1

Тема: HTA & JScript: Resource Extractor - извлечение ресурсов из PE-файлов

Предлагаю вашему вниманию приложение Resource Extractor, которое предназначено для извлечения всех доступных ресурсов любого типа по меньшей мере в сырой (RAW) формат из PE-файлов (.exe, .dll, .ocx, ...) и из файлов некоторых других типов, перечисленных ниже в списке возможностей приложения, включая поврежденные и запакованные файлы с неприемлемыми сдвигами данных (в этом случае показаны имена ресурсов).

Приложение имеет следующие специальные возможности:

+ открыть спойлер
  • пытается незамедлительно извлечь ресурсы в виде порций бинарных данных на ваш жесткий диск рядом с файлом данного приложения, как только какой-нибудь файл брошен на приемник файлов;

  • не требует установки какого-либо стороннего программного обеспечения и поддерживает любую версию Windows, начиная с XP (возможно и 2000) с определенными ActiveX объектами, не запрещенными по умолчанию;

  • полностью написано на JScript в файле скриптового формата HTA и использует следующие ActiveX объекты: WbemScripting.SWbemLocator, WindowsInstaller.Installer, SAPI.SpFileStream, ADODB.Stream, htmlfile с возможностями XML и Shell.Explorer.2, также известный как Microsoft Web Browser;

  • тестировалось и адаптировано для Windows XP, Windows 7 и Windows 10;

  • не пишет каких-либо записей в реестр и не сохраняет каких-либо персональных данных на вашем жестком диске;

  • не выходит в сеть каким-либо другим способом, чем попыткой открыть определенные адреса по нажатию на соответствующие контактные ссылки;

  • его работа сбалансирована во время того, как оно пытается использовать как можно меньше ресурсов памяти и диска в течение своей работы;

  • работает под любой локалью (locale), включая китайскую;

  • работает с именами входящих файлов на любой локали (поддержка символов Юникода в именах);

  • работает как с 32-битными, так и с 64-битными файловыми путями;

  • использует безопасные имена для извлеченных ресурсов в формате UTF-8;

  • поддерживает вложенные папки в именах файлов для извлеченных ресурсов (низкоуровневая внутренняя особенность);

  • сортирует извлеченные ресурсы по папкам в реальном времени, основываясь на их некоторых свойствах;

  • упаковывает извлеченные ресурсы каждого типа в соответствующий TAR-архив в реальном времени с целью повышения производительности при использовании меньшего количества обращений к диску при записи и для того, чтобы иметь извлеченные ресурсы в компактном виде;

  • использует папки без даты последнего изменения для сортировки извлеченных ресурсов с целью повышения производительности (низкоуровневая внутренняя особенность);

  • извлекает все доступные ресурсы любого типа, включая поврежденные или с неверными сдвигами (показывает их имена) из файлов формата PE;

  • пытается определить расширение извлеченного ресурса в соответствии с его действительным заголовком;

  • извлекает иконки, курсоры, PNG-файлы и группы иконок и курсоров из ANI-файлов (одиночных или запакованных в PE);

  • извлекает иконки, курсоры и PNG-файлы из файла группы иконок и курсоров (одиночного или запакованного в PE);

  • извлекает иконки, курсоры и PNG-файлы из HTA-файла и других форматов, которые имеют внедренные в них при помощи команды "copy source /B" иконки или курсоры (одиночное извлечение);

  • извлекает PNG-файлы из файлов иконок или курсоров (одиночных или запакованных в PE);

  • извлекает и восстанавливает строковые данные (STRINGs) в текст формата Юникод для всех объявленных в winnt.h языков, включая корректное определение хорватского, боснийского, сербского, нижнего и верхнего сорбского (извлечение из PE);

  • преодолевает сложности с большими ID и разными языками во время извлечения иконок и курсоров (запакованных в PE; низкоуровневая внутренняя особенность);

  • корректирует данные на выходе, когда их параметры могут быть пропущены или неверны в файле ресурса;

  • использует ширину, если высота равна нулю, во время извлечения иконок и курсоров (одиночных или запакованных в PE, группы иконок и курсоров или ANI-файла);

  • использует ширину и высоту PNG-файла, если это возможно, для решения проблем с отсутствующими или неверными данными при извлечении иконок и курсоров (одиночных или запакованных в PE, группы иконок и курсоров или ANI-файла);

  • использует ширину PNG-файла, если его высота равна нулю, во время извлечения иконок и курсоров (одиночных или запакованных в PE, группы иконок и курсоров или ANI-файла);

  • использует глубину цвета 32 bit в случае, если она меньше 1 или больше 32, во время извлечения иконок и курсоров (одиночных или запакованных в PE, группы иконок и курсоров или ANI-файла);

  • сортирует курсоры, GIF-файлы и PNG-файлы по ширине и высоте;

  • сортирует иконки и BMP-файлы по ширине, высоте и глубине цвета;

  • сортирует строковые данные по основному языку;

  • сортирует ресурсы неизвестного формата по их первым 4 байтам заголовка.

Приложение демонстрирует:

  • как работать с настоящими байтами и данными в hex-формате;

  • как работать с файловыми потоками и потоками памяти в JavaScript;

  • как писать несжатые TAR-архивы;

  • как скрыть HTA во время его динамического создания;

  • как запустить HTA в виде 64-битного процесса без использования системных путей;

  • как получить часть HTML в скрипте (подход может быть также использован при написании WScript-скриптов);

  • как решить подтвержденные проблемы с немедленным вызовом <moveTo> или <resizeTo> при старте в Windows XP

  • и как передать и использовать переменные среды для процесса, созданного с помощью WMI.

Приложение имеет следующие текущие ограничения:

  • файловая сигнатура <MZ> рассматривается по умолчанию как "DLL" формат;

  • отсутствует сортировка при извлечении для известных элементов, если они обнаружены в неподходящих ресурсных секциях;

  • упакованные файлы не поддерживаются по умолчанию;

  • некоторые элементы со сложной структурой таких типов, как: ACCELERATOR, DIALOG, MENU и VERSION - не восстанавливаются, а извлекаются только в сыром (RAW) формате.

Работа с приложением.

  1. Для запуска приложения скопируйте его исходный код и сохраните его в текстовом файле, сменив его расширение на "hta".

  2. Запуск приложения осуществляется двойным нажатием, как и в случае с обычной программой.

  3. Извлекайте ресурсы из файлов соответствующих типов перетаскиванием этих файлов на приемник файлов данного приложения.

Disclaimer (отказ от ответственности).

Используйте данное приложение полностью на свой страх и риск.
Как и любое другое программное обеспечение, оно может содержать ошибки или даже представлять опасность для вашего компьютера в случае его неправильного использования.
Это приложение является бесплатным программным обеспечением, защищенным авторским правом, и я не несу никакой ответственности за любые повреждения или потерю данных, которые оно могло бы непреднамеренно нанести.
Вы можете изменять его, но, пожалуйста, оставьте комментарий с прямой ссылкой на https://tastyscriptsforfree.wix.com/page/scripts в этом случае.

Исходный код приложения:
Рекомендую использовать AkelPad для просмотра сохраненного приложения с правильными отступами.


<script>
/*
Resource Extractor v4.8.0 (h t t p s://tastyscriptsforfree.wix.com/page/scripts)
Copyright 2017-2020 Vladimir Samarets. All rights reserved.
tastyscriptsforfree@protonmail.com

Initially based on Icon Extractor by Joe Priestley (h t t p s://jsware.net)
    and its modification - IconSiphon by Dave Gilpin (h t t p://gilpin.us)
    written in VBScript.

Release date: October 15, 2020.


Use this application entirely at your own risk. As any software it could contain bugs or can be even dangerous to your computer in case of its misusage.
This application is copyrighted freeware and I am not responsible for any damage or data loss it could unintentionally cause.
You may modify it but please leave a comment with direct link to https://tastyscriptsforfree.wix.com/page/scripts in that case.


*******
Changes since the last version:
added a workaround for Windows XP to close previous HTA instance properly;
increased perfomance by excluding VBScript and using WindowsInstaller.Installer Record instead of SAPI.SpFileStream for input data processing and by taking into account
    ADODB.Stream memory restrictions especially for Windows XP;
less disk access during single extractions;
added a new case and a message part for situation when a file is too big to be processed;
corrected some mistypings in comments.

*******
The purpose of this application:
the application is intendent for extracting of all available resources of any type at least in RAW format from PE files and from some other file types listed below including corrupted or
    packed files with inappropriate data shifts (it shows resource names in that case).

*******
The application has the following special features:

it attempts to extract resources immediately as portions of binary data to your hard disk near the application file since some file is dropped on the drop target;
it requires no third party software installation and supports any Windows version since XP with certain ActiveX objects not restricted by default;
it is entirely written in JScript in HTA scripting file format and uses the following ActiveX objects: WbemScripting.SWbemLocator, WindowsInstaller.Installer, SAPI.SpFileStream,
    ADODB.Stream, htmlfile with XML features and Shell.Explorer.2 also known as Microsoft Web Browser;
it was tested and adapted for Windows XP, Windows 7 and Windows 10;
it writes no registry values and stores no personal settings on your hard disk;
its work is balanced while it tries to use as less memory and disk resources as possible during its work;
it works in any locale including Chinese;
it works for input files named in any locale (Unicode names support);
it works both for 64 and 32 bit file paths;
it uses safe UTF-8 file names for extracted resources;
it supports nested folders in file names for extracted resources (deep internal feature);
it sorts extracted resources by some of their properties by placing them in corresponding folders in real time;
it packs extracted resources of each type to corresponding TAR archive in real time in order to increase perfomance by using less disk writes and have resources in compact view;
it uses folders with no modification date for extracted resources sorting in order to increase perfomance (deep internal feature);
it extracts all available resources of any type including corrupted or improperly shifted (it shows their names) from PE format files;
it tries to detect extension of extracted resource according to its actual header;
it extracts ICOs, CURs, PNGs and groups of ICOs and CURs from ANI file (single or packed into PE);
it extracts ICOs, CURs, PNGs from ICOs or CURs group file (single or packed into PE);
it extracts ICOs, CURs, PNGs from HTA file and other formats which have icons or cursors embedded in them with "copy source /B" command (single);
it extracts PNGs from ICO or CUR file (single or packed into PE);
it extracts and reconstitutes STRINGs into Unicode TXT format for all declared in winnt.h languages including correct CROATIAN, BOSNIAN, SERBIAN, LOWER_SORBIAN and
    UPPER_SORBIAN languages detection (packed into PE);
it settles issues with big IDs and different languages during icons and cursors extraction (packed into PE; deep internal feature);
it corrects output data when its parameters could be missed or wrong in resource file;
it uses width if height is 0 during extraction of icons and cursors (single or packed into PE, ICOs and CURs group or ANI file);
it uses PNG width and height if possible to settle issues with absent or wrong data during extraction of icons and cursors (single or packed into PE, ICOs and CURs group or ANI file);
it uses PNG width if PNG height is 0 during extraction of icons and cursors (single or packed into PE, ICOs and CURs group or ANI file);
it uses 32 bit depth in case bit depth is less than 1 or greater than 32 during extraction of icons and cursors (single or packed into PE, ICOs and CURs group or ANI file);
it sorts cursors, GIFs and PNGs by width and height;
it sorts icons and bitmaps by width, height and bit count;
it sorts strings by primary language;
it sorts unknown resources by their first 4 bytes.

*******
The application demonstrates:

how to work with true bytes and hex data;
how to work with file and memory streams in JavaScript;
how to write uncompressed TAR archives;
how to hide HTA while having it dynamically created;
how to launch HTA as 64 bit without using system paths;
how to obtain HTML part in scripting (could be also used for WScript scripting);
how to deal with confirmed immediate <moveTo> or <resizeTo> issues at application start in Windows XP;
how to deal with confirmed <BeforeNavigate2> issue of Web Browser in Windows XP
and how to pass and use environment variables for process created by WMI.

*******
The application has the following current limitations:

<MZ> file signature is treated as DLL by default;
known items found in inappropriate resource sections are not sorted during extraction;
packed files are not supported by default;
some items with complex structure such as ACCELERATORs, DIALOGs, MENUs and VERSIONs are not reconstituted but extracted in RAW format only.

