Sample details: dc888e27856d11bcfeffcad74b7f6559 --

Hashes
MD5: dc888e27856d11bcfeffcad74b7f6559
SHA1: 498a47758de54051aa5c8a7ed4258dd76be149a2
SHA256: ff7a9887b4be7b9b728b46ef18e73a53356cf7a9311e93298877145bc21f8db9
SSDEEP: 12288:piGT/dEtESNWNxoMPU3xohL0DKazBuKHbjjiXiYR5nWFpPoS56YgnN:p7VbSNWzo0U3yhwBnHvjiXobD6YgN
Details
File Type: PE32
Yara Hits
YRP/Armadillo_v171 | YRP/Microsoft_Visual_Cpp_v60 | YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional | YRP/Microsoft_Visual_Cpp_50 | YRP/Microsoft_Visual_Cpp_v50v60_MFC | YRP/Armadillo_v171_additional | YRP/Armadillo_v4x | YRP/Microsoft_Visual_Cpp | YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasRichSignature | YRP/with_images | YRP/without_attachments | YRP/with_urls | YRP/domain | YRP/IP | YRP/url | YRP/contentis_base64 | YRP/network_http | YRP/screenshot | YRP/keylogger | YRP/win_registry | YRP/win_private_profile | YRP/win_files_operation | YRP/win_hook | YRP/Big_Numbers1 | YRP/MD5_Constants | YRP/DES_sbox | YRP/BASE64_table | YRP/VC8_Random | YRP/Str_Win32_Winsock2_Library | YRP/Str_Win32_Wininet_Library | YRP/Str_Win32_Internet_API | YRP/Str_Win32_Http_API | YRP/UPX | YRP/suspicious_packer_section |
Parent Files
7117700ff5084ee02b235dbb0303e14d
Strings
		!This program cannot be run in DOS mode.
`.rdata
@.data
SVWSQRV3
rocA9F
uRFGHt
@hUUUUh
T$Du	f
t(ENEN;
L$$_^]
T$$_^]
D$$_^]
D$0UVW
t!< t	<
L$$_^]d
D$4SUV
L$89l$8}
D$(t,;
D$$~9+
F\_^][
T$Hhx}L
L$$_^d
L$@^[d
9L$x~e
D$PQRP
D$hRPQ
D$<duK
L$T_^][d
L$lRVQ
D$4pZK
D$hQRP
D$hQRP
T$pPQR
\$8UVW
L$DPQj
	9oTtc
\$8UVW
L$DPQj
	9oTtc
L$ _^d
W9^du-
L$ PQh
L$L_^][d
L$D_^][d
L$@RUQ
L$|_^][d
L$|_^][d
L$|_^][d
L$(VQRSP
L$4_^[d
V#D$,WPQ
D$@UPQ
T$XUSR
L$@PQR
D$HUSj
L$x_^d
D$(SUV
T$8RWj
L$ _^][d
l$<VWj
L$(VQVj
L$(UUh
t$LUPh
o0SSSSU
D$dSUVW
D$@WPS
L$`_^][d
D$,RVh
D$HUPQ
\$PVUUS
D$hSUV3
D$,Pj<j
L$h_^][d
L$X_^d
t$ 90t
L$4S+L$0Qj
D$LPUj
D$ PQR
D$89Vdu
FpHt&Ht
D$LUSWP
L$$_^][d
L$,_[3
L$,_[3
L$(WQR
QQUWSS
L$P_]^[d
T$\PQR
D$hUPQ
D$ thK
L$<PQVV
D$ thK
L$<SQR
T$<RVW
T$lPRh
T$ SRh
9l$xtU9
u29l$xu,
L$XSQh
D$,SPh
T$,SRh
T$,SRh
T$,SRh
t$(SSh
t$$RVP
|$,RPQ
L$H][d
L$HSUVWP
D$XPQU
l$lh BL
T$,h0BL
D$8VPQ
T$ SWRP
L$L_^]3
t%RSQP
XY[Z[]
~'PSQR
\$<VW3
L$4_^3
D$XQRWP
D$dQUWRP
D$0WPQ
T$$+D$4
L$L^[d
9^xu5j
