unix[.]7z | Triage

Sharing

Copy URL Twitter E-mail

General

Target

unix.7z
Size

8.5MB
MD5

a72fe315e7aed042730c5ad05fc67c6b
SHA1

e9e38ab0f69778c5a74254b71466f631666b3d50
SHA256

500f5a2cce2e97767aef66c31ff2c3f700ae6e0f2ce2747da919351b0a1ce57d
SHA512

2e0316098714c5463f296c5d189c2e1ff37b8afab2d0ff4f78d036e1c639a9425caaf87990c78403ae53e69e3f72bfeca18479e7041f3f35d97f573172d3300a
SSDEEP

196608:hPQ14nsPBd2bFUg9Mzn4XwGMYTrqxfuZrpjyl2TK0EF/5g:hYCn6BdoFUYMjU7qKg2Du5g

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 2 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/7-zip32.dll	acprotect
static1/unpack001/7_zip32.dll	acprotect

UPX packed file 7 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/7-zip32.dll	upx
static1/unpack001/7_zip32.dll	upx
static1/unpack001/Limpia_dir.exe	upx
static1/unpack001/msec.exe	upx
static1/unpack001/pulist.exe	upx
static1/unpack001/ssft.exe	upx
static1/unpack001/wget.exe	upx

Unsigned PE 134 IoCs

Checks for missing Authenticode signature.

resource
unpack001/3dClip.exe
unpack001/7-zip32.dll
unpack001/7_zip32.dll
unpack001/7z.dll
unpack001/7z.exe
unpack001/CAT.EXE
unpack001/CHMOD.EXE
unpack001/CP.EXE
unpack001/CUT.EXE
unpack001/DATE.EXE
unpack001/DDATE.EXE
unpack001/DEPENDS.EXE
unpack001/DF.EXE
unpack001/DIFF.EXE
unpack001/DU.EXE
unpack001/ENTAB.EXE
unpack001/FUNZIP.EXE
unpack001/GREP.EXE
unpack001/GUNZIP.EXE
unpack001/GZIP.EXE
unpack001/HEAD.EXE
unpack001/HOSTNAME.EXE
unpack001/LS.EXE
unpack001/Limpia_dir.exe
unpack001/MSVBVM50.DLL
unpack001/MV.EXE
unpack001/NICE.EXE
unpack001/OD.EXE
unpack001/PR.EXE
unpack001/PS.EXE
unpack001/RM.EXE
unpack001/SED.EXE
unpack001/SLEEP.EXE
unpack001/STRINGS.EXE
unpack001/TAIL.EXE
unpack001/TAR.EXE
unpack001/TEE.EXE
unpack001/TOUCH.EXE
unpack001/TR.EXE
unpack001/UDATE.EXE
unpack001/UNZIPSFX.EXE
unpack001/UPTIME.EXE
unpack001/WC.EXE
unpack001/WHICH.EXE
unpack001/WHOAMI.EXE
unpack001/ZIP.EXE
unpack001/ZIPCLOAK.EXE
unpack001/ZIPNOTE.EXE
unpack001/ZIPSPLIT.EXE
unpack001/blat.dll
unpack001/blat.exe
unpack001/bzip2.exe
unpack001/bzip2recover.exe
unpack001/capture.exe
unpack001/chgrp.exe
unpack001/chown.exe
unpack001/cksum.exe
unpack001/compress.exe
unpack001/csplit.exe
unpack001/dbghelp.dll
unpack001/dc.exe
unpack001/diff3.exe
unpack001/dircolors.exe
unpack001/echo.exe
unpack001/egrep.exe
unpack001/env.exe
unpack001/expand.exe
unpack001/factor.exe
unpack001/fgrep.exe
unpack001/flex.exe
unpack001/fmt.exe
unpack001/fold.exe
unpack001/fsplit.exe
unpack001/gawk.exe
unpack001/gclip.exe
unpack001/gplay.exe
unpack001/gsar.exe
unpack001/id.exe
unpack001/igawk.exe
unpack001/indent.exe
unpack001/install.exe
unpack001/join.exe
unpack001/jwhois.exe
unpack001/less.exe
unpack001/lesskey.exe
unpack001/libcharset1.dll
unpack001/libeay32.dll
unpack001/libintl3.dll
unpack001/ln.exe
unpack001/logname.exe
unpack001/m4.exe
unpack001/make.exe
unpack001/makedepend.exe
unpack001/makemsg.exe
unpack001/man.exe
unpack001/md5sum.exe
unpack001/mkdir.exe
unpack001/mkfifo.exe
unpack001/mknod.exe
unpack001/msec.exe
unpack001/nc.exe
unpack001/nl.exe
unpack001/pathchk.exe
unpack001/pclip.exe
unpack001/pcre3.dll
unpack001/printenv.exe
unpack001/printf.exe
unpack001/pulist.exe
unpack001/putty.exe
unpack001/regex2.dll
unpack001/rman.exe
unpack001/rmdir.exe
unpack001/sdiff.exe
unpack001/sendmail.exe
unpack001/seq.exe
unpack001/shar.exe
unpack001/sort.exe
unpack001/ssft.exe
unpack001/ssleay32.dll
unpack001/su.exe
unpack001/sync.exe
unpack001/type.exe
unpack001/uname.exe
unpack001/unexpand.exe
unpack001/unrar.exe
unpack001/unshar.exe
unpack001/unzip.exe
unpack001/usort.exe
unpack001/uudecode.exe
unpack001/uuencode.exe
unpack001/wget.exe
unpack001/xargs.exe
unpack001/yes.exe
unpack001/zcat.exe

Files

unix.7z
.7z
3dClip.exe
.exe windows x86

bcd74b9107807ee4a560dd53b6186777

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm50

__vbaVarSub
ord690
__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaVarVargNofree
__vbaFreeVar
__vbaLenBstr
__vbaStrVarMove
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
ord517
_adj_fprem1
__vbaRecAnsiToUni
ord519
__vbaResume
__vbaStrCat
__vbaError
__vbaLsetFixstr
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaLateMemSt
ord592
__vbaExitProc
ord595
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaBoolVar
ord520
ord523
__vbaBoolVarNull
__vbaFpR8
_CIsin
ord631
ord525
__vbaVargVarMove
ord632
__vbaChkstk
__vbaFileClose
ord526
EVENT_SINK_AddRef
ord527
__vbaStrCmp
__vbaVarTstEq
__vbaObjVar
__vbaI2I4
DllFunctionCall
_adj_fpatan
__vbaLateIdCallLd
__vbaRecUniToAnsi
EVENT_SINK_Release
_CIsqrt
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
ord606
_adj_fprem
_adj_fdivr_m64
ord607
__vbaVarDiv
__vbaFPException
__vbaStrVarVal
__vbaVarCat
ord537
ord645
_CIlog
ord646
__vbaErrorOverflow
__vbaFileOpen
ord648
__vbaInStr
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
ord681
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord578
ord685
ord100
__vbaVarTstNe
__vbaI4Var
__vbaVarCmpEq
ord689
__vbaVarDup
__vbaStrToAnsi
ord613
__vbaFpI2
ord616
__vbaVarCopy
__vbaFpI4
__vbaLateMemCallLd
ord617
_CIatan
ord618
__vbaStrMove
ord619
_allmul
_CItan
_CIexp
__vbaMidStmtBstr
__vbaFreeStr
__vbaFreeObj
ord581

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
3dclip.chm
.chm
7-zip32.dll
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

SevenZip
SevenZipCheckArchive
SevenZipClearOwnerWindow
SevenZipCloseArchive
SevenZipConfigDialog
SevenZipFindFirst
SevenZipFindNext
SevenZipGetAccessTime
SevenZipGetAccessTimeEx
SevenZipGetArcAccessTimeEx
SevenZipGetArcCompressedSize
SevenZipGetArcCompressedSizeEx
SevenZipGetArcCreateTimeEx
SevenZipGetArcDate
SevenZipGetArcFileName
SevenZipGetArcFileSize
SevenZipGetArcFileSizeEx
SevenZipGetArcOSType
SevenZipGetArcOriginalSize
SevenZipGetArcOriginalSizeEx
SevenZipGetArcRatio
SevenZipGetArcTime
SevenZipGetArcWriteTimeEx
SevenZipGetArchiveType
SevenZipGetAttribute
SevenZipGetBackGroundMode
SevenZipGetCRC
SevenZipGetCompressedSize
SevenZipGetCompressedSizeEx
SevenZipGetCreateTime
SevenZipGetCreateTimeEx
SevenZipGetCursorInterval
SevenZipGetCursorMode
SevenZipGetDate
SevenZipGetDefaultPassword
SevenZipGetFileCount
SevenZipGetFileName
SevenZipGetLastError
SevenZipGetMethod
SevenZipGetOSType
SevenZipGetOriginalSize
SevenZipGetOriginalSizeEx
SevenZipGetRatio
SevenZipGetRunning
SevenZipGetSubVersion
SevenZipGetTime
SevenZipGetVersion
SevenZipGetWriteTime
SevenZipGetWriteTimeEx
SevenZipIsSFXFile
SevenZipKillOwnerWindowEx
SevenZipKillOwnerWindowEx64
SevenZipOpenArchive
SevenZipPasswordDialog
SevenZipQueryFunctionList
SevenZipSetBackGroundMode
SevenZipSetCursorInterval
SevenZipSetCursorMode
SevenZipSetDefaultPassword
SevenZipSetOwnerWindow
SevenZipSetOwnerWindowEx
SevenZipSetOwnerWindowEx64
SevenZipSetPriority
SevenZipSetUnicodeMode
SevenZipSfxConfigDialog
SevenZipSfxFileStoring

Sections

UPX0
Size: - Virtual size: 376KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 306KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
7_zip32.dll
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

SevenZip
SevenZipCheckArchive
SevenZipClearOwnerWindow
SevenZipCloseArchive
SevenZipConfigDialog
SevenZipFindFirst
SevenZipFindNext
SevenZipGetArcAccessTimeEx
SevenZipGetArcCompressedSize
SevenZipGetArcCompressedSizeEx
SevenZipGetArcCreateTimeEx
SevenZipGetArcDate
SevenZipGetArcFileName
SevenZipGetArcFileSize
SevenZipGetArcFileSizeEx
SevenZipGetArcOSType
SevenZipGetArcOriginalSize
SevenZipGetArcOriginalSizeEx
SevenZipGetArcRatio
SevenZipGetArcTime
SevenZipGetArcWriteTimeEx
SevenZipGetArchiveType
SevenZipGetAttribute
SevenZipGetBackGroundMode
SevenZipGetCRC
SevenZipGetCompressedSize
SevenZipGetCompressedSizeEx
SevenZipGetCursorInterval
SevenZipGetCursorMode
SevenZipGetDate
SevenZipGetFileCount
SevenZipGetFileName
SevenZipGetMethod
SevenZipGetOSType
SevenZipGetOriginalSize
SevenZipGetOriginalSizeEx
SevenZipGetRatio
SevenZipGetRunning
SevenZipGetSubVersion
SevenZipGetTime
SevenZipGetVersion
SevenZipGetWriteTime
SevenZipGetWriteTimeEx
SevenZipIsSFXFile
SevenZipKillOwnerWindowEx
SevenZipKillOwnerWindowEx64
SevenZipOpenArchive
SevenZipQueryFunctionList
SevenZipSetBackGroundMode
SevenZipSetCursorInterval
SevenZipSetCursorMode
SevenZipSetOwnerWindow
SevenZipSetOwnerWindowEx
SevenZipSetOwnerWindowEx64
SevenZipSetUnicodeMode

Sections

UPX0
Size: - Virtual size: 328KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 229KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
7z.dll
.dll windows x64

09c182b10b88cd78aa1b9a1fdb0142e4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

oleaut32

SysStringLen
VariantClear
VariantCopy
SysAllocString
SysAllocStringByteLen
SysFreeString
SysAllocStringLen

user32

CharUpperW
CharPrevExA

advapi32

SystemFunction036

msvcrt

strcpy
memset
realloc
free
malloc
__CxxFrameHandler
strlen
strcat
strstr
_CxxThrowException
wcscmp
strcmp
memmove
memcpy
memcmp
_purecall
strchr
__C_specific_handler
_beginthreadex
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
__dllonexit
_onexit
_initterm

kernel32

InitializeCriticalSection
ReleaseSemaphore
CreateSemaphoreW
ResetEvent
Sleep
CreateEventW
WaitForSingleObject
VirtualFree
VirtualAlloc
SetEvent
QueryPerformanceCounter
FileTimeToLocalFileTime
DeleteCriticalSection
LocalFileTimeToFileTime
WaitForMultipleObjects
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
FileTimeToDosDateTime
DosDateTimeToFileTime
GlobalMemoryStatusEx
GetSystemInfo
GetCurrentProcess
GetProcessAffinityMask
CompareFileTime
WriteFile
ReadFile
GetFileAttributesW
GetModuleHandleA
FindFirstFileW
GetLastError
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
CreateFileW
SetFileAttributesW
GetProcAddress
GetModuleHandleW
CreateDirectoryW
DeleteFileW
GetTempPathW
SetLastError
GetCurrentProcessId
GetTickCount
GetCurrentThreadId
FindClose

Exports

Exports

CreateDecoder
CreateEncoder
CreateObject
GetHandlerProperty
GetHandlerProperty2
GetHashers
GetIsArc
GetMethodProperty
GetNumberOfFormats
GetNumberOfMethods
SetCaseSensitive
SetCodecs
SetLargePageMode

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
7z.exe
.exe windows x64

41c55772e303b8488ea464a0538e35d5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

oleaut32

SysStringLen
VariantClear
VariantCopy
SysAllocString
SysStringByteLen
SysFreeString
SysAllocStringLen

user32

CharUpperW

advapi32

OpenProcessToken
GetFileSecurityW
SetFileSecurityW
RegOpenKeyExW
RegQueryValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegCloseKey

msvcrt

_exit
_c_exit
_XcptFilter
_onexit
__dllonexit
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
__C_specific_handler
_beginthreadex
_isatty
memcmp
_purecall
strlen
memset
wcsstr
_cexit
wcscmp
strcmp
memmove
fflush
fputc
fputs
_iob
fgetc
fclose
free
_CxxThrowException
malloc
__CxxFrameHandler
memcpy
__initenv
exit
__getmainargs
_initterm
__setusermatherr
_commode
_fmode
__set_app_type

kernel32

WaitForSingleObject
CreateEventW
SetEvent
InitializeCriticalSection
GetVersionExW
VirtualFree
VirtualAlloc
GetConsoleMode
SetConsoleMode
SetFileApisToOEM
GetCommandLineW
GetConsoleScreenBufferInfo
SetConsoleCtrlHandler
IsProcessorFeaturePresent
GetProcessTimes
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
SetProcessAffinityMask
OpenEventW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
GetStdHandle
GetSystemTimeAsFileTime
FileTimeToDosDateTime
GlobalMemoryStatusEx
GetSystemInfo
GetProcessAffinityMask
FileTimeToLocalFileTime
FileTimeToSystemTime
CompareFileTime
GetCurrentProcess
GetDiskFreeSpaceW
GetFileInformationByHandle
SetEndOfFile
WriteFile
ReadFile
SetFilePointer
GetFileSize
DeviceIoControl
GetLogicalDriveStringsW
GetLastError
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
LoadLibraryExW
LoadLibraryW
GetModuleFileNameW
LocalFree
FormatMessageW
CloseHandle
SetFileTime
CreateFileW
SetFileAttributesW
RemoveDirectoryW
MoveFileW
GetProcAddress
GetModuleHandleW
CreateDirectoryW
DeleteFileW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetTempPathW
SetLastError
GetCurrentProcessId
GetTickCount
GetCurrentThreadId
FindClose
FindFirstFileW
FindNextFileW
GetModuleHandleA
GetFileAttributesW

Sections

.text
Size: 311KB - Virtual size: 311KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BANNER.EXE
BASENAME.EXE
BROWSE.COM
CAT.EXE
.exe windows x86

891a8a1ea1fd825bc2460ce233fb7d00

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
FindFirstFileA
FindNextFileA
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
GetLastError
WriteFile
HeapAlloc
HeapReAlloc
HeapFree
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
CloseHandle
SetFilePointer
GetStringTypeA
WideCharToMultiByte
GetStringTypeW
MultiByteToWideChar
RtlUnwind
FindClose
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
VirtualAlloc
LCMapStringA
LCMapStringW
FlushFileBuffers
CreateFileA
SetStdHandle
ReadFile
GetProcAddress
LoadLibraryA
SetEndOfFile

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 951B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CHECKDEL.EXE
CHMOD.EXE
.exe windows x86

d4b8ac9c16b763dcac4ceed3e72184ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
GetFileAttributesA
FindClose
FindNextFileA
FindFirstFileA
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
GetLastError
SetEnvironmentVariableA
SetCurrentDirectoryA
GetCommandLineA
GetVersion
WriteFile
HeapAlloc
HeapReAlloc
HeapFree
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
GetStringTypeA
WideCharToMultiByte
SetFileAttributesA
MultiByteToWideChar
SetFilePointer
RtlUnwind
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
VirtualAlloc
LCMapStringA
LCMapStringW
FlushFileBuffers
SetStdHandle
GetProcAddress
LoadLibraryA
CloseHandle

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 951B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CMP.EXE
COMM.EXE
CP.EXE
.exe windows x86

c38fa07fc78c6b3b426a56b9e2820a2f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
FindFirstFileA
FindNextFileA
SetFileAttributesA
SetFileTime
GetFileTime
GetFileAttributesA
GetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
ExitProcess
TerminateProcess
GetCurrentProcess
GetLastError
CreateDirectoryA
CloseHandle
SetStdHandle
GetFileType
DeleteFileA
WriteFile
ReadFile
CreateFileA
GetCommandLineA
GetVersion
HeapAlloc
HeapReAlloc
HeapFree
SetHandleCount
FindClose
GetStartupInfoA
SetFilePointer
MultiByteToWideChar
LCMapStringA
WideCharToMultiByte
LCMapStringW
FlushFileBuffers
SetEndOfFile
RtlUnwind
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
VirtualAlloc
GetStringTypeA
GetStringTypeW
GetProcAddress
LoadLibraryA

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 951B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CPIO.EXE
CUT.EXE
.exe windows x86

b380aa2fe1414ea2c24465f6c23eb298

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

_fstat
_getcwd
_open
_read
_close
_strdup
_assert
_cexit
_errno
_fileno
_fmode
_fpreset
_iob
_setmode
__getmainargs
_stricmp
_strnicmp
_wcsicmp
atexit
bsearch
calloc
clearerr
exit
fclose
feof
ferror
fflush
fgets
fopen
fprintf
fputs
free
fwrite
getc
getenv
isalnum
isalpha
isdigit
isspace
__p__environ
malloc
memcpy
memset
printf
putc
putchar
puts
qsort
realloc
setlocale
signal
strchr
strcmp
strcpy
strerror
strncmp
tolower
ungetc
vfprintf
__set_app_type

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
DATE.EXE
.exe windows x86

a00827a304986b09e9bd13f17f5cacf9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetEnvironmentStrings
GetCommandLineA
GetVersion
GetLastError
WriteFile
SetFilePointer
GetStdHandle
GetFileType
GetStartupInfoA
GetTimeZoneInformation
WideCharToMultiByte
GetProcAddress
GetModuleHandleA
MultiByteToWideChar
GetLocalTime
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
GetACP
GetOEMCP
GetCPInfo
VirtualFree
VirtualAlloc
SetStdHandle
FlushFileBuffers
SetEnvironmentVariableA
CloseHandle
SetEnvironmentVariableW

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DBGVIEW.CHM
.chm
DD.EXE
DDATE.EXE
.exe windows x86

a00827a304986b09e9bd13f17f5cacf9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetEnvironmentStrings
GetCommandLineA
GetVersion
GetLastError
WriteFile
SetFilePointer
GetStdHandle
GetFileType
GetStartupInfoA
GetTimeZoneInformation
WideCharToMultiByte
GetProcAddress
GetModuleHandleA
MultiByteToWideChar
GetLocalTime
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
GetACP
GetOEMCP
GetCPInfo
VirtualFree
VirtualAlloc
SetStdHandle
FlushFileBuffers
SetEnvironmentVariableA
CloseHandle
SetEnvironmentVariableW

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DEPENDS.EXE
.exe windows x86

2bf41f360664da2a14e6de608b584b73

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

mfc42

ord3798
ord4837
ord4436
ord2648
ord2055
ord1665
ord6376
ord3749
ord5065
ord1727
ord5254
ord2445
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord5283
ord2649
ord527
ord401
ord825
ord674
ord3481
ord2252
ord5910
ord6120
ord5031
ord2379
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord794
ord4427
ord4424
ord815
ord384
ord561
ord1168
ord6215
ord617
ord5301
ord5214
ord296
ord2635
ord2558
ord986
ord411
ord2097
ord4159
ord6117
ord2621
ord2725
ord641
ord800
ord2515
ord355
ord2514
ord4234
ord5265
ord4376
ord4853
ord4998
ord6052
ord4078
ord1775
ord5241
ord2385
ord5280
ord4441
ord5261
ord2446
ord4425
ord3597
ord860
ord941
ord5572
ord2915
ord858
ord3522
ord540
ord324
ord4224
ord537
ord5710
ord939
ord4129
ord2764
ord535
ord6403
ord2289
ord2370
ord1768
ord4710
ord5953
ord3098
ord3738
ord686
ord4238
ord6374
ord4353
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord4823
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord338
ord652
ord2652
ord1669
ord823
ord5981
ord2583
ord4589
ord4588
ord4899
ord4370
ord4892
ord4532
ord5076
ord4341
ord4349
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord4403
ord5240
ord5290
ord3748
ord1726
ord4432
ord303
ord1849
ord4244
ord813
ord3998
ord2859
ord5253
ord3996
ord2862
ord3286
ord6007
ord5852
ord3495
ord2860
ord4448
ord4671
ord4676
ord1859
ord4246
ord3869
ord2127
ord2391
ord5102
ord5105
ord4468
ord3350
ord975
ord2880
ord4153
ord2383
ord5284
ord4437
ord5255
ord4428
ord796
ord554
ord529
ord402
ord807
ord4220
ord2584
ord3654
ord2438
ord6270
ord2863
ord2494
ord2627
ord2626
ord5871
ord6000
ord2117
ord4163
ord2120
ord4457
ord3663
ord1644
ord1146
ord3293
ord6170
ord4133
ord4297
ord1942
ord4272
ord4000
ord6008
ord5259
ord3297
ord3914
ord3287
ord4303
ord5104
ord5100
ord3059
ord2390
ord2723
ord2101
ord5163
ord2382
ord5237
ord4407
ord1776
ord4077
ord6055
ord4152
ord2878
ord2879
ord3403
ord5472
ord976
ord5012
ord3351
ord4696
ord3058
ord1858
ord5101
ord4245
ord1175
ord1825
ord5683
ord1576

msvcrt

_onexit
__dllonexit
??1type_info@@UAE@XZ
__set_app_type
_controlfp
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p__acmdln
exit
_XcptFilter
_exit
_except_handler3
strchr
strncpy
_vsnprintf
_stricmp
strrchr
_strlwr
_strupr
__CxxFrameHandler
_EH_prolog
sprintf
_setmbcp

advapi32

RegQueryValueA
RegSetValueA

kernel32

GetModuleFileNameA
SearchPathA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetLastError
GetFileInformationByHandle
UnmapViewOfFile
MapViewOfFile
CloseHandle
CreateFileMappingA
CreateFileA
SetCurrentDirectoryA
GlobalUnlock
GlobalLock
GlobalAlloc
GetModuleHandleA
GetStartupInfoA
GetShortPathNameA
GetSystemDirectoryA

gdi32

SelectObject
GetStockObject
GetTextAlign
GetTextExtentPointA

user32

GetSubMenu
SetClipboardData
EmptyClipboard
OpenClipboard
LoadMenuA
GetMessagePos
CloseClipboard
DrawFocusRect
GetSysColor
CopyRect
ScreenToClient
GetDC
ReleaseDC
InvalidateRect
GetClientRect
EnableWindow
UpdateWindow
SendMessageA

shell32

ShellExecuteExA
ShellExecuteA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

comctl32

ImageList_Draw

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
DF.EXE
.exe windows x86

ff985f70ef920c9fd507aab51a5f4455

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetLogicalDriveStringsA
GetProcAddress
LoadLibraryA
GetDiskFreeSpaceExA
GetVersionExA
GetVolumeInformationA
GetDiskFreeSpaceA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
WideCharToMultiByte
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
SetErrorMode
GetOEMCP
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
HeapAlloc
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapFree
VirtualAlloc
GetLastError
FlushFileBuffers
SetFilePointer
HeapReAlloc
SetStdHandle
CloseHandle

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 951B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DIFF.EXE
.exe windows x86

11780233a61b1a5997da10335c79c682

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

_dup2
_fstat
_lseek
_open
_read
_close
_setmode
_spawnl
_stat
_cexit
_cwait
_errno
_fileno
_findclose
_findfirst
_findnext
_fmode
_fpreset
_iob
_pipe
_setmode
_stat
__getmainargs
_stricmp
abort
atexit
atoi
ctime
exit
fclose
ferror
fflush
fprintf
free
fwrite
getenv
isalnum
isalpha
iscntrl
isdigit
islower
isprint
ispunct
isspace
isupper
__p__environ
isxdigit
malloc
memchr
memcpy
memset
perror
printf
putc
putchar
qsort
realloc
signal
sprintf
strcat
strcmp
strcpy
strncmp
strncpy
strrchr
time
tolower
__set_app_type

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
DIFFUPDT.EXE
DIRNAME.EXE
DU.EXE
.exe windows x86

75cb4d1c9acaeb02b7b6b9e701355f67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_pctype
_errno
sprintf
_assert
free
malloc
strchr
bsearch
qsort
fprintf
fflush
_isctype
__mb_cur_max
fgets
fopen
tolower
abort
putc
strerror
vfprintf
fclose
setlocale
strncpy
_strlwr
_stat
_get_osfhandle
printf
_mkdir
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_iob
puts
exit
getenv
strncmp
realloc
calloc
_fstat
_chdir
_getcwd
_read
_close
_open
_access
_utime
_chsize
_chmod

kernel32

FindClose
FindFirstFileA
GetFullPathNameA
CreateFileA
FindNextFileA
GetFileInformationByHandle
CloseHandle

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Dbgview.exe
.exe windows x86

87be1ba8aa2e87fa759601d9b630c538

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:0f:78:4d:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/08/2007, 00:23

Not After

23/02/2009, 00:33

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:14:2c:a7:00:00:00:00:00:06
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/06/2007, 23:54

Not After

13/06/2012, 00:04

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:27F4-D440-54F3,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:14:2c:a7:00:00:00:00:00:06
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/06/2007, 23:54

Not After

13/06/2012, 00:04

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:27F4-D440-54F3,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:7c:f6:10:bd:94:4c:08:41:fb:2a:a3:e7:9a:23:19:ab:ea:a2:c5
Signer

Actual PE Digest

06:7c:f6:10:bd:94:4c:08:41:fb:2a:a3:e7:9a:23:19:ab:ea:a2:c5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

htonl
bind
getsockname
listen
accept
inet_ntoa
WSAStartup
inet_addr
gethostbyaddr
htons
gethostbyname
socket
connect
WSAGetLastError
closesocket

mpr

WNetAddConnection2A
WNetCancelConnection2A

comctl32

ord17
CreateToolbarEx

kernel32

lstrlenA
GetTimeFormatA
InitializeCriticalSection
GetCurrentProcessId
GetComputerNameA
GetFullPathNameA
GetCommandLineA
GetVersion
GetOverlappedResult
WriteFile
ResetEvent
WaitForMultipleObjects
ReadFile
LockResource
SizeofResource
LoadResource
FindResourceA
LocalAlloc
RaiseException
GetTickCount
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcpyA
lstrcatA
HeapFree
HeapAlloc
GetProcessHeap
GetDateFormatA
DosDateTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileSize
GlobalFree
WriteFileEx
QueueUserAPC
SleepEx
ExpandEnvironmentStringsA
GetSystemTimeAsFileTime
FindFirstFileA
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
FlushFileBuffers
GetFileType
SetHandleCount
GetConsoleMode
GetConsoleCP
Sleep
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapReAlloc
VirtualAlloc
FatalAppExitA
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
GetCurrentThread
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
GetCPInfo
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
GetVersionExA
CreateThread
ResumeThread
ExitThread
SearchPathA
FindClose
GlobalMemoryStatus
LoadLibraryA
FreeLibrary
CreateFileA
QueryPerformanceFrequency
GetCurrentDirectoryA
GetUserDefaultLCID
GetSystemDirectoryA
DeviceIoControl
GetCurrentThreadId
WaitForSingleObject
TerminateThread
SetLastError
EnterCriticalSection
LeaveCriticalSection
OpenMutexA
CreateMutexA
CreateFileMappingA
MapViewOfFile
CreateEventA
UnmapViewOfFile
GetSystemTime
SystemTimeToFileTime
QueryPerformanceCounter
SetEvent
InterlockedIncrement
CloseHandle
lstrcpynA
GetLastError
FormatMessageA
LocalFree
GetCurrentProcess
GetModuleHandleA
GetProcAddress
GetEnvironmentVariableA
DeleteFileA
SetFilePointer
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetConsoleCtrlHandler
InterlockedExchange
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetTimeZoneInformation
HeapSize
GetLocaleInfoW
SetEndOfFile
CompareStringA
CompareStringW
GetEnvironmentStringsW
SetEnvironmentVariableA

user32

BeginPaint
DrawTextA
EndPaint
GetFocus
ClientToScreen
ScreenToClient
GetDialogBaseUnits
DrawFocusRect
GetParent
IsDlgButtonChecked
PostMessageA
CheckRadioButton
DialogBoxIndirectParamA
InflateRect
RegisterClassExA
FindWindowA
LoadAcceleratorsA
RegisterWindowMessageA
MsgWaitForMultipleObjects
PeekMessageA
TranslateAcceleratorA
IsWindow
IsDialogMessageA
TranslateMessage
DispatchMessageA
GetMessageA
RegisterClassA
LoadBitmapA
SetTimer
LoadStringA
MoveWindow
DefWindowProcA
KillTimer
GetClientRect
InvalidateRgn
CreateDialogParamA
GetCursorPos
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
CallWindowProcA
GetWindowThreadProcessId
SetWindowLongA
DestroyWindow
SetForegroundWindow
TrackPopupMenu
CreateWindowExA
UpdateWindow
SetWindowPos
SetDlgItemTextA
SendDlgItemMessageA
AttachThreadInput
AppendMenuA
SetMenuItemBitmaps
DialogBoxParamA
SetFocus
GetDlgItemTextA
SetCapture
ReleaseCapture
EnableMenuItem
DeleteMenu
GetWindowRect
IsIconic
IsZoomed
SendMessageA
GetSystemMetrics
LoadIconA
GetWindowTextA
ShowWindow
GetDC
GetMenuCheckMarkDimensions
ReleaseDC
PostQuitMessage
SetWindowTextA
EndDialog
GetDlgItem
LoadCursorA
GetSysColorBrush
GetSysColor
ChildWindowFromPoint
InvalidateRect
SetCursor
GetSubMenu
GetMenuItemCount
InsertMenuItemA
MessageBoxA
GetMenu
CheckMenuItem
EnableWindow
CheckDlgButton
ModifyMenuA

gdi32

CreateFontA
GetTextExtentPointA
TextOutA
AbortDoc
GetTextExtentPoint32A
ExtTextOutA
SetAbortProc
SetBkColor
GetDeviceCaps
SetMapMode
StartDocA
StartPage
EndPage
EndDoc
GetTextMetricsA
DeleteObject
CreateSolidBrush
SelectObject
SetTextColor
SetBkMode
CreateFontIndirectA
GetObjectA
GetStockObject
DeleteDC
StretchBlt
CreateCompatibleDC
CreateCompatibleBitmap

comdlg32

GetSaveFileNameA
GetOpenFileNameA
ChooseColorA
FindTextA
ChooseFontA
PrintDlgA

advapi32

OpenSCManagerA
DeleteService
ControlService
OpenServiceA
StartServiceA
QueryServiceStatus
CreateServiceA
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyA
RegQueryValueExA
RegCreateKeyA
RegDeleteValueA
RegSetValueExA
RegCloseKey
RegDeleteKeyA
RegOpenKeyExA

shell32

ShellExecuteExA
SHGetMalloc
SHGetSpecialFolderLocation
SHBrowseForFolderA
Shell_NotifyIconA
ShellExecuteA

Sections

.text
Size: 200KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ENTAB.EXE
.exe windows x86

a58e33ce6be2c6d2cdf022694fceccd8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
FindFirstFileA
FindNextFileA
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
GetLastError
WriteFile
HeapAlloc
HeapReAlloc
HeapFree
SetFilePointer
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
ReadFile
RtlUnwind
UnhandledExceptionFilter
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FindClose
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
VirtualAlloc
LCMapStringA
LCMapStringW
SetStdHandle
FlushFileBuffers
CloseHandle
CreateFileA
GetStringTypeA
GetStringTypeW
GetProcAddress
LoadLibraryA
SetEndOfFile

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 951B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EXPR.EXE
FIND.EXE
FUNZIP.EXE
.exe windows x86

2d169b27057b49979e0456597ff323a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ReadFile
GetEnvironmentStrings
GetCommandLineA
ExitProcess
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
GetFileType
GetStdHandle
GetStartupInfoA
VirtualFree
VirtualAlloc
WriteFile
GetLastError
GetVersion
FlushFileBuffers
SetFilePointer
WideCharToMultiByte
SetStdHandle
CloseHandle
CreateFileA
SetEndOfFile
SetConsoleMode
ReadConsoleInputA
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
WriteConsoleA

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 780B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FV.EXE
GETOPT.EXE
GREP.EXE
.exe windows x86

28a0f7f1ddf7638e14947a644f0e70c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

libintl3

libintl_bindtextdomain
libintl_fprintf
libintl_gettext
libintl_printf
libintl_textdomain
libintl_vfprintf

pcre3

pcre_compile
pcre_exec
pcre_maketables
pcre_study
regcomp
regexec
regfree

regex2

re_compile_pattern
re_match
re_search
re_set_syntax

kernel32

ExitProcess
GetFileAttributesA
GetLastError
SetUnhandledExceptionFilter
VirtualProtect

msvcrt

_close
_isatty
_lseek
_open
_read
_setmode
__getmainargs
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_errno
_filbuf
_findclose
_findfirst
_findnext
_flsbuf
_fullpath
_iob
_isctype
_onexit
_pctype
_setmode
_stati64
_stricmp
abort
atexit
calloc
exit
fclose
fflush
fopen
fprintf
fputc
fputs
fread
free
fwrite
getenv
iswctype
malloc
memchr
memcpy
memmove
memset
realloc
setlocale
signal
strchr
strcmp
strcoll
strcpy
strerror
strlen
strncmp
strncpy
strrchr
tolower
toupper
towlower
towupper
wcscoll

msvcp60

mbrlen
mbrtowc
wcrtomb
wctype

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
GUNZIP.EXE
.exe windows x86

ce776ec283abd9164b46f17f127824a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

crtdll

__mb_cur_max_dll
_commode_dll
_fmode_dll
_XcptFilter
__GetMainArgs
_chmod
_close
_errno
_except_handler2
_exit
_fstat
_initterm
_iob
_isatty
_isctype
_lseek
_open
_pctype_dll
_read
_setmode
_stat
_unlink
_utime
_write
atoi
calloc
ctime
exit
fflush
fgets
fprintf
free
getenv
malloc
perror
printf
putc
signal
strcspn
strncmp
strncpy
strrchr
strspn

Sections

.text
Size: 34KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 320KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.debug
Size: 16KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
GZIP.EXE
.exe windows x86

ce776ec283abd9164b46f17f127824a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

crtdll

__mb_cur_max_dll
_commode_dll
_fmode_dll
_XcptFilter
__GetMainArgs
_chmod
_close
_errno
_except_handler2
_exit
_fstat
_initterm
_iob
_isatty
_isctype
_lseek
_open
_pctype_dll
_read
_setmode
_stat
_unlink
_utime
_write
atoi
calloc
ctime
exit
fflush
fgets
fprintf
free
getenv
malloc
perror
printf
putc
signal
strcspn
strncmp
strncpy
strrchr
strspn

Sections

.text
Size: 34KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 320KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.debug
Size: 16KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HEAD.EXE
.exe windows x86

ea4f8963a3fe8e270e4f1e1518b60e63

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

_fstat
_getcwd
_isatty
_open
_read
_close
_strdup
_assert
_cexit
_errno
_fileno
_fmode
_fpreset
_iob
_setmode
__getmainargs
_stricmp
_strnicmp
_wcsicmp
atexit
bsearch
exit
fclose
feof
ferror
fflush
fgets
fopen
fprintf
fputs
free
fwrite
getenv
isalnum
isalpha
isdigit
isspace
__p__environ
malloc
memcpy
printf
putc
puts
qsort
realloc
setlocale
signal
strchr
strcmp
strerror
strncmp
tolower
toupper
vfprintf
__set_app_type

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 832B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HOSTNAME.EXE
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

__GetExceptDLLinfo

Sections

CODE
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
LOGDIR.EXE
LOGIN.EXE
LS.EXE
.exe windows x86

30448eebb3cb9587d9bd53cf2ed52b06

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
FindFirstFileA
FindNextFileA
FileTimeToDosDateTime
FileTimeToLocalFileTime
ExitProcess
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
GetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
GetCommandLineA
GetVersion
GetLastError
WriteFile
HeapReAlloc
WideCharToMultiByte
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
MultiByteToWideChar
LCMapStringA
LCMapStringW
FindClose
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetStringTypeA
GetStringTypeW
RtlUnwind
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
GetModuleFileNameA
CompareStringA
CompareStringW
SetEnvironmentVariableA
FlushFileBuffers
SetStdHandle
GetProcAddress
LoadLibraryA
CloseHandle

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 951B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Limpia_dir.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 540KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 345KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
MORE.EXE
MSVBVM50.DLL
.dll regsvr32 windows x86

0615e9c25da62e90a31fe72638c8f4fb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MoveFileA
ReadFile
LockFile
RemoveDirectoryA
CreateDirectoryA
UnlockFile
HeapSize
GetStringTypeW
FlushFileBuffers
TerminateProcess
HeapFree
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetStdHandle
GetTimeZoneInformation
LockResource
ExitThread
RaiseException
GetTempFileNameA
lstrcpynA
GetLastError
_lclose
_llseek
FreeLibrary
GetLocaleInfoA
lstrcpyA
GetModuleHandleA
GetSystemDefaultLangID
FormatMessageA
TlsGetValue
HeapCreate
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
IsDBCSLeadByte
IsBadReadPtr
MulDiv
lstrcmpiA
GetTickCount
GetCurrentThreadId
lstrcmpA
lstrlenA
HeapAlloc
CreateThread
SetEnvironmentVariableA
LCMapStringW
GetStringTypeA
CompareStringW
FileTimeToLocalFileTime
SetLocalTime
SetFileAttributesA
SetFileTime
FileTimeToSystemTime
GetFileTime
GetUserDefaultLangID
GetModuleFileNameW
GetLocalTime
CreateProcessW
RtlUnwind
GetDateFormatA
UnhandledExceptionFilter
FormatMessageW
GetStartupInfoA
SetCurrentDirectoryA
ExitProcess
GetShortPathNameA
GetVolumeInformationA
GetStringTypeExA
GetDriveTypeA
FindClose
FindFirstFileA
FindNextFileA
VirtualAlloc
VirtualFree
GetSystemInfo
WinExec
VirtualProtect
FlushInstructionCache
SetFilePointer
WriteFile
SetEndOfFile
ResumeThread
GetCurrentProcess
DuplicateHandle
TlsFree
GetCommandLineA
TlsSetValue
lstrcmpiW
TlsAlloc
GetVersion
LoadLibraryExA
CreateProcessA
GetExitCodeProcess
MultiByteToWideChar
GetSystemTime
SystemTimeToFileTime
SetEvent
WaitForSingleObject
ResetEvent
GetCurrentProcessId
CloseHandle
CreateEventA
IsBadCodePtr
FreeResource
GetSystemDefaultLCID
LoadLibraryA
GetUserDefaultLCID
GetSystemDirectoryA
Sleep
GetProcAddress
GetVersionExA
SetErrorMode
GlobalDeleteAtom
HeapDestroy
LCMapStringA
GlobalAddAtomA
ReleaseSemaphore
GetProfileStringA
CreateSemaphoreA
VirtualQuery
CompareStringA
WideCharToMultiByte
HeapReAlloc
GetCurrentDirectoryA
lstrcatA
GetFileAttributesA
GetFullPathNameA
GetModuleFileNameA
SearchPathA
GetFileType
SetLastError
CreateFileA
GlobalFree
DeleteFileA
GlobalUnlock
SizeofResource
FindResourceA
LoadResource
GlobalHandle
GlobalAlloc
GlobalSize
_lwrite
GlobalReAlloc
GlobalLock
GetTempPathA
_lread
GetWindowsDirectoryA
SetHandleCount
GetStdHandle
GetCPInfo

user32

DdeConnect
DdePostAdvise
DdeClientTransaction
DdeAbandonTransaction
DdeGetData
DdeGetLastError
DdeCreateDataHandle
DdeCmpStringHandles
SetCursorPos
EnumClipboardFormats
DestroyCursor
GetAsyncKeyState
WaitForInputIdle
GetForegroundWindow
keybd_event
VkKeyScanW
SetWindowsHookExW
CharUpperBuffW
CharUpperBuffA
CharLowerBuffW
FindWindowW
FindWindowA
GetLastActivePopup
GetClassInfoExA
LoadIconA
RegisterClassExA
FrameRect
CreateDialogParamA
IsRectEmpty
IsDialogMessageA
ShowCursor
OemToCharA
CharToOemBuffA
LoadAcceleratorsA
BringWindowToTop
GetClipboardFormatNameA
DrawTextA
SetWindowTextA
SendDlgItemMessageA
SetDlgItemTextA
GetWindowTextA
EndDialog
LoadBitmapA
CallNextHookEx
DispatchMessageA
MsgWaitForMultipleObjects
WaitMessage
PostQuitMessage
GetKeyboardLayout
UnhookWindowsHookEx
RegisterClipboardFormatA
CreateCursor
CreateIcon
PostMessageW
PeekMessageW
GetPropA
RemovePropA
SetPropA
CharUpperA
ClipCursor
GetKeyState
DefFrameProcA
GetDlgItem
IsWindow
UnregisterClassA
RegisterClassA
DestroyWindow
AdjustWindowRect
GetTabbedTextExtentA
TabbedTextOutA
GetUpdateRect
FillRect
CharToOemA
LoadStringA
MessageBoxA
wsprintfA
WinHelpA
GetSysColor
GetWindowDC
GetSystemMetrics
SetActiveWindow
DdeSetUserHandle
DdeDisconnect
EqualRect
CopyRect
AdjustWindowRectEx
TranslateMDISysAccel
GetMenuItemCount
GetMenuStringA
GetMenuState
AppendMenuA
IsCharAlphaA
GetCaretPos
CharPrevA
CharNextA
ReleaseDC
GetDC
IntersectRect
GetUpdateRgn
BeginPaint
EndPaint
PtInRect
WindowFromPoint
ReleaseCapture
SetCapture
InflateRect
GetWindowRect
ScreenToClient
MoveWindow
IsWindowEnabled
GetActiveWindow
IsChild
SetParent
ClientToScreen
DrawFocusRect
GetMessageTime
GetMessagePos
CopyAcceleratorTableA
GetWindowRgn
GetMenuItemInfoA
SetMenuItemInfoA
GetKeyboardState
TranslateMessage
SetKeyboardState
GetQueueStatus
RemoveMenu
EnableMenuItem
MapWindowPoints
GetCursorPos
CallWindowProcA
GetDoubleClickTime
CreateMenu
GetClientRect
CreateWindowExA
SetWindowContextHelpId
InvalidateRect
DefWindowProcA
GetDesktopWindow
GetWindowThreadProcessId
SetForegroundWindow
MessageBeep
DefMDIChildProcA
IsZoomed
DestroyMenu
PeekMessageA
PostMessageA
IsIconic
UpdateWindow
SetWindowLongA
DrawMenuBar
GetWindowLongA
IsWindowVisible
EnableWindow
SetFocus
SendMessageA
ShowWindow
GetCapture
GetClassNameA
SetWindowsHookExA
LoadCursorA
SetCursor
GetWindow
GetParent
GetFocus
OffsetRect
SetWindowPos
GetSystemMenu
DdeUninitialize
DdeCreateStringHandleA
DdeNameService
DdeQueryConvInfo
DdeInitializeA
DdeFreeStringHandle
SetScrollRange
DdeQueryStringA
DdeFreeDataHandle
LockWindowUpdate
SetScrollPos
DrawFrameControl
SetClipboardData
CharLowerBuffA
IsClipboardFormatAvailable
EmptyClipboard
GetClipboardData
OpenClipboard
SetCaretPos
CloseClipboard
GetCaretBlinkTime
DestroyCaret
GetWindowTextLengthA
HideCaret
GetScrollPos
CreateCaret
ShowCaret
ToAscii
SetRect
SetWindowRgn
ShowScrollBar
CreateAcceleratorTableA
DestroyAcceleratorTable
SubtractRect
EnumThreadWindows
SetScrollInfo
AttachThreadInput
InvalidateRgn
GetDCEx
DeleteMenu
TrackPopupMenu
SetMenuDefaultItem
GetSubMenu
CreatePopupMenu
InsertMenuA
SetMenu
GetMenuItemID
GetMenu
SetTimer
CheckMenuItem
ModifyMenuA
GetIconInfo
KillTimer
GetCursor
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
CharLowerA
PostThreadMessageA
VkKeyScanA
DrawIcon
MessageBoxIndirectA
SystemParametersInfoA
DestroyIcon
DialogBoxParamA
GetClassInfoA
LoadImageA
GetScrollInfo

gdi32

CreateSolidBrush
CreatePen
SetBkColor
CreateHatchBrush
CreatePatternBrush
CreateBitmap
SetTextColor
OffsetRgn
CreateRectRgn
OffsetWindowOrgEx
PatBlt
SetBrushOrgEx
SelectObject
IntersectClipRect
SaveDC
RestoreDC
CombineRgn
SetRectRgn
Rectangle
SelectPalette
GetClipBox
RealizePalette
SetWindowOrgEx
ExcludeClipRect
SetROP2
GetTextMetricsA
EnumFontsA
CreateHalftonePalette
SetBkMode
GetROP2
TranslateCharsetInfo
BitBlt
CreateCompatibleDC
DeleteDC
GetObjectA
GetDeviceCaps
CreateCompatibleBitmap
CreateBrushIndirect
GetStockObject
CreatePenIndirect
MoveToEx
Arc
LineTo
Ellipse
SetStretchBltMode
Pie
ExtTextOutA
GetTextExtentPoint32A
GetPixel
CreateRectRgnIndirect
GetBitmapBits
SetPixelV
GetCurrentObject
GetTextExtentPointA
StretchDIBits
GetBkColor
StretchBlt
TextOutA
CreatePalette
EndDoc
CreateDIBitmap
StartPage
EndPage
AbortDoc
CreateDCA
ResetDCA
StartDocA
ScaleViewportExtEx
SetViewportExtEx
Escape
SetWindowExtEx
SetMapMode
SetViewportOrgEx
CloseMetaFile
CreateMetaFileA
DeleteMetaFile
SelectClipRgn
SetAbortProc
PlayMetaFile
PtInRegion
DeleteEnhMetaFile
CreateFontIndirectA
GetEnhMetaFileHeader
ScaleWindowExtEx
PlayEnhMetaFile
GetPaletteEntries
CloseEnhMetaFile
GetWindowOrgEx
CreateICA
ExtCreateRegion
CreateEnhMetaFileA
GetWindowExtEx
GetViewportExtEx
GetDIBits
CopyMetaFileA
PathToRegion
CopyEnhMetaFileA
BeginPath
WidenPath
EndPath
GetMapMode
SetDIBColorTable
GetTextColor
RoundRect
CreateRoundRectRgn
CreateDIBSection
GetObjectType
GetSystemPaletteEntries
CreateEllipticRgnIndirect
DeleteObject
UnrealizeObject
GetNearestColor

advapi32

ReportEventA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueA
RegSetValueA
RegSetValueExA
RegCreateKeyA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegisterEventSourceA
DeregisterEventSource
RegQueryInfoKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegSetValueExW
RegOpenKeyW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegEnumValueA
RegQueryValueExW
RegCreateKeyW

ole32

OleLoad
BindMoniker
RegisterDragDrop
RevokeDragDrop
CoLockObjectExternal
DoDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
CreateDataAdviseHolder
CreateOleAdviseHolder
OleLoadFromStream
CoMarshalInterface
CoUnmarshalInterface
CreateStreamOnHGlobal
StringFromCLSID
StringFromGUID2
CLSIDFromProgID
ProgIDFromCLSID
CoGetClassObject
CoCreateInstance
CoRegisterClassObject
CoRevokeClassObject
CLSIDFromString
MkParseDisplayName
OleLockRunning
CreateILockBytesOnHGlobal
OleFlushClipboard
ReleaseStgMedium
OleQueryLinkFromData
OleQueryCreateFromData
OleIsCurrentClipboard
OleSetMenuDescriptor
OleSave
StgOpenStorage
OleDoAutoConvert
OleDuplicateData
OleRegGetUserType
CoIsOle1Class
OleSaveToStream
ReadClassStm
ReadClassStg
OleConvertIStorageToOLESTREAM
OleConvertOLESTREAMToIStorage
StgCreateDocfile
StgIsStorageILockBytes
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
OleCreateFromData
OleCreateLinkFromData
OleGetIconOfClass
OleGetClipboard
OleSetClipboard
OleIsRunning
CreateBindCtx
OleCreateLink
OleCreateLinkToFile
GetClassFile
OleGetAutoConvert
OleRun
OleCreateFromFile
WriteClassStg
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoGetMalloc
IIDFromString
CoDisconnectObject
IsAccelerator

oleaut32

VariantClear
OleTranslateColor
SysFreeString
OleCreateFontIndirect
VariantInit
SysStringLen
SysAllocStringByteLen
OleCreatePictureIndirect
SysAllocStringLen
VariantChangeType
OaBuildVersion
CreateErrorInfo
GetErrorInfo
SetErrorInfo
SysStringByteLen
CreateDispTypeInfo
DispGetParam
DispGetIDsOfNames
DispInvoke
OleCreatePropertyFrame
LoadTypeLibEx
UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi
SafeArrayUnaccessData
SysAllocString
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayAccessData
VariantCopy
SafeArrayDestroy
SafeArrayCreate
VariantCopyInd
SafeArrayGetUBound
OleLoadPicture
SafeArrayGetElement
SafeArrayPutElement
SafeArrayGetLBound
SafeArrayCopy
OleIconToCursor
SafeArrayRedim
SafeArrayDestroyDescriptor
SafeArrayAllocData
RevokeActiveObject
SafeArrayDestroyData
SafeArrayLock
SafeArrayAllocDescriptor
VariantChangeTypeEx
GetActiveObject
SafeArrayUnlock
VarR8FromStr
SysReAllocStringLen
VarDateFromStr
VarBstrFromI2
VarCyFromI4
VarBstrFromR4
VarBstrFromR8
VarBstrFromI4
VarBstrFromCy
VarI2FromStr
VarBstrFromDate
VarI4FromR8
VarR4FromStr
VarI4FromStr
SysReAllocString
VarCyFromStr
LoadRegTypeLi
LHashValOfNameSysA

Exports

Exports

BASIC_CLASS_AddRef
BASIC_CLASS_GetIDsOfNames
BASIC_CLASS_Invoke
BASIC_CLASS_QueryInterface
BASIC_CLASS_Release
BASIC_DISPINTERFACE_GetTICount
BASIC_DISPINTERFACE_GetTypeInfo
CopyRecord
CreateIExprSrvObj
DLLGetDocumentation
DllFunctionCall
DllRegisterServer
DllUnregisterServer
EVENT_SINK2_AddRef
EVENT_SINK2_Release
EVENT_SINK_AddRef
EVENT_SINK_GetIDsOfNames
EVENT_SINK_Invoke
EVENT_SINK_QueryInterface
EVENT_SINK_Release
EbCreateContext
EbDestroyContext
EbGetHandleOfExecutingProject
EbGetObjConnectionCounts
EbGetVBAObject
EbIsProjectOnStack
EbLibraryLoad
EbLibraryUnload
EbLoadRunTime
EbResetProject
EbResetProjectNormal
EbSetContextWorkerThread
GetMem1
GetMem2
GetMem4
GetMem8
GetMemEvent
GetMemNewObj
GetMemObj
GetMemStr
GetMemVar
IID_IVbaHost
MethCallEngine
ProcCallEngine
PutMem1
PutMem2
PutMem4
PutMem8
PutMemEvent
PutMemNewObj
PutMemObj
PutMemStr
PutMemVar
SetMemEvent
SetMemNewObj
SetMemObj
SetMemVar
ThunRTMain
TipCreateInstanceEx
TipCreateInstanceProject
TipGetAddressOfPredeclaredInstance
TipInvokeMethod
TipInvokeMethod2
TipSetOption
TipUnloadInstance
TipUnloadProject
UserDllMain
VBDllCanUnloadNow
VBDllGetClassObject
VBDllRegisterServer
VBDllUnRegisterServer
VarPtr
Zombie_AddRef
Zombie_GetIDsOfNames
Zombie_GetTypeInfo
Zombie_GetTypeInfoCount
Zombie_Invoke
Zombie_QueryInterface
Zombie_Release
_CIatan
_CIcos
_CIexp
_CIlog
_CIsin
_CIsqrt
_CItan
__vbaAptOffset
__vbaAryConstruct
__vbaAryCopy
__vbaAryDestruct
__vbaAryLock
__vbaAryMove
__vbaAryRebase1Var
__vbaAryUnlock
__vbaAryVarVarg
__vbaBoolErrVar
__vbaBoolStr
__vbaBoolVar
__vbaBoolVarNull
__vbaCastObj
__vbaCastObjVar
__vbaCheckType
__vbaCheckTypeVar
__vbaChkstk
__vbaCopyBytes
__vbaCyAbs
__vbaCyAdd
__vbaCyErrVar
__vbaCyFix
__vbaCyForInit
__vbaCyForNext
__vbaCyI2
__vbaCyI4
__vbaCyInt
__vbaCyMul
__vbaCyMulI2
__vbaCySgn
__vbaCyStr
__vbaCySub
__vbaCyUI1
__vbaCyVar
__vbaDateR4
__vbaDateR8
__vbaDateStr
__vbaDateVar
__vbaDerefAry
__vbaDerefAry1
__vbaEnd
__vbaErase
__vbaEraseKeepData
__vbaEraseNoPop
__vbaError
__vbaErrorOverflow
__vbaExceptHandler
__vbaExitEachAry
__vbaExitEachColl
__vbaExitEachVar
__vbaExitProc
__vbaFPException
__vbaFPFix
__vbaFPInt
__vbaFailedFriend
__vbaFileClose
__vbaFileCloseAll
__vbaFileLock
__vbaFileOpen
__vbaFileSeek
__vbaFixstrConstruct
__vbaForEachAry
__vbaForEachCollAd
__vbaForEachCollObj
__vbaForEachCollVar
__vbaForEachVar
__vbaFpCDblR4
__vbaFpCDblR8
__vbaFpCSngR4
__vbaFpCSngR8
__vbaFpCmpCy
__vbaFpCy
__vbaFpI2
__vbaFpI4
__vbaFpR4
__vbaFpR8
__vbaFpUI1
__vbaFreeObj
__vbaFreeObjList
__vbaFreeStr
__vbaFreeStrList
__vbaFreeVar
__vbaFreeVarList
__vbaFreeVarg
__vbaGenerateBoundsError
__vbaGet3
__vbaGet4
__vbaGetFxStr3
__vbaGetFxStr4
__vbaGetOwner3
__vbaGetOwner4
__vbaGosub
__vbaGosubFree
__vbaGosubReturn
__vbaHresultCheck
__vbaHresultCheckNonvirt
__vbaHresultCheckObj
__vbaI2Abs
__vbaI2Cy
__vbaI2ErrVar
__vbaI2ForNextCheck
__vbaI2I4
__vbaI2Sgn
__vbaI2Str
__vbaI2Var
__vbaI4Abs
__vbaI4Cy
__vbaI4ErrVar
__vbaI4ForNextCheck
__vbaI4Sgn
__vbaI4Str
__vbaI4Var
__vbaInStr
__vbaInStrB
__vbaInStrVar
__vbaInStrVarB
__vbaInputFile
__vbaLateIdCall
__vbaLateIdCallLd
__vbaLateIdCallSt
__vbaLateIdNamedCall
__vbaLateIdNamedCallLd
__vbaLateIdNamedCallSt
__vbaLateIdNamedStAd
__vbaLateIdSt
__vbaLateIdStAd
__vbaLateMemCall
__vbaLateMemCallLd
__vbaLateMemCallSt
__vbaLateMemNamedCall
__vbaLateMemNamedCallLd
__vbaLateMemNamedCallSt
__vbaLateMemNamedStAd
__vbaLateMemSt
__vbaLateMemStAd
__vbaLbound
__vbaLenBstr
__vbaLenBstrB
__vbaLenVar
__vbaLenVarB
__vbaLineInputStr
__vbaLineInputVar
__vbaLsetFixstr
__vbaLsetFixstrFree
__vbaMidStmtBstr
__vbaMidStmtBstrB
__vbaMidStmtVar
__vbaMidStmtVarB
__vbaNameFile
__vbaNew
__vbaNew2
__vbaNextEachAry
__vbaNextEachCollAd
__vbaNextEachCollObj
__vbaNextEachCollVar
__vbaNextEachVar
__vbaObjAddref
__vbaObjIs
__vbaObjSet
__vbaObjSetAddref
__vbaObjVar
__vbaOnError
__vbaOnGoCheck
__vbaPowerR8
__vbaPrintFile
__vbaPrintObj
__vbaPut3
__vbaPut4
__vbaPutFxStr3
__vbaPutFxStr4
__vbaPutOwner3
__vbaPutOwner4
__vbaR4Cy
__vbaR4ErrVar
__vbaR4ForNextCheck
__vbaR4Sgn
__vbaR4Str
__vbaR4Var
__vbaR8Cy
__vbaR8ErrVar
__vbaR8FixI2
__vbaR8FixI4
__vbaR8ForNextCheck
__vbaR8IntI2
__vbaR8IntI4
__vbaR8Sgn
__vbaR8Str
__vbaR8Var
__vbaRaiseEvent
__vbaRecAnsiToUni
__vbaRecAssign
__vbaRecDestruct
__vbaRecDestructAnsi
__vbaRecUniToAnsi
__vbaRedim
__vbaRedimPreserve
__vbaRedimPreserveVar
__vbaRedimVar
__vbaRefVarAry
__vbaResume
__vbaRsetFixstr
__vbaRsetFixstrFree
__vbaSetSystemError
__vbaStopExe
__vbaStr2Vec
__vbaStrAryToAnsi
__vbaStrAryToUnicode
__vbaStrBool
__vbaStrCat
__vbaStrCmp
__vbaStrComp
__vbaStrCompVar
__vbaStrCopy
__vbaStrCy
__vbaStrDate
__vbaStrErrVarCopy
__vbaStrFixstr
__vbaStrI2
__vbaStrI4
__vbaStrLike
__vbaStrMove
__vbaStrR4
__vbaStrR8
__vbaStrTextCmp
__vbaStrTextLike
__vbaStrToAnsi
__vbaStrToUnicode
__vbaStrUI1
__vbaStrVarCopy
__vbaStrVarMove
__vbaStrVarVal
__vbaUI1Cy
__vbaUI1ErrVar
__vbaUI1I2
__vbaUI1I4
__vbaUI1Sgn
__vbaUI1Str
__vbaUI1Var
__vbaUbound
__vbaUnkVar
__vbaVar2Vec
__vbaVarAbs
__vbaVarAdd
__vbaVarAnd
__vbaVarCat
__vbaVarCmpEq
__vbaVarCmpGe
__vbaVarCmpGt
__vbaVarCmpLe
__vbaVarCmpLt
__vbaVarCmpNe
__vbaVarCopy
__vbaVarDateVar
__vbaVarDiv
__vbaVarDup
__vbaVarEqv
__vbaVarErrI4
__vbaVarFix
__vbaVarForInit
__vbaVarForNext
__vbaVarIdiv
__vbaVarImp
__vbaVarIndexLoad
__vbaVarIndexLoadRef
__vbaVarIndexLoadRefLock
__vbaVarIndexStore
__vbaVarIndexStoreObj
__vbaVarInt
__vbaVarLike
__vbaVarLikeVar
__vbaVarMod
__vbaVarMove
__vbaVarMul
__vbaVarNeg
__vbaVarNot
__vbaVarOr
__vbaVarPow
__vbaVarSetObj
__vbaVarSetObjAddref
__vbaVarSetUnk
__vbaVarSetUnkAddref
__vbaVarSetVar
__vbaVarSetVarAddref
__vbaVarSub
__vbaVarTextCmpEq
__vbaVarTextCmpGe
__vbaVarTextCmpGt
__vbaVarTextCmpLe
__vbaVarTextCmpLt
__vbaVarTextCmpNe
__vbaVarTextLike
__vbaVarTextLikeVar
__vbaVarTextTstEq
__vbaVarTextTstGe
__vbaVarTextTstGt
__vbaVarTextTstLe
__vbaVarTextTstLt
__vbaVarTextTstNe
__vbaVarTstEq
__vbaVarTstGe
__vbaVarTstGt
__vbaVarTstLe
__vbaVarTstLt
__vbaVarTstNe
__vbaVarVargNofree
__vbaVarXor
__vbaVargObj
__vbaVargObjAddref
__vbaVargParmRef
__vbaVargUnk
__vbaVargUnkAddref
__vbaVargVar
__vbaVargVarCopy
__vbaVargVarMove
__vbaVargVarRef
__vbaVerifyVarObj
__vbaWriteFile
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_allmul
rtBoolFromErrVar
rtBstrFromErrVar
rtCyFromErrVar
rtDecFromVar
rtI2FromErrVar
rtI4FromErrVar
rtR4FromErrVar
rtR8FromErrVar
rtUI1FromErrVar
rtcAbsVar
rtcAnsiValueBstr
rtcAppActivate
rtcAppleScript
rtcArray
rtcAtn
rtcBeep
rtcBstrFromAnsi
rtcBstrFromByte
rtcBstrFromChar
rtcBstrFromError
rtcBstrFromFormatVar
rtcByteValueBstr
rtcCVErrFromVar
rtcChangeDir
rtcChangeDrive
rtcCharValueBstr
rtcChoose
rtcCommandBstr
rtcCommandVar
rtcCompareBstr
rtcCos
rtcCreateObject
rtcCurrentDir
rtcCurrentDirBstr
rtcDDB
rtcDateAdd
rtcDateDiff
rtcDateFromVar
rtcDatePart
rtcDeleteSetting
rtcDir
rtcDoEvents
rtcEndOfFile
rtcEnvironBstr
rtcEnvironVar
rtcErrObj
rtcExp
rtcFV
rtcFileAttributes
rtcFileCopy
rtcFileDateTime
rtcFileLen
rtcFileLength
rtcFileLocation
rtcFileReset
rtcFileSeek
rtcFileWidth
rtcFixVar
rtcFreeFile
rtcGetAllSettings
rtcGetCurrentCalendar
rtcGetDateBstr
rtcGetDateValue
rtcGetDateVar
rtcGetDayOfMonth
rtcGetDayOfWeek
rtcGetErl
rtcGetFileAttr
rtcGetHostLCID
rtcGetHourOfDay
rtcGetMinuteOfHour
rtcGetMonthOfYear
rtcGetObject
rtcGetPresentDate
rtcGetSecondOfMinute
rtcGetSetting
rtcGetTimeBstr
rtcGetTimeValue
rtcGetTimeVar
rtcGetTimer
rtcGetYear
rtcHexBstrFromVar

Sections

.text
Size: 1008KB - Virtual size: 1007KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ENGINE
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MV.EXE
.exe windows x86

dee1a3da3a080f1b7f3a785f71f41fba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetFileAttributesA
SetFileTime
GetFileTime
FindClose
FindFirstFileA
FindNextFileA
GetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
GetLastError
DeleteFileA
MoveFileA
CloseHandle
SetStdHandle
GetFileType
WriteFile
ReadFile
CreateFileA
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
HeapAlloc
HeapReAlloc
HeapFree
SetHandleCount
SetFileAttributesA
GetStartupInfoA
MultiByteToWideChar
LCMapStringA
WideCharToMultiByte
LCMapStringW
FlushFileBuffers
SetFilePointer
SetEndOfFile
RtlUnwind
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
VirtualAlloc
GetStringTypeA
GetStringTypeW
GetProcAddress
LoadLibraryA

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 951B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MVDIR.EXE
NEWS.EXE
NICE.EXE
.exe windows x86

7d97352d50d8bd05a5e5e52f75d505f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetFileType
SetPriorityClass
OpenProcess
GetVersion
GetEnvironmentStrings
GetCommandLineA
GetStringTypeW
MultiByteToWideChar
ExitProcess
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
CloseHandle
GetStdHandle
GetStartupInfoA
VirtualFree
VirtualAlloc
WriteFile
WideCharToMultiByte
GetLastError
FlushFileBuffers
SetFilePointer
SetStdHandle

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 858B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OD.EXE
.exe windows x86

ca15978f841c911f4478237f1bca27ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

_fstat
_getcwd
_isatty
_open
_read
_close
_strdup
_assert
_cexit
_errno
_fileno
_fmode
_fpreset
_iob
_setmode
__getmainargs
_stricmp
_strnicmp
_wcsicmp
abort
atexit
bsearch
calloc
exit
fclose
feof
ferror
fflush
fgetc
fgets
fopen
fprintf
fputs
fread
free
fseek
getenv
isalnum
isalpha
isdigit
isprint
isspace
__p__environ
malloc
memcpy
memset
printf
putc
putchar
puts
qsort
realloc
setlocale
signal
sprintf
strchr
strcmp
strerror
strncmp
strtoul
tolower
vfprintf
__set_app_type

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PASSWD.EXE
PASTE.EXE
PKUNZIP.EXE
.ps1
PKZIP.EXE
PR.EXE
.exe windows x86

686dbb2a2b8ce2c637ab51d9e23bd259

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
FindFirstFileA
FindNextFileA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
GetLastError
WriteFile
HeapAlloc
HeapReAlloc
HeapFree
CloseHandle
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
SetFilePointer
FlushFileBuffers
RtlUnwind
UnhandledExceptionFilter
FreeEnvironmentStringsA
MultiByteToWideChar
FindClose
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
VirtualAlloc
LCMapStringA
LCMapStringW
SetStdHandle
CreateFileA
ReadFile
GetStringTypeA
GetStringTypeW
GetProcAddress
LoadLibraryA
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1023B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PS.EXE
.exe windows x86

c7b4c34aac4462dea5900e91908f3c22

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

UnhandledExceptionFilter
RtlUnwind
SetStdHandle
FileTimeToSystemTime
CloseHandle
GetProcessTimes
GetPriorityClass
OpenProcess
GetVersion
GetEnvironmentStrings
GetCommandLineA
ExitProcess
FlushFileBuffers
SetFilePointer
GetModuleFileNameA
GetFileType
GetStdHandle
GetStartupInfoA
VirtualFree
VirtualAlloc
WriteFile
WideCharToMultiByte
GetLastError

user32

EnumWindows
GetWindowThreadProcessId
GetWindowTextA

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 774B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 854B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PWD.EXE
PsExec64.exe
.exe windows x64

23ec691d842c955a20a733a38e68ed25

Code Sign

33:00:00:01:df:6b:f0:2e:92:a7:4a:b4:d0:00:00:00:00:01:df
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/12/2020, 21:31

Not After

02/12/2021, 21:31

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:d4:76:40:11:21:77:7d:86:21:dc:79:0e:7a:c1:72:68:7e:8a:e8:88:ac:99:ed:d8:e3:55:7e:fb:14:33:07
Signer

Actual PE Digest

0f:d4:76:40:11:21:77:7d:86:21:dc:79:0e:7a:c1:72:68:7e:8a:e8:88:ac:99:ed:d8:e3:55:7e:fb:14:33:07

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

netapi32

NetServerEnum
NetApiBufferFree

ws2_32

gethostbyname
WSAStartup
gethostname
inet_ntoa

mpr

WNetAddConnection2W
WNetCancelConnection2W

kernel32

CreateEventW
GetEnvironmentVariableW
GetFullPathNameW
SetFileAttributesW
GetFileAttributesW
CopyFileW
WaitNamedPipeW
SetConsoleCtrlHandler
SetConsoleTitleW
ReadConsoleW
TransactNamedPipe
SetProcessAffinityMask
FindFirstFileExA
FindClose
WaitForSingleObjectEx
OutputDebugStringW
OutputDebugStringA
GetConsoleCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
SetNamedPipeHandleState
DisconnectNamedPipe
DuplicateHandle
GetFileTime
WaitForMultipleObjects
GetExitCodeProcess
ResumeThread
FindNextFileA
GetCurrentProcessId
GetVersion
GetCurrentThread
ReadFile
GetConsoleScreenBufferInfo
MultiByteToWideChar
VerifyVersionInfoW
GetComputerNameW
DeleteFileW
CreateFileW
GetSystemDirectoryW
FindResourceW
ConnectNamedPipe
FormatMessageA
GetTickCount
CloseHandle
WriteFile
SizeofResource
LoadResource
RtlUnwind
Sleep
WaitForSingleObject
SetEvent
GetLastError
GetCurrentProcess
FreeLibrary
LockResource
VerSetConditionMask
SetPriorityClass
GetModuleFileNameW
GetCommandLineW
GetModuleHandleW
GetStdHandle
GetFileType
LocalFree
LocalAlloc
GetProcAddress
GetVersionExW
LoadLibraryExW
SetLastError
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetProcessHeap
WriteConsoleW
SetFilePointerEx
HeapSize
HeapReAlloc
SetEndOfFile
FindFirstFileExW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwindEx
InterlockedPushEntrySList
InterlockedFlushSList
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
RaiseException
RtlPcToFileHeader
ExitProcess
GetModuleHandleExW
GetConsoleMode
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
SetConsoleMode
SetStdHandle
CreateThread
ExitThread
FreeLibraryAndExitThread
GetStringTypeW
GetModuleFileNameA
WideCharToMultiByte
GetCommandLineA
GetACP
HeapFree
HeapAlloc
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW

user32

GetDlgItem
EndDialog
SetWindowTextW
SendMessageW
SetCursor
GetSysColorBrush
LoadStringW
InflateRect
LoadCursorW
DialogBoxIndirectParamW

gdi32

StartPage
EndDoc
StartDocW
SetMapMode
GetDeviceCaps
EndPage

comdlg32

PrintDlgW

advapi32

SetEntriesInAclW
CreateProcessAsUserW
OpenThreadToken
ImpersonateNamedPipeClient
CryptHashData
CryptCreateHash
CryptDecrypt
CryptEncrypt
CryptImportKey
CryptExportKey
CryptDestroyKey
CryptDeriveKey
CryptGenKey
CryptReleaseContext
CryptAcquireContextW
StartServiceW
QueryServiceStatus
OpenServiceW
OpenSCManagerW
DeleteService
CreateServiceW
ControlService
CloseServiceHandle
RegConnectRegistryW
ImpersonateLoggedOnUser
LogonUserW
AdjustTokenPrivileges
OpenProcessToken
RevertToSelf
LsaEnumerateAccountRights
LsaOpenPolicy
LsaClose
LsaFreeMemory
SetSecurityInfo
GetSecurityInfo
LookupPrivilegeValueW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAce
GetAce
AddAce
InitializeAcl
GetLengthSid
FreeSid
AllocateAndInitializeSid
SetTokenInformation
GetTokenInformation
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyW
RegCreateKeyW
RegCloseKey

Sections

.text
Size: 409KB - Virtual size: 408KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 486KB - Virtual size: 486KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RM.EXE
.exe windows x86

1440bd17c732be997dc5f4899955f563

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
GetFileAttributesA
FindClose
FindFirstFileA
FindNextFileA
GetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
GetLastError
DeleteFileA
RemoveDirectoryA
SetEnvironmentVariableA
SetCurrentDirectoryA
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
WriteFile
HeapAlloc
HeapReAlloc
HeapFree
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
MultiByteToWideChar
SetFileAttributesA
WideCharToMultiByte
LCMapStringW
ReadFile
FlushFileBuffers
SetFilePointer
RtlUnwind
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
VirtualAlloc
GetStringTypeA
GetStringTypeW
SetStdHandle
GetProcAddress
LoadLibraryA
CloseHandle

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 951B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SED.EXE
.exe windows x86

8f3e07b1049bd83e24c2eb26fa5f82fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

_fileno
_isatty
__getmainargs
__p__environ
__set_app_type
_cexit
_errno
_fileno
_fmode
_fpreset
_iob
_setmode
abort
atexit
clearerr
exit
fclose
feof
ferror
fflush
fopen
fprintf
fputs
fread
free
ftell
fwrite
getc
getenv
isalnum
isalpha
iscntrl
isdigit
islower
isprint
ispunct
isspace
isupper
isxdigit
malloc
memchr
memcpy
memmove
printf
putc
realloc
signal
sprintf
strcmp
strcpy
strerror
strncmp
tolower
ungetc
vfprintf

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 380B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 560B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SH.EXE
SLEEP.EXE
.exe windows x86

8dda5c269442cf4bfc611c195e8a20c4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
Sleep
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
GetStringTypeA
GetStringTypeW
HeapFree
HeapAlloc
VirtualAlloc
GetProcAddress
LoadLibraryA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 831B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 858B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SPLIT.EXE
STRINGS.EXE
.exe windows x86

2df4daeade680d24015da51d9f0e0937

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
FindFirstFileA
FindNextFileA
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
GetLastError
WriteFile
HeapAlloc
HeapReAlloc
HeapFree
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
CloseHandle
GetStringTypeA
WideCharToMultiByte
GetStringTypeW
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
VirtualAlloc
LCMapStringA
LCMapStringW
FlushFileBuffers
SetStdHandle
CreateFileA
GetProcAddress
LoadLibraryA
SetEndOfFile

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 951B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SUM.EXE
TAC.EXE
TAIL.EXE
.exe windows x86

c64fd2e23cff0a336f8eb4a43944d4d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

_fstat
_getcwd
_isatty
_lseek
_open
_read
_close
_sleep
_strdup
_assert
_cexit
_errno
_fileno
_fmode
_fpreset
_iob
_setmode
__getmainargs
_stricmp
_strnicmp
_wcsicmp
abort
atexit
bsearch
calloc
exit
fclose
feof
ferror
fflush
fgets
fopen
fprintf
fputs
free
fwrite
getenv
isalnum
isalpha
isdigit
isprint
isspace
__p__environ
malloc
memcpy
memset
printf
putc
puts
qsort
realloc
setlocale
setvbuf
signal
strchr
strcmp
strerror
strncmp
strncpy
strtoul
tolower
vfprintf
__set_app_type

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
TAR.EXE
.exe windows x86

ec167e566cc098c0ffc5b587af9195e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CloseHandle
DuplicateHandle
ExitProcess
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
GetCurrentDirectoryA
GetCurrentProcess
GetDriveTypeA
GetFileAttributesA
GetFileType
GetLastError
GetLocalTime
GetLogicalDrives
GetTimeZoneInformation
SetCurrentDirectoryA
SetFileAttributesA
SetStdHandle
GetStringTypeW
MultiByteToWideChar
SetFilePointer
CreateDirectoryA
GetStartupInfoA
GetStdHandle
CreateFileA
SetEndOfFile
SetEnvironmentVariableA
ReadFile
RemoveDirectoryA
CreateProcessA
GetExitCodeProcess
WaitForSingleObject
DeleteFileA
SetFileTime
SystemTimeToFileTime
WriteFile
GetProcessHeap
HeapAlloc
HeapFree
GetCommandLineA
GetEnvironmentStrings
GetVersion
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
SetConsoleCtrlHandler
HeapReAlloc
MoveFileA
GetSystemTime
LCMapStringW
WideCharToMultiByte

Sections

.text
Size: 102KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 15KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.debug
Size: 43KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TEE.EXE
.exe windows x86

154a3e3be799e1bcabf04dac8419cf6f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostname

msvcrt

strncmp
strcmp
strlen
malloc
_sys_nerr
getenv
signal
calloc
realloc
strchr
strncpy
_strlwr
_stat
sprintf
_sys_errlist
_exit
_XcptFilter
__p___initenv
__getmainargs
fflush
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
putc
free
_iob
fprintf
exit
printf
_errno
_fstat
_get_osfhandle
_initterm
_write
_unlink
_close
_read
_open
_utime
_mktemp
_access
_chsize

kernel32

GetFileInformationByHandle
CreateFileA
CreateProcessA
GetCurrentProcessId
OpenProcess
TerminateProcess
CloseHandle
GetExitCodeProcess
GetVersion
GetFullPathNameA
Sleep

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
TEST.EXE
TOUCH.EXE
.exe windows x86

8c128fc51c3dea8f89e4fdffa23fe1b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
DosDateTimeToFileTime
GetFileTime
GetLastError
GetSystemTime
FindClose
FindFirstFileA
FindNextFileA
CloseHandle
SetStdHandle
GetFileType
CreateFileA
GetFileAttributesA
ExitProcess
TerminateProcess
GetCurrentProcess
GetTimeZoneInformation
GetLocalTime
GetCommandLineA
GetVersion
WriteFile
HeapAlloc
HeapReAlloc
HeapFree
SetHandleCount
GetStdHandle
GetStartupInfoA
SetFilePointer
SetEndOfFile
SetFileTime
WideCharToMultiByte
GetStringTypeA
GetStringTypeW
MultiByteToWideChar
RtlUnwind
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
VirtualAlloc
LCMapStringA
LCMapStringW
FlushFileBuffers
GetProcAddress
LoadLibraryA
CompareStringA
CompareStringW
SetEnvironmentVariableA

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1023B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TR.EXE
.exe windows x86

a2a36ce7306665437bf19328721dcfef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

_fstat
_getcwd
_isatty
_open
_read
_close
_strdup
_assert
_cexit
_errno
_fileno
_fmode
_fpreset
_iob
_setmode
__getmainargs
_stricmp
_strnicmp
_wcsicmp
abort
atexit
bsearch
calloc
exit
fclose
feof
ferror
fflush
fgets
fopen
fprintf
fputs
free
fwrite
getenv
isalnum
isalpha
iscntrl
isdigit
islower
isprint
ispunct
isspace
isupper
__p__environ
isxdigit
malloc
memcpy
printf
putc
puts
qsort
realloc
setlocale
signal
sprintf
strchr
strcmp
strerror
strncmp
tolower
toupper
vfprintf
__set_app_type

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
TreeSizeFree.chm
.chm
UDATE.EXE
.exe windows x86

f48db20d788661eb8bf99dfc0d4970f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCurrentProcessId
SetUnhandledExceptionFilter

msvcrt

_fstat
_getcwd
_open
_read
_close
_stat
_strdup
_tzname
_tzset
_cexit
_errno
_fileno
_fmode
_fpreset
_iob
_setmode
__getmainargs
_stricmp
_strnicmp
_wcsicmp
abort
atexit
bsearch
calloc
exit
fclose
feof
ferror
fflush
fgets
fopen
fprintf
free
getc
getenv
gmtime
isalnum
isalpha
isdigit
isspace
isupper
__p__environ
localtime
malloc
memcpy
mktime
printf
putc
puts
qsort
realloc
setlocale
signal
sprintf
strchr
strcmp
strerror
strncmp
time
tolower
vfprintf
__set_app_type

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UNIQ.EXE
UNZIPSFX.EXE
.exe windows x86

fa64ca29fb1c7926614b71f0a825f8fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetFileType
GetLastError
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFileAttributesA
CloseHandle
SetFileTime
CreateFileA
GetDriveTypeA
GetFullPathNameA
_lclose
OpenFile
SetVolumeLabelA
GetVolumeInformationA
GetVersion
GetEnvironmentStrings
GetCommandLineA
SetConsoleCtrlHandler
ExitProcess
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
GetStringTypeW
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
GetTimeZoneInformation
GetStdHandle
GetStartupInfoA
VirtualFree
VirtualAlloc
WriteFile
FlushFileBuffers
SetFilePointer
SetStdHandle
ReadFile
SetEndOfFile
FindClose
FileTimeToSystemTime
FindFirstFileA
SetConsoleMode
ReadConsoleInputA
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
GetFileAttributesA
CreateDirectoryA
GetCurrentDirectoryA
SetCurrentDirectoryA
WriteConsoleA
GetLogicalDrives
SetEnvironmentVariableA

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UPTIME.EXE
.exe windows x86

563d73fcdc9da536cb35f75165ea9dcb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

advapi32

GetUserNameA

kernel32

GetFileType
GetStartupInfoA
GetLocalTime
GetEnvironmentStrings
GetCommandLineA
GetVersion
ExitProcess
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
GetACP
GetOEMCP
GetCPInfo
GetStdHandle
ReadFile
CloseHandle
VirtualFree
VirtualAlloc
WriteFile
GetLastError
FlushFileBuffers
MultiByteToWideChar
SetFilePointer
SetStdHandle
WideCharToMultiByte
GetProcAddress
GetModuleHandleA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 854B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UTIME.EXE
UXDOSBUF.COM
UXDOSINT.COM
VDIR.EXE
WC.EXE
.exe windows x86

2df4daeade680d24015da51d9f0e0937

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
FindFirstFileA
FindNextFileA
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
GetLastError
WriteFile
HeapAlloc
HeapReAlloc
HeapFree
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
CloseHandle
GetStringTypeA
WideCharToMultiByte
GetStringTypeW
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
VirtualAlloc
LCMapStringA
LCMapStringW
FlushFileBuffers
SetStdHandle
CreateFileA
GetProcAddress
LoadLibraryA
SetEndOfFile

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 951B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WHICH.EXE
.exe windows x86

b297bfe9f7bfe2e3fef1af0b86dd4a0c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
LocalAlloc
FindClose
FindFirstFileA
GetEnvironmentVariableA
GetEnvironmentStrings
GetCommandLineA
GetVersion
ExitProcess
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
GetACP
GetOEMCP
LocalFree
GetStdHandle
GetFileType
GetStartupInfoA
VirtualFree
VirtualAlloc
WriteFile
WideCharToMultiByte
GetLastError
FlushFileBuffers
SetFilePointer
SetStdHandle
CloseHandle

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 129B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 722B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WHOAMI.EXE
.exe windows x86

ba86922105f9733014ebcdee5e2d46db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetUserNameA

kernel32

GetCommandLineA
GetVersion
ExitProcess
GetEnvironmentStrings
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
GetACP
GetOEMCP
GetCPInfo
GetStdHandle
GetFileType
GetStartupInfoA
VirtualFree
VirtualAlloc
WriteFile
GetLastError
FlushFileBuffers
CloseHandle
ReadFile
SetFilePointer
SetStdHandle

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 994B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ZIP.EXE
.exe windows x86

81184a9f7e2b304efdf1fcfabdac9864

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
InitializeCriticalSection
ReleaseMutex
WaitForSingleObject
CloseHandle
InterlockedExchange
CreateMutexA
HeapFree
HeapAlloc
GetProcessHeap
GetLastError
CreateFileA
GetCurrentProcess
GetVolumeInformationW
GetFileAttributesA
GetFileAttributesW
SetFileAttributesW
LeaveCriticalSection
lstrlenA
FindFirstFileA
GetVersion
GetFileType
GetFileTime
GetFullPathNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
CreateFileW
GetFullPathNameW
ReadFile
SetConsoleMode
GetConsoleMode
WideCharToMultiByte
MultiByteToWideChar
FindFirstFileW
FindNextFileW
FindNextFileA
GetDriveTypeA
lstrcmpiA
GetVolumeInformationA
SetFileAttributesA
FindClose
SetStdHandle
GetCurrentDirectoryA
SetEnvironmentVariableW
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetDriveTypeW
ExitProcess
TerminateProcess
MoveFileA
lstrcpynA
HeapReAlloc
SetFilePointer
GetFileInformationByHandle
PeekNamedPipe
SetConsoleCtrlHandler
DuplicateHandle
GetCommandLineA
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
FlushFileBuffers
WriteFile
SetHandleCount
GetStdHandle
GetStartupInfoA
LCMapStringA
LCMapStringW
RemoveDirectoryA
GetEnvironmentStrings
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
CreatePipe
GetExitCodeProcess
GetProcAddress
SetEndOfFile
FreeEnvironmentStringsA
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetEnvironmentStringsW
RtlUnwind
GetCurrentDirectoryW
GetACP
GetOEMCP
CompareStringA
CompareStringW
GetCurrentProcessId
CreateProcessA
LoadLibraryA
GetLocaleInfoW
DeleteFileA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime

user32

OemToCharA
CharToOemA

advapi32

GetSecurityDescriptorLength
GetKernelObjectSecurity
AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueA

Sections

.text
Size: 200KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 383KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ZIPCLOAK.EXE
.exe windows x86

b6b7af2bf2b7efe9cd3116eb20ce797b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
FindFirstFileA
FindNextFileA
FindClose
GetVolumeInformationA
CloseHandle
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileTime
CreateFileA
GetEnvironmentStrings
GetCommandLineA
GetVersion
ExitProcess
GetLastError
MoveFileA
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
GetACP
GetOEMCP
GetCPInfo
GetStdHandle
GetFileType
GetStartupInfoA
VirtualFree
GetFileAttributesA
WriteFile
SetFilePointer
ReadFile
GetTimeZoneInformation
WideCharToMultiByte
GetProcAddress
GetModuleHandleA
MultiByteToWideChar
FlushFileBuffers
SetStdHandle
SetEndOfFile
SetEnvironmentVariableA
FileTimeToSystemTime
GetDriveTypeA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetFileInformationByHandle
RemoveDirectoryA
DeleteFileA
SetFileAttributesA
GetCurrentDirectoryA
GetLocalTime
GetCurrentProcessId
GetFullPathNameA
GetLogicalDrives

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 307KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ZIPNOTE.EXE
.exe windows x86

7583166c17fdb82c596c6033185044c3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
FindFirstFileA
FindNextFileA
FindClose
GetVolumeInformationA
CloseHandle
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileTime
CreateFileA
GetEnvironmentStrings
GetCommandLineA
GetVersion
ExitProcess
GetLastError
MoveFileA
SetConsoleCtrlHandler
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
GetACP
GetOEMCP
GetCPInfo
GetStdHandle
GetFileType
GetStartupInfoA
VirtualFree
GetFileAttributesA
WriteFile
SetFilePointer
ReadFile
GetTimeZoneInformation
WideCharToMultiByte
GetProcAddress
GetModuleHandleA
MultiByteToWideChar
FlushFileBuffers
SetStdHandle
SetEndOfFile
SetEnvironmentVariableA
FileTimeToSystemTime
GetDriveTypeA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetFileInformationByHandle
RemoveDirectoryA
DeleteFileA
SetFileAttributesA
GetCurrentDirectoryA
GetLocalTime
GetCurrentProcessId
GetFullPathNameA
GetLogicalDrives

Sections

.text
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 307KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ZIPSPLIT.EXE
.exe windows x86

7583166c17fdb82c596c6033185044c3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
FindFirstFileA
FindNextFileA
FindClose
GetVolumeInformationA
CloseHandle
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileTime
CreateFileA
GetEnvironmentStrings
GetCommandLineA
GetVersion
ExitProcess
GetLastError
MoveFileA
SetConsoleCtrlHandler
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
GetACP
GetOEMCP
GetCPInfo
GetStdHandle
GetFileType
GetStartupInfoA
VirtualFree
GetFileAttributesA
WriteFile
SetFilePointer
ReadFile
GetTimeZoneInformation
WideCharToMultiByte
GetProcAddress
GetModuleHandleA
MultiByteToWideChar
FlushFileBuffers
SetStdHandle
SetEndOfFile
SetEnvironmentVariableA
FileTimeToSystemTime
GetDriveTypeA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetFileInformationByHandle
RemoveDirectoryA
DeleteFileA
SetFileAttributesA
GetCurrentDirectoryA
GetLocalTime
GetCurrentProcessId
GetFullPathNameA
GetLogicalDrives

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 307KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
blat.dll
.dll windows x64

761abbf7743e86e5cb0b712381bdac1a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

wsock32

gethostname
send
select
recv
htons
getservbyname
ioctlsocket
gethostbyname
socket
setsockopt
connect
WSAGetLastError
inet_ntoa
getsockopt
WSACleanup
WSAStartup
closesocket
ntohl
htonl

kernel32

SetEnvironmentVariableA
CompareStringW
GetProcessHeap
SetEndOfFile
WriteConsoleW
SetStdHandle
CloseHandle
CreateFileW
GetFileType
GetFileSize
ReadFile
WideCharToMultiByte
WriteFile
GetStdHandle
GetLastError
GetVersionExW
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
GetEnvironmentVariableW
GetVersion
MultiByteToWideChar
GetProcAddress
FreeLibrary
LoadLibraryW
Sleep
GetComputerNameW
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
lstrcmpiW
GetModuleHandleW
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
HeapFree
RtlLookupFunctionEntry
RtlUnwindEx
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
ExitProcess
DecodePointer
GetCurrentThreadId
FlsSetValue
GetCommandLineA
RaiseException
RtlPcToFileHeader
HeapReAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
EncodePointer
TerminateProcess
GetCurrentProcess
HeapSetInformation
HeapCreate
HeapDestroy
FlsGetValue
FlsFree
SetLastError
FlsAlloc
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
DeleteCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
LCMapStringW
GetStringTypeW
HeapSize

advapi32

RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegDeleteValueW
RegCloseKey
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW

Exports

Exports

Blat
BlatA
BlatW
Send
SendA
SendW
SetPrintFunc
SetPrintFuncA
SetPrintFuncW
SetProcessDataProc
SetProcessDataProcW
cSend
cSendA
cSendW

Sections

.text
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
blat.exe
.exe windows x64

549cada8fef7397ea8a36e29810b5682

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

wsock32

gethostname
send
select
recv
htons
getservbyname
ioctlsocket
gethostbyname
socket
setsockopt
connect
WSAGetLastError
inet_ntoa
getsockopt
WSACleanup
WSAStartup
closesocket
ntohl
htonl

kernel32

SetEnvironmentVariableA
CompareStringW
GetProcessHeap
SetEndOfFile
WriteConsoleW
SetStdHandle
CloseHandle
CreateFileW
GetFileType
GetFileSize
ReadFile
WriteFile
GetStdHandle
GetLastError
GetVersionExW
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
GetEnvironmentVariableW
GetVersion
GetProcAddress
FreeLibrary
LoadLibraryW
Sleep
GetComputerNameW
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
lstrcmpiW
GetModuleHandleW
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
HeapFree
RtlLookupFunctionEntry
RtlUnwindEx
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
ExitProcess
DecodePointer
GetCommandLineW
RaiseException
RtlPcToFileHeader
HeapReAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
EncodePointer
TerminateProcess
GetCurrentProcess
WideCharToMultiByte
HeapSetInformation
HeapCreate
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetStartupInfoW
DeleteCriticalSection
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
LCMapStringW
GetStringTypeW
MultiByteToWideChar
HeapSize

advapi32

RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegDeleteValueW
RegCloseKey
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW

Sections

.text
Size: 222KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
blat.lib
bzip2.exe
.exe windows x86

4f73a1e4f7bd34da504286f8ffc3421e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

_chmod
_fdopen
_fileno
_isatty
_setmode
_utime
__getmainargs
__p__environ
__set_app_type
_cexit
_errno
_fileno
_fmode
_fpreset
_iob
_setmode
_stat
atexit
exit
fclose
ferror
fflush
fgetc
fopen
fprintf
fread
free
fwrite
getenv
isdigit
isspace
malloc
memset
perror
remove
rewind
signal
strcat
strcmp
strcpy
strerror
strncmp
strncpy
strstr
ungetc

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
bzip2recover.exe
.exe windows x86

a673b9ed8f5a6388b489a933a7cab1b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

__getmainargs
__p__environ
__set_app_type
_cexit
_errno
_fileno
_fmode
_fpreset
_iob
_setmode
atexit
exit
fclose
fflush
fopen
fprintf
free
getc
malloc
perror
putc
signal
sprintf
strcat
strcpy
strrchr

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
capture.exe
.exe windows x86

bb2dcaeae457b112355be56ce420918f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
LCMapStringW
CompareStringA
LCMapStringA
CompareStringW
SetEnvironmentVariableA
LoadResource
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
lstrcpyA
IsBadWritePtr
IsBadCodePtr
GetShortPathNameA
CloseHandle
lstrlenA
lstrcmpA
MulDiv
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
lstrcpynA
GetFileAttributesA
GlobalAlloc
GetProfileStringA
IsBadReadPtr
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetStdHandle
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetTimeZoneInformation
HeapSize
HeapReAlloc
GetOEMCP
GetACP
GetCPInfo
TerminateProcess
ExitProcess
RaiseException
HeapFree
HeapAlloc
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
GetCurrentDirectoryA
SizeofResource
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
LocalFree
LocalAlloc
GlobalFlags
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SystemTimeToFileTime
GlobalLock
GetVersion
LocalFileTimeToFileTime
GetFileSize
GetModuleFileNameA
GetProcessVersion
SetLastError
lstrcmpiA
GetThreadLocale
GlobalUnlock
GetStringTypeExA
GetVolumeInformationA
FindFirstFileA
FindClose
LoadLibraryA
GetProcAddress
FreeLibrary
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
GlobalDeleteAtom
GetCurrentThread
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalFree
LockResource
FindResourceA
GetCurrentThreadId
GetLocaleInfoW
SetStdHandle

user32

IsDialogMessageA
IsZoomed
OffsetRect
ClientToScreen
PtInRect
IntersectRect
SetParent
IsRectEmpty
AppendMenuA
DeleteMenu
GetSystemMenu
WindowFromPoint
SetRect
PostQuitMessage
ShowOwnedPopups
wvsprintfA
DestroyCursor
FillRect
CharUpperA
GetSysColorBrush
LoadStringA
GetClassNameA
InflateRect
SetCapture
InvertRect
GetDCEx
LockWindowUpdate
InsertMenuA
GetMenuStringA
DestroyIcon
GetTabbedTextExtentA
SetDlgItemTextA
SendDlgItemMessageA
SystemParametersInfoA
MapWindowPoints
GetSysColor
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScreenToClient
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
RegisterClassA
SetWindowPlacement
GetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
SetPropA
UnhookWindowsHookEx
GetForegroundWindow
SetForegroundWindow
GetPropA
RemovePropA
CallWindowProcA
GetMessagePos
RegisterWindowMessageA
EndDialog
CreateDialogIndirectParamA
DestroyWindow
GetLastActivePopup
IsIconic
EqualRect
SetWindowTextA
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
LoadIconA
GetClassInfoA
LoadMenuA
DestroyMenu
SetFocus
ShowWindow
IsWindowEnabled
GetWindow
GetCapture
ReleaseCapture
PostMessageA
LoadAcceleratorsA
SetRectEmpty
wsprintfA
GetMenuItemID
AdjustWindowRectEx
RedrawWindow
GetWindowLongA
IsWindow
SetWindowLongA
DefMDIChildProcA
DrawMenuBar
TranslateAcceleratorA
TranslateMDISysAccel
DefFrameProcA
CreateWindowExA
BringWindowToTop
GetMenu
GetMenuItemCount
GetSubMenu
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
GetCursorPos
SetWindowsHookExA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
IsWindowVisible
GetClientRect
SendMessageA
EnableWindow
LoadCursorA
SetCursor
GetSystemMetrics
GetDesktopWindow
ChildWindowFromPointEx
GetWindowRect
SetWindowPos
SetTimer
PeekMessageA
KillTimer
UpdateWindow
OpenClipboard
EmptyClipboard
SetClipboardData
MessageBoxA
CloseClipboard
GetDC
ReleaseDC
CopyRect
GetDlgCtrlID
GetDlgItem
InvalidateRect
GetMessageTime
UnregisterClassA
HideCaret
DrawFocusRect
ShowCaret
ExcludeUpdateRgn
CharNextA
DefDlgProcA
IsWindowUnicode

gdi32

GetObjectA
CreateCompatibleDC
CreatePen
GetDeviceCaps
GdiFlush
BitBlt
GetSystemPaletteEntries
SetBitmapBits
CreateBitmap
DeleteDC
StartDocA
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkColor
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
SetPixelV
DeleteObject
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextExtentPointA
GetTextMetricsA
StretchDIBits
PatBlt
Rectangle
DPtoLP
GetViewportOrgEx
AbortDoc
EndDoc
EndPage
StartPage
SetAbortProc
CreateDCA
LPtoDP
CreateFontIndirectA
CombineRgn
SetRectRgn
CreateRectRgnIndirect
GetNearestColor
GetBkColor
GetTextColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
GetTextFaceA
GetCharWidthA
GetWindowOrgEx
GetBitmapBits
CreateCompatibleBitmap
CreateDIBitmap

comdlg32

GetSaveFileNameA
GetOpenFileNameA
PrintDlgA
GetFileTitleA
CommDlgExtendedError

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

GetFileSecurityA
RegCloseKey
RegSetValueA
RegCreateKeyA
RegOpenKeyA
RegQueryValueA
RegDeleteKeyA
RegOpenKeyExA
SetFileSecurityA
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegQueryValueExA

shell32

ExtractIconA
SHGetFileInfoA
DragQueryFileA
DragFinish

comctl32

ImageList_Destroy
ord17

Sections

.text
Size: 209KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
chgrp.exe
.exe windows x86

a4ef8f2b1fc199c15d48004a0f6ee0d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

puts
malloc
strchr
getenv
bsearch
qsort
fclose
_pctype
_isctype
__mb_cur_max
fgets
fopen
tolower
putc
strerror
vfprintf
fflush
strncmp
strtoul
calloc
fprintf
_iob
_strlwr
_stat
_get_osfhandle
exit
_mkdir
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
free
_errno
abort
setlocale
printf
strncpy
realloc
_fstat
_getcwd
_read
_close
_open
_access
_utime
_chsize
_chmod

kernel32

FindClose
FindFirstFileA
FindNextFileA
GetFullPathNameA
CreateFileA
GetFileInformationByHandle
CloseHandle

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
chown.exe
.exe windows x86

c2ce5c6e41c94b398391f45fec8278c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

fprintf
strchr
getenv
bsearch
qsort
fclose
_pctype
_isctype
__mb_cur_max
fgets
fopen
tolower
sprintf
atoi
putc
strerror
vfprintf
fflush
strncmp
calloc
_iob
malloc
_strlwr
_stat
_get_osfhandle
exit
_mkdir
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
puts
free
_errno
setlocale
printf
strncpy
realloc
_fstat
_getcwd
_read
_close
_open
_access
_utime
_chsize
_chmod

kernel32

FindClose
FindFirstFileA
FindNextFileA
GetFullPathNameA
CreateFileA
GetFileInformationByHandle
CloseHandle

Exports

Exports

strdup

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
cksum.exe
.exe windows x86

132ede0b486b3431cca990cf7cc73335

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

_fstat
_getcwd
_isatty
_open
_read
_close
_strdup
_cexit
_errno
_fileno
_fmode
_fpreset
_iob
_setmode
__getmainargs
_stricmp
_strnicmp
_wcsicmp
atexit
bsearch
exit
fclose
feof
ferror
fflush
fgets
fopen
fprintf
fputs
fread
free
getenv
isalnum
isalpha
isdigit
isspace
__p__environ
malloc
memcpy
printf
putc
putchar
puts
qsort
realloc
setlocale
signal
strchr
strcmp
strerror
strncmp
tolower
vfprintf
__set_app_type

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 496B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
compress.exe
.exe windows x86

74e59162fe676527ce579f3b65ac572a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

_write
_fstat
_isatty
_chmod
_open
_read
_close
_stat
_unlink
_utime
_cexit
_errno
_fileno
_fmode
_fpreset
_iob
_setmode
__getmainargs
atexit
atoi
exit
fflush
fprintf
__p__environ
malloc
memcpy
memset
perror
putc
signal
strcat
strcpy
__set_app_type

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 411KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
csplit.exe
.exe windows x86

7de2b49860fc9db131d936d4859d3ac2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

_fstat
_getcwd
_open
_read
_close
_strdup
_unlink
_assert
_cexit
_errno
_fileno
_fmode
_fpreset
_iob
_setmode
__getmainargs
_stricmp
_strnicmp
_wcsicmp
abort
atexit
atoi
bsearch
calloc
exit
fclose
feof
ferror
fflush
fgets
fopen
fprintf
fputs
free
fwrite
getenv
isalnum
isalpha
iscntrl
isdigit
islower
isprint
ispunct
isspace
isupper
__p__environ
isxdigit
malloc
memchr
memcpy
memset
printf
putc
puts
qsort
realloc
setlocale
signal
sprintf
strchr
strcmp
strcpy
strerror
strncmp
strncpy
strrchr
strtoul
tolower
toupper
vfprintf
__set_app_type

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
curl.exe
.exe windows x64

b4248e0e789ca618430201de1541656b

Code Sign

01
Certificate

Issuer

CN=curl-for-win Root CA,OU=curl-for-win Root CA,O=curl-for-win

Not Before

31/08/2018, 12:18

Not After

30/08/2021, 12:18

Subject

CN=curl-for-win Code Signing Authority,OU=curl-for-win Code Signing Authority,O=curl-for-win

af:42:e4:09:5d:94:1d:14
Certificate

Issuer

CN=curl-for-win Root CA,OU=curl-for-win Root CA,O=curl-for-win

Not Before

31/08/2018, 12:18

Not After

31/08/2023, 12:18

Subject

CN=curl-for-win Root CA,OU=curl-for-win Root CA,O=curl-for-win

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

03:6c:14:d6:98:32:3d:94:18:e1:5a:20:11:55:e3:95:5f:fc:26:ca:83:83:50:cf:7f:bd:1a:7d:f8:0f:ae:82
Signer

Actual PE Digest

03:6c:14:d6:98:32:3d:94:18:e1:5a:20:11:55:e3:95:5f:fc:26:ca:83:83:50:cf:7f:bd:1a:7d:f8:0f:ae:82

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

CryptAcquireContextA
CryptAcquireContextW
CryptCreateHash
CryptDestroyHash
CryptGenRandom
CryptGetHashParam
CryptHashData
CryptReleaseContext
DeregisterEventSource
RegisterEventSourceW
ReportEventW

crypt32

CertAddCertificateContextToStore
CertCloseStore
CertCreateCertificateChainEngine
CertEnumCertificatesInStore
CertFindCertificateInStore
CertFreeCertificateChain
CertFreeCertificateChainEngine
CertFreeCertificateContext
CertGetCertificateChain
CertGetNameStringA
CertOpenStore
CryptQueryObject
CryptStringToBinaryA

kernel32

CloseHandle
ConvertFiberToThread
ConvertThreadToFiber
CreateFiber
CreateFileA
CreateFileMappingA
CreateToolhelp32Snapshot
DeleteCriticalSection
DeleteFiber
EnterCriticalSection
ExpandEnvironmentStringsA
FindClose
FindFirstFileW
FindNextFileW
FormatMessageA
FormatMessageW
FreeLibrary
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableA
GetEnvironmentVariableW
GetFileSizeEx
GetFileTime
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetProcAddress
GetStartupInfoA
GetStdHandle
GetSystemDirectoryA
GetSystemTime
GetSystemTimeAsFileTime
GetTickCount
GetTimeZoneInformation
GetVersion
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
MapViewOfFile
Module32First
Module32Next
MultiByteToWideChar
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
ReadConsoleA
ReadConsoleW
ReadFile
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SearchPathA
SetConsoleMode
SetFileTime
SetLastError
SetUnhandledExceptionFilter
Sleep
SleepEx
SwitchToFiber
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VerSetConditionMask
VerifyVersionInfoA
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleW
WriteFile

msvcrt

__C_specific_handler
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_beginthreadex
_cexit
_chmod
_chsize
_difftime64
_errno
_exit
_fileno
_fmode
_fstat64
_get_osfhandle
_getpid
_gmtime64
_initterm
_localtime64
_lseeki64
_onexit
_setmode
_stat64
_strdup
_stricmp
_strnicmp
_strtoi64
_sys_nerr
_time64
_vsnprintf
_vsnwprintf
_wfopen
abort
atoi
calloc
clearerr
exit
fclose
feof
ferror
fflush
fgets
fopen
fprintf
fputc
fputs
fread
free
fseek
ftell
fwrite
getc
getenv
islower
isprint
isspace
isupper
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
printf
putchar
puts
qsort
raise
realloc
rename
rewind
setbuf
setlocale
setvbuf
signal
sprintf
sscanf
strcat
strchr
strcmp
strcpy
strcspn
strerror
strlen
strncmp
strncpy
strpbrk
strrchr
strspn
strstr
strtok
strtol
strtoul
tolower
vfprintf
wcscpy
wcslen
wcsstr
_write
_strdup
_setmode
_read
_open
_mkdir
_isatty
_getch
_fileno
_close
_access

normaliz

IdnToAscii
IdnToUnicode

user32

FindWindowA
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxW
SendMessageA

wldap32

ber_free
ldap_bind_s
ldap_err2string
ldap_first_attribute
ldap_first_entry
ldap_get_dn
ldap_get_values_len
ldap_init
ldap_memfree
ldap_msgfree
ldap_next_attribute
ldap_next_entry
ldap_search_s
ldap_set_option
ldap_simple_bind_s
ldap_sslinit
ldap_unbind_s
ldap_value_free_len

ws2_32

WSACleanup
WSAGetLastError
WSAIoctl
WSASetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostbyname
gethostname
getnameinfo
getpeername
getsockname
getsockopt
htonl
htons
ioctlsocket
listen
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 867KB - Virtual size: 866KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 22KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 49B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dbghelp.dll
.dll windows x86

515ee46e8930abe46e0569a1a18643ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_initterm
_adjust_fdiv
__dllonexit
_except_handler3
wcscmp
memmove
_ftol
swprintf
calloc
wcscat
_ltoa
__CxxFrameHandler
_wcsicmp
_wsplitpath
_wcsnicmp
towlower
wcsncmp
__unDName
wcsncpy
_wfopen
fopen
_osver
fclose
fread
fseek
_CxxThrowException
bsearch
_snwprintf
mbstowcs
wcstol
_mbsnbcpy
fflush
_iob
time
_wmakepath
wcsrchr
_strnicmp
_wcsdup
ftell
_wgetenv
_mbsicmp
_fullpath
_access
_fsopen
_wfsopen
_sopen
_wsopen
_wfullpath
_read
_write
_lseeki64
_chsize
_close
_open_osfhandle
_waccess
_mbscmp
_memicmp
wcsncat
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_itoa
printf
_vsnprintf
strncat
tolower
_strcmpi
_makepath
_purecall
malloc
free
_strlwr
isspace
ctime
strstr
??2@YAPAXI@Z
??3@YAXPAX@Z
qsort
strncmp
isxdigit
wcslen
sprintf
_onexit
wcscpy
strrchr
strncpy
_splitpath
_stricmp
strchr
wprintf

kernel32

CreateFileMappingW
DeviceIoControl
ExpandEnvironmentStringsW
CopyFileA
Sleep
CopyFileW
GetFileAttributesW
SetFileAttributesW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
LCMapStringA
GetDriveTypeW
GetDriveTypeA
SetEndOfFile
MapViewOfFileEx
FlushViewOfFile
SetFileAttributesA
CreateThread
TerminateThread
SuspendThread
GetThreadSelectorEntry
GetCurrentThreadId
GetCurrentProcess
UnmapViewOfFile
GetEnvironmentVariableA
SetLastError
CloseHandle
CreateFileA
GetLastError
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
CreateDirectoryA
GetFullPathNameA
LocalAlloc
LocalFree
lstrcpyA
TlsSetValue
TlsGetValue
TlsAlloc
TlsFree
HeapReAlloc
HeapAlloc
HeapFree
IsDBCSLeadByte
GetProcAddress
GetModuleHandleA
lstrlenA
HeapDestroy
HeapCreate
DisableThreadLibraryCalls
GetVersionExA
MapViewOfFile
CreateFileMappingA
FreeLibrary
GetFileSize
LoadLibraryA
DuplicateHandle
ExpandEnvironmentStringsA
MultiByteToWideChar
WideCharToMultiByte
GetCurrentProcessId
VirtualFree
SetErrorMode
GetFileAttributesA
ReadProcessMemory
VirtualProtect
VirtualAlloc
DeleteFileW
WriteFile
CreateFileW
OutputDebugStringA
GetSystemInfo
GetSystemTimeAsFileTime
VirtualQueryEx
GetProcessHeap
ResumeThread
GetThreadContext

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegOpenKeyExA
RegQueryValueExA
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCloseKey

rpcrt4

UuidCreate

Exports

Exports

DbgHelpCreateUserDump
DbgHelpCreateUserDumpW
EnumerateLoadedModules
EnumerateLoadedModules64
ExtensionApiVersion
FindDebugInfoFile
FindDebugInfoFileEx
FindExecutableImage
FindExecutableImageEx
FindFileInPath
FindFileInSearchPath
GetTimestampForLoadedLibrary
ImageDirectoryEntryToData
ImageDirectoryEntryToDataEx
ImageNtHeader
ImageRvaToSection
ImageRvaToVa
ImagehlpApiVersion
ImagehlpApiVersionEx
MakeSureDirectoryPathExists
MapDebugInformation
MiniDumpReadDumpStream
MiniDumpWriteDump
SearchTreeForFile
StackWalk
StackWalk64
SymCleanup
SymEnumSourceFiles
SymEnumSym
SymEnumSymbols
SymEnumTypes
SymEnumerateModules
SymEnumerateModules64
SymEnumerateSymbols
SymEnumerateSymbols64
SymEnumerateSymbolsW
SymEnumerateSymbolsW64
SymFindFileInPath
SymFromAddr
SymFromName
SymFunctionTableAccess
SymFunctionTableAccess64
SymGetFileLineOffsets64
SymGetLineFromAddr
SymGetLineFromAddr64
SymGetLineFromName
SymGetLineFromName64
SymGetLineNext
SymGetLineNext64
SymGetLinePrev
SymGetLinePrev64
SymGetModuleBase
SymGetModuleBase64
SymGetModuleInfo
SymGetModuleInfo64
SymGetModuleInfoW
SymGetModuleInfoW64
SymGetOptions
SymGetSearchPath
SymGetSymFromAddr
SymGetSymFromAddr64
SymGetSymFromName
SymGetSymFromName64
SymGetSymNext
SymGetSymNext64
SymGetSymPrev
SymGetSymPrev64
SymGetTypeFromName
SymGetTypeInfo
SymInitialize
SymLoadModule
SymLoadModule64
SymLoadModuleEx
SymMatchFileName
SymMatchString
SymRegisterCallback
SymRegisterCallback64
SymRegisterFunctionEntryCallback
SymRegisterFunctionEntryCallback64
SymSetContext
SymSetOptions
SymSetSearchPath
SymSetSymWithAddr64
SymUnDName
SymUnDName64
SymUnloadModule
SymUnloadModule64
UnDecorateSymbolName
UnmapDebugInformation
WinDbgExtensionDllInit
dbghelp
dh
lm
lmi
omap
srcfiles
sym
vc7fpo

Sections

.text
Size: 437KB - Virtual size: 436KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dc.exe
.exe windows x86

2de52adfb794905aff8301527d1aa736

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
ExitProcess

msvcrt

_cexit
_fileno
_fmode
_fpreset
_iob
_setmode
__getmainargs
abort
atexit
exit
fclose
fopen
fprintf
free
fwrite
getc
getenv
isdigit
isgraph
isspace
__p__environ
malloc
memchr
memcpy
memset
perror
printf
putchar
realloc
setvbuf
signal
sprintf
strchr
strncmp
strncpy
strrchr
system
ungetc
vsprintf

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
diff3.exe
.exe windows x86

1a8465c2629069c30ae6350ec0f9bf9c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

_dup
_dup2
_fstat
_mktemp
_open
_read
_close
_stat
_unlink
_cexit
_cwait
_errno
_fileno
_fmode
_fpreset
_iob
_setmode
_spawnvp
__getmainargs
atexit
exit
fclose
feof
ferror
fprintf
freopen
fwrite
getc
getenv
__p__environ
malloc
memset
perror
printf
putc
realloc
signal
sprintf
strncmp
__set_app_type

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 368B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
dircolors.exe
.exe windows x86

cf3b6aeb79cdef561ccf8512da235f70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

fopen
fputc
fwrite
setlocale
puts
printf
fprintf
getenv
_pctype
__mb_cur_max
free
_iob
malloc
strchr
bsearch
qsort
fgets
tolower
abort
calloc
realloc
putc
_isctype
_errno
fflush
strncmp
getc
exit
_strlwr
_stat
_get_osfhandle
_fstat
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
fputs
fclose
strerror
vfprintf
strncpy
_getcwd
_read
_close
_open
_access
_utime
_chsize

kernel32

GetFullPathNameA
CreateFileA
GetFileInformationByHandle
CloseHandle

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
echo.exe
.exe windows x86

4650e0a2c05f10dc70fec95bdb80f070

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p___initenv
_iob
fputs
putchar
strrchr
printf
fprintf
strlen
strncmp
strcmp
getenv
_exit
_XcptFilter
exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
egrep.exe
.exe windows x86

c97b49126e50ac1ce7b74b693d30c071

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter
VirtualProtect

msvcrt

_access
_fstat
_getcwd
_isatty
_lseek
_open
_read
_close
_setmode
_stat
_strdup
_cexit
_errno
_fileno
_findclose
_findfirst
_findnext
_fmode
_fpreset
_iob
_setmode
_stat
__getmainargs
_stricmp
_strnicmp
_wcsicmp
abort
atexit
atoi
bsearch
calloc
exit
fclose
feof
ferror
fgets
fopen
fprintf
fputc
fputs
fread
free
fwrite
getenv
isalnum
isalpha
iscntrl
isdigit
islower
isprint
ispunct
isspace
isupper
__p__environ
isxdigit
malloc
memchr
memcpy
memmove
printf
puts
qsort
realloc
setlocale
signal
strcat
strchr
strcmp
strcoll
strcpy
strerror
strncmp
strrchr
tolower
toupper
__set_app_type

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
env.exe
.exe windows x86

b04043819e16282c5ee7b0bf269a0298

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_XcptFilter
puts
strchr
__p__environ
exit
printf
fprintf
_iob
putc
strerror
vfprintf
fflush
strncmp
getenv
_exit
_errno
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_execvp
_putenv

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 726B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
expand.exe
.exe windows x86

0ef08b5c4ef67fee8f3a5ae1222c9984

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

_fstat
_getcwd
_isatty
_open
_read
_close
_strdup
_cexit
_errno
_fileno
_fmode
_fpreset
_iob
_setmode
__getmainargs
_stricmp
_strnicmp
_wcsicmp
atexit
bsearch
calloc
clearerr
exit
fclose
feof
ferror
fflush
fgets
fopen
fprintf
fputs
free
getc
getenv
isalnum
isalpha
isdigit
isspace
__p__environ
malloc
memcpy
printf
putc
putchar
puts
qsort
realloc
setlocale
signal
strchr
strcmp
strerror
strncmp
tolower
vfprintf
__set_app_type

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 768B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
factor.exe
.exe windows x86

4f69e3ffea07f95336b19d27eb7a4693

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
SetUnhandledExceptionFilter
ExitProcess

msvcrt40

_fstat
_getcwd
_open
_read
_close
_cexit
_errno
_fileno
_fmode
_fpreset
_iob
__getmainargs
_setmode
_stricmp
_strnicmp
_wcsicmp
abort
atexit
bsearch
calloc
exit
fclose
feof
fflush
fgets
fopen
fprintf
free
getc
getenv
isalnum
isalpha
isdigit
isspace
malloc
memcpy
printf
putc
putchar
puts
qsort
realloc
setlocale
sprintf
sqrt
strchr
strcmp
strerror
strncmp
strncpy
strtoul
tolower
vfprintf
_assert

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 768B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
fgrep.exe
.exe windows x86

c97b49126e50ac1ce7b74b693d30c071

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter
VirtualProtect

msvcrt

_access
_fstat
_getcwd
_isatty
_lseek
_open
_read
_close
_setmode
_stat
_strdup
_cexit
_errno
_fileno
_findclose
_findfirst
_findnext
_fmode
_fpreset
_iob
_setmode
_stat
__getmainargs
_stricmp
_strnicmp
_wcsicmp
abort
atexit
atoi
bsearch
calloc
exit
fclose
feof
ferror
fgets
fopen
fprintf
fputc
fputs
fread
free
fwrite
getenv
isalnum
isalpha
iscntrl
isdigit
islower
isprint
ispunct
isspace
isupper
__p__environ
isxdigit
malloc
memchr
memcpy
memmove
printf
puts
qsort
realloc
setlocale
signal
strcat
strchr
strcmp
strcoll
strcpy
strerror
strncmp
strrchr
tolower
toupper
__set_app_type

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
flex.exe
.exe windows x86

2adc7a3ebd67e7f9422070c138e6598d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

_fileno
_isatty
_unlink
_cexit
_fileno
_fmode
_fpreset
_iob
_setmode
__getmainargs
atexit
exit
fclose
ferror
fgets
fopen
fprintf
fputs
fread
free
freopen
fwrite
getc
isalnum
isalpha
iscntrl
isdigit
isgraph
islower
isprint
ispunct
isspace
isupper
__p__environ
isxdigit
malloc
memcpy
printf
putc
puts
realloc
signal
sprintf
sscanf
strcmp
strcpy
tolower
__set_app_type

Sections

.text
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
fmt.exe
.exe windows x86

98deb6903ae1cb51ef6a35a676ee8077

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

_fstat
_getcwd
_open
_read
_close
_strdup
_assert
_cexit
_errno
_fileno
_fmode
_fpreset
_iob
_setmode
__getmainargs
_stricmp
_strnicmp
_wcsicmp
atexit
bsearch
exit
fclose
feof
ferror
fflush
fgets
fopen
fprintf
fputs
free
getc
getenv
isalnum
isalpha
isdigit
ispunct
isspace
__p__environ
malloc
memcpy
memmove
printf
putc
putchar
puts
qsort
realloc
setlocale
signal
strchr
strcmp
strerror
strncmp
strtol
tolower
vfprintf
__set_app_type

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 25KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
fold.exe
.exe windows x86

abc5a8e89709e0897706e5c297d3a554

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

_fstat
_getcwd
_open
_read
_close
_strdup
_assert
_cexit
_errno
_fileno
_fmode
_fpreset
_iob
_setmode
__getmainargs
_stricmp
_strnicmp
_wcsicmp
atexit
bsearch
calloc
exit
fclose
feof
ferror
fflush
fgets
fopen
fprintf
fputs
free
fwrite
getc
getenv
isalnum
isalpha
isdigit
isspace
__p__environ
malloc
memcpy
memmove
printf
putc
putchar
puts
qsort
realloc
setlocale
signal
strchr
strcmp
strcpy
strerror
strncmp
strtol
tolower
vfprintf
__set_app_type

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 656B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
fsplit.exe
.exe windows x86

119b918ec33ba9fe5e5188a51b7ce066

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p___initenv
rename
fclose
exit
fprintf
_iob
fopen
getc
_pctype
__mb_cur_max
tolower
_isctype
_exit
_XcptFilter
printf
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_stat
_unlink

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 606B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
gawk.exe
.exe windows x86

a0526f19d5d284bf06b4a07aec36a5c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

ntohs
htonl
htons
bind
connect
shutdown
accept
recvfrom
getservbyname
gethostbyname
socket
listen
WSAGetLastError
WSAStartup
WSACleanup
setsockopt

kernel32

PeekNamedPipe
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
SetEndOfFile
ReadFile
GetLocaleInfoW
InterlockedExchange
RaiseException
SetEnvironmentVariableA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
CloseHandle
CreateFileA
WideCharToMultiByte
MultiByteToWideChar
HeapReAlloc
HeapAlloc
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapFree
GetModuleFileNameA
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetStdHandle
GetLastError
CreateProcessA
DuplicateHandle
CreatePipe
SetConsoleCtrlHandler
GetCommandLineA
GetVersionExA
GetCPInfo
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
DeleteFileA
LoadLibraryA
GetStringTypeA
GetStringTypeW
WriteFile
FlushFileBuffers
LCMapStringA
LCMapStringW
GetTimeZoneInformation
VirtualProtect
GetSystemInfo
VirtualQuery
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
RtlUnwind
HeapSize
GetFileAttributesA
GetExitCodeProcess
WaitForSingleObject
UnhandledExceptionFilter
CompareStringA
CompareStringW
SetFilePointer
GetACP
GetOEMCP
FindNextFileA
FindFirstFileA
FindClose
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW

Sections

.text
Size: 276KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
gclip.exe
.exe windows x86

0cfa302adbb1b76ea6709c750e0f6893

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CloseClipboard
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData

msvcrt

exit
fprintf
getc
strstr
_strlwr
printf
_setmode
_iob
fputs
strncmp
getenv
_exit
_XcptFilter
_except_handler3
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

kernel32

GlobalAlloc
GlobalLock
GlobalUnlock
GlobalReAlloc

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 902B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
gplay.exe
.exe windows x86

ad839a846fbbc35232e2f63891657765

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
MultiByteToWideChar
CloseHandle

ole32

CoCreateInstance
CoUninitialize
CoInitialize

msvcrt

__p___initenv
_initterm
__setusermatherr
fprintf
_iob
_exit
_XcptFilter
exit
__p__commode
__getmainargs
_controlfp
_adjust_fdiv
__p__fmode
__set_app_type
_except_handler3

Sections

.text
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 722B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
gsar.exe
.exe windows x86

1e717a96b171e93af08d308d792e2988

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

fread
fputc
fputs
exit
vfprintf
fprintf
_iob
remove
signal
malloc
sprintf
_pctype
__mb_cur_max
_isctype
tolower
strtol
realloc
fflush
fclose
setvbuf
fopen
rename
strchr
fwrite
toupper
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_stat
_setmode
_isatty
_fileno

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
handle.exe
.exe windows x86

0bec6e295224ce651346314815d91927

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

57:64:6e:2b:55:00:23:d4:90:53:4a:55:3e:ab:0d:0a
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2009, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2f:f3:a1:53:89:75:05:b5:aa:4a:c3:36:7e:43:09:c7
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

28/01/2005, 00:00

Not After

28/01/2006, 23:59

Subject

CN=Sysinternals,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Headquarters,O=Sysinternals,L=Austin,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LocalFree
FormatMessageA
DeviceIoControl
GetDriveTypeA
OpenProcess
lstrcpyA
DuplicateHandle
GetCurrentProcessId
DeleteFileA
GetProcAddress
GetConsoleScreenBufferInfo
GetStdHandle
WaitForSingleObject
CreateProcessA
GetCommandLineA
ExpandEnvironmentStringsA
GetFileAttributesA
GetModuleFileNameA
GetVersion
SetLastError
CreateFileA
FindResourceA
LoadResource
SizeofResource
LockResource
GetCurrentProcess
GetLastError
GetSystemDirectoryA
CloseHandle
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
WriteFile
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
ReadFile
FlushFileBuffers
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
SetStdHandle
SetFilePointer
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
SetEndOfFile
ReadConsoleInputA
SetConsoleMode
GetConsoleMode

advapi32

LookupAccountSidA
RegCreateKeyA
RegSetValueExA
RegCloseKey
RegDeleteKeyA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetTokenInformation

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
handle64.exe
.exe windows x64

ae49d1ad79ffedc286d78c1a8f1d7f48

Code Sign

33:00:00:01:09:e2:19:d6:f9:b8:a4:be:bf:00:00:00:00:01:09
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/08/2018, 20:20

Not After

23/11/2019, 20:20

Subject

CN=Microsoft Time-Stamp service,OU=Microsoft Ireland Operations Limited+OU=Thales TSS ESN:86DF-4BBC-9335,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:b1:dd:ed:ba:54:e9:65:b8:5f:00:01:00:00:01:b1
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/07/2018, 20:11

Not After

26/07/2019, 20:11

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:03:5e:25:1c:99:1f:a3:1e:b8:00:00:00:00:01:03
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/07/2018, 20:08

Not After

26/07/2019, 20:08

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d8:f2:0e:e9:f1:47:4f:4b:0b:48:6e:94:0f:6a:60:ed:8f:77:ee:e7:53:13:67:ad:2e:ec:66:5e:66:70:3e:9c
Signer

Actual PE Digest

d8:f2:0e:e9:f1:47:4f:4b:0b:48:6e:94:0f:6a:60:ed:8f:77:ee:e7:53:13:67:ad:2e:ec:66:5e:66:70:3e:9c

Digest Algorithm

sha256

PE Digest Matches

true

27:6b:f1:ea:2b:63:71:4e:f7:6d:59:1c:3e:31:86:d4:a0:2c:48:18
Signer

Actual PE Digest

27:6b:f1:ea:2b:63:71:4e:f7:6d:59:1c:3e:31:86:d4:a0:2c:48:18

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

SetThreadErrorMode
SetEvent
WaitForSingleObject
DeviceIoControl
FindClose
DuplicateHandle
FormatMessageW
CreateEventW
CreateProcessW
ExpandEnvironmentStringsW
GetDriveTypeW
GetSystemDirectoryW
TerminateThread
DeleteFileW
GetConsoleScreenBufferInfo
SetEndOfFile
HeapReAlloc
HeapSize
ReadConsoleW
WriteConsoleW
SetFilePointerEx
SetConsoleCtrlHandler
GetProcessHeap
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetCurrentProcessId
OpenProcess
GetVersion
CreateFileW
FindResourceW
SizeofResource
CloseHandle
SetLastError
LoadResource
GetLastError
GetCurrentProcess
LockResource
GetCommandLineW
GetModuleHandleW
LoadLibraryW
GetStdHandle
LocalFree
LocalAlloc
GetProcAddress
GetModuleFileNameW
GetFullPathNameW
GetFileType
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwindEx
InterlockedPushEntrySList
InterlockedFlushSList
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
EncodePointer
RaiseException
RtlPcToFileHeader
SetStdHandle
ExitProcess
GetModuleHandleExW
GetConsoleMode
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
SetConsoleMode
CreateThread
ExitThread
ResumeThread
FreeLibraryAndExitThread
WriteFile
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
GetACP
HeapAlloc
HeapFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetCurrentThread
FlushFileBuffers
GetConsoleCP
ReadFile
GetStringTypeW
OutputDebugStringA
OutputDebugStringW
WaitForSingleObjectEx
FindFirstFileExA
FindFirstFileExW
FindNextFileA
FindNextFileW
RtlUnwind

user32

SendMessageW
DialogBoxIndirectParamW
EndDialog
LoadCursorW
InflateRect
GetSysColorBrush
SetCursor
SetWindowTextW
GetDlgItem

gdi32

StartPage
EndDoc
StartDocW
SetMapMode
GetDeviceCaps
EndPage

comdlg32

PrintDlgW

advapi32

LookupAccountSidW
GetTokenInformation
RegDeleteKeyW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyW
RegCreateKeyW
RegCloseKey

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Sections

.text
Size: 392KB - Virtual size: 392KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
id.exe
.exe windows x86

911b51566896f7545488c59dacff15c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_exit
exit
printf
fprintf
_iob
strlen
strncmp
strcmp
getenv
putc
fflush
_sys_errlist
_sys_nerr
_errno
putchar
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 610B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
igawk.exe
.exe windows x86

d68380acddbbec7c58f4a6be4a546654

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
SetConsoleCtrlHandler
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapAlloc
HeapReAlloc
HeapFree
DeleteFileA
GetModuleFileNameA
GetCommandLineA
GetVersionExA
GetCurrentProcessId
GetFileAttributesA
CloseHandle
GetFileType
CreateFileA
UnhandledExceptionFilter
HeapSize
WideCharToMultiByte
WriteFile
FlushFileBuffers
SetFilePointer
SetHandleCount
GetStdHandle
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
GetACP
GetOEMCP
GetCPInfo
FindNextFileA
FindFirstFileA
FindClose
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetStdHandle
SetEndOfFile
ReadFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoA
VirtualProtect
GetSystemInfo
VirtualQuery
LCMapStringA
LCMapStringW
LoadLibraryA
RtlUnwind
InterlockedExchange
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
DuplicateHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessA

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
indent.exe
.exe windows x86

9d06acf343ae62e66683231edda31bef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

_close
_fstat
_open
_read
_strdup
__getmainargs
__p__environ
__set_app_type
_cexit
_errno
_fileno
_findclose
_findfirst
_findnext
_fmode
_fpreset
_iob
_setmode
abort
atexit
atoi
calloc
exit
fclose
fflush
fopen
fprintf
fread
free
freopen
fseek
ftell
fwrite
getc
getenv
isalpha
isdigit
islower
isspace
isupper
isxdigit
malloc
memcpy
memmove
perror
printf
putc
puts
realloc
signal
sprintf
strcat
strchr
strcmp
strcpy
strncmp
strncpy
strrchr
tolower

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 240B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
install.exe
.exe windows x86

91d83ca2028860925b1ffa9d0c3274a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostname

msvcrt

strpbrk
tolower
sprintf
fopen
strncmp
strerror
vfprintf
putc
calloc
strtol
fflush
fgets
_strlwr
_stat
_get_osfhandle
_fstat
__mb_cur_max
_isctype
_mkdir
signal
_dup
_pipe
_exit
strrchr
strncpy
_pctype
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
realloc
fclose
qsort
bsearch
strchr
malloc
_iob
fprintf
puts
_errno
rename
free
_ftol
toupper
setlocale
_umask
_close
_open
_unlink
_chmod
_execlp
_strdup
_getcwd
_read
_write
_access
_utime
_chsize
_mktemp
getenv
printf
exit
_XcptFilter
__p___initenv
__getmainargs

kernel32

RaiseException
GetLastError
InterlockedExchange
LocalAlloc
GetVersion
FindClose
FindFirstFileA
FindNextFileA
CreateProcessA
GetCurrentProcessId
OpenProcess
TerminateProcess
Sleep
GetExitCodeProcess
GetFullPathNameA
CreateFileA
GetFileInformationByHandle
LoadLibraryA
GetProcAddress
CloseHandle
FreeLibrary

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
join.exe
.exe windows x86

2b537f8b8f3b84663f3194edaefc4245

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

_fstat
_getcwd
_open
_read
_close
_strdup
_assert
_cexit
_errno
_fileno
_fmode
_fpreset
_iob
_setmode
__getmainargs
_stricmp
_strnicmp
_wcsicmp
atexit
bsearch
calloc
exit
fclose
feof
ferror
fflush
fgets
fopen
fprintf
fputs
free
fwrite
getc
getenv
isalnum
isalpha
isdigit
isspace
__p__environ
malloc
memcpy
printf
putc
putchar
puts
qsort
realloc
setlocale
signal
strchr
strcmp
strcoll
strcpy
strerror
strncmp
strpbrk
strtol
tolower
toupper
vfprintf
__set_app_type

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
jwhois.exe
.exe windows x86

2bdf7d3232f3d6582e03a257a3ac24bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetUserNameA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

ExitProcess
GetVersionExA
SetConsoleCtrlHandler
SetUnhandledExceptionFilter
Sleep

msvcrt

_fstat
_getcwd
_open
_read
_close
_strdup
_cexit
_errno
_fileno
_fmode
_fpreset
_iob
_setmode
__getmainargs
_stricmp
_strnicmp
_wcsicmp
abort
atexit
bsearch
exit
fclose
feof
fgetc
fgets
fopen
fprintf
free
getenv
isalnum
isalpha
iscntrl
isdigit
islower
isprint
ispunct
isspace
isupper
__p__environ
isxdigit
malloc
memcpy
printf
qsort
realloc
signal
sprintf
sscanf
strcat
strchr
strcmp
strcpy
strncat
strncmp
strncpy
strrchr
strtok
strtol
tolower
ungetc
__set_app_type

wsock32

WSACleanup
WSAStartup
connect
gethostbyname
getservbyname
htons
inet_addr
recv
send
socket

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 316B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 592B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
less.exe
.exe windows x86

0a3312bb7a2aa59e06bfe2cb745bcc91

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBeep

msvcrt

_pclose
putc
_popen
system
_setjmp3
_chdrive
exit
time
strerror
malloc
longjmp
strncmp
tolower
signal
strcspn
_findfirst
fopen
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_splitpath
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
strchr
_findnext
_findclose
_searchenv
getenv
toupper
atoi
strncpy
sprintf
setlocale
_isctype
__mb_cur_max
_pctype
free
calloc
_errno
fgets
fclose
_adjust_fdiv
_setmode
_open
_write
_lseek
_close
_isatty
_read
_getcwd
_putenv
_creat
_stat
_fstat
_chdir
_dup

kernel32

GetConsoleMode
SetConsoleMode
SetConsoleCtrlHandler
PeekConsoleInputA
ReadConsoleInputA
FillConsoleOutputCharacterA
ScrollConsoleScreenBufferA
SetConsoleCursorPosition
CloseHandle
CreateConsoleScreenBuffer
SetConsoleScreenBufferSize
SetConsoleActiveScreenBuffer
SetConsoleTextAttribute
GetStdHandle
ReadConsoleOutputAttribute
WriteConsoleA
GetConsoleScreenBufferInfo
FillConsoleOutputAttribute
CreateFileA
Sleep

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
lesskey.exe
.exe windows x86

8c709f92d91c3900103b759c6f426dc6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p___initenv
fprintf
_iob
calloc
getenv
printf
strncmp
fwrite
fgets
perror
fopen
_exit
_XcptFilter
exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_putenv

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 564B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
libcharset1.dll
.dll windows x86

2bf10059aa6855dad94f8de70e55cbab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
FindAtomA
GetACP
GetAtomNameA
GetModuleFileNameA

msvcrt

_strdup
__dllonexit
_errno
abort
fflush
free
malloc
memcpy
sprintf
strchr
strcmp
strcpy
strlen
strncmp

Exports

Exports

libcharset_relocate
libcharset_set_relocation_prefix
locale_charset
DllGetVersion

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 544B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 178B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 260B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
libcurl-x64.dll
.dll windows x64

ed5790da317446a4c43a23d480f35d3a

Code Sign

01
Certificate

Issuer

CN=curl-for-win Root CA,OU=curl-for-win Root CA,O=curl-for-win

Not Before

31/08/2018, 12:18

Not After

30/08/2021, 12:18

Subject

CN=curl-for-win Code Signing Authority,OU=curl-for-win Code Signing Authority,O=curl-for-win

af:42:e4:09:5d:94:1d:14
Certificate

Issuer

CN=curl-for-win Root CA,OU=curl-for-win Root CA,O=curl-for-win

Not Before

31/08/2018, 12:18

Not After

31/08/2023, 12:18

Subject

CN=curl-for-win Root CA,OU=curl-for-win Root CA,O=curl-for-win

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4b:fe:6a:df:a9:1f:25:79:53:6e:02:4a:ce:ab:17:78:58:d7:05:48:1b:0a:d0:31:51:a2:9a:02:20:28:89:b6
Signer

Actual PE Digest

4b:fe:6a:df:a9:1f:25:79:53:6e:02:4a:ce:ab:17:78:58:d7:05:48:1b:0a:d0:31:51:a2:9a:02:20:28:89:b6

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

libcrypto-1_1-x64

ASN1_OCTET_STRING_free
ASN1_STRING_get0_data
ASN1_STRING_length
ASN1_STRING_print
ASN1_STRING_to_UTF8
ASN1_STRING_type
ASN1_TIME_print
BIO_ctrl
BIO_free
BIO_new
BIO_new_file
BIO_new_mem_buf
BIO_printf
BIO_puts
BIO_s_file
BIO_s_mem
BN_CTX_free
BN_CTX_new
BN_bin2bn
BN_bn2bin
BN_clear_free
BN_div
BN_mod_exp
BN_new
BN_num_bits
BN_print
BN_rand
BN_set_word
BN_sub
BN_value_one
CRYPTO_free
CRYPTO_get_ex_new_index
CRYPTO_malloc
DES_ecb_encrypt
DES_set_key
DES_set_odd_parity
DH_get0_key
DH_get0_pqg
DSA_SIG_free
DSA_SIG_get0
DSA_SIG_new
DSA_SIG_set0
DSA_do_sign
DSA_do_verify
DSA_free
DSA_get0_key
DSA_get0_pqg
DSA_new
DSA_set0_key
DSA_set0_pqg
ECDH_compute_key
ECDSA_SIG_free
ECDSA_SIG_get0
ECDSA_SIG_new
ECDSA_SIG_set0
ECDSA_do_sign
ECDSA_do_verify
EC_GROUP_get_curve_name
EC_GROUP_get_degree
EC_KEY_free
EC_KEY_generate_key
EC_KEY_get0_group
EC_KEY_get0_public_key
EC_KEY_new_by_curve_name
EC_KEY_set_private_key
EC_KEY_set_public_key
EC_POINT_free
EC_POINT_new
EC_POINT_oct2point
EC_POINT_point2oct
ENGINE_by_id
ENGINE_ctrl
ENGINE_ctrl_cmd
ENGINE_finish
ENGINE_free
ENGINE_get_first
ENGINE_get_id
ENGINE_get_next
ENGINE_init
ENGINE_load_builtin_engines
ENGINE_load_private_key
ENGINE_register_all_complete
ENGINE_set_default
ERR_clear_error
ERR_error_string_n
ERR_get_error
ERR_peek_error
EVP_CIPHER_CTX_free
EVP_CIPHER_CTX_get_app_data
EVP_CIPHER_CTX_key_length
EVP_CIPHER_CTX_new
EVP_CIPHER_CTX_set_app_data
EVP_CIPHER_CTX_set_padding
EVP_CIPHER_meth_free
EVP_CIPHER_meth_new
EVP_CIPHER_meth_set_cleanup
EVP_CIPHER_meth_set_do_cipher
EVP_CIPHER_meth_set_init
EVP_CIPHER_meth_set_iv_length
EVP_Cipher
EVP_CipherInit
EVP_DigestFinal
EVP_DigestFinal_ex
EVP_DigestInit
EVP_DigestInit_ex
EVP_DigestSign
EVP_DigestSignInit
EVP_DigestUpdate
EVP_DigestVerify
EVP_DigestVerifyInit
EVP_EncryptInit
EVP_EncryptUpdate
EVP_MD_CTX_free
EVP_MD_CTX_new
EVP_PKEY2PKCS8
EVP_PKEY_CTX_free
EVP_PKEY_CTX_new
EVP_PKEY_CTX_new_id
EVP_PKEY_copy_parameters
EVP_PKEY_derive
EVP_PKEY_derive_init
EVP_PKEY_derive_set_peer
EVP_PKEY_free
EVP_PKEY_get0_DH
EVP_PKEY_get0_DSA
EVP_PKEY_get0_RSA
EVP_PKEY_get1_DSA
EVP_PKEY_get1_EC_KEY
EVP_PKEY_get1_RSA
EVP_PKEY_id
EVP_PKEY_keygen
EVP_PKEY_keygen_init
EVP_PKEY_new
EVP_PKEY_new_raw_private_key
EVP_PKEY_new_raw_public_key
EVP_PKEY_set1_DSA
EVP_PKEY_set1_EC_KEY
EVP_PKEY_set1_RSA
EVP_aes_128_cbc
EVP_aes_128_ecb
EVP_aes_192_cbc
EVP_aes_192_ecb
EVP_aes_256_cbc
EVP_aes_256_ecb
EVP_bf_cbc
EVP_cast5_cbc
EVP_des_ede3_cbc
EVP_get_digestbyname
EVP_md5
EVP_rc4
EVP_ripemd160
EVP_sha1
EVP_sha256
EVP_sha512
GENERAL_NAMES_free
HMAC_CTX_free
HMAC_CTX_new
HMAC_Final
HMAC_Init_ex
HMAC_Update
MD4_Final
MD4_Init
MD4_Update
MD5_Final
MD5_Init
MD5_Update
OCSP_BASICRESP_free
OCSP_RESPONSE_free
OCSP_basic_verify
OCSP_cert_status_str
OCSP_check_validity
OCSP_crl_reason_str
OCSP_resp_count
OCSP_resp_get0
OCSP_response_get1_basic
OCSP_response_status
OCSP_response_status_str
OCSP_single_get0_status
OPENSSL_load_builtin_modules
OPENSSL_sk_num
OPENSSL_sk_pop
OPENSSL_sk_pop_free
OPENSSL_sk_value
OpenSSL_version_num
PEM_read_bio_DSAPrivateKey
PEM_read_bio_ECPrivateKey
PEM_read_bio_PrivateKey
PEM_read_bio_RSAPrivateKey
PEM_read_bio_X509
PEM_write_bio_X509
PKCS12_PBE_add
PKCS12_free
PKCS12_parse
PKCS8_PRIV_KEY_INFO_free
PKCS8_pkey_get0
RAND_add
RAND_bytes
RAND_file_name
RAND_load_file
RAND_status
RSA_flags
RSA_free
RSA_get0_factors
RSA_get0_key
RSA_new
RSA_set0_crt_params
RSA_set0_factors
RSA_set0_key
RSA_sign
RSA_size
RSA_verify
SHA256_Final
SHA256_Init
SHA256_Update
UI_OpenSSL
UI_create_method
UI_destroy_method
UI_get0_user_data
UI_get_input_flags
UI_get_string_type
UI_method_get_closer
UI_method_get_opener
UI_method_get_reader
UI_method_get_writer
UI_method_set_closer
UI_method_set_opener
UI_method_set_reader
UI_method_set_writer
UI_set_result
X509V3_EXT_print
X509_EXTENSION_get_data
X509_EXTENSION_get_object
X509_LOOKUP_file
X509_NAME_ENTRY_get_data
X509_NAME_get_entry
X509_NAME_get_index_by_NID
X509_NAME_print_ex
X509_PUBKEY_free
X509_PUBKEY_get0_param
X509_PUBKEY_new
X509_PUBKEY_set
X509_STORE_add_lookup
X509_STORE_set_flags
X509_check_issued
X509_free
X509_get0_extensions
X509_get0_notAfter
X509_get0_notBefore
X509_get0_signature
X509_get_X509_PUBKEY
X509_get_ext_d2i
X509_get_issuer_name
X509_get_pubkey
X509_get_serialNumber
X509_get_subject_name
X509_get_version
X509_load_crl_file
X509_verify_cert_error_string
d2i_ASN1_OCTET_STRING
d2i_OCSP_RESPONSE
d2i_PKCS12_bio
i2a_ASN1_OBJECT
i2d_X509_PUBKEY
i2t_ASN1_OBJECT

libssl-1_1-x64

BIO_f_ssl
SSL_CIPHER_get_name
SSL_CTX_add_client_CA
SSL_CTX_check_private_key
SSL_CTX_ctrl
SSL_CTX_free
SSL_CTX_get_cert_store
SSL_CTX_load_verify_locations
SSL_CTX_new
SSL_CTX_sess_set_new_cb
SSL_CTX_set_alpn_protos
SSL_CTX_set_cipher_list
SSL_CTX_set_ciphersuites
SSL_CTX_set_default_passwd_cb
SSL_CTX_set_default_passwd_cb_userdata
SSL_CTX_set_keylog_callback
SSL_CTX_set_msg_callback
SSL_CTX_set_next_proto_select_cb
SSL_CTX_set_options
SSL_CTX_set_post_handshake_auth
SSL_CTX_set_srp_password
SSL_CTX_set_srp_username
SSL_CTX_set_verify
SSL_CTX_use_PrivateKey
SSL_CTX_use_PrivateKey_file
SSL_CTX_use_certificate
SSL_CTX_use_certificate_chain_file
SSL_CTX_use_certificate_file
SSL_SESSION_free
SSL_alert_desc_string_long
SSL_connect
SSL_ctrl
SSL_free
SSL_get0_alpn_selected
SSL_get_certificate
SSL_get_current_cipher
SSL_get_error
SSL_get_ex_data
SSL_get_peer_cert_chain
SSL_get_peer_certificate
SSL_get_privatekey
SSL_get_shutdown
SSL_get_verify_result
SSL_new
SSL_pending
SSL_read
SSL_set_bio
SSL_set_connect_state
SSL_set_ex_data
SSL_set_fd
SSL_set_session
SSL_shutdown
SSL_version
SSL_write
TLS_client_method

advapi32

CryptAcquireContextA
CryptCreateHash
CryptDestroyHash
CryptGenRandom
CryptGetHashParam
CryptHashData
CryptReleaseContext

crypt32

CertAddCertificateContextToStore
CertCloseStore
CertCreateCertificateChainEngine
CertEnumCertificatesInStore
CertFindCertificateInStore
CertFreeCertificateChain
CertFreeCertificateChainEngine
CertFreeCertificateContext
CertGetCertificateChain
CertGetNameStringA
CertOpenStore
CryptQueryObject
CryptStringToBinaryA

kernel32

CloseHandle
CreateFileA
CreateFileMappingA
DeleteCriticalSection
EnterCriticalSection
ExpandEnvironmentStringsA
FormatMessageA
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileSizeEx
GetFileType
GetLastError
GetModuleHandleA
GetProcAddress
GetStdHandle
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetTickCount
GetTimeZoneInformation
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MapViewOfFile
MultiByteToWideChar
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
ReadFile
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetLastError
SetUnhandledExceptionFilter
Sleep
SleepEx
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
UnmapViewOfFile
VerSetConditionMask
VerifyVersionInfoA
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte

msvcrt

__iob_func
_amsg_exit
_beginthreadex
_difftime64
_errno
_fstat64
_getpid
_gmtime64
_initterm
_lock
_lseeki64
_stat64
_strtoi64
_sys_nerr
_time64
_unlock
_vsnprintf
abort
atoi
calloc
fclose
feof
fflush
fgets
fopen
fputc
fputs
fread
free
fseek
ftell
fwrite
getenv
islower
isspace
isupper
malloc
memchr
memcmp
memcpy
memmove
memset
qsort
realloc
rewind
setvbuf
signal
sprintf
sscanf
strchr
strcmp
strcpy
strcspn
strerror
strlen
strncmp
strncpy
strpbrk
strrchr
strspn
strstr
strtol
strtoul
tolower
vfprintf
wcslen
_write
_strdup
_read
_open
_close
_access

normaliz

IdnToAscii
IdnToUnicode

user32

FindWindowA
SendMessageA

wldap32

ber_free
ldap_bind_s
ldap_err2string
ldap_first_attribute
ldap_first_entry
ldap_get_dn
ldap_get_values_len
ldap_init
ldap_memfree
ldap_msgfree
ldap_next_attribute
ldap_next_entry
ldap_search_s
ldap_set_option
ldap_simple_bind_s
ldap_sslinit
ldap_unbind_s
ldap_value_free_len

ws2_32

WSACleanup
WSAGetLastError
WSAIoctl
WSASetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostname
getpeername
getsockname
getsockopt
htonl
htons
ioctlsocket
listen
ntohs
recv
recvfrom
select
send
sendto
setsockopt
socket

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_easy_upkeep
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_global_sslset
curl_maprintf
curl_mfprintf
curl_mime_addpart
curl_mime_data
curl_mime_data_cb
curl_mime_encoder
curl_mime_filedata
curl_mime_filename
curl_mime_free
curl_mime_headers
curl_mime_init
curl_mime_name
curl_mime_subparts
curl_mime_type
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_poll
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_multi_wakeup
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_pushheader_byname
curl_pushheader_bynum
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_url
curl_url_cleanup
curl_url_dup
curl_url_get
curl_url_set
curl_version
curl_version_info

Sections

.text
Size: 728KB - Virtual size: 728KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 266KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libeay32.dll
.dll windows x86

43b0fe249f8f5a5ce8ac2d967a025119

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

sendto
recvfrom
bind
listen
accept
ntohl
ioctlsocket
WSACleanup
WSAStartup
gethostbyname
getsockopt
getservbyname
ntohs
htons
htonl
socket
setsockopt
connect
send
WSASetLastError
recv
WSAGetLastError
shutdown
closesocket

gdi32

CreateCompatibleBitmap
GetObjectA
GetDIBits
DeleteObject
GetDeviceCaps

advapi32

ReportEventA
DeregisterEventSource
RegisterEventSourceA

user32

GetDC
ReleaseDC
MessageBoxA
GetProcessWindowStation
GetUserObjectInformationW

kernel32

GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetLocaleInfoA
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
GetProcessHeap
SetEndOfFile
GetCurrentDirectoryA
CompareStringA
CompareStringW
HeapSize
SetEnvironmentVariableA
CreateFileW
GetEnvironmentStrings
WideCharToMultiByte
GetFullPathNameA
FlushFileBuffers
RtlUnwind
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
ExitProcess
GetProcAddress
GetModuleHandleA
GetCurrentThreadId
GetLastError
GetVersion
WriteFile
GetFileType
GetStdHandle
FindNextFileA
FindFirstFileA
FindClose
FreeLibrary
LoadLibraryA
CloseHandle
SetLastError
MultiByteToWideChar
SystemTimeToFileTime
GetSystemTime
GetTickCount
QueryPerformanceCounter
GetCurrentProcessId
GlobalMemoryStatus
FlushConsoleInputBuffer
GetModuleHandleW
Sleep
SetConsoleCtrlHandler
EnterCriticalSection
LeaveCriticalSection
HeapFree
HeapReAlloc
HeapAlloc
GetSystemTimeAsFileTime
ReadFile
GetConsoleCP
GetConsoleMode
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
SetFileAttributesA
GetFileAttributesA
CreateFileA
ReadConsoleInputA
SetConsoleMode
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
DeleteCriticalSection
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetStartupInfoA
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
GetTimeZoneInformation
SetFilePointer
SetStdHandle

Exports

Exports

ACCESS_DESCRIPTION_free
ACCESS_DESCRIPTION_it
ACCESS_DESCRIPTION_new
AES_bi_ige_encrypt
AES_cbc_encrypt
AES_cfb128_encrypt
AES_cfb1_encrypt
AES_cfb8_encrypt
AES_ctr128_encrypt
AES_decrypt
AES_ecb_encrypt
AES_encrypt
AES_ige_encrypt
AES_ofb128_encrypt
AES_options
AES_set_decrypt_key
AES_set_encrypt_key
AES_unwrap_key
AES_wrap_key
ASN1_ANY_it
ASN1_BIT_STRING_check
ASN1_BIT_STRING_free
ASN1_BIT_STRING_get_bit
ASN1_BIT_STRING_it
ASN1_BIT_STRING_name_print
ASN1_BIT_STRING_new
ASN1_BIT_STRING_num_asc
ASN1_BIT_STRING_set
ASN1_BIT_STRING_set_asc
ASN1_BIT_STRING_set_bit
ASN1_BMPSTRING_free
ASN1_BMPSTRING_it
ASN1_BMPSTRING_new
ASN1_BOOLEAN_it
ASN1_ENUMERATED_free
ASN1_ENUMERATED_get
ASN1_ENUMERATED_it
ASN1_ENUMERATED_new
ASN1_ENUMERATED_set
ASN1_ENUMERATED_to_BN
ASN1_FBOOLEAN_it
ASN1_GENERALIZEDTIME_adj
ASN1_GENERALIZEDTIME_check
ASN1_GENERALIZEDTIME_free
ASN1_GENERALIZEDTIME_it
ASN1_GENERALIZEDTIME_new
ASN1_GENERALIZEDTIME_print
ASN1_GENERALIZEDTIME_set
ASN1_GENERALIZEDTIME_set_string
ASN1_GENERALSTRING_free
ASN1_GENERALSTRING_it
ASN1_GENERALSTRING_new
ASN1_IA5STRING_free
ASN1_IA5STRING_it
ASN1_IA5STRING_new
ASN1_INTEGER_cmp
ASN1_INTEGER_dup
ASN1_INTEGER_free
ASN1_INTEGER_get
ASN1_INTEGER_it
ASN1_INTEGER_new
ASN1_INTEGER_set
ASN1_INTEGER_to_BN
ASN1_NULL_free
ASN1_NULL_it
ASN1_NULL_new
ASN1_OBJECT_create
ASN1_OBJECT_free
ASN1_OBJECT_it
ASN1_OBJECT_new
ASN1_OCTET_STRING_NDEF_it
ASN1_OCTET_STRING_cmp
ASN1_OCTET_STRING_dup
ASN1_OCTET_STRING_free
ASN1_OCTET_STRING_it
ASN1_OCTET_STRING_new
ASN1_OCTET_STRING_set
ASN1_PCTX_free
ASN1_PCTX_get_cert_flags
ASN1_PCTX_get_flags
ASN1_PCTX_get_nm_flags
ASN1_PCTX_get_oid_flags
ASN1_PCTX_get_str_flags
ASN1_PCTX_new
ASN1_PCTX_set_cert_flags
ASN1_PCTX_set_flags
ASN1_PCTX_set_nm_flags
ASN1_PCTX_set_oid_flags
ASN1_PCTX_set_str_flags
ASN1_PRINTABLESTRING_free
ASN1_PRINTABLESTRING_it
ASN1_PRINTABLESTRING_new
ASN1_PRINTABLE_free
ASN1_PRINTABLE_it
ASN1_PRINTABLE_new
ASN1_PRINTABLE_type
ASN1_SEQUENCE_ANY_it
ASN1_SEQUENCE_it
ASN1_SET_ANY_it
ASN1_STRING_TABLE_add
ASN1_STRING_TABLE_cleanup
ASN1_STRING_TABLE_get
ASN1_STRING_clear_free
ASN1_STRING_cmp
ASN1_STRING_copy
ASN1_STRING_data
ASN1_STRING_dup
ASN1_STRING_free
ASN1_STRING_get_default_mask
ASN1_STRING_length
ASN1_STRING_length_set
ASN1_STRING_new
ASN1_STRING_print
ASN1_STRING_print_ex
ASN1_STRING_print_ex_fp
ASN1_STRING_set
ASN1_STRING_set0
ASN1_STRING_set_by_NID
ASN1_STRING_set_default_mask
ASN1_STRING_set_default_mask_asc
ASN1_STRING_to_UTF8
ASN1_STRING_type
ASN1_STRING_type_new
ASN1_T61STRING_free
ASN1_T61STRING_it
ASN1_T61STRING_new
ASN1_TBOOLEAN_it
ASN1_TIME_adj
ASN1_TIME_check
ASN1_TIME_diff
ASN1_TIME_free
ASN1_TIME_it
ASN1_TIME_new
ASN1_TIME_print
ASN1_TIME_set
ASN1_TIME_set_string
ASN1_TIME_to_generalizedtime
ASN1_TYPE_cmp
ASN1_TYPE_free
ASN1_TYPE_get
ASN1_TYPE_get_int_octetstring
ASN1_TYPE_get_octetstring
ASN1_TYPE_new
ASN1_TYPE_set
ASN1_TYPE_set1
ASN1_TYPE_set_int_octetstring
ASN1_TYPE_set_octetstring
ASN1_UNIVERSALSTRING_free
ASN1_UNIVERSALSTRING_it
ASN1_UNIVERSALSTRING_new
ASN1_UNIVERSALSTRING_to_string
ASN1_UTCTIME_adj
ASN1_UTCTIME_check
ASN1_UTCTIME_cmp_time_t
ASN1_UTCTIME_free
ASN1_UTCTIME_it
ASN1_UTCTIME_new
ASN1_UTCTIME_print
ASN1_UTCTIME_set
ASN1_UTCTIME_set_string
ASN1_UTF8STRING_free
ASN1_UTF8STRING_it
ASN1_UTF8STRING_new
ASN1_VISIBLESTRING_free
ASN1_VISIBLESTRING_it
ASN1_VISIBLESTRING_new
ASN1_add_oid_module
ASN1_bn_print
ASN1_check_infinite_end
ASN1_const_check_infinite_end
ASN1_d2i_bio
ASN1_d2i_fp
ASN1_digest
ASN1_dup
ASN1_generate_nconf
ASN1_generate_v3
ASN1_get_object
ASN1_i2d_bio
ASN1_i2d_fp
ASN1_item_d2i
ASN1_item_d2i_bio
ASN1_item_d2i_fp
ASN1_item_digest
ASN1_item_dup
ASN1_item_ex_d2i
ASN1_item_ex_free
ASN1_item_ex_i2d
ASN1_item_ex_new
ASN1_item_free
ASN1_item_i2d
ASN1_item_i2d_bio
ASN1_item_i2d_fp
ASN1_item_ndef_i2d
ASN1_item_new
ASN1_item_pack
ASN1_item_print
ASN1_item_sign
ASN1_item_sign_ctx
ASN1_item_unpack
ASN1_item_verify
ASN1_mbstring_copy
ASN1_mbstring_ncopy
ASN1_object_size
ASN1_pack_string
ASN1_parse
ASN1_parse_dump
ASN1_primitive_free
ASN1_primitive_new
ASN1_put_eoc
ASN1_put_object
ASN1_seq_pack
ASN1_seq_unpack
ASN1_sign
ASN1_tag2bit
ASN1_tag2str
ASN1_template_d2i
ASN1_template_free
ASN1_template_i2d
ASN1_template_new
ASN1_unpack_string
ASN1_verify
AUTHORITY_INFO_ACCESS_free
AUTHORITY_INFO_ACCESS_it
AUTHORITY_INFO_ACCESS_new
AUTHORITY_KEYID_free
AUTHORITY_KEYID_it
AUTHORITY_KEYID_new
BASIC_CONSTRAINTS_free
BASIC_CONSTRAINTS_it
BASIC_CONSTRAINTS_new
BF_cbc_encrypt
BF_cfb64_encrypt
BF_decrypt
BF_ecb_encrypt
BF_encrypt
BF_ofb64_encrypt
BF_options
BF_set_key
BIGNUM_it
BIO_accept
BIO_asn1_get_prefix
BIO_asn1_get_suffix
BIO_asn1_set_prefix
BIO_asn1_set_suffix
BIO_callback_ctrl
BIO_clear_flags
BIO_copy_next_retry
BIO_ctrl
BIO_ctrl_get_read_request
BIO_ctrl_get_write_guarantee
BIO_ctrl_pending
BIO_ctrl_reset_read_request
BIO_ctrl_wpending
BIO_debug_callback
BIO_dgram_non_fatal_error
BIO_dump
BIO_dump_cb
BIO_dump_fp
BIO_dump_indent
BIO_dump_indent_cb
BIO_dump_indent_fp
BIO_dup_chain
BIO_f_asn1
BIO_f_base64
BIO_f_buffer
BIO_f_cipher
BIO_f_md
BIO_f_nbio_test
BIO_f_null
BIO_f_reliable
BIO_fd_non_fatal_error
BIO_fd_should_retry
BIO_find_type
BIO_free
BIO_free_all
BIO_get_accept_socket
BIO_get_callback
BIO_get_callback_arg
BIO_get_ex_data
BIO_get_ex_new_index
BIO_get_host_ip
BIO_get_port
BIO_get_retry_BIO
BIO_get_retry_reason
BIO_gethostbyname
BIO_gets
BIO_hex_string
BIO_indent
BIO_int_ctrl
BIO_method_name
BIO_method_type
BIO_new
BIO_new_CMS
BIO_new_NDEF
BIO_new_PKCS7
BIO_new_accept
BIO_new_bio_pair
BIO_new_connect
BIO_new_dgram
BIO_new_fd
BIO_new_file
BIO_new_fp
BIO_new_mem_buf
BIO_new_socket
BIO_next
BIO_nread
BIO_nread0
BIO_number_read
BIO_number_written
BIO_nwrite
BIO_nwrite0
BIO_pop
BIO_printf
BIO_ptr_ctrl
BIO_push
BIO_puts
BIO_read
BIO_s_accept
BIO_s_bio
BIO_s_connect
BIO_s_datagram
BIO_s_fd
BIO_s_file
BIO_s_mem
BIO_s_null
BIO_s_socket
BIO_set
BIO_set_callback
BIO_set_callback_arg
BIO_set_cipher
BIO_set_ex_data
BIO_set_flags
BIO_set_tcp_ndelay
BIO_snprintf
BIO_sock_cleanup
BIO_sock_error
BIO_sock_init
BIO_sock_non_fatal_error
BIO_sock_should_retry
BIO_socket_ioctl
BIO_socket_nbio
BIO_test_flags
BIO_vfree
BIO_vprintf
BIO_vsnprintf
BIO_write
BN_BLINDING_convert
BN_BLINDING_convert_ex
BN_BLINDING_create_param
BN_BLINDING_free
BN_BLINDING_get_flags
BN_BLINDING_get_thread_id
BN_BLINDING_invert
BN_BLINDING_invert_ex
BN_BLINDING_new
BN_BLINDING_set_flags
BN_BLINDING_set_thread_id
BN_BLINDING_thread_id
BN_BLINDING_update
BN_CTX_end
BN_CTX_free
BN_CTX_get
BN_CTX_init
BN_CTX_new
BN_CTX_start
BN_GENCB_call
BN_GF2m_add
BN_GF2m_arr2poly
BN_GF2m_mod
BN_GF2m_mod_arr
BN_GF2m_mod_div
BN_GF2m_mod_div_arr
BN_GF2m_mod_exp
BN_GF2m_mod_exp_arr
BN_GF2m_mod_inv
BN_GF2m_mod_inv_arr
BN_GF2m_mod_mul
BN_GF2m_mod_mul_arr
BN_GF2m_mod_solve_quad
BN_GF2m_mod_solve_quad_arr
BN_GF2m_mod_sqr
BN_GF2m_mod_sqr_arr
BN_GF2m_mod_sqrt
BN_GF2m_mod_sqrt_arr
BN_GF2m_poly2arr
BN_MONT_CTX_copy
BN_MONT_CTX_free
BN_MONT_CTX_init
BN_MONT_CTX_new
BN_MONT_CTX_set
BN_MONT_CTX_set_locked
BN_RECP_CTX_free
BN_RECP_CTX_init
BN_RECP_CTX_new
BN_RECP_CTX_set
BN_X931_derive_prime_ex
BN_X931_generate_Xpq
BN_X931_generate_prime_ex
BN_add
BN_add_word
BN_asc2bn
BN_bin2bn
BN_bn2bin
BN_bn2dec
BN_bn2hex
BN_bn2mpi
BN_bntest_rand
BN_clear
BN_clear_bit
BN_clear_free
BN_cmp
BN_consttime_swap
BN_copy
BN_dec2bn
BN_div
BN_div_recp
BN_div_word
BN_dup
BN_exp
BN_free
BN_from_montgomery
BN_gcd
BN_generate_prime
BN_generate_prime_ex
BN_get0_nist_prime_192
BN_get0_nist_prime_224
BN_get0_nist_prime_256
BN_get0_nist_prime_384
BN_get0_nist_prime_521
BN_get_params
BN_get_word
BN_hex2bn
BN_init
BN_is_bit_set
BN_is_prime
BN_is_prime_ex
BN_is_prime_fasttest
BN_is_prime_fasttest_ex
BN_kronecker
BN_lshift
BN_lshift1
BN_mask_bits
BN_mod_add
BN_mod_add_quick
BN_mod_exp
BN_mod_exp2_mont
BN_mod_exp_mont
BN_mod_exp_mont_consttime
BN_mod_exp_mont_word
BN_mod_exp_recp
BN_mod_exp_simple
BN_mod_inverse
BN_mod_lshift
BN_mod_lshift1
BN_mod_lshift1_quick
BN_mod_lshift_quick
BN_mod_mul
BN_mod_mul_montgomery
BN_mod_mul_reciprocal
BN_mod_sqr
BN_mod_sqrt
BN_mod_sub
BN_mod_sub_quick
BN_mod_word
BN_mpi2bn
BN_mul
BN_mul_word
BN_new
BN_nist_mod_192
BN_nist_mod_224
BN_nist_mod_256
BN_nist_mod_384
BN_nist_mod_521
BN_nnmod
BN_num_bits
BN_num_bits_word
BN_options
BN_print
BN_print_fp
BN_pseudo_rand
BN_pseudo_rand_range
BN_rand
BN_rand_range
BN_reciprocal
BN_rshift
BN_rshift1
BN_set_bit
BN_set_negative
BN_set_params
BN_set_word
BN_sqr
BN_sub
BN_sub_word
BN_swap
BN_to_ASN1_ENUMERATED
BN_to_ASN1_INTEGER
BN_uadd
BN_ucmp
BN_usub
BN_value_one

Sections

.text
Size: 930KB - Virtual size: 929KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 342KB - Virtual size: 342KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libiconv2.dll
.dll .ps1 windows x86
libintl3.dll
.dll windows x86

c349ef238a184434495cf4decb73818f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

libiconv2

libiconv
libiconv_close
libiconv_open
libiconv_set_relocation_prefix

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

AddAtomA
AreFileApisANSI
CloseHandle
CreateDirectoryA
CreateFileA
DeviceIoControl
FindAtomA
FindClose
FindFirstFileA
FindNextFileA
FormatMessageA
FreeLibrary
GetACP
GetAtomNameA
GetCurrentDirectoryA
GetDiskFreeSpaceA
GetDriveTypeA
GetFileAttributesA
GetFileInformationByHandle
GetFileSize
GetFileType
GetFullPathNameA
GetLastError
GetLogicalDriveStringsA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetShortPathNameA
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadLocale
GetTimeZoneInformation
GetVersion
GetVersionExA
GetVolumeInformationA
HeapAlloc
HeapFree
LoadLibraryA
LocalFree
MultiByteToWideChar
PeekNamedPipe
SetErrorMode
SetLastError
UnlockFile
lstrcmpiA
lstrcpyA

msvcrt

_chmod
_close
_getpid
_open
_read
_strdup
_stricmp
__dllonexit
__mb_cur_max
_assert
_close
_errno
_fdopen
_filelengthi64
_flsbuf
_get_osfhandle
_iob
_isctype
_open
_pctype
_snprintf
_snwprintf
_stricmp
_vsnprintf
_vsnwprintf
abort
calloc
fclose
fflush
fgets
fopen
fprintf
fputwc
free
fwrite
getenv
isalpha
malloc
memcpy
printf
realloc
sprintf
sscanf
strcat
strchr
strcmp
strcpy
strcspn
strlen
strncmp
strncpy
strpbrk
strrchr
strspn
strstr
strtoul
tolower
toupper
vfprintf
vfwprintf
vsprintf
wcschr

ole32

CoCreateInstance
CoUninitialize
OleInitialize

Exports

Exports

DllGetVersion
_nl_expand_alias
_nl_explode_name
_nl_find_domain
_nl_find_language
_nl_find_msg
_nl_free_domain_conv
_nl_init_domain_conv
_nl_load_domain
_nl_locale_name
_nl_log_untranslated
_nl_make_l10nflist
_nl_msg_cat_cntr
_nl_normalize_codeset
bind_textdomain_codeset
bindtextdomain
dcgettext
dcngettext
dgettext
dngettext
gettext
libintl_asprintf
libintl_bind_textdomain_codeset
libintl_bindtextdomain
libintl_dcgettext
libintl_dcigettext
libintl_dcngettext
libintl_dgettext
libintl_dngettext
libintl_fprintf
libintl_fwprintf
libintl_gettext
libintl_gettext_extract_plural
libintl_gettext_free_exp
libintl_gettext_germanic_plural
libintl_gettextparse
libintl_ngettext
libintl_nl_current_default_domain
libintl_nl_default_default_domain
libintl_nl_default_dirname
libintl_nl_domain_bindings
libintl_printf
libintl_relocate
libintl_set_relocation_prefix
libintl_snprintf
libintl_sprintf
libintl_swprintf
libintl_textdomain
libintl_vasnprintf
libintl_vasnwprintf
libintl_vasprintf
libintl_vfprintf
libintl_vfwprintf
libintl_vprintf
libintl_vsnprintf
libintl_vsprintf
libintl_vswprintf
libintl_vwprintf
libintl_wprintf
locale_charset
ngettext
textdomain

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ln.exe
.exe windows x86

820807137e1ec088153160d360be4cf2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

fopen
tolower
sprintf
fgets
strncmp
putc
strerror
vfprintf
fflush
getchar
strncpy
strrchr
_ftol
abort
_strlwr
_stat
_pctype
__mb_cur_max
toupper
calloc
_mkdir
_exit
_isctype
fprintf
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
qsort
realloc
fclose
malloc
bsearch
strchr
_iob
puts
_errno
_get_osfhandle
_fstat
free
_unlink
_strdup
_getcwd
_close
_read
_open
_access
_utime
_chsize
_chmod
rename
setlocale
getenv
printf
exit
_XcptFilter
__p___initenv

kernel32

LoadLibraryA
RaiseException
InterlockedExchange
LocalAlloc
FreeLibrary
FindClose
FindFirstFileA
GetFileInformationByHandle
CreateFileA
FindNextFileA
MultiByteToWideChar
BackupWrite
GetFullPathNameA
GetCurrentProcess
GetLastError
CloseHandle
GetProcAddress

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
logname.exe
.exe windows x86

1ce4c9c10595e1152255e903f4ccbcf5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetUserNameA

msvcrt

_iob
puts
printf
exit
fprintf
strlen
strncmp
strcmp
getenv
_errno
realloc
malloc
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 632B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
m4.exe
.exe windows x86

2d02d1f16bdc8176adb6525928229be1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostname

msvcrt

fputs
qsort
atoi
_errno
printf
system
_popen
strtol
fclose
sscanf
_pclose
getc
_isctype
__mb_cur_max
strncmp
sprintf
atof
atol
fputc
fread
putc
ungetc
fwrite
tmpfile
_pctype
fopen
strncpy
strerror
vfprintf
malloc
realloc
tolower
exit
calloc
_strlwr
_stat
_get_osfhandle
_fstat
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
strchr
abort
setbuf
free
_iob
fflush
fprintf
rewind
getenv
signal
_read
_access
_mktemp
_fileno
_fcvt
_ecvt
_open
_utime
_chsize
_close
_unlink

kernel32

OpenProcess
GetCurrentProcessId
TerminateProcess
GetExitCodeProcess
GetVersion
Sleep
GetFullPathNameA
CreateFileA
CloseHandle
GetFileInformationByHandle
CreateProcessA

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
make.exe
.exe windows x86

fa2ad5b2b98996f38bc48a4197237c86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
DuplicateHandle
GetStdHandle
GetCurrentProcess
GetCurrentProcessId
CreatePipe
GetLastError
SetUnhandledExceptionFilter
FindClose
FindNextFileA
FindFirstFileA
TerminateProcess
GetCommandLineA
WaitForMultipleObjects
CreateProcessA
GetStartupInfoA
CloseHandle
ReadFile
OpenFile
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
FormatMessageA
GetModuleHandleA
GetVolumeInformationA

user32

wsprintfA

msvcrt

__p__environ
ctime
strchr
free
qsort
memmove
atol
sscanf
atoi
strncmp
strrchr
sprintf
_errno
_pctype
__mb_cur_max
_isctype
signal
printf
puts
fputs
_iob
tolower
abort
putchar
fflush
time
localtime
_open_osfhandle
remove
_XcptFilter
fprintf
getenv
exit
fclose
fputc
fopen
_fullpath
strtok
strstr
fwrite
fread
strpbrk
setvbuf
atof
__set_app_type
vfprintf
putc
strerror
malloc
realloc
fgets
strcoll
strncpy
calloc
_stricoll
_exit
_lseek
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_write
_except_handler3
_controlfp
_close
_stat
_read
_open
_fstat
_tempnam
_getpid
_unlink
_strcmpi
_putenv
_mktemp
_chdir
_strnicmp
_getcwd

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
makedepend.exe
.exe windows x86

c0d90fe327a5d4fadda305fe208d21df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__mb_cur_max
realloc
strlen
malloc
sprintf
strncpy
strcmp
exit
printf
signal
getenv
atoi
fflush
_iob
free
fputs
strncmp
fgets
freopen
rename
fclose
fopen
puts
fprintf
_pctype
_isctype
strcpy
fwrite
putc
strtol
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_stat
_close
_read
_fstat
_open
_chmod
_unlink

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1002B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
makemsg.exe
.exe windows x86

278888a31de923c4ab2756e4d7f4923f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_XcptFilter
fprintf
_iob
fclose
fgets
fputs
perror
fopen
strcmp
toupper
_ftol
strchr
strrchr
_exit
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_unlink

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
man.exe
.exe windows x86

64a71563e17a8f6e5ea309ec8af8705c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostname

msvcrt

fgets
_popen
_pclose
printf
fopen
strcat
fprintf
_iob
strncmp
_errno
strchr
exit
getchar
fflush
memcpy
malloc
realloc
strrchr
vfprintf
system
setlocale
fclose
signal
calloc
_mkdir
strncpy
_strlwr
_stat
sprintf
_fstat
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
free
strcpy
strlen
perror
strcmp
__mb_cur_max
_isctype
_pctype
getenv
atoi
toupper
_ftol
_get_osfhandle
_getcwd
_utime
_unlink
_isatty
_access
_chmod
_read
_chsize
_close
_open
_mktemp

kernel32

OpenProcess
GetCurrentProcessId
TerminateProcess
GetExitCodeProcess
GetFullPathNameA
CreateFileA
GetFileInformationByHandle
CloseHandle
FindClose
FindFirstFileA
FindNextFileA
GetVersion
Sleep
CreateProcessA

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
md5sum.exe
.exe windows x86

74dfe5058611c7bdd5067483cd452676

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

_fstat
_getcwd
_isatty
_open
_read
_close
_strdup
_cexit
_errno
_fileno
_fmode
_fpreset
_iob
_setmode
__getmainargs
_stricmp
_strnicmp
_wcsicmp
atexit
bsearch
calloc
exit
fclose
feof
ferror
fflush
fgets
fopen
fprintf
fputs
fread
free
getc
getenv
isalnum
isalpha
isdigit
isspace
__p__environ
isxdigit
malloc
memcpy
printf
putc
putchar
puts
qsort
realloc
setlocale
signal
strchr
strcmp
strerror
strncmp
tolower
vfprintf
__set_app_type

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
mkdir.exe
.exe windows x86

e9e04a0da82c7b9581fc7b961a3decfa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strerror
__mb_cur_max
fgets
fopen
tolower
strpbrk
_pctype
_isctype
fclose
realloc
strncmp
calloc
_mkdir
strncpy
putc
fflush
_get_osfhandle
_fstat
_exit
_XcptFilter
vfprintf
getenv
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
qsort
bsearch
malloc
strchr
free
_strlwr
_stat
puts
_umask
_strdup
_getcwd
_close
_read
_open
_chmod
_access
_utime
_chsize
_iob
fprintf
exit
setlocale
printf
__p___initenv
_errno
__getmainargs

kernel32

LoadLibraryA
GetLastError
InterlockedExchange
LocalAlloc
RaiseException
GetFullPathNameA
CreateFileA
CloseHandle
FindClose
GetFileInformationByHandle
FreeLibrary
GetProcAddress
FindFirstFileA
FindNextFileA

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
mkfifo.exe
.exe windows x86

4f523ec533acdde77e5fff9e8052fe30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

bsearch
getenv
_errno
qsort
_pctype
_isctype
__mb_cur_max
fclose
fgets
tolower
exit
putc
strerror
vfprintf
_iob
fprintf
fflush
fopen
free
_stat
_get_osfhandle
_fstat
setlocale
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
strchr
malloc
strncpy
_strlwr
_exit
_getcwd
_read
_close
_open
_access
_utime
_chsize

kernel32

GetFullPathNameA
CreateFileA
CloseHandle
GetFileInformationByHandle

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
mknod.exe
.exe windows x86

cb2ba1781e3920c167055c43a399876b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_iob
free
puts
strchr
getenv
bsearch
qsort
fprintf
malloc
fclose
_isctype
__mb_cur_max
fgets
fopen
tolower
strtol
strncmp
putc
strerror
_pctype
exit
strncpy
_strlwr
_stat
_errno
_fstat
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
setlocale
printf
vfprintf
fflush
_get_osfhandle
_umask
_getcwd
_read
_close
_open
_access
_utime
_chsize

kernel32

GetFullPathNameA
CreateFileA
GetFileInformationByHandle
CloseHandle

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
msec.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
msvcr100.dll
.dll windows x86

5271d5ce8b44dd47bc92563e27585466

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:b2:9b:00:00:00:00:00:15
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

21/02/2011, 20:53

Not After

21/05/2012, 20:53

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:02

Not After

25/07/2013, 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

8d:91:f0:a3:ff:41:70:8c:67:d0:ba:79:6d:52:da:88:0c:59:23:cc
Signer

Actual PE Digest

8d:91:f0:a3:ff:41:70:8c:67:d0:ba:79:6d:52:da:88:0c:59:23:cc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EncodePointer
DecodePointer
RaiseException
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetCurrentThreadId
TlsGetValue
GetCommandLineW
GetCommandLineA
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
FindNextFileA
FindFirstFileExA
FindClose
FindNextFileW
FindFirstFileExW
GetLogicalDrives
GetDiskFreeSpaceA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
Sleep
Beep
GetFileAttributesA
SetFileAttributesA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFullPathNameA
GetDriveTypeW
GetCurrentProcessId
CreateDirectoryA
MoveFileA
RemoveDirectoryA
GetDriveTypeA
DeleteFileA
GetFileAttributesW
SetEnvironmentVariableW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
DeleteFileW
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
LoadLibraryA
FreeLibrary
CreateProcessW
ReadFile
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
WideCharToMultiByte
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
InterlockedPopEntrySList
InterlockedFlushSList
QueryDepthSList
InterlockedPushEntrySList
CreateTimerQueue
CreateTimerQueueTimer
DeleteTimerQueueTimer
SetEvent
CreateEventW
SwitchToThread
SignalObjectAndWait
TryEnterCriticalSection
GetTickCount
VirtualFree
GetVersionExW
SetThreadPriority
VirtualAlloc
GetSystemInfo
GetProcessAffinityMask
VirtualProtect
SetThreadAffinityMask
InitializeSListHead
ReleaseSemaphore
CreateSemaphoreW
WaitForMultipleObjects
GetThreadPriority
LoadLibraryW
SleepEx
OutputDebugStringW
FreeLibraryAndExitThread
GetModuleHandleA
GetThreadTimes
DebugBreak
MultiByteToWideChar
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
GetTimeFormatW
GetDateFormatW
RtlUnwind
HeapAlloc
HeapFree
HeapCreate
HeapDestroy
HeapQueryInformation
HeapReAlloc
HeapSize
HeapValidate
HeapCompact
HeapWalk
VirtualQuery
SetHandleCount
GetFileType
GetStartupInfoW
GetFileInformationByHandle
PeekNamedPipe
CreateFileA
CreateFileW
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CreatePipe
SetStdHandle
ReadConsoleInputA
SetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
WriteConsoleW
ReadConsoleW
SetEndOfFile
GetProcessHeap
InterlockedExchange
LockFile
UnlockFile
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
SetConsoleCtrlHandler
GetLocaleInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
LCMapStringW
CompareStringW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsProcessorFeaturePresent

Exports

Exports

$I10_OUTPUT
??0?$_SpinWait@$00@details@Concurrency@@QAE@P6AXXZ@Z
??0?$_SpinWait@$0A@@details@Concurrency@@QAE@P6AXXZ@Z
??0SchedulerPolicy@Concurrency@@QAA@IZZ
??0SchedulerPolicy@Concurrency@@QAE@ABV01@@Z
??0SchedulerPolicy@Concurrency@@QAE@XZ
??0_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_ReaderWriterLock@details@Concurrency@@QAE@XZ
??0_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_ReentrantLock@details@Concurrency@@QAE@XZ
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
??0_TaskCollection@details@Concurrency@@QAE@XZ
??0_Timer@details@Concurrency@@IAE@I_N@Z
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0__non_rtti_object@std@@QAE@PBD@Z
??0bad_cast@std@@AAE@PBQBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@XZ
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@XZ
??0context_unblock_unbalanced@Concurrency@@QAE@PBD@Z
??0context_unblock_unbalanced@Concurrency@@QAE@XZ
??0critical_section@Concurrency@@QAE@XZ
??0default_scheduler_exists@Concurrency@@QAE@PBD@Z
??0default_scheduler_exists@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??0improper_lock@Concurrency@@QAE@PBD@Z
??0improper_lock@Concurrency@@QAE@XZ
??0improper_scheduler_attach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_attach@Concurrency@@QAE@XZ
??0improper_scheduler_detach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_detach@Concurrency@@QAE@XZ
??0improper_scheduler_reference@Concurrency@@QAE@PBD@Z
??0improper_scheduler_reference@Concurrency@@QAE@XZ
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0invalid_link_target@Concurrency@@QAE@XZ
??0invalid_multiple_scheduling@Concurrency@@QAE@PBD@Z
??0invalid_multiple_scheduling@Concurrency@@QAE@XZ
??0invalid_operation@Concurrency@@QAE@PBD@Z
??0invalid_operation@Concurrency@@QAE@XZ
??0invalid_oversubscribe_operation@Concurrency@@QAE@PBD@Z
??0invalid_oversubscribe_operation@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_key@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_key@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_value@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_value@Concurrency@@QAE@XZ
??0message_not_found@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
??0missing_wait@Concurrency@@QAE@PBD@Z
??0missing_wait@Concurrency@@QAE@XZ
??0nested_scheduler_missing_detach@Concurrency@@QAE@PBD@Z
??0nested_scheduler_missing_detach@Concurrency@@QAE@XZ
??0operation_timed_out@Concurrency@@QAE@PBD@Z
??0operation_timed_out@Concurrency@@QAE@XZ
??0reader_writer_lock@Concurrency@@QAE@XZ
??0scheduler_not_attached@Concurrency@@QAE@PBD@Z
??0scheduler_not_attached@Concurrency@@QAE@XZ
??0scheduler_resource_allocation_error@Concurrency@@QAE@J@Z
??0scheduler_resource_allocation_error@Concurrency@@QAE@PBDJ@Z
??0scoped_lock@critical_section@Concurrency@@QAE@AAV12@@Z
??0scoped_lock@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0scoped_lock_read@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0task_canceled@details@Concurrency@@QAE@PBD@Z
??0task_canceled@details@Concurrency@@QAE@XZ
??0unsupported_os@Concurrency@@QAE@PBD@Z
??0unsupported_os@Concurrency@@QAE@XZ
??1SchedulerPolicy@Concurrency@@QAE@XZ
??1_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??1_TaskCollection@details@Concurrency@@QAE@XZ
??1_Timer@details@Concurrency@@IAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1critical_section@Concurrency@@QAE@XZ
??1event@Concurrency@@QAE@XZ
??1exception@std@@UAE@XZ
??1reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock@critical_section@Concurrency@@QAE@XZ
??1scoped_lock@reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock_read@reader_writer_lock@Concurrency@@QAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4?$_SpinWait@$00@details@Concurrency@@QAEAAV012@ABV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QAEAAV012@ABV012@@Z
??4SchedulerPolicy@Concurrency@@QAEAAV01@ABV01@@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@@6B@
??_7exception@std@@6B@
??_F?$_SpinWait@$00@details@Concurrency@@QAEXXZ
??_F?$_SpinWait@$0A@@details@Concurrency@@QAEXXZ
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
?Alloc@Concurrency@@YAPAXI@Z
?Block@Context@Concurrency@@SAXXZ
?Create@CurrentScheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?Create@Scheduler@Concurrency@@SAPAV12@ABVSchedulerPolicy@2@@Z
?CreateResourceManager@Concurrency@@YAPAUIResourceManager@1@XZ
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@XZ
?CurrentContext@Context@Concurrency@@SAPAV12@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?DisableTracing@Concurrency@@YAJXZ
?EnableTracing@Concurrency@@YAJXZ
?Free@Concurrency@@YAXPAX@Z
?Get@CurrentScheduler@Concurrency@@SAPAVScheduler@2@XZ
?GetExecutionContextId@Concurrency@@YAIXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ
?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ
?GetPolicyValue@SchedulerPolicy@Concurrency@@QBEIW4PolicyElementKey@2@@Z
?GetProcessorCount@Concurrency@@YAIXZ
?GetProcessorNodeCount@Concurrency@@YAIXZ
?GetSchedulerId@Concurrency@@YAIXZ
?GetSharedTimerQueue@details@Concurrency@@YAPAXXZ
?Id@Context@Concurrency@@SAIXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?Log2@details@Concurrency@@YAKI@Z
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPAX@Z
?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ
?ScheduleGroupId@Context@Concurrency@@SAIXZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QAEXII@Z
?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?SetPolicyValue@SchedulerPolicy@Concurrency@@QAEIW4PolicyElementKey@2@I@Z
?VirtualProcessorId@Context@Concurrency@@SAIXZ
?Yield@Context@Concurrency@@SAXXZ
?_Abort@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Cancel@_StructuredTaskCollection@details@Concurrency@@QAEXXZ
?_Cancel@_TaskCollection@details@Concurrency@@QAEXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IAEXXZ
?_ConcRT_Assert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_CoreAssert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_DumpMessage@details@Concurrency@@YAXPB_WZZ
?_ConcRT_Trace@details@Concurrency@@YAXHPB_WZZ
?_Copy_str@exception@std@@AAEXPBD@Z
?_DoYield@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QAE_NXZ
?_IsCanceling@_TaskCollection@details@Concurrency@@QAE_NXZ
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IAEKXZ
?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IAEKXZ
?_Release@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_NonReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantPPLLock@details@Concurrency@@QAEXXZ
?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Reset@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QAEXI@Z
?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QAEXI@Z
?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IAE_NXZ
?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IAE_NXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QAE_NXZ
?_SpinYield@Context@Concurrency@@SAXXZ
?_Start@_Timer@details@Concurrency@@IAEXXZ
?_Stop@_Timer@details@Concurrency@@IAEXXZ
?_Tidy@exception@std@@AAEXXZ
?_Trace_ppl_function@Concurrency@@YAXABU_GUID@@EW4ConcRT_EventType@1@@Z
?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantLock@details@Concurrency@@QAE_NXZ
?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QAE_NXZ
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_Value@_SpinCount@details@Concurrency@@SAIXZ
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrCompare@@YA_NPBX0@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrCopyException@@YAXPAXPBX1@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBEHABV1@@Z
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QBEJXZ
?lock@critical_section@Concurrency@@QAEXXZ
?lock@reader_writer_lock@Concurrency@@QAEXXZ
?lock_read@reader_writer_lock@Concurrency@@QAEXXZ
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?native_handle@critical_section@Concurrency@@QAEAAV12@XZ
?raw_name@type_info@@QBEPBDXZ
?reset@event@Concurrency@@QAEXXZ
?set@event@Concurrency@@QAEXXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?try_lock@critical_section@Concurrency@@QAE_NXZ
?try_lock@reader_writer_lock@Concurrency@@QAE_NXZ
?try_lock_read@reader_writer_lock@Concurrency@@QAE_NXZ
?unexpected@@YAXXZ
?unlock@critical_section@Concurrency@@QAEXXZ
?unlock@reader_writer_lock@Concurrency@@QAEXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?wait@Concurrency@@YAXI@Z
?wait@event@Concurrency@@QAEII@Z
?wait_for_multiple@event@Concurrency@@SAIPAPAV12@I_NI@Z
?what@exception@std@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_Strftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxCallUnwindDelDtor
__CxxCallUnwindDtor
__CxxCallUnwindStdDelDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___fls_getvalue@4
___fls_setvalue@8
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringW
__crtLCMapStringA
__crtLCMapStringW
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__set_flsgetvalue
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abnormal_termination
_abs64
_access
_access_s
_acmdln
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_amsg_exit
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_calloc_crt
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_chsize_s
_clearfp
_close
_commit
_commode
_configthreadlocale
_control87
_controlfp
_controlfp_s
_copysign
_cprintf
_cprintf_l
_cprintf_p

Sections

.text
Size: 709KB - Virtual size: 708KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
nc.exe
.exe windows x86

b255786832d9ad08fc793fc3fa89494e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
ExitProcess
FindAtomA
FreeConsole
GetAtomNameA
GetStdHandle
SetUnhandledExceptionFilter

msvcrt

_close
_dup
_kbhit
_open
_read
_strcmpi
_write
__getmainargs
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_errno
_iob
_isatty
_onexit
_setjmp
_setmode
_sleep
abort
atexit
atoi
exit
fflush
fprintf
free
getenv
gets
longjmp
malloc
memcmp
memcpy
memset
rand
signal
sprintf
srand
strcat
strchr
strcmp
strcpy
strlen
strncmp
strncpy
time

ws2_32

WSACleanup
WSAGetLastError
WSASetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
gethostbyaddr
gethostbyname
getservbyname
getservbyport
getsockname
htons
inet_addr
inet_ntoa
listen
ntohs
recv
recvfrom
select
send
setsockopt
shutdown
socket

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 528B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
nl.exe
.exe windows x86

9e5aa7e322659dce0f921446e36c2195

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

_fstat
_getcwd
_open
_read
_close
_strdup
_assert
_cexit
_errno
_fileno
_fmode
_fpreset
_iob
_setmode
__getmainargs
_stricmp
_strnicmp
_wcsicmp
abort
atexit
bsearch
calloc
clearerr
exit
fclose
feof
ferror
fflush
fgets
fopen
fprintf
fputs
free
fwrite
getc
getenv
isalnum
isalpha
iscntrl
isdigit
islower
isprint
ispunct
isspace
isupper
__p__environ
isxdigit
malloc
memcpy
memset
printf
putc
putchar
puts
qsort
realloc
setlocale
signal
sprintf
strcat
strchr
strcmp
strcpy
strerror
strncmp
strtol
tolower
vfprintf
__set_app_type

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
pathchk.exe
.exe windows x86

d26743fc4eaa068bc362ae326e0f27ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_iob
fprintf
strncmp
strcmp
getenv
_errno
strlen
putc
_sys_errlist
_sys_nerr
strcpy
malloc
realloc
strncpy
_strlwr
fflush
printf
_fstat
_exit
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
strchr
free
_stat
_get_osfhandle
_XcptFilter
_access
_utime
_chsize
_close
_open

kernel32

GetFullPathNameA
CreateFileA
GetFileInformationByHandle
CloseHandle

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
pclip.exe
.exe windows x86

0cfa302adbb1b76ea6709c750e0f6893

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CloseClipboard
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData

msvcrt

exit
fprintf
getc
strstr
_strlwr
printf
_setmode
_iob
fputs
strncmp
getenv
_exit
_XcptFilter
_except_handler3
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

kernel32

GlobalAlloc
GlobalLock
GlobalUnlock
GlobalReAlloc

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 902B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
pcre3.dll
.dll windows x86

f867eaba1f47d94594c5bf1041b8c10b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
FindAtomA
GetAtomNameA

msvcrt

__dllonexit
__mb_cur_max
_assert
_errno
_isctype
_pctype
abort
fflush
free
malloc
memcpy
memmove
memset
sprintf
strchr
strcmp
strncmp
strncpy
tolower
toupper

Exports

Exports

DllGetVersion
pcre_callout
pcre_compile
pcre_compile2
pcre_config
pcre_copy_named_substring
pcre_copy_substring
pcre_dfa_exec
pcre_exec
pcre_free
pcre_free_substring
pcre_free_substring_list
pcre_fullinfo
pcre_get_named_substring
pcre_get_stringnumber
pcre_get_stringtable_entries
pcre_get_substring
pcre_get_substring_list
pcre_info
pcre_maketables
pcre_malloc
pcre_refcount
pcre_stack_free
pcre_stack_malloc
pcre_study
pcre_version
regcomp
regerror
regexec
regfree

Sections

.text
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 224B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 817B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
printenv.exe
.exe windows x86

b4182e72451aee8c63a4522a2c84a5dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

getenv
fclose
_iob
puts
__p__environ
exit
printf
fprintf
putc
fflush
_sys_errlist
_sys_nerr
strlen
strncmp
strcmp
_errno
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 650B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
printf.exe
.exe windows x86

4fafe2401579c4fd86574d903e25bf67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strncmp
fprintf
_iob
printf
_pctype
_isctype
__mb_cur_max
putchar
free
strncpy
_errno
strtod
putc
fflush
_sys_errlist
_sys_nerr
malloc
realloc
toupper
strlen
exit
strcmp
getenv
_ftol
strchr
strrchr
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 830B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
pulist.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
putty.exe
.exe windows x86

ed9602e4b1a256df2de8d5aa3247eac5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyA
RegCloseKey
RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA

comctl32

ord14
ord15
ord17
ord13

comdlg32

ChooseFontA
ChooseColorA
GetSaveFileNameA
GetOpenFileNameA

gdi32

SetBkMode
SetTextAlign
CreatePalette
DeleteDC
GetTextExtentPoint32A
CreateCompatibleDC
CreateFontIndirectA
DeleteObject
TextOutA
SetBkColor
SetTextColor
Rectangle
CreateSolidBrush
GetStockObject
SelectObject
GetTextExtentExPointA
SetMapMode
GetDeviceCaps
SetPaletteEntries
CreateBitmap
RealizePalette
SelectPalette
UnrealizeObject
GetPixel
ExtTextOutA
CreatePen
LineTo
CreateCompatibleBitmap
TranslateCharsetInfo
GetTextMetricsA
CreateFontA
UpdateColors
ExcludeClipRect
IntersectClipRect
Polyline
MoveToEx
ExtTextOutW
SetPixel
GetCharWidthA
GetCharWidthW
GetCharWidth32W
GetCharWidth32A

imm32

ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext
ImmSetCompositionFontA
ImmGetCompositionStringW

shell32

ShellExecuteA

user32

LoadIconA
SetScrollInfo
CreateCaret
LoadCursorA
DeleteMenu
InsertMenuA
SetCursor
PostQuitMessage
IsZoomed
GetKeyboardState
TrackPopupMenu
PostMessageA
EnableMenuItem
GetSystemMenu
DestroyCaret
GetMessageTime
ShowCursor
SetCaretPos
ToAsciiEx
SetKeyboardState
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
RegisterClipboardFormatA
GetClipboardData
FlashWindow
CheckMenuItem
DefDlgProcA
CreatePopupMenu
AppendMenuA
CreateMenu
GetMenuItemCount
GetKeyboardLayout
SetForegroundWindow
UpdateWindow
GetMessageA
SetTimer
KillTimer
IsWindow
DispatchMessageA
PeekMessageA
HideCaret
ShowCaret
WaitMessage
IsIconic
GetParent
GetWindowLongA
ReleaseCapture
GetDoubleClickTime
GetDesktopWindow
MoveWindow
CreateDialogParamA
EndDialog
EnableWindow
DialogBoxParamA
SetActiveWindow
GetWindowPlacement
SetWindowPlacement
MessageBoxA
SetFocus
GetDlgItem
CheckDlgButton
CheckRadioButton
WinHelpA
RegisterWindowMessageA
DrawEdge
GetDlgItemTextA
SetDlgItemTextA
SetCapture
IsDlgButtonChecked
SendDlgItemMessageA
SetWindowLongA
MessageBeep
GetDC
ReleaseDC
MapDialogRect
GetCaretBlinkTime
DestroyWindow
BeginPaint
GetClientRect
GetWindowTextLengthA
GetWindowTextA
EndPaint
SetWindowPos
InvalidateRect
DefWindowProcA
RegisterClassA
GetSysColor
SystemParametersInfoA
GetWindowRect
CreateWindowExA
ShowWindow
SetWindowTextA
SendMessageA
FindWindowA
GetForegroundWindow
GetCapture
GetClipboardOwner
GetQueueStatus
GetCursorPos
TranslateMessage
GetSystemMetrics
IsDialogMessageA

winmm

PlaySoundA

winspool.drv

OpenPrinterA
WritePrinter
EndPagePrinter
StartDocPrinterA
EndDocPrinter
ClosePrinter
StartPagePrinter
EnumPrintersA

kernel32

SetEndOfFile
SetEnvironmentVariableA
CompareStringA
CompareStringW
HeapCreate
IsDBCSLeadByteEx
LCMapStringA
GetFileType
GetStdHandle
SetHandleCount
FlushFileBuffers
GetStringTypeW
GetStringTypeA
GetVersion
GetCommandLineA
GetStartupInfoA
DeleteFileA
GetLastError
TerminateProcess
ExitProcess
HeapFree
HeapReAlloc
HeapAlloc
GetLocalTime
GetTimeZoneInformation
WriteFile
GetEnvironmentVariableA
CreateFileA
ReadFile
FreeLibrary
LoadLibraryA
GetVersionExA
Beep
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
CreateProcessA
GetLocaleInfoA
GetModuleFileNameA
lstrcpyA
MulDiv
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
GetCPInfo
GetOEMCP
GetACP
GetCurrentThreadId
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CloseHandle
GetTickCount
QueryPerformanceCounter
GlobalMemoryStatus
GetCurrentThread
GetThreadTimes
GetCurrentProcess
GetProcessTimes
HeapDestroy
GetSystemTime
GetSystemTimeAdjustment
GetWindowsDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetModuleHandleA
GetProcAddress
FreeEnvironmentStringsW
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
SetFilePointer
SetStdHandle

Sections

.text
Size: 268KB - Virtual size: 266KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
rearj.exe
regex2.dll
.dll windows x86

034666ac012e8ddbed7c20dac60b4b4f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
FindAtomA
GetAtomNameA

msvcrt

__dllonexit
__mb_cur_max
_assert
_errno
_isctype
_pctype
_stricmp
abort
calloc
fflush
free
getenv
malloc
memcpy
memmove
memset
realloc
strchr
tolower
toupper

Exports

Exports

DllGetVersion
re_comp
re_compile_fastmap
re_compile_pattern
re_exec
re_match
re_match_2
re_search
re_search_2
re_set_registers
re_set_syntax
re_syntax_options
regcomp
regerror
regexec
regfree

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 256B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 403B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ren-it.exe
renit.exe
rman.exe
.exe windows x86

e58c8410818c56356476dc6d0ee6d03f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ExitProcess
TerminateProcess
GetCurrentProcess
HeapFree
HeapReAlloc
GetModuleFileNameA
GetCommandLineA
GetVersion
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetLastError
SetFilePointer
WriteFile
GetProcAddress
GetModuleHandleA
ReadFile
HeapAlloc
FindNextFileA
FindFirstFileA
FindClose
GetCPInfo
GetACP
GetOEMCP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
FlushFileBuffers
SetStdHandle
CreateFileA
LoadLibraryA
SetEndOfFile
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
GetFullPathNameA
GetCurrentDirectoryA
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 550KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
rmdir.exe
.exe windows x86

fdce6b880a2a177d8422ae652f91c664

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

vfprintf
exit
printf
setlocale
strrchr
puts
fprintf
_iob
malloc
free
strchr
getenv
bsearch
qsort
fclose
realloc
_pctype
_isctype
__mb_cur_max
fgets
fopen
tolower
putc
strerror
_errno
fflush
strncmp
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_rmdir
_strdup
_getcwd
_close
_read
_fstat
_open

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
sdiff.exe
.exe windows x86

99c51213ad294ea91fc86046461ebca2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

_dup2
_fdopen
_close
_spawnvp
_stat
_unlink
_cexit
_cwait
_errno
_fileno
_fmode
_fpreset
_iob
_pipe
_setmode
__getmainargs
atexit
atoi
exit
fclose
feof
ferror
fflush
fopen
fprintf
fread
fwrite
getchar
getenv
isspace
__p__environ
malloc
memchr
memcpy
perror
printf
putchar
puts
realloc
signal
strchr
strncmp
strrchr
tmpnam
__set_app_type

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 352B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
sendmail.exe
.exe windows x86

bd3f74031054a98a68f16461ea3395d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

SetFileAttributesW
GetFileTime
GetFileType
GetACP
CloseHandle
LocalFree
GetCurrentProcessId
SizeofResource
Beep
VirtualProtect
ReadProcessMemory
OpenFileMappingW
lstrcmpiW
TerminateThread
QueryPerformanceFrequency
IsDebuggerPresent
FindNextFileW
FlushInstructionCache
GetFullPathNameW
GetThreadContext
VirtualFree
HeapAlloc
ExitProcess
GetFileAttributesA
GetCurrentDirectoryA
GetCPInfoExW
GetSystemTime
RtlUnwind
SetUnhandledExceptionFilter
GetCPInfo
GetCommandLineA
GetTempPathA
EnumSystemLocalesW
GetStdHandle
GetTimeZoneInformation
FileTimeToLocalFileTime
GetVersionExA
GetModuleHandleW
FreeLibrary
TryEnterCriticalSection
HeapDestroy
GetWindowsDirectoryA
FileTimeToDosDateTime
ReadFile
GetDiskFreeSpaceA
FindFirstFileA
CreateProcessW
HeapSize
GetLastError
GetModuleFileNameW
SetLastError
GlobalAlloc
GlobalUnlock
FindResourceW
CreateThread
CompareStringW
CopyFileW
lstrcmpA
MapViewOfFile
CreateMutexW
LoadLibraryA
ResetEvent
CreateFileA
GetLocaleInfoA
FreeResource
GetVersion
DeleteFileA
RaiseException
MoveFileW
FormatMessageW
OpenProcess
SwitchToThread
GetExitCodeThread
GetCurrentThread
CreateFileMappingA
IsBadReadPtr
SetNamedPipeHandleState
ExpandEnvironmentStringsW
GetComputerNameA
CreateDirectoryA
LoadLibraryExW
TerminateProcess
LockResource
FileTimeToSystemTime
GetCurrentThreadId
RemoveDirectoryA
UnhandledExceptionFilter
VirtualQuery
CreateEventA
GlobalFree
VirtualQueryEx
Sleep
SetFileAttributesA
EnterCriticalSection
SetFilePointer
ReleaseMutex
LoadResource
SuspendThread
GetTickCount
WritePrivateProfileStringW
OpenFileMappingA
FindNextFileA
GetTempFileNameW
GetFileSize
GetStartupInfoW
GetFileAttributesW
LocalSize
GetCurrentDirectoryW
InitializeCriticalSection
GetThreadPriority
GetCurrentProcess
GlobalLock
SetThreadPriority
VirtualAlloc
GetTempPathW
GetCommandLineW
GetSystemInfo
DuplicateHandle
LeaveCriticalSection
GetProcAddress
ResumeThread
GetVersionExW
GetModuleHandleA
VerifyVersionInfoW
HeapCreate
GetDiskFreeSpaceW
VerSetConditionMask
FindFirstFileW
GetUserDefaultUILanguage
CreateProcessA
GetConsoleOutputCP
UnmapViewOfFile
GetConsoleCP
GetModuleFileNameA
FindResourceA
lstrlenW
SetEndOfFile
QueryPerformanceCounter
CopyFileA
HeapFree
WideCharToMultiByte
FindClose
MultiByteToWideChar
CreateMutexA
LoadLibraryW
SetEvent
GetLocaleInfoW
CreateFileW
SystemTimeToFileTime
DeleteFileW
IsDBCSLeadByteEx
FormatMessageA
GetEnvironmentVariableW
GetLocalTime
WaitForSingleObject
WriteFile
CreateFileMappingW
ExitThread
CreatePipe
DeleteCriticalSection
GetDateFormatW
TlsGetValue
SetErrorMode
ExpandEnvironmentStringsA
GetComputerNameW
IsValidLocale
TlsSetValue
CreateDirectoryW
LoadLibraryExA
GetSystemDefaultUILanguage
EnumCalendarInfoW
LocalAlloc
RemoveDirectoryW
GlobalMemoryStatus
CreateEventW
GetPrivateProfileStringW
GetThreadLocale
SetThreadLocale

comdlg32

GetSaveFileNameW
GetSaveFileNameA
PrintDlgW

comctl32

ImageList_Create
InitCommonControls
ImageList_Destroy

wsock32

htons
setsockopt
select
WSAStartup
WSACleanup
gethostbyname
bind
closesocket
socket
recv
ioctlsocket
WSAGetLastError
connect
inet_addr
recvfrom
sendto
send

shell32

SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteW
ShellExecuteA
SHGetPathFromIDListA
ShellExecuteExA

version

GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerQueryValueW
VerQueryValueA
GetFileVersionInfoW
GetFileVersionInfoA

user32

CreateWindowExW
GetMessageW
DrawTextA
PeekMessageW
MessageBoxA
SetTimer
WindowFromPoint
BeginPaint
FrameRect
OffsetRect
IsWindowUnicode
RegisterWindowMessageW
FillRect
DispatchMessageW
UnregisterClassA
SendMessageA
EnumWindows
GetSystemMenu
SetActiveWindow
InflateRect
DrawFocusRect
SendMessageTimeoutA
ReleaseCapture
LoadCursorW
SetCapture
GetCapture
CharLowerBuffW
CallWindowProcA
GetSystemMetrics
PostMessageW
SetWindowLongW
SetWindowTextA
CharUpperBuffW
GetClientRect
GetClassNameA
LoadImageA
SetClipboardData
IsIconic
ShowWindow
CharUpperW
DefWindowProcW
SetForegroundWindow
GetWindowTextW
PostThreadMessageA
EnableWindow
IsDialogMessageW
DestroyWindow
RegisterClassW
CharNextW
GetWindowThreadProcessId
GetFocus
GetDC
SetFocus
ReleaseDC
EndPaint
FindWindowA
CreateWindowExA
GetMessageA
DrawTextW
PeekMessageA
MessageBeep
MessageBoxW
AttachThreadInput
MsgWaitForMultipleObjects
IsWindowVisible
EmptyClipboard
SendMessageW
IsWindow
InvalidateRect
ScreenToClient
DrawFrameControl
BringWindowToTop
SetCursor
LoadStringW
SetWindowPos
RemoveMenu
GetSysColorBrush
GetWindowDC
OpenClipboard
TranslateMessage
CallWindowProcW
CloseClipboard
PostMessageA
SetWindowTextW
GetSysColor
PostQuitMessage
DrawIconEx
LoadImageW
GetIconInfo
GetCursorPos
SetRect
GetKeyState
SystemParametersInfoW
GetWindow
GetCursor
GetWindowLongW
GetWindowRect
DefWindowProcA
GetWindowTextA
KillTimer
PostThreadMessageW
IsWindowEnabled
RegisterClassA
GetWindowPlacement

oleaut32

SysAllocStringLen
SafeArrayPtrOfIndex
VariantCopy
SafeArrayGetLBound
SafeArrayGetUBound
VariantInit
VariantClear
SysFreeString
SysReAllocStringLen
VariantChangeType
SafeArrayCreate

netapi32

NetWkstaGetInfo
NetApiBufferFree

advapi32

RegSetValueExW
RegSetValueExA
RegConnectRegistryW
GetUserNameW
GetUserNameA
RegQueryInfoKeyW
RegUnLoadKeyW
RegSaveKeyW
RegReplaceKeyW
GetTokenInformation
RegCreateKeyExA
RegCreateKeyExW
SetSecurityDescriptorDacl
RegLoadKeyW
RegEnumKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegOpenKeyExA
OpenProcessToken
AllocateAndInitializeSid
FreeSid
RegDeleteValueA
RegDeleteValueW
RegFlushKey
RegQueryValueExA
RegQueryValueExW
RegEnumValueW
InitializeSecurityDescriptor
RegCloseKey
RegRestoreKeyW

gdi32

CreateRectRgnIndirect
SetBkMode
TextOutW
TextOutA
GetTextExtentPoint32A
GetTextExtentPoint32W
StartDocW
StartDocA
CombineRgn
CreateDIBSection
SetMapMode
EndPage
LineTo
GetRgnBox
SetTextColor
DeleteObject
SelectObject
SetBkColor
CreateCompatibleDC
CreateFontW
CreateFontA
EndDoc
GetObjectW
SelectClipRgn
GetTextMetricsW
CreateDCW
CreatePen
GetStockObject
CreateSolidBrush
GetTextFaceA
GdiFlush
MoveToEx
DeleteDC
BitBlt
StartPage
GetDeviceCaps

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
madTraceProcess

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 30KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 1024B - Virtual size: 614B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
seq.exe
.exe windows x86

7c3b674ae6c775f860b4b1bd22ba5909

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
SetUnhandledExceptionFilter
ExitProcess

msvcrt40

_fstat
_getcwd
_open
_read
_close
_cexit
_errno
_fileno
_fmode
_fpreset
_iob
__getmainargs
_setmode
_stricmp
_strnicmp
_wcsicmp
atexit
bsearch
exit
fclose
feof
fflush
fgets
fopen
fprintf
fputs
free
getenv
isalnum
isalpha
isdigit
isspace
malloc
memcpy
printf
putc
puts
qsort
setlocale
sprintf
strchr
strcmp
strerror
strncmp
strspn
strtod
tolower
vfprintf

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 768B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
shar.exe
.exe windows x86

3f9acd4ce712bbb356bac500377464a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostname

msvcrt

strftime
localtime
time
sprintf
strncmp
strchr
fscanf
fseek
fputc
_pctype
_pclose
__mb_cur_max
_popen
_isctype
getc
fclose
putc
getenv
malloc
realloc
strerror
vfprintf
fflush
free
_mkdir
strncpy
_strlwr
_stat
_get_osfhandle
_iob
_dup
_pipe
signal
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_setmode
atoi
fopen
_errno
printf
exit
fgets
fputs
ftell
fprintf
calloc
strrchr
_fstat
_utime
_chsize
_access
_fdopen
_getcwd
_chmod
_read
_close
_open
_unlink
_mktemp

kernel32

CreateProcessA
GetCurrentProcessId
OpenProcess
TerminateProcess
Sleep
GetExitCodeProcess
GetFullPathNameA
CreateFileA
GetFileInformationByHandle
CloseHandle
FindClose
FindFirstFileA
FindNextFileA
GetVersion

