DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Static task
static1
1 signatures
General
-
Target
H4L0.iso
-
Size
595.9MB
-
MD5
729d52326809309714beba828e603197
-
SHA1
59f898f25b04ebc3a0f425eb914f18eadd293b83
-
SHA256
f4f8a2dab7b259c83636111477fe79ffa7ecd5d177d6d9b8835f7c54b5f0fc21
-
SHA512
a4b8bc0c0990ef08cb90a9c6af5d0235c3c5e09f4a428dc7d3c30e7f8c43a548d8e328858f232f1737f32dec945d618ebc155f21dd5ff12a410d83ab846f051f
-
SSDEEP
12582912:MVWumfcGsGL6GtUcd606GvPGBp0ENP2xuVcX0jJs3QD:2IM0zWf9GvIp022x4cXaD
Score
3/10
Malware Config
Signatures
-
Unsigned PE 35 IoCs
Checks for missing Authenticode signature.
resource unpack001/CRACK/halo.exe unpack003/MSDvbNP.ax unpack003/MSVidCtl.dll unpack003/Mpeg2Data.ax unpack003/bdaplgin.ax unpack003/bdasup.sys unpack003/ccdecode.sys unpack003/ipsink.ax unpack003/kstvtune.ax unpack003/kswdmcap.ax unpack003/ksxbar.ax unpack003/mpe.sys unpack003/msdv.sys unpack003/msdv98se.sys unpack003/msyuv.dll unpack003/nabtsfec.sys unpack003/ndisip.sys unpack003/psisdecd.dll unpack003/psisrndr.ax unpack003/slip.sys unpack003/streamip.sys unpack003/vbisurf.ax unpack003/wstcodec.sys unpack003/wstdecod.dll unpack001/DirectX/DSETUP.dll unpack001/DirectX/dsetup32.dll unpack001/DirectX/dxsetup.exe unpack001/DrvMgt.dll unpack001/Files/HALO.EXE unpack001/Keygen.exe unpack001/PidGen.dll unpack001/SECDRV.SYS unpack001/Setup.Exe unpack001/SetupENU.dll unpack001/mgspid.dll
Files
-
H4L0.iso.iso
Password: halo
-
00000000.016
-
00000000.256
-
00000001.TMP
-
CLUF.rtf.rtf
-
CRACK/halo.exe.exe windows x86
Password: halo
5c6e636ce12b8d4110bb8f4aedf61daf
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ws2_32
inet_ntoa
recvfrom
WSAGetLastError
setsockopt
sendto
socket
gethostname
WSAStartup
gethostbyname
inet_addr
dsound
ord9
winmm
timeEndPeriod
timeBeginPeriod
kernel32
SetLastError
ReadFileEx
SystemTimeToFileTime
CompareFileTime
SetFileTime
ReadFile
GetFileTime
GetSystemTime
WriteFile
VirtualFree
VirtualAlloc
ExitProcess
GlobalMemoryStatus
SetErrorMode
QueryPerformanceCounter
GlobalAlloc
GetFileAttributesA
CreateDirectoryA
GlobalFree
QueryPerformanceFrequency
GetCurrentProcessId
GlobalReAlloc
GetCurrentThread
GetTickCount
FillConsoleOutputCharacterA
GetNumberOfConsoleInputEvents
WriteConsoleOutputCharacterA
ReadConsoleInputA
SetConsoleCursorPosition
GetStdHandle
WriteConsoleA
GetConsoleScreenBufferInfo
SetConsoleCursorInfo
FillConsoleOutputAttribute
GetConsoleCursorInfo
GetTimeFormatA
GetDateFormatA
VirtualQuery
GetLocalTime
GetModuleFileNameA
FreeLibrary
FormatMessageA
GetProcAddress
LoadLibraryA
LocalFree
SetThreadLocale
GetThreadLocale
FindFirstFileA
CopyFileA
FindClose
FindNextFileA
DeleteFileA
GetDiskFreeSpaceExA
GetCurrentProcess
GlobalLock
GetACP
GlobalUnlock
LocalAlloc
GetCurrentDirectoryA
GetVersionExA
GetLastError
SetPriorityClass
GetPriorityClass
CreateProcessA
MultiByteToWideChar
GetModuleHandleA
GetCurrentThreadId
DuplicateHandle
RemoveDirectoryA
GetFileAttributesExA
SetFileAttributesA
WideCharToMultiByte
GetThreadPriority
LoadResource
FindResourceExA
LockResource
CreateFileW
SizeofResource
FindResourceA
FindResourceW
GetSystemInfo
IsProcessorFeaturePresent
lstrcmpiA
GetFullPathNameA
HeapAlloc
GetProcessHeap
HeapFree
CompareStringA
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
RaiseException
GetSystemTimeAsFileTime
TerminateProcess
GetStartupInfoA
GetCommandLineA
RtlUnwind
HeapReAlloc
FlushFileBuffers
SetHandleCount
GetFileType
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
LCMapStringA
LCMapStringW
HeapSize
GetTimeZoneInformation
GetOEMCP
GetCPInfo
UnhandledExceptionFilter
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
CreateEventA
WaitForSingleObjectEx
SleepEx
SetEvent
VirtualProtect
Sleep
CreateFileMappingA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
SetFilePointer
GetFileSize
CreateFileA
ExitThread
TerminateThread
CreateThread
ResumeThread
CloseHandle
ReleaseMutex
CreateMutexA
GetExitCodeThread
SetThreadPriority
WaitForSingleObject
CompareStringW
SetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetLocaleInfoW
GetTempPathA
SetEnvironmentVariableA
InitializeCriticalSection
vorbisfile
ov_clear
ov_crosslap
ov_open_callbacks
ov_read
user32
LoadStringA
GetParent
RemovePropA
SendMessageA
PtInRect
GetCapture
SetPropA
InvalidateRect
GetWindowLongA
GetDlgItem
EndDialog
IsDlgButtonChecked
ReleaseCapture
SetWindowTextA
EnableWindow
CallWindowProcA
DialogBoxIndirectParamA
DialogBoxParamA
SetDlgItemTextA
CreateDialogIndirectParamA
GetPropA
GetWindowPlacement
FindWindowA
CloseClipboard
PostQuitMessage
IsClipboardFormatAvailable
wsprintfA
GetClientRect
GetDoubleClickTime
GetForegroundWindow
GetClipboardData
DefWindowProcA
OpenClipboard
ValidateRect
DestroyWindow
SetActiveWindow
RegisterClassExA
SetForegroundWindow
LoadBitmapA
LoadIconA
SetFocus
GetDC
SetCapture
ClientToScreen
SetWindowPos
ShowCursor
SetWindowLongA
UnregisterClassA
CreateWindowExA
ReleaseDC
ShowWindow
AdjustWindowRect
MoveWindow
MsgWaitForMultipleObjects
GetCursorPos
GetWindowRect
GetDesktopWindow
GetKeyState
GetAsyncKeyState
GetActiveWindow
GetSystemMetrics
SetCursor
MessageBoxA
LoadCursorA
TranslateMessage
PeekMessageA
DispatchMessageA
gdi32
SetTextColor
CreateFontIndirectA
StretchBlt
GetObjectA
GetDeviceGammaRamp
SetDeviceGammaRamp
GetDeviceCaps
DeleteObject
CreateCompatibleDC
SelectObject
advapi32
OpenThreadToken
RegOpenKeyA
CryptHashData
CryptDestroyHash
CryptCreateHash
CryptAcquireContextA
CryptReleaseContext
CryptGetHashParam
GetLengthSid
IsValidSecurityDescriptor
RegQueryValueExA
FreeSid
AddAccessAllowedAce
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
OpenProcessToken
SetSecurityDescriptorGroup
AccessCheck
DuplicateToken
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
InitializeAcl
AllocateAndInitializeSid
SetSecurityDescriptorOwner
ole32
CoCreateInstance
StringFromGUID2
CoInitialize
CoUninitialize
CLSIDFromString
oleaut32
VariantInit
VariantClear
binkw32
_BinkSetSoundSystem@8
_BinkDoFrame@4
_BinkOpenDirectSound@4
_BinkCopyToBuffer@28
_BinkPause@8
_BinkNextFrame@4
_BinkOpen@8
_BinkWait@4
_BinkClose@4
wininet
InternetQueryOptionA
wsock32
__WSAFDIsSet
ntohl
htonl
ntohs
htons
getsockname
closesocket
bind
select
send
WSACleanup
inet_ntoa
shutdown
recv
connect
Sections
.text Size: 2.2MB - Virtual size: 2.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 236KB - Virtual size: 232KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 168KB - Virtual size: 2.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 4KB - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 60KB - Virtual size: 59KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
stxt774 Size: 12KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
stxt371 Size: 16KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
DirectX/BDA.cab.cab
Password: halo
-
MSDvbNP.ax.dll regsvr32 windows x86
Password: halo
bd61e5a03c0af93c60b30cf39184a4a7
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetEvent
CloseHandle
CreateThread
CreateEventA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleA
IsBadWritePtr
GetCurrentProcess
IsBadReadPtr
GetLastError
ResetEvent
WaitForSingleObject
SleepEx
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
TerminateProcess
InitializeCriticalSection
GetModuleFileNameA
MultiByteToWideChar
lstrlenA
InterlockedDecrement
FreeLibrary
InterlockedIncrement
GetVersionExA
msvcrt
wcscmp
??2@YAPAXI@Z
swscanf
memmove
??3@YAXPAX@Z
advapi32
RegSetValueA
RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegCreateKeyA
user32
wsprintfA
PeekMessageA
MsgWaitForMultipleObjectsEx
TranslateMessage
DispatchMessageA
ole32
CoFreeUnusedLibraries
StringFromCLSID
CoCreateInstance
CoGetMalloc
CoUninitialize
