Overview
overview
1Static
static
SearchInde...0).exe
windows7-x64
1SearchInde...0).exe
windows10-2004-x64
1SearchInde...1).exe
windows7-x64
1SearchInde...1).exe
windows10-2004-x64
1SearchInde...2).exe
windows7-x64
1SearchInde...2).exe
windows10-2004-x64
1SearchInde...3).exe
windows7-x64
1SearchInde...3).exe
windows10-2004-x64
1SearchInde...4).exe
windows7-x64
1SearchInde...4).exe
windows10-2004-x64
1SearchIndexer (2).exe
windows7-x64
1SearchIndexer (2).exe
windows10-2004-x64
1SearchIndexer (3).exe
windows7-x64
1SearchIndexer (3).exe
windows10-2004-x64
1SearchIndexer (4).exe
windows7-x64
1SearchIndexer (4).exe
windows10-2004-x64
1SearchIndexer (5).exe
windows7-x64
1SearchIndexer (5).exe
windows10-2004-x64
1SearchIndexer (6).exe
windows7-x64
1SearchIndexer (6).exe
windows10-2004-x64
1SearchIndexer (7).exe
windows7-x64
1SearchIndexer (7).exe
windows10-2004-x64
1SearchIndexer (8).exe
windows7-x64
1SearchIndexer (8).exe
windows10-2004-x64
1SearchIndexer (9).exe
windows7-x64
1SearchIndexer (9).exe
windows10-2004-x64
1SearchIndexer.exe
windows7-x64
1SearchIndexer.exe
windows10-2004-x64
1Static task
static1
Behavioral task
behavioral1
Sample
SearchIndexer (10).exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral2
Sample
SearchIndexer (10).exe
Resource
win10v2004-20220901-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
SearchIndexer (11).exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral4
Sample
SearchIndexer (11).exe
Resource
win10v2004-20220901-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
SearchIndexer (12).exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral6
Sample
SearchIndexer (12).exe
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
SearchIndexer (13).exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral8
Sample
SearchIndexer (13).exe
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
SearchIndexer (14).exe
Resource
win7-20220901-en
windows7-x64
Behavioral task
behavioral10
Sample
SearchIndexer (14).exe
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
SearchIndexer (2).exe
Resource
win7-20220901-en
windows7-x64
Behavioral task
behavioral12
Sample
SearchIndexer (2).exe
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
SearchIndexer (3).exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral14
Sample
SearchIndexer (3).exe
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
SearchIndexer (4).exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral16
Sample
SearchIndexer (4).exe
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
SearchIndexer (5).exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral18
Sample
SearchIndexer (5).exe
Resource
win10v2004-20220901-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
SearchIndexer (6).exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral20
Sample
SearchIndexer (6).exe
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
SearchIndexer (7).exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral22
Sample
SearchIndexer (7).exe
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
SearchIndexer (8).exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral24
Sample
SearchIndexer (8).exe
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
SearchIndexer (9).exe
Resource
win7-20220901-en
windows7-x64
Behavioral task
behavioral26
Sample
SearchIndexer (9).exe
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
SearchIndexer.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral28
Sample
SearchIndexer.exe
Resource
win10v2004-20220901-en
windows10-2004-x64
General
-
Target
0742610901732c00780619fc321ee25e18b25398b818be7ba31d9d1960e9bf59
-
Size
2.1MB
-
MD5
2d406146599ee5b5ae684724d6c31b28
-
SHA1
d317f19d31db41b6733db02bb51a2c32a18cb559
-
SHA256
0742610901732c00780619fc321ee25e18b25398b818be7ba31d9d1960e9bf59
-
SHA512
fd1a5eb6ea33c915516a814b351e6ab77246a34f7f0c9d818a915934f35577773b605303d7ddc62305ef5ef07471a0c8ae082be59f8eb5507a554cc34725e79d
-
SSDEEP
49152:/3oeIAv4AiM+V9pAO4Yn4s835xQ3NAn4MpCmwD9x:/eAv4AiMQ9pZ4G8padKpK9x
Malware Config
Signatures
Files
-
0742610901732c00780619fc321ee25e18b25398b818be7ba31d9d1960e9bf59.rar
-
SearchIndexer (10).exe.exe windows x86
bcce0d2b7ed723cd121dc97cc8a48b0c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegCloseKey
RegSetValueExW
RegCreateKeyExW
EventWrite
RegOpenKeyExW
RegSetKeyValueW
RegGetValueW
RegEnumKeyExW
RegDeleteValueW
OpenProcessToken
RegQueryValueExW
EventRegister
EventUnregister
EventEnabled
RegQueryInfoKeyW
InitializeAcl
InitializeSecurityDescriptor
CopySid
GetLengthSid
IsValidSid
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
GetTokenInformation
AddAce
GetAce
GetAclInformation
AddAccessAllowedAce
StartServiceCtrlDispatcherW
SetSecurityDescriptorDacl
OpenThreadToken
LookupAccountNameW
SetServiceStatus
RegisterServiceCtrlHandlerExW
SetFileSecurityW
ImpersonateLoggedOnUser
GetSecurityDescriptorLength
MakeSelfRelativeSD
GetSidSubAuthority
RevertToSelf
MakeAbsoluteSD
InitializeSid
GetSidLengthRequired
AddAccessDeniedAce
LookupAccountSidW
CreateWellKnownSid
SetTokenInformation
IsValidAcl
DeregisterEventSource
RegisterEventSourceW
ReportEventW
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegDeleteKeyTransactedW
GetSecurityDescriptorControl
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
RegCreateKeyTransactedW
RegOpenKeyTransactedW
CheckTokenMembership
kernel32
InterlockedCompareExchange
DelayLoadFailureHook
HeapSetInformation
GetCurrentProcessId
SetPriorityClass
SetEnvironmentVariableW
CreateMutexW
Sleep
MultiByteToWideChar
LoadLibraryW
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapFree
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetCurrentProcess
GetNLSVersion
OutputDebugStringW
GetModuleFileNameW
LoadLibraryExW
InterlockedDecrement
InterlockedIncrement
GetSystemDirectoryW
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
WideCharToMultiByte
GetSystemDefaultLCID
CompareStringW
lstrcmpiW
FreeLibrary
lstrlenW
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
GetDriveTypeW
GetVolumeInformationW
SetLastError
GetVolumePathNamesForVolumeNameW
SetErrorMode
GetLastError
CloseHandle
LoadLibraryExA
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetSystemPreferredUILanguages
ResolveLocaleName
LocaleNameToLCID
CreateFileMappingW
ReleaseMutex
MapViewOfFile
CopyFileA
DeleteFileA
FlushViewOfFile
GetLocalTime
CreateFileA
FormatMessageW
UnmapViewOfFile
LCMapStringW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetTimeFormatW
LocalFree
CreateFileW
lstrcmpW
CompareFileTime
RemoveDirectoryW
FindFirstFileW
GetCommandLineW
DeleteFileW
SearchPathW
MoveFileW
CopyFileW
GetFileAttributesW
SetFileAttributesW
GetVersionExA
HeapDestroy
HeapAlloc
HeapReAlloc
HeapSize
InterlockedExchange
lstrlenA
GetEnvironmentVariableW
GetStartupInfoA
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
OutputDebugStringA
VerifyVersionInfoW
VerSetConditionMask
GetVersionExW
ExpandEnvironmentStringsW
CreateThread
WaitForSingleObject
FindClose
FindNextFileW
FindFirstFileExW
CreateDirectoryW
OpenEventW
GetCurrentThread
SetEvent
GetTickCount64
RegNotifyChangeKeyValue
DuplicateHandle
CreateEventW
RegEnumValueW
RegDeleteKeyExW
user32
MsgWaitForMultipleObjects
PeekMessageW
UnregisterClassA
UnregisterDeviceNotification
RegisterDeviceNotificationW
LoadStringW
CharNextW
DispatchMessageW
msvcrt
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
realloc
_exit
_cexit
__getmainargs
calloc
wcsncpy_s
malloc
memmove_s
memcpy
wcsrchr
swscanf_s
_wcsicmp
free
_wcsnicmp
wcsncmp
memcpy_s
_vsnwprintf
memset
__CxxFrameHandler3
_CxxThrowException
_errno
_controlfp
fprintf
wcsstr
wcspbrk
_vscwprintf
vswprintf_s
qsort
towupper
bsearch
_XcptFilter
wcschr
iswspace
_wtol
swscanf
_vsnprintf
strncmp
_iob
ntdll
NtOpenFile
RtlInitUnicodeString
RtlNtStatusToDosError
WinSqmAddToStream
WinSqmIncrementDWORD
WinSqmSetDWORD
WinSqmIsOptedIn
ole32
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoCreateInstance
CoRevertToSelf
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoInitializeSecurity
CoImpersonateClient
oleaut32
SysFreeString
SysAllocString
SysStringLen
VarBstrCat
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantClear
VarUI4FromStr
LoadRegTypeLi
LoadTypeLi
tquery
?ciDelete@@YGXPAX@Z
?ciNewNoThrow@@YGPAXI@Z
?ciNew@@YGPAXI@Z
shlwapi
PathIsUNCServerShareW
SHGetValueW
SHSetValueW
PathAddBackslashW
SHCopyKeyW
PathRemoveBackslashW
SHDeleteKeyW
ord154
PathIsDirectoryW
PathStripToRootW
PathCanonicalizeW
PathFindNextComponentW
PathSkipRootW
PathFileExistsW
SHRegGetValueW
SHStrDupW
PathAppendW
PathIsUNCW
PathIsUNCServerW
PathIsRootW
mssrch
??0CSearchServiceObj@@QAE@XZ
?Cleanup@CSearchServiceObj@@SGHXZ
??1CSearchServiceObj@@QAE@XZ
imm32
ImmDisableIME
Sections
.text Size: 291KB - Virtual size: 291KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 100KB - Virtual size: 99KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
SearchIndexer (11).exe.exe windows x86
bcce0d2b7ed723cd121dc97cc8a48b0c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegCloseKey
RegSetValueExW
RegCreateKeyExW
EventWrite
RegOpenKeyExW
RegSetKeyValueW
RegGetValueW
RegEnumKeyExW
RegDeleteValueW
OpenProcessToken
RegQueryValueExW
EventRegister
EventUnregister
EventEnabled
RegQueryInfoKeyW
InitializeAcl
InitializeSecurityDescriptor
CopySid
GetLengthSid
IsValidSid
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
GetTokenInformation
AddAce
GetAce
GetAclInformation
AddAccessAllowedAce
StartServiceCtrlDispatcherW
SetSecurityDescriptorDacl
OpenThreadToken
LookupAccountNameW
SetServiceStatus
RegisterServiceCtrlHandlerExW
SetFileSecurityW
ImpersonateLoggedOnUser
GetSecurityDescriptorLength
MakeSelfRelativeSD
GetSidSubAuthority
RevertToSelf
MakeAbsoluteSD
InitializeSid
GetSidLengthRequired
AddAccessDeniedAce
LookupAccountSidW
CreateWellKnownSid
SetTokenInformation
IsValidAcl
DeregisterEventSource
RegisterEventSourceW
ReportEventW
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegDeleteKeyTransactedW
GetSecurityDescriptorControl
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
RegCreateKeyTransactedW
RegOpenKeyTransactedW
CheckTokenMembership
kernel32
InterlockedCompareExchange
DelayLoadFailureHook
HeapSetInformation
GetCurrentProcessId
SetPriorityClass
SetEnvironmentVariableW
CreateMutexW
Sleep
MultiByteToWideChar
LoadLibraryW
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapFree
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetCurrentProcess
GetNLSVersion
OutputDebugStringW
GetModuleFileNameW
LoadLibraryExW
InterlockedDecrement
InterlockedIncrement
GetSystemDirectoryW
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
WideCharToMultiByte
GetSystemDefaultLCID
CompareStringW
lstrcmpiW
FreeLibrary
lstrlenW
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
GetDriveTypeW
GetVolumeInformationW
SetLastError
GetVolumePathNamesForVolumeNameW
SetErrorMode
GetLastError
CloseHandle
LoadLibraryExA
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetSystemPreferredUILanguages
ResolveLocaleName
LocaleNameToLCID
CreateFileMappingW
ReleaseMutex
MapViewOfFile
CopyFileA
DeleteFileA
FlushViewOfFile
GetLocalTime
CreateFileA
FormatMessageW
UnmapViewOfFile
LCMapStringW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetTimeFormatW
LocalFree
CreateFileW
lstrcmpW
CompareFileTime
RemoveDirectoryW
FindFirstFileW
GetCommandLineW
DeleteFileW
SearchPathW
MoveFileW
CopyFileW
GetFileAttributesW
SetFileAttributesW
GetVersionExA
HeapDestroy
HeapAlloc
HeapReAlloc
HeapSize
InterlockedExchange
lstrlenA
GetEnvironmentVariableW
GetStartupInfoA
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
OutputDebugStringA
VerifyVersionInfoW
VerSetConditionMask
GetVersionExW
ExpandEnvironmentStringsW
CreateThread
WaitForSingleObject
FindClose
FindNextFileW
FindFirstFileExW
CreateDirectoryW
OpenEventW
GetCurrentThread
SetEvent
GetTickCount64
RegNotifyChangeKeyValue
DuplicateHandle
CreateEventW
RegEnumValueW
RegDeleteKeyExW
user32
MsgWaitForMultipleObjects
PeekMessageW
UnregisterClassA
UnregisterDeviceNotification
RegisterDeviceNotificationW
LoadStringW
CharNextW
DispatchMessageW
msvcrt
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
realloc
_exit
_cexit
__getmainargs
calloc
wcsncpy_s
malloc
memmove_s
memcpy
wcsrchr
swscanf_s
_wcsicmp
free
_wcsnicmp
wcsncmp
memcpy_s
_vsnwprintf
memset
__CxxFrameHandler3
_CxxThrowException
_errno
_controlfp
fprintf
wcsstr
wcspbrk
_vscwprintf
vswprintf_s
qsort
towupper
bsearch
_XcptFilter
wcschr
iswspace
_wtol
swscanf
_vsnprintf
strncmp
_iob
ntdll
NtOpenFile
RtlInitUnicodeString
RtlNtStatusToDosError
WinSqmAddToStream
WinSqmIncrementDWORD
WinSqmSetDWORD
WinSqmIsOptedIn
ole32
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoCreateInstance
CoRevertToSelf
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoInitializeSecurity
CoImpersonateClient
oleaut32
SysFreeString
SysAllocString
SysStringLen
VarBstrCat
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantClear
VarUI4FromStr
LoadRegTypeLi
LoadTypeLi
tquery
?ciDelete@@YGXPAX@Z
?ciNewNoThrow@@YGPAXI@Z
?ciNew@@YGPAXI@Z
shlwapi
PathIsUNCServerShareW
SHGetValueW
SHSetValueW
PathAddBackslashW
SHCopyKeyW
PathRemoveBackslashW
SHDeleteKeyW
ord154
PathIsDirectoryW
PathStripToRootW
PathCanonicalizeW
PathFindNextComponentW
PathSkipRootW
PathFileExistsW
SHRegGetValueW
SHStrDupW
PathAppendW
PathIsUNCW
PathIsUNCServerW
PathIsRootW
mssrch
??0CSearchServiceObj@@QAE@XZ
?Cleanup@CSearchServiceObj@@SGHXZ
??1CSearchServiceObj@@QAE@XZ
imm32
ImmDisableIME
Sections
.text Size: 291KB - Virtual size: 291KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 100KB - Virtual size: 99KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
SearchIndexer (12).exe.exe windows x86
bcce0d2b7ed723cd121dc97cc8a48b0c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegCloseKey
RegSetValueExW
RegCreateKeyExW
EventWrite
RegOpenKeyExW
RegSetKeyValueW
RegGetValueW
RegEnumKeyExW
RegDeleteValueW
OpenProcessToken
RegQueryValueExW
EventRegister
EventUnregister
EventEnabled
RegQueryInfoKeyW
InitializeAcl
InitializeSecurityDescriptor
CopySid
GetLengthSid
IsValidSid
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
GetTokenInformation
AddAce
GetAce
GetAclInformation
AddAccessAllowedAce
StartServiceCtrlDispatcherW
SetSecurityDescriptorDacl
OpenThreadToken
LookupAccountNameW
SetServiceStatus
RegisterServiceCtrlHandlerExW
SetFileSecurityW
ImpersonateLoggedOnUser
GetSecurityDescriptorLength
MakeSelfRelativeSD
GetSidSubAuthority
RevertToSelf
MakeAbsoluteSD
InitializeSid
GetSidLengthRequired
AddAccessDeniedAce
LookupAccountSidW
CreateWellKnownSid
SetTokenInformation
IsValidAcl
DeregisterEventSource
RegisterEventSourceW
ReportEventW
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegDeleteKeyTransactedW
GetSecurityDescriptorControl
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
RegCreateKeyTransactedW
RegOpenKeyTransactedW
CheckTokenMembership
kernel32
InterlockedCompareExchange
DelayLoadFailureHook
HeapSetInformation
GetCurrentProcessId
SetPriorityClass
SetEnvironmentVariableW
CreateMutexW
Sleep
MultiByteToWideChar
LoadLibraryW
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapFree
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetCurrentProcess
GetNLSVersion
OutputDebugStringW
GetModuleFileNameW
LoadLibraryExW
InterlockedDecrement
InterlockedIncrement
GetSystemDirectoryW
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
WideCharToMultiByte
GetSystemDefaultLCID
CompareStringW
lstrcmpiW
FreeLibrary
lstrlenW
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
GetDriveTypeW
GetVolumeInformationW
SetLastError
GetVolumePathNamesForVolumeNameW
SetErrorMode
GetLastError
CloseHandle
LoadLibraryExA
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetSystemPreferredUILanguages
ResolveLocaleName
LocaleNameToLCID
CreateFileMappingW
ReleaseMutex
MapViewOfFile
CopyFileA
DeleteFileA
FlushViewOfFile
GetLocalTime
CreateFileA
FormatMessageW
UnmapViewOfFile
LCMapStringW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetTimeFormatW
LocalFree
CreateFileW
lstrcmpW
CompareFileTime
RemoveDirectoryW
FindFirstFileW
GetCommandLineW
DeleteFileW
SearchPathW
MoveFileW
CopyFileW
GetFileAttributesW
SetFileAttributesW
GetVersionExA
HeapDestroy
HeapAlloc
HeapReAlloc
HeapSize
InterlockedExchange
lstrlenA
GetEnvironmentVariableW
GetStartupInfoA
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
OutputDebugStringA
VerifyVersionInfoW
VerSetConditionMask
GetVersionExW
ExpandEnvironmentStringsW
CreateThread
WaitForSingleObject
FindClose
FindNextFileW
FindFirstFileExW
CreateDirectoryW
OpenEventW
GetCurrentThread
SetEvent
GetTickCount64
RegNotifyChangeKeyValue
DuplicateHandle
CreateEventW
RegEnumValueW
RegDeleteKeyExW
user32
MsgWaitForMultipleObjects
PeekMessageW
UnregisterClassA
UnregisterDeviceNotification
RegisterDeviceNotificationW
LoadStringW
CharNextW
DispatchMessageW
msvcrt
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
realloc
_exit
_cexit
__getmainargs
calloc
wcsncpy_s
malloc
memmove_s
memcpy
wcsrchr
swscanf_s
_wcsicmp
free
_wcsnicmp
wcsncmp
memcpy_s
_vsnwprintf
memset
__CxxFrameHandler3
_CxxThrowException
_errno
_controlfp
fprintf
wcsstr
wcspbrk
_vscwprintf
vswprintf_s
qsort
towupper
bsearch
_XcptFilter
wcschr
iswspace
_wtol
swscanf
_vsnprintf
strncmp
_iob
ntdll
NtOpenFile
RtlInitUnicodeString
RtlNtStatusToDosError
WinSqmAddToStream
WinSqmIncrementDWORD
WinSqmSetDWORD
WinSqmIsOptedIn
ole32
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoCreateInstance
CoRevertToSelf
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoInitializeSecurity
CoImpersonateClient
oleaut32
SysFreeString
SysAllocString
SysStringLen
VarBstrCat
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantClear
VarUI4FromStr
LoadRegTypeLi
LoadTypeLi
tquery
?ciDelete@@YGXPAX@Z
?ciNewNoThrow@@YGPAXI@Z
?ciNew@@YGPAXI@Z
shlwapi
PathIsUNCServerShareW
SHGetValueW
SHSetValueW
PathAddBackslashW
SHCopyKeyW
PathRemoveBackslashW
SHDeleteKeyW
ord154
PathIsDirectoryW
PathStripToRootW
PathCanonicalizeW
PathFindNextComponentW
PathSkipRootW
PathFileExistsW
SHRegGetValueW
SHStrDupW
PathAppendW
PathIsUNCW
PathIsUNCServerW
PathIsRootW
mssrch
??0CSearchServiceObj@@QAE@XZ
?Cleanup@CSearchServiceObj@@SGHXZ
??1CSearchServiceObj@@QAE@XZ
imm32
ImmDisableIME
Sections
.text Size: 291KB - Virtual size: 291KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 100KB - Virtual size: 99KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
SearchIndexer (13).exe.exe windows x86
bcce0d2b7ed723cd121dc97cc8a48b0c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegCloseKey
RegSetValueExW
RegCreateKeyExW
EventWrite
RegOpenKeyExW
RegSetKeyValueW
RegGetValueW
RegEnumKeyExW
RegDeleteValueW
OpenProcessToken
RegQueryValueExW
EventRegister
EventUnregister
EventEnabled
RegQueryInfoKeyW
InitializeAcl
InitializeSecurityDescriptor
CopySid
GetLengthSid
IsValidSid
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
GetTokenInformation
AddAce
GetAce
GetAclInformation
AddAccessAllowedAce
StartServiceCtrlDispatcherW
SetSecurityDescriptorDacl
OpenThreadToken
LookupAccountNameW
SetServiceStatus
RegisterServiceCtrlHandlerExW
SetFileSecurityW
ImpersonateLoggedOnUser
GetSecurityDescriptorLength
MakeSelfRelativeSD
GetSidSubAuthority
RevertToSelf
MakeAbsoluteSD
InitializeSid
GetSidLengthRequired
AddAccessDeniedAce
LookupAccountSidW
CreateWellKnownSid
SetTokenInformation
IsValidAcl
DeregisterEventSource
RegisterEventSourceW
ReportEventW
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegDeleteKeyTransactedW
GetSecurityDescriptorControl
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
RegCreateKeyTransactedW
RegOpenKeyTransactedW
CheckTokenMembership
kernel32
InterlockedCompareExchange
DelayLoadFailureHook
HeapSetInformation
GetCurrentProcessId
SetPriorityClass
SetEnvironmentVariableW
CreateMutexW
Sleep
MultiByteToWideChar
LoadLibraryW
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapFree
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetCurrentProcess
GetNLSVersion
OutputDebugStringW
GetModuleFileNameW
LoadLibraryExW
InterlockedDecrement
InterlockedIncrement
GetSystemDirectoryW
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
WideCharToMultiByte
GetSystemDefaultLCID
CompareStringW
lstrcmpiW
FreeLibrary
lstrlenW
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
GetDriveTypeW
GetVolumeInformationW
SetLastError
GetVolumePathNamesForVolumeNameW
SetErrorMode
GetLastError
CloseHandle
LoadLibraryExA
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetSystemPreferredUILanguages
ResolveLocaleName
LocaleNameToLCID
CreateFileMappingW
ReleaseMutex
MapViewOfFile
CopyFileA
DeleteFileA
FlushViewOfFile
GetLocalTime
CreateFileA
FormatMessageW
UnmapViewOfFile
LCMapStringW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetTimeFormatW
LocalFree
CreateFileW
lstrcmpW
CompareFileTime
RemoveDirectoryW
FindFirstFileW
GetCommandLineW
DeleteFileW
SearchPathW
MoveFileW
CopyFileW
GetFileAttributesW
SetFileAttributesW
GetVersionExA
HeapDestroy
HeapAlloc
HeapReAlloc
HeapSize
InterlockedExchange
lstrlenA
GetEnvironmentVariableW
GetStartupInfoA
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
OutputDebugStringA
VerifyVersionInfoW
VerSetConditionMask
GetVersionExW
ExpandEnvironmentStringsW
CreateThread
WaitForSingleObject
FindClose
FindNextFileW
FindFirstFileExW
CreateDirectoryW
OpenEventW
GetCurrentThread
SetEvent
GetTickCount64
RegNotifyChangeKeyValue
DuplicateHandle
CreateEventW
RegEnumValueW
RegDeleteKeyExW
user32
MsgWaitForMultipleObjects
PeekMessageW
UnregisterClassA
UnregisterDeviceNotification
RegisterDeviceNotificationW
LoadStringW
CharNextW
DispatchMessageW
msvcrt
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
realloc
_exit
_cexit
__getmainargs
calloc
wcsncpy_s
malloc
memmove_s
memcpy
wcsrchr
swscanf_s
_wcsicmp
free
_wcsnicmp
wcsncmp
memcpy_s
_vsnwprintf
memset
__CxxFrameHandler3
_CxxThrowException
_errno
_controlfp
fprintf
wcsstr
wcspbrk
_vscwprintf
vswprintf_s
qsort
towupper
bsearch
_XcptFilter
wcschr
iswspace
_wtol
swscanf
_vsnprintf
strncmp
_iob
ntdll
NtOpenFile
RtlInitUnicodeString
RtlNtStatusToDosError
WinSqmAddToStream
WinSqmIncrementDWORD
WinSqmSetDWORD
WinSqmIsOptedIn
ole32
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoCreateInstance
CoRevertToSelf
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoInitializeSecurity
CoImpersonateClient
oleaut32
SysFreeString
SysAllocString
SysStringLen
VarBstrCat
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantClear
VarUI4FromStr
LoadRegTypeLi
LoadTypeLi
tquery
?ciDelete@@YGXPAX@Z
?ciNewNoThrow@@YGPAXI@Z
?ciNew@@YGPAXI@Z
shlwapi
PathIsUNCServerShareW
SHGetValueW
SHSetValueW
PathAddBackslashW
SHCopyKeyW
PathRemoveBackslashW
SHDeleteKeyW
ord154
PathIsDirectoryW
PathStripToRootW
PathCanonicalizeW
PathFindNextComponentW
PathSkipRootW
PathFileExistsW
SHRegGetValueW
SHStrDupW
PathAppendW
PathIsUNCW
PathIsUNCServerW
PathIsRootW
mssrch
??0CSearchServiceObj@@QAE@XZ
?Cleanup@CSearchServiceObj@@SGHXZ
??1CSearchServiceObj@@QAE@XZ
imm32
ImmDisableIME
Sections
.text Size: 292KB - Virtual size: 292KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 100KB - Virtual size: 99KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
SearchIndexer (14).exe.exe windows x64
3cd6c1a8cdf1d13fa9e5f7fc626e2c4a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
advapi32
RegCreateKeyExW
RegCloseKey
RegSetValueExW
OpenProcessToken
EventWrite
RegSetKeyValueW
RegDeleteValueW
RegGetValueW
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegQueryInfoKeyW
InitializeSecurityDescriptor
EventUnregister
InitializeAcl
EventEnabled
EventRegister
OpenThreadToken
StartServiceCtrlDispatcherW
SetSecurityDescriptorGroup
RegisterServiceCtrlHandlerExW
GetTokenInformation
GetAclInformation
CopySid
LookupAccountNameW
SetSecurityDescriptorDacl
GetAce
SetServiceStatus
SetSecurityDescriptorOwner
AddAccessAllowedAce
IsValidSid
AddAce
GetLengthSid
SetFileSecurityW
IsValidAcl
GetSidSubAuthority
SetTokenInformation
GetSecurityDescriptorLength
LookupAccountSidW
ImpersonateLoggedOnUser
MakeAbsoluteSD
RevertToSelf
GetSidLengthRequired
InitializeSid
MakeSelfRelativeSD
CreateWellKnownSid
RegisterEventSourceW
DeregisterEventSource
ReportEventW
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegCreateKeyTransactedW
RegOpenKeyTransactedW
RegDeleteKeyTransactedW
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
CheckTokenMembership
GetSecurityDescriptorControl
kernel32
LoadLibraryExA
GetCurrentProcessId
GetCurrentThreadId
DeleteCriticalSection
HeapSetInformation
LockResource
EnterCriticalSection
RaiseException
MultiByteToWideChar
LeaveCriticalSection
SizeofResource
Sleep
LoadLibraryW
InitializeCriticalSection
GetProcessHeap
HeapFree
SetEnvironmentVariableW
LoadResource
FindResourceW
FindResourceExW
SetPriorityClass
CreateMutexW
GetNLSVersion
lstrcmpiW
GetProcAddress
lstrlenW
CompareStringW
GetModuleFileNameW
WideCharToMultiByte
GetSystemDirectoryW
GetModuleHandleW
OutputDebugStringW
GetSystemDefaultLCID
GetModuleHandleExW
GetCurrentProcess
LoadLibraryExW
FreeLibrary
GetVolumeInformationW
FindFirstVolumeW
CloseHandle
SetLastError
GetLastError
GetVolumePathNamesForVolumeNameW
FindNextVolumeW
SetErrorMode
GetDriveTypeW
FindVolumeClose
GetUserDefaultUILanguage
DelayLoadFailureHook
GetSystemDefaultUILanguage
SearchPathW
GetSystemPreferredUILanguages
LocaleNameToLCID
ResolveLocaleName
CreateFileMappingW
ReleaseMutex
DeleteFileA
GetLocalTime
CopyFileA
FormatMessageW
FlushViewOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileA
LCMapStringW
FileTimeToSystemTime
GetTimeFormatW
SystemTimeToTzSpecificLocalTime
LocalFree
SetFileAttributesW
DeleteFileW
RemoveDirectoryW
MoveFileW
lstrcmpW
CreateFileW
GetFileAttributesW
CopyFileW
GetLocaleInfoW
CompareFileTime
FindFirstFileW
GetVersionExA
HeapDestroy
HeapAlloc
HeapReAlloc
HeapSize
lstrlenA
GetEnvironmentVariableW
GetStartupInfoW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
OutputDebugStringA
VerSetConditionMask
GetVersionExW
VerifyVersionInfoW
CreateDirectoryW
WaitForSingleObject
FindFirstFileExW
FindClose
FindNextFileW
CreateThread
ExpandEnvironmentStringsW
SetEvent
GetCurrentThread
CreateEventW
RegNotifyChangeKeyValue
OpenEventW
DuplicateHandle
GetTickCount64
RegEnumValueW
RegDeleteKeyExW
GetCommandLineW
user32
DispatchMessageW
PeekMessageW
MsgWaitForMultipleObjects
UnregisterClassA
UnregisterDeviceNotification
RegisterDeviceNotificationW
LoadStringW
CharNextW
msvcrt
_errno
realloc
_onexit
_lock
__dllonexit
_unlock
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
__set_app_type
_fmode
_commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_cexit
_ismbblead
_exit
_XcptFilter
__getmainargs
calloc
__C_specific_handler
memset
malloc
wcsncpy_s
memmove_s
wcsncmp
memcpy_s
swscanf_s
_vsnwprintf
wcsrchr
_wcsnicmp
free
_wcsicmp
towupper
qsort
wcsstr
wcspbrk
_vscwprintf
vswprintf_s
memcpy
_CxxThrowException
memcmp
bsearch
wcschr
iswspace
_wtol
swscanf
strncmp
fprintf
_vsnprintf
_iob
__CxxFrameHandler3
ntdll
RtlNtStatusToDosError
NtOpenFile
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WinSqmIncrementDWORD
WinSqmSetDWORD
WinSqmIsOptedIn
WinSqmAddToStream
RtlInitUnicodeString
ole32
CoImpersonateClient
CoRevertToSelf
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoTaskMemRealloc
CoTaskMemAlloc
CoInitializeEx
CoInitializeSecurity
CoRevokeClassObject
CoRegisterClassObject
oleaut32
SysAllocString
SysAllocStringByteLen
SysFreeString
SysStringLen
VariantClear
VariantInit
VarBstrCat
SysAllocStringLen
SysStringByteLen
LoadTypeLi
VarUI4FromStr
LoadRegTypeLi
tquery
?ciNew@@YAPEAX_K@Z
?ciDelete@@YAXPEAX@Z
?ciNewNoThrow@@YAPEAX_K@Z
shlwapi
SHCopyKeyW
PathIsUNCServerShareW
PathAddBackslashW
SHGetValueW
SHSetValueW
PathRemoveBackslashW
SHDeleteKeyW
PathStripToRootW
PathIsDirectoryW
ord154
PathCanonicalizeW
PathFileExistsW
PathSkipRootW
PathFindNextComponentW
SHRegGetValueW
SHStrDupW
PathIsUNCW
PathIsUNCServerW
PathAppendW
PathIsRootW
mssrch
??1CSearchServiceObj@@QEAA@XZ
??0CSearchServiceObj@@QEAA@XZ
?Cleanup@CSearchServiceObj@@SAHXZ
imm32
ImmDisableIME
Sections
.text Size: 320KB - Virtual size: 319KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 116KB - Virtual size: 115KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 9KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 27KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 100KB - Virtual size: 99KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
SearchIndexer (2).exe.exe windows x86
bcce0d2b7ed723cd121dc97cc8a48b0c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegCloseKey
RegSetValueExW
RegCreateKeyExW
EventWrite
RegOpenKeyExW
RegSetKeyValueW
RegGetValueW
RegEnumKeyExW
RegDeleteValueW
OpenProcessToken
RegQueryValueExW
EventRegister
EventUnregister
EventEnabled
RegQueryInfoKeyW
InitializeAcl
InitializeSecurityDescriptor
CopySid
GetLengthSid
IsValidSid
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
GetTokenInformation
AddAce
GetAce
GetAclInformation
AddAccessAllowedAce
StartServiceCtrlDispatcherW
SetSecurityDescriptorDacl
OpenThreadToken
LookupAccountNameW
SetServiceStatus
RegisterServiceCtrlHandlerExW
SetFileSecurityW
ImpersonateLoggedOnUser
GetSecurityDescriptorLength
MakeSelfRelativeSD
GetSidSubAuthority
RevertToSelf
MakeAbsoluteSD
InitializeSid
GetSidLengthRequired
AddAccessDeniedAce
LookupAccountSidW
CreateWellKnownSid
SetTokenInformation
IsValidAcl
DeregisterEventSource
RegisterEventSourceW
ReportEventW
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegDeleteKeyTransactedW
GetSecurityDescriptorControl
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
RegCreateKeyTransactedW
RegOpenKeyTransactedW
CheckTokenMembership
kernel32
InterlockedCompareExchange
DelayLoadFailureHook
HeapSetInformation
GetCurrentProcessId
SetPriorityClass
SetEnvironmentVariableW
CreateMutexW
Sleep
MultiByteToWideChar
LoadLibraryW
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapFree
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetCurrentProcess
GetNLSVersion
OutputDebugStringW
GetModuleFileNameW
LoadLibraryExW
InterlockedDecrement
InterlockedIncrement
GetSystemDirectoryW
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
WideCharToMultiByte
GetSystemDefaultLCID
CompareStringW
lstrcmpiW
FreeLibrary
lstrlenW
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
GetDriveTypeW
GetVolumeInformationW
SetLastError
GetVolumePathNamesForVolumeNameW
SetErrorMode
GetLastError
CloseHandle
LoadLibraryExA
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetSystemPreferredUILanguages
ResolveLocaleName
LocaleNameToLCID
CreateFileMappingW
ReleaseMutex
MapViewOfFile
CopyFileA
DeleteFileA
FlushViewOfFile
GetLocalTime
CreateFileA
FormatMessageW
UnmapViewOfFile
LCMapStringW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetTimeFormatW
LocalFree
CreateFileW
lstrcmpW
CompareFileTime
RemoveDirectoryW
FindFirstFileW
GetCommandLineW
DeleteFileW
SearchPathW
MoveFileW
CopyFileW
GetFileAttributesW
SetFileAttributesW
GetVersionExA
HeapDestroy
HeapAlloc
HeapReAlloc
HeapSize
InterlockedExchange
lstrlenA
GetEnvironmentVariableW
GetStartupInfoA
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
OutputDebugStringA
VerifyVersionInfoW
VerSetConditionMask
GetVersionExW
ExpandEnvironmentStringsW
CreateThread
WaitForSingleObject
FindClose
FindNextFileW
FindFirstFileExW
CreateDirectoryW
OpenEventW
GetCurrentThread
SetEvent
GetTickCount64
RegNotifyChangeKeyValue
DuplicateHandle
CreateEventW
RegEnumValueW
RegDeleteKeyExW
user32
MsgWaitForMultipleObjects
PeekMessageW
UnregisterClassA
UnregisterDeviceNotification
RegisterDeviceNotificationW
LoadStringW
CharNextW
DispatchMessageW
msvcrt
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
realloc
_exit
_cexit
__getmainargs
calloc
wcsncpy_s
malloc
memmove_s
memcpy
wcsrchr
swscanf_s
_wcsicmp
free
_wcsnicmp
wcsncmp
memcpy_s
_vsnwprintf
memset
__CxxFrameHandler3
_CxxThrowException
_errno
_controlfp
fprintf
wcsstr
wcspbrk
_vscwprintf
vswprintf_s
qsort
towupper
bsearch
_XcptFilter
wcschr
iswspace
_wtol
swscanf
_vsnprintf
strncmp
_iob
ntdll
NtOpenFile
RtlInitUnicodeString
RtlNtStatusToDosError
WinSqmAddToStream
WinSqmIncrementDWORD
WinSqmSetDWORD
WinSqmIsOptedIn
ole32
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoCreateInstance
CoRevertToSelf
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoInitializeSecurity
CoImpersonateClient
oleaut32
SysFreeString
SysAllocString
SysStringLen
VarBstrCat
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantClear
VarUI4FromStr
LoadRegTypeLi
LoadTypeLi
tquery
?ciDelete@@YGXPAX@Z
?ciNewNoThrow@@YGPAXI@Z
?ciNew@@YGPAXI@Z
shlwapi
PathIsUNCServerShareW
SHGetValueW
SHSetValueW
PathAddBackslashW
SHCopyKeyW
PathRemoveBackslashW
SHDeleteKeyW
ord154
PathIsDirectoryW
PathStripToRootW
PathCanonicalizeW
PathFindNextComponentW
PathSkipRootW
PathFileExistsW
SHRegGetValueW
SHStrDupW
PathAppendW
PathIsUNCW
PathIsUNCServerW
PathIsRootW
mssrch
??0CSearchServiceObj@@QAE@XZ
?Cleanup@CSearchServiceObj@@SGHXZ
??1CSearchServiceObj@@QAE@XZ
imm32
ImmDisableIME
Sections
.text Size: 292KB - Virtual size: 292KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 100KB - Virtual size: 99KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
SearchIndexer (3).exe.exe windows x64
3cd6c1a8cdf1d13fa9e5f7fc626e2c4a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
advapi32
RegCreateKeyExW
RegCloseKey
RegSetValueExW
OpenProcessToken
EventWrite
RegSetKeyValueW
RegDeleteValueW
RegGetValueW
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegQueryInfoKeyW
InitializeSecurityDescriptor
EventUnregister
InitializeAcl
EventEnabled
EventRegister
OpenThreadToken
StartServiceCtrlDispatcherW
SetSecurityDescriptorGroup
RegisterServiceCtrlHandlerExW
GetTokenInformation
GetAclInformation
CopySid
LookupAccountNameW
SetSecurityDescriptorDacl
GetAce
SetServiceStatus
SetSecurityDescriptorOwner
AddAccessAllowedAce
IsValidSid
AddAce
GetLengthSid
SetFileSecurityW
IsValidAcl
GetSidSubAuthority
SetTokenInformation
GetSecurityDescriptorLength
LookupAccountSidW
ImpersonateLoggedOnUser
MakeAbsoluteSD
RevertToSelf
GetSidLengthRequired
InitializeSid
MakeSelfRelativeSD
CreateWellKnownSid
RegisterEventSourceW
DeregisterEventSource
ReportEventW
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegCreateKeyTransactedW
RegOpenKeyTransactedW
RegDeleteKeyTransactedW
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
CheckTokenMembership
GetSecurityDescriptorControl
kernel32
LoadLibraryExA
GetCurrentProcessId
GetCurrentThreadId
DeleteCriticalSection
HeapSetInformation
LockResource
EnterCriticalSection
RaiseException
MultiByteToWideChar
LeaveCriticalSection
SizeofResource
Sleep
LoadLibraryW
InitializeCriticalSection
GetProcessHeap
HeapFree
SetEnvironmentVariableW
LoadResource
FindResourceW
FindResourceExW
SetPriorityClass
CreateMutexW
GetNLSVersion
lstrcmpiW
GetProcAddress
lstrlenW
CompareStringW
GetModuleFileNameW
WideCharToMultiByte
GetSystemDirectoryW
GetModuleHandleW
OutputDebugStringW
GetSystemDefaultLCID
GetModuleHandleExW
GetCurrentProcess
LoadLibraryExW
FreeLibrary
GetVolumeInformationW
FindFirstVolumeW
CloseHandle
SetLastError
GetLastError
GetVolumePathNamesForVolumeNameW
FindNextVolumeW
SetErrorMode
GetDriveTypeW
FindVolumeClose
GetUserDefaultUILanguage
DelayLoadFailureHook
GetSystemDefaultUILanguage
SearchPathW
GetSystemPreferredUILanguages
LocaleNameToLCID
ResolveLocaleName
CreateFileMappingW
ReleaseMutex
DeleteFileA
GetLocalTime
CopyFileA
FormatMessageW
FlushViewOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileA
LCMapStringW
FileTimeToSystemTime
GetTimeFormatW
SystemTimeToTzSpecificLocalTime
LocalFree
SetFileAttributesW
DeleteFileW
RemoveDirectoryW
MoveFileW
lstrcmpW
CreateFileW
GetFileAttributesW
CopyFileW
GetLocaleInfoW
CompareFileTime
FindFirstFileW
GetVersionExA
HeapDestroy
HeapAlloc
HeapReAlloc
HeapSize
lstrlenA
GetEnvironmentVariableW
GetStartupInfoW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
OutputDebugStringA
VerSetConditionMask
GetVersionExW
VerifyVersionInfoW
CreateDirectoryW
WaitForSingleObject
FindFirstFileExW
FindClose
FindNextFileW
CreateThread
ExpandEnvironmentStringsW
SetEvent
GetCurrentThread
CreateEventW
RegNotifyChangeKeyValue
OpenEventW
DuplicateHandle
GetTickCount64
RegEnumValueW
RegDeleteKeyExW
GetCommandLineW
user32
DispatchMessageW
PeekMessageW
MsgWaitForMultipleObjects
UnregisterClassA
UnregisterDeviceNotification
RegisterDeviceNotificationW
LoadStringW
CharNextW
msvcrt
_errno
realloc
_onexit
_lock
__dllonexit
_unlock
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
__set_app_type
_fmode
_commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_cexit
_ismbblead
_exit
_XcptFilter
__getmainargs
calloc
__C_specific_handler
memset
malloc
wcsncpy_s
memmove_s
wcsncmp
memcpy_s
swscanf_s
_vsnwprintf
wcsrchr
_wcsnicmp
free
_wcsicmp
towupper
qsort
wcsstr
wcspbrk
_vscwprintf
vswprintf_s
memcpy
_CxxThrowException
memcmp
bsearch
wcschr
iswspace
_wtol
swscanf
strncmp
fprintf
_vsnprintf
_iob
__CxxFrameHandler3
ntdll
RtlNtStatusToDosError
NtOpenFile
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WinSqmIncrementDWORD
WinSqmSetDWORD
WinSqmIsOptedIn
WinSqmAddToStream
RtlInitUnicodeString
ole32
CoImpersonateClient
CoRevertToSelf
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoTaskMemRealloc
CoTaskMemAlloc
CoInitializeEx
CoInitializeSecurity
CoRevokeClassObject
CoRegisterClassObject
oleaut32
SysAllocString
SysAllocStringByteLen
SysFreeString
SysStringLen
VariantClear
VariantInit
VarBstrCat
SysAllocStringLen
SysStringByteLen
LoadTypeLi
VarUI4FromStr
LoadRegTypeLi
tquery
?ciNew@@YAPEAX_K@Z
?ciDelete@@YAXPEAX@Z
?ciNewNoThrow@@YAPEAX_K@Z
shlwapi
SHCopyKeyW
PathIsUNCServerShareW
PathAddBackslashW
SHGetValueW
SHSetValueW
PathRemoveBackslashW
SHDeleteKeyW
PathStripToRootW
PathIsDirectoryW
ord154
PathCanonicalizeW
PathFileExistsW
PathSkipRootW
PathFindNextComponentW
SHRegGetValueW
SHStrDupW
PathIsUNCW
PathIsUNCServerW
PathAppendW
PathIsRootW
mssrch
??1CSearchServiceObj@@QEAA@XZ
??0CSearchServiceObj@@QEAA@XZ
?Cleanup@CSearchServiceObj@@SAHXZ
imm32
ImmDisableIME
Sections
.text Size: 321KB - Virtual size: 321KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 116KB - Virtual size: 116KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 9KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 100KB - Virtual size: 99KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
SearchIndexer (4).exe.exe windows x86
bcce0d2b7ed723cd121dc97cc8a48b0c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegCloseKey
RegSetValueExW
RegCreateKeyExW
EventWrite
RegOpenKeyExW
RegSetKeyValueW
RegGetValueW
RegEnumKeyExW
RegDeleteValueW
OpenProcessToken
RegQueryValueExW
EventRegister
EventUnregister
EventEnabled
RegQueryInfoKeyW
InitializeAcl
InitializeSecurityDescriptor
CopySid
GetLengthSid
IsValidSid
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
GetTokenInformation
AddAce
GetAce
GetAclInformation
AddAccessAllowedAce
StartServiceCtrlDispatcherW
SetSecurityDescriptorDacl
OpenThreadToken
LookupAccountNameW
SetServiceStatus
RegisterServiceCtrlHandlerExW
SetFileSecurityW
ImpersonateLoggedOnUser
GetSecurityDescriptorLength
MakeSelfRelativeSD
GetSidSubAuthority
RevertToSelf
MakeAbsoluteSD
InitializeSid
GetSidLengthRequired
AddAccessDeniedAce
LookupAccountSidW
CreateWellKnownSid
SetTokenInformation
IsValidAcl
DeregisterEventSource
RegisterEventSourceW
ReportEventW
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegDeleteKeyTransactedW
GetSecurityDescriptorControl
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
RegCreateKeyTransactedW
RegOpenKeyTransactedW
CheckTokenMembership
kernel32
InterlockedCompareExchange
DelayLoadFailureHook
HeapSetInformation
GetCurrentProcessId
SetPriorityClass
SetEnvironmentVariableW
CreateMutexW
Sleep
MultiByteToWideChar
LoadLibraryW
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapFree
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetCurrentProcess
GetNLSVersion
OutputDebugStringW
GetModuleFileNameW
LoadLibraryExW
InterlockedDecrement
InterlockedIncrement
GetSystemDirectoryW
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
WideCharToMultiByte
GetSystemDefaultLCID
CompareStringW
lstrcmpiW
FreeLibrary
lstrlenW
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
GetDriveTypeW
GetVolumeInformationW
SetLastError
GetVolumePathNamesForVolumeNameW
SetErrorMode
GetLastError
CloseHandle
LoadLibraryExA
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetSystemPreferredUILanguages
ResolveLocaleName
LocaleNameToLCID
CreateFileMappingW
ReleaseMutex
MapViewOfFile
CopyFileA
DeleteFileA
FlushViewOfFile
GetLocalTime
CreateFileA
FormatMessageW
UnmapViewOfFile
LCMapStringW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetTimeFormatW
LocalFree
CreateFileW
lstrcmpW
CompareFileTime
RemoveDirectoryW
FindFirstFileW
GetCommandLineW
DeleteFileW
SearchPathW
MoveFileW
CopyFileW
GetFileAttributesW
SetFileAttributesW
GetVersionExA
HeapDestroy
HeapAlloc
HeapReAlloc
HeapSize
InterlockedExchange
lstrlenA
GetEnvironmentVariableW
GetStartupInfoA
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
OutputDebugStringA
VerifyVersionInfoW
VerSetConditionMask
GetVersionExW
ExpandEnvironmentStringsW
CreateThread
WaitForSingleObject
FindClose
FindNextFileW
FindFirstFileExW
CreateDirectoryW
OpenEventW
GetCurrentThread
SetEvent
GetTickCount64
RegNotifyChangeKeyValue
DuplicateHandle
CreateEventW
RegEnumValueW
RegDeleteKeyExW
user32
MsgWaitForMultipleObjects
PeekMessageW
UnregisterClassA
UnregisterDeviceNotification
RegisterDeviceNotificationW
LoadStringW
CharNextW
DispatchMessageW
msvcrt
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
realloc
_exit
_cexit
__getmainargs
calloc
wcsncpy_s
malloc
memmove_s
memcpy
wcsrchr
swscanf_s
_wcsicmp
free
_wcsnicmp
wcsncmp
memcpy_s
_vsnwprintf
memset
__CxxFrameHandler3
_CxxThrowException
_errno
_controlfp
fprintf
wcsstr
wcspbrk
_vscwprintf
vswprintf_s
qsort
towupper
bsearch
_XcptFilter
wcschr
iswspace
_wtol
swscanf
_vsnprintf
strncmp
_iob
ntdll
NtOpenFile
RtlInitUnicodeString
RtlNtStatusToDosError
WinSqmAddToStream
WinSqmIncrementDWORD
WinSqmSetDWORD
WinSqmIsOptedIn
ole32
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoCreateInstance
CoRevertToSelf
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoInitializeSecurity
CoImpersonateClient
oleaut32
SysFreeString
SysAllocString
SysStringLen
VarBstrCat
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantClear
VarUI4FromStr
LoadRegTypeLi
LoadTypeLi
tquery
?ciDelete@@YGXPAX@Z
?ciNewNoThrow@@YGPAXI@Z
?ciNew@@YGPAXI@Z
shlwapi
PathIsUNCServerShareW
SHGetValueW
SHSetValueW
PathAddBackslashW
SHCopyKeyW
PathRemoveBackslashW
SHDeleteKeyW
ord154
PathIsDirectoryW
PathStripToRootW
PathCanonicalizeW
PathFindNextComponentW
PathSkipRootW
PathFileExistsW
SHRegGetValueW
SHStrDupW
PathAppendW
PathIsUNCW
PathIsUNCServerW
PathIsRootW
mssrch
??0CSearchServiceObj@@QAE@XZ
?Cleanup@CSearchServiceObj@@SGHXZ
??1CSearchServiceObj@@QAE@XZ
imm32
ImmDisableIME
Sections
.text Size: 292KB - Virtual size: 291KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 100KB - Virtual size: 99KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
SearchIndexer (5).exe.exe windows x86
bcce0d2b7ed723cd121dc97cc8a48b0c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegCloseKey
RegSetValueExW
RegCreateKeyExW
EventWrite
RegOpenKeyExW
RegSetKeyValueW
RegGetValueW
RegEnumKeyExW
RegDeleteValueW
OpenProcessToken
RegQueryValueExW
EventRegister
EventUnregister
EventEnabled
RegQueryInfoKeyW
InitializeAcl
InitializeSecurityDescriptor
CopySid
GetLengthSid
IsValidSid
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
GetTokenInformation
AddAce
GetAce
GetAclInformation
AddAccessAllowedAce
StartServiceCtrlDispatcherW
SetSecurityDescriptorDacl
OpenThreadToken
LookupAccountNameW
SetServiceStatus
RegisterServiceCtrlHandlerExW
SetFileSecurityW
ImpersonateLoggedOnUser
GetSecurityDescriptorLength
MakeSelfRelativeSD
GetSidSubAuthority
RevertToSelf
MakeAbsoluteSD
InitializeSid
GetSidLengthRequired
AddAccessDeniedAce
LookupAccountSidW
CreateWellKnownSid
SetTokenInformation
IsValidAcl
DeregisterEventSource
RegisterEventSourceW
ReportEventW
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegDeleteKeyTransactedW
GetSecurityDescriptorControl
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
RegCreateKeyTransactedW
RegOpenKeyTransactedW
CheckTokenMembership
kernel32
InterlockedCompareExchange
DelayLoadFailureHook
HeapSetInformation
GetCurrentProcessId
SetPriorityClass
SetEnvironmentVariableW
CreateMutexW
Sleep
MultiByteToWideChar
LoadLibraryW
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapFree
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetCurrentProcess
GetNLSVersion
OutputDebugStringW
GetModuleFileNameW
LoadLibraryExW
InterlockedDecrement
InterlockedIncrement
GetSystemDirectoryW
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
WideCharToMultiByte
GetSystemDefaultLCID
CompareStringW
lstrcmpiW
FreeLibrary
lstrlenW
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
GetDriveTypeW
GetVolumeInformationW
SetLastError
GetVolumePathNamesForVolumeNameW
SetErrorMode
GetLastError
CloseHandle
LoadLibraryExA
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetSystemPreferredUILanguages
ResolveLocaleName
LocaleNameToLCID
CreateFileMappingW
ReleaseMutex
MapViewOfFile
CopyFileA
DeleteFileA
FlushViewOfFile
GetLocalTime
CreateFileA
FormatMessageW
UnmapViewOfFile
LCMapStringW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetTimeFormatW
LocalFree
CreateFileW
lstrcmpW
CompareFileTime
RemoveDirectoryW
FindFirstFileW
GetCommandLineW
DeleteFileW
SearchPathW
MoveFileW
CopyFileW
GetFileAttributesW
SetFileAttributesW
GetVersionExA
HeapDestroy
HeapAlloc
HeapReAlloc
HeapSize
InterlockedExchange
lstrlenA
GetEnvironmentVariableW
GetStartupInfoA
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
OutputDebugStringA
VerifyVersionInfoW
VerSetConditionMask
GetVersionExW
ExpandEnvironmentStringsW
CreateThread
WaitForSingleObject
FindClose
FindNextFileW
FindFirstFileExW
CreateDirectoryW
OpenEventW
GetCurrentThread
SetEvent
GetTickCount64
RegNotifyChangeKeyValue
DuplicateHandle
CreateEventW
RegEnumValueW
RegDeleteKeyExW
user32
MsgWaitForMultipleObjects
PeekMessageW
UnregisterClassA
UnregisterDeviceNotification
RegisterDeviceNotificationW
LoadStringW
CharNextW
DispatchMessageW
msvcrt
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
realloc
_exit
_cexit
__getmainargs
calloc
wcsncpy_s
malloc
memmove_s
memcpy
wcsrchr
swscanf_s
_wcsicmp
free
_wcsnicmp
wcsncmp
memcpy_s
_vsnwprintf
memset
__CxxFrameHandler3
_CxxThrowException
_errno
_controlfp
fprintf
wcsstr
wcspbrk
_vscwprintf
vswprintf_s
qsort
towupper
bsearch
_XcptFilter
wcschr
iswspace
_wtol
swscanf
_vsnprintf
strncmp
_iob
ntdll
NtOpenFile
RtlInitUnicodeString
RtlNtStatusToDosError
WinSqmAddToStream
WinSqmIncrementDWORD
WinSqmSetDWORD
WinSqmIsOptedIn
ole32
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoCreateInstance
CoRevertToSelf
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoInitializeSecurity
CoImpersonateClient
oleaut32
SysFreeString
SysAllocString
SysStringLen
VarBstrCat
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantClear
VarUI4FromStr
LoadRegTypeLi
LoadTypeLi
tquery
?ciDelete@@YGXPAX@Z
?ciNewNoThrow@@YGPAXI@Z
?ciNew@@YGPAXI@Z
shlwapi
PathIsUNCServerShareW
SHGetValueW
SHSetValueW
PathAddBackslashW
SHCopyKeyW
PathRemoveBackslashW
SHDeleteKeyW
ord154
PathIsDirectoryW
PathStripToRootW
PathCanonicalizeW
PathFindNextComponentW
PathSkipRootW
PathFileExistsW
SHRegGetValueW
SHStrDupW
PathAppendW
PathIsUNCW
PathIsUNCServerW
PathIsRootW
mssrch
??0CSearchServiceObj@@QAE@XZ
?Cleanup@CSearchServiceObj@@SGHXZ
??1CSearchServiceObj@@QAE@XZ
imm32
ImmDisableIME
Sections
.text Size: 291KB - Virtual size: 291KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 100KB - Virtual size: 99KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
SearchIndexer (6).exe.exe windows x86
bcce0d2b7ed723cd121dc97cc8a48b0c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegCloseKey
RegSetValueExW
RegCreateKeyExW
EventWrite
RegOpenKeyExW
RegSetKeyValueW
RegGetValueW
RegEnumKeyExW
RegDeleteValueW
OpenProcessToken
RegQueryValueExW
EventRegister
EventUnregister
EventEnabled
RegQueryInfoKeyW
InitializeAcl
InitializeSecurityDescriptor
CopySid
GetLengthSid
IsValidSid
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
GetTokenInformation
AddAce
GetAce
GetAclInformation
AddAccessAllowedAce
StartServiceCtrlDispatcherW
SetSecurityDescriptorDacl
OpenThreadToken
LookupAccountNameW
SetServiceStatus
RegisterServiceCtrlHandlerExW
SetFileSecurityW
ImpersonateLoggedOnUser
GetSecurityDescriptorLength
MakeSelfRelativeSD
GetSidSubAuthority
RevertToSelf
MakeAbsoluteSD
InitializeSid
GetSidLengthRequired
AddAccessDeniedAce
LookupAccountSidW
CreateWellKnownSid
SetTokenInformation
IsValidAcl
DeregisterEventSource
RegisterEventSourceW
ReportEventW
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegDeleteKeyTransactedW
GetSecurityDescriptorControl
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
RegCreateKeyTransactedW
RegOpenKeyTransactedW
CheckTokenMembership
kernel32
InterlockedCompareExchange
DelayLoadFailureHook
HeapSetInformation
GetCurrentProcessId
SetPriorityClass
SetEnvironmentVariableW
CreateMutexW
Sleep
MultiByteToWideChar
LoadLibraryW
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapFree
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetCurrentProcess
GetNLSVersion
OutputDebugStringW
GetModuleFileNameW
LoadLibraryExW
InterlockedDecrement
InterlockedIncrement
GetSystemDirectoryW
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
WideCharToMultiByte
GetSystemDefaultLCID
CompareStringW
lstrcmpiW
FreeLibrary
lstrlenW
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
GetDriveTypeW
GetVolumeInformationW
SetLastError
GetVolumePathNamesForVolumeNameW
SetErrorMode
GetLastError
CloseHandle
LoadLibraryExA
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetSystemPreferredUILanguages
ResolveLocaleName
LocaleNameToLCID
CreateFileMappingW
ReleaseMutex
MapViewOfFile
CopyFileA
DeleteFileA
FlushViewOfFile
GetLocalTime
CreateFileA
FormatMessageW
UnmapViewOfFile
LCMapStringW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetTimeFormatW
LocalFree
CreateFileW
lstrcmpW
CompareFileTime
RemoveDirectoryW
FindFirstFileW
GetCommandLineW
DeleteFileW
SearchPathW
MoveFileW
CopyFileW
GetFileAttributesW
SetFileAttributesW
GetVersionExA
HeapDestroy
HeapAlloc
HeapReAlloc
HeapSize
InterlockedExchange
lstrlenA
GetEnvironmentVariableW
GetStartupInfoA
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
OutputDebugStringA
VerifyVersionInfoW
VerSetConditionMask
GetVersionExW
ExpandEnvironmentStringsW
CreateThread
WaitForSingleObject
FindClose
FindNextFileW
FindFirstFileExW
CreateDirectoryW
OpenEventW
GetCurrentThread
SetEvent
GetTickCount64
RegNotifyChangeKeyValue
DuplicateHandle
CreateEventW
RegEnumValueW
RegDeleteKeyExW
user32
MsgWaitForMultipleObjects
PeekMessageW
UnregisterClassA
UnregisterDeviceNotification
RegisterDeviceNotificationW
LoadStringW
CharNextW
DispatchMessageW
msvcrt
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
realloc
_exit
_cexit
__getmainargs
calloc
wcsncpy_s
malloc
memmove_s
memcpy
wcsrchr
swscanf_s
_wcsicmp
free
_wcsnicmp
wcsncmp
memcpy_s
_vsnwprintf
memset
__CxxFrameHandler3
_CxxThrowException
_errno
_controlfp
fprintf
wcsstr
wcspbrk
_vscwprintf
vswprintf_s
qsort
towupper
bsearch
_XcptFilter
wcschr
iswspace
_wtol
swscanf
_vsnprintf
strncmp
_iob
ntdll
NtOpenFile
RtlInitUnicodeString
RtlNtStatusToDosError
WinSqmAddToStream
WinSqmIncrementDWORD
WinSqmSetDWORD
WinSqmIsOptedIn
ole32
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoCreateInstance
CoRevertToSelf
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoInitializeSecurity
CoImpersonateClient
oleaut32
SysFreeString
SysAllocString
SysStringLen
VarBstrCat
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantClear
VarUI4FromStr
LoadRegTypeLi
LoadTypeLi
tquery
?ciDelete@@YGXPAX@Z
?ciNewNoThrow@@YGPAXI@Z
?ciNew@@YGPAXI@Z
shlwapi
PathIsUNCServerShareW
SHGetValueW
SHSetValueW
PathAddBackslashW
SHCopyKeyW
PathRemoveBackslashW
SHDeleteKeyW
ord154
PathIsDirectoryW
PathStripToRootW
PathCanonicalizeW
PathFindNextComponentW
PathSkipRootW
PathFileExistsW
SHRegGetValueW
SHStrDupW
PathAppendW
PathIsUNCW
PathIsUNCServerW
PathIsRootW
mssrch
??0CSearchServiceObj@@QAE@XZ
?Cleanup@CSearchServiceObj@@SGHXZ
??1CSearchServiceObj@@QAE@XZ
imm32
ImmDisableIME
Sections
.text Size: 291KB - Virtual size: 291KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 100KB - Virtual size: 99KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
SearchIndexer (7).exe.exe windows x86
bcce0d2b7ed723cd121dc97cc8a48b0c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegCloseKey
RegSetValueExW
RegCreateKeyExW
EventWrite
RegOpenKeyExW
RegSetKeyValueW
RegGetValueW
RegEnumKeyExW
RegDeleteValueW
OpenProcessToken
RegQueryValueExW
EventRegister
EventUnregister
EventEnabled
RegQueryInfoKeyW
InitializeAcl
InitializeSecurityDescriptor
CopySid
GetLengthSid
IsValidSid
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
GetTokenInformation
AddAce
GetAce
GetAclInformation
AddAccessAllowedAce
StartServiceCtrlDispatcherW
SetSecurityDescriptorDacl
OpenThreadToken
LookupAccountNameW
SetServiceStatus
RegisterServiceCtrlHandlerExW
SetFileSecurityW
ImpersonateLoggedOnUser
GetSecurityDescriptorLength
MakeSelfRelativeSD
GetSidSubAuthority
RevertToSelf
MakeAbsoluteSD
InitializeSid
GetSidLengthRequired
AddAccessDeniedAce
LookupAccountSidW
CreateWellKnownSid
SetTokenInformation
IsValidAcl
DeregisterEventSource
RegisterEventSourceW
ReportEventW
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegDeleteKeyTransactedW
GetSecurityDescriptorControl
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
RegCreateKeyTransactedW
RegOpenKeyTransactedW
CheckTokenMembership
kernel32
InterlockedCompareExchange
DelayLoadFailureHook
HeapSetInformation
GetCurrentProcessId
SetPriorityClass
SetEnvironmentVariableW
CreateMutexW
Sleep
MultiByteToWideChar
LoadLibraryW
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapFree
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetCurrentProcess
GetNLSVersion
OutputDebugStringW
GetModuleFileNameW
LoadLibraryExW
InterlockedDecrement
InterlockedIncrement
GetSystemDirectoryW
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
WideCharToMultiByte
GetSystemDefaultLCID
CompareStringW
lstrcmpiW
FreeLibrary
lstrlenW
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
GetDriveTypeW
GetVolumeInformationW
SetLastError
GetVolumePathNamesForVolumeNameW
SetErrorMode
GetLastError
CloseHandle
LoadLibraryExA
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetSystemPreferredUILanguages
ResolveLocaleName
LocaleNameToLCID
CreateFileMappingW
ReleaseMutex
MapViewOfFile
CopyFileA
DeleteFileA
FlushViewOfFile
GetLocalTime
CreateFileA
FormatMessageW
UnmapViewOfFile
LCMapStringW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetTimeFormatW
LocalFree
CreateFileW
lstrcmpW
CompareFileTime
RemoveDirectoryW
FindFirstFileW
GetCommandLineW
DeleteFileW
SearchPathW
MoveFileW
CopyFileW
GetFileAttributesW
SetFileAttributesW
GetVersionExA
HeapDestroy
HeapAlloc
HeapReAlloc
HeapSize
InterlockedExchange
lstrlenA
GetEnvironmentVariableW
GetStartupInfoA
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
OutputDebugStringA
VerifyVersionInfoW
VerSetConditionMask
GetVersionExW
ExpandEnvironmentStringsW
CreateThread
WaitForSingleObject
FindClose
FindNextFileW
FindFirstFileExW
CreateDirectoryW
OpenEventW
GetCurrentThread
SetEvent
GetTickCount64
RegNotifyChangeKeyValue
DuplicateHandle
CreateEventW
RegEnumValueW
RegDeleteKeyExW
user32
MsgWaitForMultipleObjects
PeekMessageW
UnregisterClassA
UnregisterDeviceNotification
RegisterDeviceNotificationW
LoadStringW
CharNextW
DispatchMessageW
msvcrt
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
realloc
_exit
_cexit
__getmainargs
calloc
wcsncpy_s
malloc
memmove_s
memcpy
wcsrchr
swscanf_s
_wcsicmp
free
_wcsnicmp
wcsncmp
memcpy_s
_vsnwprintf
memset
__CxxFrameHandler3
_CxxThrowException
_errno
_controlfp
fprintf
wcsstr
wcspbrk
_vscwprintf
vswprintf_s
qsort
towupper
bsearch
_XcptFilter
wcschr
iswspace
_wtol
swscanf
_vsnprintf
strncmp
_iob
ntdll
NtOpenFile
RtlInitUnicodeString
RtlNtStatusToDosError
WinSqmAddToStream
WinSqmIncrementDWORD
WinSqmSetDWORD
WinSqmIsOptedIn
ole32
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoCreateInstance
CoRevertToSelf
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoInitializeSecurity
CoImpersonateClient
oleaut32
SysFreeString
SysAllocString
SysStringLen
VarBstrCat
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantClear
VarUI4FromStr
LoadRegTypeLi
LoadTypeLi
tquery
?ciDelete@@YGXPAX@Z
?ciNewNoThrow@@YGPAXI@Z
?ciNew@@YGPAXI@Z
shlwapi
PathIsUNCServerShareW
SHGetValueW
SHSetValueW
PathAddBackslashW
SHCopyKeyW
PathRemoveBackslashW
SHDeleteKeyW
ord154
PathIsDirectoryW
PathStripToRootW
PathCanonicalizeW
PathFindNextComponentW
PathSkipRootW
PathFileExistsW
SHRegGetValueW
SHStrDupW
PathAppendW
PathIsUNCW
PathIsUNCServerW
PathIsRootW
mssrch
??0CSearchServiceObj@@QAE@XZ
?Cleanup@CSearchServiceObj@@SGHXZ
??1CSearchServiceObj@@QAE@XZ
imm32
ImmDisableIME
Sections
.text Size: 291KB - Virtual size: 291KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 100KB - Virtual size: 99KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
SearchIndexer (8).exe.exe windows x86
bcce0d2b7ed723cd121dc97cc8a48b0c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegCloseKey
RegSetValueExW
RegCreateKeyExW
EventWrite
RegOpenKeyExW
RegSetKeyValueW
RegGetValueW
RegEnumKeyExW
RegDeleteValueW
OpenProcessToken
RegQueryValueExW
EventRegister
EventUnregister
EventEnabled
RegQueryInfoKeyW
InitializeAcl
InitializeSecurityDescriptor
CopySid
GetLengthSid
IsValidSid
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
GetTokenInformation
AddAce
GetAce
GetAclInformation
AddAccessAllowedAce
StartServiceCtrlDispatcherW
SetSecurityDescriptorDacl
OpenThreadToken
LookupAccountNameW
SetServiceStatus
RegisterServiceCtrlHandlerExW
SetFileSecurityW
ImpersonateLoggedOnUser
GetSecurityDescriptorLength
MakeSelfRelativeSD
GetSidSubAuthority
RevertToSelf
MakeAbsoluteSD
InitializeSid
GetSidLengthRequired
AddAccessDeniedAce
LookupAccountSidW
CreateWellKnownSid
SetTokenInformation
IsValidAcl
DeregisterEventSource
RegisterEventSourceW
ReportEventW
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegDeleteKeyTransactedW
GetSecurityDescriptorControl
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
RegCreateKeyTransactedW
RegOpenKeyTransactedW
CheckTokenMembership
kernel32
InterlockedCompareExchange
DelayLoadFailureHook
HeapSetInformation
GetCurrentProcessId
SetPriorityClass
SetEnvironmentVariableW
CreateMutexW
Sleep
MultiByteToWideChar
LoadLibraryW
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapFree
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetCurrentProcess
GetNLSVersion
OutputDebugStringW
GetModuleFileNameW
LoadLibraryExW
InterlockedDecrement
InterlockedIncrement
GetSystemDirectoryW
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
WideCharToMultiByte
GetSystemDefaultLCID
CompareStringW
lstrcmpiW
FreeLibrary
lstrlenW
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
GetDriveTypeW
GetVolumeInformationW
SetLastError
GetVolumePathNamesForVolumeNameW
SetErrorMode
GetLastError
CloseHandle
LoadLibraryExA
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetSystemPreferredUILanguages
ResolveLocaleName
LocaleNameToLCID
CreateFileMappingW
ReleaseMutex
MapViewOfFile
CopyFileA
DeleteFileA
FlushViewOfFile
GetLocalTime
CreateFileA
FormatMessageW
UnmapViewOfFile
LCMapStringW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetTimeFormatW
LocalFree
CreateFileW
lstrcmpW
CompareFileTime
RemoveDirectoryW
FindFirstFileW
GetCommandLineW
DeleteFileW
SearchPathW
MoveFileW
CopyFileW
GetFileAttributesW
SetFileAttributesW
GetVersionExA
HeapDestroy
HeapAlloc
HeapReAlloc
HeapSize
InterlockedExchange
lstrlenA
GetEnvironmentVariableW
GetStartupInfoA
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
OutputDebugStringA
VerifyVersionInfoW
VerSetConditionMask
GetVersionExW
ExpandEnvironmentStringsW
CreateThread
WaitForSingleObject
FindClose
FindNextFileW
FindFirstFileExW
CreateDirectoryW
OpenEventW
GetCurrentThread
SetEvent
GetTickCount64
RegNotifyChangeKeyValue
DuplicateHandle
CreateEventW
RegEnumValueW
RegDeleteKeyExW
user32
MsgWaitForMultipleObjects
PeekMessageW
UnregisterClassA
UnregisterDeviceNotification
RegisterDeviceNotificationW
LoadStringW
CharNextW
DispatchMessageW
msvcrt
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
realloc
_exit
_cexit
__getmainargs
calloc
wcsncpy_s
malloc
memmove_s
memcpy
wcsrchr
swscanf_s
_wcsicmp
free
_wcsnicmp
wcsncmp
memcpy_s
_vsnwprintf
memset
__CxxFrameHandler3
_CxxThrowException
_errno
_controlfp
fprintf
wcsstr
wcspbrk
_vscwprintf
vswprintf_s
qsort
towupper
bsearch
_XcptFilter
wcschr
iswspace
_wtol
swscanf
_vsnprintf
strncmp
_iob
ntdll
NtOpenFile
RtlInitUnicodeString
RtlNtStatusToDosError
WinSqmAddToStream
WinSqmIncrementDWORD
WinSqmSetDWORD
WinSqmIsOptedIn
ole32
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoCreateInstance
CoRevertToSelf
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoInitializeSecurity
CoImpersonateClient
oleaut32
SysFreeString
SysAllocString
SysStringLen
VarBstrCat
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantClear
VarUI4FromStr
LoadRegTypeLi
LoadTypeLi
tquery
?ciDelete@@YGXPAX@Z
?ciNewNoThrow@@YGPAXI@Z
?ciNew@@YGPAXI@Z
shlwapi
PathIsUNCServerShareW
SHGetValueW
SHSetValueW
PathAddBackslashW
SHCopyKeyW
PathRemoveBackslashW
SHDeleteKeyW
ord154
PathIsDirectoryW
PathStripToRootW
PathCanonicalizeW
PathFindNextComponentW
PathSkipRootW
PathFileExistsW
SHRegGetValueW
SHStrDupW
PathAppendW
PathIsUNCW
PathIsUNCServerW
PathIsRootW
mssrch
??0CSearchServiceObj@@QAE@XZ
?Cleanup@CSearchServiceObj@@SGHXZ
??1CSearchServiceObj@@QAE@XZ
imm32
ImmDisableIME
Sections
.text Size: 291KB - Virtual size: 291KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 100KB - Virtual size: 99KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
SearchIndexer (9).exe.exe windows x86
bcce0d2b7ed723cd121dc97cc8a48b0c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegCloseKey
RegSetValueExW
RegCreateKeyExW
EventWrite
RegOpenKeyExW
RegSetKeyValueW
RegGetValueW
RegEnumKeyExW
RegDeleteValueW
OpenProcessToken
RegQueryValueExW
EventRegister
EventUnregister
EventEnabled
RegQueryInfoKeyW
InitializeAcl
InitializeSecurityDescriptor
CopySid
GetLengthSid
IsValidSid
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
GetTokenInformation
AddAce
GetAce
GetAclInformation
AddAccessAllowedAce
StartServiceCtrlDispatcherW
SetSecurityDescriptorDacl
OpenThreadToken
LookupAccountNameW
SetServiceStatus
RegisterServiceCtrlHandlerExW
SetFileSecurityW
ImpersonateLoggedOnUser
GetSecurityDescriptorLength
MakeSelfRelativeSD
GetSidSubAuthority
RevertToSelf
MakeAbsoluteSD
InitializeSid
GetSidLengthRequired
AddAccessDeniedAce
LookupAccountSidW
CreateWellKnownSid
SetTokenInformation
IsValidAcl
DeregisterEventSource
RegisterEventSourceW
ReportEventW
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegDeleteKeyTransactedW
GetSecurityDescriptorControl
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
RegCreateKeyTransactedW
RegOpenKeyTransactedW
CheckTokenMembership
kernel32
InterlockedCompareExchange
DelayLoadFailureHook
HeapSetInformation
GetCurrentProcessId
SetPriorityClass
SetEnvironmentVariableW
CreateMutexW
Sleep
MultiByteToWideChar
LoadLibraryW
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapFree
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetCurrentProcess
GetNLSVersion
OutputDebugStringW
GetModuleFileNameW
LoadLibraryExW
InterlockedDecrement
InterlockedIncrement
GetSystemDirectoryW
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
WideCharToMultiByte
GetSystemDefaultLCID
CompareStringW
lstrcmpiW
FreeLibrary
lstrlenW
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
GetDriveTypeW
GetVolumeInformationW
SetLastError
GetVolumePathNamesForVolumeNameW
SetErrorMode
GetLastError
CloseHandle
LoadLibraryExA
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetSystemPreferredUILanguages
ResolveLocaleName
LocaleNameToLCID
CreateFileMappingW
ReleaseMutex
MapViewOfFile
CopyFileA
DeleteFileA
FlushViewOfFile
GetLocalTime
CreateFileA
FormatMessageW
UnmapViewOfFile
LCMapStringW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetTimeFormatW
LocalFree
CreateFileW
lstrcmpW
CompareFileTime
RemoveDirectoryW
FindFirstFileW
GetCommandLineW
DeleteFileW
SearchPathW
MoveFileW
CopyFileW
GetFileAttributesW
SetFileAttributesW
GetVersionExA
HeapDestroy
HeapAlloc
HeapReAlloc
HeapSize
InterlockedExchange
lstrlenA
GetEnvironmentVariableW
GetStartupInfoA
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
OutputDebugStringA
VerifyVersionInfoW
VerSetConditionMask
GetVersionExW
ExpandEnvironmentStringsW
CreateThread
WaitForSingleObject
FindClose
FindNextFileW
FindFirstFileExW
CreateDirectoryW
OpenEventW
GetCurrentThread
SetEvent
GetTickCount64
RegNotifyChangeKeyValue
DuplicateHandle
CreateEventW
RegEnumValueW
RegDeleteKeyExW
user32
MsgWaitForMultipleObjects
PeekMessageW
UnregisterClassA
UnregisterDeviceNotification
RegisterDeviceNotificationW
LoadStringW
CharNextW
DispatchMessageW
msvcrt
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
realloc
_exit
_cexit
__getmainargs
calloc
wcsncpy_s
malloc
memmove_s
memcpy
wcsrchr
swscanf_s
_wcsicmp
free
_wcsnicmp
wcsncmp
memcpy_s
_vsnwprintf
memset
__CxxFrameHandler3
_CxxThrowException
_errno
_controlfp
fprintf
wcsstr
wcspbrk
_vscwprintf
vswprintf_s
qsort
towupper
bsearch
_XcptFilter
wcschr
iswspace
_wtol
swscanf
_vsnprintf
strncmp
_iob
ntdll
NtOpenFile
RtlInitUnicodeString
RtlNtStatusToDosError
WinSqmAddToStream
WinSqmIncrementDWORD
WinSqmSetDWORD
WinSqmIsOptedIn
ole32
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoCreateInstance
CoRevertToSelf
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoInitializeSecurity
CoImpersonateClient
oleaut32
SysFreeString
SysAllocString
SysStringLen
VarBstrCat
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantClear
VarUI4FromStr
LoadRegTypeLi
LoadTypeLi
tquery
?ciDelete@@YGXPAX@Z
?ciNewNoThrow@@YGPAXI@Z
?ciNew@@YGPAXI@Z
shlwapi
PathIsUNCServerShareW
SHGetValueW
SHSetValueW
PathAddBackslashW
SHCopyKeyW
PathRemoveBackslashW
SHDeleteKeyW
ord154
PathIsDirectoryW
PathStripToRootW
PathCanonicalizeW
PathFindNextComponentW
PathSkipRootW
PathFileExistsW
SHRegGetValueW
SHStrDupW
PathAppendW
PathIsUNCW
PathIsUNCServerW
PathIsRootW
mssrch
??0CSearchServiceObj@@QAE@XZ
?Cleanup@CSearchServiceObj@@SGHXZ
??1CSearchServiceObj@@QAE@XZ
imm32
ImmDisableIME
Sections
.text Size: 291KB - Virtual size: 291KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 100KB - Virtual size: 99KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
SearchIndexer.exe.exe windows x86
bcce0d2b7ed723cd121dc97cc8a48b0c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegCloseKey
RegSetValueExW
RegCreateKeyExW
EventWrite
RegOpenKeyExW
RegSetKeyValueW
RegGetValueW
RegEnumKeyExW
RegDeleteValueW
OpenProcessToken
RegQueryValueExW
EventRegister
EventUnregister
EventEnabled
RegQueryInfoKeyW
InitializeAcl
InitializeSecurityDescriptor
CopySid
GetLengthSid
IsValidSid
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
GetTokenInformation
AddAce
GetAce
GetAclInformation
AddAccessAllowedAce
StartServiceCtrlDispatcherW
SetSecurityDescriptorDacl
OpenThreadToken
LookupAccountNameW
SetServiceStatus
RegisterServiceCtrlHandlerExW
SetFileSecurityW
ImpersonateLoggedOnUser
GetSecurityDescriptorLength
MakeSelfRelativeSD
GetSidSubAuthority
RevertToSelf
MakeAbsoluteSD
InitializeSid
GetSidLengthRequired
AddAccessDeniedAce
LookupAccountSidW
CreateWellKnownSid
SetTokenInformation
IsValidAcl
DeregisterEventSource
RegisterEventSourceW
ReportEventW
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegDeleteKeyTransactedW
GetSecurityDescriptorControl
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
RegCreateKeyTransactedW
RegOpenKeyTransactedW
CheckTokenMembership
kernel32
InterlockedCompareExchange
DelayLoadFailureHook
HeapSetInformation
GetCurrentProcessId
SetPriorityClass
SetEnvironmentVariableW
CreateMutexW
Sleep
MultiByteToWideChar
LoadLibraryW
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapFree
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetCurrentProcess
GetNLSVersion
OutputDebugStringW
GetModuleFileNameW
LoadLibraryExW
InterlockedDecrement
InterlockedIncrement
GetSystemDirectoryW
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
WideCharToMultiByte
GetSystemDefaultLCID
CompareStringW
lstrcmpiW
FreeLibrary
lstrlenW
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
GetDriveTypeW
GetVolumeInformationW
SetLastError
GetVolumePathNamesForVolumeNameW
SetErrorMode
GetLastError
CloseHandle
LoadLibraryExA
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetSystemPreferredUILanguages
ResolveLocaleName
LocaleNameToLCID
CreateFileMappingW
ReleaseMutex
MapViewOfFile
CopyFileA
DeleteFileA
FlushViewOfFile
GetLocalTime
CreateFileA
FormatMessageW
UnmapViewOfFile
LCMapStringW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetTimeFormatW
LocalFree
CreateFileW
lstrcmpW
CompareFileTime
RemoveDirectoryW
FindFirstFileW
GetCommandLineW
DeleteFileW
SearchPathW
MoveFileW
CopyFileW
GetFileAttributesW
SetFileAttributesW
GetVersionExA
HeapDestroy
HeapAlloc
HeapReAlloc
HeapSize
InterlockedExchange
lstrlenA
GetEnvironmentVariableW
GetStartupInfoA
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
OutputDebugStringA
VerifyVersionInfoW
VerSetConditionMask
GetVersionExW
ExpandEnvironmentStringsW
CreateThread
WaitForSingleObject
FindClose
FindNextFileW
FindFirstFileExW
CreateDirectoryW
OpenEventW
GetCurrentThread
SetEvent
GetTickCount64
RegNotifyChangeKeyValue
DuplicateHandle
CreateEventW
RegEnumValueW
RegDeleteKeyExW
user32
MsgWaitForMultipleObjects
PeekMessageW
UnregisterClassA
UnregisterDeviceNotification
RegisterDeviceNotificationW
LoadStringW
CharNextW
DispatchMessageW
msvcrt
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
realloc
_exit
_cexit
__getmainargs
calloc
wcsncpy_s
malloc
memmove_s
memcpy
wcsrchr
swscanf_s
_wcsicmp
free
_wcsnicmp
wcsncmp
memcpy_s
_vsnwprintf
memset
__CxxFrameHandler3
_CxxThrowException
_errno
_controlfp
fprintf
wcsstr
wcspbrk
_vscwprintf
vswprintf_s
qsort
towupper
bsearch
_XcptFilter
wcschr
iswspace
_wtol
swscanf
_vsnprintf
strncmp
_iob
ntdll
NtOpenFile
RtlInitUnicodeString
RtlNtStatusToDosError
WinSqmAddToStream
WinSqmIncrementDWORD
WinSqmSetDWORD
WinSqmIsOptedIn
ole32
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoCreateInstance
CoRevertToSelf
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoInitializeSecurity
CoImpersonateClient
oleaut32
SysFreeString
SysAllocString
SysStringLen
VarBstrCat
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantClear
VarUI4FromStr
LoadRegTypeLi
LoadTypeLi
tquery
?ciDelete@@YGXPAX@Z
?ciNewNoThrow@@YGPAXI@Z
?ciNew@@YGPAXI@Z
shlwapi
PathIsUNCServerShareW
SHGetValueW
SHSetValueW
PathAddBackslashW
SHCopyKeyW
PathRemoveBackslashW
SHDeleteKeyW
ord154
PathIsDirectoryW
PathStripToRootW
PathCanonicalizeW
PathFindNextComponentW
PathSkipRootW
PathFileExistsW
SHRegGetValueW
SHStrDupW
PathAppendW
PathIsUNCW
PathIsUNCServerW
PathIsRootW
mssrch
??0CSearchServiceObj@@QAE@XZ
?Cleanup@CSearchServiceObj@@SGHXZ
??1CSearchServiceObj@@QAE@XZ
imm32
ImmDisableIME
Sections
.text Size: 292KB - Virtual size: 291KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 100KB - Virtual size: 99KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