分析任务
| 分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
|---|---|---|---|---|
| 文件 (Windows) | win7-sp1-x64-shaapp03-1 | 2023-01-27 10:39:31 | 2023-01-27 10:40:16 | 45 秒 |
魔盾分数
2.925
可疑的
文件详细信息
| 文件名 | SGTool.exe |
|---|---|
| 文件大小 | 10332312 字节 |
| 文件类型 | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 524a5a18e4de9a6d451d25eaf80705a0 |
| SHA1 | 979cdc4c70f923ea08af939a62cc47ca688e4c71 |
| SHA256 | 2e2c454d7e12f2f96d8cbb7c991cf6e343f8d3044fa65e4c969f245d4b882508 |
| SHA512 | e743f3237bc674c0ed721dab6ea5e9f36a5b3dbce9824ccd87bfe7c85d288955fad26ea9ab885e1d5739a39bdc96910f3c1f04d26780531463a1219f1bad7f68 |
| CRC32 | ABD58B0B |
| Ssdeep | 98304:sR2o36WcXVeSYKIxoLNdwwj94UR0I1344gGYxyk2O/B/ZeRqw/LBxUDaL7zIN90C:sUpt0SYKIWRhjJRl1oDGYo6KxUD+IL9d |
| Yara | 登录查看Yara规则 |
| 找不到该样本 提交漏报 |
登录查看威胁特征
运行截图
没有可用的屏幕截图访问主机纪录 (可点击查询WPING实时安全评级)
无主机纪录.
域名解析 (可点击查询WPING实时安全评级)
无域名信息.
摘要
登录查看详细行为信息PE 信息
| 初始地址 | 0x00400000 |
|---|---|
| 入口地址 | 0x00902915 |
| 声明校验值 | 0x009e1fbe |
| 实际校验值 | 0x009e1fbe |
| 最低操作系统版本要求 | 6.0 |
| PDB路径 | E:\data\landun\workspace\p-8e18b00276fd470e835a1e79d9eeecd4\src\bin\sogoupdb\sogouinput\SGTool.pdb |
| 编译时间 | 2022-11-28 16:06:49 |
| 载入哈希 | 3564bcd6a2065fb9b9d2ce27d8f92079 |
| 图标 |  |
| 图标精确哈希值 | 27043e50c73d185e554019a0874141ae |
| 图标相似性哈希值 | 75fa656b7343fcab95722f7ecf7fef2c |
版本信息
| LegalCopyright | |
|---|---|
| InternalName | |
| FileVersion | |
| CompanyName | |
| ProductName | |
| ProductVersion | |
| FileDescription | |
| OriginalFilename | |
| Translation |
微软证书验证 (Sign Tool)
| SHA1 | 时间戳 | 有效性 | 错误 |
|---|---|---|---|
| None | Mon Nov 28 16:15:02 2022 | 无 |
| 证书链 | Certificate Chain 1 |
| 发行给 | DigiCert Assured ID Root CA |
| 发行人 | DigiCert Assured ID Root CA |
| 有效期 | Mon Nov 10 080000 2031 |
| SHA1 哈希 | 0563b8630d62d75abbc8ab1e4bdfb5a899b24d43 |
| 证书链 | Certificate Chain 2 |
| 发行给 | DigiCert SHA2 Assured ID Code Signing CA |
| 发行人 | DigiCert Assured ID Root CA |
| 有效期 | Sun Oct 22 200000 2028 |
| SHA1 哈希 | 92c1588e85af2201ce7915e8538b492f605b80c6 |
| 证书链 | Certificate Chain 3 |
| 发行给 | Beijing Sogou Technology Development Co., Ltd. |
| 发行人 | DigiCert SHA2 Assured ID Code Signing CA |
| 有效期 | Thu Aug 22 075959 2024 |
| SHA1 哈希 | 652b97b5eb244e074fdf9d640a52e94447ed42f1 |
| 证书链 | Timestamp Chain 1 |
| 发行给 | DigiCert Assured ID Root CA |
| 发行人 | DigiCert Assured ID Root CA |
| 有效期 | Mon Nov 10 080000 2031 |
| SHA1 哈希 | 0563b8630d62d75abbc8ab1e4bdfb5a899b24d43 |
| 证书链 | Timestamp Chain 2 |
| 发行给 | DigiCert Trusted Root G4 |
| 发行人 | DigiCert Assured ID Root CA |
| 有效期 | Mon Nov 10 075959 2031 |
| SHA1 哈希 | a99d5b79e9f1cda59cdab6373169d5353f5874c6 |
| 证书链 | Timestamp Chain 3 |
| 发行给 | DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA |
| 发行人 | DigiCert Trusted Root G4 |
| 有效期 | Mon Mar 23 075959 2037 |
| SHA1 哈希 | b6c8af834d4e53b673c76872aa8c950c7c54df5f |
| 证书链 | Timestamp Chain 4 |
| 发行给 | DigiCert Timestamp 2022 - 2 |
| 发行人 | DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA |
| 有效期 | Tue Nov 22 075959 2033 |
| SHA1 哈希 | f387224d8633829235a994bcbd8f96e9fe1c7c73 |
PE 数据组成
| 名称 | 虚拟地址 | 虚拟大小 | 原始数据大小 | 特征 | 熵(Entropy) |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x0061f588 | 0x0061f600 | IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ | 6.52 |
| .rdata | 0x00621000 | 0x001a6da6 | 0x001a6e00 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ | 4.46 |
| .data | 0x007c8000 | 0x0015be28 | 0x0004e000 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE | 4.10 |
| .rsrc | 0x00924000 | 0x00166c18 | 0x00166e00 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ | 7.10 |
| .reloc | 0x00a8b000 | 0x0005cd28 | 0x0005ce00 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ | 6.61 |
覆盖
| 偏移量 | 0x009d8400 |
| 大小 | 0x00002498 |
资源
| 名称 | 偏移量 | 大小 | 语言 | 子语言 | 熵(Entropy) | 文件类型 |
|---|---|---|---|---|---|---|
| APNG | 0x00a4b938 | 0x00000b2e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.31 | GIF image data, version 89a, 30 x 30 |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| PNG | 0x00a83e60 | 0x0000026b | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.47 | PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced |
| RC_PNG | 0x0097a5a8 | 0x00000858 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.49 | PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced |
| RC_PNG | 0x0097a5a8 | 0x00000858 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.49 | PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced |
| RC_PNG | 0x0097a5a8 | 0x00000858 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.49 | PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced |
| RC_PNG | 0x0097a5a8 | 0x00000858 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.49 | PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced |
| RC_PNG | 0x0097a5a8 | 0x00000858 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.49 | PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced |
| RC_PNG | 0x0097a5a8 | 0x00000858 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.49 | PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced |
| RC_PNG | 0x0097a5a8 | 0x00000858 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.49 | PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced |
| RC_PNG | 0x0097a5a8 | 0x00000858 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.49 | PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced |
| RC_PNG | 0x0097a5a8 | 0x00000858 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.49 | PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced |
| RC_PNG | 0x0097a5a8 | 0x00000858 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.49 | PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced |
| RC_PNG | 0x0097a5a8 | 0x00000858 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.49 | PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced |
| RC_PNG | 0x0097a5a8 | 0x00000858 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.49 | PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced |
| RC_PNG | 0x0097a5a8 | 0x00000858 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.49 | PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced |
| RC_PNG | 0x0097a5a8 | 0x00000858 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.49 | PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced |
| RC_PNG | 0x0097a5a8 | 0x00000858 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.49 | PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced |
| RC_PNG | 0x0097a5a8 | 0x00000858 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.49 | PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced |
| RC_PNG | 0x0097a5a8 | 0x00000858 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.49 | PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced |
| RC_PNG | 0x0097a5a8 | 0x00000858 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.49 | PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced |
| RC_PNG | 0x0097a5a8 | 0x00000858 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.49 | PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced |
| RC_PNG | 0x0097a5a8 | 0x00000858 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.49 | PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced |
| RC_PNG | 0x0097a5a8 | 0x00000858 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.49 | PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced |
| RC_PNG | 0x0097a5a8 | 0x00000858 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.49 | PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced |
| RC_PNG | 0x0097a5a8 | 0x00000858 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.49 | PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced |
| RT_CURSOR | 0x00a892f0 | 0x0000012c | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.80 | data |
| RT_CURSOR | 0x00a892f0 | 0x0000012c | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.80 | data |
| RT_CURSOR | 0x00a892f0 | 0x0000012c | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.80 | data |
| RT_CURSOR | 0x00a892f0 | 0x0000012c | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.80 | data |
