strela | 723a69df9c1ba18ca42f48067bcc3c43_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

723a69df9c1ba18ca42f48067bcc3c43_JaffaCakes118
Size

26.1MB
MD5

723a69df9c1ba18ca42f48067bcc3c43
SHA1

8b061eaeec190dc7c43d2ff79b6aa3baea8de656
SHA256

4f3cbd590058bf2e510c217fb60cb8ac5d39e661106eb84216df3761c24c46c0
SHA512

462ff8989f5fddc5c01c1b191c38678d966f96b9ee12cd9c608a6501ad183c5af70e3b7dc88bf760b104adc59234249a66219078e23326b1d9980b30487777f7
SSDEEP

786432:bWKdCdOikWfieX4zdg0CewOCpnUZrabI5WF80QaRL:vdCd1kW/cd0pbbICVV

Score

10^/10

upx strela

Malware Config

Signatures

Detects Strela Stealer payload 1 IoCs

resource	yara_rule
static1/unpack001/Monster Truck Rumble.exe	family_strela

Strela family
strela

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/$PLUGINSDIR/nsRandom.dll	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/$PLUGINSDIR/nsRandom.dll	upx

Unsigned PE 16 IoCs

Checks for missing Authenticode signature.

resource
723a69df9c1ba18ca42f48067bcc3c43_JaffaCakes118
unpack001/$PLUGINSDIR/ButtonEvent.dll
unpack001/$PLUGINSDIR/DcryptDll.dll
unpack001/$PLUGINSDIR/K8NsisExtend.dll
unpack001/$PLUGINSDIR/NSISdl.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/locate.dll
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/$PLUGINSDIR/nsRandom.dll
unpack002/out.upx
unpack001/$PLUGINSDIR/xml.dll
unpack001/$TEMP/K8Skin.dll
unpack001/FFC11.dll
unpack001/Monster Truck Rumble.exe
unpack001/uninst.exe
unpack001/ʼϷ.exe

NSIS installer 4 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/uninst.exe	nsis_installer_1
static1/unpack001/uninst.exe	nsis_installer_2

Files

723a69df9c1ba18ca42f48067bcc3c43_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 112KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ButtonEvent.dll
.dll windows:4 windows x86 arch:x86

0ece15e7d9bb35972aec701f46192460

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiA
GlobalAlloc
lstrcpyA
lstrcpynA
GlobalFree

user32

PostMessageA
CallWindowProcA
GetDlgItem
FindWindowExA
SetWindowLongA
wsprintfA

Exports

Exports

AddEventHandler
Unload
UnsetEventHandler
WhichButtonId

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 503B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/DcryptDll.dll
.dll windows:4 windows x86 arch:x86

5e1d3f49e5b7590e18325930cd3084f1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileSize
CreateFileA
lstrlenA
DeleteFileA
WriteFile
ReadFile
lstrcmpA
CloseHandle
GlobalFree
lstrcpyA
lstrcpynA
GlobalAlloc

Exports

Exports

Decrypt
HexDecoder
HexEncoder
LoadStr
MD5Hash

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 470B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 730B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/K8NsisExtend.dll
.dll windows:4 windows x86 arch:x86

440a58276324fb4f7b50ac54374ecf17

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathSkipRootA
PathCombineA

wininet

InternetCloseHandle
InternetOpenA
InternetSetOptionA
InternetOpenUrlA

kernel32

WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
GlobalFree
lstrcpyA
lstrcpynA
GlobalAlloc
InterlockedExchange
MultiByteToWideChar
WideCharToMultiByte
GetLastError
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
lstrcmpiA
GetVolumeInformationA
GetDiskFreeSpaceExA
GetDriveTypeA
lstrlenA
GetLogicalDriveStringsA
DisableThreadLibraryCalls
CloseHandle
GetFileSize
CreateFileA
ReadFile
WriteFile
SetFilePointer
GetVersionExA
GetTickCount
Sleep
SetEndOfFile
SetStdHandle
GetConsoleMode
GetConsoleCP
GetThreadLocale
GetFileAttributesA
HeapAlloc
HeapFree
RaiseException
HeapReAlloc
VirtualAlloc
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
GetCurrentThreadId
GetCommandLineA
GetProcessHeap
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
HeapDestroy
HeapCreate
ExitProcess
GetCPInfo
GetACP
GetOEMCP
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryA
GetLocaleInfoA
InitializeCriticalSection
GetStringTypeA
GetStringTypeW

user32

UnregisterClassA

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Exports

Exports

ChangeInstDirtoMax
Get7zOriginalSize
GetAdvertName
GetAdvertUrl
GetHomePageName
GetSingleFileSize
HomePageChecksOut
LoadXml
SendResearchResult
SetHomePage

Sections

.text
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/NSISdl.dll
.dll windows:4 windows x86 arch:x86

9cce555dd3ff1b6c7dc92d64c794c51a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
lstrcpynA
lstrlenA
lstrcatA
GlobalAlloc
GlobalFree
CloseHandle
GetTickCount
DeleteFileA
Sleep
WriteFile
CreateFileA
lstrcmpiA
lstrcpyA
MulDiv
CreateThread

user32

CharPrevA
SetWindowLongA
RegisterWindowMessageA
CallWindowProcA
DestroyWindow
EnableWindow
GetWindowLongA
CreateWindowExA
GetWindowRect
GetClientRect
ShowWindow
IsWindowVisible
GetFocus
GetDlgItem
FindWindowExA
SetWindowTextA
SendMessageA
wsprintfA
SetDlgItemTextA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ws2_32

gethostbyname
inet_addr
ioctlsocket
htons
socket
closesocket
shutdown
connect
__WSAFDIsSet
select
recv
WSAGetLastError
send
WSACleanup
WSAStartup

Exports

Exports

download
download_quiet

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/locate.dll
.dll windows:4 windows x86 arch:x86

7f8181c74f882a780c7cd485241e8b51

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
MultiByteToWideChar
lstrlenW
lstrlenA
GetWindowsDirectoryW
WideCharToMultiByte
CompareFileTime
FindNextFileA
FindNextFileW
FileTimeToSystemTime
RemoveDirectoryA
RemoveDirectoryW
FindFirstFileA
FindFirstFileW
FindClose
SystemTimeToFileTime
FileTimeToLocalFileTime

user32

SetWindowTextA
SetWindowTextW
GetDlgItem
FindWindowExA
MessageBoxW

Exports

Exports

_Close
_Find
_GetSize
_Open
_RMDirEmpty
_Unload

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

1e2884056e655f2b7bc5a904e352fc80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetFileAttributesA
lstrcmpiA
MulDiv
lstrlenA
HeapFree
GetCurrentDirectoryA
HeapAlloc
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
GetProcessHeap
SetCurrentDirectoryA

user32

GetPropA
DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
RemovePropA
CharPrevA
GetWindowLongA
DrawTextA
GetWindowTextA
GetDlgItem
SetWindowLongA
SetWindowPos
CreateDialogParamA
MapWindowPoints
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
MapDialogRect
GetClientRect
CharNextA
SendMessageA
DrawFocusRect

gdi32

SetTextColor

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsRandom.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

GetRandom

Sections

UPX0
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 73B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/xml.dll
.dll windows:4 windows x86 arch:x86

b5ed5b3a951d4443ce56e5453702d536

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
lstrcpynA
lstrcmpA
lstrcmpiA
lstrcpyA
RtlUnwind
GetModuleFileNameA
RaiseException
GetCommandLineA
GetVersionExA
HeapFree
HeapAlloc
HeapReAlloc
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapSize
GetLastError
LoadLibraryA
ReadFile
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
CloseHandle
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
GetCPInfo
FlushFileBuffers
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
CreateFileA
VirtualProtect
GetSystemInfo
VirtualQuery
SetStdHandle
GetLocaleInfoA
InterlockedExchange
SetEndOfFile