*******
Basic source codes, documentation and articles I used:

'IconSiphon' source code I started with that was kindly shared by Dave Gilpin along with suggestions of what to read at first;
'Icon Extractor' source code I found on JSWare and continued with;
'Resource section of PE files as relates to the icon extractor scripts from JSWare.' (from iconex.zip of Icon Extractor) by Joe Priestley
    (h t t p s://w w w.jsware.net/jsware/scrfiles.php5#iconextr);

'The Portable Executable File Format from Top to Bottom' by Randy Kath (1997)
    (h t t p://w w w.csn.ul.ie/~caolan/pub/winresdump/winresdump/doc/pefile2.html);
'Peering Inside the PE: A Tour of the Win32 Portable Executable File Format' by Matt Pietrek (March, 1994)
    (h t t p s://docs.microsoft.com/en-us/previous-versions/ms809762(v=msdn.10));
'Icons in Win32' by John Hornick (September 29, 1995)
    (h t t p s://docs.microsoft.com/en-us/previous-versions/ms997538(v=msdn.10));
'File Resource Management Library (.NET)' by Daniel Doubrovkine (September 16, 2009)
    (h t t p s://w w w.codeproject.com/Articles/27373/File-Resource-Management-Library-NET);

'Create and work with binary data in ASP/VBScript' by Antonin Foller
    (h t t p s://w w w.motobit.com/tips/detpg_BinASP/);
'Convert a binary data (BinaryRead) to a string by VBS' by Antonin Foller
    (h t t p s://w w w.motobit.com/tips/detpg_binarytostring/);
'VBS: Easy way of base64 decoding' by mozers, JSman and Xameleon (March, 2012) in Russian
    (h t t p://forum.script-coding.com/viewtopic.php?id=6957);
'VBS: ADODB.Stream analog that does not load all file into memory at once' by Xameleon and JSman (March, 2010) in Russian shows basic usage of SAPI.spFileStream
    (h t t p://forum.script-coding.com/viewtopic.php?id=4284);
'WSC: Script Component for reading file resources via r e s:// protocol' by Xameleon (February, 2017) in Russian
    (h t t p://forum.script-coding.com/viewtopic.php?id=12420);
'Extracting MSI Resources' by Joe Priestley shows basic usage of WindowsInstaller.Installer
    (h t t p s://w w w.jsware.net/jsware/msicode.php5#extres);
'"Not enough storage is available to complete this operation" when base64-encoding a zip file' discussion on stackoverflow.com describes memory restrictions
     you should be aware of while working with ADODB.Stream
    (h t t p s://stackoverflow.com/questions/41237920/not-enough-storage-is-available-to-complete-this-operation-when-base64-encodin);

'Resource Types' (May 31, 2018) by Microsoft Corporation
    (h t t p s://docs.microsoft.com/en-us/windows/win32/menurc/resource-types);

'File Format Specifications' by Jorn Daub
    (h t t p://w w w.daubnet.com/en/file-formats);
'Tutorial Aufbau von: .ani  Cursor RIFF-Dateien' by Tools and Tips in German
    (h t t p://w w w.toolsandtips.de/Tutorial/Aufbau-Animierte-Cursor.htm);
'Tutorial Aufbau von: Icon und Cursor Dateien' by Tools and Tips in German
    (h t t p://w w w.toolsandtips.de/Tutorial/Aufbau-Icon-Cursor.htm);
'Tutorial Aufbau von: DIB-, .bmp, Bitmap-Dateien' by Tools and Tips in German
    (h t t p://w w w.toolsandtips.de/Tutorial/Aufbau-Bitmap-bmp-DIB.htm);
'Tutorial Aufbau von: Ressourcen- .res-Dateien' by Tools and Tips in German
    (h t t p://w w w.toolsandtips.de/Tutorial/Aufbau-Ressource-res.htm);
'Introduce Animated Cursors to Java GUIs, Part 2' by Joseph W. Wilkinson (April 18, 2008)
    (h t t p s://w w w.informit.com/articles/article.aspx?p=1189080);
'PNG (Portable Network Graphics) Specification' by Mark Adler and others (October 01, 1996)
    (h t t p s://w w w.w3.org/TR/REC-png-961001);

'The format of string resources' by Raymond Chen (January 30, 2004)
    (h t t p s://devblogs.microsoft.com/oldnewthing/20040130-00/?p=40813);
'String Resources' by Aaron Ballman (December 08, 2011)
h t t p://blog.aaronballman.com/2011/12/string-resources/);
'winnt.h' by Microsoft Corporation;
'Using Windows Resource Language Codes for Attribution' by Tyler (December 23, 2014)
    (h t t p s://blog.korelogic.com/blog/2014/12/23/resource_language_codes);
'Windows Locale Codes - Sortable list' by Israel Hanukoglu
    (h t t p s://w w w.science.co.il/language/Locale-codes.php);
'To learn numbers of resources' discussion on stackoverflow.com
    (h t t p s://stackoverflow.com/questions/6499930/to-learn-numbers-of-resources);

'List of file signatures' (July 31, 2020)
    (h t t p s://en.wikipedia.org/wiki/List_of_file_signatures);

'tar (computing)' by ggkarir.com
    (h t t p://ggkarir.com/IT/en/107-4/tar_15240_ggkarir.html);

'VBScript Scripting Techniques: Environment Variables' by Rob van der Woude
    (h t t p s://w w w.robvanderwoude.com/vbstech_data_environment.php);
'Using Win32_ProcessStartup to change environment' post by Rico Rosenlund
    (h t t p s://microsoft.public.scripting.wsh.narkive.com/hW1GURnH/using-win32-processstartup-to-change-environment);

'VBScript Scripting Techniques: HTAs' by Rob van der Woude
    (h t t p s://w w w.robvanderwoude.com/vbstech_hta.php);
'Hacking around HTA files' by Emeric Nasi explains embedding icon into HTA
    (h t t p://blog.sevagas.com/?Hacking-around-HTA-files);

'InternetExplorer and WebBrowser objects' by Ludogovskiy Aleksander in Russian
    (h t t p s://script-coding.com/WSH/WebBrowser.html);

'Windows Script 5.6 Documentation' (script56.chm) by Microsoft Corporation
    (h t t p s://w w w.microsoft.com/en-us/download/confirmation.aspx?id=2764);
'MSDN' related documentation by Microsoft Corporation
    (h t t p s://docs.microsoft.com/en-us/);
'Binary Files and the File System Object Do Not Mix' by Eric Lippert (April 20, 2005)
    (h t t p s://docs.microsoft.com/en-us/archive/blogs/ericlippert/binary-files-and-the-file-system-object-do-not-mix);
'The Absolute Minimum Every Software Developer Absolutely, Positively Must Know About Unicode and Character Sets (No Excuses!)' by Joel Spolsky (October 8, 2003)
    (h t t p s://w w w.joelonsoftware.com/2003/10/08/the-absolute-minimum-every-software-developer-absolutely-positively-must-know-about-unicode-and-character-sets-no-excuses/);
'Currupted file in non-english locale (encoding problem?)' discussion on stackoverflow.com
    (h t t p s://stackoverflow.com/questions/57220922/currupted-file-in-non-english-locale-encoding-problem/57271085#57271085);

Windows XP BeforeNavigate2 issue:
'BUG: The BeforeNavigate2 event of the WebBrowser control does not fire if hosted in a Visual Basic .NET 2002 application'
on c-bit.net and support.microsoft.com (September 14, 2005)
    (h t t p://c-bit.net/kb/311298/EN-US/, h t t p://support.microsoft.com/kb/311298/EN-US/);
'BUG: The BeforeNavigate2 Event of WebBrowser Control Does Not Fire If Hosted in a Visual C# .NET Application'
on c-bit.net and support.microsoft.com (June 25, 2004)
    (h t t p://c-bit.net/kb/325079/EN-US/, h t t p://support.microsoft.com/kb/325079/EN-US/);

Windows XP moveTo and resizeTo issues:
'"Access is denied" by executing .hta file with JScript on Windows XP x64' discussion on stackoverflow.com (January 21, 2009)
    (h t t p s://stackoverflow.com/questions/464679/access-is-denied-by-executing-hta-file-with-jscript-on-windows-xp-x64);
'Something strange with HTAs' discussion on social.technet.microsoft.com (September 19, 2011)
    (h t t p s://social.technet.microsoft.com/Forums/officeocs/en-US/92bf1e76-ebd5-4462-bd52-533e69305a5c/something-strange-with-htas?forum=ITCG).

*******
Basic software I used:

AkelPad 4.9.8 by Aleksander Shengalts and Alexey Kuznetsov (as development environment)
    (h t t p://akelpad.sourceforge.net/en/download.php);
OLE/COM Object Viewer v2.10.059 (oleview.exe) by Charlie Kindel, Michael Nelson, and Michael Antonio (for documentation purposes);
Resource Hacker v5.1.7 by Angus Johnson (for testing purposes)
    (h t t p://w w w.angusj.com/resourcehacker/);
Restorator v3.90 by Bome Software (for testing purposes)
    (h t t p s://w w w.bome.com/products/restorator#downloads2);
PE Explorer v1.99 by Heaventools Software (for testing purposes)
    (h t t p://w w w.heaventools.com/download-pe-explorer.htm).
*/

offscreenBuffering=true;                                           //postpone the application window appearance till its UI is ready
var O=function(o){return new ActiveXObject(o);},
WSS=O('WScript.Shell'),
env=WSS.Environment('Process'),
cP=decodeURIComponent(location.pathname);       //current path
var h=document.documentElement.firstChild;         //head
if(env('is64bit'))                                                         //checks whether the application is launched as 64 bit or not and launches it as 64 bit in order to process 64 bit locations
{
    resizeTo(380,204);
    h.insertBefore(document.createElement('<hta:application maximizeButton=no border=dialog contextMenu=no selection=no innerBorder=no scroll=no>'),h.firstChild);
    document.title='Resource Extractor';
    var SF=O('WindowsInstaller.Installer').CreateRecord(1),     //source file stream
    S=O('ADODB.Stream'),                                                          //source memory stream
    CM=O('ADODB.Stream'),                                                       //common memory stream
    T=O('ADODB.Stream'),                                                          //TAR memory stream
    TF=O('SAPI.SpFileStream'),                                                  //TAR file stream

/*
    SAPI.SpMemoryStream could be easier to use because it allows writing strings along with bytes in mixed data mode <Text> without
        switching between these modes and because it allows jumps forward over unwritten bytes by using <Seek> while ADODB.Stream doesn't
        but SAPI.SpMemoryStream is dirty (not filled with zero bytes) and slower in Windows XP in case of such jumps while VBScript is also much slower
        than JScript so ADODB.Stream in JScript is used as memory stream here instead of SAPI.SpMemoryStream in VBScript.

    [
        Unfortunately, no other ActiveX objects known to me and built in any Windows by default rather than SAPI.SpFileStream or WindowsInstaller.Installer
            return true bytes one by one or return true bytes in JScript without their changes during file reading:

        SAPI.SpFileStream <Read> method requires access to data by reference where VBScript is needed so it's not acceptable because pure JScript is expected while
            JScript neither supports accessing data by reference nor it accepts changes of objects or their properties by default used as output data for ActiveX objects,
            however JScript does accept such output object changes, for example, for XML <transformNodeToObject>, so this output data
            behaviour depends on certain ActiveX object or component.

        I can confirm that Scripting.FileSystemObject can change a group of true bytes it reads in a way inappropriate for true bytes
            especially for locales similar to Chinese so it does not preserve all true bytes during reading,
            but I can also confirm it can read, can return in JScript and write in appropriate way blocks of pairs of true bytes for those
            locales if file is opened as Unicode so each pair of true bytes is treated as one Unicode symbol,
            and finally Scripting.FileSystemObject is much slower than SAPI.SpFileStream even during file size obtaining;

        SAPI.SpCustomStream binded to SAPI.SpFileStream can't return true bytes in pure JScript;

        it could be probably possible to pass stream from SAPI.SpStream (binded to SAPI.SpFileStream) to ADODB.Stream
            via <RemoteCopyTo> for its further reading in pure JScript but SAPI.SpStream is not accessible for scripting;

        SAPI.SpVoice <SpeakStream> binded to SAPI.SpFileStream takes more time than needed and makes inappropriate
            changes to output stream which are not acceptable for true bytes reading;

        ADODB.Stream <LoadFromFile> and <SaveToFile> can't read or write true bytes one by one;

        CDO.Message <GetDecodedContentStream> can't read true bytes one by one;

        Microsoft.XMLHTTP or Msxml2.XMLHTTP <send> can read true bytes one by one but it does not process corresponding
            <Range> request headers properly for localhost so it does not read true bytes one by one for localhost.
    ]


    It is also possible to use 'r e s://' protocol with Microsoft.XMLHTTP or Msxml2.XMLHTTP <send> for obtaining resource data when its ID
        is known but I can confirm this is much slower than peering inside the PE so 'r e s://' protocol is not used here for these purposes.

