Analysis Report

PE Header Static Information

Image base	0x400000
Entry point	0x47a3a0
Size of code	0x79400
Size of initialized data	0x5c00
Size of uninitialized data	0x0
Type	Executable
Subsystem	IMAGE_SUBSYSTEM_WINDOWS_GUI
Machine type	IMAGE_FILE_MACHINE_I386
Compile timestamp	2012-09-11 11:13:24

Name	Virtual Address	Virtual Size	Raw Data Size	Raw Data Offset	Flags	Entropy
.text	0x401000	0x793fb	0x79400	0x400	MEM_EXECUTE, CNT_CODE, MEM_READ	5.998130
.rdata	0x47b000	0x2e92	0x3000	0x79800	CNT_INITIALIZED_DATA, MEM_READ	5.033882
.data	0x47e000	0xd8c	0xe00	0x7c800	CNT_INITIALIZED_DATA, MEM_WRITE, MEM_READ	3.367673
.CRT	0x47f000	0x8	0x200	0x7d600	CNT_INITIALIZED_DATA, MEM_READ	0.114463
.rsrc	0x480000	0x638	0x800	0x7d800	CNT_INITIALIZED_DATA, MEM_READ	2.356490
.reloc	0x481000	0x131a	0x1400	0x7e000	CNT_INITIALIZED_DATA, MEM_DISCARDABLE, MEM_READ	5.608104

Api name	IAT Address	Thunk RVA	Thunk Offset
CoLoadLibrary	0x47b070	0x7dc78	0x7c478
CreateDataAdviseHolder	0x47b074	0x7dc7c	0x7c47c

Api name	IAT Address	Thunk RVA	Thunk Offset
GetProcAddress	0x47b000	0x7dc08	0x7c408
CopyFileW	0x47b004	0x7dc0c	0x7c40c
CreateProcessW	0x47b008	0x7dc10	0x7c410
SizeofResource	0x47b00c	0x7dc14	0x7c414
HeapDestroy	0x47b010	0x7dc18	0x7c418
EnumResourceNamesA	0x47b014	0x7dc1c	0x7c41c
FindAtomW	0x47b018	0x7dc20	0x7c420
HeapFree	0x47b01c	0x7dc24	0x7c424
GetStartupInfoA	0x47b020	0x7dc28	0x7c428
GetAtomNameA	0x47b024	0x7dc2c	0x7c42c
AddAtomA	0x47b028	0x7dc30	0x7c430
QueryPerformanceCounter	0x47b02c	0x7dc34	0x7c434
GetTickCount	0x47b030	0x7dc38	0x7c438
GetCurrentThreadId	0x47b034	0x7dc3c	0x7c43c
GetCurrentProcessId	0x47b038	0x7dc40	0x7c440
GetModuleHandleW	0x47b03c	0x7dc44	0x7c444
LocalFree	0x47b040	0x7dc48	0x7c448
LocalAlloc	0x47b044	0x7dc4c	0x7c44c
HeapCreate	0x47b048	0x7dc50	0x7c450

Api name	IAT Address	Thunk RVA	Thunk Offset
SetWindowTextA	0x47b050	0x7dc58	0x7c458
GetMenuCheckMarkDimensions	0x47b054	0x7dc5c	0x7c45c
SetPropA	0x47b058	0x7dc60	0x7c460
OemToCharBuffA	0x47b05c	0x7dc64	0x7c464
DialogBoxParamA	0x47b060	0x7dc68	0x7c468
GetActiveWindow	0x47b064	0x7dc6c	0x7c46c
SetWindowPos	0x47b068	0x7dc70	0x7c470

!This program cannot be run in DOS mode. $

`.rdata

@.data

@.rsrc

@.reloc

jpjAWU

<*+ @

hQW3SVWj

SUVWj+jB

]X-,+ @

int Progress_StepIt(hwnd)

PBM_STEPIT

int Progress_SetStep(hwnd, nStepInc)

PBM_SETSTEP

int Progress_DeltaPos(hwnd, nIncrement)