CoInitialize
StringFromGUID2
CoTaskMemAlloc
CoTaskMemFree
oleaut32
SysFreeString
SysAllocString
VariantClear
Exports
Exports
Sections
.text Size: 43KB - Virtual size: 43KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
MSVidCtl.dll.dll regsvr32 windows x86
Password: halo
4cab68af3a9d463423ff5188da351b39
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
WideCharToMultiByte
DisableThreadLibraryCalls
lstrcpyA
lstrcatA
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
InterlockedIncrement
InterlockedDecrement
IsDBCSLeadByte
lstrcmpiA
lstrcpynA
GetShortPathNameA
GetModuleHandleA
FormatMessageA
CreateEventA
WaitForSingleObject
ReleaseMutex
CloseHandle
GetLastError
LockResource
LoadResource
FindResourceA
CreateMutexA
SetEvent
ResetEvent
WaitForMultipleObjects
CreateThread
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
VirtualQuery
lstrlenA
VirtualProtect
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
HeapSize
IsBadWritePtr
VirtualAlloc
GetCPInfo
GetOEMCP
SetUnhandledExceptionFilter
WriteFile
VirtualFree
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsAlloc
TlsGetValue
SetLastError
TlsFree
ExitProcess
HeapReAlloc
HeapFree
MultiByteToWideChar
DeleteCriticalSection
HeapDestroy
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
lstrlenW
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetSystemInfo
InterlockedExchange
HeapAlloc
RaiseException
GetCommandLineA
TlsSetValue
Sleep
ntdll
RtlUnwind
ole32
StringFromCLSID
CoCreateFreeThreadedMarshaler
ProgIDFromCLSID
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CLSIDFromString
CoUninitialize
StringFromGUID2
oleaut32
LoadRegTypeLi
VARIANT_UserMarshal
VARIANT_UserSize
SysAllocString
LoadTypeLi
RegisterTypeLi
VariantClear
VariantCopy
SysAllocStringByteLen
VarUI4FromStr
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
VariantChangeType
SysStringByteLen
SysStringLen
SysAllocStringLen
SetErrorInfo
CreateErrorInfo
VariantInit
VARIANT_UserFree
BSTR_UserSize
SysFreeString
BSTR_UserFree
BSTR_UserUnmarshal
BSTR_UserMarshal
VARIANT_UserUnmarshal
user32
CharNextA
LoadStringA
TranslateMessage
PeekMessageA
MsgWaitForMultipleObjectsEx
DispatchMessageA
advapi32
RegQueryValueA
RegSetValueA
RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegQueryValueExA
rpcrt4
NdrOleAllocate
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_CountRefs
NdrDllUnregisterProxy
NdrDllRegisterProxy
CStdStubBuffer_IsIIDSupported
NdrCStdStubBuffer2_Release
NdrCStdStubBuffer_Release
NdrDllCanUnloadNow
NdrDllGetClassObject
IUnknown_QueryInterface_Proxy
IUnknown_AddRef_Proxy
IUnknown_Release_Proxy
NdrStubForwardingFunction
NdrStubCall2
CStdStubBuffer_QueryInterface
CStdStubBuffer_AddRef
CStdStubBuffer_Connect
CStdStubBuffer_Disconnect
CStdStubBuffer_Invoke
NdrOleFree
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo
Sections
.text Size: 241KB - Virtual size: 240KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.orpc Size: 512B - Virtual size: 297B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 18KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 183KB - Virtual size: 182KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 27KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Mpeg2Data.ax.dll regsvr32 windows x86
Password: halo
244f9b8f61fbb054334418ba678d871c
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ResetEvent
WaitForMultipleObjects
LocalAlloc
LocalFree
CreateThread
LocalReAlloc
Sleep
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleA
TerminateProcess
CreateEventA
GetThreadPriority
SetThreadPriority
GetModuleFileNameA
GetLastError
MultiByteToWideChar
SetEvent
CloseHandle
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WaitForSingleObject
DeleteCriticalSection
GetCurrentProcess
lstrlenA
LoadLibraryA
InterlockedDecrement
FreeLibrary
InterlockedIncrement
GetVersionExA
GetCurrentThread
msvcrt
_purecall
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
malloc
free
winmm
timeKillEvent
timeBeginPeriod
timeEndPeriod
timeSetEvent
advapi32
RegSetValueExA
RegCreateKeyA
RegSetValueA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegDeleteKeyA
user32
GetQueueStatus
wsprintfA
MsgWaitForMultipleObjects
DispatchMessageA
PeekMessageA
PostThreadMessageA
RegisterWindowMessageA
ole32
CoTaskMemAlloc
CoInitialize
CoFreeUnusedLibraries
CoUninitialize
StringFromGUID2
CoCreateInstance
CoTaskMemFree
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 49KB - Virtual size: 48KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 308B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
bda.inf
-
bdaplgin.ax.dll regsvr32 windows x86
Password: halo
1dbce2677ed0e9df3b7a82b88863a3d4
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameA
GetLastError
MultiByteToWideChar
lstrlenA
InterlockedDecrement
FreeLibrary
InterlockedIncrement
GetVersionExA
msvcrt
??3@YAXPAX@Z
_vsnwprintf
??2@YAPAXI@Z
advapi32
RegSetValueA
RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegDeleteKeyA
RegCreateKeyA
user32
wsprintfA
ole32
CoInitialize
CoCreateInstance
CoUninitialize
StringFromGUID2
CoFreeUnusedLibraries
ksproxy.ax
KsSynchronousDeviceControl
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 248B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
bdasetup.inf
-
bdasup.sys.dll windows x86
Password: halo
6b2b65bafa0dd0cf733b55e44cdea375
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
hal
KfReleaseSpinLock
KfAcquireSpinLock
ntoskrnl.exe
ExFreePool
KeInitializeSpinLock
KeTickCount
ExAllocatePoolWithTag
memmove
ks.sys
KsGetParent
KsAddItemToObjectBag
KsRemoveItemFromObjectBag
KsFreeObjectCreateItemsByContext
_KsEdit
KsCreateFilterFactory
KsMergeAutomationTables
KsFilterFactoryUpdateCacheData
KsGetFilterFromIrp
KsPinGetParentFilter
KsFilterAddTopologyConnections
KsGetPinFromIrp
KsFilterCreatePinFactory
Exports
Exports
BdaCheckChanges
BdaCommitChanges
BdaCreateFilterFactory
BdaCreateFilterFactoryEx
BdaCreatePin
BdaCreateTopology
BdaDeletePin
BdaFilterFactoryUpdateCacheData
BdaGetChangeState
BdaInitFilter
BdaMethodCreatePin
BdaMethodCreateTopology
BdaMethodDeletePin
BdaPropertyGetControllingPinId
BdaPropertyGetPinControl
BdaPropertyNodeDescriptors
BdaPropertyNodeEvents
BdaPropertyNodeMethods
BdaPropertyNodeProperties
BdaPropertyNodeTypes
BdaPropertyPinTypes
BdaPropertyTemplateConnections
BdaStartChanges
BdaUninitFilter
BdaValidateNodeProperty
Sections
.text Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 211B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128B - Virtual size: 52B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 896B - Virtual size: 834B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PAGECONS Size: 768B - Virtual size: 652B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 768B - Virtual size: 674B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 384B - Virtual size: 278B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
ccdecode.inf
-
ccdecode.sys.exe windows x86
Password: halo
d5977c633dbdac9c68f7e446e09a0a9d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
KefReleaseSpinLockFromDpcLevel
KeInitializeSpinLock
ExFreePool
KeInitializeEvent
ExAllocatePoolWithTag
KeTickCount
KefAcquireSpinLockAtDpcLevel
hal
ExAcquireFastMutex
KeQueryPerformanceCounter
ExReleaseFastMutex
KfReleaseSpinLock
KfAcquireSpinLock
stream.sys
StreamClassDeviceNotification
StreamClassRegisterAdapter
StreamClassStreamNotification
Sections
.text Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 768B - Virtual size: 761B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 980B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PAGECONS Size: 256B - Virtual size: 144B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 640B - Virtual size: 554B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 1024B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 436B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
