Oni_Win_EN[.]iso

Sharing

Copy URL Twitter E-mail

General

Target

Oni_Win_EN.iso
Size

418.7MB
MD5

ae16d6b00408c0849d343b44c2b1990f
SHA1

098bf54b2f8b324b38d8553d6ee7642082757d6d
SHA256

44ddf532b2fdb7e7a7efeef42b184d813d70c47a0ff9f8454423dc61bc7369ad
SHA512

74a51e4329ddb5b93d9ab3d8243286b78cad966b68e5fd1cde591bdef3c8ca83d87cd0705871dda66456042dae54606665f3ce3000073b7dc01c312a7997962c
SSDEEP

12582912:xb9djDgMlPQLCpr1bylXr8a/6HbCvmIQ9:xxdYMlPQWF1bylXIam6TY

Score

3^/10

Malware Config

Signatures

Unsigned PE 9 IoCs

Checks for missing Authenticode signature.

resource
unpack001/AUTOPLAY.EXE
unpack001/CRACK/Oni.exe
unpack001/DIRECTX/CFGMGR32.DLL
unpack001/DIRECTX/DSETUP.DLL
unpack001/DIRECTX/DSETUP32.DLL
unpack001/DIRECTX/DXSETUP.EXE
unpack001/DIRECTX/SETUPAPI.DLL
unpack001/GLSETUP_117.EXE
unpack001/ONISETUP.EXE

Files

Oni_Win_EN.iso
.iso
AUTOPLAY.EXE
.exe windows x86

6c6e8576f6d86b0e67e45f26ef4de96d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_lopen
FindFirstFileA
lstrlenA
lstrcpyA
GetWindowsDirectoryA
lstrcatA
RemoveDirectoryA
FindNextFileA
DeleteFileA
lstrcmpA
SetFileAttributesA
_lread
FindClose
_lcreat
LoadLibraryA
GetProcAddress
FreeLibrary
GetVersionExA
GetLastError
GetCurrentProcess
_llseek
GetModuleFileNameA
GlobalFree
GlobalAlloc
SetFileTime
DosDateTimeToFileTime
LocalFileTimeToFileTime
GetLocalTime
UnhandledExceptionFilter
FreeEnvironmentStringsA
HeapReAlloc
_hread
_hwrite
CreateDirectoryA
GetTimeZoneInformation
GetSystemTime
_lclose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCPInfo
GetACP
GetOEMCP
WideCharToMultiByte
TerminateProcess
GetFullPathNameA
GetCurrentDirectoryA
RtlUnwind
HeapFree
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
SetEnvironmentVariableA
VirtualAlloc
WriteFile
HeapAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW

user32

LoadIconA
wsprintfA
ExitWindowsEx
MessageBoxA

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
AUTORUN.INF
CRACK/Oni.exe
.exe windows x86

33d66fef3e9bb7d96113b5602f798715

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msacm32

acmStreamClose
acmStreamPrepareHeader
acmStreamUnprepareHeader
acmStreamConvert
acmStreamOpen
acmFormatSuggest
acmStreamSize

binkw32

_BinkClose@4
_BinkSetIOSize@4
_BinkService@4
_BinkGetRects@8
_BinkBufferBlit@12
_BinkOpenDirectSound@4
_BinkSetSoundSystem@8
_BinkOpen@8
_BinkSetSoundOnOff@8
_BinkSetVolume@8
_BinkBufferOpen@16
_BinkBufferSetOffset@12
_BinkCopyToBuffer@28
_BinkBufferUnlock@4
_BinkWait@4
_BinkDoFrame@4
_BinkBufferLock@4
_BinkNextFrame@4
_BinkBufferClose@4

dinput

DirectInputCreateA

dsound

ord1

kernel32

GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetEnvironmentStringsW
SetStdHandle
GetModuleFileNameA
HeapSize
RaiseException
VirtualAlloc
UnhandledExceptionFilter
SetEndOfFile
VirtualFree
GetFileAttributesA
CloseHandle
MapViewOfFile
CreateFileMappingA
GetFileSize
GetLastError
CreateFileA
UnmapViewOfFile
FindClose
FindNextFileA
GetACP
GetCPInfo
GetVersionExA
ReleaseMutex
WaitForSingleObject
CreateMutexA
FormatMessageA
GetProcAddress
FreeLibrary
LoadLibraryA
GetModuleHandleA
SetThreadPriority
CreateThread
SleepEx
GetTickCount
GetCurrentThread
SetLastError
QueryPerformanceCounter
QueryPerformanceFrequency
DeleteFileA
GetCommandLineA
LeaveCriticalSection
Sleep
EnterCriticalSection
ExitThread
DeleteCriticalSection
InitializeCriticalSection
GlobalMemoryStatus
HeapCreate
GetOEMCP
FindFirstFileA
HeapDestroy
LCMapStringW
LCMapStringA
WideCharToMultiByte
ReadFile
SetFilePointer
MultiByteToWideChar
GetFileType
GetStdHandle
SetHandleCount
WriteFile
FlushFileBuffers
GetStringTypeW
GetStringTypeA
ExitProcess
GetVersion
GetStartupInfoA
RtlUnwind
HeapReAlloc
HeapAlloc
HeapFree
GetCurrentProcess
TerminateProcess

