Inno[.]rar | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

Inno.rar
Size

8.2MB
MD5

edf241c0a800245b81d4ffa3abb2f183
SHA1

00ba375af6ffd65656fe90839722796a6d2abbef
SHA256

32197c7b906d34315665e750ce5207ff254a553debcdfb3732e77dbfdc931f17
SHA512

f24f110867b60e5a85b8b2b2128817895be3f70fa415ea3585a317fa2497ac31ad3e674a0bf8c6190650bac5f97fa0260451dd229e4145e076e471403fdb4cd2
SSDEEP

196608:3DX0P+XBbbuqWSp8rBsitKOu4s1gZThPpXo6Aa8S3O:344Wx7ruigOut1ehpoki

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

Processes:

resource	yara_rule
static1/unpack001/Inno/InnoInstaller.exe	themida

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/Inno/InnoInstaller.exe
unpack001/Inno/gio-2.0-0.dll
unpack001/Inno/glib-2.0-0.dll

Files

Inno.rar
.rar
Inno/InnoInstaller.exe
.exe windows x86

Password: SET1234

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 47KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 580B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.themida
Size: - Virtual size: 6.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Inno/gio-2.0-0.dll
.dll windows x64

Password: SET1234

c5420dd27f022010c3783f3abdf00b92

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

glib-2.0-0

g_atomic_pointer_get
g_atomic_pointer_set
g_atomic_pointer_compare_and_exchange
g_rw_lock_writer_lock
g_rw_lock_writer_unlock
g_rw_lock_reader_lock
g_rw_lock_reader_unlock
g_bytes_new
g_file_error_quark
g_file_test
g_dgettext
g_list_find
g_hash_table_steal_all
g_hash_table_get_keys_as_array
g_mapped_file_new
g_mapped_file_get_bytes
g_mapped_file_unref
g_variant_get_size
g_variant_get_data
g_build_path
g_error_new_valist
g_main_context_push_thread_default
g_main_context_pop_thread_default
g_source_get_context
g_hash_table_replace
g_strchomp
g_ascii_strdown
g_intern_string
g_prefix_error
g_cond_wait_until
g_try_malloc
g_try_realloc
g_source_get_ready_time
g_source_add_poll
g_source_remove_poll
g_source_get_time
g_get_monotonic_time
g_hash_table_unref
g_slist_free
g_slist_remove
g_ref_count_init
g_ref_count_inc
g_ref_count_dec
g_main_context_new
g_main_loop_new
g_main_loop_run
g_main_loop_quit
g_main_loop_unref
g_list_remove_link
g_list_sort
g_random_int_range
g_environ_getenv
g_snprintf
g_slist_free_1
g_main_context_iteration
g_child_watch_source_new
g_spawn_async_with_pipes
g_spawn_check_exit_status
g_spawn_close_pid
g_thread_pool_new
g_thread_pool_push
g_thread_pool_unprocessed
g_thread_pool_set_sort_function
g_thread_pool_move_to_front
g_thread_pool_set_max_threads
g_list_find_custom
g_list_length
g_thread_pool_free
g_variant_new_strv
g_byte_array_unref
g_slist_concat
g_slist_last
g_strstr_len
g_strrstr_len
g_byte_array_ref
g_main_context_acquire
g_main_context_release
g_once_impl
g_sequence_new
g_sequence_free
g_sequence_get_length
g_sequence_sort
g_sequence_get_begin_iter
g_sequence_get_end_iter
g_sequence_get_iter_at_pos
g_sequence_append
g_sequence_insert_before
g_sequence_insert_sorted
g_sequence_remove
g_sequence_remove_range
g_sequence_get
g_sequence_iter_is_end
g_sequence_iter_next
g_sequence_iter_prev
g_sequence_iter_get_position
g_sequence_iter_move
g_utf8_to_utf16
g_utf16_to_utf8
g_utf8_casefold
g_variant_new_int32
g_shell_quote
g_shell_parse_argv
g_spawn_async
g_error_new_literal
g_hash_table_get_values
g_source_remove
g_timeout_add
g_variant_get_child_value
g_assertion_message_error
g_rmdir
g_atomic_int_compare_and_exchange
g_convert
g_ptr_array_new_full
g_quark_from_string
g_get_prgname
g_set_prgname
g_variant_new_boolean
g_variant_new_int64
g_variant_new_double
g_variant_new_string
g_variant_new_bytestring
g_variant_new_bytestring_array
g_variant_builder_new
g_variant_builder_unref
g_variant_dict_new
g_variant_dict_insert_value
g_variant_dict_end
g_variant_dict_unref
g_option_context_new
g_option_context_set_summary
g_option_context_set_description
g_option_context_free
g_option_context_set_help_enabled
g_option_context_set_ignore_unknown_options
g_option_context_parse_strv
g_option_context_add_group
g_option_context_set_main_group
g_option_group_new
g_option_group_unref
g_option_group_add_entries
g_option_group_set_translation_domain
g_slice_copy
g_win32_get_command_line
g_variant_ref
g_variant_dup_bytestring
g_variant_dup_bytestring_array
g_variant_iter_loop
g_variant_get_child
g_variant_builder_add_value
g_variant_type_string_is_valid
g_variant_parse
g_hash_table_foreach
g_hash_table_remove_all
g_variant_type_dup_string
g_variant_type_free
g_variant_type_copy
g_variant_get_type
g_variant_equal
g_variant_print_string
g_variant_parse_error_quark
g_variant_get_boolean
g_quark_to_string
g_hash_table_ref
g_variant_get_va
g_variant_check_format_string
g_variant_new_va
g_sequence_is_empty
g_ptr_array_sized_new
g_bytes_new_from_bytes
g_variant_get_variant
g_variant_byteswap
g_tree_unref
g_tree_insert
g_list_free
g_tree_lookup
g_tree_lookup_extended
g_tree_foreach
g_tree_nnodes
g_get_user_config_dir
g_print
g_checksum_free
g_checksum_update
g_checksum_get_digest
g_mkdir_with_parents
g_string_sized_new
g_key_file_new
g_key_file_unref
g_key_file_free
g_key_file_load_from_file
g_key_file_load_from_data
g_key_file_to_data
g_timeout_source_new_seconds
g_key_file_get_keys
g_key_file_get_value
g_key_file_set_value
g_key_file_remove_key
g_key_file_remove_group
g_variant_type_equal
g_variant_print
g_tree_new_full
g_get_user_data_dir
g_win32_get_system_data_dirs_for_module
g_dcgettext
g_hash_table_iter_remove
g_string_append_len
g_markup_parse_context_new
g_markup_parse_context_free
g_markup_parse_context_parse
g_markup_parse_context_end_parse
g_variant_is_container
g_variant_new_array
g_variant_lookup_value
g_variant_get_fixed_array
g_variant_iter_new
g_variant_builder_clear
g_variant_compare
g_regex_new
g_regex_split
g_regex_replace_literal
g_strjoinv
g_variant_new_byte
g_variant_new_int16
g_variant_new_uint16
g_variant_new_uint32
g_variant_new_uint64
g_variant_new_handle
g_variant_new_object_path
g_variant_new_signature
g_variant_get_byte
g_variant_get_int16
g_variant_get_uint16
g_variant_get_int32
g_variant_get_uint32
g_variant_get_int64
g_variant_get_uint64
g_variant_get_handle
g_variant_get_double
g_variant_dup_strv
g_variant_get_bytestring
g_variant_type_peek_string
g_variant_dup_string
g_node_new
g_node_destroy
g_node_insert_before
g_node_traverse
g_node_children_foreach
g_node_n_children
g_idle_add
g_strjoin
g_get_real_time
g_variant_is_floating
g_variant_classify
g_variant_new_objv
g_variant_dup_objv
g_variant_get_normal_form
g_variant_new_from_data
g_random_int
g_hash_table_get_keys
g_string_insert
g_ptr_array_unref
g_string_set_size
g_strchug
g_propagate_prefixed_error
g_get_home_dir
g_compute_checksum_for_string
g_file_set_contents
g_ascii_strtoll
g_usleep
g_open
g_unlink
g_int_hash
g_ptr_array_remove_index
g_ptr_array_remove
g_atomic_int_add
g_atomic_int_and
g_atomic_int_or
g_thread_self
g_hash_table_foreach_remove
g_direct_hash
g_direct_equal
g_string_prepend_c
g_variant_is_object_path
g_dngettext
g_variant_type_new
g_variant_type_is_tuple
g_variant_type_is_dict_entry
g_variant_type_is_variant
g_variant_type_element
g_variant_type_first
g_variant_type_next
g_variant_type_key
g_variant_type_value
g_variant_type_string_get_depth_
g_variant_is_signature
g_variant_new_variant
g_variant_new_fixed_array
g_variant_new_dict_entry
g_ptr_array_sort
g_ptr_array_foreach
g_parse_debug_string
g_thread_new
g_variant_type_new_tuple
g_queue_new
g_queue_free_full
g_queue_get_length
g_slist_length
g_markup_error_quark
g_markup_parse_context_get_element_stack
g_markup_parse_context_get_position
g_markup_printf_escaped
g_markup_collect_attributes
g_variant_new_tuple
g_close
g_list_foreach
g_setenv
g_unsetenv
g_io_channel_unref
g_io_channel_shutdown
g_io_channel_read_line
g_io_channel_unix_new
g_spawn_command_line_async
g_base64_encode
g_filename_from_utf8
g_filename_to_uri
g_filename_display_name
g_get_filename_charsets
g_path_skip_root
g_canonicalize_filename
g_realloc_n
g_rename
g_mkdir
g_lstat
g_remove
g_get_user_cache_dir
g_get_user_special_dir
g_checksum_get_string
g_filename_display_basename
g_access
g_chmod
g_sequence_sort_changed
g_mkstemp_full
g_win32_ftruncate
g_ascii_strncasecmp
g_hostname_is_ip_address
g_mapped_file_get_length
g_mapped_file_get_contents
g_locale_from_utf8
g_date_time_add_seconds
g_filename_to_utf8
g_strsplit
g_strconcat
g_realloc
g_date_time_to_unix
g_date_time_get_microsecond
g_date_time_add
g_date_time_new_from_iso8601
g_date_time_new_from_unix_utc
g_date_time_unref
g_time_zone_unref
g_time_zone_new_local
g_hash_table_lookup_extended
g_source_add_child_source
g_hash_table_contains
g_hash_table_add
g_win32_error_message
g_strdup_vprintf
g_error_new
g_source_is_destroyed
g_main_current_source
g_ptr_array_remove_index_fast
g_ptr_array_set_size
g_ptr_array_new_with_free_func
g_uri_unescape_segment
g_hostname_to_ascii
g_hostname_is_non_ascii
g_hash_table_destroy
g_hash_table_new_full
g_file_get_contents
g_getenv
g_dir_close
g_dir_read_name
g_dir_open
g_rec_mutex_unlock
g_rec_mutex_lock
g_string_prepend
g_strv_length
g_variant_get_data_as_bytes
g_list_copy_deep
g_list_reverse
g_variant_lookup
g_list_concat
g_idle_add_full
g_slist_append
g_slist_free_full
g_variant_get_strv
g_bytes_get_size
g_bytes_new_with_free_func
g_idle_source_new
g_source_set_callback
g_variant_get_string
g_source_set_priority
g_variant_get_type_string
g_list_delete_link
g_cond_signal
g_cond_clear
g_cond_init
g_stat
g_win32_get_package_installation_directory_of_module
g_str_has_suffix
g_variant_take_ref
g_string_append_uri_escaped
g_utf8_skip
g_uri_escape_string
g_key_file_get_groups
g_str_has_prefix
g_printerr
g_checksum_new
g_ptr_array_free
g_ptr_array_new
g_array_sort
g_array_remove_index
g_array_append_vals
g_variant_new_take_string
g_atomic_int_dec_and_test
g_atomic_int_inc
g_array_set_size
g_array_insert_vals
g_array_free
g_array_new
g_uri_unescape_string
g_main_context_invoke_full
g_list_remove
g_list_prepend
g_malloc0
g_get_current_dir
g_build_filename_valist
g_file_open_tmp
g_filename_from_uri
g_bytes_ref
g_bytes_get_data
g_bytes_new_static
g_bytes_new_take
g_clear_error
g_error_copy
g_quark_from_static_string
g_byte_array_set_size
g_byte_array_free
g_byte_array_new
g_variant_builder_add
g_variant_builder_close
g_variant_builder_open
g_variant_is_of_type
g_list_insert_sorted
g_list_append
g_strdup_printf
g_variant_new_parsed
g_ptr_array_add
g_ascii_table
g_strcmp0
g_strndup
g_ascii_strcasecmp
g_ascii_xdigit_value
g_ascii_tolower
g_string_append_printf
g_string_insert_c
g_str_hash
g_str_equal
g_path_get_dirname
g_path_get_basename
g_path_is_absolute
g_build_filename
g_memdup
g_utf8_validate
g_convert_error_quark
g_string_append
g_string_free
g_string_new
g_timeout_source_new
g_propagate_error
g_error_matches
g_queue_remove
g_queue_pop_head
g_queue_push_tail
g_queue_is_empty
g_queue_clear
g_queue_init
g_main_context_invoke
g_source_attach
g_source_unref
g_main_context_get_thread_default
g_main_context_default
g_main_context_ref
g_hash_table_iter_next
g_hash_table_iter_init
g_hash_table_size
g_hash_table_lookup
g_hash_table_remove
g_hash_table_insert
g_hash_table_new
g_strerror