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
sort.exe
.exe windows x86

8805c776cd4373ec750aa5b27a93952f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

libintl3

libintl_bindtextdomain
libintl_gettext
libintl_textdomain

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

AreFileApisANSI
CloseHandle
CreateDirectoryA
CreateFileA
DeleteFileA
DeviceIoControl
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCurrentDirectoryA
GetDiskFreeSpaceA
GetDriveTypeA
GetFileAttributesA
GetFileInformationByHandle
GetFileSize
GetFileType
GetFullPathNameA
GetLastError
GetLogicalDriveStringsA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetShortPathNameA
GetSystemInfo
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetVersion
GetVersionExA
GetVolumeInformationA
GlobalMemoryStatus
HeapAlloc
HeapFree
LoadLibraryA
LockFile
MultiByteToWideChar
PeekNamedPipe
SetErrorMode
SetUnhandledExceptionFilter
UnlockFile
lstrcmpiA
lstrcpyA

msvcrt

_chmod
_close
_dup
_fdopen
_getpid
_strdup
_stricmp
__getmainargs
__mb_cur_max
__p__environ
__p__fmode
__pioinfo
__set_app_type
_assert
_cexit
_chmod
_close
_errno
_fdopen
_filelengthi64
_flsbuf
_get_osfhandle
_iob
_isctype
_lseeki64
_onexit
_open
_pctype
_setmode
_stricmp
abort
atexit
calloc
clearerr
ctime
exit
fclose
fflush
fopen
fprintf
fputs
fread
free
fwrite
getenv
isalpha
iswctype
localeconv
malloc
memchr
memcpy
memmove
memset
printf
raise
realloc
setlocale
signal
sprintf
sscanf
strcat
strchr
strcmp
strcoll
strcpy
strerror
strlen
strncmp
strncpy
strpbrk
strrchr
strspn
strstr
strtod
strtol
toupper
vfprintf

msvcp60

mbrtowc

ole32

CoCreateInstance
CoUninitialize
OleInitialize

Sections

.text
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ssft.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ssleay32.dll
.dll windows x86

2b319a838751e6765694bcafaad52919

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libeay32

ord2894
ord2927
ord2784
ord256
ord168
ord2747
ord961
ord167
ord169
ord3844
ord3837
ord3896
ord2201
ord904
ord176
ord282
ord572
ord3165
ord3489
ord1071
ord2925
ord268
ord316
ord363
ord2712
ord4164
ord493
ord4262
ord3719
ord216
ord333
ord4125
ord4470
ord1010
ord4046
ord3682
ord2877
ord3711
ord129
ord124
ord1000
ord125
ord150
ord205
ord486
ord484
ord577
ord763
ord907
ord87
ord3450
ord2107
ord2063
ord283
ord3418
ord481
ord323
ord2915
ord3836
ord3873
ord1096
ord1097
ord3244
ord3874
ord3816
ord3888
ord109
ord2589
ord78
ord95
ord3891
ord89
ord1145
ord1144
ord3906
ord1081
ord2292
ord3823
ord3846
ord187
ord3857
ord267
ord3675
ord3737
ord3633
ord3631
ord3664
ord3479
ord1011
ord341
ord1012
ord503
ord359
ord365
ord4684
ord3192
ord3388
ord3528
ord2568
ord3312
ord3922
ord2898
ord264
ord266
ord3067
ord3313
ord3314
ord4210
ord3566
ord4188
ord3332
ord4701
ord653
ord4692
ord3925
ord541
ord2702
ord3124
ord4372
ord4144
ord4174
ord2400
ord3782
ord1202
ord193
ord3866
ord3704
ord3758
ord3767
ord3647
ord3766
ord3365
ord4114
ord3460
ord3783
ord3454
ord3754
ord3394
ord897
ord3414
ord3495
ord3610
ord67
ord65
ord3315
ord98
ord3826
ord3559
ord3399
ord636
ord2257
ord914
ord2478
ord626
ord890
ord1004
ord3527
ord4513
ord364
ord2051
ord206
ord497
ord85
ord58
ord630
ord628
ord1041
ord1007
ord1005
ord4331
ord1027
ord3437
ord629
ord892
ord74
ord248
ord3378
ord1655
ord575
ord1025
ord246
ord1100
ord4693
ord2135
ord622
ord679
ord2524
ord3505
ord3595
ord1023
ord2451
ord623
ord657
ord401
ord93
ord911
ord3396
ord3657
ord857
ord908
ord680
ord1016
ord2204
ord3205
ord624
ord128
ord4045
ord2475
ord368
ord367
ord370
ord369
ord887
ord889
ord891
ord4320
ord4383
ord315
ord1671
ord1147
ord189
ord314
ord956
ord280
ord2181
ord399
ord748
ord279
ord400
ord751
ord750
ord394
ord774
ord1959
ord37
ord35
ord824
ord822
ord8
ord1091
ord3700
ord3623
ord718
ord7
ord716
ord703
ord2426
ord86
ord88
ord3724
ord313
ord1101
ord293
ord3914
ord3807
ord3795
ord4740
ord4731
ord4656
ord4637
ord4615
ord4601
ord2996
ord3155
ord959
ord325
ord329
ord318
ord304
ord292
ord299
ord395
ord955
ord2252
ord91
ord247
ord225
ord4578
ord4572
ord4576
ord4570
ord4573
ord4582
ord4575
ord4577
ord4584
ord4580
ord4581
ord2572
ord3899
ord276
ord274
ord964
ord965
ord2411
ord754
ord910
ord641
ord912
ord909
ord635
ord52
ord290
ord498
ord219
ord3666
ord4474
ord4369
ord66
ord464
ord490
ord3245
ord654
ord967
ord2128
ord281
ord118
ord201
ord123
ord202
ord3663
ord3512
ord3459
ord2924
ord3010
ord2578
ord3644
ord2929
ord3422
ord3513
ord170
ord165
ord4119
ord4245
ord4488
ord222
ord32
ord1070
ord4233
ord4430
ord866
ord2630
ord2760
ord4540
ord203
ord3353
ord3729
ord3480
ord3608
ord3550
ord3575
ord3570
ord3695
ord3178
ord188
ord111
ord110
ord151
ord285
ord3239
ord120
ord181
ord3883
ord3109
ord269
ord2936
ord495
ord2821
ord289
ord252
ord1654
ord1653
ord905
ord53
ord903

kernel32

CreateFileA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CloseHandle
HeapSize
SetFilePointer
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
LoadLibraryA
VirtualAlloc
HeapReAlloc
HeapAlloc
RtlUnwind
InitializeCriticalSectionAndSpinCount
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapDestroy
HeapCreate
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
WriteFile
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
ExitProcess
GetModuleHandleW
HeapFree
Sleep
DeleteCriticalSection
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetModuleHandleA
GetProcAddress
IsDebuggerPresent
GetCurrentProcess
TerminateProcess
GetCommandLineA
GetCurrentThreadId
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
GetLastError
GetSystemTime
SystemTimeToFileTime
SetLastError

Exports

Exports

BIO_f_ssl
BIO_new_buffer_ssl_connect
BIO_new_ssl
BIO_new_ssl_connect
BIO_ssl_copy_session_id
BIO_ssl_shutdown
DTLS_client_method
DTLS_method
DTLS_server_method
DTLSv1_2_client_method
DTLSv1_2_method
DTLSv1_2_server_method
DTLSv1_client_method
DTLSv1_method
DTLSv1_server_method
ERR_load_SSL_strings
PEM_read_SSL_SESSION
PEM_read_bio_SSL_SESSION
PEM_write_SSL_SESSION
PEM_write_bio_SSL_SESSION
SRP_Calc_A_param
SRP_generate_client_master_secret
SRP_generate_server_master_secret
SSL_CIPHER_description
SSL_CIPHER_find
SSL_CIPHER_get_bits
SSL_CIPHER_get_id
SSL_CIPHER_get_name
SSL_CIPHER_get_version
SSL_COMP_add_compression_method
SSL_COMP_free_compression_methods
SSL_COMP_get_compression_methods
SSL_COMP_get_name
SSL_COMP_set0_compression_methods
SSL_CONF_CTX_clear_flags
SSL_CONF_CTX_finish
SSL_CONF_CTX_free
SSL_CONF_CTX_new
SSL_CONF_CTX_set1_prefix
SSL_CONF_CTX_set_flags
SSL_CONF_CTX_set_ssl
SSL_CONF_CTX_set_ssl_ctx
SSL_CONF_cmd
SSL_CONF_cmd_argv
SSL_CONF_cmd_value_type
SSL_CTX_SRP_CTX_free
SSL_CTX_SRP_CTX_init
SSL_CTX_add_client_CA
SSL_CTX_add_client_custom_ext
SSL_CTX_add_server_custom_ext
SSL_CTX_add_session
SSL_CTX_callback_ctrl
SSL_CTX_check_private_key
SSL_CTX_ctrl
SSL_CTX_flush_sessions
SSL_CTX_free
SSL_CTX_get0_certificate
SSL_CTX_get0_param
SSL_CTX_get0_privatekey
SSL_CTX_get_cert_store
SSL_CTX_get_client_CA_list
SSL_CTX_get_client_cert_cb
SSL_CTX_get_ex_data
SSL_CTX_get_ex_new_index
SSL_CTX_get_info_callback
SSL_CTX_get_quiet_shutdown
SSL_CTX_get_ssl_method
SSL_CTX_get_timeout
SSL_CTX_get_verify_callback
SSL_CTX_get_verify_depth
SSL_CTX_get_verify_mode
SSL_CTX_load_verify_locations
SSL_CTX_new
SSL_CTX_remove_session
SSL_CTX_sess_get_get_cb
SSL_CTX_sess_get_new_cb
SSL_CTX_sess_get_remove_cb
SSL_CTX_sess_set_get_cb
SSL_CTX_sess_set_new_cb
SSL_CTX_sess_set_remove_cb
SSL_CTX_sessions
SSL_CTX_set1_param
SSL_CTX_set_alpn_protos
SSL_CTX_set_alpn_select_cb
SSL_CTX_set_cert_cb
SSL_CTX_set_cert_store
SSL_CTX_set_cert_verify_callback
SSL_CTX_set_cipher_list
SSL_CTX_set_client_CA_list
SSL_CTX_set_client_cert_cb
SSL_CTX_set_client_cert_engine
SSL_CTX_set_cookie_generate_cb
SSL_CTX_set_cookie_verify_cb
SSL_CTX_set_default_passwd_cb
SSL_CTX_set_default_passwd_cb_userdata
SSL_CTX_set_default_verify_paths
SSL_CTX_set_ex_data
SSL_CTX_set_generate_session_id
SSL_CTX_set_info_callback
SSL_CTX_set_msg_callback
SSL_CTX_set_next_proto_select_cb
SSL_CTX_set_next_protos_advertised_cb
SSL_CTX_set_psk_client_callback
SSL_CTX_set_psk_server_callback
SSL_CTX_set_purpose
SSL_CTX_set_quiet_shutdown
SSL_CTX_set_session_id_context
SSL_CTX_set_srp_cb_arg
SSL_CTX_set_srp_client_pwd_callback
SSL_CTX_set_srp_password
SSL_CTX_set_srp_strength
SSL_CTX_set_srp_username
SSL_CTX_set_srp_username_callback
SSL_CTX_set_srp_verify_param_callback
SSL_CTX_set_ssl_version
SSL_CTX_set_timeout
SSL_CTX_set_tlsext_use_srtp
SSL_CTX_set_tmp_dh_callback
SSL_CTX_set_tmp_ecdh_callback
SSL_CTX_set_tmp_rsa_callback
SSL_CTX_set_trust
SSL_CTX_set_verify
SSL_CTX_set_verify_depth
SSL_CTX_use_PrivateKey
SSL_CTX_use_PrivateKey_ASN1
SSL_CTX_use_PrivateKey_file
SSL_CTX_use_RSAPrivateKey
SSL_CTX_use_RSAPrivateKey_ASN1
SSL_CTX_use_RSAPrivateKey_file
SSL_CTX_use_certificate
SSL_CTX_use_certificate_ASN1
SSL_CTX_use_certificate_chain_file
SSL_CTX_use_certificate_file
SSL_CTX_use_psk_identity_hint
SSL_CTX_use_serverinfo
SSL_CTX_use_serverinfo_file
SSL_SESSION_free
SSL_SESSION_get0_peer
SSL_SESSION_get_compress_id
SSL_SESSION_get_ex_data
SSL_SESSION_get_ex_new_index
SSL_SESSION_get_id
SSL_SESSION_get_time
SSL_SESSION_get_timeout
SSL_SESSION_new
SSL_SESSION_print
SSL_SESSION_print_fp
SSL_SESSION_set1_id_context
SSL_SESSION_set_ex_data
SSL_SESSION_set_time
SSL_SESSION_set_timeout
SSL_SRP_CTX_free
SSL_SRP_CTX_init
SSL_accept
SSL_add_client_CA
SSL_add_dir_cert_subjects_to_stack
SSL_add_file_cert_subjects_to_stack
SSL_alert_desc_string
SSL_alert_desc_string_long
SSL_alert_type_string
SSL_alert_type_string_long
SSL_cache_hit
SSL_callback_ctrl
SSL_certs_clear
SSL_check_chain
SSL_check_private_key
SSL_clear
SSL_connect
SSL_copy_session_id
SSL_ctrl
SSL_do_handshake
SSL_dup
SSL_dup_CA_list
SSL_export_keying_material
SSL_extension_supported
SSL_free
SSL_get0_alpn_selected
SSL_get0_next_proto_negotiated
SSL_get0_param
SSL_get1_session
SSL_get_SSL_CTX
SSL_get_certificate
SSL_get_cipher_list
SSL_get_ciphers
SSL_get_client_CA_list
SSL_get_current_cipher
SSL_get_current_compression
SSL_get_current_expansion
SSL_get_default_timeout
SSL_get_error
SSL_get_ex_data
SSL_get_ex_data_X509_STORE_CTX_idx
SSL_get_ex_new_index
SSL_get_fd
SSL_get_finished
SSL_get_info_callback
SSL_get_peer_cert_chain
SSL_get_peer_certificate
SSL_get_peer_finished
SSL_get_privatekey
SSL_get_psk_identity
SSL_get_psk_identity_hint
SSL_get_quiet_shutdown
SSL_get_rbio
SSL_get_read_ahead
SSL_get_rfd
SSL_get_selected_srtp_profile
SSL_get_servername
SSL_get_servername_type
SSL_get_session
SSL_get_shared_ciphers
SSL_get_shared_sigalgs
SSL_get_shutdown
SSL_get_sigalgs
SSL_get_srp_N
SSL_get_srp_g
SSL_get_srp_userinfo
SSL_get_srp_username
SSL_get_srtp_profiles
SSL_get_ssl_method
SSL_get_verify_callback
SSL_get_verify_depth
SSL_get_verify_mode
SSL_get_verify_result
SSL_get_version
SSL_get_wbio
SSL_get_wfd
SSL_has_matching_session_id
SSL_is_server
SSL_library_init
SSL_load_client_CA_file
SSL_load_error_strings
SSL_new
SSL_peek
SSL_pending
SSL_read
SSL_renegotiate
SSL_renegotiate_abbreviated
SSL_renegotiate_pending
SSL_rstate_string
SSL_rstate_string_long
SSL_select_next_proto
SSL_set1_param
SSL_set_SSL_CTX
SSL_set_accept_state
SSL_set_alpn_protos
SSL_set_bio
SSL_set_cert_cb
SSL_set_cipher_list
SSL_set_client_CA_list
SSL_set_connect_state
SSL_set_debug
SSL_set_ex_data
SSL_set_fd
SSL_set_generate_session_id
SSL_set_info_callback
SSL_set_msg_callback
SSL_set_psk_client_callback
SSL_set_psk_server_callback
SSL_set_purpose
SSL_set_quiet_shutdown
SSL_set_read_ahead
SSL_set_rfd
SSL_set_session
SSL_set_session_id_context
SSL_set_session_secret_cb
SSL_set_session_ticket_ext
SSL_set_session_ticket_ext_cb
SSL_set_shutdown
SSL_set_srp_server_param
SSL_set_srp_server_param_pw
SSL_set_ssl_method
SSL_set_state
SSL_set_tlsext_use_srtp
SSL_set_tmp_dh_callback
SSL_set_tmp_ecdh_callback
SSL_set_tmp_rsa_callback
SSL_set_trust
SSL_set_verify
SSL_set_verify_depth
SSL_set_verify_result
SSL_set_wfd
SSL_shutdown
SSL_srp_server_param_with_username
SSL_state
SSL_state_string
SSL_state_string_long
SSL_use_PrivateKey
SSL_use_PrivateKey_ASN1
SSL_use_PrivateKey_file
SSL_use_RSAPrivateKey
SSL_use_RSAPrivateKey_ASN1
SSL_use_RSAPrivateKey_file
SSL_use_certificate
SSL_use_certificate_ASN1
SSL_use_certificate_file
SSL_use_psk_identity_hint
SSL_version
SSL_want
SSL_write
SSLv23_client_method
SSLv23_method
SSLv23_server_method
SSLv2_client_method
SSLv2_method
SSLv2_server_method
SSLv3_client_method
SSLv3_method
SSLv3_server_method
TLSv1_1_client_method
TLSv1_1_method
TLSv1_1_server_method
TLSv1_2_client_method
TLSv1_2_method
TLSv1_2_server_method
TLSv1_client_method
TLSv1_method
TLSv1_server_method
d2i_SSL_SESSION
i2d_SSL_SESSION
ssl3_ciphers

Sections

.text
Size: 245KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
su.exe
.exe windows x86

3d117131c4278940d1574d2dde06dc47

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__mb_cur_max
strcpy
strlen
getenv
strcmp
exit
printf
__p__environ
fprintf
_iob
malloc
realloc
free
putc
fflush
_sys_errlist
_sys_nerr
strncmp
fopen
fseek
fclose
_pctype
_isctype
_errno
getc
toupper
_ftol
strchr
strrchr
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_chdir
_execv
_putenv

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 938B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
sync.exe
.exe windows x86

90c8f61b4f02a0a98de4428c40478b5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

malloc
_errno
getenv
bsearch
qsort
fclose
_pctype
_isctype
__mb_cur_max
fgets
fopen
tolower
putc
strerror
vfprintf
fflush
strncmp
free
strchr
_stat
_get_osfhandle
_fstat
exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
fprintf
sprintf
_iob
setlocale
printf
puts
strncpy
_strlwr
_exit
_getcwd
_read
_close
_open
_access
_utime
_chsize

kernel32

GetFullPathNameA
GetFileInformationByHandle
CreateFileA
FlushFileBuffers
CloseHandle
FormatMessageA
LocalFree
GetLastError

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
type.exe
.exe windows x86

086c5f9fd6f0596584f4096df2c30a21

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
getenv
_iob
fprintf
_exit
_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
printf
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_stat
_isatty

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
uname.exe
.exe windows x86

af1ee8a9b74fc1417ba53ef316a970de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostname
WSAStartup

msvcrt

strncmp
strlen
getenv
_sys_nerr
_sys_errlist
strcmp
_pipe
sprintf
calloc
strncpy
_strlwr
_stat
_dup
signal
_exit
_XcptFilter
__p___initenv
__getmainargs
fflush
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
putc
_iob
fprintf
exit
printf
_errno
_fstat
_get_osfhandle
_initterm
_read
_open
_close
_unlink
_utime
_access
_mktemp
_chsize

kernel32

CreateFileA
GetFullPathNameA
CreateProcessA
GetCurrentProcessId
OpenProcess
TerminateProcess
CloseHandle
GetExitCodeProcess
GetVersion
GetFileInformationByHandle
Sleep

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
unexpand.exe
.exe windows x86

0ef08b5c4ef67fee8f3a5ae1222c9984

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

_fstat
_getcwd
_isatty
_open
_read
_close
_strdup
_cexit
_errno
_fileno
_fmode
_fpreset
_iob
_setmode
__getmainargs
_stricmp
_strnicmp
_wcsicmp
atexit
bsearch
calloc
clearerr
exit
fclose
feof
ferror
fflush
fgets
fopen
fprintf
fputs
free
getc
getenv
isalnum
isalpha
isdigit
isspace
__p__environ
malloc
memcpy
printf
putc
putchar
puts
qsort
realloc
setlocale
signal
strchr
strcmp
strerror
strncmp
tolower
vfprintf
__set_app_type

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 768B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
unrar.exe
.exe windows x86

eada5bd13d8bd6e2f341ea26dfbf3f68

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
SetFileSecurityA
SetFileSecurityW

kernel32

CloseHandle
CompareStringA
CompareStringW
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
CreateMutexA
DeleteFileA
DeleteFileW
DosDateTimeToFileTime
ExitProcess
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FlushFileBuffers
GetCPInfo
GetConsoleMode
GetCurrentProcess
GetCurrentThread
GetDiskFreeSpaceA
GetDriveTypeA
GetFileAttributesA
GetFileAttributesW
GetFileTime
GetFileType
GetFullPathNameA
GetFullPathNameW
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStdHandle
GetSystemTimeAsFileTime
GetVersionExA
InterlockedIncrement
IsDBCSLeadByte
LocalFileTimeToFileTime
MultiByteToWideChar
ReadConsoleA
ReadFile
ReleaseMutex
SetConsoleCtrlHandler
SetConsoleMode
SetEndOfFile
SetErrorMode
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetLastError
SetPriorityClass
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
WaitForSingleObject
WideCharToMultiByte
WriteFile

msvcrt

_write
__getmainargs
__p__environ
__set_app_type
_assert
_cexit
_fileno
_fmode
_fpreset
_iob
_setmode
abort
atexit
atoi
clock
exit
fgets
free
getenv
isdigit
malloc
memchr
memcpy
memmove
memset
putchar
realloc
rename
setbuf
signal
sprintf
strcat
strchr
strcmp
strcpy
strncpy
strpbrk
strrchr
strstr
strtol
toupper
vsprintf

user32

CharLowerA
CharLowerW
CharToOemA
CharToOemBuffA
CharUpperA
CharUpperW
OemToCharA
OemToCharBuffA

Sections

.text
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 17KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
unshar.exe
.exe windows x86

bfd830b7c38c945db22ea5f789cde511

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strerror
fwrite
fread
sprintf
fclose
fopen
exit
printf
_errno
setbuf
_setmode
_iob
fputc
fgetc
ftell
_pclose
strncmp
fputs
_popen
fgets
fseek
fprintf
getenv
putc
rewind
vfprintf
fflush
free
malloc
realloc
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_unlink
_getpid
_chdir
_getcwd

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
unzip.exe
.exe windows x86

a748a7b40b99ec291d54c001001fb23e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetDriveTypeA
GetVolumeInformationA
GetFullPathNameA
GetLocaleInfoA
GetConsoleScreenBufferInfo
GetStdHandle
ReadFile
SetConsoleMode
GetConsoleMode
WideCharToMultiByte
DosDateTimeToFileTime
SetFileAttributesA
GetFileAttributesA
GetFileTime
SetFileTime
HeapFree
HeapAlloc
GetProcessHeap
GetCurrentProcess
InitializeCriticalSection
ReleaseMutex
WaitForSingleObject
InterlockedExchange
CreateMutexA
lstrcpynA
lstrcmpiA
LeaveCriticalSection
EnterCriticalSection
lstrlenA
CloseHandle
SetFilePointer
GetLastError
SetEndOfFile
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLocalTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetVersion
FindClose
FindNextFileA
SetVolumeLabelA
FindFirstFileA
CreateDirectoryA
DeleteFileA
SetEnvironmentVariableW
SetConsoleCtrlHandler
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
MoveFileA
GetSystemTimeAsFileTime
SetStdHandle
GetFileType
HeapReAlloc
GetCommandLineA
GetVersionExA
GetACP
GetOEMCP
GetCPInfo
WriteFile
UnhandledExceptionFilter
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetStartupInfoA
FlushFileBuffers
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetCurrentDirectoryA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
CompareStringA
CompareStringW
SetEnvironmentVariableA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
VirtualProtect
GetSystemInfo
VirtualQuery
HeapSize
LoadLibraryA
RtlUnwind
GetLocaleInfoW

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetKernelObjectSecurity
SetKernelObjectSecurity
IsValidSecurityDescriptor
GetSecurityDescriptorDacl
IsValidAcl
GetSecurityDescriptorSacl
GetSecurityDescriptorOwner
IsValidSid
GetSecurityDescriptorGroup
GetSecurityDescriptorControl

user32

OemToCharA
CharToOemA

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 846KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
usort.exe
.exe windows x86

9653f3d648c148b092db8db2f905dab5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

_fdopen
_fstat
_getcwd
_getpid
_open
_read
_close
_stat
_strdup
_unlink
_assert
_cexit
_errno
_fileno
_fmode
_fpreset
_iob
_setmode
__getmainargs
_stricmp
_strnicmp
_wcsicmp
abort
atexit
bsearch
calloc
clearerr
exit
fclose
feof
ferror
fflush
fgets
fopen
fprintf
fputs
fread
free
fwrite
getenv
isalnum
isalpha
isdigit
islower
isprint
isspace
__p__environ
localeconv
malloc
memchr
memcpy
memmove
printf
putc
puts
qsort
realloc
setlocale
signal
sprintf
strchr
strcmp
strcoll
strcpy
strerror
strncmp
strtod
tolower
toupper
vfprintf
__set_app_type

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
uudecode.exe
.exe windows x86

4039da7abf8dc58c90abe9852cf8b183

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_exit
freopen
exit
printf
_setmode
_iob
putchar
sscanf
strncmp
fgets
fprintf
putc
strerror
vfprintf
fflush
getenv
_errno
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_chmod

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
uuencode.exe
.exe windows x86

5b588b96f5e242fa3c73f8c41dc63906

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

putchar
fread
fprintf
putc
strerror
printf
vfprintf
fflush
strncmp
getenv
strncpy
_strlwr
_stat
_get_osfhandle
_iob
exit
_XcptFilter
__p___initenv
_setmode
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
freopen
_errno
_exit
_fstat
__getmainargs
_umask
_fileno
_access
_utime
_chsize
_close
_open

kernel32

GetFullPathNameA
CreateFileA
GetFileInformationByHandle
CloseHandle

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
wget.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 368KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 245KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
xargs.exe
.exe windows x86

00a36af8ca830e18c907b7a7508985b8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostname

advapi32

GetUserNameA

msvcrt

strstr
strncpy
strcpy
_exit
fflush
fputs
_errno
putc
memset
strtol
fopen
realloc
strncmp
getenv
strerror
vfprintf
fprintf
malloc
getc
_dup
_pipe
_strlwr
_stat
strcmp
_fstat
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
_onexit
_iob
_setmode
__p__environ
printf
exit
strlen
sprintf
signal
calloc
_get_osfhandle
_open
_unlink
_execvp
_close
_read
_utime
_mktemp
_access
_chsize

kernel32

GetVersion
GetFileInformationByHandle
CreateProcessA
GetCurrentProcessId
OpenProcess
TerminateProcess
CloseHandle
Sleep
GetExitCodeProcess
CreateFileA
GetFullPathNameA

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 582B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
yes.exe
.exe windows x86

f5f86c18b398b8df21fb80113dbef629

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p___initenv
fputs
_iob
puts
exit
printf
fprintf
strlen
strncmp
strcmp
getenv
_exit
_XcptFilter
putchar
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 542B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
zcat.exe
.exe windows x86

f2e08216998da75136edb412ba778d0e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

_write
_fileno
_fstat
_isatty
_chmod
_lseek
_open
_read
_close
_setmode
_stat
_unlink
_utime
_cexit
_errno
_fileno
_findclose
_findfirst
_findnext
_fmode
_fpreset
_iob
_setmode
_stat
__getmainargs
atexit
atoi
calloc
ctime
exit
fflush
fgets
fprintf
free
getenv
isupper
__p__environ
malloc
memcpy
perror
printf
putc
signal
strcat
strcmp
strcpy
strcspn
strncmp
strncpy
strrchr
strspn
__set_app_type

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 320KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bcd74b9107807ee4a560dd53b6186777

Headers

File Characteristics

Imports

msvbvm50

Sections

.text Size: 40KB - Virtual size: 40KB

.data Size: 512B - Virtual size: 7KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 6KB - Virtual size: 5KB

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 376KB

UPX1 Size: 306KB - Virtual size: 308KB

.rsrc Size: 5KB - Virtual size: 8KB

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 328KB

UPX1 Size: 229KB - Virtual size: 232KB

.rsrc Size: 5KB - Virtual size: 8KB

09c182b10b88cd78aa1b9a1fdb0142e4

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

user32

advapi32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 316KB - Virtual size: 315KB

.data Size: 1KB - Virtual size: 34KB

.pdata Size: 72KB - Virtual size: 71KB

.rsrc Size: 95KB - Virtual size: 94KB

.reloc Size: 12KB - Virtual size: 12KB

41c55772e303b8488ea464a0538e35d5

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

user32

advapi32

msvcrt

kernel32

Sections

.text Size: 311KB - Virtual size: 311KB

.rdata Size: 113KB - Virtual size: 112KB

.data Size: 2KB - Virtual size: 11KB

.pdata Size: 24KB - Virtual size: 24KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

891a8a1ea1fd825bc2460ce233fb7d00

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 1024B - Virtual size: 951B

.data Size: 5KB - Virtual size: 9KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

d4b8ac9c16b763dcac4ceed3e72184ff

.text
Size: 40KB - Virtual size: 40KB

.data
Size: 512B - Virtual size: 7KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 6KB - Virtual size: 5KB

UPX0
Size: - Virtual size: 376KB

UPX1
Size: 306KB - Virtual size: 308KB

.rsrc
Size: 5KB - Virtual size: 8KB

UPX0
Size: - Virtual size: 328KB

UPX1
Size: 229KB - Virtual size: 232KB

.rsrc
Size: 5KB - Virtual size: 8KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 316KB - Virtual size: 315KB

.data
Size: 1KB - Virtual size: 34KB

.pdata
Size: 72KB - Virtual size: 71KB

.rsrc
Size: 95KB - Virtual size: 94KB

.reloc
Size: 12KB - Virtual size: 12KB

.text
Size: 311KB - Virtual size: 311KB

.rdata
Size: 113KB - Virtual size: 112KB

.data
Size: 2KB - Virtual size: 11KB

.pdata
Size: 24KB - Virtual size: 24KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 1024B - Virtual size: 951B

.data
Size: 5KB - Virtual size: 9KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 1024B - Virtual size: 951B

.data
Size: 5KB - Virtual size: 9KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 26KB - Virtual size: 26KB

.rdata
Size: 1024B - Virtual size: 951B

.data
Size: 5KB - Virtual size: 39KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 512B - Virtual size: 100B

.bss
Size: - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 21KB

.bss
Size: - Virtual size: 5KB

.rdata
Size: 512B - Virtual size: 105B

.data
Size: 5KB - Virtual size: 4KB

.idata
Size: 1024B - Virtual size: 810B

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 21KB

.bss
Size: - Virtual size: 5KB

.rdata
Size: 512B - Virtual size: 105B

.data
Size: 5KB - Virtual size: 4KB

.idata
Size: 1024B - Virtual size: 810B

.reloc
Size: 2KB - Virtual size: 1KB