user32

BeginPaint
GetForegroundWindow
LoadCursorA
EndPaint
FindWindowA
UpdateWindow
GetAsyncKeyState
GetWindowRect
GetCursorPos
LoadIconA
EnumDisplaySettingsA
GetDlgItem
SetCursorPos
GetWindowTextA
GetSystemMetrics
EndDialog
SetWindowTextA
DialogBoxParamA
DestroyWindow
DefWindowProcA
RegisterClassExA
CreateWindowExA
ShowWindow
BringWindowToTop
ShowCursor
MessageBoxA
UnhookWindowsHookEx
GetKeyState
CallNextHookEx
SystemParametersInfoA
SetWindowsHookExA
GetDesktopWindow
ReleaseDC
SetWindowPos
GetDC
DispatchMessageA
PeekMessageA
TranslateMessage
ChangeDisplaySettingsA

gdi32

GetStockObject
PatBlt
SetDeviceGammaRamp
ChoosePixelFormat
GetDeviceGammaRamp
SetPixelFormat
SwapBuffers

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 192KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DIRECTX/CFGMGR32.DLL
.dll windows x86

17fb831fc2ad10b3d998240020a55343

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
HeapAlloc
GetProcessHeap
RtlUnwind
lstrcpyA
CloseHandle
lstrcatA
HeapFree
CreateFileA
DeviceIoControl
CreateThread
GetExitCodeThread
MultiByteToWideChar
WideCharToMultiByte

user32

CharUpperA
PeekMessageA
MsgWaitForMultipleObjects

advapi32

RegSetValueExA
RegQueryInfoKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegEnumKeyA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

CM_Add_Empty_Log_Conf
CM_Add_Empty_Log_Conf_Ex
CM_Add_IDA
CM_Add_IDW
CM_Add_ID_ExA
CM_Add_ID_ExW
CM_Add_Range
CM_Add_Res_Des
CM_Add_Res_Des_Ex
CM_Connect_MachineA
CM_Connect_MachineW
CM_Create_DevNodeA
CM_Create_DevNodeW
CM_Create_DevNode_ExA
CM_Create_DevNode_ExW
CM_Create_Range_List
CM_Delete_Class_Key
CM_Delete_Class_Key_Ex
CM_Delete_DevNode_Key
CM_Delete_DevNode_Key_Ex
CM_Delete_Range
CM_Detect_Resource_Conflict
CM_Detect_Resource_Conflict_Ex
CM_Disable_DevNode
CM_Disable_DevNode_Ex
CM_Disconnect_Machine
CM_Dup_Range_List
CM_Enable_DevNode
CM_Enable_DevNode_Ex
CM_Enumerate_Classes
CM_Enumerate_Classes_Ex
CM_Enumerate_EnumeratorsA
CM_Enumerate_EnumeratorsW
CM_Enumerate_Enumerators_ExA
CM_Enumerate_Enumerators_ExW
CM_Find_Range
CM_First_Range
CM_Free_Log_Conf
CM_Free_Log_Conf_Ex
CM_Free_Log_Conf_Handle
CM_Free_Range_List
CM_Free_Res_Des
CM_Free_Res_Des_Ex
CM_Free_Res_Des_Handle
CM_Get_Child
CM_Get_Child_Ex
CM_Get_Class_Key_NameA
CM_Get_Class_Key_NameW
CM_Get_Class_Key_Name_ExA
CM_Get_Class_Key_Name_ExW
CM_Get_Class_NameA
CM_Get_Class_NameW
CM_Get_Class_Name_ExA
CM_Get_Class_Name_ExW
CM_Get_Depth
CM_Get_Depth_Ex
CM_Get_DevNode_Registry_PropertyA
CM_Get_DevNode_Registry_PropertyW
CM_Get_DevNode_Registry_Property_ExA
CM_Get_DevNode_Registry_Property_ExW
CM_Get_DevNode_Status
CM_Get_DevNode_Status_Ex
CM_Get_Device_IDA
CM_Get_Device_IDW
CM_Get_Device_ID_ExA
CM_Get_Device_ID_ExW
CM_Get_Device_ID_ListA
CM_Get_Device_ID_ListW
CM_Get_Device_ID_List_ExA
CM_Get_Device_ID_List_ExW
CM_Get_Device_ID_List_SizeA
CM_Get_Device_ID_List_SizeW
CM_Get_Device_ID_List_Size_ExA
CM_Get_Device_ID_List_Size_ExW
CM_Get_Device_ID_Size
CM_Get_Device_ID_Size_Ex
CM_Get_Device_Interface_AliasA
CM_Get_Device_Interface_AliasW
CM_Get_Device_Interface_Alias_ExA
CM_Get_Device_Interface_Alias_ExW
CM_Get_Device_Interface_ListA
CM_Get_Device_Interface_ListW
CM_Get_Device_Interface_List_ExA
CM_Get_Device_Interface_List_ExW
CM_Get_Device_Interface_List_SizeA
CM_Get_Device_Interface_List_SizeW
CM_Get_Device_Interface_List_Size_ExA
CM_Get_Device_Interface_List_Size_ExW
CM_Get_First_Log_Conf
CM_Get_First_Log_Conf_Ex
CM_Get_Global_State
CM_Get_Global_State_Ex
CM_Get_HW_Prof_FlagsA
CM_Get_HW_Prof_FlagsW
CM_Get_HW_Prof_Flags_ExA
CM_Get_HW_Prof_Flags_ExW
CM_Get_Hardware_Profile_InfoA
CM_Get_Hardware_Profile_InfoW
CM_Get_Hardware_Profile_Info_ExA
CM_Get_Hardware_Profile_Info_ExW
CM_Get_Next_Log_Conf
CM_Get_Next_Log_Conf_Ex
CM_Get_Next_Res_Des
CM_Get_Next_Res_Des_Ex
CM_Get_Parent
CM_Get_Parent_Ex
CM_Get_Res_Des_Data
CM_Get_Res_Des_Data_Ex
CM_Get_Res_Des_Data_Size
CM_Get_Res_Des_Data_Size_Ex
CM_Get_Sibling
CM_Get_Sibling_Ex
CM_Get_Version
CM_Get_Version_Ex
CM_Intersect_Range_List
CM_Invert_Range_List
CM_Locate_DevNodeA
CM_Locate_DevNodeW
CM_Locate_DevNode_ExA
CM_Locate_DevNode_ExW
CM_Merge_Range_List
CM_Modify_Res_Des
CM_Modify_Res_Des_Ex
CM_Move_DevNode
CM_Move_DevNode_Ex
CM_Next_Range
CM_Open_Class_KeyA
CM_Open_Class_KeyW
CM_Open_Class_Key_ExA
CM_Open_Class_Key_ExW
CM_Open_DevNode_Key
CM_Open_DevNode_Key_Ex
CM_Query_Arbitrator_Free_Data
CM_Query_Arbitrator_Free_Data_Ex
CM_Query_Arbitrator_Free_Size
CM_Query_Arbitrator_Free_Size_Ex
CM_Query_Remove_SubTree
CM_Query_Remove_SubTree_Ex
CM_Reenumerate_DevNode
CM_Reenumerate_DevNode_Ex
CM_Register_Device_Driver
CM_Register_Device_Driver_Ex
CM_Register_Device_InterfaceA
CM_Register_Device_InterfaceW
CM_Register_Device_Interface_ExA
CM_Register_Device_Interface_ExW
CM_Remove_SubTree
CM_Remove_SubTree_Ex
CM_Remove_Unmarked_Children
CM_Remove_Unmarked_Children_Ex
CM_Reset_Children_Marks
CM_Reset_Children_Marks_Ex
CM_Run_Detection
CM_Run_Detection_Ex
CM_Set_DevNode_Registry_PropertyA
CM_Set_DevNode_Registry_PropertyW
CM_Set_DevNode_Registry_Property_ExA
CM_Set_DevNode_Registry_Property_ExW
CM_Set_HW_Prof
CM_Set_HW_Prof_Ex
CM_Set_HW_Prof_FlagsA
CM_Set_HW_Prof_FlagsW
CM_Set_HW_Prof_Flags_ExA
CM_Set_HW_Prof_Flags_ExW
CM_Setup_DevNode
CM_Setup_DevNode_Ex
CM_Test_Range_Available
CM_Uninstall_DevNode
CM_Uninstall_DevNode_Ex
CM_Unregister_Device_InterfaceA
CM_Unregister_Device_InterfaceW
CM_Unregister_Device_Interface_ExA
CM_Unregister_Device_Interface_ExW