gobject-2.0-0

g_type_add_instance_private
g_type_class_adjust_private_offset
g_type_add_interface_static
g_type_check_class_cast
g_value_init
g_value_unset
g_cclosure_marshal_generic
g_type_interface_add_prerequisite
g_type_register_static_simple
g_type_class_peek_parent
g_flags_register_static
g_enum_register_static
g_type_check_instance_cast
g_signal_new
g_type_default_interface_peek
g_value_take_string
g_object_remove_weak_pointer
g_object_add_weak_pointer
g_weak_ref_set
g_error_get_type
g_closure_set_marshal
g_closure_unref
g_closure_sink
g_closure_ref
g_object_set_qdata
g_signal_handler_is_connected
g_value_get_double
g_value_set_double
g_value_get_uint64
g_value_set_uint64
g_value_set_int64
g_value_get_uchar
g_value_set_uchar
g_value_get_schar
g_value_set_schar
g_flags_get_value_by_nick
g_flags_get_first_value
g_value_take_boxed
g_type_check_value_holds
g_weak_ref_get
g_weak_ref_clear
g_weak_ref_init
g_object_weak_unref
g_object_weak_ref
g_value_take_variant
g_type_fundamental
g_variant_type_get_gtype
g_value_dup_variant
g_param_spec_variant
g_variant_dict_get_type
g_signal_accumulator_first_wins
g_signal_handler_find
g_signal_connect_closure_by_id
g_signal_has_handler_pending
g_cclosure_new
g_object_set_data
g_value_get_gtype
g_value_set_gtype
g_param_spec_gtype
g_object_run_dispose
g_byte_array_get_type
g_signal_handlers_disconnect_matched
g_signal_connect_object
g_type_children
g_param_spec_flags
g_value_set_flags
g_value_take_object
g_io_condition_get_type
g_source_set_dummy_callback
g_object_thaw_notify
g_object_freeze_notify
g_object_interface_install_property
g_array_get_type
g_strv_get_type
g_value_get_ulong
g_value_set_ulong
g_param_spec_ulong
g_object_set_data_full
g_object_get_data
g_value_get_variant
g_value_get_string
g_value_get_int64
g_value_get_int
g_value_get_flags
g_value_get_boxed
g_boxed_free
g_boxed_copy
g_value_peek_pointer
g_type_module_unuse
g_type_module_use
g_type_module_get_type
g_value_get_object
g_type_interface_peek_parent
g_value_get_pointer
g_value_set_pointer
g_param_spec_pointer
g_enum_get_value_by_nick
g_object_get
g_type_ensure
g_type_from_name
g_value_set_int
g_param_spec_int
g_object_set
g_type_check_instance_is_fundamentally_a
g_object_set_qdata_full
g_boxed_type_register_static
g_type_name_from_instance
g_object_replace_qdata
g_object_get_qdata
g_object_class_install_properties
g_type_class_peek
g_object_class_override_property
g_param_spec_enum
g_value_get_enum
g_value_set_enum
g_enum_get_value
g_type_class_unref
g_type_class_ref
g_param_spec_object
g_value_dup_object
g_value_dup_string
g_value_set_string
g_param_spec_string
g_signal_handler_disconnect
g_signal_connect_data
g_closure_invoke
g_param_spec_boxed
g_value_dup_boxed
g_value_set_boxed
g_bytes_get_type
g_value_set_boolean
g_param_spec_boolean
g_value_get_uint
g_value_set_uint
g_param_spec_uint
g_object_class_install_property
g_type_name
g_object_new_valist
g_object_newv
g_type_is_a
g_object_ref
g_signal_emit
g_signal_set_va_marshaller
g_cclosure_marshal_VOID__VOID
g_type_check_instance_is_a
g_type_interface_peek
g_value_set_variant
g_value_get_boolean
g_value_set_object
g_object_unref
g_object_notify
g_object_get_property
g_object_set_property
g_object_new
g_object_class_find_property
g_signal_accumulator_true_handled
g_signal_lookup
g_signal_emit_by_name
g_signal_emitv

gmodule-2.0-0

g_module_open
g_module_close
g_module_error
g_module_symbol
g_module_supported

z-1

deflateReset
deflateSetHeader
deflateInit_
deflateInit2_
inflate
deflateEnd
inflateReset
inflateGetHeader
inflateInit_
inflateInit2_
deflate
inflateEnd

intl-8

libintl_bind_textdomain_codeset

dnsapi

DnsQuery_A
DnsFree

iphlpapi

GetAdaptersAddresses
if_nametoindex
GetIpForwardTable2
NotifyRouteChange2
CancelMibChangeNotify2

ws2_32

getservbyname
WSASetLastError
WSAGetLastError
WSAStartup
accept
bind
closesocket
connect
ioctlsocket
gethostbyname
gethostbyaddr
ntohs
inet_ntoa
inet_addr
htons
htonl
inet_ntop
inet_pton
WSAEventSelect
WSARecv
WSARecvFrom
WSASend
WSASendTo
getservbyport
getpeername
getsockname
getsockopt
listen
recv
send
setsockopt
shutdown
socket
WSACloseEvent
WSACreateEvent
WSAWaitForMultipleEvents
WSAEnumNetworkEvents

kernel32

QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
ReadDirectoryChangesW
GetShortPathNameW
GetLongPathNameW
GetLastError
GetOverlappedResult
CancelIo
GetSystemDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleExA
LoadLibraryW
TerminateProcess
GetProcessId
GetTickCount
LoadLibraryExW
ExpandEnvironmentStringsW
GetModuleHandleA
GetModuleHandleW
GetDriveTypeA
GetLogicalDrives
ReadFile
CloseHandle
CreateEventA
WriteFile
GetStdHandle
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
WaitForSingleObject
WaitForMultipleObjects
CreateThread
ExitThread
GetFileAttributesW
ReleaseMutex
CreateMutexA
Sleep
GetCurrentProcess
CreateProcessW
MapViewOfFile
UnmapViewOfFile
GetModuleFileNameW
LocalFree
CreateFileMappingA
OpenFileMappingA
AllocConsole
SetConsoleTitleW
CreateJobObjectW
AssignProcessToJobObject
SetInformationJobObject
GetDiskFreeSpaceExW
GetDriveTypeW
GetVolumeInformationW
GetVolumePathNameW
GetVersion
CreateFileW
GetFileAttributesExW
GetSystemTimeAsFileTime

user32

TranslateMessage
DispatchMessageA
PostQuitMessage
LoadStringW
GetMessageA

shell32

SHFileOperationW
SHGetFileInfoW

advapi32

OpenProcessToken
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegEnumValueW
RegQueryInfoKeyW
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExW
RegDeleteValueW
RegNotifyChangeKeyValue
RegSetValueExW
RegCloseKey
LookupAccountSidW
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
GetFileSecurityW
ConvertSidToStringSidA
GetCurrentHwProfileA
IsValidSid
GetTokenInformation

vcruntime140

__current_exception_context
__std_type_info_destroy_list
__current_exception
__C_specific_handler
wcschr
wcsrchr
strrchr
memset
memcmp
strstr
memchr
strchr
memmove
memcpy

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_seh_filter_dll
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
_cexit
_initterm
_initterm_e
terminate
raise
_initialize_onexit_table
_initialize_narrow_environment
_errno

api-ms-win-crt-string-l1-1-0

_wcsnicmp
_stricmp
iswctype
_wcsicmp
strcspn
strpbrk
_strdup
strncpy_s
strcat_s
_wcsdup
strcpy_s
strncmp
strcmp

api-ms-win-crt-convert-l1-1-0

strtoul
strtol
wcstoul
mbstowcs
atoi

api-ms-win-crt-heap-l1-1-0

calloc
free

api-ms-win-crt-stdio-l1-1-0

freopen
_read
_lseek
__stdio_common_vsprintf_s
_dup
_write
_fileno
_close
_get_osfhandle
fclose
fopen
fread
__acrt_iob_func
fflush
__stdio_common_vfprintf
__stdio_common_vswscanf

