142ea29d7be8d511deaee37f524b154d109948663a517c1ebe3f869401960579

Sharing

Copy URL Twitter E-mail

General

Target

142ea29d7be8d511deaee37f524b154d109948663a517c1ebe3f869401960579
Size

12.4MB
MD5

15c52d2e7bdcb601f77b5d21462f5ca2
SHA1

69e36234592fd912e63f4895f9d11aba1163dadb
SHA256

142ea29d7be8d511deaee37f524b154d109948663a517c1ebe3f869401960579
SHA512

7b9fa99daf12a5eca1fe44bfb5aa256df61d8d4431333cf80791fcbf06bae428ac3223498a897976133942d2cdd2e0a386184a3381d9b94147f9011750d4d006
SSDEEP

196608:TR3WWOv27c9rxZNKz3Z4UH7yO5nfkV072670EEWcw8gM/PqCkJexukJexx:TVO+4BqbhnfkVs0EuRqxUbUL

Score

3^/10

pyinstaller

Malware Config

Signatures

Detects Pyinstaller 1 IoCs

pyinstaller

resource	yara_rule
static1/unpack001/modules/StartCollect.exe	pyinstaller

Unsigned PE 21 IoCs

Checks for missing Authenticode signature.

resource
unpack001/modules/StartCollect.exe
unpack001/modules/disk/hioadm/win/HioadmDLL.dll
unpack001/modules/disk/hioadm/win/hioadm.exe
unpack001/modules/disk/ssdcmd/HioBadblock.exe
unpack001/modules/disk/ssdcmd/HioEcinfo.exe
unpack001/modules/disk/ssdcmd/HioInfo.exe
unpack001/modules/disk/ssdcmd/HioLabel.exe
unpack001/modules/disk/ssdcmd/HioLog.exe
unpack001/modules/disk/ssdcmd/HioLogdump.exe
unpack001/modules/disk/ssdcmd/HioRwReg.exe
unpack001/modules/disk/ssdcmd/HioTemperature.exe
unpack001/modules/raid/RAID/2308/sas2flash32.exe
unpack001/modules/raid/RAID/2308/sas2flash64.exe
unpack001/modules/raid/RAID/2308/sas2ircu32.exe
unpack001/modules/raid/RAID/2308/sas2ircu64.exe
unpack001/modules/raid/RAID/3008/sas3flash32.exe
unpack001/modules/raid/RAID/3008/sas3flash64.exe
unpack001/modules/raid/RAID/3008/sas3ircu32.exe
unpack001/modules/raid/RAID/3008/sas3ircu64.exe
unpack001/modules/raid/RAID/3108/storcli32.exe
unpack001/modules/raid/RAID/3108/storcli64.exe

Files

142ea29d7be8d511deaee37f524b154d109948663a517c1ebe3f869401960579
.zip
Copyright Notice.doc
.doc .xml office
config.ini
docs/en/Collecting Windows Log Files.chm
.chm
docs/zh/收集Windows操作系统日志.chm
.chm
infoCollect.bat
.bat .vbs
modules/StartCollect.exe
.exe windows x64

2cdcfb3a828433ba76b5b41f45519bd9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetCommandLineW
GetEnvironmentVariableW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
CreateDirectoryW
GetTempPathW
WaitForSingleObject
Sleep
GetExitCodeProcess
CreateProcessW
FreeLibrary
LoadLibraryExW
CloseHandle
GetCurrentProcess
LoadLibraryA
LocalFree
FormatMessageW
MultiByteToWideChar
WideCharToMultiByte
SetEndOfFile
GetProcAddress
GetModuleFileNameW
SetDllDirectoryW
GetStartupInfoW
GetLastError
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW
RtlUnwindEx
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
RaiseException
GetCommandLineA
ReadFile
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFullPathNameW
RemoveDirectoryW
FindClose
FindFirstFileExW
FindNextFileW
SetStdHandle
SetConsoleCtrlHandler
DeleteFileW
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleExW
HeapFree
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetConsoleOutputCP
GetFileSizeEx
HeapAlloc
CompareStringW
LCMapStringW
GetCurrentDirectoryW
FlushFileBuffers
GetFileAttributesExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeW
GetProcessHeap
GetTimeZoneInformation
HeapSize
HeapReAlloc
WriteConsoleW

advapi32

ConvertSidToStringSidW
GetTokenInformation
OpenProcessToken
ConvertStringSecurityDescriptorToSecurityDescriptorW

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modules/cpu/logCollect.cfg
modules/disk/hioadm/win/HioadmDLL.dll
.dll windows x64

2610c3dfaf81254e6b4ff81b95d4ab8c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

setupapi

SetupDiSetClassInstallParamsA
SetupDiGetClassDevsA
CM_Request_Device_EjectA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList
CM_Get_Device_ID_ExA
CM_Locate_DevNode_ExA
SetupDiGetDeviceInstallParamsA
SetupDiGetDevicePropertyW
SetupDiEnumDeviceInterfaces
SetupDiCallClassInstaller
CM_Reenumerate_DevNode_Ex
SetupDiGetDeviceInterfaceDetailA

wtsapi32

WTSQuerySessionInformationA
WTSFreeMemory

shlwapi

PathCanonicalizeA

kernel32

WriteConsoleW
SetEndOfFile
HeapReAlloc
HeapSize
GetStringTypeW
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
Sleep
FreeLibrary
CloseHandle
CreateThread
ReadFile
CreatePipe
CreateFileA
GetLocalTime
GetStartupInfoA
CreateProcessA
WriteFile
GetLastError
lstrlenW
ReleaseSemaphore
LoadLibraryExA
UnlockFileEx
lstrlenA
WaitForSingleObject
GetCurrentDirectoryA
GetProcAddress
LockFileEx
GetCurrentProcessId
CreateSemaphoreA
FindClose
GetTimeZoneInformation
DeviceIoControl
SetLastError
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwindEx
InterlockedFlushSList
RaiseException
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetModuleFileNameW
HeapFree
HeapAlloc
CompareStringW
LCMapStringW
GetStdHandle
FlushFileBuffers
GetConsoleCP
GetConsoleMode
MultiByteToWideChar
DeleteFileW
GetFileAttributesExW
MoveFileExW
GetCurrentDirectoryW
GetFullPathNameW
SetStdHandle
GetFileSizeEx
SetFilePointerEx
CreateDirectoryW
ReadConsoleW

user32

GetSystemMetrics

advapi32

GetUserNameA

Exports

Exports

DllFreeNvmeController
DllGetCapacity
DllGetNvmeEjectStatus
DllMallocNvmeController
DllNvmeActiveFirmware
DllNvmeEjectController
DllNvmeEjectDisk
DllNvmeFormat
DllNvmeGetAdvanceInfo
DllNvmeGetBaseInfo
DllNvmeGetControllerCount
DllNvmeGetCurrentPowerState
DllNvmeGetFirmwareSlotInfo
DllNvmeGetFormatInfo
DllNvmeGetHeadDevs
DllNvmeGetLabel
DllNvmeGetLunList
DllNvmeGetNamespaceBaseInfo
DllNvmeGetNextBrother
DllNvmeGetNextDevs
DllNvmeGetPowerInfo
DllNvmeGetSlotNumber
DllNvmeGetSmartInfo
DllNvmeGetTempInfo
DllNvmeGetTempShreshold
DllNvmeGetVersion
DllNvmeGetWildNsList
DllNvmeGetWriteMode
DllNvmeNamespaceAttach
DllNvmeNamespaceCreate
DllNvmeNamespaceDelete
DllNvmeNamespaceDettach
DllNvmeOperationLog
DllNvmeReleaseDevs
DllNvmeReset
DllNvmeSaveFirmwareLog
DllNvmeScanDevs
DllNvmeSelfTest
DllNvmeSetCapacity
DllNvmeSetPowerState
DllNvmeSetTempShreshold
DllNvmeSetWriteMode
DllNvmeUpdateFirmware
DllSasGetControllerCount
DllUdaRaidClose
DllUdaRaidOpen

Sections

.text
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modules/disk/hioadm/win/hioadm.exe
.exe windows x64

90a022ffc8f8fea9149407163e6ebe86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

setupapi

SetupDiGetDeviceInstallParamsA
CM_Get_Device_ID_ExA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
CM_Reenumerate_DevNode_Ex
CM_Request_Device_EjectA
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
CM_Locate_DevNode_ExA
SetupDiDestroyDeviceInfoList
SetupDiGetDevicePropertyW
SetupDiSetClassInstallParamsA
SetupDiCallClassInstaller

wtsapi32

WTSQuerySessionInformationA
WTSFreeMemory

shlwapi

PathCanonicalizeA

kernel32

RaiseException
WriteConsoleW
SetEndOfFile
HeapReAlloc
HeapSize
CreateDirectoryW
GetFileAttributesExW
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
Sleep
FreeLibrary
CloseHandle
WriteFile
GetLastError
CreateFileA
lstrlenW
ReleaseSemaphore
DeviceIoControl
LoadLibraryExA
UnlockFileEx
lstrlenA
WaitForSingleObject
GetCurrentDirectoryA
GetProcAddress
LockFileEx
GetCurrentProcessId
CreateSemaphoreA
SetStdHandle
GetFullPathNameW
CreateThread
DeleteCriticalSection
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwindEx
SetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ReadFile
GetCPInfo
ExitProcess
GetModuleHandleExW
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
SetConsoleCtrlHandler
GetStdHandle
GetModuleFileNameW
GetCommandLineA
GetCommandLineW
HeapFree
HeapAlloc
CompareStringW
LCMapStringW
SetFilePointerEx
GetConsoleMode
ReadConsoleW
MultiByteToWideChar
GetStringTypeW
WideCharToMultiByte
GetConsoleCP
GetFileSizeEx
GetTimeZoneInformation
FlushFileBuffers
DeleteFileW
MoveFileExW
GetCurrentDirectoryW