| RT_CURSOR | 0x00a892f0 | 0x0000012c | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.80 | data |
| RT_CURSOR | 0x00a892f0 | 0x0000012c | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.80 | data |
| RT_CURSOR | 0x00a892f0 | 0x0000012c | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.80 | data |
| RT_CURSOR | 0x00a892f0 | 0x0000012c | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.80 | data |
| RT_CURSOR | 0x00a892f0 | 0x0000012c | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.80 | data |
| RT_CURSOR | 0x00a892f0 | 0x0000012c | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.80 | data |
| RT_CURSOR | 0x00a892f0 | 0x0000012c | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.80 | data |
| RT_CURSOR | 0x00a892f0 | 0x0000012c | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.80 | data |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_BITMAP | 0x009cabb8 | 0x00000328 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x009b46c0 | 0x00000568 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.37 | GLS_BINARY_LSB_FIRST |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_DIALOG | 0x00a89640 | 0x000000cc | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.38 | data |
| RT_STRING | 0x00a8a7a8 | 0x00000044 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 1.92 | data |
| RT_STRING | 0x00a8a7a8 | 0x00000044 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 1.92 | data |
| RT_STRING | 0x00a8a7a8 | 0x00000044 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 1.92 | data |
| RT_STRING | 0x00a8a7a8 | 0x00000044 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 1.92 | data |
| RT_STRING | 0x00a8a7a8 | 0x00000044 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 1.92 | data |
| RT_STRING | 0x00a8a7a8 | 0x00000044 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 1.92 | data |
| RT_STRING | 0x00a8a7a8 | 0x00000044 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 1.92 | data |
| RT_STRING | 0x00a8a7a8 | 0x00000044 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 1.92 | data |
| RT_STRING | 0x00a8a7a8 | 0x00000044 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 1.92 | data |
| RT_STRING | 0x00a8a7a8 | 0x00000044 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 1.92 | data |
| RT_STRING | 0x00a8a7a8 | 0x00000044 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 1.92 | data |
| RT_STRING | 0x00a8a7a8 | 0x00000044 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 1.92 | data |
| RT_ACCELERATOR | 0x00a89710 | 0x00000070 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 2.95 | data |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_RCDATA | 0x00a4b560 | 0x000003d3 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 6.03 | PNG image data, 10 x 6, 8-bit/color RGB, non-interlaced |
| RT_GROUP_CURSOR | 0x00a89420 | 0x0000005a | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.93 | MS Windows cursor resource - 6 icons, 32x256, hotspot @1x32 |
| RT_GROUP_CURSOR | 0x00a89420 | 0x0000005a | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.93 | MS Windows cursor resource - 6 icons, 32x256, hotspot @1x32 |
| RT_GROUP_ICON | 0x009b4c28 | 0x00000014 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.08 | MS Windows icon resource - 1 icon, 16x16 |
| RT_GROUP_ICON | 0x009b4c28 | 0x00000014 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.08 | MS Windows icon resource - 1 icon, 16x16 |
| RT_GROUP_ICON | 0x009b4c28 | 0x00000014 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.08 | MS Windows icon resource - 1 icon, 16x16 |
| RT_GROUP_ICON | 0x009b4c28 | 0x00000014 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.08 | MS Windows icon resource - 1 icon, 16x16 |
| RT_GROUP_ICON | 0x009b4c28 | 0x00000014 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.08 | MS Windows icon resource - 1 icon, 16x16 |
| RT_GROUP_ICON | 0x009b4c28 | 0x00000014 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.08 | MS Windows icon resource - 1 icon, 16x16 |