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 690B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DIRECTX/DIRECTX.CAB
.cab
DIRECTX/DIRECTX.INF
DIRECTX/DSETUP.DLL
.dll windows x86

bcbf18b28917ff9f2a8220b84f54716c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCurrentDirectoryA
lstrlenA
GetModuleFileNameA
LocalFree
GetSystemDirectoryA
SetCurrentDirectoryA
LocalAlloc
GetDiskFreeSpaceA
GetWindowsDirectoryA
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcmpA
lstrcmpiA
GetSystemDefaultLCID
IsBadReadPtr
IsBadStringPtrW
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
IsBadStringPtrA
lstrcatA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeLibrary
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
SetStdHandle
SetFilePointer
GetVersionExA
lstrcpyA
OutputDebugStringA
LoadLibraryA
GetProcAddress
CloseHandle
CreateMutexA
GetLastError
TlsGetValue
GetEnvironmentStringsW

user32

DispatchMessageA
wsprintfW
wsprintfA
DestroyWindow
SetFocus
CreateDialogParamA
SetDlgItemTextA
MessageBoxA
PeekMessageA
GetMessageA
TranslateMessage
GetKeyboardType

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegSetValueExW
RegSetValueExA
RegDeleteKeyA
RegEnumKeyExA
RegCreateKeyExW
RegQueryInfoKeyA

winmm

mmioClose
mmioRead
mmioDescend
mmioOpenA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

ole32

StringFromGUID2

Exports

Exports

DirectXDeviceDriverSetupA
DirectXDeviceDriverSetupW
DirectXLoadString
DirectXRegisterApplicationA
DirectXRegisterApplicationW
DirectXSetupA
DirectXSetupCallback
DirectXSetupGetFileVersion
DirectXSetupGetVersion
DirectXSetupIsEng
DirectXSetupIsJapan
DirectXSetupIsJapanNec
DirectXSetupSetCallback
DirectXSetupW
DirectXUnRegisterApplication

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DIRECTX/DSETUP32.DLL
.dll windows x86

1ae973e540e176134af557c9bda154c1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteFileA
lstrcpynA
GetDiskFreeSpaceA
CreateDirectoryA
CopyFileA
GetModuleFileNameA
WideCharToMultiByte
LocalFree
LocalAlloc
lstrcmpiA
lstrcmpA
FindNextFileA
MultiByteToWideChar
GetSystemDirectoryA
GetShortPathNameA
GetFileAttributesA
SetFileAttributesA
ExpandEnvironmentStringsA
GetTempPathA
GetModuleHandleA
Sleep
GetCommandLineA
GetVersion
GetLocalTime
InterlockedDecrement
InterlockedIncrement
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetSystemDefaultLCID
GetVersionExA
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
HeapAlloc
ReadFile
LCMapStringA
LCMapStringW
GetStringTypeA
OutputDebugStringA
VirtualAlloc
GetProcAddress
LoadLibraryA
SetStdHandle
FlushFileBuffers
SetFilePointer
CreateFileA
GetLocaleInfoA
SetEndOfFile
GetLocaleInfoW
FindClose
FindFirstFileA
lstrlenA
GetTempFileNameA
lstrcpyA
CreateMutexA
GetLastError
CloseHandle
GetWindowsDirectoryA
lstrcatA
GetACP
GetCPInfo
GetStringTypeW

user32

GetKeyboardType
SetDlgItemTextA
LoadStringA
CreateDialogParamA
ShowWindow
DestroyWindow
MessageBoxA
SetFocus
wsprintfA
DispatchMessageA
PeekMessageA
TranslateMessage
CharNextA
GetDlgItem
SendMessageA
GetMessageA

advapi32

RegCloseKey
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegSetValueExA
RegCreateKeyExA
RegSetValueA
RegCreateKeyA

setupapi

SetupInstallFromInfSectionA
SetupOpenInfFileA
SetupGetInfInformationA
SetupOpenFileQueue
SetupCloseFileQueue
SetupCloseInfFile
SetupDefaultQueueCallbackA
SetupIterateCabinetA

winmm

mmioRead
mmioOpenA
mmioClose
mmioDescend

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shell32

SHFileOperationA

ole32

StringFromGUID2
CoInitialize
CoCreateInstance
CoUninitialize

Exports

Exports

DirectXCopyFile
DirectXLoadString
DirectXSetupCallback
DirectXSetupSetCallback
iDirectXDeviceDriverSetup
iDirectXSetup

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DIRECTX/DXSETUP.EXE
.exe windows x86

cd3551d2a102b70792af0f3d4a04f475

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey

kernel32

FindFirstFileA
lstrcpyA
GetCurrentDirectoryA
FindClose
lstrcmpiA
lstrcpynA
LoadResource
GetLastError
FindResourceA
GetSystemDefaultLCID
GetWindowsDirectoryA
GetModuleHandleA
GetVersionExA
CloseHandle
FreeLibrary
GetProcAddress
SetCurrentDirectoryA
LoadLibraryA
SetErrorMode
lstrlenA
GetModuleFileNameA
CreateMutexA
GetSystemDirectoryA
lstrcmpA
GetVersion
GetACP
WideCharToMultiByte
GetLocaleInfoW
GetCPInfo
ReadFile
SetEndOfFile
GetLocaleInfoA
CreateFileA
FlushFileBuffers
SetStdHandle
SetFilePointer
GetStringTypeW
GetStringTypeA
VirtualAlloc
LCMapStringW
LCMapStringA
HeapFree
GetOEMCP
OutputDebugStringA
GetStartupInfoA
GetCommandLineA
lstrcatA
ExitProcess
GetLocalTime
InterlockedDecrement
InterlockedIncrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapAlloc
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
VirtualFree
HeapCreate
HeapDestroy
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
WriteFile
InitializeCriticalSection

gdi32

GetDeviceCaps

user32

MessageBoxA
SetWindowPos
GetClassNameA
EnumWindows
GetWindowTextA
DialogBoxParamA
SetForegroundWindow
SetFocus
ShowWindow
GetDesktopWindow
GetDlgItem
SetDlgItemTextA
IsWindowEnabled
EndDialog
SetCursor
SendDlgItemMessageA
LoadCursorA
ExitWindowsEx
EnableWindow
GetAsyncKeyState
ReleaseDC
GetWindowRect
GetDC
LoadStringA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

comctl32

ord17

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 259KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
DIRECTX/SETUPAPI.DLL
.dll windows x86

34e609de713a84ae984541be5b4ecb82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ntdll

