Extracted

• 97bae3587f1d2fd35f24eb214b9dd6eed95744bed62468d998c7ef55ff8726d4

  .dll windows x86

  9ce2271a6f7871ff20bf8bbb4a4ffe00

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  lstrcpyA

  GlobalGetAtomNameA

  EnumLanguageGroupLocalesW

  FoldStringA

  GetNamedPipeServerSessionId

  FindFirstFileA

  HeapCreate

  ReplaceFileA

  EraseTape

  GlobalCompact

  FindVolumeMountPointClose

  GetLongPathNameW

  GetCurrentProcess

  ScrollConsoleScreenBufferA

  GetModuleHandleExW

  CopyFileTransactedA

  GetShortPathNameW

  OutputDebugStringA

  LCMapStringA

  VirtualAlloc

  GetDriveTypeA

  WaitForMultipleObjects

  CreateConsoleScreenBuffer

  DeleteAtom

  GetDynamicTimeZoneInformation

  GetQueuedCompletionStatus

  GetEnvironmentVariableW

  GetWriteWatch

  InitializeCriticalSectionEx

  GetPrivateProfileSectionW

  GetFirmwareEnvironmentVariableA

  WaitForMultipleObjectsEx

  CreateHardLinkW

  CreateMutexA

  WaitForSingleObject

  ReleaseMutex

  CreateActCtxA

  GlobalDeleteAtom

  GlobalGetAtomNameW

  lstrcatA

  GetACP

  PrepareTape

  OpenProcess

  GetVersion

  FindActCtxSectionStringA

  MultiByteToWideChar

  CancelSynchronousIo

  GetLastError

  OutputDebugStringW

  CreateFileA

  FileTimeToSystemTime

  DisableThreadLibraryCalls

  GetCurrentThread

  GetMailslotInfo

  AcquireSRWLockExclusive

  lstrcatW

  WaitForSingleObjectEx

  LockResource

  DeleteFileA

  GetNativeSystemInfo

  WritePrivateProfileStringA

  GlobalAlloc

  WriteConsoleInputW

  AddSIDToBoundaryDescriptor

  FindAtomA

  GetProcAddress

  GetStartupInfoA

  FindAtomW

  VerSetConditionMask

  GetVolumePathNamesForVolumeNameW

  GetEnvironmentStrings

  GetThreadTimes

  CreateProcessA

  EnumSystemGeoID

  TerminateJobObject

  GetComputerNameExA

  GetDiskFreeSpaceExA

  CreateWaitableTimerExW

  GetPrivateProfileStringA

  GetConsoleOriginalTitleA

  GetConsoleAliasExesLengthA

  VirtualQuery

  IsWow64Process

  IsDebuggerPresent

  CreateThreadpoolWork

  WriteFile

  GetModuleHandleA

  GetVersionExA

  GetSystemInfo

  GetModuleHandleW

  VerifyVersionInfoW

  VirtualFree

  Process32First

  Process32Next

  GlobalFree

  LocalFree

  Wow64DisableWow64FsRedirection

  Wow64RevertWow64FsRedirection

  CreateProcessW

  RaiseException

  TerminateProcess

  InitializeSListHead

  DecodePointer

  EncodePointer

  WriteConsoleW

  SetFilePointerEx

  HeapReAlloc

  HeapSize

  SetStdHandle

  GetConsoleMode

  GetConsoleCP

  FlushFileBuffers

  GetStringTypeW

  GetProcessHeap

  GetSystemTimeAsFileTime

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetCommandLineW

  GetCommandLineA

  lstrlenA

  lstrcpyW

  ExitProcess

  GetFileSize

  CloseHandle

  LoadLibraryA

  Sleep

  GetSystemWow64DirectoryW

  CreateToolhelp32Snapshot

  GetSystemDirectoryW

  CreateFileW

  FindClose

  FindFirstFileW

  CreateThread

  ReadFile

  GetCPInfo

  GetOEMCP

  IsValidCodePage

  FindNextFileA

  FindFirstFileExA

  DeleteFileW

  GetFileType

  GetStdHandle

  GetCurrentThreadId

  GetCurrentProcessId

  QueryPerformanceCounter

  GetStartupInfoW

  SetUnhandledExceptionFilter

  LCMapStringW

  HeapAlloc

  HeapFree

  WideCharToMultiByte

  GetModuleFileNameA

  LoadLibraryExW

  FreeLibrary

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  InitializeCriticalSectionAndSpinCount

  DeleteCriticalSection

  LeaveCriticalSection

  EnterCriticalSection

  SetLastError

  RtlUnwind

  InterlockedFlushSList

  UnhandledExceptionFilter

  IsProcessorFeaturePresent

  user32

  CloseClipboard

  GetActiveWindow

  wsprintfA

  GetKBCodePage

  CharUpperA

  GetSystemMetrics

  GetDC

  MessageBoxA

  GrayStringA

  SendMessageA

  CallMsgFilterA

  GetMenuStringA

  GetParent

  DeferWindowPos

  ReleaseDC

  wsprintfW

  DefDlgProcA

  UpdateWindow

  PtInRect

  FindWindowA

  gdi32

  SelectObject

  CreateCompatibleDC

  StretchBlt

  GetDIBits

  SetStretchBltMode

  DeleteObject

  GetObjectA

  FrameRgn

  CreateBrushIndirect

  GetStockObject

  GetPixel

  DeleteDC

  PlayMetaFile

  DeleteMetaFile

  CreateCompatibleBitmap

  advapi32

  GetUserNameW

  RegGetValueW

  shell32

  ShellExecuteW

  ShellExecuteA

  SHGetSpecialFolderPathA

  SHGetSpecialFolderPathW

  ole32

  CoCreateInstance

  CoInitializeSecurity

  CoInitializeEx

  CoCreateGuid

  CoUninitialize

  CoInitialize

  oleaut32

  VariantInit

  SysFreeString

  VariantClear

  SysAllocString

  shlwapi

  StrChrA

  StrStrA

  ws2_32

  htons

  recv

  connect

  socket

  send

  WSAStartup

  gethostbyname

  closesocket

  WSACleanup

  gdiplus

  GdipSaveImageToFile

  GdipFree

  GdipDisposeImage

  GdipAlloc

  GdipCloneImage

  GdipLoadImageFromFile

  GdiplusStartup

  GdipGetImageEncodersSize

  GdipGetImageEncoders

  netapi32

  NetApiBufferFree

  NetWkstaGetInfo

  Exports

  Exports

  ChkdskExs

  Sections

  .text

  Size: 260KB - Virtual size: 259KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 35KB - Virtual size: 34KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 3KB - Virtual size: 13KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .gfids

  Size: 512B - Virtual size: 288B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 54KB - Virtual size: 53KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 20KB - Virtual size: 20KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