Exports

Exports

_CloneNode
_Coordinate
_CreateNode
_CreateText
_CurrentAttribute
_DeclarationEncoding
_DeclarationStandalone
_DeclarationVersion
_ElementPath
_FindCloseElement
_FindNextElement
_FirstAttribute
_FirstChild
_FirstChildElement
_FreeNode
_GetAttribute
_GetNodeValue
_GetText
_GotoHandle
_GotoPath
_InsertAfterNode
_InsertBeforeNode
_InsertEndChild
_IsCDATA
_LastAttribute
_LastChild
_LoadFile
_NextAttribute
_NextSibling
_NextSiblingElement
_NoChildren
_NodeHandle
_NodeType
_Parent
_PreviousAttribute
_PreviousSibling
_RemoveAllChild
_RemoveAttribute
_RemoveNode
_ReplaceNode
_RootElement
_SaveFile
_SetAttribute
_SetAttributeName
_SetAttributeValue
_SetCDATA
_SetCondenseWhiteSpace
_SetEncoding
_SetNodeValue
_SetText
_Unload
_XPathAttribute
_XPathNode
_XPathString

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/GMSkin_Image_2012_v1.zip
.zip
skin.xml
skin/icon1.png
.png
skin/关闭.png
.png
skin/多选.png
.png
skin/安装.png
.png
skin/安装01.png
.png
skin/安装02.png
.png
skin/安装03.png
.png
skin/安装04.png
.png
skin/安装05.png
.png
skin/安装06.png
.png
skin/安装07.png
.png
skin/安装08.png
.png
skin/安装09.png
.png
skin/安装10.png
.png
skin/安装11.png
.png
skin/安装12.png
.png
skin/安装13.png
.png
skin/安装14.png
.png
skin/安装15.png
.png
skin/安装16.png
.png
skin/安装17.png
.png
skin/安装18.png
.png
skin/完成.png
.png
skin/按钮.png
.png
skin/最小化.png
.png
skin/欢迎.png
.png
skin/浏览.png
.png
skin/进度条.png
.png
skin/进度条背景.png
.png
skin/选项.png
.png
skin/默认背景.png
.png
$TEMP/K8Skin.dll
.dll windows:4 windows x86 arch:x86

20a8b92e5d9885eb7291d69ecd710c8d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msimg32

AlphaBlend
TransparentBlt

kernel32

DosDateTimeToFileTime
CreateDirectoryW
GetCurrentDirectoryW
SetFileTime
WriteFile
GetLastError
WriteConsoleA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
SystemTimeToFileTime
LCMapStringA
InitializeCriticalSection
LoadLibraryA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
SetHandleCount
GetModuleFileNameA
GetStdHandle
GetOEMCP
GetACP
GetCPInfo
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
GetCurrentProcess
DuplicateHandle
GetFileType
SetFilePointer
WideCharToMultiByte
GetCurrentThreadId
MulDiv
lstrcatW
CreateFileW
GetFileSize
CreateFileA
ReadFile
CloseHandle
MultiByteToWideChar
lstrcmpiW
lstrcpyW
DisableThreadLibraryCalls
GetConsoleOutputCP
WriteConsoleW
LCMapStringW
RaiseException
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapReAlloc
HeapAlloc
GetCommandLineA
GetVersionExA
GetProcessHeap
GetProcAddress
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
HeapSize
ExitProcess
HeapDestroy
HeapCreate

user32

ScreenToClient
ClientToScreen
UpdateWindow
SetWindowsHookExW
CallNextHookEx
UnhookWindowsHookEx
SetWindowTextW
CharNextW
InvalidateRect
EnumChildWindows
SetCapture
ReleaseCapture
ShowWindow
wsprintfW
SetWindowRgn
OffsetRect
GetSystemMetrics
SetWindowPos
GetSystemMenu
GetMenuItemInfoW
PostMessageW
PtInRect
SetTimer
GetClassNameW
SetPropW
CallWindowProcW
GetPropW
DefWindowProcW
GetClientRect
GetWindowRect
IsWindow
GetWindowLongW
LoadCursorW
SetCursor
TrackMouseEvent
BeginPaint
GetParent
MapWindowPoints
EndPaint
IsWindowEnabled
GetWindowTextW
SendMessageW
DrawTextW
SetWindowLongW
GetCursorPos
KillTimer

gdi32

SetStretchBltMode
StretchBlt
CreateDIBSection
SetBkColor
CreateSolidBrush
CreateRoundRectRgn
GetStockObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteDC
SetBkMode
SetTextColor
GetObjectW
CreateFontIndirectW
BitBlt
DeleteObject

Exports

Exports

AddShowImage
AddShowImageFromFile
AddShowText
ClearAllShow
DelShowImage
DelShowText
InitSkin
SetBkImage
SetBtnImage
SetEditBkColor
SetParentWnd
SetProgressTextWindow
SetTextClr
SlideOff
SlideOn

Sections

.text
Size: 144KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/game.jpg
.jpg
$TEMP/key.lky
ExeConfig.ini
FFC11.dll
.dll windows:4 windows x86 arch:x86

5c1a7aecd72084230862190669263585

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetCursorPos
GetSystemMetrics
KillTimer
wsprintfA
SetTimer
MessageBoxA

ole32

CLSIDFromString
CoInitialize
CoUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

gdi32

Rectangle
DeleteDC
CreateDCA
SetROP2

kernel32

LeaveCriticalSection
VirtualAlloc
HeapReAlloc
EnterCriticalSection
SetEndOfFile
OutputDebugStringA
FreeLibrary
GetModuleFileNameA
LoadLibraryA
GetModuleHandleA
GetTickCount
LockResource
LoadResource
FindResourceA
MultiByteToWideChar
RtlUnwind
HeapAlloc
HeapFree
GetCommandLineA
GetVersion
GetProcAddress
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
GetEnvironmentStringsW
ExitProcess
InterlockedDecrement
WriteFile
IsBadWritePtr
ReadFile
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
CloseHandle
TerminateProcess
GetCurrentProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
FlushFileBuffers
LCMapStringA
LCMapStringW
InterlockedIncrement
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetCPInfo
CreateFileA
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP

Exports

Exports

??0CEffectList@@QAE@XZ
??0CEffectListElement@@QAE@XZ
??0CFeelBox@@QAE@ABV0@@Z
??0CFeelBox@@QAE@XZ
??0CFeelCompoundEffect@@QAE@PAPAUIFREffect@@J@Z
??0CFeelCondition@@QAE@ABU_GUID@@@Z
??0CFeelCondition@@QAE@ABV0@@Z
??0CFeelConstant@@QAE@ABV0@@Z
??0CFeelConstant@@QAE@XZ
??0CFeelDXDevice@@QAE@ABV0@@Z
??0CFeelDXDevice@@QAE@XZ
??0CFeelDamper@@QAE@ABV0@@Z
??0CFeelDamper@@QAE@XZ
??0CFeelDevice@@QAE@ABV0@@Z
??0CFeelDevice@@QAE@XZ
??0CFeelEffect@@QAE@ABU_GUID@@@Z
??0CFeelEffect@@QAE@ABV0@@Z
??0CFeelEllipse@@QAE@ABV0@@Z
??0CFeelEllipse@@QAE@XZ
??0CFeelEnclosure@@QAE@ABV0@@Z
??0CFeelEnclosure@@QAE@XZ
??0CFeelFriction@@QAE@ABV0@@Z
??0CFeelFriction@@QAE@XZ
??0CFeelGrid@@QAE@ABV0@@Z
??0CFeelGrid@@QAE@XZ
??0CFeelInertia@@QAE@ABV0@@Z
??0CFeelInertia@@QAE@XZ
??0CFeelMouse@@QAE@ABV0@@Z
??0CFeelMouse@@QAE@XZ
??0CFeelPeriodic@@QAE@ABU_GUID@@@Z
??0CFeelPeriodic@@QAE@ABV0@@Z
??0CFeelPeriodic@@QAE@XZ
??0CFeelProject@@QAE@XZ
??0CFeelProjects@@QAE@XZ
??0CFeelRamp@@QAE@ABV0@@Z
??0CFeelRamp@@QAE@XZ
??0CFeelSpring@@QAE@ABV0@@Z
??0CFeelSpring@@QAE@XZ
??0CFeelTexture@@QAE@ABV0@@Z
??0CFeelTexture@@QAE@XZ
??1CEffectList@@QAE@XZ
??1CFeelBox@@UAE@XZ
??1CFeelCompoundEffect@@QAE@XZ
??1CFeelCondition@@UAE@XZ
??1CFeelConstant@@UAE@XZ
??1CFeelDXDevice@@UAE@XZ
??1CFeelDamper@@UAE@XZ
??1CFeelDevice@@UAE@XZ
??1CFeelEffect@@UAE@XZ
??1CFeelEllipse@@UAE@XZ
??1CFeelEnclosure@@UAE@XZ
??1CFeelFriction@@UAE@XZ
??1CFeelGrid@@UAE@XZ
??1CFeelInertia@@UAE@XZ
??1CFeelMouse@@UAE@XZ
??1CFeelPeriodic@@UAE@XZ
??1CFeelProject@@QAE@XZ
??1CFeelProjects@@QAE@XZ
??1CFeelRamp@@UAE@XZ
??1CFeelSpring@@UAE@XZ
??1CFeelTexture@@UAE@XZ
??4CEffectList@@QAEAAV0@ABV0@@Z
??4CEffectListElement@@QAEAAV0@ABV0@@Z
??4CFFCErrors@@QAEAAV0@ABV0@@Z
??4CFeelBox@@QAEAAV0@ABV0@@Z
??4CFeelCompoundEffect@@QAEAAV0@ABV0@@Z
??4CFeelCondition@@QAEAAV0@ABV0@@Z
??4CFeelConstant@@QAEAAV0@ABV0@@Z
??4CFeelDXDevice@@QAEAAV0@ABV0@@Z
??4CFeelDamper@@QAEAAV0@ABV0@@Z
??4CFeelDevice@@QAEAAV0@ABV0@@Z
??4CFeelEffect@@QAEAAV0@ABV0@@Z
??4CFeelEllipse@@QAEAAV0@ABV0@@Z
??4CFeelEnclosure@@QAEAAV0@ABV0@@Z
??4CFeelFriction@@QAEAAV0@ABV0@@Z
??4CFeelGrid@@QAEAAV0@ABV0@@Z
??4CFeelInertia@@QAEAAV0@ABV0@@Z
??4CFeelMouse@@QAEAAV0@ABV0@@Z
??4CFeelPeriodic@@QAEAAV0@ABV0@@Z
??4CFeelProject@@QAEAAV0@ABV0@@Z
??4CFeelProjects@@QAEAAV0@ABV0@@Z
??4CFeelRamp@@QAEAAV0@ABV0@@Z
??4CFeelSpring@@QAEAAV0@ABV0@@Z
??4CFeelTexture@@QAEAAV0@ABV0@@Z
??_7CFeelBox@@6B@
??_7CFeelCondition@@6B@
??_7CFeelConstant@@6B@
??_7CFeelDXDevice@@6B@
??_7CFeelDamper@@6B@
??_7CFeelDevice@@6B@
??_7CFeelEffect@@6B@
??_7CFeelEllipse@@6B@
??_7CFeelEnclosure@@6B@
??_7CFeelFriction@@6B@
??_7CFeelGrid@@6B@
??_7CFeelInertia@@6B@
??_7CFeelMouse@@6B@
??_7CFeelPeriodic@@6B@
??_7CFeelRamp@@6B@
??_7CFeelSpring@@6B@
??_7CFeelTexture@@6B@
?AddEffect@CEffectList@@QAEHPAVCFeelEffect@@@Z
?AddEffect@CFeelProject@@QAEPAVCFeelCompoundEffect@@PBDPAVCFeelEffect@@@Z
?Cache_AddEffect@CFeelDevice@@QAEXPAVCFeelEffect@@@Z
?Cache_LoadEffectSuite@CFeelDevice@@IAEXPAVCFeelEffectSuite@@H@Z
?Cache_RemoveEffect@CFeelDevice@@QAEXPBVCFeelEffect@@@Z
?Cache_SwapOutEffect@CFeelDevice@@QAEXXZ
?Cache_UnloadEffectSuite@CFeelDevice@@IAEXPAVCFeelEffectSuite@@H@Z
?ChangeBaseParams@CFeelEffect@@QAEHJJKPAUFEELIT_ENVELOPE@@KKKKK@Z
?ChangeBaseParamsPolar@CFeelEffect@@QAEHJKPAUFEELIT_ENVELOPE@@KKKKK@Z
?ChangeConditionParams2@CFeelCondition@@QAAHW4FC_ArgumentType@@ZZ
?ChangeConditionParams@CFeelCondition@@QAEHJJKKJUtagPOINT@@JJ@Z
?ChangeConditionParams@CFeelCondition@@QAEHPBUFEELIT_CONDITION@@0@Z
?ChangeConditionParams@CFeelCondition@@QAEHPBUFEELIT_CONDITION@@JJ@Z
?ChangeConditionParamsPolar@CFeelCondition@@QAEHJJKKJUtagPOINT@@J@Z
?ChangeConditionParamsPolar@CFeelCondition@@QAEHPBUFEELIT_CONDITION@@J@Z
?ChangeDirection@CFeelEffect@@QAEHJ@Z
?ChangeDirection@CFeelEffect@@QAEHJJ@Z
?ChangeParameters@CFeelBox@@QAEHPBUtagRECT@@JKPAVCFeelEffect@@@Z
?ChangeParameters@CFeelBox@@QAEHUtagPOINT@@JKKKPAVCFeelEffect@@@Z
?ChangeParameters@CFeelConstant@@QAEHJJKJPAUFEELIT_ENVELOPE@@@Z
?ChangeParameters@CFeelDamper@@QAEHKKKJJ@Z
?ChangeParameters@CFeelEllipse@@QAEHPBUtagRECT@@JKKKKPAVCFeelEffect@@J@Z
?ChangeParameters@CFeelEllipse@@QAEHUtagPOINT@@KKJKKKKPAVCFeelEffect@@J@Z
?ChangeParameters@CFeelEnclosure@@QAEHPBUtagRECT@@JJKKKKKKPAVCFeelEffect@@J@Z
?ChangeParameters@CFeelEnclosure@@QAEHUtagPOINT@@KKJJKKKKKKPAVCFeelEffect@@J@Z
?ChangeParameters@CFeelFriction@@QAEHKKJJ@Z
?ChangeParameters@CFeelGrid@@QAEHKKJJKKKK@Z
?ChangeParameters@CFeelInertia@@QAEHKKKJJ@Z
?ChangeParameters@CFeelPeriodic@@QAEHKKKJJJKPAUFEELIT_ENVELOPE@@@Z
?ChangeParameters@CFeelRamp@@QAEHJJKJJPAUFEELIT_ENVELOPE@@@Z
?ChangeParameters@CFeelSpring@@QAEHUtagPOINT@@JKKJJ@Z
?ChangeParametersPolar@CFeelConstant@@QAEHJKJPAUFEELIT_ENVELOPE@@@Z
?ChangeParametersPolar@CFeelDamper@@QAEHKKKJ@Z
?ChangeParametersPolar@CFeelFriction@@QAEHKKJ@Z
?ChangeParametersPolar@CFeelInertia@@QAEHKKKJ@Z
?ChangeParametersPolar@CFeelPeriodic@@QAEHKKKJJKPAUFEELIT_ENVELOPE@@@Z
?ChangeParametersPolar@CFeelRamp@@QAEHJKJJPAUFEELIT_ENVELOPE@@@Z
?ChangeParametersPolar@CFeelSpring@@QAEHUtagPOINT@@JKKJ@Z
?ChangeScreenResolution@CFeelDevice@@UAEHHKK@Z
?ChangeScreenResolution@CFeelMouse@@UAEHHKK@Z
?ChangeTextureParams@CFeelTexture@@QAEHJKKJKKUtagPOINT@@JJ@Z
?ChangeTextureParams@CFeelTexture@@QAEHPBUFEELIT_TEXTURE@@0@Z
?ChangeTextureParams@CFeelTexture@@QAEHPBUFEELIT_TEXTURE@@JJ@Z
?ChangeTextureParamsPolar@CFeelTexture@@QAEHJKKJKKUtagPOINT@@J@Z
?ChangeTextureParamsPolar@CFeelTexture@@QAEHPBUFEELIT_TEXTURE@@J@Z
?ClearDevice@CEffectList@@QAEXPAVCFeelDevice@@@Z
?Close@CFeelProject@@QAEXXZ
?Close@CFeelProjects@@QAEXXZ
?CreateDevice@CFeelDevice@@SAPAV1@PAUHINSTANCE__@@PAUHWND__@@@Z
?CreateEffect@CFeelProject@@QAEPAVCFeelCompoundEffect@@PBDPAVCFeelDevice@@K@Z
?CreateEffectByIndex@CFeelProject@@QAEPAVCFeelCompoundEffect@@HPAVCFeelDevice@@K@Z
?DestroyEffect@CFeelProject@@QAEXPAVCFeelCompoundEffect@@@Z
?EmulateStartDelay@CFeelEffect@@IAEXKK@Z
?GetAPI@CFeelDXDevice@@UAEPAUIFeelit@@XZ
?GetAPI@CFeelMouse@@UAEPAUIFeelit@@XZ
?GetContainedEffect@CFeelCompoundEffect@@QAEPAVCFeelEffect@@J@Z
?GetCreatedEffect@CFeelProject@@QAEPAVCFeelCompoundEffect@@PBD@Z
?GetDevice@CFeelDXDevice@@UAEPAUIFeelitDevice@@XZ
?GetDevice@CFeelEffect@@QAEPAVCFeelDevice@@XZ
?GetDevice@CFeelMouse@@UAEPAUIFeelitDevice@@XZ
?GetDevice@CFeelProject@@QBEPAVCFeelDevice@@XZ
?GetDeviceType@CFeelDevice@@QBEKXZ
?GetEffect@CFeelEffect@@QAEPAUIFeelitEffect@@XZ
?GetGUID@CFeelEffect@@QAE?AU_GUID@@XZ
?GetIsCompatibleGUID@CFeelCondition@@UAEHAAU_GUID@@@Z
?GetIsCompatibleGUID@CFeelConstant@@UAEHAAU_GUID@@@Z
?GetIsCompatibleGUID@CFeelDamper@@UAEHAAU_GUID@@@Z
?GetIsCompatibleGUID@CFeelEffect@@UAEHAAU_GUID@@@Z
?GetIsCompatibleGUID@CFeelEllipse@@UAEHAAU_GUID@@@Z
?GetIsCompatibleGUID@CFeelEnclosure@@UAEHAAU_GUID@@@Z
?GetIsCompatibleGUID@CFeelFriction@@UAEHAAU_GUID@@@Z
?GetIsCompatibleGUID@CFeelGrid@@UAEHAAU_GUID@@@Z
?GetIsCompatibleGUID@CFeelInertia@@UAEHAAU_GUID@@@Z
?GetIsCompatibleGUID@CFeelPeriodic@@UAEHAAU_GUID@@@Z
?GetIsCompatibleGUID@CFeelRamp@@UAEHAAU_GUID@@@Z
?GetIsCompatibleGUID@CFeelSpring@@UAEHAAU_GUID@@@Z
?GetIsCompatibleGUID@CFeelTexture@@UAEHAAU_GUID@@@Z
?GetIsOpen@CFeelProject@@QBEHXZ
?GetIsPlaying@CFeelEffect@@QBEHXZ
?GetIsTriggered@CFeelEffect@@QBEHXZ
?GetLastErrorCode@CFFCErrors@@SAJXZ