    WScript or WSH is also not used here because it can't accept Unicode file names as <Arguments> so I decided to use Web Browser
        in HTA instead and deal with its confirmed issue regarding <BeforeNavigate2> event in Windows XP (see below).
*/

    msg=                                                                     //block of all application messages
    [
        'Welcome!</div><br><a href="ht'+'tps://tastyscriptsforfree.wix.com/page/scripts" title="ht'+'tps://tastyscriptsforfree.wix.com/page/scripts">'+document.title+
            ' v4.8.0</a><br>&copy; 2017-2020 Vladimir Samarets.<br><a href="mail'+'to:tastyscriptsforfree'+'@'+'protonmail.com?subject='+document.title+
            ' v4.8.0">tastyscriptsforfree'+'@'+'protonmail.com</a><br><br><p style="font-size:8pt;">Initially based on Icon Extractor by <a href="ht'+'tps://jsware.net" title="ht'+'tps://jsware.net">'+
            'Joe Priestley</a><br>and its modification - IconSiphon by <a href="ht'+'tp://gilpin.us" title="ht'+'tp://gilpin.us">Dave Gilpin</a><br>written in VBScript.</p>',
        'Drop a file here.</div>',
        '-= Processing =-</div><br>',
        'Extracted in ',
        "-= Error =-</div><br>The item is not a file, can't be accessed or is too big.<br>Try to extract from its copy instead.",
        "-= Error =-</div><br>The file is in use or can't be accessed.<br>Try to extract from its copy instead.",
        '-= Error =-</div><br>The file is not a PE, ANI, ICO or CUR file<br>or a file with embedded icon or cursor.',
        '-= Error =-</div><br>Resource Section not found.',
        '-= Error =-</div><br>No resources found in Resource Section.',
        '-= Error =-</div><br>Some resources are not extracted<br>due to wrong data or inappropriate locations.',
        '-= Error =-</div><br>Unknown error occured.<br>Please send me the file you have just dropped.<br>Thank you!'
    ],

    rTypes=                                                                 //resource ID to type matching
    {
        1:'CURSOR',
        2:'BITMAP',
        3:'ICON',
        4:'MENU',
        5:'DIALOG',
        6:'STRING',
        7:'FONTDIR',
        8:'FONT',
        9:'ACCELERATOR',
        10:'RCDATA',
        11:'MESSAGETABLE',
        12:'GROUP_CURSOR',
        14:'GROUP_ICON',
        16:'VERSION',
        17:'DLGINCLUDE',
        19:'PLUGPLAY',
        20:'VXD',
        21:'ANICURSOR',
        22:'ANIICON',
        23:'HTML',
        24:'MANIFEST'
    },

    exts=                                                                                         //file first bytes to extension matching in hex string format
    {
        '4d5a':'646c6c',                                                                     //'dll'
        '424d':'626d70',                                                                    //'bmp'
        'fffb':'6d7033',                                                                       //'mp3'
        'fff3':'6d7033',                                                                       //'mp3'
        'fff2':'6d7033',                                                                       //'mp3'
        '4d546864':'6d6964',                                                            //'mid'
        '4d534346':'636162',                                                            //'cab'
        '7b5c72746631':'727466',                                                    //'rtf'
        '3c73766720':'737667',                                                        //'svg'
        '377abcaf271c':'377a',                                                          //'7z'
        '504b0304':'7a6970',                                                            //'zip'
        '504b0506':'7a6970',                                                            //'zip'
        '504b0708':'7a6970',                                                            //'zip'
        '89504e470d0a1a0a':'706e67',                                            //'png'
        '3c68776e6476696577':'747874',                                        //'txt'
        '3c6c696e6b656c656d656e74':'747874',                             //'txt'
        '3c68746d6c3e':'68746d',                                                     //'htm'
        'efbbbf3c68746d6c3e':'68746d',                                           //'htm'
        'fffe3c00680074006d006c003e00':'68746d',                        //'htm'
        '3c3f786d6c20':'786d6c',                                                      //'xml'
        'efbbbf3c3f786d6c20':'786d6c',                                            //'xml'
        '3c647569786d6c3e':'786d6c',                                             //'xml'
        'efbbbf3c647569786d6c3e':'786d6c',                                   //'xml'
        'fffe3c003f0078006d006c002000':'786d6c',                         //'xml'
        'fffe3c0064007500690078006d006c003e00':'786d6c',        //'xml'
        '474946383961':'676966',                                                    //'gif'
        '474946383761':'676966',                                                    //'gif'
        'ffd8ffe000104a4649460001':'6a7067',                                //'jpg'
        'ffd8ffdb':'6a7067',                                                                //'jpg'
        'ffd8ffee':'6a7067',                                                                //'jpg'
        '00000100':'69636f',                                                             //'ico'
        '00000200':'637572',                                                            //'cur'
        '52494646':'52494646',                                                        //RIFFPART
        'ffd8ffe1':'ffd8ffe1'                                                                 //JPGPART
    },

    end=1,                           //indicates whether a dropped item is processed or not
    begin=1,                        //indicates whether a DB timeout for Web Browser reset is needed or not
    nDB,                              //indicates whether DownloadBegin Web Browser event has been catched or not
    pause,                           //indicates whether drop target is allowed or not
    ms,                                //message screen that hides Web Browser during dropped items processing
    fP,                                  //file path
    folders,                          //folders for sorting of resources
    dBO,                              //data body offset
    dBOs,                            //data body offsets
    stDBO,                           //step data body offset
    shift,                              //data shift for RT_CURSOR
    ext,                                //file extension in hex string
    RTDSOStart,                  //RT_<data> (RT_ICON or RT_CURSOR) section start offset
    RTDSOEnd,                   //RT_<data> (RT_ICON or RT_CURSOR) section end offset
    RTISOStart,                   //RT_ICON section start offset
    RTISOEnd,                     //RT_ICON section end offset
    RTCSOStart,                  //RT_CURSOR section start offset
    RTCSOEnd,                   //RT_CURSOR section end offset
    dIndex,                          //data index
    gIndex,                          //data group index
    rError,                            //indicates whether there are errors during extraction of icons or cursors or not
    dt,                                  //current date
    dtChsm,                         //current date checksum
    currentUTCTimeHx,       //current date in UTC time hex format
    hex,                               //XML node in hex format
    base64,                         //XML node in base64 format (not used here)
    str,                                 //XML node in string format
    defaultCharset;              //document default charset (not used here)

    !function alert(m,s)                                                //a small library written by me for obtaining extended <alert> (see below) as well as <defaultCharset>
    {                                                                             //and XML nodes without using XML ActiveX object of certain version (it could be also used for WScript scripting);
        var d=GetObject('\\','htmlfile');                          //<GetObject> is used instead of <new ActiveXObject> because obtaining <defaultCharset> from the latter
                                                                                  //produces script fault if WScript is used as host in Windows XP
        d.write("<xml><_ xmlns:dt='urn:schemas-microsoft-com:datatypes'><_ dt:dt='bin.hex'/><_ dt:dt='bin.base64'/><_/></_></xml>");
        defaultCharset=d.defaultCharset;
        var xml=d.documentElement.firstChild.children[1];
        xml.preserveWhiteSpace=1;
        xml=xml.firstChild;
        hex=xml.childNodes[0];
        base64=xml.childNodes[1];
        str=xml.childNodes[2];
        alert=function(m,s)                                            //extended 'alert' <message, message shift at start or 0 by default>
        {
            d.parentWindow.alert(s?m.substr(s):m);
        }
    }();

    var sM=function(m,c)                                             //show message <message, background color>
    {
        ms.innerHTML='<div style="font-size:12pt;">'+m;
        ms.style.background=c;
    },

    sDM=function(d)                                                    //show default message <delay>
    {
        setTimeout
        (
            function()
            {
                pause=0;
                setTimeout
                (
                    function()
                    {
                        if(!pause)
                            sM(msg[1],'mediumaquamarine');
                    },
                    100
                );
            },
            d
        );
    },

    sEM=function(p)                                                    //show error message <position of error message in the list of application messages>
    {
        var e;
        try
        {
            TF.Close();                                                     //trying to close TAR file stream if it is opened
        }
        catch(e)
        {
            ;
        }
        setTimeout
        (
            function()
            {
                sM(msg[p],'salmon');                                //showing error message
            },
            1000
        );
        sDM(3000);                                                        //showing default message
    },

    sOpen=function(p)                                                 //open source file <path of source file>
    {
        SF.SetStream(1,p);                                            //open source file stream for reading
    },

    tOpen=function(p)                                                  //create and open TAR file <path of TAR file>
    {
        TF.Format.Type=1;                                            //text
        TF.Open(p,3);                                                     //open TAR file stream for writing
    },

    sRd=function(c)                                                     //read bytes of source file stream <count of bytes from previous position>
    {
        return strToBt(SF.ReadStream(1,c,3),'Unicode',2);       //<msiReadStreamDirect>
    },

    sBt=function(s,c)                                                   //read bytes of source memory stream <start position, count of bytes>
    {
        S.Position=s;
        return S.Read(c);
    },

    sSt=function(c)                                                      //set initial bytes from source file stream to source memory stream <count of bytes>
    {
        S.Position=0;
        S.Type=2;                                                          //text
        S.Charset='Unicode';
        S.WriteText(SF.ReadStream(1,c,3));                 //<msiReadStreamDirect>
        S.SetEOS();
        S.Position=0;
        S.Type=1;                                                          //binary
    },

    tBt=function(s,c)                                                    //read bytes of TAR file stream <start position, count of bytes>
    {
        T.Position=s;
        return T.Read(c);
    },

    rp=function(s,c)                                                     //repeat string <string, count of repeat>
    {
        for(var i=0,r=s;++i<c;r+=s);
        return r;
    },

    strToBt=function(s,c,p)                                          //convert string of certain charset to bytes <string, charset, bytes shift at start or 0 by default>
    {
        CM.Position=0;
        CM.Type=2;                                                       //text
        CM.Charset=c;
        CM.WriteText(s);
        CM.SetEOS();
        CM.Position=0;
        CM.Type=1;                                                       //binary
        CM.Position=p||0;
        return CM.Read();
    },

    uStrToBt=function(s)                                             //convert Unicode string to bytes <string>
    {
        str.text=s;
        return str.nodeTypedValue;
    },

    utf8StrToBt=function(s)                                         //convert Utf8 string to bytes <string> and calculate their checksum and count
    {
        if(s||s===0)
        {
            utf8StrToBt.chsm=btToHx(s=strToBt(s,'utf-8',3)).chsm();
            utf8StrToBt.ct=CM.Position*2-6;
        }
        else
            utf8StrToBt.chsm=utf8StrToBt.ct=0;
        return s;
    },

    ansiStrToBt=function(s)                                        //convert ANSI string to bytes <string> and calculate their checksum and count
    {
        if(s||s===0)
        {
            ansiStrToBt.chsm=btToHx(s=strToBt(s,'Windows-1252')).chsm();
            ansiStrToBt.ct=CM.Position*2;
        }
        else
            ansiStrToBt.chsm=ansiStrToBt.ct=0;
        return s;
    },

    hxToBt=function(h)                                                //convert hex string to bytes <hex string>
    {
        hex.text=h;
        return hex.nodeTypedValue;
    },

    btToNm=function(b)                                               //convert bytes to number <bytes>
    {
        return parseInt(btToRvHx(b),16);
    },

    btToHx=function(b)                                                //convert bytes to hex string <bytes>
    {
        hex.nodeTypedValue=b;
        return hex.text;
    },

    btToRvHx=function(b)                                            //convert bytes to reversed hex string <bytes>
    {
        return btToHx(b).rvHxBt();
    },

    btToStr=function(b,c)                                              //convert bytes to string of certain charset <bytes, charset>
    {
        CM.Position=0;
        CM.Type=1;                                                        //binary
        CM.Write(b);
        CM.SetEOS();
        CM.Position=0;
        CM.Type=2;                                                        //text
        CM.Charset=c;
        return CM.ReadText();
    },

    btToUStr=function(b)                                              //convert bytes to Unicode string <bytes>
    {
        str.nodeTypedValue=b;
        return str.text;
    },

    sNm=function(s,l)                                                  //read bytes of source file as number <start position, length of bytes>
    {
        return parseInt(sRvHx(s,l),16);
    },

    sNmHxStr=function(s,l)                                         //read bytes of source file as hex string of number <start position, length of bytes>
    {
        return nmToHxStr(sNm(s,l));
    },

    sRvNmHxStr=function(s,l)                                     //read bytes of source file as reversed hex string of number <start position, length of bytes>
    {
        return nmToHxStr(sRvNm(s,l));
    },

    sRvNm=function(s,l)                                              //read reversed bytes of source file as number <start position, length of bytes>
    {
        return parseInt(sHx(s,l),16);
    },

    sStr=function(s,l,c)                                                 //read bytes of source file as string of certain charset <start position, length of bytes, charset>
    {
        return btToStr(sBt(s,l),c);
    },

    sUStr=function(s,l)                                                 //read bytes of source file as Unicode string <start position, length of bytes>
    {
        return btToUStr(sBt(s,l));
    },

    sHx=function(s,l)                                                   //read bytes of source file as hex string <start position, length of bytes, charset>
    {
        return btToHx(sBt(s,l));
    },

    sRvHx=function(s,l)                                               //read reversed bytes of source file as hex string <start position, length of bytes>
    {
        return sHx(s,l).rvHxBt();
    },

    sBtEq=function(s,h)                                               //compare bytes of source file with hex string <start position, hex string>
    {
        return sHx(s,h.length/2)==h;
    },