api-ms-win-crt-conio-l1-1-0

_getch

Exports

Exports

_g_io_modules_ensure_extension_points_registered
g_action_activate
g_action_change_state
g_action_get_enabled
g_action_get_name
g_action_get_parameter_type
g_action_get_state
g_action_get_state_hint
g_action_get_state_type
g_action_get_type
g_action_group_action_added
g_action_group_action_enabled_changed
g_action_group_action_removed
g_action_group_action_state_changed
g_action_group_activate_action
g_action_group_change_action_state
g_action_group_get_action_enabled
g_action_group_get_action_parameter_type
g_action_group_get_action_state
g_action_group_get_action_state_hint
g_action_group_get_action_state_type
g_action_group_get_type
g_action_group_has_action
g_action_group_list_actions
g_action_group_query_action
g_action_map_add_action
g_action_map_add_action_entries
g_action_map_get_type
g_action_map_lookup_action
g_action_map_remove_action
g_action_name_is_valid
g_action_parse_detailed_name
g_action_print_detailed_name
g_app_info_add_supports_type
g_app_info_can_delete
g_app_info_can_remove_supports_type
g_app_info_create_flags_get_type
g_app_info_create_from_commandline
g_app_info_delete
g_app_info_dup
g_app_info_equal
g_app_info_get_all
g_app_info_get_all_for_type
g_app_info_get_commandline
g_app_info_get_default_for_type
g_app_info_get_default_for_uri_scheme
g_app_info_get_description
g_app_info_get_display_name
g_app_info_get_executable
g_app_info_get_fallback_for_type
g_app_info_get_icon
g_app_info_get_id
g_app_info_get_name
g_app_info_get_recommended_for_type
g_app_info_get_supported_types
g_app_info_get_type
g_app_info_launch
g_app_info_launch_default_for_uri
g_app_info_launch_default_for_uri_async
g_app_info_launch_default_for_uri_finish
g_app_info_launch_uris
g_app_info_launch_uris_async
g_app_info_launch_uris_finish
g_app_info_monitor_get
g_app_info_monitor_get_type
g_app_info_remove_supports_type
g_app_info_reset_type_associations
g_app_info_set_as_default_for_extension
g_app_info_set_as_default_for_type
g_app_info_set_as_last_used_for_type
g_app_info_should_show
g_app_info_supports_files
g_app_info_supports_uris
g_app_launch_context_get_display
g_app_launch_context_get_environment
g_app_launch_context_get_startup_notify_id
g_app_launch_context_get_type
g_app_launch_context_launch_failed
g_app_launch_context_new
g_app_launch_context_setenv
g_app_launch_context_unsetenv
g_application_activate
g_application_add_main_option
g_application_add_main_option_entries
g_application_add_option_group
g_application_bind_busy_property
g_application_command_line_create_file_for_arg
g_application_command_line_get_arguments
g_application_command_line_get_cwd
g_application_command_line_get_environ
g_application_command_line_get_exit_status
g_application_command_line_get_is_remote
g_application_command_line_get_options_dict
g_application_command_line_get_platform_data
g_application_command_line_get_stdin
g_application_command_line_get_type
g_application_command_line_getenv
g_application_command_line_print
g_application_command_line_printerr
g_application_command_line_set_exit_status
g_application_flags_get_type
g_application_get_application_id
g_application_get_dbus_connection
g_application_get_dbus_object_path
g_application_get_default
g_application_get_flags
g_application_get_inactivity_timeout
g_application_get_is_busy
g_application_get_is_registered
g_application_get_is_remote
g_application_get_resource_base_path
g_application_get_type
g_application_hold
g_application_id_is_valid
g_application_mark_busy
g_application_new
g_application_open
g_application_quit
g_application_register
g_application_release
g_application_run
g_application_send_notification
g_application_set_action_group
g_application_set_application_id
g_application_set_default
g_application_set_flags
g_application_set_inactivity_timeout
g_application_set_option_context_description
g_application_set_option_context_parameter_string
g_application_set_option_context_summary
g_application_set_resource_base_path
g_application_unbind_busy_property
g_application_unmark_busy
g_application_withdraw_notification
g_ask_password_flags_get_type
g_async_initable_get_type
g_async_initable_init_async
g_async_initable_init_finish
g_async_initable_new_async
g_async_initable_new_finish
g_async_initable_new_valist_async
g_async_initable_newv_async
g_async_result_get_source_object
g_async_result_get_type
g_async_result_get_user_data
g_async_result_is_tagged
g_async_result_legacy_propagate_error
g_buffered_input_stream_fill
g_buffered_input_stream_fill_async
g_buffered_input_stream_fill_finish
g_buffered_input_stream_get_available
g_buffered_input_stream_get_buffer_size
g_buffered_input_stream_get_type
g_buffered_input_stream_new
g_buffered_input_stream_new_sized
g_buffered_input_stream_peek
g_buffered_input_stream_peek_buffer
g_buffered_input_stream_read_byte
g_buffered_input_stream_set_buffer_size
g_buffered_output_stream_get_auto_grow
g_buffered_output_stream_get_buffer_size
g_buffered_output_stream_get_type
g_buffered_output_stream_new
g_buffered_output_stream_new_sized
g_buffered_output_stream_set_auto_grow
g_buffered_output_stream_set_buffer_size
g_bus_get
g_bus_get_finish
g_bus_get_sync
g_bus_name_owner_flags_get_type
g_bus_name_watcher_flags_get_type
g_bus_own_name
g_bus_own_name_on_connection
g_bus_own_name_on_connection_with_closures
g_bus_own_name_with_closures
g_bus_type_get_type
g_bus_unown_name
g_bus_unwatch_name
g_bus_watch_name
g_bus_watch_name_on_connection
g_bus_watch_name_on_connection_with_closures
g_bus_watch_name_with_closures
g_bytes_icon_get_bytes
g_bytes_icon_get_type
g_bytes_icon_new
g_cancellable_cancel
g_cancellable_connect
g_cancellable_disconnect
g_cancellable_get_current
g_cancellable_get_fd
g_cancellable_get_type
g_cancellable_is_cancelled
g_cancellable_make_pollfd
g_cancellable_new
g_cancellable_pop_current
g_cancellable_push_current
g_cancellable_release_fd
g_cancellable_reset
g_cancellable_set_error_if_cancelled
g_cancellable_source_new
g_charset_converter_get_num_fallbacks
g_charset_converter_get_type
g_charset_converter_get_use_fallback
g_charset_converter_new
g_charset_converter_set_use_fallback
g_content_type_can_be_executable
g_content_type_equals
g_content_type_from_mime_type
g_content_type_get_description
g_content_type_get_generic_icon_name
g_content_type_get_icon
g_content_type_get_mime_dirs
g_content_type_get_mime_type
g_content_type_get_symbolic_icon
g_content_type_guess
g_content_type_guess_for_tree
g_content_type_is_a
g_content_type_is_mime_type
g_content_type_is_unknown
g_content_type_set_mime_dirs
g_content_types_get_registered
g_converter_convert
g_converter_flags_get_type
g_converter_get_type
g_converter_input_stream_get_converter
g_converter_input_stream_get_type
g_converter_input_stream_new
g_converter_output_stream_get_converter
g_converter_output_stream_get_type
g_converter_output_stream_new
g_converter_reset
g_converter_result_get_type
g_credentials_get_native
g_credentials_get_type
g_credentials_is_same_user
g_credentials_new
g_credentials_set_native
g_credentials_to_string
g_credentials_type_get_type
g_data_input_stream_get_byte_order
g_data_input_stream_get_newline_type
g_data_input_stream_get_type
g_data_input_stream_new
g_data_input_stream_read_byte
g_data_input_stream_read_int16
g_data_input_stream_read_int32
g_data_input_stream_read_int64
g_data_input_stream_read_line
g_data_input_stream_read_line_async
g_data_input_stream_read_line_finish
g_data_input_stream_read_line_finish_utf8
g_data_input_stream_read_line_utf8
g_data_input_stream_read_uint16
g_data_input_stream_read_uint32
g_data_input_stream_read_uint64
g_data_input_stream_read_until
g_data_input_stream_read_until_async
g_data_input_stream_read_until_finish