| RT_GROUP_ICON | 0x009b4c28 | 0x00000014 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.08 | MS Windows icon resource - 1 icon, 16x16 |
| RT_GROUP_ICON | 0x009b4c28 | 0x00000014 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.08 | MS Windows icon resource - 1 icon, 16x16 |
| RT_GROUP_ICON | 0x009b4c28 | 0x00000014 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.08 | MS Windows icon resource - 1 icon, 16x16 |
| RT_GROUP_ICON | 0x009b4c28 | 0x00000014 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.08 | MS Windows icon resource - 1 icon, 16x16 |
| RT_VERSION | 0x00a89780 | 0x000002f4 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 3.60 | data |
| RT_VERSION | 0x00a89780 | 0x000002f4 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 3.60 | data |
| RT_HTML | 0x00a840d0 | 0x0000096c | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.30 | HTML document, UTF-8 Unicode text |
| RT_MANIFEST | 0x00a8a998 | 0x00000280 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 5.07 | XML 1.0 document text |
导入
库: IPHLPAPI.DLL:
• 0xa211c8 GetAdaptersInfo
库: WININET.dll:
• 0xa21920 InternetSetCookieW
• 0xa21924 InternetCanonicalizeUrlW
• 0xa21928 InternetCheckConnectionW
• 0xa2192c InternetReadFile
• 0xa21930 InternetWriteFile
• 0xa21934 HttpOpenRequestA
• 0xa21938 HttpAddRequestHeadersW
• 0xa2193c InternetCrackUrlA
• 0xa21940 HttpEndRequestW
• 0xa21944 InternetConnectW
• 0xa21948 InternetQueryDataAvailable
• 0xa2194c HttpOpenRequestW
• 0xa21950 HttpSendRequestW
• 0xa21954 HttpQueryInfoW
• 0xa21958 InternetQueryOptionW
• 0xa2195c InternetErrorDlg
• 0xa21960 InternetConnectA
• 0xa21964 InternetSetOptionW
• 0xa21968 InternetCloseHandle
• 0xa2196c InternetOpenUrlW
• 0xa21970 InternetOpenW
• 0xa21974 InternetGetConnectedState
• 0xa21978 HttpSendRequestExW
库: COMCTL32.dll:
• 0xa210d4 InitCommonControlsEx
• 0xa210d8 ImageList_ReplaceIcon
• 0xa210dc ImageList_Create
库: IMM32.dll:
• 0xa211a8 ImmSetHotKey
• 0xa211ac ImmGetHotKey
• 0xa211b0 ImmDestroyContext
• 0xa211b4 ImmGetIMEFileNameW
• 0xa211b8 ImmInstallIMEW
• 0xa211bc ImmAssociateContext
• 0xa211c0 ImmDisableIME
库: KERNEL32.dll:
• 0xa211d0 GetSystemDirectoryA
• 0xa211d4 LoadLibraryA
• 0xa211d8 GetFileAttributesW
• 0xa211dc ReleaseMutex
• 0xa211e0 CreateFileMappingW
• 0xa211e4 OpenFileMappingW
• 0xa211e8 MapViewOfFile
• 0xa211ec FlushViewOfFile
• 0xa211f0 UnmapViewOfFile
• 0xa211f4 GetCurrentThread
• 0xa211f8 GetStdHandle
• 0xa211fc CreateFileA
• 0xa21200 GetFileType
• 0xa21204 SetFilePointerEx
• 0xa21208 GetStartupInfoW
• 0xa2120c FormatMessageA
• 0xa21210 SystemTimeToFileTime
• 0xa21214 OpenMutexW
• 0xa21218 ExpandEnvironmentStringsA
• 0xa2121c SleepEx
• 0xa21220 lstrcmpiW
• 0xa21224 WriteProfileStringW
• 0xa21228 GetACP
• 0xa2122c GetExitCodeThread
• 0xa21230 CreateThread
• 0xa21234 WaitForSingleObjectEx
• 0xa21238 GetTempFileNameW
• 0xa2123c FindResourceW
• 0xa21240 SizeofResource
• 0xa21244 LockResource
• 0xa21248 LoadResource
• 0xa2124c FindResourceExW
• 0xa21250 SetEndOfFile
• 0xa21254 GetLastError
• 0xa21258 MultiByteToWideChar
• 0xa2125c WideCharToMultiByte
• 0xa21260 GetSystemDirectoryW
• 0xa21264 GetModuleHandleW
• 0xa21268 CloseHandle
• 0xa2126c Sleep
• 0xa21270 TerminateProcess
• 0xa21274 GetCurrentThreadId
• 0xa21278 UnregisterWaitEx
• 0xa2127c QueryDepthSList
• 0xa21280 ReleaseSemaphore
• 0xa21284 GetThreadTimes
• 0xa21288 UnregisterWait
• 0xa2128c RegisterWaitForSingleObject
• 0xa21290 SetThreadAffinityMask
• 0xa21294 GetProcessAffinityMask
• 0xa21298 GetNumaHighestNodeNumber
• 0xa2129c DeleteTimerQueueTimer
• 0xa212a0 ChangeTimerQueueTimer
• 0xa212a4 CreateTimerQueueTimer
• 0xa212a8 GetLogicalProcessorInformation
• 0xa212ac GetThreadPriority
• 0xa212b0 SetThreadPriority
• 0xa212b4 SignalObjectAndWait
• 0xa212b8 CreateTimerQueue
• 0xa212bc WriteConsoleW
• 0xa212c0 SetEnvironmentVariableA
• 0xa212c4 FreeEnvironmentStringsW
• 0xa212c8 GetEnvironmentStringsW
• 0xa212cc FindFirstFileExW
• 0xa212d0 GetCurrentDirectoryW
• 0xa212d4 GetOEMCP
• 0xa212d8 IsValidCodePage
