
ord5571
ord6061
ord5864
ord3596
ord640
ord2414
ord283
ord5785
ord1641
ord823
ord1640
ord323
ord537
ord536
ord2086
ord4123
ord3744
ord2302
ord4047
ord800
ord2764
ord4160
ord540
ord1168
ord1253
ord342
ord1182
ord924
ord354
ord3726
ord819
ord568
ord541
ord801
ord4278
ord6663
ord922
ord6876
ord4129
ord6283
ord6282
ord6877
ord941
ord858
ord926
ord6883
ord861
ord860
ord6143
ord535
ord5710
ord5683
ord5863
ord6145
ord2864
ord6215
ord939
ord4202
ord2818
ord665
ord1979
ord5572
ord6385
ord2915

msvcrt

_adjust_fdiv
_initterm
__CxxFrameHandler
_mbscmp
_mbsicmp
atoi
_mbsnbcpy
free
malloc
_mbsnbcmp
_except_handler3
?terminate@@YAXXZ

kernel32

lstrlenA
GetLastError
CopyFileA

user32

SetActiveWindow
FillRect
GetSysColor
GetForegroundWindow
TabbedTextOutA
SetForegroundWindow
GrayStringA
DrawTextA
MessageBoxA
PeekMessageA
DispatchMessageA
TranslateMessage
EnableWindow
SendMessageA

gdi32

PtVisible
Escape
ExtTextOutA
TextOutA
RectVisible
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap

shell32

SHFileOperationA

oleaut32

SysFreeString
VariantClear
VariantChangeType

urlmon

URLDownloadToCacheFileA

Exports

Exports

??0CDialogXP@@QAE@IPAVCWnd@@@Z
??0CDialogXP@@QAE@PAVCWnd@@@Z
??0CDlgDownProcess@@QAE@I@Z
??0CMemDC1@@QAE@PAVCDC@@@Z
??0CMemDC@@QAE@PAVCDC@@ABVCRect@@@Z
??0CParseHtml@@QAE@XZ
??1CDialogXP@@UAE@XZ
??1CDlgDownProcess@@UAE@XZ
??1CMemDC1@@UAE@XZ
??1CMemDC@@UAE@XZ
??1CParseHtml@@UAE@XZ
??BCMemDC1@@QAEPAV0@XZ
??CCMemDC1@@QAEPAV0@XZ
??CCMemDC@@QAEPAV0@XZ
??_7CDialogXP@@6B@
??_7CDlgDownProcess@@6B@
??_7CMemDC1@@6B@
??_7CMemDC@@6B@
??_7CParseHtml@@6B@
??_FCDialogXP@@QAEXXZ
??_FCDlgDownProcess@@QAEXXZ
?AddBkGroundToDown@CParseHtml@@QAEHPAUIDispatch@@@Z
?AddDocDragInfo@CParseHtml@@QAEXXZ
?BuildSelectedHtml@CParseHtml@@QAEHPAUIDispatch@@@Z
?ChangeDocHtmlAndSave@CParseHtml@@QAEHXZ
?CheckCancelButton@CDlgDownProcess@@QAEHXZ
?Create@CDlgDownProcess@@QAEHPAVCWnd@@@Z
?CreateDocImgSavePath@CParseHtml@@QAEHXZ
?DestroyWindow@CDlgDownProcess@@UAEHXZ
?DoDataExchange@CDlgDownProcess@@MAEXPAVCDataExchange@@@Z
?DownFlashFile@CParseHtml@@QAEHVCString@@@Z
?DownLoadAllImages@CParseHtml@@QAEHXZ
?DownLoadImage@CParseHtml@@QAEHVCString@@@Z
?DownSelectImages@CParseHtml@@QAEHXZ
?FreeAll@CParseHtml@@QAEHXZ
?GetAllFlashFiles@CParseHtml@@QAEHPAUIDispatch@@PAVCStringArray@@@Z
?GetAllMediaPalyerFiles@CParseHtml@@QAEHPAUIDispatch@@PAVCStringArray@@@Z
?GetAllRealPalyerFiles@CParseHtml@@QAEHPAUIDispatch@@PAVCStringArray@@@Z
?GetBackColor@CBMButton@@QAEKXZ
?GetBkColor@CGradientProgressCtrl@@QAEKXZ
?GetCacheUrlFileName@CParseHtml@@QAEPBDPBD@Z
?GetEndColor@CGradientProgressCtrl@@QAEKXZ
?GetFullURL@CParseHtml@@QAEHPBDAAVCString@@@Z
?GetFullURLFile@CParseHtml@@QAEHPBD0AAVCString@@@Z
?GetMessageMap@CDialogXP@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CDlgDownProcess@@MBEPBUAFX_MSGMAP@@XZ
?GetObjectTagFiles@CParseHtml@@QAEHPAUIDispatch@@PAVCStringArray@@PBD2@Z
?GetOriginDocHtml@CParseHtml@@QAEHPAUIDispatch@@@Z
?GetStartColor@CGradientProgressCtrl@@QAEKXZ
?GetTextAutoFont@CBMButton@@QAEPAVCAutoFont@@XZ
?GetTextColor@CGradientProgressCtrl@@QAEKXZ
?GetTextFont@CBMButton@@QAEPAVCFont@@XZ
?GetUrlFileName@CParseHtml@@QAEHAAVCString@@@Z
?InitAll@CParseHtml@@QAEHPAUIDispatch@@@Z
?InitGetNewID@CParseHtml@@QAEHXZ
?IsFailedDownFlash@CParseHtml@@QAEHH@Z
?IsFailedDownImage@CParseHtml@@QAEHH@Z
?IsFailedDownScript@CParseHtml@@QAEHH@Z
?OffsetPos@CDlgDownProcess@@QAEHH@Z
?OnCancel@CDlgDownProcess@@MAEXXZ
?OnInitDialog@CDlgDownProcess@@MAEHXZ
?OnOK@CDlgDownProcess@@MAEXXZ
?OnProcessStepIt@CDlgDownProcess@@IAEJJI@Z
?ParseHTMLExtern@CParseHtml@@QAEHPAUIDispatch@@@Z
?PreTranslateMessage@CDlgDownProcess@@UAEHPAUtagMSG@@@Z
?PumpMessages@CDlgDownProcess@@IAEXXZ
?ReEnableParent@CDlgDownProcess@@IAEXXZ
?ReNameImageFile@CParseHtml@@QAEHXZ
?ReplaceAnchorHtmlSrc@CParseHtml@@QAEHAAVCString@@00@Z
?ReplaceFormHtmlSrc@CParseHtml@@QAEHAAVCString@@00@Z
?ReplaceImageHtmlScript@CParseHtml@@QAEHAAVCString@@00@Z
?ReplaceImageHtmlSrc@CParseHtml@@QAEHAAVCString@@00@Z
?SaveRecordDB@CParseHtml@@QAEHXZ
?SetBackColor@CBMButton@@QAEXK@Z
?SetBkColor@CGradientProgressCtrl@@QAEXK@Z
?SetEndColor@CGradientProgressCtrl@@QAEXK@Z
?SetPos@CDlgDownProcess@@QAEHH@Z
?SetRange@CDlgDownProcess@@QAEXHH@Z
?SetStartColor@CGradientProgressCtrl@@QAEXK@Z
?SetStep@CDlgDownProcess@@QAEHH@Z
?SetTextColor@CGradientProgressCtrl@@QAEXK@Z
?ShowMessageBox@CParseHtml@@QAEHIII@Z
?ShowMessageBox@CParseHtml@@QAEHPBDII@Z
?ShowPercent@CGradientProgressCtrl@@QAEXH@Z
?StepIt@CDlgDownProcess@@QAEHXZ
?UpdatePercent@CDlgDownProcess@@IAEXH@Z
?_GetBaseMessageMap@CDialogXP@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CDlgDownProcess@@KGPBUAFX_MSGMAP@@XZ
?_messageEntries@CDialogXP@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CDlgDownProcess@@0QBUAFX_MSGMAP_ENTRY@@B
?messageMap@CDialogXP@@1UAFX_MSGMAP@@B
?messageMap@CDlgDownProcess@@1UAFX_MSGMAP@@B

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RecoverSetup.exe
.exe windows:4 windows x86 arch:x86

d67f6abfdce868896079f661d1c8182d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsA

mfc42

ord4465
ord3136
ord3259
ord3147
ord3262
ord3081
ord2976
ord3830
ord3831
ord2985
ord3825
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord540
ord800
ord5710
ord3079
ord860
ord941
ord924
ord537
ord535
ord801
ord6883
ord940
ord6143
ord541
ord1175
ord668
ord1980
ord4058
ord3181
ord2781
ord2770
ord356
ord617
ord641
ord2514
ord5214
ord858
ord2621
ord1134
ord1200
ord1205
ord5714
ord2982
ord4853
ord4998
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord5199
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord2302
ord1146
ord1168
ord4160
ord2863
ord4710
ord2379
ord755
ord470
ord4224
ord823
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4673
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5265
ord4376
ord296
ord3749
ord1576

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_onexit
_exit
_setmbcp
_controlfp
__dllonexit
_XcptFilter
_splitpath
_mbscmp
_mbsicmp
exit
__CxxFrameHandler

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
MultiByteToWideChar
SetFileAttributesA
CreateDirectoryA
FindClose
FindFirstFileA
DeleteFileA
GetModuleHandleA
GetStartupInfoA
GetModuleFileNameA

user32

GetSystemMetrics
SendMessageA
GetClientRect
EnableWindow
IsIconic
AppendMenuA
DrawIcon
GetSystemMenu
LoadIconA

advapi32

RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegEnumKeyA
RegDeleteKeyA
RegQueryInfoKeyA
RegDeleteValueA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHFileOperationA

ole32

CoCreateInstance

scommctl

??1CBMButton@@UAE@XZ
?messageMap@CDialogXP@@1UAFX_MSGMAP@@B
??0CDialogXP@@QAE@IPAVCWnd@@@Z
??1CDialogXP@@UAE@XZ
??0CBMButton@@QAE@XZ
?LoadBitmaps@CBMButton@@QAE_NIHHHHH@Z

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SCommCtl.dll
.dll windows:4 windows x86 arch:x86

b004dcce3a63aaf7a24a68f66d8e1710

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord3136
ord3081
ord2976
ord3395
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3730
ord554
ord807
ord384
ord686
ord1099
ord860
ord1574
ord772
ord3701
ord500
ord1862
ord4220
ord2584
ord3654
ord2438
ord823
ord6142
ord4083
ord2863
ord5606
ord2859
ord3571
ord3573
ord3693
ord5875
ord2763
ord5683
ord2567
ord5788
ord2614
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord6172
ord5873
ord5789
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord640
ord6194
ord1640
ord323
ord5785
ord2405
ord2864
ord1175
ord2096
ord2408
ord5860
ord3986
ord539
ord2920
ord2012
ord3289
ord2120
ord4163
ord1644
ord1146
ord5572
ord2919
ord940
ord3749
ord4133
ord4297
ord1621
ord4202
ord5163
ord6376
ord2452
ord2753
ord1195
ord3262
ord2985
ord5883
ord1073
ord5440
ord6383
ord5450
ord6394
ord4400
ord5241
ord6374
ord5290
ord5065
ord5261
ord2446
ord3630
ord567
ord682
ord4275
ord3706
ord5786
ord2754
ord1126
ord3619
ord470
ord6880
ord2379
ord6197
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord1775
ord5280
ord4425
ord3597
ord326
ord4234
ord3698
ord765
ord3797
ord1168
ord1253
ord342
ord1182
ord6007
ord3301
ord3286
ord3370
ord2582
ord4402
ord3640
ord693
ord4243
ord6403
ord6696
ord1140
ord3522
ord6453
ord3092
ord283
ord4396
ord3574
ord609
ord3874
ord2575
ord3402
ord556
ord809
ord6358
ord1088
ord2122
ord540
ord2818
ord941
ord939
ord537
ord535
ord3663
ord2414
ord3626
ord800
ord825
ord1641
ord2055
ord2648
ord4441
ord4837
ord3798
ord5279
ord4353
ord6369
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2444
ord5248
ord1727
ord5064
ord472
ord6146
ord4407
ord2385
ord5234
ord6055
ord1776
ord4078
ord5086
ord1715
ord1710
ord5471
ord2389
ord4121
ord2530
ord4056
ord4366
ord361
ord6154
ord3295
ord641
ord2516
ord3019
ord858
ord2764
ord4129
ord5856
ord4277
ord536
ord5787
ord755

msvcrt

atoi
atol
__CxxFrameHandler
malloc
wcscpy
free
_ftol
wcscmp
wcslen
_mbscmp
_mbsicmp
memmove
_except_handler3
?terminate@@YAXXZ
rand
_onexit
_initterm
__dllonexit
_adjust_fdiv

kernel32

CreateFileA
WriteFile
CloseHandle
lstrcmpiA
FindResourceA
LoadResource
LockResource
GetCPInfo
lstrlenW
lstrlenA
GetVersion
GetVersionExA

user32

GetSysColorBrush
GetMenuStringA
CreateMenu
LoadBitmapA
RemoveMenu
CreatePopupMenu
GetMenuState
ModifyMenuA
GetMenuItemCount
InsertMenuA
AppendMenuA
GetMenuItemID
GetDC
DrawTextA
ReleaseDC
DrawIconEx
DestroyIcon
SystemParametersInfoA
GetSysColor
CopyRect
FillRect
DrawEdge
SetRect
GetMenuItemInfoA
DeleteMenu
TabbedTextOutA
GetCapture
ReleaseCapture
ClientToScreen
UpdateWindow
GetCursorPos
WindowFromPoint
GetWindowRect
GetWindowLongA
GetParent
InvalidateRect
InflateRect
GetClientRect
GetSubMenu
SendMessageA
EnableWindow
GetSystemMetrics
GrayStringA
GetDesktopWindow

gdi32

CreateFontIndirectA
GetDeviceCaps
GetBkMode
SetTextColor
CreateSolidBrush
CreateCompatibleDC
CreatePen
CreateCompatibleBitmap
GetTextExtentPoint32W
BitBlt
Ellipse
DeleteDC
GetTextExtentPoint32A
SelectObject
CreateDIBSection
DeleteObject
GetPixel
PtVisible
SetPixel
PatBlt
TextOutA
RectVisible
Escape
Rectangle
ExtTextOutA
CreateRectRgnIndirect
StretchDIBits
StretchBlt
CreateBitmap
SetDIBitsToDevice
SetStretchBltMode
GetObjectA
GetTextMetricsA
GetStockObject
CreateHatchBrush

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

comctl32

ImageList_GetImageCount
ImageList_Draw
ImageList_GetIcon
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_GetIconSize
_TrackMouseEvent

Exports

Exports

??0BCMenu@@QAE@XZ
??0BCMenuData@@QAE@XZ
??0BCMenuToolBar@@QAE@XZ
??0CAutoFont@@QAE@AAUtagLOGFONTA@@@Z
??0CAutoFont@@QAE@VCFont@@@Z
??0CAutoFont@@QAE@VCString@@@Z
??0CAutoFont@@QAE@XZ
??0CBMButton@@QAE@XZ
??0CCJFlatHeaderCtrl@@QAE@XZ
??0CDialogXP@@QAE@IPAVCWnd@@@Z
??0CDialogXP@@QAE@PAVCWnd@@@Z
??0CGradientProgressCtrl@@QAE@XZ
??0CMemDC1@@QAE@PAVCDC@@@Z
??0CMemDC@@QAE@PAVCDC@@ABVCRect@@@Z
??0CSDib@@QAE@XZ
??0CSShadeButton@@QAE@XZ
??0CSortClass@@QAE@ABV0@@Z
??0CSortClass@@QAE@PAVCListCtrl@@HH@Z
??0CSortListCtrl@@QAE@XZ
??1BCMenu@@UAE@XZ
??1BCMenuData@@QAE@XZ
??1BCMenuToolBar@@UAE@XZ
??1CAutoFont@@UAE@XZ
??1CBMButton@@UAE@XZ
??1CCJFlatHeaderCtrl@@UAE@XZ
??1CDialogXP@@UAE@XZ
??1CGradientProgressCtrl@@UAE@XZ
??1CMemDC1@@UAE@XZ
??1CMemDC@@UAE@XZ
??1CSDib@@QAE@XZ
??1CSShadeButton@@UAE@XZ
??1CSortClass@@UAE@XZ
??1CSortListCtrl@@UAE@XZ
??4BCMenuData@@QAEAAV0@ABV0@@Z
??4CSDib@@QAEAAV0@ABV0@@Z
??4CSortClass@@QAEAAV0@ABV0@@Z
??BCMemDC1@@QAEPAV0@XZ
??CCMemDC1@@QAEPAV0@XZ
??CCMemDC@@QAEPAV0@XZ
??_7BCMenu@@6B@
??_7BCMenuToolBar@@6B@
??_7CAutoFont@@6B@
??_7CBMButton@@6B@
??_7CCJFlatHeaderCtrl@@6B@
??_7CDialogXP@@6B@
??_7CGradientProgressCtrl@@6B@
??_7CMemDC1@@6B@
??_7CMemDC@@6B@
??_7CSShadeButton@@6B@
??_7CSortClass@@6B@
??_7CSortListCtrl@@6B@
??_FCDialogXP@@QAEXXZ
?AddBitmapToImageList@BCMenu@@QAEHPAVCImageList@@I@Z
?AddFromToolBar@BCMenu@@QAEXPAVCToolBar@@H@Z
?AddToGlobalImageList@BCMenu@@IAEHPAVCImageList@@HH@Z
?AppendMenuA@BCMenu@@QAEHIIPBDH@Z
?AppendMenuA@BCMenu@@QAEHIIPBDPAVCBitmap@@@Z
?AppendMenuA@BCMenu@@QAEHIIPBDPAVCImageList@@H@Z
?AppendMenuW@BCMenu@@QAEHIIPAGH@Z
?AppendMenuW@BCMenu@@QAEHIIPAGPAVCBitmap@@@Z
?AppendMenuW@BCMenu@@QAEHIIPAGPAVCImageList@@H@Z
?AppendODMenuA@BCMenu@@QAEHPBDIIH@Z
?AppendODMenuA@BCMenu@@QAEHPBDIIPAVCImageList@@H@Z
?AppendODMenuW@BCMenu@@QAEHPAGIIH@Z
?AppendODMenuW@BCMenu@@QAEHPAGIIPAVCImageList@@H@Z
?AppendODPopupMenuA@BCMenu@@QAEPAV1@PBD@Z
?AppendODPopupMenuW@BCMenu@@QAEPAV1@PAG@Z
?AutoSaveColumns@CSortListCtrl@@UAEXPBD00@Z
?AutoSizeColumn@CSortListCtrl@@UAEXH@Z
?BlendPalette@CSDib@@QAEXKJ@Z
?CanDraw3DImageList@BCMenu@@IAEHH@Z
?Clear@CSDib@@QAEXE@Z
?Clone@CSDib@@QAEXPAV1@@Z
?ColorBitmap@BCMenu@@IAEXPAVCDC@@AAVCBitmap@@VCSize@@2KKH@Z
?CompareAsc@CSortClass@@SGHJJJ@Z
?CompareAscI@CSortClass@@SGHJJJ@Z
?CompareDes@CSortClass@@SGHJJJ@Z
?CompareDesI@CSortClass@@SGHJJJ@Z
?ContractFont@CAutoFont@@QAE?AVCString@@XZ
?Create@CSDib@@QAEPAXKKG@Z
?DarkenColor@BCMenu@@SAKKN@Z
?DeleteMenu@BCMenu@@QAEHII@Z
?DeleteMenu@BCMenu@@QAEHPADW4BC_Seperator@@@Z
?DeleteMenu@BCMenu@@QAEHPAGW4BC_Seperator@@@Z
?DeleteMenuList@BCMenu@@IAEXXZ
?DestroyMenu@BCMenu@@UAEHXZ
?DitherBlt2@BCMenu@@IAEXPAVCDC@@HHHHAAVCBitmap@@HHK@Z
?DitherBlt@BCMenu@@IAEXPAUHDC__@@HHHHPAUHBITMAP__@@HHK@Z
?Draw3DCheckmark@BCMenu@@IAEHPAVCDC@@ABVCRect@@HPAUHBITMAP__@@@Z
?Draw@CSDib@@QAEJPAUHDC__@@JJ@Z
?DrawBitmap@CBMButton@@IAEXPAVCDC@@H@Z
?DrawCheckMark@BCMenu@@IAEXPAVCDC@@HHK@Z
?DrawFlatBorder@CCJFlatHeaderCtrl@@MAEXPAVCDC@@@Z
?DrawGradient@CGradientProgressCtrl@@IAEXPAVCPaintDC@@ABUtagRECT@@ABH2@Z
?DrawItem@BCMenu@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CBMButton@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CCJFlatHeaderCtrl@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CSShadeButton@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem_Win9xNT2000@BCMenu@@IAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem_WinXP@BCMenu@@IAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawRadioDot@BCMenu@@IAEXPAVCDC@@HHK@Z
?DrawXPCheckmark@BCMenu@@IAEHPAVCDC@@ABVCRect@@PAUHBITMAP__@@AAK@Z
?ExtractFont@CAutoFont@@QAEXAAVCString@@@Z
?FindAnotherMenuOption@BCMenu@@IAEPAV1@HAAHAAV?$CArray@PAVBCMenu@@PAV1@@@AAV?$CArray@HAAH@@@Z
?FindKeyboardShortcut@BCMenu@@SAJIIPAVCMenu@@@Z
?FindMenuItem@BCMenu@@IAEPAVBCMenuData@@I@Z
?FindMenuList@BCMenu@@IAEPAVBCMenuData@@I@Z
?FindMenuOption@BCMenu@@IAEPAV1@HAAH@Z
?FindMenuOption@BCMenu@@IAEPAVBCMenuData@@PAG@Z
?GetBackColor@CBMButton@@QAEKXZ
?GetBitCount@CSDib@@QAEGXZ
?GetBitmapFromImageList@BCMenu@@IAEHPAVCDC@@PAVCImageList@@HAAVCBitmap@@@Z
?GetBits@CSDib@@QAEPAEXZ
?GetBkColor@CGradientProgressCtrl@@QAEKXZ
?GetBold@CAutoFont@@QAEHXZ
?GetCharset@CAutoFont@@QAEEXZ
?GetClipPrecision@CAutoFont@@QAEEXZ
?GetColumnCount@CSortListCtrl@@QBEHXZ
?GetDisableOldStyle@BCMenu@@QAEHXZ
?GetEndColor@CGradientProgressCtrl@@QAEKXZ
?GetEscapement@CAutoFont@@QAEJXZ
?GetFaceName@CAutoFont@@QAEPBDXZ
?GetFadedBitmap@BCMenu@@IAEXAAVCBitmap@@@Z
?GetFontColor@CAutoFont@@QAEKXZ
?GetFontFromDialog@CAutoFont@@QAEXPAVCFont@@PAKPAVCDC@@PAVCWnd@@@Z
?GetHeight@CAutoFont@@QAEJXZ
?GetHeight@CSDib@@QAEKXZ
?GetIconSize@BCMenuToolBar@@QAEXAAH0@Z
?GetItalic@CAutoFont@@QAEHXZ
?GetItemSortState@CSortListCtrl@@QAEHH@Z
?GetLineWidth@CSDib@@QAEKXZ
?GetMenuDrawMode@BCMenu@@SAHXZ
?GetMenuPosition@BCMenu@@QAEHPAD@Z
?GetMenuPosition@BCMenu@@QAEHPAG@Z
?GetMenuStart@BCMenu@@IAEHXZ
?GetMenuText@BCMenu@@QAEHIAAVCString@@I@Z
?GetMessageMap@CBMButton@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CCJFlatHeaderCtrl@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CDialogXP@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CGradientProgressCtrl@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CSShadeButton@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CSortListCtrl@@MBEPBUAFX_MSGMAP@@XZ
?GetNearestIndex@CSDib@@QAEEUtagRGBQUAD@@@Z
?GetNumColors@CSDib@@QAEGXZ
?GetOrientation@CAutoFont@@QAEJXZ
?GetOutPrecision@CAutoFont@@QAEEXZ
?GetPaletteIndex@CSDib@@QAE?AUtagRGBQUAD@@E@Z
?GetPaletteSize@CSDib@@QAEGXZ
?GetPitchAndFamily@CAutoFont@@QAEEXZ
?GetPixelColor@CSDib@@QAE?AUtagRGBQUAD@@JJ@Z
?GetPixelIndex@CSDib@@QAEEJJ@Z
?GetQuality@CAutoFont@@QAEEXZ
?GetRuntimeClass@BCMenu@@UBEPAUCRuntimeClass@@XZ
?GetSelectDisableMode@BCMenu@@SAHXZ
?GetShadowBitmap@BCMenu@@IAEXAAVCBitmap@@@Z
?GetSize@CSDib@@QAEJXZ
?GetStartColor@CGradientProgressCtrl@@QAEKXZ
?GetStoredWidth@CSortListCtrl@@UAEHH@Z
?GetStrikeOut@CAutoFont@@QAEHXZ
?GetString@BCMenuData@@QAE?AVCString@@XZ
?GetSubBCMenu@BCMenu@@QAEPAV1@PAD@Z
?GetSubBCMenu@BCMenu@@QAEPAV1@PAG@Z
?GetSubMenu@BCMenu@@QAEPAVCMenu@@H@Z
?GetSubMenu@BCMenu@@QAEPAVCMenu@@PBD@Z
?GetTextAutoFont@CBMButton@@QAEPAVCAutoFont@@XZ
?GetTextColor@CGradientProgressCtrl@@QAEKXZ
?GetTextFont@CBMButton@@QAEPAVCFont@@XZ
?GetToken@CAutoFont@@AAE?AVCString@@AAV2@PBD@Z
?GetUnderline@CAutoFont@@QAEHXZ
?GetWeight@CAutoFont@@QAEJXZ
?GetWideString@BCMenuData@@QAEPBGXZ
?GetWidth@CAutoFont@@QAEJXZ
?GetWidth@CSDib@@QAEKXZ
?GetXPBitmap3D@BCMenu@@SAHXZ
?GlobalImageListOffset@BCMenu@@IAEHH@Z
?HSLtoRGB@CSDib@@QAE?AUtagRGBQUAD@@K@Z
?HSLtoRGB@CSDib@@QAE?AUtagRGBQUAD@@U2@@Z
?HueToRGB@CSDib@@IAEGGGG@Z
?ImageListDuplicate@BCMenu@@IAEHPAVCImageList@@H0@Z
?InitBitmap@CBMButton@@IAE_NAAVCBitmap@@0HH@Z
?InitializeHeader@CCJFlatHeaderCtrl@@UAEX_N@Z
?InitializeMenuList@BCMenu@@IAEXH@Z
?InsertMenuA@BCMenu@@QAEHIIIPBDH@Z
?InsertMenuA@BCMenu@@QAEHIIIPBDPAVCBitmap@@@Z
?InsertMenuA@BCMenu@@QAEHIIIPBDPAVCImageList@@H@Z
?InsertMenuW@BCMenu@@QAEHIIIPAGH@Z
?InsertMenuW@BCMenu@@QAEHIIIPAGPAVCBitmap@@@Z
?InsertMenuW@BCMenu@@QAEHIIIPAGPAVCImageList@@H@Z
?InsertODMenuA@BCMenu@@QAEHIPBDIIH@Z
?InsertODMenuA@BCMenu@@QAEHIPBDIIPAVCImageList@@H@Z
?InsertODMenuW@BCMenu@@QAEHIPAGIIH@Z
?InsertODMenuW@BCMenu@@QAEHIPAGIIPAVCImageList@@H@Z
?InsertSpaces@BCMenu@@IAEXXZ
?IsColumnNumeric@CSortListCtrl@@QAEHH@Z
?IsLunaMenuStyle@BCMenu@@KAHXZ
?IsMenu@BCMenu@@SAHPAUHMENU__@@@Z
?IsMenu@BCMenu@@SAHPAVCMenu@@@Z
?IsNewShell@BCMenu@@KAHXZ
?IsValid@CSDib@@QAEHXZ
?IsWin30Dib@CSDib@@IAE_NXZ
?IsWinXPLuna@BCMenu@@KAHXZ
?IsWindowsClassicTheme@BCMenu@@KAHXZ
?LightenColor@BCMenu@@SAKKN@Z
?LoadBitmapA@BCMenuToolBar@@QAEHPBD@Z
?LoadBitmaps@CBMButton@@QAE_NIHHHHH@Z
?LoadCheckmarkBitmap@BCMenu@@QAEXHH@Z
?LoadColumnWidths@CSortListCtrl@@UAEXXZ
?LoadFromToolBar@BCMenu@@QAEHIIAAH@Z
?LoadMenuA@BCMenu@@UAEHH@Z
?LoadMenuA@BCMenu@@UAEHPBD@Z
?LoadSysColorBitmap@BCMenu@@SAPAUHBITMAP__@@H@Z
?LoadToolBar@BCMenuToolBar@@QAEHI@Z
?LoadToolBar@BCMenuToolBar@@QAEHPBD@Z
?LoadToolbar@BCMenu@@QAEHI@Z
?LoadToolbars@BCMenu@@QAEHPBIH@Z
?MeasureItem@BCMenu@@UAEXPAUtagMEASUREITEMSTRUCT@@@Z
?ModifyODMenuA@BCMenu@@QAEHPBD0H@Z
?ModifyODMenuA@BCMenu@@QAEHPBDIH@Z
?ModifyODMenuA@BCMenu@@QAEHPBDIKKHPAVCSize@@@Z
?ModifyODMenuA@BCMenu@@QAEHPBDIPAVCBitmap@@@Z
?ModifyODMenuA@BCMenu@@QAEHPBDIPAVCImageList@@H@Z
?ModifyODMenuW@BCMenu@@QAEHPAG0H@Z
?ModifyODMenuW@BCMenu@@QAEHPAGIH@Z
?ModifyODMenuW@BCMenu@@QAEHPAGIKKHPAVCSize@@@Z
?ModifyODMenuW@BCMenu@@QAEHPAGIPAVCBitmap@@@Z
?ModifyODMenuW@BCMenu@@QAEHPAGIPAVCImageList@@H@Z
?NewODMenu@BCMenu@@IAEPAVBCMenuData@@IIIVCString@@@Z
?NumBitmapColors@BCMenu@@KAGPAUtagBITMAPINFOHEADER@@@Z
?OnClicked@CSShadeButton@@IAEHXZ
?OnCreate@CCJFlatHeaderCtrl@@IAEHPAUtagCREATESTRUCTA@@@Z
?OnDestroy@CSortListCtrl@@IAEXXZ
?OnEraseBkgnd@CBMButton@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CCJFlatHeaderCtrl@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CGradientProgressCtrl@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CSShadeButton@@IAEHPAVCDC@@@Z
?OnHeaderClicked@CSortListCtrl@@IAEXPAUtagNMHDR@@PAJ@Z
?OnKillFocus@CSShadeButton@@IAEXPAVCWnd@@@Z
?OnLButtonDblClk@CSShadeButton@@IAEXIVCPoint@@@Z
?OnLButtonDown@CSShadeButton@@IAEXIVCPoint@@@Z
?OnLButtonUp@CSShadeButton@@IAEXIVCPoint@@@Z
?OnMouseLeave@CSShadeButton@@IAEJIJ@Z
?OnMouseMove@CSShadeButton@@IAEXIVCPoint@@@Z
?OnPaint@CCJFlatHeaderCtrl@@IAEXXZ
?OnPaint@CGradientProgressCtrl@@IAEXXZ
?OnWindowPosChanged@CCJFlatHeaderCtrl@@IAEXPAUtagWINDOWPOS@@@Z
?PreSubclassWindow@CBMButton@@UAEXXZ
?PreSubclassWindow@CCJFlatHeaderCtrl@@MAEXXZ
?PreSubclassWindow@CSShadeButton@@UAEXXZ
?RGB2RGBQUAD@CSDib@@QAE?AUtagRGBQUAD@@K@Z
?RGBQUAD2RGB@CSDib@@QAEKUtagRGBQUAD@@@Z
?RGBtoHSL@CSDib@@QAE?AUtagRGBQUAD@@U2@@Z
?RelayEvent@CSShadeButton@@IAEXIIJ@Z
?RemoveMenu@BCMenu@@QAEHII@Z
?RemoveMenu@BCMenu@@QAEHPADW4BC_Seperator@@@Z
?RemoveMenu@BCMenu@@QAEHPAGW4BC_Seperator@@@Z
?RemoveTopLevelOwnerDraw@BCMenu@@IAEXXZ
?ResetSortstats@CSortListCtrl@@QAEXXZ
?ResizeWindow@CCJFlatHeaderCtrl@@MAEXXZ
?SaveColumnWidths@CSortListCtrl@@UAEXXZ
?SetAnsiString@BCMenuData@@QAEXPBD@Z
?SetBackColor@CBMButton@@QAEXK@Z
?SetBitmapBackground@BCMenu@@QAEXK@Z
?SetBkColor@CGradientProgressCtrl@@QAEXK@Z
?SetBold@CAutoFont@@QAEHH@Z
?SetButtonDef@CBMButton@@QAEXHHHH@Z
?SetCharset@CAutoFont@@QAEEE@Z
?SetClipPrecision@CAutoFont@@QAEEE@Z
?SetColumnWidth@CSortListCtrl@@UAEXH@Z
?SetDC@CAutoFont@@QAEXPAUHDC__@@@Z
?SetDisableOldStyle@BCMenu@@QAEXXZ
?SetEndColor@CGradientProgressCtrl@@QAEXK@Z
?SetEscapement@CAutoFont@@QAEJJ@Z
?SetFaceName@CAutoFont@@QAE?AVCString@@V2@@Z
?SetFaceName@CAutoFont@@QAEPBDPBD@Z
?SetFontBold@CCJFlatHeaderCtrl@@UAEXH@Z
?SetFontColor@CAutoFont@@QAEXK@Z
?SetFontColor@CBMButton@@QAEXK@Z
?SetGrayPalette@CSDib@@QAEXXZ
?SetHeight@CAutoFont@@QAEJJ@Z
?SetHeightA@CAutoFont@@QAEJJ@Z
?SetIconSize@BCMenu@@QAEXHH@Z
?SetItalic@CAutoFont@@QAEHH@Z
?SetItemSortState@CSortListCtrl@@QAEHHH@Z
?SetLogFont@CAutoFont@@QAEXAAUtagLOGFONTA@@@Z
?SetMenuDrawMode@BCMenu@@SAXI@Z
?SetMenuText@BCMenu@@QAEHIVCString@@I@Z
?SetOrientation@CAutoFont@@QAEJJ@Z
?SetOutPrecision@CAutoFont@@QAEEE@Z
?SetPaletteIndex@CSDib@@QAEXEEEE@Z
?SetPaletteIndex@CSDib@@QAEXEK@Z
?SetPaletteIndex@CSDib@@QAEXEUtagRGBQUAD@@@Z
?SetPitchAndFamily@CAutoFont@@QAEEE@Z
?SetPixelColor@CSDib@@QAEXJJK@Z
?SetPixelColor@CSDib@@QAEXJJUtagRGBQUAD@@@Z
?SetPixelIndex@CSDib@@QAEXJJE@Z
?SetPos@CGradientProgressCtrl@@QAEHH@Z
?SetQuality@CAutoFont@@QAEEE@Z
?SetRange32@CGradientProgressCtrl@@QAEXHH@Z
?SetRange@CGradientProgressCtrl@@QAEXHH@Z
?SetSelectDisableMode@BCMenu@@SAXH@Z
?SetShade@CSShadeButton@@QAEXIEEEK@Z
?SetSortImage@CCJFlatHeaderCtrl@@UAEHHH@Z
?SetStartColor@CGradientProgressCtrl@@QAEXK@Z
?SetStep@CGradientProgressCtrl@@QAEHH@Z
?SetStrikeOut@CAutoFont@@QAEHH@Z
?SetTextColor@CGradientProgressCtrl@@QAEXK@Z
?SetTextColor@CSShadeButton@@QAEKK@Z
?SetTextFont@CBMButton@@QAEXAAVCFont@@@Z
?SetToolTipText@CSShadeButton@@QAEXVCString@@@Z
?SetUnderline@CAutoFont@@QAEHH@Z
?SetWeight@CAutoFont@@QAEJJ@Z
?SetWideString@BCMenuData@@QAEXPBG@Z
?SetWidth@CAutoFont@@QAEJJ@Z
?SetXPBitmap3D@BCMenu@@SAXH@Z
?ShowPercent@CGradientProgressCtrl@@QAEXH@Z
?Sort@CSortClass@@QAEXH@Z
?SortColumn@CSortListCtrl@@QAEHH@Z
?StepIt@CGradientProgressCtrl@@QAEHXZ
?Stretch@CSDib@@QAEJPAUHDC__@@JJJJ@Z
?SynchronizeMenu@BCMenu@@IAEXXZ
?UnSetBitmapBackground@BCMenu@@QAEXXZ
?UnSetDisableOldStyle@BCMenu@@QAEXXZ
?UpdateMenu@BCMenu@@SAXPAVCMenu@@@Z
?WriteBMP@CSDib@@QAEJPAD@Z
?_GetBaseClass@BCMenu@@KGPAUCRuntimeClass@@XZ
?_GetBaseMessageMap@CBMButton@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CCJFlatHeaderCtrl@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CDialogXP@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CGradientProgressCtrl@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CSShadeButton@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CSortListCtrl@@KGPBUAFX_MSGMAP@@XZ
?_messageEntries@CBMButton@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CCJFlatHeaderCtrl@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CDialogXP@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CGradientProgressCtrl@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CSShadeButton@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CSortListCtrl@@0QBUAFX_MSGMAP_ENTRY@@B
?classBCMenu@BCMenu@@2UCRuntimeClass@@B
?m_AllImages@BCMenu@@1VCImageList@@A
?m_AllImagesID@BCMenu@@1V?$CArray@HAAH@@A
?m_AllSubMenus@BCMenu@@1V?$CTypedPtrArray@VCPtrArray@@PAUHMENU__@@@@A
?messageMap@CBMButton@@1UAFX_MSGMAP@@B
?messageMap@CCJFlatHeaderCtrl@@1UAFX_MSGMAP@@B
?messageMap@CDialogXP@@1UAFX_MSGMAP@@B
?messageMap@CGradientProgressCtrl@@1UAFX_MSGMAP@@B
?messageMap@CSShadeButton@@1UAFX_MSGMAP@@B
?messageMap@CSortListCtrl@@1UAFX_MSGMAP@@B
?original_drawmode@BCMenu@@1IA
?original_select_disabled@BCMenu@@1HA
?xp_draw_3D_bitmaps@BCMenu@@1HA
?xp_drawmode@BCMenu@@1IA
?xp_select_disabled@BCMenu@@1HA

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SDbAPI.dll
.dll windows:4 windows x86 arch:x86

bcf1ab8257b6a823676bd248bbb5c667

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord2396
ord815
ord537
ord823
ord800
ord5572
ord2915
ord941
ord939
ord860
ord540
ord858
ord2814
ord2818
ord1200
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord826
ord269
ord1243
ord342
ord1182
ord1577
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord825
ord4274
ord1168
ord1575
ord1176
ord1116
ord1197

msvcrt

_CxxThrowException
_adjust_fdiv
malloc
_initterm
free
??1type_info@@UAE@XZ
_onexit
__dllonexit
_EH_prolog
_mbsnbcpy
__CxxFrameHandler
wcslen

kernel32

MultiByteToWideChar
lstrlenA
WideCharToMultiByte
LocalAlloc
LocalFree
InterlockedIncrement
InterlockedDecrement
GetLastError

ole32

CoCreateInstance
OleRun

oleaut32

SysStringLen
SysAllocStringByteLen
SysAllocString
SysFreeString
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayCreate
SafeArrayPutElement
VariantInit
VariantCopy
VariantChangeType
VariantClear
GetErrorInfo

Exports

Exports

ClearCurDBError
CloseDBConn
CloseDBRecordset
ExeSQLCommand
ExeTransaction
GetLastDBErrorMsg
GetLastDBErrorNum
GetRecordsetBlobValByIndex
GetRecordsetBlobValByName
GetRecordsetCount
GetRecordsetFloatValByIndex
GetRecordsetFloatValByName
GetRecordsetLongValByIndex
GetRecordsetLongValByName
GetRecordsetStringValByIndex
GetRecordsetStringValByName
GetRecordsetTextValByIndex
GetRecordsetTextValByName
IsDBConnOpened
IsRecordsetBOF
IsRecordsetEOF
IsRecordsetOpened
OpenDBConn
OpenDBRecordset
PrepareGetRecordsetVal
RecordsetAddNew
RecordsetCancel
RecordsetCancelBatchAll
RecordsetCancelBatchCur
RecordsetCancelUpdate
RecordsetDeleteAll
RecordsetDeleteCur
RecordsetMove
RecordsetMoveFirst
RecordsetMoveLast
RecordsetMoveNext
RecordsetMovePrevious
RecordsetUpdate
RecordsetUpdateBatchAll
RecordsetUpdateBatchCur
SetCurDBError
SetCurDBErrorMsg
SetCurDBErrorNum
SetDBCommandTimeOut
SetDBConnectionTimeOut
SetRecordsetBlobValByIndex
SetRecordsetBlobValByName
SetRecordsetFloatValByIndex
SetRecordsetFloatValByName
SetRecordsetLongValByIndex
SetRecordsetLongValByName
SetRecordsetStringValByIndex
SetRecordsetStringValByName
SetRecordsetTextValByIndex
SetRecordsetTextValByName

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SDocCatch.dll
.dll regsvr32 windows:4 windows x86 arch:x86

8bba66a7e9c6cd14a52ea5a33bf22e47

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

sdocdb

ChangeTypeParentID
SDocIsRecordsetEOF
SDocRecordsetMoveNext
SetTypeDelMark
SDocPrepareGetRecordsetVal
SDocGetRecordsetLongValByIndex
CloseSDocRecordSet
SDocGetRecordsetStringValByName
GetDocFileSavePath
OpenSDocRecordSet
OpenSDocDbConn
SDocRecordsetMoveFirst
NewTypeSaveInDB
GetTypeNewID
ChangeTypeTypeName
DeleteType
ReCoverFromRecycle
GetCurModulePath
SDocGetRecordsetLongValByName

htmlparse

?GetAllMediaPalyerFiles@CParseHtml@@QAEHPAUIDispatch@@PAVCStringArray@@@Z
?GetAllRealPalyerFiles@CParseHtml@@QAEHPAUIDispatch@@PAVCStringArray@@@Z
?GetAllFlashFiles@CParseHtml@@QAEHPAUIDispatch@@PAVCStringArray@@@Z
?messageMap@CDialogXP@@1UAFX_MSGMAP@@B
??1CDlgDownProcess@@UAE@XZ
?CheckCancelButton@CDlgDownProcess@@QAEHXZ
?StepIt@CDlgDownProcess@@QAEHXZ
?SetStep@CDlgDownProcess@@QAEHH@Z
?SetRange@CDlgDownProcess@@QAEXHH@Z
?Create@CDlgDownProcess@@QAEHPAVCWnd@@@Z
??0CDlgDownProcess@@QAE@I@Z
??1CParseHtml@@UAE@XZ
??0CParseHtml@@QAE@XZ
?InitGetNewID@CParseHtml@@QAEHXZ
?ChangeDocHtmlAndSave@CParseHtml@@QAEHXZ
?DownLoadAllImages@CParseHtml@@QAEHXZ
?ReNameImageFile@CParseHtml@@QAEHXZ
?ShowMessageBox@CParseHtml@@QAEHIII@Z
?CreateDocImgSavePath@CParseHtml@@QAEHXZ
?DownSelectImages@CParseHtml@@QAEHXZ
?DownLoadImage@CParseHtml@@QAEHVCString@@@Z
?AddBkGroundToDown@CParseHtml@@QAEHPAUIDispatch@@@Z
?GetOriginDocHtml@CParseHtml@@QAEHPAUIDispatch@@@Z
?ParseHTMLExtern@CParseHtml@@QAEHPAUIDispatch@@@Z
?BuildSelectedHtml@CParseHtml@@QAEHPAUIDispatch@@@Z
??0CDialogXP@@QAE@IPAVCWnd@@@Z
??1CDialogXP@@UAE@XZ
?SaveRecordDB@CParseHtml@@QAEHXZ
?DownFlashFile@CParseHtml@@QAEHVCString@@@Z
?InitAll@CParseHtml@@QAEHPAUIDispatch@@@Z
?FreeAll@CParseHtml@@QAEHXZ

mfc42

ord4424
ord800
ord656
ord4627
ord860
ord540
ord567
ord825
ord3626
ord3663
ord2414
ord1829
ord4275
ord2379
ord5856
ord2763
ord1109
ord6199
ord858
ord1641
ord613
ord2754
ord289
ord5265
ord4376
ord4998
ord2514
ord6052
ord1775
ord3079
ord4080
ord3597
ord641
ord2301
ord2289
ord2370
ord2302
ord4710
ord4853
ord6334
ord2818
ord941
ord3303
ord4425
ord4396
ord3574
ord609
ord541
ord2135
ord818
ord801
ord4299
ord6215
ord6907
ord3998
ord6883
ord6143
ord3996
ord535
ord3301
ord6453
ord5280
ord2575
ord6675
ord6145
ord568
ord6888
ord926
ord537
ord4809
ord2820
ord3811
ord3092
ord2864
ord823
ord1949
ord4034
ord6467
ord2086
ord4160
ord861
ord4033
ord4274
ord815
ord6375
ord4486
ord2554
ord2512
ord5731
ord3830
ord3825
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord3953
ord1134
ord2725
ord1131
ord5575
ord839
ord433
ord1200
ord2141
ord434
ord465
ord2764
ord5710
ord4407
ord3733
ord686
ord810
ord384
ord1941
ord4271
ord2149
ord1848
ord3914
ord4083
ord3571
ord4284
ord2862
ord2639
ord1146
ord1168
ord2096
ord6270
ord924
ord3297
ord6008
ord3287
ord5572
ord4171
ord4000
ord2915
ord6283
ord6282
ord3874
ord5981
ord2097
ord3296
ord3706
ord755
ord640
ord2405
ord5873
ord6172
ord5789
ord5781
ord5785
ord2971
ord1640
ord323
ord470
ord654
ord5858
ord6140
ord341
ord4125
ord4774
ord5450
ord6394
ord2841
ord5440
ord6383
ord2107
ord2860
ord1776
ord4078
ord6055
ord3619
ord3610
ord3402
ord3831
ord2985
ord2976
ord3081
ord4465
ord3262
ord3136
ord2982
ord3259
ord3147
ord2446
ord5277
ord2124
ord5065
ord5261
ord1727
ord2055
ord3749
ord6376
ord4837
ord2648
ord4441
ord4353
ord3798
ord5290
ord2385
ord6374
ord5163
ord3922
ord5241
ord1089
ord819
ord5863
ord3398
ord1253
ord1255
ord826
ord600
ord269
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1116
ord1578
ord1575
ord1176

msvcrt

realloc
_purecall
free
malloc
memset
memcmp
memmove
_except_handler3
?terminate@@YAXXZ
_initterm
memcpy
__dllonexit
_adjust_fdiv
_onexit
atol
_mbscmp
??1type_info@@UAE@XZ
isxdigit
isalnum
__CxxFrameHandler
isprint
isdigit
isalpha

kernel32

GetModuleHandleA
MultiByteToWideChar
InterlockedDecrement
lstrlenA
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
lstrlenW
DeleteCriticalSection
WinExec
GetPrivateProfileStringA
WideCharToMultiByte
FreeLibrary
SizeofResource
WritePrivateProfileStringA
FindResourceA
GetLastError
LoadResource
lstrcmpiA
lstrcpynA
LoadLibraryExA
HeapDestroy
GetProcAddress
IsDBCSLeadByte
lstrcpyA
lstrcatA
LoadLibraryA
LocalFree
LocalAlloc
GetTickCount
GetModuleFileNameA
GetShortPathNameA

user32

LoadIconA
ClientToScreen
WindowFromPoint
SendMessageA
SystemParametersInfoA
LoadBitmapA
IsMenu
InvalidateRect
GetKeyState
EnableMenuItem
GetDesktopWindow
ReleaseCapture
GetFocus
CharNextA
MessageBeep
ScreenToClient
SetCapture
GetClientRect
GetSysColor
GetForegroundWindow
MessageBoxA
EnableWindow

gdi32

CreateCompatibleDC
CreateRectRgnIndirect
GetObjectA
BitBlt
CreateFontIndirectA
CreateCompatibleBitmap

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegDeleteValueA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyExA

shell32

ShellExecuteA

comctl32

ImageList_AddMasked
ImageList_EndDrag
ImageList_DragShowNolock
ImageList_DragMove
ImageList_ReplaceIcon
ImageList_DragLeave
ImageList_DragEnter
ImageList_BeginDrag

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree

oleaut32

LoadRegTypeLi
RegisterTypeLi
VariantClear
SysAllocString
LoadTypeLi
SysFreeString
SysStringLen
VarUI4FromStr

scommctl

?GetSubMenu@BCMenu@@QAEPAVCMenu@@H@Z
?FindKeyboardShortcut@BCMenu@@SAJIIPAVCMenu@@@Z
?IsMenu@BCMenu@@SAHPAUHMENU__@@@Z
??1BCMenu@@UAE@XZ
??0CSortListCtrl@@QAE@XZ
?IsMenu@BCMenu@@SAHPAVCMenu@@@Z
??0BCMenu@@QAE@XZ
??0CBMButton@@QAE@XZ
??1CSortListCtrl@@UAE@XZ
?LoadBitmaps@CBMButton@@QAE_NIHHHHH@Z
??1CBMButton@@UAE@XZ

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SDocDB.dll
.dll regsvr32 windows:4 windows x86 arch:x86

cee982f3685c25732e53454d4439bef2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathFileExistsA

sdbapi

RecordsetMoveLast
RecordsetMoveFirst
IsRecordsetBOF
GetRecordsetFloatValByName
GetRecordsetFloatValByIndex
GetRecordsetStringValByName
GetRecordsetStringValByIndex
GetRecordsetLongValByIndex
RecordsetMovePrevious
RecordsetMoveNext
ExeSQLCommand
IsRecordsetEOF
ClearCurDBError
PrepareGetRecordsetVal
GetRecordsetLongValByName
GetLastDBErrorNum
CloseDBRecordset
OpenDBRecordset
CloseDBConn
OpenDBConn
GetLastDBErrorMsg

mfc42

ord1253
ord1255
ord1578
ord600
ord826
ord269
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1168
ord1575
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord1176
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord1116
ord1132
ord6467
ord1131
ord6354
ord800
ord1200
ord941
ord860
ord540
ord2818
ord6311
ord4171
ord5710
ord537
ord5572
ord801
ord858
ord6883
ord940
ord6143
ord541
ord535
ord3147
ord5500

msvcrt

_splitpath
__CxxFrameHandler
_EH_prolog
??2@YAPAXI@Z
__dllonexit
_onexit
free
_initterm
malloc
_adjust_fdiv
??1type_info@@UAE@XZ
_mbscmp
_mbsnbcpy

kernel32

GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileStringA
SetFileAttributesA
CreateDirectoryA
FindClose
FindFirstFileA
LocalFree
LocalAlloc

Exports

Exports

ChangeTypeParentID
ChangeTypeTypeName
CloseSDocDbConn
CloseSDocRecordSet
CreateMultiLayerPath
DeleteDocRecord
DeleteType
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
GetCurModulePath
GetDocFileSavePath
GetDocNewID
GetNewID
GetTypeNewID
ModifyDocContent
ModifyDocProperty
ModifyDocType
ModifyTypeProperty
NewDocSaveInDB
NewTypeSaveInDB
OpenSDocDbConn
OpenSDocRecordSet
ReCoverFromRecycle
ReadDocSavePathFromINI
SDocDeletDoc
SDocGetRecordsetFloatValByIndex
SDocGetRecordsetFloatValByName
SDocGetRecordsetLongValByIndex
SDocGetRecordsetLongValByName
SDocGetRecordsetStringValByIndex
SDocGetRecordsetStringValByName
SDocIsRecordsetBOF
SDocIsRecordsetEOF
SDocPrepareGetRecordsetVal
SDocRecordsetMoveFirst
SDocRecordsetMoveLast
SDocRecordsetMoveNext
SDocRecordsetMovePrevious
SetDocDelMark
SetDocFileSavePath
SetTypeDelMark

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SDocDrag.exe
.exe windows:4 windows x86 arch:x86

6c28cf5759e8f24caa6a57fe9a1231f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

sdocdb

SDocGetRecordsetLongValByName
SDocGetRecordsetStringValByName
SDocRecordsetMoveFirst
SDocIsRecordsetEOF
SDocPrepareGetRecordsetVal
OpenSDocRecordSet
ModifyDocProperty
SetDocDelMark
SDocDeletDoc
ModifyDocType
NewDocSaveInDB
CreateMultiLayerPath
CloseSDocDbConn
GetDocNewID
SetDocFileSavePath
GetCurModulePath
SDocGetRecordsetLongValByIndex
SetTypeDelMark
ChangeTypeParentID
NewTypeSaveInDB
GetTypeNewID
ChangeTypeTypeName
DeleteType
ReCoverFromRecycle
GetDocFileSavePath
OpenSDocDbConn
SDocRecordsetMoveNext
CloseSDocRecordSet

shlwapi

PathFileExistsA

mfc42

ord795
ord2614
ord556
ord540
ord567
ord825
ord3626
ord3663
ord2414
ord1929
ord4275
ord1088
ord2122
ord1641
ord2860
ord6199
ord3874
ord5875
ord2864
ord5981
ord2379
ord6358
ord6215
ord858
ord535
ord4299
ord3797
ord2859
ord6880
ord941
ord5572
ord2915
ord384
ord686
ord2078
ord2097
ord3089
ord1175
ord537
ord823
ord4160
ord860
ord4589
ord5076
ord4341
ord4349
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord5240
ord3748
ord1726
ord4432
ord4042
ord3216
ord4544
ord5685
ord3274
ord3353
ord4622
ord3579
ord5495
ord439
ord736
ord641
ord6403
ord6402
ord2514
ord3522
ord3521
ord1168
ord2817
ord1799
ord290
ord614
ord2841
ord4226
ord2846
ord2107
ord5440
ord6383
ord5450
ord6394
ord4614
ord4613
ord1945
ord4273
ord813
ord560
ord5260
ord1233
ord4083
ord1928
ord2867
ord5768
ord2753
ord2754
ord3571
ord640
ord2405
ord5785
ord1640
ord323
ord3916
ord3497
ord4723
ord4890
ord2535
ord2818
ord3909
ord4317
ord4508
ord6128
ord3752
ord5148
ord4694
ord5053
ord4464
ord4204
ord1200
ord2526
ord469
ord729
ord2504
ord1706
ord430
ord2652
ord1669
ord5265
ord4853
ord4998
ord6052
ord1775
ord5280
ord4425
ord3597
ord324
ord2358
ord2370
ord2301
ord2302
ord4234
ord2642
ord3092
ord4376
ord6334
ord4710
ord4396
ord3574
ord609
ord1146
ord2567
ord755
ord2971
ord470
ord3370
ord3640
ord2582
ord4402
ord693
ord1848
ord4243
ord6907
ord3998
ord3301
ord3996
ord3293
ord939
ord1133
ord6453
ord2714
ord3610
ord656
ord1829
ord5856
ord2763
ord1109
ord613
ord289
ord2135
ord818
ord1949
ord4034
ord1841
ord4241
ord4220
ord2584
ord3654
ord1644
ord2438
ord4588
ord4899
ord4370
ord4892
ord4533
ord4340
ord4347
ord4889
ord4963
ord4960
ord6054
ord1725
ord2091
ord654
ord341
ord364
ord784
ord5677
ord3495
ord4720
ord6131
ord6216
ord5037
ord2513
ord293
ord6270
ord6605
ord2688
ord6069
ord539
ord5858
ord6140
ord861
ord3317
ord2919
ord2863
ord4456
ord5281
ord4277
ord4278
ord4129
ord6663
ord5683
ord6283
ord6282
ord3499
ord2515
ord355
ord859
ord1199
ord2289
ord5710
ord924
ord6197
ord2411
ord2023
ord4218
ord2578
ord4398
ord3582
ord616
ord2820
ord3811
ord922
ord3303
ord1825
ord4238
ord4696
ord3058
ord3065
ord6336
ord800
ord2542
ord5243
ord5740
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord652
ord338
ord4823
ord665
ord1979
ord6385
ord5186
ord354
ord2399
ord1746
ord3914
ord1941
ord6905
ord6654
ord2096
ord6232
ord6230
ord6148
ord2568
ord6268
ord6271
ord3225
ord3257
ord3912
ord2544
ord2543
ord2511
ord978
ord1731
ord5851
ord2883
ord2398
ord2418
ord6224
ord6226
ord2429
ord2250
ord4732
ord5477
ord2259
ord4836
ord4440
ord3720
ord527
ord794
ord4264
ord4541
ord1126
ord4871
ord4023
ord5949
ord3481
ord5910
ord6120
ord2975
ord3566
ord1567
ord1265
ord2233
ord268
ord2884
ord3573
ord541
ord801
ord2862
ord6883
ord6143
ord819
ord5863
ord6145
ord568
ord6311
ord4171
ord4284
ord6877
ord465
ord5086
ord1842
ord4242
ord2723
ord2390
ord3059
ord5100
ord5103
ord1576
ord3350
ord5012
ord975
ord5472
ord3403
ord2879
ord2878
ord4151
ord4077
ord5237
ord2649
ord1665
ord4436
ord4427
ord3295
ord6154
ord2530
ord4366
ord4056
ord5471
ord4121
ord2389
ord1710
ord1715
ord5234
ord6369
ord5279
ord5064
ord5248
ord2444
ord3395
ord3730
ord807
ord796
ord674
ord529
ord554
ord366
ord6068
ord5885
ord5884
ord2921
ord4287
ord6209
ord2494
ord2627
ord2626
ord6000
ord2117
ord4163
ord6625
ord4457
ord2252
ord1232
ord5252
ord6569
ord3978
ord6780
ord802
ord1085
ord542
ord798
ord1997
ord6407
ord5194
ord533
ord5852
ord2080
ord5882
ord5871
ord2120
ord1572
ord4202
ord4499
ord5030
ord4224
ord5282
ord1105
ord5465
ord532
ord1601
ord926
ord6876
ord668
ord3181
ord2781
ord2770
ord356
ord6010
ord5442
ord3318
ord6828
ord4692
ord6241
ord6784
ord6705
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5714
ord3738
ord561
ord815
ord1768
ord5301
ord986
ord520
ord4159
ord6117
ord5943
ord2621
ord1134
ord1205
ord617
ord5214

msvcrt

_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
calloc
_CxxThrowException
_getcwd
_chdir
fgets
ftell
fclose
fopen
_fstat
ctime
fseek
strncpy
_ismbcdigit
_mbsnbicmp
_mbsicoll
atol
_mbsicmp
isdigit
isalpha
isxdigit
isprint
atoi
strstr
isalnum
strchr
free
_splitpath
_except_handler3
memmove
_mbscmp
_mbsnbcpy
_purecall
__CxxFrameHandler
_strdup
_setmbcp
isspace

kernel32

GetWindowsDirectoryA
GlobalUnlock
GlobalLock
lstrlenA
CloseHandle
MultiByteToWideChar
CreateFileA
GetFileAttributesA
FindClose
MoveFileA
DeleteFileA
FindFirstFileA
WriteFile
GetTempFileNameA
lstrcatA
lstrcpyA
MulDiv
GlobalAlloc
lstrcpynA
InterlockedDecrement
GetTempPathA
GetModuleFileNameA
WritePrivateProfileStringA
GetProcAddress
GetPrivateProfileStringA
GetTickCount
SetFileAttributesA
GetDriveTypeA
SetVolumeLabelA
GetDiskFreeSpaceA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetLastError
SetFilePointer
GetModuleHandleA
GetStartupInfoA
LocalFree
ReadFile
FreeLibrary
LoadLibraryA

user32

SetForegroundWindow
GetLastActivePopup
GetClassInfoA
SetActiveWindow
ShowWindow
UnionRect
LoadIconA
GetDesktopWindow
ClientToScreen
WindowFromPoint
GetFocus
GetSubMenu
IsIconic
FindWindowA
LoadBitmapA
EnableMenuItem
FillRect
GetSystemMetrics
GetMenuStringA
CheckMenuRadioItem
CreatePopupMenu
AppendMenuA
RedrawWindow
IsWindowVisible
MapWindowPoints
SystemParametersInfoA
DrawStateA
CopyRect
SendMessageA
GetClientRect
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsClipboardFormatAvailable
SetCapture
InvalidateRect
GetKeyState
SetTimer
TranslateAcceleratorA
LoadAcceleratorsA
KillTimer
GetCursorPos
ScreenToClient
EnableScrollBar
GetDlgItem
OffsetRect
CreateCaret
SetCaretPos
ShowCaret
HideCaret
UpdateWindow
GetAsyncKeyState
EnableWindow
MessageBeep
LoadCursorA
CopyIcon
GetWindowRect
GetParent
GetDC
ReleaseDC
InflateRect
IsWindow
GetSysColor
SetCursor
PtInRect
ReleaseCapture
LoadMenuA

gdi32

GetStockObject
CreateFontIndirectA
GetObjectA
GetTextExtentPoint32A
BitBlt
CreateRectRgnIndirect
DeleteObject
EnumFontFamiliesA
CreateSolidBrush
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA

shell32

ShellExecuteExA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
SHFileOperationA

comctl32

ImageList_DragEnter
ImageList_ReplaceIcon
ImageList_DragLeave
ImageList_EndDrag
ImageList_DragMove
ImageList_DragShowNolock
ImageList_BeginDrag
ImageList_Draw
ImageList_GetIcon
ImageList_AddMasked

ole32

CoCreateInstance

oleaut32

VariantClear
SysAllocString
VariantCopy
VariantInit
SysFreeString

urlmon

URLDownloadToCacheFileA

scommctl

?SetColumnWidth@CSortListCtrl@@UAEXH@Z
?LoadColumnWidths@CSortListCtrl@@UAEXXZ
?SaveColumnWidths@CSortListCtrl@@UAEXXZ
?AutoSaveColumns@CSortListCtrl@@UAEXPBD00@Z
?LoadBitmaps@CBMButton@@QAE_NIHHHHH@Z
??0CBMButton@@QAE@XZ
??1CBMButton@@UAE@XZ
?AutoSizeColumn@CSortListCtrl@@UAEXH@Z
?GetStoredWidth@CSortListCtrl@@UAEHH@Z
??1CSortListCtrl@@UAE@XZ
??0CSortListCtrl@@QAE@XZ
?messageMap@CSortListCtrl@@1UAFX_MSGMAP@@B

Sections

.text
Size: 204KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 380KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TranDoc.htm
.html .vbs polyglot
TranFlash.htm
.html .vbs polyglot
TranImage.htm
.html .vbs polyglot
TranMedia.htm
.html .vbs polyglot
TranSelect.htm
.html .vbs polyglot
Uninstall.exe
.exe windows:4 windows x86 arch:x86

dae718ca7c0da2949ad685c2d593ec7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_AddMasked
ord17
ImageList_Destroy
ImageList_Create

kernel32

FindNextFileA
DeleteFileA
FindFirstFileA
CloseHandle
SetFileTime
GetFileAttributesA
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
lstrcatA
SetCurrentDirectoryA
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
CopyFileA
ExitProcess
lstrcpynA
GetCommandLineA
lstrcmpiA
GetTempPathA
GetUserDefaultLangID
GetDiskFreeSpaceA
GetVersion
GlobalUnlock
GlobalLock
GlobalAlloc
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcpyA
lstrlenA
GetSystemDirectoryA
MulDiv
FindClose
SetFilePointer
ReadFile
WriteFile
GetPrivateProfileStringA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
WritePrivateProfileStringA
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
GetCurrentProcess
GetWindowsDirectoryA

user32

CharNextA
DialogBoxParamA
GetClassInfoA
CreateWindowExA
SystemParametersInfoA
RegisterClassA
EndDialog
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
LoadCursorA
SetCursor
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
PeekMessageA
DispatchMessageA
PostQuitMessage
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ExitWindowsEx

gdi32

GetDeviceCaps
CreateFontIndirectA
DeleteObject
CreateBrushIndirect
CreateFontA
SetBkMode
SetTextColor
SetBkColor
SelectObject

advapi32

RegEnumValueA
RegEnumKeyA
RegQueryValueExA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyA
RegCloseKey

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHFileOperationA

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
hha.dll
.dll windows:4 windows x86 arch:x86

969d3807d966bc686a2e4719c377ca96

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
HeapFree
HeapDestroy
HeapReAlloc
HeapSize
RtlUnwind
ExitProcess
RaiseException
GetCurrentThreadId
GetCurrentProcess
GetLocalTime
GetCommandLineA
HeapCreate
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
SetUnhandledExceptionFilter
GetModuleHandleA
SetHandleCount
GetFileType
GetStdHandle
GetTimeZoneInformation
GetSystemTime
TlsSetValue
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsBadWritePtr
IsBadCodePtr
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
GetLocaleInfoW
CompareStringW
SetEnvironmentVariableA
GetPrivateProfileStringA
_lread
GlobalHandle
GlobalLock
GlobalFree
FreeLibrary
GlobalMemoryStatus
GetCurrentProcessId
SetEndOfFile
GetWindowsDirectoryA
GetCurrentDirectoryA
GetFullPathNameA
lstrcmpiA
LCMapStringA
VirtualAlloc
VirtualFree
ExitThread
WaitForSingleObject
Sleep
SetFilePointer
CreateSemaphoreA
CreateThread
ReleaseSemaphore
WriteFile
LocalAlloc
CreateDirectoryA
GetFileAttributesA
GetModuleFileNameA
GetSystemDefaultLangID
SetCurrentDirectoryA
lstrlenA
MulDiv
GetLastError
FormatMessageA
LocalFree
GetVolumeInformationA
OpenFile
_lwrite
_lclose
GetUserDefaultLCID
FatalAppExitA
GetVersion
IsDBCSLeadByte
CompareStringA
ReadFile
CloseHandle
CreateFileA
LoadLibraryA
GetProcAddress
GetLocaleInfoA
WritePrivateProfileStringA
IsBadReadPtr
lstrcatA
lstrcpyA
GetFileSize
GetTempPathA
GetTempFileNameA
DeleteFileA
GetSystemTimeAsFileTime
LocalReAlloc
FindNextFileA
FindFirstFileA
FindClose
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
DisableThreadLibraryCalls
GetVersionExA
SearchPathA
SetLastError
_llseek
_lopen
MultiByteToWideChar
WideCharToMultiByte
lstrcpynA
lstrlenW
CreateFileMappingA
MapViewOfFile
GetTickCount
DebugBreak
GetSystemDirectoryA
GlobalAlloc
GetStartupInfoA
FlushFileBuffers
GetCPInfo

user32

BeginPaint
DeleteMenu
GetMenuItemID
InsertMenuA
DefWindowProcA
IsIconic
RegisterClassA
SetRect
CharUpperA
FillRect
WinHelpA
EnableWindow
CreateWindowExA
OffsetRect
CharPrevA
SetWindowPos
LoadCursorA
SetCursor
LoadStringA
MessageBoxA
CharLowerA
CharNextA
GetSysColor
EndPaint
GetDlgItemInt
LoadBitmapA
GetClientRect
GetParent
SetDlgItemInt
UnhookWindowsHookEx
ClientToScreen
SetTimer
GetCursorPos
ScreenToClient
CallWindowProcA
GetClassNameA
CreateDialogParamA
ShowWindow
SendDlgItemMessageA
wsprintfA
SetFocus
SetWindowTextA
GetWindowTextLengthA
GetWindowTextA
GetWindowLongA
PostMessageA
EndDialog
SetWindowLongA
GetDC
ReleaseDC
GetDlgItem
GetSystemMetrics
InvalidateRect
CallNextHookEx
GetDesktopWindow
GetWindowRect
SystemParametersInfoA
MoveWindow
DialogBoxParamA
IsWindow
DestroyWindow
SendMessageA
EnumChildWindows
SetWindowsHookExA
FindWindowA
wvsprintfA
GetWindowPlacement
KillTimer
ReleaseCapture
SetCapture
PtInRect

gdi32

SelectClipRgn
PatBlt
GetTextMetricsA
GetDeviceCaps
CreateFontA
DeleteObject
GetObjectA
GetTextExtentPointA
ExtTextOutA
SetBkColor
SetTextColor
BitBlt
CreateFontIndirectA
SetMapMode
CreateCompatibleDC
CreateDCA
CreateICA
DeleteDC
SelectPalette
RealizePalette
CreatePen
CreateSolidBrush
CreateCompatibleBitmap
CreatePalette
GetDIBits
StretchDIBits
CreateDIBSection
GetPaletteEntries
CreateHalftonePalette
RestoreDC
PlayMetaFile
SetBkMode
SetViewportExtEx
SetViewportOrgEx
SaveDC
DeleteMetaFile
SetMetaFileBitsEx
CreateRectRgnIndirect
SelectObject
CreateBitmap
CreatePatternBrush

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation

comdlg32

GetOpenFileNameA

comctl32

ord15
ord14
CreatePropertySheetPageA
PropertySheetA

version

VerQueryValueA
GetFileVersionInfoA

ole32

CoGetClassObject
CoCreateInstance

Exports

Exports

?LoadJpeg@@YG?AW4FSERR@@PBDPAUIMAGE@@@Z
EditHhCtrlObject
EditHhCtrlScript
FreeFilterDIB
HHA_CompileHHP
LoadFilterImage

Sections

.text
Size: 391KB - Virtual size: 391KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 294KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
hhc.exe
.exe windows:4 windows x86 arch:x86

923cb3b7dca4da6b58b66663d91cb878

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

hha

ord1
ord8
ord31
ord315
ord32
ord30
ord319
ord64
ord67
ord68
ord4

kernel32

GetCurrentProcess
DeleteFileA
ExitProcess
TerminateProcess
GetFileAttributesA
RtlUnwind
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
HeapFree
HeapAlloc
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
VirtualAlloc
GetProcAddress
LoadLibraryA
FlushFileBuffers
SetFilePointer
CloseHandle
SetStdHandle
HeapReAlloc
HeapSize
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetLocaleInfoW
LCMapStringA
LCMapStringW

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
info.dbx
license.txt
readme.txt
seesi.url
setup.nsi
tips.txt

Sharing

General

Malware Config

Signatures

Files

dae718ca7c0da2949ad685c2d593ec7a

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 151KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 18KB - Virtual size: 20KB

3764e6c387ce3c76b39936a24d523dce

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 924B

a2497f92655d680cfc48e86ba47e1926

Headers

File Characteristics

Imports

sdocdb

shlwapi

scommctl

wininet

mfc42

msvcrt

kernel32

user32

gdi32

shell32

oleaut32

urlmon

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 24KB - Virtual size: 21KB

.reloc Size: 4KB - Virtual size: 2KB

d67f6abfdce868896079f661d1c8182d

Headers

File Characteristics

Imports

shlwapi

mfc42

msvcrt

kernel32

user32

advapi32

shell32

ole32

scommctl

Sections

.text Size: 12KB - Virtual size: 9KB

.rdata Size: 8KB - Virtual size: 4KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 151KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 18KB - Virtual size: 20KB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 924B

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 24KB - Virtual size: 21KB

.reloc
Size: 4KB - Virtual size: 2KB

.text
Size: 12KB - Virtual size: 9KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 24KB - Virtual size: 23KB

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 4KB - Virtual size: 412B

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 8KB - Virtual size: 5KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 920B

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 8KB - Virtual size: 10KB

.shared
Size: 4KB - Virtual size: 4B

.rsrc
Size: 32KB - Virtual size: 30KB

.reloc
Size: 12KB - Virtual size: 10KB