?GetName@CFeelCompoundEffect@@QBEPBDXZ
?GetNumberOfContainedEffects@CFeelCompoundEffect@@QBEJXZ
?GetParameters@CFeelEffect@@QAEXAAUFEELIT_EFFECT@@@Z
?GetPriority@CFeelEffect@@QBEFXZ
?GetProject@CFeelProjects@@QAEPAVCFeelProject@@H@Z
?GetStatus@CFeelEffect@@QBEHPAK@Z
?HaveForceFeelitMouse@CFeelMouse@@QAEHXZ
?InitCondition@CFeelCondition@@QAEHPAVCFeelDevice@@JJKKJKUtagPOINT@@JJHK@Z
?InitCondition@CFeelCondition@@QAEHPAVCFeelDevice@@PBUFEELIT_CONDITION@@1HK@Z
?InitCondition@CFeelCondition@@QAEHPAVCFeelDevice@@PBUFEELIT_CONDITION@@JJHK@Z
?InitConditionPolar@CFeelCondition@@QAEHPAVCFeelDevice@@JJKKJUtagPOINT@@JHK@Z
?InitConditionPolar@CFeelCondition@@QAEHPAVCFeelDevice@@PBUFEELIT_CONDITION@@JHK@Z
?InitTexture@CFeelTexture@@QAEHPAVCFeelDevice@@JKKJKKKUtagPOINT@@JJK@Z
?InitTexture@CFeelTexture@@QAEHPAVCFeelDevice@@PBUFEELIT_TEXTURE@@1K@Z
?InitTexture@CFeelTexture@@QAEHPAVCFeelDevice@@PBUFEELIT_TEXTURE@@JJK@Z
?InitTexturePolar@CFeelTexture@@QAEHPAVCFeelDevice@@JKKJKKUtagPOINT@@JK@Z
?InitTexturePolar@CFeelTexture@@QAEHPAVCFeelDevice@@PBUFEELIT_TEXTURE@@JK@Z
?Initialize@CFeelBox@@QAEHPAVCFeelDevice@@KKJKUtagPOINT@@PAVCFeelEffect@@K@Z
?Initialize@CFeelBox@@QAEHPAVCFeelDevice@@PBUtagRECT@@JKPAVCFeelEffect@@K@Z
?Initialize@CFeelCondition@@UAEHPAVCFeelDevice@@ABUFEELIT_EFFECT@@HK@Z
?Initialize@CFeelConstant@@UAEHPAVCFeelDevice@@ABUFEELIT_EFFECT@@K@Z
?Initialize@CFeelConstant@@UAEHPAVCFeelDevice@@JJKJPAUFEELIT_ENVELOPE@@K@Z
?Initialize@CFeelDXDevice@@QAEHPAX0PAUIDirectInputA@@PAUIDirectInputDevice2A@@@Z
?Initialize@CFeelDamper@@UAEHPAVCFeelDevice@@KKKKJJK@Z
?Initialize@CFeelEffect@@UAEHPAVCFeelDevice@@ABUFEELIT_EFFECT@@K@Z
?Initialize@CFeelEllipse@@QAEHPAVCFeelDevice@@KKJKKKKUtagPOINT@@PAVCFeelEffect@@JK@Z
?Initialize@CFeelEllipse@@QAEHPAVCFeelDevice@@PBUtagRECT@@JKKKKPAVCFeelEffect@@JK@Z
?Initialize@CFeelEllipse@@UAEHPAVCFeelDevice@@ABUFEELIT_EFFECT@@K@Z
?Initialize@CFeelEnclosure@@QAEHPAVCFeelDevice@@KKJJKKKKKKUtagPOINT@@PAVCFeelEffect@@JK@Z
?Initialize@CFeelEnclosure@@QAEHPAVCFeelDevice@@PBUtagRECT@@JJKKKKKKPAVCFeelEffect@@JK@Z
?Initialize@CFeelEnclosure@@UAEHPAVCFeelDevice@@ABUFEELIT_EFFECT@@K@Z
?Initialize@CFeelFriction@@UAEHPAVCFeelDevice@@KKKJJK@Z
?Initialize@CFeelGrid@@UAEHPAVCFeelDevice@@KKJJKKKKK@Z
?Initialize@CFeelInertia@@UAEHPAVCFeelDevice@@KKKKJJK@Z
?Initialize@CFeelMouse@@QAEHPAX0K@Z
?Initialize@CFeelPeriodic@@UAEHPAVCFeelDevice@@ABUFEELIT_EFFECT@@K@Z
?Initialize@CFeelPeriodic@@UAEHPAVCFeelDevice@@KKKJJJKPAUFEELIT_ENVELOPE@@K@Z
?Initialize@CFeelRamp@@UAEHPAVCFeelDevice@@ABUFEELIT_EFFECT@@K@Z
?Initialize@CFeelRamp@@UAEHPAVCFeelDevice@@JJKJJPAUFEELIT_ENVELOPE@@K@Z
?Initialize@CFeelSpring@@UAEHPAVCFeelDevice@@JKKKUtagPOINT@@JJHK@Z
?Initialize@CFeelTexture@@UAEHPAVCFeelDevice@@ABUFEELIT_EFFECT@@K@Z
?InitializeFromProject@CFeelEffect@@UAEHAAVCFeelProject@@PBDPAVCFeelDevice@@K@Z
?InitializePolar@CFeelConstant@@UAEHPAVCFeelDevice@@JKJPAUFEELIT_ENVELOPE@@K@Z
?InitializePolar@CFeelDamper@@UAEHPAVCFeelDevice@@KKKJK@Z
?InitializePolar@CFeelFriction@@UAEHPAVCFeelDevice@@KKJK@Z
?InitializePolar@CFeelInertia@@UAEHPAVCFeelDevice@@KKKJK@Z
?InitializePolar@CFeelPeriodic@@UAEHPAVCFeelDevice@@KKKJJKPAUFEELIT_ENVELOPE@@K@Z
?InitializePolar@CFeelRamp@@UAEHPAVCFeelDevice@@JKJJPAUFEELIT_ENVELOPE@@K@Z
?InitializePolar@CFeelSpring@@UAEHPAVCFeelDevice@@JKKUtagPOINT@@JHK@Z
?LoadProjectFromMemory@CFeelProject@@QAEHPAXPAVCFeelDevice@@@Z
?LoadProjectFromMemory@CFeelProjects@@QAEJPAXPAVCFeelDevice@@@Z
?LoadProjectFromResource@CFeelProject@@QAEHPAUHINSTANCE__@@PBDPAVCFeelDevice@@@Z
?LoadProjectFromResource@CFeelProjects@@QAEJPAUHINSTANCE__@@PBDPAVCFeelDevice@@@Z
?LoadProjectObjectPointer@CFeelProject@@QAEHPAEPAVCFeelDevice@@@Z
?NewObjectFromGUID@CFeelEffect@@SAPAV1@AAU_GUID@@@Z
?OpenFile@CFeelProject@@QAEHPBDPAVCFeelDevice@@@Z
?OpenFile@CFeelProjects@@QAEJPBDPAVCFeelDevice@@@Z
?Reload@CFeelEffect@@QAEXXZ
?RemoveEffect@CEffectList@@QAEHPBVCFeelEffect@@@Z
?SetCenter@CFeelCondition@@QAEHUtagPOINT@@@Z
?SetCenter@CFeelEllipse@@QAEHJJ@Z
?SetCenter@CFeelEllipse@@QAEHUtagPOINT@@@Z
?SetCenter@CFeelEnclosure@@QAEHJJ@Z
?SetCenter@CFeelEnclosure@@QAEHUtagPOINT@@@Z
?SetEnvelope@CFeelEffect@@QAEHKKKK@Z
?SetEnvelope@CFeelEffect@@QAEHPAUFEELIT_ENVELOPE@@@Z
?SetErrorCode@CFFCErrors@@SAXJPBDH@Z
?SetErrorHandling@CFFCErrors@@SAXK@Z
?SetOffset@CFeelTexture@@QAEHUtagPOINT@@@Z
?SetPriority@CFeelEffect@@QAEXF@Z
?SetRect@CFeelEllipse@@QAEHPBUtagRECT@@@Z
?SetRect@CFeelEnclosure@@QAEHPBUtagRECT@@@Z
?ShowRect@CFeelEnclosure@@QAEHH@Z
?Start@CFeelCompoundEffect@@QAEHKK@Z
?Start@CFeelCondition@@UAEHKK@Z
?Start@CFeelEffect@@UAEHKKH@Z
?Start@CFeelEllipse@@UAEHK@Z
?Start@CFeelEnclosure@@UAEHK@Z
?Start@CFeelProject@@QAEHPBDKKPAVCFeelDevice@@@Z
?Stop@CFeelCompoundEffect@@QAEHXZ
?Stop@CFeelEffect@@UAEHXZ
?Stop@CFeelEnclosure@@UAEHXZ
?Stop@CFeelProject@@QAEHPBD@Z
?Stop@CFeelProjects@@QAEHXZ
?SwitchToAbsoluteMode@CFeelDevice@@UAEHH@Z
?SwitchToAbsoluteMode@CFeelMouse@@UAEHH@Z
?Unload@CFeelEffect@@QAEJXZ
?UsesWin32MouseServices@CFeelDevice@@QAEHH@Z
?append_effect_to_list@CFeelProject@@IAEXPAVCFeelCompoundEffect@@@Z
?convert_line_point_to_offset@CFeelCondition@@IAEXUtagPOINT@@@Z
?create_effect_structs@CFeelProject@@IAEPAPAUIFREffect@@PBDAAH@Z
?create_effect_structs_by_index@CFeelProject@@IAEPAPAUIFREffect@@HAAH@Z
?detach_effects@CFeelDevice@@IAEXXZ
?enum_devices_proc@CFeelDevice@@KGHPAUFEELIT_DEVICEINSTANCE@@PAX@Z
?enum_didevices_proc@CFeelDevice@@KGHPAUDIDEVICEINSTANCEA@@PAX@Z
?feel_to_DI_GUID@CFeelEffect@@IAEXAAU_GUID@@@Z
?get_next@CFeelCompoundEffect@@IBEPAV1@XZ
?get_next@CFeelProject@@IBEPAV1@XZ
?initialize@CFeelCompoundEffect@@IAEHPAVCFeelDevice@@PAPAUIFREffect@@K@Z
?initialize@CFeelEffect@@QAEHPAVCFeelDevice@@K@Z
?m_Err@CFFCErrors@@0JA
?m_dwErrHandlingFlags@CFFCErrors@@0KA
?prepare_device@CFeelDevice@@MAEHXZ
?prepare_device@CFeelMouse@@MAEHXZ
?release_effect_structs@CFeelProject@@IAEHPAPAUIFREffect@@@Z
?remove_effect_from_list@CFeelProject@@IAEHPAVCFeelCompoundEffect@@@Z
?reset@CFeelDXDevice@@MAEXXZ
?reset@CFeelEffect@@IAEXXZ
?reset@CFeelMouse@@MAEXXZ
?reset_device@CFeelEffect@@IAEXXZ
?reset_effect_struct@CFeelEffect@@IAEXXZ
?set_contained_effect@CFeelCompoundEffect@@IAEHPAVCFeelEffect@@H@Z
?set_name@CFeelCompoundEffect@@IAEHPBD@Z
?set_next@CFeelCompoundEffect@@IAEXPAV1@@Z
?set_next@CFeelProject@@IAEXPAV1@@Z
?set_parameters@CFeelCondition@@IAEHKKJJJJKKJUtagPOINT@@@Z
?set_parameters@CFeelCondition@@IAEHKKJJPBUFEELIT_CONDITION@@0@Z
?set_parameters@CFeelConstant@@IAEHKJJKJPAUFEELIT_ENVELOPE@@@Z
?set_parameters@CFeelEllipse@@IAEHPBUtagRECT@@JKKKKPAVCFeelEffect@@J@Z
?set_parameters@CFeelEnclosure@@IAEHPBUtagRECT@@JJKKKKKKPAVCFeelEffect@@J@Z
?set_parameters@CFeelPeriodic@@IAEHKJJKKKJKPAUFEELIT_ENVELOPE@@@Z
?set_parameters@CFeelRamp@@IAEHKJJKJJPAUFEELIT_ENVELOPE@@@Z
?set_parameters@CFeelTexture@@IAEHKKJJJKKJKKUtagPOINT@@@Z
?set_parameters@CFeelTexture@@IAEHKKJJPBUFEELIT_TEXTURE@@0@Z
?set_parameters_on_device@CFeelEffect@@IAEJK@Z
_DllMain@12
_IFRCreateEffectStructs@12
_IFRCreateEffectStructsByIndex@12
_IFRCreateEffects@12
_IFRGetObjectNameByIndex@8
_IFRLoadProjectFile@8
_IFRLoadProjectFromMemory@8
_IFRLoadProjectObjectPointer@8
_IFRLoadProjectPointer@8
_IFRLoadProjectResource@12
_IFRReleaseEffectStructs@8
_IFRReleaseEffects@8
_IFRReleaseProject@4

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Monster Truck Rumble.exe
.exe windows:4 windows x86 arch:x86

a4765e3786250e727c9cc45ac7fbaabd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowLongA
InvalidateRect
SetRect
DestroyWindow
LoadAcceleratorsA
GetAsyncKeyState
ChangeDisplaySettingsA
EnumDisplaySettingsA
PostMessageA
ReleaseCapture
SetCapture
GetSystemMetrics
MessageBoxA
ShowCursor
SetWindowLongA
RegisterClassA
LoadIconA
TranslateAcceleratorA
GetMessageA
PeekMessageA
DispatchMessageA
TranslateMessage
DefWindowProcA
GetActiveWindow
GetCursorPos
SetWindowPos
ClientToScreen
GetClientRect
GetWindowRect
SetCursor
ReleaseDC
GetDC
SetCursorPos
LoadCursorA
UpdateWindow
CreateWindowExA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegEnumKeyA
RegQueryValueExA
RegEnumValueA
RegSetValueExA

gdi32

GetStockObject
BitBlt
GetDIBits
DeleteDC
DeleteObject
GetDeviceCaps
SelectObject
CreateCompatibleBitmap
SwapBuffers
GetPixelFormat
DescribePixelFormat
ChoosePixelFormat
SetPixelFormat
CreateCompatibleDC