• 0xa212dc SetStdHandle
• 0xa212e0 ReadFile
• 0xa212e4 GetUserDefaultLCID
• 0xa212e8 IsValidLocale
• 0xa212ec GetTimeFormatW
• 0xa212f0 GetDateFormatW
• 0xa212f4 ReadConsoleW
• 0xa212f8 GetConsoleMode
• 0xa212fc SystemTimeToTzSpecificLocalTime
• 0xa21300 PeekNamedPipe
• 0xa21304 GetFileInformationByHandle
• 0xa21308 GetDriveTypeW
• 0xa2130c FreeLibraryAndExitThread
• 0xa21310 GetFullPathNameW
• 0xa21314 GetModuleHandleExW
• 0xa21318 ExitProcess
• 0xa2131c GetCommandLineA
• 0xa21320 InterlockedFlushSList
• 0xa21324 RtlUnwind
• 0xa21328 SuspendThread
• 0xa2132c GetThreadContext
• 0xa21330 SetThreadContext
• 0xa21334 InterlockedCompareExchange
• 0xa21338 FlushInstructionCache
• 0xa2133c InterlockedPushEntrySList
• 0xa21340 InterlockedPopEntrySList
• 0xa21344 GetCPInfo
• 0xa21348 LCMapStringW
• 0xa2134c EncodePointer
• 0xa21350 GetStringTypeW
• 0xa21354 InitializeSListHead
• 0xa21358 IsProcessorFeaturePresent
• 0xa2135c UnhandledExceptionFilter
• 0xa21360 VerifyVersionInfoW
• 0xa21364 VerSetConditionMask
• 0xa21368 ConnectNamedPipe
• 0xa2136c GetOverlappedResult
• 0xa21370 ReadFileEx
• 0xa21374 DisconnectNamedPipe
• 0xa21378 WaitForMultipleObjectsEx
• 0xa2137c WriteFileEx
• 0xa21380 CreateNamedPipeW
• 0xa21384 SetNamedPipeHandleState
• 0xa21388 CreateIoCompletionPort
• 0xa2138c TransactNamedPipe
• 0xa21390 GetQueuedCompletionStatus
• 0xa21394 SetWaitableTimer
• 0xa21398 WaitNamedPipeW
• 0xa2139c GlobalReAlloc
• 0xa213a0 OpenFileMappingA
• 0xa213a4 CreateFileMappingA
• 0xa213a8 GetWindowsDirectoryA
• 0xa213ac CompareStringW
• 0xa213b0 GetSystemTimeAsFileTime
• 0xa213b4 GetEnvironmentVariableW
• 0xa213b8 ExpandEnvironmentStringsW
• 0xa213bc IsDebuggerPresent
• 0xa213c0 lstrcatW
• 0xa213c4 GlobalHandle
• 0xa213c8 TryEnterCriticalSection
• 0xa213cc GetSystemTime
• 0xa213d0 GetDiskFreeSpaceExW
• 0xa213d4 VirtualAlloc
• 0xa213d8 VirtualFree
• 0xa213dc GetWindowsDirectoryW
• 0xa213e0 LocalAlloc
• 0xa213e4 FlushFileBuffers
• 0xa213e8 GetFileTime
• 0xa213ec CreateProcessW
• 0xa213f0 GetFileAttributesExW
• 0xa213f4 GetProcessId
• 0xa213f8 SetFileTime
• 0xa213fc GetLogicalDriveStringsW
• 0xa21400 RemoveDirectoryW
• 0xa21404 QueryDosDeviceW
• 0xa21408 FormatMessageW
• 0xa2140c ExitThread
• 0xa21410 DuplicateHandle
• 0xa21414 GetModuleHandleA
• 0xa21418 SwitchToThread
• 0xa2141c TlsFree
• 0xa21420 TlsAlloc
• 0xa21424 TlsGetValue
• 0xa21428 TlsSetValue
• 0xa2142c LoadLibraryExA
• 0xa21430 VirtualQuery
• 0xa21434 VirtualProtect
• 0xa21438 GetFileSizeEx
• 0xa2143c GetConsoleCP
• 0xa21440 OpenProcess
• 0xa21444 GetModuleFileNameW
• 0xa21448 GetFileSize
• 0xa2144c GetTickCount
• 0xa21450 GetCurrentProcess
• 0xa21454 GetCurrentProcessId
• 0xa21458 LocalFree
• 0xa2145c CreateToolhelp32Snapshot
• 0xa21460 Process32FirstW
• 0xa21464 Process32NextW
• 0xa21468 Module32FirstW
• 0xa2146c Module32NextW
• 0xa21470 EnterCriticalSection
• 0xa21474 LeaveCriticalSection
• 0xa21478 GlobalAlloc
• 0xa2147c GlobalUnlock
• 0xa21480 GlobalLock
• 0xa21484 GlobalFree
• 0xa21488 MulDiv
• 0xa2148c WaitForMultipleObjects
• 0xa21490 LoadLibraryExW
• 0xa21494 FreeLibrary
• 0xa21498 SetUnhandledExceptionFilter
• 0xa2149c GetSystemInfo
• 0xa214a0 WriteFile
• 0xa214a4 SetFilePointer
• 0xa214a8 GlobalMemoryStatusEx
• 0xa214ac GetTimeZoneInformation
• 0xa214b0 TerminateThread
• 0xa214b4 QueryPerformanceFrequency
• 0xa214b8 QueryPerformanceCounter
• 0xa214bc lstrcpynW
• 0xa214c0 lstrcpynA
• 0xa214c4 ResumeThread
• 0xa214c8 LoadLibraryW
• 0xa214cc GetTempPathW
• 0xa214d0 SetFileAttributesW
• 0xa214d4 SetLastError
• 0xa214d8 lstrlenA
• 0xa214dc DebugBreak
• 0xa214e0 InitializeCriticalSectionAndSpinCount
• 0xa214e4 GetCommandLineW
• 0xa214e8 CreateFileW
• 0xa214ec FileTimeToSystemTime
• 0xa214f0 MoveFileExW
• 0xa214f4 FindNextFileW
• 0xa214f8 FindFirstFileW
• 0xa214fc FindClose
• 0xa21500 FileTimeToLocalFileTime
• 0xa21504 EnumSystemLocalesW
• 0xa21508 lstrcpyW
• 0xa2150c lstrcmpW
• 0xa21510 GetLocaleInfoW
• 0xa21514 ResetEvent
• 0xa21518 CopyFileW
• 0xa2151c CreateMutexW
• 0xa21520 DeleteFileW
• 0xa21524 CreateDirectoryW
