Extracted

• d85f98bbaf6a689437acd7b2e5a6b9c39b6aac0fb8f581712b7e6a196c100177

  .dll windows x86

  f0f473e3486573f3ccf849ffec21164f

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_BYTES_REVERSED_LO

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_BYTES_REVERSED_HI

  Imports

  crypt32

  CryptUnprotectData

  CertGetCertificateContextProperty

  CertFreeCertificateContext

  CertDuplicateCertificateContext

  CertFindCertificateInStore

  CertEnumCertificatesInStore

  CertCloseStore

  CertOpenStore

  CryptBinaryToStringA

  CryptStringToBinaryA

  advapi32

  CredReadW

  CredEnumerateW

  CredFree

  OpenThreadToken

  GetTokenInformation

  OpenProcessToken

  LookupAccountSidA

  RegQueryValueExW

  RegOpenKeyExW

  RegCloseKey

  SetThreadToken

  SetSecurityDescriptorDacl

  ReportEventA

  RegisterEventSourceA

  RegSetValueExW

  RegQueryValueExW

  RegOpenKeyExW

  RegOpenKeyW

  RegEnumValueW

  RegEnumKeyW

  RegEnumKeyExW

  RegCloseKey

  OpenThreadToken

  OpenProcessToken

  LookupPrivilegeValueW

  LookupAccountSidW

  LookupAccountNameW

  IsValidSid

  IsTextUnicode

  InitializeSecurityDescriptor

  GetUserNameW

  GetTokenInformation

  GetSidSubAuthorityCount

  GetSidSubAuthority

  GetSecurityDescriptorSacl

  GetCurrentHwProfileW

  FreeSid

  EqualSid

  DuplicateToken

  DeregisterEventSource

  AllocateAndInitializeSid

  AdjustTokenPrivileges

  CryptEnumProvidersA

  CryptSignHashA

  CryptDestroyHash

  CryptCreateHash

  CryptDecrypt

  CryptExportKey

  CryptGetUserKey

  CryptGetProvParam

  CryptSetHashParam

  CryptDestroyKey

  CryptReleaseContext

  CryptAcquireContextA

  LsaFreeMemory

  LsaClose

  LsaRetrievePrivateData

  LsaOpenPolicy

  ConvertSidToStringSidA

  CryptDestroyHash

  CryptHashData

  CryptCreateHash

  CryptGetHashParam

  CryptReleaseContext

  CryptAcquireContextW

  ConvertStringSecurityDescriptorToSecurityDescriptorW

  SetSecurityInfo

  SetSecurityInfo

  ConvertStringSecurityDescriptorToSecurityDescriptorW

  CryptSignHashA

  CryptVerifySignatureW

  CryptDecrypt

  CryptImportKey

  CryptEncrypt

  CryptDeriveKey

  CryptDestroyKey

  CryptExportKey

  CryptGenKey

  CryptReleaseContext

  CryptDestroyHash

  CryptGetHashParam

  CryptHashData

  CryptCreateHash

  CryptAcquireContextA

  kernelbase

  InitializeSRWLock

  SleepConditionVariableCS

  WakeConditionVariable

  WakeAllConditionVariable

  oleaut32

  SysFreeString

  SysReAllocStringLen

  SysAllocStringLen

  SafeArrayPtrOfIndex

  SafeArrayPutElement

  SafeArrayGetElement

  SafeArrayUnaccessData

  SafeArrayAccessData

  SafeArrayGetUBound

  SafeArrayGetLBound

  SafeArrayCreate

  VariantChangeType

  VariantCopyInd

  VariantCopy

  VariantClear

  VariantInit

  CreateErrorInfo

  GetErrorInfo

  SetErrorInfo

  SysFreeString

  shlwapi

  ord40

  ord107

  StrStrW

  kernel32

  Sleep

  VirtualFree

  VirtualAlloc

  lstrlenW

  VirtualQuery

  QueryPerformanceCounter

  GetTickCount

  GetSystemInfo

  GetVersion

  CompareStringW