RtlUnwind

kernel32

GetCPInfo
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetFileType
GetStdHandle
ExitProcess
TerminateProcess
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStartupInfoA
CreateThread
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetFilePointer
SetStdHandle
FlushFileBuffers
GetLocaleInfoW
GetProcAddress
FreeLibrary
WaitForSingleObject
GetCurrentThread
DuplicateHandle
ResumeThread
ExitThread
GetDriveTypeA
GetModuleFileNameA
FormatMessageA
LocalFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateDirectoryA
GetTempFileNameA
SetFileAttributesA
MoveFileA
CopyFileA
GetDiskFreeSpaceA
TlsAlloc
TlsFree
TlsSetValue
_llseek
_lclose
_lwrite
_lread
_lopen
TlsGetValue
_lcreat
DosDateTimeToFileTime
WinExec
WritePrivateProfileStringA
GetPrivateProfileStringA
GetEnvironmentVariableA
FindNextFileA
GetFullPathNameA
WriteFile
DeleteFileA
CompareFileTime
GetThreadLocale
GetStringTypeExA
RaiseException
WaitForMultipleObjects
ReleaseMutex
lstrcmpA
SetEvent
CreateEventA
CreateMutexA
HeapAlloc
HeapFree
HeapReAlloc
GetCommandLineA
GetVersion
GetModuleHandleA
GetLocaleInfoA
LoadLibraryA
GetCurrentThreadId
VirtualAlloc
UnhandledExceptionFilter
MultiByteToWideChar
SetErrorMode
lstrcatA
GetVersionExA
GetSystemDirectoryA
GetWindowsDirectoryA
CloseHandle
GetLastError
CreateFileA
MapViewOfFile
CreateFileMappingA
GetFileSize
UnmapViewOfFile
WideCharToMultiByte
SetLastError
FindFirstFileA
FindClose
lstrlenW
MoveFileExA
GetShortPathNameA
lstrcpynA
GetPrivateProfileSectionA
lstrcmpiA
WritePrivateProfileSectionA
ExpandEnvironmentStringsA
lstrcpyA
lstrlenA
GetCurrentProcess
SetFileTime
GetFileTime

user32

IsWindowEnabled
KillTimer
IsDlgButtonChecked
SetTimer
CheckDlgButton
SetWindowPos
LoadCursorA
MapWindowPoints
InvalidateRect
GetIconInfo
IsWindowVisible
SetCursor
CheckRadioButton
DrawAnimatedRects
LoadBitmapA
DestroyIcon
GetSysColor
ClientToScreen
GetWindowRect
GetClientRect
SystemParametersInfoA
GetSystemMetrics
MoveWindow
GetDC
ReleaseDC
GetWindow
TranslateMessage
DispatchMessageA
PostThreadMessageA
IsWindow
GetWindowTextLengthA
GetWindowTextA
MessageBoxIndirectA
DialogBoxParamA
RemovePropA
DestroyWindow
SetForegroundWindow
GetPropA
EndDialog
SetPropA
SetWindowTextA
SendDlgItemMessageA
GetDlgItemTextA
UpdateWindow
SetDlgItemTextA
GetParent
GetWindowLongA
SendMessageA
GetDlgItem
EnableWindow
PostMessageA
SetWindowLongA
MessageBeep
ExitWindowsEx
CharUpperA
LoadStringA
MessageBoxA
WaitMessage
PeekMessageA
wsprintfA
CharLowerA
GetMessageA
LoadIconA
ShowWindow
SetFocus

gdi32

SetTextColor
StretchBlt
DeleteObject
BitBlt
GetObjectA
CreateCompatibleDC
CreateBitmap
CreateCompatibleBitmap
DeleteDC
SelectObject
SetBkColor

advapi32

FreeSid
QueryServiceConfigA
CreateServiceA
DeleteService
OpenSCManagerA
OpenServiceA
LockServiceDatabase
ChangeServiceConfigA
UnlockServiceDatabase
CloseServiceHandle
AdjustTokenPrivileges
LookupPrivilegeValueA
AllocateAndInitializeSid
EqualSid
RegCloseKey
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegQueryValueExA
OpenProcessToken
GetTokenInformation
InitializeSecurityDescriptor
SetSecurityDescriptorOwner
SetFileSecurityA
GetFileSecurityA
IsTextUnicode
RegOpenKeyExA

shell32

ord59
SHChangeNotify
ExtractIconExA

lz32

LZOpenFileA
LZCopy
LZClose

comdlg32

GetOpenFileNameA
GetFileTitleA

comctl32

ImageList_Destroy
CreatePropertySheetPageA
DestroyPropertySheetPage
ImageList_Add
ImageList_Create
ImageList_SetBkColor
ord17
ImageList_ReplaceIcon
ImageList_SetOverlayImage

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

winspool.drv

GetPrinterDriverDirectoryA

cfgmgr32

CM_Set_HW_Prof_FlagsA
CM_Uninstall_DevNode
CM_Query_Remove_SubTree
CM_Get_Class_NameA
CM_Reenumerate_DevNode
CM_Get_Hardware_Profile_InfoA
CM_Remove_SubTree
CM_Delete_DevNode_Key
CM_Get_Class_Key_NameA
CM_Delete_Class_Key
CM_Get_Device_ID_Size
CM_Get_First_Log_Conf
CM_Open_DevNode_Key
CM_Detect_Resource_Conflict
CM_Get_Next_Log_Conf
CM_Setup_DevNode
CM_Enable_DevNode
CM_Disable_DevNode
CM_Free_Res_Des_Handle
CM_Add_Res_Des
CM_Free_Log_Conf_Handle
CM_Free_Log_Conf
CM_Add_Empty_Log_Conf
CM_Set_DevNode_Registry_PropertyW
CM_Get_DevNode_Registry_PropertyA
CM_Get_HW_Prof_FlagsA
CM_Locate_DevNodeA
CM_Enumerate_Classes
CM_Open_Class_KeyA
CM_Move_DevNode
CM_Get_DevNode_Status
CM_Create_DevNodeA
CM_Get_Res_Des_Data_Size
CM_Get_Next_Res_Des
CM_Get_Device_ID_List_SizeA
CM_Get_Device_ID_ListA
CM_Get_Parent
CM_Get_Device_IDA
CM_Get_Res_Des_Data

mpr

WNetGetResourceInformationA
WNetAddConnection3A
WNetCancelConnection2A

rpcrt4

UuidFromStringA

Exports

Exports

AddMiniIconToList
AddTagToGroupOrderListEntry
AppendStringToMultiSz
AssertFail
CaptureAndConvertAnsiArg
CaptureStringArg
CenterWindowRelativeToParent
ConcatenatePaths
DelayedMove
DelimStringToMultiSz
DestroyTextFileReadBuffer
DoesUserHavePrivilege
DuplicateString
EnablePrivilege
ExtensionPropSheetPageProc
FileExists
FreeStringArray
GetNewInfName
GetSetFileTimestamp
GetVersionInfoFromImage
InfIsFromOemLocation
InstallHinfSection
InstallHinfSectionA
InstallHinfSectionW
InstallStop
IsUserAdmin
LookUpStringInTable
MemoryInitialize
MultiByteToUnicode
MultiSzFromSearchControl
MyFree
MyGetFileTitle
MyMalloc
MyRealloc
OpenAndMapFileForRead
OutOfMemory
QueryMultiSzValueToArray
QueryRegistryValue
ReadAsciiOrUnicodeTextFile
RegistryDelnode
RetreiveFileSecurity
RetrieveServiceConfig
SearchForInfFile
SetArrayToMultiSzValue
SetupAddInstallSectionToDiskSpaceListA
SetupAddInstallSectionToDiskSpaceListW
SetupAddSectionToDiskSpaceListA
SetupAddSectionToDiskSpaceListW
SetupAddToDiskSpaceListA
SetupAddToDiskSpaceListW
SetupAddToSourceListA
SetupAddToSourceListW
SetupAdjustDiskSpaceListA
SetupAdjustDiskSpaceListW
SetupCancelTemporarySourceList
SetupCloseFileQueue
SetupCloseInfFile
SetupCommitFileQueue
SetupCommitFileQueueA
SetupCommitFileQueueW
SetupCopyErrorA
SetupCopyErrorW
SetupCreateDiskSpaceListA
SetupCreateDiskSpaceListW
SetupDecompressOrCopyFileA
SetupDecompressOrCopyFileW
SetupDefaultQueueCallback
SetupDefaultQueueCallbackA
SetupDefaultQueueCallbackW
SetupDeleteErrorA
SetupDeleteErrorW
SetupDestroyDiskSpaceList
SetupDiAskForOEMDisk
SetupDiBuildClassInfoList
SetupDiBuildDriverInfoList
SetupDiCallClassInstaller
SetupDiCancelDriverInfoSearch
SetupDiChangeState
SetupDiClassGuidsFromNameA
SetupDiClassGuidsFromNameW
SetupDiClassNameFromGuidA
SetupDiClassNameFromGuidW
SetupDiCreateDevRegKeyA
SetupDiCreateDevRegKeyW
SetupDiCreateDeviceInfoA
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoW
SetupDiDeleteDevRegKey
SetupDiDeleteDeviceInfo
SetupDiDestroyClassImageList
SetupDiDestroyDeviceInfoList
SetupDiDestroyDriverInfoList
SetupDiDrawMiniIcon
SetupDiEnumDeviceInfo
SetupDiEnumDriverInfoA
SetupDiEnumDriverInfoW
SetupDiGetActualSectionToInstallA
SetupDiGetActualSectionToInstallW
SetupDiGetClassBitmapIndex
SetupDiGetClassDescriptionA
SetupDiGetClassDescriptionW
SetupDiGetClassDevPropertySheetsA
SetupDiGetClassDevPropertySheetsW
SetupDiGetClassDevsA
SetupDiGetClassDevsW
SetupDiGetClassImageIndex
SetupDiGetClassImageList
SetupDiGetClassInstallParamsA
SetupDiGetClassInstallParamsW
SetupDiGetDeviceInfoListClass
SetupDiGetDeviceInstallParamsA
SetupDiGetDeviceInstallParamsW
SetupDiGetDeviceInstanceIdA
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceRegistryPropertyA
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDriverInfoDetailA
SetupDiGetDriverInfoDetailW
SetupDiGetDriverInstallParamsA
SetupDiGetDriverInstallParamsW
SetupDiGetHwProfileFriendlyNameA
SetupDiGetHwProfileFriendlyNameW
SetupDiGetHwProfileList
SetupDiGetINFClassA
SetupDiGetINFClassW
SetupDiGetSelectedDevice
SetupDiGetSelectedDriverA
SetupDiGetSelectedDriverW
SetupDiGetWizardPage
SetupDiInstallClassA
SetupDiInstallClassW
SetupDiInstallDevice
SetupDiInstallDriverFiles
SetupDiLoadClassIcon
SetupDiMoveDuplicateDevice
SetupDiOpenClassRegKey
SetupDiOpenDevRegKey
SetupDiOpenDeviceInfoA
SetupDiOpenDeviceInfoW
SetupDiRegisterDeviceInfo
SetupDiRemoveDevice
SetupDiSelectDevice
SetupDiSelectOEMDrv
SetupDiSetClassInstallParamsA
SetupDiSetClassInstallParamsW
SetupDiSetDeviceInstallParamsA
SetupDiSetDeviceInstallParamsW
SetupDiSetDeviceRegistryPropertyA
SetupDiSetDeviceRegistryPropertyW
SetupDiSetDriverInstallParamsA
SetupDiSetDriverInstallParamsW
SetupDiSetSelectedDevice
SetupDiSetSelectedDriverA
SetupDiSetSelectedDriverW
SetupDuplicateDiskSpaceListA
SetupDuplicateDiskSpaceListW
SetupFindFirstLineA
SetupFindFirstLineW
SetupFindNextLine
SetupFindNextMatchLineA
SetupFindNextMatchLineW
SetupFreeSourceListA
SetupFreeSourceListW
SetupGetBinaryField
SetupGetFieldCount
SetupGetFileCompressionInfoA
SetupGetFileCompressionInfoW
SetupGetInfFileListA
SetupGetInfFileListW
SetupGetInfInformationA
SetupGetInfInformationW
SetupGetIntField
SetupGetLineByIndexA
SetupGetLineByIndexW
SetupGetLineCountA
SetupGetLineCountW
SetupGetLineTextA
SetupGetLineTextW
SetupGetMultiSzFieldA
SetupGetMultiSzFieldW
SetupGetSourceFileLocationA
SetupGetSourceFileLocationW
SetupGetSourceFileSizeA
SetupGetSourceFileSizeW
SetupGetSourceInfoA
SetupGetSourceInfoW
SetupGetStringFieldA
SetupGetStringFieldW
SetupGetTargetPathA
SetupGetTargetPathW
SetupInitDefaultQueueCallback
SetupInitDefaultQueueCallbackEx
SetupInitializeFileLogA
SetupInitializeFileLogW
SetupInstallFileA
SetupInstallFileExA
SetupInstallFileExW
SetupInstallFileW
SetupInstallFilesFromInfSectionA
SetupInstallFilesFromInfSectionW
SetupInstallFromInfSectionA
SetupInstallFromInfSectionW
SetupInstallServicesFromInfSectionA
SetupInstallServicesFromInfSectionW
SetupIterateCabinetA
SetupIterateCabinetW
SetupLogFileA
SetupLogFileW
SetupOpenAppendInfFileA
SetupOpenAppendInfFileW
SetupOpenFileQueue
SetupOpenInfFileA
SetupOpenInfFileW
SetupOpenMasterInf
SetupPromptForDiskA
SetupPromptForDiskW
SetupPromptReboot
SetupQueryDrivesInDiskSpaceListA
SetupQueryDrivesInDiskSpaceListW
SetupQueryFileLogA
SetupQueryFileLogW
SetupQueryInfFileInformationA
SetupQueryInfFileInformationW
SetupQueryInfVersionInformationA
SetupQueryInfVersionInformationW
SetupQuerySourceListA
SetupQuerySourceListW
SetupQuerySpaceRequiredOnDriveA
SetupQuerySpaceRequiredOnDriveW
SetupQueueCopyA
SetupQueueCopySectionA
SetupQueueCopySectionW
SetupQueueCopyW
SetupQueueDefaultCopyA
SetupQueueDefaultCopyW
SetupQueueDeleteA
SetupQueueDeleteSectionA
SetupQueueDeleteSectionW
SetupQueueDeleteW
SetupQueueRenameA
SetupQueueRenameSectionA
SetupQueueRenameSectionW
SetupQueueRenameW
SetupRemoveFileLogEntryA
SetupRemoveFileLogEntryW
SetupRemoveFromDiskSpaceListA
SetupRemoveFromDiskSpaceListW
SetupRemoveFromSourceListA
SetupRemoveFromSourceListW
SetupRemoveInstallSectionFromDiskSpaceListA
SetupRemoveInstallSectionFromDiskSpaceListW
SetupRemoveSectionFromDiskSpaceListA
SetupRemoveSectionFromDiskSpaceListW
SetupRenameErrorA
SetupRenameErrorW
SetupScanFileQueue
SetupScanFileQueueA
SetupScanFileQueueW
SetupSetDirectoryIdA
SetupSetDirectoryIdExA
SetupSetDirectoryIdExW
SetupSetDirectoryIdW
SetupSetPlatformPathOverrideA
SetupSetPlatformPathOverrideW
SetupSetSourceListA
SetupSetSourceListW
SetupTermDefaultQueueCallback
SetupTerminateFileLog
ShouldDeviceBeExcluded
StampFileSecurity
StringTableAddString
StringTableAddStringEx
StringTableDestroy
StringTableDuplicate
StringTableEnum
StringTableGetExtraData
StringTableInitialize
StringTableInitializeEx
StringTableLookUpString
StringTableLookUpStringEx
StringTableSetExtraData
StringTableStringFromId
StringTableTrim
TakeOwnershipOfFile
UnicodeToMultiByte
UnmapAndCloseFile
pSetupDirectoryIdToPath
pSetupGetField
pSetupGetOsLoaderDriveAndPath
pSetupGetVersionDatum
pSetupGuidFromString
pSetupIsGuidNull
pSetupMakeSurePathExists
pSetupStringFromGuid

Sections

.text
Size: 205KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
GLSETUP_117.EXE
.exe windows x86

52304e2a18fa5608f4f4aeb8041c7da0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

GetCommandLineA
SetErrorMode
GetModuleHandleA
MulDiv
GetTempFileNameA
GetModuleFileNameA
lstrlenA
_lclose
lstrcpyA
FormatMessageA
lstrcatA
GetLastError
_lwrite
_llseek
GlobalUnlock
GlobalFree
GlobalAlloc
_lopen
GetProcAddress
_lcreat
LoadLibraryA
GetVersionExA
FreeLibrary
OpenFile
ExitProcess
GetCurrentProcess
WinExec
GetTempPathA
_lread
LocalFree
GetWindowsDirectoryA
GlobalLock

user32

GetDC
DrawTextA
EndPaint
InvalidateRect
PostQuitMessage
SendMessageA
DefWindowProcA
GetClientRect
CreateWindowExA
BeginPaint
ReleaseDC
SetWindowPos
ShowWindow
UpdateWindow
SetTimer
LoadIconA
RegisterClassA
MessageBoxA
ExitWindowsEx
LoadCursorA

gdi32

DeleteObject
PatBlt
CreateSolidBrush
GetDeviceCaps
SetTextColor
SetBkMode
TextOutA
StretchDIBits
CreateFontA
SelectObject
SelectPalette
CreatePalette
RealizePalette
GetStockObject

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

Exports

Exports

_MainWndProc@16
_StubFileWrite@12

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ONI.ICO
ONISETUP.002
ONISETUP.EXE
.exe windows x86

6c6e8576f6d86b0e67e45f26ef4de96d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_lopen
FindFirstFileA
lstrlenA
lstrcpyA
GetWindowsDirectoryA
lstrcatA
RemoveDirectoryA
FindNextFileA
DeleteFileA
lstrcmpA
SetFileAttributesA
_lread
FindClose
_lcreat
LoadLibraryA
GetProcAddress
FreeLibrary
GetVersionExA
GetLastError
GetCurrentProcess
_llseek
GetModuleFileNameA
GlobalFree
GlobalAlloc
SetFileTime
DosDateTimeToFileTime
LocalFileTimeToFileTime
GetLocalTime
UnhandledExceptionFilter
FreeEnvironmentStringsA
HeapReAlloc
_hread
_hwrite
CreateDirectoryA
GetTimeZoneInformation
GetSystemTime
_lclose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCPInfo
GetACP
GetOEMCP
WideCharToMultiByte
TerminateProcess
GetFullPathNameA
GetCurrentDirectoryA
RtlUnwind
HeapFree
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
SetEnvironmentVariableA
VirtualAlloc
WriteFile
HeapAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW

user32

LoadIconA
wsprintfA
ExitWindowsEx
MessageBoxA

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
README.TXT

Sharing

General

Malware Config

Signatures

Files

6c6e8576f6d86b0e67e45f26ef4de96d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 6KB

.data1 Size: 4KB - Virtual size: 192B

.rsrc Size: 4KB - Virtual size: 1KB

33d66fef3e9bb7d96113b5602f798715

Headers

File Characteristics

Imports

msacm32

binkw32

dinput

dsound

kernel32

user32

gdi32

advapi32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 192KB - Virtual size: 1.7MB

.rsrc Size: 12KB - Virtual size: 10KB

.reloc Size: 84KB - Virtual size: 80KB

17fb831fc2ad10b3d998240020a55343

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.data Size: 512B - Virtual size: 16B

.idata Size: 1024B - Virtual size: 864B

.rsrc Size: 1024B - Virtual size: 964B

.reloc Size: 1024B - Virtual size: 690B

bcbf18b28917ff9f2a8220b84f54716c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

winmm

version

ole32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.data Size: 10KB - Virtual size: 15KB

.rsrc Size: 1024B - Virtual size: 960B

.reloc Size: 2KB - Virtual size: 1KB

1ae973e540e176134af557c9bda154c1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

setupapi

winmm

version

shell32

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 6KB

.data1
Size: 4KB - Virtual size: 192B

.rsrc
Size: 4KB - Virtual size: 1KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 192KB - Virtual size: 1.7MB

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 84KB - Virtual size: 80KB

.text
Size: 21KB - Virtual size: 20KB

.data
Size: 512B - Virtual size: 16B

.idata
Size: 1024B - Virtual size: 864B

.rsrc
Size: 1024B - Virtual size: 964B

.reloc
Size: 1024B - Virtual size: 690B

.text
Size: 24KB - Virtual size: 23KB

.data
Size: 10KB - Virtual size: 15KB

.rsrc
Size: 1024B - Virtual size: 960B

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 61KB - Virtual size: 60KB

.data
Size: 13KB - Virtual size: 19KB

.rsrc
Size: 109KB - Virtual size: 112KB

.reloc
Size: 5KB - Virtual size: 5KB

.text
Size: 40KB - Virtual size: 40KB

.data
Size: 13KB - Virtual size: 19KB

.rsrc
Size: 259KB - Virtual size: 260KB

.text
Size: 205KB - Virtual size: 204KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 9KB - Virtual size: 19KB

.rsrc
Size: 73KB - Virtual size: 72KB

.reloc
Size: 14KB - Virtual size: 13KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB