Extracted

• Office 365.zip

  .zip
• Office 365/Setup.x86.es-es_ProfessionalRetail_NKGG6-WBPCC-HXWMY-6DQGJ-CPQVG_act_1_.exe

  .exe windows x86

  2d41b25429890c8dcb952bcb86f4a7cc

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

  IMAGE_FILE_NET_RUN_FROM_SWAP

  Imports

  advapi32

  RegCreateKeyExW

  RegCloseKey

  CryptReleaseContext

  CryptAcquireContextW

  EventWrite

  EventWriteTransfer

  EventRegister

  EventUnregister

  RegOpenKeyExW

  RegQueryValueExW

  RegDeleteTreeW

  RegDeleteKeyW

  RegGetValueW

  RegQueryInfoKeyW

  RegEnumKeyExW

  RegEnumValueW

  RegSetValueExW

  RegDeleteValueW

  OpenProcessToken

  GetTokenInformation

  AllocateAndInitializeSid

  FreeSid

  EqualSid

  CreateWellKnownSid

  IsValidSid

  GetSidSubAuthorityCount

  GetSidSubAuthority

  RevertToSelf

  OpenThreadToken

  ConvertStringSecurityDescriptorToSecurityDescriptorW

  OpenSCManagerW

  CloseServiceHandle

  OpenServiceW

  QueryServiceStatusEx

  QueryServiceConfigW

  StartServiceW

  ControlService

  EnumDependentServicesW

  DeleteService

  CreateServiceW

  ChangeServiceConfig2W

  ChangeServiceConfigW

  SetServiceObjectSecurity

  GetLengthSid

  CopySid

  InitializeAcl

  AddAccessAllowedAce

  InitializeSecurityDescriptor

  SetSecurityDescriptorDacl

  GetSecurityDescriptorDacl

  ConvertSidToStringSidA

  CheckTokenMembership

  CryptDestroyHash

  CryptGetHashParam

  CryptCreateHash

  CryptHashData

  RegNotifyChangeKeyValue

  RegSetKeySecurity

  kernel32

  SetFileAttributesW

  GetFileAttributesExW

  GetDiskFreeSpaceExW

  DeleteFileW

  CloseHandle

  GetCurrentDirectoryW

  GetWindowsDirectoryW

  GetProcAddress

  SetFilePointerEx

  MoveFileExW

  CopyFileW

  AreFileApisANSI

  WideCharToMultiByte

  UnmapViewOfFile

  CreateFileMappingA

  MapViewOfFile

  Sleep

  GetStringTypeExW

  GetUserDefaultLCID

  LoadLibraryA

  LCMapStringW

  FreeLibrary

  LocalFree

  FormatMessageA

  GetCurrentThreadId

  TlsAlloc

  TlsFree

  FlsGetValue

  TlsGetValue

  FlsSetValue

  TlsSetValue

  GetTickCount64

  GetModuleHandleExW

  K32GetProcessMemoryInfo

  GlobalMemoryStatusEx

  LeaveCriticalSection

  EnterCriticalSection

  ReleaseSRWLockShared

  AcquireSRWLockShared

  ReleaseSRWLockExclusive

  AcquireSRWLockExclusive

  InitializeSRWLock

  GetCurrentProcessId

  FileTimeToSystemTime

  GetUserDefaultLocaleName

  IsValidCodePage

  SetLastError

  GetSystemTime

  SystemTimeToFileTime

  GetCPInfoExW

  CreateEventExW

  GetStringTypeW

  RaiseException

  LoadLibraryExW

  GetModuleHandleW

  VerSetConditionMask

  VerifyVersionInfoW

  GetVersionExW

  TerminateProcess

  GetModuleFileNameA

  GetShortPathNameA

  K32GetModuleFileNameExW

  CreateProcessW

  FindResourceW

  SizeofResource

  LoadResource

  OpenProcess

  SetErrorMode

  GetComputerNameW

  MulDiv

  FormatMessageW

  GetLogicalProcessorInformation

  GetNativeSystemInfo

  GetSystemDirectoryW

  ReleaseMutex

  WaitForSingleObjectEx

  SystemTimeToTzSpecificLocalTime

  ExpandEnvironmentStringsW

  GetCommandLineW

  GlobalFree

  ProcessIdToSessionId

  GetExitCodeThread

  WaitForMultipleObjects

  WaitForMultipleObjectsEx

  SignalObjectAndWait

  GetProcessAffinityMask

  GetCurrentProcess

  SetWaitableTimerEx

  CancelWaitableTimer

  QueryDepthSList

  TryEnterCriticalSection

  InitializeSListHead

  InterlockedPushEntrySList

  InterlockedPopEntrySList

  HeapFree

  GetProcessHeap

  ReadFile

  GetFileSizeEx

  GetTempPathW

  GetTempFileNameW

  GetTickCount

  GetThreadLocale

  SetEvent

  FindFirstFileExW

  lstrcmpW

  GetDriveTypeW

  CreateMutexW

  ReleaseSemaphore

  OpenEventA

  CreateEventA

  OpenMutexA

  CreateMutexA

  OpenSemaphoreA

  FindClose

  OpenFileMappingA

  GlobalAlloc

  LocalAlloc

  HeapAlloc

  GetModuleHandleA

  WriteFile

  GetPriorityClass

  GetExitCodeProcess

  GetTimeZoneInformation

  IsValidLocale

  QueryUnbiasedInterruptTime

  LCMapStringEx

  CreateThread

  CreateEventW

  LoadLibraryW

  OutputDebugStringA

  CloseThreadpoolTimer

  SetThreadpoolTimer

  WaitForThreadpoolTimerCallbacks

  CreateThreadpoolTimer

  CloseThreadpoolWait

  SetThreadpoolWait

  WaitForThreadpoolWaitCallbacks

  CreateThreadpoolWait

  CreateThreadpoolWork

  SubmitThreadpoolWork

  WaitForSingleObject

  GetLongPathNameW

  ResetEvent

  LockResource

  GetOverlappedResult

  FlushFileBuffers

  CancelIoEx

  GetFileType

  SetFileInformationByHandle

  GetFileInformationByHandleEx

  GetLocaleInfoEx

  LCIDToLocaleName

  LocaleNameToLCID

  GetSystemDefaultLCID

  WerRegisterMemoryBlock

  WerUnregisterMemoryBlock

  QueryFullProcessImageNameW

  SetThreadAffinityMask

  IsProcessorFeaturePresent

  CreateIoCompletionPort

  PostQueuedCompletionStatus

  GetThreadIOPendingFlag

  GetQueuedCompletionStatus

  RtlCaptureStackBackTrace

  IsDebuggerPresent

  CreateMemoryResourceNotification

  GetSystemPowerStatus

  IsSystemResumeAutomatic

  OutputDebugStringW

  VirtualFree

  VirtualAlloc

  GetProductInfo

  SetEndOfFile

  GetEnvironmentVariableW

  RemoveDirectoryW

  DeviceIoControl

  FindNextFileW

  GetFullPathNameW

  FindFirstFileW

  CreateDirectoryW

  GetThreadTimes

  GetCurrentThread

  GetProcessTimes

  LoadLibraryExA

  VirtualQuery

  GetSystemInfo

  SetEnvironmentVariableA

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetCommandLineA

  GetOEMCP

  EnumSystemLocalesW

  GetTimeFormatW

  GetDateFormatW

  SetStdHandle

  ExitProcess

  HeapReAlloc

  GetACP

  HeapSize

  GetConsoleCP

  ReadConsoleW

  GetConsoleMode

  UnregisterWaitEx

  VirtualProtect

  FreeLibraryAndExitThread

  UnregisterWait

  RegisterWaitForSingleObject

  GetNumaHighestNodeNumber

  QueryPerformanceCounter

  GetSystemTimeAsFileTime

  QueryPerformanceFrequency

  MultiByteToWideChar

  GetModuleFileNameW

  DeleteTimerQueueTimer

  ChangeTimerQueueTimer

  CreateTimerQueueTimer

  GetThreadPriority

  SetThreadPriority

  SwitchToThread

  CreateTimerQueue

  InterlockedFlushSList

  RtlUnwind

  GetStartupInfoW

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  GetLocaleInfoW

  CompareStringW

  GetCPInfo

  InitializeCriticalSectionAndSpinCount

  GetFileAttributesW

  CreateFileW

  IsWow64Process

  FlsAlloc

  FlsFree

  DeleteCriticalSection

  CompareStringEx

  GetLastError

  CreateSemaphoreA

  InitializeCriticalSectionEx

  EncodePointer

  DuplicateHandle

  GetSystemPreferredUILanguages

  GetUserGeoID

  OpenThread

  lstrcmpA

  FreeConsole

  WriteConsoleW

  GetStdHandle

  AllocConsole

  AttachConsole

  DecodePointer

  CreateWaitableTimerW

  GetLocalTime

  ole32

  CoRevokeInitializeSpy

  CoRegisterInitializeSpy

  CoTaskMemAlloc

  CoCreateFreeThreadedMarshaler

  CreateStreamOnHGlobal

  IIDFromString

  CoCreateInstance

  CoSetProxyBlanket

  CoTaskMemFree

  CLSIDFromString

  StringFromGUID2

  CoCreateGuid

  CoUninitialize

  CoInitializeEx

  oleaut32

  VariantInit

  VariantClear

  SysAllocString

  SysFreeString

  cabinet

  ord13

  ord14

  wintrust

  WinVerifyTrust

  WTHelperProvDataFromStateData

  WTHelperGetProvSignerFromChain

  setupapi

  SetupIterateCabinetW

  ws2_32

  WSAStartup

  GetAddrInfoW

  FreeAddrInfoW

  iphlpapi

  CreateSortedAddressPairs

  FreeMibTable

  gdi32

  GetDeviceCaps

  CreateSolidBrush

  SetTextColor

  SetBkColor

  GetStockObject

  CreateFontW

  SelectObject

  GetTextMetricsW

  CreatePen

  SetDCPenColor

  Rectangle

  GetTextExtentPoint32W

  SetDCBrushColor

  DeleteObject

  gdiplus

  GdipFree

  GdipDrawImageRectRectI

  GdipDeleteGraphics

  GdipDrawImageRectI

  GdiplusStartup

  GdipCreateFromHDC

  GdipDisposeImage

  GdipAlloc

  GdipCloneImage

  GdipLoadImageFromStream

  GdipGetImageWidth

  GdipCreateBitmapFromScan0

  GdipGetImageHeight

  GdipFillRectangleI

  GdipCloneBrush

  GdipDeleteBrush

  GdipCreateSolidFill

  GdipGetImageGraphicsContext

  rpcrt4

  RpcStringFreeW

  UuidToStringW

  Sections

  .text

  Size: 2.2MB - Virtual size: 2.2MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 1.0MB - Virtual size: 1.0MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 69KB - Virtual size: 178KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .tls

  Size: 512B - Virtual size: 13B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 559KB - Virtual size: 560KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 213KB - Virtual size: 213KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