multiacc - 1234[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

multiacc - 1234.rar
Size

8.5MB
MD5

ea7bc5418f63988a222a89d25ea7f927
SHA1

206c7d200e249123ef567665acd803daece05799
SHA256

8f16d8a6f82fec0d2ff3b6361cf8d03795af55d86076fc23bda494008660b7d7
SHA512

9fb368e53fd1031b571ea4d133663b35b7f0e57a6f33102653fe318cb333a4a7fd014d09b86d9b682727b352f3ab80ff07f1f50c175c295ff15f5a2549eb9a80
SSDEEP

196608:aiXwlUFG8WpIRSRt3if3cjZ9R3A/I7iOGJUOVL8JCZ:zUmRaIkrif3KBKOGyOVLV

Score

3^/10

pyinstaller

Malware Config

Signatures

Detects Pyinstaller 1 IoCs

pyinstaller

resource	yara_rule
static1/unpack001/multiacc.exe	pyinstaller

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Bar.dll
unpack001/aac.dll
unpack001/multiacc.exe

Files

multiacc - 1234.rar
.rar

Password: 1234
Bar.dll
.dll windows x86

Password: 1234

8a814ee81a8fe333a6898be65a8eb654

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

xuikit

?SetData@xUIData@@QAEHHPAV1@@Z
?Show@xUIBase@@QAEXH@Z
??0xUIBase2@@QAE@PBD@Z
?AddChild@xUIBase@@QAEXPAV1@@Z
?GetData@xUIData@@QAEHHAAVCString@@@Z
?Layout@xUILayoutMgr@@QAEXXZ
?Init@xUIBase2@@MAEXPAVxUIBase@@@Z
?FindChild@xUIBase@@QAEPAV1@PBD@Z
?GetUILayoutMgr@xUIBase@@QAEPAVxUILayoutMgr@@XZ
?GetData@xUIData@@QAEHHAAPAVxUIBase@@@Z
?SetData@xUIData@@QAEHHPAUHWND__@@@Z
?OnLButtonDown@xUIEvent@@QAEHIVCPoint@@@Z
?GetUIEvent@xUIBase@@QAEPAVxUIEvent@@XZ
?OnMouseMove@xUIEvent@@QAEHIVCPoint@@@Z
??1xUIBase2@@UAE@XZ
?Draw@xUIBase@@QAEXPAUHDC__@@@Z
?SetData@xUIData@@QAEHHPAVxUIBase@@@Z
??0xUIBase@@QAE@PAV0@H@Z
??0xUIData@@QAE@XZ
?Reset@xUIEvent@@QAEXXZ
??1xUIData@@UAE@XZ
?SetSubMenu@xUIBase@@QAEXPAV1@@Z
?IsHit@xUIBase@@QAEHVCPoint@@@Z
?GetChildPosition@xUIBase@@QAEPAU__POSITION@@XZ
?GetNextChild@xUIBase@@QAEPAV1@AAPAU__POSITION@@@Z
??1xUIBase@@UAE@XZ
??0xUIBase@@QAE@PBD@Z
?GetUIData@xUIBase@@QAEPAVxUIData@@XZ
?SetData@xUIData@@QAEHHH@Z
?SetData@xUIData@@QAEHHK@Z
?AddChild@xUIBase@@QAEPAV1@H@Z
?SetData@xUIData@@QAEHHPBD@Z
?SetData@xUIData@@QAEHHPAUIUnknown@@@Z
?AddChild@xUIBase@@QAEPAV1@PBD@Z
?GetData@xUIData@@QAEHHAAH@Z
?SetData@xUIData@@QAEHHUtagRECT@@@Z

peobj

?RegisterService@PEServiceManager@@SAJABU_GUID@@PAUIUnknown@@@Z
??1CPEObjectBase@@UAE@XZ
??0CPEObjectBase@@QAE@XZ
?RegisterClassA@PEClassManager@@SAJABU_GUID@@PAUIClassFactory@@@Z
?AddPeer@CPEObjectBase@@UAEJABU_GUID@@PAUIUnknown@@@Z
?RemovePeer@CPEObjectBase@@UAEJABU_GUID@@PAUIUnknown@@@Z
?GetPeer@CPEObjectBase@@UAEJABU_GUID@@0PAPAX@Z
?CreateInstance@PEClassManager@@SAJABU_GUID@@PAUIUnknown@@K0PAPAX@Z
?GetGlobalObject@@YAJABU_GUID@@0PAPAX@Z
?GetService@PEServiceManager@@SAJABU_GUID@@PAPAX@Z
?AtlComPtrAssign@@YAPAUIUnknown@@PAPAU1@PAU1@@Z

pebase

?GUIDToString@@YA?AVCString@@U_GUID@@@Z
?StringToGUID@@YA?AU_GUID@@VCString@@@Z
?GetValue@@YAJPBD0AAH@Z
?PEPlaySound@@YAXH@Z
?SetRegPreference@@YAXVCString@@H@Z
?IsRegPreferenceExist@@YAHVCString@@@Z
?GetRegPreference@@YAHVCString@@@Z
?GetChildValue@@YAHPBDHAAVCString@@1@Z
?IsKeyExist@@YAHPBD@Z
?GetChildKeyNumber@@YAKPBD@Z
?GetChildKey@@YAHPBDHAAVCString@@@Z
?GetValue@@YAJPBD0AAVCString@@@Z
?GetChildValueNumber@@YAKPBD@Z

commonui

?SetDefaultInstance@CIpeTip@@QAEXPAUHINSTANCE__@@@Z
??1COkButton@@UAE@XZ
??0COkButton@@QAE@XZ
?GetRuntimeClass@COkButton@@UBEPAUCRuntimeClass@@XZ
?GetMessageMap@COkButton@@MBEPBUAFX_MSGMAP@@XZ
?OnWndMsg@COkButton@@UAEHIIJPAJ@Z
?DrawItem@COkButton@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
??0CIpeTip@@QAE@XZ
?Clear@CIpeTip@@QAEHXZ
?SetInstance@CIpeTip@@QAEXPAUHINSTANCE__@@@Z
?SubTipControl@CIpeTip@@QAEHXZ
?AddRectTool@CIpeTip@@QAEHPAVCWnd@@PBDPBUtagRECT@@I@Z
?Draw@CMaskedBitmap@@UAEXPAVCDC@@HH@Z
?DrawTransparent@CMaskedBitmap@@UAEXPAVCDC@@HHK@Z
?SetTransparency@CIpeTip@@SAXH@Z
?SetTipColor@CIpeTip@@SAXABK@Z
?TransparentBitBlt@CMaskedBitmap@@UAEXPAVCDC@@HHKHHHH@Z

u32base

disp32ShowInit
disp32ShowEnd
buf32GetWHU
buf32Free
buf32DupBuf
buf32GetMem
disp32ShowData

mfc42

ord3597
ord324
ord641
ord3005
ord2169
ord1134
ord5641
ord2431
ord4425
ord825
ord3663
ord823
ord2841
ord2107
ord5450
ord5440
ord6383
ord6394
ord1168
ord6154
ord2530
ord4364
ord4056
ord5471
ord4121
ord2389
ord5082
ord1709
ord1712
ord6053
ord4078
ord1776
ord4407
ord5234
ord2385
ord5163
ord6369
ord4353
ord5279
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5248
ord2444
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3362
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3598
ord327
ord642
ord1253
ord342
ord1182
ord3571
ord3626
ord2414
ord535
ord858
ord4235
ord4454
ord755
ord470
ord640
ord2122
ord2864
ord1175
ord5981
ord2379
ord2494
ord2626
ord2087
ord2639
ord3092
ord6055
ord5290
ord5261
ord2446
ord800
ord860
ord540
ord922
ord924
ord537
ord6215
ord4160
ord5875
ord6880
ord1640
ord323
ord2859
ord4299
ord5241
ord6374
ord3742
ord818
ord567
ord4275
ord4989
ord4931
ord4936
ord3272
ord3353
ord4622
ord3579
ord729
ord430
ord4224
ord713
ord414
ord715
ord415
ord5620
ord2152
ord1233
ord1567
ord6141
ord268
ord2775
ord1088
ord1081
ord6605
ord6197
ord3732
ord556
ord809
ord4270
ord1817
ord4396
ord4497
ord6199
ord3874
ord4864
ord1187
ord3573
ord1641
ord4133
ord4297
ord6242
ord1949
ord2575
ord3574
ord609
ord2405
ord6453
ord2078
ord2642
ord6379
ord1847
ord3402
ord3639
ord1771
ord6366
ord2413
ord2024
ord4219
ord3361
ord4401
ord692
ord4123
ord6178
ord5495
ord3882
ord5344
ord3273
ord614
ord2504
ord2386
ord438
ord4042
ord3619
ord4530
ord4544
ord5685
ord3274
ord439
ord736
ord4220
ord2584
ord3654
ord2438
ord6270
ord2863
ord1644
ord1146
ord5605
ord2761
ord643
ord2147
ord2451
ord5982
ord329
ord2719
ord4284
ord5949
ord1137
ord4083
ord5063
ord4148
ord2818
ord2574
ord3572
ord1270
ord1232
ord3870
ord1871
ord5823
ord3664
ord4809
ord4480
ord2754
ord5861
ord1085
ord1200
ord2652
ord801
ord541
ord1669
ord802
ord542
ord5265
ord4376
ord4853
ord4998
ord2514
ord6052
ord1775
ord5280
ord2581