g_data_input_stream_read_upto
g_data_input_stream_read_upto_async
g_data_input_stream_read_upto_finish
g_data_input_stream_set_byte_order
g_data_input_stream_set_newline_type
g_data_output_stream_get_byte_order
g_data_output_stream_get_type
g_data_output_stream_new
g_data_output_stream_put_byte
g_data_output_stream_put_int16
g_data_output_stream_put_int32
g_data_output_stream_put_int64
g_data_output_stream_put_string
g_data_output_stream_put_uint16
g_data_output_stream_put_uint32
g_data_output_stream_put_uint64
g_data_output_stream_set_byte_order
g_data_stream_byte_order_get_type
g_data_stream_newline_type_get_type
g_datagram_based_condition_check
g_datagram_based_condition_wait
g_datagram_based_create_source
g_datagram_based_get_type
g_datagram_based_receive_messages
g_datagram_based_send_messages
g_dbus_action_group_get
g_dbus_action_group_get_type
g_dbus_address_escape_value
g_dbus_address_get_for_bus_sync
g_dbus_address_get_stream
g_dbus_address_get_stream_finish
g_dbus_address_get_stream_sync
g_dbus_annotation_info_get_type
g_dbus_annotation_info_lookup
g_dbus_annotation_info_ref
g_dbus_annotation_info_unref
g_dbus_arg_info_get_type
g_dbus_arg_info_ref
g_dbus_arg_info_unref
g_dbus_auth_observer_allow_mechanism
g_dbus_auth_observer_authorize_authenticated_peer
g_dbus_auth_observer_get_type
g_dbus_auth_observer_new
g_dbus_call_flags_get_type
g_dbus_capability_flags_get_type
g_dbus_connection_add_filter
g_dbus_connection_call
g_dbus_connection_call_finish
g_dbus_connection_call_sync
g_dbus_connection_close
g_dbus_connection_close_finish
g_dbus_connection_close_sync
g_dbus_connection_emit_signal
g_dbus_connection_export_action_group
g_dbus_connection_export_menu_model
g_dbus_connection_flags_get_type
g_dbus_connection_flush
g_dbus_connection_flush_finish
g_dbus_connection_flush_sync
g_dbus_connection_get_capabilities
g_dbus_connection_get_exit_on_close
g_dbus_connection_get_flags
g_dbus_connection_get_guid
g_dbus_connection_get_last_serial
g_dbus_connection_get_peer_credentials
g_dbus_connection_get_stream
g_dbus_connection_get_type
g_dbus_connection_get_unique_name
g_dbus_connection_is_closed
g_dbus_connection_new
g_dbus_connection_new_finish
g_dbus_connection_new_for_address
g_dbus_connection_new_for_address_finish
g_dbus_connection_new_for_address_sync
g_dbus_connection_new_sync
g_dbus_connection_register_object
g_dbus_connection_register_object_with_closures
g_dbus_connection_register_subtree
g_dbus_connection_remove_filter
g_dbus_connection_send_message
g_dbus_connection_send_message_with_reply
g_dbus_connection_send_message_with_reply_finish
g_dbus_connection_send_message_with_reply_sync
g_dbus_connection_set_exit_on_close
g_dbus_connection_signal_subscribe
g_dbus_connection_signal_unsubscribe
g_dbus_connection_start_message_processing
g_dbus_connection_unexport_action_group
g_dbus_connection_unexport_menu_model
g_dbus_connection_unregister_object
g_dbus_connection_unregister_subtree
g_dbus_error_encode_gerror
g_dbus_error_get_remote_error
g_dbus_error_get_type
g_dbus_error_is_remote_error
g_dbus_error_new_for_dbus_error
g_dbus_error_quark
g_dbus_error_register_error
g_dbus_error_register_error_domain
g_dbus_error_set_dbus_error
g_dbus_error_set_dbus_error_valist
g_dbus_error_strip_remote_error
g_dbus_error_unregister_error
g_dbus_generate_guid
g_dbus_gvalue_to_gvariant
g_dbus_gvariant_to_gvalue
g_dbus_interface_dup_object
g_dbus_interface_get_info
g_dbus_interface_get_object
g_dbus_interface_get_type
g_dbus_interface_info_cache_build
g_dbus_interface_info_cache_release
g_dbus_interface_info_generate_xml
g_dbus_interface_info_get_type
g_dbus_interface_info_lookup_method
g_dbus_interface_info_lookup_property
g_dbus_interface_info_lookup_signal
g_dbus_interface_info_ref
g_dbus_interface_info_unref
g_dbus_interface_set_object
g_dbus_interface_skeleton_export
g_dbus_interface_skeleton_flags_get_type
g_dbus_interface_skeleton_flush
g_dbus_interface_skeleton_get_connection
g_dbus_interface_skeleton_get_connections
g_dbus_interface_skeleton_get_flags
g_dbus_interface_skeleton_get_info
g_dbus_interface_skeleton_get_object_path
g_dbus_interface_skeleton_get_properties
g_dbus_interface_skeleton_get_type
g_dbus_interface_skeleton_get_vtable
g_dbus_interface_skeleton_has_connection
g_dbus_interface_skeleton_set_flags
g_dbus_interface_skeleton_unexport
g_dbus_interface_skeleton_unexport_from_connection
g_dbus_is_address
g_dbus_is_guid
g_dbus_is_interface_name
g_dbus_is_member_name
g_dbus_is_name
g_dbus_is_supported_address
g_dbus_is_unique_name
g_dbus_menu_model_get
g_dbus_menu_model_get_type
g_dbus_message_byte_order_get_type
g_dbus_message_bytes_needed
g_dbus_message_copy
g_dbus_message_flags_get_type
g_dbus_message_get_arg0
g_dbus_message_get_body
g_dbus_message_get_byte_order
g_dbus_message_get_destination
g_dbus_message_get_error_name
g_dbus_message_get_flags
g_dbus_message_get_header
g_dbus_message_get_header_fields
g_dbus_message_get_interface
g_dbus_message_get_locked
g_dbus_message_get_member
g_dbus_message_get_message_type
g_dbus_message_get_num_unix_fds
g_dbus_message_get_path
g_dbus_message_get_reply_serial
g_dbus_message_get_sender
g_dbus_message_get_serial
g_dbus_message_get_signature
g_dbus_message_get_type
g_dbus_message_header_field_get_type
g_dbus_message_lock
g_dbus_message_new
g_dbus_message_new_from_blob
g_dbus_message_new_method_call
g_dbus_message_new_method_error
g_dbus_message_new_method_error_literal
g_dbus_message_new_method_error_valist
g_dbus_message_new_method_reply
g_dbus_message_new_signal
g_dbus_message_print
g_dbus_message_set_body
g_dbus_message_set_byte_order
g_dbus_message_set_destination
g_dbus_message_set_error_name
g_dbus_message_set_flags
g_dbus_message_set_header
g_dbus_message_set_interface
g_dbus_message_set_member
g_dbus_message_set_message_type
g_dbus_message_set_num_unix_fds
g_dbus_message_set_path
g_dbus_message_set_reply_serial
g_dbus_message_set_sender
g_dbus_message_set_serial
g_dbus_message_set_signature
g_dbus_message_to_blob
g_dbus_message_to_gerror
g_dbus_message_type_get_type
g_dbus_method_info_get_type
g_dbus_method_info_ref
g_dbus_method_info_unref
g_dbus_method_invocation_get_connection
g_dbus_method_invocation_get_interface_name
g_dbus_method_invocation_get_message
g_dbus_method_invocation_get_method_info
g_dbus_method_invocation_get_method_name
g_dbus_method_invocation_get_object_path
g_dbus_method_invocation_get_parameters
g_dbus_method_invocation_get_property_info
g_dbus_method_invocation_get_sender
g_dbus_method_invocation_get_type
g_dbus_method_invocation_get_user_data
g_dbus_method_invocation_return_dbus_error
g_dbus_method_invocation_return_error
g_dbus_method_invocation_return_error_literal
g_dbus_method_invocation_return_error_valist
g_dbus_method_invocation_return_gerror
g_dbus_method_invocation_return_value
g_dbus_method_invocation_take_error
g_dbus_node_info_generate_xml
g_dbus_node_info_get_type
g_dbus_node_info_lookup_interface
g_dbus_node_info_new_for_xml
g_dbus_node_info_ref
g_dbus_node_info_unref
g_dbus_object_get_interface
g_dbus_object_get_interfaces
g_dbus_object_get_object_path
g_dbus_object_get_type
g_dbus_object_manager_client_flags_get_type
g_dbus_object_manager_client_get_connection
g_dbus_object_manager_client_get_flags
g_dbus_object_manager_client_get_name
g_dbus_object_manager_client_get_name_owner
g_dbus_object_manager_client_get_type
g_dbus_object_manager_client_new
g_dbus_object_manager_client_new_finish
g_dbus_object_manager_client_new_for_bus
g_dbus_object_manager_client_new_for_bus_finish
g_dbus_object_manager_client_new_for_bus_sync
g_dbus_object_manager_client_new_sync
g_dbus_object_manager_get_interface
g_dbus_object_manager_get_object
g_dbus_object_manager_get_object_path