dx9bda.cat
-
ipsink.ax.dll regsvr32 windows x86
9c828b85bafb7d0f5f2d6ab092d5473d
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CloseHandle
ReleaseMutex
WaitForSingleObject
GetVersionExA
ResetEvent
WaitForMultipleObjects
CreateThread
CreateMutexA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
SetEvent
GetModuleHandleA
TerminateProcess
GetCurrentProcess
WaitForSingleObjectEx
CreateEventA
GetLastError
Sleep
IsBadReadPtr
IsBadWritePtr
GetProcAddress
MultiByteToWideChar
GetModuleFileNameA
lstrlenA
InterlockedDecrement
FreeLibrary
InterlockedIncrement
msvcrt
rand
??3@YAXPAX@Z
??2@YAPAXI@Z
free
malloc
_snprintf
advapi32
RegSetValueA
RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegDeleteKeyA
RegCreateKeyA
user32
wsprintfA
ole32
CoCreateInstance
CoInitialize
StringFromGUID2
CoTaskMemAlloc
CoFreeUnusedLibraries
CoUninitialize
oleaut32
SysStringLen
SysFreeString
SysAllocStringLen
ksproxy.ax
KsSynchronousDeviceControl
iphlpapi
GetUniDirectionalAdapterInfo
GetIpAddrTable
wsock32
htons
WSAStartup
ioctlsocket
setsockopt
bind
closesocket
ws2_32
WSASocketA
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 10KB - Virtual size: 9KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 232B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
kstvtune.ax.dll windows x86
373218214f1164b605815211c9b37c65
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadResource
FindResourceA
GetLastError
SizeofResource
InterlockedCompareExchange
Sleep
CreateFileA
InterlockedExchange
GetProfileIntA
WideCharToMultiByte
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LockResource
GetACP
MultiByteToWideChar
CreateMutexA
WaitForSingleObject
ReleaseMutex
CloseHandle
IsBadWritePtr
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InterlockedDecrement
FreeLibrary
InterlockedIncrement
GetVersionExA
InitializeCriticalSection
msvcrt
_purecall
??2@YAPAXI@Z
strtol
??3@YAXPAX@Z
advapi32
RegCreateKeyExA
RegOpenKeyExA
RegEnumValueA
RegCloseKey
RegQueryValueExA
RegDeleteValueA
RegSetValueExA
user32
DestroyWindow
DefWindowProcA
wvsprintfA
LoadStringW
GetWindowRect
ShowWindow
GetWindowLongA
GetDlgItemInt
wsprintfA
KillTimer
MessageBoxA
LoadStringA
CheckRadioButton
SetDlgItemTextA
SetDlgItemInt
InvalidateRect
SetWindowLongA
MoveWindow
CreateDialogParamA
GetDesktopWindow
SendMessageA
GetDlgItem
GetAsyncKeyState
PostMessageA
SetTimer
EnableWindow
SetWindowTextA
UpdateWindow
comctl32
ord17
ole32
CoTaskMemAlloc
CoInitialize
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoFreeUnusedLibraries
oleaut32
VariantInit
VariantClear
ksproxy.ax
KsSynchronousDeviceControl
Exports
Exports
DllCanUnloadNow
DllGetClassObject
Sections
.text Size: 36KB - Virtual size: 35KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 256B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 227KB - Virtual size: 226KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
kswdmcap.ax.dll regsvr32 windows x86
95d6690a876714b701968430fd31ed5a
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetEvent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ResetEvent
WaitForMultipleObjects
VirtualFree
VirtualAlloc
SetLastError
CreateThread
InitializeCriticalSection
ExitThread
WideCharToMultiByte
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleA
WaitForSingleObjectEx
GetCurrentProcess
InterlockedDecrement
FreeLibrary
InterlockedIncrement
GetModuleFileNameA
Sleep
lstrcmpA
lstrcpyA
lstrcpynA
CreateEventA
GetLastError
DeviceIoControl
GetOverlappedResult
MultiByteToWideChar
lstrlenA
GetVersionExA
TerminateProcess
CloseHandle
mfc42
ord823
ord825
msvcrt
sprintf
_purecall
_ftol
__CxxFrameHandler
_except_handler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ
atoi
strtod
advapi32
RegSetValueExA
RegCreateKeyA
RegSetValueA
RegDeleteKeyA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
user32
SetTimer
KillTimer
wsprintfA
LoadImageA
ShowWindow
SetDlgItemTextA
GetWindowLongA
SetWindowLongA
CreateDialogParamA
MoveWindow
InvalidateRect
DestroyWindow
LoadStringA
LoadStringW
GetWindowRect
GetDesktopWindow
EnableWindow
SetDlgItemInt
MessageBoxA
IsWindowEnabled
GetDlgItemInt
SetRect
IsRectEmpty
SendMessageA
GetWindowTextA
SetWindowTextA
GetDlgItem
comctl32
InitCommonControlsEx
ole32
CoUninitialize
CoFreeUnusedLibraries
CoInitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
FilterHandleFromPin
PerformDataIntersection
PinFactoryIDFromPin
RedundantKsGetMultiplePinFactoryItems
Sections
.text Size: 57KB - Virtual size: 56KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 156KB - Virtual size: 155KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
ksxbar.ax.dll windows x86
5116cc2556341d796c2a80b165186825
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CloseHandle
WaitForSingleObject
GetLastError
DeviceIoControl
CreateEventA
IsBadWritePtr
CreateFileA
WideCharToMultiByte
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetACP
MultiByteToWideChar
InterlockedDecrement
FreeLibrary
InterlockedIncrement
GetVersionExA
msvcrt
_purecall
swprintf
wcstombs
??2@YAPAXI@Z
wcslen
??3@YAXPAX@Z
user32
LoadStringA
LoadStringW
GetWindowRect
wvsprintfA
MessageBoxA
SetRect
SetDlgItemTextA
SendMessageA
GetDlgItem
CheckRadioButton
EnableWindow
ShowWindow
DestroyWindow
GetDesktopWindow
InvalidateRect
MoveWindow
CreateDialogParamA
SetWindowLongA
GetWindowLongA
ole32
CoFreeUnusedLibraries
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoInitialize
oleaut32
VariantInit
VariantClear
Exports
Exports
DllCanUnloadNow
DllGetClassObject
Sections
.text Size: 32KB - Virtual size: 31KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 296B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
mpe.inf
-
mpe.sys.exe windows x86
b709125e5196d69f577afdd8423729ff
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
KeTickCount
KeQuerySystemTime
KeInitializeSpinLock
ExAllocatePoolWithTag
ExFreePool
KeBugCheckEx
DbgPrint
hal
KfAcquireSpinLock
KfReleaseSpinLock
stream.sys
StreamClassStreamNotification
StreamClassDeviceNotification
StreamClassRegisterAdapter
Sections
.text Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 384B - Virtual size: 276B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 640B - Virtual size: 544B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PAGECONS Size: 128B - Virtual size: 32B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 512B - Virtual size: 456B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 1000B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 640B - Virtual size: 630B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
msdv.sys.exe windows x86
86f2d51aaa296b59194197c28572822e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
IofCallDriver
ExAllocatePoolWithTag
IoFreeIrp
IoAllocateIrp
KeWaitForSingleObject
KeSetEvent
ExFreePool
KeInitializeEvent
KeReleaseMutex
KeInitializeSpinLock
KeInitializeMutex
ZwClose
ObReferenceObjectByHandle
PsCreateSystemThread
KeResetEvent
InterlockedExchange
ExQueueWorkItem
KeClearEvent
ObfDereferenceObject
MmMapLockedPages
PsTerminateSystemThread
KeSetPriorityThread
KeGetCurrentThread
IoCancelIrp
wcscpy
KeTickCount
KeBugCheckEx
KeDelayExecutionThread
hal
KfReleaseSpinLock
KeQueryPerformanceCounter
KeGetCurrentIrql
KfAcquireSpinLock
stream.sys
StreamClassStreamNotification
StreamClassRegisterAdapter
StreamClassGetNextEvent
StreamClassQueryMasterClockSync
StreamClassDeviceNotification
Sections
.text Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 23KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PAGECONS Size: 256B - Virtual size: 144B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 902B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
msdv98se.sys.exe windows x86
c44f46939591a6629aae6b9d01b9dae7
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
IoFreeIrp
KeWaitForSingleObject
IofCallDriver
KeInitializeEvent
ExAllocatePoolWithTag
IoAllocateIrp
KeInitializeMutex
IoAllocateMdl
MmBuildMdlForNonPagedPool
IoFreeMdl
KeReleaseMutex
ExFreePool
KeSetEvent
KeClearEvent
KeInitializeSpinLock
ExfInterlockedInsertTailList
ExfInterlockedRemoveHeadList
MmMapLockedPages
InterlockedDecrement
InterlockedIncrement
KeResetEvent
wcscpy
KeTickCount
KeBugCheckEx
KeDelayExecutionThread
hal
KfAcquireSpinLock
KfReleaseSpinLock
KeQueryPerformanceCounter
KeGetCurrentIrql
stream.sys
StreamClassStreamNotification
StreamClassDeviceNotification
StreamClassGetNextEvent
StreamClassQueryMasterClockSync
StreamClassRegisterAdapter
Sections
.text Size: 27KB - Virtual size: 27KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 22KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PAGECONS Size: 256B - Virtual size: 144B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 1024B - Virtual size: 1016B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
msyuv.dll.dll windows x86
317bb2a83416a509406d650a33ce001a
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
VirtualAlloc
VirtualFree
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleA
LocalFree
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
LocalAlloc
msvcrt
_ftol
wcscpy
gdi32
GetSystemPaletteEntries
user32
GetDesktopWindow
MessageBoxW
ReleaseDC
GetDC
winmm
DefDriverProc
GetDriverModuleHandle
Exports
Exports
DriverProc
Sections
.text Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 1016B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 328B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
nabtsfec.inf
-
nabtsfec.sys.exe windows x86
49970d1ef884a17567a446f9fea4d52c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
KefReleaseSpinLockFromDpcLevel
KeInitializeSpinLock
KefAcquireSpinLockAtDpcLevel
ExFreePool
ObfDereferenceObject
IofCallDriver
IoBuildDeviceIoControlRequest
IoGetDeviceObjectPointer
RtlInitUnicodeString
ExAllocatePoolWithTag
KeRestoreFloatingPointState
KeSaveFloatingPointState
KeTickCount
KeBugCheckEx
KeInitializeEvent
hal
KfReleaseSpinLock
KfAcquireSpinLock
ExReleaseFastMutex
KeQueryPerformanceCounter
ExAcquireFastMutex
stream.sys
StreamClassDeviceNotification
StreamClassRegisterAdapter
StreamClassStreamNotification
Sections
.text Size: 35KB - Virtual size: 35KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 1007B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 41KB - Virtual size: 41KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PAGECONS Size: 256B - Virtual size: 160B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 896B - Virtual size: 784B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 1016B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
ndisip.inf
-
ndisip.sys.exe windows x86
0a8485ddb79fcd7268b3706841e511d5
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
KeBugCheckEx
KeTickCount
IoCreateDevice
IoCreateSymbolicLink
RtlInitUnicodeString
IofCompleteRequest
ndis.sys
NdisFreePacketPool
NdisMSetAttributesEx
NdisAllocateMemory
NdisFreeMemory
NdisAllocatePacket
NdisAdjustBufferLength
NdisAllocateSpinLock
NdisReleaseSpinLock
NdisAcquireSpinLock
NdisFreePacket
NdisMRegisterMiniport
NdisInitializeWrapper
NdisFreeBufferPool
NdisAllocateBuffer
NdisFreeBuffer
NdisAllocatePacketPool
NdisAllocateBufferPool
Sections
.text Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 384B - Virtual size: 300B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 384B - Virtual size: 280B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 768B - Virtual size: 708B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 1000B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 384B - Virtual size: 300B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
psisdecd.dll.dll regsvr32 windows x86
a63eb4bfb67dc3602cfc27e862114741
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrlenA
lstrcmpiA
IsDBCSLeadByte
lstrcpynA
HeapDestroy
lstrcpyA
lstrcatA
GetModuleFileNameA
DisableThreadLibraryCalls
FreeLibrary
GetProcAddress
LoadLibraryA
SizeofResource
LoadResource
FindResourceA
GetLastError
LoadLibraryExA
lstrlenW
LockResource
GetModuleHandleA
CloseHandle
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
FlushFileBuffers
WideCharToMultiByte
MultiByteToWideChar
Sleep
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
LeaveCriticalSection
GetShortPathNameA
EnterCriticalSection
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualProtect
LCMapStringW
LCMapStringA
SetFilePointer
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
GetCPInfo
GetOEMCP
GetACP
LocalFree
InterlockedExchange
TlsSetValue
GetCommandLineA
GetVersionExA
HeapFree
HeapReAlloc
HeapAlloc
RaiseException
ExitProcess
TlsFree
SetLastError
TlsGetValue
TlsAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
IsBadWritePtr
HeapSize
SetUnhandledExceptionFilter
ntdll
RtlUnwind
winmm
timeGetTime
advapi32
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegEnumKeyExA
user32
CharNextA
ole32
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoCreateFreeThreadedMarshaler
oleaut32
SysStringByteLen
SysAllocStringByteLen
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
VariantClear
VariantCopy
VariantInit
SysAllocString
SysFreeString
VariantChangeType
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 300KB - Virtual size: 299KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 25KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 15KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
psisrndr.ax.dll regsvr32 windows x86
89452c43805800f5fc649a24f8bcf44d
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetCurrentProcessId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
GetACP
WideCharToMultiByte
GetModuleFileNameA
GetLastError
GetTickCount
QueryPerformanceCounter
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
lstrlenA
LoadLibraryA
FreeLibrary
GetVersionExA
msvcrt
??3@YAXPAX@Z
_purecall
??2@YAPAXI@Z
advapi32
RegSetValueA
RegSetValueExA
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyA
user32
wsprintfA
wvsprintfA
ole32
CoUninitialize
StringFromGUID2
CoTaskMemFree
CoFreeUnusedLibraries
CoInitialize
CoTaskMemAlloc
CoCreateInstance
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 248B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
slip.inf
-
slip.sys.exe windows x86
3f9db7809b38aa51c5daad51c58fe7a9
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
KeTickCount
ExFreePool
ExAllocatePoolWithTag
DbgBreakPoint
KeQuerySystemTime
KeInitializeSpinLock
hal
KfAcquireSpinLock
KfReleaseSpinLock
stream.sys
StreamClassStreamNotification
StreamClassDeviceNotification
StreamClassRegisterAdapter
Sections
.text Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 384B - Virtual size: 263B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PAGECONS Size: 128B - Virtual size: 48B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 512B - Virtual size: 440B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 256B - Virtual size: 206B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
streamip.inf
-
streamip.sys.exe windows x86
024e69c1aa1ed511e6751546ba958390
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
IofCallDriver
IoBuildDeviceIoControlRequest
IoGetDeviceObjectPointer
ObfReferenceObject
ObfDereferenceObject
KeInitializeSpinLock
RtlInitUnicodeString
DbgPrint
ExFreePool
KeTickCount
ExAllocatePoolWithTag
hal
