d7fb0cefe16760c341b4950f9c986e3297de4935e699a3c3be0cc98ca8e06026

Sharing

Copy URL

Twitter E-mail

General

Target

d7fb0cefe16760c341b4950f9c986e3297de4935e699a3c3be0cc98ca8e06026
Size

2.7MB
MD5

5c030fd160ef6aec656ab7163bac7205
SHA1

27a1525246cf93d5910b496f133a9397956a78f6
SHA256

d7fb0cefe16760c341b4950f9c986e3297de4935e699a3c3be0cc98ca8e06026
SHA512

98a484197c3e13930a6c8aa839e2d3aafba9cc530d96ad367adc1299dae399ac27d05c8f7e4cb9853a411c8fde92505303e2902965df7ecdaefa326869517fda
SSDEEP

49152:AHFGKYqW/f8wFU/Xt0eOvR235cRPaTTmhIEXqXbjNWSIZ/qB11Da8g+/8PWG1eP5:osqyf8cHeOvsCyvqqtWJqBvo+kPWbx

Score

N/A

Malware Config

Signatures

Files

d7fb0cefe16760c341b4950f9c986e3297de4935e699a3c3be0cc98ca8e06026
.zip
(2040 2135 2635 2540 2235)kmtwainlang.dll
.dll regsvr32 windows x86

256786d487a8a059f70ad2383495f286

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord4486
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord5500
ord1199
ord1247
ord1132
ord6467
ord1131
ord6354
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord6375
ord3831
ord4274
ord269
ord826
ord600
ord1578
ord1255
ord1116

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
??2@YAPAXI@Z
__CxxFrameHandler

kernel32

LocalFree
LocalAlloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
(2040 2135 2635 2540 2235)kmtwainlang.dll12
.dll regsvr32 windows x86

256786d487a8a059f70ad2383495f286

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord4486
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord5500
ord1199
ord1247
ord1132
ord6467
ord1131
ord6354
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord6375
ord3831
ord4274
ord269
ord826
ord600
ord1578
ord1255
ord1116

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
??2@YAPAXI@Z
__CxxFrameHandler

kernel32

LocalFree
LocalAlloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
(2040 2135 2635 2540 2235)kmtwainlang.dll3
.dll regsvr32 windows x86

256786d487a8a059f70ad2383495f286

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord4486
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord5500
ord1199
ord1247
ord1132
ord6467
ord1131
ord6354
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord6375
ord3831
ord4274
ord269
ord826
ord600
ord1578
ord1255
ord1116

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
??2@YAPAXI@Z
__CxxFrameHandler

kernel32

LocalFree
LocalAlloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
(2040 2135 2635 2540 2235)kmtwainlang.dll7
.dll regsvr32 windows x86

256786d487a8a059f70ad2383495f286

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord4486
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord5500
ord1199
ord1247
ord1132
ord6467
ord1131
ord6354
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord6375
ord3831
ord4274
ord269
ord826
ord600
ord1578
ord1255
ord1116

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
??2@YAPAXI@Z
__CxxFrameHandler

kernel32

LocalFree
LocalAlloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Index_dll.dll
.dll windows x86

12e3ab750ea5086d35954831823160d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeInformationA
GetSystemTime
GetStringTypeExA
lstrcpynA
GetFullPathNameA
GetShortPathNameA
GetThreadLocale
lstrcmpiA
GetCurrentThread
GetModuleFileNameA
GetCurrentThreadId
GlobalAlloc
lstrcmpA
GlobalDeleteAtom
SetEvent
GlobalLock
WaitForSingleObject
InterlockedIncrement
SuspendThread
CreateEventA
LocalFree
InterlockedDecrement
WideCharToMultiByte
InitializeCriticalSection
FormatMessageA
LocalAlloc
GlobalFree
TlsAlloc
DeleteCriticalSection
GetLocaleInfoW
GlobalUnlock
GetUserDefaultLCID
SetEnvironmentVariableA
GetVersionExA
IsValidCodePage
EnumSystemLocalesA
GetLocaleInfoA
SetStdHandle
IsValidLocale
IsBadCodePtr
GetStringTypeW
Sleep
SetUnhandledExceptionFilter
SetConsoleCtrlHandler
GetStringTypeA
UnhandledExceptionFilter
LCMapStringW
CompareStringW
CompareStringA
GetEnvironmentStrings
LCMapStringA
GetEnvironmentStringsW
VirtualAlloc
FreeEnvironmentStringsW
FreeEnvironmentStringsA
HeapDestroy
VirtualFree
HeapCreate
HeapAlloc
HeapFree
HeapReAlloc
GetFileType
FatalAppExitA
GetStartupInfoA
GetLocalTime
SetHandleCount
GetACP
GetTimeZoneInformation
FindFirstFileA
FindClose
RaiseException
ExitThread
ExitProcess
CreateThread
lstrlenA
MultiByteToWideChar
lstrcpyA
TerminateProcess
DebugBreak
OutputDebugStringA
GetStdHandle
HeapValidate
GetCommandLineA
RtlUnwind
GetOEMCP
GetDiskFreeSpaceA
GetTempFileNameA
GetProcessVersion
GetCPInfo
SizeofResource
GetPrivateProfileStringA
GetCurrentDirectoryA
WritePrivateProfileStringA
SetFileAttributesA
GetPrivateProfileIntA
GlobalFlags
LocalFileTimeToFileTime
SetFileTime
SystemTimeToFileTime
GetFileAttributesA
GetFileTime
GetFileSize
VirtualProtect
GetProfileIntA
MulDiv
SetThreadPriority
ResumeThread
GetThreadPriority
GlobalAddAtomA
FreeLibrary
GlobalGetAtomNameA
LockResource
GlobalFindAtomA
GetModuleHandleA
FreeResource
FindResourceA
LoadResource
IsBadReadPtr
FileTimeToLocalFileTime
FileTimeToSystemTime
IsBadStringPtrW
IsBadWritePtr
IsBadStringPtrA
lstrcatA
SetLastError
GetVersion
LocalReAlloc
SetErrorMode
TlsGetValue
GlobalReAlloc
TlsSetValue
EnterCriticalSection
GlobalHandle
LeaveCriticalSection
TlsFree
LoadLibraryA
SetFilePointer
GetLastError
DuplicateHandle
GetCurrentProcess
CreateFileA
ReadFile
WriteFile
GetProcAddress
FlushFileBuffers
CloseHandle
LockFile
UnlockFile
SetEndOfFile
MoveFileA
DeleteFileA

user32

GetForegroundWindow
SetForegroundWindow
ShowCaret
SendNotifyMessageA
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
FlashWindow
WindowFromPoint
SetParent
FindWindowA
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
DlgDirSelectComboBoxExA
DlgDirSelectExA
DlgDirListComboBoxA
DlgDirListA
GetDesktopWindow
SetCapture
KillTimer
SetTimer
EnableScrollBar
RedrawWindow
LockWindowUpdate
GetDCEx
ShowOwnedPopups
InvalidateRect
GetUpdateRgn
GetUpdateRect
UpdateWindow
GetDC
EndPaint
BeginPaint
ClientToScreen
BringWindowToTop
GetWindowRgn
SetWindowRgn
ArrangeIconicWindows
IsZoomed
HiliteMenuItem
GetSystemMenu
DrawMenuBar
SetMenu
GetMenu
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
LoadIconA
SendDlgItemMessageA
GetClientRect
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetWindow
GetCapture
WinHelpA
MapDialogRect
RegisterClassA
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
GetWindowContextHelpId
SetWindowContextHelpId
CreateWindowExA
GetClassLongA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
RegisterWindowMessageA
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
UnregisterClassA
CheckMenuRadioItem
GetMenuContextHelpId
SetMenuContextHelpId
LoadMenuIndirectA
LoadMenuA
RemoveMenu
ModifyMenuA
InsertMenuA
GetSubMenu
GetMenuItemInfoA
GetMenuStringA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
AppendMenuA
DeleteMenu
IsMenu
CreatePopupMenu
CreateMenu
ScrollDC
GrayStringA
GetTabbedTextExtentA
DrawTextA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawStateA
DrawIcon
InvertRect
FrameRect
FillRect
ExcludeUpdateRgn
WindowFromDC
GetSysColorBrush
SubtractRect
UnionRect
IntersectRect
OffsetRect
InflateRect
EqualRect
SetRectEmpty
SetRect
PtInRect
IsRectEmpty
CopyRect
UnhookWindowsHookEx
OemToCharA
CharToOemA
GetMenuCheckMarkDimensions
LoadBitmapA
SetMenuItemBitmaps
GetFocus
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
CloseWindow
OpenIcon
GetAsyncKeyState
ReleaseCapture
SetCursorPos
DestroyCursor
LoadAcceleratorsA
DestroyMenu
TranslateAcceleratorA
ReuseDDElParam
UnpackDDElParam
LoadStringA
GetClipboardFormatNameA
GetDialogBaseUnits
DestroyIcon
PostThreadMessageA
LoadCursorA
GetClassNameA
GetDlgCtrlID
GetClassInfoA
SetPropA
CallNextHookEx
ValidateRect
GetCursorPos
SetWindowsHookExA
GetWindowLongA
GetParent
GetLastActivePopup
IsWindowEnabled
MessageBoxA
EnableWindow
SetCursor
PeekMessageA
PostQuitMessage
GetSystemMetrics
CharUpperA
wsprintfA
TabbedTextOutA
PostMessageA
IsWindow
SendMessageA
ValidateRgn
IsWindowVisible
GetWindowDC
ReleaseDC
InvalidateRgn