    CHSM=0,
    nmToBt=function(n,c)                                            //convert number to bytes <number, count of bytes>
    {
        return hxToBt(nmToHx(n,c));
    },

    nmToRvBt=function(n,c)                                        //convert number to reversed bytes <number, count of bytes>
    {
        return hxToBt(nmToRvHx(n,c));
    },

    nmToHxStr=function(n)                                          //convert number to hex string <number>
    {
        n=n.toString().split('');
        for(var i=n.length;i-->0;CHSM+=n[i]*1+48);
        return '3'+n.join('3');
    },

    nmToHxUStr=function(n)                                       //convert number to hex Unicode string <number>
    {
        n=n.toString().split('');
        return '3'+n.join('003')+'00';
    }

    !function nmToHx(n,c)                                           //convert number to hex <number, count of bytes>
    {
        var t='0123456789abcdef',h;

        nmToHx=function(n,c)
        {
            h='';
            for(c=c*2;c>0;c-=2,n>>>=8)
                h+=t.charAt(n>>>4&15)+t.charAt(n&15);
            return h;
        }

    }();

    !function nmToRvHx(n,c)                                       //convert number to reversed hex <number, count of bytes>
    {
        var t='0123456789abcdef',h;

        nmToRvHx=function(n,c)
        {
            h='';
            for(c=c*2;c-->0;n>>>=4)
                h=t.charAt(n&15)+h;
            return h;
        }

    }();

    String.prototype.rvHxBt=function()                        //reverse string as hex bytes
    {
        return this.match(/..?/g).reverse().join('');
    }

    String.prototype.chsm=function()                          //calculate hex string bytes checksum
    {
        var c=0;
        for(var n=this.length-2;n>-1;n-=2)
            c+=parseInt(this.substr(n,2),16);
        return c;
    }

    Number.prototype.toHMSR=function()                   //convert date to hours, minutes, seconds and remainder (milliseconds) notation
    {
        var r=this%3600000,
        h=this/3600000^0,                                             //hours
        m=r/60000^0,                                                     //minutes
        s=r%60000/1000^0;                                           //seconds
        r=this%1000;                                                     //remainder (milliseconds)
        return ((h?h+'h':'')+(m?(h?' ':'')+m+'m':'')+(s?(h||m?' ':'')+s+'s':'')+(r?(h||m||s?' ':'')+r+'ms':''))||'0ms';
    }

    S.Open();
    T.Open();
    CM.Open();
    S.Type=T.Type=1;                                                 //binary

    !function getPL(n)                                                   //get primary language <PL> and sublanguage <SL> for RT_STRING
    {
        var ls=
        {
            SL:{0:'4e45555452414c',1:'44454641554c54',2:'5359535f44454641554c54',3:'435553544f4d5f44454641554c54',4:'435553544f4d5f554e535045434946494544',
                5:'55495f435553544f4d5f44454641554c54'},
            0:{PL:'4e45555452414c'},
            1:{PL:'415241424943',1:'53415544495f415241424941',2:'49524151',3:'4547595054',4:'4c49425941',5:'414c4745524941',6:'4d4f524f43434f',7:'54554e49534941',
                8:'4f4d414e',9:'59454d454e',10:'5359524941',11:'4a4f5244414e',12:'4c4542414e4f4e',13:'4b5557414954',14:'554145',15:'4241485241494e',16:'5141544152'},
            2:{PL:'42554c47415249414e',1:'42554c4741524941'},
            3:{PL:'434154414c414e',1:'434154414c414e'},
            4:{PL:'4348494e455345',1:'545241444954494f4e414c',2:'53494d504c4946494544',3:'484f4e474b4f4e47',4:'53494e4741504f5245',5:'4d41434155'},
            5:{PL:'435a454348',1:'435a4543485f52455055424c4943'},
            6:{PL:'44414e495348',1:'44454e4d41524b'},
            7:{PL:'4745524d414e',1:'',2:'5357495353',3:'415553545249414e',4:'4c5558454d424f555247',5:'4c4945434854454e535445494e'},
            8:{PL:'475245454b',1:'475245454345'},
            9:{PL:'454e474c495348',1:'5553',2:'554b',3:'415553',4:'43414e',5:'4e5a',6:'45495245',7:'534f5554485f414652494341',8:'4a414d41494341',9:'43415249424245414e',
                10:'42454c495a45',11:'5452494e49444144',12:'5a494d4241425745',13:'5048494c495050494e4553',16:'494e444941',17:'4d414c4159534941',18:'53494e4741504f5245'},
            10:{PL:'5350414e495348',1:'',2:'4d45584943414e',3:'4d4f4445524e',4:'47554154454d414c41',5:'434f5354415f52494341',6:'50414e414d41',
                7:'444f4d494e4943414e5f52455055424c4943',8:'56454e455a55454c41',9:'434f4c4f4d424941',10:'50455255',11:'415247454e54494e41',12:'45435541444f52',
                13:'4348494c45',14:'55525547554159',15:'5041524147554159',16:'424f4c49564941',17:'454c5f53414c5641444f52',18:'484f4e4455524153',19:'4e4943415241475541',
                20:'50554552544f5f5249434f',21:'5553'},
            11:{PL:'46494e4e495348',1:'46494e4c414e44'},
            12:{PL:'4652454e4348',1:'',2:'42454c4749414e',3:'43414e414449414e',4:'5357495353',5:'4c5558454d424f555247',6:'4d4f4e41434f'},
            13:{PL:'484542524557',1:'49535241454c'},
            14:{PL:'48554e47415249414e',1:'48554e47415259'},
            15:{PL:'4943454c414e444943',1:'4943454c414e44'},
            16:{PL:'4954414c49414e',1:'',2:'5357495353'},
            17:{PL:'4a4150414e455345',1:'4a4150414e'},
            18:{PL:'4b4f5245414e',1:''},
            19:{PL:'4455544348',1:'',2:'42454c4749414e'},
            20:{PL:'4e4f5257454749414e',1:'424f4b4d414c',2:'4e594e4f52534b'},
            21:{PL:'504f4c495348',1:'504f4c414e44'},
            22:{PL:'504f5254554755455345',1:'4252415a494c49414e',2:''},
            23:{PL:'524f4d414e5348',1:'535749545a45524c414e44'},
            24:{PL:'524f4d414e49414e',1:'524f4d414e4941'},
            25:{PL:'5255535349414e',1:'525553534941'},
            27:{PL:'534c4f56414b',1:'534c4f56414b4941'},
            28:{PL:'414c42414e49414e',1:'414c42414e4941'},
            29:{PL:'53574544495348',1:'',2:'46494e4c414e44'},
            30:{PL:'54484149',1:'544841494c414e44'},
            31:{PL:'5455524b495348',1:'5455524b4559'},
            32:{PL:'55524455',1:'50414b495354414e',2:'494e444941'},
            33:{PL:'494e444f4e455349414e',1:'494e444f4e45534941'},
            34:{PL:'554b5241494e49414e',1:'554b5241494e45'},
            35:{PL:'42454c4152555349414e',1:'42454c41525553'},
            36:{PL:'534c4f56454e49414e',1:'534c4f56454e4941'},
            37:{PL:'4553544f4e49414e',1:'4553544f4e4941'},
            38:{PL:'4c41545649414e',1:'4c4154564941'},
            39:{PL:'4c49544855414e49414e',1:''},
            40:{PL:'54414a494b',1:'54414a494b495354414e'},
            41:{PL:'5045525349414e',1:'4952414e'},
            42:{PL:'564945544e414d455345',1:'564945544e414d'},
            43:{PL:'41524d454e49414e',1:'41524d454e4941'},
            44:{PL:'415a455249',1:'4c4154494e',2:'435952494c4c4943'},
            45:{PL:'424153515545',1:'424153515545'},
            47:{PL:'4d414345444f4e49414e',1:'4d414345444f4e4941'},
            50:{PL:'545357414e41',1:'534f5554485f414652494341'},
            52:{PL:'58484f5341',1:'534f5554485f414652494341'},
            53:{PL:'5a554c55',1:'534f5554485f414652494341'},
            54:{PL:'414652494b41414e53',1:'534f5554485f414652494341'},
            55:{PL:'47454f524749414e',1:'47454f52474941'},
            56:{PL:'464145524f455345',1:'4641524f455f49534c414e4453'},
            57:{PL:'48494e4449',1:'494e444941'},
            58:{PL:'4d414c54455345',1:'4d414c5441'},
            59:{PL:'53414d49',1:'4e4f52544845524e5f4e4f52574159',2:'4e4f52544845524e5f53574544454e',3:'4e4f52544845524e5f46494e4c414e44',
                4:'4c554c455f4e4f52574159',5:'4c554c455f53574544454e',6:'534f55544845524e5f4e4f52574159',7:'534f55544845524e5f53574544454e',
                8:'534b4f4c545f46494e4c414e44',9:'494e4152495f46494e4c414e44'},
            60:{PL:'4952495348',2:'4952454c414e44'},
            62:{PL:'4d414c4159',1:'4d414c4159534941',2:'4252554e45495f444152555353414c414d'},
            63:{PL:'4b415a414b',1:'4b415a414b485354414e'},
            64:{PL:'4b595247595a',1:'4b595247595a5354414e'},
            65:{PL:'53574148494c49',1:'4b454e5941'},
            66:{PL:'5455524b4d454e',1:'5455524b4d454e495354414e'},
            67:{PL:'555a42454b',1:'4c4154494e',2:'435952494c4c4943'},
            68:{PL:'5441544152',1:'525553534941'},
            69:{PL:'42454e47414c49',1:'494e444941',2:'42414e474c4144455348'},
            70:{PL:'50554e4a414249',1:'494e444941'},
            71:{PL:'47554a4152415449',1:'494e444941'},
            72:{PL:'4f52495941',1:'494e444941'},
            73:{PL:'54414d494c',1:'494e444941'},
            74:{PL:'54454c554755',1:'494e444941'},
            75:{PL:'4b414e4e414441',1:'494e444941'},
            76:{PL:'4d414c4159414c414d',1:'494e444941'},
            77:{PL:'415353414d455345',1:'494e444941'},
            78:{PL:'4d415241544849',1:'494e444941'},
            79:{PL:'53414e534b524954',1:'494e444941'},
            80:{PL:'4d4f4e474f4c49414e',1:'435952494c4c49435f4d4f4e474f4c4941',2:'505243'},
            81:{PL:'5449424554414e',1:'505243'},
            82:{PL:'57454c5348',1:'554e495445445f4b494e47444f4d'},
            83:{PL:'4b484d4552',1:'43414d424f444941'},
            84:{PL:'4c414f',1:'4c414f'},
            86:{PL:'47414c494349414e',1:'47414c494349414e'},
            87:{PL:'4b4f4e4b414e49',1:'494e444941'},
            88:{PL:'4d414e4950555249'},
            89:{PL:'53494e444849',1:'494e444941',2:'50414b495354414e'},
            90:{PL:'535952494143',1:'5359524941'},
            91:{PL:'53494e48414c455345',1:'5352495f4c414e4b41'},
            93:{PL:'494e554b5449545554',1:'43414e414441',2:'43414e4144415f4c4154494e'},
            94:{PL:'414d4841524943',1:'455448494f504941'},
            95:{PL:'54414d415a49474854',2:'414c47455249415f4c4154494e'},
            96:{PL:'4b4153484d495249',2:'5341534941'},
            97:{PL:'4e4550414c49',1:'4e4550414c',2:'494e444941'},
            98:{PL:'4652495349414e',1:'4e45544845524c414e4453'},
            99:{PL:'50415348544f',1:'41464748414e495354414e'},
            100:{PL:'46494c4950494e4f',1:'5048494c495050494e4553'},
            101:{PL:'444956454849',1:'4d414c4449564553'},
            104:{PL:'4841555341',1:'4e4947455249415f4c4154494e'},
            106:{PL:'594f52554241',1:'4e494745524941'},
            107:{PL:'51554543485541',1:'424f4c49564941',2:'45435541444f52',3:'50455255'},
            108:{PL:'534f54484f',1:'4e4f52544845524e5f534f5554485f414652494341'},
            109:{PL:'424153484b4952',1:'525553534941'},
            110:{PL:'4c5558454d424f555247495348',1:'4c5558454d424f555247'},
            111:{PL:'475245454e4c414e444943',1:'475245454e4c414e44'},
            112:{PL:'4947424f',1:'4e494745524941'},
            115:{PL:'5449475249474e41',2:'45524954524541'},
            120:{PL:'5949',1:'505243'},
            122:{PL:'4d41505544554e47554e',1:'4348494c45'},
            124:{PL:'4d4f4841574b',1:'4d4f4841574b'},
            126:{PL:'425245544f4e',1:'4652414e4345'},
            127:{PL:'494e56415249414e54'},
            128:{PL:'554947485552',1:'505243'},
            129:{PL:'4d414f5249',1:'4e45575f5a45414c414e44'},
            130:{PL:'4f43434954414e',1:'4652414e4345'},
            131:{PL:'434f52534943414e',1:'4652414e4345'},
            132:{PL:'414c53415449414e',1:'4652414e4345'},
            133:{PL:'59414b5554',1:'525553534941'},
            134:{PL:'4b49434845',1:'47554154454d414c41'},
            135:{PL:'4b494e59415257414e4441',1:'5257414e4441'},
            136:{PL:'574f4c4f46',1:'53454e4547414c'},
            140:{PL:'44415249',1:'41464748414e495354414e'},
            145:{PL:'53434f54544953485f4741454c4943',1:'4741454c4943'},
            1050:{PL:'43524f415449414e',1:'43524f41544941'},
            1070:{PL:'55505045525f534f524249414e',1:'4745524d414e59'},
            2074:{PL:'5345524249414e',2:'4c4154494e'},
            2094:{PL:'4c4f5745525f534f524249414e',2:'4745524d414e59'},
            3098:{PL:'5345524249414e',3:'435952494c4c4943'},
            4122:{PL:'43524f415449414e',4:'424f534e49415f4845525a45474f56494e415f4c4154494e'},
            5146:{PL:'424f534e49414e',5:'424f534e49415f4845525a45474f56494e415f4c4154494e'},
            6170:{PL:'5345524249414e',6:'424f534e49415f4845525a45474f56494e415f4c4154494e'},
            7194:{PL:'5345524249414e',7:'424f534e49415f4845525a45474f56494e415f435952494c4c4943'},
            8218:{PL:'424f534e49414e',8:'424f534e49415f4845525a45474f56494e415f435952494c4c4943'},
            9242:{PL:'5345524249414e',9:'5345524249415f4c4154494e'},
            10266:{PL:'5345524249414e',10:'5345524249415f435952494c4c4943'},
            11290:{PL:'5345524249414e',11:'4d4f4e54454e4547524f5f4c4154494e'},
            12314:{PL:'5345524249414e',12:'4d4f4e54454e4547524f5f435952494c4c4943'}
        },

