3d9783185c208658ea9fa3189c8b110c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d9783185c208658ea9fa3189c8b110c_JaffaCakes118
Size

5.6MB
MD5

3d9783185c208658ea9fa3189c8b110c
SHA1

2f1ec8e2538f767faaeb921b25976d5c717d8560
SHA256

ab85c469a220e99e486aef7e27faa76196346350bdf9603d049a4647fa729a7c
SHA512

a1aabe9d424ff64b3f0de3399e043a493015cb269fa39a2923096ec7e75c1fcf29bd1e26a32ff13422f410ca65cb25cfb205ba719b447b8c88b85f6bc1270963
SSDEEP

98304:YawJvVEh62J4JnhzVodevoUMPDp6W2T2/EPjz839p09Idl+qnnR:YRJvVEh62J4JrMeAUMIWloj69p09Id5R

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Jiujijiequandao_chsV1.0/SHORT/haowan.exe
unpack001/Jiujijiequandao_chsV1.0/SHORT/xiaoyouxi.exe
unpack001/Jiujijiequandao_chsV1.0/SHORT/yeyoutuijian.exe
unpack001/Jiujijiequandao_chsV1.0/VisualBoyAdvance.exe
unpack001/Jiujijiequandao_chsV1.0/ʼϷ.exe

NSIS installer 3 IoCs

installer

resource	yara_rule
static1/unpack001/Jiujijiequandao_chsV1.0/SHORT/haowan.exe	nsis_installer_2
static1/unpack001/Jiujijiequandao_chsV1.0/SHORT/xiaoyouxi.exe	nsis_installer_2
static1/unpack001/Jiujijiequandao_chsV1.0/SHORT/yeyoutuijian.exe	nsis_installer_2

Files

3d9783185c208658ea9fa3189c8b110c_JaffaCakes118
.zip
Jiujijiequandao_chsV1.0/Copying
Jiujijiequandao_chsV1.0/GBA.BIOS
Jiujijiequandao_chsV1.0/GameStart.ini
Jiujijiequandao_chsV1.0/NEWS
Jiujijiequandao_chsV1.0/README-win.txt
Jiujijiequandao_chsV1.0/SHORT/haowan.exe
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Jiujijiequandao_chsV1.0/SHORT/xiaoyouxi.exe
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Jiujijiequandao_chsV1.0/SHORT/yeyoutuijian.exe
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Jiujijiequandao_chsV1.0/URL.xml
.xml
Jiujijiequandao_chsV1.0/VisualBoyAdvance.exe
.exe windows:4 windows x86 arch:x86

4403c97882d548c9df81192d6a88bd88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSAGetLastError
setsockopt
htonl
bind
ntohs
listen
inet_ntoa
accept
inet_addr
htons
recv
WSAAsyncSelect
socket
WSAStartup
closesocket
ioctlsocket
send

winmm

timeGetTime

avifil32

AVIStreamWrite
AVISaveOptions
AVIMakeCompressedStream
AVIFileCreateStreamA
AVIStreamSetFormat
AVIFileOpenA
AVIFileRelease
AVIFileExit
AVIFileInit
AVIStreamRelease

opengl32

glEnd
glVertex3i
glTexCoord2f
wglCreateContext
glPushAttrib
glDisable
glPixelStorei
glTexParameteri
glTexImage2D
glBindTexture
glGenTextures
glEnable
glViewport
glMatrixMode
glLoadIdentity
glOrtho
glDeleteTextures
wglDeleteContext
wglMakeCurrent
glTexSubImage2D
glBegin

msvcrt

_mbsnbcpy
_CxxThrowException
_controlfp
__p__fmode
??1type_info@@UAE@XZ
__set_app_type
__setusermatherr
__p__commode
_adjust_fdiv
_acmdln
_initterm
__getmainargs
?terminate@@YAXXZ
_XcptFilter
_exit
getenv
_onexit
__dllonexit
div
isprint
__CxxLongjmpUnwind
ceil
rewind
_fdopen
gmtime
floor
longjmp
_finite
_CIacos
_except_handler3
strncmp
fputs
isspace
strtok
getc
fflush
tolower
_fullpath
_snprintf
atoi
fputc
_purecall
wcscpy
wcschr
wcscat
wcscmp
??2@YAPAXI@Z
??3@YAXPAX@Z
__CxxFrameHandler
fgetc
_setjmp3
time
localtime
strchr
_read
_write
vsprintf
_errno
strrchr
_stricmp
ftell
realloc
malloc
exit
_iob
fprintf
calloc
printf
free
fwrite
_setmbcp
strtod
sprintf
fopen
fseek
fread
fclose
strncpy
sscanf
_CIpow
_CIsqrt
_ftol

mfc42

ord1920
ord3790
ord2820
ord609
ord6675
ord1175
ord1229
ord4160
ord1644
ord1134
ord2455
ord6117
ord1146
ord2621
ord2438
ord561
ord1233
ord3654
ord2584
ord815
ord3738
ord4622
ord4220
ord5265
ord4376
ord4998
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4425
ord3597
ord800
ord641
ord860
ord540
ord324
ord2302
ord2370
ord4234
ord6199
ord6241
ord3092
ord4710
ord4853
ord1771
ord6366
ord2413
ord2024
ord4219
ord2581
ord4401
ord3639
ord6055
ord1776
ord5290
ord3402
ord4424
ord3721
ord795
ord692
ord567
ord858
ord2645
ord2841
ord2107
ord3663
ord2448
ord3903
ord3701
ord1168
ord772
ord6142
ord5860
ord500
ord939
ord941
ord4129
ord2763
ord537
ord654
ord1619
ord3981
ord5858
ord6140
ord341
ord2044
ord5450
ord5440
ord6383
ord5834
ord6394
ord2301
ord1768
ord2818
ord6334
ord3610
ord656
ord3874
ord535
ord2358
ord2860
ord6128
ord5148
ord2289
ord2915
ord924
ord5572
ord2582
ord4402
ord3370
ord3640
ord693
ord2642
ord3996
ord6907
ord2575
ord4396
ord3574
ord4960
ord4963
ord859
ord6888
ord922
ord5710
ord4204
ord2614
ord2411
ord2023
ord4218
ord2578
ord4398
ord3582
ord616
ord6197
ord2513
ord293
ord6131
ord6216
ord1783
ord940
ord3742
ord640
ord2405
ord2859
ord1640
ord323
ord2527
ord482
ord755
ord470
ord3716
ord790
ord6111
ord4275
ord5981
ord2864
ord6453
ord2379
ord3873
ord3876
ord6215
ord2086
ord3361
ord6195
ord3870
ord2362
ord1151
ord1193
ord1576
ord4589
ord4588
ord4899
ord4370
ord4892
ord5076
ord4341
ord4349
ord4889
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord5289
ord5714
ord4108
ord3748
ord1725
ord5260
ord4432
ord784
ord517
ord4262
ord4723
ord3571
ord3626
ord2414
ord2747
ord5785
ord1641
ord5037
ord3754
ord1232
ord3797
ord818
ord3573
ord3619
ord2754
ord3693
ord4133
ord4297
ord5788
ord2827
ord1200
ord2558
ord2152
ord5875
ord5683
ord2546
ord2863
ord3815
ord1176
ord291
ord6876
ord4224
ord2512
ord2554
ord6172
ord5789
ord3752
ord4299
ord926
ord2784
ord4274
ord6375
ord4486
ord4079
ord5307
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725

kernel32

SetThreadPriority
GetStartupInfoA
GlobalSize
IsProcessorFeaturePresent
SizeofResource
GetModuleHandleA
WideCharToMultiByte
FindResourceExA
LoadResource
LockResource
GetSystemDefaultLangID
LocalFree
Sleep
WritePrivateProfileStringA
GetPrivateProfileStringA
WaitForSingleObject
CreateEventA
CloseHandle
GetPrivateProfileIntA
GetTickCount
LoadLibraryA
FreeLibrary
GlobalAlloc
GlobalLock
GlobalUnlock
GetProcAddress
IsBadStringPtrA
IsBadReadPtr
WritePrivateProfileStructA
lstrlenA
lstrcpyA
GetPrivateProfileStructA
GetLastError
FormatMessageA
GetLocaleInfoA
GetDateFormatA
GetTimeFormatA
GetModuleFileNameA
GetVersionExA
LocalAlloc

user32

LoadCursorA
DefWindowProcA
GetSysColorBrush
FillRect
DrawFrameControl
DrawFocusRect
InflateRect
DrawEdge
ReleaseCapture
GetSysColor
SetCapture
PostMessageA
SetClipboardData
SetCursor
EmptyClipboard
OpenClipboard
AdjustWindowRectEx
DrawMenuBar
GetFocus
GetMenuItemID
GetSubMenu
CloseClipboard
TrackPopupMenu
AppendMenuW
AppendMenuA
CreatePopupMenu
TranslateAcceleratorA
RemoveMenu
IsIconic
DestroyMenu
SetMenu
CreateCaret
DestroyCaret
ShowCaret
SetCaretPos
GetKeyState
MessageBeep
wsprintfA
SetPropA
SetWindowRgn
EnableWindow
RemovePropA
CallWindowProcA
EndPaint
BeginPaint
BeginDeferWindowPos
PtInRect
GetCapture
LoadAcceleratorsA
LoadIconA
PeekMessageA
UpdateWindow
LoadMenuA
LoadMenuIndirectA
DrawTextA
DrawTextW
GetIconInfo
EndDeferWindowPos
IsWindow
UnionRect
GetActiveWindow
GetLastActivePopup
MessageBoxA
SetForegroundWindow
GetWindowLongA
SetTimer
KillTimer
GetNextDlgTabItem
GetWindowRect
ScreenToClient
GetDC
ReleaseDC
InvalidateRect
ShowScrollBar
EnableScrollBar
GetSystemMetrics
SetWindowLongA
GetParent
GetDlgItem
GetWindowTextA
SetWindowTextA
GetClientRect
GetMenuItemCount
GetMenuItemInfoA
ModifyMenuA
GetMenuItemInfoW
ModifyMenuW
CopyAcceleratorTableA
CreateAcceleratorTableA
DestroyAcceleratorTable
GetMenu
SendMessageA
GetDesktopWindow
MapWindowPoints
DeferWindowPos
GetPropA
ClientToScreen
RedrawWindow
MoveWindow

gdi32

CreateBitmap
StretchBlt
SetStretchBltMode
ExtSelectClipRgn
RectVisible
RealizePalette
CreateDIBitmap
GetClipBox
CreateRectRgnIndirect
StartPage
CreateDIBSection
SetBkColor
PtInRegion
SelectClipRgn
ExtCreateRegion
SelectObject
DeleteDC
SwapBuffers
ChoosePixelFormat
DescribePixelFormat
SetPixelFormat
GetTextExtentPoint32A
GetDIBits
SetTextColor
SetBkMode
TextOutA
CreateFontA
CreatePen
GetObjectA
CreateFontIndirectA
CreateSolidBrush
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
SetDIBitsToDevice
BitBlt
StartDocA
GetDeviceCaps
StretchDIBits
EndPage
EndDoc
GetStockObject

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA

shell32

SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
DragFinish
DragQueryFileA
SHBrowseForFolderA

Exports

Exports

??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@XZ
??0CxIOFile@@QAE@ABV0@@Z
??0CxIOFile@@QAE@PAU_iobuf@@@Z
??0CxImage@@QAE@ABV0@_N11@Z
??0CxImage@@QAE@K@Z
??0CxImage@@QAE@KKKK@Z
??0CxImage@@QAE@PAEKK@Z
??0CxImage@@QAE@PAU_iobuf@@K@Z
??0CxImage@@QAE@PAVCxFile@@K@Z
??0CxImage@@QAE@PBDK@Z
??0CxImageJPG@@QAE@ABV0@@Z
??0CxImageJPG@@QAE@XZ
??0CxMemFile@@QAE@ABV0@@Z
??0CxMemFile@@QAE@PAEK@Z
??1CxFile@@UAE@XZ
??1CxIOFile@@UAE@XZ
??1CxImage@@UAE@XZ
??1CxImageJPG@@UAE@XZ
??1CxMemFile@@UAE@XZ
??4CxFile@@QAEAAV0@ABV0@@Z
??4CxIOFile@@QAEAAV0@ABV0@@Z
??4CxImage@@QAEAAV0@ABV0@@Z
??4CxImageJPG@@QAEAAV0@ABV0@@Z
??4CxMemFile@@QAEAAV0@ABV0@@Z
??4tagCxTextInfo@@QAEAAU0@ABU0@@Z
??_7CxFile@@6B@
??_7CxIOFile@@6B@
??_7CxImage@@6B@
??_7CxImageJPG@@6B@
??_7CxMemFile@@6B@
??_FCxIOFile@@QAEXXZ
??_FCxImage@@QAEXXZ
??_FCxMemFile@@QAEXXZ
??_OCxImage@@QAEXABV0@@Z
?Alloc@CxMemFile@@IAEXK@Z
?AlphaClear@CxImage@@QAEXXZ
?AlphaCopy@CxImage@@QAE_NAAV1@@Z
?AlphaCreate@CxImage@@QAEXXZ
?AlphaDelete@CxImage@@QAEXXZ
?AlphaFlip@CxImage@@QAE_NXZ
?AlphaGet@CxImage@@QAEEJJ@Z
?AlphaGetBits@CxImage@@QBEPAEXZ
?AlphaGetMax@CxImage@@QBEEXZ
?AlphaInvert@CxImage@@QAEXXZ
?AlphaIsValid@CxImage@@QAE_NXZ
?AlphaMirror@CxImage@@QAE_NXZ
?AlphaPaletteClear@CxImage@@QAEXXZ
?AlphaPaletteEnable@CxImage@@QAEX_N@Z
?AlphaPaletteIsEnabled@CxImage@@QAE_NXZ
?AlphaPaletteIsValid@CxImage@@QAE_NXZ
?AlphaPaletteSplit@CxImage@@QAE_NPAV1@@Z
?AlphaSet@CxImage@@QAEXE@Z
?AlphaSet@CxImage@@QAEXJJE@Z
?AlphaSet@CxImage@@QAE_NAAV1@@Z
?AlphaSetMax@CxImage@@QAEXE@Z
?AlphaSplit@CxImage@@QAE_NPAV1@@Z
?AlphaStrip@CxImage@@QAEXXZ
?Bitfield2RGB@CxImage@@IAEXPAEGGGE@Z
?BlendPalette@CxImage@@QAEXKJ@Z
?Clear@CxImage@@QAEXE@Z
?Close@CxIOFile@@UAE_NXZ
?Close@CxMemFile@@UAE_NXZ
?CompareColors@CxImage@@KAHPBX0@Z
?Copy@CxImage@@QAEXABV1@_N11@Z
?CopyInfo@CxImage@@IAEXABV1@@Z
?CopyToHandle@CxImage@@QAEPAXXZ
?Create@CxImage@@QAEPAXKKKK@Z
?CreateFromArray@CxImage@@QAE_NPAEKKKK_N@Z
?CreateFromHANDLE@CxImage@@QAE_NPAX@Z
?CreateFromHBITMAP@CxImage@@QAE_NPAUHBITMAP__@@PAUHPALETTE__@@@Z
?CreateFromHICON@CxImage@@QAE_NPAUHICON__@@@Z
?CreateFromMatrix@CxImage@@QAE_NPAPAEKKKK_N@Z
?Decode@CxImage@@QAE_NPAEKK@Z
?Decode@CxImage@@QAE_NPAU_iobuf@@K@Z
?Decode@CxImage@@QAE_NPAVCxFile@@K@Z
?Decode@CxImageJPG@@QAE_NPAU_iobuf@@@Z
?Decode@CxImageJPG@@QAE_NPAVCxFile@@@Z
?DecodeExif@CxImageJPG@@QAE_NPAU_iobuf@@@Z
?DecodeExif@CxImageJPG@@QAE_NPAVCxFile@@@Z
?Destroy@CxImage@@QAE_NXZ
?Draw2@CxImage@@QAEJPAUHDC__@@ABUtagRECT@@@Z
?Draw2@CxImage@@QAEJPAUHDC__@@JJJJ@Z
?Draw@CxImage@@QAEJPAUHDC__@@ABUtagRECT@@PAU3@@Z
?Draw@CxImage@@QAEJPAUHDC__@@JJJJPAUtagRECT@@@Z
?DrawLine@CxImage@@QAEXHHHHK@Z
?DrawLine@CxImage@@QAEXHHHHUtagRGBQUAD@@_N@Z
?DrawString@CxImage@@QAEJPAUHDC__@@JJPBDUtagRGBQUAD@@1JJEE_N@Z
?DrawStringEx@CxImage@@QAEJPAUHDC__@@JJPAUtagCxTextInfo@@_N@Z
?Enable@CxImage@@QAEX_N@Z
?Eof@CxIOFile@@UAE_NXZ
?Eof@CxMemFile@@UAE_NXZ
?Error@CxIOFile@@UAEJXZ
?Error@CxMemFile@@UAEJXZ
?Flip@CxImage@@QAE_NXZ
?Flush@CxIOFile@@UAE_NXZ
?Flush@CxMemFile@@UAE_NXZ
?Free@CxMemFile@@IAEXXZ
?GetBits@CxImage@@QAEPAEK@Z
?GetBpp@CxImage@@QBEGXZ
?GetBuffer@CxMemFile@@QAEPAE_N@Z
?GetC@CxIOFile@@UAEJXZ
?GetC@CxMemFile@@UAEJXZ
?GetClrImportant@CxImage@@QBEKXZ
?GetCodecOption@CxImage@@QBEKXZ
?GetColorType@CxImage@@QAEEXZ
?GetDIB@CxImage@@QBEPAXXZ
?GetEffWidth@CxImage@@QBEKXZ
?GetEscape@CxImage@@QBEJXZ
?GetFlags@CxImage@@QBEKXZ
?GetFrame@CxImage@@QBEJXZ
?GetFrameDelay@CxImage@@QBEKXZ
?GetHeight@CxImage@@QBEKXZ
?GetJpegQuality@CxImage@@QBEEXZ
?GetJpegScale@CxImage@@QBEEXZ
?GetLastError@CxImage@@QAEPADXZ
?GetNearestIndex@CxImage@@QAEEUtagRGBQUAD@@@Z
?GetNumColors@CxImage@@QBEKXZ
?GetNumFrames@CxImage@@QBEJXZ
?GetOffset@CxImage@@QAEXPAJ0@Z
?GetPalette@CxImage@@QBEPAUtagRGBQUAD@@XZ
?GetPaletteColor@CxImage@@QAE?AUtagRGBQUAD@@E@Z
?GetPaletteColor@CxImage@@QAE_NEPAE00@Z
?GetPaletteSize@CxImage@@QAEKXZ
?GetPixelColor@CxImage@@QAE?AUtagRGBQUAD@@JJ_N@Z
?GetPixelGray@CxImage@@QAEEJJ@Z
?GetPixelIndex@CxImage@@QAEEJJ@Z
?GetProgress@CxImage@@QBEJXZ
?GetSize@CxImage@@QAEJXZ
?GetTransColor@CxImage@@QAE?AUtagRGBQUAD@@XZ
?GetTransIndex@CxImage@@QBEJXZ
?GetType@CxImage@@QBEKXZ
?GetVersion@CxImage@@QAEPBDXZ
?GetWidth@CxImage@@QBEKXZ
?GetXDPI@CxImage@@QBEJXZ
?GetYDPI@CxImage@@QBEJXZ
?Ghost@CxImage@@IAEXPAV1@@Z
?GrayScale@CxImage@@QAE_NXZ
?InitTextInfo@CxImage@@QAEXPAUtagCxTextInfo@@@Z
?IsEnabled@CxImage@@QBE_NXZ
?IsGrayScale@CxImage@@QAE_NXZ
?IsIndexed@CxImage@@QAE_NXZ
?IsInside@CxImage@@QAE_NJJ@Z
?IsTransparent@CxImage@@QAE_NJJ@Z
?IsTransparent@CxImage@@QBE_NXZ
?IsValid@CxImage@@QBE_NXZ
?Load@CxImage@@QAE_NPBDK@Z
?LoadResource@CxImage@@QAE_NPAUHRSRC__@@KPAUHINSTANCE__@@@Z
?MakeBitmap@CxImage@@QAEPAUHBITMAP__@@PAUHDC__@@@Z
?Mirror@CxImage@@QAE_NXZ
?Negative@CxImage@@QAE_NXZ
?Open@CxIOFile@@QAE_NPBD0@Z
?Open@CxMemFile@@QAE_NXZ
?PutC@CxFile@@UAE_NE@Z
?PutC@CxIOFile@@UAE_NE@Z
?PutC@CxMemFile@@UAE_NE@Z
?RGBQUADtoRGB@CxImage@@QAEKUtagRGBQUAD@@@Z
?RGBtoBGR@CxImage@@IAEXPAEH@Z
?RGBtoRGBQUAD@CxImage@@QAE?AUtagRGBQUAD@@K@Z
?Read@CxIOFile@@UAEIPAXII@Z
?Read@CxMemFile@@UAEIPAXII@Z
?RotateLeft@CxImage@@QAE_NPAV1@@Z
?RotateRight@CxImage@@QAE_NPAV1@@Z
?Seek@CxIOFile@@UAE_NJH@Z
?Seek@CxMemFile@@UAE_NJH@Z
?SetClrImportant@CxImage@@QAEXK@Z
?SetCodecOption@CxImage@@QAEXK@Z
?SetEscape@CxImage@@QAEXJ@Z
?SetFlags@CxImage@@QAEXK_N@Z
?SetFrame@CxImage@@QAEXJ@Z
?SetFrameDelay@CxImage@@QAEXK@Z
?SetGrayPalette@CxImage@@QAEXXZ
?SetJpegQuality@CxImage@@QAEXE@Z
?SetJpegScale@CxImage@@QAEXE@Z
?SetOffset@CxImage@@QAEXJJ@Z
?SetPalette@CxImage@@QAEXKPAE00@Z
?SetPalette@CxImage@@QAEXPAUrgb_color@@K@Z
?SetPalette@CxImage@@QAEXPAUtagRGBQUAD@@K@Z
?SetPaletteColor@CxImage@@QAEXEEEEE@Z
?SetPaletteColor@CxImage@@QAEXEK@Z
?SetPaletteColor@CxImage@@QAEXEUtagRGBQUAD@@@Z
?SetPixelColor@CxImage@@QAEXJJK@Z
?SetPixelColor@CxImage@@QAEXJJUtagRGBQUAD@@_N@Z
?SetPixelIndex@CxImage@@QAEXJJE@Z
?SetProgress@CxImage@@QAEXJ@Z
?SetStdPalette@CxImage@@QAEXXZ
?SetTransColor@CxImage@@QAEXUtagRGBQUAD@@@Z
?SetTransIndex@CxImage@@QAEXJ@Z
?SetXDPI@CxImage@@QAEXJ@Z
?SetYDPI@CxImage@@QAEXJ@Z
?Size@CxIOFile@@UAEJXZ
?Size@CxMemFile@@UAEJXZ
?Startup@CxImage@@IAEXK@Z
?Stretch@CxImage@@QAEJPAUHDC__@@ABUtagRECT@@K@Z
?Stretch@CxImage@@QAEJPAUHDC__@@JJJJK@Z
?SwapIndex@CxImage@@QAEXEE@Z
?Tell@CxIOFile@@UAEJXZ
?Tell@CxMemFile@@UAEJXZ
?Tile@CxImage@@QAEJPAUHDC__@@PAUtagRECT@@@Z
?Transfer@CxImage@@QAE_NAAV1@@Z
?Write@CxIOFile@@UAEIPBXII@Z
?Write@CxMemFile@@UAEIPBXII@Z

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Jiujijiequandao_chsV1.0/VisualBoyAdvance.ico
Jiujijiequandao_chsV1.0/mygames.run.dat
Jiujijiequandao_chsV1.0/vba.ini
Jiujijiequandao_chsV1.0/ȭ.gba
Jiujijiequandao_chsV1.0/ʼϷ.exe
.exe windows:5 windows x86 arch:x86

4bee296d5e315cb03f8ddbd360250dc7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\GameStart\Debug\GameStart.pdb

Imports

kernel32

FileTimeToLocalFileTime
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
SetEnvironmentVariableA
CreateFileA
GetTimeZoneInformation
GetConsoleOutputCP
WriteConsoleA
GetDriveTypeA
GetFullPathNameA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoA
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetProcessHeap
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
HeapReAlloc
HeapSize
HeapAlloc
SetConsoleCtrlHandler
UnhandledExceptionFilter
TerminateProcess
FatalAppExitA
IsDebuggerPresent
VirtualFree
HeapFree
HeapCreate
HeapDestroy
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
QueryPerformanceCounter
SetUnhandledExceptionFilter
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
GetStdHandle
DebugBreak
VirtualQuery
VirtualAlloc
GetFileType
SetStdHandle
GetModuleFileNameA
ExitThread
ExitProcess
Sleep
RaiseException
IsBadReadPtr
HeapValidate
RtlUnwind
GetStartupInfoW
WaitForMultipleObjects
ReleaseMutex
CreateMutexW
ReleaseSemaphore
CreateSemaphoreW
GetTickCount
GetDiskFreeSpaceW
GetTempFileNameW
FindResourceExW
SetFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
ResetEvent
PulseEvent
GetShortPathNameW
lstrcmpiW
GetStringTypeExW
GetFullPathNameW
GetVolumeInformationW
MoveFileW
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
DuplicateHandle
GetHandleInformation
GetCurrentDirectoryW
GetProfileIntW
VirtualProtect
GlobalFlags
SystemTimeToFileTime
FileTimeToSystemTime
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
SetErrorMode
InterlockedIncrement
InterlockedDecrement
LocalAlloc
GetThreadLocale
GetAtomNameW
lstrlenA
GetCurrentProcessId
CreateEventW
SetEvent
CompareStringA
InterlockedExchange
lstrcmpA
GetCurrentThread
GetLocaleInfoW
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleHandleA
CompareStringW
LoadLibraryA
LoadLibraryW
lstrcmpW
FreeLibrary
GlobalGetAtomNameW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExA
SuspendThread
ResumeThread
GetThreadPriority
SetThreadPriority
FindNextFileW
FindFirstFileW
FindClose
SetLastError
MulDiv
GlobalFree
CopyFileW
GlobalSize
FormatMessageW
LocalFree
GetFileAttributesW
GetModuleFileNameW
lstrlenW
GetPrivateProfileIntW
WritePrivateProfileStringW
CreateDirectoryW
DeleteFileW
CreateFileW
WriteFile
CreatePipe
GetStartupInfoA
WideCharToMultiByte
GlobalMemoryStatus
CreateProcessA
GetLastError
WaitForSingleObject
GlobalAlloc
GlobalLock
GlobalUnlock
FreeResource
SetFileAttributesW
GetPrivateProfileStringW
CreateThread
CloseHandle
GetCurrentThreadId
LoadResource
LockResource
SizeofResource
FindResourceW
MultiByteToWideChar
GetModuleHandleW
GetProcAddress
GetSystemInfo
GetVersionExW
OpenEventA

user32

LoadBitmapW
SetMenuItemBitmaps
TabbedTextOutW
MapVirtualKeyW
GetKeyNameTextW
RegisterWindowMessageW
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
SendDlgItemMessageA
PeekMessageW
DispatchMessageW
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
WinHelpW
TrackPopupMenuEx
TrackPopupMenu
SetWindowPlacement
GetKeyState
DestroyWindow
GetClassLongW
SetPropW
GetPropW
RemovePropW
DefWindowProcW
SetMenu
GetMenu
GetMessageTime
GetMessagePos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
SetFocus
IsWindowEnabled
SetWindowPos
MoveWindow
GetDlgCtrlID
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
IsDialogMessageW
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
SendDlgItemMessageW
GetDlgItemTextW
GetDlgItemInt
GetDlgItem
CheckRadioButton
CheckDlgButton
OpenIcon
CloseWindow
LoadIconW
PostThreadMessageW
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
MapDialogRect
EnableWindow
GetWindowContextHelpId
SetWindowContextHelpId
SendNotifyMessageW
GetForegroundWindow
SetForegroundWindow
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
FlashWindow
WindowFromPoint
SetParent
GetParent
GetMenuCheckMarkDimensions
GetLastActivePopup
GetWindow
GetTopWindow
FindWindowExW
FindWindowW
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
DlgDirSelectComboBoxExW
DlgDirSelectExW
DlgDirListComboBoxW
DlgDirListW
GetDesktopWindow
GetFocus
SetCapture
GetCapture
SetActiveWindow
GetActiveWindow
KillTimer
SetTimer
DrawCaption
DrawAnimatedRects
EnableScrollBar
RedrawWindow
LockWindowUpdate
GetDCEx
ShowOwnedPopups
IsWindowVisible
ValidateRgn
ValidateRect
InvalidateRgn
InvalidateRect
GetUpdateRgn
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ScreenToClient
ClientToScreen
MapWindowPoints
GetClientRect
GetWindowRect
BringWindowToTop
GetWindowRgn
SetWindowRgn
ArrangeIconicWindows
IsZoomed
IsIconic
HiliteMenuItem
GetSystemMenu
DrawMenuBar
DragDetect
PostMessageW
SendMessageW
UnregisterClassW
RegisterClipboardFormatW
MsgWaitForMultipleObjects
InSendMessage
UnhookWindowsHookEx
RemoveMenu
IsMenu
GetMenuItemCount
GetSubMenu
GetMenuState
GetMenuStringW
GetMenuItemID
ModifyMenuW
CreateMenu
AppendMenuW
CreatePopupMenu
InsertMenuW
GetSysColor
IsWindow
AnimateWindow
GetSysColorBrush
WindowFromDC
ExcludeUpdateRgn
FillRect
FrameRect
InvertRect
DrawIcon
DrawStateW
DrawEdge
DrawFrameControl
LoadCursorW
SetCursor
PostQuitMessage
TranslateMessage
GetMessageW
GetCursorPos
GetWindowThreadProcessId
CreateDialogIndirectParamW
IsChild
EndDialog
SetWindowsHookExW
CallNextHookEx
PeekMessageA
IsWindowUnicode
GetMessageA
DispatchMessageA
SubtractRect
UnionRect
InflateRect
SetRect
PtInRect
SetWindowLongW
GetWindowLongW
GetClassNameW
MessageBeep
GetSystemMetrics
CallWindowProcW
ShowWindow
IsClipboardFormatAvailable
IsRectEmpty
GetTabbedTextExtentA
CopyAcceleratorTableW
GetDialogBaseUnits
GetMenuBarInfo
ReuseDDElParam
TranslateAcceleratorW
DestroyIcon
CharUpperW
WaitMessage
LoadAcceleratorsW
ReleaseCapture
GetAsyncKeyState
UnpackDDElParam
GetClipboardFormatNameW
GetClipboardFormatNameA
SetRectEmpty
SystemParametersInfoW
DestroyMenu
CharNextW
CheckMenuRadioItem
GetMenuContextHelpId
SetMenuContextHelpId
LoadMenuIndirectW
LoadMenuW
InsertMenuItemW
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
DeleteMenu
ScrollDC
GrayStringW
GetTabbedTextExtentW
DrawTextExW
DrawTextW
DrawFocusRect

gdi32

SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
DeleteObject
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
UnrealizeObject
CreatePenIndirect
CreateBrushIndirect
CreateFontIndirectW
CreateFontW
CreateBitmapIndirect
SetBitmapBits
GetBitmapBits
SetBitmapDimensionEx
GetBitmapDimensionEx
CreateCompatibleBitmap
CreateDiscardableBitmap
CreatePalette
CreateHalftonePalette
GetPaletteEntries
SetPaletteEntries
AnimatePalette
GetNearestPaletteIndex
ResizePalette
CreateRectRgnIndirect
CreateEllipticRgn
CreateEllipticRgnIndirect
CreatePolygonRgn
CreatePolyPolygonRgn
CreateRoundRectRgn
PathToRegion
ExtCreateRegion
GetRegionData
SetRectRgn
CombineRgn
EqualRgn
OffsetRgn
GetRgnBox
PtInRegion
RectInRegion
CreateICW
CreateCompatibleDC
GetBrushOrgEx
SetBrushOrgEx
EnumObjects
GetNearestColor
SetPolyFillMode
UpdateColors
GetBkColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetMapMode
GetGraphicsMode
GetWorldTransform
GetViewportOrgEx
GetViewportExtEx
GetWindowOrgEx
GetWindowExtEx
DPtoLP
LPtoDP
FillRgn
FrameRgn
InvertRgn
PaintRgn
PtVisible
RectVisible
Arc
Polyline
Chord
Ellipse
Pie
Polygon
PolyPolygon
Rectangle
RoundRect
PatBlt
BitBlt
StretchBlt
GetPixel
SetPixel
FloodFill
ExtFloodFill
TextOutW
GetTextExtentPoint32W
GetTextAlign
GetTextFaceW
GetTextMetricsW
GetTextCharacterExtra
GetCharWidthW
GetFontLanguageInfo
GetCharacterPlacementW
GetAspectRatioFilterEx
Escape
SetBoundsRect
GetBoundsRect
ResetDCW
GetOutlineTextMetricsW
GetCharABCWidthsW
GetFontData
GetKerningPairsW
GetGlyphOutlineW
StartDocW
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
MaskBlt
PlgBlt
SetPixelV
AngleArc
GetArcDirection
PolyPolyline
GetColorAdjustment
GetCurrentObject
PolyBezier
DrawEscape
ExtEscape
GetCharABCWidthsFloatW
GetCharWidthFloatW
AbortPath
BeginPath
CloseFigure
EndPath
SetBkMode
SelectPalette
GetStockObject
FillPath
FlattenPath
GetMiterLimit
GetPath
SetMiterLimit
StrokeAndFillPath
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
ExtTextOutW
CloseEnhMetaFile
CreateEnhMetaFileW
CloseMetaFile
CreateMetaFileW
GetObjectW
SetBkColor
SetROP2
SetTextColor
GetClipBox
GetDCOrgEx
GetDeviceCaps
CreateDCW
RealizePalette
DeleteMetaFile
EnumFontFamiliesExW
StretchDIBits
PlayEnhMetaFile
GdiComment
WidenPath
StrokePath
CopyMetaFileW

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
GetJobW
ClosePrinter

advapi32

RegCreateKeyExW
RevertToSelf
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegOpenKeyW
RegSetValueW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyW
SetFileSecurityW
GetFileSecurityW
SetThreadToken
OpenThreadToken

shell32

DragQueryFileW
DragFinish
ExtractIconW
SHGetFileInfoW
DragAcceptFiles
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHChangeNotify
ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

PathIsUNCW
PathRemoveFileSpecW
UrlUnescapeW
PathFindFileNameW
PathRemoveExtensionW
PathFindExtensionW
PathStripToRootW

oledlg

OleUIInsertObjectW
OleUIConvertW
OleUIChangeIconW
OleUIEditLinksW
OleUIUpdateLinksW
OleUIPasteSpecialW
OleUIBusyW

ole32

WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
OleCreateFromFile
ReadClassStg
StringFromCLSID
CoTreatAsClass
CoTaskMemAlloc
ReleaseStgMedium
CLSIDFromProgID
CLSIDFromString
CoDisconnectObject
StringFromGUID2
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleRun
CoRegisterClassObject
CoRevokeClassObject
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleIsCurrentClipboard
OleSetClipboard
OleFlushClipboard
CreateItemMoniker
CreateGenericComposite
CreateFileMoniker
GetClassFile
CoGetMalloc
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
OleLockRunning
OleSetContainedObject
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
CoLockObjectExternal
GetRunningObjectTable
IsAccelerator
OleTranslateAccelerator
CreateDataAdviseHolder
CreateOleAdviseHolder
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleRegGetMiscStatus
OleRegEnumVerbs
DoDragDrop
OleSetMenuDescriptor
OleGetClipboard
OleQueryLinkFromData
OleQueryCreateFromData
OleIsRunning
OleSaveToStream
WriteClassStm
OleGetIconOfClass
GetHGlobalFromILockBytes
StgIsStorageILockBytes
CreateBindCtx
OleDuplicateData
CoInitializeEx
CoSetProxyBlanket
CoTaskMemFree
CoUninitialize
CoInitialize
CoCreateInstance
CreateStreamOnHGlobal
OleSave
OleLoad
OleCreate
OleCreateLinkToFile
CoUnmarshalInterface
CoMarshalInterface
CoReleaseMarshalData
SetConvertStg
CoInitializeSecurity

oleaut32

SystemTimeToVariantTime
VarDateFromUdate
VarUdateFromDate
VariantTimeToSystemTime
DosDateTimeToVariantTime
VarBstrFromDate
VarDateFromStr
VarDecFromStr
VarBstrFromDec
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
SafeArrayCreate
SafeArrayRedim
SafeArrayAccessData
SafeArrayUnaccessData
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
SafeArrayGetElemsize
SafeArrayGetDim
OleCreateFontIndirect
VariantChangeType
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysAllocString
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElement
SafeArrayDestroy
SysAllocStringLen
SysFreeString
VariantCopy
VariantClear
VariantInit

gdiplus

GdipFillRectangle
GdipGetImageWidth
GdipCloneImage
GdipDisposeImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipDeleteFont
GdipDeleteFontFamily
GdipDrawImageRectRectI
GdipMeasureString
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipDeleteStringFormat
GdipCloneBrush
GdipFree
GdipAlloc
GdipCreateStringFormat
GdipSetStringFormatAlign
GdipCreateFontFamilyFromName
GdipCreateFont
GdipGetImageHeight
GdiplusStartup
GdiplusShutdown
GdipCreateSolidFill
GdipDeleteBrush
GdipDrawString

ws2_32

WSAStartup
gethostbyname
WSACleanup

wininet

FtpSetCurrentDirectoryW
GetUrlCacheEntryInfoW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetQueryOptionW
GopherGetLocatorTypeW
InternetGetLastResponseInfoW
GopherFindFirstFileW
InternetFindNextFileW
FtpFindFirstFileW
HttpQueryInfoW
HttpSendRequestExW
HttpEndRequestW
HttpSendRequestW
HttpAddRequestHeadersW
InternetErrorDlg
HttpOpenRequestW
GopherOpenFileW
GopherGetAttributeW
GopherCreateLocatorW
FtpGetFileW
FtpPutFileW
FtpCommandW
FtpOpenFileW
FtpGetCurrentDirectoryW
InternetOpenW
FtpRemoveDirectoryW
FtpCreateDirectoryW
FtpRenameFileW
FtpDeleteFileW
InternetConnectW
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetGetCookieW
InternetSetCookieW
InternetSetStatusCallbackW
InternetSetOptionExW
InternetOpenUrlW
InternetCloseHandle
DeleteUrlCacheEntryW

Sections

.textbss
Size: - Virtual size: 956KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 355KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 1024B - Virtual size: 793B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 670KB - Virtual size: 670KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 151KB

.ndata Size: - Virtual size: 32KB

.rsrc Size: 27KB - Virtual size: 26KB

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 151KB

.ndata Size: - Virtual size: 32KB

.rsrc Size: 103KB - Virtual size: 102KB

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 151KB

.ndata Size: - Virtual size: 32KB

.rsrc Size: 27KB - Virtual size: 26KB

4403c97882d548c9df81192d6a88bd88

Headers

File Characteristics

Imports

wsock32

winmm

avifil32

opengl32

msvcrt

mfc42

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Exports

Exports

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 151KB

.ndata
Size: - Virtual size: 32KB

.rsrc
Size: 27KB - Virtual size: 26KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 151KB

.ndata
Size: - Virtual size: 32KB

.rsrc
Size: 103KB - Virtual size: 102KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 151KB

.ndata
Size: - Virtual size: 32KB

.rsrc
Size: 27KB - Virtual size: 26KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 104KB - Virtual size: 103KB

.data
Size: 88KB - Virtual size: 2.0MB

.data1
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 48KB - Virtual size: 45KB

.textbss
Size: - Virtual size: 956KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 355KB - Virtual size: 354KB

.data
Size: 21KB - Virtual size: 41KB

.idata
Size: 27KB - Virtual size: 26KB

.didat
Size: 1024B - Virtual size: 793B

.rsrc
Size: 670KB - Virtual size: 670KB

.reloc
Size: 107KB - Virtual size: 107KB