gdi32

SetTextJustification
SetMapMode
SetStretchBltMode
CreateEnhMetaFileA
CloseEnhMetaFile
CreateMetaFileA
CreateBitmap
GetObjectA
ExtTextOutA
UnrealizeObject
GetObjectType
GetStockObject
CreatePenIndirect
ExtCreatePen
CreatePen
CreateHatchBrush
CreateBrushIndirect
CreateSolidBrush
CreateDIBPatternBrushPt
CreateFontIndirectA
CreatePatternBrush
CreateBitmapIndirect
SetBitmapBits
CreateFontA
SetBitmapDimensionEx
GetBitmapDimensionEx
GetBitmapBits
CreateDiscardableBitmap
CreatePalette
CreateCompatibleBitmap
GetPaletteEntries
SetPaletteEntries
CreateHalftonePalette
GetNearestPaletteIndex
ResizePalette
AnimatePalette
CreateRectRgnIndirect
CreateEllipticRgn
CreateRectRgn
CreatePolygonRgn
CreatePolyPolygonRgn
CreateEllipticRgnIndirect
PathToRegion
ExtCreateRegion
CreateRoundRectRgn
SetRectRgn
CombineRgn
GetRegionData
OffsetRgn
GetRgnBox
EqualRgn
RectInRegion
CreateDCA
PtInRegion
CreateCompatibleDC
GetDeviceCaps
CreateICA
SetBrushOrgEx
EnumObjects
GetBrushOrgEx
SetViewportOrgEx
GetNearestColor
RealizePalette
UpdateColors
OffsetViewportOrgEx
GetBkMode
GetBkColor
GetROP2
GetStretchBltMode
GetPolyFillMode
GetMapMode
GetViewportOrgEx
GetTextColor
GetWindowOrgEx
GetWindowExtEx
GetViewportExtEx
LPtoDP
FillRgn
DPtoLP
InvertRgn
PaintRgn
FrameRgn
RectVisible
GetCurrentPositionEx
PtVisible
Polyline
Chord
Arc
Pie
Polygon
Ellipse
Rectangle
RoundRect
PolyPolygon
BitBlt
StretchBlt
PatBlt
SetPixel
FloodFill
GetPixel
TextOutA
GetTextExtentPoint32A
ExtFloodFill
GetTextFaceA
GetTextMetricsA
GetTextAlign
GetCharWidthA
GetAspectRatioFilterEx
GetTextCharacterExtra
SetBoundsRect
GetBoundsRect
Escape
GetOutlineTextMetricsA
GetCharABCWidthsA
ResetDCA
GetKerningPairsA
GetGlyphOutlineA
GetFontData
StartPage
EndPage
StartDocA
AbortDoc
EndDoc
SetAbortProc
PlgBlt
SetPixelV
MaskBlt
GetArcDirection
PolyPolyline
AngleArc
GetCurrentObject
PolyBezier
StretchDIBits
PlayMetaFile
EnumMetaFile
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
GetClipRgn
DeleteObject
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo
SetMapperFlags
SetTextCharacterExtra
CloseMetaFile
SetTextAlign
LineTo
MoveToEx
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
GdiComment
GetColorAdjustment
WidenPath
SelectObject
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
RestoreDC
SaveDC
DeleteDC
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
PlayEnhMetaFile
FillPath
EndPath
StrokePath
StrokeAndFillPath
SetMiterLimit
GetPath
GetMiterLimit
FlattenPath
AbortPath
CloseFigure
BeginPath
ExtEscape
GetCharWidthFloatA
GetCharABCWidthsFloatA
DrawEscape

comdlg32

ChooseColorA
GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegEnumKeyA
GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegSetValueA
RegCreateKeyA
RegCloseKey
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegOpenKeyA
RegQueryValueExA

shell32

DragQueryFileA
DragFinish
DragAcceptFiles
SHGetFileInfoA
ExtractIconA

comctl32

ImageList_SetOverlayImage
ImageList_SetBkColor
ImageList_Draw
DestroyPropertySheetPage
ImageList_GetImageInfo
ImageList_GetBkColor
ImageList_DragLeave
ImageList_DragEnter
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_SetDragCursorImage
ImageList_DragMove
ImageList_EndDrag
ImageList_BeginDrag
ord8
ord17
PropertySheetA
ImageList_GetIcon
CreatePropertySheetPageA
ord13
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge
ImageList_Read
ImageList_Write
ord14
ImageList_GetImageCount
ImageList_Add
ImageList_AddMasked
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon

Exports

Exports

create_index_file

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
K3ICWorkFlow.dll
.dll regsvr32 windows x86

79e1694ea0f0f04b58c9258a7bc67da2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaVarMove
__vbaStrI4
__vbaFreeVar
__vbaLenBstr
__vbaLineInputStr
__vbaStrVarMove
__vbaFreeVarList
_adj_fdiv_m64
__vbaVarIndexStore
__vbaFreeObjList
_adj_fprem1
ord519
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryVar
__vbaAryDestruct
__vbaLateMemSt
__vbaVarIndexLoadRefLock
__vbaExitProc
__vbaOnError
__vbaObjSet
ord595
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaVarIndexLoad
__vbaBoolVar
ord520
__vbaBoolVarNull
__vbaRefVarAry
_CIsin
ord631
__vbaErase
ord632
__vbaVarZero
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaGenerateBoundsError
ord528
__vbaStrCmp
__vbaVarTstEq
ord560
__vbaI2I4
__vbaObjVar
ord562
DllFunctionCall
__vbaVarLateMemSt
__vbaCastObjVar
__vbaLbound
_adj_fpatan
__vbaRedim
EVENT_SINK_Release
__vbaNew
_CIsqrt
__vbaVarAnd
__vbaObjIs
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
__vbaPrintFile
_adj_fprem
_adj_fdivr_m64
ord716
__vbaFPException
__vbaUbound
__vbaStrVarVal
__vbaVarCat
ord645
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaInStr
__vbaNew2
ord648
__vbaVarLateMemCallLdRf
ord571
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaI4Str
ord681
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
__vbaVarTstNe
ord101
__vbaVarSetVar
ord102
__vbaI4Var
ord103
__vbaVarCmpEq
ord104
ord105
__vbaAryLock
__vbaLateMemCall
__vbaVarDup
__vbaAryVarVarg
ord616
__vbaVarCopy
ord617
__vbaLateMemCallLd
_CIatan
__vbaAryCopy
__vbaStrMove
__vbaCastObj
ord619
_allmul
__vbaLateMemCallSt
_CItan
__vbaAryUnlock
_CIexp
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KmInst32.exe
.exe windows x86

74266e90045b9b8b676a8a7e8b06097a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFileTimeToFileTime
GetFileAttributesW
SetFileTime
OutputDebugStringA
GetLocalTime
lstrcpyA
OutputDebugStringW
InterlockedDecrement
WritePrivateProfileStringA
GetPrivateProfileStringA
GetWindowsDirectoryA
GetShortPathNameA
MoveFileExW
GetTempFileNameW
GetTimeZoneInformation
GetSystemDirectoryA
SetLastError
GetModuleFileNameA
LoadLibraryA
lstrlenA
SetEndOfFile
InitializeCriticalSectionAndSpinCount
SystemTimeToFileTime
GetStringTypeW
DisconnectNamedPipe
HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetCommandLineW
GetEnvironmentStringsW
CreateThread
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
ExitProcess
LCMapStringA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
HeapReAlloc
VirtualAlloc
DeleteCriticalSection
VirtualFree
HeapCreate
IsValidCodePage
GetOEMCP
GetCPInfo
GetCurrentThreadId
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
RaiseException
GetLocaleInfoA
WideCharToMultiByte
MultiByteToWideChar
OpenProcess
FlushFileBuffers
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
LeaveCriticalSection
EnterCriticalSection
GetConsoleMode
GetConsoleCP
RtlUnwind
GetCurrentDirectoryW
GetTempPathW
GetLocaleInfoW
GetModuleHandleA
GetTickCount
FormatMessageW
lstrlenW
HeapAlloc
GetFileInformationByHandle
FileTimeToLocalFileTime
CompareFileTime
MoveFileW
ExitThread
FreeEnvironmentStringsW
CreateNamedPipeW
GetLastError
GetModuleHandleW
GetProcessHeap
HeapFree
GetSystemWindowsDirectoryW
CopyFileW
SetFilePointer
CreateFileA
GetFileSize
RemoveDirectoryW
CreateProcessW
GetExitCodeProcess
GetFullPathNameW
GetWindowsDirectoryW
FreeLibrary
LoadLibraryW
GetProcAddress
FindNextFileW
CreateFileW
CloseHandle
ReadFile
WriteFile
GetModuleFileNameW
GetCurrentProcess
DeleteFileW
CreateDirectoryW
FindClose
FindFirstFileW
GetSystemDirectoryW
GetACP
GetVersionExW
SetFileAttributesW
Sleep
GetStringTypeA

