1[.]zip | Triage

Resubmissions

16-06-2022 11:45

220616-nwzzqahca6 10

16-06-2022 02:20

220616-cswmcafehr 10

Sharing

Copy URL

Twitter E-mail

General

Target

1.zip
Size

1.2MB
MD5

3c56a7bf04bad7f85cf469e35c305358
SHA1

21b4fa76aa403646f0dd79c70322299d695787ae
SHA256

c641a8d24354b0ed3cf3d21c21e8c6f58d969a667985f829edebbadcf84f32ec
SHA512

f03940882e949e19736de4652514fcf61c9865556e7a7f9bbbdf620db39c531fb2c2e6a92f6445a816e356c4dbaec3394f1e584420d25f4c9f6bda3acbc6c2a2
SSDEEP

24576:DEgRmbXHOPQkrl1KHfITZ5GSKzqjCxtkwaAMDV:Qemb389TZ4SOqjayDV

Score

N/A

Malware Config

Signatures

Files

1.zip
.zip
FTPSet.exe
.exe windows x86

d98be1a3793cdbcf34b1797337bde9d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
TerminateProcess
HeapFree
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
GetStartupInfoA
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
RtlUnwind
GetDriveTypeA
GetFileTime
GetFileSize
GetFileAttributesA
GetTickCount
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
SetErrorMode
GetOEMCP
GetCPInfo
GetThreadLocale
SizeofResource
GetProcessVersion
GetLastError
GlobalFlags
lstrcpynA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
FormatMessageA
LocalFree
MulDiv
SetLastError
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedIncrement
InterlockedDecrement
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
GetModuleHandleA
GetProcAddress
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
CloseHandle
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GetUserDefaultLCID
GetPrivateProfileIntA
GetProfileStringA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetModuleFileNameA
GetCurrentDirectoryA
HeapCreate
CreateDirectoryA

user32

InvalidateRect
CharUpperA
InflateRect
RegisterClipboardFormatA
PostThreadMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
SetForegroundWindow
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
EnableWindow
LoadIconA
SendMessageA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
SetCursor
PostQuitMessage
PostMessageA
wsprintfA
IsIconic
GetSystemMetrics
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
GetForegroundWindow
GetSysColorBrush
GetClientRect
DrawIcon
DefDlgProcA
IsWindowUnicode
AppendMenuA
GetSystemMenu
PtInRect
GetClassNameA
GetDesktopWindow
LoadCursorA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
DestroyMenu
LoadStringA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
RegisterWindowMessageA
UpdateWindow

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA

shell32

SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA

comctl32

ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
OleUninitialize

olepro32

ord253

oleaut32

VariantCopy
VariantClear
SysAllocStringLen
SysFreeString
VariantChangeType
SysAllocString
SysAllocStringByteLen
SysStringLen
VariantTimeToSystemTime

Sections

.text
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
FtpSrv.exe
.exe windows x86

fe2ff8bf2ac235c167911e55f56bf027

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntA
GetPrivateProfileStringA
GetCurrentDirectoryA
CloseHandle
CreateFileA
GetDiskFreeSpaceExA
GetFileAttributesA
GetLastError
ReadFile
WriteFile
ReleaseMutex
SetPriorityClass
GetCurrentProcess
CreateMutexA
CreateDirectoryA
InitializeCriticalSection
DeleteCriticalSection
Sleep
CreateThread
GetModuleFileNameA
GetUserDefaultLCID
CompareStringW
CompareStringA
SetEndOfFile
LoadLibraryA
GetProcAddress
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
FlushFileBuffers
SetStdHandle
SetFilePointer
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
HeapAlloc
GetStringTypeW
GetStringTypeA
TerminateProcess
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
SetEnvironmentVariableA
HeapFree
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
MoveFileA
RemoveDirectoryA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
GetModuleHandleA

user32

wsprintfA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
LoadStringA
RegisterClassExA
LoadCursorA
LoadIconA
UpdateWindow
ShowWindow
CreateWindowExA
PostQuitMessage
DestroyWindow
DefWindowProcA
SendMessageA
FindWindowA
MessageBoxA
SetTimer
KillTimer

ws2_32

WSAGetLastError
recv
send
__WSAFDIsSet
select
ntohs
getsockname
gethostbyname
gethostname
listen
bind
htons
htonl
socket
setsockopt
accept
WSACleanup
WSAStartup
closesocket
connect

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
QB903D.exe
.exe windows x86

83a272e660680b57b1c5817e0fe7ec64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

