Extracted

• 196445c0000.dll

  .dll windows x64

  81de4ee1071a8320787d7c9e149ace7f

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Imports

  ZwOpenProcess

  ZwQueryInformationToken

  NtSetInformationProcess

  sprintf

  ZwOpenProcessToken

  strcpy

  ZwQueryInformationProcess

  RtlNtStatusToDosError

  NtQuerySystemInformation

  NtQueryInformationThread

  _wcsupr

  memmove

  wcscpy

  _snprintf

  mbstowcs

  ZwQueryKey

  NtResumeProcess

  RtlFreeUnicodeString

  RtlUpcaseUnicodeString

  NtSuspendProcess

  wcstombs

  RtlAdjustPrivilege

  memset

  _strupr

  _snwprintf

  memcpy

  RtlImageNtHeader

  ZwClose

  __C_specific_handler

  __chkstk

  RegisterWaitForSingleObject

  VirtualProtectEx

  FileTimeToLocalFileTime

  CreateFileMappingW

  GetModuleFileNameA

  GetModuleFileNameW

  QueryPerformanceFrequency

  GetLocalTime

  FileTimeToSystemTime

  GetComputerNameExA

  GetComputerNameW

  QueryPerformanceCounter

  GetTempFileNameA

  CreateThread

  TerminateThread

  GetCurrentProcessId

  GetVersion

  DeleteCriticalSection

  HeapAlloc

  HeapFree

  WaitForSingleObject

  ExitThread

  lstrlenW

  GetLastError

  ResetEvent

  CloseHandle

  DeleteFileW

  CreateFileA

  lstrlenA

  WriteFile

  lstrcatA

  CreateDirectoryA

  RemoveDirectoryA

  LoadLibraryA

  DeleteFileA

  lstrcpyA

  HeapReAlloc

  SetEvent

  GetSystemTimeAsFileTime

  HeapDestroy

  HeapCreate

  GetModuleHandleA

  ExitProcess

  GetFileSize

  lstrcmpA

  SetWaitableTimer

  CreateDirectoryW

  GetTickCount

  GetCurrentThread

  VirtualFree

  GetWindowsDirectoryA

  GetCommandLineA

  InitializeCriticalSection

  OpenProcess

  Sleep

  CopyFileW

  CreateEventA

  LeaveCriticalSection

  TerminateProcess

  CreateFileW

  VirtualAlloc

  EnterCriticalSection

  lstrcmpiW

  lstrcatW

  GetCurrentThreadId

  DuplicateHandle

  GetTempPathA

  SuspendThread

  ResumeThread

  lstrcpyW

  SwitchToThread

  MapViewOfFile

  UnmapViewOfFile

  SetLastError

  lstrcmpiA

  OpenWaitableTimerA

  OpenMutexA

  WaitForMultipleObjects

  CreateMutexA

  ReleaseMutex

  CreateWaitableTimerA

  UnregisterWait

  TlsGetValue

  LoadLibraryExW

  TlsSetValue

  VirtualQuery

  VirtualProtect

  TlsAlloc

  GetProcAddress

  OpenEventA

  RemoveVectoredExceptionHandler

  AddVectoredExceptionHandler

  GetDriveTypeW

  GetLogicalDriveStringsW

  WideCharToMultiByte

  GetExitCodeProcess

  CreateProcessA

  CreateFileMappingA

  OpenFileMappingA

  LocalFree

  lstrcpynA

  GlobalLock

  GlobalUnlock

  Thread32First

  Thread32Next

  QueueUserAPC

  OpenThread

  CreateToolhelp32Snapshot

  CallNamedPipeA

  WaitNamedPipeA

  ConnectNamedPipe

  ReadFile

  GetOverlappedResult

  DisconnectNamedPipe

  FlushFileBuffers

  CreateNamedPipeA

  CancelIo

  GetSystemTime

  SleepEx

  LocalAlloc

  FreeLibrary

  RaiseException

  ExpandEnvironmentStringsW

  RemoveDirectoryW

  SetEndOfFile

  SetFilePointer

  FindNextFileW

  FindClose

  GetFileAttributesW

  SetFilePointerEx

  FindFirstFileW

  GetVersionExA

  Sections

  .text

  Size: 180KB - Virtual size: 180KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 24KB - Virtual size: 24KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 8KB - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 8KB - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .bss

  Size: 12KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .reloc

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