Overview

overview

7

Static

static

7

16a1dbc3d4...18.exe

windows7-x64

3

16a1dbc3d4...18.exe

windows10-2004-x64

3

$PLUGINSDI...me.exe

windows7-x64

3

$PLUGINSDI...me.exe

windows10-2004-x64

3

$PLUGINSDI...MG.dll

windows7-x64

7

$PLUGINSDI...MG.dll

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UIEx.dll

windows7-x64

3

$PLUGINSDIR/UIEx.dll

windows10-2004-x64

3

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

3

$PLUGINSDIR/nsLib.dll

windows7-x64

3

$PLUGINSDIR/nsLib.dll

windows10-2004-x64

3

$PROGRAMFI...me.exe

windows7-x64

3

$PROGRAMFI...me.exe

windows10-2004-x64

3

$PROGRAMFI...63.exe

windows7-x64

3

$PROGRAMFI...63.exe

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

HaoZip.chm

windows7-x64

1

HaoZip.chm

windows10-2004-x64

1

HaoZip.dll

windows7-x64

3

HaoZip.dll

windows10-2004-x64

3

HaoZip.exe

windows7-x64

1

HaoZip.exe

windows10-2004-x64

3

HaoZipC.exe

windows7-x64

3

HaoZipC.exe

windows10-2004-x64

3

HaoZipCompress.dll

windows7-x64

3

HaoZipCompress.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    16a1dbc3d4ef6b9d6cee500fb582b7b9_JaffaCakes118

  • Size

    4.0MB

  • MD5

    16a1dbc3d4ef6b9d6cee500fb582b7b9

  • SHA1

    7a36822c33097ac49f14593a2a29cd88649a6bd1

  • SHA256

    f2a988c702e5021bc162525f5b05580894bd2388123a89cdb3ae35514a64553c

  • SHA512

    6c5e6c8d459856d9b152233c763ece9de1e14817bbe3f6cebae1a97d36d0ea99b3f3c072d526eac1d17578aa4ff235f49811b22003ef75f5417fd28030e7ae76

  • SSDEEP

    98304:LOWYHhQf2ZyWAgDf5MtHpc2/9NvlNvSR0e8ySYi8eGiQ8125:pf24Wdf5MtHR9N99SR0e/SYhiTm

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 16 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • 16a1dbc3d4ef6b9d6cee500fb582b7b9_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • $PLUGINSDIR/$PROGRAMFILES/$(LSTR_40)/tools/UXTheme.exe
    .exe windows:5 windows x86 arch:x86

    315a1b02d7617389cdbdf1e1faba5302


    Headers

    Imports

    Sections

  • $PLUGINSDIR/01.jpg
    .jpg
  • $PLUGINSDIR/02.jpg
    .jpg
  • $PLUGINSDIR/03.jpg
    .jpg
  • $PLUGINSDIR/04.jpg
    .jpg
  • $PLUGINSDIR/05.jpg
    .jpg
  • $PLUGINSDIR/DemoIMG.dat
  • $PLUGINSDIR/DemoIMG.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/Progress.bmp
  • $PLUGINSDIR/ProgressBar.bmp
  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UIEx.dll
    .dll windows:4 windows x86 arch:x86

    b134f67006924ec3c4955fb7af5ba9db


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/bk.bmp
  • $PLUGINSDIR/bk1.bmp
  • $PLUGINSDIR/button.bmp
  • $PLUGINSDIR/close.bmp
  • $PLUGINSDIR/close1.bmp
  • $PLUGINSDIR/msgbk.bmp
  • $PLUGINSDIR/msgico.bmp
  • $PLUGINSDIR/nav1.bmp
  • $PLUGINSDIR/nav2.bmp
  • $PLUGINSDIR/nav3.bmp
  • $PLUGINSDIR/nav4.bmp
  • $PLUGINSDIR/newadvsplash.dll
    .dll windows:4 windows x86 arch:x86

    eee37c14e102da3f62385f9796c701ce


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsLib.dll
    .dll windows:4 windows x86 arch:x86