owl52f

@GetApplicationObject$qui
@I32_WPARAM_LPARAM_Dispatch$qr7GENERICM7GENERICquil$luil
@TApplication@$bctr$qpxcp11HINSTANCE__t2t1irp7TModulep14TAppDictionary
@TApplication@$bdtr$qv
@TApplication@CanClose$qv
@TApplication@EnableCtl3d$q4bool
@TApplication@EnableCtl3dAutosubclass$q4bool
@TApplication@Find$qr24TEventHandler@TEventInfopqr31%TResponseTableEntry$t7GENERIC%r24TEventHandler@TEventInfo$4bool
@TApplication@IdleAction$ql
@TApplication@InitApplication$qv
@TApplication@InitInstance$qv
@TApplication@MessageBox$qp6HWND__pxct2ui
@TApplication@MessageLoop$qv
@TApplication@PreProcessMenu$qp7HMENU__
@TApplication@ProcessAppMsg$qr6tagMSG
@TApplication@ProcessMsg$qr6tagMSG
@TApplication@Run$qv
@TApplication@SetMainWindow$qp12TFrameWindow
@TApplication@Start$qv
@TApplication@TermInstance$qi
@TBrush@$bctr$qp8HBRUSH__11TAutoDelete
@TBrush@$bdtr$qv
@TButton@$bctr$qp7TWindowip7TModule
@TButton@$bctr$qp7TWindowipxciiii4boolp7TModule
@TButton@$bdtr$qv
@TCheckBox@$bctr$qp7TWindowip9TGroupBoxp7TModule
@TCheckBox@$bctr$qp7TWindowipxciiiip9TGroupBoxp7TModule
@TCheckBox@$bdtr$qv
@TCheckBox@SetCheck$qui
@TClientDC@$bctr$qp6HWND__
@TComboBox@$bctr$qp7TWindowiiiiiuluip7TModule
@TComboBox@$bctr$qp7TWindowiuip7TModule
@TComboBox@$bdtr$qv
@TComboBox@SetText$qpxc
@TControl@$bctr$qp7TWindowip7TModule
@TControl@$bctr$qp7TWindowipxciiiip7TModule
@TControl@$bdtr$qv
@TControl@CompareItem$qr20tagCOMPAREITEMSTRUCT
@TControl@DeleteItem$qr19tagDELETEITEMSTRUCT
@TControl@DrawItem$qr17tagDRAWITEMSTRUCT
@TControl@EvPaint$qv
@TControl@Find$qr24TEventHandler@TEventInfopqr31%TResponseTableEntry$t7GENERIC%r24TEventHandler@TEventInfo$4bool
@TControl@MeasureItem$qr20tagMEASUREITEMSTRUCT
@TControl@ODADrawEntire$qr17tagDRAWITEMSTRUCT
@TControl@ODAFocus$qr17tagDRAWITEMSTRUCT
@TControl@ODASelect$qr17tagDRAWITEMSTRUCT
@TDC@$bdtr$qv
@TDC@RestoreBrush$qv
@TDC@SelectObject$qrx4TPen
@TDC@SelectObject$qrx6TBrush
@TDesktopDC@$bctr$qv
@TDialog@$bctr$qp7TWindow6TResIdp7TModule
@TDialog@$bdtr$qv
@TDialog@CloseWindow$qi
@TDialog@CmCancel$qv
@TDialog@CmOk$qv
@TDialog@Create$qv
@TDialog@Destroy$qi
@TDialog@DialogFunction$quiuil
@TDialog@DoCreate$qv
@TDialog@DoExecute$qv
@TDialog@EvInitDialog$qp6HWND__
@TDialog@Execute$qv
@TDialog@Find$qr24TEventHandler@TEventInfopqr31%TResponseTableEntry$t7GENERIC%r24TEventHandler@TEventInfo$4bool
@TDialog@GetClassNameA$qv
@TDialog@GetWindowClass$qr12tagWNDCLASSA
@TDialog@IdleAction$ql
@TDialog@PreProcessMsg$qr6tagMSG
@TDialog@SetCaption$qpxc
@TDialog@SetupWindow$qv
@TEdit@$bctr$qp7TWindowipxciiiiui4boolp7TModule
@TEdit@$bctr$qp7TWindowiuip7TModule
@TEdit@$bdtr$qv
@TEdit@CanClose$qv
@TEdit@Clear$qv
@TEdit@Find$qr24TEventHandler@TEventInfopqr31%TResponseTableEntry$t7GENERIC%r24TEventHandler@TEventInfo$4bool
@TEdit@GetClassNameA$qv
@TEdit@GetSubText$xqpcuiui
@TEdit@Search$quipxc4boolt3t3
@TEdit@SetupWindow$qv
@TEdit@Transfer$qpv18TTransferDirection
@TEventHandler@Find$qr24TEventHandler@TEventInfopqr31%TResponseTableEntry$t7GENERIC%r24TEventHandler@TEventInfo$4bool
@TEventHandler@SearchEntries$qp31%TResponseTableEntry$t7GENERIC%r24TEventHandler@TEventInfopqr31%TResponseTableEntry$t7GENERIC%r24TEventHandler@TEventInfo$4bool
@TFont@$bctr$qpxciiiiiucucucucucucucuc
@TFrameWindow@$bctr$qp7TWindowpxct14boolp7TModule
@TFrameWindow@$bdtr$qv
@TFrameWindow@AssignMenu$q6TResId
@TFrameWindow@CleanupWindow$qv
@TFrameWindow@EvCommand$quip6HWND__ui
@TFrameWindow@EvCommandEnable$qr15TCommandEnabler
@TFrameWindow@GetClientWindow$qv
@TFrameWindow@GetCommandTarget$qv
@TFrameWindow@HoldFocusHWnd$qp6HWND__t1
@TFrameWindow@IdleAction$ql
@TFrameWindow@PreProcessMsg$qr6tagMSG
@TFrameWindow@RemoveChild$qp7TWindow
@TFrameWindow@SetClientWindow$qp7TWindow
@TFrameWindow@SetDocTitle$qpxci
@TFrameWindow@SetIcon$qp7TModule6TResId
@TFrameWindow@SetIconSm$qp7TModule6TResId
@TFrameWindow@SetMenu$qp7HMENU__
@TFrameWindow@SetupWindow$qv
@TGdiObject@$bdtr$qv
@TGroupBox@$bctr$qp7TWindowip7TModule
@TGroupBox@$bctr$qp7TWindowipxciiiip7TModule
@TIcon@$bctr$qp7HICON__11TAutoDelete
@TIcon@$bdtr$qv
@TListBox@$bctr$qp7TWindowip7TModule
@TListWindColumn@$bctr$qpci23TListWindColumn@TFormati
@TListWindColumn@$bdtr$qv
@TListWindColumn@SetFormat$q23TListWindColumn@TFormat
@TListWindItem@$bctr$qpxcii
@TListWindItem@$bctr$qui4bool
@TListWindItem@$bdtr$qv
@TListWindItem@FlushCache$qv
@TListWindItem@GetItemData$xqv
@TListWindItem@SetIndex$qi
@TListWindItem@SetItemData$qul
@TListWindItem@SetSubItem$qi
@TListWindow@$bctr$qp7TWindowiiiiip7TModule
@TListWindow@$bdtr$qv
@TListWindow@GetSelCount$xqv
@TListWindow@GetSelIndexes$xqpii
@TListWindow@SetItemState$qiuiui
@TListWindow@SetSelIndexes$qpii4bool
@TListWindow@SortItems$qrx13TLwComparatorul
@TMenu@$bctr$qp11HINSTANCE__6TResId
@TMenu@$bdtr$qv
@TModule@$bdtr$qv
@TModule@Error$qi
@TModule@Error$qr4xmsguiui
@TPen@$bctr$qrx6TColorii
@TPopupMenu@$bctr$qrx5TMenu11TAutoDelete
@TPrintDialog@TData@GetDeviceName$xqv
@TPrintDialog@TData@GetDriverName$xqv
@TPrintDialog@TData@GetOutputName$xqv
@TPrinter@$bctr$qp12TApplication
@TPrinter@$bdtr$qv
@TPrinter@ClearDevice$qv
@TPrinter@CreateAbortWindow$qp7TWindowr9TPrintout
@TPrinter@ExecPageSetupDialog$qp7TWindow
@TPrinter@ExecPrintDialog$qp7TWindow
@TPrinter@GetDefaultPrinter$qv
@TPrinter@Print$qp7TWindowr9TPrintout4bool
@TPrinter@ReportError$qp7TWindowr9TPrintout
@TPrinter@SetPageSizes$qrx8TPrintDC
@TPrinter@SetPrinterA$qpxct1t1
@TPrinter@Setup$qp7TWindow
@TRadioButton@$bctr$qp7TWindowip9TGroupBoxp7TModule
@TStatic@$bctr$qp7TWindowipxciiiiuip7TModule
@TStatic@$bctr$qp7TWindowiuip7TModule
@TWindow@$bctr$qv
@TWindow@$bdtr$qv
@TWindow@AssignContextMenu$qp10TPopupMenu
@TWindow@CanClose$qv
@TWindow@ChildWithId$xqi
@TWindow@CleanupWindow$qv
@TWindow@CloseWindow$qi
@TWindow@Create$qv
@TWindow@DefWindowProcA$quiuil
@TWindow@DefaultProcessing$qv
@TWindow@Destroy$qi
@TWindow@DoExecute$qv
@TWindow@EvCommand$quip6HWND__ui
@TWindow@EvCommandEnable$qr15TCommandEnabler
@TWindow@EvDestroy$qv
@TWindow@EvMove$qr6TPoint
@TWindow@EvNotify$quir7TNotify
@TWindow@Execute$qv
@TWindow@Find$qr24TEventHandler@TEventInfopqr31%TResponseTableEntry$t7GENERIC%r24TEventHandler@TEventInfo$4bool
@TWindow@GetClientRect$xqr5TRect
@TWindow@GetWindowClass$qr12tagWNDCLASSA
@TWindow@GetWindowRect$xqr5TRect
@TWindow@HoldFocusHWnd$qp6HWND__t1
@TWindow@IdleAction$ql
@TWindow@Paint$qr3TDC4boolr5TRect
@TWindow@PerformCreate$qi
@TWindow@PreProcessMsg$qr6tagMSG
@TWindow@Register$qv
@TWindow@RemoveChild$qp7TWindow
@TWindow@SendMessageA$quiuil
@TWindow@SetCaption$qpxc
@TWindow@SetDocTitle$qpxci
@TWindow@SetParent$qp7TWindow
@TWindow@SetWindowPos$qp6HWND__iiiiui
@TWindow@SetupWindow$qv
@TWindow@ShowWindow$qi
@TWindow@Transfer$qpv18TTransferDirection
@TWindow@TransferData$q18TTransferDirection
@TWindow@WindowProc$quiuil
@TWindowDC@$bdtr$qv
@__GetTMessageWin$qp7TWindow
@v_Dispatch$qr7GENERICM7GENERICqv$vuil
@v_LPARAM_Dispatch$qr7GENERICM7GENERICql$vuil
@v_POINTER_Dispatch$qr7GENERICM7GENERICqpv$vuil
@v_POINT_Dispatch$qr7GENERICM7GENERICqr6TPoint$vuil
@v_U_POINT_Dispatch$qr7GENERICM7GENERICquir6TPoint$vuil
@v_U_U_Dispatch$qr7GENERICM7GENERICquiui$vuil
@v_U_U_U_Dispatch$qr7GENERICM7GENERICquiuiui$vuil
@v_WPARAM_Dispatch$qr7GENERICM7GENERICqui$vuil