Sections

.text
Size: 912KB - Virtual size: 912KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 431KB - Virtual size: 430KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Inno/glib-2.0-0.dll
.dll windows x64

Password: SET1234

21af67a1ec4e27a1d0ac1bc37ed48661

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

intl-8

libintl_dgettext
libintl_gettext
libintl_dcgettext
libintl_bindtextdomain
libintl_textdomain
libintl_dngettext

ws2_32

ioctlsocket
getsockopt
WSASetEvent
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
WSAGetLastError
send
recv
closesocket

kernel32

UnhandledExceptionFilter
RtlCaptureContext
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
GetCurrentThreadId
RtlLookupFunctionEntry
RtlVirtualUnwind
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentThread
SleepConditionVariableSRW
IsDebuggerPresent
GetLastError
GetConsoleOutputCP
GetProcAddress
LoadLibraryA
MultiByteToWideChar
WideCharToMultiByte
IsValidCodePage
GetACP
GetCPInfo
IsDBCSLeadByteEx
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
GetLocaleInfoW
GetThreadLocale
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentVariableW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
GetCurrentDirectoryW
GetFileAttributesW
CloseHandle
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
GetFileType
GetFileInformationByHandleEx
GetConsoleMode
SetConsoleMode
GetCommandLineW
LocalFree
SetEvent
WaitForSingleObjectEx
WaitForMultipleObjectsEx
CreateEventW
WaitForMultipleObjects
GetCurrentProcess
GetExitCodeThread
GetSystemInfo
CreateFileW
GetFileInformationByHandle
DeviceIoControl
MoveFileExW
TerminateProcess
GetNativeSystemInfo
GetProcessAffinityMask
Sleep
GetSystemDirectoryW
DebugBreak
GetWindowsDirectoryW
VirtualQuery
GetModuleFileNameW
GetModuleHandleA
GetComputerNameW
ResetEvent
CreateEventA
QueryPerformanceCounter
QueryPerformanceFrequency
GetExitCodeProcess
GetSystemTimeAsFileTime
GetStdHandle
GetShortPathNameW
AddVectoredExceptionHandler
RemoveVectoredExceptionHandler
WaitForSingleObject
GetCurrentProcessId
CreateProcessA
GetVersion
FreeLibrary
GetModuleHandleW
LoadLibraryW
FormatMessageW
GetLocaleInfoA
AllocConsole
AttachConsole
DuplicateHandle
GetConsoleWindow
ReadFile
WriteFile
PeekNamedPipe
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ReadConsoleInputA
PeekConsoleInputA
RaiseException
InitializeSRWLock
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
TryAcquireSRWLockExclusive
TryAcquireSRWLockShared
TryEnterCriticalSection
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
InitializeSListHead

user32

MessageBoxA
MsgWaitForMultipleObjectsEx
PeekMessageA
PostMessageA
IsWindow

shell32

CommandLineToArgvW
SHGetPathFromIDListW
SHGetSpecialFolderLocation

ole32

CoTaskMemFree

advapi32

RegOpenKeyExW
RegQueryValueExW
RegLoadMUIStringW
GetUserNameW
RegCloseKey

vcruntime140

strstr
memcmp
wcschr
memchr
memset
memmove
strrchr
__C_specific_handler
__current_exception
__current_exception_context
__std_type_info_destroy_list
strchr
memcpy

api-ms-win-crt-string-l1-1-0

strnlen
strspn
strxfrm
strcoll
_stricmp
tolower
isdigit
islower
isupper
_strnicmp
strncmp
strncpy
_strdup
toupper
iswctype
strpbrk
strcspn
wcsspn
_wcsicmp
wcsncmp
strcmp

api-ms-win-crt-runtime-l1-1-0

_beginthreadex
exit
strerror
_endthreadex
_errno
_getpid
_exit
abort
_crt_at_quick_exit
_configure_narrow_argv
_set_invalid_parameter_handler
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
terminate
_cexit
strerror_s
_initterm_e
_initterm
_seh_filter_dll

api-ms-win-crt-time-l1-1-0

_localtime64
_wutime64
_mktime64
strftime
_time64
_gmtime64

api-ms-win-crt-convert-l1-1-0

wcrtomb
strtod
wctomb
strtoul
atoi
atol
strtol

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
_lseek
_wfopen
__acrt_iob_func
_wopen
__stdio_common_vswprintf_s
_get_osfhandle
_wcreat
_wfreopen
fflush
freopen
__stdio_common_vfprintf_s
__stdio_common_vsnprintf_s
_chsize
_close
_dup2
_open_osfhandle
_pipe
fputs
fwrite
_dup
_write
_kbhit
ferror
feof
fclose
_read
_fileno
_isatty
fread
__stdio_common_vsprintf

api-ms-win-crt-heap-l1-1-0

free
calloc
realloc
malloc

api-ms-win-crt-locale-l1-1-0

localeconv
___mb_cur_max_func
setlocale

api-ms-win-crt-environment-l1-1-0

getenv
_wputenv

api-ms-win-crt-filesystem-l1-1-0

_wmkdir
_wremove
_getdrive
_wchdir
_wchmod
_wunlink
_findclose
_wfindnext64i32
_wfindfirst64i32
_wfullpath
_wrmdir
_fstat64
_waccess