        o,PL,SL;

        getPL=function(n)
        {
            SL=n&1023;
            PL=['4c414e475f'+(o=ls[SL!=26&&SL!=46?SL:n]).PL];       //'LANG_'
            n=n>>10;
            if(SL>0&&SL!=127)
            {
                SL=o[n];
                if(SL!=undefined)
                    PL.SL='535542'+PL+(SL?'5f'+SL:'');                          //'SUB'+'_'
                else
                    PL.SL='5355424c414e475f'+ls.SL[n];                        //'SUBLANG_'
            }
            else
                PL.SL='5355424c414e475f'+ls.SL[n];                            //'SUBLANG_'
            return PL;
        }

    }();

    !function addT(fN1,fN2,ct,n,c)                                                     //write certain data to TAR file <file name bytes, file name string, file name bytes count,
    {                                                                                                  //file size, file name checksum>
        var s200=rp('0',200),
        se='002030'+s200+'7573746172003030'+rp('0',494);          //section end
        (addT=function(fN1,fN2,ct,n,c)
        {
            if(fN1!='')
                T.Write(fN1);
            T.Write(hxToBt(fN2+s200.substr(fN2.length+ct)+'303130303737370030303030303030003030303030303000'+addT.getOctHex(n,c)+currentUTCTimeHx+
                '303030303030'.substr(CHSM.length*2)+'3'+CHSM.split('').join(3)+se));
        }).getOctHex=function(n,c)
        {
            CHSM=0;
            n=nmToHxStr(n.toString(8));
            ct=n.length;
            CHSM=(2517+dtChsm-24*ct+CHSM+c).toString(8);            //TAR block checksum including 0x20*8 for checksum itself
            return '3030303030303030303030'.substr(ct)+n;              //12 bytes
        }

    }();

    !function endTF()                                                                         //write end block to TAR file stream and close it
    {
        var b=hxToBt(rp('0',2048));

        endTF=function()
        {
            var s=T.Position;
            if(s>0)
                TF.Write(tBt(0,s));
            TF.Write(b);
            TF.Close();
            T.Position=0;
        }

    }();

    !function endTBlock(l)                                                                 //write end section block to TAR memory stream (data length)
    {
        var s1024=rp('0',1024);

        endTBlock=function(l)
        {
            if(l%=512)
                T.Write(hxToBt(s1024.substr(l*2)));
        }

    }();

    var dHd2=hxToBt('0100'),                                                          //second part of data header

    writeTFBlock=function()                                                              //write data block over 1.46 MB to TAR file stream
    {
        var s=T.Position;
        if(s>=1536000)
        {
            TF.Write(tBt(0,s));
            T.Position=0;
        }
    },

    extractIcoCur=function(gHP,dC,ext,dHd,fN,fNP1,fNP1chsm)     //extract icons, cursors and PNGs <group header pointer, data count, extension hex string,
    {                                                                                                  //data header bytes, file name bytes, file name part 1 string, file name part 1 checksum>
        var dW,dH,bO,iBC='',dP,dI,dB,dB1,dB2,dS,dSNum,fNP2,fNP2chsm,startGHP=gHP-6;
        for(var r=1;r<dC;r++,gHP+=16)                                               //group header pointer
        {
            dW=sNm(gHP,1);                                                                //data width
            dH=sNm(gHP+1,1);                                                             //data height
            dS=sBt(gHP+8,4);                                                               //data size
            dSNum=btToNm(dS);
            dI=sBt(gHP,6);                                                                    //data info
            if(ext=='69636f')                                                                 //'ico'
            {
                iBC=sNm(gHP+6,2);                                                       //icon bit count
                iBC=iBC>0&&iBC<33?iBC:32;
            }
            bO=startGHP+sNm(gHP+12,4);
            CHSM=fNP1chsm;
            fNP2=fNP1+nmToHxStr(dIndex)+'3b'+nmToHxStr(r)+'5d2e';       //file name part 2, dataIndex+';'+'].'
            fNP2chsm=CHSM;
            var isPNG=0;
            if(sBtEq(bO,'89504e470d0a1a0a'))
            {
                dB1=sBt(bO,20);
                dW=sRvNm(bO+16,4);
                dH=sRvNm(bO+20,4)||dW;
                dB2=sBt(bO+24,dSNum-24);
                isPNG=1;
            }
            else
            {
                dW=dW||256;
                dH=dH||dW||256;
                dB=sBt(bO,dSNum);                                                       //data body
            }
            if(!folders[dP=dW+';'+dH+';'+iBC])                                     //data path
            {
                CHSM=0;
                var dPp=nmToHxStr(dW)+'78'+nmToHxStr(dH);            //'x'+'/'
                folders[dP]=[hxToBt('504e47732f'+dPp+'2f'),CHSM+386,dPp.length+12+folders[ext+0][2]];    //'PNGs/'+dPp+'/'
                if(iBC)
                {
                    dPp+='20'+nmToHxStr(iBC)+'626974';                      //' '+'bit'
                    CHSM+=336;
                }
                folders[dP][3]=hxToBt(dPp+'2f');                                    //'/'
                folders[dP][4]=CHSM;
                folders[dP][5]=dPp.length+2+folders[ext+0][2];
            }
            if(isPNG)
            {
                if(folders[ext+0][2])
                    T.Write(folders[ext+0][0]);
                T.Write(folders[dP][0]);
                addT(fN,fNP2+'706e67',folders[dP][2]+utf8StrToBt.ct,dSNum,folders[dP][1]+fNP2chsm);      //'png'
                T.Write(dB1);                                                                  //png body
                T.Write(nmToRvBt(dH,4));                                              //png corrected height
                T.Write(dB2);                                                                  //png body
                endTBlock(dSNum);
            }
            if(folders[ext+0][2])
                T.Write(folders[ext+0][0]);
            T.Write(folders[dP][3]);
            var datalength=dSNum+22;
            addT(fN,fNP2+ext,folders[dP][5]+utf8StrToBt.ct,datalength,folders[dP][4]+fNP2chsm);      //'ico' or 'cur'
            T.Write(dHd);
            T.Write(dHd2);
            T.Write(dI);
            T.Write(ext=='69636f'?nmToBt(iBC,2):sBt(gHP+6,2));       //corrected icon bit count
            T.Write(dS);
            T.Write(hxToBt('16000000'));
            if(isPNG)
            {
                T.Write(dB1);                                                                  //png body
                T.Write(nmToRvBt(dH,4));                                              //png corrected height
                T.Write(dB2);                                                                  //png body
            }
            else
                T.Write(dB);                                                                    //icon or cursor body
            endTBlock(datalength);
            dIndex++;
        }
    },

    extractANI=function(rO,smID,rS)                                                              //extract groups of icons, groups of cursors, icons, cursors and PNGs from ANI file format
    {                                                                                                                //<resource offset, sum of resource IDs, resource size>
        smID=smID||'';                                                                                     //sum of resource IDs
        var infoOffset=rO;
        if(sBtEq(rO,'4c495354'))                                                                       //'LIST'
        {
            var listSize=sNm(rO+4,4),                                                                //size of LIST
            sSize=sNm(rO+16,4);                                                                       //size of first section
            smID=smID?smID+' ':'';
            smID+='('+sStr(rO+20,sSize,'utf-8').replace(/\x00/g,'').replace(/[\\/:*"<>|]/g,'_');
            infoOffset+=20+sSize;
            if(sSize<listSize-13)                                                                         //second section found by taking into account 1 excessive zero byte
            {
                while(!sBtEq(infoOffset,'49415254'))                                            //dealing with excessive zero bytes in order to obtain correct 'IART' offset
                    infoOffset++;
                sSize=sNm(infoOffset+4,4);                                                         //size of second section
                smID=smID?smID+' & ':'';
                smID+=sStr(infoOffset+=8,sSize,'utf-8').replace(/\x00/g,'').replace(/[\\/:*"<>|]/g,'_');
                infoOffset+=sSize;
            }
            smID+=')';
        }
        while(!sBtEq(infoOffset,'616e6968'))                                                   //dealing with excessive zero bytes in order to obtain correct 'anih' offset
            infoOffset++;
        var iC=sNm(infoOffset+12,4),fO=8+4*sNm(infoOffset+16,4);               //images count, frames offset
        if(sBtEq(infoOffset+=44,'72617465'))                                                   //rate
            infoOffset+=fO;
        if(sBtEq(infoOffset,'73657120'))                                                           //seq
            infoOffset+=fO;
        if(sBtEq(infoOffset,'4c495354')&&sBtEq(infoOffset+8,'6672616d'))    //LIST & fram
        {
            infoOffset+=16;
            var ext=sNm(infoOffset+6,2)==2?'637572':'69636f',                       //cur or ico
            dHd=sBt(infoOffset+4,4);                                                                  //data header
            if(!rO)
            {
                tOpen(fP+(ext=='69636f'?'ICON':'CURSOR')+'s.tar');
                folders={637572:[hxToBt('47524f55505f435552534f52732f'),1599,28],
                    '69636f':[hxToBt('47524f55505f49434f4e732f'),1403,24],6375720:[0,0,0],'69636f0':[0,0,0]};     //'GROUP_CURSORs/', 'GROUP_ICONs/', '', ''
                dIndex=1;                                                                                      //data index
                gIndex=1;                                                                                      //group index
            }
            var sz,dC,fNP1,fNP1chsm,
            fN=utf8StrToBt(smID+' '),                                                                  //obtaining file name in Utf8 format
            fNchsm=utf8StrToBt.chsm+1061;
            for(var j=0;j<iC;j++,infoOffset+=sz+8)
            {
                sz=sNm(infoOffset,4);
                CHSM=fNchsm;
                fNP1='5b'+nmToHxStr(gIndex)+'3b'+nmToHxStr(j+1)+'5d20';     //file name part 1, '['+groupIndex+';'+'] '
                fNP1chsm=CHSM;
                dC=sNm(infoOffset+8,2);                                                               //data count
                extractIcoCur(infoOffset+10,dC+1,ext,dHd,fN,fNP1+'5b',fNP1chsm+folders[ext+0][1]);    //'['
                if(dC>1)                                                                                          //group of icons or cursors
                {
                    T.Write(folders[ext][0]);
                    CHSM=fNP1chsm+folders[ext][1];
                    addT(fN,fNP1+'28'+nmToHxStr(dC)+'20666f726d617473292e'+ext,folders[ext][2]+utf8StrToBt.ct,sz,CHSM);     //'('+' formats)'+'.'+'ico' or 'cur'
                    T.Write(sBt(infoOffset+4,sz));
                    endTBlock(sz);
                }
                gIndex++;
            }
            if(rO)
            {
                CHSM=fNchsm+40;
                addT(fN,'28'+nmToHxStr(iC)+'20696D61676573292e616e69',utf8StrToBt.ct,rS,CHSM);      //'('+' images).ani'
                T.Write(sBt(rO-12,rS));
                endTBlock(rS);
                writeTFBlock();
            }
        }
    },

    startExtraction=function()                                                                  //start extraction of resources
    {
        dt=new Date();
        dtChsm=0;
        currentUTCTimeHx='00'+addT.getOctHex(Math.floor(dt.getTime()/1000),0)+'00';    //last modification time
        dtChsm=parseInt(CHSM,8)-parseInt(3705,8);
        var e;
        try
        {
            sOpen(fP);
        }
        catch(e)
        {
            return sEM(5);                                                                            //the file is in use or can't be accessed
        }
        var fS=SF.DataSize(1);                                                                  //source file size
        if(fS<64)
        {
            if(fS<0)                                                                                        //the item is not a file, can't be accessed or is too big
            {
                sM(msg[4],'salmon');
                return sDM(2000);
            }
            return sEM(6);                                                                            //the file is not a PE, ANI, ICO, CUR file or file with embedded icon or cursor
        }
        fP=cP.match(/.+(?:\\)/)+fP.match(/[^:\\]+$/)+'_';
        sSt(64);                                                                                           //loading first 64 bytes into source memory that could be IMAGE_DOS_HEADER section of PE file
        ext=exts[sHx(2,4)];                                                                         //obtaining file extension in hex string
        if(ext=='69636f'||ext=='637572')                                                    //'ico' or 'cur'
        {
            var dHd=sBt(2,4),                                                                       //data header
            dC=sNm(6,2);                                                                             //data count
            utf8StrToBt();
            var hD=sBt(8,61);
            S.Position=0;
            S.Write(hD);
            S.Write(sRd(fS-64));
            S.SetEOS();
            tOpen(fP+(ext=='69636f'?'ICON':'CURSOR')+'s.tar');
            folders={6375720:[0,0,0],'69636f0':[0,0,0]};
            dIndex=1;                                                                                   //data index
            gIndex=1;                                                                                   //group index
            extractIcoCur(0,dC+1,ext,dHd,0,'5b313b315d205b',1159);       //'[1;1] ['
            endTF();
        }
        else if(ext=='52494646'&&sBtEq(10,'41434f4e'))                          //'RIFF' & 'ACON'
        {
            var hD=sBt(14,55);
            S.Position=0;
            S.Write(hD);
            S.Write(sRd(fS-64));
            S.SetEOS();
            extractANI(0,'',fS-12);
            endTF();
        }
        else                                                                                                //trying to extract resources from PE file
        {
            var sg=sNm(62,4);                                                                     //skipping <BOM> header and IMAGE_DOS_HEADER fields till <e_lfanew offset> and obtaining IMAGE_NT_SIGNATURE (PE00) offset
            if(sg<64||sg>fS)                                                                          //checks whether IMAGE_NT_SIGNATURE (PE00) offset is inside IMAGE_DOS_HEADER or outside the file size
                return sEM(6);                                                                        //the file is not a PE file
            sSt(sg-42);                                                                                  //loading 22 bytes of new data into source memory starting from PE File Header (4 bytes of
                                                                                                               //IMAGE_NT_SIGNATURE (PE00) and the rest first 18 bytes of IMAGE_FILE_HEADER)
            if(!sBtEq(sg-62,'50450000'))                                                      //checks whether first 4 bytes are equal to IMAGE_NT_SIGNATURE (PE00) or not
                return sEM(6);                                                                        //the file is not a PE file
            var STHSize=sNm(sg-56,2)*40,                                                 //getting size of all Section Table headers by obtaining <NumberOfSections> and taking into account 40 bytes of
                                                                                                               //each IMAGE_SECTION_HEADER
            pt=2+sNm(sg-42,2);                                                                    //skipping 4 bytes of IMAGE_NT_SIGNATURE (PE00), 20 bytes of IMAGE_FILE_HEADER and
                                                                                                               //<SizeOfOptionalHeader> bytes of IMAGE_OPTIONAL_HEADER and obtaining pointer to first
                                                                                                               //IMAGE_SECTION_HEADER
            sSt(pt+STHSize);                                                                        //loading all Section Table headers as new data into source memory
            var RSfound=0;                                                                          //indicates whether Resources section is found or not
            for(var ISHOffset=pt+=2;ISHOffset<pt+STHSize;ISHOffset+=40)     //looping through IMAGE_SECTION_HEADERs inside Section Table headers section by shifting current header
                                                                                                               //offset for obtaining an offset to next
                if(sBtEq(ISHOffset,'2e72737263000000'))                             //checks whether IMAGE_SIZEOF_SHORT_NAME (8 first bytes) of IMAGE_SECTION_HEADER is
                {                                                                                              //equal to '.rsrc' or not
                    RSVA=sNm(ISHOffset+12,4);                                              //obtaining <VirtualAddress> of Resource Section
                    SF.ReadStream(1,sNm(ISHOffset+20,4)-STHSize-pt-20-sg,3);        //obtaining <PointerToRawData> of Resource Section
                    sSt(sNm(ISHOffset+16,4));                                                 //loading <SizeOfRawData> bytes of Resource Section as new data into source memory starting from
                                                                                                               //<PointerToRawData> of Resource Section (IMAGE_RESOURCE_DIRECTORY)
                    RSfound=1;                                                                        //Resource Section is found
                    break;
                }
            if(!RSfound)
                return sEM(7);                                                                        //Resource Section is not found
            var nRC=sNm(14,2),                                                                  //skipping IMAGE_RESOURCE_DIRECTORY fields till <NumberOfNamedEntries> offset and
                                                                                                               //obtaining named resources count
            rC=nRC+sNm(16,2);                                                                   //count of resources = count of named resources + count of identified resources (<NumberOfIdEntries>)
            if(!rC)
                return sEM(8);                                                                        //no resources are found in Resource Section
            var rID,
            extract=function(n,f)                                                                   //extract resources to TAR file <part of file name, folders for sorting of resources>
            {
                tOpen(fP+n+'s.tar');
                folders=f;
                extractResources(pt,rID,RSVA);
                endTF();
            }
            pt=18;                                                                                         //skipping IMAGE_RESOURCE_DIRECTORY and obtaining pointer to IMAGE_RESOURCE_DIRECTORY_ENTRY
            for(var i=0;i<rC;i++,pt+=8)                                                                                         //looping through IMAGE_RESOURCE_DIRECTORY_ENTRYs by shifting current entry offset for
            {                                                                                                                                 //obtaining an offset to next
                rID=sNm(pt,3);                                                                                                       //obtaining resource ID without high bit from <Name> field of
                                                                                                                                              //each IMAGE_RESOURCE_DIRECTORY_ENTRY
                if(i<nRC)
                    extract(rID=sUStr(rID+4,sNm(rID+2,2)*2).replace(/[\\/:*"<>|]/g,'_'),{});              //obtaining resource type name for named resource from
                                                                                                                                              //IMAGE_RESOURCE_DIR_STRING_U and extract its data
                else
                    switch(rID=rTypes[rID]||rID)                                                                              //obtaining resource type name for identified resource
                    {
                        case 'CURSOR':
                            RTCSOStart=sNm(pt+4,3)+18;                                                                   //obtaining RT_CURSOR section start offset
                            RTCSOEnd=RTCSOStart+sNm(sNm(pt+4,3)+16,2)*8-8;                            //obtaining RT_CURSOR section end offset by taking into account only identified
                                                                                                                                              //(not named) resources
                            break;
                        case 'ICON':
                            RTISOStart=sNm(pt+4,3)+18;                                                                    //obtaining RT_ICON section start offset
                            RTISOEnd=RTISOStart+sNm(sNm(pt+4,3)+16,2)*8-8;                              //obtaining RT_ICON section end offset by taking into account only identified
                                                                                                                                              //(not named) resources
                            break;
                        case 'GROUP_CURSOR':
                            dIndex=1;                                                                                                  //data index reset (icon or cursor common index)
                            dBOs={};
                            RTDSOStart=dBO=stDBO=RTCSOStart;                                                   //RT_<data> (RT_ICON or RT_CURSOR) section start offset, data body offset,
                                                                                                                                              //step data body offset
                            RTDSOEnd=RTCSOEnd;                                                                           //RT_<data> (RT_ICON or RT_CURSOR) section end offset
                            shift=4;
                            ext='637572';
                            extract('CURSOR',{0:[hxToBt('47524f55505f435552534f52732f'),2417,28]});       //'GROUP_CURSOR/', extract data of cursor groups
                            break;
                        case 'GROUP_ICON':
                            dIndex=1;                                                                                                  //data index reset (icon or cursor common index)
                            dBOs={};
                            RTDSOStart=dBO=stDBO=RTISOStart;                                                    //RT_<data> (RT_ICON or RT_CURSOR) section start offset, data body offset,
                                                                                                                                              //step data body offset
                            RTDSOEnd=RTISOEnd;                                                                            //RT_<data> (RT_ICON or RT_CURSOR) section end offset
                            shift=0;
                            ext='69636f';
                            extract('ICON',{0:[hxToBt('47524f55505f49434f4e732f'),2221,24]});       //'GROUP_ICON/', extract data of icon groups
                            break;
                        case 'ANICURSOR':case 'ANIICON':
                            dIndex=1;                                                                                                  //data index reset (icon or cursor common index)
                            gIndex=1;                                                                                                  //group index reset (icon or cursor group common index)
                            extract(rID,{637572:[hxToBt('47524f55505f435552534f52732f'),1599,28],'69636f':[hxToBt('47524f55505f49434f4e732f'),1403,24],     //extract data of ANI file format
                                6375720:[hxToBt('435552534f52732f'),640,16],'69636f0':[hxToBt('49434f4e732f'),459,12]});        //'GROUP_CURSORs/', 'GROUP_ICONs/', 'CURSORs/', 'ICONs/'
                            break;
                        default:
                            extract(rID,{});                                                                                            //extract data of the rest resources
                            break;
                    }
            }
        }
        dt=new Date()-dt;
        var delay=rError?dt>1000?0:1000-dt:dt>2000?0:2000-dt;
        setTimeout(function(){sM(msg[3]+dt.toHMSR()+'.</div>','limegreen');},delay);           //showing 'Extracted in ' message
        if(rError)
        {
            rError=0;
            setTimeout(function(){sM(msg[9],'salmon');},delay+=1000);                                    //some resources are not extracted due to wrong data or inappropriate location shifts
            delay+=1000;
        }
        sDM(delay+1000);                                                                                                         //show default message
    },