bds52f

@TColor@GetValue$xqv
@TColor@Sys3dFace
@TStreamableBase@$bdtr$qv

kernel32

CloseHandle
CopyFileA
CreateDirectoryA
CreateFileA
CreateMutexA
CreateProcessA
DeleteFileA
FindClose
FindFirstFileA
FindNextFileA
FormatMessageA
FreeLibrary
GetDriveTypeA
GetExitCodeProcess
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProcAddress
GetProfileIntA
GetProfileStringA
GetSystemTime
GetTempFileNameA
GetTempPathA
GetTickCount
GetUserDefaultLCID
GetVersionExA
GetVolumeInformationA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
LoadLibraryA
LocalAlloc
LocalFree
OpenFile
SetErrorMode
SetFileTime
Sleep
SystemTimeToFileTime
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForSingleObject
WinExec
WritePrivateProfileStringA
_lclose
_lcreat
_llseek
_lopen
_lread
_lwrite
lstrcmpA
lstrcmpiA
GlobalHandle

comdlg32

GetOpenFileNameA
GetSaveFileNameA

gdi32

CreateSolidBrush
GetDeviceCaps
GetStockObject
GetTextMetricsA
Polygon
Rectangle
SetBkMode

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA

user32

CharNextA
DdeClientTransaction
DdeConnect
DdeCreateDataHandle
DdeCreateStringHandleA
DdeDisconnect
DdeFreeDataHandle
DdeFreeStringHandle
DdeGetData
DdeInitializeA
DdeNameService
DdeQueryConvInfo
DdeQueryStringA
DdeUninitialize
DispatchMessageA
DrawIcon
DrawMenuBar
EnableMenuItem
EnableWindow
FindWindowA
GetActiveWindow
GetDlgItem
GetKeyState
GetMenu
GetSysColor
GetSystemMetrics
GetWindowTextA
InsertMenuA
InvalidateRect
IsWindowEnabled
LoadCursorA
LoadIconA
LoadStringA
MessageBeep
MessageBoxA
MessageBoxExA
OpenIcon
PeekMessageA
PostMessageA
ReleaseCapture
SendMessageA
SetActiveWindow
SetCapture
SetCursor
SetFocus
SetMessageQueue
SetWindowTextA
ShowWindow
TranslateMessage
UpdateWindow
wsprintfA

cw3230

@$badd$qpxcrx6string
@$bdele$qpv
@$bdla$qpv
@$bnew$qui
@$bnwa$qui
@TStringRef@$bctr$qpxcuit1uiui
@TStringRef@$bdtr$qv
@_CatchCleanup$qv
@_ReThrowException$quipuc
@__DynamicCast$qpvt1t1t1i
@__lockDebuggerData$qv
@__unlockDebuggerData$qv
@strchr$qpci
@strchr$qpxci
@string@$bctr$qpxc
@string@$bctr$qrx6string
@string@$bctr$qv
@string@$bdtr$qv
@string@assign$qrx6stringuiui
@string@compare$xqrx6string
@strrchr$qpci
@strstr$qpcpxc
@strstr$qpxct1
__ErrorExit
__ExceptionHandler
___debuggerDisableTerminateCallback
__argc
__argv
__assert
__chartype
__exitargv
__flushall
__mbctype
__mbsstr
__setargv
__startup
_abort
_atol
_calloc
_close
_exit
_fclose
_fgets
_findfirst
_findnext
_fnmerge
_fnsplit
_fputs
_free
_fseek
_getdate
_gettime
_itoa
_localtime
_ltoa
_malloc
_memcmp
_memcpy
_memset
_mkdir
_mktemp
_open
_printf
_read
_realloc
_remove
_rename
_sprintf
_sscanf
_stat
_strcat
_strcmp
_strcpy
_strdup
_stricmp
_strlen
_strlwr
_strncat
_strncpy
_strtok
_strupr
_time
_tmpfile
_toupper
_unlink
_write