  IsValidLocale

  SetThreadLocale

  GetSystemDefaultUILanguage

  GetUserDefaultUILanguage

  GetLocaleInfoW

  WideCharToMultiByte

  MultiByteToWideChar

  GetACP

  LoadLibraryExW

  GetStartupInfoW

  GetProcAddress

  GetModuleHandleW

  GetModuleFileNameW

  GetCommandLineW

  FreeLibrary

  GetLastError

  UnhandledExceptionFilter

  RtlUnwind

  RaiseException

  ExitProcess

  ExitThread

  SwitchToThread

  GetCurrentThreadId

  CreateThread

  DeleteCriticalSection

  LeaveCriticalSection

  EnterCriticalSection

  InitializeCriticalSection

  FindFirstFileW

  FindClose

  SetCurrentDirectoryW

  GetCurrentDirectoryW

  WriteFile

  GetStdHandle

  CloseHandle

  GetProcAddress

  RaiseException

  LoadLibraryA

  GetLastError

  TlsSetValue

  TlsGetValue

  TlsFree

  TlsAlloc

  LocalFree

  LocalAlloc

  FreeLibrary

  lstrlenW

  lstrcpy

  lstrcmpW

  lstrcatW

  WriteProcessMemory

  WritePrivateProfileStringW

  WriteFile

  WideCharToMultiByte

  WaitForSingleObjectEx

  WaitForSingleObject

  VirtualQueryEx

  VirtualQuery

  VirtualProtect

  VirtualFreeEx

  VirtualFree

  VirtualAllocEx

  VirtualAlloc

  VerSetConditionMask

  VerifyVersionInfoW

  UnmapViewOfFile

  UnlockFileEx

  UnlockFile

  TryEnterCriticalSection

  TerminateThread

  TerminateProcess

  SystemTimeToFileTime

  SwitchToThread

  SuspendThread

  Sleep

  SetThreadPriority

  SetPriorityClass

  SetLastError

  SetFileTime

  SetFilePointerEx

  SetFilePointer

  SetFileAttributesW

  SetEvent

  SetEndOfFile

  SetCurrentDirectoryW

  ResumeThread

  ResetEvent

  RemoveDirectoryW

  ReleaseSemaphore

  ReleaseMutex

  ReadFile

  RaiseException

  QueryPerformanceFrequency

  QueryPerformanceCounter

  QueryDosDeviceW

  IsDebuggerPresent

  OutputDebugStringA

  OutputDebugStringW

  OpenProcess

  OpenEventW

  MultiByteToWideChar

  MapViewOfFile

  LockFileEx

  LockFile

  LocalFree

  LocalAlloc

  LoadLibraryA

  LoadLibraryW

  LeaveCriticalSection

  LCMapStringW

  IsValidLocale

  IsBadReadPtr

  InitializeCriticalSection

  HeapValidate

  HeapSize

  HeapReAlloc

  HeapFree

  HeapDestroy

  HeapCreate

  HeapCompact

  HeapAlloc

  GlobalUnlock

  GlobalSize

  GlobalMemoryStatusEx

  GlobalMemoryStatus

  GlobalLock

  GlobalFree

  GlobalAlloc

  GetWindowsDirectoryW

  GetVolumeInformationW

  GetVersionExA

  GetVersionExW

  GetVersion

  GetUserDefaultLangID

  GetTimeZoneInformation

  GetTickCount

  GetThreadPriority

  GetThreadLocale

  GetTempPathA

  GetTempPathW

  GetTempFileNameW

  GetSystemTimeAsFileTime

  GetSystemTime

  GetSystemPowerStatus

  GetSystemInfo

  GetSystemDirectoryW

  GetSystemDefaultLangID

  GetStdHandle

  GetLongPathNameW

  GetShortPathNameW

  GetProcessHeap

  GetProcAddress

  GetPrivateProfileStringW

  GetPrivateProfileIntW

  GetModuleHandleA

  GetModuleHandleW

  GetModuleFileNameW

  GetLogicalDrives

  GetLogicalDriveStringsW

  GetLocaleInfoW

  GetLocalTime

  GetLastError

  GetFullPathNameA

  GetFullPathNameW

  GetFileType

  GetFileSize

  GetFileAttributesExW

  GetFileAttributesA

  GetFileAttributesW

  GetExitCodeThread

  GetExitCodeProcess

  GetEnvironmentVariableW

  GetDriveTypeW

  GetDiskFreeSpaceExW

  GetDiskFreeSpaceA

  GetDiskFreeSpaceW

  GetDateFormatW

  GetCurrentThreadId

  GetCurrentThread

  GetCurrentProcessId

  GetCurrentProcess

  GetCurrentDirectoryW

  GetComputerNameExW

  GetComputerNameW

  GetCPInfoExW

  GetCPInfo

  GetBinaryTypeW

  GetACP

  FreeLibrary

  FormatMessageA

  FormatMessageW

  FlushViewOfFile

  FlushInstructionCache

  FlushFileBuffers

  FlushConsoleInputBuffer

  FindNextFileA

  FindNextFileW

  FindFirstFileA

  FindFirstFileW

  FindClose

  FileTimeToSystemTime

  FileTimeToLocalFileTime

  FileTimeToDosDateTime

  ExitThread

  EnumSystemLocalesW

  EnumCalendarInfoW

  EnterCriticalSection

  DisconnectNamedPipe

  DeleteFileA

  DeleteFileW

  DeleteCriticalSection

  CreateThread

  CreateSemaphoreA

  CreateRemoteThread

  CreateNamedPipeW

  CreateMutexW

  CreateFileMappingW

  CreateFileA

  CreateFileW

  CreateEventA

  CreateEventW

  CreateDirectoryW

  CopyFileW

  ConnectNamedPipe

  CompareStringW

  CloseHandle

  AreFileApisANSI

  Sleep

  Wow64EnableWow64FsRedirection

  Wow64DisableWow64FsRedirection

  user32

  SetWindowLongA

  GetWindowLongA

  CreateWindowExW

  wvsprintfW

  mouse_event

  keybd_event

  WindowFromPoint

  UpdateWindow

  TranslateMessage

  SystemParametersInfoW

  ShowWindow

  SetWindowPos

  SetThreadDesktop

  SetClipboardData

  SendMessageA

  SendMessageW

  ScreenToClient

  ReleaseDC

  RegisterClassW

  RealGetWindowClassW

  PtInRect

  PostMessageA

  PostMessageW

  PeekMessageW

  OpenDesktopW

  OpenClipboard

  MsgWaitForMultipleObjects

  MoveWindow

  MessageBoxA

  MessageBoxW

  MenuItemFromPoint

  LoadStringW

  LoadIconW

  LoadCursorW

  IsWindowVisible

  InvalidateRect

  GetWindowThreadProcessId

  GetWindowTextW

  GetWindowRect

  GetWindowPlacement

  GetWindowInfo

  GetUserObjectInformationW

  GetTopWindow

  GetThreadDesktop

  GetSystemMetrics

  GetProcessWindowStation

  GetWindow

  GetMessageW

  GetMenuItemID

  GetKeyboardLayoutList

  GetForegroundWindow

  GetDesktopWindow

  GetDC

  GetCursorInfo

  GetClipboardData

  GetClassNameW

  GetAncestor

  FrameRect

  FindWindowExW

  FindWindowA

  FindWindowW

  EnumDesktopWindows

  EndDeferWindowPos

  DrawIcon

  DispatchMessageW

  DeferWindowPos

  DefWindowProcW

  CreateDesktopW

  CloseDesktop

  CloseClipboard

  ChildWindowFromPoint

  CharUpperBuffW

  CharUpperW

  CharLowerBuffW

  BeginDeferWindowPos

  PrintWindow

  PrintWindow

  gdi32

  StretchBlt

  SetStretchBltMode

  SelectObject

  Rectangle

  GetStockObject

  GetPixel

  GetObjectA

  GetDeviceCaps

  GetDIBits

  DeleteObject

  DeleteDC

  CreatePen

  CreateCompatibleDC

  CreateCompatibleBitmap

  BitBlt

  version

  VerQueryValueW

  GetFileVersionInfoSizeW

  GetFileVersionInfoW

  mpr

  WNetOpenEnumW

  WNetEnumResourceW

  WNetCloseEnum

  netapi32

  NetApiBufferFree

  NetWkstaGetInfo

  Netbios

  ole32

  OleInitialize

  CreateBindCtx

  MkParseDisplayName

  CoInitialize

  combase

  CoTaskMemFree

  CLSIDFromProgID

  StringFromCLSID

  CoCreateInstance

  CoUninitialize

  ws2_32

  WSAIoctl

  WSAEventSelect

  WSAGetLastError

  WSASetLastError

  WSACleanup

  WSAStartup

  getservbyname

  gethostbyname

  socket

  shutdown

  setsockopt

  send

  select

  recv

  htons

  htonl

  listen

  inet_addr

  htons

  htonl

  getsockopt

  getsockname

  ioctlsocket

  connect

  closesocket

  bind

  shell32

  ShellExecuteExW

  SHAppBarMessage

  SHGetFolderPathW

  SHGetSpecialFolderPathW

  SHGetPathFromIDListW

  SHGetSpecialFolderLocation

  wininet

  InternetCrackUrlW

  msvcrt

  realloc

  _ftol

  memmove

  memcmp

  free

  malloc

  strncmp

  memset

  strlen

  memcpy

  localtime

  _errno

  memchr

  strcmp

  strerror

  realloc

  _ftol

  strncpy

  strcat

  isdigit

  isxdigit

  memmove

  printf

  tolower

  isupper

  isspace

  memcmp

  free

  malloc

  atol

  _strcmpi

  strchr

  strncmp

  memset

  strlen

  memcpy

  toupper

  abort

  signal

  _getch

  setvbuf

  getenv

  strstr

  sprintf

  _exit

  raise

  vsnprintf

  wcsstr

  strtol

  fflush

  fputs

  time

  fwrite

  strrchr

  strtoul

  sscanf

  fprintf

  _stat

  ftell

  fread

  fopen

  _lseek

  _write

  _read

  _close

  wcslen

  _getpid

  isalnum

  localtime

  gmtime

  calloc

  _chmod

  _fdopen

  _open

  fclose

  qsort

  fseek

  _strnicmp

  fgets

  _setmode

  _wfopen

  memset

  memmove

  memcpy

  _beginthreadex

  esent

  JetIndexRecordCount

  JetMove

  JetRetrieveColumns

  JetOpenTableW

  JetOpenDatabaseW

  JetGetColumnInfoW

  JetAttachDatabaseW

  JetEndSession

  JetBeginSessionW

  JetSetSystemParameterW

  JetTerm

  JetCreateInstanceW

  JetInit

  iphlpapi

  GetAdaptersInfo

  winspool.drv

  GetDefaultPrinterW

  rasapi32

  RasGetEntryDialParamsA

  RasEnumEntriesA

  ntdll

  RtlCompressBuffer

  RtlGetCompressionWorkSpaceSize

  RtlAllocateHeap

  RtlDecompressBuffer

  Exports

  Exports

  FunDLLData

  TMethodImplementationIntercept

  __dbk_fcall_wrapper

  dbkFCallWrapperAddr

  Sections

  .text

  Size: 4.5MB - Virtual size: 4.5MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .itext

  Size: 8KB - Virtual size: 8KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 476KB - Virtual size: 476KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .bss

  Size: 1.1MB - Virtual size: 1.1MB

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 20KB - Virtual size: 20KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .didata

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .edata

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 240KB - Virtual size: 240KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 40KB - Virtual size: 40KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  Size: - Virtual size:

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