KfAcquireSpinLock
KfReleaseSpinLock
stream.sys
StreamClassDeviceNotification
StreamClassGetNextEvent
StreamClassStreamNotification
StreamClassRegisterAdapter
Sections
.text Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 640B - Virtual size: 616B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 640B - Virtual size: 540B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PAGECONS Size: 128B - Virtual size: 48B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 640B - Virtual size: 612B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 1008B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 640B - Virtual size: 594B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
vbisurf.ax.dll regsvr32 windows x86
ae48a05a15c768aaec63afcf3810c760
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetCurrentProcessId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
FreeLibrary
GetTickCount
InterlockedExchange
QueryPerformanceCounter
WaitForSingleObject
CloseHandle
SetErrorMode
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateThread
ResetEvent
SetEvent
CreateEventA
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameA
GetLastError
MultiByteToWideChar
lstrlenA
GetVersionExA
msvcrt
??2@YAPAXI@Z
??3@YAXPAX@Z
ddraw
DirectDrawCreateEx
DirectDrawEnumerateExA
advapi32
RegSetValueA
RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegDeleteKeyA
RegCreateKeyA
user32
wsprintfA
ole32
CoTaskMemAlloc
CoInitialize
CoFreeUnusedLibraries
CoTaskMemFree
StringFromGUID2
CoUninitialize
CoCreateInstance
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 22KB - Virtual size: 22KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 344B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 1016B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
wst_czec.fon
-
wst_engl.fon
-
wst_fren.fon
-
wst_germ.fon
-
wst_ital.fon
-
wst_span.fon
-
wst_swed.fon
-
wstcodec.inf
-
wstcodec.sys.exe windows x86
5e94d6115bae4fe6e2b87706af1a8293
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
hal
KfReleaseSpinLock
KfAcquireSpinLock
KeQueryPerformanceCounter
ntoskrnl.exe
IoCreateSymbolicLink
ExFreePool
KeInitializeSpinLock
KeTickCount
ExAllocatePoolWithTag
RtlInitUnicodeString
stream.sys
StreamClassDeviceNotification
StreamClassRegisterAdapter
StreamClassStreamNotification
Sections
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 512B - Virtual size: 484B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 1016B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 384B - Virtual size: 284B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
wstdecod.dll.dll regsvr32 windows x86
af4f8f6981ea7fd495566925fe5b0cf2
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetCurrentProcess
TerminateProcess
GetProcAddress
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetLastError
FreeLibrary
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameA
MultiByteToWideChar
lstrlenA
GetVersionExA
GetModuleHandleA
MulDiv
IsBadReadPtr
IsBadWritePtr
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
msvcrt
free
malloc
??2@YAPAXI@Z
sprintf
sscanf
??3@YAXPAX@Z
gdi32
CreateCompatibleDC
DeleteDC
CreateFontIndirectA
SetBkMode
DeleteObject
CreateDIBSection
SelectObject
SetTextColor
ExtTextOutA
SetBkColor
GetTextMetricsA
GetSystemPaletteEntries
GetDeviceCaps
GetTextColor
user32
LoadStringA
LoadStringW
GetWindowRect
GetDesktopWindow
DestroyWindow
InvalidateRect
CreateDialogParamA
SetWindowLongA
wsprintfA
SetRect
SetTimer
KillTimer
IsRectEmpty
ReleaseDC
GetDC
UnregisterClassA
SendMessageTimeoutA
DefWindowProcA
ShowWindow
CreateWindowExA
GetWindowLongA
GetWindowTextA
MessageBeep
IsDlgButtonChecked
GetDlgItem
SendMessageA
SetWindowTextA
CheckDlgButton
RegisterClassA
MoveWindow
advapi32
RegCloseKey
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExA
RegSetValueA
RegCreateKeyA
RegDeleteKeyA
ole32
CoTaskMemFree
StringFromGUID2
CoUninitialize
CoFreeUnusedLibraries
CoCreateInstance
CoInitialize
CoTaskMemAlloc
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 39KB - Virtual size: 39KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 384B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
DirectX/BDANT.cab.cab
-
DirectX/BDAXP.cab.cab
-
DirectX/DSETUP.dll.dll windows x86
f57b219515a7304b7cca4eea391181e3
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcatA
lstrcpyA
IsBadWritePtr
lstrlenA
GetModuleFileNameA
SetLastError
MultiByteToWideChar
LocalFree
LocalAlloc
lstrcmpiA
WideCharToMultiByte
lstrcmpA
GetSystemDefaultLCID
IsBadStringPtrA
IsBadReadPtr
IsBadStringPtrW
lstrlenW
lstrcpynA
GetWindowsDirectoryA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleA
TerminateProcess
GetCurrentProcess
TlsSetValue
GetCommandLineA
HeapFree
HeapAlloc
HeapReAlloc
GetLocalTime
ExitProcess
TlsFree
TlsGetValue
TlsAlloc
Sleep
SetHandleCount
GetStdHandle
GetCurrentDirectoryA
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
SetFilePointer
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
RtlUnwind
SetStdHandle
FlushFileBuffers
CreateFileA
LCMapStringA
LCMapStringW
VirtualProtect
GetSystemInfo
VirtualQuery
SetEndOfFile
GetProcessHeap
ReadFile
GetSystemDirectoryA
SetCurrentDirectoryA
GetVersionExA
LoadLibraryA
GetProcAddress
OutputDebugStringA
CreateMutexA
GetLastError
CloseHandle
GetFileType
FreeLibrary
user32
wsprintfW
CharNextA
wsprintfA
GetKeyboardType
DestroyWindow
SetFocus
CreateDialogParamA
SetDlgItemTextA
MessageBoxA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
advapi32
RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegCreateKeyExA
RegSetValueExW
RegCreateKeyExW
RegQueryValueExA
winmm
mmioRead
mmioDescend
mmioOpenA
mmioClose
version
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
ole32
StringFromGUID2
Exports
Exports
DirectXDeviceDriverSetupA
DirectXDeviceDriverSetupW
DirectXLoadString
DirectXRegisterApplicationA
DirectXRegisterApplicationW
DirectXSetupA
DirectXSetupCallback
DirectXSetupGetEULAA
DirectXSetupGetEULAW
DirectXSetupGetFileVersion
DirectXSetupGetVersion
DirectXSetupIsEng
DirectXSetupIsJapan
DirectXSetupIsJapanNec
DirectXSetupSetCallback
DirectXSetupShowEULA
DirectXSetupW
DirectXUnRegisterApplication
Sections
.text Size: 49KB - Virtual size: 49KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 936B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
DirectX/DirectX.cab.cab
-
DirectX/dsetup32.dll.dll windows x86
826e66365e06d75f7914f0ec89b4d2f9
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
DeleteFileA
lstrlenA
GetLastError
GetFileAttributesA
FindClose
FindFirstFileA
lstrcpyA
GetPrivateProfileSectionA
CloseHandle
CreateFileA
SetFileAttributesA
CreateDirectoryA
lstrcatA
GetSystemDefaultLCID
GetCurrentProcess
GetSystemDirectoryA
GetShortPathNameA
GetModuleFileNameA
GetPrivateProfileSectionNamesA
GetSystemInfo
GetPrivateProfileStringA
WideCharToMultiByte
GetDiskFreeSpaceA
GetModuleHandleA
CopyFileA
ReadFile
GetFileSize
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
LocalFileTimeToFileTime
SystemTimeToFileTime
FindNextFileA
WaitForSingleObject
CreateProcessA
LoadLibraryExA
lstrcmpA
GetTempFileNameA
GetDriveTypeA
GetCurrentDirectoryA
ExpandEnvironmentStringsA
GetTempPathA
MultiByteToWideChar
MoveFileExA
CompareStringA
SetFileTime
GetFileTime
Sleep
CreateMutexA
LoadResource
FindResourceA
IsBadWritePtr
LockResource
SizeofResource
SetLastError
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
lstrcmpiA
TerminateProcess
TlsSetValue
GetCommandLineA
GetLocalTime
HeapFree
HeapReAlloc
HeapAlloc
ExitProcess
TlsFree
TlsGetValue
TlsAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
VirtualProtect
VirtualQuery
LCMapStringA
LCMapStringW
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
SetStdHandle
FlushFileBuffers
SetFilePointer
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
RtlUnwind
SetEndOfFile
GetProcessHeap
LoadLibraryA
GetVersionExA
GetProcAddress
FreeLibrary
GetWindowsDirectoryA
OutputDebugStringA
GetSystemTimeAsFileTime
lstrcpynA
gdi32
GetDeviceCaps
user32
SetDlgItemTextA
ShowWindow
GetDlgItem
SendMessageA
wsprintfA
MessageBoxA
CreateDialogParamA
SetFocus
DestroyWindow
DialogBoxParamA
SetWindowPos
PeekMessageA
GetDC
GetWindowRect
GetDesktopWindow
SendDlgItemMessageA
EndDialog
TranslateMessage
DispatchMessageA
LoadStringA
GetKeyboardType
CharLowerA
CharNextA
ReleaseDC
GetMessageA
advapi32
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
winmm
mmioOpenA
mmioRead
mmioClose
mmioDescend
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
shell32
SHFileOperationA
ole32
StringFromGUID2
Exports
Exports
DirectXLoadString
DirectXSetupCallback
DirectXSetupSetCallback
DirectXSetupShowEULA
iDirectXSetup
iDirectXSetupGetEULA
Sections
.text Size: 113KB - Virtual size: 113KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1.8MB - Virtual size: 1.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
DirectX/dxnt.cab.cab
-
DirectX/dxsetup.exe.exe windows x86
771d815b9638cdc29fedafed6d81c3a6
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetSystemDirectoryA
GetModuleHandleA
CreateThread
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
lstrcatA
CreateMutexA
SetErrorMode
GetModuleFileNameA
GetCurrentDirectoryA
GetCurrentProcess
CreateFileA
GetFileSize
ReadFile
CloseHandle
lstrlenA
lstrcpyA
FindFirstFileA
FindClose
GetLastError
lstrcmpiA
GetVersionExA
LoadLibraryA
GetProcAddress
GetProcessHeap
SetEndOfFile
RtlUnwind
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
SetFilePointer
FlushFileBuffers
SetStdHandle
HeapReAlloc
InitializeCriticalSection
GetCPInfo
GetOEMCP
GetACP
LCMapStringW
MultiByteToWideChar
LCMapStringA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
Sleep
HeapAlloc
LeaveCriticalSection
FreeLibrary
GetWindowsDirectoryA
OutputDebugStringA
lstrcpynA
GetCommandLineA
GetStartupInfoA
GetLocalTime
ExitProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsFree
SetLastError
TlsSetValue
TlsGetValue
TlsAlloc
HeapDestroy
HeapCreate
VirtualFree
HeapFree
EnterCriticalSection
advapi32
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
AdjustTokenPrivileges
gdi32
GetDeviceCaps
CreateFontIndirectA
SelectObject
CreateCompatibleDC
DeleteDC
StretchBlt
GetObjectA
DeleteObject
user32
MessageBoxA
LoadStringA
LoadImageA
wsprintfA
SystemParametersInfoA
SetWindowTextA
SendDlgItemMessageA
GetWindowLongA
PostMessageA
GetParent
SetDlgItemTextA
SendMessageA
ShowWindow
GetDlgItem
SetWindowLongA
GetAsyncKeyState
ExitWindowsEx
EnumWindows
GetWindowTextA
GetClassNameA
SetForegroundWindow
SetFocus
GetDC
ReleaseDC
version
GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA
comctl32
CreatePropertySheetPageA
PropertySheetA
ord17
Sections
.text Size: 46KB - Virtual size: 46KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 406KB - Virtual size: 405KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
DrvMgt.dll.dll windows x86
3b69ed610e7a0314db7151203ffbc4de
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
DeleteFileA
Sleep
CopyFileA
GetSystemDirectoryA
lstrlenA
CreateFileA
GetLastError
DeviceIoControl
HeapReAlloc
TlsFree
SetLastError
HeapAlloc
SetFileAttributesA
GetFileAttributesA
HeapFree
GetCommandLineA
GetVersion
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
CloseHandle
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
GetStringTypeA
LCMapStringW
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
MultiByteToWideChar
LCMapStringA
GetStringTypeW
GetProcAddress
LoadLibraryA
InterlockedDecrement
InterlockedIncrement
user32
wsprintfA
advapi32
SetServiceObjectSecurity
LockServiceDatabase
SetSecurityDescriptorDacl
ChangeServiceConfigA
ControlService
UnlockServiceDatabase
QueryServiceStatus
StartServiceA
OpenServiceA
CreateServiceA
QueryServiceConfigA
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegEnumKeyExA
DeleteService
OpenSCManagerA
InitializeSecurityDescriptor
GetAce
GetAclInformation
GetSecurityDescriptorDacl
QueryServiceObjectSecurity
CloseServiceHandle
Exports
Exports
Remove
Setup
_DllMain@12
Sections
.text Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 11KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Eula.rtf.rtf
-
Files/HALO.EXE.exe windows x86
0c9fb1d5c0fefbe8aed416df06e770cd
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree
ExitProcess
user32
MessageBoxA
ws2_32
inet_ntoa
dsound
ord9
winmm
timeEndPeriod
vorbisfile
ov_clear
gdi32
SetTextColor
advapi32
OpenThreadToken
ole32
CoCreateInstance
oleaut32
VariantInit
binkw32
_BinkSetSoundSystem@8
wininet
InternetQueryOptionA
wsock32
__WSAFDIsSet
Sections
.text Size: 2.2MB - Virtual size: 2.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 236KB - Virtual size: 232KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 168KB - Virtual size: 2.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 4KB - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 60KB - Virtual size: 59KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
stxt774 Size: 12KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
stxt371 Size: 16KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
FilesCab/Cab1.CAB.cab
-
FilesCab/Cab2.CAB.cab
-
FilesCab/Cab3.CAB.cab
-
FilesCab/Cab4.CAB.cab
-
FilesCab/Cab5.CAB.cab
-
FilesCab/Cab6.CAB.cab
-
Goodies/Preview.PDF.pdf
-
Keygen.exe.exe windows x86
cda8fbfded775f5dbf4ed3469fc6f527
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
_CIcos
_adj_fptan
__vbaEnd
_adj_fdiv_m64
_adj_fprem1
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
_adj_fdiv_m32i
_adj_fdivr_m32i
_adj_fdivr_m32
_adj_fdiv_r
ord100
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr
Sections
.text Size: 220KB - Virtual size: 219KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
Manuals/HaloPC_Manual_Espanol.pdf.pdf
-
PidGen.dll.dll windows x86
5d096793814234c07f810d5f661fc1e1
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrlenA
FreeResource
LockResource
LoadResource
FindResourceW
SizeofResource
lstrcpyA
QueryDosDeviceW
GetLocalTime
GetTickCount
MultiByteToWideChar
WideCharToMultiByte
QueryPerformanceCounter
lstrcmpW
CreateFileW
GetVolumeInformationA
SetLastError
DeviceIoControl
CloseHandle
GlobalMemoryStatus
SystemTimeToFileTime
GetLastError
GetProcessHeap
HeapAlloc
HeapFree
user32
CharNextW
wsprintfA
wsprintfW
advapi32
RegOpenKeyExW
RegQueryValueExA
RegCloseKey
CryptGenRandom
CryptAcquireContextA
mfc42
ord825
msvcrt
?terminate@@YAXXZ
_except_handler3
??1type_info@@UAE@XZ
Exports
Exports
PIDGenA
PIDGenSimpA
PIDGenSimpW
PIDGenW
Sections
.text Size: 34KB - Virtual size: 33KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 558B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Redist/InstMsiA.exe.exe windows x86
1494de9b53e05fc1f40cb92afbdd6ce4
Code Sign
4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3Certificate
IssuerOU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust NetworkNot Before12/05/1997, 00:00Not After07/01/2004, 23:59SubjectOU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9dCertificate
IssuerOU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust NetworkNot Before28/02/2001, 00:00Not After06/01/2004, 23:59SubjectCN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.Extended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate
IssuerCN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft CorporationNot Before10/01/1997, 07:00Not After31/12/2020, 07:00SubjectCN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6Certificate
IssuerCN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft CorporationNot Before10/12/2000, 08:00Not After12/11/2005, 08:00SubjectCN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign
61:07:11:43:00:00:00:00:00:34Certificate
IssuerCN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before25/05/2002, 00:55Not After25/11/2003, 01:05SubjectCN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA
kernel32
LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
GetModuleFileNameA
lstrlenA
GetSystemDirectoryA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
lstrcatA
lstrcpyA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
IsDBCSLeadByte
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
GetProcAddress
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
CloseHandle
LoadResource
SizeofResource
FindResourceA
ReadFile
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetCurrentDirectoryA
GetTempFileNameA
ExitProcess
CreateFileA
LoadLibraryExA
lstrcpynA
GetVolumeInformationA
FormatMessageA
GetCurrentDirectoryA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
GetSystemInfo
CreateMutexA
SetEvent
CreateEventA
CreateThread
ResetEvent
TerminateThread
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
LockResource
LoadLibraryA
GetDiskFreeSpaceA
MulDiv
EnumResourceLanguagesA
FreeLibrary
GlobalFree
gdi32
GetDeviceCaps
user32
ExitWindowsEx
wsprintfA
CharNextA
CharUpperA
CharPrevA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
SendDlgItemMessageA
GetDlgItem
SetForegroundWindow
SetWindowTextA
MessageBoxA
DialogBoxIndirectParamA
ShowWindow
EnableWindow
GetDlgItemTextA
EndDialog
GetDesktopWindow
MessageBeep
SetDlgItemTextA
LoadStringA
GetSystemMetrics
comctl32
ord17
version
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
Sections
.text Size: 33KB - Virtual size: 33KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
Redist/InstMsiW.exe.exe windows x86
1494de9b53e05fc1f40cb92afbdd6ce4
Code Sign
4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3Certificate
IssuerOU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust NetworkNot Before12/05/1997, 00:00Not After07/01/2004, 23:59SubjectOU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9dCertificate
IssuerOU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust NetworkNot Before28/02/2001, 00:00Not After06/01/2004, 23:59SubjectCN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.Extended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate
IssuerCN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft CorporationNot Before10/01/1997, 07:00Not After31/12/2020, 07:00SubjectCN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6Certificate
IssuerCN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft CorporationNot Before10/12/2000, 08:00Not After12/11/2005, 08:00SubjectCN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign
61:07:11:43:00:00:00:00:00:34Certificate
IssuerCN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before25/05/2002, 00:55Not After25/11/2003, 01:05SubjectCN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA
kernel32
LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
GetModuleFileNameA
lstrlenA
GetSystemDirectoryA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
lstrcatA
lstrcpyA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
IsDBCSLeadByte
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
GetProcAddress
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
CloseHandle
LoadResource
SizeofResource
FindResourceA
ReadFile
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetCurrentDirectoryA
GetTempFileNameA
ExitProcess
CreateFileA
LoadLibraryExA
lstrcpynA
GetVolumeInformationA
FormatMessageA
GetCurrentDirectoryA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
GetSystemInfo
CreateMutexA
SetEvent
CreateEventA
CreateThread
ResetEvent
TerminateThread
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
LockResource
LoadLibraryA
GetDiskFreeSpaceA
MulDiv
EnumResourceLanguagesA
FreeLibrary
GlobalFree
gdi32
GetDeviceCaps
user32
ExitWindowsEx
wsprintfA
CharNextA
CharUpperA
CharPrevA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
SendDlgItemMessageA
GetDlgItem
SetForegroundWindow
SetWindowTextA
MessageBoxA
DialogBoxIndirectParamA
ShowWindow
EnableWindow
GetDlgItemTextA
EndDialog
GetDesktopWindow
MessageBeep
SetDlgItemTextA
LoadStringA
GetSystemMetrics
comctl32
ord17
version
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
Sections
.text Size: 33KB - Virtual size: 33KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1.7MB - Virtual size: 1.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
Redist/ShFolder.Exe.exe windows x86
c56a25fa4336eeb10723b3537ba4876d
Code Sign
03:c7:8f:37:db:92:28:df:3c:bb:1a:ad:82:fa:67:10Certificate
IssuerOU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=InternetNot Before09/04/1996, 00:00Not After07/01/2004, 23:59SubjectOU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet13:89:b4:d1:8a:e8:a7:c4:bd:35:c7:9b:8d:88:ca:1f:ca:53:56:91Certificate
IssuerOU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust NetworkNot Before12/05/1997, 07:00Not After31/12/1999, 07:00SubjectOU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Networkbd:11:9a:da:43:ed:21:fb:46:58:84:89:ca:46:88:90:25:ee:14:60Certificate
IssuerOU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust NetworkNot Before12/05/1997, 07:00Not After31/12/1999, 07:00SubjectOU=VeriSign Time Stamping Service+OU=VeriSign Trust Network+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign\, Inc.,L=Internet55:0d:88:f5:3f:64:16:d7:0c:73:00:d8:45:92:16:34Certificate
IssuerOU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=InternetNot Before19/03/1999, 00:00Not After16/04/2000, 23:59SubjectCN=Microsoft Corporation,OU=VeriSign Commercial Software Publishers CA+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98+OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Microsoft Corporation,O=VeriSign\, Inc.,L=Internet+L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageKeyEncipherment
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
advapi32
RegCloseKey
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
FreeSid
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA
kernel32
lstrcatA
GetFileAttributesA
GetShortPathNameA
LocalAlloc
GetLastError
GetCurrentProcess
GetPrivateProfileIntA
lstrcmpiA
lstrcpyA
GetModuleFileNameA
FreeLibrary
GetPrivateProfileStringA
lstrlenA
GetSystemDirectoryA
RemoveDirectoryA
GetProcAddress
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
LoadLibraryA
FindClose
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
IsDBCSLeadByte
ExitProcess
CloseHandle
GetStartupInfoA
GetCommandLineA
LoadResource
FindResourceA
CreateMutexA
SetEvent
CreateEventA
SetCurrentDirectoryA
CreateThread
ResetEvent
TerminateThread
LocalFree
FormatMessageA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
FreeResource
LockResource
SizeofResource
CreateFileA
ReadFile
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetTempFileNameA
GetSystemInfo
GetDriveTypeA
lstrcpynA
GetVolumeInformationA
GetCurrentDirectoryA
LoadLibraryExA
GetModuleHandleA
CreateDirectoryA
ExpandEnvironmentStringsA
GetVersionExA
GetDiskFreeSpaceA
MulDiv
gdi32
GetDeviceCaps
user32
wsprintfA
ExitWindowsEx
CharNextA
CharUpperA
EndDialog
GetDesktopWindow
CharPrevA
GetWindowLongA
CallWindowProcA
GetDlgItem
SetForegroundWindow
SetWindowTextA
SendDlgItemMessageA
SetWindowLongA
EnableWindow
SendMessageA
LoadStringA
MsgWaitForMultipleObjects
PeekMessageA
MessageBoxA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
ShowWindow
DialogBoxIndirectParamA
SetDlgItemTextA
MessageBeep
GetDlgItemTextA
DispatchMessageA
comctl32
ord17
version
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
Sections
.text Size: 33KB - Virtual size: 32KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 73KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
Redist/msxmlenu.msi.msi
-
SECDRV.SYS.exe windows x86
2b0417c9fd2e5af9bf7029653696ba27
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
ntoskrnl.exe
IoDeleteSymbolicLink
IoDeleteDevice
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
RtlEqualUnicodeString
NtBuildNumber
RtlQueryRegistryValues
PsGetVersion
KeTickCount
MmIsAddressValid
RtlUnwind
ExAllocatePoolWithTag
ExFreePool
IofCompleteRequest
Sections
.text Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 512B - Virtual size: 498B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 448B - Virtual size: 430B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Setup.Exe.exe windows x86
06f1cfaa3c4ea834ea2af610a5df812f
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
winmm
PlaySoundA
waveOutGetNumDevs
timeGetTime
waveOutGetDevCapsA
kernel32
LoadLibraryA
GetProcAddress
FreeLibrary
GetVolumeInformationA
Sleep
GetSystemDirectoryA
ResetEvent
SetEvent
GetTempPathA
GetLastError
lstrcmpiA
FindFirstFileA
WaitForSingleObject
LocalFree
FormatMessageA
lstrcmpA
RemoveDirectoryA
IsDBCSLeadByte
GetFullPathNameA
lstrcpynA
GetWindowsDirectoryA
SetLastError
GetFileAttributesA
GetVersionExA
LockResource
LoadResource
FindResourceA
GetShortPathNameA
GetExitCodeProcess
GetUserDefaultLCID
GetLocaleInfoA
VerLanguageNameA
CreateProcessA
SetFileAttributesA
GetTempFileNameA
ReleaseMutex
CreateMutexA
OpenEventA
CreateEventA
GetModuleHandleA
MultiByteToWideChar
VirtualProtect
SizeofResource
FindFirstChangeNotificationA
FindCloseChangeNotification
FindNextChangeNotification
GetPrivateProfileStringA
TerminateProcess
WaitForMultipleObjects
WritePrivateProfileStringA
SetFilePointer
ExpandEnvironmentStringsA
GetDriveTypeA
_lclose
_llseek
_lopen
GetSystemTime
FindClose
VirtualFree
SetErrorMode
VirtualAlloc
GlobalMemoryStatus
GetSystemInfo
GetCurrentProcess
GetTickCount
DeviceIoControl
CreateDirectoryA
WriteFile
ReadFile
SetFileTime
GetFileTime
GetFileSize
GetFileType
MoveFileExA
SetEndOfFile
GetCurrentDirectoryA
CopyFileA
DeleteFileA
GetModuleFileNameA
GetDiskFreeSpaceA
SetCurrentDirectoryA
GetLogicalDrives
FindNextFileA
ResumeThread
SetPriorityClass
GetCurrentThread
SetThreadPriority
GetEnvironmentVariableA
FlushFileBuffers
CreateThread
WideCharToMultiByte
CompareFileTime
QueryPerformanceCounter
GetThreadPriority
GetPriorityClass
QueryPerformanceFrequency
ExitThread
GetExitCodeThread
SuspendThread
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
IsBadWritePtr
IsBadReadPtr
InterlockedDecrement
InterlockedIncrement
InterlockedExchange
RtlUnwind
ExitProcess
GetStartupInfoA
GetCommandLineA
HeapFree
HeapAlloc
FileTimeToSystemTime
FileTimeToLocalFileTime
RaiseException
LCMapStringA
LCMapStringW
lstrcatA
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapReAlloc
HeapSize
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapDestroy
HeapCreate
VirtualQuery
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
GetACP
GetOEMCP
IsBadCodePtr
GetTimeZoneInformation
SetStdHandle
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileA
CloseHandle
lstrcpyA
lstrlenA
GetSystemDefaultLangID
GetCPInfo
user32
CharUpperA
ReleaseDC
GetDC
EnumDisplaySettingsA
ExitWindowsEx
IsWindow
SystemParametersInfoA
GetClassNameA
CharToOemA
FindWindowExA
EnumWindows
SetCursor
LoadCursorA
DestroyCursor
IsDialogMessageA
GetMessageA
GetWindowLongA
RedrawWindow
GetUpdateRect
EndPaint
BeginPaint
CopyRect
IntersectRect
SetWindowTextA
GetWindowRect
IsWindowVisible
UnionRect
IsChild
IsRectEmpty
RemovePropA
GetWindowTextA
ReleaseCapture
GetCapture
EnableWindow
GetParent
GetNextDlgGroupItem
MsgWaitForMultipleObjects
OffsetRect
SetCapture
GetKeyState
GetNextDlgTabItem
ScreenToClient
CallWindowProcA
GetClassInfoA
ClientToScreen
PtInRect
DrawTextA
DrawTextExA
GrayStringA
SetWindowRgn
CreateDialogIndirectParamA
EndDialog
MessageBeep
MapWindowPoints
GetMessagePos
DialogBoxIndirectParamA
RegisterWindowMessageA
GetSystemMetrics
GetWindowPlacement
SetWindowLongA
PostQuitMessage
EnableMenuItem
InvalidateRect
FillRect
LoadIconA
EqualRect
GetWindowTextLengthA
GetAsyncKeyState
VkKeyScanExA
GetKeyboardLayout
LoadStringA
CharPrevA
GetKeyboardType
PeekMessageA
TranslateMessage
DispatchMessageA
GetDesktopWindow
WaitForInputIdle
LoadImageA
wvsprintfA
UnregisterClassA
IsWindowEnabled
SetTimer
KillTimer
wsprintfA
PostMessageA
SetWindowPos
IsIconic
GetFocus
FindWindowA
ShowWindow
SetRectEmpty
CreateWindowExA
SetPropA
RegisterClassA
DefWindowProcA
GetPropA
DestroyWindow
SetForegroundWindow
SetFocus
SetActiveWindow
CharNextA
SendMessageA
MessageBoxA
gdi32
SetBkColor
SetBkMode
SetTextColor
SelectObject
GetTextMetricsA
SetTextAlign
SelectPalette
GetDeviceCaps
RealizePalette
CreateDIBSection
SetDIBits
DeleteObject
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
GetSystemPaletteEntries
GetObjectA
GetDIBColorTable
CreateFontA
CreateCompatibleDC
BitBlt
DeleteDC
CombineRgn
CreateBrushIndirect
CreateRectRgn
GetStockObject
AddFontResourceA
RemoveFontResourceA
advapi32
RegQueryInfoKeyA
OpenProcessToken
RegCloseKey
CloseServiceHandle
OpenSCManagerA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA
RegQueryValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA
RegOpenKeyExA
comctl32
ImageList_LoadImageA
ImageList_Destroy
version
GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA
imm32
ImmGetContext
shell32
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc
ShellExecuteExA
SHChangeNotify
ole32
CoCreateInstance
CoInitialize
OleUninitialize
OleInitialize
CoUninitialize
Exports
Exports
?DialogProc@CAppAlert@@SGHPAUHWND__@@IIJ@Z
?DialogProc@CAppMessage@@SGHPAUHWND__@@IIJ@Z
?DialogProc@CDirBrowser@@SGHPAUHWND__@@IIJ@Z
?HotsetupCallback@@YG?AW4EBURETCODE@@PAX@Z
LaunchGame
Sections
.text Size: 440KB - Virtual size: 436KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 72KB - Virtual size: 69KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 24KB - Virtual size: 63KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 40KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
Setup/favicon.ico
-
Setup/halo1.ico
-
SetupENU.dll.dll windows x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.rsrc Size: 7.1MB - Virtual size: 7.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
autorun.inf
-
leame.rtf.rtf
-
mgspid.dll.dll windows x86
062db9a23b71a0d548f7bb1afbcbe320
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetTimeZoneInformation
GetSystemInfo
VirtualProtect
SetConsoleCtrlHandler
LCMapStringW
HeapSize
InitializeCriticalSection
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetLocaleInfoW
CompareStringW
CompareStringA
LoadLibraryA
GetProcAddress
FreeLibrary
LCMapStringA
lstrcpyA
ExitProcess
RtlUnwind
GetCurrentThreadId
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
HeapFree
TlsAlloc
SetLastError
GetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
WriteFile
InterlockedExchange
VirtualQuery
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
SetEnvironmentVariableA
user32
CharNextA
GetDesktopWindow
DialogBoxParamA
EndDialog
MessageBoxA
GetWindowTextLengthA
GetNextDlgTabItem
SetFocus
SetWindowTextA
GetKeyState
SendMessageA
GetDlgItem
GetWindowTextA
LoadStringA
gdi32
CreateFontA
DeleteObject
advapi32
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
Exports
Exports
GetPid
Sections
.text Size: 48KB - Virtual size: 47KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 12KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
readme.rtf.rtf