msvcrt

_adjust_fdiv
_CxxThrowException
malloc
_initterm
free
??1type_info@@UAE@XZ
_onexit
__dllonexit
_purecall
__CxxFrameHandler
atoi
_endthread
_splitpath
strtok
strncpy
sprintf
_ftol
sscanf
_stricmp
_except_handler3
?terminate@@YAXXZ

kernel32

InterlockedDecrement
GetFileAttributesA
CreateFileA
CloseHandle
FindResourceA
LoadResource
LockResource
DeleteFileA
Sleep
GetCurrentThreadId
LoadLibraryA
GetVersionExA
GetModuleFileNameA
GetLastError
MultiByteToWideChar
lstrlenA
LocalFree
GetTickCount
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
CreateThread
SetThreadPriority

user32

GetClientRect
PtInRect
SendMessageA
SetActiveWindow
ScreenToClient
GetCursorPos
UnhookWindowsHookEx
PostMessageA
SetTimer
KillTimer
IsWindow
ClientToScreen
FillRect
DrawTextExA
GetWindowRect
EndPaint
BeginPaint
ReleaseCapture
SetCapture
RegisterClipboardFormatA
GetCapture
PeekMessageA
GetKeyState
LoadImageA
InvalidateRect
SetRect
ReleaseDC
GetDC
SetWindowsHookExA
SystemParametersInfoA
CallNextHookEx
GetDlgItem
IsWindowVisible
GetParent
GetDlgCtrlID
SetWindowLongA
GetWindowLongA
GetClassNameA
CallWindowProcA
OffsetRect
ShowWindow
MoveWindow
GetSystemMetrics
RedrawWindow
WindowFromPoint
CreateMenu
ValidateRect
InvalidateRgn
MapWindowPoints
UpdateWindow
EnableMenuItem
GetSubMenu
LoadMenuA
SetCursor
LoadCursorA
GetDialogBaseUnits
SetScrollPos
SetScrollRange
GetScrollPos
GetScrollRange
GetActiveWindow
DestroyMenu
IsMenu
DefWindowProcA
GetClassInfoA
GetWindowDC
GetSysColor
EnumChildWindows
GetWindow
LoadBitmapA
LoadStringA
EnableWindow
DrawTextA
InflateRect

gdi32

GetROP2
SetROP2
Polygon
SelectClipRgn
MoveToEx
LineTo
GetTextExtentPoint32A
Rectangle
CreateRectRgn
CombineRgn
CreateDIBSection
CreatePen
CreateSolidBrush
CreateEllipticRgn
PtInRegion
CreateCompatibleBitmap
SetBkMode
GetStockObject
SetTextColor
TextOutA
GetObjectA
CreateDCA
GetTextExtentPointA
SetBkColor
SelectObject
BitBlt
DeleteDC
DeleteObject
CreateFontIndirectA
CreateCompatibleDC

ole32

CoCreateGuid

oleaut32

VariantClear
SysFreeString
SysAllocString

u32comm

c32SetDLLErrInfo
c32GetString
c32GetDLLErrorInfo

Exports

Exports

??0CCmdBarBase@@QAE@XZ
??0CDescriptDB@@QAE@XZ
??0CDocFilmBar@@QAE@XZ
??0CExString@@QAE@ABV0@@Z
??0CFilmList@@QAE@XZ
??0CFocusPopWnd2@@QAE@XZ
??0CGlobeBar@@QAE@XZ
??0CGuideTip@@QAE@ABV0@@Z
??0CGuideTip@@QAE@XZ
??0CGuideTipUI@@QAE@XZ
??0CImageObject@@QAE@XZ
??0CListener@@QAE@XZ
??0CMaskedBitmap@@QAE@XZ
??0CPEDialogBar@@QAE@XZ
??0CPopupItem@@QAE@XZ
??0CPopupItemInfo@@QAE@XZ
??0CScrollDock@@QAE@XZ
??0CTestStateRule@@QAE@ABV0@@Z
??0CTestStateRule@@QAE@U_GUID@@0@Z
??0CTitleTip@@QAE@XZ
??0CToolCat@@IAE@XZ
??0CToolEngine@@QAE@XZ
??0CToolHandle@@QAE@XZ
??0CToolObject@@QAE@XZ
??0CToolParam@@QAE@XZ
??0CToolUI@@QAE@XZ
??0CUIManagerClient@@QAE@XZ
??0CUIPageCollection@@QAE@XZ
??0IActiveBuffer@CFilmList@@QAE@ABV01@@Z
??0IActiveBuffer@CFilmList@@QAE@XZ
??0IActiveItem@CFilmList@@QAE@ABV01@@Z
??0IActiveItem@CFilmList@@QAE@XZ
??0IFrame1@CFilmList@@QAE@ABV01@@Z
??0IFrame1@CFilmList@@QAE@XZ
??0IFrame@CFilmList@@QAE@ABV01@@Z
??0IFrame@CFilmList@@QAE@XZ
??0IGlobarNotifyCenter@@QAE@ABV0@@Z
??0IGlobarNotifyCenter@@QAE@XZ
??0IGlobarNotifyClient@@QAE@ABV0@@Z
??0IGlobarNotifyClient@@QAE@XZ
??0IItem@CFilmList@@AAE@XZ
??0IItem@CFilmList@@QAE@ABV01@@Z
??0IItem@CFilmList@@QAE@HHPAUHBITMAP__@@PAX@Z
??0IItem@CFilmList@@QAE@HHPAUHINSTANCE__@@0HHPAXH@Z
??0IItem@CFilmList@@QAE@HHPAVIActiveBuffer@1@PAUHPALETTE__@@PAX@Z
??0IItem@CFilmList@@QAE@HHPAVIActiveItem@1@PAUHPALETTE__@@PAX@Z
??0IItem@CFilmList@@QAE@HHPAXPAUHPALETTE__@@0@Z
??0IItemList@CFilmList@@QAE@ABV01@@Z
??0IItemList@CFilmList@@QAE@XZ
??1CCmdBarBase@@UAE@XZ
??1CDescriptDB@@UAE@XZ
??1CDocFilmBar@@UAE@XZ
??1CFilmList@@UAE@XZ
??1CFocusPopWnd2@@UAE@XZ
??1CGlobeBar@@UAE@XZ
??1CGuideTip@@UAE@XZ
??1CGuideTipUI@@UAE@XZ
??1CImageObject@@UAE@XZ
??1CListener@@QAE@XZ
??1CMaskedBitmap@@UAE@XZ
??1CPEDialogBar@@UAE@XZ
??1CPopupItem@@UAE@XZ
??1CPopupItemInfo@@UAE@XZ
??1CScrollDock@@UAE@XZ
??1CTestStateRule@@UAE@XZ
??1CTitleTip@@UAE@XZ
??1CToolCat@@UAE@XZ
??1CToolEngine@@UAE@XZ
??1CToolHandle@@UAE@XZ
??1CToolObject@@UAE@XZ
??1CToolParam@@UAE@XZ
??1CToolUI@@UAE@XZ
??1CUIManagerClient@@QAE@XZ
??1CUIPageCollection@@QAE@XZ
??1IActiveBuffer@CFilmList@@UAE@XZ
??1IActiveItem@CFilmList@@UAE@XZ
??1IItem@CFilmList@@QAE@XZ
??1IItemList@CFilmList@@QAE@XZ
??4CExString@@QAEAAV0@ABV0@@Z
??4CGuideTip@@QAEAAV0@ABV0@@Z
??4CTestStateRule@@QAEAAV0@ABV0@@Z
??4CUIParam@@QAEAAV0@ABV0@@Z
??4CUIStack@@QAEAAV0@ABV0@@Z
??4IActiveBuffer@CFilmList@@QAEAAV01@ABV01@@Z
??4IActiveItem@CFilmList@@QAEAAV01@ABV01@@Z
??4IFrame1@CFilmList@@QAEAAV01@ABV01@@Z
??4IFrame@CFilmList@@QAEAAV01@ABV01@@Z
??4IGlobarNotifyCenter@@QAEAAV0@ABV0@@Z
??4IGlobarNotifyClient@@QAEAAV0@ABV0@@Z
??4IItem@CFilmList@@QAEAAV01@ABV01@@Z
??4IItemList@CFilmList@@QAEAAV01@ABV01@@Z
??_7CCmdBarBase@@6BCBase@@@
??_7CCmdBarBase@@6BCPEObject@@@
??_7CCmdBarBase@@6BICommandBar@@@
??_7CCmdBarBase@@6BIPopupItem@@@
??_7CCmdBarBase@@6BIPopupItemInfo@@@
??_7CCmdBarBase@@6BIUnknown@@@
??_7CDescriptDB@@6BCBase@@@
??_7CDescriptDB@@6BCListener@@@
??_7CDescriptDB@@6BCPEDialogBar@@@
??_7CDescriptDB@@6BCPEObject@@@
??_7CDescriptDB@@6BCUIManagerClient@@@
??_7CDescriptDB@@6BIToolUIApply@@@
??_7CDescriptDB@@6BIToolUIInit@@@
??_7CDescriptDB@@6BIToolUILayout@@@
??_7CDescriptDB@@6BIToolUIReplace@@@
??_7CDescriptDB@@6BIToolUIScroll@@@
??_7CDescriptDB@@6BIToolUITerminate@@@
??_7CDescriptDB@@6BIUIBase@@@
??_7CDescriptDB@@6BIUnknown@@@
??_7CDocFilmBar@@6BCDialogBar@@@
??_7CDocFilmBar@@6BIGlobarNotifyClient@@@
??_7CFilmList@@6B?$CPEServiceServer@$1?OBJID_FILM@@3U_GUID@@B@@@
??_7CFilmList@@6BCBase@@@
??_7CFilmList@@6BCListBox@@@
??_7CFilmList@@6BCPEObject@@@
??_7CFilmList@@6BIFilmList@@@
??_7CFilmList@@6BIUnknown@@@
??_7CFocusPopWnd2@@6B@
??_7CFocusPopWnd2@@6BCBase@@@
??_7CFocusPopWnd2@@6BCPEObject@@@
??_7CFocusPopWnd2@@6BIFocusPopWnd@@@
??_7CFocusPopWnd2@@6BIFocusSubPopWnd@@@
??_7CFocusPopWnd2@@6BIUIBase@@@
??_7CFocusPopWnd2@@6BIUnknown@@@
??_7CGlobeBar@@6BCDialogBar@@@
??_7CGlobeBar@@6BIGlobarNotifyClient@@@
??_7CGuideTip@@6B@
??_7CGuideTipUI@@6B@
??_7CImageObject@@6B@
??_7CListener@@6B@
??_7CMaskedBitmap@@6B@
??_7CPEDialogBar@@6B@
??_7CPopupItem@@6BCBase@@@
??_7CPopupItem@@6BCPEObject@@@
??_7CPopupItem@@6BIPopupItem@@@
??_7CPopupItem@@6BIUnknown@@@
??_7CPopupItemInfo@@6BCBase@@@
??_7CPopupItemInfo@@6BCPEObject@@@
??_7CPopupItemInfo@@6BIPopupItemInfo@@@
??_7CPopupItemInfo@@6BIUnknown@@@
??_7CScrollDock@@6B@
??_7CTestStateRule@@6B@
??_7CTitleTip@@6B@
??_7CToolCat@@6B@
??_7CToolCat@@6BCBase@@@
??_7CToolCat@@6BCPEObject@@@
??_7CToolCat@@6BIToolCat@@@
??_7CToolCat@@6BIUnknown@@@
??_7CToolEngine@@6B@
??_7CToolHandle@@6B@
??_7CToolObject@@6B@
??_7CToolParam@@6B@
??_7CToolUI@@6BCBase@@@
??_7CToolUI@@6BCListener@@@
??_7CToolUI@@6BCPEDialogBar@@@
??_7CToolUI@@6BCPEObject@@@
??_7CToolUI@@6BCUIManagerClient@@@
??_7CToolUI@@6BIToolUIApply@@@
??_7CToolUI@@6BIToolUIInit@@@
??_7CToolUI@@6BIToolUILayout@@@
??_7CToolUI@@6BIToolUIReplace@@@
??_7CToolUI@@6BIToolUIScroll@@@
??_7CToolUI@@6BIToolUITerminate@@@
??_7CToolUI@@6BIUIBase@@@
??_7CToolUI@@6BIUnknown@@@
??_7CUIManagerClient@@6B@
??_7CUIPageCollection@@6B@
??_7IActiveBuffer@CFilmList@@6B@
??_7IActiveItem@CFilmList@@6B@
??_7IFrame1@CFilmList@@6B@
??_7IFrame@CFilmList@@6B@
??_7IGlobarNotifyCenter@@6B@
??_7IGlobarNotifyClient@@6B@
??_7IItem@CFilmList@@6B@
??_7IItemList@CFilmList@@6B@
??_8CCmdBarBase@@7B?$CPEProvider@UICommandBar@@@@@
??_8CCmdBarBase@@7BCBase@@@
??_8CCmdBarBase@@7BCPEObjectBase@@@
??_8CCmdBarBase@@7BCPopupItem@@@
??_8CCmdBarBase@@7BCPopupItemInfo@@@
??_8CDescriptDB@@7B?$CPEProvider@UIToolUIApply@@@@@
??_8CDescriptDB@@7B?$CPEProvider@UIToolUIInit@@@@@
??_8CDescriptDB@@7B?$CPEProvider@UIToolUILayout@@@@@
??_8CDescriptDB@@7B?$CPEProvider@UIToolUIReplace@@@@@
??_8CDescriptDB@@7B?$CPEProvider@UIToolUIScroll@@@@@
??_8CDescriptDB@@7B?$CPEProvider@UIToolUITerminate@@@@@
??_8CDescriptDB@@7B?$CPEProvider@UIUIBase@@@@@
??_8CDescriptDB@@7BCBase@@@
??_8CDescriptDB@@7BCPEObjectBase@@@
??_8CFilmList@@7B@
??_8CFilmList@@7BCBase@@@
??_8CFilmList@@7BCPEObjectBase@@@
??_8CFocusPopWnd2@@7B?$CPEProvider@UIFocusPopWnd@@@@@
??_8CFocusPopWnd2@@7B?$CPEProvider@UIFocusSubPopWnd@@@@@
??_8CFocusPopWnd2@@7B?$CPEProvider@UIUIBase@@@@@
??_8CFocusPopWnd2@@7BCBase@@@
??_8CFocusPopWnd2@@7BCPEObjectBase@@@
??_8CPopupItem@@7B@
??_8CPopupItem@@7BCBase@@@
??_8CPopupItem@@7BCPEObjectBase@@@
??_8CPopupItemInfo@@7B@
??_8CPopupItemInfo@@7BCBase@@@
??_8CPopupItemInfo@@7BCPEObjectBase@@@
??_8CToolCat@@7B@
??_8CToolCat@@7BCBase@@@
??_8CToolCat@@7BCPEObjectBase@@@
??_8CToolUI@@7B?$CPEProvider@UIToolUIApply@@@@@
??_8CToolUI@@7B?$CPEProvider@UIToolUIInit@@@@@
??_8CToolUI@@7B?$CPEProvider@UIToolUILayout@@@@@
??_8CToolUI@@7B?$CPEProvider@UIToolUIReplace@@@@@
??_8CToolUI@@7B?$CPEProvider@UIToolUIScroll@@@@@
??_8CToolUI@@7B?$CPEProvider@UIToolUITerminate@@@@@
??_8CToolUI@@7B?$CPEProvider@UIUIBase@@@@@
??_8CToolUI@@7BCBase@@@
??_8CToolUI@@7BCPEObjectBase@@@
??_DCCmdBarBase@@QAEXXZ
??_DCDescriptDB@@QAEXXZ
??_DCFilmList@@QAEXXZ
??_DCFocusPopWnd2@@QAEXXZ
??_DCPopupItem@@QAEXXZ
??_DCPopupItemInfo@@QAEXXZ
??_DCToolCat@@QAEXXZ
??_DCToolUI@@QAEXXZ
?Add@IItemList@CFilmList@@QAEHPAVIItem@2@@Z
?AddCloneItem@CFilmList@@AAEXPAVIItem@1@@Z
?AddItem@CFilmList@@QAEXHHPAUHBITMAP__@@PAX@Z
?AddItem@CFilmList@@QAEXHHPAUHINSTANCE__@@0HHPAXH@Z
?AddItem@CFilmList@@QAEXHHPAVIActiveBuffer@1@PAUHPALETTE__@@PAX@Z
?AddItem@CFilmList@@QAEXHHPAVIActiveItem@1@PAUHPALETTE__@@PAX@Z
?AddItem@CFilmList@@QAEXHHPAXPAUHPALETTE__@@0@Z
?AddItemNotify@CFilmList@@UAEJPAUIItemNotify@@@Z
?AddListener@CListener@@QAEHPAV1@PAH@Z
?AddPage@CUIPageCollection@@IAEHHPAVCToolUI@@@Z
?AddPopupItem@CPopupItem@@MAEHU_GUID@@0@Z
?AddPopupItemInfo@CPopupItemInfo@@MAEHU_GUID@@UITEM@@@Z
?AddRef@CFilmList@@MAGKXZ
?AddRef@CToolCat@@UAGKXZ
?AddRef@CToolUI@@UAGKXZ
?AdjustPos@CTitleTip@@QAEXXZ
?AdjustTitleTipPos@@YAHXZ
?Apply@CToolEngine@@UAEHNNPAVCToolObject@@PAVCToolParam@@0@Z
?Apply@CToolEngine@@UAEHPAVCToolObject@@PAVCToolParam@@0@Z
?Apply@CToolUI@@IAEHW4Action@ICenter@@@Z
?AssociateClient@CFilmList@@QAEXPAVIFilmDropClient@@@Z
?AttachChild@CToolUI@@AAEXPAV1@@Z
?AttachNotify@CGlobeBar@@UAEXPAVIGlobeBar_Notify@@@Z
?AttachNotify@IGlobarNotifyCenter@@MAEXPAVCGlobeBar@@PAVIGlobeBar_Notify@@@Z
?Back@CUIManagerClient@@IAEHXZ
?CanLeaveToolUI@CToolUI@@UAEHH@Z
?Cancel@CUIManagerClient@@IAEHXZ
?ChangeGuideTipPos@@YAHHH@Z
?ChangeMaxWidth@CFilmList@@QAEXH@Z
?ChangeMode@CGlobeBar@@QAEXW4GlobeBarMode@1@@Z
?ChangePageNo@CGlobeBar@@QAEXH@Z
?ChangeSelect@CFilmList@@QAEXPAVIItem@1@@Z
?ChangeTop@CUIManagerClient@@IAEHU_GUID@@H@Z
?CheckFileValid@@YAHHAAVCStringList@@AAV?$CList@HH@@@Z
?CheckFileValid@CToolUI@@QAEHHAAVCStringList@@@Z
?CheckFileValid@CToolUI@@QAEPADH@Z
?CheckFileValid@CToolUI@@QAEPAHHAAH@Z
?Clone@IItem@CFilmList@@UAEPAV12@XZ
?Clone@IItemList@CFilmList@@QAEPAV12@XZ
?CloseUI@CToolUI@@IAEHXZ
?Create@CDocFilmBar@@QAEHPAVCWnd@@PBDII@Z
?Create@CGuideTipUI@@QAEXAAUtagRECT@@PAVCWnd@@H@Z
?Create@CPEDialogBar@@QAEHPAVCWnd@@III@Z
?Create@CPEDialogBar@@QAEHPAVCWnd@@PBDII@Z
?Create@CTitleTip@@QAEXAAUtagRECT@@PAVCWnd@@H@Z
?Create@CToolUI@@QAEHPAVCWnd@@III@Z
?Create@CToolUI@@UAEHPAVCWnd@@PBDII@Z
?CreateDlg@CPEDialogBar@@IAEHPBDPAVCWnd@@@Z
?CreateDlg@CToolUI@@IAEHPBDPAVCWnd@@@Z
?CreateFilmFont@CFilmList@@QAEXXZ
?CreateObject@CDescriptDB@@SGPAVCObject@@XZ
?CreateObject@CFilmList@@SGPAVCObject@@XZ
?CreateObject@CGlobeBar@@SGPAVCObject@@XZ
?CreateObject@CGuideTipUI@@SGPAVCObject@@XZ
?CreateObject@CImageObject@@SGPAVCObject@@XZ
?CreateObject@CToolCat@@SGPAVCObject@@XZ
?CreateObject@CToolEngine@@SGPAVCObject@@XZ
?CreateObject@CToolHandle@@SGPAVCObject@@XZ
?CreateObject@CToolObject@@SGPAVCObject@@XZ
?CreateObject@CToolParam@@SGPAVCObject@@XZ
?CreateObject@CToolUI@@SGPAVCObject@@XZ
?CreatePopup@CFilmList@@QAEXPAUHINSTANCE__@@@Z
?CreateToolTip@CGlobeBar@@QAEHPAUItem@@H@Z
?CreateToolTip@CGlobeBar@@QAEHXZ
?CreateToolUI@CToolUI@@QAEHHPAVCWnd@@@Z
?CreateToolUI@CToolUI@@SAPAV1@PAUCRuntimeClass@@HPAVCWnd@@@Z
?CreateToolUI@CToolUI@@SAPAV1@U_GUID@@HPAVCWnd@@@Z
?CurrentItem@IItemList@CFilmList@@QAEPAVIItem@2@XZ
?DispatchLButtonDblClk@CFilmList@@AAEHIVCPoint@@@Z
?DispatchLButtonDown@CFilmList@@AAEHIVCPoint@@@Z
?DispatchLButtonUp@CFilmList@@AAEHIVCPoint@@@Z
?DispatchMouseMove@CFilmList@@AAEHIVCPoint@@@Z
?DockGlobalBar@IGlobarNotifyClient@@MAEXHPAVCGlobeBar@@@Z
?DockItemList@CFilmList@@QAEHPAV1@@Z
?Draw@IFrame1@CFilmList@@UAEXPAUHDC__@@PAUtagRECT@@@Z
?Draw@IFrame@CFilmList@@UAEXPAUHDC__@@PAUtagRECT@@@Z
?Draw@IItem@CFilmList@@UAEXPAUHDC__@@PAUtagRECT@@@Z
?Draw@IItemList@CFilmList@@UAEXPAUHDC__@@PAUtagRECT@@@Z
?DrawActiveBuffer@IItem@CFilmList@@UAEXPAUHDC__@@PAUtagRECT@@@Z
?DrawBackTexture@CGlobeBar@@AAEXPAVCDC@@@Z
?DrawBitmap@IItem@CFilmList@@UAEXPAUHDC__@@PAUtagRECT@@@Z
?DrawBitmapBackground@IItem@CFilmList@@UAEXPAUHDC__@@PAUtagRECT@@@Z
?DrawBorder@CGlobeBar@@IAEXAAVCDC@@@Z
?DrawBuffer@IItem@CFilmList@@UAEXPAUHDC__@@PAUtagRECT@@@Z
?DrawHandle@CToolHandle@@UAEHPAVCWnd@@@Z
?DrawTextureBack@CToolUI@@CAHUtagRECT@@PAUHDC__@@@Z
?DrawTextureBack@CToolUI@@CAHUtagRECT@@PAUHDC__@@H@Z
?Enable@CTitleTip@@QAEXH@Z
?EnableToolTips@CToolUI@@UAEHH@Z
?EnumWindowsProc@CToolUI@@CGHPAUHWND__@@J@Z
?Expand@CTitleTip@@IAEHH@Z
?FillLogFont@@YAXPAUtagLOGFONTA@@H@Z
?First@IItemList@CFilmList@@QAEXXZ
?GetActiveObject@CToolUI@@IAEPBVCToolObject@@XZ
?GetBitmapResourceInstance@CToolEngine@@IAEPAUHINSTANCE__@@XZ
?GetBitmapResourceInstance@CToolUI@@IAEPAUHINSTANCE__@@XZ
?GetBoundRect@CToolHandle@@UAEXPAUtagRECT@@@Z
?GetButtonSet@CToolUI@@UAEHPAUIFootInfo@@@Z
?GetCmdDir@CCmdBarBase@@IAEAAV?$CMap@U_GUID@@U1@PAV?$CMap@HHU_GUID@@U1@@@PAV2@@@XZ
?GetCommandBarItemCaption@@YAHU_GUID@@AAVCString@@@Z
?GetCommunicateObjectType@CListener@@QAEHPAPBU_GUID@@PAH1@Z
?GetConstanceResourceInstance@CToolEngine@@IAEPAUHINSTANCE__@@XZ
?GetConstanceResourceInstance@CToolUI@@IAEPAUHINSTANCE__@@XZ
?GetCurrentItemIndex@CFilmList@@QAEHXZ
?GetCurrentUIMode@CToolUI@@QAEHXZ
?GetDlgItem@CToolUI@@UAEPAVCWnd@@H@Z
?GetDrawEndItem@IItemList@CFilmList@@QAEHXZ
?GetDrawStartItem@IItemList@CFilmList@@QAEHXZ
?GetEyeDropperCB@CToolUI@@QAEPAXXZ
?GetFirstCommunicateObject@CListener@@QAEHPAPAV1@PAPAU__POSITION@@PAH@Z
?GetFirstListener@CListener@@QAEHPAPAV1@PAPAU__POSITION@@PAH@Z
?GetHandleParam@CToolHandle@@UAEHPAVIHandle_Param@1@@Z
?GetHookFunction@CFocusPopWnd2@@UAEP6GJHIJ@ZXZ
?GetHookHandle@CFocusPopWnd2@@UAEPAUHHOOK__@@XZ
?GetInstance@CGuideTipUI@@SAPAV1@XZ
?GetItemCount@CFilmList@@QAEHXZ
?GetItemCount@CGlobeBar@@IAEHXZ
?GetItemDx@CGlobeBar@@IAEHH@Z
?GetItemSh@CGlobeBar@@IAEHH@Z
?GetItemSw@CGlobeBar@@IAEHH@Z
?GetItemSx@CGlobeBar@@IAEHH@Z
?GetLinkBuffer@CToolUI@@QAEHPAPAX@Z
?GetLinkFilename@CToolUI@@QAEHAAVCString@@@Z
?GetListener@CListener@@QAEHPAU_GUID@@PAPAV1@PAH@Z
?GetMessageMap@CDescriptDB@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CDocFilmBar@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CFilmList@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CGlobeBar@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CGuideTipUI@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CScrollDock@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CTitleTip@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CToolUI@@MBEPBUAFX_MSGMAP@@XZ
?GetMode@IFrame@CFilmList@@UAEHXZ
?GetNextCommunicateObject@CListener@@QAEHPAPAV1@PAPAU__POSITION@@PAH@Z
?GetNextListener@CListener@@QAEHPAPAV1@PAPAU__POSITION@@PAH@Z
?GetNormalizeAngleFromHandle@CImageObject@@QAENXZ
?GetNormalizeWHFromHandle@CImageObject@@QAEXPAH0@Z
?GetObjectID@CListener@@QAEHPAPAU_GUID@@PAH@Z
?GetPanelID@CToolUI@@QAEHAAU_GUID@@@Z
?GetParam@CToolUI@@UAEPAVCToolParam@@XZ
?GetPopupBitmapRes@CCmdBarBase@@UAEHU_GUID@@H@Z
?GetPopupCaptionRes@CCmdBarBase@@UAEHU_GUID@@H@Z
?GetPopupCommandID@CCmdBarBase@@UAE?AU_GUID@@U2@H@Z
?GetPopupHelpID@CCmdBarBase@@UAEHU_GUID@@H@Z
?GetPopupItemCaption@@YAHU_GUID@@AAVCString@@@Z
?GetProperty@CToolUI@@UAEHH@Z
?GetRecentlyItemCaption@@YAHU_GUID@@AAVCString@@11@Z
?GetRegShowGuideTip@@YAHXZ
?GetRuntimeClass@CDescriptDB@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CFilmList@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CGlobeBar@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CGuideTipUI@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CImageObject@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CToolCat@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CToolEngine@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CToolHandle@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CToolObject@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CToolParam@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CToolUI@@UBEPAUCRuntimeClass@@XZ
?GetScrollDX@CToolUI@@MAEHXZ
?GetScrollDY@CToolUI@@MAEHXZ
?GetSelectedItem@CFilmList@@QAEPAVIItem@1@XZ
?GetSelectedItem@IItemList@CFilmList@@QAEPAVIItem@2@XZ
?GetSubToolUI@CUIPageCollection@@IAEPAVCToolUI@@H@Z
?GetTemplateResourceInstance@CToolEngine@@IAEPAUHINSTANCE__@@XZ
?GetTemplateResourceInstance@CToolUI@@IAEPAUHINSTANCE__@@XZ
?GetThis@CFocusPopWnd2@@UAEPAVCFocusPopWnd@@XZ
?GetTipTank@CGuideTipUI@@IAEPAV?$CMap@HHUTipInfo@@U1@@@XZ
?GetTopChildToolUI@CToolUI@@QAEPAV1@XZ
?GetUI_ID@CToolUI@@QAE?AU_GUID@@XZ
?GetUndoID@CToolEngine@@UAEHPAVCToolParam@@@Z
?GetWindow@CToolUI@@UAEPAVCWnd@@XZ
?Hide@CGlobeBar@@QAEXXZ
?HideHandle@CToolHandle@@UAEHPAVCWnd@@@Z
?HitTest@IItem@CFilmList@@UAEHPAUtagPOINT@@@Z
?HitTest@IItemList@CFilmList@@UAEHPAUtagPOINT@@@Z
?HookParent@CToolUI@@AAEXPAVCWnd@@@Z
?Init@CScrollDock@@QAEXXZ
?InitChildControl@CDocFilmBar@@QAEHXZ
?InitEyeDropperCallBack@CToolUI@@UAEXPAX@Z
?InitResourceDllInstance@CGlobeBar@@QAEHPAUHINSTANCE__@@00@Z
?InitResourceDllInstance@CToolEngine@@QAEHPAUHINSTANCE__@@00@Z
?InitResourceDllInstance@CToolUI@@QAEHPAUHINSTANCE__@@00@Z
?InitTool@CToolCat@@UAEHPAVCView@@@Z
?InitialHandle@CToolHandle@@UAEHPAVIHandle_Param@1@@Z
?InsertAfter@IItemList@CFilmList@@QAEHPAVIItem@2@0@Z
?InsertBefore@IItemList@CFilmList@@QAEHPAVIItem@2@0@Z
?InvalidateChildWnd@CToolUI@@IAEXPAVCWnd@@@Z
?IsDone@IItemList@CFilmList@@QAEHXZ
?IsItemGroupEnd@CGlobeBar@@IAEHH@Z
?IsKindOf@CToolUI@@MAGHABU_GUID@@HPAH1@Z
?IsKindOf@CToolUI@@QBEHPBUCRuntimeClass@@@Z
?IsMultiPage@CUIPageCollection@@MAEHXZ
?IsNewTipAdded@CGuideTipUI@@QAEHXZ
?IsObjectOf@CListener@@QAEHPAU_GUID@@PAH1@Z
?IsShow@CGlobeBar@@QAEHXZ
?IsShowButton@CToolUI@@QAEHH@Z
?IsShowMessage@CGuideTipUI@@IAEHH@Z
?IsShowScrollBar@CDescriptDB@@UAEHXZ
?IsShowScrollBar@CToolUI@@MAEHXZ
?IsShowTip@CTitleTip@@IAEHXZ
?IsSupportReEntry@CToolUI@@UAEHXZ
?IsTipExist@CGuideTipUI@@QAEHXZ
?IsTitleTipWindow@@YAHPAUHWND__@@@Z
?LeaveGuideTip@CGuideTipUI@@IAEXXZ
?LeaveTool@CToolCat@@UAEXXZ
?Levelize@IItemList@CFilmList@@QAEHH@Z
?LinkTo@CUIManagerClient@@IAEHU_GUID@@HPAULinkOption@@@Z
?List@CTitleTip@@2V?$CList@PAVCTitleTip@@PAV1@@@A
?LoadBitmapRes@@YAPAUHBITMAP__@@H@Z
?LoadBitmapRes@@YAPAUHBITMAP__@@PAUHINSTANCE__@@H@Z
?MouseFilter@CFocusPopWnd2@@SGJHIJ@Z
?Next@CUIManagerClient@@IAEHXZ
?Next@IItemList@CFilmList@@QAEXXZ
?OnActivate@CFilmList@@IAEXIPAVCWnd@@H@Z
?OnActiveChange@CToolUI@@UAEHPBVCToolObject@@@Z
?OnActiveChange@CToolUI@@UAEHXZ
?OnAskDrop@CToolUI@@IAEHPAUHWND__@@PAUtagPOINT@@@Z
?OnCancelLeaveTool@CToolCat@@UAEXXZ
?OnCancelMode@CGuideTipUI@@IAEXXZ
?OnCancelTerminateDialog@CToolUI@@UAEXXZ
?OnCaptureChanged@CFilmList@@IAEXPAVCWnd@@@Z
?OnChangeShowOption@CGuideTipUI@@IAEXXZ
?OnChar@CToolCat@@UAEHPAVCView@@III@Z
?OnCloseDoc@CFilmList@@IAEXXZ
?OnCommandHelp@CDescriptDB@@IAEJIJ@Z
?OnCommandHelp@CFilmList@@QAEJIJ@Z
?OnCommandUI@CFilmList@@IAEXPAVCCmdUI@@@Z
?OnCreate@CFilmList@@QAEHPAUtagCREATESTRUCTA@@@Z
?OnCreate@CGlobeBar@@IAEHPAUtagCREATESTRUCTA@@@Z
?OnCreate@CGuideTipUI@@IAEHPAUtagCREATESTRUCTA@@@Z
?OnCreate@CScrollDock@@QAEHPAUtagCREATESTRUCTA@@@Z
?OnCtlColor@CGuideTipUI@@IAEPAUHBRUSH__@@PAVCDC@@PAVCWnd@@I@Z
?OnCtlColor@CToolUI@@IAEPAUHBRUSH__@@PAVCDC@@PAVCWnd@@I@Z
?OnDestroy@CGlobeBar@@IAEXXZ
?OnDestroy@CGuideTipUI@@IAEXXZ
?OnDestroy@CTitleTip@@IAEXXZ
?OnDestroy@CToolUI@@IAEXXZ
?OnDoubleClickReplace@CToolUI@@UAEXXZ
?OnDragEnter@CFilmList@@QAEKPAVCOleDataObject@@KVCPoint@@@Z
?OnDragLeave@CFilmList@@QAEXXZ
?OnDragOver@CFilmList@@QAEKPAVCOleDataObject@@KVCPoint@@@Z
?OnDrop@CFilmList@@QAEHPAVCOleDataObject@@KVCPoint@@@Z
?OnEraseBkgnd@CGlobeBar@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CGuideTipUI@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CToolUI@@IAEHPAVCDC@@@Z
?OnEvent@CToolCat@@UAEHPAVCDocument@@IJ@Z
?OnEvent@CToolCat@@UAEHPAVCView@@IJ@Z
?OnGetMinMaxInfo@CGuideTipUI@@IAEXPAUtagMINMAXINFO@@@Z
?OnGlobalView@CGlobeBar@@IAEXXZ
?OnHelpHitTest@CDescriptDB@@IAEJIJ@Z
?OnHelpHitTest@CFilmList@@QAEJIJ@Z
?OnHelpHitTest@CGlobeBar@@IAEJIJ@Z
?OnHelpHitTest@CGlobeBar@@IAEJPBHIJ@Z
?OnIdle@CFilmList@@QAEXXZ
?OnInPortChange@CTestStateRule@@UAEHHU_GUID@@@Z
?OnInitialDialogItems@CToolUI@@UAEHPAVCUIParam@@@Z
?OnInitialDialogItems@CToolUI@@UAEHXZ
?OnInitialDialogItemsValue@CToolUI@@UAEXXZ
?OnItemChange@CGlobeBar@@IAEXH@Z
?OnKeyDown@CTitleTip@@IAEXIII@Z
?OnKeyDown@CToolCat@@UAEHPAVCView@@III@Z
?OnKeyUp@CToolCat@@UAEHPAVCView@@III@Z
?OnLButtonDblClk@CFilmList@@IAEXIVCPoint@@@Z
?OnLButtonDblClk@CGlobeBar@@IAEXIVCPoint@@@Z
?OnLButtonDblClk@CGuideTipUI@@IAEXIVCPoint@@@Z
?OnLButtonDblClk@CToolCat@@UAEHPAVCView@@IVCPoint@@@Z
?OnLButtonDblClk@CToolUI@@IAEXIVCPoint@@@Z
?OnLButtonDown@CFilmList@@IAEXIVCPoint@@@Z
?OnLButtonDown@CGlobeBar@@IAEXIVCPoint@@@Z
?OnLButtonDown@CGuideTipUI@@IAEXIVCPoint@@@Z
?OnLButtonDown@CTitleTip@@IAEXIVCPoint@@@Z
?OnLButtonDown@CToolCat@@UAEHPAVCView@@IVCPoint@@@Z
?OnLButtonDown@CToolHandle@@UAEXPAVCWnd@@IVCPoint@@@Z
?OnLButtonDown@CToolUI@@IAEXIVCPoint@@@Z
?OnLButtonUp@CFilmList@@IAEXIVCPoint@@@Z

Sections

.text
Size: 232KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
aac.dll
.dll windows x86

Password: 1234

0ab357132f6a9ac6e6a425bddc92a095

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
GlobalHandle
TlsAlloc
MulDiv
SetLastError
MoveFileA
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
lstrcpynA
EnterCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
GlobalUnlock
GlobalFree
lstrlenA
GlobalReAlloc
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GetTempFileNameA
GetCurrentDirectoryA
SetCurrentDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetSystemDefaultLangID
GetVersion
LocalFree
Sleep
GetDiskFreeSpaceA
GetSystemInfo
SetEndOfFile
MultiByteToWideChar
WideCharToMultiByte
SetErrorMode
GetDriveTypeA
GetVolumeInformationA
GetFileAttributesA
GetFullPathNameA
GetProcAddress
LoadLibraryA
FreeLibrary
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
WritePrivateProfileStringA
GetProcessVersion
GetCPInfo
GetOEMCP
RtlUnwind
RaiseException
HeapFree
HeapAlloc
HeapReAlloc
GetFileType
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
SetEnvironmentVariableA
GetACP
GetSystemTimeAsFileTime
ExitProcess
TerminateProcess
HeapSize
SetStdHandle
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
InterlockedExchange
GetFileInformationByHandle
InterlockedIncrement
GetModuleHandleA
GetModuleFileNameA
DeleteFileA
GetLastError
WriteFile
ReadFile
SetFilePointer
GetFileSize
GetFileTime
CreateFileA
CloseHandle
FindResourceA
SizeofResource
LoadResource
LockResource
InterlockedDecrement
WaitForSingleObject
PeekNamedPipe

aacenc32

ResetSbrHeaders
aacStreamDestroy32
aacStreamOpen32
aacStreamEncodeFrame32
aacStreamClose32

user32

GetClassNameA
SendMessageA
GetWindowLongA
GetWindow
EnableWindow
DestroyMenu
LoadStringA
SetWindowTextA
GetWindowTextA
GetSubMenu
GetMenuItemID
ModifyMenuA
GetMenuItemCount
IsWindow
MessageBoxA
GetActiveWindow
AdjustWindowRect
GetWindowRect
GetClientRect
PostQuitMessage
PostMessageA
SetCursor
IsWindowEnabled
GetLastActivePopup
GetParent
SetWindowsHookExA
GetCursorPos
PeekMessageA
IsWindowVisible
ValidateRect
CallNextHookEx
GetKeyState
DispatchMessageA
TranslateMessage
GetMessageA
GetNextDlgTabItem
GetFocus
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
GetDlgItem
DestroyWindow
CreateDialogIndirectParamA
GetSysColorBrush
LoadCursorA
PtInRect
UnregisterClassA
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
ClientToScreen
CharUpperA
ShowWindow
IsDialogMessageA
IsDlgButtonChecked
CheckDlgButton
LoadIconA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
GetTopWindow
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetWindowTextLengthA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
EndDialog
SetActiveWindow
GetSystemMetrics

gdi32

Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetDeviceCaps
DeleteObject
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegCloseKey
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA

comctl32

ord17

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

NERO_PLUGIN_GetPrimaryAudioObject
NERO_PLUGIN_ReadyToFinish

Sections

.text
Size: 492KB - Virtual size: 491KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 975KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
crckW4re/CRClient.dll
.dll windows x64

Password: 1234

993ec3d9312ac10f54052edf6ed89028

Code Sign

07:75:dc:5a:dd:f9:28:84:db:19:d5:55:4c:07:ec:49
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

31/01/2019, 00:00

Not After

03/02/2021, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Illustrator\, InDesign\, InCopy\, Muse,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8a:28:ef:5d:af:4d:b5:2d:4f:77:86:02:22:1d:35:c4:1c:99:42:15:38:fd:f8:45:95:36:ff:a9:98:33:e2:b3
Signer

Actual PE Digest

8a:28:ef:5d:af:4d:b5:2d:4f:77:86:02:22:1d:35:c4:1c:99:42:15:38:fd:f8:45:95:36:ff:a9:98:33:e2:b3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

dbghelp

SymInitialize
StackWalk64
SymGetModuleBase64
SymGetModuleInfo64
SymFromAddr
SymFunctionTableAccess64

kernel32

GetModuleHandleW
GetProcAddress
LoadLibraryW
CloseHandle
CreateThread
WaitForSingleObject
GetModuleFileNameW
FreeLibrary
ReadFile
GetCurrentThreadId
ReadProcessMemory
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
GetCurrentProcessId
TerminateThread
OpenThread
CreateNamedPipeW
VirtualProtect
WriteProcessMemory
GetThreadId
GetProcessId
K32GetModuleFileNameExW
CreateProcessW
GetProcessHeap
WriteFile
FlushFileBuffers
DisconnectNamedPipe
WerRegisterRuntimeExceptionModule
WerUnregisterRuntimeExceptionModule
LocaleNameToLCID
WideCharToMultiByte
VerSetConditionMask
VerifyVersionInfoW
CreateFileW
GetFileAttributesExW
EnterCriticalSection
LeaveCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
FindResourceExW
FindResourceW
SizeofResource
LockResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionEx
GetLastError
RaiseException
MultiByteToWideChar
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
ConnectNamedPipe
IsDebuggerPresent

user32

IsWindowVisible
EnableWindow
IsHungAppWindow
DisableProcessWindowsGhosting
MessageBoxW
GetWindowTextW
GetWindowTextLengthW
ReleaseDC
DrawIconEx
GetSysColor
GetDC
SetFocus
GetDlgCtrlID
IsDlgButtonChecked
PostMessageW
ShowWindow
GetSystemMenu
EnableMenuItem
GetWindowThreadProcessId
GetSysColorBrush
EndDialog
GetWindow
SetWindowTextW
SetDlgItemTextW
SetWindowPos
OffsetRect
CopyRect
GetDesktopWindow
GetKeyState
GetDlgItem
GetWindowLongPtrW
GetParent
SetCursor
LoadCursorW
ReleaseCapture
PtInRect
ClientToScreen
GetWindowRect
SetCapture
InvalidateRect
GetCapture
SendMessageW
EnumWindows
CheckDlgButton
SetPropW
RemovePropW
DialogBoxIndirectParamW
GetPropW
CallWindowProcW
SetWindowLongPtrW

gdi32

DeleteDC
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
SetBkMode
CreateFontIndirectW
GetObjectW
SetTextColor
DeleteObject

advapi32

RegOpenCurrentUser
RegSetValueExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW

shell32

SHCreateDirectoryExW
SHGetKnownFolderPath
ord6
ShellExecuteW

ole32

CoTaskMemFree
CoCreateGuid

msvcp140

_Strcoll
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
_Wcscoll
_Strxfrm
_Wcsxfrm
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?id@?$ctype@D@std@@2V0locale@2@A
?id@?$collate@_W@std@@2V0locale@2@A
?id@?$collate@D@std@@2V0locale@2@A
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?tolower@?$ctype@_W@std@@QEBAPEB_WPEA_WPEB_W@Z
?tolower@?$ctype@_W@std@@QEBA_W_W@Z
?is@?$ctype@_W@std@@QEBA_NF_W@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
?tolower@?$ctype@D@std@@QEBADD@Z
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?read@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@PEA_W_J@Z
?seekg@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_JH@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
?_Xbad_alloc@std@@YAXXZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Xout_of_range@std@@YAXPEBD@Z
_Mtx_init_in_situ
_Mtx_destroy_in_situ
?empty@locale@std@@SA?AV12@XZ
?_BADOFF@std@@3_JB
?uncaught_exception@std@@YA_NXZ
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?_Xlength_error@std@@YAXPEBD@Z
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
?id@?$ctype@_W@std@@2V0locale@2@A
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?getloc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEBA?AVlocale@2@XZ
?_Init@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXXZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?imbue@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?widen@?$ctype@_W@std@@QEBA_WD@Z
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
?unshift@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?out@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEB_W1AEAPEB_WPEAD3AEAPEAD@Z
?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
??Bid@locale@std@@QEAA_KXZ
?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA_N_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_J@Z
?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Throw_C_error@std@@YAXH@Z
_Thrd_start
_Thrd_join
_Mtx_init
_Mtx_lock
_Mtx_trylock
_Mtx_unlock
_Cnd_init
_Cnd_wait
_Cnd_signal
_Cnd_destroy
_Mtx_destroy
_Cnd_do_broadcast_at_thread_exit
?_Throw_Cpp_error@std@@YAXH@Z
_Thrd_id
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z
?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ

shlwapi

PathAppendW
PathFileExistsW

vcruntime140

memchr
strchr
__CxxFrameHandler3
memset
__C_specific_handler
__vcrt_InitializeCriticalSectionEx
_CxxThrowException
__std_type_info_destroy_list
wcsstr
_purecall
memmove
__std_exception_destroy
__std_exception_copy
__std_terminate
memcmp
memcpy

api-ms-win-crt-heap-l1-1-0

_callnewh
free
calloc
_recalloc
realloc
malloc

api-ms-win-crt-string-l1-1-0

strtok_s
strncpy_s
isspace
tolower
_strdup
wcsnlen
wmemcpy_s
iswspace

api-ms-win-crt-runtime-l1-1-0

terminate
_initterm_e
_invalid_parameter_noinfo
_initterm
_errno
_cexit
_invalid_parameter_noinfo_noreturn
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll

api-ms-win-crt-stdio-l1-1-0

ungetwc
fgetwc
fsetpos
_fseeki64
fgetpos
fwrite
_get_stream_buffer_pointers
fclose
__stdio_common_vswprintf
__stdio_common_vswprintf_s
fputc
setvbuf
ungetc
fputwc
fflush
fgetc

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file
_wremove

api-ms-win-crt-convert-l1-1-0

_itoa_s

Exports

Exports

?AddCRCustomData@@YA_NV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_K@Z
?CrashReporterInitialize@@YA_NPEAXPEBD1111P6A_KAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@ZP6AXXZ_NW4AdobeCrashReporterScalingFactor@@@Z
?GetCRDialogOptions@@YAHXZ
?GetCRLastErrorCode@@YA?AW4ERROR_CR@@XZ
?SetCRDialogOptions@@YA_NH@Z
?SetCRDialogSaclingFactor@@YA_NW4AdobeCrashReporterScalingFactor@@@Z
?SetCRDialogUserEmail@@YA_NV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetCRDisplayName@@YA_NPEBD@Z
?SetCRHighbeamSessionId@@YA_NPEBD@Z
?SetCRHighbeamSessionInfo@@YA_NPEAXPEB_W@Z
?SetCRLocale@@YA_NPEBD@Z
?SetCRParentWnd@@YA_NPEAX@Z
?SetCRPostHandler@@YA_NP6AXXZ@Z
?SetCRPosthandlerThreadPreference@@YA_N_N@Z
?SetCRPreHandler@@YA_NP6A_KAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z@Z
?ShowCRDialogOnlyOnFirstCrash@@YA_NXZ
OutOfProcessExceptionEventCallback
OutOfProcessExceptionEventDebuggerLaunchCallback
OutOfProcessExceptionEventSignatureCallback

Sections

.text
Size: 215KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 668B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
halacpi.dll
.dll windows x86

Password: 1234

c283129eb9863e4bca45227768f18d7c

Code Sign

33:00:00:02:32:41:fb:59:99:6d:cc:4d:ff:00:00:00:00:02:32
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:24

Not After

02/05/2020, 21:24

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c8:aa:1c:e7:3b:10:db:66:5a:79:50:dc:dd:4f:f7:85:5d:92:5f:9b:aa:6f:7a:ff:6c:bb:6b:c9:92:95:72:6e
Signer

Actual PE Digest

c8:aa:1c:e7:3b:10:db:66:5a:79:50:dc:dd:4f:f7:85:5d:92:5f:9b:aa:6f:7a:ff:6c:bb:6b:c9:92:95:72:6e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

Kei386EoiHelper
KeWaitForSingleObject
KiCheckForSListAddress
KiUnexpectedInterrupt
KeSetTimeIncrement
KiDeliverApc
KiDispatchInterrupt
ExAllocatePoolWithTag
memset
KeConnectInterruptForHal
KeInitializeInterrupt
KeGetCurrentProcessorNumberEx
RtlMoveMemory
IoAllocateAdapterChannel
ObCreateObject
MmAllocateMappingAddress
MmUnmapReservedMapping
MmMapLockedPagesWithReservedMapping
memcpy
MmMapLockedPagesSpecifyCache
MmGetPhysicalAddress
MmAllocateContiguousMemorySpecifyCache
MmFreeContiguousMemory
RtlFindClearBitsAndSet
KeRemoveDeviceQueue
RtlClearBits
ObfDereferenceObject
Mm64BitPhysicalAddress
IoFreeMdl
IoAllocateMdl
MmUnlockPagableImageSection
MmLockPagableDataSection
MmMapIoSpace
RtlSetAllBits
RtlInitializeBitMap
KeInitializeDeviceQueue
ZwClose
ObInsertObject
ObReferenceObjectByPointer
IoAdapterObjectType
KeSetEvent
ExFreePoolWithTag
MmUnmapLockedPages
RtlSetBits
IoRegisterPlugPlayNotification
IofCallDriver
IoBuildSynchronousFsdRequest
KeInitializeEvent
IoGetDeviceObjectPointer
RtlInitUnicodeString
IoGetDeviceInterfaces
_allshr
ExQueueWorkItem
KeInsertDeviceQueue
MmUnmapIoSpace
EmpProviderRegister
DbgPrint
KeFindConfigurationNextEntry
KeFindConfigurationEntry
strncmp
ExiReleaseFastMutex
ExiAcquireFastMutex
RtlEqualString
RtlInitString
ExAllocatePool
wcstoul
ZwEnumerateValueKey
ZwQueryKey
ZwOpenKey
WRITE_REGISTER_ULONG
READ_REGISTER_ULONG
HalPrivateDispatchTable
ZwSetValueKey
ZwCreateKey
InbvDisplayString
KeProfileInterrupt
IoSetPartitionInformation
IoWritePartitionTable
strncpy_s
_stricmp
WRITE_REGISTER_UCHAR
InbvCheckDisplayOwnership
KiBugCheckData
EtwWrite
EtwEventEnabled
_aulldiv
_allmul
_vsnwprintf
RtlFindLeastSignificantBit
_wcsicmp
KeRevertToUserGroupAffinityThread
KeProcessorGroupAffinity
KeSetSystemGroupAffinityThread
KeQueryActiveProcessorCountEx
MmLockPagableSectionByHandle
KeEnterKernelDebugger
KdDebuggerEnabled
KdDebuggerNotPresent
InbvSetScrollRegion
InbvEnableDisplayString
InbvInstallDisplayStringFilter
InbvSetTextColor
InbvSolidColorFill
InbvResetDisplay
InbvAcquireDisplayOwnership
InbvIsBootDriverInstalled
WheaReportHwError
WheaGetErrorSource
RtlIntegerToUnicodeString
ZwQueryValueKey
KefAcquireSpinLockAtDpcLevel
KefReleaseSpinLockFromDpcLevel
RtlClearAllBits
RtlAreBitsClear
RtlFindNextForwardRunClear
RtlFindFirstRunClear
PoSetFixedWakeSource
RtlTimeFieldsToTime
RtlTimeToTimeFields
DbgPrintEx
EtwRegister
MmIsVerifierEnabled
IofCompleteRequest
PoStartNextPowerIrp
ObfReferenceObject
IoDeleteDevice
IoAttachDeviceToDeviceStack
IoCreateDevice
IoReportDetectedDevice
IoCreateDriver
MmAllocateContiguousMemory
PoSetHiberRange
KeIpiGenericCall
IoReportHalResourceUsage
RtlCmEncodeMemIoResource
KeQueryActiveProcessorAffinity
ZwPowerInformation
ExRegisterCallback
ExCreateCallback
HalDispatchTable
KeTickCount
KePollFreezeExecution
KeTryToAcquireSpinLockAtDpcLevel
KeQuerySystemTime
_aullshr
strstr
KeQueryInterruptTime
KeUpdateSystemTime
KeSaveStateForHibernate
KeBugCheckEx
IoReadPartitionTable
ZwDeleteValueKey
_aulldvrm
_alldvrm
RtlUnwind

kdcom

KdRestore

pshed

PshedRetrieveErrorInfo

Exports

Exports

ExAcquireFastMutex
ExReleaseFastMutex
ExTryToAcquireFastMutex
HalAcquireDisplayOwnership
HalAdjustResourceList
HalAllProcessorsStarted
HalAllocateAdapterChannel
HalAllocateCommonBuffer
HalAllocateCrashDumpRegisters
HalAllocateHardwareCounters
HalAssignSlotResources
HalBeginSystemInterrupt
HalBugCheckSystem
HalCalibratePerformanceCounter
HalClearSoftwareInterrupt
HalConvertDeviceIdtToIrql
HalDisableInterrupt
HalDisplayString
HalEnableInterrupt
HalEndSystemInterrupt
HalEnumerateEnvironmentVariablesEx
HalFlushCommonBuffer
HalFreeCommonBuffer
HalFreeHardwareCounters
HalGetAdapter
HalGetBusData
HalGetBusDataByOffset
HalGetEnvironmentVariable
HalGetEnvironmentVariableEx
HalGetInterruptTargetInformation
HalGetInterruptVector
HalGetMemoryCachingRequirements
HalGetMessageRoutingInfo
HalGetProcessorIdByNtNumber
HalGetVectorInput
HalHandleNMI
HalInitSystem
HalInitializeBios
HalInitializeOnResume
HalInitializeProcessor
HalMakeBeep
HalMcUpdateReadPCIConfig
HalProcessorIdle
HalQueryDisplayParameters
HalQueryEnvironmentVariableInfoEx
HalQueryMaximumProcessorCount
HalQueryRealTimeClock
HalReadDmaCounter
HalRegisterDynamicProcessor
HalRegisterErrataCallbacks
HalReportResourceUsage
HalRequestClockInterrupt
HalRequestIpi
HalRequestSoftwareInterrupt
HalReturnToFirmware
HalSetBusData
HalSetBusDataByOffset
HalSetDisplayParameters
HalSetEnvironmentVariable
HalSetEnvironmentVariableEx
HalSetProfileInterval
HalSetRealTimeClock
HalSetTimeIncrement
HalStartDynamicProcessor
HalStartNextProcessor
HalStartProfileInterrupt
HalStopProfileInterrupt
HalSystemVectorDispatchEntry
HalTranslateBusAddress
HalpMcaExceptionHandler
IoFlushAdapterBuffers
IoFreeAdapterChannel
IoFreeMapRegisters
IoMapTransfer
IoReadPartitionTable
IoSetPartitionInformation
IoWritePartitionTable
KdComPortInUse
KeAcquireInStackQueuedSpinLock
KeAcquireInStackQueuedSpinLockRaiseToSynch
KeAcquireQueuedSpinLock
KeAcquireQueuedSpinLockRaiseToSynch
KeAcquireSpinLock
KeAcquireSpinLockRaiseToSynch
KeFlushWriteBuffer
KeGetCurrentIrql
KeLowerIrql
KeQueryPerformanceCounter
KeRaiseIrql
KeRaiseIrqlToDpcLevel
KeRaiseIrqlToSynchLevel
KeReleaseInStackQueuedSpinLock
KeReleaseQueuedSpinLock
KeReleaseSpinLock
KeStallExecutionProcessor
KeTryToAcquireQueuedSpinLock
KeTryToAcquireQueuedSpinLockRaiseToSynch
KfAcquireSpinLock
KfLowerIrql
KfRaiseIrql
KfReleaseSpinLock
READ_PORT_BUFFER_UCHAR
READ_PORT_BUFFER_ULONG
READ_PORT_BUFFER_USHORT
READ_PORT_UCHAR
READ_PORT_ULONG
READ_PORT_USHORT
WRITE_PORT_BUFFER_UCHAR
WRITE_PORT_BUFFER_ULONG
WRITE_PORT_BUFFER_USHORT
WRITE_PORT_UCHAR
WRITE_PORT_ULONG
WRITE_PORT_USHORT
x86BiosAllocateBuffer
x86BiosCall
x86BiosFreeBuffer
x86BiosReadMemory
x86BiosWriteMemory

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RWEXEC
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INITDAT
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGELK
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGELK16
Size: 512B - Virtual size: 130B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGE
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGEKD
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
multiacc.exe
.exe windows x64

Password: 1234

0b5552dccd9d0a834cea55c0c8fc05be

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

CreateWindowExW
MessageBoxW
MessageBoxA
SystemParametersInfoW
DestroyIcon
SetWindowLongPtrW
GetWindowLongPtrW
GetClientRect
InvalidateRect
ReleaseDC
GetDC
DrawTextW
GetDialogBaseUnits
EndDialog
DialogBoxIndirectParamW
MoveWindow
SendMessageW

comctl32

ord380

kernel32

GetStringTypeW
GetFileAttributesExW
HeapReAlloc
FlushFileBuffers
GetCurrentDirectoryW
IsValidCodePage
GetACP
GetModuleHandleW
MulDiv
GetLastError
SetDllDirectoryW
GetModuleFileNameW
GetProcAddress
GetCommandLineW
GetEnvironmentVariableW
GetOEMCP
ExpandEnvironmentStringsW
CreateDirectoryW
GetTempPathW
WaitForSingleObject
Sleep
GetExitCodeProcess
CreateProcessW
GetStartupInfoW
FreeLibrary
LoadLibraryExW
SetConsoleCtrlHandler
FindClose
FindFirstFileExW
CloseHandle
GetCurrentProcess
LocalFree
FormatMessageW
MultiByteToWideChar
WideCharToMultiByte
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetTimeZoneInformation
HeapSize
WriteConsoleW
SetEnvironmentVariableW
RtlUnwindEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
SetEndOfFile
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
RaiseException
RtlPcToFileHeader
GetCommandLineA
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFullPathNameW
RemoveDirectoryW
FindNextFileW
SetStdHandle
DeleteFileW
ReadFile
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleExW
HeapFree
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetConsoleOutputCP
GetFileSizeEx
HeapAlloc
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW

advapi32

OpenProcessToken
GetTokenInformation
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertSidToStringSidW

gdi32

SelectObject
DeleteObject
CreateFontIndirectW

Sections

.text
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
readME.txt

Sharing

General

Malware Config

Signatures

Files

Password: 1234

Password: 1234

8a814ee81a8fe333a6898be65a8eb654

Headers

File Characteristics

Imports

xuikit

peobj

pebase

commonui

u32base

mfc42

msvcrt

kernel32

user32

gdi32

ole32

oleaut32

u32comm

Exports

Exports

Sections

.text Size: 232KB - Virtual size: 230KB

.rdata Size: 84KB - Virtual size: 81KB

.data Size: 8KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 24KB - Virtual size: 23KB

Password: 1234

0ab357132f6a9ac6e6a425bddc92a095

Headers

File Characteristics

Imports

kernel32

aacenc32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

wininet

version

Exports

Exports

Sections

.text Size: 492KB - Virtual size: 491KB

.rdata Size: 68KB - Virtual size: 66KB

.data Size: 108KB - Virtual size: 975KB

.rsrc Size: 80KB - Virtual size: 78KB

.reloc Size: 52KB - Virtual size: 48KB

Password: 1234

993ec3d9312ac10f54052edf6ed89028

Code Sign

07:75:dc:5a:dd:f9:28:84:db:19:d5:55:4c:07:ec:49Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6dCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

8a:28:ef:5d:af:4d:b5:2d:4f:77:86:02:22:1d:35:c4:1c:99:42:15:38:fd:f8:45:95:36:ff:a9:98:33:e2:b3Signer

Headers

DLL Characteristics

File Characteristics

Imports

dbghelp

kernel32

user32

gdi32

advapi32

.text
Size: 232KB - Virtual size: 230KB

.rdata
Size: 84KB - Virtual size: 81KB

.data
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 24KB - Virtual size: 23KB

.text
Size: 492KB - Virtual size: 491KB

.rdata
Size: 68KB - Virtual size: 66KB

.data
Size: 108KB - Virtual size: 975KB

.rsrc
Size: 80KB - Virtual size: 78KB

.reloc
Size: 52KB - Virtual size: 48KB

07:75:dc:5a:dd:f9:28:84:db:19:d5:55:4c:07:ec:49
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

8a:28:ef:5d:af:4d:b5:2d:4f:77:86:02:22:1d:35:c4:1c:99:42:15:38:fd:f8:45:95:36:ff:a9:98:33:e2:b3
Signer

.text
Size: 215KB - Virtual size: 214KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 5KB - Virtual size: 9KB

.pdata
Size: 11KB - Virtual size: 10KB

.gfids
Size: 512B - Virtual size: 68B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 59KB - Virtual size: 58KB

.reloc
Size: 1024B - Virtual size: 668B

33:00:00:02:32:41:fb:59:99:6d:cc:4d:ff:00:00:00:00:02:32
Certificate

61:07:76:56:00:00:00:00:00:08
Certificate

c8:aa:1c:e7:3b:10:db:66:5a:79:50:dc:dd:4f:f7:85:5d:92:5f:9b:aa:6f:7a:ff:6c:bb:6b:c9:92:95:72:6e
Signer

.text
Size: 66KB - Virtual size: 66KB

.data
Size: 2KB - Virtual size: 8KB

RWEXEC
Size: 1KB - Virtual size: 1KB

INITDAT
Size: 512B - Virtual size: 360B

PAGELK
Size: 7KB - Virtual size: 7KB

PAGELK16
Size: 512B - Virtual size: 130B

PAGE
Size: 9KB - Virtual size: 8KB

PAGEKD
Size: 9KB - Virtual size: 9KB

.edata
Size: 4KB - Virtual size: 3KB

INIT
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 7KB - Virtual size: 6KB

.text
Size: 162KB - Virtual size: 162KB

.rdata
Size: 75KB - Virtual size: 74KB

.data
Size: 3KB - Virtual size: 64KB

.pdata
Size: 8KB - Virtual size: 8KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 17KB - Virtual size: 17KB

.reloc
Size: 2KB - Virtual size: 1KB