53141068f04ebf4cd8e5e83219b6e8a4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

53141068f04ebf4cd8e5e83219b6e8a4_JaffaCakes118
Size

9.5MB
MD5

53141068f04ebf4cd8e5e83219b6e8a4
SHA1

2294061f9c946f4969b5eafa8c13f531ba78d782
SHA256

7e8eb69adadb7337fa6a7b18c08b7d3f1ccef733157db636f23e5ec3603a2550
SHA512

b95fd7d1e2b23ee994b5def27835333191b9c0bcc8f308e24e441af8e764a84d2638f2089ede5cab33b4e3986980cd8566899406f4c80a3d3b1fa180cbea345b
SSDEEP

196608:ZnCk2BFEh4VqvfZQlZRnk+q8VYqcu4SPCGrWVsXzNajFSb2ZkSsbFQYU:ZnpaEWAQZkgVP7KEWVsqFSYeKZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 11 IoCs

Checks for missing Authenticode signature.

resource
53141068f04ebf4cd8e5e83219b6e8a4_JaffaCakes118
unpack001/$PLUGINSDIR/Dialer.dll
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/LangDLL.dll
unpack001/$PLUGINSDIR/StartMenu.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/nsisdl.dll
unpack001/MSS32.DLL
unpack001/Oasis.exe
unpack001/aminstall.dll
unpack001/mssmp3.asi

NSIS installer 1 IoCs

installer

resource	yara_rule
sample	nsis_installer_1

Files

53141068f04ebf4cd8e5e83219b6e8a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9632e80596371cfa7f563f680f3c4498

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_AddMasked
ord17
ImageList_Destroy
ImageList_Create

kernel32

SetErrorMode
GetExitCodeProcess
WaitForSingleObject
ExpandEnvironmentStringsA
GetEnvironmentVariableA
lstrcmpiA
FindNextFileA
DeleteFileA
FindFirstFileA
SetFileTime
GetFileAttributesA
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
lstrcatA
SetCurrentDirectoryA
CreateDirectoryA
SetFileAttributesA
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetModuleHandleA
ExitProcess
lstrcpynA
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
GetUserDefaultLangID
GetDiskFreeSpaceA
GetVersion
GlobalUnlock
GlobalLock
GlobalAlloc
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcpyA
lstrlenA
GetSystemDirectoryA
EnterCriticalSection
Sleep
LeaveCriticalSection
InitializeCriticalSection
CloseHandle
GlobalFree
LoadLibraryA
GetProcAddress
CreateThread
FreeLibrary
MultiByteToWideChar
GetCurrentProcess
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
MulDiv
CopyFileA

user32

CharNextA
DialogBoxParamA
GetClassInfoA
CreateWindowExA
SystemParametersInfoA
RegisterClassA
EndDialog
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
LoadCursorA
SetCursor
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
PeekMessageA
DispatchMessageA
ExitWindowsEx
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
PostQuitMessage

gdi32

GetDeviceCaps
CreateFontIndirectA
DeleteObject
CreateBrushIndirect
CreateFontA
SetBkMode
SetTextColor
SetBkColor
SelectObject

advapi32

RegEnumValueA
RegEnumKeyA
RegQueryValueExA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyA
RegCloseKey

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHFileOperationA

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/Dialer.dll
.dll windows:4 windows x86 arch:x86

ab210dbea49bc0da8fcf35e3ed7d437a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
GlobalAlloc
GetProcAddress
FreeLibrary
LocalAlloc
InterlockedExchange
RaiseException
GetLastError
LoadLibraryA

Exports

Exports

AttemptConnect
AutodialHangup
AutodialOnline
AutodialUnattended
GetConnectedState

Sections

.text
Size: 1024B - Virtual size: 997B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 695B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

3764e6c387ce3c76b39936a24d523dce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileIntA
MultiByteToWideChar
GetPrivateProfileStringA
MulDiv
lstrcmpiA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GetModuleHandleA
GlobalAlloc

user32

PtInRect
MapWindowPoints
GetDlgCtrlID
LoadIconA
LoadImageA
LoadCursorA
CreateWindowExA
GetDC
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
EnableWindow
SendMessageA
SetWindowTextA
GetWindowTextA
wsprintfA
CharNextA
SetWindowLongA

gdi32

SetTextColor
CreateCompatibleDC
SelectObject
GetTextMetricsA
GetTextExtentPoint32A
DeleteDC
DeleteObject

comdlg32

GetOpenFileNameA
CommDlgExtendedError
GetSaveFileNameA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

ee01c5cc33cdb3294484fc93e41c14ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
GlobalAlloc
GetModuleHandleA
lstrcpynA
lstrcmpA
MulDiv
lstrcpyA
GlobalFree

user32

LoadIconA
SetWindowTextA
SetDlgItemTextA
SendDlgItemMessageA
DialogBoxParamA
GetDC
ShowWindow
EndDialog
SendMessageA

gdi32

CreateFontIndirectA
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 681B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 242B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/StartMenu.dll
.dll windows:4 windows x86 arch:x86

aebc3107701149edfc563b8db7a789fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
GlobalAlloc
MulDiv
GetModuleHandleA
GlobalFree
FindClose
FindNextFileA
FindFirstFileA
lstrcmpiA
lstrcatA
lstrcpyA

user32

GetDlgItem
PostMessageA
CallWindowProcA
CreateDialogParamA
CheckDlgButton
ShowWindow
LoadIconA
GetClientRect
MoveWindow
ScreenToClient
GetWindowRect
ReleaseDC
GetDC
EnableWindow
SetWindowTextA
SendMessageA
GetWindowTextA
IsDlgButtonChecked
SetWindowLongA
IsDialogMessageA
GetMessageA
TranslateMessage
DispatchMessageA
DestroyWindow
GetWindowLongA

gdi32

GetTextMetricsA
SelectObject

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA

Exports

Exports

Select

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

445ca064c668ebcb89957d525a8bef23

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\Cpp\!nsis!\System\Release\System.pdb