PBM_DELTAPOS

int Progress_SetPos(hwnd, nNewPos)

PBM_SETPOS

DWORD Progress_SetRange(hwnd, nMinRange, nMaxRange)

PBM_SETRANGE

In-Place Label Editing

Mouse / Keyboard Input

Search Item List

Scrolling Attributes

Reorganize or Redraw List

Column Attributes

Item Attributes

Drawing Attributes

Control Attributes

Modify Item List

HWND ListView_GetEditControl(hwndLV)

LVM_GETEDITCONTROL

HWND ListView_EditLabel(hwndLV, i)

LVM_EDITLABEL

int ListView_HitTest(hwndLV, pinfo)

LVM_HITTEST

BOOL ListView_GetISearchString(hwndLV, lpsz)

LVM_GETISEARCHSTRING

HIMAGELIST ListView_CreateDragImage(hwnd, i, lpptUpLeft)

LVM_CREATEDRAGIMAGE

int ListView_FindItem(hwnd, iStart, plvfi)

LVM_FINDITEM

int ListView_GetNextItem(hwnd, i, flags)

LVM_GETNEXTITEM

BOOL ListView_Scroll(hwndLV, dx, dy)

LVM_SCROLL

BOOL ListView_EnsureVisible(hwndLV, i, fPartialOK)

LVM_ENSUREVISIBLE

int ListView_GetCountPerPage(hwndLV)

LVM_GETCOUNTPERPAGE

int ListView_GetTopIndex(hwndLV)

LVM_GETTOPINDEX

BOOL ListView_SortItems(hwndLV, _pfnCompare, _lPrm)

LVM_SORTITEMS

BOOL ListView_Update(hwndLV, i)

LVM_UPDATE

BOOL ListView_Arrange(hwndLV, code)

LVM_ARRANGE

BOOL ListView_RedrawItems(hwndLV, iFirst, iLast)

LVM_REDRAWITEMS

BOOL ListView_SetColumnWidth(hwnd, iCol, cx)

LVM_SETCOLUMNWIDTH

int ListView_GetColumnWidth(hwnd, iCol)

LVM_GETCOLUMNWIDTH

BOOL ListView_DeleteColumn(hwnd, iCol)

LVM_DELETECOLUMN

int ListView_InsertColumn(hwnd, iCol, pcol)

LVM_INSERTCOLUMN

BOOL ListView_SetColumn(hwnd, iCol, pcol)

LVM_SETCOLUMN

BOOL ListView_GetColumn(hwnd, iCol, pcol)

LVM_GETCOLUMN

VOID ListView_SetItemText(hwndLV, i, iSubItem_, pszText_)

LVM_SETITEMTEXT

VOID ListView_GetItemText(hwndLV, i, iSubItem_, pszText_, cchTextMax_)

LVM_GETITEMTEXT

BOOL ListView_SetItemState(hwndLV, i, data, mask)

LVM_SETITEMSTATE

UINT ListView_GetItemState(hwndLV, i, mask)

LVM_GETITEMSTATE

int ListView_GetStringWidth(hwndLV, psz)

LVM_GETSTRINGWIDTH

VOID ListView_SetItemPosition32(hwndLV, i, x, y)

LVM_SETITEMPOSITION32

BOOL ListView_SetItemPosition(hwndLV, i, x, y)

LVM_SETITEMPOSITION

BOOL ListView_GetItemPosition(hwndLV, i, ppt)

LVM_GETITEMPOSITION

BOOL ListView_GetItemRect(hwnd, i, prc, code)

LVM_GETITEMRECT

BOOL ListView_SetItem(hwnd, pitem)

LVM_SETITEM

BOOL ListView_GetItem(hwnd, pitem)

LVM_GETITEM

DWORD ListView_GetItemSpacing(hwndLV, fSmall)

LVM_GETITEMSPACING

BOOL ListView_GetViewRect(hwnd, prc)

LVM_GETVIEWRECT

BOOL ListView_GetOrigin(hwndLV, ppt)

LVM_GETORIGIN

BOOL ListView_SetTextBkColor(hwnd, clrTextBk)