    extractResources=function(pt,rT,RSVA,rID,tmpsmID)                           //processing extraction of resources (temp sum of resource IDs)
    {
        var nRC=sNm(pt=sNm(pt+4,3)+14,2)+1;                                            //skipping IMAGE_RESOURCE_DIRECTORY fields till <NumberOfNamedEntries> offset and
                                                                                                                   //obtaining named resources (or subresources) count
        var rC=nRC+sNm(pt+2,2);                                                                  //count of resources (or subresources) = count of named resources + count of
                                                                                                                   //identified resources (<NumberOfIdEntries>)
        if(rC>1)                                                                                                //if resources are found
        {
            tmpsmID=tmpsmID?tmpsmID+' ':'';                                               //temp sum of resource IDs
            pt+=4;                                                                                             //skipping IMAGE_RESOURCE_DIRECTORY and obtaining pointer to IMAGE_RESOURCE_DIRECTORY_ENTRY
            var parentRID=rID;                                                                         //storing parent resource ID
            for(var i=1;i<rC;i++,pt+=8)                                                              //looping through IMAGE_RESOURCE_DIRECTORY_ENTRYs by shifting current entry offset for obtaining
            {                                                                                                      //an offset to next directory or entry
                rID=sNm(pt,3);                                                                            //obtaining resource ID without high bit from <Name> field of each IMAGE_RESOURCE_DIRECTORY_ENTRY
                if(i<nRC)
                    rID=sUStr(rID+4,sNm(rID+2,2)*2).replace(/[:*"<>|]/g,'_');       //obtaining resource name for named resource from IMAGE_RESOURCE_DIR_STRING_U
                var smID=tmpsmID+rID+(rC>2?'['+i+']':'');                                 //making file name for extracted data from resource indexes if resources (or subresources) count is more
                                                                                                                   //than one from their IDs and names (sum of resource IDs)
                if(sNm(pt+7,1)==128)                                                                  //next IMAGE_RESOURCE_DIRECTORY (directory node) exists because a high bit of <OffsetToData> of
                                                                                                                   //IMAGE_RESOURCE_DIRECTORY_ENTRY is set
                    extractResources(pt,rT,RSVA,rID,smID);                               //passing obtained data to next IMAGE_RESOURCE_DIRECTORY
                else                                                                                            //IMAGE_RESOURCE_DATA_ENTRY (a leaf node) exists
                {
                    var ePt=sNm(pt+4,3)+2,                                                         //obtaining pointer to IMAGE_RESOURCE_DATA_ENTRY from <OffsetToData> of
                                                                                                                   //IMAGE_RESOURCE_DIRECTORY_ENTRY
                    rO=sNm(ePt,4)-RSVA+2,                                                         //obtaining offset to actual resource data from <OffsetToData> of IMAGE_RESOURCE_DATA_ENTRY by
                                                                                                                   //taking into account <VirtualAddress> of Resource Section
                    rS=sNm(ePt+4,4),                                                                   //obtaining size of actual resource data from <Size> of IMAGE_RESOURCE_DATA_ENTRY
                    fN=utf8StrToBt(smID),                                                            //obtaining file name in Utf8 format
                    fNchsm=utf8StrToBt.chsm,                                                    //obtaining checksum of file name in Utf8 format
                    fNlg=utf8StrToBt.ct;                                                                //obtaining bytes count of file name in Utf8 format
                    if(rO+rS>S.Size||rO<0||rS<0)
                    {
                        rError=1;
                        addT(fN,'205b5245534f55524345204c4f434154494f4e204552524f525d',fNlg,0,1891+fNchsm);     //writing resource error
                        writeTFBlock();
                        continue;
                    }
                    else
                        switch(rT)                                                                                           //resource section type
                        {
                            case 'GROUP_CURSOR':case 'GROUP_ICON':                            //groups icons or groups cursors, file extension needs to be detected according to file actual header
                                var dC=sNm(rO+4,2);                                                                 //data count
                                if(dC>0)
                                {
                                    var dHd=sBt(rO,4),                                                                 //data header
                                    dW,dH,dS,
                                    dO=rS+dC*2,                                                                          //data offset
                                    iBC='',dSHex,dP,dID,dBID,dB,dB1,dB2,dI,isPNG,subRC,fNP1,fNP1chsm,fNP2,fNP2chsm,dError,gError=0;
                                    if(dC>1)
                                    {
                                        CM.Position=0;
                                        CM.Write(sBt(rO,dO));                                                        //need to write dO length because ADODB.Stream cannot jump forward over unwritten bytes
                                    }                                                                                             //to write data bodies later
                                    rO+=6;
                                    for(var j=0;j<dC;j++,rO+=14,dO+=dS,dIndex++)
                                    {
                                        dError=0;
                                        dW=sNm(rO,1);                                                                  //data width
                                        dH=sNm(rO+1,1);                                                               //data height
                                        dI=sBt(rO,6);                                                                      //data info
                                        dS=sNm(rO+8,4)-shift;                                                       //data size
                                        dID=sNm(rO+12,2);                                                            //data ID
                                        dSHex=nmToHx(dS,4);
                                        if(!shift)
                                        {
                                            iBC=sNm(rO+6,2);                                                          //icon bit count
                                            iBC=iBC>0&&iBC<33?iBC:32;
                                        }
                                        if(!dBOs[dID])                                                                     //obtaining data (icon or cursor) body offsets on the fly
                                        {
                                            if(stDBO<=RTDSOEnd)
                                            {
                                                while((dBID=sNm(dBO,3))!=dID)                                //data body ID
                                                {
                                                    dBOs[dBID]=dBO;
                                                    if(dBO==stDBO+8)
                                                        stDBO=dBO;
                                                    var tmpDBO=dBO+(dID-dBID)*8;
                                                    if(tmpDBO<=RTDSOEnd&&tmpDBO>=RTDSOStart)
                                                    {
                                                        if((dBO=tmpDBO)==stDBO+8)
                                                            stDBO=dBO;
                                                    }
                                                    else
                                                        if((dBO=stDBO=stDBO+8)>RTDSOEnd)
                                                        {
                                                            rError=dError=gError=1;
                                                            break;
                                                        }
                                                }
                                                if(!dError)
                                                    dBOs[dID]=dBO;                                                    //the same ID can be used several times for different languages
                                            }
                                            else
                                                rError=dError=gError=1;
                                        }
                                        else
                                            dBO=dBOs[dID];
                                        if(dBO==stDBO+8)
                                            stDBO=dBO;
                                        if(!dError)
                                        {
                                            fNP1='';                                                                          //file name part 1
                                            fNP1chsm=fNchsm;
                                            CHSM=0;
                                            ePt=sNm(dBO+4,3)+16;                                                 //skipping IMAGE_RESOURCE_DIRECTORY fields till <NumberOfIdEntries> offset
                                            if((subRC=sNm(ePt,2))>1)                                              //count of resources = count of named resources (0 because this should be language) + count of
                                            {                                                                                     //identified resources (<NumberOfIdEntries>)
                                                ePt+=2;                                                                      //skipping IMAGE_RESOURCE_DIRECTORY and obtaining pointer to
                                                                                                                                  //IMAGE_RESOURCE_DIRECTORY_ENTRY
                                                for(var k=0;k<subRC;k++,ePt+=8)                             //looping through IMAGE_RESOURCE_DIRECTORY_ENTRYs by shifting current entry offset for
                                                                                                                                  //obtaining an offset to next entry
                                                    if(rID==sNm(ePt,3))                                                //resource ID without high bit, identified resources only
                                                    {
                                                        ePt+=4;                                                              //skipping IMAGE_RESOURCE_DIRECTORY_ENTRY <Name> field till <OffsetToData> offset
                                                        fNP1+='7b'+nmToHxStr(k+1)+'7d';                    //'{'+'}'
                                                        fNP1chsm+=CHSM+=248;
                                                        break;
                                                    }
                                            }
                                            else
                                                ePt+=6;                                                                      //skipping IMAGE_RESOURCE_DIRECTORY <NumberOfIdEntries> field and
                                                                                                                                  //IMAGE_RESOURCE_DIRECTORY_ENTRY <Name> field till <OffsetToData> offset
                                            fNP2=fNP1+'20'+nmToHxStr(dID)+'5b'+nmToHxStr(dIndex)+'3b'+nmToHxStr(j+1)+'5d2e';       //file name part 2, ' '+'['+dataIndex+';'+'].'
                                            fNP2chsm=fNchsm+651+CHSM;
                                            isPNG=0;
                                            if(sBtEq(ePt=sNm(sNm(ePt,3)+2,4)+2-RSVA+shift,'89504e470d0a1a0a'))      //obtaining pointer to IMAGE_RESOURCE_DATA_ENTRY from <OffsetToData> of
                                            {                                                                                                                //IMAGE_RESOURCE_DIRECTORY_ENTRY and then obtaining offset to actual
                                                                                                                                                             //resource data from <OffsetToData> of IMAGE_RESOURCE_DATA_ENTRY by taking
                                                                                                                                                             //into account <VirtualAddress> of Resource Section and data shift for RT_CURSOR
                                                dB1=sBt(ePt,20);
                                                dW=sRvNm(ePt+16,4);
                                                dH=sRvNm(ePt+20,4)||dW;
                                                dB2=sBt(ePt+24,dS-24);
                                                isPNG=1;
                                            }
                                            else
                                            {
                                                dW=dW||256;
                                                dH=dH||dW||256;
                                                dB=sBt(ePt,dS);                                                         //data body
                                            }
                                            if(!folders[dP=dW+';'+dH+';'+iBC])                                //data path
                                            {
                                                CHSM=167;
                                                var dPp=nmToHxStr(dW)+'78'+nmToHxStr(dH);       //'x'+'/'
                                                folders[dP]=[hxToBt('504e47732f'+dPp+'2f'),CHSM+386,dPp.length+12];    //'PNGs/'+dPp+'/'
                                                if(!shift)
                                                {
                                                    dPp+='20'+nmToHxStr(iBC)+'626974';
                                                    CHSM+=336;                                                         //' '+'bit'
                                                }
                                                dPp+='2f';                                                                  //'/'
                                                folders[dP][3]=hxToBt(dPp);
                                                folders[dP][4]=CHSM;
                                                folders[dP][5]=dPp.length;
                                            }
                                            if(dC>1&&!gError)
                                            {
                                                CM.Position=j*16+6;
                                                CM.Write(dI);
                                                CM.Write(shift?sBt(rO+6,2):nmToBt(iBC,2));             //corrected icon bit count
                                                CM.Write(hxToBt(dSHex+nmToHx(dO,4)));
                                                CM.Position=dO;
                                                if(isPNG)
                                                {
                                                    CM.Write(dB1);                                                      //png body
                                                    CM.Write(nmToRvBt(dH,4));                                  //png corrected height
                                                    CM.Write(dB2);                                                      //png body
                                                }
                                                else
                                                    CM.Write(dB);
                                            }
                                            if(isPNG)
                                            {
                                                T.Write(folders[dP][0]);
                                                addT(fN,fNP2+'706e67',folders[dP][2]+fNlg,dS,folders[dP][1]+fNP2chsm);      //'png'
                                                T.Write(dB1);                                                             //png body
                                                T.Write(nmToRvBt(dH,4));                                         //png corrected height
                                                T.Write(dB2);                                                             //png body
                                                endTBlock(dS);
                                            }
                                            T.Write(folders[dP][3]);
                                            var datalength=dS+22;
                                            addT(fN,fNP2+ext,folders[dP][5]+fNlg,datalength,folders[dP][4]+fNP2chsm);      //'ico' or 'cur'
                                            T.Write(dHd);
                                            T.Write(dHd2);
                                            T.Write(dI);
                                            T.Write(shift?sBt(rO+6,2):nmToBt(iBC,2));                    //corrected icon bit count
                                            T.Write(hxToBt(dSHex+'16000000'));
                                            if(isPNG)
                                            {
                                                T.Write(dB1);                                                             //png body
                                                T.Write(nmToRvBt(dH,4));                                         //png corrected height
                                                T.Write(dB2);                                                             //png body
                                            }
                                            else
                                                T.Write(dB);                                                               //icon or cursor body
                                            endTBlock(datalength);
                                            dBO=(dBO+8<RTDSOEnd?dBO:stDBO)+8;
                                        }
                                        else
                                        {
                                            CHSM=0;
                                            fNP2='20'+nmToHxStr(dID)+'5b'+nmToHxStr(dIndex)+'3b'+nmToHxStr(j+1)+'5d2e';       //file name part 2, ' '+'['+dataIndex+';'+'].'
                                            fNP2chsm=fNchsm+321+CHSM;
                                            addT(fN,fNP2+ext+'205b5245534f55524345204c4f434154494f4e204552524f525d',fNlg,0,1891+315+(!shift?0:15)+fNP2chsm);        //writing data error
                                            writeTFBlock();
                                        }
                                    }
                                    if(dC>1)
                                    {
                                        T.Write(folders[0][0]);
                                        CHSM=0;
                                        if(!gError)
                                        {
                                            addT(fN,fNP1+'2028'+nmToHxStr(dC)+'20666f726d617473292e'+ext,folders[0][2]+fNlg,dO,folders[0][1]+fNP1chsm+CHSM);             //' ('+' formats)'+'.'+
                                                                                                                                                                                                                                                              //'ico' or 'cur'
                                            CM.SetEOS();
                                            CM.Position=0;
                                            CM.CopyTo(T);                                                               //group of icons or cursors
                                            endTBlock(dO);
                                        }
                                        else
                                            addT(fN,'2028'+nmToHxStr(dC)+'20666f726d617473292e'+ext+'205b5245534f55524345204c4f434154494f4e204552524f525d',folders[0][2]+fNlg,0,
                                                folders[0][1]+fNchsm+1891+CHSM);                         //' ('+' formats)'+'.'+'ico' or 'cur'; writing group error
                                    }
                                    writeTFBlock();
                                }
                                break;
                            case 'STRING':
                                var PL=getPL(rID);
                                if(!folders[PL])
                                {
                                    var hxData=PL+'2f';                                                                                                                                        //'/'
                                    folders[PL]=[hxToBt(hxData),hxData.chsm(),hxData.length];
                                }
                                var sID=(parentRID-1)*16,
                                sIDMax=sID+16,
                                dSO=0,
                                dS,
                                hxData='fffe53005400520049004e0047005400410042004c0045000d000a004c0041004e00470055004100470045002000'+
                                    (PL+'2c20'+PL.SL).match(/..?/g).join('00')+'00'+'0d000a007b00';                                                                  //<BOM> header+'STRINGTABLE'+'\0d\0a'+'LANGUAGE '+
                                                                                                                                                                                                            //', '+'\0d\0a'+'{'
                                do
                                {
                                    dS=sNm(rO+dSO,2)*2;
                                    dSO+=2;
                                    if(dS)
                                    {
                                        hxData+='0d000a0020002000'+nmToHxUStr(sID)+'2c00200009002200'+sHx(rO+dSO,dS)+'2200';        //'\0d\0a  '+', \t"'+'"'
                                        dSO+=dS;
                                    }
                                    sID++;
                                }
                                while(sID<sIDMax);
                                hxData+='0d000a007d000d000a000d000a00';                                                                                                  //'\0d\0a'+'}'+'\0d\0a\0d\0a'
                                T.Write(folders[PL][0]);
                                sID=hxData.length/2;
                                addT(fN,'2e747874',folders[PL][2]+fNlg,sID,fNchsm+folders[PL][1]+398);                                                         //'.txt'
                                T.Write(hxToBt(hxData));
                                endTBlock(sID);
                                writeTFBlock();
                                break;
                            case 'BITMAP':
                                var dBC=sNm(rO+14,2);                                                                                         //data bit count
                                if(dBC>32)
                                {
                                    rError=1;
                                    addT(fN,'205b5245534f55524345204c4f434154494f4e204552524f525d',fNlg,0,1891+fNchsm);     //writing resource error
                                    writeTFBlock();
                                }
                                else                                                                                                                        //extract only valid images
                                {
                                    var rHS=54+(dBC<=8?4*(sNm(rO+32,4)||Math.pow(2,dBC)):0);                         //resource colors used, resource header size with color table
                                    rS+=14;
                                    var dW=sNm(rO+4,4),
                                    dH=sNm(rO+8,4),
                                    dP=dW+';'+dH+';'+dBC;                                                                                     //data path
                                    if(!folders[dP])
                                    {
                                        CHSM=518;
                                        var dPp=nmToHxStr(dW)+'78'+nmToHxStr(dH)+'20'+nmToHxStr(dBC);       //'x'+' '
                                        folders[dP]=[hxToBt(dPp+'6269742f'),CHSM,dPp.length+8];                         //'bit/'
                                    }
                                    T.Write(folders[dP][0]);
                                    addT(fN,'2e626d70',folders[dP][2]+fNlg,rS,fNchsm+folders[dP][1]+365);          //'.bmp'
                                    T.Write(hxToBt('424d'+nmToHx(rS,4)+'00000000'+nmToHx(rHS,4)));
                                    T.Write(sBt(rO,rS-14));
                                    endTBlock(rS);
                                    writeTFBlock();
                                }
                                break;
                            default:
                                if(ext=exts[sHx(rO,2)]||exts[sHx(rO,4)]||exts[sHx(rO,5)]||exts[sHx(rO,6)]||exts[sHx(rO,8)]||exts[sHx(rO,9)]||exts[sHx(rO,11)]||exts[sHx(rO,12)]||
                                    exts[sHx(rO,14)]||exts[sHx(rO,18)])
                                {
                                    ;
                                }
                                else if(sBtEq(rO,'efbbbf')||sBtEq(rO,'fffe'))
                                    ext='747874';                                                                                                             //'txt'
                                if(ext=='52494646')                                                                                                        //RIFFPART
                                {
                                    ext=sHx(rO+8,4);
                                    if(ext=='41564920')                                                                                                    //'AVI '
                                        ext='617669';                                                                                                         //'avi'
                                    else if(ext=='57415645')                                                                                            //'WAVE'
                                        ext='776176';                                                                                                         //'wav'
                                    else if(ext=='41434f4e')                                                                                             //'ACON', RT_ANICURSOR & RT_ANIICON
                                    {
                                        extractANI(rO+12,smID,rS);
                                        break;
                                    }
                                    else
                                        ext='';
                                }
                                else if(ext=='ffd8ffe1')                                                                                                    //JPGPART
                                    ext=sBtEq(rO+6,'457869660000')?'6a7067':'';                                                          //'jpg'
                                var h=sHx(rO,4),
                                fNP1='';                                                                                                                           //file name part 1
                                if(ext)
                                {
                                    fNP1+='2e'+ext;
                                    var dW='',dH='';
                                    switch(ext)
                                    {
                                        case '706e67':                                                                                                        //'png'
                                            dW=sRvNm(rO+16,4);
                                            dH=sRvNm(rO+20,4);
                                            break;
                                        case '676966':                                                                                                        //'gif'
                                            dW=sNm(rO+6,2);
                                            dH=sNm(rO+8,2);
                                            break;
                                    }
                                    var dP=dW+';'+dH;                                                                                                     //data path
                                    if(dP!=';')
                                    {
                                        if(!folders[dP])
                                        {
                                            CHSM=167;
                                            var dPp=nmToHxStr(dW)+'78'+nmToHxStr(dH);                                                //width+'x'+height
                                            folders[dP]=[hxToBt(dPp+'2f'),CHSM,dPp.length+2];                                         //'/'
                                        }
                                        T.Write(folders[dP][0]);
                                        addT(fN,fNP1,folders[dP][2]+fNlg,rS,fNchsm+folders[dP][1]+46+ext.chsm());       //'.'+ext
                                    }
                                    else
                                        addT(fN,fNP1,fNlg,rS,fNchsm+46+ext.chsm());
                                }
                                else
                                {
                                    CHSM=0;
                                    if(!folders[h])
                                        folders[h]=[ansiStrToBt(h+'/'),ansiStrToBt.chsm,ansiStrToBt.ct];
                                    T.Write(folders[h][0]);
                                    addT(fN,fNP1,fNlg+folders[h][2],rS,CHSM+fNchsm+folders[h][1]);
                                }
                                T.Write(sBt(rO,rS));
                                endTBlock(rS);
                                writeTFBlock();
                                break;
                        }
                }
            }
        }
    }

    !function start()
    {
        var b=document.body;                                                                                //body
        if(!b)
            setTimeout(start,0);                                                                                 //waiting for body appearance
        else
        {
            onerror=function()
            {
                sEM(10);                                                                                              //unknown error occured
                return true;
            }

            b.style.margin=0;
            ms=b.appendChild
            (
                document.createElement('<span style="word-break:break-all;width:100%;height:100%;text-align:center;padding:10px;cursor:default;font:bold 10pt Tahoma;">')
            );
            sM(msg[0],'yellow');                                                                                //showing welcome message

            !function rsWB()                                                                                      //Web Browser reset with storing local methods inside
            {
                var DBT,WB='<object classid=clsid:8856F961-340A-11D0-A96B-00C04FD705A2 style="width:100%;height:100%;"><param name=Location value="about:<body'+
                    ' style=\'margin:0px;border:0px;overflow:hidden;\'><input type=button style=\'width:'+b.clientWidth+'px;height:'+b.clientHeight+
                    'px;border:0px;background:mediumaquamarine;\'><script>var a,b=document.body;b.ondragenter=b.ondragleave=b.ondragover=b.onmouseenter='+
                    'b.onmouseleave=b.onmouseover=b.onmousemove=function(){clearTimeout(a);a=setTimeout(function(){location.reload();},100);}<\/script>">',

                prc=function(f)                                                                                     //processing data received after file drop
                {
                    clearTimeout(DBT);
                    end=1;
                    b.children[1].removeNode();
                    rsWB();
                    if(f)                                                                                                   //the item is a file that can be accessed
                    {
                        sM(msg[2]+'<div style="text-align:left;">'+f+'</div>','limegreen');
                        fP=f;
                        setTimeout(startExtraction,0);
                    }
                    else                                                                                                 //the item is not a file, can't be accessed or is too big
                    {
                        sM(msg[4],'salmon');
                        sDM(2000);
                    }
                },

                stDBT=function(f)                                                                                //setting a timeout for Web Browser reset
                {
                    if(!begin)
                    {
                        begin=1;
                        b.firstChild.style.display='';
                        if(f)
                            DBT=setTimeout
                            (
                                function()
                                {
                                    prc();
                                },
                                1000
                            );
                    }
                },

                DB=function()                                                                                      //catching DownloadBegin Web Browser event
                {
                    nDB=0;
                    stDBT(1);
                },

                STC=function(f)                                                                                    //catching StatusTextChange Web Browser event
                {
                    stDBT(f);
                    if(f&&!end)                                                                                        //indicates that a file has been dropped
                    {
                        if(/file:/.test(f))
                            prc(decodeURIComponent(f).replace(/.+:((?:\/{3})|(?=\/{2}))(.+)...$/,'$2').replace(/\//g,'\\'));
                        else if(/</.test(f))                                                                          //indicates that drag target is leaved without drop
                        {
                            clearTimeout(DBT);
                            if(nDB)
                            {
                                b.firstChild.style.display='';
                                sDM(0);
                            }
                            else
                                prc();
                        }
                    }
                },

                NC2=function(o,f)                                                                                 //catching NavigateComplete2 Web Browser event in order to decline folder drops
                {
                    if(!end)
                        prc();
                },

                NE=function()                                                                                       //catching NavigateError Web Browser event in order to decline items that don't exist or can't be accessed
                {
                    if(!end)
                        prc();
                }

                rsWB=function()                                                                                  //Web Browser reset is needed because its events can't be declined further in JavaScript,
                {                                                                                                           //BeforeNavigate2 event has also a confirmed issue and can't be catched in Windows XP by default while
                                                                                                                            //VBScript provides no working methods to catch them for ActiveX objects represented as HTML nodes
                    b.insertAdjacentHTML('beforeEnd',WB);
                    with(b.children[1])
                    {
                        RegisterAsDropTarget=Silent=Offline=1;
                        attachEvent('DownloadBegin',DB);
                        attachEvent('StatusTextChange',STC);
                        attachEvent('NavigateComplete2',NC2);
                        attachEvent('NavigateError',NE);
                    }
                }

            }();

            rsWB();                                                                                                    //adding Web Browser as drop target
            setTimeout(function()
            {
                ms.ondragover=function()
                {
                    if(!pause)
                    {
                        if(!Math.abs(event.x-this.x)&&!Math.abs(event.y-this.y))            //accepting only slow mouse motion
                        {
                            this.style.display='none';
                            pause=1;
                            end=0;
                            begin=0;
                            nDB=1;
                            sM('','mediumaquamarine');
                        }
                        this.x=event.x;
                        this.y=event.y;
                    }
                }
                setTimeout
                (
                    function()
                    {
                        if(!pause)
                            sM(msg[1],'mediumaquamarine');
                    },
                    100
                );
            },3000);                                                                                                    //postponing Web Browser access while it generates its events at start
            moveTo(screen.availWidth/2-190,screen.availHeight/2-102);
        }
    }();
}
else
{
    !function hide(e)                                                                                              //hiding the application window before it is shown in order to resize it smoothly
    {
        try                                                                                                                //avoiding Windows XP issues with immediate moveTo or resizeTo at start
        {
            moveTo(10000,10000);                                                                           //negative values are not acceptable because they produce flickering if <Click> of Internet.HHCtrl is used
        }                                                                                                                   //for HTA modeless dialog minimizing in Windows 7
        catch(e)
        {
            try
            {
                hide();
            }
            catch(e)
            {
                hide();
            }
        }
    }();

    h.insertBefore(document.createElement('<hta:application showInTaskBar=0>'),h.firstChild);

    var WMI=                                                                                                        //a small library written by me for obtaining WMI instance, its common methods and properties
    {                                                                                                                       //below is a sample of creating a process with certain window shifts and environment variables
                                                                                                                            //and obtaining its <ProcessId> by using WMI
        SWL:new ActiveXObject('WbemScripting.SWbemLocator'),
        PRMS:function(p)
        {
            var s=WMI.PS.SpawnInstance_();
            for(var i in p)s[i]=p[i];
            return s;
        },
        Create:function(c,s,d)
        {
            var CreateIn=WMI.CreateIn.SpawnInstance_();
            CreateIn.CommandLine=c;
            CreateIn.ProcessStartupInformation=s;
            CreateIn.CurrentDirectory=d;
            return WMI.PRC.ExecMethod_('Create',CreateIn).ProcessId;
        }
    };

    WMI.PRC=(WMI.WM=WMI.SWL.ConnectServer('.','root/cimv2')).Get('Win32_Process');
    WMI.PS=WMI.WM.Get('Win32_ProcessStartup');
    WMI.CreateIn=WMI.PRC.Methods_('Create').InParameters;
    WSS.AppActivate(
        WMI.Create
        (
            'mshta "'+cP+'"',
            WMI.PRMS
            (
                {
                    X:10000,                                                                                          //hiding the application window before it is
                    Y:10000,                                                                                          //shown in order to resize it smoothly
                    EnvironmentVariables:
                    [
                        'is64bit=1',                                                                                  //indicates that the application is launched as 64 bit
                        'SystemRoot='+env('SystemRoot'),                                            //for start
                        'SystemDrive='+env('SystemDrive'),                                         //for hyperlinks
                        'TEMP='+env('TEMP'),                                                                //for 'mailto' links
                        'CommonProgramW6432='+env('CommonProgramW6432')     //for ADODB.Stream
                    ]
                }
            )
        )
    );
    setTimeout(function(){window.close();},100);
}
</script>

2

Re: HTA & JScript: Resource Extractor - извлечение ресурсов из PE-файлов

lifeflame
Ваш статус изменён, прошу ознакомиться.
http://yoursmileys.ru/tsmile/forum/t1230.gif

3

Re: HTA & JScript: Resource Extractor - извлечение ресурсов из PE-файлов

JSman, что-то он в статусе простого участника.

4

Re: HTA & JScript: Resource Extractor - извлечение ресурсов из PE-файлов

alexii
Спасибо!