Extracted

• ca83600a11facab43dc1192329398a35.dll

  .dll windows x86

  c0d46b7ff0e53996feb53e4ba78f033e

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  CloseHandle

  GetSystemInfo

  LoadLibraryW

  HeapAlloc

  HeapCompact

  HeapDestroy

  UnlockFile

  GetProcAddress

  LocalFree

  LockFileEx

  GetFileSize

  GetCurrentProcessId

  GetProcessHeap

  SystemTimeToFileTime

  FreeLibrary

  WideCharToMultiByte

  GetSystemTimeAsFileTime

  GetSystemTime

  FormatMessageA

  CreateFileMappingW

  MapViewOfFile

  QueryPerformanceCounter

  HeapSize

  GetPrivateProfileStringA

  K32GetModuleFileNameExA

  TerminateProcess

  OpenProcess

  Process32First

  FindFirstFileA

  DeviceIoControl

  FindNextFileA

  GetVolumeInformationA

  GetModuleHandleA

  CreateToolhelp32Snapshot

  GlobalSize

  GlobalAlloc

  HeapReAlloc

  GetNativeSystemInfo

  GlobalLock

  GlobalMemoryStatusEx

  GlobalUnlock

  VirtualProtect

  K32GetModuleInformation

  CreateThread

  HeapValidate

  UnmapViewOfFile

  GetCurrentThreadId

  GetFileAttributesW

  CreateFileW

  WaitForSingleObject

  CreateMutexW

  GetTempPathW

  UnlockFileEx

  DeleteFileW

  DeleteFileA

  WaitForSingleObjectEx

  CreateFileA

  FlushViewOfFile

  OutputDebugStringW

  GetFileAttributesExW

  GetFileAttributesA

  GetDiskFreeSpaceA

  FormatMessageW

  SetEndOfFile

  GetFullPathNameA

  SetFilePointer

  InitializeCriticalSection

  LeaveCriticalSection

  LockFile

  OutputDebugStringA

  GetDiskFreeSpaceW

  WriteFile

  GetFullPathNameW

  EnterCriticalSection

  HeapFree

  HeapCreate

  TryEnterCriticalSection

  ReadFile

  AreFileApisANSI

  LoadLibraryA

  GetTickCount

  Sleep

  GetTempPathA

  Process32Next

  MultiByteToWideChar

  lstrcmpiW

  DeleteCriticalSection

  DecodePointer

  RaiseException

  GetLastError

  FlushFileBuffers

  WriteConsoleW

  SetEnvironmentVariableW

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetCommandLineW

  InitializeSRWLock

  ReleaseSRWLockExclusive

  AcquireSRWLockExclusive

  GetCurrentDirectoryW

  CreateDirectoryW

  FindClose

  FindFirstFileExW

  FindNextFileW

  GetFileInformationByHandle

  SetFileInformationByHandle

  SetFilePointerEx

  CopyFileW

  MoveFileExW

  GetFileInformationByHandleEx

  GetExitCodeThread

  QueryPerformanceFrequency

  GetStringTypeW

  LCMapStringEx

  EncodePointer

  GetModuleHandleW

  CompareStringEx

  GetCPInfo

  IsDebuggerPresent

  SetLastError

  SleepEx

  GetSystemDirectoryW

  GetEnvironmentVariableA

  GetStdHandle

  GetFileType

  PeekNamedPipe

  WaitForMultipleObjects

  VerSetConditionMask

  VerifyVersionInfoW

  GetFileSizeEx

  InitializeCriticalSectionAndSpinCount

  SetEvent

  ResetEvent

  CreateEventW

  InitializeSListHead

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  GetCurrentProcess

  IsProcessorFeaturePresent

  GetStartupInfoW

  InterlockedPushEntrySList

  InterlockedFlushSList

  RtlUnwind

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  LoadLibraryExW

  ExitThread

  FreeLibraryAndExitThread

  GetModuleHandleExW

  GetDriveTypeW

  SystemTimeToTzSpecificLocalTime

  FileTimeToSystemTime

  ExitProcess

  GetModuleFileNameW

  GetConsoleMode

  ReadConsoleW

  GetConsoleOutputCP

  GetDateFormatW

  GetTimeFormatW

  CompareStringW

  LCMapStringW

  GetLocaleInfoW

  IsValidLocale

  GetUserDefaultLCID

  EnumSystemLocalesW

  GetTimeZoneInformation

  SetStdHandle

  IsValidCodePage

  GetACP

  GetOEMCP

  GetCommandLineA

  InitializeCriticalSectionEx

  user32

  ReleaseDC

  GetDC

  EnumDisplayDevicesA

  GetSystemMetrics

  GetDesktopWindow

  gdi32

  StretchBlt

  SetStretchBltMode

  CreateCompatibleBitmap

  SelectObject

  CreateCompatibleDC

  GetCurrentObject

  GetDIBits

  DeleteDC

  GetObjectW

  advapi32

  CryptAcquireContextA

  CryptReleaseContext

  CryptGenRandom

  CryptAcquireContextW

  CryptGetHashParam

  CryptCreateHash

  RegQueryValueExA

  CryptHashData

  CryptDestroyHash

  CryptDestroyKey

  CryptImportKey

  CryptEncrypt

  RegOpenKeyExA

  GetUserNameA

  RegGetValueA

  RegCloseKey

  shell32

  ShellExecuteA

  ole32

  GetHGlobalFromStream

  CoUninitialize

  CoCreateInstance

  CreateStreamOnHGlobal

  CoInitializeEx

  CoSetProxyBlanket

  CoInitializeSecurity

  CLSIDFromString

  crypt32

  CertFreeCertificateContext

  CertFindCertificateInStore

  CertEnumCertificatesInStore

  CertCloseStore

  CryptUnprotectData

  CertOpenStore

  CryptStringToBinaryW

  PFXImportCertStore

  CryptDecodeObjectEx

  CertAddCertificateContextToStore

  CertFindExtension

  CertGetNameStringW

  CryptQueryObject

  CertCreateCertificateChainEngine

  CertFreeCertificateChainEngine

  CertGetCertificateChain

  CertFreeCertificateChain

  iphlpapi

  GetAdaptersInfo

  gdiplus

  GdiplusStartup

  GdiplusShutdown

  GdipCreateBitmapFromHBITMAP

  GdipDisposeImage

  GdipSaveImageToStream

  urlmon

  URLDownloadToFileA

  ws2_32

  getsockopt

  htons

  getpeername

  setsockopt

  socket

  WSASetLastError

  WSAIoctl

  WSAStartup

  WSACleanup

  __WSAFDIsSet

  select

  accept

  htonl

  listen

  getaddrinfo

  freeaddrinfo

  recvfrom

  sendto

  ioctlsocket

  gethostname

  connect

  bind

  recv

  WSAGetLastError

  closesocket

  WSAWaitForMultipleEvents

  WSAResetEvent

  WSAEventSelect

  WSAEnumNetworkEvents

  WSACreateEvent

  WSACloseEvent

  send

  getsockname

  ntohs

  wldap32

  ord167

  ord301

  ord147

  ord133

  ord127

  ord27

  ord26

  ord117

  ord41

  ord208

  ord73

  ord216

  ord14

  ord46

  ord219

  ord145

  ord79

  ord142

  Sections

  .text

  Size: 2.3MB - Virtual size: 2.3MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 316KB - Virtual size: 315KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 27KB - Virtual size: 38KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 512B - Virtual size: 480B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 87KB - Virtual size: 87KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