• 0xa21528 GlobalAddAtomW
• 0xa2152c GetProcAddress
• 0xa21530 GetLocalTime
• 0xa21534 SetEvent
• 0xa21538 OpenEventW
• 0xa2153c CreateEventW
• 0xa21540 InitializeCriticalSectionEx
• 0xa21544 GetProcessHeap
• 0xa21548 HeapSize
• 0xa2154c HeapFree
• 0xa21550 HeapReAlloc
• 0xa21554 HeapAlloc
• 0xa21558 HeapDestroy
• 0xa2155c RaiseException
• 0xa21560 DecodePointer
• 0xa21564 GetExitCodeProcess
• 0xa21568 WaitForSingleObject
• 0xa2156c DeleteCriticalSection
• 0xa21570 InitializeCriticalSection
• 0xa21574 OutputDebugStringW
• 0xa21578 GetVersionExW
• 0xa2157c lstrlenW
库: USER32.dll:
• 0xa21648 PostThreadMessageW
• 0xa2164c SendMessageTimeoutW
• 0xa21650 ShowWindow
• 0xa21654 PostQuitMessage
• 0xa21658 EnableWindow
• 0xa2165c IsWindowEnabled
• 0xa21660 GetSystemMetrics
• 0xa21664 GetDC
• 0xa21668 MonitorFromPoint
• 0xa2166c GetMonitorInfoW
• 0xa21670 SetTimer
• 0xa21674 FindWindowW
• 0xa21678 ActivateKeyboardLayout
• 0xa2167c PostMessageW
• 0xa21680 DialogBoxParamW
• 0xa21684 EndDialog
• 0xa21688 GetDlgItem
• 0xa2168c SetFocus
• 0xa21690 GetSystemMenu
• 0xa21694 RemoveMenu
• 0xa21698 DrawIconEx
• 0xa2169c EqualRect
• 0xa216a0 DispatchMessageW
• 0xa216a4 GetClassLongW
• 0xa216a8 ScreenToClient
• 0xa216ac SetWindowRgn
• 0xa216b0 EnumDisplayMonitors
• 0xa216b4 AdjustWindowRectEx
• 0xa216b8 AttachThreadInput
• 0xa216bc RedrawWindow
• 0xa216c0 EnumDisplayDevicesW
• 0xa216c4 EnumDisplaySettingsW
• 0xa216c8 MsgWaitForMultipleObjects
• 0xa216cc CheckDlgButton
• 0xa216d0 GetCursor
• 0xa216d4 SetScrollInfo
• 0xa216d8 GetLastInputInfo
• 0xa216dc LoadIconW
• 0xa216e0 TranslateMessage
• 0xa216e4 GetMessageW
• 0xa216e8 GetClassNameW
• 0xa216ec EnumThreadWindows
• 0xa216f0 TrackPopupMenu
• 0xa216f4 InflateRect
• 0xa216f8 GetWindowTextW
• 0xa216fc SendMessageW
• 0xa21700 TrackMouseEvent
• 0xa21704 keybd_event
• 0xa21708 BringWindowToTop
• 0xa2170c OffsetRect
• 0xa21710 ExitWindowsEx
• 0xa21714 FillRect
• 0xa21718 LoadMenuW
• 0xa2171c LoadAcceleratorsW
• 0xa21720 CharLowerW
• 0xa21724 LoadBitmapW
• 0xa21728 SetClassLongW
• 0xa2172c MessageBeep
• 0xa21730 DrawTextW
• 0xa21734 SetMenuDefaultItem
• 0xa21738 SetMenuItemInfoW
• 0xa2173c GetMenuItemInfoW
• 0xa21740 TrackPopupMenuEx
• 0xa21744 AppendMenuW
• 0xa21748 GetMenuItemCount
• 0xa2174c DestroyMenu
• 0xa21750 CreatePopupMenu
• 0xa21754 TranslateAcceleratorW
• 0xa21758 GetClassInfoExW
• 0xa2175c LoadStringA
• 0xa21760 LoadStringW
• 0xa21764 IsDlgButtonChecked
• 0xa21768 EnumChildWindows
• 0xa2176c EndDeferWindowPos
• 0xa21770 DeferWindowPos
• 0xa21774 BeginDeferWindowPos
• 0xa21778 SetLayeredWindowAttributes
• 0xa2177c IsDialogMessageW
• 0xa21780 CreateDialogParamW
• 0xa21784 MonitorFromWindow
• 0xa21788 GetWindow
• 0xa2178c FindWindowExW
• 0xa21790 MapWindowPoints
• 0xa21794 CharNextW
• 0xa21798 wvsprintfW
• 0xa2179c MonitorFromRect
• 0xa217a0 SubtractRect
• 0xa217a4 IntersectRect
• 0xa217a8 GetKeyboardLayoutList
• 0xa217ac UnloadKeyboardLayout
• 0xa217b0 wsprintfW
• 0xa217b4 EndPaint
• 0xa217b8 BeginPaint
• 0xa217bc RegisterClassExW
• 0xa217c0 PeekMessageW
• 0xa217c4 VkKeyScanW
• 0xa217c8 SystemParametersInfoW
• 0xa217cc SetCursorPos
• 0xa217d0 MessageBoxW
• 0xa217d4 DrawIcon
• 0xa217d8 GetUserObjectInformationW
• 0xa217dc GetThreadDesktop
• 0xa217e0 RegisterClassW
• 0xa217e4 RegisterWindowMessageW
• 0xa217e8 IsRectEmpty
• 0xa217ec CopyRect
• 0xa217f0 SetRectEmpty
• 0xa217f4 GetClientRect
• 0xa217f8 MoveWindow
• 0xa217fc CloseWindow
• 0xa21800 GetKeyState
• 0xa21804 GetScrollInfo
• 0xa21808 ShowScrollBar
• 0xa2180c IsWindow
• 0xa21810 UnregisterHotKey
• 0xa21814 RegisterHotKey
• 0xa21818 GetAsyncKeyState
• 0xa2181c InvalidateRect
• 0xa21820 EnumWindows
• 0xa21824 UnregisterClassW
• 0xa21828 IsClipboardFormatAvailable
• 0xa2182c GetClipboardData
• 0xa21830 GetWindowDC
• 0xa21834 ReleaseCapture
• 0xa21838 UpdateLayeredWindow
• 0xa2183c SetRect
• 0xa21840 PtInRect
• 0xa21844 GetFocus
• 0xa21848 ClientToScreen
• 0xa2184c EmptyClipboard
• 0xa21850 RegisterClipboardFormatW
• 0xa21854 SetClipboardData
• 0xa21858 CloseClipboard
• 0xa2185c OpenClipboard
• 0xa21860 GetCursorInfo
• 0xa21864 NotifyWinEvent
• 0xa21868 GetParent
• 0xa2186c SetWindowLongW
• 0xa21870 GetWindowLongW
• 0xa21874 GetWindowTextLengthW
• 0xa21878 SetWindowTextW
• 0xa2187c GetPropW
• 0xa21880 SetPropW
• 0xa21884 SetCapture
• 0xa21888 IsWindowVisible
• 0xa2188c SetWindowPos
• 0xa21890 DestroyWindow
• 0xa21894 CreateWindowExW
• 0xa21898 CallWindowProcW
• 0xa2189c DefWindowProcW
• 0xa218a0 LoadImageW
• 0xa218a4 DestroyIcon
• 0xa218a8 LoadCursorW
• 0xa218ac GetCursorPos
• 0xa218b0 SetCursor
• 0xa218b4 GetWindowRect
• 0xa218b8 GetForegroundWindow
• 0xa218bc KillTimer
• 0xa218c0 GetWindowThreadProcessId
• 0xa218c4 GetDesktopWindow
• 0xa218c8 ReleaseDC
• 0xa218cc SetForegroundWindow
• 0xa218d0 SendInput
• 0xa218d4 IsIconic
• 0xa218d8 WindowFromPoint
• 0xa218dc MsgWaitForMultipleObjectsEx
• 0xa218e0 GetWindowPlacement
• 0xa218e4 InsertMenuItemW
• 0xa218e8 GetMessagePos
• 0xa218ec mouse_event
• 0xa218f0 MenuItemFromPoint
• 0xa218f4 GetMenuItemRect
• 0xa218f8 GetMenuItemID
• 0xa218fc LoadKeyboardLayoutW
库: GDI32.dll:
• 0xa210f4 CreateDIBSection
• 0xa210f8 SetTextCharacterExtra
• 0xa210fc GetFontData
• 0xa21100 StretchDIBits
• 0xa21104 CreateRectRgn
• 0xa21108 GetClipRgn
• 0xa2110c EnumFontFamiliesExW
• 0xa21110 GetCharABCWidthsFloatW
• 0xa21114 CombineRgn
• 0xa21118 OffsetRgn
• 0xa2111c ExtCreateRegion
• 0xa21120 SetViewportOrgEx
• 0xa21124 RestoreDC
• 0xa21128 SaveDC
• 0xa2112c SelectClipRgn
• 0xa21130 GetStockObject
• 0xa21134 GetTextExtentPoint32W
• 0xa21138 RemoveFontResourceW
• 0xa2113c StretchBlt
• 0xa21140 GetPixel
• 0xa21144 CreateDCW
• 0xa21148 AddFontResourceW
• 0xa2114c GetFontUnicodeRanges
• 0xa21150 GetDeviceCaps
• 0xa21154 GetTextMetricsW
• 0xa21158 DPtoLP
• 0xa2115c SetMapMode
• 0xa21160 CreateCompatibleDC
• 0xa21164 CreateCompatibleBitmap
• 0xa21168 BitBlt
• 0xa2116c MoveToEx
• 0xa21170 LineTo
• 0xa21174 DeleteDC
• 0xa21178 GetObjectW
• 0xa2117c SetBkMode
• 0xa21180 Rectangle
• 0xa21184 GetTextExtentPointW
• 0xa21188 CreateSolidBrush
• 0xa2118c CreatePen
• 0xa21190 SelectObject
• 0xa21194 GetTextExtentExPointW
• 0xa21198 DeleteObject
• 0xa2119c SetTextColor
• 0xa211a0 CreateFontIndirectW
库: ADVAPI32.dll:
• 0xa21000 RegUnLoadKeyW
• 0xa21004 RegCreateKeyW
• 0xa21008 RegEnumKeyW
• 0xa2100c OpenProcessToken
• 0xa21010 AdjustTokenPrivileges
• 0xa21014 LookupPrivilegeValueW
• 0xa21018 RegCloseKey
• 0xa2101c AddMandatoryAce
• 0xa21020 RegSaveKeyW
• 0xa21024 RegRestoreKeyW
• 0xa21028 CryptAcquireContextW
• 0xa2102c CryptDecrypt
• 0xa21030 CryptSetKeyParam
• 0xa21034 CryptDestroyKey
• 0xa21038 CryptEncrypt
• 0xa2103c CryptImportKey
• 0xa21040 CryptReleaseContext
• 0xa21044 GetSecurityDescriptorSacl
• 0xa21048 SetSecurityDescriptorDacl
• 0xa2104c BuildExplicitAccessWithNameW
• 0xa21050 SetEntriesInAclW
• 0xa21054 SetNamedSecurityInfoW
• 0xa21058 GetNamedSecurityInfoW
• 0xa2105c RegEnumValueW
• 0xa21060 RegLoadKeyW
• 0xa21064 SetSecurityDescriptorSacl
• 0xa21068 InitializeSecurityDescriptor
• 0xa2106c InitializeAcl
• 0xa21070 SetSecurityInfo
• 0xa21078 AddAccessAllowedAceEx
• 0xa2107c GetLengthSid
• 0xa21080 RegEnumKeyExW
• 0xa21084 RegFlushKey
• 0xa21088 RegOpenKeyExW
• 0xa2108c RegQueryInfoKeyW
• 0xa21090 RegQueryValueExW
• 0xa21094 RegSetValueExW
• 0xa21098 RegCreateKeyExW
• 0xa2109c RegDeleteKeyW
• 0xa210a0 GetUserNameW
• 0xa210a4 RegOpenKeyW
• 0xa210a8 ConvertSidToStringSidW
• 0xa210ac CreateProcessAsUserW
• 0xa210b0 RegDeleteValueW
• 0xa210b4 FreeSid
• 0xa210b8 EqualSid
• 0xa210bc AllocateAndInitializeSid
• 0xa210c0 LookupAccountSidW
• 0xa210c4 GetTokenInformation
• 0xa210c8 DuplicateTokenEx
• 0xa210cc LookupAccountNameW
库: SHELL32.dll:
• 0xa215f4 SHFileOperationW
• 0xa215f8 ShellExecuteExW
• 0xa215fc ExtractIconW
• 0xa21600 SHGetFolderPathW
• 0xa21604 ShellExecuteW
• 0xa21608 Shell_NotifyIconW
• 0xa2160c CommandLineToArgvW
• 0xa21610 SHGetSpecialFolderPathW
• 0xa21614 SHChangeNotify
• 0xa21618 None
库: ole32.dll:
• 0xa21a54 CoTaskMemFree
• 0xa21a58 CoTaskMemRealloc
• 0xa21a5c CoInitializeSecurity
• 0xa21a60 CoInitializeEx