api-ms-win-crt-utility-l1-1-0

bsearch
rand_s

api-ms-win-crt-process-l1-1-0

_wspawnvpe
_wspawnve
_wspawnvp
_wspawnv

api-ms-win-crt-math-l1-1-0

ldexp
frexp
_dsign

Exports

Exports

__glib_assert_msg
_glib_get_locale_dir
g_abort
g_access
g_allocator_free
g_allocator_new
g_array_append_vals
g_array_binary_search
g_array_copy
g_array_free
g_array_get_element_size
g_array_insert_vals
g_array_new
g_array_prepend_vals
g_array_ref
g_array_remove_index
g_array_remove_index_fast
g_array_remove_range
g_array_set_clear_func
g_array_set_size
g_array_sized_new
g_array_sort
g_array_sort_with_data
g_array_unref
g_ascii_digit_value
g_ascii_dtostr
g_ascii_formatd
g_ascii_strcasecmp
g_ascii_strdown
g_ascii_string_to_signed
g_ascii_string_to_unsigned
g_ascii_strncasecmp
g_ascii_strtod
g_ascii_strtoll
g_ascii_strtoull
g_ascii_strup
g_ascii_table
g_ascii_tolower
g_ascii_toupper
g_ascii_xdigit_value
g_assert_warning
g_assertion_message
g_assertion_message_cmpnum
g_assertion_message_cmpstr
g_assertion_message_error
g_assertion_message_expr
g_async_queue_length
g_async_queue_length_unlocked
g_async_queue_lock
g_async_queue_new
g_async_queue_new_full
g_async_queue_pop
g_async_queue_pop_unlocked
g_async_queue_push
g_async_queue_push_front
g_async_queue_push_front_unlocked
g_async_queue_push_sorted
g_async_queue_push_sorted_unlocked
g_async_queue_push_unlocked
g_async_queue_ref
g_async_queue_ref_unlocked
g_async_queue_remove
g_async_queue_remove_unlocked
g_async_queue_sort
g_async_queue_sort_unlocked
g_async_queue_timed_pop
g_async_queue_timed_pop_unlocked
g_async_queue_timeout_pop
g_async_queue_timeout_pop_unlocked
g_async_queue_try_pop
g_async_queue_try_pop_unlocked
g_async_queue_unlock
g_async_queue_unref
g_async_queue_unref_and_unlock
g_atexit
g_atomic_int_add
g_atomic_int_and
g_atomic_int_compare_and_exchange
g_atomic_int_dec_and_test
g_atomic_int_exchange_and_add
g_atomic_int_get
g_atomic_int_inc
g_atomic_int_or
g_atomic_int_set
g_atomic_int_xor
g_atomic_pointer_add
g_atomic_pointer_and
g_atomic_pointer_compare_and_exchange
g_atomic_pointer_get
g_atomic_pointer_or
g_atomic_pointer_set
g_atomic_pointer_xor
g_atomic_rc_box_acquire
g_atomic_rc_box_alloc
g_atomic_rc_box_alloc0
g_atomic_rc_box_dup
g_atomic_rc_box_get_size
g_atomic_rc_box_release
g_atomic_rc_box_release_full
g_atomic_ref_count_compare
g_atomic_ref_count_dec
g_atomic_ref_count_inc
g_atomic_ref_count_init
g_base64_decode
g_base64_decode_inplace
g_base64_decode_step
g_base64_encode
g_base64_encode_close
g_base64_encode_step
g_basename
g_bit_lock
g_bit_nth_lsf
g_bit_nth_msf
g_bit_storage
g_bit_trylock
g_bit_unlock
g_blow_chunks
g_bookmark_file_add_application
g_bookmark_file_add_group
g_bookmark_file_error_quark
g_bookmark_file_free
g_bookmark_file_get_added
g_bookmark_file_get_app_info
g_bookmark_file_get_applications
g_bookmark_file_get_description
g_bookmark_file_get_groups
g_bookmark_file_get_icon
g_bookmark_file_get_is_private
g_bookmark_file_get_mime_type
g_bookmark_file_get_modified
g_bookmark_file_get_size
g_bookmark_file_get_title
g_bookmark_file_get_uris
g_bookmark_file_get_visited
g_bookmark_file_has_application
g_bookmark_file_has_group
g_bookmark_file_has_item
g_bookmark_file_load_from_data
g_bookmark_file_load_from_data_dirs
g_bookmark_file_load_from_file
g_bookmark_file_move_item
g_bookmark_file_new
g_bookmark_file_remove_application
g_bookmark_file_remove_group
g_bookmark_file_remove_item
g_bookmark_file_set_added
g_bookmark_file_set_app_info
g_bookmark_file_set_description
g_bookmark_file_set_groups
g_bookmark_file_set_icon
g_bookmark_file_set_is_private
g_bookmark_file_set_mime_type
g_bookmark_file_set_modified
g_bookmark_file_set_title
g_bookmark_file_set_visited
g_bookmark_file_to_data
g_bookmark_file_to_file
g_build_filename
g_build_filename_valist
g_build_filenamev
g_build_path
g_build_pathv
g_byte_array_append
g_byte_array_free
g_byte_array_free_to_bytes
g_byte_array_new
g_byte_array_new_take
g_byte_array_prepend
g_byte_array_ref
g_byte_array_remove_index
g_byte_array_remove_index_fast
g_byte_array_remove_range
g_byte_array_set_size
g_byte_array_sized_new
g_byte_array_sort
g_byte_array_sort_with_data
g_byte_array_unref
g_bytes_compare
g_bytes_equal
g_bytes_get_data
g_bytes_get_size
g_bytes_hash
g_bytes_new
g_bytes_new_from_bytes
g_bytes_new_static
g_bytes_new_take
g_bytes_new_with_free_func
g_bytes_ref
g_bytes_unref
g_bytes_unref_to_array
g_bytes_unref_to_data
g_cache_destroy
g_cache_insert
g_cache_key_foreach
g_cache_new
g_cache_remove
g_cache_value_foreach
g_canonicalize_filename
g_chdir
g_checksum_copy
g_checksum_free
g_checksum_get_digest
g_checksum_get_string
g_checksum_new
g_checksum_reset
g_checksum_type_get_length
g_checksum_update
g_child_watch_add
g_child_watch_add_full
g_child_watch_funcs
g_child_watch_source_new
g_chmod
g_clear_error
g_clear_handle_id
g_clear_pointer
g_close
g_completion_add_items
g_completion_clear_items
g_completion_complete
g_completion_complete_utf8
g_completion_free
g_completion_new
g_completion_remove_items
g_completion_set_compare
g_compute_checksum_for_bytes
g_compute_checksum_for_data
g_compute_checksum_for_string
g_compute_hmac_for_bytes
g_compute_hmac_for_data
g_compute_hmac_for_string
g_cond_broadcast
g_cond_clear
g_cond_free
g_cond_init
g_cond_new
g_cond_signal