user32

GetAncestor
GetWindowThreadProcessId
DestroyWindow
SendNotifyMessageW
GetDesktopWindow
PostMessageW
GetDC
ReleaseDC
wsprintfA
SendMessageW
GetWindowRect
wsprintfW
GetClientRect
DefWindowProcW
GetWindowLongW
PostQuitMessage
UpdateWindow
ShowWindow
SetWindowLongW
wvsprintfA
CreateWindowExW
RegisterClassW
LoadCursorW
LoadIconW
DispatchMessageW
TranslateMessage
GetMessageW
IsWindow
EnumWindows
EnumChildWindows
GetWindowTextW
GetWindowTextA
GetClassNameA
GetDlgCtrlID

gdi32

GetStockObject
DeleteObject
AddFontResourceW
EnumFontFamiliesExW

winspool.drv

AddMonitorW
DeleteMonitorW
GetPrinterDriverDirectoryW
ClosePrinter
DeletePrinter
OpenPrinterW
EnumPrintersW
SetPrinterDataW
DeletePrinterConnectionW
EnumPrinterDriversW
DeletePrinterDriverW
AddPrinterDriverW
SetPrinterW
AddPrinterW
ord204
DeletePortW
EnumMonitorsW
GetPrinterDataExW
SetPrinterDataExW
GetPrinterW
EnumPortsW
AddPortW
DeletePrinterDriverExW

advapi32

RegCloseKey
QueryServiceStatus
DeleteService
CreateServiceW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
ControlService
OpenServiceW
QueryServiceConfigW
StartServiceW
OpenSCManagerW
CloseServiceHandle
RegConnectRegistryW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
SHGetPathFromIDListW
SHChangeNotify

ole32

PropVariantClear
CoInitializeEx
CLSIDFromString
CoInitialize
CoCreateInstance
CoSetProxyBlanket
CoUninitialize
CoInitializeSecurity

oleaut32

SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
VariantInit
VariantClear
SysFreeString
SysAllocString

setupapi

SetupDiGetINFClassW
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoW
SetupFindNextMatchLineW
SetupIterateCabinetW
SetupCopyOEMInfW
SetupDiCallClassInstaller
SetupGetLineCountW
SetupOpenInfFileW
SetupCloseInfFile
SetupDiOpenDevRegKey
SetupDiDeleteDeviceInfo
SetupDiSetDeviceRegistryPropertyW
SetupDiGetClassDevsExW
SetupGetLineByIndexW
SetupOpenAppendInfFileW
SetupGetIntField
SetupFindFirstLineW
SetupGetStringFieldW
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiRemoveDevice

mscms

GetColorDirectoryW

lz32

LZClose
LZOpenFileW
LZCopy

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
VerQueryValueA

Sections

.text
Size: 392KB - Virtual size: 391KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
KmSetKX32.exe
.exe windows x86

292c37cee0faa14864934dd371943d84

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
GetWindowsDirectoryW
GetSystemDirectoryW
GetVersionExW
SetLastError
GetModuleFileNameA
HeapFree
HeapAlloc
GetStartupInfoW
RtlUnwind
HeapReAlloc
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetOEMCP
IsValidCodePage
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
RaiseException
ExitProcess
WriteFile
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
LCMapStringW
LCMapStringA
VirtualAlloc
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
SetStdHandle
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
OutputDebugStringW
lstrcpyA
GetLocalTime
GetModuleHandleA
GetCurrentProcess
MulDiv
GetModuleFileNameW
GetSystemDirectoryA
FindResourceA
LoadResource
LockResource
SizeofResource
FreeResource
CreateFileA
GetFileSize
SetFilePointer
ReadFile
GetSystemTime
IsValidLocale
GetLocaleInfoA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
CreateFileW
CloseHandle
GetVersionExA
GetACP
MultiByteToWideChar
WideCharToMultiByte
OutputDebugStringA
GetProfileStringA
LoadLibraryA
GetProcAddress
GetLastError
LoadLibraryW
FreeLibrary
GetProcessHeap
Sleep

user32

wvsprintfA
GetDesktopWindow
GetDC
ReleaseDC
MessageBoxA
wsprintfW
wsprintfA

winspool.drv

GetPrinterDataA
OpenPrinterW
OpenPrinterA
ClosePrinter
SetPrinterW
GetPrinterDriverW
GetPrinterDriverA
GetPrinterW
EnumPrintersW
DeletePrinterDataW
SetPrinterDataA
GetPrinterDataW
GetPrinterA
SetPrinterDataW

advapi32

RegConnectRegistryW
CloseServiceHandle
OpenSCManagerW
OpenServiceW
StartServiceW
QueryServiceStatus
ControlService
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA

gdi32

EnumFontFamiliesExW
DeleteDC
EnumFontsA
EnumFontFamiliesExA
CreateCompatibleDC
SetGraphicsMode
DeleteObject
GetGlyphOutlineA
GetPath
FlattenPath
EndPath
TextOutW
BeginPath
FloodFill
SetBkMode
GetTextMetricsA
GetTextExtentPoint32W
GetGlyphIndicesW
SelectObject
GetGraphicsMode
CreateFontA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