Exports

Exports

@TDDECallback@DdeCallback1$qqsuiuip7HCONV__p5HSZ__t4p10HDDEDATA__ulul
@TDDECallback@DdeCallback10$qqsuiuip7HCONV__p5HSZ__t4p10HDDEDATA__ulul
@TDDECallback@DdeCallback2$qqsuiuip7HCONV__p5HSZ__t4p10HDDEDATA__ulul
@TDDECallback@DdeCallback3$qqsuiuip7HCONV__p5HSZ__t4p10HDDEDATA__ulul
@TDDECallback@DdeCallback4$qqsuiuip7HCONV__p5HSZ__t4p10HDDEDATA__ulul
@TDDECallback@DdeCallback5$qqsuiuip7HCONV__p5HSZ__t4p10HDDEDATA__ulul
@TDDECallback@DdeCallback6$qqsuiuip7HCONV__p5HSZ__t4p10HDDEDATA__ulul
@TDDECallback@DdeCallback7$qqsuiuip7HCONV__p5HSZ__t4p10HDDEDATA__ulul
@TDDECallback@DdeCallback8$qqsuiuip7HCONV__p5HSZ__t4p10HDDEDATA__ulul
@TDDECallback@DdeCallback9$qqsuiuip7HCONV__p5HSZ__t4p10HDDEDATA__ulul
__DebuggerHookData
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 275KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 58KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ecgdb.exe
.exe windows x86

fda1ee670f572423bbf2f96b952a1656

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

owl52f

@B_Dispatch$qr7GENERICM7GENERICqv$4booluil
@GetApplicationObject$qui
@I32_WPARAM_LPARAM_Dispatch$qr7GENERICM7GENERICquil$luil
@TApplication@$bctr$qpxcp11HINSTANCE__t2t1irp7TModulep14TAppDictionary
@TApplication@$bdtr$qv
@TApplication@CanClose$qv
@TApplication@EnableCtl3d$q4bool
@TApplication@Find$qr24TEventHandler@TEventInfopqr31%TResponseTableEntry$t7GENERIC%r24TEventHandler@TEventInfo$4bool
@TApplication@IdleAction$ql
@TApplication@InitApplication$qv
@TApplication@InitInstance$qv
@TApplication@MessageBox$qp6HWND__pxct2ui
@TApplication@MessageLoop$qv
@TApplication@PreProcessMenu$qp7HMENU__
@TApplication@ProcessAppMsg$qr6tagMSG
@TApplication@ProcessMsg$qr6tagMSG
@TApplication@Run$qv
@TApplication@SetMainWindow$qp12TFrameWindow
@TApplication@Start$qv
@TApplication@TermInstance$qi
@TClientDC@$bctr$qp6HWND__
@TDC@$bdtr$qv
@TDialog@$bdtr$qv
@TEventHandler@Find$qr24TEventHandler@TEventInfopqr31%TResponseTableEntry$t7GENERIC%r24TEventHandler@TEventInfo$4bool
@TEventHandler@SearchEntries$qp31%TResponseTableEntry$t7GENERIC%r24TEventHandler@TEventInfopqr31%TResponseTableEntry$t7GENERIC%r24TEventHandler@TEventInfo$4bool
@TFont@$bctr$qp7HFONT__11TAutoDelete
@TFrameWindow@$bctr$qp7TWindowpxct14boolp7TModule
@TFrameWindow@$bdtr$qv
@TFrameWindow@AssignMenu$q6TResId
@TFrameWindow@CleanupWindow$qv
@TFrameWindow@EvCommand$quip6HWND__ui
@TFrameWindow@EvCommandEnable$qr15TCommandEnabler
@TFrameWindow@Find$qr24TEventHandler@TEventInfopqr31%TResponseTableEntry$t7GENERIC%r24TEventHandler@TEventInfo$4bool
@TFrameWindow@GetClientWindow$qv
@TFrameWindow@GetCommandTarget$qv
@TFrameWindow@HoldFocusHWnd$qp6HWND__t1
@TFrameWindow@IdleAction$ql
@TFrameWindow@PreProcessMsg$qr6tagMSG
@TFrameWindow@RemoveChild$qp7TWindow
@TFrameWindow@SetClientWindow$qp7TWindow
@TFrameWindow@SetDocTitle$qpxci
@TFrameWindow@SetIcon$qp7TModule6TResId
@TFrameWindow@SetIconSm$qp7TModule6TResId
@TFrameWindow@SetMenu$qp7HMENU__
@TFrameWindow@SetupWindow$qv
@TGdiObject@$bdtr$qv
@TInputDialog@$bctr$qp7TWindowpxct2pcip7TModulep10TValidator
@TInputDialog@$bdtr$qv
@TModule@$bdtr$qv
@TModule@Error$qi
@TModule@Error$qr4xmsguiui
@TWindow@$bctr$qp7TWindowpxcp7TModule
@TWindow@$bctr$qv
@TWindow@$bdtr$qv
@TWindow@CanClose$qv
@TWindow@CleanupWindow$qv
@TWindow@CloseWindow$qi
@TWindow@Create$qv
@TWindow@DefWindowProcA$quiuil
@TWindow@DefaultProcessing$qv
@TWindow@Destroy$qi
@TWindow@DoExecute$qv
@TWindow@EvCommand$quip6HWND__ui
@TWindow@EvCommandEnable$qr15TCommandEnabler
@TWindow@EvDestroy$qv
@TWindow@EvNotify$quir7TNotify
@TWindow@Execute$qv
@TWindow@Find$qr24TEventHandler@TEventInfopqr31%TResponseTableEntry$t7GENERIC%r24TEventHandler@TEventInfo$4bool
@TWindow@GetClassNameA$qv
@TWindow@GetWindowClass$qr12tagWNDCLASSA
@TWindow@HoldFocusHWnd$qp6HWND__t1
@TWindow@IdleAction$ql
@TWindow@Paint$qr3TDC4boolr5TRect
@TWindow@PerformCreate$qi
@TWindow@PreProcessMsg$qr6tagMSG
@TWindow@Register$qv
@TWindow@RemoveChild$qp7TWindow
@TWindow@SetDocTitle$qpxci
@TWindow@SetParent$qp7TWindow
@TWindow@SetupWindow$qv
@TWindow@ShowWindow$qi
@TWindow@Transfer$qpv18TTransferDirection
@TWindow@TransferData$q18TTransferDirection
@TWindow@WindowProc$quiuil
@TWindowDC@$bdtr$qv
@v_Dispatch$qr7GENERICM7GENERICqv$vuil
@v_U_POINT_Dispatch$qr7GENERICM7GENERICquir6TPoint$vuil
@v_U_U_U_Dispatch$qr7GENERICM7GENERICquiuiui$vuil
@v_WPARAM_Dispatch$qr7GENERICM7GENERICqui$vuil

bds52f

@TStreamableBase@$bdtr$qv

kernel32

CreateProcessA
FormatMessageA
FreeLibrary
GetCurrentProcess
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProcAddress
GetProfileIntA
GetProfileStringA
GetTickCount
GetUserDefaultLCID
GetVersionExA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
LoadLibraryA
LocalAlloc
LocalFree
SetPriorityClass
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WritePrivateProfileStringA
_lclose
_lcreat
_llseek
_lopen
_lread
_lwrite
lstrcmpA
lstrcmpiA
GlobalHandle

gdi32

GetStockObject
GetTextMetricsA

shell32

DragAcceptFiles
DragFinish
DragQueryFileA

user32

CharNextA
DdeClientTransaction
DdeConnect
DdeCreateDataHandle
DdeCreateStringHandleA
DdeDisconnect
DdeFreeDataHandle
DdeFreeStringHandle
DdeGetData
DdeInitializeA
DdeNameService
DdeQueryConvInfo
DdeQueryStringA
DdeUninitialize
DispatchMessageA
EnableWindow
FindWindowA
GetSysColor
GetSystemMetrics
LoadCursorA
LoadStringA
MessageBoxA
MessageBoxExA
MoveWindow
PeekMessageA
PostMessageA
RegisterWindowMessageA
ReleaseCapture
ScrollWindow
SendMessageA
SetCapture
SetCursor
SetMessageQueue
TranslateMessage
wsprintfA
wvsprintfA

cw3230

@$bdele$qpv
@$bdla$qpv
@$bnew$qui
@$bnwa$qui
@_CatchCleanup$qv
@_ReThrowException$quipuc
@__lockDebuggerData$qv
@__unlockDebuggerData$qv
@strchr$qpci
@strchr$qpxci
@string@$bctr$qpxc
@string@$bctr$qrx6string
@string@$bctr$qv
@string@$bdtr$qv
@string@assign$qrx6stringuiui
@strrchr$qpci
@strstr$qpcpxc
__ErrorExit
__ExceptionHandler
___debuggerDisableTerminateCallback
__argc
__argv
__assert
__chartype
__exitargv
__flushall
__mbctype
__mbsstr
__setargv
__startup
_abort
_access
_atol
_calloc
_close
_exit
_fnmerge
_fnsplit
_free
_getdate
_getenv
_gettime
_itoa
_localtime
_lseek
_ltoa
_malloc
_memcmp
_memcpy
_memmove
_memset
_mkdir
_mktemp
_open
_printf
_read
_realloc
_remove
_rename
_sprintf
_sscanf
_stat
_strcat
_strcmp
_strcpy
_stricmp
_strlen
_strncat
_strncpy
_strnicmp
_strtok
_strupr
_time
_toupper
_unlink
_write

Exports

Exports

@TDDECallback@DdeCallback1$qqsuiuip7HCONV__p5HSZ__t4p10HDDEDATA__ulul
@TDDECallback@DdeCallback10$qqsuiuip7HCONV__p5HSZ__t4p10HDDEDATA__ulul
@TDDECallback@DdeCallback2$qqsuiuip7HCONV__p5HSZ__t4p10HDDEDATA__ulul
@TDDECallback@DdeCallback3$qqsuiuip7HCONV__p5HSZ__t4p10HDDEDATA__ulul
@TDDECallback@DdeCallback4$qqsuiuip7HCONV__p5HSZ__t4p10HDDEDATA__ulul
@TDDECallback@DdeCallback5$qqsuiuip7HCONV__p5HSZ__t4p10HDDEDATA__ulul
@TDDECallback@DdeCallback6$qqsuiuip7HCONV__p5HSZ__t4p10HDDEDATA__ulul
@TDDECallback@DdeCallback7$qqsuiuip7HCONV__p5HSZ__t4p10HDDEDATA__ulul
@TDDECallback@DdeCallback8$qqsuiuip7HCONV__p5HSZ__t4p10HDDEDATA__ulul
@TDDECallback@DdeCallback9$qqsuiuip7HCONV__p5HSZ__t4p10HDDEDATA__ulul
__DebuggerHookData
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 139KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ecgpaint.exe
.exe windows x86

941915140b7b2a4617432b5d18a105e2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imgctl

ord22
ord27
ord24
ord36
ord23
ord25
ord26
ord28
ord5

sysdef

?getRhythmLead@TSystemDefinition@@QAEHXZ
?getPngCompLevel@TSystemDefinition@@QAEHXZ
?ConvertFileName@@YAXPAD@Z
??1TSystemDefinition@@QAE@XZ
??0TSystemDefinition@@QAE@XZ
?getJapanese@TSystemDefinition@@QAEHXZ
?getGridColorJpeg@TSystemDefinition@@QAEHAAH00@Z
?getEditGridColorJpeg@TSystemDefinition@@QAEHAAH00@Z
?getChinese@TSystemDefinition@@QAEHXZ
?getOutputFileSecurity@TSystemDefinition@@QAE_NW4FILE_OUTPUT_TYPE@@@Z
?getOutputText@TSystemDefinition@@QAE_NW4FILE_OUTPUT_TYPE@@@Z
?getImgType@TSystemDefinition@@QAEHXZ
?getImgDensity@TSystemDefinition@@QAEHXZ
?getImgSize@TSystemDefinition@@QAEHXZ
?getJpegQuality@TSystemDefinition@@QAEHXZ

kernel32

GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentDirectoryA
SizeofResource
GetCPInfo
GetOEMCP
FileTimeToSystemTime
FileTimeToLocalFileTime
RtlUnwind
ExitProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
HeapAlloc
HeapFree
RaiseException
ExitThread
HeapSize
HeapReAlloc
GetACP
GetTimeZoneInformation
GetSystemTime
GetLocalTime
FatalAppExitA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
SetConsoleCtrlHandler
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
GetProfileStringA
SetErrorMode
SetFileAttributesA
SetFileTime
SystemTimeToFileTime
GetProcAddress
LoadLibraryA
FreeLibrary
SetEvent
CloseHandle
WriteFile
SetFilePointer
CreateFileA
FindClose
FindFirstFileA
DeleteFileA
GetLastError
CopyFileA
SetLastError
GetDiskFreeSpaceExA
MoveFileA
ReadFile
GetFileSize
SetEndOfFile
CreateDirectoryA
Sleep
GetTempPathA
CreateThread
FlushFileBuffers
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleA
MulDiv
GlobalUnlock
GlobalLock
InterlockedIncrement
TlsAlloc
InterlockedDecrement
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
DuplicateHandle
GetCurrentProcess
LockFile
UnlockFile
lstrcpyA
GetVolumeInformationA
lstrcpynA
GetFullPathNameA
GetStringTypeExA
GetThreadLocale
lstrcmpiA
GetShortPathNameA
GetModuleFileNameA
LocalFree
FormatMessageA
GetCurrentThreadId
GetCurrentThread
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
WaitForSingleObject
ResumeThread
SetThreadPriority
SuspendThread
CreateEventA
LoadResource
FindResourceA
LockResource
GlobalFree
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
lstrcatA
GetVersion
GlobalFlags
GetFileAttributesA
GetFileTime
LocalFileTimeToFileTime
LocalAlloc