g_cond_timed_wait
g_cond_wait
g_cond_wait_until
g_convert
g_convert_error_quark
g_convert_with_fallback
g_convert_with_iconv
g_creat
g_datalist_clear
g_datalist_foreach
g_datalist_get_data
g_datalist_get_flags
g_datalist_id_dup_data
g_datalist_id_get_data
g_datalist_id_remove_no_notify
g_datalist_id_replace_data
g_datalist_id_set_data_full
g_datalist_init
g_datalist_set_flags
g_datalist_unset_flags
g_dataset_destroy
g_dataset_foreach
g_dataset_id_get_data
g_dataset_id_remove_no_notify
g_dataset_id_set_data_full
g_date_add_days
g_date_add_months
g_date_add_years
g_date_clamp
g_date_clear
g_date_compare
g_date_copy
g_date_days_between
g_date_free
g_date_get_day
g_date_get_day_of_year
g_date_get_days_in_month
g_date_get_iso8601_week_of_year
g_date_get_julian
g_date_get_monday_week_of_year
g_date_get_monday_weeks_in_year
g_date_get_month
g_date_get_sunday_week_of_year
g_date_get_sunday_weeks_in_year
g_date_get_weekday
g_date_get_year
g_date_is_first_of_month
g_date_is_last_of_month
g_date_is_leap_year
g_date_new
g_date_new_dmy
g_date_new_julian
g_date_order
g_date_set_day
g_date_set_dmy
g_date_set_julian
g_date_set_month
g_date_set_parse
g_date_set_time
g_date_set_time_t
g_date_set_time_val
g_date_set_year
g_date_strftime
g_date_subtract_days
g_date_subtract_months
g_date_subtract_years
g_date_time_add
g_date_time_add_days
g_date_time_add_full
g_date_time_add_hours
g_date_time_add_minutes
g_date_time_add_months
g_date_time_add_seconds
g_date_time_add_weeks
g_date_time_add_years
g_date_time_compare
g_date_time_difference
g_date_time_equal
g_date_time_format
g_date_time_format_iso8601
g_date_time_get_day_of_month
g_date_time_get_day_of_week
g_date_time_get_day_of_year
g_date_time_get_hour
g_date_time_get_microsecond
g_date_time_get_minute
g_date_time_get_month
g_date_time_get_second
g_date_time_get_seconds
g_date_time_get_timezone
g_date_time_get_timezone_abbreviation
g_date_time_get_utc_offset
g_date_time_get_week_numbering_year
g_date_time_get_week_of_year
g_date_time_get_year
g_date_time_get_ymd
g_date_time_hash
g_date_time_is_daylight_savings
g_date_time_new
g_date_time_new_from_iso8601
g_date_time_new_from_timeval_local
g_date_time_new_from_timeval_utc
g_date_time_new_from_unix_local
g_date_time_new_from_unix_utc
g_date_time_new_local
g_date_time_new_now
g_date_time_new_now_local
g_date_time_new_now_utc
g_date_time_new_utc
g_date_time_ref
g_date_time_to_local
g_date_time_to_timeval
g_date_time_to_timezone
g_date_time_to_unix
g_date_time_to_utc
g_date_time_unref
g_date_to_struct_tm
g_date_valid
g_date_valid_day
g_date_valid_dmy
g_date_valid_julian
g_date_valid_month
g_date_valid_weekday
g_date_valid_year
g_dcgettext
g_dgettext
g_dir_close
g_dir_make_tmp
g_dir_open
g_dir_open_utf8
g_dir_read_name
g_dir_read_name_utf8
g_dir_rewind
g_direct_equal
g_direct_hash
g_dngettext
g_double_equal
g_double_hash
g_dpgettext
g_dpgettext2
g_environ_getenv
g_environ_setenv
g_environ_unsetenv
g_error_copy
g_error_free
g_error_matches
g_error_new
g_error_new_literal
g_error_new_valist
g_file_error_from_errno
g_file_error_quark
g_file_get_contents
g_file_get_contents_utf8
g_file_open_tmp
g_file_open_tmp_utf8
g_file_read_link
g_file_set_contents
g_file_test
g_file_test_utf8
g_filename_display_basename
g_filename_display_name
g_filename_from_uri
g_filename_from_uri_utf8
g_filename_from_utf8
g_filename_from_utf8_utf8
g_filename_to_uri
g_filename_to_uri_utf8
g_filename_to_utf8
g_filename_to_utf8_utf8
g_find_program_in_path
g_fopen
g_format_size
g_format_size_for_display
g_format_size_full
g_fprintf
g_free
g_freopen
g_get_application_name
g_get_charset
g_get_codeset
g_get_console_charset
g_get_current_dir
g_get_current_dir_utf8
g_get_current_time
g_get_environ
g_get_filename_charsets
g_get_home_dir
g_get_host_name
g_get_language_names
g_get_language_names_with_category
g_get_locale_variants
g_get_monotonic_time
g_get_num_processors
g_get_prgname
g_get_real_name
g_get_real_time
g_get_system_config_dirs
g_get_system_data_dirs
g_get_tmp_dir
g_get_user_cache_dir
g_get_user_config_dir
g_get_user_data_dir
g_get_user_name
g_get_user_runtime_dir
g_get_user_special_dir
g_getenv
g_getenv_utf8
g_hash_table_add
g_hash_table_contains
g_hash_table_destroy
g_hash_table_find
g_hash_table_foreach
g_hash_table_foreach_remove
g_hash_table_foreach_steal
g_hash_table_get_keys
g_hash_table_get_keys_as_array
g_hash_table_get_values
g_hash_table_insert
g_hash_table_iter_get_hash_table
g_hash_table_iter_init
g_hash_table_iter_next
g_hash_table_iter_remove
g_hash_table_iter_replace
g_hash_table_iter_steal
g_hash_table_lookup
g_hash_table_lookup_extended
g_hash_table_new
g_hash_table_new_full
g_hash_table_ref
g_hash_table_remove
g_hash_table_remove_all
g_hash_table_replace
g_hash_table_size
g_hash_table_steal
g_hash_table_steal_all
g_hash_table_steal_extended
g_hash_table_unref
g_hmac_copy
g_hmac_get_digest
g_hmac_get_string
g_hmac_new
g_hmac_ref
g_hmac_unref
g_hmac_update
g_hook_alloc
g_hook_compare_ids
g_hook_destroy
g_hook_destroy_link
g_hook_find
g_hook_find_data
g_hook_find_func
g_hook_find_func_data
g_hook_first_valid
g_hook_free
g_hook_get
g_hook_insert_before
g_hook_insert_sorted
g_hook_list_clear
g_hook_list_init
g_hook_list_invoke
g_hook_list_invoke_check
g_hook_list_marshal
g_hook_list_marshal_check
g_hook_next_valid

