Ford Racing 2 (PC)[.]7z

Sharing

Copy URL

Twitter E-mail

General

Target

Ford Racing 2 (PC).7z
Size

254.6MB
MD5

20b2d75fa8e48948de8b0eeb1870bdf0
SHA1

81a5972197c8d3e905c50129c523ff075c9a9407
SHA256

76913bca76600e689889840667b653b648e26d141c4ebf4cc3f799a05431b2bb
SHA512

3eca74441b75ac172869d208536645345cbe192595abf6d573ce90b86e0c8d8fa16bc272862daf599baf46c3c1b64965ee3dcb6febce8ea7a364787f9e269caf
SSDEEP

6291456:srPxTdfJA3p3YXJ2HUv2oVqfAJ9UMbwt6Xq9Pa+uavc:sr3xA3c2HK2GnJ9fUtawa+9c

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/Windows Media Source Filter/DSFMgr.exe	upx

Files

Ford Racing 2 (PC).7z
.7z
Covers/Disco.jpg
.jpg
Covers/FordRacing2Cover.jpg
FordRacing2.iso
.iso
Acrobat/AdbeRdr60_deu_full.exe
.exe windows x86

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12-05-1997 00:00

Not After

07-01-2004 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

4a:29:3e:9d:1d:8c:40:7f:17:49:ff:7d:61:5f:8e:75
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

12-12-2001 00:00

Not After

06-01-2004 23:59

Subject

CN=VeriSign Class 3 Code Signing 2001-4 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28-02-2001 00:00

Not After

06-01-2004 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

74:e2:72:f8:cf:91:e4:02:60:59:ee:44:a8:f6:38:45
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2001-4 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Not Before

09-10-2002 00:00

Not After

31-10-2003 23:59

Subject

CN=Adobe Systems\, Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Acrobat Engineering,O=Adobe Systems\, Incorporated,L=San Jose,ST=CA,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

NOS0
Size: - Virtual size: 208KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

NOS1
Size: 149KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Acrobat/AdbeRdr60_enu_full.exe
.exe windows x86

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12-05-1997 00:00

Not After

07-01-2004 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

4a:29:3e:9d:1d:8c:40:7f:17:49:ff:7d:61:5f:8e:75
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

12-12-2001 00:00

Not After

06-01-2004 23:59

Subject

CN=VeriSign Class 3 Code Signing 2001-4 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28-02-2001 00:00

Not After

06-01-2004 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

74:e2:72:f8:cf:91:e4:02:60:59:ee:44:a8:f6:38:45
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2001-4 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Not Before

09-10-2002 00:00

Not After

31-10-2003 23:59

Subject

CN=Adobe Systems\, Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Acrobat Engineering,O=Adobe Systems\, Incorporated,L=San Jose,ST=CA,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

NOS0
Size: - Virtual size: 208KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

NOS1
Size: 149KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Acrobat/AdbeRdr60_esp.exe
.exe windows x86

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12-05-1997 00:00

Not After

07-01-2004 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

4a:29:3e:9d:1d:8c:40:7f:17:49:ff:7d:61:5f:8e:75
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

12-12-2001 00:00

Not After

06-01-2004 23:59

Subject

CN=VeriSign Class 3 Code Signing 2001-4 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28-02-2001 00:00

Not After

06-01-2004 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

74:e2:72:f8:cf:91:e4:02:60:59:ee:44:a8:f6:38:45
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2001-4 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Not Before

09-10-2002 00:00

Not After

31-10-2003 23:59

Subject

CN=Adobe Systems\, Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Acrobat Engineering,O=Adobe Systems\, Incorporated,L=San Jose,ST=CA,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

NOS0
Size: - Virtual size: 208KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

NOS1
Size: 149KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Acrobat/AdbeRdr60_fra.exe
.exe windows x86

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12-05-1997 00:00

Not After

07-01-2004 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

4a:29:3e:9d:1d:8c:40:7f:17:49:ff:7d:61:5f:8e:75
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

12-12-2001 00:00

Not After

06-01-2004 23:59

Subject

CN=VeriSign Class 3 Code Signing 2001-4 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28-02-2001 00:00

Not After

06-01-2004 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

74:e2:72:f8:cf:91:e4:02:60:59:ee:44:a8:f6:38:45
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2001-4 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Not Before

09-10-2002 00:00

Not After

31-10-2003 23:59

Subject

CN=Adobe Systems\, Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Acrobat Engineering,O=Adobe Systems\, Incorporated,L=San Jose,ST=CA,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

NOS0
Size: - Virtual size: 208KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

NOS1
Size: 149KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Acrobat/AdbeRdr60_ita.exe
.exe windows x86

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12-05-1997 00:00

Not After

07-01-2004 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

4a:29:3e:9d:1d:8c:40:7f:17:49:ff:7d:61:5f:8e:75
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

12-12-2001 00:00

Not After

06-01-2004 23:59

Subject

CN=VeriSign Class 3 Code Signing 2001-4 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28-02-2001 00:00

Not After

06-01-2004 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

74:e2:72:f8:cf:91:e4:02:60:59:ee:44:a8:f6:38:45
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2001-4 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Not Before

09-10-2002 00:00

Not After

31-10-2003 23:59

Subject

CN=Adobe Systems\, Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Acrobat Engineering,O=Adobe Systems\, Incorporated,L=San Jose,ST=CA,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

NOS0
Size: - Virtual size: 208KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

NOS1
Size: 149KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Acrobat/AdbeRdr60_ptb_full.exe
.exe windows x86

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12-05-1997 00:00

Not After

07-01-2004 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

6d:a2:7a:e9:29:2e:b6:dd:c0:a8:00:1d:47:6e:3b:69
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

03-12-2001 00:00

Not After

02-12-2011 23:59

Subject

CN=VeriSign Class 3 Code Signing 2001 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28-02-2001 00:00

Not After

06-01-2004 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

1a:45:42:d3:8a:e6:ae:cc:1d:e4:1a:b6:97:18:c7:c3
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2001 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Not Before

10-10-2003 00:00

Not After

31-10-2004 23:59

Subject

CN=Adobe Systems\, Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Acrobat Engineering,O=Adobe Systems\, Incorporated,L=San Jose,ST=CA,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

NOS0
Size: - Virtual size: 208KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

NOS1
Size: 149KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Bin/Fr2.dbd
Bin/demo32.exe
.exe windows x86

e7c121416c27adf2ce9233e4929b3ca0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
LocalAlloc
InterlockedExchange
RaiseException
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
SystemTimeToFileTime
QueryPerformanceCounter
ResetEvent
SetEvent
WaitForSingleObject
SearchPathA
VirtualProtect
VirtualQuery
SetEnvironmentVariableA
CompareStringW
FlushFileBuffers
SetStdHandle
LCMapStringW
LCMapStringA
IsBadCodePtr
GetEnvironmentVariableA
SetUnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadWritePtr
VirtualAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
HeapSize
HeapReAlloc
VirtualFree
TlsGetValue
TlsAlloc
TlsSetValue
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
GetSystemTime
GetTimeZoneInformation
RtlUnwind
ExitProcess
GetCommandLineA
GetStartupInfoA
CreateThread
GetDriveTypeA
SetCurrentDirectoryA
GetCurrentDirectoryA
CreateEventA
QueryPerformanceFrequency
DeleteFileA
CopyFileA
SetFilePointer
SetEndOfFile
CompareStringA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetFileAttributesA
GetModuleFileNameA
lstrcmpA
IsDBCSLeadByte
InterlockedDecrement
InterlockedIncrement
CreateProcessA
Sleep
WriteFile
SetLastError
FindResourceExA
WideCharToMultiByte
VerLanguageNameA
MultiByteToWideChar
WritePrivateProfileStringA
CreateDirectoryA
GetModuleHandleA
GetProcAddress
GetCurrentProcess
CreateFileA
GetLocalTime
GetVersion
GetVersionExA
GetSystemInfo
FindFirstFileA
GetSystemDirectoryA
FindClose
GetLastError
lstrcmpiA
GetTickCount
GetUserDefaultLCID
SizeofResource
GlobalSize
lstrcpynA
GetWindowsDirectoryA
lstrcatA
GetPrivateProfileStringA
lstrcpyA
lstrlenA
FindResourceA
LoadResource
LockResource
FreeResource
GetFileSize
GlobalAlloc
CloseHandle
GlobalLock
ReadFile
GlobalUnlock
GlobalFree
LoadLibraryA
SetErrorMode
IsBadReadPtr
FreeLibrary

user32

VkKeyScanA
MapVirtualKeyA
MessageBeep
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
SystemParametersInfoA
CharNextA
ClientToScreen
GetCursorPos
SetCursorPos
InvalidateRect
DrawFocusRect
EnumChildWindows
IsIconic
IsWindowVisible
ShowWindow
GetScrollPos
SetCaretPos
CharUpperBuffA
CharLowerBuffA
CreateCaret
SetCaretBlinkTime
ShowCaret
DestroyCaret
DispatchMessageA
TranslateMessage
IsCharAlphaNumericA
IsCharAlphaA
DrawFrameControl
DrawTextA
InflateRect
SetParent
GetClassInfoExA
GetMessageA
DestroyWindow
IsWindow
ValidateRect
WindowFromPoint
SetScrollRange
GetScrollRange
SetScrollPos
GetForegroundWindow
GetWindow
SetRectEmpty
TrackPopupMenu
UnregisterClassA
GetSystemMenu
ShowScrollBar
RegisterClassExA
WaitForInputIdle
UpdateWindow
GetMessagePos
GetMessageTime
GetDesktopWindow
ScreenToClient
LoadCursorFromFileA
SetClassLongA
DestroyCursor
SetCapture
LoadCursorA
SetCursor
ReleaseCapture
LoadStringA
LoadIconA
SetWindowTextA
SendDlgItemMessageA
GetParent
PtInRect
UnionRect
CopyRect
IntersectRect
EqualRect
SubtractRect
IsRectEmpty
SetFocus
GetKeyState
DialogBoxIndirectParamA
PeekMessageA
GetWindowLongA
GetClassInfoA
SetWindowLongA
CharUpperA
RegisterWindowMessageA
EndDialog
LoadBitmapA
SetTimer
FillRect
KillTimer
DialogBoxParamA
GetSysColor
GetClientRect
GetWindowRect
SetDlgItemTextA
GetSystemMetrics
MoveWindow
GetDlgItem
SetWindowPos
BeginPaint
EndPaint
PostMessageA
wsprintfA
MessageBoxA
PostQuitMessage
DefWindowProcA
CreateDialogParamA
GetDC
ReleaseDC
FindWindowA
SendMessageA
RegisterClassA
CreateWindowExA
MsgWaitForMultipleObjects
CharLowerA
EnableWindow
GetDlgItemTextA
SetForegroundWindow
GetFocus
IsDlgButtonChecked
CheckRadioButton
GetWindowTextA
DestroyMenu
CreatePopupMenu
AppendMenuA
SetRect

gdi32

SelectClipRgn
RestoreDC
AddFontResourceA
RemoveFontResourceA
GetObjectA
GetStockObject
SetBkMode
SetTextColor
CreateSolidBrush
CreateCompatibleDC
UnrealizeObject
SelectObject
BitBlt
DeleteDC
DeleteObject
GetSystemPaletteEntries
CreatePalette
GetDeviceCaps
SelectPalette
RealizePalette
CreateDIBitmap
DeleteEnhMetaFile
SetEnhMetaFileBits
CombineRgn
CreatePen
LineTo
MoveToEx
SetPixel
GetPixel
ExtTextOutA
SetTextAlign
TextOutA
SetTextCharacterExtra
Arc
Ellipse
CreateEllipticRgn
CreateRoundRectRgn
CreatePolygonRgn
RoundRect
Polygon
Polyline
StretchDIBits
GetTextMetricsA
GetTextExtentPoint32A
EnumFontsA
EnumFontFamiliesExA
CreateFontIndirectA
CreateRectRgnIndirect
CreateRectRgn
SaveDC
Rectangle
SetBkColor
SetWinMetaFileBits
PlayEnhMetaFile
StretchBlt
CreateBitmap
CreateCompatibleBitmap
CreateHatchBrush
CreatePatternBrush
CreateEllipticRgnIndirect
PatBlt
CreateDCA
SetStretchBltMode

comdlg32

GetOpenFileNameA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegCloseKey
RegOpenKeyA
RegCreateKeyExA

ole32

CoUninitialize
CoInitialize
CoCreateInstance

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

winmm

timeGetTime
timeKillEvent
timeSetEvent
timeBeginPeriod
timeGetDevCaps
mciSendCommandA

oleaut32

SysAllocStringLen
SysFreeString

shell32

ShellExecuteA

Exports

Exports

AppEnumWindows
CaptureHookProc
DemoClosingDialog
DemoMenuDialog
DemoSplashDialog
EnumFontExProc
EventProcDll
JournalPlayHookProc
JournalRecordHookProc
KeyboardHookProc
LaunchAppProc
MouseHookProc
PlayerAbout
ServerWndProc
WinSupBackWndProc
WinSupWndProc

Sections

.text
Size: 368KB - Virtual size: 366KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Bin/demo32.exe.manifest
.xml
Bin/xplosivmovie2.mpg
Bin/xplosivmovie2.mpg.exe
.exe windows x86

773ae9f16ecbec14241e08e5d2367230

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
_CIcos
_adj_fptan
__vbaVarMove
__vbaVarVargNofree
__vbaFreeVar
__vbaStrVarMove
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
_adj_fprem1
ord518
__vbaStrCat
__vbaVarCmpNe
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaVarForInit
ord593
ord594
__vbaOnError
_adj_fdiv_m16i
_adj_fdivr_m16i
__vbaBoolVarNull
_CIsin
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
__vbaVarTstEq
__vbaRedimPreserve
_adj_fpatan
EVENT_SINK_Release
ord600
_CIsqrt
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaPrintFile
_adj_fprem
_adj_fdivr_m64
ord608
ord531
__vbaFPException
ord532
__vbaStrVarVal
__vbaVarCat
ord535
ord645
_CIlog
__vbaErrorOverflow
ord647
__vbaFileOpen
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
ord576
_adj_fdivr_m32
_adj_fdiv_r
ord578
ord100
__vbaVarTstNe
ord579
__vbaI4Var
ord689
__vbaVarAdd
__vbaVarDup
__vbaVarMod
__vbaVarCopy
__vbaR8IntI2
_CIatan
__vbaStrMove
_allmul
_CItan
__vbaFPInt
__vbaVarForNext
_CIexp
__vbaFreeStr
__vbaFreeObj
ord580

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
autorun.exe
.exe windows x86

569b0088f2a86b7dcb86ade4dd2b8715

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

advapi32

RegCloseKey
RegDeleteValueA
RegOpenKeyA
RegQueryValueExA

user32

CharUpperA
FindWindowA
MessageBoxA
SetForegroundWindow

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateMutexA
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
ExitThread
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
GetCurrentThread
GetEnvironmentStrings
GetFileType
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStdHandle
GetUserDefaultLangID
GetVersionExA
GetVersion
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
OpenMutexA
OutputDebugStringA
SetConsoleCtrlHandler
SetCurrentDirectoryA
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEvent
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile

Sections

AUTO
Size: 28KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 7KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
autorun.inf
directx81/BDA.cab
.cab
directx81/BDANT.cab
.cab
directx81/DSETUP.dll
.dll windows x86

d4a6ad81669c70ab6cd1669f58cfcb28

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
GetCurrentDirectoryA
lstrlenA
GetModuleFileNameA
LocalFree
LocalAlloc
lstrcmpiA
GetDiskFreeSpaceA
GetWindowsDirectoryA
MultiByteToWideChar
lstrcmpA
WideCharToMultiByte
GetSystemDefaultLCID
IsBadStringPtrA
IsBadReadPtr
IsBadStringPtrW
lstrlenW
GetCurrentThreadId
TlsSetValue
GetCommandLineA
HeapFree
HeapAlloc
ExitProcess
GetModuleHandleA
TlsFree
SetLastError
TlsGetValue
TlsAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
SetCurrentDirectoryA
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
LCMapStringA
LCMapStringW
VirtualProtect
GetSystemInfo
VirtualQuery
RtlUnwind
GetVersionExA
lstrcpyA
lstrcatA
LoadLibraryA
GetProcAddress
OutputDebugStringA
CreateMutexA
GetLastError
CloseHandle
FreeEnvironmentStringsW
FreeLibrary

user32

wsprintfW
wsprintfA
GetKeyboardType
DestroyWindow
SetFocus
CreateDialogParamA
SetDlgItemTextA
MessageBoxA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA

advapi32

RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegCreateKeyExA
RegSetValueExW
RegCreateKeyExW
RegQueryValueExA

winmm

mmioRead
mmioDescend
mmioOpenA
mmioClose

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

ole32

StringFromGUID2

Exports

Exports

DirectXDeviceDriverSetupA
DirectXDeviceDriverSetupW
DirectXLoadString
DirectXRegisterApplicationA
DirectXRegisterApplicationW
DirectXSetupA
DirectXSetupCallback
DirectXSetupGetFileVersion
DirectXSetupGetVersion
DirectXSetupIsEng
DirectXSetupIsJapan
DirectXSetupIsJapanNec
DirectXSetupSetCallback
DirectXSetupShowEULA
DirectXSetupW
DirectXUnRegisterApplication

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
directx81/DirectX.cab
.cab
directx81/cfgmgr32.dll
.dll windows x86

17fb831fc2ad10b3d998240020a55343

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
HeapAlloc
GetProcessHeap
RtlUnwind
lstrcpyA
CloseHandle
lstrcatA
HeapFree
CreateFileA
DeviceIoControl
CreateThread
GetExitCodeThread
MultiByteToWideChar
WideCharToMultiByte

user32

CharUpperA
PeekMessageA
MsgWaitForMultipleObjects

advapi32

RegSetValueExA
RegQueryInfoKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegEnumKeyA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

CM_Add_Empty_Log_Conf
CM_Add_Empty_Log_Conf_Ex
CM_Add_IDA
CM_Add_IDW
CM_Add_ID_ExA
CM_Add_ID_ExW
CM_Add_Range
CM_Add_Res_Des
CM_Add_Res_Des_Ex
CM_Connect_MachineA
CM_Connect_MachineW
CM_Create_DevNodeA
CM_Create_DevNodeW
CM_Create_DevNode_ExA
CM_Create_DevNode_ExW
CM_Create_Range_List
CM_Delete_Class_Key
CM_Delete_Class_Key_Ex
CM_Delete_DevNode_Key
CM_Delete_DevNode_Key_Ex
CM_Delete_Range
CM_Detect_Resource_Conflict
CM_Detect_Resource_Conflict_Ex
CM_Disable_DevNode
CM_Disable_DevNode_Ex
CM_Disconnect_Machine
CM_Dup_Range_List
CM_Enable_DevNode
CM_Enable_DevNode_Ex
CM_Enumerate_Classes
CM_Enumerate_Classes_Ex
CM_Enumerate_EnumeratorsA
CM_Enumerate_EnumeratorsW
CM_Enumerate_Enumerators_ExA
CM_Enumerate_Enumerators_ExW
CM_Find_Range
CM_First_Range
CM_Free_Log_Conf
CM_Free_Log_Conf_Ex
CM_Free_Log_Conf_Handle
CM_Free_Range_List
CM_Free_Res_Des
CM_Free_Res_Des_Ex
CM_Free_Res_Des_Handle
CM_Get_Child
CM_Get_Child_Ex
CM_Get_Class_Key_NameA
CM_Get_Class_Key_NameW
CM_Get_Class_Key_Name_ExA
CM_Get_Class_Key_Name_ExW
CM_Get_Class_NameA
CM_Get_Class_NameW
CM_Get_Class_Name_ExA
CM_Get_Class_Name_ExW
CM_Get_Depth
CM_Get_Depth_Ex
CM_Get_DevNode_Registry_PropertyA
CM_Get_DevNode_Registry_PropertyW
CM_Get_DevNode_Registry_Property_ExA
CM_Get_DevNode_Registry_Property_ExW
CM_Get_DevNode_Status
CM_Get_DevNode_Status_Ex
CM_Get_Device_IDA
CM_Get_Device_IDW
CM_Get_Device_ID_ExA
CM_Get_Device_ID_ExW
CM_Get_Device_ID_ListA
CM_Get_Device_ID_ListW
CM_Get_Device_ID_List_ExA
CM_Get_Device_ID_List_ExW
CM_Get_Device_ID_List_SizeA
CM_Get_Device_ID_List_SizeW
CM_Get_Device_ID_List_Size_ExA
CM_Get_Device_ID_List_Size_ExW
CM_Get_Device_ID_Size
CM_Get_Device_ID_Size_Ex
CM_Get_Device_Interface_AliasA
CM_Get_Device_Interface_AliasW
CM_Get_Device_Interface_Alias_ExA
CM_Get_Device_Interface_Alias_ExW
CM_Get_Device_Interface_ListA
CM_Get_Device_Interface_ListW
CM_Get_Device_Interface_List_ExA
CM_Get_Device_Interface_List_ExW
CM_Get_Device_Interface_List_SizeA
CM_Get_Device_Interface_List_SizeW
CM_Get_Device_Interface_List_Size_ExA
CM_Get_Device_Interface_List_Size_ExW
CM_Get_First_Log_Conf
CM_Get_First_Log_Conf_Ex
CM_Get_Global_State
CM_Get_Global_State_Ex
CM_Get_HW_Prof_FlagsA
CM_Get_HW_Prof_FlagsW
CM_Get_HW_Prof_Flags_ExA
CM_Get_HW_Prof_Flags_ExW
CM_Get_Hardware_Profile_InfoA
CM_Get_Hardware_Profile_InfoW
CM_Get_Hardware_Profile_Info_ExA
CM_Get_Hardware_Profile_Info_ExW
CM_Get_Next_Log_Conf
CM_Get_Next_Log_Conf_Ex
CM_Get_Next_Res_Des
CM_Get_Next_Res_Des_Ex
CM_Get_Parent
CM_Get_Parent_Ex
CM_Get_Res_Des_Data
CM_Get_Res_Des_Data_Ex
CM_Get_Res_Des_Data_Size
CM_Get_Res_Des_Data_Size_Ex
CM_Get_Sibling
CM_Get_Sibling_Ex
CM_Get_Version
CM_Get_Version_Ex
CM_Intersect_Range_List
CM_Invert_Range_List
CM_Locate_DevNodeA
CM_Locate_DevNodeW
CM_Locate_DevNode_ExA
CM_Locate_DevNode_ExW
CM_Merge_Range_List
CM_Modify_Res_Des
CM_Modify_Res_Des_Ex
CM_Move_DevNode
CM_Move_DevNode_Ex
CM_Next_Range
CM_Open_Class_KeyA
CM_Open_Class_KeyW
CM_Open_Class_Key_ExA
CM_Open_Class_Key_ExW
CM_Open_DevNode_Key
CM_Open_DevNode_Key_Ex
CM_Query_Arbitrator_Free_Data
CM_Query_Arbitrator_Free_Data_Ex
CM_Query_Arbitrator_Free_Size
CM_Query_Arbitrator_Free_Size_Ex
CM_Query_Remove_SubTree
CM_Query_Remove_SubTree_Ex
CM_Reenumerate_DevNode
CM_Reenumerate_DevNode_Ex
CM_Register_Device_Driver
CM_Register_Device_Driver_Ex
CM_Register_Device_InterfaceA
CM_Register_Device_InterfaceW
CM_Register_Device_Interface_ExA
CM_Register_Device_Interface_ExW
CM_Remove_SubTree
CM_Remove_SubTree_Ex
CM_Remove_Unmarked_Children
CM_Remove_Unmarked_Children_Ex
CM_Reset_Children_Marks
CM_Reset_Children_Marks_Ex
CM_Run_Detection
CM_Run_Detection_Ex
CM_Set_DevNode_Registry_PropertyA
CM_Set_DevNode_Registry_PropertyW
CM_Set_DevNode_Registry_Property_ExA
CM_Set_DevNode_Registry_Property_ExW
CM_Set_HW_Prof
CM_Set_HW_Prof_Ex
CM_Set_HW_Prof_FlagsA
CM_Set_HW_Prof_FlagsW
CM_Set_HW_Prof_Flags_ExA
CM_Set_HW_Prof_Flags_ExW
CM_Setup_DevNode
CM_Setup_DevNode_Ex
CM_Test_Range_Available
CM_Uninstall_DevNode
CM_Uninstall_DevNode_Ex
CM_Unregister_Device_InterfaceA
CM_Unregister_Device_InterfaceW
CM_Unregister_Device_Interface_ExA
CM_Unregister_Device_Interface_ExW

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 690B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
directx81/dsetup32.dll
.dll windows x86

3b7b440e590078c58f3c42bb06952ff6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
CreateDirectoryA
lstrcpyA
OutputDebugStringA
GetWindowsDirectoryA
GetSystemDefaultLCID
GetFileAttributesA
GetShortPathNameA
lstrlenA
GetModuleFileNameA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetSystemInfo
GetDiskFreeSpaceA
GetModuleHandleA
lstrcmpiA
CloseHandle
ReadFile
GetFileSize
CreateFileA
FindNextFileA
GetPrivateProfileStringA
WaitForSingleObject
CreateProcessA
GetPrivateProfileIntA
lstrcmpA
LoadLibraryExA
GetPrivateProfileSectionA
LocalFree
LocalAlloc
lstrcpynA
SetFileTime
LocalFileTimeToFileTime
GetFileTime
GetTempFileNameA
ExpandEnvironmentStringsA
GetTempPathA
Sleep
CreateMutexA
LoadResource
FindResourceA
WriteFile
GetCurrentThreadId
TlsSetValue
GetCommandLineA
GetLocalTime
HeapFree
HeapReAlloc
HeapAlloc
FindFirstFileA
TlsFree
SetLastError
TlsGetValue
TlsAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
VirtualProtect
VirtualQuery
LCMapStringA
LCMapStringW
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
SetStdHandle
FlushFileBuffers
SetFilePointer
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
RtlUnwind
SetEndOfFile
GetProcessHeap
FindClose
SetFileAttributesA
DeleteFileA
MultiByteToWideChar
GetVersionExA
CopyFileA
GetSystemDirectoryA
lstrcatA
FreeLibrary
LoadLibraryA
GetProcAddress
ExitProcess
GetLastError

user32

DestroyWindow
ShowWindow
DialogBoxParamA
SendDlgItemMessageA
EndDialog
SetFocus
CreateDialogParamA
SetDlgItemTextA
GetDlgItem
CharLowerA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
LoadStringA
CharNextA
GetKeyboardType
wsprintfA
MessageBoxA
SendMessageA

advapi32

RegCloseKey
RegOpenKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCreateKeyA
RegSetValueA
RegDeleteValueA
RegQueryValueExA

winmm

mmioDescend
mmioOpenA
mmioClose
mmioRead

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

shell32

SHFileOperationA

ole32

StringFromGUID2
CoInitialize
CoCreateInstance
CoUninitialize

Exports

Exports

DirectXCopyFile
DirectXLoadString
DirectXSetupCallback
DirectXSetupSetCallback
DirectXSetupShowEULA
iDirectXDeviceDriverSetup
iDirectXSetup

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
directx81/dxnt.cab
.cab
directx81/dxsetup.exe
.exe windows x86

c4213d5511392436e79b0ad137dd7452

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA

kernel32

CloseHandle
lstrlenA
ReadFile
GetFileSize
CreateFileA
FreeLibrary
GetCurrentProcess
FindClose
FindFirstFileA
lstrcpyA
GetCurrentDirectoryA
lstrcmpiA
GetModuleHandleA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetSystemDefaultLangID
GetModuleFileNameA
GetProcAddress
SetCurrentDirectoryA
OutputDebugStringA
SetErrorMode
GetLastError
CreateMutexA
GetVersionExA
GetWindowsDirectoryA
GetProcessHeap
SetEndOfFile
RtlUnwind
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
SetFilePointer
FlushFileBuffers
SetStdHandle
HeapReAlloc
InitializeCriticalSection
GetCPInfo
GetOEMCP
GetACP
lstrcatA
LoadLibraryA
GetStartupInfoA
GetCommandLineA
GetLocalTime
ExitProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsFree
SetLastError
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
HeapDestroy
HeapCreate
VirtualFree
HeapFree
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
LCMapStringA
MultiByteToWideChar
LCMapStringW

gdi32

GetDeviceCaps

user32

EnableWindow
LoadStringA
SetWindowPos
DialogBoxParamA
EnumWindows
SetDlgItemTextA
EndDialog
GetDesktopWindow
GetDlgItem
IsWindowEnabled
LoadCursorA
SetCursor
MessageBoxA
GetAsyncKeyState
ExitWindowsEx
GetWindowTextA
GetClassNameA
SetForegroundWindow
SetFocus
GetWindowRect
GetDC
ReleaseDC

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

comctl32

ord17

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
directx81/setupapi.dll
.dll windows x86

34e609de713a84ae984541be5b4ecb82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ntdll

RtlUnwind

kernel32

GetCPInfo
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetFileType
GetStdHandle
ExitProcess
TerminateProcess
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStartupInfoA
CreateThread
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetFilePointer
SetStdHandle
FlushFileBuffers
GetLocaleInfoW
GetProcAddress
FreeLibrary
WaitForSingleObject
GetCurrentThread
DuplicateHandle
ResumeThread
ExitThread
GetDriveTypeA
GetModuleFileNameA
FormatMessageA
LocalFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateDirectoryA
GetTempFileNameA
SetFileAttributesA
MoveFileA
CopyFileA
GetDiskFreeSpaceA
TlsAlloc
TlsFree
TlsSetValue
_llseek
_lclose
_lwrite
_lread
_lopen
TlsGetValue
_lcreat
DosDateTimeToFileTime
WinExec
WritePrivateProfileStringA
GetPrivateProfileStringA
GetEnvironmentVariableA
FindNextFileA
GetFullPathNameA
WriteFile
DeleteFileA
CompareFileTime
GetThreadLocale
GetStringTypeExA
RaiseException
WaitForMultipleObjects
ReleaseMutex
lstrcmpA
SetEvent
CreateEventA
CreateMutexA
HeapAlloc
HeapFree
HeapReAlloc
GetCommandLineA
GetVersion
GetModuleHandleA
GetLocaleInfoA
LoadLibraryA
GetCurrentThreadId
VirtualAlloc
UnhandledExceptionFilter
MultiByteToWideChar
SetErrorMode
lstrcatA
GetVersionExA
GetSystemDirectoryA
GetWindowsDirectoryA
CloseHandle
GetLastError
CreateFileA
MapViewOfFile
CreateFileMappingA
GetFileSize
UnmapViewOfFile
WideCharToMultiByte
SetLastError
FindFirstFileA
FindClose
lstrlenW
MoveFileExA
GetShortPathNameA
lstrcpynA
GetPrivateProfileSectionA
lstrcmpiA
WritePrivateProfileSectionA
ExpandEnvironmentStringsA
lstrcpyA
lstrlenA
GetCurrentProcess
SetFileTime
GetFileTime

user32

IsWindowEnabled
KillTimer
IsDlgButtonChecked
SetTimer
CheckDlgButton
SetWindowPos
LoadCursorA
MapWindowPoints
InvalidateRect
GetIconInfo
IsWindowVisible
SetCursor
CheckRadioButton
DrawAnimatedRects
LoadBitmapA
DestroyIcon
GetSysColor
ClientToScreen
GetWindowRect
GetClientRect
SystemParametersInfoA
GetSystemMetrics
MoveWindow
GetDC
ReleaseDC
GetWindow
TranslateMessage
DispatchMessageA
PostThreadMessageA
IsWindow
GetWindowTextLengthA
GetWindowTextA
MessageBoxIndirectA
DialogBoxParamA
RemovePropA
DestroyWindow
SetForegroundWindow
GetPropA
EndDialog
SetPropA
SetWindowTextA
SendDlgItemMessageA
GetDlgItemTextA
UpdateWindow
SetDlgItemTextA
GetParent
GetWindowLongA
SendMessageA
GetDlgItem
EnableWindow
PostMessageA
SetWindowLongA
MessageBeep
ExitWindowsEx
CharUpperA
LoadStringA
MessageBoxA
WaitMessage
PeekMessageA
wsprintfA
CharLowerA
GetMessageA
LoadIconA
ShowWindow
SetFocus

gdi32

SetTextColor
StretchBlt
DeleteObject
BitBlt
GetObjectA
CreateCompatibleDC
CreateBitmap
CreateCompatibleBitmap
DeleteDC
SelectObject
SetBkColor

advapi32

FreeSid
QueryServiceConfigA
CreateServiceA
DeleteService
OpenSCManagerA
OpenServiceA
LockServiceDatabase
ChangeServiceConfigA
UnlockServiceDatabase
CloseServiceHandle
AdjustTokenPrivileges
LookupPrivilegeValueA
AllocateAndInitializeSid
EqualSid
RegCloseKey
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegQueryValueExA
OpenProcessToken
GetTokenInformation
InitializeSecurityDescriptor
SetSecurityDescriptorOwner
SetFileSecurityA
GetFileSecurityA
IsTextUnicode
RegOpenKeyExA

shell32

ord59
SHChangeNotify
ExtractIconExA

lz32

LZOpenFileA
LZCopy
LZClose

comdlg32

GetOpenFileNameA
GetFileTitleA

comctl32

ImageList_Destroy
CreatePropertySheetPageA
DestroyPropertySheetPage
ImageList_Add
ImageList_Create
ImageList_SetBkColor
ord17
ImageList_ReplaceIcon
ImageList_SetOverlayImage

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

winspool.drv

GetPrinterDriverDirectoryA

cfgmgr32

CM_Set_HW_Prof_FlagsA
CM_Uninstall_DevNode
CM_Query_Remove_SubTree
CM_Get_Class_NameA
CM_Reenumerate_DevNode
CM_Get_Hardware_Profile_InfoA
CM_Remove_SubTree
CM_Delete_DevNode_Key
CM_Get_Class_Key_NameA
CM_Delete_Class_Key
CM_Get_Device_ID_Size
CM_Get_First_Log_Conf
CM_Open_DevNode_Key
CM_Detect_Resource_Conflict
CM_Get_Next_Log_Conf
CM_Setup_DevNode
CM_Enable_DevNode
CM_Disable_DevNode
CM_Free_Res_Des_Handle
CM_Add_Res_Des
CM_Free_Log_Conf_Handle
CM_Free_Log_Conf
CM_Add_Empty_Log_Conf
CM_Set_DevNode_Registry_PropertyW
CM_Get_DevNode_Registry_PropertyA
CM_Get_HW_Prof_FlagsA
CM_Locate_DevNodeA
CM_Enumerate_Classes
CM_Open_Class_KeyA
CM_Move_DevNode
CM_Get_DevNode_Status
CM_Create_DevNodeA
CM_Get_Res_Des_Data_Size
CM_Get_Next_Res_Des
CM_Get_Device_ID_List_SizeA
CM_Get_Device_ID_ListA
CM_Get_Parent
CM_Get_Device_IDA
CM_Get_Res_Des_Data

mpr

WNetGetResourceInformationA
WNetAddConnection3A
WNetCancelConnection2A

rpcrt4

UuidFromStringA

Exports

Exports

AddMiniIconToList
AddTagToGroupOrderListEntry
AppendStringToMultiSz
AssertFail
CaptureAndConvertAnsiArg
CaptureStringArg
CenterWindowRelativeToParent
ConcatenatePaths
DelayedMove
DelimStringToMultiSz
DestroyTextFileReadBuffer
DoesUserHavePrivilege
DuplicateString
EnablePrivilege
ExtensionPropSheetPageProc
FileExists
FreeStringArray
GetNewInfName
GetSetFileTimestamp
GetVersionInfoFromImage
InfIsFromOemLocation
InstallHinfSection
InstallHinfSectionA
InstallHinfSectionW
InstallStop
IsUserAdmin
LookUpStringInTable
MemoryInitialize
MultiByteToUnicode
MultiSzFromSearchControl
MyFree
MyGetFileTitle
MyMalloc
MyRealloc
OpenAndMapFileForRead
OutOfMemory
QueryMultiSzValueToArray
QueryRegistryValue
ReadAsciiOrUnicodeTextFile
RegistryDelnode
RetreiveFileSecurity
RetrieveServiceConfig
SearchForInfFile
SetArrayToMultiSzValue
SetupAddInstallSectionToDiskSpaceListA
SetupAddInstallSectionToDiskSpaceListW
SetupAddSectionToDiskSpaceListA
SetupAddSectionToDiskSpaceListW
SetupAddToDiskSpaceListA
SetupAddToDiskSpaceListW
SetupAddToSourceListA
SetupAddToSourceListW
SetupAdjustDiskSpaceListA
SetupAdjustDiskSpaceListW
SetupCancelTemporarySourceList
SetupCloseFileQueue
SetupCloseInfFile
SetupCommitFileQueue
SetupCommitFileQueueA
SetupCommitFileQueueW
SetupCopyErrorA
SetupCopyErrorW
SetupCreateDiskSpaceListA
SetupCreateDiskSpaceListW
SetupDecompressOrCopyFileA
SetupDecompressOrCopyFileW
SetupDefaultQueueCallback
SetupDefaultQueueCallbackA
SetupDefaultQueueCallbackW
SetupDeleteErrorA
SetupDeleteErrorW
SetupDestroyDiskSpaceList
SetupDiAskForOEMDisk
SetupDiBuildClassInfoList
SetupDiBuildDriverInfoList
SetupDiCallClassInstaller
SetupDiCancelDriverInfoSearch
SetupDiChangeState
SetupDiClassGuidsFromNameA
SetupDiClassGuidsFromNameW
SetupDiClassNameFromGuidA
SetupDiClassNameFromGuidW
SetupDiCreateDevRegKeyA
SetupDiCreateDevRegKeyW
SetupDiCreateDeviceInfoA
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoW
SetupDiDeleteDevRegKey
SetupDiDeleteDeviceInfo
SetupDiDestroyClassImageList
SetupDiDestroyDeviceInfoList
SetupDiDestroyDriverInfoList
SetupDiDrawMiniIcon
SetupDiEnumDeviceInfo
SetupDiEnumDriverInfoA
SetupDiEnumDriverInfoW
SetupDiGetActualSectionToInstallA
SetupDiGetActualSectionToInstallW
SetupDiGetClassBitmapIndex
SetupDiGetClassDescriptionA
SetupDiGetClassDescriptionW
SetupDiGetClassDevPropertySheetsA
SetupDiGetClassDevPropertySheetsW
SetupDiGetClassDevsA
SetupDiGetClassDevsW
SetupDiGetClassImageIndex
SetupDiGetClassImageList
SetupDiGetClassInstallParamsA
SetupDiGetClassInstallParamsW
SetupDiGetDeviceInfoListClass
SetupDiGetDeviceInstallParamsA
SetupDiGetDeviceInstallParamsW
SetupDiGetDeviceInstanceIdA
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceRegistryPropertyA
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDriverInfoDetailA
SetupDiGetDriverInfoDetailW
SetupDiGetDriverInstallParamsA
SetupDiGetDriverInstallParamsW
SetupDiGetHwProfileFriendlyNameA
SetupDiGetHwProfileFriendlyNameW
SetupDiGetHwProfileList
SetupDiGetINFClassA
SetupDiGetINFClassW
SetupDiGetSelectedDevice
SetupDiGetSelectedDriverA
SetupDiGetSelectedDriverW
SetupDiGetWizardPage
SetupDiInstallClassA
SetupDiInstallClassW
SetupDiInstallDevice
SetupDiInstallDriverFiles
SetupDiLoadClassIcon
SetupDiMoveDuplicateDevice
SetupDiOpenClassRegKey
SetupDiOpenDevRegKey
SetupDiOpenDeviceInfoA
SetupDiOpenDeviceInfoW
SetupDiRegisterDeviceInfo
SetupDiRemoveDevice
SetupDiSelectDevice
SetupDiSelectOEMDrv
SetupDiSetClassInstallParamsA
SetupDiSetClassInstallParamsW
SetupDiSetDeviceInstallParamsA
SetupDiSetDeviceInstallParamsW
SetupDiSetDeviceRegistryPropertyA
SetupDiSetDeviceRegistryPropertyW
SetupDiSetDriverInstallParamsA
SetupDiSetDriverInstallParamsW
SetupDiSetSelectedDevice
SetupDiSetSelectedDriverA
SetupDiSetSelectedDriverW
SetupDuplicateDiskSpaceListA
SetupDuplicateDiskSpaceListW
SetupFindFirstLineA
SetupFindFirstLineW
SetupFindNextLine
SetupFindNextMatchLineA
SetupFindNextMatchLineW
SetupFreeSourceListA
SetupFreeSourceListW
SetupGetBinaryField
SetupGetFieldCount
SetupGetFileCompressionInfoA
SetupGetFileCompressionInfoW
SetupGetInfFileListA
SetupGetInfFileListW
SetupGetInfInformationA
SetupGetInfInformationW
SetupGetIntField
SetupGetLineByIndexA
SetupGetLineByIndexW
SetupGetLineCountA
SetupGetLineCountW
SetupGetLineTextA
SetupGetLineTextW
SetupGetMultiSzFieldA
SetupGetMultiSzFieldW
SetupGetSourceFileLocationA
SetupGetSourceFileLocationW
SetupGetSourceFileSizeA
SetupGetSourceFileSizeW
SetupGetSourceInfoA
SetupGetSourceInfoW
SetupGetStringFieldA
SetupGetStringFieldW
SetupGetTargetPathA
SetupGetTargetPathW
SetupInitDefaultQueueCallback
SetupInitDefaultQueueCallbackEx
SetupInitializeFileLogA
SetupInitializeFileLogW
SetupInstallFileA
SetupInstallFileExA
SetupInstallFileExW
SetupInstallFileW
SetupInstallFilesFromInfSectionA
SetupInstallFilesFromInfSectionW
SetupInstallFromInfSectionA
SetupInstallFromInfSectionW
SetupInstallServicesFromInfSectionA
SetupInstallServicesFromInfSectionW
SetupIterateCabinetA
SetupIterateCabinetW
SetupLogFileA
SetupLogFileW
SetupOpenAppendInfFileA
SetupOpenAppendInfFileW
SetupOpenFileQueue
SetupOpenInfFileA
SetupOpenInfFileW
SetupOpenMasterInf
SetupPromptForDiskA
SetupPromptForDiskW
SetupPromptReboot
SetupQueryDrivesInDiskSpaceListA
SetupQueryDrivesInDiskSpaceListW
SetupQueryFileLogA
SetupQueryFileLogW
SetupQueryInfFileInformationA
SetupQueryInfFileInformationW
SetupQueryInfVersionInformationA
SetupQueryInfVersionInformationW
SetupQuerySourceListA
SetupQuerySourceListW
SetupQuerySpaceRequiredOnDriveA
SetupQuerySpaceRequiredOnDriveW
SetupQueueCopyA
SetupQueueCopySectionA
SetupQueueCopySectionW
SetupQueueCopyW
SetupQueueDefaultCopyA
SetupQueueDefaultCopyW
SetupQueueDeleteA
SetupQueueDeleteSectionA
SetupQueueDeleteSectionW
SetupQueueDeleteW
SetupQueueRenameA
SetupQueueRenameSectionA
SetupQueueRenameSectionW
SetupQueueRenameW
SetupRemoveFileLogEntryA
SetupRemoveFileLogEntryW
SetupRemoveFromDiskSpaceListA
SetupRemoveFromDiskSpaceListW
SetupRemoveFromSourceListA
SetupRemoveFromSourceListW
SetupRemoveInstallSectionFromDiskSpaceListA
SetupRemoveInstallSectionFromDiskSpaceListW
SetupRemoveSectionFromDiskSpaceListA
SetupRemoveSectionFromDiskSpaceListW
SetupRenameErrorA
SetupRenameErrorW
SetupScanFileQueue
SetupScanFileQueueA
SetupScanFileQueueW
SetupSetDirectoryIdA
SetupSetDirectoryIdExA
SetupSetDirectoryIdExW
SetupSetDirectoryIdW
SetupSetPlatformPathOverrideA
SetupSetPlatformPathOverrideW
SetupSetSourceListA
SetupSetSourceListW
SetupTermDefaultQueueCallback
SetupTerminateFileLog
ShouldDeviceBeExcluded
StampFileSecurity
StringTableAddString
StringTableAddStringEx
StringTableDestroy
StringTableDuplicate
StringTableEnum
StringTableGetExtraData
StringTableInitialize
StringTableInitializeEx
StringTableLookUpString
StringTableLookUpStringEx
StringTableSetExtraData
StringTableStringFromId
StringTableTrim
TakeOwnershipOfFile
UnicodeToMultiByte
UnmapAndCloseFile
pSetupDirectoryIdToPath
pSetupGetField
pSetupGetOsLoaderDriveAndPath
pSetupGetVersionDatum
pSetupGuidFromString
pSetupIsGuidNull
pSetupMakeSurePathExists
pSetupStringFromGuid

Sections

.text
Size: 205KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
directx81b/BDA.cab
.cab
directx81b/BDANT.cab
.cab
directx81b/DSETUP.dll
.dll windows x86

d4a6ad81669c70ab6cd1669f58cfcb28

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
GetCurrentDirectoryA
lstrlenA
GetModuleFileNameA
LocalFree
LocalAlloc
lstrcmpiA
GetDiskFreeSpaceA
GetWindowsDirectoryA
MultiByteToWideChar
lstrcmpA
WideCharToMultiByte
GetSystemDefaultLCID
IsBadStringPtrA
IsBadReadPtr
IsBadStringPtrW
lstrlenW
GetCurrentThreadId
TlsSetValue
GetCommandLineA
HeapFree
HeapAlloc
ExitProcess
GetModuleHandleA
TlsFree
SetLastError
TlsGetValue
TlsAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
SetCurrentDirectoryA
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
LCMapStringA
LCMapStringW
VirtualProtect
GetSystemInfo
VirtualQuery
RtlUnwind
GetVersionExA
lstrcpyA
lstrcatA
LoadLibraryA
GetProcAddress
OutputDebugStringA
CreateMutexA
GetLastError
CloseHandle
FreeEnvironmentStringsW
FreeLibrary

user32

wsprintfW
wsprintfA
GetKeyboardType
DestroyWindow
SetFocus
CreateDialogParamA
SetDlgItemTextA
MessageBoxA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA

advapi32

RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegCreateKeyExA
RegSetValueExW
RegCreateKeyExW
RegQueryValueExA

winmm

mmioRead
mmioDescend
mmioOpenA
mmioClose

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

ole32

StringFromGUID2

Exports

Exports

DirectXDeviceDriverSetupA
DirectXDeviceDriverSetupW
DirectXLoadString
DirectXRegisterApplicationA
DirectXRegisterApplicationW
DirectXSetupA
DirectXSetupCallback
DirectXSetupGetFileVersion
DirectXSetupGetVersion
DirectXSetupIsEng
DirectXSetupIsJapan
DirectXSetupIsJapanNec
DirectXSetupSetCallback
DirectXSetupShowEULA
DirectXSetupW
DirectXUnRegisterApplication

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
directx81b/DirectX.cab
.cab
directx81b/cfgmgr32.dll
.dll windows x86

17fb831fc2ad10b3d998240020a55343

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
HeapAlloc
GetProcessHeap
RtlUnwind
lstrcpyA
CloseHandle
lstrcatA
HeapFree
CreateFileA
DeviceIoControl
CreateThread
GetExitCodeThread
MultiByteToWideChar
WideCharToMultiByte

user32

CharUpperA
PeekMessageA
MsgWaitForMultipleObjects

advapi32

RegSetValueExA
RegQueryInfoKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegEnumKeyA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

CM_Add_Empty_Log_Conf
CM_Add_Empty_Log_Conf_Ex
CM_Add_IDA
CM_Add_IDW
CM_Add_ID_ExA
CM_Add_ID_ExW
CM_Add_Range
CM_Add_Res_Des
CM_Add_Res_Des_Ex
CM_Connect_MachineA
CM_Connect_MachineW
CM_Create_DevNodeA
CM_Create_DevNodeW
CM_Create_DevNode_ExA
CM_Create_DevNode_ExW
CM_Create_Range_List
CM_Delete_Class_Key
CM_Delete_Class_Key_Ex
CM_Delete_DevNode_Key
CM_Delete_DevNode_Key_Ex
CM_Delete_Range
CM_Detect_Resource_Conflict
CM_Detect_Resource_Conflict_Ex
CM_Disable_DevNode
CM_Disable_DevNode_Ex
CM_Disconnect_Machine
CM_Dup_Range_List
CM_Enable_DevNode
CM_Enable_DevNode_Ex
CM_Enumerate_Classes
CM_Enumerate_Classes_Ex
CM_Enumerate_EnumeratorsA
CM_Enumerate_EnumeratorsW
CM_Enumerate_Enumerators_ExA
CM_Enumerate_Enumerators_ExW
CM_Find_Range
CM_First_Range
CM_Free_Log_Conf
CM_Free_Log_Conf_Ex
CM_Free_Log_Conf_Handle
CM_Free_Range_List
CM_Free_Res_Des
CM_Free_Res_Des_Ex
CM_Free_Res_Des_Handle
CM_Get_Child
CM_Get_Child_Ex
CM_Get_Class_Key_NameA
CM_Get_Class_Key_NameW
CM_Get_Class_Key_Name_ExA
CM_Get_Class_Key_Name_ExW
CM_Get_Class_NameA
CM_Get_Class_NameW
CM_Get_Class_Name_ExA
CM_Get_Class_Name_ExW
CM_Get_Depth
CM_Get_Depth_Ex
CM_Get_DevNode_Registry_PropertyA
CM_Get_DevNode_Registry_PropertyW
CM_Get_DevNode_Registry_Property_ExA
CM_Get_DevNode_Registry_Property_ExW
CM_Get_DevNode_Status
CM_Get_DevNode_Status_Ex
CM_Get_Device_IDA
CM_Get_Device_IDW
CM_Get_Device_ID_ExA
CM_Get_Device_ID_ExW
CM_Get_Device_ID_ListA
CM_Get_Device_ID_ListW
CM_Get_Device_ID_List_ExA
CM_Get_Device_ID_List_ExW
CM_Get_Device_ID_List_SizeA
CM_Get_Device_ID_List_SizeW
CM_Get_Device_ID_List_Size_ExA
CM_Get_Device_ID_List_Size_ExW
CM_Get_Device_ID_Size
CM_Get_Device_ID_Size_Ex
CM_Get_Device_Interface_AliasA
CM_Get_Device_Interface_AliasW
CM_Get_Device_Interface_Alias_ExA
CM_Get_Device_Interface_Alias_ExW
CM_Get_Device_Interface_ListA
CM_Get_Device_Interface_ListW
CM_Get_Device_Interface_List_ExA
CM_Get_Device_Interface_List_ExW
CM_Get_Device_Interface_List_SizeA
CM_Get_Device_Interface_List_SizeW
CM_Get_Device_Interface_List_Size_ExA
CM_Get_Device_Interface_List_Size_ExW
CM_Get_First_Log_Conf
CM_Get_First_Log_Conf_Ex
CM_Get_Global_State
CM_Get_Global_State_Ex
CM_Get_HW_Prof_FlagsA
CM_Get_HW_Prof_FlagsW
CM_Get_HW_Prof_Flags_ExA
CM_Get_HW_Prof_Flags_ExW
CM_Get_Hardware_Profile_InfoA
CM_Get_Hardware_Profile_InfoW
CM_Get_Hardware_Profile_Info_ExA
CM_Get_Hardware_Profile_Info_ExW
CM_Get_Next_Log_Conf
CM_Get_Next_Log_Conf_Ex
CM_Get_Next_Res_Des
CM_Get_Next_Res_Des_Ex
CM_Get_Parent
CM_Get_Parent_Ex
CM_Get_Res_Des_Data
CM_Get_Res_Des_Data_Ex
CM_Get_Res_Des_Data_Size
CM_Get_Res_Des_Data_Size_Ex
CM_Get_Sibling
CM_Get_Sibling_Ex
CM_Get_Version
CM_Get_Version_Ex
CM_Intersect_Range_List
CM_Invert_Range_List
CM_Locate_DevNodeA
CM_Locate_DevNodeW
CM_Locate_DevNode_ExA
CM_Locate_DevNode_ExW
CM_Merge_Range_List
CM_Modify_Res_Des
CM_Modify_Res_Des_Ex
CM_Move_DevNode
CM_Move_DevNode_Ex
CM_Next_Range
CM_Open_Class_KeyA
CM_Open_Class_KeyW
CM_Open_Class_Key_ExA
CM_Open_Class_Key_ExW
CM_Open_DevNode_Key
CM_Open_DevNode_Key_Ex
CM_Query_Arbitrator_Free_Data
CM_Query_Arbitrator_Free_Data_Ex
CM_Query_Arbitrator_Free_Size
CM_Query_Arbitrator_Free_Size_Ex
CM_Query_Remove_SubTree
CM_Query_Remove_SubTree_Ex
CM_Reenumerate_DevNode
CM_Reenumerate_DevNode_Ex
CM_Register_Device_Driver
CM_Register_Device_Driver_Ex
CM_Register_Device_InterfaceA
CM_Register_Device_InterfaceW
CM_Register_Device_Interface_ExA
CM_Register_Device_Interface_ExW
CM_Remove_SubTree
CM_Remove_SubTree_Ex
CM_Remove_Unmarked_Children
CM_Remove_Unmarked_Children_Ex
CM_Reset_Children_Marks
CM_Reset_Children_Marks_Ex
CM_Run_Detection
CM_Run_Detection_Ex
CM_Set_DevNode_Registry_PropertyA
CM_Set_DevNode_Registry_PropertyW
CM_Set_DevNode_Registry_Property_ExA
CM_Set_DevNode_Registry_Property_ExW
CM_Set_HW_Prof
CM_Set_HW_Prof_Ex
CM_Set_HW_Prof_FlagsA
CM_Set_HW_Prof_FlagsW
CM_Set_HW_Prof_Flags_ExA
CM_Set_HW_Prof_Flags_ExW
CM_Setup_DevNode
CM_Setup_DevNode_Ex
CM_Test_Range_Available
CM_Uninstall_DevNode
CM_Uninstall_DevNode_Ex
CM_Unregister_Device_InterfaceA
CM_Unregister_Device_InterfaceW
CM_Unregister_Device_Interface_ExA
CM_Unregister_Device_Interface_ExW

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 690B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
directx81b/dsetup32.dll
.dll windows x86

3b7b440e590078c58f3c42bb06952ff6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
CreateDirectoryA
lstrcpyA
OutputDebugStringA
GetWindowsDirectoryA
GetSystemDefaultLCID
GetFileAttributesA
GetShortPathNameA
lstrlenA
GetModuleFileNameA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetSystemInfo
GetDiskFreeSpaceA
GetModuleHandleA
lstrcmpiA
CloseHandle
ReadFile
GetFileSize
CreateFileA
FindNextFileA
GetPrivateProfileStringA
WaitForSingleObject
CreateProcessA
GetPrivateProfileIntA
lstrcmpA
LoadLibraryExA
GetPrivateProfileSectionA
LocalFree
LocalAlloc
lstrcpynA
SetFileTime
LocalFileTimeToFileTime
GetFileTime
GetTempFileNameA
ExpandEnvironmentStringsA
GetTempPathA
Sleep
CreateMutexA
LoadResource
FindResourceA
WriteFile
GetCurrentThreadId
TlsSetValue
GetCommandLineA
GetLocalTime
HeapFree
HeapReAlloc
HeapAlloc
FindFirstFileA
TlsFree
SetLastError
TlsGetValue
TlsAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
VirtualProtect
VirtualQuery
LCMapStringA
LCMapStringW
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
SetStdHandle
FlushFileBuffers
SetFilePointer
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
RtlUnwind
SetEndOfFile
GetProcessHeap
FindClose
SetFileAttributesA
DeleteFileA
MultiByteToWideChar
GetVersionExA
CopyFileA
GetSystemDirectoryA
lstrcatA
FreeLibrary
LoadLibraryA
GetProcAddress
ExitProcess
GetLastError

user32

DestroyWindow
ShowWindow
DialogBoxParamA
SendDlgItemMessageA
EndDialog
SetFocus
CreateDialogParamA
SetDlgItemTextA
GetDlgItem
CharLowerA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
LoadStringA
CharNextA
GetKeyboardType
wsprintfA
MessageBoxA
SendMessageA

advapi32

RegCloseKey
RegOpenKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCreateKeyA
RegSetValueA
RegDeleteValueA
RegQueryValueExA

winmm

mmioDescend
mmioOpenA
mmioClose
mmioRead

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

shell32

SHFileOperationA

ole32

StringFromGUID2
CoInitialize
CoCreateInstance
CoUninitialize

Exports

Exports

DirectXCopyFile
DirectXLoadString
DirectXSetupCallback
DirectXSetupSetCallback
DirectXSetupShowEULA
iDirectXDeviceDriverSetup
iDirectXSetup

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
directx81b/dxnt.cab
.cab
directx81b/dxsetup.exe
.exe windows x86

c4213d5511392436e79b0ad137dd7452

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA

kernel32

CloseHandle
lstrlenA
ReadFile
GetFileSize
CreateFileA
FreeLibrary
GetCurrentProcess
FindClose
FindFirstFileA
lstrcpyA
GetCurrentDirectoryA
lstrcmpiA
GetModuleHandleA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetSystemDefaultLangID
GetModuleFileNameA
GetProcAddress
SetCurrentDirectoryA
OutputDebugStringA
SetErrorMode
GetLastError
CreateMutexA
GetVersionExA
GetWindowsDirectoryA
GetProcessHeap
SetEndOfFile
RtlUnwind
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
SetFilePointer
FlushFileBuffers
SetStdHandle
HeapReAlloc
InitializeCriticalSection
GetCPInfo
GetOEMCP
GetACP
lstrcatA
LoadLibraryA
GetStartupInfoA
GetCommandLineA
GetLocalTime
ExitProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsFree
SetLastError
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
HeapDestroy
HeapCreate
VirtualFree
HeapFree
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
LCMapStringA
MultiByteToWideChar
LCMapStringW

gdi32

GetDeviceCaps

user32

EnableWindow
LoadStringA
SetWindowPos
DialogBoxParamA
EnumWindows
SetDlgItemTextA
EndDialog
GetDesktopWindow
GetDlgItem
IsWindowEnabled
LoadCursorA
SetCursor
MessageBoxA
GetAsyncKeyState
ExitWindowsEx
GetWindowTextA
GetClassNameA
SetForegroundWindow
SetFocus
GetWindowRect
GetDC
ReleaseDC

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

comctl32

ord17

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
directx81b/setupapi.dll
.dll windows x86

34e609de713a84ae984541be5b4ecb82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ntdll

RtlUnwind

kernel32

GetCPInfo
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetFileType
GetStdHandle
ExitProcess
TerminateProcess
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStartupInfoA
CreateThread
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetFilePointer
SetStdHandle
FlushFileBuffers
GetLocaleInfoW
GetProcAddress
FreeLibrary
WaitForSingleObject
GetCurrentThread
DuplicateHandle
ResumeThread
ExitThread
GetDriveTypeA
GetModuleFileNameA
FormatMessageA
LocalFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateDirectoryA
GetTempFileNameA
SetFileAttributesA
MoveFileA
CopyFileA
GetDiskFreeSpaceA
TlsAlloc
TlsFree
TlsSetValue
_llseek
_lclose
_lwrite
_lread
_lopen
TlsGetValue
_lcreat
DosDateTimeToFileTime
WinExec
WritePrivateProfileStringA
GetPrivateProfileStringA
GetEnvironmentVariableA
FindNextFileA
GetFullPathNameA
WriteFile
DeleteFileA
CompareFileTime
GetThreadLocale
GetStringTypeExA
RaiseException
WaitForMultipleObjects
ReleaseMutex
lstrcmpA
SetEvent
CreateEventA
CreateMutexA
HeapAlloc
HeapFree
HeapReAlloc
GetCommandLineA
GetVersion
GetModuleHandleA
GetLocaleInfoA
LoadLibraryA
GetCurrentThreadId
VirtualAlloc
UnhandledExceptionFilter
MultiByteToWideChar
SetErrorMode
lstrcatA
GetVersionExA
GetSystemDirectoryA
GetWindowsDirectoryA
CloseHandle
GetLastError
CreateFileA
MapViewOfFile
CreateFileMappingA
GetFileSize
UnmapViewOfFile
WideCharToMultiByte
SetLastError
FindFirstFileA
FindClose
lstrlenW
MoveFileExA
GetShortPathNameA
lstrcpynA
GetPrivateProfileSectionA
lstrcmpiA
WritePrivateProfileSectionA
ExpandEnvironmentStringsA
lstrcpyA
lstrlenA
GetCurrentProcess
SetFileTime
GetFileTime

user32

IsWindowEnabled
KillTimer
IsDlgButtonChecked
SetTimer
CheckDlgButton
SetWindowPos
LoadCursorA
MapWindowPoints
InvalidateRect
GetIconInfo
IsWindowVisible
SetCursor
CheckRadioButton
DrawAnimatedRects
LoadBitmapA
DestroyIcon
GetSysColor
ClientToScreen
GetWindowRect
GetClientRect
SystemParametersInfoA
GetSystemMetrics
MoveWindow
GetDC
ReleaseDC
GetWindow
TranslateMessage
DispatchMessageA
PostThreadMessageA
IsWindow
GetWindowTextLengthA
GetWindowTextA
MessageBoxIndirectA
DialogBoxParamA
RemovePropA
DestroyWindow
SetForegroundWindow
GetPropA
EndDialog
SetPropA
SetWindowTextA
SendDlgItemMessageA
GetDlgItemTextA
UpdateWindow
SetDlgItemTextA
GetParent
GetWindowLongA
SendMessageA
GetDlgItem
EnableWindow
PostMessageA
SetWindowLongA
MessageBeep
ExitWindowsEx
CharUpperA
LoadStringA
MessageBoxA
WaitMessage
PeekMessageA
wsprintfA
CharLowerA
GetMessageA
LoadIconA
ShowWindow
SetFocus

gdi32

SetTextColor
StretchBlt
DeleteObject
BitBlt
GetObjectA
CreateCompatibleDC
CreateBitmap
CreateCompatibleBitmap
DeleteDC
SelectObject
SetBkColor

advapi32

FreeSid
QueryServiceConfigA
CreateServiceA
DeleteService
OpenSCManagerA
OpenServiceA
LockServiceDatabase
ChangeServiceConfigA
UnlockServiceDatabase
CloseServiceHandle
AdjustTokenPrivileges
LookupPrivilegeValueA
AllocateAndInitializeSid
EqualSid
RegCloseKey
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegQueryValueExA
OpenProcessToken
GetTokenInformation
InitializeSecurityDescriptor
SetSecurityDescriptorOwner
SetFileSecurityA
GetFileSecurityA
IsTextUnicode
RegOpenKeyExA

shell32

ord59
SHChangeNotify
ExtractIconExA

lz32

LZOpenFileA
LZCopy
LZClose

comdlg32

GetOpenFileNameA
GetFileTitleA

comctl32

ImageList_Destroy
CreatePropertySheetPageA
DestroyPropertySheetPage
ImageList_Add
ImageList_Create
ImageList_SetBkColor
ord17
ImageList_ReplaceIcon
ImageList_SetOverlayImage

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

winspool.drv

GetPrinterDriverDirectoryA

cfgmgr32

CM_Set_HW_Prof_FlagsA
CM_Uninstall_DevNode
CM_Query_Remove_SubTree
CM_Get_Class_NameA
CM_Reenumerate_DevNode
CM_Get_Hardware_Profile_InfoA
CM_Remove_SubTree
CM_Delete_DevNode_Key
CM_Get_Class_Key_NameA
CM_Delete_Class_Key
CM_Get_Device_ID_Size
CM_Get_First_Log_Conf
CM_Open_DevNode_Key
CM_Detect_Resource_Conflict
CM_Get_Next_Log_Conf
CM_Setup_DevNode
CM_Enable_DevNode
CM_Disable_DevNode
CM_Free_Res_Des_Handle
CM_Add_Res_Des
CM_Free_Log_Conf_Handle
CM_Free_Log_Conf
CM_Add_Empty_Log_Conf
CM_Set_DevNode_Registry_PropertyW
CM_Get_DevNode_Registry_PropertyA
CM_Get_HW_Prof_FlagsA
CM_Locate_DevNodeA
CM_Enumerate_Classes
CM_Open_Class_KeyA
CM_Move_DevNode
CM_Get_DevNode_Status
CM_Create_DevNodeA
CM_Get_Res_Des_Data_Size
CM_Get_Next_Res_Des
CM_Get_Device_ID_List_SizeA
CM_Get_Device_ID_ListA
CM_Get_Parent
CM_Get_Device_IDA
CM_Get_Res_Des_Data

mpr

WNetGetResourceInformationA
WNetAddConnection3A
WNetCancelConnection2A

rpcrt4

UuidFromStringA

Exports

Exports

AddMiniIconToList
AddTagToGroupOrderListEntry
AppendStringToMultiSz
AssertFail
CaptureAndConvertAnsiArg
CaptureStringArg
CenterWindowRelativeToParent
ConcatenatePaths
DelayedMove
DelimStringToMultiSz
DestroyTextFileReadBuffer
DoesUserHavePrivilege
DuplicateString
EnablePrivilege
ExtensionPropSheetPageProc
FileExists
FreeStringArray
GetNewInfName
GetSetFileTimestamp
GetVersionInfoFromImage
InfIsFromOemLocation
InstallHinfSection
InstallHinfSectionA
InstallHinfSectionW
InstallStop
IsUserAdmin
LookUpStringInTable
MemoryInitialize
MultiByteToUnicode
MultiSzFromSearchControl
MyFree
MyGetFileTitle
MyMalloc
MyRealloc
OpenAndMapFileForRead
OutOfMemory
QueryMultiSzValueToArray
QueryRegistryValue
ReadAsciiOrUnicodeTextFile
RegistryDelnode
RetreiveFileSecurity
RetrieveServiceConfig
SearchForInfFile
SetArrayToMultiSzValue
SetupAddInstallSectionToDiskSpaceListA
SetupAddInstallSectionToDiskSpaceListW
SetupAddSectionToDiskSpaceListA
SetupAddSectionToDiskSpaceListW
SetupAddToDiskSpaceListA
SetupAddToDiskSpaceListW
SetupAddToSourceListA
SetupAddToSourceListW
SetupAdjustDiskSpaceListA
SetupAdjustDiskSpaceListW
SetupCancelTemporarySourceList
SetupCloseFileQueue
SetupCloseInfFile
SetupCommitFileQueue
SetupCommitFileQueueA
SetupCommitFileQueueW
SetupCopyErrorA
SetupCopyErrorW
SetupCreateDiskSpaceListA
SetupCreateDiskSpaceListW
SetupDecompressOrCopyFileA
SetupDecompressOrCopyFileW
SetupDefaultQueueCallback
SetupDefaultQueueCallbackA
SetupDefaultQueueCallbackW
SetupDeleteErrorA
SetupDeleteErrorW
SetupDestroyDiskSpaceList
SetupDiAskForOEMDisk
SetupDiBuildClassInfoList
SetupDiBuildDriverInfoList
SetupDiCallClassInstaller
SetupDiCancelDriverInfoSearch
SetupDiChangeState
SetupDiClassGuidsFromNameA
SetupDiClassGuidsFromNameW
SetupDiClassNameFromGuidA
SetupDiClassNameFromGuidW
SetupDiCreateDevRegKeyA
SetupDiCreateDevRegKeyW
SetupDiCreateDeviceInfoA
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoW
SetupDiDeleteDevRegKey
SetupDiDeleteDeviceInfo
SetupDiDestroyClassImageList
SetupDiDestroyDeviceInfoList
SetupDiDestroyDriverInfoList
SetupDiDrawMiniIcon
SetupDiEnumDeviceInfo
SetupDiEnumDriverInfoA
SetupDiEnumDriverInfoW
SetupDiGetActualSectionToInstallA
SetupDiGetActualSectionToInstallW
SetupDiGetClassBitmapIndex
SetupDiGetClassDescriptionA
SetupDiGetClassDescriptionW
SetupDiGetClassDevPropertySheetsA
SetupDiGetClassDevPropertySheetsW
SetupDiGetClassDevsA
SetupDiGetClassDevsW
SetupDiGetClassImageIndex
SetupDiGetClassImageList
SetupDiGetClassInstallParamsA
SetupDiGetClassInstallParamsW
SetupDiGetDeviceInfoListClass
SetupDiGetDeviceInstallParamsA
SetupDiGetDeviceInstallParamsW
SetupDiGetDeviceInstanceIdA
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceRegistryPropertyA
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDriverInfoDetailA
SetupDiGetDriverInfoDetailW
SetupDiGetDriverInstallParamsA
SetupDiGetDriverInstallParamsW
SetupDiGetHwProfileFriendlyNameA
SetupDiGetHwProfileFriendlyNameW
SetupDiGetHwProfileList
SetupDiGetINFClassA
SetupDiGetINFClassW
SetupDiGetSelectedDevice
SetupDiGetSelectedDriverA
SetupDiGetSelectedDriverW
SetupDiGetWizardPage
SetupDiInstallClassA
SetupDiInstallClassW
SetupDiInstallDevice
SetupDiInstallDriverFiles
SetupDiLoadClassIcon
SetupDiMoveDuplicateDevice
SetupDiOpenClassRegKey
SetupDiOpenDevRegKey
SetupDiOpenDeviceInfoA
SetupDiOpenDeviceInfoW
SetupDiRegisterDeviceInfo
SetupDiRemoveDevice
SetupDiSelectDevice
SetupDiSelectOEMDrv
SetupDiSetClassInstallParamsA
SetupDiSetClassInstallParamsW
SetupDiSetDeviceInstallParamsA
SetupDiSetDeviceInstallParamsW
SetupDiSetDeviceRegistryPropertyA
SetupDiSetDeviceRegistryPropertyW
SetupDiSetDriverInstallParamsA
SetupDiSetDriverInstallParamsW
SetupDiSetSelectedDevice
SetupDiSetSelectedDriverA
SetupDiSetSelectedDriverW
SetupDuplicateDiskSpaceListA
SetupDuplicateDiskSpaceListW
SetupFindFirstLineA
SetupFindFirstLineW
SetupFindNextLine
SetupFindNextMatchLineA
SetupFindNextMatchLineW
SetupFreeSourceListA
SetupFreeSourceListW
SetupGetBinaryField
SetupGetFieldCount
SetupGetFileCompressionInfoA
SetupGetFileCompressionInfoW
SetupGetInfFileListA
SetupGetInfFileListW
SetupGetInfInformationA
SetupGetInfInformationW
SetupGetIntField
SetupGetLineByIndexA
SetupGetLineByIndexW
SetupGetLineCountA
SetupGetLineCountW
SetupGetLineTextA
SetupGetLineTextW
SetupGetMultiSzFieldA
SetupGetMultiSzFieldW
SetupGetSourceFileLocationA
SetupGetSourceFileLocationW
SetupGetSourceFileSizeA
SetupGetSourceFileSizeW
SetupGetSourceInfoA
SetupGetSourceInfoW
SetupGetStringFieldA
SetupGetStringFieldW
SetupGetTargetPathA
SetupGetTargetPathW
SetupInitDefaultQueueCallback
SetupInitDefaultQueueCallbackEx
SetupInitializeFileLogA
SetupInitializeFileLogW
SetupInstallFileA
SetupInstallFileExA
SetupInstallFileExW
SetupInstallFileW
SetupInstallFilesFromInfSectionA
SetupInstallFilesFromInfSectionW
SetupInstallFromInfSectionA
SetupInstallFromInfSectionW
SetupInstallServicesFromInfSectionA
SetupInstallServicesFromInfSectionW
SetupIterateCabinetA
SetupIterateCabinetW
SetupLogFileA
SetupLogFileW
SetupOpenAppendInfFileA
SetupOpenAppendInfFileW
SetupOpenFileQueue
SetupOpenInfFileA
SetupOpenInfFileW
SetupOpenMasterInf
SetupPromptForDiskA
SetupPromptForDiskW
SetupPromptReboot
SetupQueryDrivesInDiskSpaceListA
SetupQueryDrivesInDiskSpaceListW
SetupQueryFileLogA
SetupQueryFileLogW
SetupQueryInfFileInformationA
SetupQueryInfFileInformationW
SetupQueryInfVersionInformationA
SetupQueryInfVersionInformationW
SetupQuerySourceListA
SetupQuerySourceListW
SetupQuerySpaceRequiredOnDriveA
SetupQuerySpaceRequiredOnDriveW
SetupQueueCopyA
SetupQueueCopySectionA
SetupQueueCopySectionW
SetupQueueCopyW
SetupQueueDefaultCopyA
SetupQueueDefaultCopyW
SetupQueueDeleteA
SetupQueueDeleteSectionA
SetupQueueDeleteSectionW
SetupQueueDeleteW
SetupQueueRenameA
SetupQueueRenameSectionA
SetupQueueRenameSectionW
SetupQueueRenameW
SetupRemoveFileLogEntryA
SetupRemoveFileLogEntryW
SetupRemoveFromDiskSpaceListA
SetupRemoveFromDiskSpaceListW
SetupRemoveFromSourceListA
SetupRemoveFromSourceListW
SetupRemoveInstallSectionFromDiskSpaceListA
SetupRemoveInstallSectionFromDiskSpaceListW
SetupRemoveSectionFromDiskSpaceListA
SetupRemoveSectionFromDiskSpaceListW
SetupRenameErrorA
SetupRenameErrorW
SetupScanFileQueue
SetupScanFileQueueA
SetupScanFileQueueW
SetupSetDirectoryIdA
SetupSetDirectoryIdExA
SetupSetDirectoryIdExW
SetupSetDirectoryIdW
SetupSetPlatformPathOverrideA
SetupSetPlatformPathOverrideW
SetupSetSourceListA
SetupSetSourceListW
SetupTermDefaultQueueCallback
SetupTerminateFileLog
ShouldDeviceBeExcluded
StampFileSecurity
StringTableAddString
StringTableAddStringEx
StringTableDestroy
StringTableDuplicate
StringTableEnum
StringTableGetExtraData
StringTableInitialize
StringTableInitializeEx
StringTableLookUpString
StringTableLookUpStringEx
StringTableSetExtraData
StringTableStringFromId
StringTableTrim
TakeOwnershipOfFile
UnicodeToMultiByte
UnmapAndCloseFile
pSetupDirectoryIdToPath
pSetupGetField
pSetupGetOsLoaderDriveAndPath
pSetupGetVersionDatum
pSetupGuidFromString
pSetupIsGuidNull
pSetupMakeSurePathExists
pSetupStringFromGuid

Sections

.text
Size: 205KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
is/Setup.exe
.exe windows x86

e58263e3d76981c7bc11645789a2638f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

version

VerInstallFileA

kernel32

GetStartupInfoA
ExitProcess
GetCommandLineA
GetModuleHandleA
AddAtomA
LockResource
lstrcpyA
FindResourceExA
SetErrorMode
LocalFree
FormatMessageA
OpenEventA
FindResourceA
SetEvent
LoadResource
RemoveDirectoryA
GetAtomNameA
GetShortPathNameA
CreateDirectoryA
lstrcpynA
lstrlenA
lstrcatA
GetLastError
GetFileAttributesA
SetFileAttributesA
GlobalLock
GlobalAlloc
GetPrivateProfileIntA
GetPrivateProfileStringA
CopyFileA
DeleteFileA
GetUserDefaultLangID
GlobalUnlock
GlobalFree
GetModuleFileNameA
RtlUnwind
Sleep
CloseHandle
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetTempPathA
WaitForSingleObject
CreateProcessA
CreateFileA
GetTempFileNameA

user32

GetDC
ReleaseDC
PeekMessageA
CreateDialogParamA
EndPaint
MessageBoxA
GetWindowLongA
EndDialog
BeginPaint
DispatchMessageA
SetWindowLongA
DialogBoxIndirectParamA
DestroyWindow
CreateDialogIndirectParamA
SetDlgItemTextA
GetClientRect
GetWindowRect
MoveWindow
CharLowerA
wsprintfA
IsDialogMessageA
TranslateMessage
GetDlgItem
LoadImageA
SendMessageA
CharUpperA
CharNextA
GetDesktopWindow

gdi32

BitBlt
UnrealizeObject
GetObjectA
GetDeviceCaps
CreateHalftonePalette
CreatePalette
GetSystemPaletteEntries
GetDIBColorTable
SelectPalette
RealizePalette
DeleteDC
CreateCompatibleDC
SelectObject

advapi32

RegOpenKeyA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

ole32

CoInitialize
CoFreeAllLibraries
CoUninitialize
CoCreateInstance

oleaut32

SysAllocString
SysAllocStringLen
SysFreeString
VariantClear
SafeArrayGetElement
SysStringLen
SafeArrayGetLBound
SafeArrayGetUBound

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
is/Setup.ini
is/data1.cab
is/data1.hdr
is/data2.cab
is/ikernel.ex_
is/layout.bin
is/setup.bmp
is/setup.inx
launch.exe
.exe windows x86

aac2cba515ea70fe0d1eecabb915a205

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WaitForSingleObject
CreateProcessA
lstrlenA
LocalFree
FormatMessageA
GetPrivateProfileStringA
CreateThread
WriteFile
SizeofResource
CreateFileA
LockResource
LoadResource
FindResourceA
GetWindowsDirectoryA
Sleep
DeleteFileA
FindClose
FindNextFileA
FindFirstFileA
CreateDirectoryA
GetTempPathA
GetFileSize
CopyFileA
GetPrivateProfileIntA
FreeLibrary
GetDiskFreeSpaceA
GetProcAddress
LoadLibraryA
GetTempFileNameA
SetFileAttributesA
RemoveDirectoryA
GetModuleHandleA
GetVersion
GetCommandLineA
ExitProcess
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetSystemDirectoryA
lstrcatA
lstrcpyA
GetLastError
lstrcpynA
OpenFile
GetModuleFileNameA
lstrcmpA
GetStartupInfoA
GetUserDefaultLCID

user32

GetMessageA
UpdateWindow
ShowWindow
CreateWindowExA
RegisterClassA
LoadCursorA
LoadIconA
DefWindowProcA
PostQuitMessage
DialogBoxParamA
wsprintfA
LoadStringA
SetDlgItemTextA
SetWindowTextA
EnableWindow
GetDlgItem
SendMessageA
EndDialog
PostMessageA
SetWindowLongA
GetWindowLongA
InvalidateRect
ReleaseDC
GetDC
CallWindowProcA
EndPaint
BeginPaint
DrawTextA
FillRect
GetSysColor
GetClientRect
DispatchMessageA
MessageBoxA
GetWindowRect
GetSystemMetrics
SetWindowPos
FindWindowA
IsWindow
RegisterWindowMessageA
TranslateMessage

gdi32

DeleteObject
CreateSolidBrush
SaveDC
SetBkMode
SetTextColor
RestoreDC

comctl32

ord17

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
launch.exe.manifest
.xml
launch.ini
manual/manualuk.pdf
.pdf
misc/WMFDist.exe
.exe windows x86

5b5affe5cc3d8e2098fc60270b23e0a6

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12-05-1997 00:00

Not After

07-01-2004 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28-02-2001 00:00

Not After

06-01-2004 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10-01-1997 07:00

Not After

31-12-2020 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:06:2a:8d:00:00:00:00:00:0b
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

29-03-2001 21:27

Not After

29-05-2002 21:37

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2001 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10-12-2000 08:00

Not After

12-11-2005 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
FreeSid
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA

kernel32

LocalAlloc
GetLastError
GetCurrentProcess
LoadLibraryA
CloseHandle
LocalFree
GetFileAttributesA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrlenA
lstrcmpiA
lstrcatA
GetShortPathNameA
GetSystemDirectoryA
RemoveDirectoryA
lstrcpyA
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
GetModuleFileNameA
FindClose
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
IsDBCSLeadByte
ExitProcess
GetProcAddress
GetStartupInfoA
GetCommandLineA
LoadResource
FindResourceA
CreateMutexA
SetEvent
CreateEventA
SetCurrentDirectoryA
CreateThread
ResetEvent
TerminateThread
GetVersionExA
FreeLibrary
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
FreeResource
LockResource
SizeofResource
CreateFileA
ReadFile
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetTempFileNameA
GetSystemInfo
GetDriveTypeA
lstrcpynA
GetVolumeInformationA
GetCurrentDirectoryA
LoadLibraryExA
GetModuleHandleA
CreateDirectoryA
ExpandEnvironmentStringsA
FormatMessageA
EnumResourceLanguagesA
MulDiv
GetDiskFreeSpaceA

gdi32

GetDeviceCaps

user32

ExitWindowsEx
CharNextA
CharUpperA
CharPrevA
SetWindowLongA
wsprintfA
GetWindowLongA
CallWindowProcA
GetDlgItem
SetForegroundWindow
SetWindowTextA
SendDlgItemMessageA
EnableWindow
GetDesktopWindow
EndDialog
DispatchMessageA
LoadStringA
PeekMessageA
MessageBoxA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
ShowWindow
DialogBoxIndirectParamA
SetDlgItemTextA
MessageBeep
SendMessageA
GetDlgItemTextA
MsgWaitForMultipleObjects
GetSystemMetrics

comctl32

ord17

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
misc/fr2.ico
setup.exe
.exe windows x86

569b0088f2a86b7dcb86ade4dd2b8715

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

advapi32

RegCloseKey
RegDeleteValueA
RegOpenKeyA
RegQueryValueExA

user32

CharUpperA
FindWindowA
MessageBoxA
SetForegroundWindow

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateMutexA
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
ExitThread
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
GetCurrentThread
GetEnvironmentStrings
GetFileType
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStdHandle
GetUserDefaultLangID
GetVersionExA
GetVersion
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
OpenMutexA
OutputDebugStringA
SetConsoleCtrlHandler
SetCurrentDirectoryA
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEvent
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile

Sections

AUTO
Size: 28KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 7KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Leia-me IMPORTANTE.txt
Windows Media Source Filter/ApplyPatch.bat
Windows Media Source Filter/Como instalar manualmente.txt
Windows Media Source Filter/DSFMgr.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 532KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 261KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Windows Media Source Filter/How to Install.txt
Windows Media Source Filter/drmclien.dll
.dll regsvr32 windows x86

b6eb7ba9e9c9322a51168b94c8e169dd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetProcAddress
SetCurrentDirectoryA
GetCurrentDirectoryA
SetCurrentDirectoryW
GetCurrentDirectoryW
WideCharToMultiByte
MultiByteToWideChar
CreateDirectoryA
GetWindowsDirectoryA
GetWindowsDirectoryW
CreateDirectoryW
SetFileAttributesA
lstrcmpA
GetSystemDirectoryA
SetFileAttributesW
GetSystemDirectoryW
GetLocalTime
WaitForSingleObject
ReleaseMutex
GetCurrentThreadId
GetSystemInfo
SetEvent
ResumeThread
SetThreadPriority
SetThreadAffinityMask
CreateThread
GetProcessAffinityMask
FreeLibrary
LoadLibraryA
DeleteFileA
GetSystemTime
DeviceIoControl
GetVersion
lstrcmpiA
ReadFile
WriteFile
WaitNamedPipeA
ResetEvent
CreateEventA
Sleep
GlobalFree
GlobalHandle
GetModuleHandleA
FlushFileBuffers
SetFilePointer
GlobalAlloc
VirtualFree
VirtualAlloc
GetModuleFileNameA
DuplicateHandle
GetCurrentThread
ExitThread
FlushInstructionCache
VirtualProtect
DeleteCriticalSection
InitializeCriticalSection
SetErrorMode
GetVersionExA
CreateMutexA
CreateFileW
GetLogicalDriveStringsA
GetFileAttributesA
CloseHandle
CreateFileA
GetFileSize
GetLastError
FindFirstFileW
FindNextFileW
FindClose
FindFirstFileA
FindNextFileA
CopyFileW
lstrcatA
DeleteFileW
GetCurrentProcess
CopyFileA
EnterCriticalSection
lstrcpyA
GetDriveTypeA
lstrlenA
LocalFree
LocalReAlloc
LocalAlloc
GetTickCount
LeaveCriticalSection
GetVolumeInformationA
QueryDosDeviceA
GetModuleHandleW
GetCurrentProcessId
QueryPerformanceCounter
GlobalMemoryStatus
GetDiskFreeSpaceA
GetComputerNameA

user32

CharUpperA
wsprintfW
LoadImageA
LoadIconA
CharLowerA
CharNextW
CharNextA
wsprintfA

advapi32

GetAce
OpenSCManagerA
CloseServiceHandle
GetFileSecurityW
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
GetAclInformation
GetLengthSid
EqualSid
AddAce
InitializeAcl
SetFileSecurityW
FreeSid
SetSecurityDescriptorDacl
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegEnumKeyExA
RegQueryValueExA
RegEnumKeyA
RegOpenKeyA
GetUserNameA

ole32

CoCreateGuid
CoTaskMemAlloc
CLSIDFromString
StringFromCLSID
CoTaskMemFree

msvcrt

printf
atoi
_ultoa
_strnicmp
_strupr
memcpy
??3@YAXPAX@Z
_close
_read
_filelength
_open
??2@YAPAXI@Z
sprintf
fclose
fread
fwrite
fopen
_wfopen
wcscat
strrchr
wcsrchr
wcscpy
toupper
fseek
rename
_wrename
_unlink
_wunlink
wcslen
wcscmp
time
strncpy
memset
strncmp
_except_handler3
_stricmp
__CxxFrameHandler
_EH_prolog
_CxxThrowException
strstr
strcpy
sscanf
_purecall
isdigit
strcmp
_onexit
strlen
strcat
_memccpy
__dllonexit
_adjust_fdiv
free
_initterm
malloc
??1type_info@@UAE@XZ

Exports

Exports

??0CDRMLiteCrypto@@QAE@XZ
??1CDRMLiteCrypto@@QAE@XZ
?BackupLicenses@CDRMLiteCrypto@@QAEJKPAGPAUIUnknown@@PAHPAX@Z
?EncryptIndirect@CDRMLiteCrypto@@QAEJPBDKPAE1@Z
?GetLicenses@CDRMLiteCrypto@@QAEJPBDPAUPMLICENSE@@PAKKPAX2PAE@Z
?GetPublicKey@CDRMLiteCrypto@@QAEJPAUPKCERT@@@Z
?QueryXferToPMEx@CDRMLiteCrypto@@QAEJPBDKPAKPAEK2K12@Z
?RestoreLicenses@CDRMLiteCrypto@@QAEJKPAEPAGPAUIUnknown@@PAHPAX@Z
Bind
BindEx
CanDecrypt
CanDecryptEx
CreatePMLicense
Decrypt
DllMain
DllRegisterServer
DllUnregisterServer
Encrypt
GenerateNewLicense
GetPMLicenseFileName
GetPMLicenseSize
GetVersion
InitAppCerts
KeyExchange
ProcessResponse
QueryXferToPM
RequestLicense
SetAppSec
SetLicenseStore

Sections

.text
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows Media Source Filter/dxmasf.dll
.dll regsvr32 windows x86

2504fe809a63cba073275d10a0357ffb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_adjust_fdiv
_initterm
printf
isdigit
_strcmpi
isxdigit
strncpy
toupper
ceil
__CxxFrameHandler
strtoul
_EH_prolog
fread
getenv
sscanf
_iob
??3@YAXPAX@Z
fprintf
exit
realloc
calloc
strncmp
malloc
free
fopen
strrchr
fclose
atol
tolower
isspace
wcschr
_strnicmp
wcsspn
_wtol
wcsncmp
iswctype
wcstok
_setjmp3
memmove
time
swprintf
wcscpy
_wcsicmp
sprintf
_stricmp
_strlwr
strstr
longjmp
_strupr
wcslen
strchr
_snprintf
wcsstr
_wcsnicmp
_purecall
_ftol
??2@YAPAXI@Z

kernel32

CompareStringA
SetFilePointer
GetSystemInfo
VirtualAlloc
DeleteCriticalSection
CloseHandle
InitializeCriticalSection
ReadFile
GetFileSize
GlobalAlloc
CreateFileMappingA
MapViewOfFile
GlobalFree
UnmapViewOfFile
lstrcpynA
lstrcmpiA
lstrcatA
lstrcpyA
FormatMessageA
lstrcmpA
LocalFree
FileTimeToLocalFileTime
LocalAlloc
GetTempPathA
GetTempFileNameA
FileTimeToSystemTime
WriteFile
DeleteFileA
CreateFileA
Sleep
GetTickCount
GetLocaleInfoA
InterlockedExchange
GetACP
GetVersionExA
DisableThreadLibraryCalls
lstrlenA
MultiByteToWideChar
GetLastError
GetModuleFileNameA
InterlockedIncrement
FreeLibrary
InterlockedDecrement
LoadLibraryA
LeaveCriticalSection
EnterCriticalSection
CreateSemaphoreA
VirtualFree
WaitForSingleObject
ReleaseSemaphore
RaiseException
CreateEventA
CreateThread
SetEvent
ResetEvent
GetProcAddress
GetModuleHandleA
WideCharToMultiByte

gdi32

SelectObject
GetStockObject
CreateDIBSection
CreateCompatibleDC
BitBlt
StretchBlt
DeleteObject
DeleteDC

user32

SetTimer
SetDlgItemInt
CharNextA
GetDlgItemInt
SetFocus
SendDlgItemMessageA
LoadIconA
DialogBoxParamA
EndDialog
SetDlgItemTextA
ReleaseDC
KillTimer
EnableWindow
DrawIconEx
FillRect
LoadImageA
CheckDlgButton
IsDlgButtonChecked
LoadStringA
MessageBoxA
DispatchMessageA
ShowWindow
DefWindowProcA
MsgWaitForMultipleObjects
GetDlgItem
SendMessageA
GetDC
GetDesktopWindow
wvsprintfA
TranslateMessage
GetDlgItemTextA
DestroyWindow
LoadStringW
wsprintfA
MoveWindow
InvalidateRect
PeekMessageA
GetWindowRect
GetWindowLongA
CreateDialogParamA
SetWindowLongA

ole32

CoUninitialize
CoFreeUnusedLibraries
CoCreateInstance
CoInitialize
CoTaskMemAlloc
StringFromGUID2
CoTaskMemFree
CLSIDFromString

oleaut32

SysStringLen
SysAllocString
SysAllocStringLen
SysFreeString

winmm

timeSetEvent
timeKillEvent
timeGetDevCaps
timeGetTime

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

urlmon

URLDownloadToCacheFileA

wininet

GetUrlCacheEntryInfoA
InternetCrackUrlA
InternetCanonicalizeUrlA

drmclien

??1CDRMLiteCrypto@@QAE@XZ
ord5
ord4
ord6
ord3
ord9
??0CDRMLiteCrypto@@QAE@XZ
ord7

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
UtilLoadImage

Sections

.text
Size: 292KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Windows Media Source Filter/msadds32.ax
.dll regsvr32 windows x86

308fb30ad514681fe3fc0e7a397a2348

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12-05-1997 00:00

Not After

07-01-2004 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28-02-2001 00:00

Not After

06-01-2004 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10-01-1997 07:00

Not After

31-12-2020 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:06:2a:8d:00:00:00:00:00:0b
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

29-03-2001 21:27

Not After

29-05-2002 21:37

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2001 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10-12-2000 08:00

Not After

12-11-2005 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetThreadPriority
ResumeThread
MulDiv
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
FindResourceA
LoadResource
SizeofResource
LockResource
GetModuleFileNameA
lstrlenA
GetLastError
GetVersionExA
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
FreeLibrary

user32

UnregisterClassA
CreateWindowExA
IsWindow
ReleaseDC
GetDC
GetMessageA
SendMessageA
EnableWindow
GetDlgItem
GetWindowLongA
DefWindowProcA
SetWindowLongA
PostQuitMessage
MapDialogRect
wsprintfA
CreateDialogParamA
MoveWindow
InvalidateRect
ShowWindow
DestroyWindow
LoadStringA
LoadStringW
GetWindowRect
GetDesktopWindow
RegisterClassExA
KillTimer
SetTimer
DispatchMessageA
TranslateMessage

gdi32

StretchDIBits

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegCreateKeyA
RegQueryValueExA
RegOpenKeyA
RegSetValueExA
RegDeleteKeyA
RegSetValueA
RegCloseKey

ole32

StringFromGUID2
CoTaskMemFree
CoFreeUnusedLibraries
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemAlloc

msvcrt

_endthreadex
??2@YAPAXI@Z
sprintf
_strnicmp
??3@YAXPAX@Z
_purecall
_beginthreadex
_ftol
rand
_CIpow

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Windows Media Source Filter/qasf 6.03.dll
.dll regsvr32 windows x86

630294790a2e6613e2dec825b4dfc767

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_purecall
??3@YAXPAX@Z
??2@YAPAXI@Z
_except_handler3
wcscpy
_ftol
swprintf
_wtoi
wcscat
wcslen

kernel32

EnterCriticalSection
LeaveCriticalSection
lstrcpynW
CloseHandle
CreateEventW
SetEvent
DeleteCriticalSection
ResetEvent
WaitForSingleObject
ReleaseSemaphore
GetSystemInfo
VirtualFree
lstrcmpW
LoadLibraryW
InitializeCriticalSection
CreateSemaphoreW
VirtualAlloc
GetProcAddress
GetModuleHandleW
InterlockedDecrement
GetLastError
InterlockedExchange
GetTickCount
CreateThread
GetModuleFileNameA
FreeLibrary
InterlockedIncrement
GetCurrentThreadId
lstrlenA
RaiseException
LocalFree
LocalAlloc
GetVersionExA
LoadLibraryA
DeviceIoControl
GetCurrentProcessId
GetLocalTime
QueryPerformanceCounter
GlobalMemoryStatus
GetDiskFreeSpaceA
GetComputerNameA
MultiByteToWideChar
lstrlenW
GetVersionExW
DisableThreadLibraryCalls
lstrcpyW
SetThreadPriority

gdi32

GetTextExtentPointW

user32

GetDC
GetDlgItem
GetDesktopWindow
GetWindowRect
DefWindowProcW
DestroyWindow
ShowWindow
MoveWindow
wsprintfW
CreateDialogParamW
SetWindowLongW
GetWindowLongW
InvalidateRect
ReleaseDC
SendMessageW
LoadStringW

advapi32

RegSetValueW
RegCreateKeyW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegQueryValueExA
RegSetValueExA
GetUserNameA
RegDeleteKeyW
RegCreateKeyExA

ole32

CoUninitialize
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoFreeUnusedLibraries
CoInitialize
CoCreateInstance

oleaut32

SysAllocStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Windows Media Source Filter/qasf 6.05.dll
.dll regsvr32 windows x64

eec10d5ef50bcff82c93a4c1a7e91bea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

memset
memcpy
??2@YAPEAX_K@Z
memcmp
??3@YAXPEAX@Z
swprintf

ntdll

RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind

kernel32

CreateSemaphoreW
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
lstrlenW
MultiByteToWideChar
lstrlenA
GetLastError
GetModuleFileNameA
GetVersionExW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
lstrcmpW
lstrcpynW
CloseHandle
CreateEventW
WaitForSingleObject
ReleaseSemaphore
GetSystemInfo
VirtualFree
VirtualAlloc
FreeLibrary
LoadLibraryW
GetProcAddress

user32

wsprintfW

advapi32

RegSetValueExW
RegCreateKeyW
RegSetValueW
RegDeleteKeyW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey

ole32

CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoUninitialize
CoFreeUnusedLibraries

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Windows Media Source Filter/strmdll.dll
.dll windows x86

fd60bf659789901aec0ab13e42a21958

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCurrentThreadId
DeleteCriticalSection
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
GetTickCount
TerminateThread
GetSystemInfo
SetThreadPriority
GetCurrentThread
SetEvent
LoadLibraryA
GetModuleFileNameA
Sleep
WideCharToMultiByte
ReleaseMutex
GetModuleHandleA
CreateFileA
CreateSemaphoreA
ReleaseSemaphore
ResetEvent
WaitForMultipleObjects
lstrlenA
GetTempPathA
WriteFile
IsBadStringPtrA
SetLastError
GetComputerNameA
GetProcAddress
GetVersion
FreeLibrary
ExitThread
CreateMutexA
InitializeCriticalSection
GetCurrentProcessId
CreateThread
GetLastError
CreateEventA
GetVersionExA
WaitForSingleObject
CloseHandle
SetFilePointer
ReadFile
InterlockedIncrement
InterlockedDecrement

user32

CreateWindowExA
GetWindowTextA
wsprintfA
DestroyWindow
UnregisterClassA
PostMessageA
KillTimer
SetWindowLongA
SetWindowPos
RegisterClassA
DispatchMessageA
GetMessageA
SetTimer
PeekMessageA
DefWindowProcA
GetWindowLongA
PostQuitMessage
SetWindowTextA
EndDialog
GetDlgItem
GetActiveWindow
SendMessageA
GetForegroundWindow
GetParent
DialogBoxParamA
SetForegroundWindow
GetDesktopWindow
IsIconic
IsWindowVisible
OffsetRect
GetWindowRect
CopyRect
CharToOemBuffA

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CLSIDFromString
CoTaskMemFree
CoTaskMemAlloc

oleaut32

SysAllocString

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RevertToSelf
RegSetValueExA
LookupAccountSidA
ImpersonateLoggedOnUser
OpenThreadToken
GetUserNameA
GetTokenInformation

wsock32

WSAAsyncGetHostByName
bind
gethostbyaddr
ioctlsocket
send
recvfrom
getsockname
ntohs
setsockopt
htons
connect
WSAGetLastError
WSAAsyncSelect
WSACleanup
WSAStartup
shutdown
inet_ntoa
recv
closesocket
gethostbyname
gethostname
socket

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

msvcrt

strftime
gmtime
_except_handler3
isspace
malloc
_itow
strchr
sscanf
srand
rand
strpbrk
wcschr
iswspace
_wcsnicmp
wcsncpy
swscanf
swprintf
_ltoa
strncpy
_stricmp
?terminate@@YAXXZ
_onexit
__dllonexit
_adjust_fdiv
_initterm
time
strtod
sprintf
_ftol
wcslen
wcscpy
??3@YAXPAX@Z
??2@YAPAXI@Z
_purecall
_strnicmp
memmove
strstr
_snprintf
strncmp
__CxxFrameHandler
_EH_prolog
_strlwr
strspn
strcspn
ceil
free
atoi
isxdigit
isdigit
toupper

Exports

Exports

CreateAsfFormatSet
NSSecurityLibraryInit
SelectCrabis
SelectHelper
SelectMediaStream

Sections

.text
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 187B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3Certificate

4a:29:3e:9d:1d:8c:40:7f:17:49:ff:7d:61:5f:8e:75Certificate

Extended Key Usages

Key Usages

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9dCertificate

Extended Key Usages

Key Usages

74:e2:72:f8:cf:91:e4:02:60:59:ee:44:a8:f6:38:45Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Sections

NOS0 Size: - Virtual size: 208KB

NOS1 Size: 149KB - Virtual size: 152KB

.rsrc Size: 3KB - Virtual size: 4KB

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3Certificate

4a:29:3e:9d:1d:8c:40:7f:17:49:ff:7d:61:5f:8e:75Certificate

Extended Key Usages

Key Usages

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9dCertificate

Extended Key Usages

Key Usages

74:e2:72:f8:cf:91:e4:02:60:59:ee:44:a8:f6:38:45Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Sections

NOS0 Size: - Virtual size: 208KB

NOS1 Size: 149KB - Virtual size: 152KB

.rsrc Size: 3KB - Virtual size: 4KB

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3Certificate

4a:29:3e:9d:1d:8c:40:7f:17:49:ff:7d:61:5f:8e:75Certificate

Extended Key Usages

Key Usages

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9dCertificate

Extended Key Usages

Key Usages

74:e2:72:f8:cf:91:e4:02:60:59:ee:44:a8:f6:38:45Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Sections

NOS0 Size: - Virtual size: 208KB

NOS1 Size: 149KB - Virtual size: 152KB

.rsrc Size: 3KB - Virtual size: 4KB

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3Certificate

4a:29:3e:9d:1d:8c:40:7f:17:49:ff:7d:61:5f:8e:75Certificate

Extended Key Usages

Key Usages

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9dCertificate

Extended Key Usages

Key Usages

74:e2:72:f8:cf:91:e4:02:60:59:ee:44:a8:f6:38:45Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Sections

NOS0 Size: - Virtual size: 208KB

NOS1 Size: 149KB - Virtual size: 152KB

.rsrc Size: 3KB - Virtual size: 4KB

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3Certificate

4a:29:3e:9d:1d:8c:40:7f:17:49:ff:7d:61:5f:8e:75Certificate

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

4a:29:3e:9d:1d:8c:40:7f:17:49:ff:7d:61:5f:8e:75
Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

74:e2:72:f8:cf:91:e4:02:60:59:ee:44:a8:f6:38:45
Certificate

NOS0
Size: - Virtual size: 208KB

NOS1
Size: 149KB - Virtual size: 152KB

.rsrc
Size: 3KB - Virtual size: 4KB

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

4a:29:3e:9d:1d:8c:40:7f:17:49:ff:7d:61:5f:8e:75
Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

74:e2:72:f8:cf:91:e4:02:60:59:ee:44:a8:f6:38:45
Certificate

NOS0
Size: - Virtual size: 208KB

NOS1
Size: 149KB - Virtual size: 152KB

.rsrc
Size: 3KB - Virtual size: 4KB

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

4a:29:3e:9d:1d:8c:40:7f:17:49:ff:7d:61:5f:8e:75
Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

74:e2:72:f8:cf:91:e4:02:60:59:ee:44:a8:f6:38:45
Certificate

NOS0
Size: - Virtual size: 208KB

NOS1
Size: 149KB - Virtual size: 152KB

.rsrc
Size: 3KB - Virtual size: 4KB

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

4a:29:3e:9d:1d:8c:40:7f:17:49:ff:7d:61:5f:8e:75
Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

74:e2:72:f8:cf:91:e4:02:60:59:ee:44:a8:f6:38:45
Certificate

NOS0
Size: - Virtual size: 208KB

NOS1
Size: 149KB - Virtual size: 152KB

.rsrc
Size: 3KB - Virtual size: 4KB

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

4a:29:3e:9d:1d:8c:40:7f:17:49:ff:7d:61:5f:8e:75
Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

74:e2:72:f8:cf:91:e4:02:60:59:ee:44:a8:f6:38:45
Certificate

NOS0
Size: - Virtual size: 208KB

NOS1
Size: 149KB - Virtual size: 152KB

.rsrc
Size: 3KB - Virtual size: 4KB

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

6d:a2:7a:e9:29:2e:b6:dd:c0:a8:00:1d:47:6e:3b:69
Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

1a:45:42:d3:8a:e6:ae:cc:1d:e4:1a:b6:97:18:c7:c3
Certificate

NOS0
Size: - Virtual size: 208KB

NOS1
Size: 149KB - Virtual size: 152KB

.rsrc
Size: 3KB - Virtual size: 4KB

.text
Size: 368KB - Virtual size: 366KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 32KB - Virtual size: 38KB

.rsrc
Size: 64KB - Virtual size: 62KB

.text
Size: 24KB - Virtual size: 21KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 12KB - Virtual size: 9KB