user32

GetWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CreateWindowExA
DefWindowProcA
SetWindowPlacement
TrackPopupMenu
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
IsChild
GetTopWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetScrollInfo
GetScrollInfo
ScrollWindow
EndDeferWindowPos
BeginDeferWindowPos
DeferWindowPos
EqualRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
UpdateWindow
wvsprintfA
GetClassNameA
PtInRect
GetDesktopWindow
LoadCursorA
GetSysColorBrush
SetCapture
ReleaseCapture
WaitMessage
GetWindowThreadProcessId
WindowFromPoint
InsertMenuA
DeleteMenu
GetMenuStringA
GetDialogBaseUnits
DestroyMenu
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
InvalidateRect
BringWindowToTop
RegisterWindowMessageA
OffsetRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
SetFocus
ShowWindow
SetWindowPos
MoveWindow
SetWindowLongA
GetDlgCtrlID
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
SendDlgItemMessageA
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SetCursor
ShowOwnedPopups
PostQuitMessage
CopyRect
InflateRect
IntersectRect
LoadStringA
CharUpperA
OemToCharA
CharToOemA
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
LoadIconA
EnableWindow
GetClientRect
IsIconic
SendMessageA
DrawIcon
GetSystemMetrics
KillTimer
SetTimer
GetActiveWindow
PostMessageA
DrawTextA
wsprintfA
MessageBoxA
SetForegroundWindow
IsWindowUnicode
CharNextA
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
GetCursorPos

gdi32

BitBlt
GetTextExtentPointA
GetTextMetricsA
GetTextExtentPoint32A
GetObjectA
GetDCOrgEx
DPtoLP
CreateFontIndirectA
CreateRectRgnIndirect
CombineRgn
SetRectRgn
PatBlt
CreateBitmap
GetMapMode
Escape
TextOutA
RectVisible
PtVisible
CreateDIBPatternBrushPt
CreatePatternBrush
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
CreateRectRgn
GetClipRgn
DeleteObject
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo
GetCurrentPositionEx
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
MoveToEx
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkColor
SelectPalette
RestoreDC
SaveDC
StartDocA
Rectangle
CreateCompatibleBitmap
CreateFontA
CreateDCA
CreateCompatibleDC
DeleteDC
GetCurrentObject
Polyline
SelectObject
CreatePen
GetStockObject
GetTextColor
GetBkColor
SetTextColor
ExtTextOutA
SetBkMode
CreateDIBitmap

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA

shell32

DragQueryFileA
DragFinish
DragAcceptFiles
SHGetFileInfoA

comctl32

ord14
ImageList_Destroy
ord13
ord17
ImageList_Write
ImageList_Read
ImageList_Merge
ImageList_LoadImageA
ImageList_Create

Sections

.text
Size: 440KB - Virtual size: 438KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 876KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
imgctl.dll
.dll windows x86

076dfe5c2a4fc0dea9b23dad83ec98b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

WindowFromDC
GetClientRect

gdi32

CreateDIBSection
SetStretchBltMode
BitBlt
DeleteDC
DeleteObject
StretchBlt
SelectObject
CreateCompatibleDC
GetObjectA
GetCurrentObject

kernel32

GetStringTypeW
HeapFree
HeapAlloc
HeapReAlloc
GetSystemTimeAsFileTime
GetCurrentThreadId
TlsSetValue
GetCommandLineA
GetVersionExA
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
GetLastError
SetFilePointer
CloseHandle
ReadFile
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
VirtualAlloc
WriteFile
RtlUnwind
WideCharToMultiByte
GetTimeZoneInformation
TlsFree
SetLastError
TlsGetValue
TlsAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
FlushFileBuffers
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
SetStdHandle
CreateFileA
InitializeCriticalSection
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
HeapSize
MultiByteToWideChar
VirtualProtect
GetSystemInfo
VirtualQuery
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
LCMapStringA
LCMapStringW
RaiseException
GetLocaleInfoA
GetStringTypeA

Exports

Exports

BMPtoDIB
ColorDIB
ContrastDIB
CopyDIB
CreateDIB
CutDIB
DCtoDIB
DIBDIBits
DIBStretchDIBits
DIBStretchDIBits2
DIBto16Bit
DIBto16BitEx
DIBto24Bit
DIBto8Bit
DIBtoBMP
DIBtoDC
DIBtoDCex
DIBtoDCex2
DIBtoJPG
DIBtoPNG
DIBtoPNGex
DIBtoRLE
DataDIB
DeleteDIB
GammaDIB
GetDIB
GetImageType
GrayDIB
HeadDIB
ImgctlBeta
ImgctlError
ImgctlErrorClear
ImgctlVersion
InfoPNG
IsRLE
JPGtoDIB
MapDIB
PNGAtoDIB
PNGtoDIB
PaletteDIB
PasteDIB
PixelDIB
PointerOf
RLEtoDIB
RepaintDIB
ReplaceDIB
ResizeDIB
ShadeDIB
TableDIB
ToDIB
ToneDIB
TurnDIB
TurnDIBex

Sections

.text
Size: 288KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
sysdef.dll
.dll windows x86

8cec1f826c8de47bcf22dc04a3955c30

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetProfileStringA
GetPrivateProfileIntA
GetUserDefaultLCID
GetCommandLineA
GetVersion
HeapAlloc
HeapFree
GetCPInfo
GetACP
GetOEMCP
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
HeapReAlloc
SetFilePointer
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetProcAddress
LoadLibraryA
SetStdHandle
RtlUnwind
ReadFile
FlushFileBuffers
CloseHandle

user32

wsprintfA

Exports

Exports

??0TSystemDefinition@@QAE@XZ
??1TSystemDefinition@@QAE@XZ
??4TSystemDefinition@@QAEAAV0@ABV0@@Z
?ConvertFileName@@YAXPAD@Z
?Japan@TSystemDefinition@@QAEHXZ
?SetJapanese@TSystemDefinition@@SAXH@Z
?buf_to_HARDSW@TSystemDefinition@@AAEHPBDAAUHARDSW@@@Z
?decodeDestName@TSystemDefinition@@AAEXPAE0@Z
?encodeDestName@TSystemDefinition@@AAEXPAE0@Z
?entryDBAlias@TSystemDefinition@@QAEHJPBD@Z
?entryDriveAlias@TSystemDefinition@@QAEHHPBD@Z
?entrySearchPath@TSystemDefinition@@QAEHHPBD@Z
?getAllDb@TSystemDefinition@@QAEHXZ
?getAutoPatAddCondition@TSystemDefinition@@QAEHXZ
?getAutoPatient@TSystemDefinition@@QAEHXZ
?getBackupCommand@TSystemDefinition@@QAEPADXZ
?getBaudRate@TSystemDefinition@@QAEJXZ
?getBigGrid@TSystemDefinition@@QAEHXZ
?getBigGridWidth@TSystemDefinition@@QAEHXZ
?getBkEnable@TSystemDefinition@@QAEHXZ
?getCD_VolumeCheck@TSystemDefinition@@QAEHXZ
?getCSVFileFormat@TSystemDefinition@@QAEHH@Z
?getChinese@TSystemDefinition@@QAEHXZ
?getComEnable@TSystemDefinition@@QAE_NXZ
?getComPort@TSystemDefinition@@QAEHXZ
?getCommSet@TSystemDefinition@@QAEXAAUHARDSW@@@Z
?getDBAlias@TSystemDefinition@@QAEXJPADH@Z
?getDBMSpath@TSystemDefinition@@QAEXPAD@Z
?getDebug@TSystemDefinition@@QAEHXZ
?getDriveAlias@TSystemDefinition@@QAEXHPADH@Z
?getEcg8000@TSystemDefinition@@QAEHXZ
?getEditGridColor@TSystemDefinition@@QAEHAAH00@Z
?getEditGridColorJpeg@TSystemDefinition@@QAEHAAH00@Z
?getFileRegistDirectory@TSystemDefinition@@QAEXPAD@Z
?getFilterTestMode@TSystemDefinition@@QAEHXZ
?getGrid@TSystemDefinition@@QAEHXZ
?getGridColor@TSystemDefinition@@QAEHAAH00@Z
?getGridColorJpeg@TSystemDefinition@@QAEHAAH00@Z
?getImgDensity@TSystemDefinition@@QAEHXZ
?getImgSize@TSystemDefinition@@QAEHXZ
?getImgType@TSystemDefinition@@QAEHXZ
?getJapanese@TSystemDefinition@@QAEHXZ
?getJpegQuality@TSystemDefinition@@QAEHXZ
?getLatestDbPath@TSystemDefinition@@QAEXPAD@Z
?getLatestDoctor@TSystemDefinition@@QAEXPAD@Z
?getLatestSearchKind@TSystemDefinition@@QAEXPAD@Z
?getLocaleInfo@TSystemDefinition@@QAEXPAD@Z
?getNetworkEnableMode@TSystemDefinition@@QAEHXZ
?getNoGridMode@TSystemDefinition@@QAEHXZ
?getOnLineCSV@TSystemDefinition@@QAEHXZ
?getOutputDirectory@TSystemDefinition@@QAEXPADW4FILE_OUTPUT_TYPE@@@Z
?getOutputFileSecurity@TSystemDefinition@@QAE_NW4FILE_OUTPUT_TYPE@@@Z
?getOutputText@TSystemDefinition@@QAE_NW4FILE_OUTPUT_TYPE@@@Z
?getPassword@TSystemDefinition@@QAEXPAD@Z
?getPatInfoPos@TSystemDefinition@@QAEHW4PAT_INFO_ITEM@@AAH1@Z
?getPatInfoSexCode@TSystemDefinition@@QAEHHPAD@Z
?getPatdbPath@TSystemDefinition@@QAEXPAD@Z
?getPngCompLevel@TSystemDefinition@@QAEHXZ
?getPrinterInfo@TSystemDefinition@@QAEXPAD00@Z
?getPrinterInfo@TSystemDefinition@@QAEXPAD@Z
?getReportFormat2@TSystemDefinition@@QAEHXZ
?getReportFormat@TSystemDefinition@@QAEHXZ
?getRhythmLead@TSystemDefinition@@QAEHXZ
?getSearchPath@TSystemDefinition@@QAEXHPADH@Z
?getSelectorFormat@TSystemDefinition@@QAEXPAD@Z
?getSystemDefPrinterInfo@TSystemDefinition@@QAEHPAD00@Z
?getTestCodeEditID@TSystemDefinition@@QAEHXZ
?getToshibaHostConnect@TSystemDefinition@@QAEHXZ
?getToshibaHostInfo@TSystemDefinition@@QAEHW4T_PROT_INFORMATION@@@Z
?getViewMode@TSystemDefinition@@QAE?AW4VIEW_MODE@@XZ
?getWavePrintSenseMode@TSystemDefinition@@QAE?AW4SENSE_MODE@@XZ
?getdbPath@TSystemDefinition@@QAEXPADH@Z
?getdbStorePath@TSystemDefinition@@QAEXPAD@Z
?japanese@TSystemDefinition@@2HA
?setAutoPatAddCondition@TSystemDefinition@@QAEHH@Z
?setAutoPatient@TSystemDefinition@@QAEHH@Z
?setBackupCommand@TSystemDefinition@@QAEHPBD@Z
?setBaudRate@TSystemDefinition@@QAEXJ@Z
?setBigGrid@TSystemDefinition@@QAEXH@Z
?setBigGridWidth@TSystemDefinition@@QAEXH@Z
?setBkEnable@TSystemDefinition@@QAEHH@Z
?setCSVFileFormat@TSystemDefinition@@QAEHHH@Z
?setComEnable@TSystemDefinition@@QAEX_N@Z
?setComPort@TSystemDefinition@@QAEXH@Z
?setCommSet@TSystemDefinition@@QAEHABUHARDSW@@@Z
?setDBMSpath@TSystemDefinition@@QAEHPBD@Z
?setFileRegistDirectory@TSystemDefinition@@QAEHPBD@Z
?setGrid@TSystemDefinition@@QAEHH@Z
?setImgDensity@TSystemDefinition@@QAEXH@Z
?setImgSize@TSystemDefinition@@QAEXH@Z
?setImgType@TSystemDefinition@@QAEXH@Z
?setLatestDbPath@TSystemDefinition@@QAEHPBD@Z
?setLatestDoctor@TSystemDefinition@@QAEHPBD@Z
?setLatestSearchKind@TSystemDefinition@@QAEHPBD@Z
?setModemUse@TSystemDefinition@@QAEHHH@Z
?setNetworkEnableMode@TSystemDefinition@@QAEXH@Z
?setOnLineCSV@TSystemDefinition@@QAEHH@Z
?setOutputDirectory@TSystemDefinition@@QAEHPBDW4FILE_OUTPUT_TYPE@@@Z
?setOutputFileSecurity@TSystemDefinition@@QAEX_NW4FILE_OUTPUT_TYPE@@@Z
?setOutputText@TSystemDefinition@@QAEX_NW4FILE_OUTPUT_TYPE@@@Z
?setPassword@TSystemDefinition@@QAEHPBD@Z
?setPatInfoPos@TSystemDefinition@@QAEHW4PAT_INFO_ITEM@@HH@Z
?setPatInfoSexCode@TSystemDefinition@@QAEHHPAD@Z
?setPatdbPath@TSystemDefinition@@QAEHPBD@Z
?setPrinterInfo@TSystemDefinition@@QAEHPBD00@Z
?setPrinterInfo@TSystemDefinition@@QAEHPBD@Z
?setReportFormat2@TSystemDefinition@@QAEHH@Z
?setReportFormat@TSystemDefinition@@QAEHH@Z
?setRhythmLead@TSystemDefinition@@QAEHH@Z
?setSelectorFormat@TSystemDefinition@@QAEHPBD@Z
?setToshibaHostConnect@TSystemDefinition@@QAEHH@Z
?setToshibaHostInfo@TSystemDefinition@@QAEHW4T_PROT_INFORMATION@@H@Z
?setViewMode@TSystemDefinition@@QAEHW4VIEW_MODE@@@Z
?setWavePrintSenseMode@TSystemDefinition@@QAEXW4SENSE_MODE@@@Z
?setdbPath@TSystemDefinition@@QAEHPBDH@Z
?setdbStorePath@TSystemDefinition@@QAEHPBD@Z

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
tcpip.exe
.exe windows x86

df6f2497bfe4a963da2af82e1520239e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
CreateProcessA
GetTickCount
DeleteFileA
CopyFileA
GetPrivateProfileStringA
GetCurrentDirectoryA
CloseHandle
ReadFile
CreateFileA
GetModuleFileNameA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetUserDefaultLCID
ReleaseMutex
GetLastError
CreateMutexA
InitializeCriticalSection
DeleteCriticalSection
CreateThread
CreateEventA
WaitForSingleObject
SetEvent
ResetEvent
LeaveCriticalSection
EnterCriticalSection
WaitForMultipleObjects
GetWindowsDirectoryA
FindClose
FindFirstFileA
GetLocalTime
FindNextFileA
WriteFile
CreateDirectoryA
SetStdHandle
LoadLibraryA
GetProcAddress
LCMapStringW
LCMapStringA
SetFilePointer
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetOEMCP
GetACP
GetCPInfo
IsBadWritePtr
VirtualAlloc
FlushFileBuffers
VirtualFree
HeapCreate
HeapDestroy
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapFree
HeapReAlloc
HeapAlloc
RtlUnwind

user32

LoadCursorA
MessageBoxA
wsprintfA
DdeInitializeA
DdeUninitialize
DdeCreateStringHandleA
DdeFreeStringHandle
DispatchMessageA
TranslateMessage
PeekMessageA
DdeConnect
DdeDisconnect
DdeFreeDataHandle
DdeGetData
KillTimer
SetTimer
FindWindowA
SendMessageA
DefWindowProcA
DestroyWindow
PostQuitMessage
ShowWindow
UpdateWindow
LoadIconA
CreateWindowExA
RegisterClassExA
LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
CharNextA
DdeQueryStringA
DdeQueryConvInfo
DdeCreateDataHandle
DdeClientTransaction
DdeGetLastError

ws2_32

WSACleanup
closesocket
listen
bind
WSASend
WSACreateEvent
WSARecv
WSAGetLastError
WSAGetOverlappedResult
accept
inet_ntoa
WSAStartup
socket
htons

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Resubmissions

Sharing

General

Malware Config

Signatures

Files

d98be1a3793cdbcf34b1797337bde9d3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 144KB - Virtual size: 140KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 16KB - Virtual size: 12KB

.rmnet Size: 60KB - Virtual size: 60KB

fe2ff8bf2ac235c167911e55f56bf027

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 2KB

.rmnet Size: 60KB - Virtual size: 60KB

83a272e660680b57b1c5817e0fe7ec64

Headers

File Characteristics

Imports

owl52f

bds52f

kernel32

comdlg32

gdi32

shell32

user32

cw3230

Exports

Exports

Sections

.text Size: 275KB - Virtual size: 276KB

.data Size: 65KB - Virtual size: 136KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 14KB - Virtual size: 16KB

.edata Size: 1024B - Virtual size: 4KB

.rsrc Size: 58KB - Virtual size: 60KB

.reloc Size: 17KB - Virtual size: 20KB

.rmnet Size: 56KB - Virtual size: 60KB

fda1ee670f572423bbf2f96b952a1656

Headers

File Characteristics

Imports

owl52f

bds52f

kernel32

gdi32

shell32

user32

cw3230

Exports

Exports

Sections

.text Size: 139KB - Virtual size: 140KB

.text
Size: 144KB - Virtual size: 140KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 16KB - Virtual size: 12KB

.rmnet
Size: 60KB - Virtual size: 60KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 2KB

.rmnet
Size: 60KB - Virtual size: 60KB

.text
Size: 275KB - Virtual size: 276KB

.data
Size: 65KB - Virtual size: 136KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 14KB - Virtual size: 16KB

.edata
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 58KB - Virtual size: 60KB

.reloc
Size: 17KB - Virtual size: 20KB

.rmnet
Size: 56KB - Virtual size: 60KB

.text
Size: 139KB - Virtual size: 140KB

.data
Size: 34KB - Virtual size: 36KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 8KB - Virtual size: 8KB

.edata
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 4KB

.reloc
Size: 7KB - Virtual size: 8KB

.rmnet
Size: 56KB - Virtual size: 60KB

.text
Size: 440KB - Virtual size: 438KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 40KB - Virtual size: 876KB

.idata
Size: 16KB - Virtual size: 13KB

.rsrc
Size: 24KB - Virtual size: 22KB

.reloc
Size: 28KB - Virtual size: 27KB

.rmnet
Size: 60KB - Virtual size: 60KB

.text
Size: 288KB - Virtual size: 284KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 12KB - Virtual size: 15KB

.reloc
Size: 12KB - Virtual size: 9KB

.rmnet
Size: 60KB - Virtual size: 60KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 8KB - Virtual size: 10KB

.reloc
Size: 8KB - Virtual size: 4KB

.rmnet
Size: 60KB - Virtual size: 60KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 11KB