Sections

.text
Size: 658KB - Virtual size: 657KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 552KB - Virtual size: 551KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: SET1234

Headers

DLL Characteristics

File Characteristics

Sections

Size: 47KB - Virtual size: 152KB

.rsrc Size: 1024B - Virtual size: 580B

Size: 512B - Virtual size: 12B

.idata Size: 512B - Virtual size: 8KB

.themida Size: - Virtual size: 6.2MB

.boot Size: 3.2MB - Virtual size: 3.2MB

Password: SET1234

c5420dd27f022010c3783f3abdf00b92

Headers

DLL Characteristics

File Characteristics

Imports

glib-2.0-0

gobject-2.0-0

gmodule-2.0-0

z-1

intl-8

dnsapi

iphlpapi

ws2_32

kernel32

user32

shell32

advapi32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-conio-l1-1-0

Exports

Exports

Sections

.text Size: 912KB - Virtual size: 912KB

.rdata Size: 431KB - Virtual size: 430KB

.data Size: 1024B - Virtual size: 8KB

.pdata Size: 83KB - Virtual size: 82KB

.rsrc Size: 1024B - Virtual size: 872B

.reloc Size: 2KB - Virtual size: 2KB

Password: SET1234

21af67a1ec4e27a1d0ac1bc37ed48661

Headers

DLL Characteristics

File Characteristics

Imports

intl-8

ws2_32

kernel32

user32

shell32

ole32

advapi32

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-process-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 658KB - Virtual size: 657KB

.rsrc
Size: 1024B - Virtual size: 580B

.idata
Size: 512B - Virtual size: 8KB

.themida
Size: - Virtual size: 6.2MB

.boot
Size: 3.2MB - Virtual size: 3.2MB

.text
Size: 912KB - Virtual size: 912KB

.rdata
Size: 431KB - Virtual size: 430KB

.data
Size: 1024B - Virtual size: 8KB

.pdata
Size: 83KB - Virtual size: 82KB

.rsrc
Size: 1024B - Virtual size: 872B

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 658KB - Virtual size: 657KB

.rdata
Size: 552KB - Virtual size: 551KB

.data
Size: 9KB - Virtual size: 12KB

.pdata
Size: 50KB - Virtual size: 49KB

.rsrc
Size: 1024B - Virtual size: 936B

.reloc
Size: 1KB - Virtual size: 1KB