Exports

Exports

??0?$TARRAY@PAUARGS@@$00@@QAE@XZ
??1?$TARRAY@PAUARGS@@$00@@QAE@XZ
??4?$TARRAY@PAUARGS@@$00@@QAEAAV0@ABV0@@Z
??A?$TARRAY@PAUARGS@@$00@@QBEABQAUARGS@@I@Z
?Add@?$TARRAY@PAUARGS@@$00@@QAEHPAUARGS@@@Z
?Clear@?$TARRAY@PAUARGS@@$00@@QAEXXZ
?Init@?$TARRAY@PAUARGS@@$00@@QAEXXZ
?Length@?$TARRAY@PAUARGS@@$00@@QAEIXZ
?Resize@?$TARRAY@PAUARGS@@$00@@QAE_NI@Z

Sections

.text
Size: 247KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Netviewer.resources.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PFXRsaCertDown.dll
.dll windows x86

d51f872a487e6f2666aaacab19d262ec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
ExitProcess
QueryPerformanceFrequency
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
SetStdHandle
GetCommandLineW
GetCommandLineA
VirtualQuery
VirtualAlloc
InterlockedFlushSList
RtlUnwind
OutputDebugStringW
LCMapStringW
GetTimeZoneInformation
GetStringTypeW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
FindFirstFileExA
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
CreateFileW
WriteConsoleW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
Sleep
SearchPathA
GetProfileIntA
GetTickCount
GetTempFileNameA
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
FindResourceExW
lstrcpyA
GetACP
GetCPInfo
GetOEMCP
VirtualProtect
GlobalFindAtomA
lstrcmpW
FreeResource
FindNextFileA
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
GetVolumeInformationA
LoadLibraryA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameA
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryA
FindResourceA
GetSystemDirectoryW
EncodePointer
GlobalGetAtomNameA
SetErrorMode
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
LoadLibraryW
GetModuleFileNameW
OutputDebugStringA
GetCurrentProcessId
GlobalAddAtomA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetModuleHandleW
ResumeThread
SetThreadPriority
WaitForSingleObject
SetEvent
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
LeaveCriticalSection
EnterCriticalSection
GetProcAddress
CompareStringA
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetModuleFileNameA
FreeLibrary
GetVersionExA
GetCurrentThreadId
GetCurrentThread
SetLastError
CopyFileA
FormatMessageA
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionAndSpinCount
HeapFree
LocalFree
LocalAlloc
ReadFile
CloseHandle
GetFileSize
CreateFileA
MultiByteToWideChar
GetPrivateProfileStringA
GetWindowsDirectoryA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetSystemInfo
GetModuleHandleA
GetFileType

user32

DestroyMenu
DestroyIcon
IsDialogMessageA
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
GetTopWindow
GetClassLongA
SetWindowLongA
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetMenuItemInfoA
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
CharUpperA
FillRect
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
UnregisterClassA
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
ScreenToClient
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
EnableScrollBar
UpdateWindow
KillTimer
SetTimer
RealChildWindowFromPoint
GetWindow
GetClassNameA
PtInRect
InflateRect
IntersectRect
SetRectEmpty
OffsetRect
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetAsyncKeyState
MapDialogRect
TrackMouseEvent
LoadImageW
GetNextDlgGroupItem
SetCapture
ReleaseCapture
MessageBeep
WindowFromPoint
DrawFocusRect
IsRectEmpty
LoadImageA
DrawIconEx
GetIconInfo
GetDlgItem
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
PostMessageA
PostQuitMessage
GetDesktopWindow
SendMessageA
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
GetParent
LoadBitmapW
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
ShowOwnedPopups
SetCursor
EnableWindow
IsWindowEnabled
MessageBoxA
GetWindowLongA
GetWindowThreadProcessId
GetLastActivePopup
UnhookWindowsHookEx
GetSystemMetrics
GetDC
CopyAcceleratorTableA
ReleaseDC
GetSysColor
GetSysColorBrush
LoadCursorA
HideCaret
InvertRect
LoadCursorW
NotifyWinEvent
DestroyAcceleratorTable
DestroyCursor
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffA
RegisterClipboardFormatA
ModifyMenuA
GetDoubleClickTime
SetMenuDefaultItem
LockWindowUpdate
SetRect
GetWindowTextA
GetWindowTextLengthA
GetClientRect
CopyImage
SystemParametersInfoA
DeleteMenu
GetDlgCtrlID
SetWindowTextA
GetWindowRect
ClientToScreen
CreatePopupMenu
GetMenuDefaultItem
MapVirtualKeyA
GetKeyNameTextA
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongA
SetWindowRgn
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
DrawEdge
DrawFrameControl
IsZoomed
LoadMenuW
GetSystemMenu
BringWindowToTop
SetCursorPos
CopyIcon
FrameRect
DrawIcon
UnionRect
UpdateLayeredWindow
MonitorFromPoint
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
PostThreadMessageA
WaitMessage
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
InvalidateRect
GetKeyboardState

