playtime-with-percy (1)[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

playtime-with-percy (1).rar
Size

623.7MB
MD5

ddb743b3925a2e247c84b87750a19bf7
SHA1

fe041392430796962bf6ad5dd5d5bebad43fb7ad
SHA256

69a3fea127f020ec19879e04cd0f3f62972d4c9075796a06f6b819e31d6f8e2f
SHA512

d2dd2a20a3a23b6eb7665e68522875c4cf9f8c903e50fa9fadba71b5663a871f17907e26e34a0ba0b2fdd6ae7474ee34f4d5b723c727e191e87a8a53b2170d14
SSDEEP

12582912:DM2gIa14CzfZ0Excnj+UvlqoF8TIidyscIzR4ylj0PmOJWjnDe9:DYgcfZMn7/Fsyqd4SamOinDk

Score

3^/10

Malware Config

Signatures

Unsigned PE 29 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Playtime with Percy/Modules/DRPC.mfx
unpack001/Playtime with Percy/Modules/Easing.mfx
unpack001/Playtime with Percy/Modules/Get.mfx
unpack001/Playtime with Percy/Modules/INI++15.mfx
unpack001/Playtime with Percy/Modules/InternetConnectionOperations.mfx
unpack001/Playtime with Percy/Modules/KcCursor.mfx
unpack001/Playtime with Percy/Modules/Perspective.mfx
unpack001/Playtime with Percy/Modules/Surface.mfx
unpack001/Playtime with Percy/Modules/aviflt.ift
unpack001/Playtime with Percy/Modules/bmpflt.ift
unpack001/Playtime with Percy/Modules/clickteam-dragdrop.mvx
unpack001/Playtime with Percy/Modules/fliflt.ift
unpack001/Playtime with Percy/Modules/gifflt.ift
unpack001/Playtime with Percy/Modules/jpgflt.ift
unpack001/Playtime with Percy/Modules/kcedit.mfx
unpack001/Playtime with Percy/Modules/kchisc.mfx
unpack001/Playtime with Percy/Modules/kcini.mfx
unpack001/Playtime with Percy/Modules/kclist.mfx
unpack001/Playtime with Percy/Modules/kcmouse.mfx
unpack001/Playtime with Percy/Modules/kcrandom.mfx
unpack001/Playtime with Percy/Modules/kcwctrl.mfx
unpack001/Playtime with Percy/Modules/mp3flt.sft
unpack001/Playtime with Percy/Modules/oggflt.sft
unpack001/Playtime with Percy/Modules/parser.mfx
unpack001/Playtime with Percy/Modules/pcxflt.ift
unpack001/Playtime with Percy/Modules/pngflt.ift
unpack001/Playtime with Percy/Modules/tgaflt.ift
unpack001/Playtime with Percy/Modules/waveFlt.sft
unpack001/Playtime with Percy/Playtime with Percy.exe

Files

playtime-with-percy (1).rar
.rar

Password: playtimewithpercy
Playtime with Percy/Modules/DRPC.mfx
.dll windows x86

Password: playtimewithpercy

8a06a728754924b33356748e5fdc53ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetEvent
GetFileAttributesW
DebugBreak
FreeLibrary
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
LoadLibraryExW
CreateEventW
LockResource
SizeofResource
FindResourceW
CreateDirectoryW
FindClose
FindFirstFileW
FindNextFileW
CopyFileW
CreateThread
WaitForSingleObject
OutputDebugStringA
WideCharToMultiByte
LoadResource
MultiByteToWideChar
WriteConsoleW
lstrlenW
CreateFileW
ReadFile
WriteFile
CloseHandle
GetLastError
PeekNamedPipe
WaitNamedPipeW
GetCurrentProcessId
FormatMessageW
DuplicateHandle
WaitForSingleObjectEx
Sleep
GetCurrentProcess
SwitchToThread
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
GetNativeSystemInfo
QueryPerformanceCounter
QueryPerformanceFrequency
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
GetProcAddress
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
ResetEvent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
CreateTimerQueue
SignalObjectAndWait
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
OutputDebugStringW
GetThreadTimes
FreeLibraryAndExitThread
GetModuleHandleA
GetVersionExW
VirtualAlloc
VirtualProtect
VirtualFree
SetProcessAffinityMask
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
WaitForMultipleObjectsEx
LoadLibraryW
RaiseException
RtlUnwind
HeapSize
ExitThread
ResumeThread
GetModuleHandleExW
ExitProcess
HeapAlloc
HeapFree
GetProcessHeap
GetACP
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetFileType
GetConsoleMode
ReadConsoleW
SetFilePointerEx
SetConsoleCtrlHandler
HeapReAlloc
GetTimeZoneInformation
FindFirstFileExA
FindFirstFileExW
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
FlushFileBuffers
GetConsoleCP
SetStdHandle
SetEndOfFile
RtlCaptureStackBackTrace

user32

CreateMenu
LoadStringW
MessageBoxA
CreatePopupMenu
AppendMenuW

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW

Exports

Exports

ContinueRunObject
CreateFromFile
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
DuplicateObject
EditDebugItem
EditObject
EditParameter
EditProp
EditorDisplay
EndApp
EndFrame
Free
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetDebugItem
GetDebugTree
GetDependencies
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionParam
GetExpressionString
GetExpressionTitle
GetFilters
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetParameterString
GetPropCheck
GetPropCreateParam
GetPropValue
GetProperties
GetRunObjectDataSize
GetRunObjectInfos
GetTextAlignment
GetTextCaps
GetTextClr
GetTextFont
HandleRunObject
InitParameter
Initialize
IsPropEnabled
IsTransparent
LoadObject
LoadRunObject
MakeIconEx
PauseRunObject
PrepareFlexBuild
PrepareToWriteObject
PutObject
ReleasePropCreateParam
ReleaseProperties
RemoveObject
SaveRunObject
SetPropCheck
SetPropValue
SetTextAlignment
SetTextClr
SetTextFont
StartApp
StartFrame
UnloadObject
UpdateEditStructure
UpdateFileNames
UsesFile

Sections

.text
Size: 667KB - Virtual size: 666KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/Easing.mfx
.dll windows x86

Password: playtimewithpercy

3023eed11a18b27193064f880b20984a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
RtlUnwind
GetCommandLineA
GetCurrentThreadId
EncodePointer
DecodePointer
HeapAlloc
GetLastError
HeapFree
IsDebuggerPresent
IsProcessorFeaturePresent
SetLastError
InterlockedIncrement
InterlockedDecrement
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
GetProcessHeap
GetStdHandle
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
Sleep
WriteFile
GetModuleFileNameW
HeapSize
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
LoadLibraryExW
HeapReAlloc
OutputDebugStringW
LoadLibraryW
LCMapStringW
GetStringTypeW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CloseHandle
CreateFileW

Exports

Exports

ContinueRunObject
CreateFromFile
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
DuplicateObject
EditDebugItem
EditObject
EditParameter
EditProp
EndApp
EndFrame
Free
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetDebugItem
GetDebugTree
GetDependencies
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionParam
GetExpressionString
GetExpressionTitle
GetFilters
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetParameterString
GetPropCheck
GetPropCreateParam
GetPropValue
GetProperties
GetRunObjectDataSize
GetRunObjectInfos
GetTextAlignment
GetTextCaps
GetTextClr
GetTextFont
HandleRunObject
InitParameter
Initialize
IsPropEnabled
IsTransparent
LoadObject
LoadRunObject
PauseRunObject
PrepareToWriteObject
PutObject
ReleasePropCreateParam
ReleaseProperties
RemoveObject
SaveRunObject
SetPropCheck
SetPropValue
SetTextAlignment
SetTextClr
SetTextFont
StartApp
StartFrame
UnloadObject
UpdateEditStructure
UpdateFileNames
UsesFile

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/Get.mfx
.dll windows x86

Password: playtimewithpercy

61d29fbd6ac69b706207394c13f96389

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetEvent
OutputDebugStringW
MultiByteToWideChar
InterlockedExchange
CreateThread
GetLastError
WaitForSingleObject
Sleep
CloseHandle
InterlockedCompareExchange
CreateTimerQueue
CreateTimerQueueTimer
DeleteTimerQueueTimer
DeleteTimerQueue
WideCharToMultiByte
OutputDebugStringA
DecodePointer
SetEndOfFile
HeapReAlloc
HeapSize
GlobalAlloc
GetFileAttributesW
CreateEventW
FormatMessageW
WriteConsoleW
FlushFileBuffers
SetStdHandle
CreateFileW
GetStringTypeW
SetConsoleCtrlHandler
GetProcessHeap
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileW
FindNextFileA
FindFirstFileExW
FindFirstFileExA
FindClose
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwind
RaiseException
InterlockedPushEntrySList
InterlockedFlushSList
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ReadFile
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetModuleFileNameW
HeapAlloc
HeapFree
GetCurrentThread
GetACP
GetStdHandle
GetFileType
GetConsoleMode
ReadConsoleW
SetFilePointerEx
WriteFile
GetConsoleCP
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
WaitForSingleObjectEx

user32

wsprintfW
MessageBoxW
GetPropW

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysAllocString
SysFreeString

wininet

InternetCanonicalizeUrlW
InternetCrackUrlW
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetReadFile
InternetQueryOptionW
HttpOpenRequestW
HttpAddRequestHeadersW
HttpSendRequestW
HttpQueryInfoA
HttpQueryInfoW
InternetSetOptionW