• 0xa21a64 CoTaskMemAlloc
• 0xa21a68 OleInitialize
• 0xa21a6c CoCreateInstance
• 0xa21a70 CoInitialize
• 0xa21a74 CoUninitialize
• 0xa21a78 CoCreateGuid
• 0xa21a7c CreateStreamOnHGlobal
• 0xa21a80 OleSetContainedObject
• 0xa21a84 OleUninitialize
• 0xa21a88 OleCreate
库: OLEAUT32.dll:
• 0xa215a0 SysStringByteLen
• 0xa215a4 VariantClear
• 0xa215a8 SysAllocString
• 0xa215ac SysAllocStringByteLen
• 0xa215b0 VarUI4FromStr
• 0xa215b4 SysStringLen
• 0xa215b8 VariantChangeType
• 0xa215bc VariantCopy
• 0xa215c0 VariantInit
• 0xa215c4 SysFreeString
库: VERSION.dll:
• 0xa21910 GetFileVersionInfoSizeW
• 0xa21914 VerQueryValueW
• 0xa21918 GetFileVersionInfoW
库: PSAPI.DLL:
• 0xa215cc GetProcessMemoryInfo
• 0xa215d0 GetModuleFileNameExW
• 0xa215d4 GetModuleInformation
库: WS2_32.dll:
• 0xa219c4 WSAGetLastError
• 0xa219c8 WSASetLastError
• 0xa219cc setsockopt
• 0xa219d0 recv
• 0xa219d4 ioctlsocket
• 0xa219d8 getservbyport
• 0xa219dc gethostbyaddr
• 0xa219e0 ntohs
• 0xa219e4 inet_addr
• 0xa219e8 WSACleanup
• 0xa219ec bind
• 0xa219f0 getpeername
• 0xa219f4 getsockname
• 0xa219f8 getsockopt
• 0xa219fc __WSAFDIsSet
• 0xa21a00 select
• 0xa21a04 accept
• 0xa21a08 listen
• 0xa21a0c recvfrom
• 0xa21a10 sendto
• 0xa21a14 htons
• 0xa21a18 htonl
• 0xa21a1c inet_ntoa
• 0xa21a20 gethostname
• 0xa21a24 gethostbyname
• 0xa21a28 WSAStartup
• 0xa21a2c connect
• 0xa21a30 socket
• 0xa21a34 send
• 0xa21a38 shutdown
• 0xa21a3c closesocket
• 0xa21a40 getservbyname
库: SHLWAPI.dll:
• 0xa21620 StrStrIW
• 0xa21624 StrToIntW
• 0xa21628 StrCmpIW
• 0xa2162c SHDeleteKeyW
• 0xa21630 StrCSpnW
• 0xa21634 PathFileExistsW
库: SETUPAPI.dll:
• 0xa215dc SetupDiGetDeviceInstanceIdW
• 0xa215e0 SetupDiEnumDeviceInfo
• 0xa215e4 SetupDiDestroyDeviceInfoList
• 0xa215e8 SetupDiGetClassDevsExW
• 0xa215ec SetupDiOpenDevRegKey
.text
`.rdata
@.data
.rsrc
@.reloc
Glh`5@
T$ Rj
D$(Pj
T$`Rj
T$LRj
T$@Rj
L$$Qj
T$$Rj
|$LPE
L$,Qj
L$8Sj
T$(Rj
|$$Wj
访问主机纪录 (可点击查询WPING实时安全评级)
无主机纪录.
TCP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 49158 | 23.78.141.146 | 80 |
UDP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 59401 | 192.168.122.1 | 53 |
域名解析 (可点击查询WPING实时安全评级)
无域名信息.
TCP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 49158 | 23.78.141.146 | 80 |
UDP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 59401 | 192.168.122.1 | 53 |
HTTP 请求
| URI | HTTP数据 |
|---|---|
| URL专业沙箱检测 -> http://acroipm.adobe.com/11/rdr/CHS/win/nooem/none/message.zip | GET /11/rdr/CHS/win/nooem/none/message.zip HTTP/1.1 Accept: */* If-Modified-Since: Mon, 08 Nov 2017 08:44:36 GMT User-Agent: IPM Host: acroipm.adobe.com Connection: Keep-Alive Cache-Control: no-cache |
SMTP 流量
无SMTP流量.
IRC 流量
无IRC请求.
ICMP 流量
无ICMP流量.
CIF 报告
无 CIF 结果
网络警报
无警报
TLS
No TLS
Suricata HTTP
No Suricata HTTP
未发现网络提取文件
抱歉! 没有任何文件投放。
没有发现相似的分析.
| HTML 总结报告 (需15-60分钟同步) |
下载 |
|---|
Processing ( 36.939 seconds )
- 13.368 Static
- 12.184 Suricata
- 4.034 VirusTotal
- 2.655 NetworkAnalysis
- 2.429 TargetInfo
- 1.971 AnalysisInfo
- 0.226 peid
- 0.036 BehaviorAnalysis
- 0.022 config_decoder
- 0.012 Strings
- 0.002 Memory
Signatures ( 1.431 seconds )
- 1.345 md_url_bl
- 0.013 antiav_detectreg
- 0.008 md_domain_bl
- 0.006 antiav_detectfile
- 0.006 infostealer_ftp
- 0.005 anomaly_persistence_autorun
- 0.004 geodo_banking_trojan
- 0.004 ransomware_extensions
- 0.004 ransomware_files
- 0.003 tinba_behavior
- 0.003 antianalysis_detectreg
- 0.003 infostealer_bitcoin
- 0.003 infostealer_im
- 0.003 network_http
- 0.002 rat_nanocore
- 0.002 api_spamming
- 0.002 antivm_vbox_files
- 0.002 disables_browser_warn
- 0.002 infostealer_mail
- 0.001 stealth_decoy_document
- 0.001 betabot_behavior
- 0.001 cerber_behavior
- 0.001 stealth_timeout
- 0.001 bot_drive
- 0.001 bot_drive2
- 0.001 browser_security
- 0.001 modify_proxy
- 0.001 maldun_malicious_drop_executable_file_to_temp_folder
- 0.001 md_bad_drop
- 0.001 network_cnc_http
Reporting ( 0.516 seconds )
- 0.516 ReportHTMLSummary
| Task ID | 717079 |
|---|---|
| Mongo ID | 63d339c37e769a7a57f3e0fe |
| Cuckoo release | 1.4-Maldun |
沪公网安备 31011502009736号