LVM_SETTEXTBKCOLOR

COLORREF ListView_GetTextBkColor(hwnd)

LVM_GETTEXTBKCOLOR

BOOL ListView_SetTextColor(hwnd, clrText)

LVM_SETTEXTCOLOR

COLORREF ListView_GetTextColor(hwnd)

LVM_GETTEXTCOLOR

HIMAGELIST ListView_SetImageList(hwnd, himl, iImageList)

LVM_SETIMAGELIST

HIMAGELIST ListView_GetImageList(hwnd, iImageList)

LVM_GETIMAGELIST

BOOL ListView_SetBkColor(hwnd, clrBk)

LVM_SETBKCOLOR

COLORREF ListView_GetBkColor(hwnd)

LVM_GETBKCOLOR

BOOL ListView_SetCallbackMask(hwnd, mask)

LVM_SETCALLBACKMASK

UINT ListView_GetCallbackMask(hwnd)

LVM_GETCALLBACKMASK

UINT ListView_GetSelectedCount(hwndLV)

LVM_GETSELECTEDCOUNT

VOID ListView_SetItemCount(hwndLV, cItems)

LVM_SETITEMCOUNT

int ListView_GetItemCount(hwnd)

LVM_GETITEMCOUNT

BOOL ListView_DeleteAllItems(hwnd)

LVM_DELETEALLITEMS

BOOL ListView_DeleteItem(hwnd, i)

LVM_DELETEITEM

int ListView_InsertItem(hwnd, pitem)

LVM_INSERTITEM

Set / Query Attributes

Create Icon/Cursor from Image List

Draw Images

Drag Images

Modify Image List

Create/Destroy/Save Image List

BOOL ImageList_SetIconSize(HIMAGELIST himl, int cx, int cy)

Set size of all images & clear list

BOOL ImageList_GetIconSize(HIMAGELIST himl, int FAR *cx, int FAR *cy)

Query image size

COLORREF ImageList_SetBkColor(HIMAGELIST himl, COLORREF clrBk)

Set background color

COLORREF ImageList_GetBkColor(HIMAGELIST himl)

Query background color

BOOL ImageList_GetImageInfo(HIMAGELIST himl, int i, IMAGEINFO FAR* pImageInfo)

Query bitmap handles & image size

int ImageList_GetImageCount(HIMAGELIST himl)

Query number of images

HICON ImageList_GetIcon(HIMAGELIST himl, int i, UINT flags)

HICON ImageList_ExtractIcon(hi, himl, i)

Create icon or cursor

BOOL ImageList_DrawEx(HIMAGELIST himl, int i, HDC hdcDst, int x, int y, int dx, int dy, COLORREF rgbBk, COLORREF rgbFg, UINT fStyle)

Draw with Color Blend

BOOL ImageList_Draw(HIMAGELIST himl, int i, HDC hdcDst, int x, int y, UINT fStyle)

Simple Image Draw

BOOL ImageList_DragShowNolock(BOOL fShow)

Show/hide drag image

BOOL ImageList_DragLeave(HWND hwndLock)

Unlock window

BOOL ImageList_DragEnter(HWND hwndLock, int x, int y)

Lock window

void ImageList_EndDrag()

End drag

BOOL ImageList_DragMove(int x, int y)

Move drag

BOOL ImageList_BeginDrag(HIMAGELIST himlTrack, int iTrack, int dxHotspot, int dyHotspot)

Start drag

BOOL ImageList_SetDragCursorImage(HIMAGELIST himlDrag, int iDrag, int dxHotspot, int dyHotspot)

Create cursor for dragging

HIMAGELIST ImageList_GetDragImage(POINT FAR* ppt,POINT FAR* pptHotspot)

Create temporary dragging image list

BOOL ImageList_SetOverlayImage(HIMAGELIST himl, int iImage, int iOverlay)

Identify image to use as overlay

int ImageList_ReplaceIcon(HIMAGELIST himl, int i, HICON hicon)

Replace image from an icon

BOOL ImageList_Replace(HIMAGELIST himl, int i, HBITMAP hbmImage, HBITMAP hbmMask)

Replace image from a bitmap

BOOL ImageList_RemoveAll(HIMAGELIST himl)

Remove all images

BOOL ImageList_Remove(HIMAGELIST himl, int i)

Remove image

int ImageList_AddMasked(HIMAGELIST himl, HBITMAP hbmImage, COLORREF crMask)

Add from Bitmap, masking

int ImageList_AddIcon(HIMAGELIST himl, HICON hicon)

Add from Icon

int ImageList_Add(HIMAGELIST himl, HBITMAP hbmImage, HBITMAP hbmMask)

Add from Bitmap

BOOL ImageList_Write(HIMAGELIST himl, LPSTREAM pstm)

Write to a Stream

HIMAGELIST ImageList_Read(LPSTREAM pstm)

Read from a Stream

HIMAGELIST ImageList_Merge(HIMAGELIST himl1, int i1, HIMAGELIST himl2, int i2, int dx, int dy)

Merge 2 Images & Create New Image List

HIMAGELIST ImageList_LoadImage(HINSTANCE hi, LPCSTR lpbmp, int cx, int cGrow, COLORREF crMask, UINT uType, UINT uFlags)

Create from Bitmap, Cursor, or Icon

HIMAGELIST ImageList_LoadBitmap(HINSTANCE hi, LPCSTR lpbmp, int cx, int cGrow, COLORREF crMask)

Create from Bitmap

BOOL ImageList_Destroy(HIMAGELIST himl)

Destroy

HIMAGELIST ImageList_Create(int cx, int cy, UINT flags, int cInitial, int cGrow)

Create

void HotKey_SetRules(hwnd, fwCombInv, fwModInv)

HKM_SETRULES

DWORD HotKey_GetHotKey(hwnd)

HKM_GETHOTKEY

void HotKey_SetHotKey(hwnd, bVKHotKey, bfMods)

HKM_SETHOTKEY

BOOL Header_SetItem(hwndHD, i, phdi)

HDM_SETITEM

BOOL Header_Layout(hwndHD, playout)

HDM_LAYOUT

int Header_InsertItem(hwndHD, i, phdi)

HDM_INSERTITEM

int Header_HitTest(hwndHD, phdhti)

HDM_HITTEST

int Header_GetItemCount(hwndHD)

HDM_GETITEMCOUNT

BOOL Header_GetItem(hwndHD, i, phdi)

HDM_GETITEM

BOOL Header_DeleteItem(hwndHD, i)

HDM_DELETEITEM

BOOL Animate_Seek(hwnd, frame)

Seek Frame

BOOL Animate_Close(hwnd)

Close File

BOOL Animate_Stop(hwnd)

ACM_STOP

BOOL Animate_Play(hwnd, from, to, rep)

ACM_PLAY

BOOL Animate_Open(hwnd, szName)

ACM_OPEN

United States Total

Wyoming

Wisconsin

West Virginia

Washington

Virginia

Vermont

Tennessee

South Dakota

South Carolina

Rhode Island

Pennsylvania

Oregon

Oklahoma

North Dakota

North Carolina

New York

New Mexico

New Jersey

New Hampshire

Nevada

Nebraska

Montana

Missouri

Mississippi

Minnesota

Michigan

Massachusetts

Maryland

Louisiana

Kentucky

Kansas

Indiana

Illinois

Hawaii

Georgia

Florida

Dist. of Columbia

Delaware

Connecticut

Colorado

California

Arkansas

Arizona

Alaska

Alabama

HeapAlloc

eVCZvX24kaCgWdlioE6v

eLfGg62fhu7bm

$RandStrin$

IfC4zKUDWeXg2zcSTNK

GbSQjN

DialogBoxParamA

GetMenuCheckMarkDimensions

SetPropA

SetWindowPos

GetActiveWindow

SetWindowTextA

OemToCharBuffA

USER32.dll

CreateDataAdviseHolder

CoLoadLibrary

ole32.dll

QueryPerformanceCounter

GetTickCount

GetCurrentThreadId

GetCurrentProcessId

GetProcAddress

GetModuleHandleW

LocalFree

LocalAlloc

HeapCreate

AddAtomA

GetAtomNameA

GetStartupInfoA

HeapFree

FindAtomW

EnumResourceNamesA

HeapDestroy

SizeofResource

CreateProcessW

CopyFileW

KERNEL32.dll

=!=*=5=<=R=[=i=q=}=

>#>1>V>c>l>

=G=U=]=y=

>+>7>=>i>t>~>

??(?3?>?G?b?m?x?

0:0E0S0t0z0

031>1Q1a1

242H2M2]2g2o2u2

3(313U3j3{3

3$4*4X4u4}4

5!585A5e5p5{5

6;6D6Q6]6c6

6#7+7P7X7}7

8!8G8R8[8w8

!:':-:3:Z:e:n:

;);3;O;U;f;o;

<%<.<7<I<T<b<~<

=#=J=X=r=

>2>M>[>f>

7#737]7b7~7

8$8*8V8a8o8

9H9M9]9e9

:":2:;:I:Q:]:c:

:(:1:Q:V:a:k:w:}:

;%;.;R;W;h;q;

<$<,<5<P<m<v<

=#=)=W=d=l=y=

> >*>0>8>D>S>

696G6P6Y6t6

757C7L7Y7e7k7

8$8-8N8S8^8h8t8z8

909@9Q9Y9_9e9k9

:":,:B:U:_:e:

; ;+;4;O;W;f;y;

<(<1<D<O<Z<c<~<

=)=1=?=H=d=l={=

> >/>8>T>b>k>x>

4G4R4\4x4~4

5 5+565R5`5i5r5

6,626C6L6g6r6}6

6'727@7I7d7o7z7

858C8L8V8^8d8

979B9M9V9q9|9

:&:A:O:X:e:m:

;#;J;R;w;};

<+<1<X<`<

=C=I=O=V=_=k=u=

>%><>^>f>r>~>

?"?(?X?u?}?

080U0^0k0w0}0

1'121<1a1g1x1

2(2M2S2d2m2

3<3J3S3]3i3o3

6/656@6F6L6Q6W6\6c6l6t6

=!=@=^=}=

>*>0>W>]>m>

?0?6?G?h?n?y?

0$0E0K0V0`0l0r0

1+1H1Q1Z1u1

?7?@?Z?`?e?p?v?

000;0A0K0Q0r0

1 1(1.1e1j1t1

W>r>}>

?2?M?V?h?w?}?

0+000A0G0X0h0u0~0

1)1/1@1O1Z1e1m1

2%252:2K2S2o2t2

3&3+363>3Y3d3o3w3

4-454P4^4g4o4

8$838<8W8_8n8w8

9'929<9X9^9o9x9

:2:@:I:R:m:x:

;#;,;G;R;];y;

<(<1<M<Z<c<l<

=1=7=D=O=W=e=q=}=

585E5M5n5s5~5

6.696C6h6s6~6

7E7K7V7_7q7|7

7 8&818;8S8k8y8

8!9&90969c9u9

9(:F:N:j:x:

; ;%;C;L;h;v;

;B;T;Y;c;{;

<D<I<S<`<

3&3F3N3h3p3z3

0 0$0(0,0004080<0@0D0H0L0P0T0\0`0d0h0l0p0t0x0|0

1 1$1(10141<1@1H1L1T1X1`1d1l1p1x1|1

2 2$2,20282<2D2H2P2T2\2`2h2l2t2x2

3 3(3,34383@3D3L3P3X3\3d3h3p3t3|3

4$4,444<4D4L4X4\4h4l4x4|4

585<5H5L5X5\5x5|5

6(6,686<6H6L6X6\6h6l6

7(7,7H7L7X7\7x7|7

8(8,888<8X8\8h8l8x8|8

9(9,989<9H9L9X9\9h9l9x9|9

:(:,:8:<:H:L:X:\:x:|:

;8;<;H;L;X;\;h;l;

<<(<,<8<<<H<L<X<\<h<l<x<|<