Exports

Exports

ContinueRunObject
CreateFromFile
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
DuplicateObject
EditDebugItem
EditObject
EditParameter
EditProp
EndApp
EndFrame
Free
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetDebugItem
GetDebugTree
GetDependencies
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionParam
GetExpressionString
GetExpressionTitle
GetFilters
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetParameterString
GetPropCheck
GetPropCreateParam
GetPropValue
GetProperties
GetRunObjectDataSize
GetRunObjectInfos
HandleRunObject
InitParameter
Initialize
IsPropEnabled
IsTransparent
LoadObject
PauseRunObject
PrepareAndroidBuild
PrepareToWriteObject
PutObject
ReleasePropCreateParam
ReleaseProperties
RemoveObject
SetPropCheck
SetPropValue
StartApp
StartFrame
UnloadObject
UpdateEditStructure
UpdateFileNames
UsesFile

Sections

.text
Size: 266KB - Virtual size: 265KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/INI++15.mfx
.dll windows x86

Password: playtimewithpercy

7c7fae2c6dad6486c6528600ee0c037a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathCanonicalizeA
PathFindNextComponentA
PathRemoveFileSpecA
PathStripToRootA
PathSkipRootA
PathIsRelativeA

kernel32

GetStringTypeW
LCMapStringW
lstrcpynA
CreateDirectoryA
GetFileAttributesA
MultiByteToWideChar
WideCharToMultiByte
GetTickCount
GetWindowsDirectoryA
GetCurrentDirectoryA
GetStdHandle
WriteConsoleA
LoadLibraryW
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
EncodePointer
DecodePointer
GetLastError
InterlockedDecrement
ExitProcess
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
HeapFree
HeapAlloc
SetFilePointer
CloseHandle
ReadFile
GetConsoleMode
ReadConsoleW
WriteFile
GetConsoleCP
IsDebuggerPresent
IsProcessorFeaturePresent
RaiseException
RtlUnwind
HeapReAlloc
GetCommandLineA
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
SetEndOfFile
Sleep
GetFileType
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
GetModuleFileNameW
LoadLibraryExW
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetProcessHeap
SetStdHandle
CreateFileW
SetFilePointerEx
WriteConsoleW
HeapSize
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers

user32

EndDialog
SendMessageA

shell32

SHGetSpecialFolderPathA

Exports

Exports

ContinueRunObject
CreateFromFile
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
DuplicateObject
EditDebugItem
EditObject
EditParameter
EditProp
EndApp
EndFrame
Free
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetDebugItem
GetDebugTree
GetDependencies
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionParam
GetExpressionString
GetExpressionTitle
GetFilters
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetParameterString
GetPropCheck
GetPropCreateParam
GetPropValue
GetProperties
GetRunObjectDataSize
GetRunObjectInfos
GetTextAlignment
GetTextCaps
GetTextClr
GetTextFont
HandleRunObject
InitParameter
Initialize
IsPropEnabled
IsTransparent
LoadObject
PauseRunObject
PrepareToWriteObject
PutObject
ReleasePropCreateParam
ReleaseProperties
RemoveObject
SetPropCheck
SetPropValue
SetTextAlignment
SetTextClr
SetTextFont
StartApp
StartFrame
UnloadObject
UpdateEditStructure
UpdateFileNames
UsesFile

Sections

.text
Size: 304KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/InternetConnectionOperations.mfx
.dll windows x86

Password: playtimewithpercy

952cf5752cf0dc5d075fa8e3a2efb7c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GetFileAttributesW
GetModuleFileNameW
MultiByteToWideChar
LockResource
LoadResource
SizeofResource
FindResourceW
FreeLibrary
LoadLibraryExW
FindClose
FindNextFileW
CopyFileW
CreateDirectoryW
FindFirstFileW
WinExec
SetEndOfFile
WriteConsoleW
HeapReAlloc
CreateFileW
LoadLibraryW
FlushFileBuffers
SetStdHandle
GetConsoleMode
GetConsoleCP
GetStringTypeW
LCMapStringW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
HeapSize
Sleep
SetFilePointer
GetLastError
HeapFree
RaiseException
HeapAlloc
RtlUnwind
EncodePointer
DecodePointer
GetCurrentThreadId
GetCommandLineA
HeapCreate
HeapDestroy
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetProcAddress
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
CloseHandle
EnterCriticalSection
LeaveCriticalSection
ReadFile
ExitProcess
WriteFile
GetStdHandle
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetProcessHeap

wininet

InternetGetConnectedState

user32

GetMenuItemCount
GetMenuItemID
GetMenuStringW
GetMenuState
GetSubMenu
LoadStringW
MessageBoxA
CreateMenu
AppendMenuW
CreatePopupMenu
MessageBoxW

shell32

ShellExecuteW

mmfs2

ord34
ord344
ord585
ord520
ord401
ord355
ord264
ord638
ord366
ord137
ord587
ord753
ord286

Exports

Exports

ContinueRunObject
CreateFromFile
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
DuplicateObject
EditDebugItem
EditObject
EditParameter
EditProp
EditorDisplay
EndApp
EndFrame
Free
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetDebugItem
GetDebugTree
GetDependencies
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionParam
GetExpressionString
GetExpressionTitle
GetFilters
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetParameterString
GetPropCheck
GetPropCreateParam
GetPropValue
GetProperties
GetRunObjectDataSize
GetRunObjectInfos
GetTextAlignment
GetTextCaps
GetTextClr
GetTextFont
HandleRunObject
InitParameter
Initialize
IsPropEnabled
IsTransparent
LoadObject
LoadRunObject
MakeIconEx
PauseRunObject
PrepareFlexBuild
PrepareToWriteObject
PutObject
ReleasePropCreateParam
ReleaseProperties
RemoveObject
SaveRunObject
SetPropCheck
SetPropValue
SetTextAlignment
SetTextClr
SetTextFont
StartApp
StartFrame
UnloadObject
UpdateEditStructure
UpdateFileNames
UsesFile

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/KcCursor.mfx
.dll windows x86

Password: playtimewithpercy

8eb8728ab2c20139beacdfa6f33a7240

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
ReadFile
GlobalAlloc
WriteFile

user32

DestroyCursor
LoadImageW
SetCursor
ReleaseDC
CreateIconIndirect
GetDC
GetSystemMetrics
LoadStringW

gdi32

SetDIBits
CreateCompatibleBitmap
CreateBitmap
DeleteObject

mmfs2

ord286
ord585
ord520
ord487
ord264
ord24
ord153
ord169
ord710
ord491
ord170
ord572
ord342
ord445
ord571
ord172
ord372

msvcrt

wcscmp
_adjust_fdiv
_initterm
free
wcsncpy
_wcsicmp
??2@YAPAXI@Z
realloc
malloc
memmove
wcscpy
??3@YAXPAX@Z

Exports

Exports

ContinueRunObject
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
EnumElts
Free
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetRunObjectDataSize
GetRunObjectInfos
HandleRunObject
Initialize
LoadRunObject
PauseRunObject
ReInitRunObject
SaveRunObject
SelectPopup
UpdateEditStructure
WindowProc

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/Layer.mfx
.dll windows x86

Password: playtimewithpercy

d82a75f35f09c2900baf6b3b35d9f046

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

08:44:a1:db:15:21:35:40:ff:50:83:0f:00:86:1a:f6
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

05/02/2023, 00:00

Not After

11/02/2025, 23:59

Subject

CN=Clickteam SAS,O=Clickteam SAS,L=Boulogne Billancourt,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

64:15:0f:6f:ad:e1:fb:5f:f8:25:d4:9b:e8:18:91:e5:d8:b8:7a:be
Signer

Actual PE Digest

64:15:0f:6f:ad:e1:fb:5f:f8:25:d4:9b:e8:18:91:e5:d8:b8:7a:be

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord1036
ord1048
ord945
ord76

kernel32

WriteFile
CloseHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RaiseException
RtlUnwind
InterlockedFlushSList
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
CreateFileW
HeapAlloc
HeapFree
GetACP
GetStdHandle
GetFileType
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
SetStdHandle
HeapSize
HeapReAlloc
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
DecodePointer
WriteConsoleW

Exports

Exports

ContinueRunObject
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
EndApp
EndFrame
Free
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionParam
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetRunObjectDataSize
GetRunObjectInfos
GetTextAlignment
GetTextCaps
GetTextClr
GetTextFont
HandleRunObject
Initialize
PauseRunObject
SelectPopup
SetTextAlignment
SetTextClr
SetTextFont
StartApp
StartFrame
UpdateEditStructure

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/Perspective.mfx
.dll windows x86

Password: playtimewithpercy

edd5507460f084da4f3799af180db666

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OutputDebugStringA

user32

wsprintfA

mmfs2

ord172
ord286
ord982
ord34
ord1003
ord50
ord1016
ord417
ord343
ord756
ord341
ord1014
ord440
ord610
ord372
ord264
ord487
ord493

msvcrt

free
??3@YAXPAX@Z
memset
??2@YAPAXI@Z
sin
_ftol
_initterm
malloc
_adjust_fdiv

Exports

Exports

ContinueRunObject
CreateFromFile
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
DuplicateObject
EditDebugItem
EditObject
EditParameter
EditProp
EditorDisplay
EndApp
EndFrame
Free
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetDebugItem
GetDebugTree
GetDependencies
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionParam
GetExpressionString
GetExpressionTitle
GetFilters
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetParameterString
GetPropCheck
GetPropCreateParam
GetPropValue
GetProperties
GetRunObjectDataSize
GetRunObjectInfos
GetTextAlignment
GetTextCaps
GetTextClr
GetTextFont
HandleRunObject
InitParameter
Initialize
IsPropEnabled
IsTransparent
LoadObject
PauseRunObject
PrepareToWriteObject
PutObject
ReleasePropCreateParam
ReleaseProperties
RemoveObject
SetEditSize
SetPropCheck
SetPropValue
SetTextAlignment
SetTextClr
SetTextFont
StartApp
StartFrame
UnloadObject
UpdateEditStructure
UpdateFileNames
UsesFile

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/Surface.mfx
.dll windows x86

cb843d9d9c45c5cb28d2c5168b1fdaa1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord272
ord241
ord770
ord153
ord384
ord386
ord757
ord348
ord50
ord172
ord1030
ord308
ord493
ord355
ord401
ord487
ord484
ord682
ord724
ord354
ord1058
ord710
ord491
ord744
ord553
ord554
ord698
ord700
ord633
ord441
ord439
ord446
ord445
ord415
ord416
ord414
ord680
ord681
ord679
ord652
ord653
ord651
ord612
ord611
ord451
ord1029
ord691
ord619
ord488
ord234
ord437
ord1050
ord34
ord236
ord734
ord438
ord264
ord286
ord372
ord610
ord573
ord585
ord520
ord620
ord762
ord551
ord747
ord746
ord556
ord555
ord343
ord344
ord342
ord849
ord447
ord756
ord385
ord565
ord753
ord571
ord587
ord761
ord462
ord375
ord823
ord824
ord169
ord170
ord732
ord309
ord745
ord434

kernel32

LCMapStringA
InitializeCriticalSectionAndSpinCount
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
HeapSize
Sleep
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetProcAddress
GetModuleHandleW
LCMapStringW
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
HeapDestroy
HeapCreate
RtlUnwind
RaiseException
GetCommandLineA
GetCurrentThreadId
GetSystemTimeAsFileTime
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapFree
GetLastError
GetStringTypeA
GetStringTypeW
IsValidCodePage
LoadLibraryA
GetModuleHandleA
CloseHandle
GetExitCodeThread
WaitForSingleObject
CreateThread
MulDiv
GlobalUnlock
MultiByteToWideChar
GlobalAlloc
GlobalLock
GetLocaleInfoA

user32

CloseClipboard
GetWindowRect
IsClipboardFormatAvailable
GetDC
GetClipboardData
ReleaseDC
EmptyClipboard
OpenClipboard
GetSystemMetrics
SetClipboardData

gdi32

GetObjectW
StretchBlt
GetDeviceCaps
CreateFontIndirectW
BitBlt
DeleteObject

Exports

Exports

ContinueRunObject
CreateFromFile
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
DuplicateObject
EditDebugItem
EditObject
EditParameter
EditProp
EditorDisplay
EndApp
EndFrame
EnumElts
Free
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetDebugItem
GetDebugTree
GetDependencies
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionParam
GetExpressionString
GetExpressionTitle
GetFilters
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetParameterString
GetPropCheck
GetPropCreateParam
GetPropValue
GetProperties
GetRegID
GetRunObjectCollisionMask
GetRunObjectDataSize
GetRunObjectInfos
GetTextAlignment
GetTextCaps
GetTextClr
GetTextFont
HandleRunObject
InitParameter
Initialize
IsPropEnabled
IsTransparent
LoadObject
MakeIconEx
PauseRunObject
PrepareToWriteObject
PutObject
ReleasePropCreateParam
ReleaseProperties
RemoveObject
SetEditSize
SetPropCheck
SetPropValue
SetTextAlignment
SetTextClr
SetTextFont
StartApp
StartFrame
UnloadObject
UpdateEditStructure
UpdateFileNames
UsesFile

Sections

.text
Size: 210KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/aviflt.ift
.dll windows x86

71306f7eea1cffe44ecde8ca7a9eb18f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord815
ord544
ord482
ord485
ord549
ord518
ord583
ord349
ord347
ord358
ord817
ord589
ord237
ord270
ord357
ord11
ord334
ord360
ord729
ord479
ord538
ord574
ord577
ord579
ord463
ord514
ord528
ord531
ord376
ord706
ord727
ord331

kernel32

GetVersionExW
GetLastError

avifil32

AVIFileInit
AVIStreamOpenFromFileA
AVIStreamReadFormat
AVIStreamInfoW
AVIStreamInfoA
AVIStreamLength
AVIStreamRead
AVIStreamRelease
AVIFileExit
AVIStreamOpenFromFileW

msvfw32

ICClose
ICSendMessage
ICDecompress
ICLocate

msvcrt

__CxxFrameHandler
_adjust_fdiv
malloc
??3@YAXPAX@Z
free
??2@YAPAXI@Z
calloc
_initterm

Exports

Exports

CanReadFile
CreateFilter
GetFilterExts
GetFilterID
GetFilterName

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 346B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/bmpflt.ift
.dll windows x86

170db9ebe595f9cd844916df22bbd8d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord331
ord706
ord376
ord692
ord531
ord528
ord514
ord463
ord579
ord577
ord574
ord479
ord538
ord600
ord729
ord358
ord815
ord544
ord482
ord485
ord549
ord518
ord583
ord642
ord641
ord349
ord409
ord727
ord817
ord589
ord237
ord270
ord334
ord357
ord360
ord775

msvcrt

??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
free
malloc
_initterm
_adjust_fdiv

Exports

Exports

CanReadFile
CreateFilter
GetFilterExts
GetFilterID
GetFilterName

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 934B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/cctrans.dll
.dll windows x86

10f7671c7ae2b31eb10c6a797d2a33e9

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6d:a5:3f:b9:e4:d2:d3:75:06:fc:f3:31:68:db:11:10
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

07/12/2018, 00:00

Not After

05/12/2020, 23:59

Subject

CN=Clickteam S.A.R.L.,O=Clickteam S.A.R.L.,L=BOULOGNE BILLANCOURT,ST=Paris,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d5:10:d9:1b:0e:fe:f4:d0:ca:dd:07:4a:40:60:4a:e6:00:42:0f:de
Signer

Actual PE Digest

d5:10:d9:1b:0e:fe:f4:d0:ca:dd:07:4a:40:60:4a:e6:00:42:0f:de

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord753
ord585
ord520
ord342
ord343
ord756
ord493
ord341
ord417
ord344
ord757
ord172
ord264
ord286
ord372
ord487
ord740
ord546
ord571
ord610

winmm

timeGetTime

user32

SetWindowLongW
GetWindowLongW
CheckRadioButton
IsDlgButtonChecked
SetDlgItemInt
GetDlgItemInt
SendDlgItemMessageW
CheckDlgButton
wsprintfW
SetDlgItemTextW
LoadStringW
IsWindow
DestroyWindow
CreateDialogParamW

kernel32

InitializeCriticalSectionAndSpinCount
CreateFileW
DecodePointer
WriteConsoleW
CloseHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
WriteFile
SetStdHandle
HeapReAlloc
HeapSize
GetStringTypeW
GetFileType
GetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwind
RaiseException
InterlockedFlushSList
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
LCMapStringW

Exports

Exports

CreateTransition
GetModuleID
GetModuleName
GetModuleType
GetTransCount
GetTransID
GetTransMode
GetTransName
IsUnicode

Sections

.text
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/clickteam-dragdrop.mvx
.dll windows x86

3b545875edca336e4c91b78919ea922d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAddAtomW
GlobalDeleteAtom
WriteFile
ReadFile
GetCurrentThreadId

user32

LoadStringW
GetKeyState
UnhookWindowsHookEx
RemovePropW
SetPropW
SetWindowsHookExW
GetPropW
CallNextHookEx
LoadIconW

mmfs2

ord70
ord77

msvcrt

_adjust_fdiv
_initterm
free
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z
malloc

Exports

Exports

CreateMvt
GetMvtHelpFileName
GetMvtID
GetMvtIcon
GetMvtName
GetNumberOfMvts
IsUnicode

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/fliflt.ift
.dll windows x86

a97d8bdd63c6ba7900f6b409d8e5a0b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord331
ord706
ord376
ord531
ord528
ord514
ord463
ord579
ord577
ord479
ord538
ord729
ord358
ord815
ord544
ord482
ord485
ord549
ord518
ord583
ord642
ord641
ord704
ord349
ord347
ord410
ord727
ord817
ord589
ord237
ord270
ord334
ord357
ord360

msvcrt

??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
_ftol
free
malloc
_initterm
_adjust_fdiv

Exports

Exports

CanReadFile
CreateFilter
GetFilterExts
GetFilterID
GetFilterName

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 934B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 342B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/gifflt.ift
.dll windows x86

12f8256339348c205f6d48bb4e491a8f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord331
ord706
ord376
ord531
ord463
ord579
ord577
ord479
ord538
ord729
ord358
ord544
ord482
ord485
ord549
ord518
ord583
ord642
ord641
ord349
ord347
ord727
ord817
ord589
ord237
ord270
ord357
ord334
ord574
ord360
ord635

msvcrt

??3@YAXPAX@Z
free
??2@YAPAXI@Z
__CxxFrameHandler
realloc
calloc
malloc
_initterm
_adjust_fdiv

Exports

Exports

CanReadFile
CreateFilter
GetFilterExts
GetFilterID
GetFilterName

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 934B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 346B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/jpgflt.ift
.dll windows x86

dbbd88f111f221490799fbe41aeebecb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord331
ord706
ord376
ord692
ord531
ord528
ord514
ord463
ord579
ord577
ord574
ord479
ord538
ord600
ord729
ord358
ord815
ord544
ord482
ord485
ord549
ord518
ord583
ord642
ord349
ord409
ord817
ord589
ord237
ord270
ord357
ord360

msvcrt

_ftol
exit
sscanf
getenv
malloc
free
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
_CxxThrowException
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv

Exports

Exports

CanReadFile
CreateFilter
GetFilterExts
GetFilterID
GetFilterName

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/kcclock.mfx
.dll windows x86

a550e10ba3801239c3310ccaf1727864

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:06:71:9c:4a:1a:31:e2:5f:f2:72:51:72:f1:b6:3c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/11/2020, 00:00

Not After

08/01/2023, 23:59

Subject

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

46:68:e0:27:8e:bf:41:a0:90:9e:2d:f7:69:d7:1b:62:dd:92:f0:f7
Signer

Actual PE Digest

46:68:e0:27:8e:bf:41:a0:90:9e:2d:f7:69:d7:1b:62:dd:92:f0:f7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord29
ord30
ord28
ord1081
ord48
ord1063
ord1062
ord50
ord78
ord179
ord27
ord1072
ord1068
ord39
ord176
ord37
ord45

kernel32

SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapSize
GetStringTypeW
GetFileType
GlobalAlloc
GlobalLock
GlobalFree
WriteFile
ReadFile
GetLocalTime
SetLocalTime
GetProfileStringW
MultiByteToWideChar
WideCharToMultiByte
GetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
CloseHandle
WriteConsoleW
DecodePointer
GlobalUnlock
DeleteCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
CreateFileW
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RaiseException
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
LCMapStringW
HeapAlloc
HeapFree
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW

user32

SendMessageW
LoadStringW
wsprintfW

gdi32

GetTextExtentPointW
GetStockObject
Ellipse
DeleteObject
CreatePen
SelectObject

Exports

Exports

ContinueRunObject
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
EditProp
EditorDisplay
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetImageInfosRunObject
GetInfos
GetObjInfos
GetObjectRect
GetPropCheck
GetPropCreateParam
GetPropValue
GetProperties
GetRunObjectDataSize
GetRunObjectFont
GetRunObjectInfos
GetRunObjectTextColor
GetTextCaps
GetTextClr
GetTextFont
HandleRunObject
IsPropEnabled
LoadRunObject
PauseRunObject
ReInitRunObject
SaveRunObject
SetEditSize
SetPropCheck
SetPropValue
SetRunObjectFont
SetRunObjectTextColor
SetTextClr
SetTextFont
UpdateEditStructure
WToA

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/kcedit.mfx
.dll windows x86

7151a7218ab54b5257a153c7e592ff93

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
MultiByteToWideChar
GlobalAlloc
GlobalFree
WriteFile
GlobalFindAtomW
ReadFile

user32

InvalidateRect
SetWindowLongW
SendMessageW
GetWindowRect
CreateWindowExW
DestroyWindow
UpdateWindow
ShowWindow
SetWindowPos
MapWindowPoints
GetParent
SetFocus
GetSysColor
LoadStringW
SetWindowTextW
GetFocus
GetKeyState
CallWindowProcW
EnableWindow
GetWindowTextLengthW
GetWindowTextW
GetClientRect
GetPropW

gdi32

BitBlt
CreateFontIndirectW
DeleteObject
RealizePalette
SelectPalette
SetBkColor
GetStockObject
SetTextColor
SetBkMode
CreateSolidBrush

comdlg32

ChooseColorW
GetSaveFileNameW
GetOpenFileNameW
ChooseFontW

mmfs2

ord47
ord16
ord30
ord28
ord1075
ord1076
ord17

msvcrt

free
wcscpy
calloc
wcsspn
wcscat
wcsncpy
wcslen
_wtol
_ftol
malloc
_adjust_fdiv
_initterm

Exports

Exports

ContinueRunObject
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
EditDebugItem
EditorDisplay
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetDebugItem
GetDebugTree
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetPropCheck
GetPropValue
GetProperties
GetRunObjectDataSize
GetRunObjectFont
GetRunObjectInfos
GetRunObjectTextColor
GetTextAlignment
GetTextCaps
GetTextClr
GetTextFont
HandleRunObject
Initialize
IsPropEnabled
LoadRunObject
PauseRunObject
ReInitRunObject
SaveRunObject
SetEditSize
SetPropCheck
SetPropValue
SetRunObjectFont
SetRunObjectTextColor
SetTextAlignment
SetTextClr
SetTextFont
UpdateEditStructure
WToA
WindowProc

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 730B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/kchisc.mfx
.dll windows x86

753784fd74733a883ab0f1c0839f3973

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GlobalAlloc
GlobalFree
WideCharToMultiByte
GetPrivateProfileStringW
MultiByteToWideChar
GetPrivateProfileStringA
WritePrivateProfileStringW
WritePrivateProfileStringA
SetCurrentDirectoryW
ReleaseMutex
GetVersionExW
GetWindowsDirectoryW
WriteFile
ReadFile
CloseHandle
CreateMutexW
GlobalUnlock
GlobalLock
WaitForSingleObject
GetCurrentDirectoryW

user32

wsprintfW
SetWindowTextW
DialogBoxParamW
GetWindowLongW
GetDlgItemTextW
EndDialog
SetWindowLongW
GetWindowTextW
LoadStringW

gdi32

DeleteObject

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc

mmfs2

ord18
ord39
ord1081
ord176
ord1068
ord1075

msvcrt

_itow
swprintf
_ultow
wcsncpy
wcscpy
wcsrchr
wcschr
_wcsicmp
_initterm
_adjust_fdiv
_wtoi
malloc
free
calloc
wcscat
wcslen
_wmkdir
_wchdir
wcsncat

Exports

Exports

ContinueRunObject
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
EditObject
EditProp
EditorDisplay
ExportTexts
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionParam
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetPropCheck
GetPropValue
GetProperties
GetRunObjectDataSize
GetRunObjectFont
GetRunObjectInfos
GetRunObjectTextColor
GetTextCaps
GetTextClr
GetTextFont
HandleRunObject
ImportTexts
Initialize
LoadRunObject
PauseRunObject
ReInitRunObject
SaveRunObject
SetEditSize
SetPropCheck
SetPropValue
SetRunObjectFont
SetRunObjectTextColor
SetTextClr
SetTextFont
UpdateEditStructure
UpdateFileNames

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 582B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/kcini.mfx
.dll windows x86

e2787d9a548bd0a3d6305062f94cc683

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
WriteFile
ReadFile
FindClose
OpenFile
GetPrivateProfileStringA
GetPrivateProfileStringW
WritePrivateProfileStringA
WritePrivateProfileStringW
GetWindowsDirectoryW
SetCurrentDirectoryW
GetCurrentDirectoryW
FindFirstFileW
CopyFileW
GetVersionExW
MultiByteToWideChar
WideCharToMultiByte
DecodePointer
WriteConsoleW
CloseHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapSize
GetFileType
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RaiseException
RtlUnwind
InterlockedFlushSList
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
SetEnvironmentVariableW
CreateDirectoryW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetACP
HeapAlloc
HeapFree
GetStringTypeW
LCMapStringW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStdHandle
CreateFileW

user32

wsprintfW

shell32

SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation

Exports

Exports

ContinueRunObject
CreateFromFile
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
EditDebugItem
EditObject
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetDebugItem
GetDebugTree
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionParam
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetPropCheck
GetPropValue
GetProperties
GetRunObjectDataSize
GetRunObjectInfos
HandleRunObject
Initialize
IsPropEnabled
LoadRunObject
PauseRunObject
ReInitRunObject
SaveRunObject
SetPropCheck
SetPropValue
UpdateEditStructure
UpdateFileNames
UsesFile
WToA

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/kclist.mfx
.dll windows x86

a5c593c4385b38deaa1e81d1b807f282

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GlobalLock
MultiByteToWideChar
GlobalUnlock
GlobalAlloc
MulDiv
FindFirstFileW
FindNextFileW
FindClose
ReadFile
WideCharToMultiByte
WriteFile

user32

GetSysColor
InvalidateRect
SetFocus
GetDC
wsprintfW
GetWindowDC
ReleaseDC
GetFocus
GetPropW
EnableWindow
GetClientRect
SetWindowPos
ShowWindow
UpdateWindow
DestroyWindow
CreateWindowExW
SendMessageW

gdi32

CreateSolidBrush
DeleteObject
SetBkColor
SetBkMode
SetTextColor
EnumFontFamiliesExW
GetDeviceCaps
EnumFontFamiliesW
CreateFontIndirectW

mmfs2

ord47
ord17
ord1076
ord1075
ord16

msvcrt

wcslen
_ftol
free
wcscpy
wcscat
swprintf
calloc
_initterm
_adjust_fdiv
malloc

Exports

Exports

ContinueRunObject
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
EditObject
EditorDisplay
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetDebugItem
GetDebugTree
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionParam
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetPropCheck
GetPropValue
GetProperties
GetRunObjectDataSize
GetRunObjectFont
GetRunObjectInfos
GetRunObjectTextColor
GetTextCaps
GetTextClr
GetTextFont
HandleRunObject
IsPropEnabled
LoadRunObject
PauseRunObject
ReInitRunObject
SaveRunObject
SetEditSize
SetPropCheck
SetPropValue
SetRunObjectFont
SetRunObjectTextColor
SetTextClr
SetTextFont
UpdateEditStructure
WToA
WindowProc

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/kcmouse.mfx
.dll windows x86

1abb643fcee5cab93665582e35fb69cb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LockResource
LoadResource
FindResourceA
LocalFree
LocalAlloc
FreeResource

user32

GetMenuItemCount
DestroyMenu
LoadMenuA
LoadStringA
AppendMenuA
GetMenuStringA
GetMenuState
CreatePopupMenu
GetSubMenu
SetCursorPos
GetCursorPos
GetMenuItemID

msvcrt

_adjust_fdiv
malloc
_initterm
free
_ftol

Exports

Exports

ContinueRunObject
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetRunObjectDataSize
GetRunObjectInfos
HandleRunObject
IsTransparent
LoadObject
MakeIcon
PauseRunObject
PrepareToWriteObject
PutObject
ReInitRunObject
RemoveObject
SelectPopup
UnloadObject
UpdateEditStructure
UpdateFileNames

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/kcrandom.mfx
.dll windows x86

e66b2f28d74d4e90054c5bd5c3b79eb2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LockResource
LoadResource
FindResourceA
LocalFree
LocalAlloc
FreeResource

user32

LoadStringA
LoadMenuA
DestroyMenu
GetMenuItemCount
AppendMenuA
GetMenuItemID
GetMenuStringA
GetMenuState
CreatePopupMenu
GetSubMenu

msvcrt

_adjust_fdiv
malloc
_initterm
free
rand
time
srand
memcpy
strcmp
strcpy
_strupr
strlen
_strlwr

Exports

Exports

ContinueRunObject
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
EditorDisplay
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetRunObjectDataSize
GetRunObjectInfos
HandleRunObject
IsTransparent
LoadObject
MakeIcon
PauseRunObject
PrepareToWriteObject
PutObject
ReInitRunObject
RemoveObject
SelectPopup
UnloadObject
UpdateEditStructure
UpdateFileNames

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 332B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 302B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/kcwctrl.mfx
.dll windows x86

92322080accb4919c9d313df6d7159b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord19
ord101
ord102
ord103
ord16
ord32
ord173
ord174
ord372
ord610
ord493
ord341
ord417
ord342
ord445
ord361
ord1000
ord982
ord63

user32

GetActiveWindow
SetFocus
IsZoomed
IsIconic
GetSystemMetrics
SetWindowPos
FlashWindow
ShowWindow
IsWindow
SendMessageW
GetFocus
GetDC
ReleaseDC
InvalidateRect
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
GetClientRect
GetWindowRect
AdjustWindowRect
ScreenToClient
MapWindowPoints
GetWindowLongW
GetParent
SetParent
FindWindowW
MonitorFromWindow
GetMonitorInfoW
IsWindowVisible

gdi32

GetDeviceCaps

kernel32

DecodePointer
WriteConsoleW
CloseHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
WriteFile
SetStdHandle
HeapReAlloc
HeapSize
GetStringTypeW
GetFileType
GetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
CreateFileW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
HeapFree
HeapAlloc
LCMapStringW
WideCharToMultiByte
MultiByteToWideChar
GetEnvironmentStringsW
GetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedFlushSList
RtlUnwind
GetModuleFileNameA
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RaiseException
ExitProcess
GetModuleHandleExW

Exports

Exports

ContinueRunObject
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetDebugItem
GetDebugTree
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetRunObjectDataSize
GetRunObjectInfos
HandleRunObject
PauseRunObject
ReInitRunObject
WindowProc

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/mmf2d3d11.dll
.dll windows x86

f202759cfe800e40c17c5513b9dbe690

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

08:44:a1:db:15:21:35:40:ff:50:83:0f:00:86:1a:f6
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

05/02/2023, 00:00

Not After

11/02/2025, 23:59

Subject

CN=Clickteam SAS,O=Clickteam SAS,L=Boulogne Billancourt,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

9a:5c:7d:e0:55:03:cc:27:c8:81:ec:16:a8:56:b0:00:bf:bb:00:d5
Signer

Actual PE Digest

9a:5c:7d:e0:55:03:cc:27:c8:81:ec:16:a8:56:b0:00:bf:bb:00:d5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord1121
ord751
ord624
ord397
ord395
ord919
ord871
ord960
ord936
ord857
ord971
ord904
ord903
ord935
ord908
ord862
ord396
ord946
ord845
ord869
ord1110
ord836
ord838
ord925
ord855
ord912
ord394
ord949
ord889
ord863
ord918
ord879
ord930
ord854
ord915
ord922
ord941
ord924
ord968
ord977
ord987
ord1002
ord928
ord1005
ord1001
ord1015
ord1013
ord1018
ord853
ord921
ord992
ord852
ord993
ord965
ord851
ord961
ord1138
ord860
ord931
ord995
ord978
ord1107
ord1100
ord1137
ord1103
ord1102
ord1112
ord1111
ord868
ord1090
ord966
ord1095
ord873
ord973
ord969
ord947
ord872
ord943
ord1136
ord1109
ord861
ord907
ord962
ord888
ord902
ord887
ord890
ord891
ord892
ord952
ord951
ord950
ord932
ord933
ord934
ord917
ord920
ord939
ord940
ord886
ord938
ord937
ord926
ord874
ord850
ord899
ord898
ord956
ord955
ord699
ord697
ord375
ord610
ord372
ord286
ord264
ord172
ord981
ord870
ord846
ord906
ord877
ord568
ord844
ord1104

d3d11

D3D11CreateDevice

kernel32

DecodePointer
GetStringTypeW
GetFileSizeEx
SetStdHandle
GetConsoleCP
WriteFile
FlushFileBuffers
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetConsoleMode
SetFilePointerEx
HeapSize
GetFileType
GetStdHandle
LCMapStringW
HeapFree
HeapAlloc
HeapReAlloc
GetModuleHandleExW
ExitProcess
RaiseException
RtlUnwind
LoadLibraryW
CreateTimerQueue
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
DuplicateHandle
WriteConsoleW
VirtualProtect
VirtualAlloc
GetVersionExW
LoadLibraryExW
GetModuleHandleA
GetModuleFileNameW
FreeLibraryAndExitThread
FreeLibrary
GetThreadTimes
GetCurrentThread
EncodePointer
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
CreateThread
SignalObjectAndWait
Sleep
InitializeSListHead
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
WaitForSingleObjectEx
ResetEvent
SetEvent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetProcAddress
GetModuleHandleW
GetTickCount
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
CreateEventW
InitializeCriticalSectionAndSpinCount
SetLastError
QueryPerformanceCounter
TryEnterCriticalSection
GetLastError
CloseHandle
CreateFileW
VirtualFree
EnterCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection

user32

OffsetRect
ShowWindow
SetWindowPos
GetWindowRect
GetWindowLongW
GetClientRect
GetParent
SetWindowLongW

gdi32

GetObjectW

Exports

Exports

SEFree
SEFunction
SEGetSIPrototype
SEInitialize

Sections

.text
Size: 313KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/mmf2d3d8.dll
.dll windows x86

64b0686318eee36fb6b5e0aeeba27718

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:06:71:9c:4a:1a:31:e2:5f:f2:72:51:72:f1:b6:3c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/11/2020, 00:00

Not After

08/01/2023, 23:59

Subject

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fb:80:97:cd:2c:62:ef:b6:15:81:d8:a9:14:ce:d6:f1:9c:dc:58:58
Signer

Actual PE Digest

fb:80:97:cd:2c:62:ef:b6:15:81:d8:a9:14:ce:d6:f1:9c:dc:58:58

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord397
ord395
ord751
ord568
ord610
ord286
ord264
ord1112
ord1111
ord1110
ord971
ord969
ord978
ord1095
ord966
ord965
ord1018
ord962
ord961
ord1138
ord960
ord1107
ord956
ord955
ord952
ord951
ord950
ord949
ord977
ord947
ord946
ord903
ord943
ord941
ord940
ord1001
ord396
ord836
ord838
ord925
ord844
ord924
ord968
ord855
ord394
ord981
ord1137
ord1100
ord845
ord846
ord850
ord851
ord852
ord939
ord938
ord937
ord936
ord935
ord1005
ord934
ord1103
ord933
ord932
ord1002
ord931
ord930
ord1109
ord928
ord624
ord926
ord922
ord921
ord920
ord919
ord918
ord1102
ord917
ord995
ord915
ord912
ord993
ord992
ord908
ord907
ord906
ord987
ord904
ord1015
ord902
ord899
ord898
ord892
ord891
ord890
ord889
ord888
ord887
ord886
ord879
ord877
ord1013
ord874
ord973
ord873
ord872
ord871
ord870
ord869
ord1090
ord868
ord1136
ord863
ord862
ord861
ord860
ord857
ord854
ord853

d3d8

Direct3DCreate8

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
DecodePointer
GetStringTypeW
HeapAlloc
GetACP
GetStdHandle
GetModuleFileNameA
GetModuleHandleExW
ExitProcess
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
SetLastError
InterlockedFlushSList
RaiseException
RtlUnwind
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetFileType
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
WriteConsoleW
IsProcessorFeaturePresent
WriteFile
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetProcessHeap
HeapFree
CloseHandle
GetVersionExA
CreateFileW
GetLastError
WideCharToMultiByte
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetCurrentThreadId
MultiByteToWideChar
Sleep

user32

DrawTextW
DrawTextA
GetMonitorInfoA
MonitorFromWindow
SystemParametersInfoA
GetParent
SetWindowLongA
GetWindowLongA
OffsetRect
ShowWindow
ReleaseDC
GetDC
DrawTextExW
GetSystemMetrics
SetWindowPos
GetWindowRect

gdi32

SetBkColor
DeleteDC
CreateDIBSection
CreateCompatibleDC
CreateFontIndirectA
DeleteObject
SetBkMode
SetTextColor
SelectObject
GetObjectA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyA

Exports

Exports

SEFree
SEGetSIPrototype
SEInitialize

Sections

.text
Size: 313KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/mmf2d3d9.dll
.dll windows x86

180c83ab59795576d7f7665df0409410

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:06:71:9c:4a:1a:31:e2:5f:f2:72:51:72:f1:b6:3c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/11/2020, 00:00

Not After

08/01/2023, 23:59

Subject

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

d5:63:e3:05:16:c5:02:56:ce:72:6c:97:3e:4e:65:0c:5a:21:38:2f
Signer

Actual PE Digest

d5:63:e3:05:16:c5:02:56:ce:72:6c:97:3e:4e:65:0c:5a:21:38:2f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord397
ord395
ord751
ord568
ord610
ord286
ord264
ord1112
ord1111
ord1110
ord971
ord969
ord978
ord1095
ord966
ord965
ord1018
ord926
ord396
ord836
ord838
ord925
ord844
ord924
ord968
ord855
ord394
ord981
ord1137
ord1100
ord845
ord846
ord850
ord851
ord962
ord961
ord1138
ord960
ord1107
ord956
ord955
ord952
ord951
ord950
ord949
ord977
ord947
ord946
ord903
ord943
ord941
ord940
ord939
ord938
ord937
ord936
ord935
ord1005
ord934
ord1103
ord933
ord932
ord1002
ord931
ord930
ord1109
ord928
ord1001
ord624
ord922
ord921
ord920
ord919
ord918
ord1102
ord917
ord995
ord915
ord912
ord993
ord992
ord908
ord907
ord906
ord987
ord904
ord1015
ord902
ord899
ord898
ord892
ord891
ord890
ord889
ord888
ord887
ord886
ord879
ord877
ord1013
ord874
ord973
ord873
ord872
ord871
ord870
ord869
ord1090
ord868
ord1136
ord863
ord862
ord861
ord860
ord857
ord854
ord853
ord852

d3d9

Direct3DCreate9

kernel32

GetConsoleMode
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
DecodePointer
GetStringTypeW
GetACP
GetModuleFileNameA
GetModuleHandleExW
ExitProcess
LoadLibraryExW
GetStdHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
VirtualQuery
EncodePointer
SetLastError
InterlockedFlushSList
RaiseException
RtlUnwind
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetFileType
GetConsoleCP
FindClose
SetFilePointerEx
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
FlushFileBuffers
WriteConsoleW
HeapSize
HeapReAlloc
FreeLibrary
GetFullPathNameA
HeapFree
GetProcessHeap
HeapAlloc
lstrcmpiA
WriteFile
OutputDebugStringA
UnmapViewOfFile
CloseHandle
CreateFileW
CreateFileA
CreateFileMappingA
GetFileSize
MapViewOfFile
Sleep
MultiByteToWideChar
GetCurrentThreadId
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetVersionExA
WideCharToMultiByte
GetSystemInfo
IsProcessorFeaturePresent
LoadLibraryA
GetModuleHandleA
GetProcAddress
VirtualFree
VirtualAlloc
InterlockedExchange
InterlockedCompareExchange
GetLastError

user32

GetMonitorInfoA
MonitorFromWindow
SystemParametersInfoA
GetParent
SetWindowLongA
GetWindowLongA
OffsetRect
GetWindowRect
ShowWindow
GetDC
GetTabbedTextExtentW
DrawTextExW
GetSystemMetrics
SetWindowPos
ReleaseDC

gdi32

CreateDIBSection
DeleteDC
DeleteObject
GetCharacterPlacementA
GetCharacterPlacementW
SetTextColor
SetBkColor
SetBkMode
GetGlyphOutlineA
GetFontLanguageInfo
CreateFontIndirectA
CreateFontIndirectW
SetTextAlign
SetMapMode
CreateCompatibleDC
ExtTextOutA
MoveToEx
ExtTextOutW
GetTextMetricsA
GetObjectW
GetTextMetricsW
SelectObject
GetObjectA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyA

Exports

Exports

SEFree
SEGetSIPrototype
SEInitialize

Sections

.text
Size: 877KB - Virtual size: 876KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/mmfs2.dll
.dll windows x86

fb76a0ebed426f70a384439c25a3c837

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

08:44:a1:db:15:21:35:40:ff:50:83:0f:00:86:1a:f6
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

05/02/2023, 00:00

Not After

11/02/2025, 23:59

Subject

CN=Clickteam SAS,O=Clickteam SAS,L=Boulogne Billancourt,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fd:35:1f:0f:cd:c6:0b:71:2c:d4:89:7e:8c:cb:ec:a3:f1:6a:e8:41
Signer

Actual PE Digest

fd:35:1f:0f:cd:c6:0b:71:2c:d4:89:7e:8c:cb:ec:a3:f1:6a:e8:41

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeSetEvent
timeGetTime
mciSendCommandW
mciSendCommandA
timeKillEvent

ddraw

DirectDrawCreate

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExA
LCMapStringW
DecodePointer
GetProcessHeap
HeapReAlloc
GetACP
GetStdHandle
HeapAlloc
GetModuleHandleExW
ExitProcess
HeapCompact
HeapSize
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
EncodePointer
SetLastError
InterlockedFlushSList
RaiseException
RtlUnwind
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetFileType
GetStringTypeW
SetStdHandle
FlushFileBuffers
GetConsoleCP
GetConsoleMode
GetVersion
InterlockedExchange
LocalFree
LocalAlloc
WriteConsoleW
SetErrorMode
GetCurrentProcessId
FindResourceA
GetSystemInfo
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetCurrentThreadId
FreeResource
CreateFileW
CreateFileA
CloseHandle
SetFilePointerEx
SetFilePointer
ReadFile
WriteFile
GetLastError
GetVersionExW
FindNextFileW
FindNextFileA
FindFirstFileW
FindFirstFileA
LoadLibraryW
LoadLibraryA
FindClose
GetProcAddress
FreeLibrary
GetVersionExA
FindResourceW
LoadResource
LockResource
Sleep
GetModuleFileNameA
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
WideCharToMultiByte
MultiByteToWideChar
HeapFree

user32

GetWindow
SetActiveWindow
RegisterClassExA
RegisterClassA
PeekMessageA
DispatchMessageA
TranslateMessage
ChangeDisplaySettingsA
ClientToScreen
GetClassNameA
GetWindowDC
CreateIconIndirect
IntersectRect
DrawTextExW
DrawTextExA
SetRect
LoadStringW
LoadStringA
SetDlgItemTextW
GetWindowLongA
GetSysColor
ScreenToClient
MessageBoxW
InvalidateRect
SetDlgItemTextA
SetDlgItemInt
GetDlgItem
ShowWindow
DrawEdge
wsprintfW
CopyRect
DrawFocusRect
SendMessageW
DefMDIChildProcW
DefMDIChildProcA
DefFrameProcW
DefFrameProcA
GetClassNameW
GetParent
FillRect
EndPaint
BeginPaint
IsIconic
DefWindowProcW
DefWindowProcA
EnumDisplaySettingsA
LoadCursorA
SetWindowLongW
SetWindowLongA
SetCursor
AdjustWindowRectEx
GetWindowRect
GetClientRect
ReleaseDC
GetDC
SetMenu
GetSystemMetrics
GetKeyboardState
SetWindowPos
DestroyWindow
CreateWindowExW
CreateWindowExA
SendMessageA

gdi32

BitBlt
SetDIBits
SelectClipRgn
IntersectClipRect
GetDIBits
GetClipRgn
DeleteDC
CreateRectRgn
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
ExtTextOutW
ExtTextOutA
GetObjectW
GetObjectA
SetTextAlign
SetTextColor
GetTextAlign
CreateFontIndirectW
StretchBlt
RealizePalette
GetPaletteEntries
CreatePalette
GdiFlush
Polyline
SetROP2
SetBkMode
SetBkColor
SelectObject
Rectangle
GetClipBox
SetPixel
SelectPalette
GetSystemPaletteEntries
GetStockObject
GetPixel
GetDeviceCaps
DeleteObject
CreateFontIndirectA
StretchDIBits
MoveToEx
Polygon
CreateDIBSection
SetDIBColorTable
SetWindowOrgEx
CreateSolidBrush
Ellipse
CreateHalftonePalette
CreatePen
LineTo

comdlg32

GetOpenFileNameW
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameA

dsound

ord1

Sections

.text
Size: 405KB - Virtual size: 405KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/mp3flt.sft
.dll windows x86

f4e44e69456f6a20409ba6250920533d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord259
ord283
ord738

msacm32

acmStreamPrepareHeader
acmStreamClose
acmStreamSize
acmStreamOpen
acmMetrics
acmStreamUnprepareHeader
acmStreamConvert

msvcrt

??3@YAXPAX@Z
__CxxFrameHandler
??2@YAPAXI@Z
free
calloc
_ftol
_initterm
malloc
_adjust_fdiv

Exports

Exports

CanReadFile
CreateFilter
GetFilterExts
GetFilterID
GetFilterName
GetPriority

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 440B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/oggflt.sft
.dll windows x86

8c071a971a35f2e806d3d72ab5fda000

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord259
ord283
ord738

msvcrt

malloc
realloc
memmove
free
memchr
floor
_ftol
calloc
qsort
exit
frexp
ceil
_CIpow
ldexp
_errno
??3@YAXPAX@Z
__CxxFrameHandler
??2@YAPAXI@Z
_initterm
_adjust_fdiv

Exports

Exports

CanReadFile
CreateFilter
GetFilterExts
GetFilterID
GetFilterName

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/parser.mfx
.dll windows x86

c288edee36f0d3aea77e86e3112a1a2e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

LoadStringA
LoadMenuA
GetMenuStringA
DestroyMenu

msvcrt

_strlwr
_adjust_fdiv
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
free
tolower
_stricmp
strncmp
_strnicmp
malloc
strncpy
_strupr
strtok
_itoa
_close
_write
_open
_read
realloc
isspace
isalnum
_ltoa
_initterm

Exports

Exports

ContinueRunObject
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
EditObject
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetRunObjectDataSize
GetRunObjectInfos
HandleRunObject
PauseRunObject
ReInitRunObject

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 510B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/pcxflt.ift
.dll windows x86

5bc99a60c87ad3f48e853bfa515bd95b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord331
ord706
ord376
ord692
ord531
ord528
ord514
ord463
ord579
ord577
ord574
ord479
ord538
ord600
ord729
ord358
ord815
ord544
ord482
ord485
ord549
ord518
ord583
ord642
ord641
ord349
ord347
ord409
ord727
ord817
ord589
ord237
ord270
ord334
ord357
ord360

msvcrt

??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
free
malloc
_initterm
_adjust_fdiv

Exports

Exports

CanReadFile
CreateFilter
GetFilterExts
GetFilterID
GetFilterName
GetPriority

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 302B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/pngflt.ift
.dll windows x86

bd36738c7a82e43a1deb87054f1744d9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord729
ord727
ord706
ord692
ord642
ord641
ord600
ord589
ord583
ord817
ord579
ord577
ord574
ord815
ord549
ord544
ord538
ord531
ord528
ord518
ord514
ord485
ord482
ord479
ord463
ord409
ord376
ord358
ord349
ord331
ord360
ord334
ord357
ord270
ord237
ord210
ord213
ord207
ord209
ord219
ord217
ord216
ord226
ord206
ord220

kernel32

SetUnhandledExceptionFilter
CreateFileW
LCMapStringW
HeapSize
WriteConsoleW
SetFilePointerEx
LoadLibraryW
OutputDebugStringW
GetStringTypeW
HeapReAlloc
LoadLibraryExW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
DeleteFileW
GetConsoleCP
WideCharToMultiByte
FlushFileBuffers
ReadConsoleW
GetConsoleMode
ReadFile
GetModuleFileNameW
WriteFile
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
InterlockedIncrement
GetFileType
GetStdHandle
Sleep
ExitProcess
GetLastError
HeapFree
RtlUnwind
IsDebuggerPresent
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
RaiseException
GetCommandLineA
GetCurrentThreadId
GetProcessHeap
EncodePointer
DecodePointer
CloseHandle
UnhandledExceptionFilter
SetEndOfFile
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
InterlockedDecrement
GetModuleHandleExW
AreFileApisANSI
MultiByteToWideChar
DeleteCriticalSection

Exports

Exports

CanReadFile
CreateFilter
GetFilterExts
GetFilterID
GetFilterName
png_access_version_number
png_benign_error
png_build_grayscale_palette
png_calloc
png_chunk_benign_error
png_chunk_error
png_chunk_warning
png_convert_from_struct_tm
png_convert_from_time_t
png_convert_to_rfc1123
png_convert_to_rfc1123_buffer
png_create_info_struct
png_create_read_struct
png_create_read_struct_2
png_create_write_struct
png_create_write_struct_2
png_data_freer
png_destroy_info_struct
png_destroy_read_struct
png_destroy_write_struct
png_error
png_free
png_free_data
png_free_default
png_get_IHDR
png_get_PLTE
png_get_bKGD
png_get_bit_depth
png_get_cHRM
png_get_cHRM_XYZ
png_get_cHRM_XYZ_fixed
png_get_cHRM_fixed
png_get_channels
png_get_chunk_cache_max
png_get_chunk_malloc_max
png_get_color_type
png_get_compression_buffer_size
png_get_compression_type
png_get_copyright
png_get_current_pass_number
png_get_current_row_number
png_get_error_ptr
png_get_filter_type
png_get_gAMA
png_get_gAMA_fixed
png_get_hIST
png_get_header_ver
png_get_header_version
png_get_iCCP
png_get_image_height
png_get_image_width
png_get_int_32
png_get_interlace_type
png_get_io_chunk_type
png_get_io_ptr
png_get_io_state
png_get_libpng_ver
png_get_mem_ptr
png_get_oFFs
png_get_pCAL
png_get_pHYs
png_get_pHYs_dpi
png_get_palette_max
png_get_pixel_aspect_ratio
png_get_pixel_aspect_ratio_fixed
png_get_pixels_per_inch
png_get_pixels_per_meter
png_get_progressive_ptr
png_get_rgb_to_gray_status
png_get_rowbytes
png_get_rows
png_get_sBIT
png_get_sCAL
png_get_sCAL_fixed
png_get_sCAL_s
png_get_sPLT
png_get_sRGB
png_get_signature
png_get_tIME
png_get_tRNS
png_get_text
png_get_uint_16
png_get_uint_31
png_get_uint_32
png_get_unknown_chunks
png_get_user_chunk_ptr
png_get_user_height_max
png_get_user_transform_ptr
png_get_user_width_max
png_get_valid
png_get_x_offset_inches
png_get_x_offset_inches_fixed
png_get_x_offset_microns
png_get_x_offset_pixels
png_get_x_pixels_per_inch
png_get_x_pixels_per_meter
png_get_y_offset_inches
png_get_y_offset_inches_fixed
png_get_y_offset_microns
png_get_y_offset_pixels
png_get_y_pixels_per_inch
png_get_y_pixels_per_meter
png_handle_as_unknown
png_image_begin_read_from_file
png_image_begin_read_from_memory
png_image_begin_read_from_stdio
png_image_finish_read
png_image_free
png_image_write_to_file
png_image_write_to_memory
png_image_write_to_stdio
png_info_init_3
png_init_io
png_longjmp
png_malloc
png_malloc_default
png_malloc_warn
png_permit_mng_features
png_process_data
png_process_data_pause
png_process_data_skip
png_progressive_combine_row
png_read_end
png_read_image
png_read_info
png_read_png
png_read_row
png_read_rows
png_read_update_info
png_reset_zstream
png_save_int_32
png_save_uint_16
png_save_uint_32
png_set_IHDR
png_set_PLTE
png_set_add_alpha
png_set_alpha_mode
png_set_alpha_mode_fixed
png_set_bKGD
png_set_background
png_set_background_fixed
png_set_benign_errors
png_set_bgr
png_set_cHRM
png_set_cHRM_XYZ
png_set_cHRM_XYZ_fixed
png_set_cHRM_fixed
png_set_check_for_invalid_index
png_set_chunk_cache_max
png_set_chunk_malloc_max
png_set_compression_buffer_size
png_set_compression_level
png_set_compression_mem_level
png_set_compression_method
png_set_compression_strategy
png_set_compression_window_bits
png_set_crc_action
png_set_error_fn
png_set_expand
png_set_expand_16
png_set_expand_gray_1_2_4_to_8
png_set_filler
png_set_filter
png_set_filter_heuristics
png_set_filter_heuristics_fixed
png_set_flush
png_set_gAMA
png_set_gAMA_fixed
png_set_gamma
png_set_gamma_fixed
png_set_gray_to_rgb
png_set_hIST
png_set_iCCP
png_set_interlace_handling
png_set_invalid
png_set_invert_alpha
png_set_invert_mono
png_set_keep_unknown_chunks
png_set_longjmp_fn
png_set_mem_fn
png_set_oFFs
png_set_option
png_set_pCAL
png_set_pHYs
png_set_packing
png_set_packswap
png_set_palette_to_rgb
png_set_progressive_read_fn
png_set_quantize
png_set_read_fn
png_set_read_status_fn
png_set_read_user_chunk_fn
png_set_read_user_transform_fn
png_set_rgb_to_gray
png_set_rgb_to_gray_fixed
png_set_rows
png_set_sBIT
png_set_sCAL
png_set_sCAL_fixed
png_set_sCAL_s
png_set_sPLT
png_set_sRGB
png_set_sRGB_gAMA_and_cHRM
png_set_scale_16
png_set_shift
png_set_sig_bytes
png_set_strip_16
png_set_strip_alpha
png_set_swap
png_set_swap_alpha
png_set_tIME
png_set_tRNS
png_set_tRNS_to_alpha
png_set_text
png_set_text_compression_level
png_set_text_compression_mem_level
png_set_text_compression_method
png_set_text_compression_strategy
png_set_text_compression_window_bits
png_set_unknown_chunk_location
png_set_unknown_chunks
png_set_user_limits
png_set_user_transform_info
png_set_write_fn
png_set_write_status_fn
png_set_write_user_transform_fn
png_sig_cmp
png_start_read_image
png_warning
png_write_chunk
png_write_chunk_data
png_write_chunk_end
png_write_chunk_start
png_write_end
png_write_flush
png_write_image
png_write_info
png_write_info_before_PLTE
png_write_png
png_write_row
png_write_rows
png_write_sig

Sections

.text
Size: 194KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/tgaflt.ift
.dll windows x86

5bc99a60c87ad3f48e853bfa515bd95b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord331
ord706
ord376
ord692
ord531
ord528
ord514
ord463
ord579
ord577
ord574
ord479
ord538
ord600
ord729
ord358
ord815
ord544
ord482
ord485
ord549
ord518
ord583
ord642
ord641
ord349
ord347
ord409
ord727
ord817
ord589
ord237
ord270
ord334
ord357
ord360

msvcrt

??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
free
malloc
_initterm
_adjust_fdiv

Exports

Exports

CanReadFile
CreateFilter
GetFilterExts
GetFilterID
GetFilterName

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 934B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Modules/waveFlt.sft
.dll windows x86

a37b82eab5fe34efed01d6399d87638b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord259
ord283
ord738

msvcrt

??3@YAXPAX@Z
__CxxFrameHandler
??2@YAPAXI@Z
malloc
_ftol
free
_initterm
_adjust_fdiv

Exports

Exports

CanReadFile
CreateFilter
GetFilterExts
GetFilterID
GetFilterName

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 583B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Playtime with Percy/Playtime with Percy.dat
Playtime with Percy/Playtime with Percy.exe
.exe windows x86

1c4661ad7d3fc8350c55edf0f712d992

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

winmm

timeBeginPeriod
joyGetDevCapsW
joyGetPosEx
timeEndPeriod

kernel32

WideCharToMultiByte
GlobalAddAtomW
GlobalDeleteAtom
lstrlenW
GetCommandLineW
GetExitCodeProcess
GlobalAlloc
GlobalLock
GlobalUnlock
SetErrorMode
GetCurrentDirectoryW
GlobalFree
LoadLibraryW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
FindNextFileA
FindFirstFileExA
DecodePointer
GetFileType
GetProcessHeap
LCMapStringW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetOEMCP
IsValidCodePage
GetStringTypeW
GetCPInfo
HeapFree
HeapReAlloc
HeapAlloc
GetStdHandle
MultiByteToWideChar
GetModuleHandleExW
ExitProcess
SetEnvironmentVariableW
DeleteFileW
HeapSize
GetACP
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
EncodePointer
RtlUnwind
InitializeSListHead
GetCurrentThreadId
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
QueryPerformanceFrequency
QueryPerformanceCounter
LoadLibraryExA
GetModuleHandleW
VirtualQuery
VirtualProtect
GetSystemInfo
RaiseException
SetCurrentDirectoryW
FindNextFileW
CreateMutexW
WriteFile
GetModuleFileNameW
Sleep
ReleaseMutex
WaitForSingleObject
FindClose
FindFirstFileW
CloseHandle
SetFilePointer
GetLastError
ReadFile
CreateFileW
CreateDirectoryW
GetTempFileNameW
GetTempPathW
WriteConsoleW
RemoveDirectoryW
GetVersionExW
GetLocaleInfoW
FreeLibrary
GetProcAddress
LoadLibraryExW
SetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
GetModuleFileNameA

user32

OffsetRect
DestroyWindow
PostQuitMessage
DrawTextW
FillRect
GetUpdateRect
DefMDIChildProcW
EndPaint
BeginPaint
InflateRect
GetClassNameW
GetDlgItemTextW
SendDlgItemMessageW
EndDialog
GetDlgItem
SetDlgItemTextW
DrawEdge
MapVirtualKeyW
GetInputState
DrawMenuBar
SetMenuInfo
DestroyMenu
LoadMenuIndirectW
GetMenuItemCount
SetWindowPlacement
GetWindowPlacement
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetDesktopWindow
GetSystemMenu
UpdateWindow
GetWindow
RegisterClassW
GetTabbedTextExtentW
ModifyMenuW
GetMenuStringW
DialogBoxIndirectParamW
GetMenuItemID
RegisterClassExW
LoadImageW
LoadIconW
GetMonitorInfoW
MonitorFromWindow
GetSystemMetrics
RedrawWindow
IsIconic
IsDialogMessageW
SetTimer
GetClipboardData
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
IsClipboardFormatAvailable
CheckMenuItem
EnableMenuItem
GetMenu
PtInRect
PostMessageW
InvalidateRect
SetFocus
GetFocus
CallWindowProcW
RemovePropW
SetPropW
SetWindowLongW
GetPropW
MessageBoxW
GetParent
GetActiveWindow
ShowCursor
SetCapture
ReleaseCapture
GetKeyState
GetWindowRect
GetWindowDC
SetCursorPos
ClientToScreen
ScreenToClient
GetCursorPos
LoadStringW
MapWindowPoints
SetWindowPos
IsZoomed
GetWindowLongW
AdjustWindowRectEx
SendMessageW
LockWindowUpdate
ShowWindow
IsWindowVisible
GetClientRect
SetWindowTextW
wsprintfW
IntersectRect
KillTimer
DestroyIcon
GetSubMenu
DeleteMenu
GetMenuState
LoadCursorW
SetCursor
SystemParametersInfoW
GetSysColor
ReleaseDC
CreateIconIndirect
GetDC
MsgWaitForMultipleObjects
DispatchMessageW
TranslateMessage
TranslateMDISysAccel
GetMessageW
PeekMessageW
DialogBoxParamW

gdi32

CreatePalette
SelectPalette
RealizePalette
EnumFontFamiliesExW
GetStockObject
SelectObject
GetTextExtentPointW
GetDeviceCaps
GetObjectW
CreateFontIndirectW
DeleteObject
CreatePen
Rectangle
LineTo
SetBkColor
ExtTextOutW
SetTextColor
SetBkMode
CreateRectRgn
GetClipRgn
ExcludeClipRect
SelectClipRgn
SetDIBits
CreateCompatibleBitmap
CreateSolidBrush
CreateBitmap

comdlg32

GetSaveFileNameW
GetOpenFileNameW

shell32

DragFinish
DragQueryFileW
ShellExecuteExW
DragAcceptFiles

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

.text
Size: 520KB - Virtual size: 519KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 289KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: playtimewithpercy

Password: playtimewithpercy

8a06a728754924b33356748e5fdc53ce

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 667KB - Virtual size: 666KB

.rdata Size: 128KB - Virtual size: 128KB

.data Size: 18KB - Virtual size: 238KB

.rsrc Size: 13KB - Virtual size: 12KB

.reloc Size: 33KB - Virtual size: 33KB

Password: playtimewithpercy

3023eed11a18b27193064f880b20984a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 73KB - Virtual size: 73KB

.rdata Size: 72KB - Virtual size: 72KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 9KB - Virtual size: 8KB

Password: playtimewithpercy

61d29fbd6ac69b706207394c13f96389

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

wininet

Exports

Exports

Sections

.text Size: 266KB - Virtual size: 265KB

.rdata Size: 55KB - Virtual size: 54KB

.data Size: 3KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 10KB - Virtual size: 9KB

Password: playtimewithpercy

7c7fae2c6dad6486c6528600ee0c037a

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

shell32

Exports

Exports

Sections

.text Size: 304KB - Virtual size: 304KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 36KB - Virtual size: 36KB

.reloc Size: 18KB - Virtual size: 17KB

Password: playtimewithpercy

952cf5752cf0dc5d075fa8e3a2efb7c9

Headers

DLL Characteristics

.text
Size: 667KB - Virtual size: 666KB

.rdata
Size: 128KB - Virtual size: 128KB

.data
Size: 18KB - Virtual size: 238KB

.rsrc
Size: 13KB - Virtual size: 12KB

.reloc
Size: 33KB - Virtual size: 33KB

.text
Size: 73KB - Virtual size: 73KB

.rdata
Size: 72KB - Virtual size: 72KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 9KB - Virtual size: 8KB

.text
Size: 266KB - Virtual size: 265KB

.rdata
Size: 55KB - Virtual size: 54KB

.data
Size: 3KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 10KB - Virtual size: 9KB

.text
Size: 304KB - Virtual size: 304KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 36KB - Virtual size: 36KB

.reloc
Size: 18KB - Virtual size: 17KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 6KB - Virtual size: 6KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 856B

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 484B

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

08:44:a1:db:15:21:35:40:ff:50:83:0f:00:86:1a:f6
Certificate

64:15:0f:6f:ad:e1:fb:5f:f8:25:d4:9b:e8:18:91:e5:d8:b8:7a:be
Signer

.text
Size: 85KB - Virtual size: 84KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 4KB