Imports

kernel32

GlobalAlloc
GlobalSize
GlobalFree
lstrcpyA
lstrcpynA
FreeLibrary
GetModuleHandleA
LoadLibraryA
GetProcAddress
lstrcatA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 478B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsisdl.dll
.dll windows:4 windows x86 arch:x86

1fbd167acaa99d82548b3191ef8bcb1c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
lstrlenA
lstrcatA
GlobalAlloc
GlobalFree
lstrcmpiA
MulDiv
GetTickCount
DeleteFileA
WriteFile
Sleep
CreateFileA
CreateThread
WaitForSingleObject
lstrcpyA
CloseHandle

user32

SetWindowLongA
CharPrevA
RegisterWindowMessageA
CallWindowProcA
DestroyWindow
EnableWindow
GetWindowLongA
SendMessageA
CreateWindowExA
GetClientRect
ShowWindow
IsWindowVisible
GetFocus
GetDlgItem
FindWindowExA
wsprintfA
SetWindowTextA
SetDlgItemTextA
GetWindowRect

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

wsock32

__WSAFDIsSet
ioctlsocket
inet_ntoa
htons
socket
closesocket
shutdown
connect
gethostbyname
select
recv
WSAGetLastError
send
WSACleanup
WSAStartup

Exports

Exports

download
download_quiet

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 726B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Abaddon27.gif
.gif
Abaddon27.txt
Abaddon27_mask.gif
.gif
AbaddonT11.gif
.gif
AbaddonT11.txt
AbaddonT11_mask.gif
.gif
Arial10Bold.gif
.gif
Arial10Bold.txt
Arial10Bold_mask.gif
.gif
Arial12Bold.gif
.gif
Arial12Bold.txt
Arial12Bold_mask.gif
.gif
Arial14Bold.gif
.gif
Arial14Bold.txt
Arial14Bold_mask.gif
.gif
Arial18Bold.gif
.gif
Arial18Bold.txt
Arial18Bold_mask.gif
.gif
Arial20Bold.gif
.gif
Arial20Bold.txt
Arial20Bold_mask.gif
.gif
Arial50Bold.gif
.gif
Arial50Bold.txt
Arial50Bold_mask.gif
.gif
Button.jpg
.jpg
Button_.gif
.gif
CasablancaAntique18.gif
.gif
CasablancaAntique18.txt
CasablancaAntique18_mask.gif
.gif
CasablancaAntique22.gif
.gif
CasablancaAntique22.txt
CasablancaAntique22_mask.gif
.gif
EULA.txt
Easy.gif
.gif
Easy_.jpg
.jpg
Exit.gif
.gif
Exit_.jpg
.jpg
Hallofimmortals.gif
.gif
Hallofimmortals_.jpg
.jpg
Hard.gif
.gif
Hard_.jpg
.jpg
Infobox.gif
.gif
Infobox_.gif
.gif
Insane.gif
.gif
Insane_.jpg
.jpg
LOG.TXT
MSS32.DLL
.dll windows:4 windows x86 arch:x86

fbd062dae8887ddabbb481e18570a410

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Devel\Projects\mss\build\win\mss32.pdb

Imports

user32

SetTimer
KillTimer
wsprintfA
GetTopWindow
GetForegroundWindow
MessageBoxA
GetWindowLongA
GetActiveWindow
IsWindow
GetWindowThreadProcessId
GetWindow

kernel32

RtlUnwind
LCMapStringW
GetLastError
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
GetCommandLineA
GetSystemTimeAsFileTime
TerminateProcess
GetTimeZoneInformation
HeapFree
WaitForSingleObject
SetEvent
GetWindowsDirectoryA
Sleep
CreateEventA
GetSystemDirectoryA
SetThreadPriority
RaiseException
DisableThreadLibraryCalls
WaitForMultipleObjects
GetModuleFileNameA
GetModuleHandleA
CreateMutexA
ReleaseMutex
CloseHandle
GetCurrentProcessId
SuspendThread
ResumeThread
CreateThread
SetErrorMode
FreeLibrary
FindFirstFileA
GetProcAddress
FindClose
LoadLibraryA
FindNextFileA
CreateDirectoryA
CreateFileA
SetFilePointer
ReadFile
OpenFile
GetTempPathA
GetCurrentProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThread
GetProfileStringA
QueryPerformanceFrequency
OutputDebugStringA
DuplicateHandle
GetVersionExA
lstrcatA
WriteFile
GlobalAlloc
GlobalFree
SetEnvironmentVariableA
CompareStringW
CompareStringA
HeapSize
SetEndOfFile
GetCurrentThreadId
GetOEMCP
GetACP
FlushFileBuffers
SetStdHandle
SetHandleCount
HeapReAlloc
GetStringTypeW
GetStringTypeA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
GetCPInfo
GetLocaleInfoA
HeapAlloc
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
GetStdHandle
ExitProcess

winmm

waveOutClose
waveOutWrite
waveOutReset
waveOutGetDevCapsA
waveOutUnprepareHeader
waveOutOpen
waveOutGetID
waveOutPrepareHeader
waveInClose
waveInPrepareHeader
waveInOpen
waveInAddBuffer
waveInReset
waveInUnprepareHeader
waveInStart
midiOutLongMsg
midiOutClose
midiOutShortMsg
midiOutOpen
midiOutReset
midiOutPrepareHeader
midiOutUnprepareHeader
timeGetTime
mixerSetControlDetails
mixerGetControlDetailsA
mixerGetNumDevs
auxGetDevCapsA
mixerClose
mixerGetLineInfoA
auxSetVolume
mixerGetLineControlsA
auxGetNumDevs
mixerOpen
auxGetVolume
mciSendCommandA

Exports

Exports

AIL_debug_printf
AIL_sprintf
DLSClose
DLSCompactMemory
DLSGetInfo
DLSLoadFile
DLSLoadMemFile
DLSMSSOpen
DLSSetAttribute
DLSUnloadAll
DLSUnloadFile
RIB_alloc_provider_handle
RIB_enumerate_interface
RIB_error
RIB_find_file_provider
RIB_free_provider_handle
RIB_free_provider_library
RIB_load_provider_library
RIB_register_interface
RIB_request_interface
RIB_request_interface_entry
RIB_type_string
RIB_unregister_interface
_AIL_3D_distance_factor@4
_AIL_3D_doppler_factor@4
_AIL_3D_orientation@28
_AIL_3D_position@16
_AIL_3D_provider_attribute@12
_AIL_3D_rolloff_factor@4
_AIL_3D_room_type@4
_AIL_3D_sample_attribute@12
_AIL_3D_sample_cone@16
_AIL_3D_sample_distances@12
_AIL_3D_sample_effects_level@4
_AIL_3D_sample_exclusion@4
_AIL_3D_sample_length@4
_AIL_3D_sample_loop_count@4
_AIL_3D_sample_obstruction@4
_AIL_3D_sample_occlusion@4
_AIL_3D_sample_offset@4
_AIL_3D_sample_playback_rate@4
_AIL_3D_sample_status@4
_AIL_3D_sample_volume@4
_AIL_3D_speaker_type@4
_AIL_3D_user_data@8
_AIL_3D_velocity@16
_AIL_DLS_close@8
_AIL_DLS_compact@4
_AIL_DLS_get_info@12
_AIL_DLS_get_reverb_levels@12
_AIL_DLS_load_file@12
_AIL_DLS_load_memory@12
_AIL_DLS_open@28
_AIL_DLS_set_reverb_levels@12
_AIL_DLS_unload@8
_AIL_HWND@0
_AIL_MIDI_handle_reacquire@4
_AIL_MIDI_handle_release@4
_AIL_MIDI_to_XMI@20
_AIL_MMX_available@0
_AIL_WAV_file_write@20
_AIL_WAV_info@8
_AIL_XMIDI_master_volume@4
_AIL_active_3D_sample_count@4
_AIL_active_sample_count@4
_AIL_active_sequence_count@4
_AIL_allocate_3D_sample_handle@4
_AIL_allocate_file_sample@12
_AIL_allocate_sample_handle@4
_AIL_allocate_sequence_handle@4
_AIL_auto_service_stream@8
_AIL_auto_update_3D_position@8
_AIL_background@0
_AIL_branch_index@8
_AIL_channel_notes@8
_AIL_close_3D_listener@4
_AIL_close_3D_object@4
_AIL_close_3D_provider@4
_AIL_close_XMIDI_driver@4
_AIL_close_digital_driver@4
_AIL_close_filter@4
_AIL_close_input@4
_AIL_close_stream@4
_AIL_compress_ADPCM@12
_AIL_compress_ASI@20
_AIL_compress_DLS@20
_AIL_controller_value@12
_AIL_create_wave_synthesizer@16
_AIL_decompress_ADPCM@12
_AIL_decompress_ASI@24
_AIL_delay@4
_AIL_destroy_wave_synthesizer@4
_AIL_digital_CPU_percent@4
_AIL_digital_configuration@16
_AIL_digital_handle_reacquire@4
_AIL_digital_handle_release@4
_AIL_digital_latency@4
_AIL_digital_master_reverb@16
_AIL_digital_master_reverb_levels@12
_AIL_digital_master_volume_level@4
_AIL_end_3D_sample@4
_AIL_end_sample@4
_AIL_end_sequence@4
_AIL_enumerate_3D_provider_attributes@12
_AIL_enumerate_3D_providers@12
_AIL_enumerate_3D_sample_attributes@12
_AIL_enumerate_filter_attributes@12
_AIL_enumerate_filter_sample_attributes@12
_AIL_enumerate_filters@12
_AIL_extract_DLS@28
_AIL_file_error@0
_AIL_file_read@8
_AIL_file_size@4
_AIL_file_type@8
_AIL_file_write@12
_AIL_filter_DLS_attribute@12
_AIL_filter_DLS_with_XMI@24
_AIL_filter_attribute@12
_AIL_filter_sample_attribute@12
_AIL_filter_stream_attribute@12
_AIL_find_DLS@24
_AIL_get_DirectSound_info@12
_AIL_get_input_info@4
_AIL_get_preference@4
_AIL_get_timer_highest_delay@0
_AIL_init_sample@4
_AIL_init_sequence@12
_AIL_last_error@0
_AIL_list_DLS@20
_AIL_list_MIDI@20
_AIL_load_sample_buffer@16
_AIL_lock@0
_AIL_lock_channel@4
_AIL_lock_mutex@0
_AIL_map_sequence_channel@12
_AIL_mem_alloc_lock@4
_AIL_mem_free_lock@4
_AIL_mem_use_free@4
_AIL_mem_use_malloc@4
_AIL_merge_DLS_with_XMI@16
_AIL_midiOutClose@4
_AIL_midiOutOpen@12
_AIL_minimum_sample_buffer_size@12
_AIL_ms_count@0
_AIL_open_3D_listener@4
_AIL_open_3D_object@4
_AIL_open_3D_provider@4
_AIL_open_XMIDI_driver@4
_AIL_open_digital_driver@16
_AIL_open_filter@8
_AIL_open_input@4
_AIL_open_stream@12
_AIL_pause_stream@8
_AIL_primary_digital_driver@4
_AIL_process_digital_audio@24
_AIL_quick_copy@4
_AIL_quick_halt@4
_AIL_quick_handles@12
_AIL_quick_load@4
_AIL_quick_load_and_play@12
_AIL_quick_load_mem@8
_AIL_quick_ms_length@4
_AIL_quick_ms_position@4
_AIL_quick_play@8
_AIL_quick_set_low_pass_cut_off@8
_AIL_quick_set_ms_position@8
_AIL_quick_set_reverb_levels@12
_AIL_quick_set_speed@8
_AIL_quick_set_volume@12
_AIL_quick_shutdown@0
_AIL_quick_startup@20
_AIL_quick_status@4
_AIL_quick_type@4
_AIL_quick_unload@4
_AIL_redbook_close@4
_AIL_redbook_eject@4
_AIL_redbook_id@4
_AIL_redbook_open@4
_AIL_redbook_open_drive@4
_AIL_redbook_pause@4
_AIL_redbook_play@12
_AIL_redbook_position@4
_AIL_redbook_resume@4
_AIL_redbook_retract@4
_AIL_redbook_set_volume_level@8
_AIL_redbook_status@4
_AIL_redbook_stop@4
_AIL_redbook_track@4
_AIL_redbook_track_info@16
_AIL_redbook_tracks@4
_AIL_redbook_volume_level@4
_AIL_register_3D_EOS_callback@8
_AIL_register_EOB_callback@8
_AIL_register_EOF_callback@8
_AIL_register_EOS_callback@8
_AIL_register_ICA_array@8
_AIL_register_SOB_callback@8
_AIL_register_beat_callback@8
_AIL_register_event_callback@8
_AIL_register_prefix_callback@8
_AIL_register_sequence_callback@8
_AIL_register_stream_callback@8
_AIL_register_timbre_callback@8
_AIL_register_timer@4
_AIL_register_trigger_callback@8
_AIL_release_3D_sample_handle@4
_AIL_release_all_timers@0
_AIL_release_channel@8
_AIL_release_sample_handle@4
_AIL_release_sequence_handle@4
_AIL_release_timer_handle@4
_AIL_request_EOB_ASI_reset@8
_AIL_resume_3D_sample@4
_AIL_resume_sample@4
_AIL_resume_sequence@4
_AIL_sample_buffer_info@20
_AIL_sample_buffer_ready@4
_AIL_sample_granularity@4
_AIL_sample_loop_count@4
_AIL_sample_low_pass_cut_off@4
_AIL_sample_ms_position@12
_AIL_sample_playback_rate@4
_AIL_sample_position@4
_AIL_sample_reverb_levels@12
_AIL_sample_status@4
_AIL_sample_user_data@8
_AIL_sample_volume_levels@12
_AIL_sample_volume_pan@12
_AIL_send_channel_voice_message@20
_AIL_send_sysex_message@8
_AIL_sequence_loop_count@4
_AIL_sequence_ms_position@12
_AIL_sequence_position@12
_AIL_sequence_status@4
_AIL_sequence_tempo@4
_AIL_sequence_user_data@8
_AIL_sequence_volume@4
_AIL_serve@0
_AIL_service_stream@8
_AIL_set_3D_distance_factor@8
_AIL_set_3D_doppler_factor@8
_AIL_set_3D_orientation@28
_AIL_set_3D_position@16
_AIL_set_3D_provider_preference@12
_AIL_set_3D_rolloff_factor@8
_AIL_set_3D_room_type@8
_AIL_set_3D_sample_cone@16
_AIL_set_3D_sample_distances@12
_AIL_set_3D_sample_effects_level@8
_AIL_set_3D_sample_exclusion@8
_AIL_set_3D_sample_file@8
_AIL_set_3D_sample_info@8
_AIL_set_3D_sample_loop_block@12
_AIL_set_3D_sample_loop_count@8
_AIL_set_3D_sample_obstruction@8
_AIL_set_3D_sample_occlusion@8
_AIL_set_3D_sample_offset@8
_AIL_set_3D_sample_playback_rate@8
_AIL_set_3D_sample_preference@12
_AIL_set_3D_sample_volume@8
_AIL_set_3D_speaker_type@8
_AIL_set_3D_user_data@12
_AIL_set_3D_velocity@20
_AIL_set_3D_velocity_vector@16
_AIL_set_DLS_processor@12
_AIL_set_DirectSound_HWND@8
_AIL_set_XMIDI_master_volume@8
_AIL_set_digital_driver_processor@12
_AIL_set_digital_master_reverb@16
_AIL_set_digital_master_reverb_levels@12
_AIL_set_digital_master_room_type@8
_AIL_set_digital_master_volume_level@8
_AIL_set_error@4
_AIL_set_file_async_callbacks@20
_AIL_set_file_callbacks@16
_AIL_set_filter_DLS_preference@12
_AIL_set_filter_preference@12
_AIL_set_filter_sample_preference@12
_AIL_set_filter_stream_preference@12
_AIL_set_input_state@8
_AIL_set_named_sample_file@20
_AIL_set_preference@8
_AIL_set_redist_directory@4
_AIL_set_sample_address@12
_AIL_set_sample_adpcm_block_size@8
_AIL_set_sample_file@12
_AIL_set_sample_loop_block@12
_AIL_set_sample_loop_count@8
_AIL_set_sample_low_pass_cut_off@8
_AIL_set_sample_ms_position@8
_AIL_set_sample_playback_rate@8
_AIL_set_sample_position@8
_AIL_set_sample_processor@12
_AIL_set_sample_reverb_levels@12
_AIL_set_sample_type@12
_AIL_set_sample_user_data@12
_AIL_set_sample_volume_levels@12
_AIL_set_sample_volume_pan@12
_AIL_set_sequence_loop_count@8
_AIL_set_sequence_ms_position@8
_AIL_set_sequence_tempo@12
_AIL_set_sequence_user_data@12
_AIL_set_sequence_volume@12
_AIL_set_stream_loop_block@12
_AIL_set_stream_loop_count@8
_AIL_set_stream_low_pass_cut_off@8
_AIL_set_stream_ms_position@8
_AIL_set_stream_playback_rate@8
_AIL_set_stream_position@8
_AIL_set_stream_processor@12
_AIL_set_stream_reverb_levels@12
_AIL_set_stream_user_data@12
_AIL_set_stream_volume_levels@12
_AIL_set_stream_volume_pan@12
_AIL_set_timer_divisor@8
_AIL_set_timer_frequency@8
_AIL_set_timer_period@8
_AIL_set_timer_user@8
_AIL_shutdown@0
_AIL_size_processed_digital_audio@16
_AIL_start_3D_sample@4
_AIL_start_all_timers@0
_AIL_start_sample@4
_AIL_start_sequence@4
_AIL_start_stream@4
_AIL_start_timer@4
_AIL_startup@0
_AIL_stop_3D_sample@4
_AIL_stop_all_timers@0
_AIL_stop_sample@4
_AIL_stop_sequence@4
_AIL_stop_timer@4
_AIL_stream_info@20
_AIL_stream_loop_count@4
_AIL_stream_low_pass_cut_off@4
_AIL_stream_ms_position@12
_AIL_stream_playback_rate@4
_AIL_stream_position@4
_AIL_stream_reverb_levels@12
_AIL_stream_status@4
_AIL_stream_user_data@8
_AIL_stream_volume_levels@12
_AIL_stream_volume_pan@12
_AIL_true_sequence_channel@8
_AIL_unlock@0
_AIL_unlock_mutex@0
_AIL_update_3D_position@8
_AIL_us_count@0
_AIL_waveOutClose@4
_AIL_waveOutOpen@16
_DLSMSSGetCPU@4
_DllMain@12
_MIX_RIB_MAIN@8
_RIB_enumerate_providers@12
_RIB_find_file_dec_provider@20
_RIB_find_files_provider@20
_RIB_find_provider@12
_RIB_load_application_providers@4
_RIB_load_static_provider_library@8
_RIB_provider_system_data@8
_RIB_provider_user_data@8
_RIB_set_provider_system_data@12
_RIB_set_provider_user_data@12
stream_background

Sections

.text
Size: 233KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

MSSMIXER
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Menu.gif
.gif
Menu_.jpg
.jpg
MonoNumber16.gif
.gif
MonoNumber16.txt
MonoNumber16_mask.gif
.gif
Normal.gif
.gif
Normal_.jpg
.jpg
Oasis.exe
.exe windows:4 windows x86 arch:x86

8cde6d163ee515919e4981804e21c5ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mss32

_AIL_allocate_sample_handle@4

shlwapi

PathAppendA

version

GetFileVersionInfoA

Exports

Exports

??0TPfHiscores@@AAE@XZ
??0TPfHiscores@@QAE@PBD00@Z
??1TPfHiscores@@QAE@XZ
??4TPfHiscores@@QAEAAV0@ABV0@@Z
?ClearScores@TPfHiscores@@QAEXXZ
?DecryptData@TPfHiscores@@QAEHPBDPAXH@Z
?DeleteCurrentHiscoreCategories@TPfHiscores@@AAEXXZ
?DeleteCurrentHiscores@TPfHiscores@@AAEXXZ
?EncryptData@TPfHiscores@@QAEHPBXHPADH@Z
?GetCategoryCount@TPfHiscores@@QAEHXZ
?GetCategoryName@TPfHiscores@@QAE_NHPADH@Z
?GetRememberedUserInfo@TPfHiscores@@QAE_NPADH0H@Z
?GetScore@TPfHiscores@@QAE_N_NHPAHPADHPA_N12H@Z
?GetScoreCount@TPfHiscores@@QAEH_N@Z
?GetServerRequestStatus@TPfHiscores@@QAE?AW4EStatus@1@PADHPA_N@Z
?GetUserBestScore@TPfHiscores@@QAE_NW4EUserScore@1@PAH1PADH@Z
?GetUserEligibleScore@TPfHiscores@@AAE_NPAH0PADH@Z
?GetUserGlobalScore@TPfHiscores@@AAE_NPAH0PADH@Z
?LoadPreferences@TPfHiscores@@AAEXXZ
?LogScore@TPfHiscores@@QAEXHPBD@Z
?ParseCategoryData@TPfHiscores@@AAE_NPBD@Z
?ParseRememberedUserPreferences@TPfHiscores@@AAEXPBD@Z
?ParseReturnForErrors@TPfHiscores@@AAE_NPBD@Z
?ParseSavedLocalScores@TPfHiscores@@AAEXPBD@Z
?ParseScoreData@TPfHiscores@@AAE_NPBD@Z
?RequestCategoryInformation@TPfHiscores@@QAEXXZ
?RequestScores@TPfHiscores@@QAEXH@Z
?SavePreferences@TPfHiscores@@AAEXXZ
?SetProperty@TPfHiscores@@QAEXW4EProperty@1@PBD@Z
?SubmitScore@TPfHiscores@@QAE_NPBD0_N@Z

Sections

.rdata
Size: - Virtual size: 767KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 146KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 252KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 17KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: - Virtual size: 1.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 21KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 230B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Oasis.exp
Oasis.lib
Papyrus10.gif
.gif
Papyrus10.txt
Papyrus10_mask.gif
.gif
Papyrus12.gif
.gif
Papyrus12.txt
Papyrus12Bold.gif
.gif
Papyrus12Bold.txt
Papyrus12Bold_mask.gif
.gif
Papyrus12_mask.gif
.gif
Papyrus14.gif
.gif
Papyrus14.txt
Papyrus14_mask.gif
.gif
Papyrus18.gif
.gif
Papyrus18.txt
Papyrus18_mask.gif
.gif
Papyrus20.gif
.gif
Papyrus20.txt
Papyrus20_mask.gif
.gif
Pharaohs-challenge.gif
.gif
Pharaohs-challenge_.jpg
.jpg
Playoasis.gif
.gif
Playoasis_.jpg
.jpg
Slider.gif
.gif
Slider_.gif
.gif
Sliderbar.gif
.gif
Sliderbar_.gif
.gif
aminstall.dll
.dll windows:4 windows x86 arch:x86

39bf2f9400b25dffe6038f4810921a11

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegSetValueExA
RegCreateKeyExA
RegCloseKey

kernel32

GetModuleHandleA
GetSystemTime
SetFilePointer
FreeEnvironmentStringsW
EnterCriticalSection
Sleep
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
RtlUnwind
GetCommandLineA
GetVersion
HeapFree
RaiseException
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
ReadFile
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
CloseHandle
GetModuleFileNameA
FreeEnvironmentStringsA
IsBadReadPtr
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
FlushFileBuffers
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetCPInfo
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
CreateFileA
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
LCMapStringW
SetEndOfFile
LCMapStringA

user32

MessageBoxA

Exports

Exports

ActiveMARKReadInstaller

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
arial10.gif
.gif
arial10.txt
arial10_mask.gif
.gif
arrowdown_down.gif
.gif
arrowdown_down_.gif
.gif
arrowdown_over.gif
.gif
arrowdown_over_.gif
.gif
arrowdown_up.gif
.gif
arrowdown_up_.gif
.gif
arrowleft_down.gif
.gif
arrowleft_down_.gif
.gif
arrowleft_over.gif
.gif
arrowleft_over_.gif
.gif
arrowleft_up.gif
.gif
arrowleft_up_.gif
.gif
arrowright_down.gif
.gif
arrowright_down_.gif
.gif
arrowright_over.gif
.gif
arrowright_over_.gif
.gif
arrowright_up.gif
.gif
arrowright_up_.gif
.gif
arrowup_down.gif
.gif
arrowup_down_.gif
.gif
arrowup_over.gif
.gif
arrowup_over_.gif
.gif
arrowup_up.gif
.gif
arrowup_up_.gif
.gif
barb_fort.gif
.gif
barb_fort_.gif
.gif
barb_start.gif
.gif
barb_start_.gif
.gif
campaign_flag_02.gif
.gif
campaign_flag_02_.gif
.gif
camps03_01.gif
.gif
camps03_01_.gif
.gif
camps05_01.gif
.gif
camps05_01_.gif
.gif
camps09_01.gif
.gif
camps09_01_.gif
.gif
capital_02.gif
.gif
capital_02_.gif
.gif
checkbox.gif
.gif
checkbox_.gif
.gif
country1_normal.gif
.gif
country1_normal_.gif
.gif
country1_over.gif
.gif
country1_over_.gif
.gif
country2_normal.gif
.gif
country2_normal_.gif
.gif
country2_over.gif
.gif
country2_over_.gif
.gif
country3_normal.gif
.gif
country3_normal_.gif
.gif
country3_over.gif
.gif
country3_over_.gif
.gif
country4_normal.gif
.gif
country4_normal_.gif
.gif
country4_over.gif
.gif
country4_over_.gif
.gif
country5_normal.gif
.gif
country5_normal_.gif
.gif
country5_over.gif
.gif
country5_over_.gif
.gif
country6_normal.gif
.gif
country6_normal_.gif
.gif
country6_over.gif
.gif
country6_over_.gif
.gif
country7_normal.gif
.gif
country7_normal_.gif
.gif
country7_over.gif
.gif
country7_over_.gif
.gif
country8_normal.gif
.gif
country8_normal_.gif
.gif
country8_over.gif
.gif
country8_over_.gif
.gif
country9_normal.gif
.gif
country9_normal_.gif
.gif
country9_over.gif
.gif
country9_over_.gif
.gif
country_back.gif
.gif
country_back_.gif
.gif
credits_title.gif
.gif
credits_title_.gif
.gif
cursor_arrow.gif
.gif
cursor_arrow_.gif
.gif
cursor_gather.gif
.gif
cursor_gather_.gif
.gif
cursor_mine.gif
.gif
cursor_mine_.gif
.gif
cursor_no.gif
.gif
cursor_no_.gif
.gif
cursor_road.gif
.gif
cursor_road_.gif
.gif
cursor_search.gif
.gif
cursor_search_.gif
.gif
cursor_wait.gif
.gif
cursor_wait_.gif
.gif
defeat_03.gif
.gif
defeat_03_.gif
.gif
desert.jpg
.jpg
dialog_frame.jpg
.jpg
dialog_frame_.gif
.gif
forest_01.gif
.gif
forest_01_.gif
.gif
forest_down_01.gif
.gif
forest_down_01_.gif
.gif
highscores_back.jpg
.jpg
highscores_title.gif
.gif
highscores_title_.gif
.gif
hint.gif
.gif
hint_.gif
.gif
icon_p1.gif
.gif
king_backdrop.jpg
.jpg
learn_to_play.jpg
.jpg
learn_to_play_.gif
.gif
level_complete_06.gif
.gif
level_complete_06_.gif
.gif
loading_10.jpg
.jpg
loading_bar_01.gif
.gif
loading_bar_01_.gif
.gif
loading_filler_01.gif
.gif
loading_filler_01_.gif
.gif
loading_oasis_01.gif
.gif
loading_oasis_01_.gif
.gif
main_frame.jpg
.jpg
main_frame_.gif
.gif
main_menu_bg.jpg
.jpg
main_menu_bg_left.jpg
.jpg
main_menu_bg_right.jpg
.jpg
mcs.jpg
.jpg
menu_button_down.jpg
.jpg
menu_button_down_.gif
.gif
menu_button_over.jpg
.jpg
menu_button_over_.gif
.gif
menu_button_up.jpg
.jpg
menu_button_up_.gif
.gif
mssmp3.asi
.dll windows:4 windows x86 arch:x86

0a6e552859a67b4f22384dd79e84e592

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Devel\projects\mss\build\win\mssmp3.pdb

Imports

kernel32

DisableThreadLibraryCalls
GetSystemInfo
VirtualProtect
GetLocaleInfoA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetCommandLineA
GetVersionExA
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
HeapAlloc
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
LoadLibraryA
HeapSize
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
QueryPerformanceCounter
GetTickCount
RaiseException

mss32

RIB_unregister_interface
_AIL_mem_free_lock@4
_AIL_mem_alloc_lock@4
_AIL_MMX_available@0
RIB_register_interface

Exports

Exports

_RIB_Main@8

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
oasis-illustration_advice.jpg
.jpg
oasis-illustration_advice_.gif
.gif
oasis-illustration_easy.jpg
.jpg
oasis-illustration_easy_.gif
.gif
oasis-illustration_hard.jpg
.jpg
oasis-illustration_insane.jpg
.jpg
oasis-illustration_insane_.gif
.gif
oasis-illustration_normal.jpg
.jpg
oasis-illustration_normal_.gif
.gif
oasis-illustration_tutorial.jpg
.jpg
oasis_title_01.gif
.gif
oasis_title_01_.gif
.gif
options.gif
.gif
options_.jpg
.jpg
panel_back.gif
.gif
panel_big.gif
.gif
panel_small.gif
.gif
parchment_title_frame.gif
.gif
parchment_title_frame_.gif
.gif
pf.jpg
.jpg
readme.htm
.html
replay_tutorial.gif
.gif
replay_tutorial_.gif
.gif
select_diff.gif
.gif
select_diff_.gif
.gif
sky_button.jpg
.jpg
sky_button_.gif
.gif
story_panel01.jpg
.jpg
story_panel02.jpg
.jpg
tutorial_button_01_down_02.gif
.gif
tutorial_button_01_down_02_.gif
.gif
tutorial_button_01_over_02.gif
.gif
tutorial_button_01_over_02_.gif
.gif
tutorial_button_01_up_01.gif
.gif
tutorial_button_01_up_01_.gif
.gif
tutorial_button_02_down_02.gif
.gif
tutorial_button_02_down_02_.gif
.gif
tutorial_button_02_over_02.gif
.gif
tutorial_button_02_over_02_.gif
.gif
tutorial_button_02_up_01.gif
.gif
tutorial_button_02_up_01_.gif
.gif
tutorial_button_03_down_02.gif
.gif
tutorial_button_03_down_02_.gif
.gif
tutorial_button_03_over_02.gif
.gif
tutorial_button_03_over_02_.gif
.gif
tutorial_button_03_up_01.gif
.gif
tutorial_button_03_up_01_.gif
.gif
tutorial_button_04_down_02.gif
.gif
tutorial_button_04_down_02_.gif
.gif
tutorial_button_04_over_02.gif
.gif
tutorial_button_04_over_02_.gif
.gif
tutorial_button_04_up_01.gif
.gif
tutorial_button_04_up_01_.gif
.gif
tutorial_button_05_down_02.gif
.gif
tutorial_button_05_down_02_.gif
.gif
tutorial_button_05_over_02.gif
.gif
tutorial_button_05_over_02_.gif
.gif
tutorial_button_05_up_01.gif
.gif
tutorial_button_05_up_01_.gif
.gif
tutorial_button_06_down_02.gif
.gif
tutorial_button_06_down_02_.gif
.gif
tutorial_button_06_over_02.gif
.gif
tutorial_button_06_over_02_.gif
.gif
tutorial_button_06_up_01.gif
.gif
tutorial_button_06_up_01_.gif
.gif
tutorial_button_07_down_02.gif
.gif
tutorial_button_07_down_02_.gif
.gif
tutorial_button_07_over_02.gif
.gif
tutorial_button_07_over_02_.gif
.gif
tutorial_button_07_up_01.gif
.gif
tutorial_button_07_up_01_.gif
.gif
tutorial_button_08_down_02.gif
.gif
tutorial_button_08_down_02_.gif
.gif
tutorial_button_08_over_02.gif
.gif
tutorial_button_08_over_02_.gif
.gif
tutorial_button_08_up_01.gif
.gif
tutorial_button_08_up_01_.gif
.gif
tutorial_button_09_down_02.gif
.gif
tutorial_button_09_down_02_.gif
.gif
tutorial_button_09_over_02.gif
.gif
tutorial_button_09_over_02_.gif
.gif
tutorial_button_09_up_01.gif
.gif
tutorial_button_09_up_01_.gif
.gif
tutorial_button_10_down_02.gif
.gif
tutorial_button_10_down_02_.gif
.gif
tutorial_button_10_over_02.gif
.gif
tutorial_button_10_over_02_.gif
.gif
tutorial_button_10_up_01.gif
.gif
tutorial_button_10_up_01_.gif
.gif
tutorial_button_11_down_02.gif
.gif
tutorial_button_11_down_02_.gif
.gif
tutorial_button_11_over_02.gif
.gif
tutorial_button_11_over_02_.gif
.gif
tutorial_button_11_up_01.gif
.gif
tutorial_button_11_up_01_.gif
.gif
tutorial_digging.gif
.gif
tutorial_followers.gif
.gif
tutorial_scarab.jpg
.jpg
tutorial_turns.gif
.gif
vcr_back.gif
.gif
vcr_back_.gif
.gif
vcr_ff_down.gif
.gif
vcr_ff_down_.gif
.gif
vcr_ff_over.gif
.gif
vcr_ff_over_.gif
.gif
vcr_ff_up.gif
.gif
vcr_ff_up_.gif
.gif
vcr_pause_down.gif
.gif
vcr_pause_down_.gif
.gif
vcr_pause_over.gif
.gif
vcr_pause_over_.gif
.gif
vcr_pause_up.gif
.gif
vcr_pause_up_.gif
.gif
vcr_play_down.gif
.gif
vcr_play_down_.gif
.gif
vcr_play_over.gif
.gif
vcr_play_over_.gif
.gif
vcr_play_up.gif
.gif
vcr_play_up_.gif
.gif
victory_01.gif
.gif
victory_01_.gif
.gif
vizier_06.gif
.gif
vizier_small.gif
.gif

Sharing

General

Malware Config

Signatures

Files

9632e80596371cfa7f563f680f3c4498

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

version

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 40KB

.rsrc Size: 24KB - Virtual size: 28KB

ab210dbea49bc0da8fcf35e3ed7d437a

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 997B

.rdata Size: 1024B - Virtual size: 695B

.data Size: 512B - Virtual size: 80B

.reloc Size: 512B - Virtual size: 212B

3764e6c387ce3c76b39936a24d523dce

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 924B

ee01c5cc33cdb3294484fc93e41c14ad

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 681B

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 352B

.reloc Size: 512B - Virtual size: 242B

aebc3107701149edfc563b8db7a789fd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 40KB

.rsrc
Size: 24KB - Virtual size: 28KB

.text
Size: 1024B - Virtual size: 997B

.rdata
Size: 1024B - Virtual size: 695B

.data
Size: 512B - Virtual size: 80B

.reloc
Size: 512B - Virtual size: 212B

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 924B

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 681B

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 352B

.reloc
Size: 512B - Virtual size: 242B

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 296B

.reloc
Size: 512B - Virtual size: 444B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 1024B - Virtual size: 864B

.data
Size: - Virtual size: 56B

.reloc
Size: 512B - Virtual size: 478B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 21KB

.reloc
Size: 1024B - Virtual size: 726B

.text
Size: 233KB - Virtual size: 232KB

MSSMIXER
Size: 18KB - Virtual size: 17KB

.rdata
Size: 74KB - Virtual size: 74KB

.data
Size: 9KB - Virtual size: 32KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 24KB - Virtual size: 23KB

.rdata
Size: - Virtual size: 767KB

.data
Size: - Virtual size: 146KB

.bss
Size: - Virtual size: 252KB

.rsrc
Size: - Virtual size: 17KB

.text
Size: - Virtual size: 1.8MB

.idata
Size: - Virtual size: 11KB

.rsrc
Size: - Virtual size: 21KB

.rdata
Size: 1.4MB - Virtual size: 1.4MB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 16KB - Virtual size: 15KB