    3c87dd26c37d1677dc58da9567d866a6


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/rz.bmp
  • $PLUGINSDIR/ͯѩ.jpg
    .jpg
  • $PROGRAMFILES/$(LSTR_40)/tools/UXTheme.exe
    .exe windows:5 windows x86 arch:x86

    315a1b02d7617389cdbdf1e1faba5302


    Headers

    Imports

    Sections

  • $PROGRAMFILES/$(LSTR_40)/tools/haozip_silence.200863.exe
    .exe windows:5 windows x86 arch:x86

    b729b61eb1515fcf7b3e511e4e66258b


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:5 windows x86 arch:x86

    cd90e33ffbc335413a25300c682c83df


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    6c41c5e4d44f55745b925cc4e42b7fab


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/option.ini
  • 7zNew.data
    .7z
  • HaoZip.chm
    .chm
  • HaoZip.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • HaoZip.exe
    .exe windows:4 windows x86 arch:x86

    b43bf7d8e6bd94cd2265ea8bbd134ef7


    Code Sign

    Headers

    Imports

    Sections

  • HaoZipC.exe
    .exe windows:4 windows x86 arch:x86

    9eaecb028a956bb2e413034baa4fe968


    Code Sign

    Headers

    Imports

    Sections

  • HaoZipCompress.dll
    .dll windows:4 windows x86 arch:x86

    d3f90a25bd3e8993ba0319da6756b23b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • HaoZipImage.dll
    .dll windows:4 windows x86 arch:x86

    9340299e20a7db5790cce88ca3aeae36


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • HaoZipImgConvert.exe
    .exe windows:4 windows x86 arch:x86

    082d28a1fe88670b4f51ff2f19f53cda


    Code Sign

    Headers

    Imports

    Sections

  • HaoZipImgViewer.exe
    .exe windows:4 windows x86 arch:x86

    bf5a23ec11ffb72023bd2d720f889c8f


    Code Sign

    Headers

    Imports

    Sections

  • HaoZipLoader.exe
    .exe windows:4 windows x86 arch:x86

    d5c265df4707f8493e7113203d7cf8b5


    Code Sign

    Headers

    Imports

    Sections

  • HaoZipMd5.exe
    .exe windows:4 windows x86 arch:x86

    1499f9ca3e4eb835cd29dc0813bdf704


    Code Sign

    Headers

    Imports

    Sections

  • HaoZipRename.exe
    .exe windows:4 windows x86 arch:x86

    1499f9ca3e4eb835cd29dc0813bdf704


    Code Sign

    Headers

    Imports

    Sections

  • HaoZipReplace.exe
    .exe windows:4 windows x86 arch:x86

    1499f9ca3e4eb835cd29dc0813bdf704


    Code Sign

    Headers

    Imports

    Sections

  • HaoZipScan.exe
    .exe windows:4 windows x86 arch:x86

    0f95cc3b596bed58b8ddef32cfa430e1


    Code Sign

    Headers

    Imports

    Sections

  • HaoZipShell.dll
    .dll windows:4 windows x86 arch:x86

    eec0baa5786b5d3de6752040b265b543


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • HaoZipUpdate.exe
    .exe windows:4 windows x86 arch:x86

    b43bf7d8e6bd94cd2265ea8bbd134ef7


    Code Sign

    Headers

    Imports

    Sections

  • Microsoft.VC80.CRT.manifest
  • RarNew.data
    .rar
  • TarNew.data
  • ZipNew.data
  • lang/HaoZipLang_chs.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • msvcr80.dll
    .dll windows:4 windows x86 arch:x86

    7fecbc4a16a5dc85a5394a1df6217680


    Headers

    Imports

    Exports

    Sections

  • 好压免责声明.txt
  • 好压更新日志.txt
  • $RESOURCES/Themes/ͯѩ.theme
  • $WINDIR/Cursors/ͯѩ/½괫/ColouredAero_alt.cur
  • $WINDIR/Cursors/ͯѩ/½괫/ColouredAero_arrow.cur
  • $WINDIR/Cursors/ͯѩ/½괫/ColouredAero_busy.ani
  • $WINDIR/Cursors/ͯѩ/½괫/ColouredAero_ew.cur
  • $WINDIR/Cursors/ͯѩ/½괫/ColouredAero_helpsel.cur
  • $WINDIR/Cursors/ͯѩ/½괫/ColouredAero_link.cur
  • $WINDIR/Cursors/ͯѩ/½괫/ColouredAero_move.cur
  • $WINDIR/Cursors/ͯѩ/½괫/ColouredAero_nesw.cur
  • $WINDIR/Cursors/ͯѩ/½괫/ColouredAero_ns.cur
  • $WINDIR/Cursors/ͯѩ/½괫/ColouredAero_nwse.cur
  • $WINDIR/Cursors/ͯѩ/½괫/ColouredAero_pen.cur
  • $WINDIR/Cursors/ͯѩ/½괫/ColouredAero_prec.cur
  • $WINDIR/Cursors/ͯѩ/½괫/ColouredAero_select.cur
  • $WINDIR/Cursors/ͯѩ/½괫/ColouredAero_unavail.cur
  • $WINDIR/Cursors/ͯѩ/½괫/ColouredAero_up.cur
  • $WINDIR/Cursors/ͯѩ/½괫/ColouredAero_working.ani
  • $WINDIR/Cursors/ͯѩ/½괫/INSTALL.inf
  • $WINDIR/Cursors/ͯѩ/Ȥ/ColouredAero_alt.cur
  • $WINDIR/Cursors/ͯѩ/Ȥ/ColouredAero_arrow.cur
  • $WINDIR/Cursors/ͯѩ/Ȥ/ColouredAero_busy.ani
  • $WINDIR/Cursors/ͯѩ/Ȥ/ColouredAero_ew.cur
  • $WINDIR/Cursors/ͯѩ/Ȥ/ColouredAero_helpsel.cur
  • $WINDIR/Cursors/ͯѩ/Ȥ/ColouredAero_link.cur
  • $WINDIR/Cursors/ͯѩ/Ȥ/ColouredAero_move.cur
  • $WINDIR/Cursors/ͯѩ/Ȥ/ColouredAero_nesw.cur
  • $WINDIR/Cursors/ͯѩ/Ȥ/ColouredAero_ns.cur
  • $WINDIR/Cursors/ͯѩ/Ȥ/ColouredAero_nwse.cur
  • $WINDIR/Cursors/ͯѩ/Ȥ/ColouredAero_pen.cur
  • $WINDIR/Cursors/ͯѩ/Ȥ/ColouredAero_prec.cur
  • $WINDIR/Cursors/ͯѩ/Ȥ/ColouredAero_select.cur
  • $WINDIR/Cursors/ͯѩ/Ȥ/ColouredAero_unavail.cur
  • $WINDIR/Cursors/ͯѩ/Ȥ/ColouredAero_up.cur
  • $WINDIR/Cursors/ͯѩ/Ȥ/ColouredAero_working.ani
  • $WINDIR/Cursors/ͯѩ/Ȥ/INSTALL.inf
  • $WINDIR/Cursors/ͯѩ/˫/ColouredAero_alt.cur
  • $WINDIR/Cursors/ͯѩ/˫/ColouredAero_arrow.cur
  • $WINDIR/Cursors/ͯѩ/˫/ColouredAero_busy.ani
  • $WINDIR/Cursors/ͯѩ/˫/ColouredAero_ew.cur
  • $WINDIR/Cursors/ͯѩ/˫/ColouredAero_helpsel.cur
  • $WINDIR/Cursors/ͯѩ/˫/ColouredAero_link.cur
  • $WINDIR/Cursors/ͯѩ/˫/ColouredAero_move.cur
  • $WINDIR/Cursors/ͯѩ/˫/ColouredAero_nesw.cur
  • $WINDIR/Cursors/ͯѩ/˫/ColouredAero_ns.cur
  • $WINDIR/Cursors/ͯѩ/˫/ColouredAero_nwse.cur
  • $WINDIR/Cursors/ͯѩ/˫/ColouredAero_pen.cur
  • $WINDIR/Cursors/ͯѩ/˫/ColouredAero_prec.cur
  • $WINDIR/Cursors/ͯѩ/˫/ColouredAero_select.cur
  • $WINDIR/Cursors/ͯѩ/˫/ColouredAero_unavail.cur
  • $WINDIR/Cursors/ͯѩ/˫/ColouredAero_up.cur
  • $WINDIR/Cursors/ͯѩ/˫/ColouredAero_working.ani
  • $WINDIR/Cursors/ͯѩ/˫/INSTALL.inf
  • $WINDIR/Cursors/ͯѩ/ͯѩ/ColouredAero_alt.cur
  • $WINDIR/Cursors/ͯѩ/ͯѩ/ColouredAero_arrow.cur
  • $WINDIR/Cursors/ͯѩ/ͯѩ/ColouredAero_busy.ani
  • $WINDIR/Cursors/ͯѩ/ͯѩ/ColouredAero_ew.cur
  • $WINDIR/Cursors/ͯѩ/ͯѩ/ColouredAero_helpsel.cur
  • $WINDIR/Cursors/ͯѩ/ͯѩ/ColouredAero_link.cur
  • $WINDIR/Cursors/ͯѩ/ͯѩ/ColouredAero_move.cur
  • $WINDIR/Cursors/ͯѩ/ͯѩ/ColouredAero_nesw.cur
  • $WINDIR/Cursors/ͯѩ/ͯѩ/ColouredAero_ns.cur
  • $WINDIR/Cursors/ͯѩ/ͯѩ/ColouredAero_nwse.cur
  • $WINDIR/Cursors/ͯѩ/ͯѩ/ColouredAero_pen.cur
  • $WINDIR/Cursors/ͯѩ/ͯѩ/ColouredAero_prec.cur
  • $WINDIR/Cursors/ͯѩ/ͯѩ/ColouredAero_select.cur
  • $WINDIR/Cursors/ͯѩ/ͯѩ/ColouredAero_unavail.cur
  • $WINDIR/Cursors/ͯѩ/ͯѩ/ColouredAero_up.cur
  • $WINDIR/Cursors/ͯѩ/ͯѩ/ColouredAero_working.ani
  • $WINDIR/Cursors/ͯѩ/ͯѩ/INSTALL.inf
  • $WINDIR/Cursors/ͯѩ/ΨСƾ/ColouredAero_alt.cur
  • $WINDIR/Cursors/ͯѩ/ΨСƾ/ColouredAero_arrow.cur
  • $WINDIR/Cursors/ͯѩ/ΨСƾ/ColouredAero_busy.ani
  • $WINDIR/Cursors/ͯѩ/ΨСƾ/ColouredAero_ew.cur
  • $WINDIR/Cursors/ͯѩ/ΨСƾ/ColouredAero_helpsel.cur
  • $WINDIR/Cursors/ͯѩ/ΨСƾ/ColouredAero_link.cur
  • $WINDIR/Cursors/ͯѩ/ΨСƾ/ColouredAero_move.cur
  • $WINDIR/Cursors/ͯѩ/ΨСƾ/ColouredAero_nesw.cur
  • $WINDIR/Cursors/ͯѩ/ΨСƾ/ColouredAero_ns.cur
  • $WINDIR/Cursors/ͯѩ/ΨСƾ/ColouredAero_nwse.cur
  • $WINDIR/Cursors/ͯѩ/ΨСƾ/ColouredAero_pen.cur
  • $WINDIR/Cursors/ͯѩ/ΨСƾ/ColouredAero_prec.cur
  • $WINDIR/Cursors/ͯѩ/ΨСƾ/ColouredAero_select.cur
  • $WINDIR/Cursors/ͯѩ/ΨСƾ/ColouredAero_unavail.cur
  • $WINDIR/Cursors/ͯѩ/ΨСƾ/ColouredAero_up.cur
  • $WINDIR/Cursors/ͯѩ/ΨСƾ/ColouredAero_working.ani
  • $WINDIR/Cursors/ͯѩ/ΨСƾ/INSTALL.inf
  • $WINDIR/Cursors/ͯѩ/СΨŮ/ColouredAero_alt.cur
  • $WINDIR/Cursors/ͯѩ/СΨŮ/ColouredAero_arrow.cur
  • $WINDIR/Cursors/ͯѩ/СΨŮ/ColouredAero_busy.ani
  • $WINDIR/Cursors/ͯѩ/СΨŮ/ColouredAero_ew.cur
  • $WINDIR/Cursors/ͯѩ/СΨŮ/ColouredAero_helpsel.cur
  • $WINDIR/Cursors/ͯѩ/СΨŮ/ColouredAero_link.cur
  • $WINDIR/Cursors/ͯѩ/СΨŮ/ColouredAero_move.cur
  • $WINDIR/Cursors/ͯѩ/СΨŮ/ColouredAero_nesw.cur
  • $WINDIR/Cursors/ͯѩ/СΨŮ/ColouredAero_ns.cur
  • $WINDIR/Cursors/ͯѩ/СΨŮ/ColouredAero_nwse.cur
  • $WINDIR/Cursors/ͯѩ/СΨŮ/ColouredAero_pen.cur
  • $WINDIR/Cursors/ͯѩ/СΨŮ/ColouredAero_prec.cur
  • $WINDIR/Cursors/ͯѩ/СΨŮ/ColouredAero_select.cur
  • $WINDIR/Cursors/ͯѩ/СΨŮ/ColouredAero_unavail.cur
  • $WINDIR/Cursors/ͯѩ/СΨŮ/ColouredAero_up.cur
  • $WINDIR/Cursors/ͯѩ/СΨŮ/ColouredAero_working.ani
  • $WINDIR/Cursors/ͯѩ/СΨŮ/INSTALL.inf
  • $WINDIR/Cursors/ͯѩ/Ӣ/ColouredAero_alt.cur
  • $WINDIR/Cursors/ͯѩ/Ӣ/ColouredAero_arrow.cur
  • $WINDIR/Cursors/ͯѩ/Ӣ/ColouredAero_busy.ani
  • $WINDIR/Cursors/ͯѩ/Ӣ/ColouredAero_ew.cur
  • $WINDIR/Cursors/ͯѩ/Ӣ/ColouredAero_helpsel.cur
  • $WINDIR/Cursors/ͯѩ/Ӣ/ColouredAero_link.cur
  • $WINDIR/Cursors/ͯѩ/Ӣ/ColouredAero_move.cur
  • $WINDIR/Cursors/ͯѩ/Ӣ/ColouredAero_nesw.cur
  • $WINDIR/Cursors/ͯѩ/Ӣ/ColouredAero_ns.cur
  • $WINDIR/Cursors/ͯѩ/Ӣ/ColouredAero_nwse.cur
  • $WINDIR/Cursors/ͯѩ/Ӣ/ColouredAero_pen.cur
  • $WINDIR/Cursors/ͯѩ/Ӣ/ColouredAero_prec.cur
  • $WINDIR/Cursors/ͯѩ/Ӣ/ColouredAero_select.cur
  • $WINDIR/Cursors/ͯѩ/Ӣ/ColouredAero_unavail.cur
  • $WINDIR/Cursors/ͯѩ/Ӣ/ColouredAero_up.cur
  • $WINDIR/Cursors/ͯѩ/Ӣ/ColouredAero_working.ani
  • $WINDIR/Cursors/ͯѩ/Ӣ/INSTALL.inf
  • $WINDIR/Cursors/ͯѩ//ColouredAero_alt.cur
  • $WINDIR/Cursors/ͯѩ//ColouredAero_arrow.cur
  • $WINDIR/Cursors/ͯѩ//ColouredAero_busy.ani
  • $WINDIR/Cursors/ͯѩ//ColouredAero_ew.cur
  • $WINDIR/Cursors/ͯѩ//ColouredAero_helpsel.cur
  • $WINDIR/Cursors/ͯѩ//ColouredAero_link.cur
  • $WINDIR/Cursors/ͯѩ//ColouredAero_move.cur
  • $WINDIR/Cursors/ͯѩ//ColouredAero_nesw.cur
  • $WINDIR/Cursors/ͯѩ//ColouredAero_ns.cur
  • $WINDIR/Cursors/ͯѩ//ColouredAero_nwse.cur
  • $WINDIR/Cursors/ͯѩ//ColouredAero_pen.cur
  • $WINDIR/Cursors/ͯѩ//ColouredAero_prec.cur
  • $WINDIR/Cursors/ͯѩ//ColouredAero_select.cur
  • $WINDIR/Cursors/ͯѩ//ColouredAero_unavail.cur
  • $WINDIR/Cursors/ͯѩ//ColouredAero_up.cur
  • $WINDIR/Cursors/ͯѩ//ColouredAero_working.ani
  • $WINDIR/Cursors/ͯѩ//INSTALL.inf
  • $WINDIR/Cursors/ͯѩ/Ы/ColouredAero_alt.cur
  • $WINDIR/Cursors/ͯѩ/Ы/ColouredAero_arrow.cur
  • $WINDIR/Cursors/ͯѩ/Ы/ColouredAero_busy.ani
  • $WINDIR/Cursors/ͯѩ/Ы/ColouredAero_ew.cur
  • $WINDIR/Cursors/ͯѩ/Ы/ColouredAero_helpsel.cur
  • $WINDIR/Cursors/ͯѩ/Ы/ColouredAero_link.cur
  • $WINDIR/Cursors/ͯѩ/Ы/ColouredAero_move.cur
  • $WINDIR/Cursors/ͯѩ/Ы/ColouredAero_nesw.cur
  • $WINDIR/Cursors/ͯѩ/Ы/ColouredAero_ns.cur
  • $WINDIR/Cursors/ͯѩ/Ы/ColouredAero_nwse.cur
  • $WINDIR/Cursors/ͯѩ/Ы/ColouredAero_pen.cur
  • $WINDIR/Cursors/ͯѩ/Ы/ColouredAero_prec.cur
  • $WINDIR/Cursors/ͯѩ/Ы/ColouredAero_select.cur
  • $WINDIR/Cursors/ͯѩ/Ы/ColouredAero_unavail.cur
  • $WINDIR/Cursors/ͯѩ/Ы/ColouredAero_up.cur
  • $WINDIR/Cursors/ͯѩ/Ы/ColouredAero_working.ani
  • $WINDIR/Cursors/ͯѩ/Ы/INSTALL.inf
  • $WINDIR/Cursors/ͯѩ/֮/ColouredAero_alt.cur
  • $WINDIR/Cursors/ͯѩ/֮/ColouredAero_arrow.cur
  • $WINDIR/Cursors/ͯѩ/֮/ColouredAero_busy.ani
  • $WINDIR/Cursors/ͯѩ/֮/ColouredAero_ew.cur
  • $WINDIR/Cursors/ͯѩ/֮/ColouredAero_helpsel.cur
  • $WINDIR/Cursors/ͯѩ/֮/ColouredAero_link.cur
  • $WINDIR/Cursors/ͯѩ/֮/ColouredAero_move.cur
  • $WINDIR/Cursors/ͯѩ/֮/ColouredAero_nesw.cur
  • $WINDIR/Cursors/ͯѩ/֮/ColouredAero_ns.cur
  • $WINDIR/Cursors/ͯѩ/֮/ColouredAero_nwse.cur
  • $WINDIR/Cursors/ͯѩ/֮/ColouredAero_pen.cur
  • $WINDIR/Cursors/ͯѩ/֮/ColouredAero_prec.cur
  • $WINDIR/Cursors/ͯѩ/֮/ColouredAero_select.cur
  • $WINDIR/Cursors/ͯѩ/֮/ColouredAero_unavail.cur
  • $WINDIR/Cursors/ͯѩ/֮/ColouredAero_up.cur
  • $WINDIR/Cursors/ͯѩ/֮/ColouredAero_working.ani
  • $WINDIR/Cursors/ͯѩ/֮/INSTALL.inf
  • Shell/NormalColor/Shellstyle.dll
    .dll windows:5 windows x86 arch:x86


    Headers

    Sections

  • WALLPAPER/ͯѩ.jpg
    .jpg
  • ico/1.ico
  • ico/2.ico
  • ico/3.ico
  • ico/4.ico
  • ico/5.ico
  • ͯѩ.msstyles
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections