HP3NMX[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

HP3NMX.rar
Size

640.6MB
MD5

0ac53d4f5bdc77bcf84e8b17dfeaf69f
SHA1

45d7de6f929b1bc963858817ece737ede5659a2a
SHA256

7b7ff70cd0c273ddad4aa0df1e6b3480ceaea69143d801f15c9a55eb6d6baa52
SHA512

ca32ccf61194bf663c89bde228e1045119053021a473b45dbe890e9793fb607dad8a6a98020487e8908a2b5961db75b345cb0684f80d367ef08238ae138093f8
SSDEEP

12582912:ihUqqOiHFFYCiH96ljWm/uM4iz0QCcSr972EVafyFNEBWUjAfZqUkaGAwqOpz8zl:uzqOWG96ljWm/MW0XcSRVafANEBWUjCV

Score

1^/10

Malware Config

Signatures

Files

HP3NMX.rar
.rar
HP3.iso
.iso
00000000.016
00000000.256
00000001.TMP
00000002.TMP
AutoRun.exe
.exe windows x86

f4b82001f0b99ef92fe9b27974ba8c70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
RtlUnwind
ExitProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
SetEnvironmentVariableA
ExitThread
CreateThread
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemInfo
GetStringTypeW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetLocaleInfoW
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
SetErrorMode
FileTimeToSystemTime
GetOEMCP
GetCPInfo
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
InterlockedIncrement
WritePrivateProfileStringA
GlobalFlags
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GlobalGetAtomNameA
GlobalFindAtomA
lstrcatA
lstrcmpW
WaitForSingleObject
ResumeThread
GlobalAddAtomA
MulDiv
lstrcpynA
GetCurrentThreadId
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
CreateFileA
GetFileTime
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
FileTimeToLocalFileTime
CreateDirectoryA
RemoveDirectoryA
CreateProcessA
GetExitCodeProcess
GetSystemDirectoryA
GetWindowsDirectoryA
GetTempPathA
LocalAlloc
GetCurrentProcess
GetCurrentThread
SetThreadPriority
GetLogicalDrives
GetDriveTypeA
GetShortPathNameA
FormatMessageA
LocalFree
SetLastError
GetDiskFreeSpaceA
GetUserDefaultLangID
GetFileAttributesA
SetFileAttributesA
DeleteFileA
CopyFileA
FindFirstFileA
FindNextFileA
FindClose
FindResourceA
LockResource
SizeofResource
FindResourceExA
LoadResource
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
SetCurrentDirectoryA
GetModuleHandleA
GetCurrentDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
Sleep
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetStringTypeA
InterlockedExchange

user32

GetMenuItemInfoA
InflateRect
GetSysColorBrush
LoadMenuA
DestroyMenu
UnpackDDElParam
ReuseDDElParam
ReleaseCapture
LoadAcceleratorsA
InvalidateRect
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
TrackPopupMenu
SetForegroundWindow
UpdateWindow
GetClientRect
GetMenu
AdjustWindowRectEx
ScreenToClient
EqualRect
GetClassInfoA
RegisterClassA
UnregisterClassA
CallWindowProcA
OffsetRect
IntersectRect
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
GetWindow
GetWindowTextA
SetWindowPos
SetFocus
ShowWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
SetMenuItemBitmaps
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetMessageA
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
GetLastActivePopup
ShowOwnedPopups
SetCursor
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PostMessageA
PostQuitMessage
GetDesktopWindow
GetActiveWindow
SetActiveWindow
GetSystemMetrics
GetSysColor
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
SendMessageA
EndDialog
PeekMessageA
TranslateMessage
DispatchMessageA
wsprintfA
ExitWindowsEx
SystemParametersInfoA
DefWindowProcA
MessageBoxA
LoadCursorA
EnableWindow
CharUpperA
DeferWindowPos

gdi32

TextOutA
RectVisible
PtVisible
BitBlt
DeleteObject
CreateFontIndirectA
GetTextExtentPoint32A
CreateCompatibleBitmap
CreateSolidBrush
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
GetPixel
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
ExtTextOutA

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegEnumKeyExA
LookupPrivilegeValueA
OpenProcessToken
FreeSid
RevertToSelf
AccessCheck
IsValidSecurityDescriptor
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
AddAccessAllowedAce
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegCreateKeyExA
RegSetValueExA
AdjustTokenPrivileges
RegDeleteKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
ImpersonateSelf
OpenThreadToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl

shell32

DragFinish
DragQueryFileA
ShellExecuteA

comctl32

ord17
ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

VariantClear
VariantInit
VariantChangeType

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 292KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
AutoRun/AutoRun.bmp
AutoRun/LocalizedTitles.cfg
AutoRun/Slide_000.bmp
AutoRun/Slide_001.bmp
AutoRun/Slide_002.bmp
AutoRun/Slide_003.bmp
AutoRun/Slide_004.bmp
AutoRun/Slide_005.bmp
AutoRun/Slide_006.bmp
AutoRun/Slide_007.bmp
AutoRun/Slide_008.bmp
AutoRun/Slide_009.bmp
AutoRun/Slide_010.bmp
AutoRun/Slide_011.bmp
AutoRun/Slide_012.bmp
AutoRun/Slide_013.bmp
AutoRun/Slide_014.bmp
AutoRun/autorun.cfg
AutoRunGUI.dll
.dll windows x86

63127aafbce8e41f71731dae3a1db142

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
ExitProcess
ExitThread
CreateThread
GetCommandLineA
GetSystemTimeAsFileTime
SetEnvironmentVariableA
TerminateProcess
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
VirtualQuery
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetLocaleInfoW
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
WritePrivateProfileStringA
FileTimeToSystemTime
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
RaiseException
SetErrorMode
InterlockedDecrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
WaitForSingleObject
ResumeThread
lstrcmpA
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
MulDiv
GlobalAlloc
lstrcpynA
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
CreateFileA
GetFileTime
FileTimeToLocalFileTime
FreeLibrary
CreateProcessA
GetExitCodeProcess
GetSystemDirectoryA
GetWindowsDirectoryA
GetTempPathA
LocalAlloc
GetCurrentProcess
GetCurrentThread
GetLogicalDrives
GetDriveTypeA
GetUserDefaultLangID
GetFileAttributesA
DeleteFileA
FindResourceExA
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
FormatMessageA
LocalFree
FindFirstFileA
FindNextFileA
FindClose
SetCurrentDirectoryA
LoadLibraryA
GetProcAddress
Sleep
GetCurrentDirectoryA
SetLastError
GetModuleHandleA
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
UnhandledExceptionFilter
InterlockedExchange

user32

LoadCursorA
GetSysColorBrush
DestroyMenu
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMessageA
GetCursorPos
ValidateRect
SetCursor
PostQuitMessage
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
ShowWindow
MoveWindow
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
GetKeyState
IsWindowVisible
UpdateWindow
GetClientRect
GetMenu
PostMessageA
GetSysColor
AdjustWindowRectEx
ScreenToClient
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
CallWindowProcA
SetWindowLongA
SetWindowPos
IsIconic
GetWindowPlacement
CopyRect
PtInRect
GetWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
PeekMessageA
TranslateMessage
DispatchMessageA
wsprintfA
SystemParametersInfoA
DefWindowProcA
GetTopWindow
GetWindowRect
RedrawWindow
GetSystemMenu
DeleteMenu
SetTimer
MessageBoxA
SetWindowTextA
SendMessageA
EnableWindow
SetForegroundWindow
CharUpperA
GetFocus

gdi32

PtVisible
DeleteObject
RectVisible
GetStockObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
GetDeviceCaps
SetMapMode
RestoreDC
SaveDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateDIBitmap
TextOutA

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
OpenProcessToken
FreeSid
RevertToSelf
AccessCheck
IsValidSecurityDescriptor
SetSecurityDescriptorOwner
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegDeleteKeyA
ImpersonateSelf
OpenThreadToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA
SHGetPathFromIDListA

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oleaut32

VariantClear
VariantInit
VariantChangeType

Exports

Exports

dllALLStartups
dllAdvancedUserDialog
dllAfterCDRequest
dllAfterCancelInstallGame
dllAfterCopyCacheFiles
dllAfterCreateDesktopItem
dllAfterCreateStartMenuItems
dllAfterDirectXInstall
dllAfterFlashInstall
dllAfterGameSpyInstall
dllAfterIE55Patch
dllAfterIEInstall
dllAfterLanguageSelection
dllAfterPatching
dllAfterRunGameInstallSpecificExe
dllAtStartup
dllBeforeALLRunGame
dllBeforeCDKey
dllBeforeCDRequest
dllBeforeCancelInstallGame
dllBeforeCopyCacheFiles
dllBeforeCreateDesktopItem
dllBeforeDirectXInstall
dllBeforeEReg
dllBeforeFlashInstall
dllBeforeGameSpyInstall
dllBeforeIE55Patch
dllBeforeIEInstall
dllBeforePatching
dllBeforeRunGameInstallSpecificExe
dllBeforeUnloadDLL
dllCopySize
dllDefaultDirectory
dllDefaultStartMenuDirectory
dllDemoDialog
dllDisplayAllDialogs
dllEULADialog
dllEntertainUser
dllEntertainUserWithSlideShow
dllGameSpyDialog
dllGetCompileDate
dllInstallDirectory
dllInstallationCompleted
dllLicenseDialog
dllMacromediaFlashDialog
dllMaximumPriorityCopied
dllMessageBox
dllPleaseWaitDialog
dllSelectLanguageDialog
dllSetDebugMode
dllSetERegDisplayName
dllSetFriendlyProductName
dllSetLanguage
dllSetProductTitle
dllSplashScreen
dllStartMenuDialog
dllToolsLicenseDialog
dllUserTypeDialog

Sections

.text
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 232KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Crack/Serial.txt
Crack/hppoa.exe
.exe windows x86

29c52e579482135abf364acc7da65cbd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

window

?GetBackText@WWizardPage@@UAEPBGXZ
?GetCancelText@WWizardPage@@UAEPBGXZ
?OnInitDialog@WDialog@@UAEXXZ
??0WWizardPage@@QAE@PBGHPAVWWizardDialog@@@Z
??0FDelegate@@QAE@PAVFCommandTarget@@P81@AEXXZ@Z
??0WButton@@QAE@PAVWWindow@@HUFDelegate@@P6GJPAUHWND__@@IIJ@Z@Z
??1WWizardPage@@UAE@XZ
??1WButton@@UAE@XZ
?OnClose@WWindow@@UAEHXZ
?OnDestroy@WWindow@@UAEXXZ
?OnCurrent@WWizardPage@@UAEXXZ
?GetFinishText@WWizardPage@@UAEPBGXZ
?GetShow@WWizardPage@@UAEHXZ
?OnCancel@WWizardPage@@UAEXXZ
??0WCrashBoxDialog@@QAE@PBG0@Z
?hInstanceWindow@@3PAUHINSTANCE__@@A
??1WCrashBoxDialog@@UAE@XZ
?EndDialog@WDialog@@QAEXH@Z
?OnInitDialog@WWizardDialog@@UAEXXZ
??BWWindow@@QBEPAUHWND__@@XZ
??0WWizardDialog@@QAE@XZ
??0WLabel@@QAE@PAVWWindow@@HP6GJPAUHWND__@@IIJ@Z@Z
?MaybeDestroy@WWindow@@QAEXXZ
??1WLabel@@UAE@XZ
??1WWizardDialog@@UAE@XZ
?Unused@FCommandTarget@@UAEXXZ
?Show@WDialog@@UAEXH@Z
?Serialize@WWindow@@UAEXAAVFArchive@@@Z
?DoDestroy@WWindow@@UAEXXZ
?WndProc@WWindow@@UAEJIIJ@Z
?CallDefaultProc@WDialog@@UAEHIIJ@Z
?InterceptControlCommand@WWindow@@UAEHIIJ@Z
?GetText@WWindow@@UAE?AVFString@@XZ
?SetText@WWindow@@UAEXPBG@Z
?GetLength@WWindow@@UAEHXZ
?OnCopyData@WWindow@@UAEXPAUHWND__@@PAUtagCOPYDATASTRUCT@@@Z
?OnSetFocus@WWindow@@UAEXPAUHWND__@@@Z
?OnKillFocus@WWindow@@UAEXPAUHWND__@@@Z
?GetBitmapHandle@FWindowsBitmap@@QAEPAUHBITMAP__@@XZ
?OpenWindow@WProperties@@QAEXPAUHWND__@@@Z
??0WObjectProperties@@QAE@VFName@@KPBGPAVWWindow@@H@Z
?ScrollCaret@WEdit@@QAEXXZ
?OnSize@WWindow@@UAEXKHH@Z
?OnWindowPosChanging@WWindow@@UAEXPAH000@Z
?GLogWindow@@3PAVWLog@@A
?OnCommand@WWindow@@UAEXH@Z
?GetNext@WWizardPage@@UAEPAV1@XZ
?OnActivate@WWindow@@UAEXH@Z
?OnChar@WWindow@@UAEXG@Z
?OnKeyDown@WWindow@@UAEXG@Z
?OnCut@WWindow@@UAEXXZ
?OnCopy@WWindow@@UAEXXZ
?OnPaste@WWindow@@UAEXXZ
?OnShowWindow@WWindow@@UAEXH@Z
?OnUndo@WWindow@@UAEXXZ
?OnEraseBkgnd@WWindow@@UAEHXZ
?OnVScroll@WWindow@@UAEXIJ@Z
?OnHScroll@WWindow@@UAEXIJ@Z
?OnKeyUp@WWindow@@UAEXIJ@Z
?OnPaint@WWindow@@UAEXXZ
?OnCreate@WWindow@@UAEXXZ
?OnDrawItem@WWindow@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?OnMeasureItem@WWindow@@UAEXPAUtagMEASUREITEMSTRUCT@@@Z
?OnEnterIdle@WWindow@@UAEXXZ
?OnMouseEnter@WWindow@@UAEXXZ
?OnMouseLeave@WWindow@@UAEXXZ
?OnMouseHover@WWindow@@UAEXXZ
?OnTimer@WWindow@@UAEXXZ
?OnReleaseCapture@WWindow@@UAEXXZ
?OnMdiActivate@WWindow@@UAEXH@Z
?OnMouseMove@WWindow@@UAEXKUFPoint@@@Z
?OnLeftButtonDown@WWindow@@UAEXXZ
?OnLeftButtonDoubleClick@WWindow@@UAEXXZ
?OnMiddleButtonDoubleClick@WWindow@@UAEXXZ
?OnRightButtonDoubleClick@WWindow@@UAEXXZ
?OnRightButtonDown@WWindow@@UAEXXZ
?OnLeftButtonUp@WWindow@@UAEXXZ
?OnRightButtonUp@WWindow@@UAEXXZ
?OnFinishSplitterDrag@WWindow@@UAEXPAVWDragInterceptor@@H@Z
?OnSetCursor@WWindow@@UAEHXZ
?OnClose@WWizardDialog@@UAEHXZ
?OnDestroy@WWizardDialog@@UAEXXZ
?MyDrawEdge@WWindow@@UAEXPAUHDC__@@PAUtagRECT@@H@Z
?DoModal@WDialog@@UAEHPAUHINSTANCE__@@@Z
?LocalizeText@WDialog@@UAEXPBG0@Z
?Advance@WWizardDialog@@UAEXPAVWWizardPage@@@Z
?RefreshPage@WWizardDialog@@UAEXXZ
?OnBack@WWizardDialog@@UAEXXZ
?OnNext@WWizardDialog@@UAEXXZ
?OnFinish@WWizardDialog@@UAEXXZ
?OnCancel@WWizardDialog@@UAEXXZ
??0FWindowsBitmap@@QAE@H@Z
?LoadFile@FWindowsBitmap@@QAEHPBG@Z
??1WCoolButton@@UAE@XZ
??0WCoolButton@@QAE@PAVWWindow@@HUFDelegate@@K@Z
?GetRoot@WConfigProperties@@UAEPAVFTreeItem@@XZ
?GetWindowClassName@WConfigProperties@@UAEXPAG@Z
?GetPackageName@WConfigProperties@@UAEPBGXZ
?Show@WWindow@@UAEXH@Z
?ExpandAll@WProperties@@UAEXXZ
?SetValue@WProperties@@UAEXPBG@Z
?BeginSplitterDrag@WProperties@@UAEXXZ
?ForceRefresh@WProperties@@UAEXXZ
?SetItemFocus@WProperties@@UAEXH@Z
?ResizeList@WProperties@@UAEXXZ
?GetDividerWidth@WProperties@@UAEHXZ
?GetRoot@WObjectProperties@@UAEPAVFTreeItem@@XZ
?OnDestroy@WProperties@@UAEXXZ
?OnSetCursor@WProperties@@UAEHXZ
?OnFinishSplitterDrag@WProperties@@UAEXPAVWDragInterceptor@@H@Z
?OnInitDialog@WWindow@@UAEXXZ
?OnPaint@WProperties@@UAEXXZ
?OnActivate@WProperties@@UAEXH@Z
?OnSize@WProperties@@UAEXKHH@Z
?CallDefaultProc@WWindow@@UAEHIIJ@Z
?GetWindowClassName@WObjectProperties@@UAEXPAG@Z
?DoDestroy@WProperties@@UAEXXZ
?GetPackageName@WObjectProperties@@UAEPBGXZ
?Show@WObjectProperties@@UAEXH@Z
?Serialize@WProperties@@UAEXAAVFArchive@@@Z
?SetNotifyHook@WWindow@@QAEXPAVFNotifyHook@@@Z
?OnSysCommand@WWindow@@UAEHH@Z
??0WConfigProperties@@QAE@VFName@@PBG@Z
??1WObjectProperties@@UAE@XZ
??1WConfigProperties@@UAE@XZ
?SetExec@WTerminal@@QAEXPAVFExec@@@Z
?Paste@WTerminal@@UAEXXZ
?TypeChar@WTerminal@@UAEXG@Z
?OnDestroy@WLog@@UAEXXZ
?OnClose@WLog@@UAEHXZ
?OnCreate@WLog@@UAEXXZ
?OnShowWindow@WLog@@UAEXH@Z
?OnCommand@WLog@@UAEXH@Z
?OnSize@WTerminal@@UAEXKHH@Z
?OnSetFocus@WTerminal@@UAEXPAUHWND__@@@Z
?OnCopyData@WLog@@UAEXPAUHWND__@@PAUtagCOPYDATASTRUCT@@@Z
?SetText@WLog@@UAEXPBG@Z
?WndProc@WLog@@UAEJIIJ@Z
?GetWindowClassName@WLog@@UAEXPAG@Z
?GetPackageName@WLog@@UAEPBGXZ
?OpenWindow@WLog@@QAEXHH@Z
??0WLog@@QAE@PBGAAPAVFArchive@@VFName@@PAVWWindow@@@Z
?InitWindowing@@YAXXZ
??1WLog@@UAE@XZ
?OnMove@WWindow@@UAEXHH@Z
??1FWindowsBitmap@@QAE@XZ

core

??0FString@@QAE@PBG@Z
?SetStopper@FArchive@@UAEXH@Z
?AttachLazyLoader@FArchive@@UAEXPAVFLazyLoader@@@Z
?DetachLazyLoader@FArchive@@UAEXPAVFLazyLoader@@@Z
?Flush@FArchive@@UAEXXZ
?GetError@FArchive@@UAEHXZ
?appStrchr@@YAPAGPBGH@Z
??4FString@@QAEAAV0@ABV0@@Z
?IsError@FArchive@@QAEHXZ
??4FString@@QAEAAV0@PBG@Z
?ParseParam@@YAHPBG0@Z
GIsSSE
?Logf@FOutputDevice@@QAAXPBGZZ
?IsA@UObject@@QBEHPAVUClass@@@Z
??YFString@@QAEAAV0@PBG@Z
??HFString@@QAE?AV0@PBG@Z
?IsChildOf@UStruct@@QBEHPBV1@@Z
?GetTransientPackage@UObject@@SAPAVUPackage@@XZ
?GError@@3PAVFOutputDeviceError@@A
?StaticConstructObject@UObject@@SAPAV1@PAVUClass@@PAV1@VFName@@K1PAVFOutputDevice@@1@Z
?StaticLoadClass@UObject@@SAPAVUClass@@PAV2@PAV1@PBG2KPAVUPackageMap@@@Z
??0FArray@@QAE@XZ
?Add@FArray@@QAEHHH@Z
??0FFileManager@@QAE@XZ
?Init@FFileManager@@UAEXH@Z
?CalcHomeDir@FFileManager@@UAEPBGXZ
?GIsSlowTask@@3HA
?appGetVarArgs@@YAHPAGHAAPBG@Z
??0FFeedbackContext@@QAE@XZ
?GIsClient@@3HA
?GIsEditor@@3HA
?GIsStarted@@3HA
?LocalizeError@@YAPBGPBG00@Z
?GLog@@3PAVFOutputDevice@@A
?appGetSystemErrorMessage@@YAPBGH@Z
?StaticShutdownAfterError@UObject@@SAXXZ
?GErrorHist@@3PAGA
?appStrncpy@@YAPAGPAGPBGH@Z
?appStrncat@@YAPAGPAGPBGH@Z
?GIsGuarded@@3HA
?LocalizeError@@YAPBGPBDPBG1@Z
?appRequestExit@@YAXH@Z
??0FOutputDeviceError@@QAE@XZ
?Flush@FOutputDevice@@UAEXXZ
?GIsCriticalError@@3HA
?SafeSuppressed@FName@@SAHW4EName@@@Z
?appUserDir@@YAPBGXZ
?appCmdLine@@YAPBGXZ
?Parse@@YAHPBG0PAGH@Z
?appPackage@@YAPBGXZ
?appStrcat@@YAPAGPAGPBG@Z
?GNull@@3PAVFOutputDevice@@A
?GFileManager@@3PAVFFileManager@@A
?SafeString@FName@@SAPBGW4EName@@@Z
?appSprintf@@YAHPAGPBGZZ
?GLogHook@@3PAVFOutputDevice@@A
?appTimestamp@@YAPBGXZ
?Logf@FOutputDevice@@QAAXW4EName@@PBGZZ
??0FOutputDevice@@QAE@XZ
?GPageSize@@3KA
?GObjObjects@UObject@@0V?$TArray@PAVUObject@@@@A
??0FMalloc@@QAE@XZ
?GIsRunning@@3HA
?appStrfind@@YAPBGPBG0@Z
?appInit@@YAXPBG0PAVFMalloc@@PAVFOutputDevice@@PAVFOutputDeviceError@@PAVFFeedbackContext@@PAVFFileManager@@P6APAVFConfigCache@@XZH@Z
?GIsServer@@3HA
?GIsScriptable@@3HA
?GLazyLoad@@3HA
?appPreExit@@YAXXZ
?appExit@@YAXXZ
?LocalizeGeneral@@YAPBGPBG00@Z
?Log@FOutputDevice@@QAEXW4EName@@PBG@Z
?GUserIni@@3PAGA
?appStrcmp@@YAHPBG0@Z
?appStrstr@@YAPAGPBG0@Z
??8FString@@QBEHABV0@@Z
??8FString@@QBEHPBG@Z
?Log@FOutputDevice@@QAEXPBG@Z
?appAtof@@YAMPBG@Z
?appStaticString1024@@YAPAGXZ
??0FArray@@IAE@HH@Z
?winGetSizeUNICODE@@YAHPBD@Z
?winToUNICODE@@YAPAGPAGPBDH@Z
?Empty@FArray@@QAEXHH@Z
??DFString@@QBE?AV0@PBG@Z
??DFString@@QBE?AV0@ABV0@@Z
?GetPathName@UObject@@QBEPBGPAV1@PAG@Z
?LeftChop@FString@@QBE?AV1@H@Z
?appSystemTime@@YAXAAH0000000@Z
?GMachineVideo@@3PAGA
?GMachineCPU@@3PAGA
?GMachineOS@@3PAGA
?GBuildLabel@@3PAGA
??0FString@@QAE@ABV0@@Z
??YFString@@QAEAAV0@ABV0@@Z
?Parse@@YAHPBG0AAM@Z
?appRand@@YAHXZ
?appSaveStringToFile@@YAHABVFString@@PBGPAVFFileManager@@K@Z
?appLoadFileToString@@YAHAAVFString@@PBGPAVFFileManager@@@Z
?GWindowManager@@3PAVUSubsystem@@A
?appSleep@@YAXM@Z
?GScriptCycles@@3HA
?Parse@@YAHPBG0AAH@Z
?GIsBenchmarking@@3HA
?appRandInit@@YAXH@Z
?GetOuter@UObject@@QBEPAV1@XZ
?GExec@@3PAVFExec@@A
?Printf@FString@@SA?AV1@PBGZZ
?Parse@@YAHPBG0AAVFString@@@Z
??0FName@@QAE@W4EName@@@Z
?appSqrt@@YANN@Z
?ParseCommand@@YAHPAPBGPBG@Z
?StaticClass@UClass@@SAPAV1@XZ
?ParseObject@@YAHPBG0PAVUClass@@AAPAVUObject@@PAV2@@Z
?GetDefaultActor@UClass@@QAEPAVAActor@@XZ
??0FName@@QAE@PBGW4EFindName@@@Z
?StaticLoadObject@UObject@@SAPAV1@PAVUClass@@PAV1@PBG2KPAVUPackageMap@@@Z
?ExportToOutputDevice@UExporter@@SAXPAVUObject@@PAV1@AAVFOutputDevice@@PBGH@Z
?appClipboardCopy@@YAXPBG@Z
?GetDefaultObject@UClass@@QAEPAVUObject@@XZ
??0FName@@QAE@XZ
?Parse@@YAHPBG0AAVFName@@@Z
?GetName@UObject@@QBEPBGXZ
??DFName@@QBEPBGXZ
?LocalizeGeneral@@YAPBGPBDPBG1@Z
??1FArray@@QAE@XZ
?StaticClass@UPackage@@SAPAVUClass@@XZ
?Remove@FArray@@QAEXHHH@Z
?appItoa@@YAPAGH@Z
??HFString@@QAE?AV0@ABV0@@Z
?appAtoi@@YAHPBG@Z
?GIni@@3PAGA
?appMsgf@@YA?BHHPBGZZ
?TotalSize@FArchive@@UAEHXZ
?Precache@FArchive@@UAEXH@Z
??0FArchive@@QAE@XZ
??1FArchive@@UAE@XZ
?SerializeBits@FArchive@@UAEXPAXH@Z
?SerializeInt@FArchive@@UAEXAAKK@Z
?Preload@FArchive@@UAEXPAVUObject@@@Z
?CountBytes@FArchive@@UAEXKK@Z
??6FArchive@@UAEAAV0@AAPAVUObject@@@Z
??6FArchive@@UAEAAV0@AAVFName@@@Z
?MapName@FArchive@@UAEHPAVFName@@@Z
?MapObject@FArchive@@UAEHPAVUObject@@@Z
?AtEnd@FArchive@@UAEHXZ
?appUnwindf@@YAXPBGZZ
?GUnicodeOS@@3HA
?appFailAssert@@YAXPBD0H@Z
?appStricmp@@YAHPBG0@Z
?appStrlen@@YAHPBG@Z
?appFromAnsi@@YAPBGPBDPAG@Z
?appStrcpy@@YAPAGPAGPBG@Z
?GSecondsPerCycle@@3NA
??1FString@@QAE@XZ
??0FString@@QAE@XZ
?Localize@@YAPBGPBG000H@Z
??DFString@@QBEPBGXZ
?appGetAppInstanceHandle@@YAPAXXZ
?GCRCTable@@3PAKA
?GMalloc@@3PAVFMalloc@@A
??9FString@@QBEHABV0@@Z
??0FString@@QAE@PBD@Z
?GConfig@@3PAVFConfigCache@@A
?winToANSI@@YAPADPADPBGH@Z
?winGetSizeANSI@@YAHPBG@Z
?appBaseDir@@YAPBGXZ
?NotifyExec@FNotifyHook@@UAEXPAXPBG@Z
?NotifyPostChange@FNotifyHook@@UAEXPAX@Z
?NotifyPreChange@FNotifyHook@@UAEXPAX@Z
??0FNotifyHook@@QAE@XZ
??0FExec@@QAE@XZ
?GIsRequestingExit@@3HA
?AtStopper@FArchive@@UAEHXZ
?appStrupr@@YAPAGPAG@Z

engine

?GetLevel@AActor@@QBEPAVULevel@@XZ
?StaticClass@UGameEngine@@SAPAVUClass@@XZ
?UpdateString@FStats@@QAEXAAVFString@@H@Z
?StaticClass@AActor@@SAPAVUClass@@XZ
?Clear@FStats@@QAEXXZ
?GStats@@3VFStats@@A
?StaticClass@UEngine@@SAPAVUClass@@XZ
?GEngineStats@@3VFEngineStats@@A
?StaticClass@URenderDevice@@SAPAVUClass@@XZ

comdlg32

GetSaveFileNameA

d3d8

Direct3DCreate8

ddraw

DirectDrawCreate

kernel32

GetWindowsDirectoryW
GetSystemDirectoryW
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
CloseHandle
GetSystemInfo
GetLastError
VirtualAlloc
VirtualFree
GetFileSize
CreateFileA
CreateFileW
SetFilePointer
SetFileAttributesA
SetFileAttributesW
WriteFile
DeleteFileA
DeleteFileW
GetModuleFileNameW
MoveFileW
GetFileAttributesExW
SetCurrentDirectoryA
SetCurrentDirectoryW
GetCurrentDirectoryA
GetCurrentDirectoryW
ReadFile
CopyFileA
CopyFileW
CreateDirectoryA
CreateDirectoryW
GlobalMemoryStatus
GetCurrentThread
GetCurrentThreadId
Sleep
GetStartupInfoA
SetThreadPriority
RemoveDirectoryA
RemoveDirectoryW
FindClose
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
GetDiskFreeSpaceExW
CreateMutexA
CreateMutexW
GetCommandLineW
GetModuleHandleA
MoveFileA

user32

SetPropA
RemovePropW
RemovePropA
PeekMessageA
DispatchMessageA
GetForegroundWindow
GetWindowThreadProcessId
SetFocus
ShowWindow
PeekMessageW
TranslateMessage
DispatchMessageW
MessageBoxW
LoadIconW
LoadIconA
SetForegroundWindow
DestroyWindow
CreateDialogParamW
CreateDialogParamA
GetDlgItem
GetSystemMetrics
SetWindowPos
SendMessageW
SendMessageA
UpdateWindow
SetPropW

shell32

ShellExecuteA
ShellExecuteW

msvcr70

?terminate@@YAXXZ
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
free
calloc
_purecall
_CxxThrowException
__CxxFrameHandler
__set_app_type
_controlfp
_except_handler3

Exports

Exports

GPackage

Sections

.text
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
DirectX/BDA.cab
.cab
DirectX/BDANT.cab
.cab
DirectX/BDAXP.cab
.cab
DirectX/DSETUP.dll
.dll windows x86

f57b219515a7304b7cca4eea391181e3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
lstrcpyA
IsBadWritePtr
lstrlenA
GetModuleFileNameA
SetLastError
MultiByteToWideChar
LocalFree
LocalAlloc
lstrcmpiA
WideCharToMultiByte
lstrcmpA
GetSystemDefaultLCID
IsBadStringPtrA
IsBadReadPtr
IsBadStringPtrW
lstrlenW
lstrcpynA
GetWindowsDirectoryA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleA
TerminateProcess
GetCurrentProcess
TlsSetValue
GetCommandLineA
HeapFree
HeapAlloc
HeapReAlloc
GetLocalTime
ExitProcess
TlsFree
TlsGetValue
TlsAlloc
Sleep
SetHandleCount
GetStdHandle
GetCurrentDirectoryA
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
SetFilePointer
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
RtlUnwind
SetStdHandle
FlushFileBuffers
CreateFileA
LCMapStringA
LCMapStringW
VirtualProtect
GetSystemInfo
VirtualQuery
SetEndOfFile
GetProcessHeap
ReadFile
GetSystemDirectoryA
SetCurrentDirectoryA
GetVersionExA
LoadLibraryA
GetProcAddress
OutputDebugStringA
CreateMutexA
GetLastError
CloseHandle
GetFileType
FreeLibrary

user32

wsprintfW
CharNextA
wsprintfA
GetKeyboardType
DestroyWindow
SetFocus
CreateDialogParamA
SetDlgItemTextA
MessageBoxA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA

advapi32

RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegCreateKeyExA
RegSetValueExW
RegCreateKeyExW
RegQueryValueExA

winmm

mmioRead
mmioDescend
mmioOpenA
mmioClose

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

ole32

StringFromGUID2

Exports

Exports

DirectXDeviceDriverSetupA
DirectXDeviceDriverSetupW
DirectXLoadString
DirectXRegisterApplicationA
DirectXRegisterApplicationW
DirectXSetupA
DirectXSetupCallback
DirectXSetupGetEULAA
DirectXSetupGetEULAW
DirectXSetupGetFileVersion
DirectXSetupGetVersion
DirectXSetupIsEng
DirectXSetupIsJapan
DirectXSetupIsJapanNec
DirectXSetupSetCallback
DirectXSetupShowEULA
DirectXSetupW
DirectXUnRegisterApplication

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DirectX/DirectX.cab
.cab
DirectX/ManagedDX.CAB
.cab
DirectX/dsetup32.dll
.dll windows x86

826e66365e06d75f7914f0ec89b4d2f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
lstrlenA
GetLastError
GetFileAttributesA
FindClose
FindFirstFileA
lstrcpyA
GetPrivateProfileSectionA
CloseHandle
CreateFileA
SetFileAttributesA
CreateDirectoryA
lstrcatA
GetSystemDefaultLCID
GetCurrentProcess
GetSystemDirectoryA
GetShortPathNameA
GetModuleFileNameA
GetPrivateProfileSectionNamesA
GetSystemInfo
GetPrivateProfileStringA
WideCharToMultiByte
GetDiskFreeSpaceA
GetModuleHandleA
CopyFileA
ReadFile
GetFileSize
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
LocalFileTimeToFileTime
SystemTimeToFileTime
FindNextFileA
WaitForSingleObject
CreateProcessA
LoadLibraryExA
lstrcmpA
GetTempFileNameA
GetDriveTypeA
GetCurrentDirectoryA
ExpandEnvironmentStringsA
GetTempPathA
MultiByteToWideChar
MoveFileExA
CompareStringA
SetFileTime
GetFileTime
Sleep
CreateMutexA
LoadResource
FindResourceA
IsBadWritePtr
LockResource
SizeofResource
SetLastError
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
lstrcmpiA
TerminateProcess
TlsSetValue
GetCommandLineA
GetLocalTime
HeapFree
HeapReAlloc
HeapAlloc
ExitProcess
TlsFree
TlsGetValue
TlsAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
VirtualProtect
VirtualQuery
LCMapStringA
LCMapStringW
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
SetStdHandle
FlushFileBuffers
SetFilePointer
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
RtlUnwind
SetEndOfFile
GetProcessHeap
LoadLibraryA
GetVersionExA
GetProcAddress
FreeLibrary
GetWindowsDirectoryA
OutputDebugStringA
GetSystemTimeAsFileTime
lstrcpynA

gdi32

GetDeviceCaps

user32

SetDlgItemTextA
ShowWindow
GetDlgItem
SendMessageA
wsprintfA
MessageBoxA
CreateDialogParamA
SetFocus
DestroyWindow
DialogBoxParamA
SetWindowPos
PeekMessageA
GetDC
GetWindowRect
GetDesktopWindow
SendDlgItemMessageA
EndDialog
TranslateMessage
DispatchMessageA
LoadStringA
GetKeyboardType
CharLowerA
CharNextA
ReleaseDC
GetMessageA

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA

winmm

mmioOpenA
mmioRead
mmioClose
mmioDescend

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

shell32

SHFileOperationA

ole32

StringFromGUID2

Exports

Exports

DirectXLoadString
DirectXSetupCallback
DirectXSetupSetCallback
DirectXSetupShowEULA
iDirectXSetup
iDirectXSetupGetEULA

Sections

.text
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DirectX/dxnt.cab
.cab
DirectX/dxsetup.exe
.exe windows x86

771d815b9638cdc29fedafed6d81c3a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
GetModuleHandleA
CreateThread
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
lstrcatA
CreateMutexA
SetErrorMode
GetModuleFileNameA
GetCurrentDirectoryA
GetCurrentProcess
CreateFileA
GetFileSize
ReadFile
CloseHandle
lstrlenA
lstrcpyA
FindFirstFileA
FindClose
GetLastError
lstrcmpiA
GetVersionExA
LoadLibraryA
GetProcAddress
GetProcessHeap
SetEndOfFile
RtlUnwind
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
SetFilePointer
FlushFileBuffers
SetStdHandle
HeapReAlloc
InitializeCriticalSection
GetCPInfo
GetOEMCP
GetACP
LCMapStringW
MultiByteToWideChar
LCMapStringA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
Sleep
HeapAlloc
LeaveCriticalSection
FreeLibrary
GetWindowsDirectoryA
OutputDebugStringA
lstrcpynA
GetCommandLineA
GetStartupInfoA
GetLocalTime
ExitProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsFree
SetLastError
TlsSetValue
TlsGetValue
TlsAlloc
HeapDestroy
HeapCreate
VirtualFree
HeapFree
EnterCriticalSection

advapi32

RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
AdjustTokenPrivileges

gdi32

GetDeviceCaps
CreateFontIndirectA
SelectObject
CreateCompatibleDC
DeleteDC
StretchBlt
GetObjectA
DeleteObject

user32

MessageBoxA
LoadStringA
LoadImageA
wsprintfA
SystemParametersInfoA
SetWindowTextA
SendDlgItemMessageA
GetWindowLongA
PostMessageA
GetParent
SetDlgItemTextA
SendMessageA
ShowWindow
GetDlgItem
SetWindowLongA
GetAsyncKeyState
ExitWindowsEx
EnumWindows
GetWindowTextA
GetClassNameA
SetForegroundWindow
SetFocus
GetDC
ReleaseDC

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

comctl32

CreatePropertySheetPageA
PropertySheetA
ord17

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 406KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
DirectX/mdxredist.msi
.msi
Support/EReg.exe
.exe windows x86

6f67bed680ab51cd3d7afc50354fd269

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeResource
GlobalFree
GlobalHandle
LockResource
LoadResource
GetModuleFileNameW
FindResourceA
FreeLibrary
GetProcAddress
LoadLibraryA
InterlockedIncrement
lstrcmpA
FlushInstructionCache
GetCurrentProcess
GetModuleFileNameA
GetShortPathNameW
GetExitCodeProcess
WaitForSingleObject
OpenProcess
LocalFree
WriteFile
LocalAlloc
CreateFileA
SizeofResource
FindClose
FindFirstFileA
CreateDirectoryA
GetVersionExA
GetShortPathNameA
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
GlobalAlloc
GlobalLock
CreateProcessA
CloseHandle
lstrlenA
SetUnhandledExceptionFilter
RaiseException
SetFilePointer
GetLastError
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
TerminateProcess
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
GetOEMCP
GetACP
GetCPInfo
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapReAlloc
HeapAlloc
HeapFree
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
DeleteCriticalSection
SetStdHandle
FlushFileBuffers
EnterCriticalSection
GlobalUnlock
LeaveCriticalSection
HeapDestroy
InitializeCriticalSection
DeleteFileA
InterlockedDecrement
GetCurrentThreadId
IsBadCodePtr

user32

ShowWindow
IsDialogMessageA
DispatchMessageA
PostQuitMessage
TranslateMessage
GetMessageA
PeekMessageA
DestroyWindow
MoveWindow
GetCursor
CreateWindowExA
wsprintfA
InvalidateRgn
SetCapture
ReleaseCapture
CreateAcceleratorTableA
GetDesktopWindow
GetParent
GetClassNameA
RedrawWindow
IsWindow
BeginPaint
GetClientRect
FillRect
EndPaint
CallWindowProcA
GetDC
ReleaseDC
GetFocus
IsChild
SetFocus
GetSysColor
CreateDialogIndirectParamA
GetWindowTextLengthA
GetWindowTextA
GetWindow
DefWindowProcA
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
LoadImageA
SendMessageA
SetWindowTextA
GetDlgItem
SystemParametersInfoA
SetWindowPos
GetSystemMetrics
GetWindowRect
InvalidateRect
GetWindowLongA
SetWindowLongA

gdi32

SelectObject
GetObjectA
GetStockObject
GetDeviceCaps
DeleteDC
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
CreateSolidBrush
PatBlt

advapi32

RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA

shell32

ShellExecuteA

ole32

CoTaskMemAlloc
StringFromCLSID
OleLockRunning
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoInitialize
CoUninitialize

oleaut32

SysAllocStringLen
LoadRegTypeLi
VariantClear
OleCreateFontIndirect
SysFreeString
DispCallFunc
SysAllocString
SysStringLen

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

wininet

InternetGetConnectedState

comctl32

ord17

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 500KB - Virtual size: 498KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Support/EasyInfo.exe
.exe windows x86

9bf909f0e41b5409a0b2cd7388770ec8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CreateMutexA
CloseHandle
GetModuleHandleA
FindResourceExA
LoadResource
LockResource
SetEnvironmentVariableA
SetEndOfFile
GetLocaleInfoW
GetVersionExA
LoadLibraryA
ReadFile
SetStdHandle
GetTimeZoneInformation
VirtualQuery
GetSystemInfo
VirtualProtect
IsBadCodePtr
IsBadReadPtr
IsValidCodePage
IsValidLocale
GetLocaleInfoA
GetACP
FreeResource
EnumSystemLocalesA
GetUserDefaultLCID
IsBadWritePtr
VirtualAlloc
GetOEMCP
SizeofResource
GetFileAttributesA
CreateDirectoryA
GetSystemDirectoryA
SearchPathA
FormatMessageA
GlobalMemoryStatus
WideCharToMultiByte
QueryPerformanceCounter
QueryPerformanceFrequency
lstrcmpiA
GetFileSize
FileTimeToSystemTime
GetFileTime
CreateFileA
GetProcAddress
MultiByteToWideChar
RtlUnwind
RaiseException
ExitProcess
TerminateProcess
GetCurrentProcess
GetStartupInfoA
GetCommandLineA
HeapFree
HeapAlloc
GetCPInfo
HeapReAlloc
LCMapStringA
LCMapStringW
GetTimeFormatA
GetDateFormatA
CompareStringA
CompareStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
WriteFile
FlushFileBuffers
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
SetFilePointer
HeapSize
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree

user32

DispatchMessageA
TranslateMessage
GetMessageA
RegisterClassExA
CreateWindowExA
DefWindowProcA
GetDlgItem
ShowWindow
UpdateWindow
DestroyWindow
PostQuitMessage
CreateDialogParamA
SetDlgItemTextA
SendMessageA
MessageBoxA
GetDesktopWindow
IsDlgButtonChecked

comdlg32

GetSaveFileNameA

shell32

ShellExecuteA

ddraw

DirectDrawEnumerateA
DirectDrawCreate

dsound

ord2

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

comctl32

ord17

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VariantInit
VariantClear

Sections

.text
Size: 212KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Support/Ereg.bin
Support/Harry Potter and the Prisoner of Azkaban_EZ.exe
.exe windows x86

7b833860aee200155199263fc86c275b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

joyGetPosEx

kernel32

GetFileAttributesA
GetFileTime
WritePrivateProfileStringA
HeapAlloc
HeapFree
RtlUnwind
GetSystemTimeAsFileTime
HeapReAlloc
GetTimeFormatA
GetDateFormatA
GetStartupInfoA
RaiseException
ExitProcess
TerminateProcess
SetStdHandle
GetFileType
SetErrorMode
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetTimeZoneInformation
LCMapStringA
LCMapStringW
VirtualQuery
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
IsBadReadPtr
IsBadCodePtr
GetLocaleInfoW
SetEnvironmentVariableA
GetOEMCP
GetCPInfo
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GlobalFlags
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
InterlockedDecrement
VirtualProtect
GetModuleFileNameA
CreateFileA
GetFullPathNameA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
lstrcpyA
MulDiv
GlobalAlloc
FormatMessageA
lstrcpynA
LocalFree
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetWindowsDirectoryA
ExpandEnvironmentStringsA
CloseHandle
OpenProcess
GetModuleHandleA
OutputDebugStringA
Sleep
GetSystemInfo
SetThreadPriority
GetCurrentThread
GetTickCount
GetLogicalDriveStringsA
GetDriveTypeA
GetDiskFreeSpaceA
GetVolumeInformationA
GetTempPathA
GlobalMemoryStatus
CreateMutexA
GetUserDefaultLangID
GetCommandLineA
FreeLibrary
LoadLibraryA
GetProcAddress
GetProfileIntA
SearchPathA
GetCurrentDirectoryA
GetSystemDirectoryA
SetCurrentDirectoryA
CreateProcessA
GetLastError
FindResourceA
LoadResource
LockResource
SizeofResource
SetLastError
lstrlenA
lstrcmpiA
CompareStringW
CompareStringA
GetVersion
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
HeapSize

user32

DestroyMenu
LoadCursorA
GetSysColorBrush
SetTimer
KillTimer
WaitMessage
GetMessageA
GetCursorPos
ValidateRect
SetCursor
PostQuitMessage
MapDialogRect
GetAsyncKeyState
EndPaint
BeginPaint
ReleaseDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
wsprintfA
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
ShowWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
GetWindowTextLengthA
GetWindowTextA
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessagePos
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
PostMessageA
GetSysColor
AdjustWindowRectEx
ScreenToClient
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
CopyRect
PtInRect
GetWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
EnumDisplaySettingsA
GetDesktopWindow
GetKeyboardType
GetSystemMetrics
LoadIconA
GetClientRect
GetPropA
GetWindowRect
IsIconic
DrawIcon
MessageBoxA
SetFocus
ReleaseCapture
GetForegroundWindow
SetCapture
SetActiveWindow
TranslateMessage
DispatchMessageA
PeekMessageA
GetDC
LoadImageA
MessageBeep
SendMessageA
GetParent
EnableWindow
CharUpperA
GetMessageTime

gdi32

RectVisible
PtVisible
DeleteObject
GetStockObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
GetBitmapDimensionEx
GetDeviceCaps
GetBitmapBits
SetBitmapBits
CreateDIBitmap
SetMapMode
RestoreDC
SaveDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
TextOutA

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegQueryValueExA

comctl32

ord17
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_Destroy

shlwapi

PathIsUNCA
PathFindExtensionA
PathStripToRootA
PathFindFileNameA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

VariantClear
VariantChangeType
VariantInit

wsock32

socket
gethostbyname
htonl
htons
ioctlsocket
bind
WSAGetLastError
accept
closesocket
WSACleanup
WSAStartup
inet_addr
connect
sendto
WSASetLastError
recvfrom
WSAAsyncSelect
send
recv
select
ntohs

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 240KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 236KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Support/Harry Potter and the Prisoner of Azkaban_code.exe
.exe windows x86

973556a061b1d6ecf17b94c4e7cacddb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
TerminateProcess
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
RaiseException
GetStringTypeA
GetStringTypeW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetUnhandledExceptionFilter
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
VirtualProtect
GetSystemInfo
VirtualQuery
SetStdHandle
GetLocaleInfoW
SetEnvironmentVariableA
GetCommandLineA
GetStartupInfoA
RtlUnwind
HeapFree
HeapAlloc
ExitProcess
WritePrivateProfileStringA
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
GetOEMCP
GetCPInfo
FileTimeToSystemTime
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GlobalFlags
InterlockedDecrement
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
CloseHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcatA
lstrcmpW
lstrcpyA
GetLastError
MulDiv
GlobalAlloc
FormatMessageA
lstrcpynA
LocalFree
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
LoadLibraryA
GetProcAddress
FindResourceExA
GetUserDefaultLangID
GetModuleHandleA
SetLastError
lstrlenA
lstrcmpiA
CompareStringW
CompareStringA
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
IsValidCodePage
InterlockedExchange

user32

DestroyMenu
LoadCursorA
GetSysColorBrush
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
SetCursor
PostQuitMessage
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
ShowWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
IsWindowVisible
CharUpperA
EnableWindow
MessageBoxA
PostMessageA
GetClientRect
InvalidateRect
SetActiveWindow
SetForegroundWindow
SendMessageA
LoadIconA
UpdateWindow
GetMenu
GetSysColor
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
wsprintfA
GetWindowTextLengthA
GetClassLongA
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
GetWindowLongA
IsWindow
DestroyWindow
CreateDialogIndirectParamA
GetSystemMetrics
GetActiveWindow
GetDesktopWindow
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetWindowTextA
GetWindow
SetFocus
GetMenuState

gdi32

GetStockObject
DeleteDC
RectVisible
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
CreateDIBitmap
PtVisible
DeleteObject
SetMapMode
RestoreDC
SaveDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
TextOutA

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA
RegQueryValueA
RegCloseKey

comctl32

ord17

shlwapi

PathIsUNCA
PathFindExtensionA
PathStripToRootA
PathFindFileNameA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Support/Harry Potter and the Prisoner of Azkaban_uninst.exe
.exe windows x86

b81b7acca1154338806383b7c95a602a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey

kernel32

GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetLastError
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
CloseHandle

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Support/Readme_BPor.txt
Support/Readme_Por.txt
Support/config.xml
.xml
Support/ereg-dict-cs.xml
Support/ereg-dict-da.xml
Support/ereg-dict-de.xml
Support/ereg-dict-en_UK.xml
.xml
Support/ereg-dict-en_US.xml
Support/ereg-dict-es.xml
Support/ereg-dict-fi.xml
Support/ereg-dict-fr_FR.xml
Support/ereg-dict-it.xml
Support/ereg-dict-ja.xml
Support/ereg-dict-ko.xml
Support/ereg-dict-nl.xml
Support/ereg-dict-no.xml
Support/ereg-dict-pl.xml
Support/ereg-dict-pt_BR.xml
Support/ereg-dict-pt_PT.xml
Support/ereg-dict-sv.xml
Support/ereg-dict-th.xml
Support/ereg-dict-zh_CN.xml
Support/ereg-dict-zh_TW.xml
Support/es/es_eahelp.hlp
Support/es/leeme.txt
Support/es_eula.txt
Support/go_ez.exe
.exe windows x86

68c39ba66b567c5d2eea9b2648b30041

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
CreateProcessA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Support/leeme.txt
Support/pt-br/en-uk_eahelp.hlp
Support/pt-br/readme.txt
Support/pt-br_eula.txt
Support/pt-pt/en-uk_eahelp.hlp
Support/pt-pt/readme.txt
Support/pt-pt_eula.txt
System/kwGame.u
autorun.inf
common_filelist.txt
compressed.zip
.zip
eauninstall.exe
.exe windows x86

6cd72ea2dc24b2cb4af143a3749fa740

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
RtlUnwind
ExitProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
ExitThread
CreateThread
SetEnvironmentVariableA
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemInfo
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetLocaleInfoW
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
SetErrorMode
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
RaiseException
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
InterlockedDecrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
WritePrivateProfileStringA
WaitForSingleObject
ResumeThread
lstrcmpA
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
lstrcpynA
CreateFileA
FreeLibrary
CreateDirectoryA
CreateProcessA
GetExitCodeProcess
GetSystemDirectoryA
GetWindowsDirectoryA
GetTempPathA
LocalAlloc
GetCurrentProcess
GetCurrentThread
FormatMessageA
LocalFree
SetLastError
GetUserDefaultLangID
CopyFileA
FindResourceA
LockResource
SizeofResource
RemoveDirectoryA
FindFirstFileA
DeleteFileA
FindNextFileA
FindClose
GetShortPathNameA
GetFileAttributesA
SetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
FindResourceExA
LoadResource
CreateToolhelp32Snapshot
Sleep
Process32First
Process32Next
CloseHandle
GetModuleHandleA
LoadLibraryA
GetProcAddress
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetStdHandle
InterlockedExchange

user32

GetSysColorBrush
GetMenuItemInfoA
InflateRect
LoadMenuA
DestroyMenu
UnpackDDElParam
ReuseDDElParam
ReleaseCapture
LoadAcceleratorsA
InvalidateRect
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorA
GetMessageA
GetCursorPos
ValidateRect
ShowOwnedPopups
SetCursor
PostQuitMessage
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
IsWindowEnabled
ShowWindow
SetWindowTextA
IsDialogMessageA
GetMenuState
RegisterWindowMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
IsWindow
SetFocus
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
TrackPopupMenu
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetClientRect
GetMenu
PostMessageA
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
GetParent
ScreenToClient
EqualRect
DeferWindowPos
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
CopyRect
PtInRect
GetWindow
PeekMessageA
TranslateMessage
DispatchMessageA
wsprintfA
SystemParametersInfoA
DefWindowProcA
MessageBoxA
BroadcastSystemMessageA
SendMessageA
SetTimer
LoadCursorA
EnableWindow
CreateWindowExA

gdi32

TextOutA
RectVisible
PtVisible
BitBlt
DeleteObject
GetTextExtentPoint32A
CreateFontIndirectA
CreateCompatibleBitmap
CreateSolidBrush
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
GetPixel
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
GetDeviceCaps
GetObjectA
SetBkColor
SetTextColor
GetClipBox
ExtTextOutA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegEnumKeyExA
OpenProcessToken
FreeSid
RevertToSelf
AccessCheck
IsValidSecurityDescriptor
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
AddAccessAllowedAce
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
ImpersonateSelf
OpenThreadToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl

shell32

DragFinish
DragQueryFileA
ShellExecuteA

comctl32

ord17
ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantInit
VariantChangeType

Sections

.text
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
es_compressed.zip
.zip
hppoa.ico
pt-br_compressed.zip
.zip
pt-pt_compressed.zip
.zip
setup.exe
.exe windows x86

c08ee669b80bdbaf15b0cc4ca837d012

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
GetOEMCP
WriteFile
SetFilePointer
FlushFileBuffers
GetCurrentProcess
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
HeapSize
TerminateProcess
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcatA
lstrcmpW
GetModuleHandleA
lstrcpyA
GetCurrentThreadId
CloseHandle
GlobalFlags
lstrcmpA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GetModuleFileNameA
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
SetLastError
GlobalFree
FindResourceA
LoadResource
LockResource
SizeofResource
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
GetCurrentDirectoryA
Sleep
LoadLibraryA
GetProcAddress
lstrlenA
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
HeapFree
InterlockedExchange

user32

PostQuitMessage
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
PostMessageA
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
DefWindowProcA
CallWindowProcA
DestroyMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowPos
SetWindowLongA
GetDlgItem
SetWindowsHookExA
CallNextHookEx
DispatchMessageA
MessageBoxA
GetKeyState
PeekMessageA
ValidateRect
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetFocus
GetWindowTextA
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
UnregisterClassA
GetSysColorBrush
GetSysColor
ReleaseDC
SetWindowTextA
GetClassNameA
SendMessageA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
LoadCursorA
GetSystemMetrics
GetDC

shell32

ShellExecuteA

comctl32

ord17

gdi32

TextOutA
DeleteDC
GetStockObject
DeleteObject
CreateBitmap
GetClipBox
SetTextColor
SetBkColor
RestoreDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
SaveDC
GetDeviceCaps
RectVisible
PtVisible
SetMapMode
ExtTextOutA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4b82001f0b99ef92fe9b27974ba8c70

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

version

Sections

.text Size: 268KB - Virtual size: 267KB

.rdata Size: 60KB - Virtual size: 56KB

.data Size: 16KB - Virtual size: 185KB

.rsrc Size: 292KB - Virtual size: 288KB

63127aafbce8e41f71731dae3a1db142

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

Exports

Exports

Sections

.text Size: 212KB - Virtual size: 211KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 12KB - Virtual size: 49KB

.rsrc Size: 232KB - Virtual size: 228KB

.reloc Size: 40KB - Virtual size: 39KB

29c52e579482135abf364acc7da65cbd

Headers

File Characteristics

Imports

window

core

engine

comdlg32

d3d8

ddraw

kernel32

user32

shell32

msvcr70

Exports

Exports

Sections

.text Size: 136KB - Virtual size: 132KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 44KB - Virtual size: 200KB

.idata Size: 20KB - Virtual size: 19KB

.rsrc Size: 12KB - Virtual size: 10KB

f57b219515a7304b7cca4eea391181e3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

winmm

version

ole32

.text
Size: 268KB - Virtual size: 267KB

.rdata
Size: 60KB - Virtual size: 56KB

.data
Size: 16KB - Virtual size: 185KB

.rsrc
Size: 292KB - Virtual size: 288KB

.text
Size: 212KB - Virtual size: 211KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 12KB - Virtual size: 49KB

.rsrc
Size: 232KB - Virtual size: 228KB

.reloc
Size: 40KB - Virtual size: 39KB

.text
Size: 136KB - Virtual size: 132KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 44KB - Virtual size: 200KB

.idata
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 12KB - Virtual size: 10KB

.text
Size: 49KB - Virtual size: 49KB

.data
Size: 3KB - Virtual size: 9KB

.rsrc
Size: 1024B - Virtual size: 936B

.reloc
Size: 4KB - Virtual size: 4KB

.text
Size: 113KB - Virtual size: 113KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 46KB - Virtual size: 46KB

.data
Size: 3KB - Virtual size: 9KB

.rsrc
Size: 406KB - Virtual size: 405KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 20KB - Virtual size: 23KB

.rsrc
Size: 500KB - Virtual size: 498KB