user32

GetSystemMetrics

advapi32

GetUserNameA

Sections

.text
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modules/disk/logCollect.cfg
modules/disk/registeraddress.ini
modules/disk/ssdcmd/HioBadblock.exe
.exe windows x64

d6280e9ed95c7b5f186a89abeedcddd9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CreateDirectoryW
GetCurrentThread
WriteFile
Sleep
CreateFileW
FlushFileBuffers
GetLocalTime
Process32FirstW
LocalAlloc
SetFilePointerEx
DeviceIoControl
Process32NextW
CreateToolhelp32Snapshot
CloseHandle
GetCurrentProcessId
LocalFree
WriteConsoleW
SetStdHandle
GetCurrentProcess
MoveFileExW
CreateMutexW
GetFileSize
DeleteCriticalSection
DecodePointer
HeapSize
GetLastError
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineW
LCMapStringW
GetConsoleMode
GetConsoleCP
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetFileType
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
EncodePointer
GetCurrentThreadId
GetProcAddress
LoadLibraryExW
WideCharToMultiByte
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
RtlUnwindEx
GetStringTypeW
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
GetStdHandle
GetModuleFileNameW
SetLastError
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo

advapi32

IsValidSecurityDescriptor
FreeSid
RevertToSelf
ConvertStringSecurityDescriptorToSecurityDescriptorW
AddAccessAllowedAce
SetSecurityDescriptorOwner
AllocateAndInitializeSid
InitializeAcl
ImpersonateSelf
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AccessCheck
SetSecurityDescriptorGroup
GetUserNameW
OpenThreadToken
OpenProcessToken
GetLengthSid

shlwapi

PathFileExistsW

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
CM_Get_Child
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
CM_Get_DevNode_Status
CM_Get_Device_IDW

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modules/disk/ssdcmd/HioEcinfo.exe
.exe windows x64

d6280e9ed95c7b5f186a89abeedcddd9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CreateDirectoryW
GetCurrentThread
WriteFile
Sleep
CreateFileW
FlushFileBuffers
GetLocalTime
Process32FirstW
LocalAlloc
SetFilePointerEx
DeviceIoControl
Process32NextW
CreateToolhelp32Snapshot
CloseHandle
GetCurrentProcessId
LocalFree
WriteConsoleW
SetStdHandle
GetCurrentProcess
MoveFileExW
CreateMutexW
GetFileSize
DeleteCriticalSection
DecodePointer
HeapSize
GetLastError
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineW
LCMapStringW
GetConsoleMode
GetConsoleCP
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetFileType
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
EncodePointer
GetCurrentThreadId
GetProcAddress
LoadLibraryExW
WideCharToMultiByte
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
RtlUnwindEx
GetStringTypeW
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
GetStdHandle
GetModuleFileNameW
SetLastError
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo

advapi32

IsValidSecurityDescriptor
FreeSid
RevertToSelf
ConvertStringSecurityDescriptorToSecurityDescriptorW
AddAccessAllowedAce
SetSecurityDescriptorOwner
AllocateAndInitializeSid
InitializeAcl
ImpersonateSelf
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AccessCheck
SetSecurityDescriptorGroup
GetUserNameW
OpenThreadToken
OpenProcessToken
GetLengthSid

shlwapi

PathFileExistsW

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
CM_Get_Child
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
CM_Get_DevNode_Status
CM_Get_Device_IDW

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modules/disk/ssdcmd/HioInfo.exe
.exe windows x64

d6280e9ed95c7b5f186a89abeedcddd9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CreateDirectoryW
GetCurrentThread
WriteFile
Sleep
CreateFileW
FlushFileBuffers
GetLocalTime
Process32FirstW
LocalAlloc
SetFilePointerEx
DeviceIoControl
Process32NextW
CreateToolhelp32Snapshot
CloseHandle
GetCurrentProcessId
LocalFree
WriteConsoleW
SetStdHandle
GetCurrentProcess
MoveFileExW
CreateMutexW
GetFileSize
DeleteCriticalSection
DecodePointer
HeapSize
GetLastError
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineW
LCMapStringW
GetConsoleMode
GetConsoleCP
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetFileType
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
EncodePointer
GetCurrentThreadId
GetProcAddress
LoadLibraryExW
WideCharToMultiByte
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
RtlUnwindEx
GetStringTypeW
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
GetStdHandle
GetModuleFileNameW
SetLastError
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo

advapi32

IsValidSecurityDescriptor
FreeSid
RevertToSelf
ConvertStringSecurityDescriptorToSecurityDescriptorW
AddAccessAllowedAce
SetSecurityDescriptorOwner
AllocateAndInitializeSid
InitializeAcl
ImpersonateSelf
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AccessCheck
SetSecurityDescriptorGroup
GetUserNameW
OpenThreadToken
OpenProcessToken
GetLengthSid

shlwapi

PathFileExistsW

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
CM_Get_Child
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
CM_Get_DevNode_Status
CM_Get_Device_IDW

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modules/disk/ssdcmd/HioLabel.exe
.exe windows x64

d6280e9ed95c7b5f186a89abeedcddd9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CreateDirectoryW
GetCurrentThread
WriteFile
Sleep
CreateFileW
FlushFileBuffers
GetLocalTime
Process32FirstW
LocalAlloc
SetFilePointerEx
DeviceIoControl
Process32NextW
CreateToolhelp32Snapshot
CloseHandle
GetCurrentProcessId
LocalFree
WriteConsoleW
SetStdHandle
GetCurrentProcess
MoveFileExW
CreateMutexW
GetFileSize
DeleteCriticalSection
DecodePointer
HeapSize
GetLastError
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineW
LCMapStringW
GetConsoleMode
GetConsoleCP
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetFileType
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
EncodePointer
GetCurrentThreadId
GetProcAddress
LoadLibraryExW
WideCharToMultiByte
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
RtlUnwindEx
GetStringTypeW
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
GetStdHandle
GetModuleFileNameW
SetLastError
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo

advapi32

IsValidSecurityDescriptor
FreeSid
RevertToSelf
ConvertStringSecurityDescriptorToSecurityDescriptorW
AddAccessAllowedAce
SetSecurityDescriptorOwner
AllocateAndInitializeSid
InitializeAcl
ImpersonateSelf
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AccessCheck
SetSecurityDescriptorGroup
GetUserNameW
OpenThreadToken
OpenProcessToken
GetLengthSid

shlwapi

PathFileExistsW

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
CM_Get_Child
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
CM_Get_DevNode_Status
CM_Get_Device_IDW

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modules/disk/ssdcmd/HioLog.exe
.exe windows x64

ab7acdaf78647d3c7588dd830727fcf3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetCurrentThread
WriteFile
Sleep
CreateFileW
FlushFileBuffers
LocalAlloc
DeviceIoControl
CloseHandle
GetCurrentProcessId
LocalFree
SetFilePointerEx
GetCurrentProcess
CreateMutexW
DeleteCriticalSection
DecodePointer
HeapSize
GetLastError
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
LCMapStringW
CompareStringW
WriteConsoleW
SetStdHandle
GetConsoleMode
GetConsoleCP
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetFileType
GetCPInfo
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
EncodePointer
GetCurrentThreadId
GetProcAddress
LoadLibraryExW
WideCharToMultiByte
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
GetCommandLineW
RtlUnwindEx
GetTimeZoneInformation
GetStringTypeW
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
GetStdHandle
GetModuleFileNameW
SetLastError
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
IsValidCodePage
GetACP
GetOEMCP

advapi32

IsValidSecurityDescriptor
FreeSid
RevertToSelf
AddAccessAllowedAce
SetSecurityDescriptorOwner
AllocateAndInitializeSid
InitializeAcl
ImpersonateSelf
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AccessCheck
SetSecurityDescriptorGroup
OpenThreadToken
OpenProcessToken
GetLengthSid

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
CM_Get_Child
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
CM_Get_DevNode_Status
CM_Get_Device_IDW
SetupDiGetClassDevsW

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modules/disk/ssdcmd/HioLogdump.exe
.exe windows x64

d6280e9ed95c7b5f186a89abeedcddd9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CreateDirectoryW
GetCurrentThread
WriteFile
Sleep
CreateFileW
FlushFileBuffers
GetLocalTime
Process32FirstW
LocalAlloc
SetFilePointerEx
DeviceIoControl
Process32NextW
CreateToolhelp32Snapshot
CloseHandle
GetCurrentProcessId
LocalFree
WriteConsoleW
SetStdHandle
GetCurrentProcess
MoveFileExW
CreateMutexW
GetFileSize
DeleteCriticalSection
DecodePointer
HeapSize
GetLastError
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineW
LCMapStringW
GetConsoleMode
GetConsoleCP
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetFileType
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
EncodePointer
GetCurrentThreadId
GetProcAddress
LoadLibraryExW
WideCharToMultiByte
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
RtlUnwindEx
GetStringTypeW
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
GetStdHandle
GetModuleFileNameW
SetLastError
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo

advapi32

IsValidSecurityDescriptor
FreeSid
RevertToSelf
ConvertStringSecurityDescriptorToSecurityDescriptorW
AddAccessAllowedAce
SetSecurityDescriptorOwner
AllocateAndInitializeSid
InitializeAcl
ImpersonateSelf
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AccessCheck
SetSecurityDescriptorGroup
GetUserNameW
OpenThreadToken
OpenProcessToken
GetLengthSid

shlwapi

PathFileExistsW

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
CM_Get_Child
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
CM_Get_DevNode_Status
CM_Get_Device_IDW

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modules/disk/ssdcmd/HioRwReg.exe
.exe windows x64

c086da901b54743f61891c6d66ce1a93

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CreateDirectoryW
GetCurrentThread
WriteFile
Sleep
CreateFileW
FlushFileBuffers
GetLocalTime
Process32FirstW
LocalAlloc
SetFilePointerEx
DeviceIoControl
Process32NextW
CreateToolhelp32Snapshot
CloseHandle
GetCurrentProcessId
LocalFree
WriteConsoleW
SetStdHandle
GetCurrentProcess
MoveFileExW
CreateMutexW
GetFileSize
DeleteCriticalSection
DecodePointer
HeapSize
GetLastError
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineW
GetConsoleMode
GetConsoleCP
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetFileType
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
EncodePointer
WideCharToMultiByte
GetCurrentThreadId
GetProcAddress
LoadLibraryExW
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
RtlUnwindEx
GetStringTypeW
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
GetStdHandle
GetModuleFileNameW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW

advapi32

IsValidSecurityDescriptor
FreeSid
RevertToSelf
ConvertStringSecurityDescriptorToSecurityDescriptorW
AddAccessAllowedAce
SetSecurityDescriptorOwner
AllocateAndInitializeSid
InitializeAcl
ImpersonateSelf
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AccessCheck
SetSecurityDescriptorGroup
GetUserNameW
OpenThreadToken
OpenProcessToken
GetLengthSid

shlwapi

PathFileExistsW

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
CM_Get_Child
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
CM_Get_DevNode_Status
CM_Get_Device_IDW

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modules/disk/ssdcmd/HioTemperature.exe
.exe windows x64

23b4806c9e542074f1c023803934f53e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetCurrentThread
WriteFile
Sleep
CreateFileW
FlushFileBuffers
LocalAlloc
DeviceIoControl
CloseHandle
GetCurrentProcessId
LocalFree
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetCurrentProcess
CreateMutexW
DeleteCriticalSection
DecodePointer
HeapSize
GetLastError
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
LCMapStringW
GetConsoleMode
GetConsoleCP
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetFileType
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
EncodePointer
GetCurrentThreadId
GetProcAddress
LoadLibraryExW
WideCharToMultiByte
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
GetCommandLineW
RtlUnwindEx
GetStringTypeW
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
GetStdHandle
GetModuleFileNameW
SetLastError
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo

advapi32

IsValidSecurityDescriptor
FreeSid
RevertToSelf
AddAccessAllowedAce
SetSecurityDescriptorOwner
AllocateAndInitializeSid
InitializeAcl
ImpersonateSelf
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AccessCheck
SetSecurityDescriptorGroup
OpenThreadToken
OpenProcessToken
GetLengthSid

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
CM_Get_Child
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
CM_Get_DevNode_Status
CM_Get_Device_IDW
SetupDiGetClassDevsW

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modules/driver/logCollect.cfg
modules/gpu/logCollect.cfg
modules/ibma/logCollect.cfg
modules/lib/timeout.ini
modules/mainboard/logCollect.cfg
modules/memory/logCollect.cfg
modules/nic/logCollect.cfg
modules/raid/RAID/2308/sas2flash32.exe
.exe windows x86

54a048d4dd2d197198533ba60e9af617

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
Sleep
CreateFileA
DeviceIoControl
CloseHandle
GetLastError

msvcrt

rewind
fread
fseek
fwrite
vsprintf
strcpy
strtok
atoi
_exit
_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_filelength
scanf
system
printf
fopen
fprintf
fclose
memcmp
strcmp
memset
memcpy
_mbschr
_mbsnbcpy
_mbsicmp
realloc
_mbsnbicmp
_mbsstr
malloc
free

setupapi

SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
CM_Get_Device_IDA
SetupDiGetDeviceInstallParamsA
CM_Reenumerate_DevNode
CM_Get_Child
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
CM_Get_Sibling

Sections

.text
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
modules/raid/RAID/2308/sas2flash64.exe
.exe windows x64

b00dd0eb1ce3b1cc40d7c17635c0c9f7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
LocalFree
Sleep
CreateFileA
DeviceIoControl
CloseHandle
GetLastError
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter

msvcrt

fread
rewind
_filelength
scanf
system
printf
fopen
fprintf
fclose
fseek
strcmp
??1type_info@@UEAA@XZ
_CxxThrowException
_commode
__setusermatherr
_initterm
__getmainargs
_exit
__initenv
fwrite
vsprintf
strcpy
strtok
atoi
__C_specific_handler
_XcptFilter
_c_exit
__set_app_type
memcmp
_mbschr
_mbsnbcpy
_mbsstr
_mbsicmp
_mbsnbicmp
free
malloc
realloc
??3@YAXPEAX@Z
memcpy
memset
exit
_cexit
_fmode
?terminate@@YAXXZ

setupapi

CM_Get_Child
CM_Get_Sibling
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstallParamsA
CM_Get_Device_IDA
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
CM_Reenumerate_DevNode
SetupDiGetDeviceRegistryPropertyA

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/raid/RAID/2308/sas2ircu32.exe
.exe windows x86

8339fb221bf5693d7a1b21f643404535

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
HeapFree
GetVersionExA
CreateFileA
DeviceIoControl
CloseHandle
GetLastError
GetProcessHeap
HeapAlloc

msvcrt

memcmp
free
strcmp
_stricmp
strncmp
strcpy
strncpy
strcat
strncat
strlen
scanf
gets
_isctype
strtoul
getenv
tolower
qsort
strftime
localtime
time
_exit
_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
memcpy
memset
malloc
calloc
fwrite
fseek
fread
rewind
fclose
fopen
vfprintf
vprintf
vsprintf
_mbschr
_mbsnbcpy
_mbsicmp
realloc
_mbsnbicmp
_mbsstr
_getch

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
CM_Get_Device_IDA
SetupDiGetDeviceInstallParamsA
SetupDiGetDeviceRegistryPropertyA
CM_Get_Sibling
CM_Get_Child
SetupDiEnumDeviceInfo
SetupDiRemoveDevice
CM_Reenumerate_DevNode

Sections

.text
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
modules/raid/RAID/2308/sas2ircu64.exe
.exe windows x64

d037f1c8835875686d6f0e11cd0d8db6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

Sleep
LocalFree
HeapFree
GetVersionExA
CreateFileA
DeviceIoControl
CloseHandle
GetLastError
GetProcessHeap
HeapAlloc
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter

msvcrt

_fmode
__set_app_type
strlen
strncat
strcat
strncpy
strcpy
strncmp
_stricmp
strcmp
free
memcmp
memcpy
memset
_commode
calloc
fwrite
fseek
strftime
rewind
fclose
fopen
vfprintf
vsprintf
??1type_info@@UEAA@XZ
_CxxThrowException
tolower
getenv
strtoul
isdigit
isalpha
isalnum
__setusermatherr
_initterm
__getmainargs
__initenv
exit
_cexit
_exit
_c_exit
_XcptFilter
__C_specific_handler
time
malloc
localtime
_getch
_mbschr
_mbsnbcpy
_mbsstr
_mbsicmp
_mbsnbicmp
realloc
??3@YAXPEAX@Z
vprintf
qsort
gets
fread
scanf
?terminate@@YAXXZ

setupapi

CM_Get_Sibling
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstallParamsA
CM_Get_Device_IDA
SetupDiGetDeviceInterfaceDetailA
SetupDiRemoveDevice
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
CM_Reenumerate_DevNode
SetupDiGetDeviceRegistryPropertyA
CM_Get_Child

Sections

.text
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/raid/RAID/3008/sas3flash32.exe
.exe windows x86

54a048d4dd2d197198533ba60e9af617

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
Sleep
CreateFileA
DeviceIoControl
CloseHandle
GetLastError

msvcrt

rewind
fread
fseek
fwrite
vsprintf
strcpy
strtok
atoi
_exit
_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_filelength
scanf
system
printf
fopen
fprintf
fclose
memcmp
strcmp
memset
memcpy
_mbschr
_mbsnbcpy
_mbsicmp
realloc
_mbsnbicmp
_mbsstr
malloc
free

setupapi

SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
CM_Get_Device_IDA
SetupDiGetDeviceInstallParamsA
CM_Reenumerate_DevNode
CM_Get_Child
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
CM_Get_Sibling

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
modules/raid/RAID/3008/sas3flash64.exe
.exe windows x64

b00dd0eb1ce3b1cc40d7c17635c0c9f7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
LocalFree
Sleep
CreateFileA
DeviceIoControl
CloseHandle
GetLastError
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter

msvcrt

fread
rewind
_filelength
scanf
system
printf
fopen
fprintf
fclose
fseek
strcmp
??1type_info@@UEAA@XZ
_CxxThrowException
_commode
__setusermatherr
_initterm
__getmainargs
_exit
__initenv
fwrite
vsprintf
strcpy
strtok
atoi
__C_specific_handler
_XcptFilter
_c_exit
__set_app_type
memcmp
_mbschr
_mbsnbcpy
_mbsstr
_mbsicmp
_mbsnbicmp
free
malloc
realloc
??3@YAXPEAX@Z
memcpy
memset
exit
_cexit
_fmode
?terminate@@YAXXZ

setupapi

CM_Get_Child
CM_Get_Sibling
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstallParamsA
CM_Get_Device_IDA
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
CM_Reenumerate_DevNode
SetupDiGetDeviceRegistryPropertyA

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/raid/RAID/3008/sas3ircu32.exe
.exe windows x86

8339fb221bf5693d7a1b21f643404535

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
HeapFree
GetVersionExA
CreateFileA
DeviceIoControl
CloseHandle
GetLastError
GetProcessHeap
HeapAlloc

msvcrt

memcmp
free
strcmp
_stricmp
strncmp
strcpy
strncpy
strcat
strncat
strlen
scanf
gets
_isctype
strtoul
getenv
tolower
qsort
strftime
localtime
time
_exit
_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
memcpy
memset
malloc
calloc
fwrite
fseek
fread
rewind
fclose
fopen
vfprintf
vprintf
vsprintf
_mbschr
_mbsnbcpy
_mbsicmp
realloc
_mbsnbicmp
_mbsstr
_getch

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
CM_Get_Device_IDA
SetupDiGetDeviceInstallParamsA
SetupDiGetDeviceRegistryPropertyA
CM_Get_Sibling
CM_Get_Child
SetupDiEnumDeviceInfo
SetupDiRemoveDevice
CM_Reenumerate_DevNode

Sections

.text
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
modules/raid/RAID/3008/sas3ircu64.exe
.exe windows x64

d037f1c8835875686d6f0e11cd0d8db6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

Sleep
LocalFree
HeapFree
GetVersionExA
CreateFileA
DeviceIoControl
CloseHandle
GetLastError
GetProcessHeap
HeapAlloc
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter

msvcrt

_fmode
__set_app_type
strlen
strncat
strcat
strncpy
strcpy
strncmp
_stricmp
strcmp
free
memcmp
memcpy
memset
_commode
calloc
fwrite
fseek
strftime
rewind
fclose
fopen
vfprintf
vsprintf
??1type_info@@UEAA@XZ
_CxxThrowException
tolower
getenv
strtoul
isdigit
isalpha
isalnum
__setusermatherr
_initterm
__getmainargs
__initenv
exit
_cexit
_exit
_c_exit
_XcptFilter
__C_specific_handler
time
malloc
localtime
_getch
_mbschr
_mbsnbcpy
_mbsstr
_mbsicmp
_mbsnbicmp
realloc
??3@YAXPEAX@Z
vprintf
qsort
gets
fread
scanf
?terminate@@YAXXZ

setupapi

CM_Get_Sibling
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstallParamsA
CM_Get_Device_IDA
SetupDiGetDeviceInterfaceDetailA
SetupDiRemoveDevice
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
CM_Reenumerate_DevNode
SetupDiGetDeviceRegistryPropertyA
CM_Get_Child

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/raid/RAID/3108/storcli32.exe
.exe windows x86

ecab3de6691574bbcfa749fec6eb0719

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetVersionExA
GetSystemInfo
GlobalMemoryStatusEx
GlobalMemoryStatus
CloseHandle
WaitForSingleObject
GetLastError
FlushFileBuffers
DeviceIoControl
CreateEventA
CreateFileA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetComputerNameA
FreeLibrary
CreateMutexA
LoadLibraryA
GetProcAddress
GetModuleFileNameA
GetModuleHandleA
GetEnvironmentVariableA
RaiseException
RtlUnwind
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
ExitProcess
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
IsDebuggerPresent
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetFileType
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
DeleteFileA
MoveFileA
WriteFile
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
HeapSize
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
InitializeCriticalSection
GetConsoleCP
GetTimeZoneInformation
GetFileAttributesA
SetStdHandle
SetFilePointer
ReadFile
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetExitCodeProcess
CreateProcessA
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEvent
ReleaseMutex
GetWindowsDirectoryA
GetCurrentDirectoryA
ResumeThread
ExitThread
CreateThread

ole32

CoCreateInstance
CoSetProxyBlanket
CoInitializeEx
CoUninitialize
CoInitializeSecurity

oleaut32

VariantClear
VariantInit
SysAllocString
SysFreeString

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 12.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/raid/RAID/3108/storcli64.exe
.exe windows x86

ecab3de6691574bbcfa749fec6eb0719

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetVersionExA
GetSystemInfo
GlobalMemoryStatusEx
GlobalMemoryStatus
CloseHandle
WaitForSingleObject
GetLastError
FlushFileBuffers
DeviceIoControl
CreateEventA
CreateFileA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetComputerNameA
FreeLibrary
CreateMutexA
LoadLibraryA
GetProcAddress
GetModuleFileNameA
GetModuleHandleA
GetEnvironmentVariableA
RaiseException
RtlUnwind
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
ExitProcess
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
IsDebuggerPresent
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetFileType
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
DeleteFileA
MoveFileA
WriteFile
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
HeapSize
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
InitializeCriticalSection
GetConsoleCP
GetTimeZoneInformation
GetFileAttributesA
SetStdHandle
SetFilePointer
ReadFile
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetExitCodeProcess
CreateProcessA
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEvent
ReleaseMutex
GetWindowsDirectoryA
GetCurrentDirectoryA
ResumeThread
ExitThread
CreateThread

ole32

CoCreateInstance
CoSetProxyBlanket
CoInitializeEx
CoUninitialize
CoInitializeSecurity

oleaut32

VariantClear
VariantInit
SysAllocString
SysFreeString

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 12.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/raid/logCollect.cfg
modules/system/logCollect.cfg
modules/version.ini

Sharing

General

Malware Config

Signatures

Files

2cdcfb3a828433ba76b5b41f45519bd9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 141KB - Virtual size: 141KB

.rdata Size: 69KB - Virtual size: 69KB

.data Size: 3KB - Virtual size: 64KB

.pdata Size: 8KB - Virtual size: 7KB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 60KB - Virtual size: 60KB

.reloc Size: 2KB - Virtual size: 1KB

2610c3dfaf81254e6b4ff81b95d4ab8c

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

wtsapi32

shlwapi

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 205KB - Virtual size: 205KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 3KB - Virtual size: 25KB

.pdata Size: 13KB - Virtual size: 12KB

.gfids Size: 512B - Virtual size: 156B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 2KB - Virtual size: 1KB

90a022ffc8f8fea9149407163e6ebe86

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

wtsapi32

shlwapi

kernel32

user32

advapi32

Sections

.text Size: 303KB - Virtual size: 302KB

.rdata Size: 108KB - Virtual size: 107KB

.data Size: 79KB - Virtual size: 107KB

.pdata Size: 18KB - Virtual size: 18KB

.gfids Size: 512B - Virtual size: 176B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 2KB - Virtual size: 2KB

d6280e9ed95c7b5f186a89abeedcddd9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shlwapi

setupapi

Sections

.text Size: 63KB - Virtual size: 62KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 6KB - Virtual size: 18KB

.pdata Size: 3KB - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 2KB - Virtual size: 1KB

d6280e9ed95c7b5f186a89abeedcddd9

Headers

DLL Characteristics

File Characteristics

.text
Size: 141KB - Virtual size: 141KB

.rdata
Size: 69KB - Virtual size: 69KB

.data
Size: 3KB - Virtual size: 64KB

.pdata
Size: 8KB - Virtual size: 7KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 60KB - Virtual size: 60KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 205KB - Virtual size: 205KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 3KB - Virtual size: 25KB

.pdata
Size: 13KB - Virtual size: 12KB

.gfids
Size: 512B - Virtual size: 156B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 303KB - Virtual size: 302KB

.rdata
Size: 108KB - Virtual size: 107KB

.data
Size: 79KB - Virtual size: 107KB

.pdata
Size: 18KB - Virtual size: 18KB

.gfids
Size: 512B - Virtual size: 176B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 63KB - Virtual size: 62KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 6KB - Virtual size: 18KB

.pdata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 63KB - Virtual size: 62KB

.rdata
Size: 35KB - Virtual size: 35KB

.data
Size: 6KB - Virtual size: 18KB

.pdata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 66KB - Virtual size: 65KB

.rdata
Size: 38KB - Virtual size: 38KB

.data
Size: 6KB - Virtual size: 19KB

.pdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 60KB - Virtual size: 60KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 6KB - Virtual size: 18KB

.pdata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 69KB - Virtual size: 69KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 44KB - Virtual size: 59KB

.pdata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 60KB - Virtual size: 60KB