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime
timeGetDevCaps

ws2_32

sendto
ntohs
recvfrom
gethostbyname
ntohl
htonl
setsockopt
gethostbyaddr
closesocket
bind
htons
WSACleanup
WSAStartup
gethostname
WSAGetLastError
inet_addr
getsockname
socket
ioctlsocket

avifil32

AVIFileOpenA
AVIFileRelease
AVIFileCreateStreamA
AVIFileExit
AVIMakeCompressedStream
AVIStreamRelease
AVIStreamSetFormat
AVIFileInit
AVIStreamWrite

msvfw32

ord2

kernel32

CloseHandle
SetEvent
SetThreadPriority
GetVersionExA
FreeLibrary
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
HeapReAlloc
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
GetFileType
GetStdHandle
SetHandleCount
WriteFile
SetUnhandledExceptionFilter
DeleteCriticalSection
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
CreateDirectoryA
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
IsBadWritePtr
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
CreateThread
GetOEMCP
GetACP
InitializeCriticalSection
HeapFree
HeapAlloc
GetCPInfo
GetStartupInfoA
GetModuleHandleA
GetVersion
ResetEvent
GetSystemTime
SearchPathA
GetLastError
VirtualQuery
VirtualProtect
GetSystemInfo
GetDriveTypeA
GetModuleFileNameA
CreateSemaphoreA
DeleteFileA
WaitForSingleObject
ReleaseSemaphore
GetCommandLineA
GlobalMemoryStatus
GetCurrentThreadId
GetLocalTime
GetProcAddress
LoadLibraryA
CreateEventA
SetPriorityClass
GetCurrentProcess
WinExec
SetErrorMode
CreateMutexA
Sleep
GetTimeZoneInformation
RaiseException
GetSystemTimeAsFileTime
GetFullPathNameA
TerminateThread
LocalFree
FormatMessageA
OutputDebugStringA
VirtualFree
CreateFileA
GetDiskFreeSpaceA
VirtualAlloc
ReadFile
SetFilePointer
RtlUnwind
FindClose
ExitProcess
TerminateProcess
EnterCriticalSection
LeaveCriticalSection
FindFirstFileA
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCurrentDirectoryA
SetCurrentDirectoryA
InterlockedDecrement
InterlockedIncrement

Exports

Exports

?gc@@3PAVGClass@@A

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 160KB - Virtual size: 713KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Monster Truck Rumble.ico
camera.gi
config.gi
dat.dat
data/forces.ifr
data/mt_hud.bmb
data/mt_splash.bmb
data/mt_tracks.wmw
data/r_fonts.bmb
data/r_game.wmw
data/r_global.wmw
data/r_level.bmb
data/r_menu.bmb
fastload.gi
game.gi
graphics.gi
material.gi
menu.gi
mt_AmericanHero.gi
mt_DarkKnight.gi
mt_Firepower.gi
mt_RallyMonster.gi
mt_SergeantSteele.gi
mt_Spiderbite.gi
obj/Obj_Carwreck02_KN.g
obj/SergeantSteele.g
obj/americanhero.g
obj/darkknight.g
obj/firepower.g
obj/misc/stone.g
obj/mm_arrow.g
obj/mm_preview.g
obj/mt_a_item_normal.g
obj/obj_AmericanBarn01_BL.g
obj/obj_Buffalo01_KN.g
obj/obj_Bush01_CL.g
obj/obj_Cactus01_BL.g
obj/obj_Carwreck01_KN.g
obj/obj_Desertbush01_BL.g
obj/obj_Grassdune01_CL.g
obj/obj_Hen01_KN.g
obj/obj_HighBridge01_CL.g
obj/obj_Lamppost01_BL.g
obj/obj_LightsingLeft01_CL.g
obj/obj_LightsingRight01_CL.g
obj/obj_Outhouse01_BL.g
obj/obj_Skullsign01_BL.g
obj/obj_TelephonePole01_BL.g
obj/obj_WoodenShed01_CL.g
obj/obj_Woodenfence01_BL.g
obj/obj_Woodenfence01_BLx.g
obj/obj_camper01_KN.g
obj/obj_carwreck03_KN.g
obj/obj_checkpole01_KN.g
obj/obj_corn01_KN.g
obj/obj_joshuaTree01_CL.g
obj/obj_scarecrow_CL.g
obj/obj_stadium01_KN.g
obj/obj_watertower01_KN.g
obj/obj_whitestone01_CL.g
obj/rallymonster.g
obj/sky_daylight01_BL.g
obj/sky_daylight02_BL.g
obj/sky_daylight_fog_01_BL.g
obj/sky_nighttime01_BL.g
obj/sky_sunset01_BL.g
obj/spiderbite.g
obj/trk01_DL.ai
obj/trk01_NT.ai
obj/trk01_dl.g
obj/trk01_dl.hi
obj/trk01_nt.g
obj/trk01_nt.hi
obj/trk02_DL.ai
obj/trk02_NT.ai
obj/trk02_dl.g
obj/trk02_dl.hi
obj/trk02_nt.g
obj/trk02_nt.hi
obj/trk03_DL.ai
obj/trk03_NT.ai
obj/trk03_dl.g
obj/trk03_dl.hi
obj/trk03_nt.g
obj/trk03_nt.hi
obj/trk04_DL.ai
obj/trk04_NT.ai
obj/trk04_dl.g
obj/trk04_dl.hi
obj/trk04_nt.g
obj/trk04_nt.hi
obj/trk05_dl.g
obj/trk05_dl.hi
obj/trk05_ss.g
obj/trk05_ss.hi
obj/trk06_dl.g
obj/trk06_dl.hi
path.gi
sound.gi
text/env/dl_env_m.tga
text/env/dl_env_s.tga
text/env/dl_env_w.tga
text/env/nt_env_m.tga
text/env/nt_env_s.tga
text/env/nt_env_w.tga
text/hud/hud_arrow.tga
text/hud/white.tga
text/menu/sky_01_env_m.tga
text/menu/sky_01_env_s.tga
text/menu/sky_01_env_w.tga
text/misc/effects/beam.tga
text/misc/effects/smoky.tga
text/misc/effects/spark.tga
text/misc/effects/track.tga
text/misc/gglow/lf_glow.tga
text/misc/lensflares/lf_hallo.tga
text/misc/lensflares/lf_hallo2.tga
text/misc/lensflares/lf_rim.tga
text/misc/lensflares/lf_wheel.tga
text/misc/misc/glass.tga
text/misc/misc/smoke.tga
text/misc/particle/stone0000.tga
text/misc/particle/stone0001.tga
text/misc/particle/stone0002.tga
text/misc/particle/stone0003.tga
text/misc/particle/stone0004.tga
text/misc/particle/stone0005.tga
text/misc/particle/stone0006.tga
text/misc/particle/stone0007.tga
text/misc/particle/stone0008.tga
text/misc/particle/stone0009.tga
text/misc/weather/rain.tga
text/misc/weather/snow.tga
text/mm_preview.tga
text/objects/Obj_Carwreck02_KN.tga
text/objects/Obj_Carwreck02_sh.tga
text/objects/obj_AmericanBarn01_BL.tga
text/objects/obj_Buffalo01_KN.tga
text/objects/obj_Buffalo01_KN_sh.tga
text/objects/obj_Bush01_CL.tga
text/objects/obj_Cactus01_BL.tga
text/objects/obj_Cactus01_BL_sh.tga
text/objects/obj_Carwreck01_KN.tga
text/objects/obj_Carwreck01_KN_sh.tga
text/objects/obj_Carwreck01_trashed_KN.tga
text/objects/obj_Carwreck02_trashed_KN.tga
text/objects/obj_Carwreck03_trashed_KN.tga
text/objects/obj_Checkpoint01_flags_KN.tga
text/objects/obj_Checkpoint01_screen_KN.tga
text/objects/obj_Checkpoint01_steelbar_KN.tga
text/objects/obj_DesertBush01_BL.tga
text/objects/obj_DesertBush02_BL.tga
text/objects/obj_GrassDune01_CL.tga
text/objects/obj_Hen01_KN.tga
text/objects/obj_Hen01_KN_sh.tga
text/objects/obj_Highbridge_01_concrete_CL.tga
text/objects/obj_Highbridge_01_fence_CL.tga
text/objects/obj_Highbridge_01_steelbar_CL.tga
text/objects/obj_Lamppost01_BL.tga
text/objects/obj_LightsignLeft01_CL.tga
text/objects/obj_Outhouse(door)01_BL.tga
text/objects/obj_Outhouse(door)01_trashed_BL.tga
text/objects/obj_Outhouse(wall)01_BL.tga
text/objects/obj_Outhouse(wall)01_trashed_BL.tga
text/objects/obj_Outhouse01_BL_sh.tga
text/objects/obj_Skullsign01_BL.tga
text/objects/obj_TelephonePole01_BL.tga
text/objects/obj_TelephonePole01_BL_sh.tga
text/objects/obj_Woodenfence01_BL.tga
text/objects/obj_Woodenfence02_BL.tga
text/objects/obj_Woodenshed01_CL.tga
text/objects/obj_camper01_KN.tga
text/objects/obj_carwreck03_KN.tga
text/objects/obj_carwreck03_KN_sh.tga
text/objects/obj_corn01_KN.tga
text/objects/obj_joshuaTree01_CL.tga
text/objects/obj_joshuaTree01_CL_sh.tga
text/objects/obj_scarecrow01_CL.tga
text/objects/obj_stadium01_KN.tga
text/objects/obj_watertower01_KN.tga
text/objects/obj_watertower01_KN_sh.tga
text/objects/obj_whitestone01_CL.tga
text/sky/sky_daylight01_L.tga
text/sky/sky_daylight01_R.tga
text/sky/sky_daylight02_L.tga
text/sky/sky_daylight02_R.tga
text/sky/sky_daylight_fog_01_L.tga
text/sky/sky_daylight_fog_01_R.tga
text/sky/sky_night01_L.tga
text/sky/sky_night01_R.tga
text/sky/sky_sunset01_L.tga
text/sky/sky_sunset01_R.tga
text/terrain/ground_asphalt.tga
text/terrain/ground_asphalt_end.tga
text/terrain/ground_crater.tga
text/terrain/ground_farmland.tga
text/terrain/ground_fence.tga
text/terrain/ground_middlebarrier.tga
text/terrain/ground_racetrack.tga
text/terrain/ground_railroad.tga
text/terrain/ground_sand_darker.tga
text/terrain/ground_sand_grassland.tga
text/terrain/ground_sand_lighter.tga
text/terrain/ground_sand_normal.tga
text/terrain/ground_tiretracks.tga
text/terrain/ground_tyretracks.tga
text/terrain/mountain_side_altbottom.tga
text/terrain/mountain_side_bottom.tga
text/terrain/mountain_side_top.tga
text/trucks/AmericanHero.tga
text/trucks/AmericanHero_dmg.tga
text/trucks/DarkKnight.tga
.ps1
text/trucks/DarkKnight_dmg.tga
text/trucks/Firepower.tga
text/trucks/Firepower_dmg.tga
text/trucks/RallyMonster.tga
text/trucks/RallyMonster_dmg.tga
text/trucks/SaabreCage.tga
text/trucks/SaabreCage_dmg.tga
text/trucks/SaabreCage_sh.tga
text/trucks/SergeantSteele.tga
.ps1
text/trucks/SergeantSteele_dmg.tga
.ps1
text/trucks/SergeantSteele_sh.tga
text/trucks/Spiderbite.tga
text/trucks/Spiderbite_dmg.tga
.ps1
text/trucks/Undercage.tga
text/trucks/americanhero.dsc
text/trucks/americanhero_sh.tga
text/trucks/darkknight_sh.tga
text/trucks/firepower_sh.tga
text/trucks/rallymonster_sh.tga
text/trucks/spiderbite_sh.tga
trk01.gi
trk02.gi
trk03.gi
trk04.gi
trk05.gi
trk06.gi
uninst.exe
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 112KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ʼϷ.exe
.exe windows:4 windows x86 arch:x86

490327600b5dc6856cf58705bdba480c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\work\苏州\登陆器\8\LoginTool\Release\LoginTool.pdb

Imports

crypt32

CertCloseStore
CertFreeCertificateContext
CertGetNameStringW
CryptQueryObject
CertFindCertificateInStore
CryptMsgGetParam
CryptMsgClose

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

wininet

FtpFindFirstFileW
GopherCreateLocatorW
FtpCommandW
FtpOpenFileW
GopherGetAttributeW
HttpSendRequestExW
HttpEndRequestW
HttpSendRequestW
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
GopherFindFirstFileW
InternetFindNextFileW
HttpAddRequestHeadersW
InternetErrorDlg
FtpGetFileW
FtpPutFileW
FtpGetCurrentDirectoryW
FtpSetCurrentDirectoryW
FtpRemoveDirectoryW
FtpCreateDirectoryW
FtpRenameFileW
FtpDeleteFileW
InternetConnectW
InternetGetCookieW
InternetSetCookieW
InternetSetOptionExW
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetCrackUrlW
HttpOpenRequestW
GopherOpenFileW
InternetOpenW
InternetOpenUrlA
InternetSetOptionA
InternetSetOptionW
InternetOpenA
InternetCloseHandle
InternetOpenUrlW
HttpQueryInfoW
InternetReadFile
InternetQueryDataAvailable

kernel32

LoadLibraryA
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GetModuleHandleA
InterlockedExchange
CompareStringA
GetLocaleInfoW
lstrcmpA
EnumResourceLanguagesW
GetVersion
ConvertDefaultLocale
GetCurrentThread
SetThreadPriority
SuspendThread
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetThreadLocale
FileTimeToSystemTime
FileTimeToLocalFileTime
SystemTimeToFileTime
GlobalGetAtomNameW
GetAtomNameW
GlobalFlags
GetStringTypeExW
lstrcmpiW
FlushFileBuffers
LockFile
UnlockFile
DuplicateHandle
GetCurrentProcess
GetVolumeInformationW
GetShortPathNameW
LocalFileTimeToFileTime
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapReAlloc
ExitProcess
HeapSize
SetStdHandle
GetFileType
VirtualProtect
VirtualAlloc
VirtualQuery
GetStdHandle
lstrcmpW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetConsoleCP
GetConsoleMode
FatalAppExitA
GetCPInfo
GetOEMCP
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
GetTimeZoneInformation
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
CreateFileA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetDriveTypeA
GetFullPathNameA
SetEnvironmentVariableA
InterlockedCompareExchange
GetPrivateProfileStringW
WritePrivateProfileStringW
lstrlenA
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
FreeLibrary
LoadLibraryW
GetWindowsDirectoryW
lstrcpyW
WinExec
lstrcatW
GetModuleFileNameW
GetCommandLineW
FreeResource
GlobalUnlock
GlobalLock
GlobalAlloc
LoadResource
SizeofResource
GetVersionExA
GlobalSize
MulDiv
SetLastError
InterlockedDecrement
InterlockedIncrement
CreateSemaphoreW
ReleaseSemaphore
ReleaseMutex
CreateThread
GetExitCodeThread
TerminateThread
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
TryEnterCriticalSection
GetModuleHandleW
LoadLibraryExW
SetCurrentDirectoryW
MoveFileW
GetLongPathNameW
FindResourceW
DeleteFileW
CloseHandle
CreateProcessW
GetPrivateProfileIntW
WaitForSingleObject
MoveFileExW
SearchPathW
GetFullPathNameW
GetFileTime
ReadFile
WriteFile
SetFileTime
SetEndOfFile
SetFilePointer
GetProcAddress
GetSystemDirectoryW
SetErrorMode
OpenEventW
OpenProcess
CreateEventW
ResetEvent
SetEvent
GetTickCount
LocalFree
LocalAlloc
GlobalFree
ResumeThread
GetCurrentThreadId
Sleep
ExpandEnvironmentStringsW
GetSystemInfo
SetEnvironmentVariableW
SetFileAttributesW
RemoveDirectoryW
GetFileAttributesW
CopyFileW
CreateDirectoryW
GetDriveTypeW
FindNextFileW
FindClose
FindFirstFileW
GetVersionExW
WaitForMultipleObjects
ExitThread
GetCurrentDirectoryW
CreateMutexW
GetLastError
FormatMessageW
GetACP
LockResource
GetTempPathW
GetTempFileNameW
GetLocalTime
CreateFileW
GetFileSize
GetCurrentProcessId
GetModuleFileNameA

user32

UnregisterClassW
GetSysColorBrush
DeleteMenu
WaitMessage
DestroyIcon
CharUpperW
GetDialogBaseUnits
PostThreadMessageW
TranslateAcceleratorW
SetMenu
BringWindowToTop
SetRectEmpty
InsertMenuItemW
LoadAcceleratorsW
LoadMenuW
ReuseDDElParam
UnpackDDElParam
GetKeyNameTextW
MapVirtualKeyW
SetParent
UnionRect
GetDCEx
LockWindowUpdate
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
ScrollWindowEx
MoveWindow
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageW
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
UpdateWindow
RegisterClipboardFormatW
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SystemParametersInfoA
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetKeyState
WindowFromPoint
ScreenToClient
GetMenuState
GetMenuStringW
GetMenuItemID
GetMenuItemCount
GetSubMenu
RemoveMenu
UnhookWindowsHookEx
GetDesktopWindow
GetFocus
InvalidateRgn
EqualRect
IntersectRect
OffsetRect
SetRect
IsRectEmpty
CopyRect
IsWindowEnabled
CopyAcceleratorTableW
GetWindowTextLengthW
AttachThreadInput
GetForegroundWindow
GetWindowLongW
GetWindowTextW
SetWindowPos
IsWindowVisible
MapWindowPoints
SetWindowTextW
GetWindowThreadProcessId
GetWindow
GetDlgItem
SendMessageTimeoutW
GetActiveWindow
SystemParametersInfoW
SetForegroundWindow
KillTimer
SetTimer
SetWindowRgn
IsIconic
GetSystemMenu
PostMessageW
InsertMenuW
AppendMenuW
CreatePopupMenu
DrawIcon
GetCursorPos
DestroyMenu
GetMenuItemInfoW
CharNextW
GetNextDlgGroupItem
SetWindowContextHelpId
MapDialogRect
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
ShowOwnedPopups
GetMessageW
LoadIconW
ShowWindow
GetSystemMetrics
TranslateMessage
ValidateRect
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
GetMenu
ClientToScreen
LoadImageW
EnableWindow
GetParent
SetCapture
RedrawWindow
InvalidateRect
ReleaseDC
GetDC
GetClientRect
GetWindowRect
SendMessageW
InflateRect
PtInRect
LoadCursorW
CopyIcon
IsWindow
SetWindowLongW
SetCursor
ReleaseCapture
MessageBeep
GetSysColor
SetFocus
UnregisterClassA

gdi32

RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
SelectClipRgn
GetClipRgn
CreateRectRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocW
PtVisible
RectVisible
SaveDC
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateDIBPatternBrushPt
CreatePatternBrush
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
GetBkColor
GetTextColor
SetRectRgn
GetMapMode
PatBlt
DPtoLP
GetTextMetricsW
GetCharWidthW
CreateFontW
StretchDIBits
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateBitmap
CreateDCW
CopyMetaFileW
GetDeviceCaps
GetRgnBox
CreateRectRgnIndirect
CombineRgn
CreateRoundRectRgn
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteObject
DeleteDC
GetTextExtentPoint32W
GetObjectW
CreateFontIndirectW
TextOutW
GetStockObject

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegSetValueW
RegQueryValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegRestoreKeyW
RegQueryInfoKeyW
RegCreateKeyW
RegEnumKeyW
RegOpenKeyW
RegCloseKey
RegLoadKeyW
RegEnumKeyExW
RegEnumValueW
RegSaveKeyW

shell32

DragFinish
ShellExecuteW
CommandLineToArgvW
Shell_NotifyIconW
ShellExecuteExW
SHGetSpecialFolderPathW
ExtractIconW
DragQueryFileW
SHGetFolderPathW
SHGetFileInfoW

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathFindExtensionW
PathRemoveExtensionW
PathFindFileNameW
UrlUnescapeW
PathStripToRootW
PathFileExistsW
PathIsUNCW

oledlg

OleUIBusyW

ole32

OleRegGetUserType
ReleaseStgMedium
CreateStreamOnHGlobal
StringFromGUID2
CoCreateInstance
CoUninitialize
CoInitializeEx
CLSIDFromProgID
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoDisconnectObject
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
CreateBindCtx
ReadFmtUserTypeStg
ReadClassStg
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleRun
CLSIDFromString
OleDuplicateData
CoTreatAsClass
StringFromCLSID

oleaut32

SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
OleCreateFontIndirect
VariantChangeType
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SafeArrayDestroy
SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantInit
VariantClear
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VarDateFromStr
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarBstrFromDate
LoadTypeLi
SysStringLen
SysAllocStringLen

gdiplus

GdipDrawString
GdipDrawImageRectRectI
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipCreateFont
GdipDeleteFont
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipDisposeImage
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipCreatePen1
GdipDeletePen
GdipSetPenMode
GdipCreatePath
GdipDeletePath
GdipReleaseDC
GdipClosePathFigure
GdipAddPathArcI
GdipSetTextRenderingHint
GdipSetPageUnit
GdipDrawPath
GdipFillRectangleI
GdipFillPath
GdipDrawImageI
GdipDrawImageRectI
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetSmoothingMode
GdipMeasureString
GdipDrawImagePointsI
GdipDrawImageRectRect
GdipCreateFromHDC
GdipAlloc
GdipFree
GdipCloneBrush
GdipCreateSolidFill
GdiplusShutdown
GdiplusStartup
GdipResetPath
GdipDeleteGraphics
GdipDeleteBrush

ws2_32

inet_ntoa
connect
htons
inet_addr
setsockopt
WSACleanup
recv
WSAStartup
socket
closesocket
gethostbyname
send

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 246KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 245KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 112KB

.rsrc Size: 4KB - Virtual size: 4KB

0ece15e7d9bb35972aec701f46192460

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 512B - Virtual size: 503B

.data Size: 512B - Virtual size: 128B

.reloc Size: 512B - Virtual size: 220B

5e1d3f49e5b7590e18325930cd3084f1

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 512B - Virtual size: 470B

.data Size: 2KB - Virtual size: 7KB

.reloc Size: 1024B - Virtual size: 730B

440a58276324fb4f7b50ac54374ecf17

Headers

File Characteristics

Imports

shlwapi

wininet

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 132KB - Virtual size: 128KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 8KB - Virtual size: 21KB

.rsrc Size: 4KB - Virtual size: 456B

.reloc Size: 12KB - Virtual size: 9KB

9cce555dd3ff1b6c7dc92d64c794c51a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 25KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 112KB

.rsrc
Size: 4KB - Virtual size: 4KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 512B - Virtual size: 503B

.data
Size: 512B - Virtual size: 128B

.reloc
Size: 512B - Virtual size: 220B

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 512B - Virtual size: 470B

.data
Size: 2KB - Virtual size: 7KB

.reloc
Size: 1024B - Virtual size: 730B

.text
Size: 132KB - Virtual size: 128KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 8KB - Virtual size: 21KB

.rsrc
Size: 4KB - Virtual size: 456B

.reloc
Size: 12KB - Virtual size: 9KB

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 25KB

.reloc
Size: 1024B - Virtual size: 836B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 520B

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 6KB

.reloc
Size: 1024B - Virtual size: 848B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 572B

UPX0
Size: - Virtual size: 44KB

UPX1
Size: 19KB - Virtual size: 20KB

.rsrc
Size: 1024B - Virtual size: 4KB

CODE
Size: 28KB - Virtual size: 28KB

DATA
Size: 1KB - Virtual size: 1KB

BSS
Size: - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 73B

.reloc
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 2KB