L$X_^]3
h9n`u;
D$8RPj
T$DQRU
D$PRPQ
L$TSWQ
l$HQRVU
D$H_^][
\$lUV3
L$h_^]3
T$\jdSR
L$Hj&Q
;t$Xu";\$\u
L$DSVQ
L$,_^]3
L$$_^][d
L$0PQS
L$ ]_^
L$ QSR
D$TVPW
D$TRPW
D$ \hK
t$XWVS
L$(PVQ
L$,RPQ
T$ PQWWR
D$DSWRPQ
T$\URP
l$@VW3
L$8_^][d
u"8D$yu
D$(_^][
8MThdu
~P9~Pun
t&9^$t
F(9V8tQ
F<_^][
F<_^][
|$@ Wu
|$D UV
L$8^]_3
@;l$\~Z
L$X;L$
uh9^8uX
F89^8u&j
N$~	WU
L$T_^][d
L$L_^][d
D$,;\$|
L$0PQR
PQj WUS
T$dPQR
L$l_^][d
L$8WPQR
T$DQSR
D$49D$$}
T$\;D$Xu
9nPu	9^T
L$(PQR
T$,RQP
T$(PQR
L$x_^][d
L$l_^][d
L$LPQR
D$<duK
D$LthK
D$dPQV
L$(SUV
L$4WPQR
D$ |2;
L$@_^][d
u._^][
L$ WPQ
T$,RQP
L$\_^][d
L$@RQj
D$@RPQj
L$T_^]d
FD uy9D$$}s
FD@ul9L$(}f
L$P_^d
L$\_^][d
;D$xt&
9D$$t+
L$D_]d
L$ ^][d
D$$QUP
D$ duK
L$|_^][d
L$t][d
D$$SUV
D$DURP
RVPUSQ
L$$_^][d
j VUPWQ
T$(QVURWP
L$,_^][d
D$$_^[
D$$_^[
L$4VQUP
L$$_^][d
L$4UQWP
L$$_^][d
T$0SUV
L$(_^][d
T$8QRP
L$(_^][d
L$8_^][d
|$LtE;
t$PPVS
L$8_^][d
T$\WVR
jBWVSSQ
D$(_^]
\$ PQV
L$$_^][d
L$H_^][d
T$DWRh
L$0PQR
L$0PQR
L$0PQR
L$pRPQ
D$hQRP
L$@_^][d
L$(RPQ
NTRPQj
L$(RPQ
T$(PQR
D$(QRP
T$DPQRW
L$<RPQW
L$T_^]
Nh;NX|
Vh;VX|
Fxt_;FTu@
Nh;NX|
P$RWPh
SWVVVRPV
L$$^]d
L$D_^[d
T$,hx}L
T$(Qhx}L
T$(Qhx}L
T$(Qhx}L
L$,hx}L
T$,hx}L
L$t_^d
D$<thK
D$ RPUhD
L$l_^][d
L$$^[d
L$(WSR
T$0PQR
WjdjdPQh
|z;^<}uWS
L$D_^][d
L$\_^][d
It#Iu%
^l_^][
tI;Ftr
HtHHuz
V,_^[Y
D$ _^][
EHPWVS
u]9B uX
uR9BxuM
'9A`u"9
tq9~Dt
nd9~dt
u	9~@u
tS9~@uN
tRHt}H
NH_^][
T$LWUQVR
L$4WQUVS
;l$ }:
|$$}$WP
\$\}-j
O(_^][
T$H} VP
D$$= AK
T$$PRV
D$(QPW
L$,SUV
L$0SUV@W
NX9NXu 
QPSWVR
T$PQRP
D$$SUV
D$(;l$ 
\$(UVW
D$,_^]
D$(CUSWP
9o4u'V
9t$0v8
BRPj+S
@PVj,S
\$4t|Ht@H
T$ QRP
D$(PU3
L$$RPh$
D$8QRPh
D$XSUV
L$@^]d
T$0PjdR
D$0SUV
D$0SUV
D$0SUV
D$0SUV
Fdf+Fh
D$(8D*
|$ WUSV
D$$SUV
F$@;F(v
F$@@;F(v
9G4_^d
9x u	f
F8+N,+F0
N8+F,+N0
9u ^t	
9^@t53
~HWhhyK
V@W@PQ
9^Ht}3
9~@St99~8~
VVVPQR
t*Ht"Ht
Zt(Ht Ht
HtYHt6H
@u+;t$
QQSVWj
QQSVWd
t.;t$$t(
B 02CV
C =02CVu
VC20XC00U
PPPPPPPP
^}%95`*M
uRFGHt
YHYtLHt9
tn<%t2
HHtiHtGH
HtHHt(
HtOHt)H
YYh(AL
YYF;5 
SS@SSPVSS
t#SSUP
t$$VSS
_^][YY
t/WWUPj
QQSVW3
sO;>|C;~
Y;5t*M
HHtpHHtl
<]t_G<-uA
PPPPPPPP
PPPPPPPP
QQSVWj
>:uNFV
>:u#FV
VWuBh@
t+Ht$Ht
+ttHHtd
HSVHWtgHHtF
nt2Ht#Ht
F\jLSP
u$SShe
Wj(_Wj
hWj@_;
tAhH\K
Yt&h,]K
PQQQQQ
t	9p$u
PPPPhd
tvWWWWU
F,_^][
tSh0bK
t	9A8u
(wqt\HHtS
t>Ht Ht
QSUVWj
n0SSSSU
_SSSSU
Ph_^][Y
tD9_Pt?
Ht#HHt
@t4Ht1Ht_Ht
^$_^[]
F(_+F$^[;E
<A|2<Z
<A|@<Z
+tJHt:Ht*
P<PuWSV
VWtp9E
HtTHtFHt8Ht*Ht
VVUSVV
t$ PUSVV
VVUSVV
PWVWWW
N(;N,r
tq9w(tlSj
9^0u/j
F09^4u*j
F49^8u&j
^,_^][
kernel32.dll
kernel32.dll
ole32.dll
ole32.dll
kernel32.dll
kernel32.dll
kernel32.dll
kernel32
lstrcpyn
lstrcpyn
CoInitialize
CoUninitialize
MultiByteToWideChar
WideCharToMultiByte
WideCharToMultiByte
GetVolumeInformationA
CreateThread
d09f2340818511d396f6aaf844c7e325
707ca37322474f6ca841f0e224f4b620
F7FC1AE45C5C4758AF03EF19F18A395D
5014D8FA6DCA40b68FA626D8183666EB
A512548E76954B6E92C21055517615B0
4BB4003860154917BC7D8230BF4FA58A
window
ComObject
Variant
HtmlViewer
-".Z4/
EB?K]f E
o;m`U4
31yCC^}
bEp}k|
2\Gff,B]`Y
+^n_f5
h.\(%zh
7^|0un
Ac=F]Q\
"IGVZv
5G7RN(
j=RtsU
#o>I/8
>^G-(t*
w.?I%v
|lG3*Uh
2('a\v?
\W>I{t
)lq!9mq>D
<dpMqE]
eX8nE/
J_n>K\?
nC>mRQP
E3v")`
<drT{*
4%a=Nw
S&h/6%
i>ER^si
<":'	F>
TH-{LN{sK
95'lVr*TccQ
;	N,wC
,3D(Y$>
LJ-	|Z
($.\9f
S7$RhP
NI!eM:~
\d9	Ong\
73cg[#u
gs ~n=k
 TJv4VR
)="~-L
81lgpj
6&#VsM
sO'@#M{
`sdRqi
1Z5y)G
p?akCz
[gWqFD
mF@1/+vP
r?FodDA
IX^wfks
D;sTNmn
9~SkF&
V523Rt
>%d9d	g
YhrWzD
ISi7oQ;4t
p6Z+U	c
!This program cannot be run in DOS mode.
=f%4ho
G:CvfV
\r\W_N.
^u2>*}q
\,VTbm
E	m9d5N~
g5rb\]
k%jPJo
s.f}db
e^4eds
I%nUOE1!93
|F#9{J
C*m#ysv
bz49N.
ThG1sE
E4"0$(
NyLM+@q
)?:X`Z
VI$:jg|
29	hg%fpM
(V`yr(8
?~\dikh
.,v%,<
S.Ac9SR
c.(!>gM
B]ne>`6q
g|^;#|
B+X!>'
(?sQW^
BCM8]|/
	HN~\i
s+Lhn@[0/
tuZ=d&
tAKNE'
d<VC*AN
;'+GTz
bq|w1U
0.I%3s
cx;9OMq`
A6_&Zv
,wAe.kI
z&^0nZ^
@'dBbY
aiUy'%34xu
'>h.B'
3^FeL*/Y
X3:c@J
zW9#g&
q^8AVaz7
kkJ^/f`
TogslH
3X)4nYg
8G)mHFd
#5H	h"
,zQbyO
LpO1z5=
7i`xaX
&b4*~r
jYI&oh
xx0H>>
%u	d,P
,]Iqq/
+mirhj
Zk_'2=
!H\`wf/[;
#H3	_pw.
MVB9Y@x
[^dYz[
y'+xq?
F;l=cv
SxvOhqu
T*spwd
\<wp]w
qVbv=K
M\WJZZ
CE*P)$
%`#nD'
&eW?Ua}V%
S3`8P%~
Y4~mrO
QypmUH
3OyMbc
(@`"i5
@=05]vm
mC]pF~
v$/_cR
P2"Tby"
zg}ey2
PTMSrj
pS>Q2C
:+OG&X/f
`	|la:
GqW/zI
^P8QfWj
QqZmLz
2+uGer
d+Tg`V
|Cu	{M
dO!&_(L
pgp3 ~~~
<EV#/'
2mFyf:
|CkD -
k`,l~MK3
zqol#6#0L
lRZm?P
3;a~l(I
BOEi	H
T`Ju#r)6^J
Fv1?r@
HQ[1AH
O]-`]_
PlEaM0T
fF^E	s
K|Ky\@V
13:`cK&VM
^>E<&f	
;x#3:K_
V;vGWR
Gnvax/
axZ!7}h
x7(8D#
^**9;LY
*tVU[T#
xe%CNs
_[Qdte
;=77WE
t8VQ2\
9F.cLe
NOW=\y
_7hE]m
F^Vp}!;
Z~'<5d
hJK.ZH
O/";_)
fZnF)M
*omj Y
#A3*Vs
Z6w}oz
vn2}sp
65JSSe
\Uc4~_
0<E*9Uu
6]on<X<
'	I vi
R?~?&_&
j*mI~1
(DA/Rv
h+c"gf
K/k]-kD
x>K7GZ
HpO9'+
A{JZ%{
7,QM1A
N'Uth='z
t$t#t$l
D$t#D$h
D$t+D$\
.)D$H)
s`)L$4
D$t+D$\
9l$\w_
XPTPSW
KERNEL32.DLL
COMCTL32.dll
GDI32.dll
MSIMG32.dll
MSVCRT.dll
MSVFW32.dll
USER32.dll
LoadLibraryA
GetProcAddress
VirtualProtect
VirtualAlloc
VirtualFree
ImageList_Draw
BitBlt
TransparentBlt
DrawDibOpen
SkinH_EL.dll
SkinH_AdjustAero
SkinH_AdjustHSV
SkinH_Attach
SkinH_AttachEx
SkinH_AttachExt
SkinH_AttachRes
SkinH_AttachResEx
SkinH_Detach
SkinH_DetachEx
SkinH_GetColor
SkinH_LockUpdate
SkinH_Map
SkinH_NineBlt
SkinH_SetAero
SkinH_SetBackColor
SkinH_SetFont
SkinH_SetFontEx
SkinH_SetForeColor
SkinH_SetMenuAlpha
SkinH_SetTitleMenuBar
SkinH_SetWindowAlpha
SkinH_SetWindowMovable
SkinH_VerifySign
SkinH_AttachRes
SkinH_AdjustHSV
@abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
.seojee.com/new/info.txt
http://
.seojee.com/new/dxc.txt
.seojee.com/new/one.txt
WinHttp.WinHttpRequest.5.1
@SetTimeouts
SetProxy
SetProxyCredentials
Option
Accept: */*
Accept-Language: zh-cn
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)
Content-Type: application/x-www-form-urlencoded
Referer: 
Cookie
SetRequestHeader
ResponseBody
GetallResponseHeaders
Location:
Set-Cookie
Set-Cookie:
=deleted
.seojee.com/new/ip.asp
&sd=ver12.2-
&time=
&sd=ver12.3&name=
?date=
QQ1003175
http://open.baidu.com/special/time/
window.baidu_time(
@ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/
C:\Program Files\
kernel32.dll
ole32.dll
kernel32
lstrcpyn
CoInitialize
CoUninitialize
MultiByteToWideChar
WideCharToMultiByte
GetVolumeInformationA
CreateThread
|?5^<@
BKbhTb~XBK!;
?u='@^
								
UUUUUU
CNotSupportedException
CMemoryException
CException
CMemFile
CTempGdiObject
CTempDC
CPalette
CBitmap
CBrush
CGdiObject
CPaintDC
CWindowDC
CClientDC
CUserException
CResourceException
CDialog
MS Sans Serif
MS Shell Dlg
CTempWnd
AfxOldWndProc423
AfxWnd42s
AfxControlBar42s
AfxMDIFrame42s
AfxFrameOrView42s
AfxOleControl42s
GetMonitorInfoA
EnumDisplayMonitors
MonitorFromPoint
MonitorFromRect
MonitorFromWindow
GetSystemMetrics
USER32
commctrl_DragListMsg
Afx:%x:%x:%x:%x:%x
Afx:%x:%x
InitCommonControlsEx
COMCTL32.DLL
CPtrArray
CComboBox
CButton
CStatic
CFileDialog
CStringArray
CWinApp
PreviewPages
Settings
CTempImageList
CImageList
CProgressCtrl
CArchiveException
CSharedFile
CCmdTarget
CWinThread
CTempMenu
combobox
CDWordArray
CWordArray
CFileException
CMapPtrToPtr
CToolTipCtrl
tooltips_class32
CColorDialog
UNLINK
DELETE
CObject
COleDispatchException
CByteArray
COleException
System
commdlg_SetRGBColor
commdlg_help
commdlg_ColorOK
commdlg_FileNameOK
commdlg_ShareViolation
commdlg_LBSelChangedNotify
CPtrList
software
CSyncObject
CCriticalSection
CMapStringToPtr
RichEdit Text and Objects
Rich Text Format
FileNameW
FileName
Link Source Descriptor
Object Descriptor
Link Source
Embed Source
Embedded Object
ObjectLink
OwnerLink
Native
COleBusyDialog
COleDialog
%2\CLSID
%2\Insertable
%2\protocol\StdFileEditing\verb\0
%2\protocol\StdFileEditing\server
CLSID\%1
CLSID\%1\ProgID
CLSID\%1\InprocHandler32
ole32.dll
CLSID\%1\LocalServer32
CLSID\%1\Verb\0
&Edit,0,2
CLSID\%1\Verb\1
&Open,0,2
CLSID\%1\Insertable
CLSID\%1\AuxUserType\2
CLSID\%1\AuxUserType\3
CLSID\%1\DefaultIcon
CLSID\%1\MiscStatus
CLSID\%1\InProcServer32
CLSID\%1\DocObject
%2\DocObject
CLSID\%1\Printable
CLSID\%1\DefaultExtension
%9, %8
H:mm:ss
dddd, MMMM dd, yyyy
M/d/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
__GLOBAL_HEAP_SELECTED
__MSVCRT_HEAP_SELECT
runtime error 
TLOSS error
SING error
DOMAIN error
- unable to initialize heap
- not enough space for lowio initialization
- not enough space for stdio initialization
- pure virtual function call
- not enough space for _onexit/atexit table
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
- not enough space for thread data
abnormal program termination
- not enough space for environment
- not enough space for arguments
- floating point not loaded
Microsoft Visual C++ Runtime Library
Runtime Error!
Program: 
<program name unknown>
GAIsProcessorFeaturePresent
KERNEL32
_hypot
`h````
ppxxxx
(null)
SunMonTueWedThuFriSat
JanFebMarAprMayJunJulAugSepOctNovDec
GetLastActivePopup
GetActiveWindow
MessageBoxA
user32.dll
1#QNAN
1#SNAN
+ LOOP 
Dw=|:s
RasGetConnectStatusA
RasHangUpA
RASAPI32.dll
GetAdaptersInfo
iphlpapi.dll
SHLWAPI.dll
MPR.dll
midiStreamRestart
midiStreamClose
midiOutReset
midiStreamStop
midiStreamOut
midiOutPrepareHeader
midiStreamProperty
midiStreamOpen
midiOutUnprepareHeader
waveOutOpen
waveOutGetNumDevs
waveOutClose
waveOutReset
waveOutPause
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
WINMM.dll
WS2_32.dll
VERSION.dll
CloseHandle
WaitForSingleObject
CreateProcessA
GetTickCount
GetCommandLineA
MulDiv
GetProcAddress
GetModuleHandleA
GetVolumeInformationA
SetCurrentDirectoryA
GetFileAttributesA
FindClose
FindFirstFileA
GlobalUnlock
GlobalLock
GlobalAlloc
CreateEventA
CreateThread
WritePrivateProfileStringA
GetVersionExA
lstrlenW
lstrlenA
LoadLibraryA
FreeLibrary
GetFullPathNameA
GetUserDefaultLCID
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
GlobalReAlloc
FindNextFileA
lstrcpyA
WinExec
lstrcatA
InitializeCriticalSection
DeleteCriticalSection
GlobalFree
GlobalSize
ExitProcess
GetCurrentThreadId
GetModuleFileNameA
LockResource
LoadResource
FindResourceA
SetEvent
CreateFileA
WaitForMultipleObjects
GetLastError
ReadFile
WriteFile
GetProfileStringA
LeaveCriticalSection
EnterCriticalSection
ReleaseSemaphore
ResumeThread
CreateSemaphoreA
FileTimeToSystemTime
GetTimeZoneInformation
SetLastError
Process32Next
Process32First
CreateToolhelp32Snapshot
SetFilePointer
GetFileSize
GetCurrentProcess
TerminateProcess
MultiByteToWideChar
GetVersion
KERNEL32.DLL
WaitForInputIdle
wsprintfA
CloseClipboard
GetClipboardData
OpenClipboard
SetClipboardData
EmptyClipboard
GetSystemMetrics
GetCursorPos
MessageBoxA
MessageBeep
SetWindowPos
SendMessageA
DestroyCursor
SetParent
IsWindow
PostMessageA
GetTopWindow
GetParent
GetFocus
GetClientRect
InvalidateRect
ValidateRect
UpdateWindow
EqualRect
GetWindowRect
SetForegroundWindow
DestroyMenu
IsChild
ReleaseDC
IsRectEmpty
FillRect
SetCursor
LoadCursorA
SetCursorPos
SetActiveWindow
GetSysColor
SetWindowLongA
GetWindowLongA
RedrawWindow
EnableWindow
IsWindowVisible
OffsetRect
PtInRect
DestroyIcon
IntersectRect
SetRect
InflateRect
SetScrollPos
SetScrollRange
GetScrollRange
SetCapture
GetCapture
ReleaseCapture
SetTimer
KillTimer
WinHelpA
LoadBitmapA
CopyRect
ChildWindowFromPointEx
ScreenToClient
GetMessagePos
SetWindowRgn
DestroyAcceleratorTable
GetWindow
GetActiveWindow
SetFocus
IsIconic
PeekMessageA
SetMenu
GetMenu
DefWindowProcA
GetClassInfoA
DeleteMenu
GetSystemMenu
IsZoomed
PostQuitMessage
CopyAcceleratorTableA
GetKeyState
TranslateAcceleratorA
IsWindowEnabled
ShowWindow
LoadImageA
EnumDisplaySettingsA
ClientToScreen
EnableMenuItem
GetSubMenu
GetDlgCtrlID
CreateAcceleratorTableA
CreateMenu
ModifyMenuA
AppendMenuA
CreatePopupMenu
DrawIconEx
CreateIconFromResource
CreateIconFromResourceEx
RegisterClipboardFormatA
SetRectEmpty
DispatchMessageA
GetMessageA
WindowFromPoint
DrawFocusRect
DrawEdge
DrawFrameControl
LoadIconA
TranslateMessage
SystemParametersInfoA
SetWindowTextA
GetDesktopWindow
GetClassNameA
GetDlgItem
GetWindowTextA
USER32.dll
GetDeviceCaps
GetTextExtentPoint32A
RoundRect
GetCurrentObject
DPtoLP
LPtoDP
Rectangle
Ellipse
CreateCompatibleDC
BitBlt
StartPage
StartDocA
DeleteDC
EndDoc
EndPage
GetObjectA
GetStockObject
CreateFontIndirectA
CreateSolidBrush
CombineRgn
CreateRectRgn
FillRgn
PatBlt
CreatePen
SelectObject
CreateBitmap
CreateDCA
CreateCompatibleBitmap
GetPolyFillMode
GetStretchBltMode
GetROP2
GetBkColor
GetBkMode
GetTextColor
CreateRoundRectRgn
CreateEllipticRgn
PathToRegion
EndPath
BeginPath
GetWindowOrgEx
GetViewportOrgEx
GetWindowExtEx
GetDIBits
RealizePalette
SelectPalette
StretchBlt
CreatePalette
GetSystemPaletteEntries
CreateDIBitmap
DeleteObject
SelectClipRgn
CreatePolygonRgn
GetClipRgn
SetStretchBltMode
CreateRectRgnIndirect
SetBkColor
GDI32.dll
ClosePrinter
DocumentPropertiesA
OpenPrinterA
WINSPOOL.DRV
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegQueryValueA
RegCreateKeyExA
ADVAPI32.dll
ShellExecuteA
Shell_NotifyIconA
SHELL32.dll
OleRun
CoCreateInstance
CLSIDFromString
OleUninitialize
OleInitialize
ole32.dll
OLEAUT32.dll
ImageList_Destroy
COMCTL32.dll
oledlg.dll
WSOCK32.dll
InternetOpenA
InternetCloseHandle
InternetSetOptionA
InternetConnectA
InternetReadFile
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetCrackUrlA
InternetCanonicalizeUrlA
WININET.dll
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
LocalFree
FormatMessageA
FileTimeToLocalFileTime
lstrcpynA
DuplicateHandle
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetThreadLocale
lstrcmpiA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
lstrcmpA
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
TlsSetValue
LocalReAlloc
TlsGetValue
GetFileTime
GetCurrentThread
GlobalFlags
SetErrorMode
GetProcessVersion
GetCPInfo
GetOEMCP
GetStartupInfoA
RtlUnwind
GetSystemTime
GetLocalTime
RaiseException
HeapSize
GetACP
SetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
SetEnvironmentVariableA
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
IsBadReadPtr
IsBadCodePtr
InterlockedExchange
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
RegisterWindowMessageA
GetForegroundWindow
GetLastActivePopup
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetScrollPos
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
ScrollWindowEx
IsDialogMessageA
MoveWindow
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
CharNextA
SetWindowContextHelpId
MapDialogRect
LoadStringA
GetSysColorBrush
GetNextDlgGroupItem
PostThreadMessageA
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
ExcludeClipRect
MoveToEx
LineTo
ExtSelectClipRgn
GetViewportExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextMetricsA
GetMapMode
GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA
comdlg32.dll
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
UnregisterClassA
.PAVCException@@
.PAVCNotSupportedException@@
.PAVCFileException@@
 (*.prn)|*.prn|
 (*.*)|*.*||
Shell32.dll
Mpr.dll
Advapi32.dll
User32.dll
Gdi32.dll
Kernel32.dll
\shell\open\command
mailto:
DISPLAY
OpenDatabase
CloseDatabase
GetConnectString
GetTabList
DllUnregisterServer
DllRegisterServer
DEFAULT_ICON
RemovePlayer
	WG!2S(
Nyt2S	W	w	w
L23fff&ff
?fff&ff23
CWinFormUnit
WTWindow
bcdfghijklmnpqrstuvwxyz
abcddefghijklmnoopqrrsstuvvwwxyyz;
,1"52.*
(&07-034/)7 '
hgjlkbrfzaoe
5	!	!	!	!
	!	!	!	!	
	6	6	6	6
	6	6	6	6	6	6	6	6	6	6	,	,	,	,	,	,	,	,	+	+	+	+	+	/	/	/	'	'	'	'	'	'	'	'	'	'	(	(	(	(	(	(	(	(	(	(	(	(	(	
	7	7	7	7	7	7	7	7	7	7	7	*	*	-	-	-	-
	2	5	5	5	5	5
	5	5	5
?? / %d]
%d / %d]
 (*.*)|*.*||
 (*.WAV;*.MID)|*.WAV;*.MID|WAV
 (*.WAV)|*.WAV|MIDI
 (*.MID)|*.MID|
 (*.txt)|*.txt|
 (*.*)|*.*||
Ctrl+Shift+F12
Ctrl+Shift+F11
Ctrl+Shift+F10
Ctrl+Shift+F9
Ctrl+Shift+F8
Ctrl+Shift+F7
Ctrl+Shift+F6
Ctrl+Shift+F5
Ctrl+Shift+F4
Ctrl+Shift+F3
Ctrl+Shift+F2
Ctrl+Shift+F1
Shift+F12
Shift+F11
Shift+F10
Shift+F9
Shift+F8
Shift+F7
Shift+F6
Shift+F5
Shift+F4
Shift+F3
Shift+F2
Shift+F1
Ctrl+F12
Ctrl+F11
Ctrl+F10
Ctrl+F9
Ctrl+F8
Ctrl+F7
Ctrl+F6
Ctrl+F5
Ctrl+F4
Ctrl+F3
Ctrl+F2
Ctrl+F1
Ctrl+Z
Ctrl+Y
Ctrl+X
Ctrl+W
Ctrl+V
Ctrl+U
Ctrl+T
Ctrl+S
Ctrl+R
Ctrl+Q
Ctrl+P
Ctrl+O
Ctrl+N
Ctrl+M
Ctrl+L
Ctrl+K
Ctrl+J
Ctrl+I
Ctrl+H
Ctrl+G
Ctrl+F
Ctrl+E
Ctrl+D
Ctrl+C
Ctrl+B
Ctrl+A
 (*.JPG;*.BMP;*.GIF;*.ICO;*.CUR)|*.JPG;*.BMP;*.GIF;*.ICO;*.CUR|JPG
 (*.JPG)|*.JPG|BMP
 (*.BMP)|*.BMP|GIF
 (*.GIF)|*.GIF|
 (*.ICO)|*.ICO|
 (*.CUR)|*.CUR|
 (*.*)|*.*||
devices
windows
device
MGridCells
CColourPicker
out.prn
%d / %d
 %d/%d 
 %d/%d 
Bogus message code %d
(%d-%d):
JPEGMEM
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
.PAVCException@@
Accept: */*
Accept: */* 
HTTP/1.0
gb2312
us-ascii
=?gb2312?B?
ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/
%s <%s>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Content-type: text/plain; charset="
MIME-Version: 1.0
Content-type: multipart/mixed; boundary="#BOUNDARY#"
Reply-To: %s
From: %s
To: %s
Subject: %s
Date: %s
From: %s
To: %s
Cc: %s
Subject: %s
Date: %s
%a, %d %b %Y %H:%M:%S 
%+.2d%.2d
%02X-%02X-%02X-%02X-%02X-%02X
Caption
StatusText
 (*.htm;*.html)|*.htm;*.html
Silent
Offline
FontSize
MousePointer
disable
visible
height
	LLLLLK
.PAVCException@@
;3+#>6.&
'2, /+0&7!4-)1#
incompatible version
buffer error
insufficient memory
data error
stream error
file error
stream end
need dictionary
.PAVCOleException@@
.PAVCObject@@
.PAVCSimpleException@@
.PAVCMemoryException@@
.?AVCObject@@
.?AVCException@@
.?AVCSimpleException@@
.?AVCMemoryException@@
.?AVCNotSupportedException@@
.?AVCFile@@
.?AVCFileException@@
.?AVCMemFile@@
.?AVCDC@@
.?AVCClientDC@@
.?AVCWindowDC@@
.?AVCPaintDC@@
.?AVCGdiObject@@
.?AVCPen@@
.?AVCBrush@@
.?AVCTempDC@@
.?AVCTempGdiObject@@
.PAVCResourceException@@
.PAVCUserException@@
.?AVCResourceException@@
.?AVCUserException@@
.?AVCCmdTarget@@
.?AVCWnd@@
.?AVCDialog@@
.?AVCCmdUI@@
.?AVCTestCmdUI@@
.?AVCTempWnd@@
.?AVCNoTrackObject@@
.?AV_AFX_CTL3D_STATE@@
.?AVCPtrArray@@
.?AVCStatic@@
.?AVCButton@@
.?AVCComboBox@@
.?AVCEdit@@
.?AV_AFX_CHECKLIST_STATE@@
.?AVCBitmap@@
.?AVCRgn@@
.?AVCCommonDialog@@
.?AVCFileDialog@@
.?AV_AFX_THREAD_STATE@@
.?AVAFX_MODULE_STATE@@
.?AVAFX_MODULE_THREAD_STATE@@
.?AV_AFX_BASE_MODULE_STATE@@
.?AVCStringArray@@
.?AUCThreadData@@
.PAVCOleDispatchException@@
.?AV_AFX_WIN_STATE@@
.?AVCWinThread@@
.?AVCWinApp@@
.?AVCProgressCtrl@@
.?AVCImageList@@
.?AVCTempImageList@@
.PAVCArchiveException@@
.?AVCArchiveException@@
.?AVCSharedFile@@
.?AV_AFX_CTL3D_THREAD@@
.?AVCMenu@@
.?AVCTempMenu@@
.?AVCDWordArray@@
.?AVCWordArray@@
.?AVCSyncObject@@
.?AVCMapPtrToPtr@@
.?AVCToolTipCtrl@@
.?AV_AFX_COLOR_STATE@@
.?AVCColorDialog@@
.?AV_AFX_SOCK_STATE@@
.?AVCCriticalSection@@
.?AVCSessionMapPtrToPtr@@
.?AUIOleWindow@@
.?AUIOleInPlaceUIWindow@@
.?AUIOleInPlaceFrame@@
.?AVXOleIPFrame@COleControlContainer@@
.?AVCOleControlContainer@@
.?AUIUnknown@@
.?AUIParseDisplayName@@
.?AUIOleContainer@@
.?AVXOleContainer@COleControlContainer@@
.?AVCFont@@
.?AVCEnumArray@@
.?AVCEnumUnknown@@
.?AVCOccManager@@
.?AUIDispatch@@
.?AVCOleDispatchException@@
.?AVCByteArray@@
.?AVCOleException@@
.?AUISequentialStream@@
.?AUIStream@@
.?AVCArchiveStream@@
.?AVCHandleMap@@
.?AVCPtrList@@
.?AVCMapStringToPtr@@
.?AUIRowsetNotify@@
.?AVXRowsetNotify@COleControlSite@@
.?AUIOleInPlaceSite@@
.?AVXOleIPSite@COleControlSite@@
.?AUINotifyDBEvents@@
.?AVXNotifyDBEvents@COleControlSite@@
.?AUIOleClientSite@@
.?AVXOleClientSite@COleControlSite@@
.?AUIBoundObjectSite@@
.?AVXBoundObjectSite@COleControlSite@@
.?AVXEventSink@COleControlSite@@
.?AVCOleControlSite@@
.?AUIPropertyNotifySink@@
.?AVXPropertyNotifySink@COleControlSite@@
.?AVXAmbientProps@COleControlSite@@
.?AUIOleControlSite@@
.?AVXOleControlSite@COleControlSite@@
.?AVCDataSourceControl@@
.?AUIEnumVOID@@
.?AVXEnumVOID@CEnumArray@@
.?AVCOleMessageFilter@@
.?AUIMessageFilter@@
.?AVXMessageFilter@COleMessageFilter@@
.?AVCOleDialog@@
.?AVCOleBusyDialog@@
.?AV_AFX_OLE_STATE@@
.?AVtype_info@@
0R>\W[
nzzpenc
eQpenc
SbpS:g:
SbpS0R
SbpS@b	gu
SbpS0R
kXEQ>\u
ck(WSbpS
-NbkSbpS(
SbpS\O
-NbkSbpS
ech1Y%
ech1Y%
OX[0R 
ech1Y%
RSbpS\O
QX[gbL
YX[(W	
N/f@b	g
l	g~b0Rdk
-N"N1Y
0dk:ghV
N*Ntepe
N*N(W%
N*N(W%
N*N(W0
N*Ncktepe
T/f&Tcknx
l	g~b0R 
[/fS_MR
g~b1Y%
<?xml version="1.0" encoding="utf-8"?>
<asmv1:assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xsi="">
<assemblyIdentity version="1.0.0.0" name=".add"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
    <security>
      <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
        <requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
      </requestedPrivileges>
    </security>
</trustInfo>
</asmv1:assembly>
!IDATx
]cI+dz
166f5`0a',!
RI%E"!!!!!!!$
^!XvktF
|L&-*`
#wy.<y
mQT)`P
xW Nu!
!!!!!!
9 """""""""""""
?TU meM
*~es%S
;n46@6Y;
vKI@*5	
I47i~BX
g8*	H+M
HFI@$P
8D$PLK 
$B$$I>p
;r,rk'8B+
:!U+++RM