gdi32

PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetObjectA
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
GetTextExtentPoint32A
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsA
LineTo
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceA
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
DeleteObject
CreateBitmap
GetDeviceCaps
CreateDCA
EnumFontFamiliesExA
CopyMetaFileA

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegEnumKeyA
RegCloseKey
RegEnumValueA
RegQueryValueA

shell32

SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
SHAppBarMessage
DragFinish

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathRemoveFileSpecW
StrFormatKBSizeA
UrlUnescapeA
PathFindExtensionA

uxtheme

GetCurrentThemeName
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetWindowTheme
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetThemePartSize

ole32

OleLockRunning
IsAccelerator
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateStreamOnHGlobal
CoInitializeEx
CoDisconnectObject
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
DoDragDrop

oleaut32

VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
SysAllocStringLen
SysAllocStringByteLen
SysFreeString
VarBstrFromDate
VariantInit
SysAllocString
VariantCopy
VariantChangeType

crypt32

CertVerifyTimeValidity
CryptDecodeObjectEx
CertOpenStore
CertEnumCertificatesInStore
CertFreeCertificateContext
CertCloseStore
PFXImportCertStore
CertOpenSystemStoreA
CertAddCertificateContextToStore

libeay32

ord602
ord607
ord584
ord2071
ord571
ord606
ord283
ord485
ord279
ord605
ord333
ord608
ord600
ord870
ord851
ord577
ord565
ord484
ord3212
ord754
ord748
ord641
ord1305
ord281
ord1288
ord1291

wininet

InternetCanonicalizeUrlA
InternetGetConnectedState
InternetOpenA
InternetConnectA
InternetCloseHandle
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
InternetCrackUrlA

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA
timeGetTime

Exports

Exports

DllPfxCertDownLoad
DllPfxCertInstallIE
DllPfxTimeValidity

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 300KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
hpmcro32.dll
.dll windows x86

0d851b83727a62c4e5b3965bb8d9372a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

isupper

kernel32

FlushFileBuffers
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
GlobalHandle
ReadFile
WriteFile
GetLastError

Exports

Exports

BuildCommand
BuildInquire
ButtonPoll
CheckIO
ClearButton
Color
ColorDither
ColorThreshold
CommandInquire
Dither
DllMain
Download
DualScan
GetButtonPress
GetScanInfo
GetScanState
GrayScale
InquireBufferSize
InquireModel
InquireNumber
InquireOldestError
InquireString
RecFromScanner
ReceiveResponse
ResetScanner
SCLRead
SCL_Scan
ScannerLock
ScannerLockButton
SendCommand
SendToScanner
SetDecipointWindow
SetDiagnosticSCL
SetIOHandle
SetPixelWindow
SetResolution
SetScale
SetScanState
SetScanWindow
Threshold
Upload
VerifyResponse

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 314B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
kmtwainlang.dll
.dll regsvr32 windows x86

256786d487a8a059f70ad2383495f286

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord4486
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord5500
ord1199
ord1247
ord1132
ord6467
ord1131
ord6354
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord6375
ord3831
ord4274
ord269
ord826
ord600
ord1578
ord1255
ord1116

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
??2@YAPAXI@Z
__CxxFrameHandler

kernel32

LocalFree
LocalAlloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
kmtwainlang.dll15
.dll regsvr32 windows x86

256786d487a8a059f70ad2383495f286

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord4486
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord5500
ord1199
ord1247
ord1132
ord6467
ord1131
ord6354
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord6375
ord3831
ord4274
ord269
ord826
ord600
ord1578
ord1255
ord1116

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
??2@YAPAXI@Z
__CxxFrameHandler

kernel32

LocalFree
LocalAlloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
kmtwainlang.dll18
.dll regsvr32 windows x86

256786d487a8a059f70ad2383495f286

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord4486
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord5500
ord1199
ord1247
ord1132
ord6467
ord1131
ord6354
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord6375
ord3831
ord4274
ord269
ord826
ord600
ord1578
ord1255
ord1116

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
??2@YAPAXI@Z
__CxxFrameHandler

kernel32

LocalFree
LocalAlloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
kmtwainlang.dll3
.dll regsvr32 windows x86

256786d487a8a059f70ad2383495f286

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord4486
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord5500
ord1199
ord1247
ord1132
ord6467
ord1131
ord6354
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord6375
ord3831
ord4274
ord269
ord826
ord600
ord1578
ord1255
ord1116

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
??2@YAPAXI@Z
__CxxFrameHandler

kernel32

LocalFree
LocalAlloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
kmtwainlang.dll7
.dll regsvr32 windows x86

256786d487a8a059f70ad2383495f286

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord4486
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord5500
ord1199
ord1247
ord1132
ord6467
ord1131
ord6354
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord6375
ord3831
ord4274
ord269
ord826
ord600
ord1578
ord1255
ord1116

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
??2@YAPAXI@Z
__CxxFrameHandler

kernel32

LocalFree
LocalAlloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
kmtwainlang.dll9
.dll regsvr32 windows x86

256786d487a8a059f70ad2383495f286

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord4486
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord5500
ord1199
ord1247
ord1132
ord6467
ord1131
ord6354
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord6375
ord3831
ord4274
ord269
ord826
ord600
ord1578
ord1255
ord1116

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
??2@YAPAXI@Z
__CxxFrameHandler

kernel32

LocalFree
LocalAlloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
nlwnsck.dll
.dll windows x86

ba783d3c376ec4bdda1d11b8fefd2a49

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

libjutils

SybHeap_alloc

libjtml

tml_mutex_alloc

wsock32

__WSAFDIsSet
setsockopt
recv
bind
gethostbyname
ioctlsocket
listen
WSAStartup
connect
closesocket
getpeername
inet_addr
gethostbyaddr
accept
WSAGetLastError
send
select
socket
htons

msvcrt

_adjust_fdiv
_initterm
free
__mb_cur_max
_isctype
_pctype
memmove
atoi
memset
strlen
strcpy
malloc

kernel32

DisableThreadLibraryCalls

Exports

Exports

__sybase_DLL_info2@0
__sybase_DLL_info3@0
__sybase_DLL_info@0
ipd_accept
ipd_close
ipd_connect
ipd_exit
ipd_init
ipd_initsize
ipd_listen
ipd_prop_ext
ipd_property
ipd_read
ipd_write

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 316B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 318B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
txtonly.dll
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Exports

Exports

CBFilterGraphics
bInitProc
bSetFuncAddr

Sections

.text
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 178B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 122B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

256786d487a8a059f70ad2383495f286

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 1KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 12KB - Virtual size: 10KB

.reloc Size: 4KB - Virtual size: 446B

256786d487a8a059f70ad2383495f286

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 1KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 12KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 446B

256786d487a8a059f70ad2383495f286

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 1KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 12KB - Virtual size: 10KB

.reloc Size: 4KB - Virtual size: 446B

256786d487a8a059f70ad2383495f286

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 1KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 12KB - Virtual size: 10KB

.reloc Size: 4KB - Virtual size: 446B

12e3ab750ea5086d35954831823160d8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Exports

Exports

Sections

.text
Size: 4KB - Virtual size: 1KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 4KB - Virtual size: 446B

.text
Size: 4KB - Virtual size: 1KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 446B

.text
Size: 4KB - Virtual size: 1KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 4KB - Virtual size: 446B

.text
Size: 4KB - Virtual size: 1KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 4KB - Virtual size: 446B

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 68KB - Virtual size: 66KB

.data
Size: 44KB - Virtual size: 56KB

.idata
Size: 20KB - Virtual size: 18KB

.rsrc
Size: 12KB - Virtual size: 9KB

.reloc
Size: 48KB - Virtual size: 44KB

.text
Size: 20KB - Virtual size: 18KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 8KB - Virtual size: 5KB

.text
Size: 392KB - Virtual size: 391KB

.rdata
Size: 104KB - Virtual size: 103KB

.data
Size: 5KB - Virtual size: 14KB

.rsrc
Size: 2KB - Virtual size: 1KB

.text
Size: 247KB - Virtual size: 246KB

.rdata
Size: 51KB - Virtual size: 50KB

.data
Size: 6KB - Virtual size: 17KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 16KB - Virtual size: 15KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rsrc
Size: 121KB - Virtual size: 121KB

.reloc
Size: 512B - Virtual size: 12B